Win32/Agent.SUC.Gen trojan помощ [РЕШЕН]

B-boy/StyLe/ · Април 7, 2012

Така. Лог файловете са чисти...Само не споменахте дали използвате тулбарите, защото са си там:

O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll (TechSmith Corporation)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.1.15.dll (BitComet)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (SnagIt) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll (TechSmith Corporation)
O3 - HKU\S-1-5-21-727888844-664945991-2208970041-1000\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKU\S-1-5-21-727888844-664945991-2208970041-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()

Изтрийте следните 3 папки ръчно:

C:\ProgramData\UAB
C:\ProgramData\Driver Tool
C:\Program Files\Driver Tool

Има индикация и за липсващи звукови драйвъри:

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)

Може да се наложи да преинсталирате драйвъра на Realtek, ако има проблеми със звука.

Деинсталирайте Combofix:

Натиснете Start => в полето за търсене въведете командата Combofix /Uninstall (има празно място между Combofix и /Uninstall) и натиснете Enter.

http://thespykiller.co.uk/images/combofix_uninstall.jpg

Деинсталирайте OTL:

Стартирайте OTL още веднъж и натиснете бутона CleanUp.

http://i47.tinypic.com/35hfp21.jpg

Ще последва рестарт на Windows.

Изтрийте ръчно всички инструменти и логове, които не са се изтрили при гореспоменатите процедури.

Lakitu Xa · Април 9, 2012

Благодаря ти много за помощта.

Трифон Иванов · Юли 10, 2012

Ако може бих искал да видите и моите данни от проверката:

17:22:48.0562 0996 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35

17:22:48.0703 0996 ============================================================

17:22:48.0703 0996 Current date / time: 2012/07/10 17:22:48.0703

17:22:48.0703 0996 SystemInfo:

17:22:48.0703 0996

17:22:48.0703 0996 OS Version: 5.1.2600 ServicePack: 3.0

17:22:48.0703 0996 Product type: Workstation

17:22:48.0703 0996 ComputerName: ATAKA-0C9731018

17:22:48.0703 0996 UserName: Trif

17:22:48.0703 0996 Windows directory: C:\WINDOWS

17:22:48.0703 0996 System windows directory: C:\WINDOWS

17:22:48.0703 0996 Processor architecture: Intel x86

17:22:48.0703 0996 Number of processors: 2

17:22:48.0703 0996 Page size: 0x1000

17:22:48.0703 0996 Boot type: Normal boot

17:22:48.0703 0996 ============================================================

17:22:49.0609 0996 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

17:22:49.0609 0996 ============================================================

17:22:49.0609 0996 \Device\Harddisk0\DR0:

17:22:49.0609 0996 MBR partitions:

17:22:49.0609 0996 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A962B1

17:22:49.0625 0996 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3A9632F, BlocksNum 0xC34F28D

17:22:49.0656 0996 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xFDE55FB, BlocksNum 0x2C2F605

17:22:49.0656 0996 ============================================================

17:22:49.0890 0996 C: <-> \Device\Harddisk0\DR0\Partition0

17:22:49.0953 0996 D: <-> \Device\Harddisk0\DR0\Partition1

17:22:50.0000 0996 E: <-> \Device\Harddisk0\DR0\Partition2

17:22:50.0000 0996 ============================================================

17:22:50.0000 0996 Initialize success

17:22:50.0000 0996 ============================================================

17:22:57.0015 2900 ============================================================

17:22:57.0015 2900 Scan started

17:22:57.0015 2900 Mode: Manual; SigCheck; TDLFS;

17:22:57.0015 2900 ============================================================

17:22:57.0406 2900 3xHybrid (0404f022e34aecfd0b2d7afc620255e7) C:\WINDOWS\system32\DRIVERS\3xHybrid.sys

17:22:57.0656 2900 3xHybrid ( UnsignedFile.Multi.Generic ) - warning

17:22:57.0656 2900 3xHybrid - detected UnsignedFile.Multi.Generic (1)

17:22:57.0718 2900 Aavmker4 (0b27ae82c113d3687024d18459440426) C:\WINDOWS\system32\drivers\Aavmker4.sys

17:22:58.0000 2900 Aavmker4 - ok

17:22:58.0000 2900 Abiosdsk - ok

17:22:58.0015 2900 abp480n5 - ok

17:22:58.0031 2900 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

17:22:58.0109 2900 ACPI - ok

17:22:58.0140 2900 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys

17:22:58.0203 2900 ACPIEC - ok

17:22:58.0250 2900 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

17:22:58.0265 2900 AdobeFlashPlayerUpdateSvc - ok

17:22:58.0281 2900 adpu160m - ok

17:22:58.0296 2900 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

17:22:58.0359 2900 aec - ok

17:22:58.0390 2900 AegisP (30bb1bde595ca65fd5549462080d94e5) C:\WINDOWS\system32\DRIVERS\AegisP.sys

17:22:58.0406 2900 AegisP ( UnsignedFile.Multi.Generic ) - warning

17:22:58.0406 2900 AegisP - detected UnsignedFile.Multi.Generic (1)

17:22:58.0437 2900 AFD (322d0e36693d6e24a2398bee62a268cd) C:\WINDOWS\System32\drivers\afd.sys

17:22:58.0515 2900 AFD - ok

17:22:58.0515 2900 Aha154x - ok

17:22:58.0515 2900 aic78u2 - ok

17:22:58.0531 2900 aic78xx - ok

17:22:58.0562 2900 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll

17:22:58.0640 2900 Alerter - ok

17:22:58.0656 2900 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe

17:22:58.0687 2900 ALG - ok

17:22:58.0687 2900 AliIde - ok

17:22:58.0687 2900 amsint - ok

17:22:58.0703 2900 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll

17:22:58.0750 2900 AppMgmt - ok

17:22:58.0750 2900 asc - ok

17:22:58.0750 2900 asc3350p - ok

17:22:58.0750 2900 asc3550 - ok

17:22:58.0828 2900 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe

17:22:58.0843 2900 aspnet_state - ok

17:22:58.0859 2900 aswFsBlk (1c1f3d6dddc046c920c493a779649f66) C:\WINDOWS\system32\drivers\aswFsBlk.sys

17:22:58.0875 2900 aswFsBlk - ok

17:22:58.0890 2900 aswKbd (d58ac76eb4d2b478b654ebd6550965bb) C:\WINDOWS\system32\drivers\aswKbd.sys

17:22:58.0890 2900 aswKbd - ok

17:22:58.0906 2900 aswMon2 (9e912fe7b41650701ef2b227aca440f3) C:\WINDOWS\system32\drivers\aswMon2.sys

17:22:58.0906 2900 aswMon2 - ok

17:22:58.0906 2900 aswRdr (982e275d1c5801042fe94209fb0160fb) C:\WINDOWS\system32\drivers\aswRdr.sys

17:22:58.0921 2900 aswRdr - ok

17:22:58.0953 2900 aswSnx (73dbcf808e00580f2a47f93dd9b03876) C:\WINDOWS\system32\drivers\aswSnx.sys

17:22:58.0968 2900 aswSnx - ok

17:22:59.0000 2900 aswSP (6cbd7d3a33f498d09c831cdd732da2e0) C:\WINDOWS\system32\drivers\aswSP.sys

17:22:59.0015 2900 aswSP - ok

17:22:59.0031 2900 aswTdi (7109a9aa551f37cd168c02368465957e) C:\WINDOWS\system32\drivers\aswTdi.sys

17:22:59.0046 2900 aswTdi - ok

17:22:59.0093 2900 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

17:22:59.0156 2900 AsyncMac - ok

17:22:59.0187 2900 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

17:22:59.0250 2900 atapi - ok

17:22:59.0265 2900 Atdisk - ok

17:22:59.0296 2900 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

17:22:59.0359 2900 Atmarpc - ok

17:22:59.0390 2900 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll

17:22:59.0468 2900 AudioSrv - ok

17:22:59.0500 2900 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

17:22:59.0578 2900 audstub - ok

17:22:59.0640 2900 avast! Antivirus (2f7c0f3e39c45e0127fb78b2f18a41f3) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

17:22:59.0640 2900 avast! Antivirus - ok

17:22:59.0671 2900 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

17:22:59.0734 2900 Beep - ok

17:22:59.0781 2900 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll

17:22:59.0875 2900 BITS - ok

17:22:59.0890 2900 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll

17:22:59.0968 2900 Browser - ok

17:23:00.0000 2900 BthEnum (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys

17:23:00.0078 2900 BthEnum - ok

17:23:00.0109 2900 BTHMODEM (fca6f069597b62d42495191ace3fc6c1) C:\WINDOWS\system32\DRIVERS\bthmodem.sys

17:23:00.0187 2900 BTHMODEM - ok

17:23:00.0218 2900 BthPan (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys

17:23:00.0296 2900 BthPan - ok

17:23:00.0312 2900 BTHPORT (10b85171b90c449f8da71c2640b797e9) C:\WINDOWS\system32\Drivers\BTHport.sys

17:23:00.0406 2900 BTHPORT - ok

17:23:00.0421 2900 BthServ (f4c43c66471b87996d95db7a3a664a37) C:\WINDOWS\System32\bthserv.dll

17:23:00.0500 2900 BthServ - ok

17:23:00.0531 2900 BTHUSB (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys

17:23:00.0593 2900 BTHUSB - ok

17:23:00.0625 2900 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

17:23:00.0703 2900 cbidf2k - ok

17:23:00.0718 2900 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

17:23:00.0812 2900 CCDECODE - ok

17:23:00.0812 2900 cd20xrnt - ok

17:23:00.0828 2900 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

17:23:00.0890 2900 Cdaudio - ok

17:23:00.0921 2900 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

17:23:01.0000 2900 Cdfs - ok

17:23:01.0031 2900 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

17:23:01.0093 2900 Cdrom - ok

17:23:01.0109 2900 Changer - ok

17:23:01.0125 2900 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe

17:23:01.0187 2900 CiSvc - ok

17:23:01.0203 2900 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe

17:23:01.0281 2900 ClipSrv - ok

17:23:01.0328 2900 clr_optimization_v2.0.50727_32 (234b1bc2796483e1f5c3f26649fb3388) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

17:23:01.0343 2900 clr_optimization_v2.0.50727_32 - ok

17:23:01.0390 2900 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

17:23:01.0390 2900 clr_optimization_v4.0.30319_32 - ok

17:23:01.0406 2900 CmdIde - ok

17:23:01.0406 2900 COMSysApp - ok

17:23:01.0406 2900 Cpqarray - ok

17:23:01.0437 2900 cpuz135 - ok

17:23:01.0453 2900 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll

17:23:01.0515 2900 CryptSvc - ok

17:23:01.0546 2900 CrystalSysInfo (f054744f67576a01139885173392502b) C:\Program Files\MediaCoder\SysInfo.sys

17:23:01.0562 2900 CrystalSysInfo - ok

17:23:01.0562 2900 dac2w2k - ok

17:23:01.0562 2900 dac960nt - ok

17:23:01.0593 2900 DcomLaunch (2589fe6015a316c0f5d5112b4da7b509) C:\WINDOWS\system32\rpcss.dll

17:23:01.0718 2900 DcomLaunch - ok

17:23:01.0734 2900 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll

17:23:01.0812 2900 Dhcp - ok

17:23:01.0843 2900 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

17:23:01.0921 2900 Disk - ok

17:23:01.0921 2900 dmadmin - ok

17:23:01.0984 2900 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

17:23:02.0062 2900 dmboot - ok

17:23:02.0078 2900 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

17:23:02.0156 2900 dmio - ok

17:23:02.0187 2900 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

17:23:02.0250 2900 dmload - ok

17:23:02.0281 2900 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll

17:23:02.0359 2900 dmserver - ok

17:23:02.0390 2900 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

17:23:02.0468 2900 DMusic - ok

17:23:02.0500 2900 Dnscache (474b4dc3983173e4b4c9740b0dac98a6) C:\WINDOWS\System32\dnsrslvr.dll

17:23:02.0578 2900 Dnscache - ok

17:23:02.0609 2900 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll

17:23:02.0687 2900 Dot3svc - ok

17:23:02.0687 2900 dpti2o - ok

17:23:02.0718 2900 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

17:23:02.0796 2900 drmkaud - ok

17:23:02.0812 2900 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll

17:23:02.0890 2900 EapHost - ok

17:23:02.0921 2900 EAPPkt (c47e7c5e7410c7de98f7219e3008c23d) C:\WINDOWS\system32\DRIVERS\EAPPkt.sys

17:23:02.0937 2900 EAPPkt ( UnsignedFile.Multi.Generic ) - warning

17:23:02.0937 2900 EAPPkt - detected UnsignedFile.Multi.Generic (1)

17:23:02.0937 2900 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll

17:23:03.0015 2900 ERSvc - ok

17:23:03.0031 2900 Eventlog (0e776ed5f7cc9f94299e70461b7b8185) C:\WINDOWS\system32\services.exe

17:23:03.0109 2900 Eventlog - ok

17:23:03.0140 2900 EventSystem (19a799805b24990867b00c120d300c3a) C:\WINDOWS\system32\es.dll

17:23:03.0234 2900 EventSystem - ok

17:23:03.0265 2900 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

17:23:03.0343 2900 Fastfat - ok

17:23:03.0375 2900 FastUserSwitchingCompatibility (1926899bf9ffe2602b63074971700412) C:\WINDOWS\System32\shsvcs.dll

17:23:03.0453 2900 FastUserSwitchingCompatibility - ok

17:23:03.0484 2900 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys

17:23:03.0562 2900 Fdc - ok

17:23:03.0593 2900 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

17:23:03.0671 2900 Fips - ok

17:23:03.0671 2900 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys

17:23:03.0750 2900 Flpydisk - ok

17:23:03.0781 2900 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys

17:23:03.0843 2900 FltMgr - ok

17:23:03.0921 2900 FontCache3.0.0.0 (993883524aa9cf1c90e1545411a9ac9c) C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

17:23:03.0953 2900 FontCache3.0.0.0 - ok

17:23:03.0968 2900 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

17:23:04.0046 2900 Fs_Rec - ok

17:23:04.0062 2900 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

17:23:04.0140 2900 Ftdisk - ok

17:23:04.0140 2900 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

17:23:04.0218 2900 Gpc - ok

17:23:04.0250 2900 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

17:23:04.0328 2900 HDAudBus - ok

17:23:04.0375 2900 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

17:23:04.0437 2900 helpsvc - ok

17:23:04.0437 2900 HidServ - ok

17:23:04.0468 2900 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

17:23:04.0546 2900 hidusb - ok

17:23:04.0593 2900 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll

17:23:04.0656 2900 hkmsvc - ok

17:23:04.0671 2900 hpn - ok

17:23:04.0687 2900 HTTP (f6aacf5bce2893e0c1754afeb672e5c9) C:\WINDOWS\system32\Drivers\HTTP.sys

17:23:04.0781 2900 HTTP - ok

17:23:04.0812 2900 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll

17:23:04.0875 2900 HTTPFilter - ok

17:23:04.0875 2900 i2omgmt - ok

17:23:04.0875 2900 i2omp - ok

17:23:04.0906 2900 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

17:23:04.0984 2900 i8042prt - ok

17:23:05.0046 2900 idsvc (e7cc3aeaed9893a88876744cd439f76c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

17:23:05.0078 2900 idsvc ( UnsignedFile.Multi.Generic ) - warning

17:23:05.0078 2900 idsvc - detected UnsignedFile.Multi.Generic (1)

17:23:05.0109 2900 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

17:23:05.0171 2900 Imapi - ok

17:23:05.0203 2900 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe

17:23:05.0265 2900 ImapiService - ok

17:23:05.0265 2900 ini910u - ok

17:23:05.0453 2900 IntcAzAudAddService (19d3781892a3794672cd1962f3d8d3b8) C:\WINDOWS\system32\drivers\RtkHDAud.sys

17:23:05.0671 2900 IntcAzAudAddService - ok

17:23:05.0734 2900 IntelIde - ok

17:23:05.0750 2900 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

17:23:05.0828 2900 intelppm - ok

17:23:05.0843 2900 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys

17:23:05.0937 2900 Ip6Fw - ok

17:23:05.0953 2900 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

17:23:06.0062 2900 IpFilterDriver - ok

17:23:06.0093 2900 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

17:23:06.0156 2900 IpInIp - ok

17:23:06.0156 2900 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

17:23:06.0250 2900 IpNat - ok

17:23:06.0265 2900 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

17:23:06.0343 2900 IPSec - ok

17:23:06.0375 2900 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

17:23:06.0406 2900 IRENUM - ok

17:23:06.0421 2900 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

17:23:06.0500 2900 isapnp - ok

17:23:06.0578 2900 JavaQuickStarterService (9ae07549a0d691a103faf8946554bdb7) C:\Program Files\Java\jre6\bin\jqs.exe

17:23:06.0578 2900 JavaQuickStarterService - ok

17:23:06.0593 2900 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

17:23:06.0656 2900 Kbdclass - ok

17:23:06.0687 2900 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

17:23:06.0765 2900 kmixer - ok

17:23:06.0796 2900 KSecDD (1705745d900dabf2d89f90ebaddc7517) C:\WINDOWS\system32\drivers\KSecDD.sys

17:23:06.0875 2900 KSecDD - ok

17:23:06.0906 2900 LanmanServer (f385f4b02c535bffe1d70cab80838123) C:\WINDOWS\System32\srvsvc.dll

17:23:07.0031 2900 LanmanServer - ok

17:23:07.0046 2900 lanmanworkstation (1b67b632786fef1c1bbaef46c2f3f2e6) C:\WINDOWS\System32\wkssvc.dll

17:23:07.0125 2900 lanmanworkstation - ok

17:23:07.0140 2900 lbrtfdc - ok

17:23:07.0156 2900 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll

17:23:07.0234 2900 LmHosts - ok

17:23:07.0265 2900 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll

17:23:07.0375 2900 Messenger - ok

17:23:07.0406 2900 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

17:23:07.0468 2900 mnmdd - ok

17:23:07.0500 2900 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe

17:23:07.0593 2900 mnmsrvc - ok

17:23:07.0609 2900 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

17:23:07.0703 2900 Modem - ok

17:23:07.0718 2900 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

17:23:07.0796 2900 Mouclass - ok

17:23:07.0812 2900 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys

17:23:07.0906 2900 mouhid - ok

17:23:07.0906 2900 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

17:23:07.0984 2900 MountMgr - ok

17:23:08.0015 2900 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

17:23:08.0031 2900 MozillaMaintenance - ok

17:23:08.0046 2900 MPE (c0f8e0c2c3c0437cf37c6781896dc3ec) C:\WINDOWS\system32\DRIVERS\MPE.sys

17:23:08.0125 2900 MPE - ok

17:23:08.0125 2900 mraid35x - ok

17:23:08.0140 2900 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

17:23:08.0203 2900 MRxDAV - ok

17:23:08.0250 2900 MRxSmb (68755f0ff16070178b54674fe5b847b0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

17:23:08.0312 2900 MRxSmb - ok

17:23:08.0343 2900 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe

17:23:08.0406 2900 MSDTC - ok

17:23:08.0421 2900 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

17:23:08.0500 2900 Msfs - ok

17:23:08.0500 2900 MSIServer - ok

17:23:08.0546 2900 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

17:23:08.0593 2900 MSKSSRV - ok

17:23:08.0609 2900 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

17:23:08.0671 2900 MSPCLOCK - ok

17:23:08.0687 2900 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

17:23:08.0750 2900 MSPQM - ok

17:23:08.0781 2900 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

17:23:08.0843 2900 mssmbios - ok

17:23:08.0875 2900 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys

17:23:08.0937 2900 MSTEE - ok

17:23:08.0968 2900 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys

17:23:09.0031 2900 Mup - ok

17:23:09.0046 2900 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

17:23:09.0125 2900 NABTSFEC - ok

17:23:09.0156 2900 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll

17:23:09.0250 2900 napagent - ok

17:23:09.0265 2900 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

17:23:09.0328 2900 NDIS - ok

17:23:09.0343 2900 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys

17:23:09.0406 2900 NdisIP - ok

17:23:09.0421 2900 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

17:23:09.0484 2900 NdisTapi - ok

17:23:09.0500 2900 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

17:23:09.0578 2900 Ndisuio - ok

17:23:09.0593 2900 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

17:23:09.0656 2900 NdisWan - ok

17:23:09.0671 2900 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys

17:23:09.0734 2900 NDProxy - ok

17:23:09.0750 2900 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

17:23:09.0812 2900 NetBIOS - ok

17:23:09.0828 2900 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

17:23:09.0906 2900 NetBT - ok

17:23:09.0921 2900 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe

17:23:10.0000 2900 NetDDE - ok

17:23:10.0000 2900 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe

17:23:10.0062 2900 NetDDEdsdm - ok

17:23:10.0093 2900 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

17:23:10.0156 2900 Netlogon - ok

17:23:10.0203 2900 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll

17:23:10.0281 2900 Netman - ok

17:23:10.0359 2900 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

17:23:10.0375 2900 NetTcpPortSharing - ok

17:23:10.0390 2900 ngrpci (bdfa550022facf2a922213065924f529) C:\WINDOWS\system32\DRIVERS\ngrpci.sys

17:23:10.0453 2900 ngrpci - ok

17:23:10.0484 2900 Nla (b4138e99236f0f57d4cf49bae98a0746) C:\WINDOWS\System32\mswsock.dll

17:23:10.0609 2900 Nla - ok

17:23:10.0640 2900 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

17:23:10.0703 2900 Npfs - ok

17:23:10.0750 2900 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

17:23:10.0828 2900 Ntfs - ok

17:23:10.0843 2900 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

17:23:10.0890 2900 NtLmSsp - ok

17:23:10.0921 2900 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll

17:23:11.0015 2900 NtmsSvc - ok

17:23:11.0031 2900 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

17:23:11.0109 2900 Null - ok

17:23:11.0546 2900 nv (7b5a17bd54bb9142843dbe99a1caaed8) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

17:23:12.0031 2900 nv - ok

17:23:12.0093 2900 NVSvc (5150b108ea88831e1c599603d8b89621) C:\WINDOWS\system32\nvsvc32.exe

17:23:12.0093 2900 NVSvc - ok

17:23:12.0171 2900 nvUpdatusService (83e8ab7bb3c8956c53fec071c94f0bbb) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

17:23:12.0218 2900 nvUpdatusService - ok

17:23:12.0265 2900 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

17:23:12.0328 2900 NwlnkFlt - ok

17:23:12.0343 2900 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

17:23:12.0421 2900 NwlnkFwd - ok

17:23:12.0453 2900 PAC7302 (14191c739f2af6f9efeb58697535498f) C:\WINDOWS\system32\DRIVERS\PAC7302.SYS

17:23:12.0500 2900 PAC7302 ( UnsignedFile.Multi.Generic ) - warning

17:23:12.0500 2900 PAC7302 - detected UnsignedFile.Multi.Generic (1)

17:23:12.0531 2900 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys

17:23:12.0593 2900 Parport - ok

17:23:12.0593 2900 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

17:23:12.0656 2900 PartMgr - ok

17:23:12.0703 2900 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

17:23:12.0765 2900 ParVdm - ok

17:23:12.0781 2900 pccsmcfd (f451dcacbaa67f3307305ebd4a39ea07) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys

17:23:12.0796 2900 pccsmcfd - ok

17:23:12.0812 2900 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

17:23:12.0890 2900 PCI - ok

17:23:12.0890 2900 PCIDump - ok

17:23:12.0906 2900 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

17:23:12.0984 2900 PCIIde - ok

17:23:13.0000 2900 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys

17:23:13.0203 2900 Pcmcia - ok

17:23:13.0203 2900 PDCOMP - ok

17:23:13.0203 2900 PDFRAME - ok

17:23:13.0218 2900 PDRELI - ok

17:23:13.0218 2900 PDRFRAME - ok

17:23:13.0218 2900 perc2 - ok

17:23:13.0218 2900 perc2hib - ok

17:23:13.0265 2900 pfc (da86016f0672ada925f589ede715f185) C:\WINDOWS\system32\drivers\pfc.sys

17:23:13.0265 2900 pfc ( UnsignedFile.Multi.Generic ) - warning

17:23:13.0265 2900 pfc - detected UnsignedFile.Multi.Generic (1)

17:23:13.0281 2900 PlugPlay (0e776ed5f7cc9f94299e70461b7b8185) C:\WINDOWS\system32\services.exe

17:23:13.0343 2900 PlugPlay - ok

17:23:13.0359 2900 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

17:23:13.0421 2900 PolicyAgent - ok

17:23:13.0437 2900 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

17:23:13.0500 2900 PptpMiniport - ok

17:23:13.0500 2900 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

17:23:13.0562 2900 ProtectedStorage - ok

17:23:13.0562 2900 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

17:23:13.0625 2900 PSched - ok

17:23:13.0671 2900 PSI_SVC_2 (543a4ef0923bf70d126625b034ef25af) c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

17:23:13.0671 2900 PSI_SVC_2 - ok

17:23:13.0687 2900 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

17:23:13.0765 2900 Ptilink - ok

17:23:13.0781 2900 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys

17:23:13.0796 2900 PxHelp20 - ok

17:23:13.0796 2900 ql1080 - ok

17:23:13.0796 2900 Ql10wnt - ok

17:23:13.0796 2900 ql12160 - ok

17:23:13.0796 2900 ql1240 - ok

17:23:13.0812 2900 ql1280 - ok

17:23:13.0828 2900 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

17:23:13.0875 2900 RasAcd - ok

17:23:13.0890 2900 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll

17:23:13.0968 2900 RasAuto - ok

17:23:13.0984 2900 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

17:23:14.0031 2900 Rasl2tp - ok

17:23:14.0046 2900 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll

17:23:14.0125 2900 RasMan - ok

17:23:14.0140 2900 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

17:23:14.0187 2900 RasPppoe - ok

17:23:14.0218 2900 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

17:23:14.0281 2900 Raspti - ok

17:23:14.0312 2900 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

17:23:14.0390 2900 Rdbss - ok

17:23:14.0390 2900 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

17:23:14.0453 2900 RDPCDD - ok

17:23:14.0468 2900 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

17:23:14.0546 2900 rdpdr - ok

17:23:14.0562 2900 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys

17:23:14.0640 2900 RDPWD - ok

17:23:14.0656 2900 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe

17:23:14.0718 2900 RDSessMgr - ok

17:23:14.0734 2900 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

17:23:14.0796 2900 redbook - ok

17:23:14.0812 2900 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll

17:23:14.0890 2900 RemoteAccess - ok

17:23:14.0921 2900 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll

17:23:14.0984 2900 RemoteRegistry - ok

17:23:15.0015 2900 RFCOMM (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys

17:23:15.0078 2900 RFCOMM - ok

17:23:15.0109 2900 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe

17:23:15.0156 2900 RpcLocator - ok

17:23:15.0187 2900 RpcSs (2589fe6015a316c0f5d5112b4da7b509) C:\WINDOWS\system32\rpcss.dll

17:23:15.0265 2900 RpcSs - ok

17:23:15.0296 2900 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe

17:23:15.0359 2900 RSVP - ok

17:23:15.0406 2900 RTL8187B (56b331a3e315c53532cc7084e5b6dfc4) C:\WINDOWS\system32\DRIVERS\RTL8187B.sys

17:23:15.0437 2900 RTL8187B ( UnsignedFile.Multi.Generic ) - warning

17:23:15.0437 2900 RTL8187B - detected UnsignedFile.Multi.Generic (1)

17:23:15.0468 2900 RTLE8023xp (6e7470477d08f6e47e91016d6a1c5a5f) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys

17:23:15.0500 2900 RTLE8023xp - ok

17:23:15.0515 2900 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

17:23:15.0578 2900 SamSs - ok

17:23:15.0640 2900 SANDRA - ok

17:23:15.0656 2900 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe

17:23:15.0734 2900 SCardSvr - ok

17:23:15.0765 2900 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll

17:23:15.0843 2900 Schedule - ok

17:23:15.0859 2900 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

17:23:15.0890 2900 Secdrv - ok

17:23:15.0921 2900 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll

17:23:15.0984 2900 seclogon - ok

17:23:15.0984 2900 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll

17:23:16.0046 2900 SENS - ok

17:23:16.0062 2900 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

17:23:16.0125 2900 serenum - ok

17:23:16.0125 2900 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys

17:23:16.0187 2900 Serial - ok

17:23:16.0328 2900 ServiceLayer (c3bb6cf8f9ee199005a2aae2815ad756) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

17:23:16.0390 2900 ServiceLayer - ok

17:23:16.0421 2900 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

17:23:16.0484 2900 Sfloppy - ok

17:23:16.0515 2900 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll

17:23:16.0593 2900 SharedAccess - ok

17:23:16.0609 2900 ShellHWDetection (1926899bf9ffe2602b63074971700412) C:\WINDOWS\System32\shsvcs.dll

17:23:16.0671 2900 ShellHWDetection - ok

17:23:16.0671 2900 Simbad - ok

17:23:16.0703 2900 SkypeUpdate (ddaa5f4a6b958fc313ebd02dd925752f) C:\Program Files\Skype\Updater\Updater.exe

17:23:16.0718 2900 SkypeUpdate - ok

17:23:16.0718 2900 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys

17:23:16.0781 2900 SLIP - ok

17:23:16.0781 2900 Sparrow - ok

17:23:16.0812 2900 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

17:23:16.0875 2900 splitter - ok

17:23:16.0906 2900 Spooler (d8e14a61acc1d4a6cd0d38aebac7fa3b) C:\WINDOWS\system32\spoolsv.exe

17:23:16.0968 2900 Spooler - ok

17:23:17.0000 2900 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

17:23:17.0046 2900 sr - ok

17:23:17.0046 2900 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll

17:23:17.0093 2900 srservice - ok

17:23:17.0125 2900 Srv (5252605079810904e31c332e241cd59b) C:\WINDOWS\system32\DRIVERS\srv.sys

17:23:17.0203 2900 Srv - ok

17:23:17.0234 2900 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll

17:23:17.0265 2900 SSDPSRV - ok

17:23:17.0296 2900 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll

17:23:17.0359 2900 stisvc - ok

17:23:17.0390 2900 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys

17:23:17.0453 2900 streamip - ok

17:23:17.0484 2900 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

17:23:17.0531 2900 swenum - ok

17:23:17.0578 2900 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

17:23:17.0625 2900 swmidi - ok

17:23:17.0640 2900 SwPrv - ok

17:23:17.0640 2900 symc810 - ok

17:23:17.0640 2900 symc8xx - ok

17:23:17.0640 2900 sym_hi - ok

17:23:17.0656 2900 sym_u3 - ok

17:23:17.0687 2900 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

17:23:17.0734 2900 sysaudio - ok

17:23:17.0765 2900 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe

17:23:17.0828 2900 SysmonLog - ok

17:23:17.0859 2900 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32 apisrv.dll

17:23:17.0921 2900 TapiSrv - ok

17:23:17.0953 2900 Tcpip (93ea8d04ec73a85db02eb8805988f733) C:\WINDOWS\system32\DRIVERS cpip.sys

17:23:18.0031 2900 Tcpip - ok

17:23:18.0062 2900 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

17:23:18.0125 2900 TDPIPE - ok

17:23:18.0140 2900 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

17:23:18.0203 2900 TDTCP - ok

17:23:18.0234 2900 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS ermdd.sys

17:23:18.0296 2900 TermDD - ok

17:23:18.0328 2900 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32 ermsrv.dll

17:23:18.0390 2900 TermService - ok

17:23:18.0421 2900 Themes (1926899bf9ffe2602b63074971700412) C:\WINDOWS\System32\shsvcs.dll

17:23:18.0484 2900 Themes - ok

17:23:18.0515 2900 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32 lntsvr.exe

17:23:18.0546 2900 TlntSvr - ok

17:23:18.0546 2900 TosIde - ok

17:23:18.0578 2900 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32 rkwks.dll

17:23:18.0640 2900 TrkWks - ok

17:23:18.0671 2900 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

17:23:18.0734 2900 Udfs - ok

17:23:18.0734 2900 ultra - ok

17:23:18.0765 2900 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

17:23:18.0828 2900 Update - ok

17:23:18.0859 2900 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll

17:23:18.0890 2900 upnphost - ok

17:23:18.0906 2900 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe

17:23:18.0968 2900 UPS - ok

17:23:18.0984 2900 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys

17:23:19.0046 2900 usbaudio - ok

17:23:19.0078 2900 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

17:23:19.0125 2900 usbccgp - ok

17:23:19.0140 2900 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

17:23:19.0203 2900 usbehci - ok

17:23:19.0203 2900 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

17:23:19.0265 2900 usbhub - ok

17:23:19.0296 2900 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

17:23:19.0359 2900 USBSTOR - ok

17:23:19.0375 2900 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

17:23:19.0437 2900 usbuhci - ok

17:23:19.0468 2900 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

17:23:19.0515 2900 VgaSave - ok

17:23:19.0515 2900 ViaIde - ok

17:23:19.0531 2900 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

17:23:19.0593 2900 VolSnap - ok

17:23:19.0625 2900 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe

17:23:19.0656 2900 VSS - ok

17:23:19.0703 2900 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll

17:23:19.0781 2900 W32Time - ok

17:23:19.0796 2900 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

17:23:19.0859 2900 Wanarp - ok

17:23:19.0906 2900 WCMVCAM (70ff13d0c853acea859737ec8a8d220f) C:\WINDOWS\system32\DRIVERS\wcmvcam.sys

17:23:19.0953 2900 WCMVCAM - ok

17:23:19.0953 2900 WDICA - ok

17:23:19.0968 2900 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

17:23:20.0046 2900 wdmaud - ok

17:23:20.0078 2900 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll

17:23:20.0140 2900 WebClient - ok

17:23:20.0203 2900 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll

17:23:20.0281 2900 winmgmt - ok

17:23:20.0312 2900 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll

17:23:20.0343 2900 WmdmPmSN - ok

17:23:20.0375 2900 Wmi (bab489a5fe26f2d0c910cf7af7e4cf92) C:\WINDOWS\System32\advapi32.dll

17:23:20.0468 2900 Wmi - ok

17:23:20.0515 2900 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe

17:23:20.0593 2900 WmiApSrv - ok

17:23:20.0671 2900 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe

17:23:20.0750 2900 WMPNetworkSvc - ok

17:23:20.0859 2900 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

17:23:20.0890 2900 WPFFontCache_v0400 - ok

17:23:20.0937 2900 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll

17:23:21.0000 2900 wscsvc - ok

17:23:21.0031 2900 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

17:23:21.0093 2900 WSTCODEC - ok

17:23:21.0125 2900 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll

17:23:21.0171 2900 wuauserv - ok

17:23:21.0203 2900 WudfPf (eaa6324f51214d2f6718977ec9ce0def) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

17:23:21.0218 2900 WudfPf - ok

17:23:21.0234 2900 WudfRd (f91ff1e51fca30b3c3981db7d5924252) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

17:23:21.0265 2900 WudfRd - ok

17:23:21.0265 2900 WudfSvc (ddee3682fe97037c45f4d7ab467cb8b6) C:\WINDOWS\System32\WUDFSvc.dll

17:23:21.0281 2900 WudfSvc - ok

17:23:21.0375 2900 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll

17:23:21.0453 2900 WZCSVC - ok

17:23:21.0468 2900 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll

17:23:21.0531 2900 xmlprov - ok

17:23:21.0562 2900 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0

17:23:21.0890 2900 \Device\Harddisk0\DR0 - ok

17:23:21.0890 2900 Boot (0x1200) (055902fa7df9dc52ae2de605aa537dcc) \Device\Harddisk0\DR0\Partition0

17:23:21.0890 2900 \Device\Harddisk0\DR0\Partition0 - ok

17:23:21.0906 2900 Boot (0x1200) (a52f5ffaa7bb9606fc6df99eb87a2cf6) \Device\Harddisk0\DR0\Partition1

17:23:21.0906 2900 \Device\Harddisk0\DR0\Partition1 - ok

17:23:21.0937 2900 Boot (0x1200) (ba5e8766f60573b228065d006d3bbc81) \Device\Harddisk0\DR0\Partition2

17:23:21.0937 2900 \Device\Harddisk0\DR0\Partition2 - ok

17:23:21.0937 2900 ============================================================

17:23:21.0937 2900 Scan finished

17:23:21.0937 2900 ============================================================

17:23:22.0046 1228 Detected object count: 7

17:23:22.0046 1228 Actual detected object count: 7

17:24:37.0062 1228 3xHybrid ( UnsignedFile.Multi.Generic ) - skipped by user

17:24:37.0062 1228 3xHybrid ( UnsignedFile.Multi.Generic ) - User select action: Skip

17:24:37.0062 1228 AegisP ( UnsignedFile.Multi.Generic ) - skipped by user

17:24:37.0062 1228 AegisP ( UnsignedFile.Multi.Generic ) - User select action: Skip

17:24:37.0078 1228 EAPPkt ( UnsignedFile.Multi.Generic ) - skipped by user

17:24:37.0078 1228 EAPPkt ( UnsignedFile.Multi.Generic ) - User select action: Skip

17:24:37.0078 1228 idsvc ( UnsignedFile.Multi.Generic ) - skipped by user

17:24:37.0078 1228 idsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip

17:24:37.0078 1228 PAC7302 ( UnsignedFile.Multi.Generic ) - skipped by user

17:24:37.0078 1228 PAC7302 ( UnsignedFile.Multi.Generic ) - User select action: Skip

17:24:37.0078 1228 pfc ( UnsignedFile.Multi.Generic ) - skipped by user

17:24:37.0078 1228 pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip

17:24:37.0078 1228 RTL8187B ( UnsignedFile.Multi.Generic ) - skipped by user

17:24:37.0078 1228 RTL8187B ( UnsignedFile.Multi.Generic ) - User select action: Skip

17:24:43.0734 2960 Deinitialize success

Дали има проблем?

B-boy/StyLe/ · Юли 10, 2012

Здравейте,

Лога е наред, но това не е инструмент за всекидневна употреба.

Какви са симптомите, които ви принудиха да го стартирате?

Имате ли някакви оплаквания? Антивирусната ви програма намира ли нещо?

А malwarebytes?

Трифон Иванов · Юли 11, 2012

Здравейте,

Лога е наред, но това не е инструмент за всекидневна употреба.
Какви са симптомите, които ви принудиха да го стартирате?
Имате ли някакви оплаквания? Антивирусната ви програма намира ли нещо?
А malwarebytes?

Намери ми някакъв вирус в паметта.Oт известно време компютъра доста се бави понякога и спича вариантите са два или харда или паметта и за това пунсах проверка на паметта за вируси и излезе този,не знам колко е сериозен и дали може да е от него.

http://store.picbg.n...0e6db750622.JPG

B-boy/StyLe/ · Юли 11, 2012

По-принцип този файл е легитимен (поне ако се намира в C:\Windows\system32\ctfmon.exe).

Ако не се намира там може и да е зараза. Всъщност дори да е на нормалното си място пак може да е инжектиран със зловреден код.

Тъй като това е втория случай (има един подобен в друг форум), най-добре проверете файла на този адрес: Virustotal и публикувайте линка с резултатите в следващия си коментар.Ако файла вече е бил анализиран изберете reanalyse за да го проверите с най-новите дефиниции.

Възможно е да е фалшива тревога на avast!, защото и в другия случай антивирусната програма, която го засече бе именно avast!

Поздрави!

Трифон Иванов · Юли 11, 2012

https://www.virustotal.com/file/5fb24fc7916a6e6b3be7d84cb1684215b266cd1495575c2e5672b8447932e5b1/analysis/1342042411/

B-boy/StyLe/ · Юли 12, 2012

Изглежда като фалшива тревога и май не им е за първи път.

Все пак направете една проверка с Combofix, както е описано тук.

Трифон Иванов · Юли 12, 2012

Направих с Комбо и следвах там другите инструкции и направих с OTL тест.Ето всички резултати:

Combofix-http://dox.bg/files/dw?a=5c0c820cb4

OTL-http://dox.bg/files/dw?a=b88530d629

OTL Extras- http://dox.bg/files/dw?a=6f3d2ef03b

B-boy/StyLe/ · Юли 12, 2012

Лог файловете са чисти!

Причината за забавянето е някъде другаде. Възможно е да е имате доста стартиращи с Windows приложения и услуги работещи във фонов режим.

Вижте тази тема:

Ръководство за поддръжка на Windows (XP, Vista и 7) [Revision 2.0]

Стартирайте OTL и натиснете CleanUp!

Трифон Иванов · Юли 12, 2012

Мерси!

Влез

Win32/Agent.SUC.Gen trojan помощ [РЕШЕН]

Препоръчан пост

B-boy/StyLe/

Link to comment

Сподели другаде

Lakitu Xa

Link to comment

Сподели другаде

Трифон Иванов

Link to comment

Сподели другаде

B-boy/StyLe/

Link to comment

Сподели другаде

Трифон Иванов

Link to comment

Сподели другаде

B-boy/StyLe/

Link to comment

Сподели другаде

Трифон Иванов

Link to comment

Сподели другаде

B-boy/StyLe/

Link to comment

Сподели другаде

Трифон Иванов

Link to comment

Сподели другаде

B-boy/StyLe/

Link to comment

Сподели другаде

Трифон Иванов

Link to comment

Сподели другаде

Join the conversation

Разгледай

Какво ново?