Zdravím,
mám opět nestabilní PC, často padá a skrze FTP se mi zavirovali indexy na webu. Mám nainstalovaný MS security essentials, který nic nehlásil, ale na 90% tu něco bude.
Mohl by se mi na to prosím některý zdejší odborník podívat?
Předem děkuji.
Logfile of random's system information tool 1.09 (written by random/random)
Run by uzivatel at 2012-04-21 16:20:21
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 3 GB (6%) free of 41 GB
Total RAM: 3034 MB (40% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:21:10, on 21.4.2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\WLTRAY.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Software602\Print2PDF\Print2PDF.exe
C:\Program Files\LG Soft India Pvt Ltd\Dual Package\bin\Dual Package.exe
C:\Users\uzivatel\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
D:\zCecka\RSIT.exe
C:\Program Files\trend micro\uzivatel.exe
C:\Program Files\LG Soft India Pvt Ltd\Dual Package\bin\TestDDCCI.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Print2PDF Print Monitor] "C:\Program Files\Software602\Print2PDF\Print2PDF.exe" /server
O4 - HKCU\..\Run: [ViGlance] C:\Program Files\ViGlance\ViGlance.exe
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKCU\..\Run: [Google Update] "C:\Users\uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - Startup: Dropbox.lnk = C:\Users\uzivatel\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Dual Package.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
--
End of file - 5966 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1204295309-55094233-852691853-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1204295309-55094233-852691853-1000UA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\dpyvj3lf.default
prefs.js - "browser.startup.homepage" - "http://google.cz"
prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:1.1, {3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}:0.9.0.4, toolbar@ask.com:3.9.1.14019, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.15"
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
NPOFFICE.DLL
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\dpyvj3lf.default\extensions\
ffxtlbr@babylon.com
{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2011-11-10 325408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-11-10 42272]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Broadcom Wireless Manager UI"=C:\Windows\system32\WLTRAY.exe [2008-11-17 3810304]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-06-03 138008]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-06-03 171288]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-06-03 172824]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2011-06-15 997920]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-04-13 69632]
"Print2PDF Print Monitor"=C:\Program Files\Software602\Print2PDF\Print2PDF.exe [2010-12-03 141368]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ViGlance"=C:\Program Files\ViGlance\ViGlance.exe []
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [2004-04-17 196608]
"Google Update"=C:\Users\uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-21 136176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2009-07-06 1848648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^uzivatel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
C:\Users\uzivatel\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-02-15 24246216]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Dual Package.lnk - C:\Program Files\LG Soft India Pvt Ltd\Dual Package\bin\Dual Package.exe
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\uzivatel\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-06-03 228864]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2012-04-21 16:20:21 ----D---- C:\rsit
2012-04-12 00:03:08 ----A---- C:\Windows\system32\mshtmled.dll
2012-04-12 00:03:07 ----A---- C:\Windows\system32\iertutil.dll
2012-04-12 00:03:06 ----A---- C:\Windows\system32\wininet.dll
2012-04-12 00:03:06 ----A---- C:\Windows\system32\jscript9.dll
2012-04-12 00:03:06 ----A---- C:\Windows\system32\jscript.dll
2012-04-12 00:03:05 ----A---- C:\Windows\system32\url.dll
2012-04-12 00:03:05 ----A---- C:\Windows\system32\jsproxy.dll
2012-04-12 00:03:05 ----A---- C:\Windows\system32\ieui.dll
2012-04-12 00:03:04 ----A---- C:\Windows\system32\urlmon.dll
2012-04-12 00:03:03 ----A---- C:\Windows\system32\ieframe.dll
2012-04-12 00:03:02 ----A---- C:\Windows\system32\mshtml.dll
2012-04-12 00:01:26 ----A---- C:\Windows\system32\wmi.dll
2012-04-12 00:01:25 ----A---- C:\Windows\system32\wintrust.dll
2012-04-12 00:01:25 ----A---- C:\Windows\system32\imagehlp.dll
2012-04-12 00:01:25 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2012-04-12 00:01:06 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-04-12 00:01:06 ----A---- C:\Windows\system32\ntkrnlpa.exe
2012-04-10 23:16:06 ----D---- C:\Program Files\Common Files\DESIGNER
======List of files/folders modified in the last 1 month======
2012-04-21 16:20:56 ----D---- C:\Windows\temp
2012-04-21 16:20:34 ----D---- C:\Windows\Prefetch
2012-04-21 16:20:26 ----D---- C:\Program Files\trend micro
2012-04-21 16:20:03 ----D---- C:\Users\uzivatel\AppData\Roaming\Dropbox
2012-04-20 22:04:45 ----D---- C:\Users\uzivatel\AppData\Roaming\FileZilla
2012-04-20 20:39:19 ----SHD---- C:\System Volume Information
2012-04-19 13:47:23 ----D---- C:\Windows
2012-04-19 13:47:22 ----D---- C:\Windows\inf
2012-04-13 23:53:43 ----D---- C:\Users\uzivatel\AppData\Roaming\Skype
2012-04-12 16:20:50 ----D---- C:\Windows\Microsoft.NET
2012-04-12 16:20:22 ----RSD---- C:\Windows\assembly
2012-04-12 14:35:09 ----SHD---- C:\Windows\Installer
2012-04-12 14:35:06 ----D---- C:\Users\uzivatel\AppData\Roaming\Mozilla
2012-04-12 14:13:03 ----D---- C:\Windows\winsxs
2012-04-12 13:56:04 ----D---- C:\Windows\system32\catroot
2012-04-12 00:06:05 ----D---- C:\Windows\system32\migration
2012-04-12 00:06:05 ----D---- C:\Windows\system32\drivers
2012-04-12 00:06:05 ----D---- C:\Windows\System32
2012-04-12 00:06:05 ----D---- C:\Program Files\Internet Explorer
2012-04-12 00:06:04 ----D---- C:\Program Files\Windows Mail
2012-04-12 00:03:23 ----D---- C:\Windows\system32\catroot2
2012-04-12 00:02:20 ----D---- C:\Program Files\Common Files\microsoft shared
2012-04-11 23:57:27 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-04-11 23:54:36 ----D---- C:\Windows\Debug
2012-04-11 23:54:33 ----A---- C:\Windows\system32\mrt.exe
2012-04-10 23:25:12 ----SD---- C:\Users\uzivatel\AppData\Roaming\Microsoft
2012-04-10 23:22:06 ----RSD---- C:\Windows\Fonts
2012-04-10 23:17:27 ----A---- C:\Windows\ODBC.INI
2012-04-10 23:16:10 ----D---- C:\Windows\ShellNew
2012-04-10 23:16:06 ----D---- C:\Program Files\Common Files
2012-04-10 23:15:57 ----D---- C:\Program Files\Microsoft Office
2012-04-10 23:15:50 ----D---- C:\Program Files\Microsoft.NET
2012-04-10 23:14:51 ----RD---- C:\Program Files
2012-04-10 23:14:51 ----D---- C:\Windows\system
2012-04-08 17:23:13 ----D---- C:\Users\uzivatel\AppData\Roaming\Media Player Classic
2012-04-08 17:22:34 ----D---- C:\Windows\Minidump
2012-04-08 17:21:10 ----D---- C:\Program Files\Common Files\soft602
2012-04-08 17:20:19 ----RD---- C:\Program Files\Skype
2012-04-03 19:06:03 ----D---- C:\Windows\system32\NDF
2012-04-02 19:43:12 ----D---- C:\Program Files\Safari
2012-04-02 19:41:14 ----D---- C:\Program Files\Bonjour
2012-04-02 18:32:01 ----D---- C:\Program Files\Opera
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-06-15 461080]
R1 HMFAxCore56d706f6725c732df006697fd5ec3381;HMFAxCore56d706f6725c732df006697fd5ec3381; \??\C:\Windows\system32\drivers\HMFAxCore56d706f6725c732df006697fd5ec3381.sys [2011-05-12 15872]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2011-04-18 165648]
R3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys [2008-11-17 18424]
R3 BCM43XX;Ovladač bezdrátové karty Dell WLAN; C:\Windows\system32\DRIVERS\bcmwl6.sys [2008-11-17 1331192]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-10 236544]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2011-06-03 9036800]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024]
R3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2008-07-24 304128]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 LGDDCDevice;LGDDCDevice; \??\C:\Windows\system32\LGI2CDriver.sys [2010-08-04 16384]
S3 LGII2CDevice;LGII2CDevice; \??\C:\Windows\system32\LGPII2CDriver.sys [2011-02-11 19968]
S3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-18 35328]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-18 134016]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 59144]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2011-04-27 11736]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
R2 wltrysvc;Dell Wireless WLAN Tray Service; C:\Windows\System32\WLTRYSVC.EXE [2008-11-17 26112]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 208944]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 124180]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-02-15 158856]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Malware v nestabilním PC
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Malware v nestabilním PC
Ahoj, díky.
Log z MBRscan:
Log z Kasperky VRT vložím hned co se dokončí sken, vypadá to na delší dobu.
Log z MBRscan:
Kód: Vybrat vše
MBRScan v1.1.1
OS : Windows Vista Service Pack 2 (32 bit)
PROCESSOR : x86 Family 6 Model 15 Stepping 13, GenuineIntel
BOOT : Normal Boot
DATE : 2012/04/21 (ISO 8601) at 17:12:33
________________________________________________________________________________
DISK : Device\Harddisk0\DR0 __Hitachi HTS543225L9A (FBEO)
BUS_TYPE : (0x03) P-ATA
USE_PIO : NO
MAX_TRANSFER : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________
Device\Harddisk0\DR0 232.9 Go [Fixed] ==> Vista MBR Code .
MBR_MD5 : 644F336476FBCFEB0B673843C4186030
MBR_SHA1 : 6DC8C40EA429B916F88BC68CF87D0AC671FD7022
Device\Harddisk0\Partition1 157.7 Go 0x07 NTFS / HPFS __ BOOTABLE __
Device\Harddisk0\Partition2 40.00 Go 0x07 NTFS / HPFS
________________________________________________________________________________
############################### Additional scan ################################
SystemStartOptions : /NOEXECUTE=OPTIN
________________________________________________________________________________
_______MBR \Device\Harddisk0\DR0
0x00000000 33 C0 8E D0 BC 00 7C 8E C0 8E D8 BE 00 7C BF 00 3À.м.|.À.ؾ.|¿.
0x00000010 06 B9 00 02 FC F3 A4 50 68 1C 06 CB FB B9 04 00 .¹..üó¤Ph..Ëû¹..
0x00000020 BD BE 07 80 7E 00 00 7C 0B 0F 85 10 01 83 C5 10 ½¾..~..|......Å.
0x00000030 E2 F1 CD 18 88 56 00 55 C6 46 11 05 C6 46 10 00 âñÍ..V.UÆF..ÆF..
0x00000040 B4 41 BB AA 55 CD 13 5D 72 0F 81 FB 55 AA 75 09 ´A»ªUÍ.]r..ûUªu.
0x00000050 F7 C1 01 00 74 03 FE 46 10 66 60 80 7E 10 00 74 ÷Á..t.þF.f`.~..t
0x00000060 26 66 68 00 00 00 00 66 FF 76 08 68 00 00 68 00 &fh....f.v.h..h.
0x00000070 7C 68 01 00 68 10 00 B4 42 8A 56 00 8B F4 CD 13 |h..h..´B.V..ôÍ.
0x00000080 9F 83 C4 10 9E EB 14 B8 01 02 BB 00 7C 8A 56 00 ..Ä..ë.¸..».|.V.
0x00000090 8A 76 01 8A 4E 02 8A 6E 03 CD 13 66 61 73 1E FE .v..N..n.Í.fas.þ
0x000000A0 4E 11 0F 85 0C 00 80 7E 00 80 0F 84 8A 00 B2 80 N......~......².
0x000000B0 EB 82 55 32 E4 8A 56 00 CD 13 5D EB 9C 81 3E FE ë.U2ä.V.Í.]ë..>þ
0x000000C0 7D 55 AA 75 6E FF 76 00 E8 8A 00 0F 85 15 00 B0 }Uªun.v.è......°
0x000000D0 D1 E6 64 E8 7F 00 B0 DF E6 60 E8 78 00 B0 FF E6 Ñædè..°ßæ`èx.°.æ
0x000000E0 64 E8 71 00 B8 00 BB CD 1A 66 23 C0 75 3B 66 81 dèq.¸.»Í.f#Àu;f.
0x000000F0 FB 54 43 50 41 75 32 81 F9 02 01 72 2C 66 68 07 ûTCPAu2.ù..r,fh.
0x00000100 BB 00 00 66 68 00 02 00 00 66 68 08 00 00 00 66 »..fh....fh....f
0x00000110 53 66 53 66 55 66 68 00 00 00 00 66 68 00 7C 00 SfSfUfh....fh.|.
0x00000120 00 66 61 68 00 00 07 CD 1A 5A 32 F6 EA 00 7C 00 .fah...Í.Z2öê.|.
0x00000130 00 CD 18 A0 B7 07 EB 08 A0 B6 07 EB 03 A0 B5 07 .Í..·.ë..¶.ë..µ.
0x00000140 32 E4 05 00 07 8B F0 AC 3C 00 74 FC BB 07 00 B4 2ä....ð¬<.tü»..´
0x00000150 0E CD 10 EB F2 2B C9 E4 64 EB 00 24 02 E0 F8 24 .Í.ëò+Éädë.$.àø$
0x00000160 02 C3 49 6E 76 61 6C 69 64 20 70 61 72 74 69 74 .ÃInvalid partit
0x00000170 69 6F 6E 20 74 61 62 6C 65 00 45 72 72 6F 72 20 ion table.Error
0x00000180 6C 6F 61 64 69 6E 67 20 6F 70 65 72 61 74 69 6E loading operatin
0x00000190 67 20 73 79 73 74 65 6D 00 4D 69 73 73 69 6E 67 g system.Missing
0x000001A0 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74 65 operating syste
0x000001B0 6D 00 00 00 00 62 7A 99 66 C0 09 00 00 00 80 DF m....bz.fÀ.....ß
0x000001C0 14 0C 07 FE FF FF 00 28 03 00 00 78 B7 13 00 FE ...þ...(...x·..þ
0x000001D0 FF FF 07 FE FF FF 00 A0 BA 13 00 00 00 05 00 00 ...þ....º.......
0x000001E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA ..............Uª
__________________________16_BIT_ASM_CODE
0x0000 33c0 XOR AX, AX
0x0002 8ed0 MOV SS, AX
0x0004 bc 007c MOV SP, 0x7c00
0x0007 8ec0 MOV ES, AX
0x0009 8ed8 MOV DS, AX
0x000B be 007c MOV SI, 0x7c00
0x000E bf 0006 MOV DI, 0x600
0x0011 b9 0002 MOV CX, 0x200
0x0014 fc CLD
0x0015 f3 a4 REP MOVSB
0x0017 50 PUSH AX
0x0018 68 1c06 PUSH 0x61c
0x001B cb RETF
0x001C fb STI
0x001D b9 0400 MOV CX, 0x4
0x0020 bd be07 MOV BP, 0x7be
0x0023 807e 00 00 CMP BYTE [BP+0x0], 0x0
0x0027 7c 0b JL 0x34
0x0029 0f85 1001 JNZ 0x13d
0x002D 83c5 10 ADD BP, 0x10
0x0030 e2 f1 LOOP 0x23
0x0032 cd 18 INT 0x18
0x0034 8856 00 MOV [BP+0x0], DL
0x0037 55 PUSH BP
0x0038 c646 11 05 MOV BYTE [BP+0x11], 0x5
0x003C c646 10 00 MOV BYTE [BP+0x10], 0x0
0x0040 b4 41 MOV AH, 0x41
0x0042 bb aa55 MOV BX, 0x55aa
0x0045 cd 13 INT 0x13
0x0047 5d POP BP
0x0048 72 0f JB 0x59
0x004A 81fb 55aa CMP BX, 0xaa55
0x004E 75 09 JNZ 0x59
0x0050 f7c1 0100 TEST CX, 0x1
0x0054 74 03 JZ 0x59
0x0056 fe46 10 INC BYTE [BP+0x10]
0x0059 66 60 PUSHAD
0x005B 807e 10 00 CMP BYTE [BP+0x10], 0x0
0x005F 74 26 JZ 0x87
0x0061 66 68 00000000 PUSH 0x0
0x0067 66 ff76 08 PUSH DWORD [BP+0x8]
0x006B 68 0000 PUSH 0x0
0x006E 68 007c PUSH 0x7c00
0x0071 68 0100 PUSH 0x1
0x0074 68 1000 PUSH 0x10
0x0077 b4 42 MOV AH, 0x42
0x0079 8a56 00 MOV DL, [BP+0x0]
0x007C 8bf4 MOV SI, SP
0x007E cd 13 INT 0x13
0x0080 9f LAHF
0x0081 83c4 10 ADD SP, 0x10
0x0084 9e SAHF
0x0085 eb 14 JMP 0x9b
0x0087 b8 0102 MOV AX, 0x201
0x008A bb 007c MOV BX, 0x7c00
0x008D 8a56 00 MOV DL, [BP+0x0]
0x0090 8a76 01 MOV DH, [BP+0x1]
0x0093 8a4e 02 MOV CL, [BP+0x2]
0x0096 8a6e 03 MOV CH, [BP+0x3]
0x0099 cd 13 INT 0x13
0x009B 66 61 POPAD
0x009D 73 1e JAE 0xbd
0x009F fe4e 11 DEC BYTE [BP+0x11]
0x00A2 0f85 0c00 JNZ 0xb2
0x00A6 807e 00 80 CMP BYTE [BP+0x0], 0x80
0x00AA 0f84 8a00 JZ 0x138
0x00AE b2 80 MOV DL, 0x80
0x00B0 eb 82 JMP 0x34
0x00B2 55 PUSH BP
0x00B3 32e4 XOR AH, AH
0x00B5 8a56 00 MOV DL, [BP+0x0]
0x00B8 cd 13 INT 0x13
0x00BA 5d POP BP
0x00BB eb 9c JMP 0x59
0x00BD 813e fe7d 55aa CMP WORD [0x7dfe], 0xaa55
0x00C3 75 6e JNZ 0x133
0x00C5 ff76 00 PUSH WORD [BP+0x0]
0x00C8 e8 8a00 CALL 0x155
0x00CB 0f85 1500 JNZ 0xe4
0x00CF b0 d1 MOV AL, 0xd1
0x00D1 e6 64 OUT 0x64, AL
0x00D3 e8 7f00 CALL 0x155
0x00D6 b0 df MOV AL, 0xdf
0x00D8 e6 60 OUT 0x60, AL
0x00DA e8 7800 CALL 0x155
0x00DD b0 ff MOV AL, 0xff
0x00DF e6 64 OUT 0x64, AL
0x00E1 e8 7100 CALL 0x155
0x00E4 b8 00bb MOV AX, 0xbb00
0x00E7 cd 1a INT 0x1a
0x00E9 66 23c0 AND EAX, EAX
0x00EC 75 3b JNZ 0x129
0x00EE 66 81fb 54435041CMP EBX, 0x41504354
0x00F5 75 32 JNZ 0x129
0x00F7 81f9 0201 CMP CX, 0x102
0x00FB 72 2c JB 0x129
0x00FD 66 68 07bb0000 PUSH 0xbb07
0x0103 66 68 00020000 PUSH 0x200
0x0109 66 68 08000000 PUSH 0x8
0x010F 66 53 PUSH EBX
0x0111 66 53 PUSH EBX
0x0113 66 55 PUSH EBP
0x0115 66 68 00000000 PUSH 0x0
0x011B 66 68 007c0000 PUSH 0x7c00
0x0121 66 61 POPAD
0x0123 68 0000 PUSH 0x0
0x0126 07 POP ES
0x0127 cd 1a INT 0x1a
0x0129 5a POP DX
0x012A 32f6 XOR DH, DH
0x012C ea 007c 0000 JMP FAR 0x0:0x7c00
0x0131 cd 18 INT 0x18
0x0133 a0 b707 MOV AL, [0x7b7]
0x0136 eb 08 JMP 0x140
0x0138 a0 b607 MOV AL, [0x7b6]
0x013B eb 03 JMP 0x140
0x013D a0 b507 MOV AL, [0x7b5]
0x0140 32e4 XOR AH, AH
0x0142 05 0007 ADD AX, 0x700
0x0145 8bf0 MOV SI, AX
0x0147 ac LODSB
0x0148 3c 00 CMP AL, 0x0
0x014A 74 fc JZ 0x148
0x014C bb 0700 MOV BX, 0x7
0x014F b4 0e MOV AH, 0xe
0x0151 cd 10 INT 0x10
0x0153 eb f2 JMP 0x147
0x0155 2bc9 SUB CX, CX
0x0157 e4 64 IN AL, 0x64
0x0159 eb 00 JMP 0x15b
0x015B 24 02 AND AL, 0x2
0x015D e0 f8 LOOPNZ 0x157
0x015F 24 02 AND AL, 0x2
0x0161 c3 RET
0x0162 49 DEC CX
0x0163 6e OUTSB
0x0164 76 61 JBE 0x1c7
0x0166 6c INSB
0x0167 6964 20 7061 IMUL SP, [SI+0x20], 0x6170
0x016C 72 74 JB 0x1e2
0x016E 6974 69 6f6e IMUL SI, [SI+0x69], 0x6e6f
0x0173 2074 61 AND [SI+0x61], DH
0x0176 626c 65 BOUND BP, [SI+0x65]
0x0179 0045 72 ADD [DI+0x72], AL
0x017C 72 6f JB 0x1ed
0x017E 72 20 JB 0x1a0
0x0180 6c INSB
0x0181 6f OUTSW
0x0182 61 POPA
0x0183 64 696e 67 206f IMUL BP, FS:[BP+0x67], 0x6f20
0x0189 70 65 JO 0x1f0
0x018B 72 61 JB 0x1ee
0x018D 74 69 JZ 0x1f8
0x018F 6e OUTSB
0x0190 67 2073 79 AND [EBX+0x79], DH
0x0194 73 74 JAE 0x20a
0x0196 65 6d INS WORD GS:[DI], DX
0x0198 004d 69 ADD [DI+0x69], CL
0x019B 73 73 JAE 0x210
0x019D 696e 67 206f IMUL BP, [BP+0x67], 0x6f20
0x01A2 70 65 JO 0x209
0x01A4 72 61 JB 0x207
0x01A6 74 69 JZ 0x211
0x01A8 6e OUTSB
0x01A9 67 2073 79 AND [EBX+0x79], DH
0x01AD 73 74 JAE 0x223
0x01AF 65 6d INS WORD GS:[DI], DX
0x01B1 0000 ADD [BX+SI], AL
0x01B3 0000 ADD [BX+SI], AL
0x01B5 627a 99 BOUND DI, [BP+SI-0x67]
0x01B8 66 DB 0x66
0x01B8 66 c009 00 ROR BYTE [BX+DI], 0x0
0x01BC 0000 ADD [BX+SI], AL
0x01BE 80df 14 SBB BH, 0x14
0x01C1 0c 07 OR AL, 0x7
0x01C3 fe DB 0xfe
0x01C4 ff DB 0xff
0x01C5 ff00 INC WORD [BX+SI]
0x01C7 2803 SUB [BP+DI], AL
0x01C9 0000 ADD [BX+SI], AL
0x01CB 78 b7 JS 0x184
0x01CD 1300 ADC AX, [BX+SI]
0x01CF fe DB 0xfe
0x01D0 ff DB 0xff
0x01D1 ff07 INC WORD [BX]
0x01D3 fe DB 0xfe
0x01D4 ff DB 0xff
0x01D5 ff00 INC WORD [BX+SI]
0x01D7 a0 ba13 MOV AL, [0x13ba]
0x01DA 0000 ADD [BX+SI], AL
0x01DC 0005 ADD [DI], AL
0x01DE 0000 ADD [BX+SI], AL
0x01E0 0000 ADD [BX+SI], AL
0x01E2 0000 ADD [BX+SI], AL
0x01E4 0000 ADD [BX+SI], AL
0x01E6 0000 ADD [BX+SI], AL
0x01E8 0000 ADD [BX+SI], AL
0x01EA 0000 ADD [BX+SI], AL
0x01EC 0000 ADD [BX+SI], AL
0x01EE 0000 ADD [BX+SI], AL
0x01F0 0000 ADD [BX+SI], AL
0x01F2 0000 ADD [BX+SI], AL
0x01F4 0000 ADD [BX+SI], AL
0x01F6 0000 ADD [BX+SI], AL
0x01F8 0000 ADD [BX+SI], AL
0x01FA 0000 ADD [BX+SI], AL
0x01FC 0000 ADD [BX+SI], AL
0x01FE 55 PUSH BP
0x01FF aa STOSB
Re: Malware v nestabilním PC
Tak to konečně mám, ale ten log je úplná šílenost, txt má tisíce řádku. Nahrál jsem ti to sem: http://dl.dropbox.com/u/15569863/AVPT.txt
Re: Malware v nestabilním PC
ComboFix:
ComboFix 12-04-22.02 - uzivatel 23.04.2012 14:44:14.3.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3034.1789 [GMT 2:00]
Spuštěný z: c:\users\uzivatel\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\roboot.exe
c:\windows\system32\shsvcs.dll.vgorg
c:\windows\system32\themeui.dll.vgorg
c:\windows\system32\uxtheme.dll.vgorg
D:\install.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-03-23 do 2012-04-23 )))))))))))))))))))))))))))))))
.
.
2012-04-23 12:50 . 2012-04-23 12:57 -------- d-----w- c:\users\uzivatel\AppData\Local\temp
2012-04-23 12:50 . 2012-04-23 12:50 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-04-23 12:50 . 2012-04-23 12:50 -------- d-----w- c:\users\Guest\AppData\Local\temp
2012-04-23 12:50 . 2012-04-23 12:50 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-04-23 12:44 . 2012-04-13 07:36 6734704 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4BF51B1D-DF89-4DF1-9FD7-DB1F6B928B3F}\mpengine.dll
2012-04-21 15:17 . 2012-04-21 15:17 -------- d-----w- c:\programdata\Kaspersky Lab
2012-04-21 14:20 . 2012-04-21 14:21 -------- d-----w- C:\rsit
2012-04-11 22:01 . 2012-02-29 15:11 5120 ----a-w- c:\windows\system32\wmi.dll
2012-04-11 22:01 . 2012-02-29 15:11 172032 ----a-w- c:\windows\system32\wintrust.dll
2012-04-11 22:01 . 2012-02-29 15:09 157696 ----a-w- c:\windows\system32\imagehlp.dll
2012-04-11 22:01 . 2012-02-29 13:32 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-04-11 22:01 . 2012-03-06 06:39 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-04-11 22:01 . 2012-03-06 06:39 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-11 13:56 . 2012-03-01 11:01 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2012-04-08 14:45 . 2012-04-23 12:33 -------- d-----r- c:\users\uzivatel\Dropbox
2012-04-04 14:31 . 2012-04-04 17:53 -------- d-----w- c:\users\uzivatel\terapieprotebe
2012-03-30 18:47 . 2012-03-30 18:47 -------- d-----w- c:\users\uzivatel\prebarvena-pujckasusmevem
2012-03-30 18:46 . 2012-03-30 18:46 -------- d-----w- c:\users\uzivatel\rozumnapujcka
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-13 07:36 . 2011-12-20 09:56 6734704 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-02-14 15:45 . 2012-03-14 09:36 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-02-14 15:45 . 2012-03-14 09:36 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2012-02-13 14:12 . 2012-03-14 09:36 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2012-02-13 13:47 . 2012-03-14 09:36 683008 ----a-w- c:\windows\system32\d2d1.dll
2012-02-13 13:44 . 2012-03-14 09:36 1068544 ----a-w- c:\windows\system32\DWrite.dll
2012-02-10 13:38 . 2012-02-10 13:39 713784 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CEAAFEC8-B16B-4D52-B01E-0DD71CFC0DCF}\gapaengine.dll
2012-02-02 15:16 . 2012-03-14 09:36 2044416 ----a-w- c:\windows\system32\win32k.sys
2012-01-31 12:44 . 2011-03-12 16:30 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-03-20 22:01 . 2011-03-23 17:52 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2012-01-21 . 179AF7B52C59EED5635F69870D9E75E0 . 247808 . . [6.0.6000.16386] . . c:\windows\System32\shsvcs.dll
[7] 2009-07-10 . 1E3FDB80E40A3CE645F229DFBDFB7694 . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18287_none_cce0e39c1d282219\shsvcs.dll
[7] 2009-07-10 . 94285A002D2826D2FD1C0806455136E9 . 245760 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.16883_none_caf6a3ce20052bcc\shsvcs.dll
[7] 2009-07-10 . 6898575E052CE7CB1CB87622EF187CDA . 245760 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.21081_none_cb7e18273924cc2a\shsvcs.dll
[7] 2009-07-10 . 6669714ACE90E9BB4E8C1D550C67B160 . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.22467_none_cd80222536358728\shsvcs.dll
[7] 2009-07-10 . F0942394F642F5CE3D9A86474FA293FA . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.22169_none_cf6894a1335a0efa\shsvcs.dll
[7] 2009-07-10 . C7230FBEE14437716701C15BE02C27B8 . 247808 . . [6.0.6000.16386] . . c:\windows\ERDNT\cache\shsvcs.dll
[7] 2009-07-10 . C7230FBEE14437716701C15BE02C27B8 . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18063_none_ced8f61a1a41d726\shsvcs.dll
[7] 2009-04-10 . C818C44C201898399BF999BB6B35D4E3 . 247296 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18005_none_cf1bd6361a0f622e\shsvcs.dll
[7] 2008-01-18 . 27F10F348E508243F6254846F8370D0D . 247296 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18000_none_cd305d2a1ced96e2\shsvcs.dll
[7] 2006-11-02 . B264DFA21677728613267FE63802B332 . 245248 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.16386_none_caf99b2e2002860e\shsvcs.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\uzivatel\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\uzivatel\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\uzivatel\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\uzivatel\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-04-17 196608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2008-11-17 3810304]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-06-03 138008]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-06-03 171288]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-06-03 172824]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-04-13 69632]
"Print2PDF Print Monitor"="c:\program files\Software602\Print2PDF\Print2PDF.exe" [2010-12-03 141368]
.
c:\users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\uzivatel\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-2-15 24246216]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Dual Package.lnk - c:\program files\LG Soft India Pvt Ltd\Dual Package\bin\Dual Package.exe [2012-1-22 705024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Users^uzivatel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
path=c:\users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
backup=c:\windows\pss\Dropbox.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
2009-07-06 16:07 1848648 ----a-w- c:\program files\Canon\MyPrinter\BJMYPRT.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-1204295309-55094233-852691853-1000]
"EnableNotificationsRef"=dword:00000001
.
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 59144]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Obsah adresáře 'Naplánované úlohy'
.
2012-04-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1204295309-55094233-852691853-1000Core.job
- c:\users\uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-21 17:50]
.
2012-04-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1204295309-55094233-852691853-1000UA.job
- c:\users\uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-21 17:50]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
Trusted Zone: postsignum.cz\www
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\dpyvj3lf.default\
FF - prefs.js: browser.startup.homepage - hxxp://google.cz
FF - user.js: extensions.BabylonToolbar_i.id - 7630634a0000000000000023ae03ad11
FF - user.js: extensions.BabylonToolbar_i.hardId - 7630634a0000000000000023ae03ad11
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15357
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1718:36
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.newTab - false
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=108298
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-ViGlance - c:\program files\ViGlance\ViGlance.exe
.
.
.
**************************************************************************
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory:
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(1308)
c:\users\uzivatel\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe
c:\windows\System32\WLTRYSVC.EXE
c:\windows\System32\bcmwltry.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\WUDFHost.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\conime.exe
c:\windows\system32\igfxsrvc.exe
.
**************************************************************************
.
Celkový čas: 2012-04-23 15:01:25 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-04-23 13:01
.
Před spuštěním: 2 668 298 240
Po spuštění: 2 725 978 112
.
- - End Of File - - 0A5D1607B0C5466A87B464849A113F0A
TDSSKiller:
15:08:23.0208 3012 TDSS rootkit removing tool 2.7.31.0 Apr 20 2012 19:49:47
15:08:23.0259 3012 ============================================================
15:08:23.0259 3012 Current date / time: 2012/04/23 15:08:23.0259
15:08:23.0259 3012 SystemInfo:
15:08:23.0259 3012
15:08:23.0259 3012 OS Version: 6.0.6002 ServicePack: 2.0
15:08:23.0259 3012 Product type: Workstation
15:08:23.0259 3012 ComputerName: uzivatel-PC
15:08:23.0259 3012 UserName: uzivatel
15:08:23.0259 3012 Windows directory: C:\Windows
15:08:23.0259 3012 System windows directory: C:\Windows
15:08:23.0259 3012 Processor architecture: Intel x86
15:08:23.0259 3012 Number of processors: 2
15:08:23.0259 3012 Page size: 0x1000
15:08:23.0260 3012 Boot type: Normal boot
15:08:23.0260 3012 ============================================================
15:08:23.0893 3012 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:08:23.0931 3012 \Device\Harddisk0\DR0:
15:08:23.0931 3012 MBR partitions:
15:08:23.0931 3012 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x13B77800
15:08:23.0931 3012 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x13BAA000, BlocksNum 0x5000000
15:08:23.0960 3012 C: <-> \Device\Harddisk0\DR0\Partition1
15:08:24.0130 3012 D: <-> \Device\Harddisk0\DR0\Partition0
15:08:24.0130 3012 Initialize success
15:08:24.0130 3012 ============================================================
15:09:17.0849 3452 ============================================================
15:09:17.0849 3452 Scan started
15:09:17.0849 3452 Mode: Manual; SigCheck; TDLFS;
15:09:17.0849 3452 ============================================================
15:09:19.0808 3452 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
15:09:19.0927 3452 ACPI - ok
15:09:20.0090 3452 AdobeARMservice (8f92bb7198ad97680e26da36a01aa477) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
15:09:20.0121 3452 AdobeARMservice ( UnsignedFile.Multi.Generic ) - warning
15:09:20.0121 3452 AdobeARMservice - detected UnsignedFile.Multi.Generic (1)
15:09:20.0520 3452 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
15:09:20.0559 3452 adp94xx - ok
15:09:20.0925 3452 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
15:09:20.0956 3452 adpahci - ok
15:09:21.0190 3452 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
15:09:21.0221 3452 adpu160m - ok
15:09:21.0441 3452 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
15:09:21.0478 3452 adpu320 - ok
15:09:21.0621 3452 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
15:09:21.0743 3452 AeLookupSvc - ok
15:09:21.0991 3452 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
15:09:22.0057 3452 AFD - ok
15:09:22.0314 3452 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
15:09:22.0346 3452 agp440 - ok
15:09:22.0666 3452 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
15:09:22.0697 3452 aic78xx - ok
15:09:22.0759 3452 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
15:09:22.0869 3452 ALG - ok
15:09:23.0002 3452 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
15:09:23.0027 3452 aliide - ok
15:09:23.0068 3452 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
15:09:23.0080 3452 amdagp - ok
15:09:23.0398 3452 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
15:09:23.0424 3452 amdide - ok
15:09:23.0561 3452 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
15:09:23.0817 3452 AmdK7 - ok
15:09:24.0173 3452 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
15:09:24.0235 3452 AmdK8 - ok
15:09:24.0360 3452 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
15:09:24.0407 3452 Appinfo - ok
15:09:24.0469 3452 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
15:09:24.0480 3452 arc - ok
15:09:24.0686 3452 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
15:09:24.0716 3452 arcsas - ok
15:09:24.0849 3452 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
15:09:24.0903 3452 AsyncMac - ok
15:09:25.0012 3452 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
15:09:25.0032 3452 atapi - ok
15:09:25.0239 3452 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
15:09:25.0343 3452 AudioEndpointBuilder - ok
15:09:25.0385 3452 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
15:09:25.0408 3452 Audiosrv - ok
15:09:25.0617 3452 BCM42RLY (423c7b87e886ac93d22936ea82665f83) C:\Windows\system32\drivers\BCM42RLY.sys
15:09:25.0679 3452 BCM42RLY - ok
15:09:26.0126 3452 BCM43XX (b56999be8f22ba3071e4ceafa9e82e26) C:\Windows\system32\DRIVERS\bcmwl6.sys
15:09:26.0170 3452 BCM43XX - ok
15:09:26.0369 3452 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
15:09:26.0402 3452 Beep - ok
15:09:26.0682 3452 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
15:09:26.0787 3452 BFE - ok
15:09:26.0981 3452 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\system32\qmgr.dll
15:09:27.0198 3452 BITS - ok
15:09:27.0276 3452 blbdrive - ok
15:09:27.0384 3452 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
15:09:27.0409 3452 Bonjour Service - ok
15:09:27.0575 3452 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
15:09:27.0636 3452 bowser - ok
15:09:27.0724 3452 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
15:09:27.0769 3452 BrFiltLo - ok
15:09:27.0948 3452 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
15:09:27.0987 3452 BrFiltUp - ok
15:09:28.0197 3452 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
15:09:28.0275 3452 Browser - ok
15:09:28.0842 3452 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
15:09:28.0935 3452 Brserid - ok
15:09:29.0434 3452 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
15:09:29.0531 3452 BrSerWdm - ok
15:09:29.0907 3452 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
15:09:29.0988 3452 BrUsbMdm - ok
15:09:30.0396 3452 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
15:09:30.0480 3452 BrUsbSer - ok
15:09:30.0938 3452 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
15:09:31.0003 3452 BTHMODEM - ok
15:09:31.0010 3452 catchme - ok
15:09:31.0334 3452 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
15:09:31.0406 3452 cdfs - ok
15:09:31.0723 3452 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
15:09:31.0785 3452 cdrom - ok
15:09:31.0988 3452 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
15:09:32.0035 3452 CertPropSvc - ok
15:09:32.0113 3452 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
15:09:32.0175 3452 circlass - ok
15:09:32.0274 3452 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
15:09:32.0313 3452 CLFS - ok
15:09:32.0437 3452 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:09:32.0452 3452 clr_optimization_v2.0.50727_32 - ok
15:09:32.0535 3452 clr_optimization_v4.0.30319_32 (a991a6a6a29779ccf8c1b10a2e827f0c) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:09:32.0541 3452 clr_optimization_v4.0.30319_32 ( UnsignedFile.Multi.Generic ) - warning
15:09:32.0541 3452 clr_optimization_v4.0.30319_32 - detected UnsignedFile.Multi.Generic (1)
15:09:32.0683 3452 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
15:09:32.0745 3452 CmBatt - ok
15:09:32.0990 3452 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
15:09:33.0025 3452 cmdide - ok
15:09:33.0235 3452 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
15:09:33.0253 3452 Compbatt - ok
15:09:33.0459 3452 COMSysApp - ok
15:09:33.0555 3452 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
15:09:33.0573 3452 crcdisk - ok
15:09:33.0698 3452 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
15:09:33.0768 3452 Crusoe - ok
15:09:33.0843 3452 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
15:09:33.0891 3452 CryptSvc - ok
15:09:33.0998 3452 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
15:09:34.0099 3452 DcomLaunch - ok
15:09:34.0387 3452 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
15:09:34.0434 3452 DfsC - ok
15:09:34.0854 3452 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
15:09:35.0135 3452 DFSR - ok
15:09:35.0416 3452 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
15:09:35.0472 3452 Dhcp - ok
15:09:35.0597 3452 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
15:09:35.0626 3452 disk - ok
15:09:35.0683 3452 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
15:09:35.0732 3452 Dnscache - ok
15:09:35.0872 3452 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
15:09:35.0908 3452 dot3svc - ok
15:09:35.0984 3452 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
15:09:36.0032 3452 DPS - ok
15:09:36.0191 3452 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
15:09:36.0233 3452 drmkaud - ok
15:09:36.0464 3452 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
15:09:36.0496 3452 DXGKrnl - ok
15:09:36.0692 3452 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
15:09:36.0757 3452 E1G60 - ok
15:09:36.0886 3452 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
15:09:36.0935 3452 EapHost - ok
15:09:37.0046 3452 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
15:09:37.0064 3452 Ecache - ok
15:09:37.0149 3452 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
15:09:37.0195 3452 ehRecvr - ok
15:09:37.0261 3452 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
15:09:37.0323 3452 ehSched - ok
15:09:37.0370 3452 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
15:09:37.0403 3452 ehstart - ok
15:09:37.0550 3452 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
15:09:37.0598 3452 elxstor - ok
15:09:37.0805 3452 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
15:09:37.0995 3452 EMDMgmt - ok
15:09:38.0213 3452 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
15:09:38.0263 3452 EventSystem - ok
15:09:38.0403 3452 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
15:09:38.0447 3452 exfat - ok
15:09:38.0494 3452 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
15:09:38.0570 3452 fastfat - ok
15:09:38.0720 3452 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
15:09:38.0788 3452 fdc - ok
15:09:38.0830 3452 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
15:09:38.0860 3452 fdPHost - ok
15:09:38.0969 3452 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
15:09:39.0033 3452 FDResPub - ok
15:09:39.0177 3452 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
15:09:39.0214 3452 FileInfo - ok
15:09:39.0307 3452 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
15:09:39.0373 3452 Filetrace - ok
15:09:39.0482 3452 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
15:09:39.0620 3452 flpydisk - ok
15:09:39.0795 3452 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
15:09:39.0822 3452 FltMgr - ok
15:09:40.0275 3452 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
15:09:40.0357 3452 FontCache - ok
15:09:40.0444 3452 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:09:40.0481 3452 FontCache3.0.0.0 - ok
15:09:40.0733 3452 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
15:09:40.0816 3452 Fs_Rec - ok
15:09:41.0019 3452 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
15:09:41.0066 3452 gagp30kx - ok
15:09:41.0389 3452 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
15:09:41.0520 3452 gpsvc - ok
15:09:41.0790 3452 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
15:09:41.0852 3452 HdAudAddService - ok
15:09:42.0078 3452 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
15:09:42.0263 3452 HDAudBus - ok
15:09:42.0416 3452 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
15:09:42.0464 3452 HidBth - ok
15:09:42.0559 3452 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
15:09:42.0620 3452 HidIr - ok
15:09:42.0669 3452 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\System32\hidserv.dll
15:09:42.0685 3452 hidserv - ok
15:09:42.0954 3452 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
15:09:42.0977 3452 HidUsb - ok
15:09:43.0263 3452 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
15:09:43.0346 3452 hkmsvc - ok
15:09:43.0547 3452 HMFAxCore56d706f6725c732df006697fd5ec3381 (76651801028888d3232a4feef34b5d87) C:\Windows\system32\drivers\HMFAxCore56d706f6725c732df006697fd5ec3381.sys
15:09:43.0570 3452 HMFAxCore56d706f6725c732df006697fd5ec3381 ( UnsignedFile.Multi.Generic ) - warning
15:09:43.0570 3452 HMFAxCore56d706f6725c732df006697fd5ec3381 - detected UnsignedFile.Multi.Generic (1)
15:09:44.0122 3452 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
15:09:44.0159 3452 HpCISSs - ok
15:09:44.0508 3452 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
15:09:44.0643 3452 HTTP - ok
15:09:44.0979 3452 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
15:09:44.0990 3452 i2omp - ok
15:09:45.0238 3452 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
15:09:45.0282 3452 i8042prt - ok
15:09:45.0495 3452 iaStor (4b80b97cbf0782b3bb3057f88d42c367) C:\Windows\system32\DRIVERS\iaStor.sys
15:09:45.0542 3452 iaStor - ok
15:09:45.0620 3452 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
15:09:45.0636 3452 iaStorV - ok
15:09:46.0037 3452 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:09:46.0095 3452 idsvc - ok
15:09:46.0633 3452 igfx (37f7e45253000ac41a1f520a62d4ebe2) C:\Windows\system32\DRIVERS\igdkmd32.sys
15:09:47.0332 3452 igfx - ok
15:09:47.0530 3452 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
15:09:47.0542 3452 iirsp - ok
15:09:47.0835 3452 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
15:09:47.0892 3452 IKEEXT - ok
15:09:48.0029 3452 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
15:09:48.0055 3452 intelide - ok
15:09:48.0087 3452 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
15:09:48.0145 3452 intelppm - ok
15:09:48.0282 3452 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
15:09:48.0329 3452 IPBusEnum - ok
15:09:48.0392 3452 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:09:48.0454 3452 IpFilterDriver - ok
15:09:48.0620 3452 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
15:09:48.0667 3452 iphlpsvc - ok
15:09:48.0714 3452 IpInIp - ok
15:09:48.0838 3452 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
15:09:48.0885 3452 IPMIDRV - ok
15:09:49.0192 3452 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
15:09:49.0239 3452 IPNAT - ok
15:09:49.0397 3452 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
15:09:49.0442 3452 IRENUM - ok
15:09:49.0488 3452 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
15:09:49.0504 3452 isapnp - ok
15:09:49.0678 3452 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
15:09:49.0703 3452 iScsiPrt - ok
15:09:49.0761 3452 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
15:09:49.0781 3452 iteatapi - ok
15:09:49.0890 3452 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
15:09:49.0902 3452 iteraid - ok
15:09:49.0941 3452 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
15:09:49.0955 3452 kbdclass - ok
15:09:50.0005 3452 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
15:09:50.0064 3452 kbdhid - ok
15:09:50.0174 3452 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
15:09:50.0205 3452 KeyIso - ok
15:09:50.0252 3452 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
15:09:50.0267 3452 KSecDD - ok
15:09:50.0408 3452 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
15:09:50.0454 3452 KtmRm - ok
15:09:50.0596 3452 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\System32\srvsvc.dll
15:09:50.0628 3452 LanmanServer - ok
15:09:50.0678 3452 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
15:09:50.0711 3452 LanmanWorkstation - ok
15:09:50.0825 3452 LGDDCDevice (6a1466718420110960cd0d39dd4679d0) C:\Windows\system32\LGI2CDriver.sys
15:09:50.0849 3452 LGDDCDevice ( UnsignedFile.Multi.Generic ) - warning
15:09:50.0849 3452 LGDDCDevice - detected UnsignedFile.Multi.Generic (1)
15:09:50.0884 3452 LGII2CDevice (30537b9e747d8e285bb5484866a2fadb) C:\Windows\system32\LGPII2CDriver.sys
15:09:50.0890 3452 LGII2CDevice ( UnsignedFile.Multi.Generic ) - warning
15:09:50.0890 3452 LGII2CDevice - detected UnsignedFile.Multi.Generic (1)
15:09:50.0943 3452 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
15:09:50.0989 3452 lltdio - ok
15:09:51.0195 3452 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
15:09:51.0247 3452 lltdsvc - ok
15:09:51.0438 3452 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
15:09:51.0535 3452 lmhosts - ok
15:09:51.0774 3452 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
15:09:51.0805 3452 LSI_FC - ok
15:09:51.0852 3452 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
15:09:51.0883 3452 LSI_SAS - ok
15:09:52.0008 3452 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
15:09:52.0039 3452 LSI_SCSI - ok
15:09:52.0149 3452 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
15:09:52.0236 3452 luafv - ok
15:09:52.0460 3452 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
15:09:52.0514 3452 Mcx2Svc - ok
15:09:52.0753 3452 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
15:09:52.0772 3452 megasas - ok
15:09:52.0811 3452 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
15:09:52.0874 3452 MMCSS - ok
15:09:53.0100 3452 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
15:09:53.0160 3452 Modem - ok
15:09:53.0318 3452 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
15:09:53.0363 3452 monitor - ok
15:09:53.0638 3452 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
15:09:53.0649 3452 mouclass - ok
15:09:53.0808 3452 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
15:09:53.0864 3452 mouhid - ok
15:09:54.0136 3452 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
15:09:54.0162 3452 MountMgr - ok
15:09:54.0283 3452 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys
15:09:54.0310 3452 MpFilter - ok
15:09:54.0547 3452 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
15:09:54.0567 3452 mpio - ok
15:09:54.0812 3452 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys
15:09:54.0844 3452 MpNWMon - ok
15:09:54.0875 3452 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
15:09:54.0906 3452 mpsdrv - ok
15:09:55.0062 3452 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
15:09:55.0093 3452 MpsSvc - ok
15:09:55.0202 3452 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
15:09:55.0219 3452 Mraid35x - ok
15:09:55.0237 3452 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
15:09:55.0267 3452 MRxDAV - ok
15:09:55.0318 3452 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:09:55.0358 3452 mrxsmb - ok
15:09:55.0503 3452 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:09:55.0558 3452 mrxsmb10 - ok
15:09:55.0711 3452 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:09:55.0751 3452 mrxsmb20 - ok
15:09:55.0833 3452 msahci (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys
15:09:55.0845 3452 msahci - ok
15:09:56.0014 3452 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
15:09:56.0039 3452 msdsm - ok
15:09:56.0111 3452 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
15:09:56.0138 3452 MSDTC - ok
15:09:56.0350 3452 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
15:09:56.0413 3452 Msfs - ok
15:09:56.0504 3452 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
15:09:56.0519 3452 msisadrv - ok
15:09:56.0614 3452 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
15:09:56.0674 3452 MSiSCSI - ok
15:09:56.0801 3452 msiserver - ok
15:09:56.0923 3452 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
15:09:56.0966 3452 MSKSSRV - ok
15:09:57.0092 3452 MsMpSvc (cfce43b70ca0cc4dcc8adb62b792b173) C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
15:09:57.0107 3452 MsMpSvc - ok
15:09:57.0343 3452 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
15:09:57.0400 3452 MSPCLOCK - ok
15:09:57.0551 3452 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
15:09:57.0603 3452 MSPQM - ok
15:09:57.0709 3452 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
15:09:57.0729 3452 MsRPC - ok
15:09:57.0920 3452 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
15:09:57.0932 3452 mssmbios - ok
15:09:58.0154 3452 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
15:09:58.0222 3452 MSTEE - ok
15:09:58.0351 3452 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
15:09:58.0381 3452 Mup - ok
15:09:58.0444 3452 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
15:09:58.0487 3452 napagent - ok
15:09:58.0615 3452 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
15:09:58.0646 3452 NativeWifiP - ok
15:09:58.0791 3452 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
15:09:58.0874 3452 NDIS - ok
15:09:58.0991 3452 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
15:09:59.0047 3452 NdisTapi - ok
15:09:59.0334 3452 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
15:09:59.0365 3452 Ndisuio - ok
15:09:59.0521 3452 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
15:09:59.0552 3452 NdisWan - ok
15:09:59.0615 3452 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
15:09:59.0646 3452 NDProxy - ok
15:09:59.0755 3452 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
15:09:59.0802 3452 NetBIOS - ok
15:09:59.0819 3452 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
15:09:59.0828 3452 netbt - ok
15:09:59.0869 3452 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
15:09:59.0882 3452 Netlogon - ok
15:10:00.0045 3452 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
15:10:00.0084 3452 Netman - ok
15:10:00.0301 3452 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
15:10:00.0368 3452 netprofm - ok
15:10:00.0553 3452 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:10:00.0572 3452 NetTcpPortSharing - ok
15:10:00.0786 3452 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
15:10:00.0811 3452 nfrd960 - ok
15:10:00.0967 3452 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:10:00.0998 3452 NisDrv - ok
15:10:01.0123 3452 NisSrv (a5cb074f34bbd89948e34a630d459c0c) C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
15:10:01.0154 3452 NisSrv - ok
15:10:01.0456 3452 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
15:10:01.0509 3452 NlaSvc - ok
15:10:01.0749 3452 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
15:10:01.0794 3452 Npfs - ok
15:10:01.0951 3452 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
15:10:01.0994 3452 nsi - ok
15:10:02.0206 3452 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
15:10:02.0252 3452 nsiproxy - ok
15:10:02.0583 3452 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
15:10:02.0629 3452 Ntfs - ok
15:10:02.0832 3452 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
15:10:02.0910 3452 ntrigdigi - ok
15:10:03.0074 3452 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
15:10:03.0109 3452 Null - ok
15:10:03.0182 3452 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
15:10:03.0216 3452 nvraid - ok
15:10:03.0389 3452 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
15:10:03.0414 3452 nvstor - ok
15:10:03.0480 3452 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
15:10:03.0508 3452 nv_agp - ok
15:10:03.0606 3452 NwlnkFlt - ok
15:10:03.0777 3452 NwlnkFwd - ok
15:10:03.0949 3452 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
15:10:04.0011 3452 ohci1394 - ok
15:10:04.0089 3452 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:10:04.0105 3452 ose - ok
15:10:04.0401 3452 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
15:10:04.0535 3452 p2pimsvc - ok
15:10:04.0570 3452 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
15:10:04.0709 3452 p2psvc - ok
15:10:04.0893 3452 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
15:10:04.0963 3452 Parport - ok
15:10:05.0076 3452 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
15:10:05.0096 3452 partmgr - ok
15:10:05.0323 3452 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
15:10:05.0402 3452 Parvdm - ok
15:10:05.0627 3452 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
15:10:05.0674 3452 PcaSvc - ok
15:10:05.0861 3452 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
15:10:05.0893 3452 pci - ok
15:10:06.0039 3452 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
15:10:06.0067 3452 pciide - ok
15:10:06.0151 3452 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
15:10:06.0177 3452 pcmcia - ok
15:10:06.0374 3452 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
15:10:06.0460 3452 PEAUTH - ok
15:10:06.0749 3452 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
15:10:07.0001 3452 pla - ok
15:10:07.0275 3452 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
15:10:07.0321 3452 PlugPlay - ok
15:10:07.0493 3452 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
15:10:07.0524 3452 PNRPAutoReg - ok
15:10:07.0540 3452 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
15:10:07.0571 3452 PNRPsvc - ok
15:10:07.0740 3452 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
15:10:07.0865 3452 PolicyAgent - ok
15:10:08.0051 3452 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
15:10:08.0082 3452 PptpMiniport - ok
15:10:08.0154 3452 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
15:10:08.0252 3452 Processor - ok
15:10:08.0380 3452 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
15:10:08.0405 3452 ProfSvc - ok
15:10:08.0468 3452 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
15:10:08.0482 3452 ProtectedStorage - ok
15:10:08.0625 3452 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
15:10:08.0657 3452 PSched - ok
15:10:08.0844 3452 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
15:10:08.0906 3452 ql2300 - ok
15:10:08.0969 3452 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
15:10:08.0984 3452 ql40xx - ok
15:10:09.0047 3452 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
15:10:09.0062 3452 QWAVE - ok
15:10:09.0141 3452 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
15:10:09.0141 3452 QWAVEdrv - ok
15:10:09.0175 3452 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
15:10:09.0209 3452 RasAcd - ok
15:10:09.0246 3452 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
15:10:09.0284 3452 RasAuto - ok
15:10:09.0368 3452 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:10:09.0411 3452 Rasl2tp - ok
15:10:09.0467 3452 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
15:10:09.0499 3452 RasMan - ok
15:10:09.0582 3452 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
15:10:09.0623 3452 RasPppoe - ok
15:10:09.0756 3452 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
15:10:09.0785 3452 RasSstp - ok
15:10:09.0854 3452 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
15:10:09.0892 3452 rdbss - ok
15:10:09.0958 3452 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:10:10.0007 3452 RDPCDD - ok
15:10:10.0122 3452 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
15:10:10.0210 3452 rdpdr - ok
15:10:10.0460 3452 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
15:10:10.0491 3452 RDPENCDD - ok
15:10:10.0694 3452 RDPWD (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
15:10:10.0739 3452 RDPWD - ok
15:10:10.0863 3452 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
15:10:10.0915 3452 RemoteAccess - ok
15:10:11.0103 3452 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
15:10:11.0149 3452 RemoteRegistry - ok
15:10:11.0298 3452 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
15:10:11.0330 3452 RpcLocator - ok
15:10:11.0435 3452 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
15:10:11.0472 3452 RpcSs - ok
15:10:11.0717 3452 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
15:10:11.0764 3452 rspndr - ok
15:10:12.0013 3452 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
15:10:12.0029 3452 SamSs - ok
15:10:12.0091 3452 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
15:10:12.0107 3452 sbp2port - ok
15:10:12.0300 3452 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
15:10:12.0324 3452 SCardSvr - ok
15:10:12.0414 3452 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
15:10:12.0514 3452 Schedule - ok
15:10:12.0662 3452 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
15:10:12.0692 3452 SCPolicySvc - ok
15:10:12.0739 3452 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
15:10:12.0817 3452 SDRSVC - ok
15:10:13.0026 3452 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
15:10:13.0081 3452 secdrv - ok
15:10:13.0229 3452 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
15:10:13.0303 3452 seclogon - ok
15:10:13.0412 3452 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\system32\sens.dll
15:10:13.0474 3452 SENS - ok
15:10:13.0708 3452 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
15:10:13.0786 3452 Serenum - ok
15:10:13.0842 3452 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
15:10:13.0887 3452 Serial - ok
15:10:14.0152 3452 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
15:10:14.0193 3452 sermouse - ok
15:10:14.0372 3452 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
15:10:14.0446 3452 SessionEnv - ok
15:10:14.0500 3452 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
15:10:14.0600 3452 sffdisk - ok
15:10:14.0934 3452 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
15:10:14.0997 3452 sffp_mmc - ok
15:10:15.0028 3452 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
15:10:15.0090 3452 sffp_sd - ok
15:10:15.0293 3452 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
15:10:15.0356 3452 sfloppy - ok
15:10:15.0431 3452 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
15:10:15.0488 3452 SharedAccess - ok
15:10:15.0604 3452 ShellHWDetection (179af7b52c59eed5635f69870d9e75e0) C:\Windows\System32\shsvcs.dll
15:10:15.0619 3452 ShellHWDetection ( UnsignedFile.Multi.Generic ) - warning
15:10:15.0619 3452 ShellHWDetection - detected UnsignedFile.Multi.Generic (1)
15:10:15.0916 3452 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
15:10:15.0936 3452 sisagp - ok
15:10:15.0978 3452 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
15:10:16.0007 3452 SiSRaid2 - ok
15:10:16.0130 3452 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
15:10:16.0143 3452 SiSRaid4 - ok
15:10:16.0261 3452 SkypeUpdate (db0405d9aad62f0762e0876ac142b7e1) C:\Program Files\Skype\Updater\Updater.exe
15:10:16.0274 3452 SkypeUpdate - ok
15:10:17.0047 3452 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
15:10:17.0403 3452 slsvc - ok
15:10:17.0561 3452 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
15:10:17.0631 3452 SLUINotify - ok
15:10:17.0721 3452 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
15:10:17.0762 3452 Smb - ok
15:10:18.0057 3452 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
15:10:18.0088 3452 SNMPTRAP - ok
15:10:18.0182 3452 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
15:10:18.0198 3452 spldr - ok
15:10:18.0322 3452 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
15:10:18.0354 3452 Spooler - ok
15:10:18.0468 3452 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
15:10:18.0523 3452 srv - ok
15:10:18.0663 3452 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
15:10:18.0708 3452 srv2 - ok
15:10:18.0748 3452 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
15:10:18.0783 3452 srvnet - ok
15:10:18.0972 3452 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
15:10:19.0023 3452 SSDPSRV - ok
15:10:19.0162 3452 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
15:10:19.0211 3452 SstpSvc - ok
15:10:19.0286 3452 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
15:10:19.0348 3452 stisvc - ok
15:10:19.0430 3452 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
15:10:19.0486 3452 swenum - ok
15:10:19.0673 3452 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
15:10:19.0782 3452 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
15:10:19.0782 3452 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
15:10:20.0001 3452 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
15:10:20.0028 3452 swprv - ok
15:10:20.0166 3452 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
15:10:20.0241 3452 Symc8xx - ok
15:10:20.0272 3452 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
15:10:20.0290 3452 Sym_hi - ok
15:10:20.0315 3452 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
15:10:20.0327 3452 Sym_u3 - ok
15:10:20.0384 3452 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
15:10:20.0528 3452 SysMain - ok
15:10:20.0761 3452 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
15:10:20.0813 3452 TabletInputService - ok
15:10:20.0927 3452 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
15:10:20.0970 3452 TapiSrv - ok
15:10:21.0102 3452 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
15:10:21.0164 3452 TBS - ok
15:10:21.0571 3452 Tcpip (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\drivers\tcpip.sys
15:10:21.0687 3452 Tcpip - ok
15:10:22.0640 3452 Tcpip6 (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\DRIVERS\tcpip.sys
15:10:22.0734 3452 Tcpip6 - ok
15:10:22.0905 3452 tcpipreg (3fc13f09af9be487c7b4fac4070a036c) C:\Windows\system32\drivers\tcpipreg.sys
15:10:22.0952 3452 tcpipreg - ok
15:10:23.0014 3452 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
15:10:23.0046 3452 TDPIPE - ok
15:10:23.0193 3452 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
15:10:23.0307 3452 TDTCP - ok
15:10:23.0516 3452 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
15:10:23.0536 3452 tdx - ok
15:10:23.0594 3452 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
15:10:23.0607 3452 TermDD - ok
15:10:23.0736 3452 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
15:10:23.0867 3452 TermService - ok
15:10:24.0104 3452 Themes (179af7b52c59eed5635f69870d9e75e0) C:\Windows\system32\shsvcs.dll
15:10:24.0147 3452 Themes ( UnsignedFile.Multi.Generic ) - warning
15:10:24.0147 3452 Themes - detected UnsignedFile.Multi.Generic (1)
15:10:24.0209 3452 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
15:10:24.0256 3452 THREADORDER - ok
15:10:24.0521 3452 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
15:10:24.0568 3452 TrkWks - ok
15:10:24.0599 3452 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
15:10:24.0630 3452 TrustedInstaller - ok
15:10:24.0811 3452 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:10:24.0868 3452 tssecsrv - ok
15:10:24.0995 3452 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
15:10:25.0023 3452 tunmp - ok
15:10:25.0136 3452 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
15:10:25.0167 3452 tunnel - ok
15:10:25.0213 3452 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
15:10:25.0241 3452 uagp35 - ok
15:10:25.0717 3452 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
15:10:25.0764 3452 udfs - ok
15:10:26.0060 3452 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
15:10:26.0091 3452 UI0Detect - ok
15:10:26.0263 3452 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
15:10:26.0274 3452 uliagpkx - ok
15:10:26.0465 3452 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
15:10:26.0484 3452 uliahci - ok
15:10:26.0771 3452 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
15:10:26.0810 3452 UlSata - ok
15:10:27.0199 3452 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
15:10:27.0233 3452 ulsata2 - ok
15:10:27.0832 3452 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
15:10:27.0925 3452 umbus - ok
15:10:28.0365 3452 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
15:10:28.0424 3452 upnphost - ok
15:10:28.0800 3452 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
15:10:28.0862 3452 usbccgp - ok
15:10:29.0221 3452 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
15:10:29.0315 3452 usbcir - ok
15:10:29.0382 3452 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
15:10:29.0416 3452 usbehci - ok
15:10:29.0526 3452 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
15:10:29.0582 3452 usbhub - ok
15:10:29.0770 3452 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
15:10:29.0891 3452 usbohci - ok
15:10:30.0338 3452 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
15:10:30.0416 3452 usbprint - ok
15:10:30.0968 3452 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
15:10:31.0012 3452 usbscan - ok
15:10:31.0215 3452 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:10:31.0263 3452 USBSTOR - ok
15:10:31.0337 3452 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
15:10:31.0381 3452 usbuhci - ok
15:10:31.0876 3452 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
15:10:31.0922 3452 usbvideo - ok
15:10:32.0188 3452 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
15:10:32.0219 3452 UxSms - ok
15:10:32.0585 3452 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
15:10:32.0728 3452 vds - ok
15:10:33.0084 3452 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
15:10:33.0143 3452 vga - ok
15:10:33.0476 3452 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
15:10:33.0538 3452 VgaSave - ok
15:10:33.0570 3452 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
15:10:33.0601 3452 viaagp - ok
15:10:33.0772 3452 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
15:10:33.0835 3452 ViaC7 - ok
15:10:33.0866 3452 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
15:10:33.0897 3452 viaide - ok
15:10:34.0177 3452 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
15:10:34.0193 3452 volmgr - ok
15:10:34.0591 3452 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
15:10:34.0624 3452 volmgrx - ok
15:10:34.0745 3452 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
15:10:34.0773 3452 volsnap - ok
15:10:34.0891 3452 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
15:10:34.0921 3452 vsmraid - ok
15:10:35.0217 3452 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
15:10:35.0326 3452 VSS - ok
15:10:35.0587 3452 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
15:10:35.0656 3452 W32Time - ok
15:10:36.0056 3452 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
15:10:36.0111 3452 WacomPen - ok
15:10:36.0194 3452 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
15:10:36.0255 3452 Wanarp - ok
15:10:36.0259 3452 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
15:10:36.0280 3452 Wanarpv6 - ok
15:10:36.0541 3452 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
15:10:36.0614 3452 wcncsvc - ok
15:10:36.0734 3452 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
15:10:36.0778 3452 WcsPlugInService - ok
15:10:36.0948 3452 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
15:10:36.0969 3452 Wd - ok
15:10:37.0332 3452 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
15:10:37.0377 3452 Wdf01000 - ok
15:10:37.0672 3452 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
15:10:37.0700 3452 WdiServiceHost - ok
15:10:37.0706 3452 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
15:10:37.0734 3452 WdiSystemHost - ok
15:10:37.0858 3452 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
15:10:37.0878 3452 WebClient - ok
15:10:37.0958 3452 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
15:10:38.0008 3452 Wecsvc - ok
15:10:38.0294 3452 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
15:10:38.0691 3452 wercplsupport - ok
15:10:38.0929 3452 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
15:10:38.0981 3452 WerSvc - ok
15:10:39.0197 3452 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
15:10:39.0253 3452 WinDefend - ok
15:10:39.0264 3452 WinHttpAutoProxySvc - ok
15:10:39.0491 3452 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
15:10:39.0514 3452 Winmgmt - ok
15:10:39.0959 3452 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
15:10:40.0072 3452 WinRM - ok
15:10:40.0255 3452 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
15:10:40.0364 3452 Wlansvc - ok
15:10:40.0729 3452 wlidsvc (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:10:41.0623 3452 wlidsvc - ok
15:10:41.0724 3452 wltrysvc - ok
15:10:41.0979 3452 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
15:10:41.0999 3452 WmiAcpi - ok
15:10:42.0136 3452 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
15:10:42.0211 3452 wmiApSrv - ok
15:10:42.0712 3452 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
15:10:42.0877 3452 WMPNetworkSvc - ok
15:10:43.0166 3452 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
15:10:43.0193 3452 WPCSvc - ok
15:10:43.0473 3452 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
15:10:43.0507 3452 WPDBusEnum - ok
15:10:43.0740 3452 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
15:10:43.0791 3452 WpdUsb - ok
15:10:44.0146 3452 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
15:10:44.0412 3452 WPFFontCache_v0400 - ok
15:10:44.0745 3452 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
15:10:44.0920 3452 ws2ifsl - ok
15:10:45.0202 3452 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\system32\wscsvc.dll
15:10:45.0228 3452 wscsvc - ok
15:10:45.0431 3452 WSearch - ok
15:10:45.0934 3452 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
15:10:46.0043 3452 wuauserv - ok
15:10:46.0364 3452 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:10:46.0415 3452 WUDFRd - ok
15:10:46.0441 3452 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
15:10:46.0476 3452 wudfsvc - ok
15:10:46.0668 3452 yukonwlh (1a51df1a5c658d534ed980d18f7982de) C:\Windows\system32\DRIVERS\yk60x86.sys
15:10:46.0753 3452 yukonwlh - ok
15:10:46.0795 3452 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
15:10:47.0363 3452 \Device\Harddisk0\DR0 - ok
15:10:47.0503 3452 Boot (0x1200) (803036e159af171140cd14d27287c2aa) \Device\Harddisk0\DR0\Partition0
15:10:47.0534 3452 \Device\Harddisk0\DR0\Partition0 - ok
15:10:47.0550 3452 Boot (0x1200) (c85b4c53295f8151d7c5fab5007de1fe) \Device\Harddisk0\DR0\Partition1
15:10:47.0581 3452 \Device\Harddisk0\DR0\Partition1 - ok
15:10:47.0581 3452 ============================================================
15:10:47.0581 3452 Scan finished
15:10:47.0581 3452 ============================================================
15:10:47.0597 3952 Detected object count: 8
15:10:47.0597 3952 Actual detected object count: 8
15:11:13.0813 3952 AdobeARMservice ( UnsignedFile.Multi.Generic ) - skipped by user
15:11:13.0813 3952 AdobeARMservice ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:11:13.0828 3952 clr_optimization_v4.0.30319_32 ( UnsignedFile.Multi.Generic ) - skipped by user
15:11:13.0828 3952 clr_optimization_v4.0.30319_32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:11:13.0828 3952 HMFAxCore56d706f6725c732df006697fd5ec3381 ( UnsignedFile.Multi.Generic ) - skipped by user
15:11:13.0828 3952 HMFAxCore56d706f6725c732df006697fd5ec3381 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:11:13.0828 3952 LGDDCDevice ( UnsignedFile.Multi.Generic ) - skipped by user
15:11:13.0828 3952 LGDDCDevice ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:11:13.0828 3952 LGII2CDevice ( UnsignedFile.Multi.Generic ) - skipped by user
15:11:13.0828 3952 LGII2CDevice ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:11:13.0828 3952 ShellHWDetection ( UnsignedFile.Multi.Generic ) - skipped by user
15:11:13.0828 3952 ShellHWDetection ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:11:13.0828 3952 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
15:11:13.0828 3952 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:11:13.0844 3952 Themes ( UnsignedFile.Multi.Generic ) - skipped by user
15:11:13.0844 3952 Themes ( UnsignedFile.Multi.Generic ) - User select action: Skip
ComboFix 12-04-22.02 - uzivatel 23.04.2012 14:44:14.3.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3034.1789 [GMT 2:00]
Spuštěný z: c:\users\uzivatel\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\roboot.exe
c:\windows\system32\shsvcs.dll.vgorg
c:\windows\system32\themeui.dll.vgorg
c:\windows\system32\uxtheme.dll.vgorg
D:\install.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-03-23 do 2012-04-23 )))))))))))))))))))))))))))))))
.
.
2012-04-23 12:50 . 2012-04-23 12:57 -------- d-----w- c:\users\uzivatel\AppData\Local\temp
2012-04-23 12:50 . 2012-04-23 12:50 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-04-23 12:50 . 2012-04-23 12:50 -------- d-----w- c:\users\Guest\AppData\Local\temp
2012-04-23 12:50 . 2012-04-23 12:50 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-04-23 12:44 . 2012-04-13 07:36 6734704 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4BF51B1D-DF89-4DF1-9FD7-DB1F6B928B3F}\mpengine.dll
2012-04-21 15:17 . 2012-04-21 15:17 -------- d-----w- c:\programdata\Kaspersky Lab
2012-04-21 14:20 . 2012-04-21 14:21 -------- d-----w- C:\rsit
2012-04-11 22:01 . 2012-02-29 15:11 5120 ----a-w- c:\windows\system32\wmi.dll
2012-04-11 22:01 . 2012-02-29 15:11 172032 ----a-w- c:\windows\system32\wintrust.dll
2012-04-11 22:01 . 2012-02-29 15:09 157696 ----a-w- c:\windows\system32\imagehlp.dll
2012-04-11 22:01 . 2012-02-29 13:32 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-04-11 22:01 . 2012-03-06 06:39 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-04-11 22:01 . 2012-03-06 06:39 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-11 13:56 . 2012-03-01 11:01 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2012-04-08 14:45 . 2012-04-23 12:33 -------- d-----r- c:\users\uzivatel\Dropbox
2012-04-04 14:31 . 2012-04-04 17:53 -------- d-----w- c:\users\uzivatel\terapieprotebe
2012-03-30 18:47 . 2012-03-30 18:47 -------- d-----w- c:\users\uzivatel\prebarvena-pujckasusmevem
2012-03-30 18:46 . 2012-03-30 18:46 -------- d-----w- c:\users\uzivatel\rozumnapujcka
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-13 07:36 . 2011-12-20 09:56 6734704 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-02-14 15:45 . 2012-03-14 09:36 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-02-14 15:45 . 2012-03-14 09:36 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2012-02-13 14:12 . 2012-03-14 09:36 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2012-02-13 13:47 . 2012-03-14 09:36 683008 ----a-w- c:\windows\system32\d2d1.dll
2012-02-13 13:44 . 2012-03-14 09:36 1068544 ----a-w- c:\windows\system32\DWrite.dll
2012-02-10 13:38 . 2012-02-10 13:39 713784 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CEAAFEC8-B16B-4D52-B01E-0DD71CFC0DCF}\gapaengine.dll
2012-02-02 15:16 . 2012-03-14 09:36 2044416 ----a-w- c:\windows\system32\win32k.sys
2012-01-31 12:44 . 2011-03-12 16:30 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-03-20 22:01 . 2011-03-23 17:52 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2012-01-21 . 179AF7B52C59EED5635F69870D9E75E0 . 247808 . . [6.0.6000.16386] . . c:\windows\System32\shsvcs.dll
[7] 2009-07-10 . 1E3FDB80E40A3CE645F229DFBDFB7694 . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18287_none_cce0e39c1d282219\shsvcs.dll
[7] 2009-07-10 . 94285A002D2826D2FD1C0806455136E9 . 245760 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.16883_none_caf6a3ce20052bcc\shsvcs.dll
[7] 2009-07-10 . 6898575E052CE7CB1CB87622EF187CDA . 245760 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.21081_none_cb7e18273924cc2a\shsvcs.dll
[7] 2009-07-10 . 6669714ACE90E9BB4E8C1D550C67B160 . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.22467_none_cd80222536358728\shsvcs.dll
[7] 2009-07-10 . F0942394F642F5CE3D9A86474FA293FA . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.22169_none_cf6894a1335a0efa\shsvcs.dll
[7] 2009-07-10 . C7230FBEE14437716701C15BE02C27B8 . 247808 . . [6.0.6000.16386] . . c:\windows\ERDNT\cache\shsvcs.dll
[7] 2009-07-10 . C7230FBEE14437716701C15BE02C27B8 . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18063_none_ced8f61a1a41d726\shsvcs.dll
[7] 2009-04-10 . C818C44C201898399BF999BB6B35D4E3 . 247296 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18005_none_cf1bd6361a0f622e\shsvcs.dll
[7] 2008-01-18 . 27F10F348E508243F6254846F8370D0D . 247296 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18000_none_cd305d2a1ced96e2\shsvcs.dll
[7] 2006-11-02 . B264DFA21677728613267FE63802B332 . 245248 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.16386_none_caf99b2e2002860e\shsvcs.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\uzivatel\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\uzivatel\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\uzivatel\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\uzivatel\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-04-17 196608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2008-11-17 3810304]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-06-03 138008]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-06-03 171288]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-06-03 172824]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-04-13 69632]
"Print2PDF Print Monitor"="c:\program files\Software602\Print2PDF\Print2PDF.exe" [2010-12-03 141368]
.
c:\users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\uzivatel\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-2-15 24246216]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Dual Package.lnk - c:\program files\LG Soft India Pvt Ltd\Dual Package\bin\Dual Package.exe [2012-1-22 705024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Users^uzivatel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
path=c:\users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
backup=c:\windows\pss\Dropbox.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
2009-07-06 16:07 1848648 ----a-w- c:\program files\Canon\MyPrinter\BJMYPRT.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-1204295309-55094233-852691853-1000]
"EnableNotificationsRef"=dword:00000001
.
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 59144]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Obsah adresáře 'Naplánované úlohy'
.
2012-04-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1204295309-55094233-852691853-1000Core.job
- c:\users\uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-21 17:50]
.
2012-04-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1204295309-55094233-852691853-1000UA.job
- c:\users\uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-21 17:50]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
Trusted Zone: postsignum.cz\www
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\dpyvj3lf.default\
FF - prefs.js: browser.startup.homepage - hxxp://google.cz
FF - user.js: extensions.BabylonToolbar_i.id - 7630634a0000000000000023ae03ad11
FF - user.js: extensions.BabylonToolbar_i.hardId - 7630634a0000000000000023ae03ad11
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15357
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1718:36
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.newTab - false
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=108298
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-ViGlance - c:\program files\ViGlance\ViGlance.exe
.
.
.
**************************************************************************
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory:
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(1308)
c:\users\uzivatel\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe
c:\windows\System32\WLTRYSVC.EXE
c:\windows\System32\bcmwltry.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\WUDFHost.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\conime.exe
c:\windows\system32\igfxsrvc.exe
.
**************************************************************************
.
Celkový čas: 2012-04-23 15:01:25 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-04-23 13:01
.
Před spuštěním: 2 668 298 240
Po spuštění: 2 725 978 112
.
- - End Of File - - 0A5D1607B0C5466A87B464849A113F0A
TDSSKiller:
15:08:23.0208 3012 TDSS rootkit removing tool 2.7.31.0 Apr 20 2012 19:49:47
15:08:23.0259 3012 ============================================================
15:08:23.0259 3012 Current date / time: 2012/04/23 15:08:23.0259
15:08:23.0259 3012 SystemInfo:
15:08:23.0259 3012
15:08:23.0259 3012 OS Version: 6.0.6002 ServicePack: 2.0
15:08:23.0259 3012 Product type: Workstation
15:08:23.0259 3012 ComputerName: uzivatel-PC
15:08:23.0259 3012 UserName: uzivatel
15:08:23.0259 3012 Windows directory: C:\Windows
15:08:23.0259 3012 System windows directory: C:\Windows
15:08:23.0259 3012 Processor architecture: Intel x86
15:08:23.0259 3012 Number of processors: 2
15:08:23.0259 3012 Page size: 0x1000
15:08:23.0260 3012 Boot type: Normal boot
15:08:23.0260 3012 ============================================================
15:08:23.0893 3012 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:08:23.0931 3012 \Device\Harddisk0\DR0:
15:08:23.0931 3012 MBR partitions:
15:08:23.0931 3012 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x13B77800
15:08:23.0931 3012 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x13BAA000, BlocksNum 0x5000000
15:08:23.0960 3012 C: <-> \Device\Harddisk0\DR0\Partition1
15:08:24.0130 3012 D: <-> \Device\Harddisk0\DR0\Partition0
15:08:24.0130 3012 Initialize success
15:08:24.0130 3012 ============================================================
15:09:17.0849 3452 ============================================================
15:09:17.0849 3452 Scan started
15:09:17.0849 3452 Mode: Manual; SigCheck; TDLFS;
15:09:17.0849 3452 ============================================================
15:09:19.0808 3452 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
15:09:19.0927 3452 ACPI - ok
15:09:20.0090 3452 AdobeARMservice (8f92bb7198ad97680e26da36a01aa477) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
15:09:20.0121 3452 AdobeARMservice ( UnsignedFile.Multi.Generic ) - warning
15:09:20.0121 3452 AdobeARMservice - detected UnsignedFile.Multi.Generic (1)
15:09:20.0520 3452 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
15:09:20.0559 3452 adp94xx - ok
15:09:20.0925 3452 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
15:09:20.0956 3452 adpahci - ok
15:09:21.0190 3452 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
15:09:21.0221 3452 adpu160m - ok
15:09:21.0441 3452 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
15:09:21.0478 3452 adpu320 - ok
15:09:21.0621 3452 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
15:09:21.0743 3452 AeLookupSvc - ok
15:09:21.0991 3452 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
15:09:22.0057 3452 AFD - ok
15:09:22.0314 3452 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
15:09:22.0346 3452 agp440 - ok
15:09:22.0666 3452 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
15:09:22.0697 3452 aic78xx - ok
15:09:22.0759 3452 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
15:09:22.0869 3452 ALG - ok
15:09:23.0002 3452 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
15:09:23.0027 3452 aliide - ok
15:09:23.0068 3452 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
15:09:23.0080 3452 amdagp - ok
15:09:23.0398 3452 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
15:09:23.0424 3452 amdide - ok
15:09:23.0561 3452 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
15:09:23.0817 3452 AmdK7 - ok
15:09:24.0173 3452 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
15:09:24.0235 3452 AmdK8 - ok
15:09:24.0360 3452 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
15:09:24.0407 3452 Appinfo - ok
15:09:24.0469 3452 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
15:09:24.0480 3452 arc - ok
15:09:24.0686 3452 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
15:09:24.0716 3452 arcsas - ok
15:09:24.0849 3452 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
15:09:24.0903 3452 AsyncMac - ok
15:09:25.0012 3452 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
15:09:25.0032 3452 atapi - ok
15:09:25.0239 3452 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
15:09:25.0343 3452 AudioEndpointBuilder - ok
15:09:25.0385 3452 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
15:09:25.0408 3452 Audiosrv - ok
15:09:25.0617 3452 BCM42RLY (423c7b87e886ac93d22936ea82665f83) C:\Windows\system32\drivers\BCM42RLY.sys
15:09:25.0679 3452 BCM42RLY - ok
15:09:26.0126 3452 BCM43XX (b56999be8f22ba3071e4ceafa9e82e26) C:\Windows\system32\DRIVERS\bcmwl6.sys
15:09:26.0170 3452 BCM43XX - ok
15:09:26.0369 3452 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
15:09:26.0402 3452 Beep - ok
15:09:26.0682 3452 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
15:09:26.0787 3452 BFE - ok
15:09:26.0981 3452 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\system32\qmgr.dll
15:09:27.0198 3452 BITS - ok
15:09:27.0276 3452 blbdrive - ok
15:09:27.0384 3452 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
15:09:27.0409 3452 Bonjour Service - ok
15:09:27.0575 3452 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
15:09:27.0636 3452 bowser - ok
15:09:27.0724 3452 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
15:09:27.0769 3452 BrFiltLo - ok
15:09:27.0948 3452 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
15:09:27.0987 3452 BrFiltUp - ok
15:09:28.0197 3452 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
15:09:28.0275 3452 Browser - ok
15:09:28.0842 3452 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
15:09:28.0935 3452 Brserid - ok
15:09:29.0434 3452 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
15:09:29.0531 3452 BrSerWdm - ok
15:09:29.0907 3452 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
15:09:29.0988 3452 BrUsbMdm - ok
15:09:30.0396 3452 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
15:09:30.0480 3452 BrUsbSer - ok
15:09:30.0938 3452 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
15:09:31.0003 3452 BTHMODEM - ok
15:09:31.0010 3452 catchme - ok
15:09:31.0334 3452 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
15:09:31.0406 3452 cdfs - ok
15:09:31.0723 3452 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
15:09:31.0785 3452 cdrom - ok
15:09:31.0988 3452 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
15:09:32.0035 3452 CertPropSvc - ok
15:09:32.0113 3452 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
15:09:32.0175 3452 circlass - ok
15:09:32.0274 3452 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
15:09:32.0313 3452 CLFS - ok
15:09:32.0437 3452 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:09:32.0452 3452 clr_optimization_v2.0.50727_32 - ok
15:09:32.0535 3452 clr_optimization_v4.0.30319_32 (a991a6a6a29779ccf8c1b10a2e827f0c) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:09:32.0541 3452 clr_optimization_v4.0.30319_32 ( UnsignedFile.Multi.Generic ) - warning
15:09:32.0541 3452 clr_optimization_v4.0.30319_32 - detected UnsignedFile.Multi.Generic (1)
15:09:32.0683 3452 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
15:09:32.0745 3452 CmBatt - ok
15:09:32.0990 3452 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
15:09:33.0025 3452 cmdide - ok
15:09:33.0235 3452 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
15:09:33.0253 3452 Compbatt - ok
15:09:33.0459 3452 COMSysApp - ok
15:09:33.0555 3452 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
15:09:33.0573 3452 crcdisk - ok
15:09:33.0698 3452 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
15:09:33.0768 3452 Crusoe - ok
15:09:33.0843 3452 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
15:09:33.0891 3452 CryptSvc - ok
15:09:33.0998 3452 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
15:09:34.0099 3452 DcomLaunch - ok
15:09:34.0387 3452 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
15:09:34.0434 3452 DfsC - ok
15:09:34.0854 3452 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
15:09:35.0135 3452 DFSR - ok
15:09:35.0416 3452 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
15:09:35.0472 3452 Dhcp - ok
15:09:35.0597 3452 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
15:09:35.0626 3452 disk - ok
15:09:35.0683 3452 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
15:09:35.0732 3452 Dnscache - ok
15:09:35.0872 3452 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
15:09:35.0908 3452 dot3svc - ok
15:09:35.0984 3452 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
15:09:36.0032 3452 DPS - ok
15:09:36.0191 3452 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
15:09:36.0233 3452 drmkaud - ok
15:09:36.0464 3452 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
15:09:36.0496 3452 DXGKrnl - ok
15:09:36.0692 3452 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
15:09:36.0757 3452 E1G60 - ok
15:09:36.0886 3452 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
15:09:36.0935 3452 EapHost - ok
15:09:37.0046 3452 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
15:09:37.0064 3452 Ecache - ok
15:09:37.0149 3452 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
15:09:37.0195 3452 ehRecvr - ok
15:09:37.0261 3452 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
15:09:37.0323 3452 ehSched - ok
15:09:37.0370 3452 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
15:09:37.0403 3452 ehstart - ok
15:09:37.0550 3452 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
15:09:37.0598 3452 elxstor - ok
15:09:37.0805 3452 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
15:09:37.0995 3452 EMDMgmt - ok
15:09:38.0213 3452 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
15:09:38.0263 3452 EventSystem - ok
15:09:38.0403 3452 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
15:09:38.0447 3452 exfat - ok
15:09:38.0494 3452 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
15:09:38.0570 3452 fastfat - ok
15:09:38.0720 3452 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
15:09:38.0788 3452 fdc - ok
15:09:38.0830 3452 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
15:09:38.0860 3452 fdPHost - ok
15:09:38.0969 3452 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
15:09:39.0033 3452 FDResPub - ok
15:09:39.0177 3452 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
15:09:39.0214 3452 FileInfo - ok
15:09:39.0307 3452 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
15:09:39.0373 3452 Filetrace - ok
15:09:39.0482 3452 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
15:09:39.0620 3452 flpydisk - ok
15:09:39.0795 3452 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
15:09:39.0822 3452 FltMgr - ok
15:09:40.0275 3452 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
15:09:40.0357 3452 FontCache - ok
15:09:40.0444 3452 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:09:40.0481 3452 FontCache3.0.0.0 - ok
15:09:40.0733 3452 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
15:09:40.0816 3452 Fs_Rec - ok
15:09:41.0019 3452 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
15:09:41.0066 3452 gagp30kx - ok
15:09:41.0389 3452 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
15:09:41.0520 3452 gpsvc - ok
15:09:41.0790 3452 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
15:09:41.0852 3452 HdAudAddService - ok
15:09:42.0078 3452 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
15:09:42.0263 3452 HDAudBus - ok
15:09:42.0416 3452 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
15:09:42.0464 3452 HidBth - ok
15:09:42.0559 3452 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
15:09:42.0620 3452 HidIr - ok
15:09:42.0669 3452 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\System32\hidserv.dll
15:09:42.0685 3452 hidserv - ok
15:09:42.0954 3452 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
15:09:42.0977 3452 HidUsb - ok
15:09:43.0263 3452 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
15:09:43.0346 3452 hkmsvc - ok
15:09:43.0547 3452 HMFAxCore56d706f6725c732df006697fd5ec3381 (76651801028888d3232a4feef34b5d87) C:\Windows\system32\drivers\HMFAxCore56d706f6725c732df006697fd5ec3381.sys
15:09:43.0570 3452 HMFAxCore56d706f6725c732df006697fd5ec3381 ( UnsignedFile.Multi.Generic ) - warning
15:09:43.0570 3452 HMFAxCore56d706f6725c732df006697fd5ec3381 - detected UnsignedFile.Multi.Generic (1)
15:09:44.0122 3452 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
15:09:44.0159 3452 HpCISSs - ok
15:09:44.0508 3452 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
15:09:44.0643 3452 HTTP - ok
15:09:44.0979 3452 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
15:09:44.0990 3452 i2omp - ok
15:09:45.0238 3452 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
15:09:45.0282 3452 i8042prt - ok
15:09:45.0495 3452 iaStor (4b80b97cbf0782b3bb3057f88d42c367) C:\Windows\system32\DRIVERS\iaStor.sys
15:09:45.0542 3452 iaStor - ok
15:09:45.0620 3452 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
15:09:45.0636 3452 iaStorV - ok
15:09:46.0037 3452 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:09:46.0095 3452 idsvc - ok
15:09:46.0633 3452 igfx (37f7e45253000ac41a1f520a62d4ebe2) C:\Windows\system32\DRIVERS\igdkmd32.sys
15:09:47.0332 3452 igfx - ok
15:09:47.0530 3452 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
15:09:47.0542 3452 iirsp - ok
15:09:47.0835 3452 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
15:09:47.0892 3452 IKEEXT - ok
15:09:48.0029 3452 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
15:09:48.0055 3452 intelide - ok
15:09:48.0087 3452 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
15:09:48.0145 3452 intelppm - ok
15:09:48.0282 3452 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
15:09:48.0329 3452 IPBusEnum - ok
15:09:48.0392 3452 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:09:48.0454 3452 IpFilterDriver - ok
15:09:48.0620 3452 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
15:09:48.0667 3452 iphlpsvc - ok
15:09:48.0714 3452 IpInIp - ok
15:09:48.0838 3452 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
15:09:48.0885 3452 IPMIDRV - ok
15:09:49.0192 3452 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
15:09:49.0239 3452 IPNAT - ok
15:09:49.0397 3452 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
15:09:49.0442 3452 IRENUM - ok
15:09:49.0488 3452 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
15:09:49.0504 3452 isapnp - ok
15:09:49.0678 3452 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
15:09:49.0703 3452 iScsiPrt - ok
15:09:49.0761 3452 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
15:09:49.0781 3452 iteatapi - ok
15:09:49.0890 3452 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
15:09:49.0902 3452 iteraid - ok
15:09:49.0941 3452 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
15:09:49.0955 3452 kbdclass - ok
15:09:50.0005 3452 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
15:09:50.0064 3452 kbdhid - ok
15:09:50.0174 3452 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
15:09:50.0205 3452 KeyIso - ok
15:09:50.0252 3452 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
15:09:50.0267 3452 KSecDD - ok
15:09:50.0408 3452 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
15:09:50.0454 3452 KtmRm - ok
15:09:50.0596 3452 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\System32\srvsvc.dll
15:09:50.0628 3452 LanmanServer - ok
15:09:50.0678 3452 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
15:09:50.0711 3452 LanmanWorkstation - ok
15:09:50.0825 3452 LGDDCDevice (6a1466718420110960cd0d39dd4679d0) C:\Windows\system32\LGI2CDriver.sys
15:09:50.0849 3452 LGDDCDevice ( UnsignedFile.Multi.Generic ) - warning
15:09:50.0849 3452 LGDDCDevice - detected UnsignedFile.Multi.Generic (1)
15:09:50.0884 3452 LGII2CDevice (30537b9e747d8e285bb5484866a2fadb) C:\Windows\system32\LGPII2CDriver.sys
15:09:50.0890 3452 LGII2CDevice ( UnsignedFile.Multi.Generic ) - warning
15:09:50.0890 3452 LGII2CDevice - detected UnsignedFile.Multi.Generic (1)
15:09:50.0943 3452 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
15:09:50.0989 3452 lltdio - ok
15:09:51.0195 3452 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
15:09:51.0247 3452 lltdsvc - ok
15:09:51.0438 3452 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
15:09:51.0535 3452 lmhosts - ok
15:09:51.0774 3452 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
15:09:51.0805 3452 LSI_FC - ok
15:09:51.0852 3452 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
15:09:51.0883 3452 LSI_SAS - ok
15:09:52.0008 3452 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
15:09:52.0039 3452 LSI_SCSI - ok
15:09:52.0149 3452 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
15:09:52.0236 3452 luafv - ok
15:09:52.0460 3452 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
15:09:52.0514 3452 Mcx2Svc - ok
15:09:52.0753 3452 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
15:09:52.0772 3452 megasas - ok
15:09:52.0811 3452 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
15:09:52.0874 3452 MMCSS - ok
15:09:53.0100 3452 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
15:09:53.0160 3452 Modem - ok
15:09:53.0318 3452 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
15:09:53.0363 3452 monitor - ok
15:09:53.0638 3452 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
15:09:53.0649 3452 mouclass - ok
15:09:53.0808 3452 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
15:09:53.0864 3452 mouhid - ok
15:09:54.0136 3452 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
15:09:54.0162 3452 MountMgr - ok
15:09:54.0283 3452 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys
15:09:54.0310 3452 MpFilter - ok
15:09:54.0547 3452 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
15:09:54.0567 3452 mpio - ok
15:09:54.0812 3452 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys
15:09:54.0844 3452 MpNWMon - ok
15:09:54.0875 3452 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
15:09:54.0906 3452 mpsdrv - ok
15:09:55.0062 3452 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
15:09:55.0093 3452 MpsSvc - ok
15:09:55.0202 3452 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
15:09:55.0219 3452 Mraid35x - ok
15:09:55.0237 3452 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
15:09:55.0267 3452 MRxDAV - ok
15:09:55.0318 3452 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:09:55.0358 3452 mrxsmb - ok
15:09:55.0503 3452 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:09:55.0558 3452 mrxsmb10 - ok
15:09:55.0711 3452 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:09:55.0751 3452 mrxsmb20 - ok
15:09:55.0833 3452 msahci (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys
15:09:55.0845 3452 msahci - ok
15:09:56.0014 3452 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
15:09:56.0039 3452 msdsm - ok
15:09:56.0111 3452 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
15:09:56.0138 3452 MSDTC - ok
15:09:56.0350 3452 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
15:09:56.0413 3452 Msfs - ok
15:09:56.0504 3452 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
15:09:56.0519 3452 msisadrv - ok
15:09:56.0614 3452 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
15:09:56.0674 3452 MSiSCSI - ok
15:09:56.0801 3452 msiserver - ok
15:09:56.0923 3452 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
15:09:56.0966 3452 MSKSSRV - ok
15:09:57.0092 3452 MsMpSvc (cfce43b70ca0cc4dcc8adb62b792b173) C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
15:09:57.0107 3452 MsMpSvc - ok
15:09:57.0343 3452 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
15:09:57.0400 3452 MSPCLOCK - ok
15:09:57.0551 3452 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
15:09:57.0603 3452 MSPQM - ok
15:09:57.0709 3452 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
15:09:57.0729 3452 MsRPC - ok
15:09:57.0920 3452 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
15:09:57.0932 3452 mssmbios - ok
15:09:58.0154 3452 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
15:09:58.0222 3452 MSTEE - ok
15:09:58.0351 3452 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
15:09:58.0381 3452 Mup - ok
15:09:58.0444 3452 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
15:09:58.0487 3452 napagent - ok
15:09:58.0615 3452 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
15:09:58.0646 3452 NativeWifiP - ok
15:09:58.0791 3452 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
15:09:58.0874 3452 NDIS - ok
15:09:58.0991 3452 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
15:09:59.0047 3452 NdisTapi - ok
15:09:59.0334 3452 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
15:09:59.0365 3452 Ndisuio - ok
15:09:59.0521 3452 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
15:09:59.0552 3452 NdisWan - ok
15:09:59.0615 3452 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
15:09:59.0646 3452 NDProxy - ok
15:09:59.0755 3452 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
15:09:59.0802 3452 NetBIOS - ok
15:09:59.0819 3452 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
15:09:59.0828 3452 netbt - ok
15:09:59.0869 3452 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
15:09:59.0882 3452 Netlogon - ok
15:10:00.0045 3452 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
15:10:00.0084 3452 Netman - ok
15:10:00.0301 3452 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
15:10:00.0368 3452 netprofm - ok
15:10:00.0553 3452 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:10:00.0572 3452 NetTcpPortSharing - ok
15:10:00.0786 3452 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
15:10:00.0811 3452 nfrd960 - ok
15:10:00.0967 3452 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:10:00.0998 3452 NisDrv - ok
15:10:01.0123 3452 NisSrv (a5cb074f34bbd89948e34a630d459c0c) C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
15:10:01.0154 3452 NisSrv - ok
15:10:01.0456 3452 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
15:10:01.0509 3452 NlaSvc - ok
15:10:01.0749 3452 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
15:10:01.0794 3452 Npfs - ok
15:10:01.0951 3452 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
15:10:01.0994 3452 nsi - ok
15:10:02.0206 3452 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
15:10:02.0252 3452 nsiproxy - ok
15:10:02.0583 3452 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
15:10:02.0629 3452 Ntfs - ok
15:10:02.0832 3452 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
15:10:02.0910 3452 ntrigdigi - ok
15:10:03.0074 3452 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
15:10:03.0109 3452 Null - ok
15:10:03.0182 3452 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
15:10:03.0216 3452 nvraid - ok
15:10:03.0389 3452 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
15:10:03.0414 3452 nvstor - ok
15:10:03.0480 3452 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
15:10:03.0508 3452 nv_agp - ok
15:10:03.0606 3452 NwlnkFlt - ok
15:10:03.0777 3452 NwlnkFwd - ok
15:10:03.0949 3452 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
15:10:04.0011 3452 ohci1394 - ok
15:10:04.0089 3452 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:10:04.0105 3452 ose - ok
15:10:04.0401 3452 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
15:10:04.0535 3452 p2pimsvc - ok
15:10:04.0570 3452 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
15:10:04.0709 3452 p2psvc - ok
15:10:04.0893 3452 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
15:10:04.0963 3452 Parport - ok
15:10:05.0076 3452 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
15:10:05.0096 3452 partmgr - ok
15:10:05.0323 3452 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
15:10:05.0402 3452 Parvdm - ok
15:10:05.0627 3452 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
15:10:05.0674 3452 PcaSvc - ok
15:10:05.0861 3452 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
15:10:05.0893 3452 pci - ok
15:10:06.0039 3452 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
15:10:06.0067 3452 pciide - ok
15:10:06.0151 3452 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
15:10:06.0177 3452 pcmcia - ok
15:10:06.0374 3452 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
15:10:06.0460 3452 PEAUTH - ok
15:10:06.0749 3452 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
15:10:07.0001 3452 pla - ok
15:10:07.0275 3452 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
15:10:07.0321 3452 PlugPlay - ok
15:10:07.0493 3452 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
15:10:07.0524 3452 PNRPAutoReg - ok
15:10:07.0540 3452 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
15:10:07.0571 3452 PNRPsvc - ok
15:10:07.0740 3452 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
15:10:07.0865 3452 PolicyAgent - ok
15:10:08.0051 3452 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
15:10:08.0082 3452 PptpMiniport - ok
15:10:08.0154 3452 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
15:10:08.0252 3452 Processor - ok
15:10:08.0380 3452 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
15:10:08.0405 3452 ProfSvc - ok
15:10:08.0468 3452 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
15:10:08.0482 3452 ProtectedStorage - ok
15:10:08.0625 3452 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
15:10:08.0657 3452 PSched - ok
15:10:08.0844 3452 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
15:10:08.0906 3452 ql2300 - ok
15:10:08.0969 3452 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
15:10:08.0984 3452 ql40xx - ok
15:10:09.0047 3452 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
15:10:09.0062 3452 QWAVE - ok
15:10:09.0141 3452 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
15:10:09.0141 3452 QWAVEdrv - ok
15:10:09.0175 3452 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
15:10:09.0209 3452 RasAcd - ok
15:10:09.0246 3452 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
15:10:09.0284 3452 RasAuto - ok
15:10:09.0368 3452 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:10:09.0411 3452 Rasl2tp - ok
15:10:09.0467 3452 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
15:10:09.0499 3452 RasMan - ok
15:10:09.0582 3452 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
15:10:09.0623 3452 RasPppoe - ok
15:10:09.0756 3452 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
15:10:09.0785 3452 RasSstp - ok
15:10:09.0854 3452 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
15:10:09.0892 3452 rdbss - ok
15:10:09.0958 3452 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:10:10.0007 3452 RDPCDD - ok
15:10:10.0122 3452 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
15:10:10.0210 3452 rdpdr - ok
15:10:10.0460 3452 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
15:10:10.0491 3452 RDPENCDD - ok
15:10:10.0694 3452 RDPWD (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
15:10:10.0739 3452 RDPWD - ok
15:10:10.0863 3452 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
15:10:10.0915 3452 RemoteAccess - ok
15:10:11.0103 3452 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
15:10:11.0149 3452 RemoteRegistry - ok
15:10:11.0298 3452 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
15:10:11.0330 3452 RpcLocator - ok
15:10:11.0435 3452 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
15:10:11.0472 3452 RpcSs - ok
15:10:11.0717 3452 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
15:10:11.0764 3452 rspndr - ok
15:10:12.0013 3452 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
15:10:12.0029 3452 SamSs - ok
15:10:12.0091 3452 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
15:10:12.0107 3452 sbp2port - ok
15:10:12.0300 3452 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
15:10:12.0324 3452 SCardSvr - ok
15:10:12.0414 3452 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
15:10:12.0514 3452 Schedule - ok
15:10:12.0662 3452 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
15:10:12.0692 3452 SCPolicySvc - ok
15:10:12.0739 3452 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
15:10:12.0817 3452 SDRSVC - ok
15:10:13.0026 3452 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
15:10:13.0081 3452 secdrv - ok
15:10:13.0229 3452 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
15:10:13.0303 3452 seclogon - ok
15:10:13.0412 3452 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\system32\sens.dll
15:10:13.0474 3452 SENS - ok
15:10:13.0708 3452 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
15:10:13.0786 3452 Serenum - ok
15:10:13.0842 3452 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
15:10:13.0887 3452 Serial - ok
15:10:14.0152 3452 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
15:10:14.0193 3452 sermouse - ok
15:10:14.0372 3452 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
15:10:14.0446 3452 SessionEnv - ok
15:10:14.0500 3452 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
15:10:14.0600 3452 sffdisk - ok
15:10:14.0934 3452 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
15:10:14.0997 3452 sffp_mmc - ok
15:10:15.0028 3452 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
15:10:15.0090 3452 sffp_sd - ok
15:10:15.0293 3452 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
15:10:15.0356 3452 sfloppy - ok
15:10:15.0431 3452 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
15:10:15.0488 3452 SharedAccess - ok
15:10:15.0604 3452 ShellHWDetection (179af7b52c59eed5635f69870d9e75e0) C:\Windows\System32\shsvcs.dll
15:10:15.0619 3452 ShellHWDetection ( UnsignedFile.Multi.Generic ) - warning
15:10:15.0619 3452 ShellHWDetection - detected UnsignedFile.Multi.Generic (1)
15:10:15.0916 3452 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
15:10:15.0936 3452 sisagp - ok
15:10:15.0978 3452 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
15:10:16.0007 3452 SiSRaid2 - ok
15:10:16.0130 3452 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
15:10:16.0143 3452 SiSRaid4 - ok
15:10:16.0261 3452 SkypeUpdate (db0405d9aad62f0762e0876ac142b7e1) C:\Program Files\Skype\Updater\Updater.exe
15:10:16.0274 3452 SkypeUpdate - ok
15:10:17.0047 3452 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
15:10:17.0403 3452 slsvc - ok
15:10:17.0561 3452 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
15:10:17.0631 3452 SLUINotify - ok
15:10:17.0721 3452 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
15:10:17.0762 3452 Smb - ok
15:10:18.0057 3452 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
15:10:18.0088 3452 SNMPTRAP - ok
15:10:18.0182 3452 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
15:10:18.0198 3452 spldr - ok
15:10:18.0322 3452 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
15:10:18.0354 3452 Spooler - ok
15:10:18.0468 3452 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
15:10:18.0523 3452 srv - ok
15:10:18.0663 3452 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
15:10:18.0708 3452 srv2 - ok
15:10:18.0748 3452 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
15:10:18.0783 3452 srvnet - ok
15:10:18.0972 3452 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
15:10:19.0023 3452 SSDPSRV - ok
15:10:19.0162 3452 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
15:10:19.0211 3452 SstpSvc - ok
15:10:19.0286 3452 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
15:10:19.0348 3452 stisvc - ok
15:10:19.0430 3452 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
15:10:19.0486 3452 swenum - ok
15:10:19.0673 3452 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
15:10:19.0782 3452 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
15:10:19.0782 3452 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
15:10:20.0001 3452 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
15:10:20.0028 3452 swprv - ok
15:10:20.0166 3452 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
15:10:20.0241 3452 Symc8xx - ok
15:10:20.0272 3452 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
15:10:20.0290 3452 Sym_hi - ok
15:10:20.0315 3452 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
15:10:20.0327 3452 Sym_u3 - ok
15:10:20.0384 3452 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
15:10:20.0528 3452 SysMain - ok
15:10:20.0761 3452 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
15:10:20.0813 3452 TabletInputService - ok
15:10:20.0927 3452 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
15:10:20.0970 3452 TapiSrv - ok
15:10:21.0102 3452 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
15:10:21.0164 3452 TBS - ok
15:10:21.0571 3452 Tcpip (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\drivers\tcpip.sys
15:10:21.0687 3452 Tcpip - ok
15:10:22.0640 3452 Tcpip6 (16731b631f28f63cd9f4cb60940e7ddd) C:\Windows\system32\DRIVERS\tcpip.sys
15:10:22.0734 3452 Tcpip6 - ok
15:10:22.0905 3452 tcpipreg (3fc13f09af9be487c7b4fac4070a036c) C:\Windows\system32\drivers\tcpipreg.sys
15:10:22.0952 3452 tcpipreg - ok
15:10:23.0014 3452 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
15:10:23.0046 3452 TDPIPE - ok
15:10:23.0193 3452 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
15:10:23.0307 3452 TDTCP - ok
15:10:23.0516 3452 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
15:10:23.0536 3452 tdx - ok
15:10:23.0594 3452 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
15:10:23.0607 3452 TermDD - ok
15:10:23.0736 3452 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
15:10:23.0867 3452 TermService - ok
15:10:24.0104 3452 Themes (179af7b52c59eed5635f69870d9e75e0) C:\Windows\system32\shsvcs.dll
15:10:24.0147 3452 Themes ( UnsignedFile.Multi.Generic ) - warning
15:10:24.0147 3452 Themes - detected UnsignedFile.Multi.Generic (1)
15:10:24.0209 3452 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
15:10:24.0256 3452 THREADORDER - ok
15:10:24.0521 3452 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
15:10:24.0568 3452 TrkWks - ok
15:10:24.0599 3452 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
15:10:24.0630 3452 TrustedInstaller - ok
15:10:24.0811 3452 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:10:24.0868 3452 tssecsrv - ok
15:10:24.0995 3452 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
15:10:25.0023 3452 tunmp - ok
15:10:25.0136 3452 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
15:10:25.0167 3452 tunnel - ok
15:10:25.0213 3452 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
15:10:25.0241 3452 uagp35 - ok
15:10:25.0717 3452 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
15:10:25.0764 3452 udfs - ok
15:10:26.0060 3452 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
15:10:26.0091 3452 UI0Detect - ok
15:10:26.0263 3452 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
15:10:26.0274 3452 uliagpkx - ok
15:10:26.0465 3452 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
15:10:26.0484 3452 uliahci - ok
15:10:26.0771 3452 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
15:10:26.0810 3452 UlSata - ok
15:10:27.0199 3452 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
15:10:27.0233 3452 ulsata2 - ok
15:10:27.0832 3452 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
15:10:27.0925 3452 umbus - ok
15:10:28.0365 3452 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
15:10:28.0424 3452 upnphost - ok
15:10:28.0800 3452 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
15:10:28.0862 3452 usbccgp - ok
15:10:29.0221 3452 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
15:10:29.0315 3452 usbcir - ok
15:10:29.0382 3452 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
15:10:29.0416 3452 usbehci - ok
15:10:29.0526 3452 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
15:10:29.0582 3452 usbhub - ok
15:10:29.0770 3452 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
15:10:29.0891 3452 usbohci - ok
15:10:30.0338 3452 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
15:10:30.0416 3452 usbprint - ok
15:10:30.0968 3452 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
15:10:31.0012 3452 usbscan - ok
15:10:31.0215 3452 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:10:31.0263 3452 USBSTOR - ok
15:10:31.0337 3452 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
15:10:31.0381 3452 usbuhci - ok
15:10:31.0876 3452 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
15:10:31.0922 3452 usbvideo - ok
15:10:32.0188 3452 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
15:10:32.0219 3452 UxSms - ok
15:10:32.0585 3452 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
15:10:32.0728 3452 vds - ok
15:10:33.0084 3452 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
15:10:33.0143 3452 vga - ok
15:10:33.0476 3452 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
15:10:33.0538 3452 VgaSave - ok
15:10:33.0570 3452 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
15:10:33.0601 3452 viaagp - ok
15:10:33.0772 3452 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
15:10:33.0835 3452 ViaC7 - ok
15:10:33.0866 3452 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
15:10:33.0897 3452 viaide - ok
15:10:34.0177 3452 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
15:10:34.0193 3452 volmgr - ok
15:10:34.0591 3452 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
15:10:34.0624 3452 volmgrx - ok
15:10:34.0745 3452 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
15:10:34.0773 3452 volsnap - ok
15:10:34.0891 3452 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
15:10:34.0921 3452 vsmraid - ok
15:10:35.0217 3452 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
15:10:35.0326 3452 VSS - ok
15:10:35.0587 3452 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
15:10:35.0656 3452 W32Time - ok
15:10:36.0056 3452 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
15:10:36.0111 3452 WacomPen - ok
15:10:36.0194 3452 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
15:10:36.0255 3452 Wanarp - ok
15:10:36.0259 3452 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
15:10:36.0280 3452 Wanarpv6 - ok
15:10:36.0541 3452 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
15:10:36.0614 3452 wcncsvc - ok
15:10:36.0734 3452 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
15:10:36.0778 3452 WcsPlugInService - ok
15:10:36.0948 3452 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
15:10:36.0969 3452 Wd - ok
15:10:37.0332 3452 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
15:10:37.0377 3452 Wdf01000 - ok
15:10:37.0672 3452 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
15:10:37.0700 3452 WdiServiceHost - ok
15:10:37.0706 3452 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
15:10:37.0734 3452 WdiSystemHost - ok
15:10:37.0858 3452 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
15:10:37.0878 3452 WebClient - ok
15:10:37.0958 3452 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
15:10:38.0008 3452 Wecsvc - ok
15:10:38.0294 3452 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
15:10:38.0691 3452 wercplsupport - ok
15:10:38.0929 3452 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
15:10:38.0981 3452 WerSvc - ok
15:10:39.0197 3452 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
15:10:39.0253 3452 WinDefend - ok
15:10:39.0264 3452 WinHttpAutoProxySvc - ok
15:10:39.0491 3452 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
15:10:39.0514 3452 Winmgmt - ok
15:10:39.0959 3452 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
15:10:40.0072 3452 WinRM - ok
15:10:40.0255 3452 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
15:10:40.0364 3452 Wlansvc - ok
15:10:40.0729 3452 wlidsvc (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:10:41.0623 3452 wlidsvc - ok
15:10:41.0724 3452 wltrysvc - ok
15:10:41.0979 3452 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
15:10:41.0999 3452 WmiAcpi - ok
15:10:42.0136 3452 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
15:10:42.0211 3452 wmiApSrv - ok
15:10:42.0712 3452 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
15:10:42.0877 3452 WMPNetworkSvc - ok
15:10:43.0166 3452 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
15:10:43.0193 3452 WPCSvc - ok
15:10:43.0473 3452 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
15:10:43.0507 3452 WPDBusEnum - ok
15:10:43.0740 3452 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
15:10:43.0791 3452 WpdUsb - ok
15:10:44.0146 3452 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
15:10:44.0412 3452 WPFFontCache_v0400 - ok
15:10:44.0745 3452 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
15:10:44.0920 3452 ws2ifsl - ok
15:10:45.0202 3452 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\system32\wscsvc.dll
15:10:45.0228 3452 wscsvc - ok
15:10:45.0431 3452 WSearch - ok
15:10:45.0934 3452 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
15:10:46.0043 3452 wuauserv - ok
15:10:46.0364 3452 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:10:46.0415 3452 WUDFRd - ok
15:10:46.0441 3452 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
15:10:46.0476 3452 wudfsvc - ok
15:10:46.0668 3452 yukonwlh (1a51df1a5c658d534ed980d18f7982de) C:\Windows\system32\DRIVERS\yk60x86.sys
15:10:46.0753 3452 yukonwlh - ok
15:10:46.0795 3452 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
15:10:47.0363 3452 \Device\Harddisk0\DR0 - ok
15:10:47.0503 3452 Boot (0x1200) (803036e159af171140cd14d27287c2aa) \Device\Harddisk0\DR0\Partition0
15:10:47.0534 3452 \Device\Harddisk0\DR0\Partition0 - ok
15:10:47.0550 3452 Boot (0x1200) (c85b4c53295f8151d7c5fab5007de1fe) \Device\Harddisk0\DR0\Partition1
15:10:47.0581 3452 \Device\Harddisk0\DR0\Partition1 - ok
15:10:47.0581 3452 ============================================================
15:10:47.0581 3452 Scan finished
15:10:47.0581 3452 ============================================================
15:10:47.0597 3952 Detected object count: 8
15:10:47.0597 3952 Actual detected object count: 8
15:11:13.0813 3952 AdobeARMservice ( UnsignedFile.Multi.Generic ) - skipped by user
15:11:13.0813 3952 AdobeARMservice ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:11:13.0828 3952 clr_optimization_v4.0.30319_32 ( UnsignedFile.Multi.Generic ) - skipped by user
15:11:13.0828 3952 clr_optimization_v4.0.30319_32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:11:13.0828 3952 HMFAxCore56d706f6725c732df006697fd5ec3381 ( UnsignedFile.Multi.Generic ) - skipped by user
15:11:13.0828 3952 HMFAxCore56d706f6725c732df006697fd5ec3381 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:11:13.0828 3952 LGDDCDevice ( UnsignedFile.Multi.Generic ) - skipped by user
15:11:13.0828 3952 LGDDCDevice ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:11:13.0828 3952 LGII2CDevice ( UnsignedFile.Multi.Generic ) - skipped by user
15:11:13.0828 3952 LGII2CDevice ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:11:13.0828 3952 ShellHWDetection ( UnsignedFile.Multi.Generic ) - skipped by user
15:11:13.0828 3952 ShellHWDetection ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:11:13.0828 3952 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
15:11:13.0828 3952 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:11:13.0844 3952 Themes ( UnsignedFile.Multi.Generic ) - skipped by user
15:11:13.0844 3952 Themes ( UnsignedFile.Multi.Generic ) - User select action: Skip
Re: Malware v nestabilním PC
Spustil jsem zatím rychlou kontrolu a našlo to 2 rootkity:
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.61.0.1400
www.malwarebytes.org
Verze databáze: v2012.04.24.05
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
uzivatel :: uzivatel-PC [administrátor]
Ochrana: Povolena
24.4.2012 22:54:20
mbam-log-2012-04-24 (22-54-20).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 206502
Uplynulý čas: 5 minut, 51 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 2
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\{E9C1E1AC-C9B2-4c85-94DE-9C1518918D02}.tlb (Rootkit.Zeroaccess) -> Umístnění do karantény a smazání se zdařilo.
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\{E9C1E1AC-C9B2-4c85-94DE-9C1518918D02}.tlb (Rootkit.Zeroaccess) -> Umístnění do karantény a smazání se zdařilo.
(konec)
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.61.0.1400
www.malwarebytes.org
Verze databáze: v2012.04.24.05
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
uzivatel :: uzivatel-PC [administrátor]
Ochrana: Povolena
24.4.2012 22:54:20
mbam-log-2012-04-24 (22-54-20).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 206502
Uplynulý čas: 5 minut, 51 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 2
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\{E9C1E1AC-C9B2-4c85-94DE-9C1518918D02}.tlb (Rootkit.Zeroaccess) -> Umístnění do karantény a smazání se zdařilo.
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\{E9C1E1AC-C9B2-4c85-94DE-9C1518918D02}.tlb (Rootkit.Zeroaccess) -> Umístnění do karantény a smazání se zdařilo.
(konec)
Re: Malware v nestabilním PC
Díky, ale bohužel teď nemá možnost to jinde vypálit. 
Je jiná možnost? Například ten SW jen stáhnout, nebo využít alternativu?
Děkuji
Je jiná možnost? Například ten SW jen stáhnout, nebo využít alternativu?
Děkuji
Re: Malware v nestabilním PC
Mohl bys mi poradit jak z toho OTLPE dostat ISO? Primárně to nabízí jen vypálení, ale potřeboval bych to rozjet na svém stroji.
Díky
Díky
Re: Malware v nestabilním PC
Tak to mám připojeno jako virtuální jednotku, ale nemůžu ten SW spustit. Při spuštění disku mi to nabídne přehrát jako video (?) a nebo zobrazit složku, ve složce spustím jen aplikaci retagoMenu
Re: Malware v nestabilním PC
OK, díky.
Zkusím to tedy s flashkou.
Zkusím to tedy s flashkou.
Re: Malware v nestabilním PC
Ahoj,
tak jsem to zkoušel dát na flash podle návodu zde: http://forum.viry.cz//viewtopic.php?f=1 ... w=previous
Ale eeepfcr mi odmítá najít USB disky, zkoušel jsem dvě, složku jsem měl umístenou přímo v C:, zkoušel jsem i D:, ale pořád píše "No USB disk found".
Nemáš v záloze nějaký podobný SW?
tak jsem to zkoušel dát na flash podle návodu zde: http://forum.viry.cz//viewtopic.php?f=1 ... w=previous
Ale eeepfcr mi odmítá najít USB disky, zkoušel jsem dvě, složku jsem měl umístenou přímo v C:, zkoušel jsem i D:, ale pořád píše "No USB disk found".
Nemáš v záloze nějaký podobný SW?
Re: Malware v nestabilním PC
Postupoval jsem podle návodu, všechno v pořádku, ale kopírování se zastavilo hláškou: "Invalid floating point operation".
Co jsem četl na internetu tak řešení asi nebude tak jednoduché?
Nevíš co s tím?
Co jsem četl na internetu tak řešení asi nebude tak jednoduché?
Nevíš co s tím?
Re: Malware v nestabilním PC
Dobře, ale to budeme muset odložit do zítra, spíše do pondělí. Protože CD/DVD nemám a už jsem ani nečekal že bych ho někdy potřeboval vypálit.
Je něco co můžu udělat hned, nebo se bez tohoto kroku nepohneme?
Je něco co můžu udělat hned, nebo se bez tohoto kroku nepohneme?
Re: Malware v nestabilním PC
Ahoj,
tak mám konečně výsledek OTL, soubor jsem uploadnul na virustotal.com, ale nic nenašlo.
Soubor: http://uloz.to/xp3zRBk/otl-txt
Jinak tu mám stále nainstalovaný Malwerbytes a občas vyskočí bublina s upozorněním.
tak mám konečně výsledek OTL, soubor jsem uploadnul na virustotal.com, ale nic nenašlo.
Soubor: http://uloz.to/xp3zRBk/otl-txt
Jinak tu mám stále nainstalovaný Malwerbytes a občas vyskočí bublina s upozorněním.
Re: Malware v nestabilním PC
Posílám jako přílohu.
O víkendu tu více méně budu, pokud bychom se domluvili na čase tak by nebyl problém.
O víkendu tu více méně budu, pokud bychom se domluvili na čase tak by nebyl problém.
- Přílohy
-
- OTL.rar
- (37.63 KiB) Staženo 41 x
Re: Malware v nestabilním PC
Ahoj,
nezlob se, to poledne jsem prošvihl.
Měl bych tu být klidně teď v podvečer s malými přestávkami, takže klidně napiš.
Díky
nezlob se, to poledne jsem prošvihl.
Měl bych tu být klidně teď v podvečer s malými přestávkami, takže klidně napiš.
Díky
Přispějete na provoz fóra?