Elektroda.pl
Elektroda.pl
X
Proszę, dodaj wyjątek www.elektroda.pl do Adblock.
Dzięki temu, że oglądasz reklamy, wspierasz portal i użytkowników.

Tablet - Wirus w usługach: CDPUserSvc_27ed8 ?

airbites 03 Mar 2017 15:39 690 6
  • #2 03 Mar 2017 15:52
    Kolobos
    Spec od komputerów

    Niczego takiego nie widac w logach.

    Wykonaj Fixlist.txt dla FRST:
    Task: {4BB6A9D8-7FB5-42FF-B00F-535B679F3CF4} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
    2017-03-03 15:22 - 2017-03-03 15:22 - 00016384 _____ () C:\Users\Tomek\AppData\Local\Temp\nss1BFC.tmp\registry.dll
    ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Brak pliku
    ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Brak pliku
    ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Brak pliku
    ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Brak pliku
    ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Brak pliku
    ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Brak pliku
    ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Brak pliku
    ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Brak pliku
    ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Brak pliku
    ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Brak pliku
    BootExecute:
    HKU\S-1-5-21-4206240626-1890511269-4167579382-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA
    FF Extension: (Brak nazwy) - C:\Users\Tomek\Desktop\CyberfoxPortable\Cyberfox\browser\features\CTR@8pecxstudios.com.xpi [nie znaleziono]
    S4 MBAMScheduler-BackupByMalwarebytesPortable; "\mbamscheduler.exe" [X]
    U4 dmwappushsvc; Brak ImagePath
    S3 WinRing0_1_2_0; \??\C:\Users\Tomek\Desktop\ThrottleStop_840\WinRing0x64.sys [X]
    2017-03-03 15:27 - 2016-10-29 09:20 - 00000000 ____D C:\AdwCleaner
    EmptyTemp:

    0
  • #3 03 Mar 2017 16:16
    airbites
    Poziom 22  

    Dzięki za odpowiedz ale nadal widnieje w uslugach. Ale na jakimś chińskich stronach pisze że to rookie czy coś w tym stylu...

    0
  • #5 03 Mar 2017 17:22
    airbites
    Poziom 22  

    17:19:23.0614 0x13e0 TDSS rootkit removing tool 3.1.0.12 Nov 7 2016 07:10:01
    17:19:23.0614 0x13e0 UEFI system
    17:19:26.0399 0x13e0 ============================================================
    17:19:26.0399 0x13e0 Current date / time: 2017/03/03 17:19:26.0399
    17:19:26.0399 0x13e0 SystemInfo:
    17:19:26.0399 0x13e0
    17:19:26.0399 0x13e0 OS Version: 10.0.14393 ServicePack: 0.0
    17:19:26.0399 0x13e0 Product type: Workstation
    17:19:26.0399 0x13e0 ComputerName: DESKTOP-9521GG5
    17:19:26.0399 0x13e0 UserName: Tomek
    17:19:26.0399 0x13e0 Windows directory: C:\Windows
    17:19:26.0399 0x13e0 System windows directory: C:\Windows
    17:19:26.0399 0x13e0 Running under WOW64
    17:19:26.0399 0x13e0 Processor architecture: Intel x64
    17:19:26.0399 0x13e0 Number of processors: 4
    17:19:26.0399 0x13e0 Page size: 0x1000
    17:19:26.0399 0x13e0 Boot type: Normal boot
    17:19:26.0399 0x13e0 CodeIntegrityOptions = 0x00000001
    17:19:26.0399 0x13e0 ============================================================
    17:19:26.0446 0x13e0 KLMD registered as C:\Windows\system32\drivers\66402082.sys
    17:19:26.0446 0x13e0 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.479, osProperties = 0x19
    17:19:26.0524 0x13e0 System UUID: {DBB12D09-1417-EE7A-5EB8-16C790E24A59}
    17:19:26.0899 0x13e0 !crdlk
    17:19:26.0914 0x13e0 Drive \Device\Harddisk0\DR0 - Size: 0xE8F800000 ( 58.24 Gb ), SectorSize: 0x200, Cylinders: 0x1DB3, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
    17:19:26.0914 0x13e0 Drive \Device\Harddisk1\DR1 - Size: 0x1D73F00000 ( 117.81 Gb ), SectorSize: 0x200, Cylinders: 0x3C13, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
    17:19:26.0930 0x13e0 ============================================================
    17:19:26.0930 0x13e0 \Device\Harddisk0\DR0:
    17:19:26.0930 0x13e0 Can't read MBR
    17:19:26.0930 0x13e0 \Device\Harddisk1\DR1:
    17:19:26.0930 0x13e0 Can't read MBR
    17:19:26.0930 0x13e0 Initialize success
    17:19:26.0930 0x13e0 ============================================================
    17:19:28.0150 0x095c ============================================================
    17:19:28.0150 0x095c Scan started
    17:19:28.0150 0x095c Mode: Manual;
    17:19:28.0150 0x095c ============================================================
    17:19:28.0150 0x095c KSN ping started
    17:19:28.0197 0x095c KSN ping finished: true
    17:19:28.0234 0x095c ================ Scan system memory ========================
    17:19:28.0234 0x095c System memory - ok
    17:19:28.0234 0x095c ================ Scan services =============================
    17:19:28.0281 0x095c 1394ohci - ok
    17:19:28.0296 0x095c 3ware - ok
    17:19:28.0296 0x095c ACPI - ok
    17:19:28.0312 0x095c AcpiDev - ok
    17:19:28.0312 0x095c acpiex - ok
    17:19:28.0328 0x095c acpipagr - ok
    17:19:28.0343 0x095c AcpiPmi - ok




    17:19:28.0343 0x095c acpitime - ok
    17:19:28.0359 0x095c ADP80XX - ok
    17:19:28.0374 0x095c AFD - ok
    17:19:28.0390 0x095c ahcache - ok
    17:19:28.0390 0x095c AJRouter - ok
    17:19:28.0406 0x095c ALG - ok
    17:19:28.0406 0x095c AmdPPM - ok
    17:19:28.0421 0x095c amdsata - ok
    17:19:28.0437 0x095c amdsbs - ok
    17:19:28.0437 0x095c amdxata - ok
    17:19:28.0453 0x095c AppID - ok
    17:19:28.0453 0x095c AppIDSvc - ok
    17:19:28.0468 0x095c Appinfo - ok
    17:19:28.0484 0x095c applockerfltr - ok
    17:19:28.0484 0x095c AppReadiness - ok
    17:19:28.0499 0x095c AppXSvc - ok
    17:19:28.0499 0x095c arcsas - ok
    17:19:28.0515 0x095c AsyncMac - ok
    17:19:28.0515 0x095c atapi - ok
    17:19:28.0531 0x095c AudioEndpointBuilder - ok
    17:19:28.0546 0x095c Audiosrv - ok
    17:19:28.0546 0x095c AxInstSV - ok
    17:19:28.0562 0x095c b06bdrv - ok
    17:19:28.0562 0x095c BasicDisplay - ok
    17:19:28.0578 0x095c BasicRender - ok
    17:19:28.0593 0x095c bcmfn - ok
    17:19:28.0593 0x095c bcmfn2 - ok
    17:19:28.0609 0x095c BDESVC - ok
    17:19:28.0624 0x095c Beep - ok
    17:19:28.0624 0x095c BFE - ok
    17:19:28.0640 0x095c BITS - ok
    17:19:28.0640 0x095c BMA2x2Accelerometer - ok
    17:19:28.0656 0x095c bowser - ok
    17:19:28.0656 0x095c BrokerInfrastructure - ok
    17:19:28.0671 0x095c BthAvrcpTg - ok
    17:19:28.0687 0x095c BthEnum - ok
    17:19:28.0687 0x095c BthHFEnum - ok
    17:19:28.0703 0x095c bthhfhid - ok
    17:19:28.0703 0x095c BthHFSrv - ok
    17:19:28.0718 0x095c BthLEEnum - ok
    17:19:28.0734 0x095c BthMini - ok
    17:19:28.0734 0x095c BTHMODEM - ok
    17:19:28.0749 0x095c BthPan - ok
    17:19:28.0749 0x095c BTHPORT - ok
    17:19:28.0765 0x095c bthserv - ok
    17:19:28.0781 0x095c buttonconverter - ok
    17:19:28.0781 0x095c camera - ok
    17:19:28.0796 0x095c CapImg - ok
    17:19:28.0796 0x095c cdfs - ok
    17:19:28.0812 0x095c CDPSvc - ok
    17:19:28.0812 0x095c CDPUserSvc - ok
    17:19:28.0843 0x095c cdrom - ok
    17:19:28.0843 0x095c CertPropSvc - ok
    17:19:28.0859 0x095c cht4iscsi - ok
    17:19:28.0859 0x095c cht4vbd - ok
    17:19:28.0874 0x095c circlass - ok
    17:19:28.0874 0x095c CLFS - ok
    17:19:28.0890 0x095c ClipSVC - ok
    17:19:28.0906 0x095c clreg - ok
    17:19:28.0921 0x095c CmBatt - ok
    17:19:28.0921 0x095c CNG - ok
    17:19:28.0937 0x095c cnghwassist - ok
    17:19:28.0937 0x095c CompositeBus - ok
    17:19:28.0953 0x095c COMSysApp - ok
    17:19:28.0968 0x095c condrv - ok
    17:19:28.0968 0x095c CoreMessagingRegistrar - ok
    17:19:28.0984 0x095c cphs - ok
    17:19:29.0000 0x095c CryptSvc - ok
    17:19:29.0015 0x095c dam - ok
    17:19:29.0031 0x095c DcomLaunch - ok
    17:19:29.0031 0x095c DcpSvc - ok
    17:19:29.0046 0x095c defragsvc - ok
    17:19:29.0046 0x095c DeviceAssociationService - ok
    17:19:29.0062 0x095c DeviceInstall - ok
    17:19:29.0062 0x095c DevQueryBroker - ok
    17:19:29.0078 0x095c Dfsc - ok
    17:19:29.0093 0x095c Dhcp - ok
    17:19:29.0093 0x095c diagnosticshub.standardcollector.service - ok
    17:19:29.0109 0x095c DiagTrack - ok
    17:19:29.0109 0x095c disk - ok
    17:19:29.0125 0x095c DmEnrollmentSvc - ok
    17:19:29.0140 0x095c dmvsc - ok
    17:19:29.0140 0x095c dmwappushservice - ok
    17:19:29.0156 0x095c Dnscache - ok
    17:19:29.0171 0x095c dot3svc - ok
    17:19:29.0171 0x095c DPS - ok
    17:19:29.0187 0x095c dptf_acpi - ok
    17:19:29.0203 0x095c dptf_cpu - ok
    17:19:29.0203 0x095c drmkaud - ok
    17:19:29.0218 0x095c DsmSvc - ok
    17:19:29.0218 0x095c DsSvc - ok
    17:19:29.0234 0x095c DXGKrnl - ok
    17:19:29.0250 0x095c EapHost - ok
    17:19:29.0250 0x095c ebdrv - ok
    17:19:29.0265 0x095c EFS - ok
    17:19:29.0265 0x095c EhStorClass - ok
    17:19:29.0281 0x095c EhStorTcgDrv - ok
    17:19:29.0281 0x095c embeddedmode - ok
    17:19:29.0296 0x095c EntAppSvc - ok
    17:19:29.0312 0x095c ErrDev - ok
    17:19:29.0328 0x095c esifsvc - ok
    17:19:29.0328 0x095c esif_lf - ok
    17:19:29.0343 0x095c EventSystem - ok
    17:19:29.0359 0x095c exfat - ok
    17:19:29.0359 0x095c fastfat - ok
    17:19:29.0375 0x095c Fax - ok
    17:19:29.0375 0x095c fdc - ok
    17:19:29.0390 0x095c fdPHost - ok
    17:19:29.0406 0x095c FDResPub - ok
    17:19:29.0406 0x095c fhsvc - ok
    17:19:29.0421 0x095c FileCrypt - ok
    17:19:29.0421 0x095c FileInfo - ok
    17:19:29.0437 0x095c Filetrace - ok
    17:19:29.0437 0x095c flpydisk - ok
    17:19:29.0453 0x095c FltMgr - ok
    17:19:29.0453 0x095c FontCache - ok
    17:19:29.0468 0x095c FrameServer - ok
    17:19:29.0468 0x095c FsDepends - ok
    17:19:29.0484 0x095c Fs_Rec - ok
    17:19:29.0484 0x095c fvevol - ok
    17:19:29.0500 0x095c gencounter - ok
    17:19:29.0515 0x095c genericusbfn - ok
    17:19:29.0515 0x095c GoodixTouchDriver - ok
    17:19:29.0515 0x095c GPIOClx0101 - ok
    17:19:29.0531 0x095c gpsvc - ok
    17:19:29.0531 0x095c GpuEnergyDrv - ok
    17:19:29.0546 0x095c HDAudBus - ok
    17:19:29.0546 0x095c HidBatt - ok
    17:19:29.0562 0x095c HidBth - ok
    17:19:29.0578 0x095c HidEventFilter - ok
    17:19:29.0578 0x095c hidi2c - ok
    17:19:29.0593 0x095c hidinterrupt - ok
    17:19:29.0593 0x095c HidIr - ok
    17:19:29.0609 0x095c hidserv - ok
    17:19:29.0609 0x095c HidUsb - ok
    17:19:29.0625 0x095c HomeGroupListener - ok
    17:19:29.0625 0x095c HomeGroupProvider - ok
    17:19:29.0640 0x095c HpSAMD - ok
    17:19:29.0640 0x095c HTTP - ok
    17:19:29.0656 0x095c HvHost - ok
    17:19:29.0656 0x095c hvservice - ok
    17:19:29.0671 0x095c hwpolicy - ok
    17:19:29.0671 0x095c hyperkbd - ok
    17:19:29.0687 0x095c i8042prt - ok
    17:19:29.0687 0x095c iagpio - ok
    17:19:29.0703 0x095c iai2c - ok
    17:19:29.0718 0x095c iai2ce - ok
    17:19:29.0718 0x095c iaisp - ok
    17:19:29.0734 0x095c iaLPSS2i_GPIO2 - ok
    17:19:29.0750 0x095c iaLPSS2i_I2C - ok
    17:19:29.0750 0x095c iaLPSSi_GPIO - ok
    17:19:29.0765 0x095c iaLPSSi_I2C - ok
    17:19:29.0765 0x095c iaspie - ok
    17:19:29.0781 0x095c iaStorAV - ok
    17:19:29.0796 0x095c iaStorV - ok
    17:19:29.0796 0x095c iauarte - ok
    17:19:29.0812 0x095c ibbus - ok
    17:19:29.0812 0x095c icssvc - ok
    17:19:29.0828 0x095c igfxCUIService2.0.0.0 - ok
    17:19:29.0843 0x095c igfxLP - ok
    17:19:29.0843 0x095c IKEEXT - ok
    17:19:29.0859 0x095c IndirectKmd - ok
    17:19:29.0875 0x095c intelide - ok
    17:19:29.0875 0x095c intelpep - ok
    17:19:29.0890 0x095c intelppm - ok
    17:19:29.0890 0x095c IntelSST - ok
    17:19:29.0906 0x095c iorate - ok
    17:19:29.0921 0x095c IpFilterDriver - ok
    17:19:29.0921 0x095c iphlpsvc - ok
    17:19:29.0937 0x095c IPMIDRV - ok
    17:19:29.0953 0x095c IPNAT - ok
    17:19:29.0953 0x095c irda - ok
    17:19:29.0968 0x095c IRENUM - ok
    17:19:29.0968 0x095c irmon - ok
    17:19:29.0984 0x095c isapnp - ok
    17:19:29.0984 0x095c iScsiPrt - ok
    17:19:30.0000 0x095c kbdclass - ok
    17:19:30.0015 0x095c kbdhid - ok
    17:19:30.0062 0x095c kdnic - ok
    17:19:30.0078 0x095c KeyIso - ok
    17:19:30.0078 0x095c KSecDD - ok
    17:19:30.0093 0x095c KSecPkg - ok
    17:19:30.0093 0x095c ksthunk - ok
    17:19:30.0109 0x095c KtmRm - ok
    17:19:30.0125 0x095c LanmanServer - ok
    17:19:30.0125 0x095c LanmanWorkstation - ok
    17:19:30.0140 0x095c lfsvc - ok
    17:19:30.0156 0x095c LicenseManager - ok
    17:19:30.0156 0x095c lltdio - ok
    17:19:30.0171 0x095c lltdsvc - ok
    17:19:30.0171 0x095c lmhosts - ok
    17:19:30.0187 0x095c LSI_SAS - ok
    17:19:30.0203 0x095c LSI_SAS2i - ok
    17:19:30.0203 0x095c LSI_SAS3i - ok
    17:19:30.0218 0x095c LSI_SSS - ok
    17:19:30.0234 0x095c LSM - ok
    17:19:30.0234 0x095c luafv - ok
    17:19:30.0250 0x095c MapsBroker - ok
    17:19:30.0250 0x095c MBAMProtector-BackupByMalwarebytesPortable - ok
    17:19:30.0265 0x095c MBAMService-BackupByMalwarebytesPortable - ok
    17:19:30.0281 0x095c MBAMWebAccessControl-BackupByMalwarebytesPortable - ok
    17:19:30.0296 0x095c MBI - ok
    17:19:30.0296 0x095c megasas - ok
    17:19:30.0312 0x095c megasas2i - ok
    17:19:30.0312 0x095c megasr - ok
    17:19:30.0328 0x095c MessagingService - ok
    17:19:30.0343 0x095c mlx4_bus - ok
    17:19:30.0343 0x095c MMCSS - ok
    17:19:30.0359 0x095c Modem - ok
    17:19:30.0375 0x095c monitor - ok
    17:19:30.0375 0x095c mouclass - ok
    17:19:30.0390 0x095c mouhid - ok
    17:19:30.0390 0x095c mountmgr - ok
    17:19:30.0406 0x095c mpsdrv - ok
    17:19:30.0406 0x095c MpsSvc - ok
    17:19:30.0421 0x095c MRxDAV - ok
    17:19:30.0437 0x095c mrxsmb - ok
    17:19:30.0437 0x095c mrxsmb10 - ok
    17:19:30.0453 0x095c mrxsmb20 - ok
    17:19:30.0453 0x095c MsBridge - ok
    17:19:30.0468 0x095c MSDTC - ok
    17:19:30.0484 0x095c Msfs - ok
    17:19:30.0484 0x095c msgpiowin32 - ok
    17:19:30.0500 0x095c mshidkmdf - ok
    17:19:30.0515 0x095c mshidumdf - ok
    17:19:30.0515 0x095c msisadrv - ok
    17:19:30.0531 0x095c MSiSCSI - ok
    17:19:30.0531 0x095c msiserver - ok
    17:19:30.0546 0x095c MSKSSRV - ok
    17:19:30.0562 0x095c MsLldp - ok
    17:19:30.0562 0x095c MSPCLOCK - ok
    17:19:30.0578 0x095c MSPQM - ok
    17:19:30.0578 0x095c MsRPC - ok
    17:19:30.0593 0x095c mssmbios - ok
    17:19:30.0609 0x095c MSTEE - ok
    17:19:30.0609 0x095c MTConfig - ok
    17:19:30.0625 0x095c Mup - ok
    17:19:30.0640 0x095c mvumis - ok
    17:19:30.0656 0x095c NativeWifiP - ok
    17:19:30.0656 0x095c NcaSvc - ok
    17:19:30.0671 0x095c NcbService - ok
    17:19:30.0671 0x095c NcdAutoSetup - ok
    17:19:30.0687 0x095c ndfltr - ok
    17:19:30.0687 0x095c NDIS - ok
    17:19:30.0703 0x095c NdisCap - ok
    17:19:30.0718 0x095c NdisImPlatform - ok
    17:19:30.0718 0x095c NdisTapi - ok
    17:19:30.0734 0x095c Ndisuio - ok
    17:19:30.0750 0x095c NdisVirtualBus - ok
    17:19:30.0750 0x095c NdisWan - ok
    17:19:30.0750 0x095c ndiswanlegacy - ok
    17:19:30.0765 0x095c ndproxy - ok
    17:19:30.0765 0x095c Ndu - ok
    17:19:30.0781 0x095c NetAdapterCx - ok
    17:19:30.0797 0x095c NetBIOS - ok
    17:19:30.0797 0x095c NetBT - ok
    17:19:30.0812 0x095c Netlogon - ok
    17:19:30.0812 0x095c Netman - ok
    17:19:30.0828 0x095c netprofm - ok
    17:19:30.0828 0x095c NetSetupSvc - ok
    17:19:30.0843 0x095c NetTcpPortSharing - ok
    17:19:30.0859 0x095c NgcCtnrSvc - ok
    17:19:30.0859 0x095c NgcSvc - ok
    17:19:30.0875 0x095c NlaSvc - ok
    17:19:30.0875 0x095c Npfs - ok
    17:19:30.0890 0x095c npsvctrig - ok
    17:19:30.0890 0x095c nsi - ok
    17:19:30.0906 0x095c nsiproxy - ok
    17:19:30.0906 0x095c NTFS - ok
    17:19:30.0922 0x095c Null - ok
    17:19:30.0937 0x095c nvraid - ok
    17:19:30.0937 0x095c nvstor - ok
    17:19:30.0953 0x095c OneSyncSvc - ok
    17:19:30.0968 0x095c p2pimsvc - ok
    17:19:30.0968 0x095c p2psvc - ok
    17:19:30.0984 0x095c Parport - ok
    17:19:30.0984 0x095c partmgr - ok
    17:19:31.0000 0x095c PcaSvc - ok
    17:19:31.0015 0x095c pci - ok
    17:19:31.0015 0x095c pciide - ok
    17:19:31.0031 0x095c pcmcia - ok
    17:19:31.0031 0x095c pcw - ok
    17:19:31.0047 0x095c pdc - ok
    17:19:31.0047 0x095c PEAUTH - ok
    17:19:31.0062 0x095c percsas2i - ok
    17:19:31.0078 0x095c percsas3i - ok
    17:19:31.0078 0x095c PerfHost - ok
    17:19:31.0109 0x095c PhoneSvc - ok
    17:19:31.0109 0x095c PimIndexMaintenanceSvc - ok
    17:19:31.0125 0x095c pla - ok
    17:19:31.0140 0x095c PlugPlay - ok
    17:19:31.0156 0x095c PMIC - ok
    17:19:31.0156 0x095c pmxdrv - ok
    17:19:31.0172 0x095c PNRPAutoReg - ok
    17:19:31.0172 0x095c PNRPsvc - ok
    17:19:31.0187 0x095c PolicyAgent - ok
    17:19:31.0203 0x095c Power - ok
    17:19:31.0203 0x095c PptpMiniport - ok
    17:19:31.0218 0x095c PrintNotify - ok
    17:19:31.0218 0x095c Processor - ok
    17:19:31.0234 0x095c ProfSvc - ok
    17:19:31.0250 0x095c Psched - ok
    17:19:31.0250 0x095c QWAVE - ok
    17:19:31.0265 0x095c QWAVEdrv - ok
    17:19:31.0265 0x095c RasAcd - ok
    17:19:31.0281 0x095c RasAgileVpn - ok
    17:19:31.0281 0x095c RasAuto - ok
    17:19:31.0297 0x095c Rasl2tp - ok
    17:19:31.0312 0x095c RasMan - ok
    17:19:31.0312 0x095c RasPppoe - ok
    17:19:31.0328 0x095c RasSstp - ok
    17:19:31.0328 0x095c rdbss - ok
    17:19:31.0343 0x095c rdpbus - ok
    17:19:31.0359 0x095c RDPDR - ok
    17:19:31.0359 0x095c RdpVideoMiniport - ok
    17:19:31.0375 0x095c rdyboost - ok
    17:19:31.0375 0x095c ReFSv1 - ok
    17:19:31.0390 0x095c RemoteAccess - ok
    17:19:31.0390 0x095c RemoteRegistry - ok
    17:19:31.0406 0x095c RetailDemo - ok
    17:19:31.0422 0x095c RFCOMM - ok
    17:19:31.0422 0x095c RmSvc - ok
    17:19:31.0437 0x095c RpcEptMapper - ok
    17:19:31.0437 0x095c RpcLocator - ok
    17:19:31.0437 0x095c RpcSs - ok
    17:19:31.0453 0x095c rspndr - ok
    17:19:31.0468 0x095c rtii2sac64 - ok
    17:19:31.0468 0x095c RtkUart - ok
    17:19:31.0484 0x095c RtlWlans - ok
    17:19:31.0484 0x095c rtux64w10 - ok
    17:19:31.0500 0x095c s3cap - ok
    17:19:31.0500 0x095c SamSs - ok
    17:19:31.0515 0x095c sbp2port - ok
    17:19:31.0515 0x095c SCardSvr - ok
    17:19:31.0531 0x095c ScDeviceEnum - ok
    17:19:31.0531 0x095c scfilter - ok
    17:19:31.0547 0x095c Schedule - ok
    17:19:31.0547 0x095c scmbus - ok
    17:19:31.0562 0x095c scmdisk0101 - ok
    17:19:31.0562 0x095c SCPolicySvc - ok
    17:19:31.0578 0x095c sdbus - ok
    17:19:31.0578 0x095c SDRSVC - ok
    17:19:31.0593 0x095c sdstor - ok
    17:19:31.0593 0x095c seclogon - ok
    17:19:31.0609 0x095c semav6msr64 - ok
    17:19:31.0609 0x095c SENS - ok
    17:19:31.0625 0x095c SensorDataService - ok
    17:19:31.0625 0x095c SensorService - ok
    17:19:31.0640 0x095c SensrSvc - ok
    17:19:31.0656 0x095c SerCx - ok
    17:19:31.0656 0x095c SerCx2 - ok
    17:19:31.0672 0x095c Serenum - ok
    17:19:31.0672 0x095c Serial - ok
    17:19:31.0687 0x095c sermouse - ok
    17:19:31.0687 0x095c SessionEnv - ok
    17:19:31.0703 0x095c sfloppy - ok
    17:19:31.0703 0x095c SharedAccess - ok
    17:19:31.0718 0x095c ShellHWDetection - ok
    17:19:31.0734 0x095c shpamsvc - ok
    17:19:31.0734 0x095c SiSRaid2 - ok
    17:19:31.0750 0x095c SiSRaid4 - ok
    17:19:31.0765 0x095c smphost - ok
    17:19:31.0765 0x095c SmsRouter - ok
    17:19:31.0781 0x095c SNMPTRAP - ok
    17:19:31.0797 0x095c spaceport - ok
    17:19:31.0797 0x095c SpbCx - ok
    17:19:31.0812 0x095c Spooler - ok
    17:19:31.0812 0x095c sppsvc - ok
    17:19:31.0828 0x095c srv - ok
    17:19:31.0843 0x095c srv2 - ok
    17:19:31.0843 0x095c srvnet - ok
    17:19:31.0859 0x095c SSDPSRV - ok
    17:19:31.0859 0x095c SstpSvc - ok
    17:19:31.0875 0x095c StateRepository - ok
    17:19:31.0890 0x095c stexstor - ok
    17:19:31.0890 0x095c stisvc - ok
    17:19:31.0906 0x095c storahci - ok
    17:19:31.0906 0x095c storflt - ok
    17:19:31.0922 0x095c stornvme - ok
    17:19:31.0937 0x095c storqosflt - ok
    17:19:31.0937 0x095c StorSvc - ok
    17:19:31.0953 0x095c storufs - ok
    17:19:31.0953 0x095c storvsc - ok
    17:19:31.0968 0x095c svsvc - ok
    17:19:31.0984 0x095c swenum - ok
    17:19:31.0984 0x095c swprv - ok
    17:19:32.0000 0x095c Synth3dVsc - ok
    17:19:32.0000 0x095c SysMain - ok
    17:19:32.0015 0x095c SystemEventsBroker - ok
    17:19:32.0015 0x095c TabletInputService - ok
    17:19:32.0031 0x095c TapiSrv - ok
    17:19:32.0047 0x095c Tcpip - ok
    17:19:32.0047 0x095c Tcpip6 - ok
    17:19:32.0062 0x095c tcpipreg - ok
    17:19:32.0078 0x095c tdx - ok
    17:19:32.0078 0x095c terminpt - ok
    17:19:32.0093 0x095c TermService - ok
    17:19:32.0109 0x095c Themes - ok
    17:19:32.0109 0x095c TieringEngineService - ok
    17:19:32.0125 0x095c tiledatamodelsvc - ok
    17:19:32.0125 0x095c TimeBrokerSvc - ok
    17:19:32.0140 0x095c TPM - ok
    17:19:32.0156 0x095c TrkWks - ok
    17:19:32.0156 0x095c TrustedInstaller - ok
    17:19:32.0172 0x095c tsusbflt - ok
    17:19:32.0187 0x095c TsUsbGD - ok
    17:19:32.0187 0x095c tunnel - ok
    17:19:32.0203 0x095c TXEIx64 - ok
    17:19:32.0218 0x095c tzautoupdate - ok
    17:19:32.0218 0x095c UASPStor - ok
    17:19:32.0234 0x095c UcmCx0101 - ok
    17:19:32.0234 0x095c UcmTcpciCx0101 - ok
    17:19:32.0250 0x095c UcmUcsi - ok
    17:19:32.0250 0x095c Ucx01000 - ok
    17:19:32.0265 0x095c UdeCx - ok
    17:19:32.0281 0x095c udfs - ok
    17:19:32.0281 0x095c UEFI - ok
    17:19:32.0297 0x095c Ufx01000 - ok
    17:19:32.0297 0x095c UfxChipidea - ok
    17:19:32.0312 0x095c ufxsynopsys - ok
    17:19:32.0328 0x095c UI0Detect - ok
    17:19:32.0343 0x095c umbus - ok
    17:19:32.0343 0x095c UmPass - ok
    17:19:32.0359 0x095c UmRdpService - ok
    17:19:32.0375 0x095c unicam - ok
    17:19:32.0375 0x095c UnistoreSvc - ok
    17:19:32.0390 0x095c upnphost - ok
    17:19:32.0406 0x095c UrsChipidea - ok
    17:19:32.0406 0x095c UrsCx01000 - ok
    17:19:32.0422 0x095c UrsSynopsys - ok
    17:19:32.0422 0x095c usbccgp - ok
    17:19:32.0437 0x095c usbcir - ok
    17:19:32.0437 0x095c usbehci - ok
    17:19:32.0453 0x095c usbhub - ok
    17:19:32.0469 0x095c USBHUB3 - ok
    17:19:32.0469 0x095c usbohci - ok
    17:19:32.0484 0x095c usbprint - ok
    17:19:32.0484 0x095c usbser - ok
    17:19:32.0500 0x095c USBSTOR - ok
    17:19:32.0500 0x095c usbuhci - ok
    17:19:32.0515 0x095c USBXHCI - ok
    17:19:32.0531 0x095c UserDataSvc - ok
    17:19:32.0531 0x095c UserManager - ok
    17:19:32.0547 0x095c UsoSvc - ok
    17:19:32.0562 0x095c VaultSvc - ok
    17:19:32.0562 0x095c vdrvroot - ok
    17:19:32.0578 0x095c vds - ok
    17:19:32.0590 0x095c VerifierExt - ok
    17:19:32.0598 0x095c vhdmp - ok
    17:19:32.0606 0x095c vhf - ok
    17:19:32.0606 0x095c vmbus - ok
    17:19:32.0622 0x095c VMBusHID - ok
    17:19:32.0638 0x095c vmgid - ok
    17:19:32.0638 0x095c vmicguestinterface - ok
    17:19:32.0653 0x095c vmicheartbeat - ok
    17:19:32.0653 0x095c vmickvpexchange - ok
    17:19:32.0669 0x095c vmicrdv - ok
    17:19:32.0669 0x095c vmicshutdown - ok
    17:19:32.0684 0x095c vmictimesync - ok
    17:19:32.0700 0x095c vmicvmsession - ok
    17:19:32.0700 0x095c vmicvss - ok
    17:19:32.0716 0x095c volmgr - ok
    17:19:32.0716 0x095c volmgrx - ok
    17:19:32.0731 0x095c volsnap - ok
    17:19:32.0747 0x095c volume - ok
    17:19:32.0747 0x095c vpci - ok
    17:19:32.0763 0x095c vsmraid - ok
    17:19:32.0763 0x095c VSS - ok
    17:19:32.0778 0x095c VSTXRAID - ok
    17:19:32.0778 0x095c vwifibus - ok
    17:19:32.0794 0x095c vwififlt - ok
    17:19:32.0809 0x095c vwifimp - ok
    17:19:32.0809 0x095c W32Time - ok
    17:19:32.0825 0x095c WacomPen - ok
    17:19:32.0841 0x095c WalletService - ok
    17:19:32.0841 0x095c wanarp - ok
    17:19:32.0856 0x095c wanarpv6 - ok
    17:19:32.0856 0x095c wbengine - ok
    17:19:32.0872 0x095c WbioSrvc - ok
    17:19:32.0888 0x095c wcifs - ok
    17:19:32.0888 0x095c Wcmsvc - ok
    17:19:32.0903 0x095c wcncsvc - ok
    17:19:32.0903 0x095c wcnfs - ok
    17:19:32.0919 0x095c WdBoot - ok
    17:19:32.0934 0x095c Wdf01000 - ok
    17:19:32.0934 0x095c WdFilter - ok
    17:19:32.0950 0x095c WdiServiceHost - ok
    17:19:32.0950 0x095c WdiSystemHost - ok
    17:19:32.0966 0x095c wdiwifi - ok
    17:19:32.0966 0x095c WdNisDrv - ok
    17:19:32.0981 0x095c WdNisSvc - ok
    17:19:32.0997 0x095c WebClient - ok
    17:19:32.0997 0x095c Wecsvc - ok
    17:19:33.0013 0x095c WEPHOSTSVC - ok
    17:19:33.0013 0x095c wercplsupport - ok
    17:19:33.0028 0x095c WerSvc - ok
    17:19:33.0028 0x095c WFPLWFS - ok
    17:19:33.0044 0x095c WiaRpc - ok
    17:19:33.0059 0x095c WIMMount - ok
    17:19:33.0059 0x095c WinDefend - ok
    17:19:33.0075 0x095c WindowsTrustedRT - ok
    17:19:33.0091 0x095c WindowsTrustedRTProxy - ok
    17:19:33.0091 0x095c WinHttpAutoProxySvc - ok
    17:19:33.0106 0x095c WinMad - ok
    17:19:33.0122 0x095c Winmgmt - ok
    17:19:33.0122 0x095c WinRM - ok
    17:19:33.0138 0x095c WINUSB - ok
    17:19:33.0153 0x095c WinVerbs - ok
    17:19:33.0169 0x095c wisvc - ok
    17:19:33.0169 0x095c WlanSvc - ok
    17:19:33.0184 0x095c wlidsvc - ok
    17:19:33.0184 0x095c WmiAcpi - ok
    17:19:33.0200 0x095c wmiApSrv - ok
    17:19:33.0216 0x095c WMPNetworkSvc - ok
    17:19:33.0216 0x095c Wof - ok
    17:19:33.0231 0x095c WPDBusEnum - ok
    17:19:33.0247 0x095c WpdUpFltr - ok
    17:19:33.0247 0x095c WpnService - ok
    17:19:33.0263 0x095c WpnUserService - ok
    17:19:33.0278 0x095c ws2ifsl - ok
    17:19:33.0278 0x095c wscsvc - ok
    17:19:33.0294 0x095c WSDPrintDevice - ok
    17:19:33.0309 0x095c WSDScan - ok
    17:19:33.0309 0x095c WSearch - ok
    17:19:33.0325 0x095c wuauserv - ok
    17:19:33.0341 0x095c WudfPf - ok
    17:19:33.0341 0x095c WUDFRd - ok
    17:19:33.0356 0x095c wudfsvc - ok
    17:19:33.0356 0x095c WUDFWpdFs - ok
    17:19:33.0372 0x095c WwanSvc - ok
    17:19:33.0388 0x095c XblAuthManager - ok
    17:19:33.0388 0x095c XblGameSave - ok
    17:19:33.0403 0x095c xboxgip - ok
    17:19:33.0403 0x095c XboxNetApiSvc - ok
    17:19:33.0419 0x095c xinputhid - ok
    17:19:33.0434 0x095c ================ Scan global ===============================
    17:19:33.0434 0x095c [ Global ] - ok
    17:19:33.0434 0x095c ================ Scan MBR ==================================
    17:19:33.0434 0x095c [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
    17:19:33.0434 0x095c \Device\Harddisk0\DR0 - ok
    17:19:33.0450 0x095c [ 88E05CC171B6FF730156F183A55A91D5 ] \Device\Harddisk1\DR1
    17:19:33.0466 0x095c \Device\Harddisk1\DR1 - ok
    17:19:33.0466 0x095c ================ Scan VBR ==================================
    17:19:33.0466 0x095c ================ Scan generic autorun ======================
    17:19:33.0466 0x095c WindowsDefender - ok
    17:19:33.0466 0x095c OneDriveSetup - ok
    17:19:33.0466 0x095c OneDriveSetup - ok
    17:19:33.0466 0x095c OneDriveSetup - ok
    17:19:33.0481 0x095c ShowBatteryBar - ok
    17:19:33.0513 0x095c AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x62100 ( disabled : updated )
    17:19:33.0513 0x095c Win FW state via NFP2: disabled ( trusted )
    17:19:33.0606 0x095c ============================================================
    17:19:33.0606 0x095c Scan finished
    17:19:33.0606 0x095c ============================================================
    17:19:33.0653 0x0828 Detected object count: 0
    17:19:33.0653 0x0828 Actual detected object count: 0

    0
  • #6 03 Mar 2017 17:24
    Kolobos
    Spec od komputerów

    To usluga systemowa.

    0
  • #7 03 Mar 2017 17:24
    airbites
    Poziom 22  

    a głebiej: C:\Windows\system32\svchost.exe -k UnistackSvcGroup

    0