Trojan:Win32/Sirefef.P помощ

[green_bg]

Здр. на няколко пъти се опитам да премахна вируса но така и не успях.Как да го премахна?Каква програма да използвам?

[s.feradov]

Изтеглете OTL

• Запазете файла на Вашия десктоп.
  
• Стартирайте инструмента.
  
• Уверете се, че процесът на сканиране няма да бъде прекъснат.
  
• В главния прозорец на програмата сложете отметка пред Scan All Users.
  
• В полето Output изберете Minimal Output.
  
• В полето Standart Registry изберете All.
  
• Сложете отметки пред LOP Check и Purity Check.
  
• От падащото меню File Age изберете 90 days.
  
• Уверете се, че има отметкa пред Skip Microsoft Files.
  
• В полето Custom Scans/Fixes поставете следния текст:
  

netsvcs
msconfig
safebootminimal
safebootnetwork
%SYSTEMDRIVE%\*.*
%USERPROFILE%\*.*
%USERPROFILE%\AppData\Local\*.*
%USERPROFILE%\AppData\Roaming\*.*
%ProgramData%\*.*
%CommonProgramFiles%\*.*
%PROGRAMFILES%\*.*
%systemroot%\system32\config\systemprofile\AppData\Local\*.*
%windir%\ServiceProfiles\LocalService\AppData\Local\Temp\*.*
%windir%\ServiceProfiles\NetworkService\AppData\Local\Temp\*.*
%windir%\temp\*.*
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /90
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\Spool\prtprocs\w32x86\*.dll
%systemroot%\*. /rp /s
%systemroot%\assembly\temp\*.* /S /MD5
%systemroot%\assembly\tmp\*.* /S /MD5
%systemroot%\assembly\GAC_32\*.* /S /MD5
%SystemRoot%\assembly\GAC_MSIL\*.* /S /MD5
/md5start
explorer.exe
lsass.exe
svchost.exe
wininit.exe
winlogon.exe
userinit.exe
atapi.sys
iaStor.sys
serial.sys
volsnap.sys
disk.sys
redbook.sys
i8042prt.sys
afd.sys
netbt.sys
csc.sys
tcpip.sys
hlp.dat
/md5stop

 

Копирайте кода точно както е даден. Уверете се, че всяка от командите е на нов ред, както е в полето.

 

Натиснете бутона Run Scan. Ще започне сканиране, което няма да продължи дълго.Когато сканирането приключи автоматично ще се отворят два Notepad лог-файла - OTL.txt и Extras.txt.

 

Моля, прикачете тези два файла към следващия Ви коментар.

[green_bg]

Ето ги и тях!Сега какво да правя ?

OTL.Txt

Extras.Txt

[green_bg]

Имам проблем и с google всеки саит които отворя от намерените резултати ми излиза това http://abnow.com/?search=uyfghj&subid=117&key=07ce8bb904ea7b8c2674 незнам дали е от същия вирус но ще съм благодарен ако някои ми каже как да го оправя и премахна този вирис

[Night_Raven]

Изтегли TDSSKiller и:

- разархивирай архива на удобно място;

- стартирай TDSSKiller.exe;

- кликни Change paramteres, в долната секция Additional options постави отметки на Verify driver digital signatures и Detect TDLFS file system и потвърди с OK;

- кликни бутон Start scan и изчакай да се извърши сканирането;

- ако не бъдат открити заплахи, просто кликни Close;

- ако бъдат открити подозрителни обекти, кликни Continue и след това Close;

- ако бъдат открити зловредни обекти, се увери, че от падащите менюта е избрана опцята Cure, кликни Continue и след това Reboot computer;

- в дял C: ще се създаде текстов файл дневник от сканирането (името му започва с TDSSKiller), копирай му съдържанието в следващия си коментар.

[green_bg]

19:21:08.0316 2472 TDSS rootkit removing tool 2.7.23.0 Mar 26 2012 13:40:18

19:21:08.0608 2472 ============================================================

19:21:08.0608 2472 Current date / time: 2012/04/01 19:21:08.0608

19:21:08.0608 2472 SystemInfo:

19:21:08.0608 2472

19:21:08.0608 2472 OS Version: 6.1.7601 ServicePack: 1.0

19:21:08.0608 2472 Product type: Workstation

19:21:08.0608 2472 ComputerName: SCROL-PC

19:21:08.0608 2472 UserName: Scrol

19:21:08.0608 2472 Windows directory: C:\Windows

19:21:08.0608 2472 System windows directory: C:\Windows

19:21:08.0609 2472 Processor architecture: Intel x86

19:21:08.0609 2472 Number of processors: 2

19:21:08.0609 2472 Page size: 0x1000

19:21:08.0609 2472 Boot type: Normal boot

19:21:08.0609 2472 ============================================================

19:21:09.0896 2472 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0x38080, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000050

19:21:09.0898 2472 \Device\Harddisk0\DR0:

19:21:09.0898 2472 MBR used

19:21:09.0898 2472 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x13, BlocksNum 0x1D3DB74D

19:21:09.0898 2472 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D3DB800, BlocksNum 0x1CFA9800

19:21:09.0968 2472 Initialize success

19:21:09.0968 2472 ============================================================

19:21:44.0592 3464 ============================================================

19:21:44.0592 3464 Scan started

19:21:44.0592 3464 Mode: Manual; SigCheck; TDLFS;

19:21:44.0592 3464 ============================================================

19:21:45.0964 3464 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

19:21:47.0354 3464 !SASCORE - ok

19:21:47.0506 3464 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys

19:21:47.0562 3464 1394ohci - ok

19:21:47.0664 3464 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys

19:21:47.0694 3464 ACPI - ok

19:21:47.0737 3464 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys

19:21:47.0813 3464 AcpiPmi - ok

19:21:47.0902 3464 AdobeARMservice (11a52cf7b265631deeb24c6149309eff) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

19:21:47.0946 3464 AdobeARMservice - ok

19:21:48.0062 3464 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys

19:21:48.0092 3464 adp94xx - ok

19:21:48.0214 3464 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys

19:21:48.0249 3464 adpahci - ok

19:21:48.0367 3464 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys

19:21:48.0413 3464 adpu320 - ok

19:21:48.0540 3464 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll

19:21:48.0624 3464 AeLookupSvc - ok

19:21:48.0728 3464 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys

19:21:48.0813 3464 AFD - ok

19:21:48.0902 3464 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys

19:21:48.0940 3464 agp440 - ok

19:21:49.0049 3464 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys

19:21:49.0086 3464 aic78xx - ok

19:21:49.0175 3464 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe

19:21:49.0257 3464 ALG - ok

19:21:49.0369 3464 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys

19:21:49.0391 3464 aliide - ok

19:21:49.0436 3464 AMD External Events Utility (3927cd2638ce67535a592417433a80b8) C:\Windows\system32\atiesrxx.exe

19:21:49.0548 3464 AMD External Events Utility - ok

19:21:49.0642 3464 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys

19:21:49.0687 3464 amdagp - ok

19:21:49.0711 3464 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys

19:21:49.0731 3464 amdide - ok

19:21:49.0842 3464 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys

19:21:49.0927 3464 AmdK8 - ok

19:21:50.0025 3464 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys

19:21:50.0070 3464 AmdPPM - ok

19:21:50.0209 3464 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys

19:21:50.0248 3464 amdsata - ok

19:21:50.0280 3464 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys

19:21:50.0352 3464 amdsbs - ok

19:21:50.0452 3464 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys

19:21:50.0481 3464 amdxata - ok

19:21:50.0530 3464 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys

19:21:50.0662 3464 AppID - ok

19:21:50.0738 3464 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll

19:21:50.0821 3464 AppIDSvc - ok

19:21:50.0911 3464 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll

19:21:50.0984 3464 Appinfo - ok

19:21:51.0065 3464 Apple Mobile Device (70d7be78061126dd0c3accdb7e129017) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

19:21:51.0136 3464 Apple Mobile Device - ok

19:21:51.0227 3464 AppMgmt (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll

19:21:51.0288 3464 AppMgmt - ok

19:21:51.0399 3464 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys

19:21:51.0445 3464 arc - ok

19:21:51.0466 3464 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys

19:21:51.0513 3464 arcsas - ok

19:21:51.0616 3464 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys

19:21:51.0729 3464 AsyncMac - ok

19:21:51.0833 3464 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys

19:21:51.0855 3464 atapi - ok

19:21:51.0993 3464 AtiHdmiService (40a07e6916ac098e31a9e39ac202b8a1) C:\Windows\system32\drivers\AtiHdmi.sys

19:21:52.0071 3464 AtiHdmiService - ok

19:21:52.0240 3464 atikmdag (840f85a04744ff065881333295e7fa5d) C:\Windows\system32\DRIVERS\atikmdag.sys

19:21:52.0554 3464 atikmdag - ok

19:21:52.0664 3464 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll

19:21:52.0766 3464 AudioEndpointBuilder - ok

19:21:52.0774 3464 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll

19:21:52.0829 3464 Audiosrv - ok

19:21:52.0930 3464 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll

19:21:53.0038 3464 AxInstSV - ok

19:21:53.0151 3464 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys

19:21:53.0275 3464 b06bdrv - ok

19:21:53.0392 3464 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys

19:21:53.0482 3464 b57nd60x - ok

19:21:53.0568 3464 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll

19:21:53.0686 3464 BDESVC - ok

19:21:53.0787 3464 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys

19:21:53.0843 3464 Beep - ok

19:21:53.0953 3464 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll

19:21:54.0029 3464 BITS - ok

19:21:54.0078 3464 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys

19:21:54.0126 3464 blbdrive - ok

19:21:54.0231 3464 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys

19:21:54.0326 3464 bowser - ok

19:21:54.0432 3464 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys

19:21:54.0499 3464 BrFiltLo - ok

19:21:54.0590 3464 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys

19:21:54.0632 3464 BrFiltUp - ok

19:21:54.0727 3464 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll

19:21:54.0817 3464 Browser - ok

19:21:54.0916 3464 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys

19:21:54.0989 3464 Brserid - ok

19:21:55.0087 3464 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys

19:21:55.0148 3464 BrSerWdm - ok

19:21:55.0257 3464 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys

19:21:55.0294 3464 BrUsbMdm - ok

19:21:55.0399 3464 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys

19:21:55.0442 3464 BrUsbSer - ok

19:21:55.0538 3464 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys

19:21:55.0603 3464 BTHMODEM - ok

19:21:55.0685 3464 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll

19:21:55.0754 3464 bthserv - ok

19:21:55.0822 3464 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys

19:21:55.0901 3464 cdfs - ok

19:21:56.0026 3464 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys

19:21:56.0082 3464 cdrom - ok

19:21:56.0190 3464 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll

19:21:56.0284 3464 CertPropSvc - ok

19:21:56.0390 3464 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys

19:21:56.0446 3464 circlass - ok

19:21:56.0525 3464 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys

19:21:56.0602 3464 CLFS - ok

19:21:56.0698 3464 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

19:21:56.0754 3464 clr_optimization_v2.0.50727_32 - ok

19:21:56.0865 3464 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

19:21:56.0896 3464 clr_optimization_v4.0.30319_32 - ok

19:21:56.0955 3464 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys

19:21:57.0001 3464 CmBatt - ok

19:21:57.0102 3464 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys

19:21:57.0121 3464 cmdide - ok

19:21:57.0168 3464 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys

19:21:57.0215 3464 CNG - ok

19:21:57.0312 3464 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys

19:21:57.0338 3464 Compbatt - ok

19:21:57.0468 3464 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys

19:21:57.0535 3464 CompositeBus - ok

19:21:57.0600 3464 COMSysApp - ok

19:21:57.0668 3464 cpuz134 - ok

19:21:57.0735 3464 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys

19:21:57.0761 3464 crcdisk - ok

19:21:57.0847 3464 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll

19:21:57.0939 3464 CryptSvc - ok

19:21:57.0987 3464 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys

19:21:58.0076 3464 CSC - ok

19:21:58.0166 3464 CscService (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll

19:21:58.0224 3464 CscService - ok

19:21:58.0253 3464 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll

19:21:58.0333 3464 DcomLaunch - ok

19:21:58.0436 3464 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll

19:21:58.0502 3464 defragsvc - ok

19:21:58.0662 3464 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys

19:21:58.0804 3464 DfsC - ok

19:21:58.0902 3464 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll

19:21:59.0002 3464 Dhcp - ok

19:21:59.0050 3464 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys

19:21:59.0110 3464 discache - ok

19:21:59.0229 3464 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys

19:21:59.0265 3464 Disk - ok

19:21:59.0297 3464 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll

19:21:59.0387 3464 Dnscache - ok

19:21:59.0464 3464 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll

19:21:59.0537 3464 dot3svc - ok

19:21:59.0571 3464 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll

19:21:59.0628 3464 DPS - ok

19:21:59.0729 3464 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys

19:21:59.0756 3464 drmkaud - ok

19:21:59.0801 3464 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys

19:21:59.0845 3464 DXGKrnl - ok

19:21:59.0932 3464 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll

19:22:00.0020 3464 EapHost - ok

19:22:00.0168 3464 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys

19:22:00.0288 3464 ebdrv - ok

19:22:00.0378 3464 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe

19:22:00.0435 3464 EFS - ok

19:22:00.0484 3464 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe

19:22:00.0610 3464 ehRecvr - ok

19:22:00.0668 3464 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe

19:22:00.0726 3464 ehSched - ok

19:22:00.0848 3464 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys

19:22:00.0888 3464 elxstor - ok

19:22:00.0924 3464 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys

19:22:00.0965 3464 ErrDev - ok

19:22:01.0056 3464 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll

19:22:01.0108 3464 EventSystem - ok

19:22:01.0161 3464 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys

19:22:01.0210 3464 exfat - ok

19:22:01.0321 3464 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys

19:22:01.0381 3464 fastfat - ok

19:22:01.0483 3464 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe

19:22:01.0578 3464 Fax - ok

19:22:01.0671 3464 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys

19:22:01.0712 3464 fdc - ok

19:22:01.0739 3464 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll

19:22:01.0805 3464 fdPHost - ok

19:22:01.0887 3464 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll

19:22:01.0947 3464 FDResPub - ok

19:22:01.0997 3464 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys

19:22:02.0053 3464 FileInfo - ok

19:22:02.0157 3464 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys

19:22:02.0222 3464 Filetrace - ok

19:22:02.0244 3464 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys

19:22:02.0285 3464 flpydisk - ok

19:22:02.0391 3464 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys

19:22:02.0434 3464 FltMgr - ok

19:22:02.0479 3464 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll

19:22:02.0554 3464 FontCache - ok

19:22:02.0625 3464 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

19:22:02.0649 3464 FontCache3.0.0.0 - ok

19:22:02.0710 3464 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys

19:22:02.0748 3464 FsDepends - ok

19:22:02.0818 3464 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys

19:22:02.0846 3464 Fs_Rec - ok

19:22:02.0904 3464 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys

19:22:02.0948 3464 fvevol - ok

19:22:03.0064 3464 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys

19:22:03.0102 3464 gagp30kx - ok

19:22:03.0159 3464 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll

19:22:03.0229 3464 gpsvc - ok

19:22:03.0333 3464 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe

19:22:03.0406 3464 gupdate - ok

19:22:03.0417 3464 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe

19:22:03.0483 3464 gupdatem - ok

19:22:03.0586 3464 hamachi (64b48a0d899deca24c424a2cac3ecffa) C:\Windows\system32\DRIVERS\hamachi.sys

19:22:03.0612 3464 hamachi - ok

19:22:03.0639 3464 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys

19:22:03.0690 3464 hcw85cir - ok

19:22:03.0843 3464 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys

19:22:03.0907 3464 HdAudAddService - ok

19:22:04.0020 3464 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys

19:22:04.0061 3464 HDAudBus - ok

19:22:04.0093 3464 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys

19:22:04.0140 3464 HidBatt - ok

19:22:04.0242 3464 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys

19:22:04.0282 3464 HidBth - ok

19:22:04.0385 3464 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys

19:22:04.0447 3464 HidIr - ok

19:22:04.0483 3464 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll

19:22:04.0540 3464 hidserv - ok

19:22:04.0669 3464 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\drivers\hidusb.sys

19:22:04.0757 3464 HidUsb - ok

19:22:04.0796 3464 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll

19:22:04.0885 3464 hkmsvc - ok

19:22:04.0980 3464 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll

19:22:05.0027 3464 HomeGroupListener - ok

19:22:05.0060 3464 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll

19:22:05.0124 3464 HomeGroupProvider - ok

19:22:05.0244 3464 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys

19:22:05.0280 3464 HpSAMD - ok

19:22:05.0404 3464 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys

19:22:05.0493 3464 HTTP - ok

19:22:05.0513 3464 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys

19:22:05.0530 3464 hwpolicy - ok

19:22:05.0664 3464 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys

19:22:05.0773 3464 i8042prt - ok

19:22:05.0886 3464 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys

19:22:05.0926 3464 iaStorV - ok

19:22:06.0010 3464 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

19:22:06.0220 3464 idsvc - ok

19:22:06.0323 3464 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys

19:22:06.0355 3464 iirsp - ok

19:22:06.0405 3464 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll

19:22:06.0568 3464 IKEEXT - ok

19:22:06.0684 3464 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys

19:22:06.0718 3464 intelide - ok

19:22:06.0841 3464 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys

19:22:06.0884 3464 intelppm - ok

19:22:06.0916 3464 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll

19:22:06.0978 3464 IPBusEnum - ok

19:22:07.0065 3464 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys

19:22:07.0143 3464 IpFilterDriver - ok

19:22:07.0251 3464 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys

19:22:07.0342 3464 IPMIDRV - ok

19:22:07.0362 3464 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys

19:22:07.0418 3464 IPNAT - ok

19:22:07.0524 3464 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys

19:22:07.0575 3464 IRENUM - ok

19:22:07.0683 3464 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys

19:22:07.0719 3464 isapnp - ok

19:22:07.0743 3464 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys

19:22:07.0774 3464 iScsiPrt - ok

19:22:07.0900 3464 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys

19:22:07.0937 3464 kbdclass - ok

19:22:07.0981 3464 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys

19:22:08.0051 3464 kbdhid - ok

19:22:08.0136 3464 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe

19:22:08.0169 3464 KeyIso - ok

19:22:08.0201 3464 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys

19:22:08.0242 3464 KSecDD - ok

19:22:08.0331 3464 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys

19:22:08.0393 3464 KSecPkg - ok

19:22:08.0426 3464 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll

19:22:08.0496 3464 KtmRm - ok

19:22:08.0597 3464 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll

19:22:08.0691 3464 LanmanServer - ok

19:22:08.0726 3464 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll

19:22:08.0819 3464 LanmanWorkstation - ok

19:22:08.0921 3464 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys

19:22:08.0996 3464 lltdio - ok

19:22:09.0040 3464 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll

19:22:09.0108 3464 lltdsvc - ok

19:22:09.0193 3464 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll

19:22:09.0247 3464 lmhosts - ok

19:22:09.0366 3464 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys

19:22:09.0412 3464 LSI_FC - ok

19:22:09.0434 3464 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys

19:22:09.0481 3464 LSI_SAS - ok

19:22:09.0581 3464 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys

19:22:09.0617 3464 LSI_SAS2 - ok

19:22:09.0634 3464 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys

19:22:09.0689 3464 LSI_SCSI - ok

19:22:09.0793 3464 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys

19:22:09.0861 3464 luafv - ok

19:22:09.0941 3464 MBAMSwissArmy - ok

19:22:09.0980 3464 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll

19:22:10.0068 3464 Mcx2Svc - ok

19:22:10.0153 3464 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys

19:22:10.0187 3464 megasas - ok

19:22:10.0225 3464 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys

19:22:10.0256 3464 MegaSR - ok

19:22:10.0337 3464 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll

19:22:10.0402 3464 MMCSS - ok

19:22:10.0442 3464 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys

19:22:10.0502 3464 Modem - ok

19:22:10.0604 3464 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys

19:22:10.0649 3464 monitor - ok

19:22:10.0764 3464 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys

19:22:10.0801 3464 mouclass - ok

19:22:10.0847 3464 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys

19:22:10.0897 3464 mouhid - ok

19:22:11.0008 3464 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys

19:22:11.0057 3464 mountmgr - ok

19:22:11.0187 3464 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys

19:22:11.0253 3464 MpFilter - ok

19:22:11.0361 3464 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys

19:22:11.0431 3464 mpio - ok

19:22:11.0547 3464 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys

19:22:11.0590 3464 MpNWMon - ok

19:22:11.0708 3464 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys

19:22:11.0771 3464 mpsdrv - ok

19:22:11.0873 3464 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys

19:22:11.0974 3464 MRxDAV - ok

19:22:12.0069 3464 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys

19:22:12.0145 3464 mrxsmb - ok

19:22:12.0242 3464 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys

19:22:12.0300 3464 mrxsmb10 - ok

19:22:12.0329 3464 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys

19:22:12.0455 3464 mrxsmb20 - ok

19:22:12.0577 3464 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys

19:22:12.0606 3464 msahci - ok

19:22:12.0647 3464 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys

19:22:12.0678 3464 msdsm - ok

19:22:12.0755 3464 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe

19:22:12.0812 3464 MSDTC - ok

19:22:12.0920 3464 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys

19:22:12.0965 3464 Msfs - ok

19:22:12.0989 3464 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys

19:22:13.0046 3464 mshidkmdf - ok

19:22:13.0155 3464 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys

19:22:13.0177 3464 msisadrv - ok

19:22:13.0206 3464 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll

19:22:13.0272 3464 MSiSCSI - ok

19:22:13.0328 3464 msiserver - ok

19:22:13.0384 3464 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys

19:22:13.0429 3464 MSKSSRV - ok

19:22:13.0487 3464 MsMpSvc (cfce43b70ca0cc4dcc8adb62b792b173) C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

19:22:13.0516 3464 MsMpSvc - ok

19:22:13.0612 3464 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys

19:22:13.0656 3464 MSPCLOCK - ok

19:22:13.0754 3464 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys

19:22:13.0796 3464 MSPQM - ok

19:22:13.0820 3464 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys

19:22:13.0891 3464 MsRPC - ok

19:22:13.0984 3464 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys

19:22:14.0013 3464 mssmbios - ok

19:22:14.0053 3464 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys

19:22:14.0090 3464 MSTEE - ok

19:22:14.0177 3464 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys

19:22:14.0218 3464 MTConfig - ok

19:22:14.0244 3464 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys

19:22:14.0280 3464 Mup - ok

19:22:14.0322 3464 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll

19:22:14.0388 3464 napagent - ok

19:22:14.0494 3464 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys

19:22:14.0548 3464 NativeWifiP - ok

19:22:14.0688 3464 NBService (3bae2bfcb6d69e19c8373f635dd544dc) C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

19:22:14.0808 3464 NBService - ok

19:22:14.0930 3464 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys

19:22:14.0988 3464 NDIS - ok

19:22:15.0097 3464 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys

19:22:15.0151 3464 NdisCap - ok

19:22:15.0261 3464 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys

19:22:15.0318 3464 NdisTapi - ok

19:22:15.0429 3464 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys

19:22:15.0524 3464 Ndisuio - ok

19:22:15.0560 3464 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys

19:22:15.0628 3464 NdisWan - ok

19:22:15.0729 3464 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys

19:22:15.0828 3464 NDProxy - ok

19:22:15.0928 3464 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys

19:22:16.0005 3464 NetBIOS - ok

19:22:16.0106 3464 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys

19:22:16.0229 3464 NetBT - ok

19:22:16.0311 3464 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe

19:22:16.0340 3464 Netlogon - ok

19:22:16.0385 3464 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll

19:22:16.0451 3464 Netman - ok

19:22:16.0531 3464 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll

19:22:16.0651 3464 netprofm - ok

19:22:16.0751 3464 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

19:22:16.0783 3464 NetTcpPortSharing - ok

19:22:16.0852 3464 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys

19:22:16.0885 3464 nfrd960 - ok

19:22:16.0992 3464 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys

19:22:17.0032 3464 NisDrv - ok

19:22:17.0070 3464 NisSrv (a5cb074f34bbd89948e34a630d459c0c) C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe

19:22:17.0136 3464 NisSrv - ok

19:22:17.0235 3464 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll

19:22:17.0334 3464 NlaSvc - ok

19:22:17.0559 3464 NMIndexingService (193fa51dddd0bffded1c340f0434999a) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

19:22:17.0808 3464 NMIndexingService - ok

19:22:17.0897 3464 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys

19:22:17.0955 3464 Npfs - ok

19:22:17.0989 3464 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll

19:22:18.0032 3464 nsi - ok

19:22:18.0120 3464 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys

19:22:18.0172 3464 nsiproxy - ok

19:22:18.0225 3464 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys

19:22:18.0425 3464 Ntfs - ok

19:22:18.0514 3464 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys

19:22:18.0559 3464 Null - ok

19:22:18.0591 3464 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys

19:22:18.0645 3464 nvraid - ok

19:22:18.0748 3464 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys

19:22:18.0803 3464 nvstor - ok

19:22:18.0832 3464 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys

19:22:18.0861 3464 nv_agp - ok

19:22:18.0900 3464 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys

19:22:18.0991 3464 ohci1394 - ok

19:22:19.0062 3464 ose (7a7ba704de6bd123f2e95b58808c64af) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

19:22:19.0161 3464 ose ( UnsignedFile.Multi.Generic ) - warning

19:22:19.0162 3464 ose - detected UnsignedFile.Multi.Generic (1)

19:22:19.0257 3464 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll

19:22:19.0340 3464 p2pimsvc - ok

19:22:19.0417 3464 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll

19:22:19.0473 3464 p2psvc - ok

19:22:19.0572 3464 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys

19:22:19.0649 3464 Parport - ok

19:22:19.0749 3464 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys

19:22:19.0786 3464 partmgr - ok

19:22:19.0823 3464 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys

19:22:19.0853 3464 Parvdm - ok

19:22:19.0923 3464 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll

19:22:19.0981 3464 PcaSvc - ok

19:22:20.0029 3464 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys

19:22:20.0061 3464 pci - ok

19:22:20.0150 3464 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys

19:22:20.0188 3464 pciide - ok

19:22:20.0232 3464 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys

19:22:20.0264 3464 pcmcia - ok

19:22:20.0334 3464 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys

19:22:20.0365 3464 pcw - ok

19:22:20.0416 3464 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys

19:22:20.0483 3464 PEAUTH - ok

19:22:20.0586 3464 PeerDistSvc (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll

19:22:20.0650 3464 PeerDistSvc - ok

19:22:20.0723 3464 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll

19:22:20.0869 3464 pla - ok

19:22:20.0976 3464 PLFlash DeviceIoControl Service (875e4e0661f3a5994df9e5e3a0a4f96b) C:\Windows\system32\IoctlSvc.exe

19:22:21.0025 3464 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - warning

19:22:21.0025 3464 PLFlash DeviceIoControl Service - detected UnsignedFile.Multi.Generic (1)

19:22:21.0068 3464 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll

19:22:21.0163 3464 PlugPlay - ok

19:22:21.0235 3464 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll

19:22:21.0268 3464 PNRPAutoReg - ok

19:22:21.0290 3464 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll

19:22:21.0334 3464 PNRPsvc - ok

19:22:21.0378 3464 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll

19:22:21.0481 3464 PolicyAgent - ok

19:22:21.0584 3464 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll

19:22:21.0650 3464 Power - ok

19:22:21.0694 3464 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys

19:22:21.0781 3464 PptpMiniport - ok

19:22:21.0899 3464 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys

19:22:21.0953 3464 Processor - ok

19:22:22.0038 3464 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll

19:22:22.0134 3464 ProfSvc - ok

19:22:22.0177 3464 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe

19:22:22.0207 3464 ProtectedStorage - ok

19:22:22.0298 3464 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys

19:22:22.0380 3464 Psched - ok

19:22:22.0427 3464 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys

19:22:22.0486 3464 ql2300 - ok

19:22:22.0581 3464 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys

19:22:22.0636 3464 ql40xx - ok

19:22:22.0657 3464 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll

19:22:22.0746 3464 QWAVE - ok

19:22:22.0845 3464 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys

19:22:22.0899 3464 QWAVEdrv - ok

19:22:22.0987 3464 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys

19:22:23.0037 3464 RasAcd - ok

19:22:23.0152 3464 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys

19:22:23.0204 3464 RasAgileVpn - ok

19:22:23.0234 3464 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll

19:22:23.0306 3464 RasAuto - ok

19:22:23.0403 3464 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys

19:22:23.0481 3464 Rasl2tp - ok

19:22:23.0582 3464 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll

19:22:23.0667 3464 RasMan - ok

19:22:23.0763 3464 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys

19:22:23.0806 3464 RasPppoe - ok

19:22:23.0820 3464 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys

19:22:23.0892 3464 RasSstp - ok

19:22:23.0994 3464 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys

19:22:24.0092 3464 rdbss - ok

19:22:24.0189 3464 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys

19:22:24.0223 3464 rdpbus - ok

19:22:24.0262 3464 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys

19:22:24.0315 3464 RDPCDD - ok

19:22:24.0426 3464 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys

19:22:24.0531 3464 RDPDR - ok

19:22:24.0639 3464 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys

19:22:24.0685 3464 RDPENCDD - ok

19:22:24.0776 3464 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys

19:22:24.0823 3464 RDPREFMP - ok

19:22:24.0957 3464 RdpVideoMiniport (68a0387f58e226deee23d9715955572a) C:\Windows\system32\drivers\rdpvideominiport.sys

19:22:25.0048 3464 RdpVideoMiniport - ok

19:22:25.0154 3464 RDPWD (244c83332f44589ae98fc347f11b2693) C:\Windows\system32\drivers\RDPWD.sys

19:22:25.0282 3464 RDPWD - ok

19:22:25.0404 3464 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys

19:22:25.0481 3464 rdyboost - ok

19:22:25.0510 3464 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll

19:22:25.0567 3464 RemoteAccess - ok

19:22:25.0647 3464 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll

19:22:25.0707 3464 RemoteRegistry - ok

19:22:25.0790 3464 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll

19:22:25.0858 3464 RpcEptMapper - ok

19:22:25.0897 3464 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe

19:22:25.0937 3464 RpcLocator - ok

19:22:26.0019 3464 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll

19:22:26.0075 3464 RpcSs - ok

19:22:26.0138 3464 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys

19:22:26.0203 3464 rspndr - ok

19:22:26.0298 3464 RTL8167 (26a9d6227d12b9d9da5a81bb9b55d810) C:\Windows\system32\DRIVERS\Rt86win7.sys

19:22:26.0385 3464 RTL8167 - ok

19:22:26.0483 3464 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys

19:22:26.0527 3464 s3cap - ok

19:22:26.0610 3464 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe

19:22:26.0641 3464 SamSs - ok

19:22:26.0719 3464 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS

19:22:26.0851 3464 SASDIFSV - ok

19:22:26.0888 3464 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS

19:22:26.0955 3464 SASKUTIL - ok

19:22:27.0072 3464 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys

19:22:27.0124 3464 sbp2port - ok

19:22:27.0154 3464 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll

19:22:27.0213 3464 SCardSvr - ok

19:22:27.0316 3464 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys

19:22:27.0385 3464 scfilter - ok

19:22:27.0496 3464 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll

19:22:27.0608 3464 Schedule - ok

19:22:27.0689 3464 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll

19:22:27.0738 3464 SCPolicySvc - ok

19:22:27.0760 3464 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll

19:22:27.0907 3464 SDRSVC - ok

19:22:28.0097 3464 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

19:22:28.0177 3464 secdrv - ok

19:22:28.0249 3464 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll

19:22:28.0305 3464 seclogon - ok

19:22:28.0397 3464 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll

19:22:28.0457 3464 SENS - ok

19:22:28.0484 3464 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll

19:22:28.0532 3464 SensrSvc - ok

19:22:28.0636 3464 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys

19:22:28.0689 3464 Serenum - ok

19:22:28.0787 3464 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys

19:22:28.0940 3464 Serial - ok

19:22:28.0976 3464 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys

19:22:29.0042 3464 sermouse - ok

19:22:29.0197 3464 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll

19:22:29.0278 3464 SessionEnv - ok

19:22:29.0339 3464 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys

19:22:29.0391 3464 sffdisk - ok

19:22:29.0491 3464 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys

19:22:29.0535 3464 sffp_mmc - ok

19:22:29.0559 3464 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys

19:22:29.0619 3464 sffp_sd - ok

19:22:29.0717 3464 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys

19:22:29.0746 3464 sfloppy - ok

19:22:29.0777 3464 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll

19:22:29.0856 3464 SharedAccess - ok

19:22:29.0937 3464 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll

19:22:30.0023 3464 ShellHWDetection - ok

19:22:30.0067 3464 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys

19:22:30.0111 3464 sisagp - ok

19:22:30.0213 3464 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys

19:22:30.0242 3464 SiSRaid2 - ok

19:22:30.0262 3464 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys

19:22:30.0302 3464 SiSRaid4 - ok

19:22:30.0385 3464 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files\Skype\Updater\Updater.exe

19:22:30.0584 3464 SkypeUpdate - ok

19:22:30.0690 3464 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys

19:22:30.0756 3464 Smb - ok

19:22:30.0790 3464 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe

19:22:30.0831 3464 SNMPTRAP - ok

19:22:30.0938 3464 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys

19:22:30.0976 3464 spldr - ok

19:22:31.0086 3464 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe

19:22:31.0153 3464 Spooler - ok

19:22:31.0231 3464 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe

19:22:31.0464 3464 sppsvc - ok

19:22:31.0566 3464 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll

19:22:31.0647 3464 sppuinotify - ok

19:22:31.0776 3464 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys

19:22:31.0776 3464 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505

19:22:31.0785 3464 sptd ( LockedFile.Multi.Generic ) - warning

19:22:31.0785 3464 sptd - detected LockedFile.Multi.Generic (1)

19:22:31.0885 3464 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys

19:22:31.0960 3464 srv - ok

19:22:32.0072 3464 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys

19:22:32.0127 3464 srv2 - ok

19:22:32.0154 3464 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys

19:22:32.0221 3464 srvnet - ok

19:22:32.0316 3464 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll

19:22:32.0370 3464 SSDPSRV - ok

19:22:32.0390 3464 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll

19:22:32.0436 3464 SstpSvc - ok

19:22:32.0477 3464 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys

19:22:32.0503 3464 stexstor - ok

19:22:32.0597 3464 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll

19:22:32.0709 3464 StiSvc - ok

19:22:32.0773 3464 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys

19:22:32.0813 3464 storflt - ok

19:22:32.0912 3464 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys

19:22:32.0938 3464 storvsc - ok

19:22:32.0964 3464 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys

19:22:32.0987 3464 swenum - ok

19:22:33.0021 3464 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll

19:22:33.0087 3464 swprv - ok

19:22:33.0173 3464 Synth3dVsc - ok

19:22:33.0229 3464 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll

19:22:33.0302 3464 SysMain - ok

19:22:33.0393 3464 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll

19:22:33.0470 3464 TabletInputService - ok

19:22:33.0512 3464 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll

19:22:33.0601 3464 TapiSrv - ok

19:22:33.0679 3464 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll

19:22:33.0748 3464 TBS - ok

19:22:33.0864 3464 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys

19:22:33.0931 3464 Tcpip - ok

19:22:34.0057 3464 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys

19:22:34.0111 3464 TCPIP6 - ok

19:22:34.0146 3464 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys

19:22:34.0230 3464 tcpipreg - ok

19:22:34.0332 3464 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys

19:22:34.0381 3464 TDPIPE - ok

19:22:34.0400 3464 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys

19:22:34.0463 3464 TDTCP - ok

19:22:34.0567 3464 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys

19:22:34.0694 3464 tdx - ok

19:22:34.0783 3464 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys

19:22:34.0826 3464 TermDD - ok

19:22:34.0868 3464 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll

19:22:34.0984 3464 TermService - ok

19:22:35.0058 3464 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll

19:22:35.0115 3464 Themes - ok

19:22:35.0152 3464 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll

19:22:35.0196 3464 THREADORDER - ok

19:22:35.0279 3464 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll

19:22:35.0339 3464 TrkWks - ok

19:22:35.0371 3464 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe

19:22:35.0477 3464 TrustedInstaller - ok

19:22:35.0586 3464 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys

19:22:35.0655 3464 tssecsrv - ok

19:22:35.0765 3464 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys

19:22:35.0846 3464 TsUsbFlt - ok

19:22:35.0923 3464 tsusbhub - ok

19:22:35.0970 3464 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys

19:22:36.0052 3464 tunnel - ok

19:22:36.0175 3464 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys

19:22:36.0215 3464 uagp35 - ok

19:22:36.0270 3464 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys

19:22:36.0342 3464 udfs - ok

19:22:36.0441 3464 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe

19:22:36.0484 3464 UI0Detect - ok

19:22:36.0598 3464 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys

19:22:36.0639 3464 uliagpkx - ok

19:22:36.0689 3464 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys

19:22:36.0777 3464 umbus - ok

19:22:36.0940 3464 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys

19:22:36.0985 3464 UmPass - ok

19:22:37.0083 3464 UmRdpService (409994a8eaceee4e328749c0353527a0) C:\Windows\System32\umrdp.dll

19:22:37.0166 3464 UmRdpService - ok

19:22:37.0208 3464 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll

19:22:37.0281 3464 upnphost - ok

19:22:37.0387 3464 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys

19:22:37.0506 3464 usbccgp - ok

19:22:37.0625 3464 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys

19:22:37.0668 3464 usbcir - ok

19:22:37.0684 3464 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys

19:22:37.0742 3464 usbehci - ok

19:22:37.0768 3464 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys

19:22:37.0839 3464 usbhub - ok

19:22:37.0934 3464 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys

19:22:37.0985 3464 usbohci - ok

19:22:38.0002 3464 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys

19:22:38.0032 3464 usbprint - ok

19:22:38.0128 3464 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\drivers\USBSTOR.SYS

19:22:38.0268 3464 USBSTOR - ok

19:22:38.0392 3464 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys

19:22:38.0438 3464 usbuhci - ok

19:22:38.0468 3464 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll

19:22:38.0513 3464 UxSms - ok

19:22:38.0601 3464 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe

19:22:38.0633 3464 VaultSvc - ok

19:22:38.0691 3464 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys

19:22:38.0721 3464 vdrvroot - ok

19:22:38.0814 3464 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe

19:22:38.0930 3464 vds - ok

19:22:39.0049 3464 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys

19:22:39.0093 3464 vga - ok

19:22:39.0271 3464 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys

19:22:39.0316 3464 VgaSave - ok

19:22:39.0409 3464 VGPU - ok

19:22:39.0445 3464 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys

19:22:39.0474 3464 vhdmp - ok

19:22:39.0581 3464 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys

19:22:39.0619 3464 viaagp - ok

19:22:39.0659 3464 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys

19:22:39.0704 3464 ViaC7 - ok

19:22:39.0937 3464 VIAHdAudAddService (6be743341713a0a163616408b1f0eef0) C:\Windows\system32\drivers\viahduaa.sys

19:22:40.0024 3464 VIAHdAudAddService - ok

19:22:40.0125 3464 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys

19:22:40.0156 3464 viaide - ok

19:22:40.0192 3464 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys

19:22:40.0225 3464 vmbus - ok

19:22:40.0313 3464 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys

19:22:40.0358 3464 VMBusHID - ok

19:22:40.0375 3464 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys

19:22:40.0413 3464 volmgr - ok

19:22:40.0518 3464 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys

19:22:40.0549 3464 volmgrx - ok

19:22:40.0590 3464 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys

19:22:40.0618 3464 volsnap - ok

19:22:40.0721 3464 vpcbus (63ef70b7bfb875436d5983e3c77f0681) C:\Windows\system32\DRIVERS\vpchbus.sys

19:22:40.0779 3464 vpcbus - ok

19:22:40.0874 3464 vpcnfltr (2559494dc74877afce97c6f75e4b7020) C:\Windows\system32\DRIVERS\vpcnfltr.sys

19:22:40.0918 3464 vpcnfltr - ok

19:22:41.0021 3464 vpcusb (ac0adad2ad5a166100cf59fb9a7880b7) C:\Windows\system32\DRIVERS\vpcusb.sys

19:22:41.0092 3464 vpcusb - ok

19:22:41.0146 3464 vpcvmm (ce9b006a5d180e0e47b584da3e48b698) C:\Windows\system32\drivers\vpcvmm.sys

19:22:41.0149 3464 Suspicious file (Forged): C:\Windows\system32\drivers\vpcvmm.sys. Real md5: ce9b006a5d180e0e47b584da3e48b698, Fake md5: 3b373bd42cd99f880fe88617c892a9e6

19:22:41.0150 3464 vpcvmm ( ForgedFile.Multi.Generic ) - warning

19:22:41.0150 3464 vpcvmm - detected ForgedFile.Multi.Generic (1)

19:22:41.0255 3464 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys

19:22:41.0320 3464 vsmraid - ok

19:22:41.0365 3464 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe

19:22:41.0503 3464 VSS - ok

19:22:41.0603 3464 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys

19:22:41.0649 3464 vwifibus - ok

19:22:41.0737 3464 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll

19:22:41.0807 3464 W32Time - ok

19:22:41.0846 3464 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys

19:22:41.0887 3464 WacomPen - ok

19:22:41.0988 3464 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys

19:22:42.0081 3464 WANARP - ok

19:22:42.0091 3464 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys

19:22:42.0148 3464 Wanarpv6 - ok

19:22:42.0218 3464 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe

19:22:42.0615 3464 WatAdminSvc - ok

19:22:42.0720 3464 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe

19:22:42.0902 3464 wbengine - ok

19:22:42.0980 3464 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll

19:22:43.0023 3464 WbioSrvc - ok

19:22:43.0057 3464 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll

19:22:43.0121 3464 wcncsvc - ok

19:22:43.0200 3464 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll

19:22:43.0248 3464 WcsPlugInService - ok

19:22:43.0289 3464 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys

19:22:43.0314 3464 Wd - ok

19:22:43.0398 3464 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys

19:22:43.0436 3464 Wdf01000 - ok

19:22:43.0524 3464 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll

19:22:43.0583 3464 WdiServiceHost - ok

19:22:43.0595 3464 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll

19:22:43.0629 3464 WdiSystemHost - ok

19:22:43.0670 3464 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll

19:22:43.0734 3464 WebClient - ok

19:22:43.0817 3464 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll

19:22:43.0867 3464 Wecsvc - ok

19:22:43.0887 3464 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll

19:22:43.0947 3464 wercplsupport - ok

19:22:44.0030 3464 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll

19:22:44.0079 3464 WerSvc - ok

19:22:44.0131 3464 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys

19:22:44.0182 3464 WfpLwf - ok

19:22:44.0275 3464 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys

19:22:44.0300 3464 WIMMount - ok

19:22:44.0357 3464 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll

19:22:44.0407 3464 Winmgmt - ok

19:22:44.0510 3464 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll

19:22:44.0645 3464 WinRM - ok

19:22:44.0736 3464 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll

19:22:44.0816 3464 Wlansvc - ok

19:22:44.0875 3464 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys

19:22:44.0917 3464 WmiAcpi - ok

19:22:45.0042 3464 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe

19:22:45.0109 3464 wmiApSrv - ok

19:22:45.0182 3464 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe

19:22:45.0309 3464 WMPNetworkSvc - ok

19:22:45.0380 3464 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll

19:22:45.0429 3464 WPCSvc - ok

19:22:45.0472 3464 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll

19:22:45.0552 3464 WPDBusEnum - ok

19:22:45.0652 3464 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys

19:22:45.0705 3464 ws2ifsl - ok

19:22:45.0773 3464 WSearch - ok

19:22:45.0840 3464 wuauserv (3026418a50c5b4761befa632cedb7406) C:\Windows\system32\wuaueng.dll

19:22:45.0940 3464 wuauserv - ok

19:22:46.0036 3464 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys

19:22:46.0169 3464 WudfPf - ok

19:22:46.0280 3464 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys

19:22:46.0342 3464 WUDFRd - ok

19:22:46.0378 3464 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll

19:22:46.0450 3464 wudfsvc - ok

19:22:46.0522 3464 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll

19:22:46.0575 3464 WwanSvc - ok

19:22:46.0609 3464 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

19:22:47.0422 3464 \Device\Harddisk0\DR0 - ok

19:22:47.0426 3464 Boot (0x1200) (2a131fded4bcef7ff0ad75ed956eb4ae) \Device\Harddisk0\DR0\Partition0

19:22:47.0427 3464 \Device\Harddisk0\DR0\Partition0 - ok

19:22:47.0460 3464 Boot (0x1200) (d3942b2e09040d87d2edfed4b3e06ae9) \Device\Harddisk0\DR0\Partition1

19:22:47.0462 3464 \Device\Harddisk0\DR0\Partition1 - ok

19:22:47.0467 3464 ============================================================

19:22:47.0467 3464 Scan finished

19:22:47.0467 3464 ============================================================

19:22:47.0486 3608 Detected object count: 4

19:22:47.0486 3608 Actual detected object count: 4

19:23:26.0547 3608 ose ( UnsignedFile.Multi.Generic ) - skipped by user

19:23:26.0547 3608 ose ( UnsignedFile.Multi.Generic ) - User select action: Skip

19:23:26.0554 3608 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - skipped by user

19:23:26.0554 3608 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

19:23:26.0559 3608 sptd ( LockedFile.Multi.Generic ) - skipped by user

19:23:26.0559 3608 sptd ( LockedFile.Multi.Generic ) - User select action: Skip

19:23:26.0567 3608 vpcvmm ( ForgedFile.Multi.Generic ) - skipped by user

19:23:26.0567 3608 vpcvmm ( ForgedFile.Multi.Generic ) - User select action: Skip

19:23:48.0308 3844 Deinitialize success

 

Сега как да процедирам ?

[Night_Raven]

Ако имаш антивирусна програма инсталирана, я спри, както и всякакви други излишни програми. Изтегли ComboFix (ако случайно вече имаш някаква версия, я замени) и го запази на работния плот.

Стартирай го, кликни I Agree, изчакай да се разархивира и сканира докрай. Не кликай по прозореца на инструмента. Ако бъдеш попитан(а) дали да бъде инсталирана Recovery Console, кликни Yes и потвърди след това с OK и отново Yes (два пъти). Сканирането ще продължи. Ако има нужда от рестарт, компютърът ще се рестартира автоматично. След рестарта трябва да продължи сканирането. Отново не закачай прозореца, докато той не се самозатвори. След това постави съдържанието на текстовия файл C:\ComboFix.txt тук или го прикачи към коментара си.

 

Ако не можеш да установиш връзка с интернет след използване на ComboFix, рестартирай системата.

[green_bg]

Изтеглих ComboFix.. спрях си антивирусната програма стартирах другата.. малко след това ми изкара прозорец в които пише да спра другата антивирусна а тя е спряна!Какво да правя ?

[s.feradov]

Деинсталирайте антивирусния софтуер, инсталиран на системата. След това повторете стъпките от коментар номер седем.

[green_bg]

Каква антивирусна бихте ми препоръчали да използвам ?

ComboFix.txt

[Night_Raven]

Има ли още пренасочване към abnow?

[green_bg]

Не оправи се благодаря!Каква антивирусна да използвам ?

[Night_Raven]

Изготви ми за всеки случай още един дневник от OTL (по същия начин, както го направи първия път).

[green_bg]

Found: 3

TDSSKiller.2.7.23.0_02.04.2012_20.39.46_log.txt

[Night_Raven]

Казах OTL, не TDSSKiller.