Mohu prosím poprosit o kontrolu logu HiJackThis

[lenishkaa]

Dobrý večer,
mám problém se spuštěním programů Adobe a Archicad..nejdou mi ukládát dokumenty ve Wordu a nedaří se mi instalace nových programů například Feat, SCIA, Autocad..
také mám problém s tím, že mi nejde změnit vzhled oken na vzhled Windows Vista..mám tu nastaven takový ten starý ošklivý vzhled..když se ho snažím změnit na ty Visty, tak mi to napíše, že přístup byl odepřen

nevím si s tím počítačem rady a vůbec netuším, čím by to mohlo být

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:30:53, on 24.5.2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Opera\opera.exe
C:\Windows\system32\mmc.exe
C:\Windows\System32\mspaint.exe
C:\PROGRA~1\MICROS~2\Office14\OIS.EXE
C:\Users\DELL\Documents\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O1 - Hosts: ::1 localhost
O2 - BHO: 4shared.com - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files\4shared.com\prxtb4sh0.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: 4shared.com Toolbar - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files\4shared.com\prxtb4sh0.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ProtocolDefaults: '@ivt' protocol is in My Computer Zone, should be Intranet Zone
O15 - ProtocolDefaults: 'file' protocol is in My Computer Zone, should be Internet Zone
O15 - ProtocolDefaults: 'ftp' protocol is in My Computer Zone, should be Internet Zone
O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone
O15 - ProtocolDefaults: 'https' protocol is in My Computer Zone, should be Internet Zone
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c09c50a2\aestsrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c09c50a2\STacSV.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 7791 bytes

[Reklama]

[guest]

Ještě jsem si od jara3 vypůjčil návod na mbam. To udělej také a tím vše malinko urychlíš.

Stáhni si mbam
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Pokud budou problémy , spusť v nouz. režimu.

[lenishkaa]

Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org

Database version: v2012.05.23.08

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
DELL :: DELL-PC [administrator]

Protection: Enabled

24.5.2012 1:07:42
mbam-log-2012-05-24 (01-18-43).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 215157
Time elapsed: 9 minute(s), 14 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Users\DELL\Downloads\P17535732.JPG-www.facebook.exe (Worm.Palevo) -> No action taken.
C:\Users\DELL\Downloads\XvidSetup.exe (Adware.Hotbar) -> No action taken.

(end)

[Žbeky]

Odinstaluj 4shared toolbar

Fixni:

Kód: Vybrat vše

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O1 - Hosts: ::1 localhost
O2 - BHO: 4shared.com - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files\4shared.com\prxtb4sh0.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O3 - Toolbar: 4shared.com Toolbar - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files\4shared.com\prxtb4sh0.dll
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O15 - ProtocolDefaults: '@ivt' protocol is in My Computer Zone, should be Intranet Zone
O15 - ProtocolDefaults: 'file' protocol is in My Computer Zone, should be Internet Zone
O15 - ProtocolDefaults: 'ftp' protocol is in My Computer Zone, should be Internet Zone
O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone
O15 - ProtocolDefaults: 'https' protocol is in My Computer Zone, should be Internet Zone

Znovu spusť MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

Stáhni si TDSSKiller
Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je označen pro odstranění, stačí restartovat počítač.

[lenishkaa]

tak snad jsem to udělala všechno správně

MbAM:
Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org

Database version: v2012.05.23.08

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
DELL :: DELL-PC [administrator]

Protection: Disabled

24.5.2012 12:20:01
mbam-log-2012-05-24 (12-20-01).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 214804
Time elapsed: 10 minute(s), 8 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

TDSSKiller:
12:32:55.0622 1088 TDSS rootkit removing tool 2.7.37.0 May 23 2012 08:15:30
12:32:55.0902 1088 ============================================================
12:32:55.0902 1088 Current date / time: 2012/05/24 12:32:55.0902
12:32:55.0902 1088 SystemInfo:
12:32:55.0902 1088
12:32:55.0902 1088 OS Version: 6.0.6002 ServicePack: 2.0
12:32:55.0902 1088 Product type: Workstation
12:32:55.0902 1088 ComputerName: DELL-PC
12:32:55.0902 1088 UserName: DELL
12:32:55.0902 1088 Windows directory: C:\Windows
12:32:55.0902 1088 System windows directory: C:\Windows
12:32:55.0902 1088 Processor architecture: Intel x86
12:32:55.0902 1088 Number of processors: 2
12:32:55.0902 1088 Page size: 0x1000
12:32:55.0902 1088 Boot type: Normal boot
12:32:55.0902 1088 ============================================================
12:32:57.0728 1088 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:32:57.0728 1088 ============================================================
12:32:57.0728 1088 \Device\Harddisk0\DR0:
12:32:57.0728 1088 MBR partitions:
12:32:57.0728 1088 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x12A18800
12:32:57.0728 1088 ============================================================
12:32:57.0837 1088 C: <-> \Device\Harddisk0\DR0\Partition0
12:32:57.0837 1088 ============================================================
12:32:57.0837 1088 Initialize success
12:32:57.0837 1088 ============================================================
12:33:02.0330 2096 ============================================================
12:33:02.0330 2096 Scan started
12:33:02.0330 2096 Mode: Manual;
12:33:02.0330 2096 ============================================================
12:33:04.0670 2096 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
12:33:04.0701 2096 ACPI - ok
12:33:05.0013 2096 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:33:05.0013 2096 AdobeFlashPlayerUpdateSvc - ok
12:33:05.0996 2096 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
12:33:06.0011 2096 adp94xx - ok
12:33:06.0573 2096 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
12:33:06.0604 2096 adpahci - ok
12:33:06.0885 2096 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
12:33:06.0947 2096 adpu160m - ok
12:33:06.0994 2096 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
12:33:07.0010 2096 adpu320 - ok
12:33:07.0072 2096 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
12:33:07.0072 2096 AeLookupSvc - ok
12:33:07.0634 2096 AESTFilters (ef1142512bec12f1c2c87735da1755be) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c09c50a2\aestsrv.exe
12:33:07.0649 2096 AESTFilters - ok
12:33:07.0743 2096 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
12:33:07.0743 2096 AFD - ok
12:33:07.0805 2096 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
12:33:07.0821 2096 agp440 - ok
12:33:07.0868 2096 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
12:33:07.0868 2096 aic78xx - ok
12:33:07.0946 2096 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
12:33:07.0946 2096 ALG - ok
12:33:07.0992 2096 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
12:33:07.0992 2096 aliide - ok
12:33:08.0024 2096 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
12:33:08.0024 2096 amdagp - ok
12:33:08.0117 2096 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
12:33:08.0117 2096 amdide - ok
12:33:08.0164 2096 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
12:33:08.0164 2096 AmdK7 - ok
12:33:08.0273 2096 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
12:33:08.0289 2096 AmdK8 - ok
12:33:08.0351 2096 ApfiltrService (448da519f3b6ffa158c513156053181e) C:\Windows\system32\DRIVERS\Apfiltr.sys
12:33:08.0351 2096 ApfiltrService - ok
12:33:08.0414 2096 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
12:33:08.0414 2096 Appinfo - ok
12:33:08.0445 2096 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
12:33:08.0460 2096 arc - ok
12:33:08.0492 2096 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
12:33:08.0492 2096 arcsas - ok
12:33:08.0538 2096 aswFsBlk (054df24c92b55427e0757cfff160e4f2) C:\Windows\system32\drivers\aswFsBlk.sys
12:33:08.0538 2096 aswFsBlk - ok
12:33:08.0570 2096 aswMonFlt (258143605e77e4008f1758481d6a977d) C:\Windows\system32\drivers\aswMonFlt.sys
12:33:08.0585 2096 aswMonFlt - ok
12:33:08.0585 2096 aswRdr (352d5a48ebab35a7693b048679304831) C:\Windows\system32\drivers\aswRdr.sys
12:33:08.0585 2096 aswRdr - ok
12:33:08.0694 2096 aswSnx (8d34d2b24297e27d93e847319abfdec4) C:\Windows\system32\drivers\aswSnx.sys
12:33:08.0710 2096 aswSnx - ok
12:33:09.0053 2096 aswSP (010012597333da1f46c3243f33f8409e) C:\Windows\system32\drivers\aswSP.sys
12:33:09.0069 2096 aswSP - ok
12:33:09.0100 2096 aswTdi (f9f84364416658e9786235904d448d37) C:\Windows\system32\drivers\aswTdi.sys
12:33:09.0116 2096 aswTdi - ok
12:33:09.0147 2096 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
12:33:09.0147 2096 AsyncMac - ok
12:33:09.0162 2096 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
12:33:09.0162 2096 atapi - ok
12:33:09.0708 2096 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
12:33:09.0755 2096 AudioEndpointBuilder - ok
12:33:09.0755 2096 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
12:33:09.0755 2096 Audiosrv - ok
12:33:10.0052 2096 avast! Antivirus (996e6d052438e8d8dfd501f31560b2e0) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
12:33:10.0052 2096 avast! Antivirus - ok
12:33:11.0066 2096 BCM43XX (e9ea635b8432d68f0005b3f6cebab837) C:\Windows\system32\DRIVERS\bcmwl5.sys
12:33:11.0112 2096 BCM43XX - ok
12:33:11.0175 2096 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
12:33:11.0175 2096 Beep - ok
12:33:11.0456 2096 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
12:33:11.0487 2096 BFE - ok
12:33:11.0705 2096 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
12:33:11.0736 2096 BITS - ok
12:33:11.0768 2096 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
12:33:11.0768 2096 blbdrive - ok
12:33:11.0799 2096 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
12:33:11.0799 2096 bowser - ok
12:33:11.0877 2096 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
12:33:11.0892 2096 BrFiltLo - ok
12:33:11.0892 2096 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
12:33:11.0892 2096 BrFiltUp - ok
12:33:11.0924 2096 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
12:33:11.0939 2096 Browser - ok
12:33:11.0970 2096 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
12:33:11.0970 2096 Brserid - ok
12:33:12.0002 2096 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
12:33:12.0002 2096 BrSerWdm - ok
12:33:12.0017 2096 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
12:33:12.0017 2096 BrUsbMdm - ok
12:33:12.0033 2096 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
12:33:12.0033 2096 BrUsbSer - ok
12:33:12.0782 2096 btaudio (ecdc40cc54603c711e1a7a1c9255184a) C:\Windows\system32\drivers\btaudio.sys
12:33:12.0813 2096 btaudio - ok
12:33:12.0860 2096 BTDriver (58a49bd10e08d3d4333a60dedcb1ced8) C:\Windows\system32\DRIVERS\btport.sys
12:33:12.0860 2096 BTDriver - ok
12:33:12.0906 2096 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys
12:33:12.0906 2096 BthEnum - ok
12:33:12.0953 2096 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
12:33:12.0953 2096 BTHMODEM - ok
12:33:12.0984 2096 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
12:33:12.0984 2096 BthPan - ok
12:33:13.0281 2096 BTHPORT (611ff3f2f095c8d4a6d4cfd9dcc09793) C:\Windows\system32\Drivers\BTHport.sys
12:33:13.0328 2096 BTHPORT - ok
12:33:13.0359 2096 BthServ (a4c8377fa4a994e07075107dbe2e3dce) C:\Windows\System32\bthserv.dll
12:33:13.0374 2096 BthServ - ok
12:33:13.0390 2096 BTHUSB (d330803eab2a15caec7f011f1d4cb30e) C:\Windows\system32\Drivers\BTHUSB.sys
12:33:13.0390 2096 BTHUSB - ok
12:33:14.0108 2096 BTKRNL (885b6d0f826a216eee4c3ad883809012) C:\Windows\system32\DRIVERS\btkrnl.sys
12:33:14.0108 2096 BTKRNL - ok
12:33:14.0810 2096 btwdins (467bc618deba4f8db5a1a5e87510c335) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
12:33:14.0825 2096 btwdins - ok
12:33:14.0919 2096 BTWDNDIS (b1d350f3f13cf340fce93912d2ba1ebf) C:\Windows\system32\DRIVERS\btwdndis.sys
12:33:14.0919 2096 BTWDNDIS - ok
12:33:14.0950 2096 btwhid (e48668b4a6a5cf68b33aecad18ee8e1e) C:\Windows\system32\DRIVERS\btwhid.sys
12:33:14.0981 2096 btwhid - ok
12:33:14.0997 2096 btwmodem (8bcd7bfe9c70a8ff7444263435b18aa1) C:\Windows\system32\DRIVERS\btwmodem.sys
12:33:14.0997 2096 btwmodem - ok
12:33:15.0028 2096 BTWUSB (57e91e9925976bbc98984eebaaf1d84c) C:\Windows\system32\Drivers\btwusb.sys
12:33:15.0028 2096 BTWUSB - ok
12:33:15.0075 2096 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
12:33:15.0075 2096 cdfs - ok
12:33:15.0106 2096 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
12:33:15.0122 2096 cdrom - ok
12:33:15.0168 2096 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
12:33:15.0168 2096 CertPropSvc - ok
12:33:15.0356 2096 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
12:33:15.0356 2096 circlass - ok
12:33:15.0808 2096 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
12:33:15.0870 2096 CLFS - ok
12:33:16.0073 2096 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:33:16.0089 2096 clr_optimization_v2.0.50727_32 - ok
12:33:16.0510 2096 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:33:16.0541 2096 clr_optimization_v4.0.30319_32 - ok
12:33:16.0572 2096 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
12:33:16.0572 2096 CmBatt - ok
12:33:16.0635 2096 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
12:33:16.0650 2096 cmdide - ok
12:33:16.0666 2096 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
12:33:16.0666 2096 Compbatt - ok
12:33:16.0666 2096 COMSysApp - ok
12:33:16.0682 2096 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
12:33:16.0682 2096 crcdisk - ok
12:33:16.0744 2096 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
12:33:16.0744 2096 Crusoe - ok
12:33:16.0822 2096 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
12:33:16.0822 2096 CryptSvc - ok
12:33:17.0337 2096 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
12:33:17.0352 2096 DcomLaunch - ok
12:33:17.0477 2096 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
12:33:17.0477 2096 DfsC - ok
12:33:19.0240 2096 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
12:33:19.0380 2096 DFSR - ok
12:33:20.0925 2096 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
12:33:20.0972 2096 Dhcp - ok
12:33:21.0050 2096 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
12:33:21.0065 2096 disk - ok
12:33:21.0112 2096 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
12:33:21.0112 2096 Dnscache - ok
12:33:21.0174 2096 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
12:33:21.0174 2096 dot3svc - ok
12:33:21.0221 2096 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
12:33:21.0221 2096 DPS - ok
12:33:21.0299 2096 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
12:33:21.0299 2096 drmkaud - ok
12:33:21.0611 2096 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
12:33:21.0642 2096 DXGKrnl - ok
12:33:21.0689 2096 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
12:33:21.0689 2096 E1G60 - ok
12:33:21.0720 2096 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
12:33:21.0752 2096 EapHost - ok
12:33:21.0814 2096 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
12:33:21.0814 2096 Ecache - ok
12:33:21.0892 2096 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
12:33:21.0908 2096 ehRecvr - ok
12:33:21.0939 2096 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
12:33:21.0939 2096 ehSched - ok
12:33:21.0954 2096 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
12:33:21.0954 2096 ehstart - ok
12:33:22.0235 2096 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
12:33:22.0251 2096 elxstor - ok
12:33:22.0859 2096 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
12:33:22.0937 2096 EMDMgmt - ok
12:33:22.0953 2096 ErrDev (a81ab23eddb4693612014d87367d014c) C:\Windows\system32\drivers\errdev.sys
12:33:22.0953 2096 ErrDev - ok
12:33:23.0218 2096 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
12:33:23.0234 2096 EventSystem - ok
12:33:23.0421 2096 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
12:33:23.0421 2096 exfat - ok
12:33:23.0452 2096 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
12:33:23.0452 2096 fastfat - ok
12:33:23.0530 2096 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
12:33:23.0530 2096 fdc - ok
12:33:23.0561 2096 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
12:33:23.0577 2096 fdPHost - ok
12:33:23.0592 2096 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
12:33:23.0608 2096 FDResPub - ok
12:33:23.0639 2096 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
12:33:23.0639 2096 FileInfo - ok
12:33:23.0670 2096 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
12:33:23.0670 2096 Filetrace - ok
12:33:23.0936 2096 FLEXnet Licensing Service (f76d04f7413b07daa029f6520b64b4e8) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
12:33:23.0936 2096 FLEXnet Licensing Service - ok
12:33:23.0967 2096 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
12:33:23.0967 2096 flpydisk - ok
12:33:24.0279 2096 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
12:33:24.0279 2096 FltMgr - ok
12:33:25.0215 2096 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
12:33:25.0277 2096 FontCache - ok
12:33:25.0574 2096 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
12:33:25.0605 2096 FontCache3.0.0.0 - ok
12:33:25.0652 2096 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
12:33:25.0652 2096 Fs_Rec - ok
12:33:25.0854 2096 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
12:33:25.0854 2096 gagp30kx - ok
12:33:25.0979 2096 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
12:33:25.0995 2096 gpsvc - ok
12:33:26.0291 2096 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
12:33:26.0291 2096 gupdate - ok
12:33:26.0307 2096 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
12:33:26.0307 2096 gupdatem - ok
12:33:26.0634 2096 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
12:33:26.0634 2096 gusvc - ok
12:33:26.0962 2096 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
12:33:26.0993 2096 HdAudAddService - ok
12:33:27.0290 2096 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
12:33:27.0352 2096 HDAudBus - ok
12:33:27.0368 2096 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
12:33:27.0368 2096 HidBth - ok
12:33:27.0414 2096 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
12:33:27.0414 2096 HidIr - ok
12:33:27.0461 2096 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
12:33:27.0461 2096 hidserv - ok
12:33:27.0477 2096 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
12:33:27.0477 2096 HidUsb - ok
12:33:27.0508 2096 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
12:33:27.0508 2096 hkmsvc - ok
12:33:27.0836 2096 HpCISSs (7ebec5eb56b90ed65a8bbd91464e5cfb) C:\Windows\system32\drivers\hpcisss.sys
12:33:27.0836 2096 HpCISSs - ok
12:33:27.0914 2096 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
12:33:27.0929 2096 HSFHWAZL - ok
12:33:28.0319 2096 HSF_DPV (e9e589c9ab799f52e18f057635a2b362) C:\Windows\system32\DRIVERS\HSX_DPV.sys
12:33:28.0366 2096 HSF_DPV - ok
12:33:28.0428 2096 HSXHWAZL (7845d2385f4dc7dfb3ccaf0c2fa4948e) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
12:33:28.0428 2096 HSXHWAZL - ok
12:33:28.0990 2096 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
12:33:29.0021 2096 HTTP - ok
12:33:29.0052 2096 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
12:33:29.0084 2096 i2omp - ok
12:33:29.0146 2096 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
12:33:29.0146 2096 i8042prt - ok
12:33:29.0208 2096 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
12:33:29.0224 2096 iaStorV - ok
12:33:30.0207 2096 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:33:30.0285 2096 idsvc - ok
12:33:32.0032 2096 igfx (c134e69ce901422d1f2d7ea8d69098fe) C:\Windows\system32\DRIVERS\igdkmd32.sys
12:33:32.0110 2096 igfx - ok
12:33:33.0155 2096 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
12:33:33.0171 2096 iirsp - ok
12:33:33.0405 2096 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
12:33:33.0405 2096 IKEEXT - ok
12:33:33.0498 2096 IntcHdmiAddService (98d303ccb3415e9202e82043b37d66dc) C:\Windows\system32\drivers\IntcHdmi.sys
12:33:33.0514 2096 IntcHdmiAddService - ok
12:33:33.0530 2096 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
12:33:33.0530 2096 intelide - ok
12:33:33.0561 2096 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
12:33:33.0561 2096 intelppm - ok
12:33:33.0608 2096 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
12:33:33.0608 2096 IPBusEnum - ok
12:33:33.0639 2096 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:33:33.0639 2096 IpFilterDriver - ok
12:33:34.0076 2096 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
12:33:34.0076 2096 iphlpsvc - ok
12:33:34.0091 2096 IpInIp - ok
12:33:34.0138 2096 IPMIDRV (4b9c0f4d4a3acc535f9771039ecd6365) C:\Windows\system32\drivers\ipmidrv.sys
12:33:34.0138 2096 IPMIDRV - ok
12:33:34.0185 2096 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
12:33:34.0185 2096 IPNAT - ok
12:33:34.0200 2096 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
12:33:34.0200 2096 IRENUM - ok
12:33:34.0232 2096 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
12:33:34.0232 2096 isapnp - ok
12:33:34.0278 2096 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
12:33:34.0294 2096 iScsiPrt - ok
12:33:34.0310 2096 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
12:33:34.0310 2096 iteatapi - ok
12:33:34.0356 2096 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
12:33:34.0356 2096 iteraid - ok
12:33:34.0372 2096 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
12:33:34.0372 2096 kbdclass - ok
12:33:34.0388 2096 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
12:33:34.0388 2096 kbdhid - ok
12:33:34.0450 2096 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
12:33:34.0450 2096 KeyIso - ok
12:33:35.0136 2096 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
12:33:35.0199 2096 KSecDD - ok
12:33:35.0292 2096 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
12:33:35.0308 2096 KtmRm - ok
12:33:35.0386 2096 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
12:33:35.0402 2096 LanmanServer - ok
12:33:35.0901 2096 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
12:33:35.0932 2096 LanmanWorkstation - ok
12:33:35.0963 2096 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
12:33:35.0963 2096 lltdio - ok
12:33:36.0150 2096 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
12:33:36.0166 2096 lltdsvc - ok
12:33:36.0182 2096 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
12:33:36.0182 2096 lmhosts - ok
12:33:36.0213 2096 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
12:33:36.0228 2096 LSI_FC - ok
12:33:36.0244 2096 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
12:33:36.0244 2096 LSI_SAS - ok
12:33:36.0306 2096 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
12:33:36.0322 2096 LSI_SCSI - ok
12:33:36.0338 2096 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
12:33:36.0353 2096 luafv - ok
12:33:36.0384 2096 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
12:33:36.0384 2096 MBAMProtector - ok
12:33:37.0102 2096 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
12:33:37.0102 2096 MBAMService - ok
12:33:37.0242 2096 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
12:33:37.0258 2096 Mcx2Svc - ok
12:33:37.0305 2096 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
12:33:37.0320 2096 mdmxsdk - ok
12:33:37.0383 2096 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
12:33:37.0383 2096 megasas - ok
12:33:37.0476 2096 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
12:33:37.0476 2096 MegaSR - ok
12:33:37.0554 2096 Microsoft SharePoint Workspace Audit Service - ok
12:33:37.0726 2096 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
12:33:37.0757 2096 MMCSS - ok
12:33:37.0788 2096 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
12:33:37.0788 2096 Modem - ok
12:33:37.0929 2096 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
12:33:37.0929 2096 monitor - ok
12:33:38.0022 2096 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
12:33:38.0022 2096 mouclass - ok
12:33:38.0100 2096 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
12:33:38.0100 2096 mouhid - ok
12:33:38.0132 2096 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
12:33:38.0132 2096 MountMgr - ok
12:33:38.0178 2096 mpio (5da347912fd3af24d7bfb3de519d4bd0) C:\Windows\system32\drivers\mpio.sys
12:33:38.0194 2096 mpio - ok
12:33:38.0584 2096 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
12:33:38.0600 2096 mpsdrv - ok
12:33:38.0724 2096 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
12:33:38.0740 2096 MpsSvc - ok
12:33:38.0771 2096 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
12:33:38.0787 2096 Mraid35x - ok
12:33:38.0834 2096 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
12:33:38.0834 2096 MRxDAV - ok
12:33:38.0896 2096 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
12:33:38.0896 2096 mrxsmb - ok
12:33:38.0943 2096 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:33:38.0958 2096 mrxsmb10 - ok
12:33:39.0005 2096 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:33:39.0005 2096 mrxsmb20 - ok
12:33:39.0052 2096 msahci (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys
12:33:39.0052 2096 msahci - ok
12:33:39.0114 2096 msdsm (2c563aef15b8d0014c36c5f27742ac7b) C:\Windows\system32\drivers\msdsm.sys
12:33:39.0114 2096 msdsm - ok
12:33:39.0177 2096 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
12:33:39.0224 2096 MSDTC - ok
12:33:39.0255 2096 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
12:33:39.0255 2096 Msfs - ok
12:33:39.0302 2096 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
12:33:39.0302 2096 msisadrv - ok
12:33:39.0364 2096 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
12:33:39.0380 2096 MSiSCSI - ok
12:33:39.0380 2096 msiserver - ok
12:33:39.0426 2096 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
12:33:39.0426 2096 MSKSSRV - ok
12:33:39.0473 2096 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
12:33:39.0489 2096 MSPCLOCK - ok
12:33:39.0489 2096 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
12:33:39.0504 2096 MSPQM - ok
12:33:40.0004 2096 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
12:33:40.0019 2096 MsRPC - ok
12:33:40.0144 2096 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
12:33:40.0160 2096 mssmbios - ok
12:33:40.0206 2096 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
12:33:40.0206 2096 MSTEE - ok
12:33:40.0284 2096 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
12:33:40.0300 2096 Mup - ok
12:33:40.0425 2096 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
12:33:40.0440 2096 napagent - ok
12:33:40.0550 2096 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
12:33:40.0565 2096 NativeWifiP - ok
12:33:40.0862 2096 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
12:33:40.0940 2096 NDIS - ok
12:33:40.0971 2096 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
12:33:40.0971 2096 NdisTapi - ok
12:33:41.0002 2096 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
12:33:41.0002 2096 Ndisuio - ok
12:33:41.0033 2096 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
12:33:41.0033 2096 NdisWan - ok
12:33:41.0049 2096 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
12:33:41.0049 2096 NDProxy - ok
12:33:41.0080 2096 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
12:33:41.0080 2096 NetBIOS - ok
12:33:41.0111 2096 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
12:33:41.0111 2096 netbt - ok
12:33:41.0142 2096 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
12:33:41.0158 2096 Netlogon - ok
12:33:41.0267 2096 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
12:33:41.0267 2096 Netman - ok
12:33:41.0330 2096 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
12:33:41.0345 2096 netprofm - ok
12:33:41.0408 2096 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:33:41.0423 2096 NetTcpPortSharing - ok
12:33:41.0470 2096 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
12:33:41.0486 2096 nfrd960 - ok
12:33:41.0517 2096 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
12:33:41.0532 2096 NlaSvc - ok
12:33:41.0564 2096 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
12:33:41.0564 2096 Npfs - ok
12:33:41.0595 2096 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
12:33:41.0595 2096 nsi - ok
12:33:41.0610 2096 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
12:33:41.0610 2096 nsiproxy - ok
12:33:41.0922 2096 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
12:33:41.0985 2096 Ntfs - ok
12:33:42.0047 2096 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
12:33:42.0063 2096 ntrigdigi - ok
12:33:42.0094 2096 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
12:33:42.0094 2096 Null - ok
12:33:42.0141 2096 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
12:33:42.0141 2096 nvraid - ok
12:33:42.0156 2096 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
12:33:42.0156 2096 nvstor - ok
12:33:42.0188 2096 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
12:33:42.0203 2096 nv_agp - ok
12:33:42.0203 2096 NwlnkFlt - ok
12:33:42.0203 2096 NwlnkFwd - ok
12:33:42.0484 2096 OEM02Dev (9d20fa5d8875f6063aa5e1c44446f698) C:\Windows\system32\DRIVERS\OEM02Dev.sys
12:33:42.0484 2096 OEM02Dev - ok
12:33:42.0578 2096 OEM02Vfx (86326062a90494bdd79ce383511d7d69) C:\Windows\system32\DRIVERS\OEM02Vfx.sys
12:33:42.0593 2096 OEM02Vfx - ok
12:33:42.0656 2096 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
12:33:42.0656 2096 ohci1394 - ok
12:33:42.0936 2096 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:33:42.0952 2096 ose - ok
12:33:47.0086 2096 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:33:47.0242 2096 osppsvc - ok
12:33:48.0755 2096 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
12:33:48.0802 2096 p2pimsvc - ok
12:33:48.0818 2096 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
12:33:48.0833 2096 p2psvc - ok
12:33:48.0880 2096 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
12:33:48.0896 2096 Parport - ok
12:33:48.0927 2096 partmgr (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys
12:33:48.0927 2096 partmgr - ok
12:33:48.0958 2096 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
12:33:48.0958 2096 Parvdm - ok
12:33:49.0005 2096 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
12:33:49.0005 2096 PcaSvc - ok
12:33:49.0052 2096 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys
12:33:49.0052 2096 pccsmcfd - ok
12:33:49.0083 2096 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
12:33:49.0083 2096 pci - ok
12:33:49.0145 2096 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
12:33:49.0161 2096 pciide - ok
12:33:49.0286 2096 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
12:33:49.0286 2096 pcmcia - ok
12:33:49.0707 2096 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
12:33:49.0738 2096 PEAUTH - ok
12:33:50.0518 2096 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
12:33:50.0612 2096 pla - ok
12:33:51.0641 2096 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
12:33:51.0657 2096 PlugPlay - ok
12:33:52.0328 2096 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
12:33:52.0343 2096 PNRPAutoReg - ok
12:33:52.0359 2096 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
12:33:52.0374 2096 PNRPsvc - ok
12:33:52.0640 2096 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
12:33:52.0655 2096 PolicyAgent - ok
12:33:52.0874 2096 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
12:33:52.0874 2096 PptpMiniport - ok
12:33:52.0905 2096 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
12:33:52.0905 2096 Processor - ok
12:33:53.0357 2096 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
12:33:53.0357 2096 ProfSvc - ok
12:33:53.0388 2096 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
12:33:53.0404 2096 ProtectedStorage - ok
12:33:53.0607 2096 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
12:33:53.0622 2096 PSched - ok
12:33:54.0387 2096 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
12:33:54.0402 2096 ql2300 - ok
12:33:54.0434 2096 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
12:33:54.0434 2096 ql40xx - ok
12:33:54.0527 2096 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
12:33:54.0558 2096 QWAVE - ok
12:33:54.0636 2096 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
12:33:54.0636 2096 QWAVEdrv - ok
12:33:54.0652 2096 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
12:33:54.0652 2096 RasAcd - ok
12:33:54.0699 2096 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
12:33:54.0714 2096 RasAuto - ok
12:33:54.0761 2096 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
12:33:54.0761 2096 Rasl2tp - ok
12:33:54.0808 2096 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
12:33:54.0808 2096 RasMan - ok
12:33:54.0839 2096 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
12:33:54.0839 2096 RasPppoe - ok
12:33:54.0870 2096 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
12:33:54.0870 2096 RasSstp - ok
12:33:54.0902 2096 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
12:33:54.0902 2096 rdbss - ok
12:33:54.0917 2096 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
12:33:54.0917 2096 RDPCDD - ok
12:33:55.0089 2096 rdpdr (943b18305eae3935598a9b4a3d560b4c) C:\Windows\system32\drivers\rdpdr.sys
12:33:55.0089 2096 rdpdr - ok
12:33:55.0104 2096 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
12:33:55.0136 2096 RDPENCDD - ok
12:33:55.0182 2096 RDPWD (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
12:33:55.0198 2096 RDPWD - ok
12:33:55.0260 2096 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
12:33:55.0260 2096 RemoteAccess - ok
12:33:55.0292 2096 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
12:33:55.0307 2096 RemoteRegistry - ok
12:33:55.0354 2096 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys
12:33:55.0354 2096 RFCOMM - ok
12:33:55.0401 2096 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys
12:33:55.0401 2096 rimmptsk - ok
12:33:55.0432 2096 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys
12:33:55.0432 2096 rimsptsk - ok
12:33:55.0448 2096 rismxdp (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys
12:33:55.0448 2096 rismxdp - ok
12:33:55.0463 2096 ROOTMODEM (75e8a6bfa7374aba833ae92bf41ae4e6) C:\Windows\system32\Drivers\RootMdm.sys
12:33:55.0463 2096 ROOTMODEM - ok
12:33:55.0494 2096 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
12:33:55.0494 2096 RpcLocator - ok
12:33:55.0666 2096 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
12:33:55.0682 2096 RpcSs - ok
12:33:55.0916 2096 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
12:33:55.0916 2096 rspndr - ok
12:33:56.0009 2096 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
12:33:56.0009 2096 SamSs - ok
12:33:56.0415 2096 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
12:33:56.0415 2096 sbp2port - ok
12:33:56.0477 2096 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
12:33:56.0477 2096 SCardSvr - ok
12:33:56.0680 2096 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
12:33:56.0696 2096 Schedule - ok
12:33:56.0758 2096 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
12:33:56.0758 2096 SCPolicySvc - ok
12:33:56.0805 2096 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
12:33:56.0805 2096 sdbus - ok
12:33:56.0852 2096 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
12:33:56.0852 2096 SDRSVC - ok
12:33:56.0883 2096 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
12:33:56.0883 2096 secdrv - ok
12:33:56.0898 2096 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
12:33:56.0914 2096 seclogon - ok
12:33:56.0930 2096 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
12:33:56.0930 2096 SENS - ok
12:33:56.0976 2096 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
12:33:56.0976 2096 Serenum - ok
12:33:56.0992 2096 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
12:33:56.0992 2096 Serial - ok
12:33:57.0023 2096 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
12:33:57.0023 2096 sermouse - ok
12:33:57.0429 2096 ServiceLayer (7d3903af48e6c1dc2704eafcb608d031) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
12:33:57.0476 2096 ServiceLayer - ok
12:33:57.0522 2096 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
12:33:57.0538 2096 SessionEnv - ok
12:33:57.0569 2096 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
12:33:57.0569 2096 sffdisk - ok
12:33:57.0600 2096 sffp_mmc (e5eafe85815bd89095fef3144a09ab68) C:\Windows\system32\drivers\sffp_mmc.sys
12:33:57.0600 2096 sffp_mmc - ok
12:33:57.0600 2096 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
12:33:57.0616 2096 sffp_sd - ok
12:33:57.0616 2096 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
12:33:57.0616 2096 sfloppy - ok
12:33:57.0678 2096 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
12:33:57.0694 2096 SharedAccess - ok
12:33:57.0803 2096 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
12:33:57.0834 2096 ShellHWDetection - ok
12:33:57.0928 2096 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
12:33:57.0944 2096 sisagp - ok
12:33:57.0959 2096 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
12:33:57.0959 2096 SiSRaid2 - ok
12:33:57.0990 2096 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
12:33:57.0990 2096 SiSRaid4 - ok
12:34:01.0157 2096 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
12:34:01.0266 2096 slsvc - ok
12:34:01.0797 2096 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
12:34:01.0797 2096 SLUINotify - ok
12:34:02.0078 2096 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
12:34:02.0093 2096 Smb - ok
12:34:02.0140 2096 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
12:34:02.0140 2096 SNMPTRAP - ok
12:34:02.0171 2096 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
12:34:02.0171 2096 spldr - ok
12:34:02.0343 2096 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
12:34:02.0358 2096 Spooler - ok
12:34:02.0436 2096 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
12:34:02.0452 2096 srv - ok
12:34:02.0514 2096 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
12:34:02.0530 2096 srv2 - ok
12:34:02.0561 2096 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
12:34:02.0561 2096 srvnet - ok
12:34:02.0686 2096 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
12:34:02.0686 2096 SSDPSRV - ok
12:34:02.0748 2096 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
12:34:02.0764 2096 SstpSvc - ok
12:34:03.0388 2096 STacSV (71679f24d0d0b2c6403bb5ac57026e99) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c09c50a2\STacSV.exe
12:34:03.0388 2096 STacSV - ok
12:34:03.0513 2096 STHDA (68a0d39e357dd7a234b1d4f1e844c615) C:\Windows\system32\drivers\stwrt.sys
12:34:03.0513 2096 STHDA - ok
12:34:04.0496 2096 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
12:34:04.0511 2096 stisvc - ok
12:34:04.0589 2096 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
12:34:04.0589 2096 swenum - ok
12:34:04.0761 2096 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
12:34:04.0761 2096 swprv - ok
12:34:04.0901 2096 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
12:34:04.0917 2096 Symc8xx - ok
12:34:04.0948 2096 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
12:34:04.0948 2096 Sym_hi - ok
12:34:04.0979 2096 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
12:34:04.0979 2096 Sym_u3 - ok
12:34:05.0447 2096 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
12:34:05.0494 2096 SysMain - ok
12:34:05.0525 2096 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
12:34:05.0541 2096 TabletInputService - ok
12:34:05.0744 2096 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
12:34:05.0759 2096 TapiSrv - ok
12:34:05.0915 2096 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
12:34:05.0915 2096 TBS - ok
12:34:06.0555 2096 Tcpip (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\drivers\tcpip.sys
12:34:06.0586 2096 Tcpip - ok
12:34:06.0602 2096 Tcpip6 (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\DRIVERS\tcpip.sys
12:34:06.0617 2096 Tcpip6 - ok
12:34:06.0680 2096 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
12:34:06.0695 2096 tcpipreg - ok
12:34:06.0726 2096 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
12:34:06.0726 2096 TDPIPE - ok
12:34:06.0773 2096 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
12:34:06.0773 2096 TDTCP - ok
12:34:06.0804 2096 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
12:34:06.0820 2096 tdx - ok
12:34:06.0836 2096 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
12:34:06.0836 2096 TermDD - ok
12:34:07.0506 2096 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
12:34:07.0506 2096 TermService - ok
12:34:07.0694 2096 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
12:34:07.0694 2096 Themes - ok
12:34:07.0787 2096 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
12:34:07.0787 2096 THREADORDER - ok
12:34:07.0912 2096 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
12:34:07.0912 2096 TrkWks - ok
12:34:08.0021 2096 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
12:34:08.0037 2096 TrustedInstaller - ok
12:34:08.0084 2096 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
12:34:08.0084 2096 tssecsrv - ok
12:34:08.0130 2096 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
12:34:08.0130 2096 tunmp - ok
12:34:08.0162 2096 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
12:34:08.0177 2096 tunnel - ok
12:34:08.0208 2096 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
12:34:08.0208 2096 uagp35 - ok
12:34:08.0255 2096 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
12:34:08.0255 2096 udfs - ok
12:34:08.0286 2096 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
12:34:08.0302 2096 UI0Detect - ok
12:34:08.0318 2096 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
12:34:08.0333 2096 uliagpkx - ok
12:34:08.0380 2096 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
12:34:08.0380 2096 uliahci - ok
12:34:08.0427 2096 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
12:34:08.0427 2096 UlSata - ok
12:34:08.0458 2096 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
12:34:08.0474 2096 ulsata2 - ok
12:34:08.0505 2096 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
12:34:08.0505 2096 umbus - ok
12:34:08.0536 2096 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
12:34:08.0552 2096 upnphost - ok
12:34:08.0598 2096 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
12:34:08.0614 2096 usbccgp - ok
12:34:08.0661 2096 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
12:34:08.0661 2096 usbcir - ok
12:34:08.0754 2096 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
12:34:08.0754 2096 usbehci - ok
12:34:08.0801 2096 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
12:34:08.0801 2096 usbhub - ok
12:34:08.0832 2096 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
12:34:08.0832 2096 usbohci - ok
12:34:08.0864 2096 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
12:34:08.0879 2096 usbprint - ok
12:34:08.0910 2096 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:34:08.0910 2096 USBSTOR - ok
12:34:08.0942 2096 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
12:34:08.0942 2096 usbuhci - ok
12:34:08.0973 2096 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
12:34:08.0973 2096 usbvideo - ok
12:34:09.0051 2096 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
12:34:09.0051 2096 UxSms - ok
12:34:09.0534 2096 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
12:34:09.0566 2096 vds - ok
12:34:09.0612 2096 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
12:34:09.0612 2096 vga - ok
12:34:09.0644 2096 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
12:34:09.0644 2096 VgaSave - ok
12:34:09.0675 2096 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
12:34:09.0675 2096 viaagp - ok
12:34:09.0706 2096 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
12:34:09.0722 2096 ViaC7 - ok
12:34:09.0722 2096 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
12:34:09.0722 2096 viaide - ok
12:34:09.0753 2096 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
12:34:09.0753 2096 volmgr - ok
12:34:09.0800 2096 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
12:34:09.0800 2096 volmgrx - ok
12:34:10.0018 2096 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
12:34:10.0034 2096 volsnap - ok
12:34:10.0314 2096 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
12:34:10.0314 2096 vsmraid - ok
12:34:10.0954 2096 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
12:34:11.0016 2096 VSS - ok
12:34:11.0266 2096 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
12:34:11.0313 2096 W32Time - ok
12:34:11.0375 2096 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
12:34:11.0391 2096 WacomPen - ok
12:34:11.0438 2096 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
12:34:11.0438 2096 Wanarp - ok
12:34:11.0453 2096 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
12:34:11.0469 2096 Wanarpv6 - ok
12:34:11.0594 2096 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
12:34:11.0609 2096 wcncsvc - ok
12:34:11.0734 2096 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
12:34:11.0734 2096 WcsPlugInService - ok
12:34:11.0781 2096 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
12:34:11.0781 2096 Wd - ok
12:34:12.0576 2096 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
12:34:12.0592 2096 Wdf01000 - ok
12:34:12.0623 2096 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
12:34:12.0623 2096 WdiServiceHost - ok
12:34:12.0639 2096 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
12:34:12.0639 2096 WdiSystemHost - ok
12:34:12.0686 2096 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
12:34:12.0701 2096 WebClient - ok
12:34:12.0998 2096 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
12:34:12.0998 2096 Wecsvc - ok
12:34:13.0154 2096 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
12:34:13.0154 2096 wercplsupport - ok
12:34:13.0419 2096 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
12:34:13.0450 2096 WerSvc - ok
12:34:13.0575 2096 winachsf (4daca8f07537d4d7e3534bb99294aa26) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
12:34:13.0575 2096 winachsf - ok
12:34:13.0965 2096 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
12:34:13.0996 2096 WinDefend - ok
12:34:13.0996 2096 WinHttpAutoProxySvc - ok
12:34:14.0480 2096 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
12:34:14.0511 2096 Winmgmt - ok
12:34:15.0930 2096 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
12:34:16.0008 2096 WinRM - ok
12:34:16.0617 2096 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
12:34:16.0664 2096 Wlansvc - ok
12:34:16.0742 2096 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
12:34:16.0757 2096 WmiAcpi - ok
12:34:16.0976 2096 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
12:34:16.0976 2096 wmiApSrv - ok
12:34:17.0522 2096 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
12:34:17.0553 2096 WMPNetworkSvc - ok
12:34:17.0615 2096 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
12:34:17.0631 2096 WPCSvc - ok
12:34:17.0678 2096 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
12:34:17.0678 2096 WPDBusEnum - ok
12:34:18.0021 2096 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
12:34:18.0036 2096 WPFFontCache_v0400 - ok
12:34:18.0130 2096 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
12:34:18.0146 2096 ws2ifsl - ok
12:34:18.0177 2096 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
12:34:18.0192 2096 wscsvc - ok
12:34:18.0192 2096 WSearch - ok
12:34:20.0813 2096 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
12:34:20.0891 2096 wuauserv - ok
12:34:22.0077 2096 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
12:34:22.0092 2096 WudfPf - ok
12:34:22.0248 2096 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
12:34:22.0248 2096 WUDFRd - ok
12:34:22.0280 2096 wudfsvc (2c0206ff8d2c75ac027d1096fa2fafda) C:\Windows\System32\WUDFSvc.dll
12:34:22.0295 2096 wudfsvc - ok
12:34:22.0342 2096 XAudio (5a7ff9a18ff6d7e0527fe3abf9204ef8) C:\Windows\system32\DRIVERS\xaudio.sys
12:34:22.0342 2096 XAudio - ok
12:34:22.0701 2096 XAudioService (28dc5d626e036a75a572556f0a6eb1f6) C:\Windows\system32\DRIVERS\xaudio.exe
12:34:22.0716 2096 XAudioService - ok
12:34:22.0810 2096 yukonwlh (a4822191c7cea271903c2a4fb6d9809d) C:\Windows\system32\DRIVERS\yk60x86.sys
12:34:22.0810 2096 yukonwlh - ok
12:34:22.0872 2096 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
12:34:26.0289 2096 \Device\Harddisk0\DR0 - ok
12:34:26.0304 2096 Boot (0x1200) (080eb317dad33bcba64835f6f820b3ee) \Device\Harddisk0\DR0\Partition0
12:34:26.0336 2096 \Device\Harddisk0\DR0\Partition0 - ok
12:34:26.0336 2096 ============================================================
12:34:26.0336 2096 Scan finished
12:34:26.0336 2096 ============================================================
12:34:26.0351 3204 Detected object count: 0
12:34:26.0351 3204 Actual detected object count: 0

[lenishkaa]

ComboFix:
ComboFix 12-05-23.06 - SYSTEM 24.05.2012 12:44:35.1.2 - x86
Spuštěný z: c:\users\DELL\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files\BasicScan
c:\program files\BasicScan\uninstall.exe
c:\programdata\4642c76d4e030483bddc50a2b1700539_c
c:\windows\IsUn0405.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-04-24 do 2012-05-24 )))))))))))))))))))))))))))))))
.
.
2012-05-24 10:53 . 2012-05-24 10:53 -------- d-----w- c:\users\DELL\AppData\Local\temp
2012-05-24 10:53 . 2012-05-24 10:53 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-05-24 09:30 . 2012-05-24 09:31 -------- d-----w- c:\users\DELL\AppData\Local\4shared.com
2012-05-23 23:06 . 2012-05-23 23:06 -------- d-----w- c:\users\DELL\AppData\Roaming\Malwarebytes
2012-05-23 23:05 . 2012-05-23 23:05 -------- d-----w- c:\programdata\Malwarebytes
2012-05-23 23:05 . 2012-05-23 23:06 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-05-23 23:05 . 2012-04-04 13:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-05-22 23:31 . 2012-05-22 23:31 -------- d-----w- c:\windows\system32\config\systemprofile\ESA80
2012-05-22 15:29 . 2012-05-08 16:40 6737808 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8573F2FC-EF25-4E1B-9CA5-9D6A889CAC38}\mpengine.dll
2012-05-17 20:49 . 2012-05-17 20:49 -------- d-----w- c:\users\DELL\AppData\Roaming\Autodesk
2012-05-17 20:49 . 2012-05-17 20:49 -------- d-----w- c:\programdata\Autodesk
2012-05-17 20:40 . 2012-05-17 20:40 -------- d-----w- C:\Autodesk
2012-05-17 19:49 . 2012-05-17 19:49 -------- d-----w- c:\users\DELL\AppData\Roaming\Install.GS
2012-05-15 00:12 . 2012-05-15 20:14 -------- d-----w- c:\users\DELL\AppData\Roaming\DivX
2012-05-13 12:07 . 2012-05-13 12:07 -------- d-----w- c:\users\DELL\AppData\Local\GS-LW-Temp
2012-05-13 08:19 . 2012-05-13 08:19 -------- d-----w- c:\users\DELL\AppData\Roaming\OpenOffice.org
2012-05-13 08:11 . 2012-05-13 08:12 -------- d-----w- c:\program files\OpenOffice.org 3
2012-05-12 13:15 . 2012-05-12 13:15 -------- d-----w- c:\program files\Foxit Software
2012-05-12 13:11 . 2012-05-12 13:11 -------- d-----w- c:\programdata\VistaCodecs
2012-05-11 18:10 . 2012-05-14 22:14 -------- d-----w- c:\users\DELL\AppData\Roaming\Abvent_Artlantis4
2012-05-11 17:42 . 2012-05-11 17:42 -------- d-----w- c:\users\DELL\AppData\Local\Opera
2012-05-11 10:56 . 2012-05-15 09:26 -------- d-----w- c:\program files\Common Files\Symantec Shared
2012-05-09 22:50 . 2012-03-30 12:39 905600 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-05-09 22:50 . 2012-03-20 23:28 53120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-05-05 16:11 . 2012-05-05 16:11 -------- d-----w- c:\programdata\Symantec
2012-05-05 16:11 . 2012-05-05 16:11 -------- d-----w- c:\windows\system32\drivers\NSS
2012-05-05 16:11 . 2012-05-05 16:11 -------- d-----w- c:\program files\Norton Security Scan
2012-05-05 16:11 . 2012-05-05 16:11 -------- d-----w- c:\programdata\Norton
2012-05-05 16:11 . 2012-05-05 16:11 -------- d-----w- c:\program files\NortonInstaller
2012-05-05 13:12 . 2012-05-05 13:15 -------- d-----w- c:\program files\Common Files\DivX Shared
2012-05-05 13:10 . 2012-05-05 13:17 -------- d-----w- c:\program files\DivX
2012-05-05 13:09 . 2012-05-05 13:17 -------- d-----w- c:\programdata\DivX
2012-05-01 11:47 . 2012-05-01 16:18 -------- d-----w- c:\users\TEMP.DELL-PC
2012-04-26 20:21 . 2012-04-26 20:21 -------- d-----w- c:\windows\Sun
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-05 15:24 . 2012-04-17 08:44 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-05-05 15:24 . 2012-01-15 10:47 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-03-22 19:12 . 2012-03-22 19:12 4435968 ----a-w- c:\windows\system32\GPhotos.scr
2012-02-29 15:11 . 2012-04-13 01:34 5120 ----a-w- c:\windows\system32\wmi.dll
2012-02-29 15:11 . 2012-04-13 01:34 172032 ----a-w- c:\windows\system32\wintrust.dll
2012-02-29 15:09 . 2012-04-13 01:34 157696 ----a-w- c:\windows\system32\imagehlp.dll
2012-02-29 13:32 . 2012-04-13 01:34 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-02-28 01:18 . 2012-04-13 01:35 1799168 ----a-w- c:\windows\system32\jscript9.dll
2012-02-28 01:11 . 2012-04-13 01:35 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2012-02-28 01:11 . 2012-04-13 01:35 1127424 ----a-w- c:\windows\system32\wininet.dll
2012-02-28 01:03 . 2012-04-13 01:35 2382848 ----a-w- c:\windows\system32\mshtml.tlb
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2008-02-15 405504]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2008-06-12 37232]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-11 640376]
"OEM02Mon.exe"="c:\windows\OEM02Mon.exe" [2007-05-10 36864]
"DELL Webcam Manager"="c:\program files\Dell\Dell Webcam Manager\DellWMgr.exe" [2007-07-27 118784]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2010-04-05 288040]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-15 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-15 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-15 133656]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2011-12-09 74752]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-02-15 417792]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
"Malwarebytes Anti-Malware (cleanup)"="c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll" [2012-04-04 1082440]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2028970586-1296065678-1954439850-1000]
"EnableNotificationsRef"=dword:00000001
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_c09c50a2\aestsrv.exe [2007-09-20 73728]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Obsah adresáře 'Naplánované úlohy'
.
2012-05-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-17 15:24]
.
2012-05-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-04-17 08:44]
.
2012-05-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-04-17 08:44]
.
2012-05-23 c:\windows\Tasks\Norton Security Scan for DELL.job
- c:\progra~1\NORTON~2\Engine\372~1.5\Nss.exe [2012-05-05 09:45]
.
.
------- Doplňkový sken -------
.
TCP: DhcpNameServer = 10.2.255.1 10.2.255.2
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - c:\program files\4shared.com\prxtb4sh0.dll
Toolbar-{09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - c:\program files\4shared.com\prxtb4sh0.dll
AddRemove-Feat2000 - c:\windows\IsUn0405.exe
AddRemove-Rainbow Sentinel Driver - c:\windows\SYSTEM32\RNBOSENT\SETUPX86.EXE
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-05-24 12:53
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
.
c:\windows\TEMP\catchme.dll 53248 bytes executable
.
sken byl úspešně dokončen
skryté soubory: 1
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2012-05-24 12:59:58
ComboFix-quarantined-files.txt 2012-05-24 10:59
.
Před spuštěním: 2 315 157 504
Po spuštění: 6 788 116 480
.
- - End Of File - - FCE876C7D905A3D5AC24C9610D003B26

[jaro3]

c:\users\DELL\AppData\Local\GS-LW-Temp
c:\users\TEMP.DELL-PC
Znáš ty složky?

[lenishkaa]

tu druhou (TEMP.DELL-PC) jsem našla a je prázdná..ale tu první jsem nenašla

[jaro3]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

KillAll::
File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\program files\Google\Update\GoogleUpdate.exe
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Folder::
c:\users\DELL\AppData\Local\4shared.com

DirLook::
c:\users\DELL\AppData\Local\GS-LW-Temp
c:\users\DELL\AppData\Roaming\Install.GS

RegNull::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

[lenishkaa]

z Combofix.exe mi v závěru žádný log nevyjel..pouze se restartoval počítač

HJT:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:07:28, on 24.5.2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\DELL\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [combofix] C:\ComboFix\CF20534.3XE /c C:\ComboFix\Combobatch.bat
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
O4 - HKLM\..\RunOnce: [combofix] C:\ComboFix\CF20534.3XE /c C:\ComboFixCombobatch.bat
O4 - Global Startup: Bluetooth.lnk = ?
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ProtocolDefaults: '@ivt' protocol is in My Computer Zone, should be Intranet Zone
O15 - ProtocolDefaults: 'file' protocol is in My Computer Zone, should be Internet Zone
O15 - ProtocolDefaults: 'ftp' protocol is in My Computer Zone, should be Internet Zone
O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone
O15 - ProtocolDefaults: 'https' protocol is in My Computer Zone, should be Internet Zone
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c09c50a2\aestsrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c09c50a2\STacSV.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 7303 bytes

aswMBR:
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-05-24 16:09:01
-----------------------------
16:09:01.812 OS Version: Windows 6.0.6002 Service Pack 2
16:09:01.812 Number of processors: 2 586 0xF0D
16:09:01.812 ComputerName: DELL-PC UserName: DELL
16:09:09.487 Initialize success
16:09:09.846 AVAST engine defs: 12052400
16:09:16.819 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-2
16:09:16.835 Disk 0 Vendor: Hitachi_HTS541616J9SA00 SB4OC7BP Size: 152627MB BusType: 3
16:09:16.835 Disk 0 MBR read successfully
16:09:16.835 Disk 0 MBR scan
16:09:16.851 Disk 0 Windows VISTA default MBR code
16:09:16.851 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 152625 MB offset 2048
16:09:16.866 Disk 0 scanning sectors +312578048
16:09:16.991 Disk 0 scanning C:\Windows\system32\drivers
16:09:34.603 Service scanning
16:10:00.484 Modules scanning
16:10:31.231 Module: C:\Windows\System32\ntdll.dll **SUSPICIOUS**
16:10:31.231 Disk 0 trace - called modules:
16:10:31.247 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS hal.dll PCIIDEX.SYS msahci.sys
16:10:31.247 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85abfac8]
16:10:31.263 3 CLASSPNP.SYS[887a28b3] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-2[0x853fbb98]
16:10:32.651 AVAST engine scan C:\Windows
16:10:43.587 AVAST engine scan C:\Windows\system32
16:15:16.399 AVAST engine scan C:\Windows\system32\drivers
16:15:33.263 AVAST engine scan C:\Windows\system32\config\systemprofile
16:15:37.522 AVAST engine scan C:\ProgramData
16:16:38.362 Scan finished successfully
16:16:54.258 Disk 0 MBR has been saved successfully to "C:\Users\DELL\Desktop\MBR.dat"
16:16:54.258 The log file has been saved successfully to "C:\Users\DELL\Desktop\aswMBR.txt"

[Žbeky]

Není přímo na disku C?

[lenishkaa]

vytvořila se mi složka ComboFix a jediné co odpovídá času než se počítač restartoval je tohle:

ComboFix 12-05-23.06 - SYSTEM 24.05.2012 15:54:05.3.2 - x86
Spuštěný z: C:\Users\DELL\Desktop\ComboFix.exe
Použité ovládací přepínače :: C:\Users\DELL\Desktop\CFScript.txt

FILE ::
"c:\program files\Google\Update\GoogleUpdate.exe"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"