[ Príspevkov: 18 ] 
AutorSpráva
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 16.10.12
Prihlásený: 18.10.12
Príspevky: 9
Témy: 1 | 1

Pekný den kedže som tu nový budete ma musiet asi kúsok navigovať ale mam tento problém:

Používam Mozillu Firefox a stále po zadaní stránky ma to presmeruje na túto doménu:

partner37.mydomainadvisor.com

hladal som niečo o tomto na nete a vra je to virus nejaky typ Hijack alebo niečo ,nejaký tichý virus aspon tak som to preložil s angličtiny pretože na slovenských a českých stránkach som o tom nenašiel nič

dosť to otravuje niekedy to presmeruje niekedy nie robi si to co chce...

dakujem za každú radu


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 14.09.16
Príspevky: 618
Témy: 2 | 2

vlož log z RSIT http://en.kioskea.net/download/download-11416-rsit
daj continue a daj log


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 16.10.12
Prihlásený: 18.10.12
Príspevky: 9
Témy: 1 | 1
Napísal autor témyOffline : 16.10.2012 23:12 | presmerovanie na partner37.mydomainadvisor.com

Logfile of random's system information tool 1.09 (written by random/random)
Run by PC at 2012-10-16 23:07:56
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 138 GB (72%) free of 191 GB
Total RAM: 4000 MB (31% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:08:07, on 16. 10. 2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16448)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvh.exe
Q:\140066.sky\Office14\EXCELC.EXE
C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
Q:\140066.sky\Office14\OffSpon.EXE
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Users\PC\Desktop\RD\Project2.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASD.exe
C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDTray.exe
C:\Users\PC\Downloads\RSIT.exe
C:\Program Files (x86)\trend micro\PC.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
O2 - BHO: Updater For Spam Free Search Bar - {20a0be68-8fd9-4539-8712-ce3d1c1fdfc6} - C:\Program Files (x86)\blekkotb\auxi\blekkoAu.dll
O2 - BHO: Spam Free Search Bar - {26c9e18c-3717-4be1-a225-04e4471f5b6e} - C:\Program Files (x86)\blekkotb\blekkoDx.dll
O2 - BHO: Trend Micro DirectPass BHO - {3F019D1C-7EAA-4F25-A765-FBA635BD0AFF} - C:\Program Files\Trend Micro\TMIDS\PwmIEBHO32.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Spam Free Search Bar - {26c9e18c-3717-4be1-a225-04e4471f5b6e} - C:\Program Files (x86)\blekkotb\blekkoDx.dll
O3 - Toolbar: KMPlayer Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Trend Micro DirectPass ToolBar - {9B4B91FC-EC4D-4018-9575-96FA5A3C03C5} - C:\Program Files\Trend Micro\TMIDS\PwmIEBHO32.dll
O4 - HKLM\..\Run: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [Anvi Smart Defender] C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDTray.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\PC\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
O23 - Service: Anvi Smart Defender Realtime Guard Service (asdsrv) - Anvisoft - C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDSrv.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Trend Micro DirectPass Central Control Service (PwmSvc) - Trend Micro Inc. - C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TiMiniService - Trend Micro Inc. - C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14693 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3429130421-4225408205-2713287547-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3429130421-4225408205-2713287547-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\stks3ey8.default

"{22C7F6C6-8D67-4534-92B5-529A0EC09405}"=C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"{8197dd50-b252-4b08-a1be-1277f22357bb}"=C:\Program Files\Trend Micro\TMIDS\PwmFirefoxExt


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.287 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\ZEON/PDF,version=2.0]
"Description"=
"Path"=C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CA1377B-DC1D-4A52-9585-6E06050FAC53}]
TmIEPlugInBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll [2010-09-17 185680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{20a0be68-8fd9-4539-8712-ce3d1c1fdfc6}]
Updater For Spam Free Search Bar - C:\Program Files (x86)\blekkotb\auxi\blekkoAu.dll [2012-01-17 262312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26c9e18c-3717-4be1-a225-04e4471f5b6e}]
Spam Free Search Bar - C:\Program Files (x86)\blekkotb\blekkoDx.dll [2012-01-17 86696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3F019D1C-7EAA-4F25-A765-FBA635BD0AFF}]
Trend Micro DirectPass BHO - C:\Program Files\Trend Micro\TMIDS\PwmIEBHO32.dll [2012-10-16 546352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-08-03 51872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-08-21 1227224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17 3855520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}]
TmBpIeBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll [2010-09-17 234832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-02 1089288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
KMPlayer Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2011-02-01 1487240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-02 1089288]
{26c9e18c-3717-4be1-a225-04e4471f5b6e} - Spam Free Search Bar - C:\Program Files (x86)\blekkotb\blekkoDx.dll [2012-01-17 86696]
{D4027C7F-154A-4066-A1AD-4243D8127440} - KMPlayer Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2011-02-01 1487240]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-08-21 1227224]
{9B4B91FC-EC4D-4018-9575-96FA5A3C03C5} - Trend Micro DirectPass ToolBar - C:\Program Files\Trend Micro\TMIDS\PwmIEBHO32.dll [2012-10-16 546352]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Nuance PDF Reader-reminder"=C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe [2008-11-03 328992]
"ASUSPRP"=C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2011-04-01 2018032]
"ASUSWebStorage"=C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe [2011-02-23 731472]
"SonicMasterTray"=C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [2010-07-10 984400]
"UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"Anti-phishing Domain Advisor"=C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe [2012-01-17 232616]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-08-21 4282728]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2011-12-22 318080]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2011-10-24 174720]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"Wireless Console 3"=C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2011-10-18 2319536]
"Malwarebytes' Anti-Malware"=C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [2012-07-03 462920]
"Anvi Smart Defender"=C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDTray.exe [2012-08-23 1229104]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-07-13 17418928]
"Facebook Update"=C:\Users\PC\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-30 138096]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
AsusVibeLauncher.lnk - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
FancyStart daemon.lnk - C:\Windows\Installer\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}\_77B5857C27147149171BE7.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"msacm.siren"=sirenacm.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-10-16 23:07:57 ----D---- C:\Program Files (x86)\trend micro
2012-10-16 23:07:56 ----D---- C:\rsit
2012-10-16 17:05:06 ----D---- C:\Users\PC\AppData\Roaming\Trend Micro
2012-10-15 22:48:16 ----D---- C:\Users\PC\AppData\Roaming\Anvisoft
2012-10-15 22:47:57 ----D---- C:\ProgramData\Anvisoft
2012-10-15 22:47:54 ----D---- C:\Program Files (x86)\Anvisoft
2012-10-15 22:39:47 ----A---- C:\TDSSKiller.2.8.13.0_15.10.2012_22.39.47_log.txt
2012-10-14 17:50:10 ----D---- C:\Users\PC\AppData\Roaming\Malwarebytes
2012-10-14 17:49:55 ----D---- C:\ProgramData\Malwarebytes
2012-10-14 17:49:53 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-10-14 17:31:33 ----A---- C:\AdwCleaner[R1].txt
2012-10-12 15:12:42 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-10-09 22:04:10 ----D---- C:\Users\PC\AppData\Roaming\Mozilla
2012-10-09 22:03:59 ----D---- C:\ProgramData\Mozilla
2012-10-09 22:03:59 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service

======List of files/folders modified in the last 1 month======

2012-10-16 23:08:07 ----D---- C:\Windows\Prefetch
2012-10-16 23:07:57 ----RD---- C:\Program Files (x86)
2012-10-16 22:54:11 ----D---- C:\Windows\Temp
2012-10-16 22:52:52 ----D---- C:\Users\PC\AppData\Roaming\Skype
2012-10-16 17:06:37 ----SHD---- C:\Windows\Installer
2012-10-16 17:06:04 ----D---- C:\ProgramData\Trend Micro
2012-10-16 00:16:31 ----D---- C:\Windows\inf
2012-10-15 22:47:57 ----HD---- C:\ProgramData
2012-10-14 22:56:37 ----D---- C:\Users\PC\AppData\Roaming\SoftGrid Client
2012-10-14 22:27:29 ----A---- C:\Windows\SysWOW64\log.txt
2012-10-14 22:25:52 ----D---- C:\ProgramData\Anti-phishing Domain Advisor
2012-10-14 22:25:51 ----HD---- C:\ASUS.DAT
2012-10-14 22:24:18 ----D---- C:\Windows
2012-10-14 17:36:14 ----D---- C:\Windows\SysWOW64
2012-10-13 22:16:23 ----SHD---- C:\System Volume Information
2012-10-10 17:15:25 ----SD---- C:\Users\PC\AppData\Roaming\Microsoft
2012-10-10 08:17:43 ----D---- C:\Windows\winsxs
2012-10-10 08:02:00 ----A---- C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-10-04 21:30:32 ----D---- C:\Windows\rescache
2012-10-04 21:27:53 ----D---- C:\Program Files (x86)\Windows Sidebar
2012-10-04 21:27:53 ----D---- C:\Program Files (x86)\Windows Mail
2012-10-04 21:27:52 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2012-10-04 21:27:52 ----D---- C:\Program Files (x86)\Windows Media Player
2012-10-04 21:27:52 ----D---- C:\Program Files (x86)\Windows Defender
2012-10-04 21:27:52 ----D---- C:\Program Files (x86)\Common Files\System
2012-10-04 21:22:59 ----D---- C:\Windows\SysWOW64\migwiz
2012-10-04 21:22:59 ----D---- C:\Windows\SysWOW64\drivers\en-US
2012-10-04 21:22:55 ----D---- C:\Windows\SysWOW64\en-US
2012-10-04 21:22:28 ----D---- C:\Windows\SysWOW64\WCN
2012-10-04 21:22:24 ----D---- C:\Windows\en-US
2012-10-04 21:15:21 ----D---- C:\Windows\Logs
2012-10-04 20:36:03 ----D---- C:\Windows\System32
2012-10-03 18:26:34 ----SD---- C:\ProgramData\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys []
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R1 aswKbd;aswKbd; C:\Windows\SysWOW64\drivers\aswKbd.sys []
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys []
R1 aswSnx;aswSnx; C:\Windows\SysWOW64\drivers\aswSnx.sys []
R1 aswSP;aswSP; C:\Windows\SysWOW64\drivers\aswSP.sys []
R1 aswTdi;avast! Network Shield Support; C:\Windows\SysWOW64\drivers\aswTdi.sys []
R1 ATKWMIACPIIO_;ATKWMIACPI Driver_; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
R1 tmtdi;Trend Micro TDI Driver; C:\Windows\system32\DRIVERS\tmtdi.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
R2 asdrs;AntiMalware Host-based Intrusion Prevention System; \??\C:\Windows\system32\DRIVERS\asdrs.sys []
R2 asdws;AnviSmartDefender Web Guard; \??\C:\Windows\system32\DRIVERS\asdws.sys []
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 aswFsBlk;aswFsBlk; C:\Windows\SysWOW64\drivers\aswFsBlk.sys []
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys []
R2 tmactmon;tmactmon; C:\Windows\system32\DRIVERS\tmactmon.sys []
R2 tmcomm;tmcomm; C:\Windows\system32\DRIVERS\tmcomm.sys []
R2 tmevtmgr;tmevtmgr; C:\Windows\system32\DRIVERS\tmevtmgr.sys []
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys []
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys []
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys []
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys []
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys []
R3 btath_avdt;Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys []
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys []
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys []
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys []
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys []
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys []
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys []
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys []
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys []
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys []
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 IntcDAud;Intel(R) Zvuk pre obrazovky; C:\Windows\system32\DRIVERS\IntcDAud.sys []
R3 kbfilter;kbfilter; C:\Windows\system32\DRIVERS\kbfilter.sys []
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys []
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys []
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys []
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys []
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys []
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys []
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys []
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys []
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys []
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys []
S1 asdrm;asdrm; C:\Windows\system32\DRIVERS\asdrm.sys []
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS []
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys []
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys []
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys []
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys []
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys []
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys []
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe []
R2 asdsrv;Anvi Smart Defender Realtime Guard Service; C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDSrv.exe [2012-08-23 686896]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2011-11-21 80512]
R2 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [2012-02-16 277120]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-08-03 146592]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-08-03 103584]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-08-21 44808]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-21 325656]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
R2 PwmSvc;Trend Micro DirectPass Central Control Service; C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe [2012-10-16 342064]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-02-25 249648]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
R3 TiMiniService;TiMiniService; C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [2010-09-17 241488]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-03 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-10 250808]
S3 Amsp;Trend Micro Solution Platform; C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2010-09-17 267480]
S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-02 183560]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-03 136176]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-12 115168]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []
S4 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe []
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

-----------------EOF-----------------


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 14.09.16
Príspevky: 618
Témy: 2 | 2

Stahni si adwcleaner spusť daj search pošli log http://www.softpedia.com/get/Antivirus/ ... aner.shtml
Stiahni si roguekiller http://www.geekstogo.com/forum/files/fi ... guekiller/ daj skontrolovať a oprava host logy pošli budeš ich mať na ploche .
stiahni si combofix http://www.bleepingcomputer.com/download/combofix/ spusť davaj yes ok agree ako ťa combofix vyzve log budeš mať na C:combofix.txt


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 16.10.12
Prihlásený: 18.10.12
Príspevky: 9
Témy: 1 | 1
Napísal autor témyOffline : 17.10.2012 9:53 | presmerovanie na partner37.mydomainadvisor.com

ADWcleaner:

# AdwCleaner v2.005 - Logfile created 10/17/2012 at 09:40:11
# Updated 14/10/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : PC - PC-PC
# Boot Mode : Normal
# Running from : C:\Users\PC\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Program Files (x86)\Ask.com
Folder Found : C:\ProgramData\Anti-phishing Domain Advisor
Folder Found : C:\ProgramData\Partner
Folder Found : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\Software\AskToolbar
Key Found : HKCU\Software\AppDataLow\Software\blekkotb
Key Found : HKCU\Software\Ask.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{20A0BE68-8FD9-4539-8712-CE3D1C1FDFC6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{26C9E18C-3717-4BE1-A225-04E4471F5B6E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{20A0BE68-8FD9-4539-8712-CE3D1C1FDFC6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{26C9E18C-3717-4BE1-A225-04E4471F5B6E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Found : HKLM\Software\AskToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Found : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{20A0BE68-8FD9-4539-8712-CE3D1C1FDFC6}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{26C9E18C-3717-4BE1-A225-04E4471F5B6E}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{20A0BE68-8FD9-4539-8712-CE3D1C1FDFC6}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26C9E18C-3717-4BE1-A225-04E4471F5B6E}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Anti-phishing Domain Advisor
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\blekkotb
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKU\S-1-5-21-3429130421-4225408205-2713287547-1000\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Anti-phishing Domain Advisor]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{26C9E18C-3717-4BE1-A225-04E4471F5B6E}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v15.0.1 (cs)

Profile name : default
File : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\stks3ey8.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v12.1.1532.0

File : C:\Users\PC\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [5574 octets] - [14/10/2012 17]
AdwCleaner[R2].txt - [5634 octets] - [17/10/2012 09]
AdwCleaner[R3].txt - [5577 octets] - [17/10/2012 09]

########## EOF - C:\AdwCleaner[R3].txt - [5637 octets] ##########


RogueKiller:

[00] ***** Global Init *****
[00] Has crashed before : Yes
[00] Create mutex : RogueKiller
[00] Mutex Created : 0x12c
[00] Fill lists
[00] OS Language : Slovak
[00] Take Privileges
[00] Modify Token
[00] Set priority to HIGH
[00] Getting Operating System
[00] Os Getted : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
[00] ***** Global Init OK *****
[00] ***** GUI Init *****
[00] Get build number
[00] build number : RogueKiller (by Tigzy) -- v8.1.1
[00] ***** GUI Init OK *****
[00] ***** PreScan *****
[00] Clear ListViews
[00] Clear Objects : 0x0
[00] Enum Windows
[00] [Check Window] Eula - Please read
[00] [Check Window] Debug log sending
[00] [Check Window] Task Switching
[00] [Check Window] www.sur-la-toile.com
[00] [Check Window] Štart
[00] [Check Window] CiceroUIWndFrame
[00] [Check Window] PC
[00] [Check Window] Ponuka Štart
[00] [Check Window] Zavřít panel
[00] [Check Window] Click here to download AdwCleaner
[00] [Check Window] CiceroUIWndFrame
[00] [Check Window] ATKOSD
[00] [Check Window] Network Flyout
[00] [Check Window] Wireless Console 3
[00] [Check Window] ATKOSD2
[00] [Check Window] CiceroUIWndFrame
[00] [Check Window] TF_FloatingLangBar_WndTitle
[00] [Check Window] RogueKiller (by Tigzy) -- v8.1.1
[00] [Check Window] Správce stahování
[00] [Check Window] AdwCleaner[R3] - Poznámkový blok
[00] [Check Window] RogueKiller - Mozilla Firefox
[00] [Check Window] Msg
[00] [Check Window] 畄浭坹湩潤汷獥s᣷憸칪懢쇌懎馥懓칪懢ᇑ憸懖钰戄懖쇇懎懖懎ԗ懗ђ懗慭汩潴
[00] [Check Window] Malwarebytes Anti-Malware
[00] [Check Window] MCI command handling window
[00] [Check Window] CiceroUIWndFrame
[00] [Check Window] ASUS Live Update
[00] [Check Window] Hidden Window
[00] [Check Window] ETDCtrlHelper
[00] [Check Window] MS_WebcheckMonitor
[00] [Check Window] tray
[00] [Check Window] Windows Device Control
[00] [Check Window] KBFilter
[00] [Check Window] SystemResourceNotifyWindow
[00] [Check Window] MediaContextNotificationWindow
[00] [Check Window] nsAppShell:EventWindow
[00] [Check Window] Skype
[00] [Check Window] DeviceManager
[00] [Check Window] DDE Server Window
[00] [Check Window] C:\Users\PC\AppData\Roaming\Skype
[00] [Check Window] GDI+ Window
[00] [Check Window] CAvastTrayIcon
[00] [Check Window] HCONTROLUSER
[00] [Check Window] ATKMEDIA
[00] [Check Window] NHTray
[00] [Check Window] PersistWndName
[00] [Check Window] HkWndName
[00] [Check Window] igfxtrayWindow
[00] [Check Window] MAIN_WND-{8284F5C4-FF95-4f7d-AE6A-7D59BDADF7BF}
[00] [Check Window] Správca prenosu súborov
[00] [Check Window] BtvStack
[00] [Check Window] ETDCtrl
[00] [Check Window] Indikátor stavu batérie
[00] [Check Window] Realtek HD Audio Background Process for Vista
[00] [Check Window] GDI+ Window
[00] [Check Window] Zoznam odkazov
[00] [Check Window] GDI+ Window
[00] [Check Window] ASUS Instant On WMI Proc Invisible Window
[00] [Check Window] TaskEng - Task Scheduler Engine Process
[00] [Check Window] BatteryLife
[00] [Check Window] TaskEng - Task Scheduler Engine Process
[00] [Check Window] MCI command handling window
[00] [Check Window] Task Host Window
[00] [Check Window] BluetoothNotificationAreaIconWindowClass
[00] [Check Window] Realtek HD Audio CPL for Vista
[00] [Check Window] GDI+ Window
[00] [Check Window] GDI+ Window
[00] [Check Window] ASUS Screen Saver Protector Invisible Window
[00] [Check Window] GDI+ Window
[00] [Check Window] .NET-BroadcastEventWindow.2.0.0.0.2004eee.0
[00] [Check Window] DDE Server Window
[00] [Check Window] HControl
[00] [Check Window] DWM Notification Window
[00] [Check Window] ASUS SmartLogon Console Sensor MainFrm
[00] [Check Window] Media Center SSO
[00] [Check Window] HiddenFaxWindow
[00] [Check Window] Skype
[00] [Check Window] Program Manager
[00] [Check Window] Default IME
[00] [Check Window] MSCTFIME UI
[00] [Check Window] Default IME
[00] [Check Window] Default IME
[00] [Check Window] MSCTFIME UI
[00] [Check Window] Default IME
[00] [Check Window] MSCTFIME UI
[00] [Check Window] Default IME
[00] [Check Window] MSCTFIME UI
[00] [Check Window] Default IME
[00] [Check Window] MSCTFIME UI
[00] [Check Window] Default IME
[00] [Check Window] MSCTFIME UI
[00] [Check Window] Default IME
[00] [Check Window] MSCTFIME UI
[00] [Check Window] Default IME
[00] [Check Window] Default IME
[00] [Check Window] MSCTFIME UI
[00] [Check Window] Default IME
[00] [Check Window] Default IME
[00] [Check Window] MSCTFIME UI
[00] [Check Window] Default IME
[00] [Check Window] Default IME
[00] [Check Window] MSCTFIME UI
[00] [Check Window] Default IME
[00] [Check Window] Default IME
[00] [Check Window] Default IME
[00] [Check Window] MSCTFIME UI
[00] [Check Window] Default IME
[00] [Check Window] Default IME
[00] [Check Window] Default IME
[00] [Check Window] Default IME
[00] [Check Window] Default IME
[00] [Check Window] Default IME
[00] [Check Window] Default IME
[00] [Check Window] Default IME
[00] [Check Window] Default IME
[00] [Check Window] Default IME
[00] [Check Window] Default IME
[00] [Check Window] Default IME
[00] [Check Window] Default IME
[00] [Check Window] Default IME
[00] [Check Window] MSCTFIME UI
[00] [Check Window] Default IME
[00] [Check Window] Default IME
[00] [Check Window] Default IME
[00] [Check Window] Default IME
[00] [Check Window] Default IME
[00] [Check Window] Default IME
[00] [Check Window] Default IME
[00] [Check Window] Default IME
[00] [Check Window] Default IME
[00] [Check Window] Default IME
[00] [Check Window] Default IME
[00] [Check Window] Default IME
[00] [Check Window] Default IME
[00] [Check Window] Default IME
[00] [Check Window] Default IME
[00] [Check Window] Default IME
[00] [Check Window] Default IME
[00] [Check Window] Default IME
[00] [Check Window] Default IME
[00] [Check Window] Default IME
[00] [Check Window] Default IME
[00] [Check Window] Default IME
[00] [Check Window] Default IME
[00] [Check Window] Default IME
[00] [Check Window] Default IME
[00] [Check Window] Default IME
[00] [Check Window] Default IME
[00] [Check Window] Default IME
[00] [Check Window] Default IME
[00] [Check Window] Default IME
[00] [Check Window] Default IME
[00] [Check Window] Default IME
[00] [Check Window] Default IME
[00] [Check Window] Default IME
[00] [Check Window] Default IME
[00] [Check Window] MSCTFIME UI
[00] [Check Window] Default IME
[00] [Check Processes] Service PID : 672
[00] [Check Processes] [0][_0] [System Process] :
[00] [Check Processes] [4][_0] System :
[00] [Check Processes] [364][_4] smss.exe :
[00] [Check Processes] [520][_508] csrss.exe :
[00] [Check Processes] [624][_508] wininit.exe :
[00] [Check Processes] [648][_616] csrss.exe :
[00] [Check Processes] [672][_624] services.exe :
[00] [Check Processes] [696][_624] lsass.exe :
[00] [Check Processes] [704][_624] lsm.exe :
[00] [Check Processes] [780][_616] winlogon.exe :
[00] [Check Processes] [856][_672] svchost.exe :
[00] [Check Processes] [948][_672] svchost.exe :
[00] [Check Processes] [384][_672] svchost.exe :
[00] [Check Processes] [560][_672] svchost.exe :
[00] [Check Processes] [760][_672] svchost.exe :
[00] [Check Processes] [1036][_384] audiodg.exe :
[00] [Check Processes] [1108][_672] svchost.exe :
[00] [Check Processes] [1212][_672] svchost.exe :
[00] [Check Processes] [1304][_672] FBAgent.exe :
[00] [Check Processes] [1312][_560] wlanext.exe :
[00] [Check Processes] [1332][_520] conhost.exe :
[00] [Check Processes] [1344][_672] AsLdrSrv.exe : C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
[00] PE32
[00] Get sections OK ; Section table : 0x1e0 -- 0x1000
[00] Nb sections : 4
[00] Parsing section : [6] .text
[00] Parsing section at 0x1000
[00] Parsing section : [7] .rdata
[00] Parsing section at 0x8000
[00] Parsing section : [6] .data
[00] Parsing section at 0xa000
[00] Parsing section : [6] .rsrc
[00] Parsing section at 0xb000
[00] [Check Processes] [1396][_672] GFNEXSrv.exe : C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
[00] PE32
[00] Get sections OK ; Section table : 0x1e0 -- 0x1000
[00] Nb sections : 4
[00] Parsing section : [6] .text
[00] Parsing section at 0x1000
[00] Parsing section : [7] .rdata
[00] Parsing section at 0xb000
[00] Parsing section : [6] .data
[00] Parsing section at 0xe000
[00] Parsing section : [6] .rsrc
[00] Parsing section at 0xf000
[00] [Check Processes] [1468][_672] AvastSvc.exe : C:\Program Files\AVAST Software\Avast\AvastSvc.exe
[00] PE32
[00] Get sections OK ; Section table : 0x1f0 -- 0x400
[00] Nb sections : 5
[00] Parsing section : [6] .text
[00] Parsing section at 0x400
[00] Parsing section : [7] .rdata
[00] Parsing section at 0x5400
[00] Parsing section : [6] .data
[00] Parsing section at 0x7800
[00] Parsing section : [6] .rsrc
[00] Parsing section at 0x7a00
[00] Parsing section : [7] .reloc
[00] Parsing section at 0x8200
[00] [Check Processes] [1500][_1344] HControl.exe : C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
[00] PE32
[00] Get sections OK ; Section table : 0x1f0 -- 0x1000
[00] Nb sections : 4
[00] Parsing section : [6] .text
[00] Parsing section at 0x1000
[00] Parsing section : [7] .rdata
[00] Parsing section at 0x1f000
[00] Parsing section : [6] .data
[00] Parsing section at 0x26000
[00] Parsing section : [6] .rsrc
[00] Parsing section at 0x28000
[00] [Check Processes] [1552][_560] dwm.exe :
[00] [Check Processes] [1568][_1536] explorer.exe :
[00] [Check Processes] [1752][_672] spoolsv.exe :
[00] [Check Processes] [1760][_672] taskhost.exe :
[00] [Check Processes] [1820][_672] svchost.exe :
[00] [Check Processes] [2028][_672] ASDSrv.exe : C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDSrv.exe
[00] PE32
[00] Get sections OK ; Section table : 0x200 -- 0x400
[00] Nb sections : 6
[00] Parsing section : [6] .text
[00] Parsing section at 0x400
[00] Parsing section : [7] .rdata
[00] Parsing section at 0x81e00
[00] Parsing section : [6] .data
[00] Parsing section at 0x97e00
[00] Parsing section : [5] .tls
[00] Parsing section at 0x9ae00
[00] Parsing section : [6] .rsrc
[00] Parsing section at 0x9b000
[00] Parsing section : [7] .reloc
[00] Parsing section at 0x9b600
[00] [Check Processes] [1028][_760] taskeng.exe :
[00] [Check Processes] [1336][_1028] BatteryLife.exe :
[00] [Check Processes] [1516][_1028] sensorsrv.exe : C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
[00] PE32
[00] Get sections OK ; Section table : 0x208 -- 0x1000
[00] Nb sections : 4
[00] Parsing section : [6] .text
[00] Parsing section at 0x1000
[00] Parsing section : [7] .rdata
[00] Parsing section at 0x4c000
[00] Parsing section : [6] .data
[00] Parsing section at 0x64000
[00] Parsing section : [6] .rsrc
[00] Parsing section at 0x68000
[00] [Check Processes] [1580][_760] taskeng.exe :
[00] [Check Processes] [1872][_672] InsOnSrv.exe : C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
[00] PE32
[00] Get sections OK ; Section table : 0x1f8 -- 0x1000
[00] Nb sections : 4
[00] Parsing section : [6] .text
[00] Parsing section at 0x1000
[00] Parsing section : [7] .rdata
[00] Parsing section at 0x26000
[00] Parsing section : [6] .data
[00] Parsing section at 0x33000
[00] Parsing section : [6] .rsrc
[00] Parsing section at 0x36000
[00] [Check Processes] [2060][_672] Ath_CoexAgent.exe : C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
[00] PE32
[00] Get sections OK ; Section table : 0x1e8 -- 0x1000
[00] Nb sections : 4
[00] Parsing section : [6] .text
[00] Parsing section at 0x1000
[00] Parsing section : [7] .rdata
[00] Parsing section at 0x13000
[00] Parsing section : [6] .data
[00] Parsing section at 0x20000
[00] Parsing section : [6] .rsrc
[00] Parsing section at 0x22000
[00] [Check Processes] [2108][_1580] ATKOSD2.exe : C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
[00] PE32
[00] Get sections OK ; Section table : 0x1f8 -- 0x1000
[00] Nb sections : 4
[00] Parsing section : [6] .text
[00] Parsing section at 0x1000
[00] Parsing section : [7] .rdata
[00] Parsing section at 0x2f000
[00] Parsing section : [6] .data
[00] Parsing section at 0x3d000
[00] Parsing section : [6] .rsrc
[00] Parsing section at 0x3f000
[00] [Check Processes] [2132][_1872] InsOnWMI.exe : C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
[00] PE32
[00] Get sections OK ; Section table : 0x1e8 -- 0x1000
[00] Nb sections : 4
[00] Parsing section : [6] .text
[00] Parsing section at 0x1000
[00] Parsing section : [7] .rdata
[00] Parsing section at 0x28000
[00] Parsing section : [6] .data
[00] Parsing section at 0x36000
[00] Parsing section : [6] .rsrc
[00] Parsing section at 0x39000
[00] [Check Processes] [2140][_672] AdminService.exe :
[00] [Check Processes] [2284][_672] PwmSvc.exe :
[00] [Check Processes] [2344][_672] SeaPort.EXE : C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
[00] PE32
[00] Get sections OK ; Section table : 0x1d8 -- 0x400
[00] Nb sections : 4
[00] Parsing section : [6] .text
[00] Parsing section at 0x400
[00] Parsing section : [6] .data
[00] Parsing section at 0x2f600
[00] Parsing section : [6] .rsrc
[00] Parsing section at 0x30c00
[00] Parsing section : [7] .reloc
[00] Parsing section at 0x38800
[00] [Check Processes] [2508][_1568] ETDCtrl.exe :
[00] [Check Processes] [2660][_1568] AmIcoSinglun64.exe :
[00] [Check Processes] [2668][_1568] RAVBg64.exe :
[00] [Check Processes] [2676][_1568] BtvStack.exe :
[00] [Check Processes] [2976][_672] sftvsa.exe : C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
[00] PE32
[00] Get sections OK ; Section table : 0x1f8 -- 0x400
[00] Nb sections : 4
[00] Parsing section : [6] .text
[00] Parsing section at 0x400
[00] Parsing section : [6] .data
[00] Parsing section at 0x2bc00
[00] Parsing section : [6] .rsrc
[00] Parsing section at 0x2c800
[00] Parsing section : [7] .reloc
[00] Parsing section at 0x2d000
[00] [Check Processes] [3024][_672] svchost.exe :
[00] [Check Processes] [2236][_672] WLIDSVC.EXE :
[00] [Check Processes] [3056][_672] sftlist.exe : C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
[00] PE32
[00] Get sections OK ; Section table : 0x1f0 -- 0x400
[00] Nb sections : 4
[00] Parsing section : [6] .text
[00] Parsing section at 0x400
[00] Parsing section : [6] .data
[00] Parsing section at 0x68c00
[00] Parsing section : [6] .rsrc
[00] Parsing section at 0x6b400
[00] Parsing section : [7] .reloc
[00] Parsing section at 0x6bc00
[00] [Check Processes] [3204][_2236] WLIDSVCM.EXE :
[00] [Check Processes] [3304][_1568] AthBtTray.exe :
[00] [Check Processes] [3724][_1568] igfxtray.exe :
[00] [Check Processes] [3736][_1568] hkcmd.exe :
[00] [Check Processes] [3748][_1568] igfxpers.exe :
[00] [Check Processes] [3868][_1568] Skype.exe : C:\Program Files (x86)\Skype\Phone\Skype.exe
[00] [Check Processes] [4052][_3884] SonicFocusTray.exe : C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
[00] PE32
[00] Get sections OK ; Section table : 0x1f0 -- 0x1000
[00] Nb sections : 4
[00] Parsing section : [6] .text
[00] Parsing section at 0x1000
[00] Parsing section : [7] .rdata
[00] Parsing section at 0xd000
[00] Parsing section : [6] .data
[00] Parsing section at 0x10000
[00] Parsing section : [6] .rsrc
[00] Parsing section at 0x12000
[00] [Check Processes] [2496][_3884] visicom_antiphishing.exe : C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe
[00] PE32
[00] Get sections OK ; Section table : 0x1d8 -- 0x400
[00] Nb sections : 5
[00] Parsing section : [6] .text
[00] Parsing section at 0x400
[00] Parsing section : [7] .rdata
[00] Parsing section at 0x1fe00
[00] Parsing section : [6] .data
[00] Parsing section at 0x27600
[00] Parsing section : [6] .rsrc
[00] Parsing section at 0x28a00
[00] Parsing section : [7] .reloc
[00] Parsing section at 0x35000
[00] [Check Processes] _KILLING_ [2496] visicom_antiphishing.exe {SUSP PATH:}
[00] [KILL] [2496] visicom_antiphishing.exe -> ZASTAVENÉ [TermProc]
[00] [Check Processes] [1056][_3884] AvastUI.exe : C:\Program Files\AVAST Software\Avast\AvastUI.exe
[00] PE32
[00] Get sections OK ; Section table : 0x1f0 -- 0x400
[00] Nb sections : 5
[00] Parsing section : [6] .text
[00] Parsing section at 0x400
[00] Parsing section : [7] .rdata
[00] Parsing section at 0x2f1a00
[00] Parsing section : [6] .data
[00] Parsing section at 0x37e400
[00] Parsing section : [6] .rsrc
[00] Parsing section at 0x398e00
[00] Parsing section : [7] .reloc
[00] Parsing section at 0x3d2800
[00] [Check Processes] [1660][_3884] DMedia.exe : C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
[00] PE32
[00] Get sections OK ; Section table : 0x1e8 -- 0x1000
[00] Nb sections : 4
[00] Parsing section : [6] .text
[00] Parsing section at 0x1000
[00] Parsing section : [7] .rdata
[00] Parsing section at 0x9000
[00] Parsing section : [6] .data
[00] Parsing section at 0xb000
[00] Parsing section : [6] .rsrc
[00] Parsing section at 0xc000
[00] [Check Processes] [3876][_1028] LiveUpdate.exe : C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
[00] PE32
[00] Get sections OK ; Section table : 0x178 -- 0x200
[00] Nb sections : 3
[00] Parsing section : [6] .text
[00] Parsing section at 0x200
[00] Parsing section : [6] .rsrc
[00] Parsing section at 0x11fc00
[00] Parsing section : [7] .reloc
[00] Parsing section at 0x17a400
[00] [Check Processes] [3944][_3884] HControlUser.exe : C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
[00] PE32
[00] Get sections OK ; Section table : 0x1e0 -- 0x1000
[00] Nb sections : 4
[00] Parsing section : [6] .text
[00] Parsing section at 0x1000
[00] Parsing section : [7] .rdata
[00] Parsing section at 0x8000
[00] Parsing section : [6] .data
[00] Parsing section at 0xa000
[00] Parsing section : [6] .rsrc
[00] Parsing section at 0xb000
[00] [Check Processes] [2860][_3884] wcourier.exe : C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
[00] PE32
[00] Get sections OK ; Section table : 0x1f0 -- 0x400
[00] Nb sections : 5
[00] Parsing section : [6] .text
[00] Parsing section at 0x400
[00] Parsing section : [7] .rdata
[00] Parsing section at 0x126e00
[00] Parsing section : [6] .data
[00] Parsing section at 0x16a600
[00] Parsing section : [6] .rsrc
[00] Parsing section at 0x170000
[00] Parsing section : [7] .reloc
[00] Parsing section at 0x20a800
[00] [Check Processes] [3848][_3884] mbamgui.exe : C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
[00] PE32
[00] Get sections OK ; Section table : 0x1e8 -- 0x400
[00] Nb sections : 5
[00] Parsing section : [6] .text
[00] Parsing section at 0x400
[00] Parsing section : [7] .rdata
[00] Parsing section at 0x1a400
[00] Parsing section : [6] .data
[00] Parsing section at 0x1fc00
[00] Parsing section : [6] .rsrc
[00] Parsing section at 0x21000
[00] Parsing section : [7] .reloc
[00] Parsing section at 0x6ce00
[00] [Check Processes] [4004][_3884] ASDTray.exe : C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDTray.exe
[00] PE32
[00] Get sections OK ; Section table : 0x208 -- 0x400
[00] Nb sections : 5
[00] Parsing section : [6] .text
[00] Parsing section at 0x400
[00] Parsing section : [7] .rdata
[00] Parsing section at 0xc8c00
[00] Parsing section : [6] .data
[00] Parsing section at 0xe8c00
[00] Parsing section : [6] .rsrc
[00] Parsing section at 0xeca00
[00] Parsing section : [7] .reloc
[00] Parsing section at 0x11ca00
[00] [Check Processes] [4448][_1304] AsScrPro.exe : C:\Windows\AsScrPro.exe
[00] [Check Processes] [4456][_1568] firefox.exe : C:\Program Files (x86)\Mozilla Firefox\firefox.exe
[00] [Check Processes] [4492][_1304] CLMLSvc.exe : C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
[00] PE32
[00] Get sections OK ; Section table : 0x1f8 -- 0x1000
[00] Nb sections : 4
[00] Parsing section : [6] .text
[00] Parsing section at 0x1000
[00] Parsing section : [7] .rdata
[00] Parsing section at 0xf000
[00] Parsing section : [6] .data
[00] Parsing section at 0x15000
[00] Parsing section : [6] .rsrc
[00] Parsing section at 0x16000
[00] [Check Processes] [4568][_1304] RAVCpl64.exe :
[00] [Check Processes] [3252][_856] WmiPrvSE.exe :
[00] [Check Processes] [3260][_672] CVHSVC.EXE : C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
[00] PE32
[00] Get sections OK ; Section table : 0x1f8 -- 0x400
[00] Nb sections : 4
[00] Parsing section : [6] .text
[00] Parsing section at 0x400
[00] Parsing section : [6] .data
[00] Parsing section at 0x45400
[00] Parsing section : [6] .rsrc
[00] Parsing section at 0x76e00
[00] Parsing section : [7] .reloc
[00] Parsing section at 0xc4200
[00] [Check Processes] [3044][_1500] ATKOSD.exe : C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
[00] PE32
[00] Get sections OK ; Section table : 0x1e8 -- 0x1000
[00] Nb sections : 4
[00] Parsing section : [6] .text
[00] Parsing section at 0x1000
[00] Parsing section : [7] .rdata
[00] Parsing section at 0x9000
[00] Parsing section : [6] .data
[00] Parsing section at 0xb000
[00] Parsing section : [6] .rsrc
[00] Parsing section at 0xc000
[00] [Check Processes] [112][_1500] KBFiltr.exe : C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
[00] PE32
[00] Get sections OK ; Section table : 0x1e0 -- 0x1000
[00] Nb sections : 4
[00] Parsing section : [6] .text
[00] Parsing section at 0x1000
[00] Parsing section : [7] .rdata
[00] Parsing section at 0x9000
[00] Parsing section : [6] .data
[00] Parsing section at 0xc000
[00] Parsing section : [6] .rsrc
[00] Parsing section at 0xd000
[00] [Check Processes] [4072][_1500] WDC.exe : C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
[00] PE32
[00] Get sections OK ; Section table : 0x200 -- 0x1000
[00] Nb sections : 4
[00] Parsing section : [6] .text
[00] Parsing section at 0x1000
[00] Parsing section : [7] .rdata
[00] Parsing section at 0x10000
[00] Parsing section : [6] .data
[00] Parsing section at 0x14000
[00] Parsing section : [6] .rsrc
[00] Parsing section at 0x16000
[00] [Check Processes] [3352][_672] svchost.exe :
[00] [Check Processes] [4200][_672] PresentationFontCache.exe :
[00] [Check Processes] [4844][_672] SearchIndexer.exe :
[00] [Check Processes] [2332][_672] TiMiniService.exe :
[00] [Check Processes] [1620][_672] svchost.exe :
[00] [Check Processes] [4468][_2332] TiResumeSrv.exe :
[00] [Check Processes] [1236][_672] svchost.exe :
[00] [Check Processes] [2492][_520] conhost.exe :
[00] [Check Processes] [5040][_2508] ETDCtrlHelper.exe :
[00] [Check Processes] [5820][_4456] plugin-container.exe : C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
[00] [Check Processes] [5876][_5820] FlashPlayerPlugin_11_4_402_287.exe : C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
[00] PE32
[00] Get sections OK ; Section table : 0x1f0 -- 0x400
[00] Nb sections : 5
[00] Parsing section : [6] .text
[00] Parsing section at 0x400
[00] Parsing section : [7] .rdata
[00] Parsing section at 0xc3000
[00] Parsing section : [6] .data
[00] Parsing section at 0x157600
[00] Parsing section : [6] .rsrc
[00] Parsing section at 0x15fc00
[00] Parsing section : [7] .reloc
[00] Parsing section at 0x1a8e00
[00] [Check Processes] [5896][_5876] FlashPlayerPlugin_11_4_402_287.exe : C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
[00] PE32
[00] Get sections OK ; Section table : 0x1f0 -- 0x400
[00] Nb sections : 5
[00] Parsing section : [6] .text
[00] Parsing section at 0x400
[00] Parsing section : [7] .rdata
[00] Parsing section at 0xc3000
[00] Parsing section : [6] .data
[00] Parsing section at 0x157600
[00] Parsing section : [6] .rsrc
[00] Parsing section at 0x15fc00
[00] Parsing section : [7] .reloc
[00] Parsing section at 0x1a8e00
[00] [Check Processes] [3200][_672] LMS.exe : C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
[00] PE32
[00] Get sections OK ; Section table : 0x1e0 -- 0x400
[00] Nb sections : 4
[00] Parsing section : [6] .text
[00] Parsing section at 0x400
[00] Parsing section : [7] .rdata
[00] Parsing section at 0x42a00
[00] Parsing section : [6] .data
[00] Parsing section at 0x4c000
[00] Parsing section : [6] .rsrc
[00] Parsing section at 0x4d600
[00] [Check Processes] [1456][_672] mbamservice.exe : C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
[00] PE32
[00] Get sections OK ; Section table : 0x1f0 -- 0x400
[00] Nb sections : 5
[00] Parsing section : [6] .text
[00] Parsing section at 0x400
[00] Parsing section : [7] .rdata
[00] Parsing section at 0x77c00
[00] Parsing section : [6] .data
[00] Parsing section at 0x92200
[00] Parsing section : [6] .rsrc
[00] Parsing section at 0x95a00
[00] Parsing section : [7] .reloc
[00] Parsing section at 0x96000
[00] [Check Processes] [3376][_672] UNS.exe : C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
[00] PE32
[00] Get sections OK ; Section table : 0x228 -- 0x400
[00] Nb sections : 4
[00] Parsing section : [6] .text
[00] Parsing section at 0x400
[00] Parsing section : [7] .rdata
[00] Parsing section at 0x1f7400
[00] Parsing section : [6] .data
[00] Parsing section at 0x263200
[00] Parsing section : [6] .rsrc
[00] Parsing section at 0x280400
[00] [Check Processes] [6036][_672] TrustedInstaller.exe :
[00] [Check Processes] [1320][_760] wuauclt.exe :
[00] [Check Processes] [972][_4844] SearchProtocolHost.exe :
[00] [Check Processes] [2052][_4844] SearchFilterHost.exe :
[00] [Check Processes] [1652][_3720] notepad.exe :
[00] [Check Processes] [3688][_856] igfxsrvc.exe :
[00] [Check Processes] [6044][_856] dllhost.exe :
[00] [Check Processes] [3168][_856] dllhost.exe :
[00] [Check Processes] [3268][_856] dllhost.exe :
[00] [Check Services] [1/459] 1394ohci
[00] [Check Services] C:\Windows\system32\drivers\1394ohci.sys
[00] [Check Services] [2/459] ACPI
[00] [Check Services] C:\Windows\system32\drivers\ACPI.sys
[00] [Check Services] [3/459] AcpiPmi
[00] [Check Services] C:\Windows\system32\drivers\acpipmi.sys
[00] [Check Services] [4/459] AdobeFlashPlayerUpdateSvc
[00] [Check Services] C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
[00] [Check Services] [5/459] adp94xx
[00] [Check Services] C:\Windows\system32\drivers\adp94xx.sys
[00] [Check Services] [6/459] adpahci
[00] [Check Services] C:\Windows\system32\drivers\adpahci.sys
[00] [Check Services] [7/459] adpu320
[00] [Check Services] C:\Windows\system32\drivers\adpu320.sys
[00] [Check Services] [8/459] AeLookupSvc
[00] [Check Services] C:\Windows\system32\svchost.exe -k netsvcs
[00] [Check Services] [9/459] AFBAgent
[00] [Check Services] "C:\Windows\system32\FBAgent.exe"
[00] [Check Services] [10/459] AFD
[00] [Check Services] C:\Windows\system32\drivers\afd.sys
[00] [Check Services] [11/459] agp440
[00] [Check Services] C:\Windows\system32\drivers\agp440.sys
[00] [Check Services] [12/459] ALG
[00] [Check Services] C:\Windows\System32\alg.exe
[00] [Check Services] [13/459] aliide
[00] [Check Services] C:\Windows\system32\drivers\aliide.sys
[00] [Check Services] [14/459] amdide
[00] [Check Services] C:\Windows\system32\drivers\amdide.sys
[00] [Check Services] [15/459] AmdK8
[00] [Check Services] C:\Windows\system32\drivers\amdk8.sys
[00] [Check Services] [16/459] AmdPPM
[00] [Check Services] C:\Windows\system32\drivers\amdppm.sys
[00] [Check Services] [17/459] amdsata
[00] [Check Services] C:\Windows\system32\drivers\amdsata.sys
[00] [Check Services] [18/459] amdsbs
[00] [Check Services] C:\Windows\system32\drivers\amdsbs.sys
[00] [Check Services] [19/459] amdxata
[00] [Check Services] C:\Windows\system32\drivers\amdxata.sys
[00] [Check Services] [20/459] Amsp
[00] [Check Services] "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000
[00] [Check Services] [21/459] AmUStor
[00] [Check Services] C:\Windows\system32\drivers\AmUStor.SYS
[00] [Check Services] [22/459] AppID
[00] [Check Services] C:\Windows\system32\drivers\appid.sys
[00] [Check Services] [23/459] AppIDSvc
[00] [Check Services] C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
[00] [Check Services] [24/459] Appinfo
[00] [Check Services] C:\Windows\system32\svchost.exe -k netsvcs
[00] [Check Services] [25/459] arc
[00] [Check Services] C:\Windows\system32\drivers\arc.sys
[00] [Check Services] [26/459] arcsas
[00] [Check Services] C:\Windows\system32\drivers\arcsas.sys
[00] [Check Services] [27/459] asdrm
[00] [Check Services] C:\Windows\system32\DRIVERS\asdrm.sys
[00] [Check Services] [28/459] asdrs
[00] [Check Services] C:\Windows\system32\DRIVERS\asdrs.sys
[00] [Check Services] [29/459] asdsrv
[00] [Check Services] C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDSrv.exe
[00] [Check Services] [30/459] asdws
[00] [Check Services] C:\Windows\system32\DRIVERS\asdws.sys
[00] [Check Services] [31/459] ASLDRService
[00] [Check Services] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
[00] [Check Services] [32/459] ASMMAP64
[00] [Check Services] C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
[00] [Check Services] [33/459] asmthub3
[00] [Check Services] C:\Windows\system32\DRIVERS\asmthub3.sys
[00] [Check Services] [34/459] asmtxhci
[00] [Check Services] C:\Windows\system32\DRIVERS\asmtxhci.sys
[00] [Check Services] [35/459] ASUS InstantOn
[00] [Check Services] C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
[00] [Check Services] [36/459] aswFsBlk
[00] [Check Services] Path not found
[00] [Check Services] [37/459] aswKbd
[00] [Check Services] Path not found
[00] [Check Services] [38/459] aswMonFlt
[00] [Check Services] C:\Windows\system32\drivers\aswMonFlt.sys
[00] [Check Services] [39/459] aswRdr
[00] [Check Services] C:\Windows\System32\Drivers\aswrdr2.sys
[00] [Check Services] [40/459] aswSnx
[00] [Check Services] Path not found
[00] [Check Services] [41/459] aswSP
[00] [Check Services] Path not found
[00] [Check Services] [42/459] aswTdi
[00] [Check Services] Path not found
[00] [Check Services] [43/459] AsyncMac
[00] [Check Services] C:\Windows\system32\DRIVERS\asyncmac.sys
[00] [Check Services] [44/459] atapi
[00] [Check Services] C:\Windows\system32\drivers\atapi.sys
[00] [Check Services] [45/459] AthBTPort
[00] [Check Services] C:\Windows\system32\DRIVERS\btath_flt.sys
[00] [Check Services] [46/459] Atheros Bt&Wlan Coex Agent
[00] [Check Services] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
[00] [Check Services] [47/459] AtherosSvc
[00] [Check Services] C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
[00] [Check Services] [48/459] athr
[00] [Check Services] C:\Windows\system32\DRIVERS\athrx.sys
[00] [Check Services] [49/459] ATKGFNEXSrv
[00] [Check Services] C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
[00] [Check Services] [50/459] ATKWMIACPIIO_
[00] [Check Services] C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
[00] [Check Services] [51/459] AudioEndpointBuilder
[00] [Check Services] C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
[00] [Check Services] [52/459] AudioSrv
[00] [Check Services] C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
[00] [Check Services] [53/459] avast! Antivirus
[00] [Check Services] "C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
[00] [Check Services] [54/459] AxInstSV
[00] [Check Services] C:\Windows\system32\svchost.exe -k AxInstSVGroup
[00] [Check Services] [55/459] b06bdrv
[00] [Check Services] C:\Windows\system32\drivers\bxvbda.sys
[00] [Check Services] [56/459] b57nd60a
[00] [Check Services] C:\Windows\system32\DRIVERS\b57nd60a.sys
[00] [Check Services] [57/459] BBSvc
[00] [Check Services] "C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE"
[00] [Check Services] [58/459] BDESVC
[00] [Check Services] C:\Windows\System32\svchost.exe -k netsvcs
[00] [Check Services] [59/459] Beep
[00] [Check Services] Path not found
[00] [Check Services] [60/459] BFE
[00] [Check Services] C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
[00] [Check Services] [61/459] BITS
[00] [Check Services] C:\Windows\System32\svchost.exe -k netsvcs
[00] [Check Services] [62/459] blbdrive
[00] [Check Services] C:\Windows\system32\DRIVERS\blbdrive.sys
[00] [Check Services] [63/459] bowser
[00] [Check Services] C:\Windows\system32\DRIVERS\bowser.sys
[00] [Check Services] [64/459] BrFiltLo
[00] [Check Services] C:\Windows\system32\drivers\BrFiltLo.sys
[00] [Check Services] [65/459] BrFiltUp
[00] [Check Services] C:\Windows\system32\drivers\BrFiltUp.sys
[00] [Check Services] [66/459] BridgeMP
[00] [Check Services] C:\Windows\system32\DRIVERS\bridge.sys
[00] [Check Services] [67/459] Browser
[00] [Check Services] C:\Windows\system32\svchost.exe -k netsvcs
[00] [Check Services] [68/459] Brserid
[00] [Check Services] C:\Windows\System32\Drivers\Brserid.sys
[00] [Check Services] [69/459] BrSerWdm
[00] [Check Services] C:\Windows\System32\Drivers\BrSerWdm.sys
[00] [Check Services] [70/459] BrUsbMdm
[00] [Check Services] C:\Windows\System32\Drivers\BrUsbMdm.sys
[00] [Check Services] [71/459] BrUsbSer
[00] [Check Services] C:\Windows\System32\Drivers\BrUsbSer.sys
[00] [Check Services] [72/459] BTATH_A2DP
[00] [Check Services] C:\Windows\system32\drivers\btath_a2dp.sys
[00] [Check Services] [73/459] btath_avdt
[00] [Check Services] C:\Windows\system32\drivers\btath_avdt.sys
[00] [Check Services] [74/459] BTATH_BUS
[00] [Check Services] C:\Windows\system32\DRIVERS\btath_bus.sys
[00] [Check Services] [75/459] BTATH_HCRP
[00] [Check Services] C:\Windows\system32\DRIVERS\btath_hcrp.sys
[00] [Check Services] [76/459] BTATH_LWFLT
[00] [Check Services] C:\Windows\system32\DRIVERS\btath_lwflt.sys
[00] [Check Services] [77/459] BTATH_RCP
[00] [Check Services] C:\Windows\system32\DRIVERS\btath_rcp.sys
[00] [Check Services] [78/459] BtFilter
[00] [Check Services] C:\Windows\system32\DRIVERS\btfilter.sys
[00] [Check Services] [79/459] BthEnum
[00] [Check Services] C:\Windows\system32\drivers\BthEnum.sys
[00] [Check Services] [80/459] BTHMODEM
[00] [Check Services] C:\Windows\system32\DRIVERS\bthmodem.sys
[00] [Check Services] [81/459] BthPan
[00] [Check Services] C:\Windows\system32\DRIVERS\bthpan.sys
[00] [Check Services] [82/459] BTHPORT
[00] [Check Services] C:\Windows\System32\Drivers\BTHport.sys
[00] [Check Services] [83/459] bthserv
[00] [Check Services] C:\Windows\system32\svchost.exe -k bthsvcs
[00] [Check Services] [84/459] BTHUSB
[00] [Check Services] C:\Windows\System32\Drivers\BTHUSB.sys
[00] [Check Services] [85/459] cdfs
[00] [Check Services] C:\Windows\system32\DRIVERS\cdfs.sys
[00] [Check Services] [86/459] cdrom
[00] [Check Services] C:\Windows\system32\DRIVERS\cdrom.sys
[00] [Check Services] [87/459] CertPropSvc
[00] [Check Services] C:\Windows\system32\svchost.exe -k netsvcs
[00] [Check Services] [88/459] circlass
[00] [Check Services] C:\Windows\system32\drivers\circlass.sys
[00] [Check Services] [89/459] CLFS
[00] [Check Services] C:\Windows\System32\CLFS.sys
[00] [Check Services] [90/459] clr_optimization_v2.0.50727_32
[00] [Check Services] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
[00] [Check Services] [91/459] clr_optimization_v2.0.50727_64
[00] [Check Services] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
[00] [Check Services] [92/459] clr_optimization_v4.0.30319_32
[00] [Check Services] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
[00] [Check Services] [93/459] clr_optimization_v4.0.30319_64
[00] [Check Services] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
[00] [Check Services] [94/459] CmBatt
[00] [Check Services] C:\Windows\system32\DRIVERS\CmBatt.sys
[00] [Check Services] [95/459] cmdide
[00] [Check Services] C:\Windows\system32\drivers\cmdide.sys
[00] [Check Services] [96/459] CNG
[00] [Check Services] C:\Windows\System32\Drivers\cng.sys
[00] [Check Services] [97/459] Compbatt
[00] [Check Services] C:\Windows\system32\drivers\compbatt.sys
[00] [Check Services] [98/459] CompositeBus
[00] [Check Services] C:\Windows\system32\DRIVERS\CompositeBus.sys
[00] [Check Services] [99/459] COMSysApp
[00] [Check Services] C:\Windows\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
[00] [Check Services] [100/459] crcdisk
[00] [Check Services] C:\Windows\system32\drivers\crcdisk.sys
[00] [Check Services] [101/459] CryptSvc
[00] [Check Services] C:\Windows\system32\svchost.exe -k NetworkService
[00] [Check Services] [102/459] cvhsvc
[00] [Check Services] "C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
[00] [Check Services] [103/459] DcomLaunch
[00] [Check Services] C:\Windows\system32\svchost.exe -k DcomLaunch
[00] [Check Services] [104/459] defragsvc
[00] [Check Services] C:\Windows\system32\svchost.exe -k defragsvc
[00] [Check Services] [105/459] DfsC
[00] [Check Services] C:\Windows\System32\Drivers\dfsc.sys
[00] [Check Services] [106/459] Dhcp
[00] [Check Services] C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted
[00] [Check Services] [107/459] discache
[00] [Check Services] C:\Windows\System32\drivers\discache.sys
[00] [Check Services] [108/459] Disk
[00] [Check Services] C:\Windows\system32\drivers\disk.sys
[00] [Check Services] [109/459] Dnscache
[00] [Check Services] C:\Windows\system32\svchost.exe -k NetworkService
[00] [Check Services] [110/459] dot3svc
[00] [Check Services] C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
[00] [Check Services] [111/459] DPS
[00] [Check Services] C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
[00] [Check Services] [112/459] drmkaud
[00] [Check Services] C:\Windows\system32\drivers\drmkaud.sys
[00] [Check Services] [113/459] DXGKrnl
[00] [Check Services] C:\Windows\System32\drivers\dxgkrnl.sys
[00] [Check Services] [114/459] EapHost
[00] [Check Services] C:\Windows\System32\svchost.exe -k netsvcs
[00] [Check Services] [115/459] ebdrv
[00] [Check Services] C:\Windows\system32\drivers\evbda.sys
[00] [Check Services] [116/459] EFS
[00] [Check Services] C:\Windows\System32\lsass.exe
[00] [Check Services] [117/459] ehRecvr
[00] [Check Services] C:\Windows\ehome\ehrecvr.exe
[00] [Check Services] [118/459] ehSched
[00] [Check Services] C:\Windows\ehome\ehsched.exe
[00] [Check Services] [119/459] elxstor
[00] [Check Services] C:\Windows\system32\drivers\elxstor.sys
[00] [Check Services] [120/459] ErrDev
[00] [Check Services] C:\Windows\system32\drivers\errdev.sys
[00] [Check Services] [121/459] ETD
[00] [Check Services] C:\Windows\system32\DRIVERS\ETD.sys
[00] [Check Services] [122/459] eventlog
[00] [Check Services] C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
[00] [Check Services] [123/459] EventSystem
[00] [Check Services] C:\Windows\system32\svchost.exe -k LocalService
[00] [Check Services] [124/459] exfat
[00] [Check Services] Path not found
[00] [Check Services] [125/459] fastfat
[00] [Check Services] Path not found
[00] [Check Services] [126/459] Fax
[00] [Check Services] C:\Windows\system32\fxssvc.exe
[00] [Check Services] [127/459] fdc
[00] [Check Services] C:\Windows\system32\drivers\fdc.sys
[00] [Check Services] [128/459] fdPHost
[00] [Check Services] C:\Windows\system32\svchost.exe -k LocalService
[00] [Check Services] [129/459] FDResPub
[00] [Check Services] C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
[00] [Check Services] [130/459] FileInfo
[00] [Check Services] C:\Windows\system32\drivers\fileinfo.sys
[00] [Check Services] [131/459] Filetrace
[00] [Check Services] C:\Windows\system32\drivers\filetrace.sys
[00] [Check Services] [132/459] flpydisk
[00] [Check Services] C:\Windows\system32\drivers\flpydisk.sys
[00] [Check Services] [133/459] FltMgr
[00] [Check Services] C:\Windows\system32\drivers\fltmgr.sys
[00] [Check Services] [134/459] FontCache
[00] [Check Services] C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
[00] [Check Services] [135/459] FontCache3.0.0.0
[00] [Check Services] C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
[00] [Check Services] [136/459] FsDepends
[00] [Check Services] C:\Windows\System32\drivers\FsDepends.sys
[00] [Check Services] [137/459] fssfltr
[00] [Check Services] C:\Windows\system32\DRIVERS\fssfltr.sys
[00] [Check Services] [138/459] fsssvc
[00] [Check Services] "C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe"
[00] [Check Services] [139/459] fvevol
[00] [Check Services] C:\Windows\System32\DRIVERS\fvevol.sys
[00] [Check Services] [140/459] gagp30kx
[00] [Check Services] C:\Windows\system32\drivers\gagp30kx.sys
[00] [Check Services] [141/459] gpsvc
[00] [Check Services] C:\Windows\system32\svchost.exe -k netsvcs
[00] [Check Services] [142/459] gupdate
[00] [Check Services] "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc
[00] [Check Services] [143/459] gupdatem
[00] [Check Services] "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc
[00] [Check Services] [144/459] hcw85cir
[00] [Check Services] C:\Windows\system32\drivers\hcw85cir.sys
[00] [Check Services] [145/459] HdAudAddService
[00] [Check Services] C:\Windows\system32\drivers\HdAudio.sys
[00] [Check Services] [146/459] HDAudBus
[00] [Check Services] C:\Windows\system32\DRIVERS\HDAudBus.sys
[00] [Check Services] [147/459] HidBatt
[00] [Check Services] C:\Windows\system32\drivers\HidBatt.sys
[00] [Check Services] [148/459] HidBth
[00] [Check Services] C:\Windows\system32\drivers\hidbth.sys
[00] [Check Services] [149/459] HidIr
[00] [Check Services] C:\Windows\system32\drivers\hidir.sys
[00] [Check Services] [150/459] hidserv
[00] [Check Services] C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
[00] [Check Services] [151/459] HidUsb
[00] [Check Services] C:\Windows\system32\DRIVERS\hidusb.sys
[00] [Check Services] [152/459] hkmsvc
[00] [Check Services] C:\Windows\System32\svchost.exe -k netsvcs
[00] [Check Services] [153/459] HomeGroupListener
[00] [Check Services] C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
[00] [Check Services] [154/459] HomeGroupProvider
[00] [Check Services] C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
[00] [Check Services] [155/459] HpSAMD
[00] [Check Services] C:\Windows\system32\drivers\HpSAMD.sys
[00] [Check Services] [156/459] HTTP
[00] [Check Services] C:\Windows\system32\drivers\HTTP.sys
[00] [Check Services] [157/459] hwpolicy
[00] [Check Services] C:\Windows\System32\drivers\hwpolicy.sys
[00] [Check Services] [158/459] i8042prt
[00] [Check Services] C:\Windows\system32\DRIVERS\i8042prt.sys
[00] [Check Services] [159/459] iaStor
[00] [Check Services] C:\Windows\system32\DRIVERS\iaStor.sys
[00] [Check Services] [160/459] iaStorV
[00] [Check Services] C:\Windows\system32\drivers\iaStorV.sys
[00] [Check Services] [161/459] idsvc
[00] [Check Services] "C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe"
[00] [Check Services] [162/459] igfx
[00] [Check Services] C:\Windows\system32\DRIVERS\igdkmd64.sys
[00] [Check Services] [163/459] iirsp
[00] [Check Services] C:\Windows\system32\drivers\iirsp.sys
[00] [Check Services] [164/459] IKEEXT
[00] [Check Services] C:\Windows\system32\svchost.exe -k netsvcs
[00] [Check Services] [165/459] IntcAzAudAddService
[00] [Check Services] C:\Windows\system32\drivers\RTKVHD64.sys
[00] [Check Services] [166/459] IntcDAud
[00] [Check Services] C:\Windows\system32\DRIVERS\IntcDAud.sys
[00] [Check Services] [167/459] intelide
[00] [Check Services] C:\Windows\system32\drivers\intelide.sys
[00] [Check Services] [168/459] intelppm
[00] [Check Services] C:\Windows\system32\DRIVERS\intelppm.sys
[00] [Check Services] [169/459] IPBusEnum
[00] [Check Services] C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
[00] [Check Services] [170/459] IpFilterDriver
[00] [Check Services] C:\Windows\system32\DRIVERS\ipfltdrv.sys
[00] [Check Services] [171/459] iphlpsvc
[00] [Check Services] C:\Windows\System32\svchost.exe -k NetSvcs
[00] [Check Services] [172/459] IPMIDRV
[00] [Check Services] C:\Windows\system32\drivers\IPMIDrv.sys
[00] [Check Services] [173/459] IPNAT
[00] [Check Services] C:\Windows\System32\drivers\ipnat.sys
[00] [Check Services] [174/459] IRENUM
[00] [Check Services] C:\Windows\system32\drivers\irenum.sys
[00] [Check Services] [175/459] isapnp
[00] [Check Services] C:\Windows\system32\drivers\isapnp.sys
[00] [Check Services] [176/459] iScsiPrt
[00] [Check Services] C:\Windows\system32\drivers\msiscsi.sys
[00] [Check Services] [177/459] kbdclass
[00] [Check Services] C:\Windows\system32\DRIVERS\kbdclass.sys
[00] [Check Services] [178/459] kbdhid
[00] [Check Services] C:\Windows\system32\drivers\kbdhid.sys
[00] [Check Services] [179/459] kbfilter
[00] [Check Services] C:\Windows\system32\DRIVERS\kbfilter.sys
[00] [Check Services] [180/459] kbfiltr
[00] [Check Services] C:\Windows\system32\DRIVERS\kbfiltr.sys
[00] [Check Services] [181/459] KeyIso
[00] [Check Services] C:\Windows\system32\lsass.exe
[00] [Check Services] [182/459] KSecDD
[00] [Check Services] C:\Windows\System32\Drivers\ksecdd.sys
[00] [Check Services] [183/459] KSecPkg
[00] [Check Services] C:\Windows\System32\Drivers\ksecpkg.sys
[00] [Check Services] [184/459] ksthunk
[00] [Check Services] C:\Windows\system32\drivers\ksthunk.sys
[00] [Check Services] [185/459] KtmRm
[00] [Check Services] C:\Windows\System32\svchost.exe -k NetworkServiceAndNoImpersonation
[00] [Check Services] [186/459] L1C
[00] [Check Services] C:\Windows\system32\DRIVERS\L1C62x64.sys
[00] [Check Services] [187/459] LanmanServer
[00] [Check Services] C:\Windows\system32\svchost.exe -k netsvcs
[00] [Check Services] [188/459] LanmanWorkstation
[00] [Check Services] C:\Windows\System32\svchost.exe -k NetworkService
[00] [Check Services] [189/459] lltdio
[00] [Check Services] C:\Windows\system32\DRIVERS\lltdio.sys
[00] [Check Services] [190/459] lltdsvc
[00] [Check Services] C:\Windows\System32\svchost.exe -k LocalService
[00] [Check Services] [191/459] lmhosts
[00] [Check Services] C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted
[00] [Check Services] [192/459] LMS
[00] [Check Services] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
[00] [Check Services] [193/459] LSI_FC
[00] [Check Services] C:\Windows\system32\drivers\lsi_fc.sys
[00] [Check Services] [194/459] LSI_SAS
[00] [Check Services] C:\Windows\system32\drivers\lsi_sas.sys
[00] [Check Services] [195/459] LSI_SAS2
[00] [Check Services] C:\Windows\system32\drivers\lsi_sas2.sys
[00] [Check Services] [196/459] LSI_SCSI
[00] [Check Services] C:\Windows\system32\drivers\lsi_scsi.sys
[00] [Check Services] [197/459] luafv
[00] [Check Services] C:\Windows\system32\drivers\luafv.sys
[00] [Check Services] [198/459] MBAMProtector
[00] [Check Services] C:\Windows\system32\drivers\mbam.sys
[00] [Check Services] [199/459] MBAMService
[00] [Check Services] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
[00] [Check Services] [200/459] Mcx2Svc
[00] [Check Services] C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
[00] [Check Services] [201/459] megasas
[00] [Check Services] C:\Windows\system32\drivers\megasas.sys
[00] [Check Services] [202/459] MegaSR
[00] [Check Services] C:\Windows\system32\drivers\MegaSR.sys
[00] [Check Services] [203/459] MEIx64
[00] [Check Services] C:\Windows\system32\DRIVERS\HECIx64.sys
[00] [Check Services] [204/459] MMCSS
[00] [Check Services] C:\Windows\system32\svchost.exe -k netsvcs
[00] [Check Services] [205/459] Modem
[00] [Check Services] C:\Windows\system32\drivers\modem.sys
[00] [Check Services] [206/459] monitor
[00] [Check Services] C:\Windows\system32\DRIVERS\monitor.sys
[00] [Check Services] [207/459] mouclass
[00] [Check Services] C:\Windows\system32\DRIVERS\mouclass.sys
[00] [Check Services] [208/459] mouhid
[00] [Check Services] C:\Windows\system32\DRIVERS\mouhid.sys
[00] [Check Services] [209/459] mountmgr
[00] [Check Services] C:\Windows\System32\drivers\mountmgr.sys
[00] [Check Services] [210/459] MozillaMaintenance
[00] [Check Services] "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe"
[00] [Check Services] [211/459] mpio
[00] [Check Services] C:\Windows\system32\drivers\mpio.sys
[00] [Check Services] [212/459] mpsdrv
[00] [Check Services] C:\Windows\System32\drivers\mpsdrv.sys
[00] [Check Services] [213/459] MpsSvc
[00] [Check Services] C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
[00] [Check Services] [214/459] MRxDAV
[00] [Check Services] C:\Windows\system32\drivers\mrxdav.sys
[00] [Check Services] [215/459] mrxsmb
[00] [Check Services] C:\Windows\system32\DRIVERS\mrxsmb.sys
[00] [Check Services] [216/459] mrxsmb10
[00] [Check Services] C:\Windows\system32\DRIVERS\mrxsmb10.sys
[00] [Check Services] [217/459] mrxsmb20
[00] [Check Services] C:\Windows\system32\DRIVERS\mrxsmb20.sys
[00] [Check Services] [218/459] msahci
[00] [Check Services] C:\Windows\system32\drivers\msahci.sys
[00] [Check Services] [219/459] msdsm
[00] [Check Services] C:\Windows\system32\drivers\msdsm.sys
[00] [Check Services] [220/459] MSDTC
[00] [Check Services] C:\Windows\System32\msdtc.exe
[00] [Check Services] [221/459] Msfs
[00] [Check Services] Path not found
[00] [Check Services] [222/459] mshidkmdf
[00] [Check Services] C:\Windows\System32\drivers\mshidkmdf.sys
[00] [Check Services] [223/459] msisadrv
[00] [Check Services] C:\Windows\system32\drivers\msisadrv.sys
[00] [Check Services] [224/459] MSiSCSI
[00] [Check Services] C:\Windows\system32\svchost.exe -k netsvcs
[00] [Check Services] [225/459] msiserver
[00] [Check Services] C:\Windows\system32\msiexec.exe /V
[00] [Check Services] [226/459] MSKSSRV
[00] [Check Services] C:\Windows\system32\drivers\MSKSSRV.sys
[00] [Check Services] [227/459] MSPCLOCK
[00] [Check Services] C:\Windows\system32\drivers\MSPCLOCK.sys
[00] [Check

// pridané po 2 minútach od posledného príspevku

[00] [Check Services] [228/459] MSPQM
[00] [Check Services] C:\Windows\system32\drivers\MSPQM.sys
[00] [Check Services] [229/459] MsRPC
[00] [Check Services] Path not found
[00] [Check Services] [230/459] mssmbios
[00] [Check Services] C:\Windows\system32\DRIVERS\mssmbios.sys
[00] [Check Services] [231/459] MSTEE
[00] [Check Services] C:\Windows\system32\drivers\MSTEE.sys
[00] [Check Services] [232/459] MTConfig
[00] [Check Services] C:\Windows\system32\drivers\MTConfig.sys
[00] [Check Services] [233/459] Mup
[00] [Check Services] C:\Windows\System32\Drivers\mup.sys
[00] [Check Services] [234/459] napagent
[00] [Check Services] C:\Windows\System32\svchost.exe -k NetworkService
[00] [Check Services] [235/459] NativeWifiP
[00] [Check Services] C:\Windows\system32\DRIVERS\nwifi.sys
[00] [Check Services] [236/459] NDIS
[00] [Check Services] C:\Windows\system32\drivers\ndis.sys
[00] [Check Services] [237/459] NdisCap
[00] [Check Services] C:\Windows\system32\DRIVERS\ndiscap.sys
[00] [Check Services] [238/459] NdisTapi
[00] [Check Services] C:\Windows\system32\DRIVERS\ndistapi.sys
[00] [Check Services] [239/459] Ndisuio
[00] [Check Services] C:\Windows\system32\DRIVERS\ndisuio.sys
[00] [Check Services] [240/459] NdisWan
[00] [Check Services] C:\Windows\system32\DRIVERS\ndiswan.sys
[00] [Check Services] [241/459] NDProxy
[00] [Check Services] Path not found
[00] [Check Services] [242/459] NetBIOS
[00] [Check Services] C:\Windows\system32\DRIVERS\netbios.sys
[00] [Check Services] [243/459] NetBT
[00] [Check Services] C:\Windows\System32\DRIVERS\netbt.sys
[00] [Check Services] [244/459] Netlogon
[00] [Check Services] C:\Windows\system32\lsass.exe
[00] [Check Services] [245/459] Netman
[00] [Check Services] C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
[00] [Check Services] [246/459] netprofm
[00] [Check Services] C:\Windows\System32\svchost.exe -k LocalService
[00] [Check Services] [247/459] NetTcpPortSharing
[00] [Check Services] "C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe"
[00] [Check Services] [248/459] nfrd960
[00] [Check Services] C:\Windows\system32\drivers\nfrd960.sys
[00] [Check Services] [249/459] NlaSvc
[00] [Check Services] C:\Windows\System32\svchost.exe -k NetworkService
[00] [Check Services] [250/459] nmwcd
[00] [Check Services] C:\Windows\system32\drivers\ccdcmbx64.sys
[00] [Check Services] [251/459] nmwcdc
[00] [Check Services] C:\Windows\system32\drivers\ccdcmbox64.sys
[00] [Check Services] [252/459] Npfs
[00] [Check Services] Path not found
[00] [Check Services] [253/459] nsi
[00] [Check Services] C:\Windows\system32\svchost.exe -k LocalService
[00] [Check Services] [254/459] nsiproxy
[00] [Check Services] C:\Windows\system32\drivers\nsiproxy.sys
[00] [Check Services] [255/459] Ntfs
[00] [Check Services] Path not found
[00] [Check Services] [256/459] Null
[00] [Check Services] Path not found
[00] [Check Services] [257/459] nvraid
[00] [Check Services] C:\Windows\system32\drivers\nvraid.sys
[00] [Check Services] [258/459] nvstor
[00] [Check Services] C:\Windows\system32\drivers\nvstor.sys
[00] [Check Services] [259/459] nv_agp
[00] [Check Services] C:\Windows\system32\drivers\nv_agp.sys
[00] [Check Services] [260/459] ohci1394
[00] [Check Services] C:\Windows\system32\drivers\ohci1394.sys
[00] [Check Services] [261/459] ose
[00] [Check Services] "C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
[00] [Check Services] [262/459] osppsvc
[00] [Check Services] "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
[00] [Check Services] [263/459] p2pimsvc
[00] [Check Services] C:\Windows\System32\svchost.exe -k LocalServicePeerNet
[00] [Check Services] [264/459] p2psvc
[00] [Check Services] C:\Windows\System32\svchost.exe -k LocalServicePeerNet
[00] [Check Services] [265/459] Parport
[00] [Check Services] C:\Windows\system32\drivers\parport.sys
[00] [Check Services] [266/459] partmgr
[00] [Check Services] C:\Windows\System32\drivers\partmgr.sys
[00] [Check Services] [267/459] PcaSvc
[00] [Check Services] C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
[00] [Check Services] [268/459] pci
[00] [Check Services] C:\Windows\system32\drivers\pci.sys
[00] [Check Services] [269/459] pciide
[00] [Check Services] C:\Windows\system32\drivers\pciide.sys
[00] [Check Services] [270/459] pcmcia
[00] [Check Services] C:\Windows\system32\drivers\pcmcia.sys
[00] [Check Services] [271/459] pcw
[00] [Check Services] C:\Windows\System32\drivers\pcw.sys
[00] [Check Services] [272/459] PEAUTH
[00] [Check Services] C:\Windows\system32\drivers\peauth.sys
[00] [Check Services] [273/459] PerfHost
[00] [Check Services] C:\Windows\SysWOW64\perfhost.exe
[00] [Check Services] [274/459] pla
[00] [Check Services] C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
[00] [Check Services] [275/459] PlugPlay
[00] [Check Services] C:\Windows\system32\svchost.exe -k DcomLaunch
[00] [Check Services] [276/459] PNRPAutoReg
[00] [Check Services] C:\Windows\System32\svchost.exe -k LocalServicePeerNet
[00] [Check Services] [277/459] PNRPsvc
[00] [Check Services] C:\Windows\System32\svchost.exe -k LocalServicePeerNet
[00] [Check Services] [278/459] PolicyAgent
[00] [Check Services] C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
[00] [Check Services] [279/459] Power
[00] [Check Services] C:\Windows\system32\svchost.exe -k DcomLaunch
[00] [Check Services] [280/459] PptpMiniport
[00] [Check Services] C:\Windows\system32\DRIVERS\raspptp.sys
[00] [Check Services] [281/459] Processor
[00] [Check Services] C:\Windows\system32\drivers\processr.sys
[00] [Check Services] [282/459] ProfSvc
[00] [Check Services] C:\Windows\system32\svchost.exe -k netsvcs
[00] [Check Services] [283/459] ProtectedStorage
[00] [Check Services] C:\Windows\system32\lsass.exe
[00] [Check Services] [284/459] Psched
[00] [Check Services] C:\Windows\system32\DRIVERS\pacer.sys
[00] [Check Services] [285/459] PwmSvc
[00] [Check Services] "C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe"
[00] [Check Services] [286/459] ql2300
[00] [Check Services] C:\Windows\system32\drivers\ql2300.sys
[00] [Check Services] [287/459] ql40xx
[00] [Check Services] C:\Windows\system32\drivers\ql40xx.sys
[00] [Check Services] [288/459] QWAVE
[00] [Check Services] C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
[00] [Check Services] [289/459] QWAVEdrv
[00] [Check Services] C:\Windows\system32\drivers\qwavedrv.sys
[00] [Check Services] [290/459] RasAcd
[00] [Check Services] C:\Windows\System32\DRIVERS\rasacd.sys
[00] [Check Services] [291/459] RasAgileVpn
[00] [Check Services] C:\Windows\system32\DRIVERS\AgileVpn.sys
[00] [Check Services] [292/459] RasAuto
[00] [Check Services] C:\Windows\System32\svchost.exe -k netsvcs
[00] [Check Services] [293/459] Rasl2tp
[00] [Check Services] C:\Windows\system32\DRIVERS\rasl2tp.sys
[00] [Check Services] [294/459] RasMan
[00] [Check Services] C:\Windows\System32\svchost.exe -k netsvcs
[00] [Check Services] [295/459] RasPppoe
[00] [Check Services] C:\Windows\system32\DRIVERS\raspppoe.sys
[00] [Check Services] [296/459] RasSstp
[00] [Check Services] C:\Windows\system32\DRIVERS\rassstp.sys
[00] [Check Services] [297/459] rdbss
[00] [Check Services] C:\Windows\system32\DRIVERS\rdbss.sys
[00] [Check Services] [298/459] rdpbus
[00] [Check Services] C:\Windows\s

// pridané po 3 minútach od posledného príspevku

S Combofixom mam ale problémy žiaden log mi to nevytvori a k tomu v jednotke C mam Combofix ako ikonku Počítača kde su všetky jednotky C:,D:

ked ho nainstalujem pracuje nieco vytvara ale potom mi zacnu vyskakovat upozornenie a modre male okienko kde je napisane iba Administrator slovom akokeby poznamkovy blok


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 14.09.16
Príspevky: 618
Témy: 2 | 2

na adcleaneri daj delete daj zmazať tlačidlo na roguekilleri a oprava host logy pošli tak combofix sprav v nudzovom režime sieti


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 16.10.12
Prihlásený: 18.10.12
Príspevky: 9
Témy: 1 | 1
Napísal autor témyOffline : 17.10.2012 10:22 | presmerovanie na partner37.mydomainadvisor.com

ADWcleaner:

# AdwCleaner v2.005 - Logfile created 10/17/2012 at 10:15:58
# Updated 14/10/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : PC - PC-PC
# Boot Mode : Normal
# Running from : C:\Users\PC\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\ProgramData\Anti-phishing Domain Advisor
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\blekkotb
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{20A0BE68-8FD9-4539-8712-CE3D1C1FDFC6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{26C9E18C-3717-4BE1-A225-04E4471F5B6E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{20A0BE68-8FD9-4539-8712-CE3D1C1FDFC6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{26C9E18C-3717-4BE1-A225-04E4471F5B6E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{20A0BE68-8FD9-4539-8712-CE3D1C1FDFC6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{26C9E18C-3717-4BE1-A225-04E4471F5B6E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{20A0BE68-8FD9-4539-8712-CE3D1C1FDFC6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26C9E18C-3717-4BE1-A225-04E4471F5B6E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Anti-phishing Domain Advisor
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\blekkotb
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Anti-phishing Domain Advisor]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{26C9E18C-3717-4BE1-A225-04E4471F5B6E}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v15.0.1 (cs)

Profile name : default
File : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\stks3ey8.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v12.1.1532.0

File : C:\Users\PC\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [5574 octets] - [14/10/2012 17:31:33]
AdwCleaner[R2].txt - [5634 octets] - [17/10/2012 09:14:07]
AdwCleaner[R3].txt - [5694 octets] - [17/10/2012 09:40:11]
AdwCleaner[S2].txt - [5578 octets] - [17/10/2012 10:15:58]

########## EOF - C:\AdwCleaner[S2].txt - [5638 octets] ##########


RogueKiller:

RogueKiller V8.1.1 [10/01/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Website: http://tigzy.geekstogo.com/roguekiller.php
Blog: http://tigzyrk.blogspot.com

Operačný systém: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spustené v : Normálny režim
Užívateľ : PC [Práva Správcu]
Režim : Oprava HOSTS -- Dátum : 10/17/2012 10:20:57

¤¤¤ Škodlivé procesy : 0 ¤¤¤

¤¤¤ Záznamy Registrov : 0 ¤¤¤

¤¤¤ Ovládač : [NENAHRATÉ] ¤¤¤

¤¤¤ Súbor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts



¤¤¤ Resetovaný HOSTS: ¤¤¤


Dokončené : << RKreport[4].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt



Ten combofix mi nejde ani v nudzovom rezime :/


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 14.09.16
Príspevky: 618
Témy: 2 | 2

daval si yes ok agree ako som vravel tak combofix prepiš na turbina a spusť nechaj bezať ten adminstrator to je combofix a je to prikazovy riadok nie poznamkovy blok čo ty píše combofix


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 16.10.12
Prihlásený: 18.10.12
Príspevky: 9
Témy: 1 | 1
Napísal autor témyOffline : 17.10.2012 14:11 | presmerovanie na partner37.mydomainadvisor.com

Mam to:


ComboFix 12-10-16.02 - PC . 10. 2012 13:51:08.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.4000.2256 [GMT 2:00]
Running from: c:\users\PC\Downloads\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Trend Micro Titanium Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Trend Micro Titanium Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-09-17 to 2012-10-17 )))))))))))))))))))))))))))))))
.
.
2012-10-17 12:02 . 2012-10-17 12:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-10-16 21:07 . 2012-10-16 21:08 -------- d-----w- c:\program files (x86)\trend micro
2012-10-16 21:07 . 2012-10-16 21:08 -------- d-----w- C:\rsit
2012-10-16 15:06 . 2012-10-16 15:05 66360 ----a-w- c:\windows\system32\drivers\kbfilter.sys
2012-10-16 15:05 . 2012-10-16 15:05 -------- d-----w- c:\users\PC\AppData\Roaming\Trend Micro
2012-10-15 20:48 . 2012-10-15 20:48 -------- d-----w- c:\users\PC\AppData\Roaming\Anvisoft
2012-10-15 20:47 . 2012-10-15 20:47 -------- d-----w- c:\programdata\Anvisoft
2012-10-15 20:47 . 2012-08-20 09:23 23376 ----a-w- c:\windows\system32\drivers\asdrs.sys
2012-10-15 20:47 . 2012-08-20 09:23 18768 ----a-w- c:\windows\system32\drivers\asdrm.sys
2012-10-15 20:47 . 2012-08-20 09:23 17232 ----a-w- c:\windows\system32\drivers\asdws.sys
2012-10-15 20:47 . 2012-10-15 20:47 -------- d-----w- c:\program files (x86)\Anvisoft
2012-10-14 15:50 . 2012-10-14 15:50 -------- d-----w- c:\users\PC\AppData\Roaming\Malwarebytes
2012-10-14 15:49 . 2012-10-14 15:49 -------- d-----w- c:\programdata\Malwarebytes
2012-10-14 15:49 . 2012-10-14 15:50 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-10-14 15:49 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-10-09 20:14 . 2012-10-09 20:14 -------- d-----w- c:\users\PC\AppData\Local\Macromedia
2012-10-09 20:04 . 2012-10-09 20:04 -------- d-----w- c:\users\PC\AppData\Local\Mozilla
2012-10-09 20:03 . 2012-10-14 15:38 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-10 06:02 . 2012-04-08 12:43 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-10 06:02 . 2012-04-08 12:43 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-22 18:12 . 2012-09-12 16:55 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-08-22 18:12 . 2012-09-12 16:55 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-08-22 18:12 . 2012-09-12 16:55 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 18:12 . 2012-09-12 16:55 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-21 09:13 . 2012-02-03 15:34 359464 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-08-21 09:13 . 2012-02-03 15:34 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-08-21 09:13 . 2012-02-03 15:34 969200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-08-21 09:13 . 2012-03-13 12:20 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-08-21 09:13 . 2012-02-03 15:34 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-08-21 09:13 . 2012-02-03 15:34 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-08-21 09:12 . 2012-02-03 15:34 41224 ----a-w- c:\windows\avastSS.scr
2012-08-21 09:12 . 2012-02-03 15:34 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-08-21 09:12 . 2012-02-03 15:34 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-08-02 17:58 . 2012-09-12 16:55 574464 ----a-w- c:\windows\system32\d3d10level9.dll
2012-08-02 16:57 . 2012-09-12 16:55 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{3F019D1C-7EAA-4F25-A765-FBA635BD0AFF}]
2012-10-16 15:04 546352 ----a-w- c:\program files\Trend Micro\TMIDS\PwmIEBHO32.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{9B4B91FC-EC4D-4018-9575-96FA5A3C03C5}"= "c:\program files\Trend Micro\TMIDS\PwmIEBHO32.dll" [2012-10-16 546352]
.
[HKEY_CLASSES_ROOT\clsid\{9b4b91fc-ec4d-4018-9575-96fa5a3c03c5}]
[HKEY_CLASSES_ROOT\PwmIEBHO.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{A463CF94-710C-4AA6-B1F4-0EE1C10DC70B}]
[HKEY_CLASSES_ROOT\PwmIEBHO.IEToolbar]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17418928]
"Facebook Update"="c:\users\PC\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-30 138096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Nuance PDF Reader-reminder"="c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" [2008-11-03 328992]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2011-04-01 2018032]
"ASUSWebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe" [2011-02-23 731472]
"SonicMasterTray"="c:\program files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe" [2010-07-10 984400]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2011-12-22 318080]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2011-10-24 174720]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2011-10-18 2319536]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
"Anvi Smart Defender"="c:\program files (x86)\Anvisoft\Anvi Smart Defender\ASDTray.exe" [2012-08-23 1229104]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe [2011-4-1 548528]
FancyStart daemon.lnk - c:\windows\Installer\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}\_77B5857C27147149171BE7.exe [2011-11-17 12862]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-03 136176]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-10 250808]
R3 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2011-03-18 74840]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-02 183560]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-03 136176]
R3 kbfilter;kbfilter;c:\windows\system32\DRIVERS\kbfilter.sys [2012-10-16 66360]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-12 115168]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2012-02-02 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S1 asdrm;asdrm;c:\windows\system32\DRIVERS\asdrm.sys [2012-08-20 18768]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 ATKWMIACPIIO_;ATKWMIACPI Driver_;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2011-03-04 379520]
S2 asdrs;AntiMalware Host-based Intrusion Prevention System;c:\windows\system32\DRIVERS\asdrs.sys [2012-08-20 23376]
S2 asdsrv;Anvi Smart Defender Realtime Guard Service;c:\program files (x86)\Anvisoft\Anvi Smart Defender\ASDSrv.exe [2012-08-23 686896]
S2 asdws;AnviSmartDefender Web Guard;c:\windows\system32\DRIVERS\asdws.sys [2012-08-20 17232]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [2012-02-16 277120]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-08-21 71600]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-08-02 146592]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-08-02 103584]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
S2 PwmSvc;Trend Micro DirectPass Central Control Service;c:\program files\Trend Micro\TMIDS\PwmSvc.exe [2012-10-16 342064]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [2010-09-17 67664]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [2011-11-22 130024]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [2011-11-22 395752]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2011-08-02 36000]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-08-02 330912]
S3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys [2011-08-02 110240]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2011-08-02 30368]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2011-08-02 167584]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2011-08-02 68256]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2011-08-02 280992]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2011-08-02 511136]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-12-31 138024]
S3 IntcDAud;Intel(R) Zvuk pre obrazovky;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-11-03 317440]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-08-24 76912]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 TiMiniService;TiMiniService;c:\program files\Trend Micro\Titanium\TiMiniService.exe [2010-09-17 241488]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-10-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-08 06:02]
.
2012-10-16 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3429130421-4225408205-2713287547-1000Core.job
- c:\users\PC\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-30 15:49]
.
2012-10-17 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3429130421-4225408205-2713287547-1000UA.job
- c:\users\PC\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-30 15:49]
.
2012-10-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-03 15:34]
.
2012-10-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-03 15:34]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3F019D1C-7EAA-4F25-A765-FBA635BD0AFF}]
2012-10-16 15:05 811056 ----a-w- c:\program files\Trend Micro\TMIDS\PwmIEBHO64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{9B4B91FC-EC4D-4018-9575-96FA5A3C03C5}"= "c:\program files\Trend Micro\TMIDS\PwmIEBHO64.dll" [2012-10-16 811056]
.
[HKEY_CLASSES_ROOT\CLSID\{9B4B91FC-EC4D-4018-9575-96FA5A3C03C5}]
[HKEY_CLASSES_ROOT\PwmIEBHO.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{A463CF94-710C-4AA6-B1F4-0EE1C10DC70B}]
[HKEY_CLASSES_ROOT\PwmIEBHO.IEToolbar]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:11 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VizorHtmlDialog.exe"="c:\program files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" [2010-10-08 1123664]
"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2010-10-12 192520]
"Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\VizorShortCut.exe" [2010-09-17 322384]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2011-03-21 361984]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-08-16 2277480]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-08-02 961184]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-08-02 798880]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-11-03 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-11-03 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-11-03 416024]
"PwmConsole.exe"="c:\program files\Trend Micro\TMIDS\PwmConsole.exe" [2012-10-16 919088]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.sk/
mStart Page = hxxp://asus.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\stks3ey8.default\
FF - ExtSQL: 2012-10-14 17:36; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2012-10-16 17:06; {8197dd50-b252-4b08-a1be-1277f22357bb}; c:\program files\Trend Micro\TMIDS\PwmFirefoxExt
FF - ExtSQL: 2012-10-16 23:47; unseen@tangrs; c:\users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\stks3ey8.default\extensions\unseen@tangrs.xpi
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-ASUS_Screensaver - c:\windows\system32\ASUS_Screensaver.scr
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-10-17 14:09:13
ComboFix-quarantined-files.txt 2012-10-17 12:09
.
Pre-Run: 152 945 115 136 bytes free
Post-Run: 152 568 639 488 bytes free
.
- - End Of File - - 02CD353CB2F942A4A89854BE9DB27B51


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 14.09.16
Príspevky: 618
Témy: 2 | 2

ulož combofix na plochu stiahni si cfscript z http://uloz.to/xa1nQi2/cfscript-txt ulož ho na plochu pretiahni cfscript cez combofix viď obrazok http://img229.imageshack.us/img229/2154/cfscriptzu1.gif
Pošli log z tdskilleru C:\TDSSKiller.2.8.13.0_15.10.2012_22.39.47_log.txt
Preskenuj PC malwarebitesom daj plnú kontrolu predom nič nemáž.

cesta HJT C:\Program Files (x86)\trend micro\PC.exe
V HJT fixni
O2 - BHO: Updater For Spam Free Search Bar - {20a0be68-8fd9-4539-8712-ce3d1c1fdfc6} - C:\Program Files (x86)\blekkotb\auxi\blekkoAu.dll
O2 - BHO: Spam Free Search Bar - {26c9e18c-3717-4be1-a225-04e4471f5b6e} - C:\Program Files (x86)\blekkotb\blekkoDx.dll
O3 - Toolbar: Spam Free Search Bar - {26c9e18c-3717-4be1-a225-04e4471f5b6e} - C:\Program Files (x86)\blekkotb\blekkoDx.dll

Odinštaluj trend micro antivirus aby nedochazalo k možnim koliziam z avastom


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 16.10.12
Prihlásený: 18.10.12
Príspevky: 9
Témy: 1 | 1
Napísal autor témyOffline : 17.10.2012 23:18 | presmerovanie na partner37.mydomainadvisor.com

22:39:47.0783 6736 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
22:39:47.0989 6736 ============================================================
22:39:47.0989 6736 Current date / time: 2012/10/15 22:39:47.0989
22:39:47.0989 6736 SystemInfo:
22:39:47.0989 6736
22:39:47.0989 6736 OS Version: 6.1.7601 ServicePack: 1.0
22:39:47.0989 6736 Product type: Workstation
22:39:47.0989 6736 ComputerName: PC-PC
22:39:47.0989 6736 UserName: PC
22:39:47.0989 6736 Windows directory: C:\Windows
22:39:47.0989 6736 System windows directory: C:\Windows
22:39:47.0989 6736 Running under WOW64
22:39:47.0989 6736 Processor architecture: Intel x64
22:39:47.0989 6736 Number of processors: 2
22:39:47.0989 6736 Page size: 0x1000
22:39:47.0989 6736 Boot type: Normal boot
22:39:47.0989 6736 ============================================================
22:39:48.0579 6736 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:39:48.0589 6736 ============================================================
22:39:48.0589 6736 \Device\Harddisk0\DR0:
22:39:48.0589 6736 MBR partitions:
22:39:48.0589 6736 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3200800, BlocksNum 0x1749C000
22:39:48.0589 6736 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A69C800, BlocksNum 0x1FCE9000
22:39:48.0589 6736 ============================================================
22:39:48.0619 6736 C: <-> \Device\Harddisk0\DR0\Partition1
22:39:48.0649 6736 D: <-> \Device\Harddisk0\DR0\Partition2
22:39:48.0649 6736 ============================================================
22:39:48.0649 6736 Initialize success
22:39:48.0649 6736 ============================================================
22:39:50.0881 6420 ============================================================
22:39:50.0881 6420 Scan started
22:39:50.0881 6420 Mode: Manual;
22:39:50.0881 6420 ============================================================
22:39:51.0427 6420 ================ Scan system memory ========================
22:39:51.0427 6420 System memory - ok
22:39:51.0427 6420 ================ Scan services =============================
22:39:51.0744 6420 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
22:39:51.0744 6420 1394ohci - ok
22:39:51.0794 6420 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
22:39:51.0794 6420 ACPI - ok
22:39:51.0824 6420 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
22:39:51.0824 6420 AcpiPmi - ok
22:39:52.0044 6420 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:39:52.0044 6420 AdobeFlashPlayerUpdateSvc - ok
22:39:52.0084 6420 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
22:39:52.0094 6420 adp94xx - ok
22:39:52.0114 6420 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
22:39:52.0124 6420 adpahci - ok
22:39:52.0134 6420 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
22:39:52.0134 6420 adpu320 - ok
22:39:52.0164 6420 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:39:52.0174 6420 AeLookupSvc - ok
22:39:52.0204 6420 [ 69FD46FAC0D9C4A8ECD522AC6A7481F5 ] AFBAgent C:\Windows\system32\FBAgent.exe
22:39:52.0214 6420 AFBAgent - ok
22:39:52.0254 6420 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
22:39:52.0254 6420 AFD - ok
22:39:52.0284 6420 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
22:39:52.0294 6420 agp440 - ok
22:39:52.0334 6420 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
22:39:52.0334 6420 ALG - ok
22:39:52.0374 6420 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
22:39:52.0374 6420 aliide - ok
22:39:52.0394 6420 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
22:39:52.0404 6420 amdide - ok
22:39:52.0404 6420 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
22:39:52.0404 6420 AmdK8 - ok
22:39:52.0414 6420 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
22:39:52.0414 6420 AmdPPM - ok
22:39:52.0444 6420 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
22:39:52.0454 6420 amdsata - ok
22:39:52.0484 6420 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
22:39:52.0494 6420 amdsbs - ok
22:39:52.0514 6420 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
22:39:52.0524 6420 amdxata - ok
22:39:52.0604 6420 [ E8494519BCB9E3B1B72E5604993A76E3 ] Amsp C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
22:39:52.0614 6420 Amsp - ok
22:39:52.0654 6420 [ 92A848F962DA91C631147D566414BB7E ] AmUStor C:\Windows\system32\drivers\AmUStor.SYS
22:39:52.0654 6420 AmUStor - ok
22:39:52.0694 6420 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
22:39:52.0694 6420 AppID - ok
22:39:52.0714 6420 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
22:39:52.0714 6420 AppIDSvc - ok
22:39:52.0734 6420 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
22:39:52.0734 6420 Appinfo - ok
22:39:52.0744 6420 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
22:39:52.0744 6420 arc - ok
22:39:52.0754 6420 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
22:39:52.0754 6420 arcsas - ok
22:39:52.0844 6420 [ A3626C6D3F2DC95497F3F61842D7FD89 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
22:39:52.0844 6420 ASLDRService - ok
22:39:52.0874 6420 [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
22:39:52.0874 6420 ASMMAP64 - ok
22:39:52.0914 6420 [ 8569AF4C73747671194EA9EBB2F2D6CF ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys
22:39:52.0924 6420 asmthub3 - ok
22:39:52.0954 6420 [ 073716FBFFAC7057CD5FF00A1B558331 ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys
22:39:52.0954 6420 asmtxhci - ok
22:39:53.0044 6420 [ 52436245AAEF3B65DF7859949AB6A14E ] ASUS InstantOn C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
22:39:53.0054 6420 ASUS InstantOn - ok
22:39:53.0084 6420 [ 55142B4F7A7E4C9C151C6000A6BF7809 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
22:39:53.0084 6420 aswFsBlk - ok
22:39:53.0164 6420 [ 316271CC32FDFFFCDB30677684906D5E ] aswKbd C:\Windows\system32\drivers\aswKbd.sys
22:39:53.0164 6420 aswKbd - ok
22:39:53.0214 6420 [ AA9FDE3D630160B47DAB21BF8250111C ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
22:39:53.0214 6420 aswMonFlt - ok
22:39:53.0224 6420 [ 2A6675C24DF5159A9506CD13ECE5ABE9 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
22:39:53.0224 6420 aswRdr - ok
22:39:53.0264 6420 [ 4E38475BDB51A867CCBA7D5DF7FDFC0C ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
22:39:53.0274 6420 aswSnx - ok
22:39:53.0304 6420 [ 9A49D80D65451AF22913AEF772CC3DA9 ] aswSP C:\Windows\system32\drivers\aswSP.sys
22:39:53.0314 6420 aswSP - ok
22:39:53.0334 6420 [ C3EC420451AC5300A22190AE38418FBA ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
22:39:53.0334 6420 aswTdi - ok
22:39:53.0364 6420 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:39:53.0364 6420 AsyncMac - ok
22:39:53.0404 6420 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
22:39:53.0404 6420 atapi - ok
22:39:53.0434 6420 [ 185F180536188C1A4ED605234721A5B9 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
22:39:53.0434 6420 AthBTPort - ok
22:39:53.0504 6420 [ 650F111D5CDA64C10AE4B9D1BA9D4FFF ] Atheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
22:39:53.0504 6420 Atheros Bt&Wlan Coex Agent - ok
22:39:53.0534 6420 [ 944D401B4DB9C64E78E9EDB6690F7368 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
22:39:53.0534 6420 AtherosSvc - ok
22:39:53.0624 6420 [ B4174564AD5834A1680610572477878C ] athr C:\Windows\system32\DRIVERS\athrx.sys
22:39:53.0664 6420 athr - ok
22:39:53.0694 6420 [ DBC598E47E7A382E60E2A4745D41FEF9 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
22:39:53.0694 6420 ATKGFNEXSrv - ok
22:39:53.0724 6420 [ 41CEAFFCF3550785E59E3EC9BEE8D97A ] ATKWMIACPIIO_ C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
22:39:53.0724 6420 ATKWMIACPIIO_ - ok
22:39:53.0804 6420 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:39:53.0814 6420 AudioEndpointBuilder - ok
22:39:53.0834 6420 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
22:39:53.0834 6420 AudioSrv - ok
22:39:53.0894 6420 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
22:39:53.0894 6420 avast! Antivirus - ok
22:39:53.0934 6420 avast! Firewall - ok
22:39:53.0974 6420 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
22:39:53.0974 6420 AxInstSV - ok
22:39:54.0014 6420 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
22:39:54.0024 6420 b06bdrv - ok
22:39:54.0054 6420 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
22:39:54.0064 6420 b57nd60a - ok
22:39:54.0114 6420 [ 93EE7D9C35AE7E9FFDA148D7805F1421 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
22:39:54.0114 6420 BBSvc - ok
22:39:54.0144 6420 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
22:39:54.0144 6420 BDESVC - ok
22:39:54.0184 6420 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
22:39:54.0184 6420 Beep - ok
22:39:54.0244 6420 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
22:39:54.0254 6420 BFE - ok
22:39:54.0294 6420 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
22:39:54.0314 6420 BITS - ok
22:39:54.0324 6420 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
22:39:54.0324 6420 blbdrive - ok
22:39:54.0364 6420 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:39:54.0364 6420 bowser - ok
22:39:54.0404 6420 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
22:39:54.0404 6420 BrFiltLo - ok
22:39:54.0404 6420 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
22:39:54.0414 6420 BrFiltUp - ok
22:39:54.0434 6420 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
22:39:54.0444 6420 Browser - ok
22:39:54.0474 6420 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
22:39:54.0484 6420 Brserid - ok
22:39:54.0494 6420 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
22:39:54.0494 6420 BrSerWdm - ok
22:39:54.0494 6420 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
22:39:54.0504 6420 BrUsbMdm - ok
22:39:54.0504 6420 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
22:39:54.0504 6420 BrUsbSer - ok
22:39:54.0564 6420 [ D74A81CCF0372C955862692B7AF272C9 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
22:39:54.0564 6420 BTATH_A2DP - ok
22:39:54.0574 6420 [ 3118072D09DAA1961A9F6549A4E8433A ] btath_avdt C:\Windows\system32\drivers\btath_avdt.sys
22:39:54.0574 6420 btath_avdt - ok
22:39:54.0614 6420 [ E6B734A37ADE36FE1A77035F4E484C8C ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
22:39:54.0614 6420 BTATH_BUS - ok
22:39:54.0624 6420 [ FB3833E63FF602B69C2FF085846DCF43 ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
22:39:54.0634 6420 BTATH_HCRP - ok
22:39:54.0654 6420 [ 8008D892A2BDA67EEFBE25E14EB5DC83 ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
22:39:54.0654 6420 BTATH_LWFLT - ok
22:39:54.0684 6420 [ 58535686697E5E82EC3A87938AC3DA54 ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
22:39:54.0694 6420 BTATH_RCP - ok
22:39:54.0774 6420 [ 3DF6C4913A683C76F29F376EE814221E ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
22:39:54.0794 6420 BtFilter - ok
22:39:54.0814 6420 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
22:39:54.0824 6420 BthEnum - ok
22:39:54.0854 6420 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
22:39:54.0864 6420 BTHMODEM - ok
22:39:54.0884 6420 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
22:39:54.0884 6420 BthPan - ok
22:39:54.0924 6420 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
22:39:54.0934 6420 BTHPORT - ok
22:39:54.0974 6420 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
22:39:54.0974 6420 bthserv - ok
22:39:55.0004 6420 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
22:39:55.0004 6420 BTHUSB - ok
22:39:55.0044 6420 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:39:55.0044 6420 cdfs - ok
22:39:55.0084 6420 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
22:39:55.0084 6420 cdrom - ok
22:39:55.0114 6420 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
22:39:55.0114 6420 CertPropSvc - ok
22:39:55.0144 6420 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
22:39:55.0144 6420 circlass - ok
22:39:55.0184 6420 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
22:39:55.0194 6420 CLFS - ok
22:39:55.0264 6420 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:39:55.0274 6420 clr_optimization_v2.0.50727_32 - ok
22:39:55.0314 6420 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:39:55.0324 6420 clr_optimization_v2.0.50727_64 - ok
22:39:55.0484 6420 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:39:55.0484 6420 clr_optimization_v4.0.30319_32 - ok
22:39:55.0524 6420 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:39:55.0524 6420 clr_optimization_v4.0.30319_64 - ok
22:39:55.0544 6420 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
22:39:55.0544 6420 CmBatt - ok
22:39:55.0564 6420 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:39:55.0564 6420 cmdide - ok
22:39:55.0614 6420 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
22:39:55.0624 6420 CNG - ok
22:39:55.0654 6420 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
22:39:55.0664 6420 Compbatt - ok
22:39:55.0664 6420 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
22:39:55.0664 6420 CompositeBus - ok
22:39:55.0674 6420 COMSysApp - ok
22:39:55.0684 6420 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
22:39:55.0694 6420 crcdisk - ok
22:39:55.0754 6420 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:39:55.0764 6420 CryptSvc - ok
22:39:55.0844 6420 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
22:39:55.0854 6420 cvhsvc - ok
22:39:55.0904 6420 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:39:55.0914 6420 DcomLaunch - ok
22:39:55.0954 6420 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
22:39:55.0964 6420 defragsvc - ok
22:39:55.0984 6420 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:39:55.0984 6420 DfsC - ok
22:39:56.0024 6420 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
22:39:56.0034 6420 Dhcp - ok
22:39:56.0034 6420 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
22:39:56.0034 6420 discache - ok
22:39:56.0084 6420 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
22:39:56.0084 6420 Disk - ok
22:39:56.0114 6420 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:39:56.0124 6420 Dnscache - ok
22:39:56.0154 6420 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
22:39:56.0154 6420 dot3svc - ok
22:39:56.0164 6420 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
22:39:56.0174 6420 DPS - ok
22:39:56.0204 6420 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:39:56.0214 6420 drmkaud - ok
22:39:56.0314 6420 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:39:56.0324 6420 DXGKrnl - ok
22:39:56.0354 6420 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
22:39:56.0364 6420 EapHost - ok
22:39:56.0454 6420 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
22:39:56.0524 6420 ebdrv - ok
22:39:56.0554 6420 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
22:39:56.0554 6420 EFS - ok
22:39:56.0624 6420 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:39:56.0634 6420 ehRecvr - ok
22:39:56.0644 6420 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
22:39:56.0644 6420 ehSched - ok
22:39:56.0714 6420 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
22:39:56.0724 6420 elxstor - ok
22:39:56.0724 6420 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:39:56.0724 6420 ErrDev - ok
22:39:56.0774 6420 [ 4C120D2B2EA269EAE7A5744794EB6DB1 ] ETD C:\Windows\system32\DRIVERS\ETD.sys
22:39:56.0774 6420 ETD - ok
22:39:56.0814 6420 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
22:39:56.0824 6420 EventSystem - ok
22:39:56.0844 6420 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
22:39:56.0854 6420 exfat - ok
22:39:56.0874 6420 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:39:56.0874 6420 fastfat - ok
22:39:56.0914 6420 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
22:39:56.0924 6420 Fax - ok
22:39:56.0944 6420 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
22:39:56.0944 6420 fdc - ok
22:39:56.0964 6420 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
22:39:56.0964 6420 fdPHost - ok
22:39:56.0984 6420 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
22:39:56.0984 6420 FDResPub - ok
22:39:57.0004 6420 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:39:57.0004 6420 FileInfo - ok
22:39:57.0034 6420 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:39:57.0034 6420 Filetrace - ok
22:39:57.0054 6420 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
22:39:57.0054 6420 flpydisk - ok
22:39:57.0084 6420 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:39:57.0084 6420 FltMgr - ok
22:39:57.0124 6420 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
22:39:57.0144 6420 FontCache - ok
22:39:57.0194 6420 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:39:57.0194 6420 FontCache3.0.0.0 - ok
22:39:57.0204 6420 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
22:39:57.0214 6420 FsDepends - ok
22:39:57.0244 6420 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
22:39:57.0244 6420 fssfltr - ok
22:39:57.0324 6420 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
22:39:57.0344 6420 fsssvc - ok
22:39:57.0364 6420 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:39:57.0364 6420 Fs_Rec - ok
22:39:57.0404 6420 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
22:39:57.0404 6420 fvevol - ok
22:39:57.0434 6420 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
22:39:57.0434 6420 gagp30kx - ok
22:39:57.0464 6420 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
22:39:57.0474 6420 gpsvc - ok
22:39:57.0544 6420 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:39:57.0544 6420 gupdate - ok
22:39:57.0554 6420 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:39:57.0554 6420 gupdatem - ok
22:39:57.0584 6420 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
22:39:57.0594 6420 hcw85cir - ok
22:39:57.0624 6420 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:39:57.0634 6420 HdAudAddService - ok
22:39:57.0664 6420 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
22:39:57.0664 6420 HDAudBus - ok
22:39:57.0694 6420 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
22:39:57.0694 6420 HidBatt - ok
22:39:57.0694 6420 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
22:39:57.0704 6420 HidBth - ok
22:39:57.0724 6420 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
22:39:57.0734 6420 HidIr - ok
22:39:57.0774 6420 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
22:39:57.0774 6420 hidserv - ok
22:39:57.0824 6420 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
22:39:57.0824 6420 HidUsb - ok
22:39:57.0854 6420 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:39:57.0854 6420 hkmsvc - ok
22:39:57.0864 6420 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:39:57.0874 6420 HomeGroupListener - ok
22:39:57.0904 6420 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:39:57.0904 6420 HomeGroupProvider - ok
22:39:57.0944 6420 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
22:39:57.0944 6420 HpSAMD - ok
22:39:57.0984 6420 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:39:57.0994 6420 HTTP - ok
22:39:58.0004 6420 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
22:39:58.0004 6420 hwpolicy - ok
22:39:58.0044 6420 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
22:39:58.0044 6420 i8042prt - ok
22:39:58.0094 6420 [ 26CF4275034214ECEDD8EC17B0A18A99 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
22:39:58.0104 6420 iaStor - ok
22:39:58.0144 6420 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
22:39:58.0144 6420 iaStorV - ok
22:39:58.0204 6420 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:39:58.0214 6420 idsvc - ok
22:39:58.0534 6420 [ 0089B53F1BEFD34B7D8CA4AB021335FA ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
22:39:58.0644 6420 igfx - ok
22:39:58.0674 6420 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
22:39:58.0684 6420 iirsp - ok
22:39:58.0724 6420 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
22:39:58.0734 6420 IKEEXT - ok
22:39:58.0844 6420 [ 651972B4061F940DC154C6F7B948B76A ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
22:39:58.0914 6420 IntcAzAudAddService - ok
22:39:58.0964 6420 [ AE594CC17C33AC146739494615E14851 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
22:39:58.0964 6420 IntcDAud - ok
22:39:58.0984 6420 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
22:39:58.0994 6420 intelide - ok
22:39:59.0014 6420 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:39:59.0014 6420 intelppm - ok
22:39:59.0044 6420 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:39:59.0054 6420 IPBusEnum - ok
22:39:59.0074 6420 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:39:59.0074 6420 IpFilterDriver - ok
22:39:59.0114 6420 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:39:59.0124 6420 iphlpsvc - ok
22:39:59.0144 6420 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
22:39:59.0154 6420 IPMIDRV - ok
22:39:59.0154 6420 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
22:39:59.0164 6420 IPNAT - ok
22:39:59.0184 6420 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:39:59.0184 6420 IRENUM - ok
22:39:59.0184 6420 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:39:59.0194 6420 isapnp - ok
22:39:59.0224 6420 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
22:39:59.0234 6420 iScsiPrt - ok
22:39:59.0244 6420 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
22:39:59.0244 6420 kbdclass - ok
22:39:59.0264 6420 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
22:39:59.0264 6420 kbdhid - ok
22:39:59.0314 6420 [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
22:39:59.0314 6420 kbfiltr - ok
22:39:59.0334 6420 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
22:39:59.0334 6420 KeyIso - ok
22:39:59.0364 6420 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:39:59.0364 6420 KSecDD - ok
22:39:59.0374 6420 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
22:39:59.0384 6420 KSecPkg - ok
22:39:59.0404 6420 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
22:39:59.0404 6420 ksthunk - ok
22:39:59.0434 6420 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
22:39:59.0444 6420 KtmRm - ok
22:39:59.0474 6420 [ A4A9CA24E54E81C6C3E469EAEB4B3F42 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
22:39:59.0474 6420 L1C - ok
22:39:59.0514 6420 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
22:39:59.0524 6420 LanmanServer - ok
22:39:59.0554 6420 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:39:59.0554 6420 LanmanWorkstation - ok
22:39:59.0604 6420 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:39:59.0604 6420 lltdio - ok
22:39:59.0624 6420 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:39:59.0634 6420 lltdsvc - ok
22:39:59.0654 6420 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:39:59.0654 6420 lmhosts - ok
22:39:59.0754 6420 [ 7F32D4C47A50E7223491E8FB9359907D ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
22:39:59.0754 6420 LMS - ok
22:39:59.0794 6420 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
22:39:59.0794 6420 LSI_FC - ok
22:39:59.0824 6420 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
22:39:59.0824 6420 LSI_SAS - ok
22:39:59.0834 6420 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
22:39:59.0834 6420 LSI_SAS2 - ok
22:39:59.0844 6420 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
22:39:59.0844 6420 LSI_SCSI - ok
22:39:59.0864 6420 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
22:39:59.0864 6420 luafv - ok
22:39:59.0904 6420 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
22:39:59.0904 6420 MBAMProtector - ok
22:39:59.0954 6420 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
22:39:59.0964 6420 MBAMService - ok
22:39:59.0994 6420 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
22:40:00.0004 6420 Mcx2Svc - ok
22:40:00.0024 6420 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
22:40:00.0034 6420 megasas - ok
22:40:00.0034 6420 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
22:40:00.0044 6420 MegaSR - ok
22:40:00.0084 6420 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
22:40:00.0094 6420 MEIx64 - ok
22:40:00.0114 6420 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
22:40:00.0124 6420 MMCSS - ok
22:40:00.0134 6420 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
22:40:00.0134 6420 Modem - ok
22:40:00.0164 6420 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:40:00.0164 6420 monitor - ok
22:40:00.0184 6420 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
22:40:00.0194 6420 mouclass - ok
22:40:00.0234 6420 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:40:00.0234 6420 mouhid - ok
22:40:00.0264 6420 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
22:40:00.0264 6420 mountmgr - ok
22:40:00.0324 6420 [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:40:00.0334 6420 MozillaMaintenance - ok
22:40:00.0384 6420 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
22:40:00.0384 6420 mpio - ok
22:40:00.0394 6420 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:40:00.0394 6420 mpsdrv - ok
22:40:00.0434 6420 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
22:40:00.0454 6420 MpsSvc - ok
22:40:00.0474 6420 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:40:00.0474 6420 MRxDAV - ok
22:40:00.0514 6420 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:40:00.0514 6420 mrxsmb - ok
22:40:00.0524 6420 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:40:00.0524 6420 mrxsmb10 - ok
22:40:00.0534 6420 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:40:00.0534 6420 mrxsmb20 - ok
22:40:00.0564 6420 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
22:40:00.0574 6420 msahci - ok
22:40:00.0584 6420 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:40:00.0584 6420 msdsm - ok
22:40:00.0594 6420 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
22:40:00.0604 6420 MSDTC - ok
22:40:00.0644 6420 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:40:00.0644 6420 Msfs - ok
22:40:00.0664 6420 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
22:40:00.0664 6420 mshidkmdf - ok
22:40:00.0674 6420 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:40:00.0674 6420 msisadrv - ok
22:40:00.0714 6420 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:40:00.0724 6420 MSiSCSI - ok
22:40:00.0724 6420 msiserver - ok
22:40:00.0764 6420 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:40:00.0764 6420 MSKSSRV - ok
22:40:00.0774 6420 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:40:00.0774 6420 MSPCLOCK - ok
22:40:00.0784 6420 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:40:00.0784 6420 MSPQM - ok
22:40:00.0814 6420 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:40:00.0814 6420 MsRPC - ok
22:40:00.0834 6420 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
22:40:00.0834 6420 mssmbios - ok
22:40:00.0854 6420 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:40:00.0854 6420 MSTEE - ok
22:40:00.0864 6420 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
22:40:00.0874 6420 MTConfig - ok
22:40:00.0884 6420 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
22:40:00.0884 6420 Mup - ok
22:40:00.0924 6420 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
22:40:00.0934 6420 napagent - ok
22:40:00.0984 6420 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:40:00.0994 6420 NativeWifiP - ok
22:40:01.0034 6420 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
22:40:01.0044 6420 NDIS - ok
22:40:01.0084 6420 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
22:40:01.0084 6420 NdisCap - ok
22:40:01.0104 6420 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:40:01.0104 6420 NdisTapi - ok
22:40:01.0124 6420 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:40:01.0124 6420 Ndisuio - ok
22:40:01.0134 6420 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:40:01.0144 6420 NdisWan - ok
22:40:01.0174 6420 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:40:01.0174 6420 NDProxy - ok
22:40:01.0204 6420 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:40:01.0204 6420 NetBIOS - ok
22:40:01.0224 6420 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
22:40:01.0234 6420 NetBT - ok
22:40:01.0264 6420 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
22:40:01.0264 6420 Netlogon - ok
22:40:01.0304 6420 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
22:40:01.0314 6420 Netman - ok
22:40:01.0334 6420 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
22:40:01.0334 6420 netprofm - ok
22:40:01.0364 6420 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:40:01.0364 6420 NetTcpPortSharing - ok
22:40:01.0404 6420 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
22:40:01.0404 6420 nfrd960 - ok
22:40:01.0444 6420 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
22:40:01.0454 6420 NlaSvc - ok
22:40:01.0494 6420 [ 907B5E1E4A592E5EDC5E4CCBDE4863C2 ] nmwcd C:\Windows\system32\drivers\ccdcmbx64.sys
22:40:01.0494 6420 nmwcd - ok
22:40:01.0524 6420 [ 41C1AC1F3613435EB32D67BCB80A5FA5 ] nmwcdc C:\Windows\system32\drivers\ccdcmbox64.sys
22:40:01.0524 6420 nmwcdc - ok
22:40:01.0534 6420 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:40:01.0544 6420 Npfs - ok
22:40:01.0574 6420 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
22:40:01.0574 6420 nsi - ok
22:40:01.0604 6420 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:40:01.0604 6420 nsiproxy - ok
22:40:01.0674 6420 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:40:01.0694 6420 Ntfs - ok
22:40:01.0724 6420 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
22:40:01.0724 6420 Null - ok
22:40:01.0774 6420 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:40:01.0784 6420 nvraid - ok
22:40:01.0794 6420 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:40:01.0794 6420 nvstor - ok
22:40:01.0824 6420 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:40:01.0824 6420 nv_agp - ok
22:40:01.0834 6420 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
22:40:01.0834 6420 ohci1394 - ok
22:40:01.0864 6420 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:40:01.0864 6420 ose - ok
22:40:02.0004 6420 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:40:02.0124 6420 osppsvc - ok
22:40:02.0154 6420 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
22:40:02.0164 6420 p2pimsvc - ok
22:40:02.0184 6420 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
22:40:02.0194 6420 p2psvc - ok
22:40:02.0214 6420 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
22:40:02.0214 6420 Parport - ok
22:40:02.0244 6420 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:40:02.0244 6420 partmgr - ok
22:40:02.0274 6420 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
22:40:02.0274 6420 PcaSvc - ok
22:40:02.0304 6420 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
22:40:02.0304 6420 pci - ok
22:40:02.0314 6420 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
22:40:02.0324 6420 pciide - ok
22:40:02.0334 6420 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
22:40:02.0344 6420 pcmcia - ok
22:40:02.0364 6420 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
22:40:02.0364 6420 pcw - ok
22:40:02.0394 6420 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:40:02.0404 6420 PEAUTH - ok
22:40:02.0474 6420 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
22:40:02.0474 6420 PerfHost - ok
22:40:02.0544 6420 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
22:40:02.0574 6420 pla - ok
22:40:02.0614 6420 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:40:02.0624 6420 PlugPlay - ok
22:40:02.0634 6420 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
22:40:02.0644 6420 PNRPAutoReg - ok
22:40:02.0644 6420 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
22:40:02.0654 6420 PNRPsvc - ok
22:40:02.0684 6420 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:40:02.0694 6420 PolicyAgent - ok
22:40:02.0734 6420 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
22:40:02.0744 6420 Power - ok
22:40:02.0784 6420 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:40:02.0784 6420 PptpMiniport - ok
22:40:02.0804 6420 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
22:40:02.0804 6420 Processor - ok
22:40:02.0834 6420 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
22:40:02.0844 6420 ProfSvc - ok
22:40:02.0854 6420 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:40:02.0854 6420 ProtectedStorage - ok
22:40:02.0884 6420 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
22:40:02.0884 6420 Psched - ok
22:40:02.0954 6420 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
22:40:02.0974 6420 ql2300 - ok
22:40:02.0974 6420 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
22:40:02.0984 6420 ql40xx - ok
22:40:03.0004 6420 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
22:40:03.0014 6420 QWAVE - ok
22:40:03.0024 6420 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:40:03.0024 6420 QWAVEdrv - ok
22:40:03.0054 6420 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:40:03.0054 6420 RasAcd - ok
22:40:03.0074 6420 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
22:40:03.0084 6420 RasAgileVpn - ok
22:40:03.0104 6420 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
22:40:03.0104 6420 RasAuto - ok
22:40:03.0134 6420 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:40:03.0134 6420 Rasl2tp - ok
22:40:03.0154 6420 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
22:40:03.0164 6420 RasMan - ok
22:40:03.0194 6420 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:40:03.0194 6420 RasPppoe - ok
22:40:03.0234 6420 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:40:03.0244 6420 RasSstp - ok
22:40:03.0244 6420 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:40:03.0254 6420 rdbss - ok
22:40:03.0264 6420 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
22:40:03.0264 6420 rdpbus - ok
22:40:03.0284 6420 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:40:03.0294 6420 RDPCDD - ok
22:40:03.0294 6420 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:40:03.0304 6420 RDPENCDD - ok
22:40:03.0314 6420 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
22:40:03.0324 6420 RDPREFMP - ok
22:40:03.0354 6420 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:40:03.0354 6420 RDPWD - ok
22:40:03.0404 6420 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
22:40:03.0404 6420 rdyboost - ok
22:40:03.0434 6420 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:40:03.0434 6420 RemoteAccess - ok
22:40:03.0454 6420 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:40:03.0464 6420 RemoteRegistry - ok
22:40:03.0494 6420 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
22:40:03.0494 6420 RFCOMM - ok
22:40:03.0504 6420 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
22:40:03.0514 6420 RpcEptMapper - ok
22:40:03.0534 6420 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
22:40:03.0534 6420 RpcLocator - ok
22:40:03.0554 6420 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
22:40:03.0564 6420 RpcSs - ok
22:40:03.0604 6420 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:40:03.0604 6420 rspndr - ok
22:40:03.0614 6420 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
22:40:03.0624 6420 SamSs - ok
22:40:03.0634 6420 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:40:03.0644 6420 sbp2port - ok
22:40:03.0664 6420 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:40:03.0674 6420 SCardSvr - ok
22:40:03.0704 6420 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
22:40:03.0704 6420 scfilter - ok
22:40:03.0824 6420 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
22:40:03.0844 6420 Schedule - ok
22:40:03.0874 6420 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
22:40:03.0874 6420 SCPolicySvc - ok
22:40:03.0904 6420 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:40:03.0914 6420 SDRSVC - ok
22:40:03.0954 6420 [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
22:40:03.0954 6420 SeaPort - ok
22:40:03.0994 6420 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:40:03.0994 6420 secdrv - ok
22:40:04.0024 6420 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
22:40:04.0034 6420 seclogon - ok
22:40:04.0044 6420 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
22:40:04.0044 6420 SENS - ok
22:40:04.0054 6420 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
22:40:04.0064 6420 SensrSvc - ok
22:40:04.0084 6420 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
22:40:04.0084 6420 Serenum - ok
22:40:04.0104 6420 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
22:40:04.0104 6420 Serial - ok
22:40:04.0114 6420 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
22:40:04.0114 6420 sermouse - ok
22:40:04.0154 6420 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
22:40:04.0154 6420 SessionEnv - ok
22:40:04.0184 6420 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
22:40:04.0184 6420 sffdisk - ok
22:40:04.0194 6420 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:40:04.0194 6420 sffp_mmc - ok
22:40:04.0194 6420 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
22:40:04.0204 6420 sffp_sd - ok
22:40:04.0204 6420 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
22:40:04.0204 6420 sfloppy - ok
22:40:04.0264 6420 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
22:40:04.0274 6420 Sftfs - ok
22:40:04.0334 6420 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
22:40:04.0344 6420 sftlist - ok
22:40:04.0364 6420 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
22:40:04.0364 6420 Sftplay - ok
22:40:04.0384 6420 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
22:40:04.0384 6420 Sftredir - ok
22:40:04.0404 6420 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
22:40:04.0414 6420 Sftvol - ok
22:40:04.0434 6420 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
22:40:04.0444 6420 sftvsa - ok
22:40:04.0464 6420 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:40:04.0464 6420 SharedAccess - ok
22:40:04.0504 6420 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:40:04.0514 6420 ShellHWDetection - ok
22:40:04.0554 6420 [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSG664.sys
22:40:04.0554 6420 SiSGbeLH - ok
22:40:04.0564 6420 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
22:40:04.0574 6420 SiSRaid2 - ok
22:40:04.0574 6420 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
22:40:04.0574 6420 SiSRaid4 - ok
22:40:04.0634 6420 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
22:40:04.0634 6420 SkypeUpdate - ok
22:40:04.0664 6420 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:40:04.0664 6420 Smb - ok
22:40:04.0704 6420 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:40:04.0714 6420 SNMPTRAP - ok
22:40:04.0734 6420 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
22:40:04.0734 6420 spldr - ok
22:40:04.0774 6420 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
22:40:04.0794 6420 Spooler - ok
22:40:04.0884 6420 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
22:40:04.0984 6420 sppsvc - ok
22:40:04.0994 6420 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
22:40:05.0004 6420 sppuinotify - ok
22:40:05.0034 6420 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
22:40:05.0044 6420 srv - ok
22:40:05.0054 6420 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:40:05.0064 6420 srv2 - ok
22:40:05.0064 6420 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:40:05.0074 6420 srvnet - ok
22:40:05.0104 6420 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:40:05.0114 6420 SSDPSRV - ok
22:40:05.0124 6420 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:40:05.0134 6420 SstpSvc - ok
22:40:05.0154 6420 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
22:40:05.0154 6420 stexstor - ok
22:40:05.0194 6420 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
22:40:05.0214 6420 stisvc - ok
22:40:05.0234 6420 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
22:40:05.0234 6420 swenum - ok
22:40:05.0264 6420 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
22:40:05.0274 6420 swprv - ok
22:40:05.0324 6420 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
22:40:05.0354 6420 SysMain - ok
22:40:05.0364 6420 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:40:05.0374 6420 TabletInputService - ok
22:40:05.0384 6420 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
22:40:05.0394 6420 TapiSrv - ok
22:40:05.0404 6420 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
22:40:05.0404 6420 TBS - ok
22:40:05.0474 6420 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:40:05.0504 6420 Tcpip - ok
22:40:05.0564 6420 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
22:40:05.0584 6420 TCPIP6 - ok
22:40:05.0614 6420 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:40:05.0614 6420 tcpipreg - ok
22:40:05.0644 6420 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:40:05.0644 6420 TDPIPE - ok
22:40:05.0664 6420 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:40:05.0674 6420 TDTCP - ok
22:40:05.0704 6420 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:40:05.0704 6420 tdx - ok
22:40:05.0714 6420 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
22:40:05.0714 6420 TermDD - ok
22:40:05.0754 6420 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
22:40:05.0764 6420 TermService - ok
22:40:05.0774 6420 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
22:40:05.0774 6420 Themes - ok
22:40:05.0794 6420 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
22:40:05.0794 6420 THREADORDER - ok
22:40:05.0854 6420 [ 69D76CE06BB629B69165C81D83A4B03E ] TiMiniService C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
22:40:05.0854 6420 TiMiniService - ok
22:40:05.0874 6420 [ 73AAFFDD2AC3C8814B26C440E5DD9DD4 ] tmactmon C:\Windows\system32\DRIVERS\tmactmon.sys
22:40:05.0884 6420 tmactmon - ok
22:40:05.0894 6420 [ 360E61217D4E1E333583D0C721057F70 ] tmcomm C:\Windows\system32\DRIVERS\tmcomm.sys
22:40:05.0904 6420 tmcomm - ok
22:40:05.0924 6420 [ 699D34EB7C670139CA23A65372BD5743 ] tmevtmgr C:\Windows\system32\DRIVERS\tmevtmgr.sys
22:40:05.0934 6420 tmevtmgr - ok
22:40:05.0964 6420 [ 262198EFB734012BFCD17E7479AE4A09 ] tmtdi C:\Windows\system32\DRIVERS\tmtdi.sys
22:40:05.0964 6420 tmtdi - ok
22:40:05.0994 6420 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
22:40:06.0004 6420 TrkWks - ok
22:40:06.0054 6420 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:40:06.0054 6420 TrustedInstaller - ok
22:40:06.0074 6420 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:40:06.0074 6420 tssecsrv - ok
22:40:06.0114 6420 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
22:40:06.0124 6420 TsUsbFlt - ok
22:40:06.0124 6420 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
22:40:06.0124 6420 TsUsbGD - ok
22:40:06.0164 6420 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:40:06.0164 6420 tunnel - ok
22:40:06.0174 6420 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
22:40:06.0174 6420 uagp35 - ok
22:40:06.0214 6420 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:40:06.0214 6420 udfs - ok
22:40:06.0264 6420 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:40:06.0264 6420 UI0Detect - ok
22:40:06.0294 6420 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:40:06.0294 6420 uliagpkx - ok
22:40:06.0314 6420 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
22:40:06.0324 6420 umbus - ok
22:40:06.0324 6420 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
22:40:06.0324 6420 UmPass - ok
22:40:06.0424 6420 [ 2C16648A12999AE69A9EBF41974B0BA2 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
22:40:06.0464 6420 UNS - ok
22:40:06.0484 6420 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
22:40:06.0494 6420 upnphost - ok
22:40:06.0524 6420 [ 4E93C8496359E97830C75AC36393654D ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
22:40:06.0524 6420 upperdev - ok
22:40:06.0544 6420 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:40:06.0544 6420 usbccgp - ok
22:40:06.0564 6420 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:40:06.0564 6420 usbcir - ok
22:40:06.0604 6420 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
22:40:06.0604 6420 usbehci - ok
22:40:06.0624 6420 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:40:06.0624 6420 usbhub - ok
22:40:06.0644 6420 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
22:40:06.0644 6420 usbohci - ok
22:40:06.0684 6420 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
22:40:06.0684 6420 usbprint - ok
22:40:06.0714 6420 [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser C:\Windows\system32\drivers\usbser.sys
22:40:06.0724 6420 usbser - ok
22:40:06.0734 6420 [ 8844CB19A37B65E27049D4A7786726A9 ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
22:40:06.0734 6420 UsbserFilt - ok
22:40:06.0764 6420 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:40:06.0764 6420 USBSTOR - ok
22:40:06.0784 6420 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
22:40:06.0784 6420 usbuhci - ok
22:40:06.0844 6420 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
22:40:06.0844 6420 usbvideo - ok
22:40:06.0874 6420 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
22:40:06.0884 6420 UxSms - ok
22:40:06.0894 6420 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
22:40:06.0904 6420 VaultSvc - ok
22:40:06.0914 6420 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
22:40:06.0924 6420 vdrvroot - ok
22:40:06.0954 6420 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
22:40:06.0974 6420 vds - ok
22:40:06.0994 6420 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:40:06.0994 6420 vga - ok
22:40:07.0014 6420 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
22:40:07.0014 6420 VgaSave - ok
22:40:07.0024 6420 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
22:40:07.0034 6420 vhdmp - ok
22:40:07.0034 6420 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
22:40:07.0044 6420 viaide - ok
22:40:07.0054 6420 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:40:07.0054 6420 volmgr - ok
22:40:07.0074 6420 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:40:07.0084 6420 volmgrx - ok
22:40:07.0094 6420 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:40:07.0094 6420 volsnap - ok
22:40:07.0124 6420 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
22:40:07.0134 6420 vsmraid - ok
22:40:07.0184 6420 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
22:40:07.0214 6420 VSS - ok
22:40:07.0234 6420 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
22:40:07.0234 6420 vwifibus - ok
22:40:07.0244 6420 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
22:40:07.0244 6420 vwififlt - ok
22:40:07.0264 6420 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
22:40:07.0264 6420 vwifimp - ok
22:40:07.0294 6420 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
22:40:07.0304 6420 W32Time - ok
22:40:07.0344 6420 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
22:40:07.0344 6420 WacomPen - ok
22:40:07.0364 6420 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
22:40:07.0364 6420 WANARP - ok
22:40:07.0374 6420 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:40:07.0374 6420 Wanarpv6 - ok
22:40:07.0444 6420 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
22:40:07.0464 6420 WatAdminSvc - ok
22:40:07.0524 6420 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
22:40:07.0544 6420 wbengine - ok
22:40:07.0564 6420 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
22:40:07.0574 6420 WbioSrvc - ok
22:40:07.0594 6420 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:40:07.0604 6420 wcncsvc - ok
22:40:07.0634 6420 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:40:07.0644 6420 WcsPlugInService - ok
22:40:07.0664 6420 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
22:40:07.0664 6420 Wd - ok
22:40:07.0704 6420 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:40:07.0714 6420 Wdf01000 - ok
22:40:07.0734 6420 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:40:07.0734 6420 WdiServiceHost - ok
22:40:07.0744 6420 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:40:07.0744 6420 WdiSystemHost - ok
22:40:07.0764 6420 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
22:40:07.0774 6420 WebClient - ok
22:40:07.0794 6420 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:40:07.0804 6420 Wecsvc - ok
22:40:07.0834 6420 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:40:07.0834 6420 wercplsupport - ok
22:40:07.0854 6420 [ 6D137963730144698CBD10F202E9F251 ] WerSvc


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 14.09.16
Príspevky: 618
Témy: 2 | 2

není to cele upni to trebárs na uloz.to čakám aj na ďalšie kroky

ulož combofix na plochu stiahni si cfscript z http://uloz.to/xbXDTYu/cfscript-txt ulož ho na plochu pretiahni cfscript cez combofix viď obrazok http://img229.imageshack.us/img229/2154/cfscriptzu1.gif
Pošli log z tdskilleru C:\TDSSKiller.2.8.13.0_15.10.2012_22.39.47_log.txt
Preskenuj PC malwarebitesom daj plnú kontrolu predom nič nemáž.

cesta HJT C:\Program Files (x86)\trend micro\PC.exe
V HJT fixni
O2 - BHO: Updater For Spam Free Search Bar - {20a0be68-8fd9-4539-8712-ce3d1c1fdfc6} - C:\Program Files (x86)\blekkotb\auxi\blekkoAu.dll
O2 - BHO: Spam Free Search Bar - {26c9e18c-3717-4be1-a225-04e4471f5b6e} - C:\Program Files (x86)\blekkotb\blekkoDx.dll
O3 - Toolbar: Spam Free Search Bar - {26c9e18c-3717-4be1-a225-04e4471f5b6e} - C:\Program Files (x86)\blekkotb\blekkoDx.dll

Odinštaluj trend micro antivirus aby nedochazalo k možnim koliziam z avastom


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 16.10.12
Prihlásený: 18.10.12
Príspevky: 9
Témy: 1 | 1
Napísal autor témyOffline : 18.10.2012 10:21 | presmerovanie na partner37.mydomainadvisor.com

odkaz na Log :

http://www.ulozisko.sk/557099/TDSSKille ... 47_log.txt

ten combofix ale nikde nemam jedine modru položku ktorú ked rozkliknem je tam C,D atd

co sa taky toho fixu tak tieto položky tam niesu co si pisal

// pridané po 46 sekundách od posledného príspevku

Co mozem ale povedat ze to presmerovanie prestalo skusam to dnes od rana a este ani raz ma to nepresmerovalo je mozne ze je to uz ok?


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 14.09.16
Príspevky: 618
Témy: 2 | 2

keď nemáš tak si ho stiahneš http://www.bleepingcomputer.com/download/combofix/ už si odinštaloval trend micro a čo malwarebites


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 16.10.12
Prihlásený: 18.10.12
Príspevky: 9
Témy: 1 | 1
Napísal autor témyOffline : 18.10.2012 14:44 | presmerovanie na partner37.mydomainadvisor.com

Tak všetko som urobil pretiahol som ten txt dokument cez combofix a urobil som uplnu kontrolu malwarebytesom nenasli sa ziadne skodlive subory

// pridané po 32 sekundách od posledného príspevku

Malwarebytes Anti-Malware (Skúšobná verzia) 1.65.0.1400
www.malwarebytes.org

Verzia databázy: v2012.09.07.13

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
PC :: PC-PC [administrátor]

Ochrana: Zapnuté

18. 10. 2012 13:28:32
mbam-log-2012-10-18 (13-28-32).txt

Typ kontroly: Úplná kontrola (C:\|D:\|Q:\|)
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 473304
Uplynutý čas: 1 hod, 13 min, 6 sek

Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)

Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)

Detegované registračné kľúče: 0
(Škodlivé položky neboli zistené)

Detegované registračné hodnoty: 0
(Škodlivé položky neboli zistené)

Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)

Detegované priečinky: 0
(Škodlivé položky neboli zistené)

Detegované súbory: 0
(Škodlivé položky neboli zistené)

(koniec)


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 14.09.16
Príspevky: 618
Témy: 2 | 2

a kde je log z combofixu este


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 16.10.12
Prihlásený: 18.10.12
Príspevky: 9
Témy: 1 | 1
Napísal autor témyOffline : 18.10.2012 23:15 | presmerovanie na partner37.mydomainadvisor.com

log z combofix

http://www.ulozisko.sk/557283/ComboFix.txt


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 14.09.16
Príspevky: 618
Témy: 2 | 2

dobre premenuj combofix na Unnistall a spusť na adwcleaner daj unnistall
Stiahni si TFC daj start http://www.geekstogo.com/forum/files/fi ... y-oldtimer Stiahni si OTM http://www.geekstogo.com/forum/files/fi ... s-move-it/ spusť daj clean up
Stiahni si ccleaner http://www.piriform.com/ccleaner/download/standard použi čistič a oprava registrov
stiahni si http://www.piriform.com/defraggler/download/standard
defragmetuj disky

A napiš čo počitač či sa zlepšil chod PC a tak podobne


 [ Príspevkov: 18 ] 


presmerovanie na partner37.mydomainadvisor.com



Podobné témy

 Témy  Odpovede  Zobrazenia  Posledný príspevok 
V tomto fóre nie sú ďalšie neprečítané témy.

presmerovanie

v HTML, XHTML, XML, CSS

16

559

21.05.2009 20:07

incredible

V tomto fóre nie sú ďalšie neprečítané témy.

presmerovanie

v Internetový marketing, SEO, reklama

2

421

08.04.2010 17:02

ja

V tomto fóre nie sú ďalšie neprečítané témy.

presmerovanie

v Ostatné

0

249

06.01.2010 18:09

uNLock

V tomto fóre nie sú ďalšie neprečítané témy.

presmerovanie

v PHP, ASP

5

496

18.11.2007 13:08

javo

V tomto fóre nie sú ďalšie neprečítané témy.

presmerovanie

v Ostatné

1

528

06.04.2009 15:10

Draex

V tomto fóre nie sú ďalšie neprečítané témy.

Presmerovanie

v Ostatné

15

1887

22.10.2007 18:14

pepek92

V tomto fóre nie sú ďalšie neprečítané témy.

Presmerovanie.

v Redakčné systémy

4

387

18.04.2007 23:45

JanoF

V tomto fóre nie sú ďalšie neprečítané témy.

presmerovanie

v HTML, XHTML, XML, CSS

8

714

11.08.2009 21:56

Draex

V tomto fóre nie sú ďalšie neprečítané témy.

Presmerovanie

v PHP, ASP

11

715

22.01.2007 14:25

pepek92

V tomto fóre nie sú ďalšie neprečítané témy.

presmerovanie

v HTML, XHTML, XML, CSS

9

493

16.07.2008 13:08

rooobertek

V tomto fóre nie sú ďalšie neprečítané témy.

presmerovanie

v PHP, ASP

6

272

18.02.2009 21:42

Blackshadow

V tomto fóre nie sú ďalšie neprečítané témy.

Presmerovanie ...

v HTML, XHTML, XML, CSS

1

292

02.02.2009 18:33

JanoF

V tomto fóre nie sú ďalšie neprečítané témy.

presmerovanie

v Ostatné

1

377

21.12.2007 13:34

audiotrack

V tomto fóre nie sú ďalšie neprečítané témy.

presmerovanie

v PHP, ASP

6

643

05.02.2007 16:07

etel

V tomto fóre nie sú ďalšie neprečítané témy.

Htaccess presmerovanie

v Ostatné

1

536

08.06.2010 17:38

Ďuri

V tomto fóre nie sú ďalšie neprečítané témy.

presmerovanie portov...

v Sieťové a internetové programy

0

271

31.03.2009 21:51

BBUlet



© 2005 - 2017 PCforum, edited by JanoF