tdsskiller - ta složka, jak jste uvedl tam není. Klikl jsem po skenu na tlačítko report a zobrazilo se tam tohle:
10:53:24.0886 6044 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
10:53:26.0914 6044 ============================================================
10:53:26.0914 6044 Current date / time: 2013/10/27 10:53:26.0914
10:53:26.0914 6044 SystemInfo:
10:53:26.0914 6044
10:53:26.0914 6044 OS Version: 6.1.7601 ServicePack: 1.0
10:53:26.0914 6044 Product type: Workstation
10:53:26.0914 6044 ComputerName: MININOTAS
10:53:26.0929 6044 UserName: Jana
10:53:26.0929 6044 Windows directory: C:\windows
10:53:26.0929 6044 System windows directory: C:\windows
10:53:26.0929 6044 Processor architecture: Intel x86
10:53:26.0929 6044 Number of processors: 4
10:53:26.0929 6044 Page size: 0x1000
10:53:26.0929 6044 Boot type: Normal boot
10:53:26.0929 6044 ============================================================
10:53:31.0188 6044 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
10:53:31.0204 6044 ============================================================
10:53:31.0204 6044 \Device\Harddisk0\DR0:
10:53:31.0204 6044 MBR partitions:
10:53:31.0204 6044 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xC800000
10:53:31.0204 6044 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xE600800, BlocksNum 0x16E26000
10:53:31.0204 6044 ============================================================
10:53:31.0251 6044 C: <-> \Device\Harddisk0\DR0\Partition1
10:53:31.0422 6044 D: <-> \Device\Harddisk0\DR0\Partition2
10:53:31.0422 6044 ============================================================
10:53:31.0422 6044 Initialize success
10:53:31.0422 6044 ============================================================
10:53:49.0565 6108 ============================================================
10:53:49.0565 6108 Scan started
10:53:49.0565 6108 Mode: Manual;
10:53:49.0565 6108 ============================================================
10:53:53.0637 6108 ================ Scan system memory ========================
10:53:53.0637 6108 System memory - ok
10:53:53.0652 6108 ================ Scan services =============================
10:53:54.0073 6108 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
10:53:54.0120 6108 1394ohci - ok
10:53:54.0198 6108 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\windows\system32\drivers\ACPI.sys
10:53:54.0214 6108 ACPI - ok
10:53:54.0276 6108 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
10:53:54.0292 6108 AcpiPmi - ok
10:53:54.0401 6108 [ A283108E14F3970432C21AF4C0CB1BCE ] AdobeFlashPlayerUpdateSvc C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:53:54.0417 6108 AdobeFlashPlayerUpdateSvc - ok
10:53:54.0510 6108 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\windows\system32\drivers\adp94xx.sys
10:53:54.0541 6108 adp94xx - ok
10:53:54.0573 6108 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\windows\system32\drivers\adpahci.sys
10:53:54.0635 6108 adpahci - ok
10:53:54.0713 6108 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\windows\system32\drivers\adpu320.sys
10:53:54.0713 6108 adpu320 - ok
10:53:54.0900 6108 [ 993F7B0BA5188A0007C085AA10257B8E ] AdvancedSystemCareService6 C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
10:53:54.0931 6108 AdvancedSystemCareService6 - ok
10:53:54.0978 6108 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
10:53:55.0009 6108 AeLookupSvc - ok
10:53:55.0072 6108 [ F81BB7E487EDCEAB630A7EE66CF23913 ] AFD C:\windows\system32\drivers\afd.sys
10:53:55.0087 6108 AFD - ok
10:53:55.0134 6108 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\windows\system32\drivers\agp440.sys
10:53:55.0150 6108 agp440 - ok
10:53:55.0181 6108 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\windows\system32\drivers\djsvs.sys
10:53:55.0197 6108 aic78xx - ok
10:53:55.0243 6108 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\windows\System32\alg.exe
10:53:55.0259 6108 ALG - ok
10:53:55.0306 6108 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\windows\system32\drivers\aliide.sys
10:53:55.0321 6108 aliide - ok
10:53:55.0353 6108 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\windows\system32\drivers\amdagp.sys
10:53:55.0353 6108 amdagp - ok
10:53:55.0384 6108 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\windows\system32\drivers\amdide.sys
10:53:55.0399 6108 amdide - ok
10:53:55.0415 6108 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
10:53:55.0431 6108 AmdK8 - ok
10:53:55.0462 6108 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
10:53:55.0462 6108 AmdPPM - ok
10:53:55.0509 6108 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\windows\system32\drivers\amdsata.sys
10:53:55.0509 6108 amdsata - ok
10:53:55.0540 6108 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\windows\system32\drivers\amdsbs.sys
10:53:55.0555 6108 amdsbs - ok
10:53:55.0571 6108 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\windows\system32\drivers\amdxata.sys
10:53:55.0587 6108 amdxata - ok
10:53:55.0696 6108 [ 6EAC742B758E110DD12EBC8446C07B6C ] Amsp C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
10:53:55.0727 6108 Amsp - ok
10:53:55.0758 6108 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\windows\system32\drivers\appid.sys
10:53:55.0758 6108 AppID - ok
10:53:55.0821 6108 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\windows\System32\appidsvc.dll
10:53:55.0821 6108 AppIDSvc - ok
10:53:55.0867 6108 [ EACFDF31921F51C097629F1F3C9129B4 ] Appinfo C:\windows\System32\appinfo.dll
10:53:55.0867 6108 Appinfo - ok
10:53:55.0899 6108 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\windows\system32\drivers\arc.sys
10:53:55.0899 6108 arc - ok
10:53:55.0930 6108 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\windows\system32\drivers\arcsas.sys
10:53:55.0930 6108 arcsas - ok
10:53:55.0961 6108 [ 956C7177DBDA0F02436868AD644CCF31 ] AsIO C:\windows\system32\drivers\AsIO.sys
10:53:55.0977 6108 AsIO - ok
10:53:56.0398 6108 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
10:53:56.0445 6108 aspnet_state - ok
10:53:56.0491 6108 [ A9A565C669786C402752F609AFDD0DD5 ] AsUpIO C:\windows\system32\drivers\AsUpIO.sys
10:53:56.0507 6108 AsUpIO - ok
10:53:56.0601 6108 [ 8165C8825C726A7D5EFDF863A2D1C28F ] ASUS InstantOn C:\Program Files\ASUS\InstantOn for EPC\InsOnSrv.exe
10:53:56.0616 6108 ASUS InstantOn - ok
10:53:56.0663 6108 [ 9E3579EB00FCD9264F83D75B7590BD0C ] AsusService C:\windows\system32\AsusService.exe
10:53:56.0710 6108 AsusService - ok
10:53:56.0788 6108 [ CCDA8D84FD02AEC52E62F296433AE9DC ] aswFsBlk C:\windows\system32\drivers\aswFsBlk.sys
10:53:56.0803 6108 aswFsBlk - ok
10:53:56.0835 6108 [ A6E20E62871A28A0F1C05B1681848FA7 ] aswMonFlt C:\windows\system32\drivers\aswMonFlt.sys
10:53:56.0850 6108 aswMonFlt - ok
10:53:56.0944 6108 [ 6844738D52970A0F482768EEA941C78E ] aswRdr C:\windows\System32\Drivers\aswrdr2.sys
10:53:56.0944 6108 aswRdr - ok
10:53:57.0006 6108 [ 657A61979F40D67CA29716149766FFA7 ] aswRvrt C:\windows\system32\drivers\aswRvrt.sys
10:53:57.0022 6108 aswRvrt - ok
10:53:57.0147 6108 [ 0E604867FC28F00D91CB0B00D2EC830D ] aswSnx C:\windows\system32\drivers\aswSnx.sys
10:53:57.0240 6108 aswSnx - ok
10:53:57.0381 6108 [ 6FC4AA106AA505394C908D37CCCB9148 ] aswSP C:\windows\system32\drivers\aswSP.sys
10:53:57.0412 6108 aswSP - ok
10:53:57.0474 6108 [ 33E21FFB063CA6C7E00D568467DC72E4 ] aswTdi C:\windows\system32\drivers\aswTdi.sys
10:53:57.0490 6108 aswTdi - ok
10:53:57.0568 6108 [ EDB0C9BA44B748E420CCA989FD8B826E ] aswVmm C:\windows\system32\drivers\aswVmm.sys
10:53:57.0583 6108 aswVmm - ok
10:53:57.0630 6108 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
10:53:57.0630 6108 AsyncMac - ok
10:53:57.0755 6108 [ 338C86357871C167A96AB976519BF59E ] atapi C:\windows\system32\drivers\atapi.sys
10:53:57.0755 6108 atapi - ok
10:53:58.0114 6108 [ 76BAB0C824E2D05B940C4DD40A9B08BF ] athr C:\windows\system32\DRIVERS\athr.sys
10:53:58.0176 6108 athr - ok
10:53:58.0441 6108 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
10:53:58.0473 6108 AudioEndpointBuilder - ok
10:53:58.0551 6108 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\windows\System32\Audiosrv.dll
10:53:58.0566 6108 Audiosrv - ok
10:53:58.0644 6108 [ 41735B82DB57E4EBE9504EC400FD120E ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
10:53:58.0660 6108 avast! Antivirus - ok
10:53:58.0707 6108 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\windows\System32\AxInstSV.dll
10:53:58.0722 6108 AxInstSV - ok
10:53:58.0847 6108 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\windows\system32\drivers\bxvbdx.sys
10:53:58.0909 6108 b06bdrv - ok
10:53:58.0956 6108 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\windows\system32\DRIVERS\b57nd60x.sys
10:53:58.0972 6108 b57nd60x - ok
10:53:59.0362 6108 [ 2BE0F23D494C301641C42EAD2FDCD4F2 ] BCM43XX C:\windows\system32\DRIVERS\bcmwl6.sys
10:53:59.0487 6108 BCM43XX - ok
10:53:59.0580 6108 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\windows\System32\bdesvc.dll
10:53:59.0596 6108 BDESVC - ok
10:53:59.0643 6108 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\windows\system32\drivers\Beep.sys
10:53:59.0658 6108 Beep - ok
10:53:59.0721 6108 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\windows\System32\bfe.dll
10:53:59.0736 6108 BFE - ok
10:53:59.0970 6108 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\windows\System32\qmgr.dll
10:54:00.0282 6108 BITS - ok
10:54:00.0345 6108 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
10:54:00.0345 6108 blbdrive - ok
10:54:00.0407 6108 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\windows\system32\DRIVERS\bowser.sys
10:54:00.0423 6108 bowser - ok
10:54:00.0485 6108 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
10:54:00.0501 6108 BrFiltLo - ok
10:54:00.0532 6108 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
10:54:00.0547 6108 BrFiltUp - ok
10:54:00.0610 6108 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\windows\System32\browser.dll
10:54:00.0625 6108 Browser - ok
10:54:00.0688 6108 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\windows\System32\Drivers\Brserid.sys
10:54:00.0703 6108 Brserid - ok
10:54:00.0750 6108 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
10:54:00.0766 6108 BrSerWdm - ok
10:54:00.0797 6108 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
10:54:00.0813 6108 BrUsbMdm - ok
10:54:00.0844 6108 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
10:54:00.0859 6108 BrUsbSer - ok
10:54:00.0906 6108 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
10:54:00.0922 6108 BthEnum - ok
10:54:01.0000 6108 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
10:54:01.0015 6108 BTHMODEM - ok
10:54:01.0047 6108 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
10:54:01.0062 6108 BthPan - ok
10:54:01.0171 6108 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
10:54:01.0187 6108 BTHPORT - ok
10:54:01.0265 6108 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\windows\system32\bthserv.dll
10:54:01.0281 6108 bthserv - ok
10:54:01.0327 6108 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
10:54:01.0343 6108 BTHUSB - ok
10:54:01.0437 6108 [ D57641BF7E6AF5C996EAB931AFADC271 ] btwampfl C:\windows\system32\drivers\btwampfl.sys
10:54:01.0499 6108 btwampfl - ok
10:54:01.0561 6108 [ 81471A7D64D1FC014D47A4CF33CD701E ] btwaudio C:\windows\system32\drivers\btwaudio.sys
10:54:01.0577 6108 btwaudio - ok
10:54:01.0624 6108 [ 098AF3559710FCEC05B7AA5159F435F9 ] btwavdt C:\windows\system32\DRIVERS\btwavdt.sys
10:54:01.0624 6108 btwavdt - ok
10:54:01.0795 6108 [ 8FCF8E276B5755DB87C8B015CAD1BC41 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
10:54:01.0905 6108 btwdins - ok
10:54:01.0967 6108 [ DE53089F0678CB5F0AFEB867ACB0FB05 ] btwl2cap C:\windows\system32\DRIVERS\btwl2cap.sys
10:54:01.0967 6108 btwl2cap - ok
10:54:02.0029 6108 [ E28EF3C4EF1849B876F850015066380B ] btwrchid C:\windows\system32\DRIVERS\btwrchid.sys
10:54:02.0029 6108 btwrchid - ok
10:54:02.0107 6108 [ 0A679709F97D085B8EFD40D3A116A59F ] CamthWDM C:\windows\system32\DRIVERS\CamthWDM.sys
10:54:02.0123 6108 CamthWDM - ok
10:54:02.0170 6108 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
10:54:02.0170 6108 cdfs - ok
10:54:02.0326 6108 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
10:54:02.0341 6108 cdrom - ok
10:54:02.0435 6108 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\windows\System32\certprop.dll
10:54:02.0435 6108 CertPropSvc - ok
10:54:02.0497 6108 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\windows\system32\drivers\circlass.sys
10:54:02.0513 6108 circlass - ok
10:54:02.0638 6108 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\windows\system32\CLFS.sys
10:54:02.0653 6108 CLFS - ok
10:54:02.0841 6108 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:54:02.0856 6108 clr_optimization_v2.0.50727_32 - ok
10:54:02.0903 6108 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:54:03.0355 6108 clr_optimization_v4.0.30319_32 - ok
10:54:03.0418 6108 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
10:54:03.0418 6108 CmBatt - ok
10:54:03.0621 6108 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\windows\system32\drivers\cmdide.sys
10:54:03.0636 6108 cmdide - ok
10:54:04.0089 6108 [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG C:\windows\system32\Drivers\cng.sys
10:54:04.0167 6108 CNG - ok
10:54:04.0291 6108 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\windows\system32\drivers\compbatt.sys
10:54:04.0307 6108 Compbatt - ok
10:54:04.0354 6108 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
10:54:04.0354 6108 CompositeBus - ok
10:54:04.0385 6108 COMSysApp - ok
10:54:04.0479 6108 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
10:54:04.0479 6108 crcdisk - ok
10:54:04.0572 6108 [ 7CA1BECEA5DE2643ADDAD32670E7A4C9 ] CryptSvc C:\windows\system32\cryptsvc.dll
10:54:04.0588 6108 CryptSvc - ok
10:54:04.0681 6108 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\windows\system32\rpcss.dll
10:54:04.0759 6108 DcomLaunch - ok
10:54:04.0853 6108 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\windows\System32\defragsvc.dll
10:54:04.0884 6108 defragsvc - ok
10:54:04.0947 6108 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\windows\system32\Drivers\dfsc.sys
10:54:04.0947 6108 DfsC - ok
10:54:05.0025 6108 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\windows\system32\dhcpcore.dll
10:54:05.0056 6108 Dhcp - ok
10:54:05.0118 6108 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\windows\system32\drivers\discache.sys
10:54:05.0134 6108 discache - ok
10:54:05.0196 6108 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\windows\system32\drivers\disk.sys
10:54:05.0196 6108 Disk - ok
10:54:05.0290 6108 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\windows\System32\dnsrslvr.dll
10:54:05.0305 6108 Dnscache - ok
10:54:05.0368 6108 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\windows\System32\dot3svc.dll
10:54:05.0399 6108 dot3svc - ok
10:54:05.0461 6108 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\windows\system32\dps.dll
10:54:05.0493 6108 DPS - ok
10:54:05.0539 6108 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
10:54:05.0555 6108 drmkaud - ok
10:54:05.0617 6108 [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01 C:\windows\system32\DRIVERS\dtsoftbus01.sys
10:54:05.0649 6108 dtsoftbus01 - ok
10:54:05.0805 6108 [ 71BC35067CABC02C9453AEAA42B2E43E ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
10:54:05.0898 6108 DXGKrnl - ok
10:54:05.0992 6108 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\windows\System32\eapsvc.dll
10:54:06.0007 6108 EapHost - ok
10:54:06.0491 6108 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\windows\system32\drivers\evbdx.sys
10:54:06.0631 6108 ebdrv - ok
10:54:06.0709 6108 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\windows\System32\lsass.exe
10:54:06.0725 6108 EFS - ok
10:54:06.0912 6108 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\windows\system32\drivers\elxstor.sys
10:54:06.0928 6108 elxstor - ok
10:54:06.0943 6108 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\windows\system32\drivers\errdev.sys
10:54:06.0959 6108 ErrDev - ok
10:54:07.0099 6108 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\windows\system32\es.dll
10:54:07.0209 6108 EventSystem - ok
10:54:07.0255 6108 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\windows\system32\drivers\exfat.sys
10:54:07.0271 6108 exfat - ok
10:54:07.0380 6108 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\windows\system32\drivers\fastfat.sys
10:54:07.0427 6108 fastfat - ok
10:54:07.0583 6108 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\windows\system32\fxssvc.exe
10:54:07.0645 6108 Fax - ok
10:54:07.0677 6108 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\windows\system32\drivers\fdc.sys
10:54:07.0692 6108 fdc - ok
10:54:07.0770 6108 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\windows\system32\fdPHost.dll
10:54:07.0786 6108 fdPHost - ok
10:54:07.0848 6108 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\windows\system32\fdrespub.dll
10:54:07.0864 6108 FDResPub - ok
10:54:07.0957 6108 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
10:54:07.0957 6108 FileInfo - ok
10:54:08.0020 6108 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\windows\system32\drivers\filetrace.sys
10:54:08.0035 6108 Filetrace - ok
10:54:08.0082 6108 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\windows\system32\drivers\flpydisk.sys
10:54:08.0098 6108 flpydisk - ok
10:54:08.0160 6108 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
10:54:08.0176 6108 FltMgr - ok
10:54:08.0363 6108 [ E12C4928B32ACE04610259647F072635 ] FontCache C:\windows\system32\FntCache.dll
10:54:08.0519 6108 FontCache - ok
10:54:08.0675 6108 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
10:54:08.0691 6108 FontCache3.0.0.0 - ok
10:54:08.0737 6108 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\windows\system32\drivers\FsDepends.sys
10:54:08.0753 6108 FsDepends - ok
10:54:08.0847 6108 [ BFAAA92861526BB0ADCD01E964AB6609 ] fssfltr C:\windows\system32\DRIVERS\fssfltr.sys
10:54:08.0862 6108 fssfltr - ok
10:54:09.0174 6108 [ 40CDFAD174B3D5E80F95DDA003C0B97F ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
10:54:09.0361 6108 fsssvc - ok
10:54:09.0424 6108 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
10:54:09.0424 6108 Fs_Rec - ok
10:54:09.0502 6108 [ E306A24D9694C724FA2491278BF50FDB ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
10:54:09.0549 6108 fvevol - ok
10:54:09.0627 6108 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
10:54:09.0627 6108 gagp30kx - ok
10:54:09.0767 6108 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\windows\System32\gpsvc.dll
10:54:09.0814 6108 gpsvc - ok
10:54:09.0939 6108 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
10:54:09.0970 6108 gupdate - ok
10:54:10.0001 6108 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
10:54:10.0001 6108 gupdatem - ok
10:54:10.0079 6108 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
10:54:10.0095 6108 hcw85cir - ok
10:54:10.0500 6108 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
10:54:10.0625 6108 HdAudAddService - ok
10:54:10.0687 6108 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
10:54:10.0703 6108 HDAudBus - ok
10:54:10.0797 6108 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\windows\system32\drivers\HidBatt.sys
10:54:10.0797 6108 HidBatt - ok
10:54:10.0875 6108 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\windows\system32\drivers\hidbth.sys
10:54:10.0890 6108 HidBth - ok
10:54:10.0953 6108 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\windows\system32\drivers\hidir.sys
10:54:10.0953 6108 HidIr - ok
10:54:11.0015 6108 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\windows\system32\hidserv.dll
10:54:11.0031 6108 hidserv - ok
10:54:11.0093 6108 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\windows\system32\drivers\hidusb.sys
10:54:11.0093 6108 HidUsb - ok
10:54:11.0155 6108 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\windows\system32\kmsvc.dll
10:54:11.0187 6108 hkmsvc - ok
10:54:11.0233 6108 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\windows\system32\ListSvc.dll
10:54:11.0265 6108 HomeGroupListener - ok
10:54:12.0123 6108 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\windows\system32\provsvc.dll
10:54:12.0653 6108 HomeGroupProvider - ok
10:54:13.0402 6108 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
10:54:13.0417 6108 HpSAMD - ok
10:54:13.0573 6108 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\windows\system32\drivers\HTTP.sys
10:54:13.0651 6108 HTTP - ok
10:54:13.0683 6108 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
10:54:13.0698 6108 hwpolicy - ok
10:54:13.0776 6108 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
10:54:13.0776 6108 i8042prt - ok
10:54:13.0854 6108 [ F4037A3FEDB92DD97C95F320766EA5C9 ] iaStor C:\windows\system32\drivers\iaStor.sys
10:54:13.0885 6108 iaStor - ok
10:54:13.0995 6108 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\windows\system32\drivers\iaStorV.sys
10:54:14.0026 6108 iaStorV - ok
10:54:14.0307 6108 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:54:14.0463 6108 idsvc - ok
10:54:14.0728 6108 [ 96FE1D82D1B4420D350AB6493C6FCE41 ] igddim32 C:\windows\system32\DRIVERS\igddim32.sys
10:54:14.0868 6108 igddim32 - ok
10:54:14.0946 6108 [ 30D8327539E11CFE5006BCF762F07EB9 ] igdkmd32 C:\windows\system32\DRIVERS\igdkmd32.sys
10:54:15.0009 6108 igdkmd32 - ok
10:54:15.0040 6108 [ 30D8327539E11CFE5006BCF762F07EB9 ] igfx C:\windows\system32\DRIVERS\igdkmd32.sys
10:54:15.0055 6108 igfx - ok
10:54:15.0133 6108 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\windows\system32\drivers\iirsp.sys
10:54:15.0149 6108 iirsp - ok
10:54:15.0258 6108 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\windows\System32\ikeext.dll
10:54:15.0336 6108 IKEEXT - ok
10:54:15.0960 6108 [ D4394A481B845CC1DF361A85751C071A ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHDA.sys
10:54:16.0241 6108 IntcAzAudAddService - ok
10:54:16.0303 6108 [ 8F4D251F1EA15FA97E8399128A72CC83 ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
10:54:16.0335 6108 IntcDAud - ok
10:54:16.0397 6108 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\windows\system32\drivers\intelide.sys
10:54:16.0397 6108 intelide - ok
10:54:16.0459 6108 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
10:54:16.0459 6108 intelppm - ok
10:54:16.0506 6108 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\windows\system32\ipbusenum.dll
10:54:16.0522 6108 IPBusEnum - ok
10:54:16.0553 6108 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
10:54:16.0569 6108 IpFilterDriver - ok
10:54:16.0662 6108 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\windows\System32\iphlpsvc.dll
10:54:16.0756 6108 iphlpsvc - ok
10:54:16.0834 6108 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
10:54:16.0849 6108 IPMIDRV - ok
10:54:16.0881 6108 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\windows\system32\drivers\ipnat.sys
10:54:16.0881 6108 IPNAT - ok
10:54:16.0959 6108 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\windows\system32\drivers\irenum.sys
10:54:16.0974 6108 IRENUM - ok
10:54:17.0021 6108 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\windows\system32\drivers\isapnp.sys
10:54:17.0021 6108 isapnp - ok
10:54:17.0083 6108 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
10:54:17.0099 6108 iScsiPrt - ok
10:54:17.0146 6108 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
10:54:17.0146 6108 kbdclass - ok
10:54:17.0208 6108 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
10:54:17.0208 6108 kbdhid - ok
10:54:17.0255 6108 [ 3EB803312987FF44265C87CB960DF6AB ] kbfiltr C:\windows\system32\DRIVERS\kbfiltr.sys
10:54:17.0271 6108 kbfiltr - ok
10:54:17.0317 6108 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\windows\system32\lsass.exe
10:54:17.0349 6108 KeyIso - ok
10:54:17.0395 6108 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
10:54:17.0411 6108 KSecDD - ok
10:54:17.0473 6108 [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
10:54:17.0489 6108 KSecPkg - ok
10:54:17.0614 6108 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\windows\system32\msdtckrm.dll
10:54:17.0661 6108 KtmRm - ok
10:54:17.0739 6108 [ 2D60DFAD37C101E35520E38F12B59770 ] L1C C:\windows\system32\DRIVERS\L1C62x86.sys
10:54:17.0739 6108 L1C - ok
10:54:17.0817 6108 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\windows\system32\srvsvc.dll
10:54:17.0895 6108 LanmanServer - ok
10:54:17.0957 6108 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
10:54:18.0082 6108 LanmanWorkstation - ok
10:54:18.0144 6108 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
10:54:18.0144 6108 lltdio - ok
10:54:18.0222 6108 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\windows\System32\lltdsvc.dll
10:54:18.0269 6108 lltdsvc - ok
10:54:18.0316 6108 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\windows\System32\lmhsvc.dll
10:54:18.0331 6108 lmhosts - ok
10:54:18.0425 6108 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
10:54:18.0425 6108 LSI_FC - ok
10:54:18.0456 6108 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
10:54:18.0456 6108 LSI_SAS - ok
10:54:18.0503 6108 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
10:54:18.0519 6108 LSI_SAS2 - ok
10:54:18.0581 6108 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
10:54:18.0581 6108 LSI_SCSI - ok
10:54:18.0643 6108 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\windows\system32\drivers\luafv.sys
10:54:18.0659 6108 luafv - ok
10:54:18.0706 6108 [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector C:\windows\system32\drivers\mbam.sys
10:54:18.0706 6108 MBAMProtector - ok
10:54:18.0799 6108 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
10:54:18.0831 6108 MBAMScheduler - ok
10:54:18.0940 6108 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
10:54:19.0018 6108 MBAMService - ok
10:54:19.0096 6108 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\windows\system32\drivers\megasas.sys
10:54:19.0111 6108 megasas - ok
10:54:19.0158 6108 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
10:54:19.0205 6108 MegaSR - ok
10:54:19.0267 6108 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\windows\system32\mmcss.dll
10:54:19.0299 6108 MMCSS - ok
10:54:19.0330 6108 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\windows\system32\drivers\modem.sys
10:54:19.0330 6108 Modem - ok
10:54:19.0408 6108 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\windows\system32\DRIVERS\monitor.sys
10:54:19.0423 6108 monitor - ok
10:54:19.0486 6108 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
10:54:19.0501 6108 mouclass - ok
10:54:19.0548 6108 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
10:54:19.0548 6108 mouhid - ok
10:54:19.0595 6108 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\windows\system32\drivers\mountmgr.sys
10:54:19.0611 6108 mountmgr - ok
10:54:19.0689 6108 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
10:54:19.0704 6108 MozillaMaintenance - ok
10:54:19.0782 6108 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\windows\system32\drivers\mpio.sys
10:54:19.0813 6108 mpio - ok
10:54:19.0876 6108 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
10:54:19.0891 6108 mpsdrv - ok
10:54:20.0094 6108 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\windows\system32\mpssvc.dll
10:54:20.0157 6108 MpsSvc - ok
10:54:20.0235 6108 [ 21F4B24ACFC79A483515BD986DD9043F ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
10:54:20.0250 6108 MRxDAV - ok
10:54:20.0297 6108 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
10:54:20.0313 6108 mrxsmb - ok
10:54:20.0359 6108 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
10:54:20.0375 6108 mrxsmb10 - ok
10:54:20.0437 6108 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
10:54:20.0437 6108 mrxsmb20 - ok
10:54:20.0515 6108 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\windows\system32\drivers\msahci.sys
10:54:20.0531 6108 msahci - ok
10:54:20.0578 6108 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\windows\system32\drivers\msdsm.sys
10:54:20.0593 6108 msdsm - ok
10:54:20.0671 6108 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\windows\System32\msdtc.exe
10:54:20.0687 6108 MSDTC - ok
10:54:20.0765 6108 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\windows\system32\drivers\Msfs.sys
10:54:20.0781 6108 Msfs - ok
10:54:20.0827 6108 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
10:54:20.0843 6108 mshidkmdf - ok
10:54:20.0874 6108 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
10:54:20.0890 6108 msisadrv - ok
10:54:20.0952 6108 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\windows\system32\iscsiexe.dll
10:54:20.0983 6108 MSiSCSI - ok
10:54:21.0015 6108 msiserver - ok
10:54:21.0061 6108 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
10:54:21.0077 6108 MSKSSRV - ok
10:54:21.0155 6108 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
10:54:21.0155 6108 MSPCLOCK - ok
10:54:21.0186 6108 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
10:54:21.0202 6108 MSPQM - ok
10:54:21.0264 6108 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
10:54:21.0280 6108 MsRPC - ok
10:54:21.0405 6108 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
10:54:21.0405 6108 mssmbios - ok
10:54:21.0467 6108 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
10:54:21.0483 6108 MSTEE - ok
10:54:21.0514 6108 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\windows\system32\drivers\MTConfig.sys
10:54:21.0529 6108 MTConfig - ok
10:54:21.0561 6108 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\windows\system32\Drivers\mup.sys
10:54:21.0576 6108 Mup - ok
10:54:21.0654 6108 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\windows\system32\qagentRT.dll
10:54:21.0717 6108 napagent - ok
10:54:21.0826 6108 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
10:54:21.0857 6108 NativeWifiP - ok
10:54:22.0013 6108 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\windows\system32\drivers\ndis.sys
10:54:22.0091 6108 NDIS - ok
10:54:22.0138 6108 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
10:54:22.0153 6108 NdisCap - ok
10:54:22.0216 6108 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
10:54:22.0216 6108 NdisTapi - ok
10:54:22.0278 6108 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
10:54:22.0294 6108 Ndisuio - ok
10:54:22.0356 6108 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
10:54:22.0372 6108 NdisWan - ok
10:54:22.0465 6108 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
10:54:22.0481 6108 NDProxy - ok
10:54:22.0559 6108 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
10:54:22.0559 6108 NetBIOS - ok
10:54:22.0684 6108 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
10:54:22.0715 6108 NetBT - ok
10:54:22.0824 6108 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\windows\system32\lsass.exe
10:54:22.0887 6108 Netlogon - ok
10:54:23.0027 6108 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\windows\System32\netman.dll
10:54:23.0074 6108 Netman - ok
10:54:23.0121 6108 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:54:23.0292 6108 NetMsmqActivator - ok
10:54:23.0323 6108 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:54:23.0339 6108 NetPipeActivator - ok
10:54:23.0448 6108 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\windows\System32\netprofm.dll
10:54:23.0511 6108 netprofm - ok
10:54:23.0573 6108 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:54:23.0573 6108 NetTcpActivator - ok
10:54:23.0635 6108 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:54:23.0651 6108 NetTcpPortSharing - ok
10:54:23.0760 6108 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
10:54:23.0760 6108 nfrd960 - ok
10:54:23.0916 6108 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\windows\System32\nlasvc.dll
10:54:23.0947 6108 NlaSvc - ok
10:54:24.0010 6108 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\windows\system32\drivers\Npfs.sys
10:54:24.0025 6108 Npfs - ok
10:54:24.0088 6108 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\windows\system32\nsisvc.dll
10:54:24.0135 6108 nsi - ok
10:54:24.0197 6108 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
10:54:24.0197 6108 nsiproxy - ok
10:54:24.0493 6108 [ 5E43D2B0EE64123D4880DFA6626DEFDE ] Ntfs C:\windows\system32\drivers\Ntfs.sys
10:54:24.0618 6108 Ntfs - ok
10:54:24.0712 6108 [ F9756A98D69098DCA8945D62858A812C ] Null C:\windows\system32\drivers\Null.sys
10:54:24.0727 6108 Null - ok
10:54:24.0790 6108 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\windows\system32\drivers\nvraid.sys
10:54:24.0790 6108 nvraid - ok
10:54:24.0837 6108 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\windows\system32\drivers\nvstor.sys
10:54:24.0852 6108 nvstor - ok
10:54:24.0915 6108 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\windows\system32\drivers\nv_agp.sys
10:54:24.0930 6108 nv_agp - ok
10:54:25.0164 6108 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:54:25.0195 6108 odserv - ok
10:54:25.0320 6108 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
10:54:25.0336 6108 ohci1394 - ok
10:54:25.0398 6108 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:54:25.0414 6108 ose - ok
10:54:25.0492 6108 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\windows\system32\pnrpsvc.dll
10:54:25.0539 6108 p2pimsvc - ok
10:54:25.0648 6108 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\windows\system32\p2psvc.dll
10:54:25.0710 6108 p2psvc - ok
10:54:25.0804 6108 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\windows\system32\drivers\parport.sys
10:54:25.0819 6108 Parport - ok
10:54:25.0897 6108 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\windows\system32\drivers\partmgr.sys
10:54:25.0913 6108 partmgr - ok
10:54:25.0960 6108 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\windows\system32\drivers\parvdm.sys
10:54:25.0960 6108 Parvdm - ok
10:54:26.0069 6108 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\windows\System32\pcasvc.dll
10:54:26.0116 6108 PcaSvc - ok
10:54:26.0163 6108 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\windows\system32\drivers\pci.sys
10:54:26.0194 6108 pci - ok
10:54:26.0256 6108 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\windows\system32\drivers\pciide.sys
10:54:26.0287 6108 pciide - ok
10:54:26.0350 6108 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\windows\system32\drivers\pcmcia.sys
10:54:26.0381 6108 pcmcia - ok
10:54:26.0428 6108 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\windows\system32\drivers\pcw.sys
10:54:26.0443 6108 pcw - ok
10:54:26.0615 6108 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\windows\system32\drivers\peauth.sys
10:54:26.0677 6108 PEAUTH - ok
10:54:27.0067 6108 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\windows\system32\pla.dll
10:54:27.0177 6108 pla - ok
10:54:27.0348 6108 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\windows\system32\umpnpmgr.dll
10:54:27.0395 6108 PlugPlay - ok
10:54:27.0489 6108 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
10:54:27.0520 6108 PNRPAutoReg - ok
10:54:27.0613 6108 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\windows\system32\pnrpsvc.dll
10:54:27.0660 6108 PNRPsvc - ok
10:54:27.0738 6108 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\windows\System32\ipsecsvc.dll
10:54:27.0769 6108 PolicyAgent - ok
10:54:27.0816 6108 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\windows\system32\umpo.dll
10:54:27.0863 6108 Power - ok
10:54:27.0910 6108 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
10:54:27.0925 6108 PptpMiniport - ok
10:54:27.0957 6108 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\windows\system32\drivers\processr.sys
10:54:27.0972 6108 Processor - ok
10:54:28.0066 6108 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\windows\system32\profsvc.dll
10:54:28.0097 6108 ProfSvc - ok
10:54:28.0128 6108 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\windows\system32\lsass.exe
10:54:28.0144 6108 ProtectedStorage - ok
10:54:28.0191 6108 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\windows\system32\DRIVERS\pacer.sys
10:54:28.0206 6108 Psched - ok
10:54:28.0409 6108 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\windows\system32\drivers\ql2300.sys
10:54:28.0487 6108 ql2300 - ok
10:54:28.0534 6108 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
10:54:28.0549 6108 ql40xx - ok
10:54:28.0612 6108 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\windows\system32\qwave.dll
Prosím o kontrolu logu - seká se notebook
Re: Prosím o kontrolu logu - seká se notebook
Odesláno pravděpodobně z PC, pokud ne, tak z jiného zařízení.
Re: Prosím o kontrolu logu - seká se notebook
10:54:28.0643 6108 QWAVE - ok
10:54:28.0737 6108 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
10:54:28.0737 6108 QWAVEdrv - ok
10:54:28.0768 6108 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
10:54:28.0768 6108 RasAcd - ok
10:54:28.0924 6108 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
10:54:28.0939 6108 RasAgileVpn - ok
10:54:29.0017 6108 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\windows\System32\rasauto.dll
10:54:29.0064 6108 RasAuto - ok
10:54:29.0111 6108 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
10:54:29.0111 6108 Rasl2tp - ok
10:54:29.0236 6108 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\windows\System32\rasmans.dll
10:54:29.0314 6108 RasMan - ok
10:54:29.0439 6108 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
10:54:29.0454 6108 RasPppoe - ok
10:54:29.0517 6108 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
10:54:29.0532 6108 RasSstp - ok
10:54:29.0595 6108 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
10:54:29.0610 6108 rdbss - ok
10:54:29.0657 6108 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\windows\system32\drivers\rdpbus.sys
10:54:29.0657 6108 rdpbus - ok
10:54:29.0719 6108 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
10:54:29.0735 6108 RDPCDD - ok
10:54:29.0782 6108 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
10:54:29.0797 6108 RDPENCDD - ok
10:54:29.0891 6108 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
10:54:29.0907 6108 RDPREFMP - ok
10:54:29.0953 6108 [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
10:54:29.0969 6108 RdpVideoMiniport - ok
10:54:30.0031 6108 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
10:54:30.0047 6108 RDPWD - ok
10:54:30.0094 6108 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
10:54:30.0141 6108 rdyboost - ok
10:54:30.0203 6108 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\windows\System32\mprdim.dll
10:54:30.0234 6108 RemoteAccess - ok
10:54:30.0281 6108 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\windows\system32\regsvc.dll
10:54:30.0359 6108 RemoteRegistry - ok
10:54:30.0406 6108 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
10:54:30.0421 6108 RFCOMM - ok
10:54:30.0453 6108 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
10:54:30.0484 6108 RpcEptMapper - ok
10:54:30.0531 6108 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\windows\system32\locator.exe
10:54:30.0546 6108 RpcLocator - ok
10:54:30.0655 6108 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\windows\system32\rpcss.dll
10:54:30.0718 6108 RpcSs - ok
10:54:30.0811 6108 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
10:54:30.0811 6108 rspndr - ok
10:54:30.0858 6108 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\windows\system32\lsass.exe
10:54:30.0874 6108 SamSs - ok
10:54:30.0905 6108 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\windows\system32\drivers\sbp2port.sys
10:54:30.0921 6108 sbp2port - ok
10:54:31.0014 6108 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\windows\System32\SCardSvr.dll
10:54:31.0061 6108 SCardSvr - ok
10:54:31.0108 6108 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
10:54:31.0108 6108 scfilter - ok
10:54:31.0217 6108 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\windows\system32\schedsvc.dll
10:54:31.0311 6108 Schedule - ok
10:54:31.0373 6108 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\windows\System32\certprop.dll
10:54:31.0389 6108 SCPolicySvc - ok
10:54:31.0467 6108 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\windows\System32\SDRSVC.dll
10:54:31.0513 6108 SDRSVC - ok
10:54:31.0607 6108 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\windows\system32\drivers\secdrv.sys
10:54:31.0623 6108 secdrv - ok
10:54:31.0669 6108 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\windows\system32\seclogon.dll
10:54:31.0716 6108 seclogon - ok
10:54:31.0763 6108 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\windows\System32\sens.dll
10:54:31.0794 6108 SENS - ok
10:54:31.0857 6108 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\windows\system32\drivers\serenum.sys
10:54:31.0857 6108 Serenum - ok
10:54:31.0903 6108 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\windows\system32\drivers\serial.sys
10:54:31.0919 6108 Serial - ok
10:54:31.0935 6108 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\windows\system32\drivers\sermouse.sys
10:54:31.0950 6108 sermouse - ok
10:54:32.0059 6108 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\windows\system32\sessenv.dll
10:54:32.0091 6108 SessionEnv - ok
10:54:32.0137 6108 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\windows\system32\drivers\sffdisk.sys
10:54:32.0153 6108 sffdisk - ok
10:54:32.0184 6108 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
10:54:32.0184 6108 sffp_mmc - ok
10:54:32.0215 6108 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
10:54:32.0215 6108 sffp_sd - ok
10:54:32.0247 6108 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
10:54:32.0247 6108 sfloppy - ok
10:54:32.0403 6108 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\windows\System32\ipnathlp.dll
10:54:32.0434 6108 SharedAccess - ok
10:54:32.0590 6108 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\windows\System32\shsvcs.dll
10:54:32.0652 6108 ShellHWDetection - ok
10:54:32.0699 6108 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\windows\system32\drivers\sisagp.sys
10:54:32.0715 6108 sisagp - ok
10:54:32.0761 6108 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
10:54:32.0761 6108 SiSRaid2 - ok
10:54:32.0808 6108 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
10:54:32.0824 6108 SiSRaid4 - ok
10:54:33.0276 6108 [ 73E3B5D1F1EB5FDC51A5C3437EEE3348 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
10:54:33.0463 6108 Skype C2C Service - ok
10:54:33.0588 6108 [ 3E587DBBDFF938DDE5D4CE4047BE9041 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
10:54:33.0604 6108 SkypeUpdate - ok
10:54:33.0666 6108 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\windows\system32\DRIVERS\smb.sys
10:54:33.0666 6108 Smb - ok
10:54:33.0791 6108 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\windows\System32\snmptrap.exe
10:54:33.0869 6108 SNMPTRAP - ok
10:54:33.0947 6108 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\windows\system32\drivers\spldr.sys
10:54:33.0963 6108 spldr - ok
10:54:34.0056 6108 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\windows\System32\spoolsv.exe
10:54:34.0150 6108 Spooler - ok
10:54:34.0353 6108 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\windows\system32\sppsvc.exe
10:54:34.0524 6108 sppsvc - ok
10:54:34.0618 6108 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\windows\system32\sppuinotify.dll
10:54:34.0649 6108 sppuinotify - ok
10:54:34.0727 6108 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\windows\system32\DRIVERS\srv.sys
10:54:34.0743 6108 srv - ok
10:54:34.0883 6108 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\windows\system32\DRIVERS\srv2.sys
10:54:34.0930 6108 srv2 - ok
10:54:35.0008 6108 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
10:54:35.0023 6108 srvnet - ok
10:54:35.0086 6108 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
10:54:35.0117 6108 SSDPSRV - ok
10:54:35.0538 6108 [ E855AC5D4B09F651CE96415C557FF92D ] ssinstall C:\windows\System32\ssins.exe
10:54:35.0694 6108 ssinstall - ok
10:54:35.0803 6108 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\windows\system32\sstpsvc.dll
10:54:35.0850 6108 SstpSvc - ok
10:54:35.0913 6108 [ 3F0164FBC0BD1ADBD02DF9759181451A ] ss_bbus C:\windows\system32\DRIVERS\ss_bbus.sys
10:54:35.0928 6108 ss_bbus - ok
10:54:36.0006 6108 [ B89D62206034E5FE573C80A24DD55675 ] ss_bmdfl C:\windows\system32\DRIVERS\ss_bmdfl.sys
10:54:36.0022 6108 ss_bmdfl - ok
10:54:36.0084 6108 [ 1ED0FCEA586FE2A416EE15196E5631DD ] ss_bmdm C:\windows\system32\DRIVERS\ss_bmdm.sys
10:54:36.0100 6108 ss_bmdm - ok
10:54:36.0162 6108 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\windows\system32\drivers\stexstor.sys
10:54:36.0162 6108 stexstor - ok
10:54:36.0396 6108 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\windows\System32\wiaservc.dll
10:54:36.0474 6108 StiSvc - ok
10:54:36.0537 6108 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\windows\system32\DRIVERS\swenum.sys
10:54:36.0552 6108 swenum - ok
10:54:36.0630 6108 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\windows\System32\swprv.dll
10:54:36.0693 6108 swprv - ok
10:54:36.0942 6108 [ 4DB524DCD5CECE0349D9F8C3738DA0B2 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
10:54:37.0051 6108 SynTP - ok
10:54:37.0301 6108 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\windows\system32\sysmain.dll
10:54:37.0410 6108 SysMain - ok
10:54:37.0519 6108 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\windows\System32\TabSvc.dll
10:54:37.0551 6108 TabletInputService - ok
10:54:37.0613 6108 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\windows\System32\tapisrv.dll
10:54:37.0675 6108 TapiSrv - ok
10:54:37.0722 6108 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\windows\System32\tbssvc.dll
10:54:37.0769 6108 TBS - ok
10:54:38.0050 6108 [ CA59F7C570AF70BC174F477CFE2D9EE3 ] Tcpip C:\windows\system32\drivers\tcpip.sys
10:54:38.0175 6108 Tcpip - ok
10:54:38.0533 6108 [ CA59F7C570AF70BC174F477CFE2D9EE3 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
10:54:38.0580 6108 TCPIP6 - ok
10:54:38.0814 6108 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
10:54:39.0001 6108 tcpipreg - ok
10:54:39.0204 6108 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
10:54:39.0204 6108 TDPIPE - ok
10:54:39.0235 6108 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
10:54:39.0251 6108 TDTCP - ok
10:54:39.0345 6108 [ B459575348C20E8121D6039DA063C704 ] tdx C:\windows\system32\DRIVERS\tdx.sys
10:54:39.0360 6108 tdx - ok
10:54:39.0407 6108 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
10:54:39.0423 6108 TermDD - ok
10:54:39.0532 6108 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\windows\System32\termsrv.dll
10:54:39.0625 6108 TermService - ok
10:54:39.0672 6108 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\windows\system32\themeservice.dll
10:54:39.0719 6108 Themes - ok
10:54:39.0828 6108 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\windows\system32\mmcss.dll
10:54:39.0859 6108 THREADORDER - ok
10:54:40.0156 6108 [ E5EFD1068D24F9F052A027CAFED3AA5A ] TiMiniService C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
10:54:40.0203 6108 TiMiniService - ok
10:54:40.0249 6108 [ DE87A23D2DDC7378D1C7AB681E20DE47 ] tmactmon C:\windows\system32\DRIVERS\tmactmon.sys
10:54:40.0265 6108 tmactmon - ok
10:54:40.0327 6108 [ 540C2B5DC47651C572C2804DC72FDDA8 ] tmcomm C:\windows\system32\DRIVERS\tmcomm.sys
10:54:40.0343 6108 tmcomm - ok
10:54:40.0421 6108 [ 2DE1FA64EBAFF376F2C038F64492F62C ] tmevtmgr C:\windows\system32\DRIVERS\tmevtmgr.sys
10:54:40.0437 6108 tmevtmgr - ok
10:54:40.0671 6108 [ 5A61679B2277B9AD550E30479A69503B ] tmtdi C:\windows\system32\DRIVERS\tmtdi.sys
10:54:40.0702 6108 tmtdi - ok
10:54:40.0764 6108 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\windows\System32\trkwks.dll
10:54:40.0811 6108 TrkWks - ok
10:54:40.0889 6108 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
10:54:40.0905 6108 TrustedInstaller - ok
10:54:41.0029 6108 [ B37B08F2E5EEB1A37E448E09BACE1101 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
10:54:41.0029 6108 tssecsrv - ok
10:54:41.0201 6108 [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
10:54:41.0217 6108 TsUsbFlt - ok
10:54:41.0310 6108 [ 57C527AF84748B5C2F5178C499C0B81F ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
10:54:41.0326 6108 TsUsbGD - ok
10:54:41.0451 6108 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
10:54:41.0466 6108 tunnel - ok
10:54:41.0513 6108 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\windows\system32\drivers\uagp35.sys
10:54:41.0529 6108 uagp35 - ok
10:54:41.0591 6108 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\windows\system32\DRIVERS\udfs.sys
10:54:41.0622 6108 udfs - ok
10:54:41.0716 6108 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\windows\system32\UI0Detect.exe
10:54:41.0763 6108 UI0Detect - ok
10:54:41.0794 6108 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
10:54:41.0809 6108 uliagpkx - ok
10:54:41.0872 6108 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\windows\system32\DRIVERS\umbus.sys
10:54:41.0887 6108 umbus - ok
10:54:41.0934 6108 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\windows\system32\drivers\umpass.sys
10:54:41.0950 6108 UmPass - ok
10:54:42.0043 6108 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\windows\System32\upnphost.dll
10:54:42.0121 6108 upnphost - ok
10:54:42.0168 6108 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
10:54:42.0184 6108 usbccgp - ok
10:54:42.0246 6108 [ 2352AB5F9F8F097BF9D41D5A4718A041 ] usbcir C:\windows\system32\drivers\usbcir.sys
10:54:42.0262 6108 usbcir - ok
10:54:42.0324 6108 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
10:54:42.0340 6108 usbehci - ok
10:54:42.0387 6108 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
10:54:42.0543 6108 usbhub - ok
10:54:42.0667 6108 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\windows\system32\drivers\usbohci.sys
10:54:42.0683 6108 usbohci - ok
10:54:42.0855 6108 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
10:54:42.0870 6108 usbprint - ok
10:54:43.0042 6108 [ FC6B21DB4B5B398AB93DBE59CBF11036 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
10:54:43.0057 6108 usbscan - ok
10:54:43.0104 6108 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
10:54:43.0120 6108 USBSTOR - ok
10:54:43.0213 6108 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\windows\system32\DRIVERS\usbuhci.sys
10:54:43.0229 6108 usbuhci - ok
10:54:43.0401 6108 [ DE014425522610BEDCA3821BB8C0F1D5 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
10:54:43.0416 6108 usbvideo - ok
10:54:43.0479 6108 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\windows\System32\uxsms.dll
10:54:43.0525 6108 UxSms - ok
10:54:43.0588 6108 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\windows\system32\lsass.exe
10:54:43.0603 6108 VaultSvc - ok
10:54:43.0666 6108 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
10:54:43.0681 6108 vdrvroot - ok
10:54:43.0775 6108 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\windows\System32\vds.exe
10:54:43.0853 6108 vds - ok
10:54:44.0071 6108 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
10:54:44.0087 6108 vga - ok
10:54:44.0196 6108 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\windows\System32\drivers\vga.sys
10:54:44.0212 6108 VgaSave - ok
10:54:44.0290 6108 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\windows\system32\drivers\vhdmp.sys
10:54:44.0305 6108 vhdmp - ok
10:54:44.0524 6108 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\windows\system32\drivers\viaagp.sys
10:54:44.0539 6108 viaagp - ok
10:54:44.0586 6108 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\windows\system32\drivers\viac7.sys
10:54:44.0602 6108 ViaC7 - ok
10:54:44.0649 6108 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\windows\system32\drivers\viaide.sys
10:54:44.0649 6108 viaide - ok
10:54:44.0742 6108 [ C37CE43FB54066FFB540729C6E6E194E ] VideAceWindowsService C:\ExpressGateUtil\VAWinService.exe
10:54:44.0742 6108 VideAceWindowsService - ok
10:54:44.0820 6108 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\windows\system32\drivers\volmgr.sys
10:54:44.0820 6108 volmgr - ok
10:54:44.0914 6108 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\windows\system32\drivers\volmgrx.sys
10:54:44.0945 6108 volmgrx - ok
10:54:45.0023 6108 [ C37AEE5966EB5929E2051AC7409B5730 ] volsnap C:\windows\system32\drivers\volsnap.sys
10:54:45.0054 6108 volsnap - ok
10:54:45.0163 6108 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
10:54:45.0304 6108 vsmraid - ok
10:54:45.0538 6108 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\windows\system32\vssvc.exe
10:54:45.0772 6108 VSS - ok
10:54:45.0819 6108 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
10:54:45.0834 6108 vwifibus - ok
10:54:45.0897 6108 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
10:54:45.0912 6108 vwififlt - ok
10:54:46.0021 6108 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\windows\system32\w32time.dll
10:54:46.0146 6108 W32Time - ok
10:54:46.0255 6108 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\windows\system32\drivers\wacompen.sys
10:54:46.0271 6108 WacomPen - ok
10:54:46.0333 6108 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
10:54:46.0349 6108 WANARP - ok
10:54:46.0365 6108 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
10:54:46.0380 6108 Wanarpv6 - ok
10:54:46.0614 6108 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\windows\system32\wbengine.exe
10:54:46.0739 6108 wbengine - ok
10:54:46.0817 6108 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
10:54:46.0879 6108 WbioSrvc - ok
10:54:47.0020 6108 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\windows\System32\wcncsvc.dll
10:54:47.0238 6108 wcncsvc - ok
10:54:47.0316 6108 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
10:54:47.0363 6108 WcsPlugInService - ok
10:54:47.0613 6108 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\windows\system32\drivers\wd.sys
10:54:47.0613 6108 Wd - ok
10:54:47.0847 6108 [ 25944D2CC49E0A6C581D02A74B7D6645 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
10:54:47.0987 6108 Wdf01000 - ok
10:54:48.0034 6108 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\windows\system32\wdi.dll
10:54:48.0081 6108 WdiServiceHost - ok
10:54:48.0112 6108 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\windows\system32\wdi.dll
10:54:48.0159 6108 WdiSystemHost - ok
10:54:48.0221 6108 [ 75E8EBD7040CE238684333F97014762A ] WebClient C:\windows\System32\webclnt.dll
10:54:48.0268 6108 WebClient - ok
10:54:48.0439 6108 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\windows\system32\wecsvc.dll
10:54:48.0486 6108 Wecsvc - ok
10:54:48.0533 6108 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\windows\System32\wercplsupport.dll
10:54:48.0580 6108 wercplsupport - ok
10:54:48.0642 6108 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\windows\System32\WerSvc.dll
10:54:48.0673 6108 WerSvc - ok
10:54:48.0736 6108 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
10:54:48.0736 6108 WfpLwf - ok
10:54:48.0783 6108 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\windows\system32\drivers\wimmount.sys
10:54:48.0783 6108 WIMMount - ok
10:54:49.0141 6108 [ 082CF481F659FAE0DE51AD060881EB47 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
10:54:49.0360 6108 WinDefend - ok
10:54:49.0422 6108 WinHttpAutoProxySvc - ok
10:54:49.0594 6108 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
10:54:49.0609 6108 Winmgmt - ok
10:54:49.0828 6108 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\windows\system32\WsmSvc.dll
10:54:49.0953 6108 WinRM - ok
10:54:50.0077 6108 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
10:54:50.0077 6108 WinUsb - ok
10:54:50.0233 6108 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\windows\System32\wlansvc.dll
10:54:50.0358 6108 Wlansvc - ok
10:54:50.0499 6108 [ 6067ACEF367E79914AF628FA1E9B5330 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
10:54:50.0530 6108 wlcrasvc - ok
10:54:51.0029 6108 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:54:51.0107 6108 wlidsvc - ok
10:54:51.0154 6108 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys
10:54:51.0154 6108 WmiAcpi - ok
10:54:51.0310 6108 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
10:54:51.0325 6108 wmiApSrv - ok
10:54:51.0559 6108 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
10:54:51.0637 6108 WMPNetworkSvc - ok
10:54:51.0700 6108 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\windows\System32\wpcsvc.dll
10:54:51.0731 6108 WPCSvc - ok
10:54:51.0762 6108 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
10:54:51.0809 6108 WPDBusEnum - ok
10:54:51.0887 6108 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
10:54:51.0887 6108 ws2ifsl - ok
10:54:51.0981 6108 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\windows\System32\wscsvc.dll
10:54:52.0012 6108 wscsvc - ok
10:54:52.0043 6108 WSearch - ok
10:54:52.0433 6108 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\windows\system32\wuaueng.dll
10:54:52.0527 6108 wuauserv - ok
10:54:52.0573 6108 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
10:54:52.0573 6108 WudfPf - ok
10:54:52.0605 6108 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
10:54:52.0620 6108 WUDFRd - ok
10:54:52.0651 6108 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\windows\System32\WUDFSvc.dll
10:54:52.0683 6108 wudfsvc - ok
10:54:52.0714 6108 [ 3C5E51C05BE9B56EAFF4E388C3AB25E4 ] WwanSvc C:\windows\System32\wwansvc.dll
10:54:52.0761 6108 WwanSvc - ok
10:54:52.0807 6108 ================ Scan global ===============================
10:54:52.0885 6108 [ DAB748AE0439955ED2FA22357533DDDB ] C:\windows\system32\basesrv.dll
10:54:52.0948 6108 [ 51BB04243DF6196C06E125898127E397 ] C:\windows\system32\winsrv.dll
10:54:52.0979 6108 [ 51BB04243DF6196C06E125898127E397 ] C:\windows\system32\winsrv.dll
10:54:53.0041 6108 [ 364455805E64882844EE9ACB72522830 ] C:\windows\system32\sxssrv.dll
10:54:53.0104 6108 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\windows\system32\services.exe
10:54:53.0135 6108 [Global] - ok
10:54:53.0135 6108 ================ Scan MBR ==================================
10:54:53.0151 6108 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:54:57.0550 6108 \Device\Harddisk0\DR0 - ok
10:54:57.0565 6108 ================ Scan VBR ==================================
10:54:57.0612 6108 [ C4261563CC553AC3C34F6528267C6C8E ] \Device\Harddisk0\DR0\Partition1
10:54:57.0612 6108 \Device\Harddisk0\DR0\Partition1 - ok
10:54:57.0675 6108 [ 5227DB24F17502F97DBE952E1B66BC39 ] \Device\Harddisk0\DR0\Partition2
10:54:57.0675 6108 \Device\Harddisk0\DR0\Partition2 - ok
10:54:57.0690 6108 ============================================================
10:54:57.0690 6108 Scan finished
10:54:57.0690 6108 ============================================================
10:54:58.0611 4608 Detected object count: 0
10:54:58.0611 4608 Actual detected object count: 0
10:53:24.0886 6044 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
10:53:26.0914 6044 ============================================================
10:53:26.0914 6044 Current date / time: 2013/10/27 10:53:26.0914
10:53:26.0914 6044 SystemInfo:
10:53:26.0914 6044
10:53:26.0914 6044 OS Version: 6.1.7601 ServicePack: 1.0
10:53:26.0914 6044 Product type: Workstation
10:53:26.0914 6044 ComputerName: MININOTAS
10:53:26.0929 6044 UserName: Jana
10:53:26.0929 6044 Windows directory: C:\windows
10:53:26.0929 6044 System windows directory: C:\windows
10:53:26.0929 6044 Processor architecture: Intel x86
10:53:26.0929 6044 Number of processors: 4
10:53:26.0929 6044 Page size: 0x1000
10:53:26.0929 6044 Boot type: Normal boot
10:53:26.0929 6044 ============================================================
10:53:31.0188 6044 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
10:53:31.0204 6044 ============================================================
10:53:31.0204 6044 \Device\Harddisk0\DR0:
10:53:31.0204 6044 MBR partitions:
10:53:31.0204 6044 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xC800000
10:53:31.0204 6044 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xE600800, BlocksNum 0x16E26000
10:53:31.0204 6044 ============================================================
10:53:31.0251 6044 C: <-> \Device\Harddisk0\DR0\Partition1
10:53:31.0422 6044 D: <-> \Device\Harddisk0\DR0\Partition2
10:53:31.0422 6044 ============================================================
10:53:31.0422 6044 Initialize success
10:53:31.0422 6044 ============================================================
10:53:49.0565 6108 ============================================================
10:53:49.0565 6108 Scan started
10:53:49.0565 6108 Mode: Manual;
10:53:49.0565 6108 ============================================================
10:53:53.0637 6108 ================ Scan system memory ========================
10:53:53.0637 6108 System memory - ok
10:53:53.0652 6108 ================ Scan services =============================
10:53:54.0073 6108 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
10:53:54.0120 6108 1394ohci - ok
10:53:54.0198 6108 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\windows\system32\drivers\ACPI.sys
10:53:54.0214 6108 ACPI - ok
10:53:54.0276 6108 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
10:53:54.0292 6108 AcpiPmi - ok
10:53:54.0401 6108 [ A283108E14F3970432C21AF4C0CB1BCE ] AdobeFlashPlayerUpdateSvc C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:53:54.0417 6108 AdobeFlashPlayerUpdateSvc - ok
10:53:54.0510 6108 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\windows\system32\drivers\adp94xx.sys
10:53:54.0541 6108 adp94xx - ok
10:53:54.0573 6108 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\windows\system32\drivers\adpahci.sys
10:53:54.0635 6108 adpahci - ok
10:53:54.0713 6108 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\windows\system32\drivers\adpu320.sys
10:53:54.0713 6108 adpu320 - ok
10:53:54.0900 6108 [ 993F7B0BA5188A0007C085AA10257B8E ] AdvancedSystemCareService6 C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
10:53:54.0931 6108 AdvancedSystemCareService6 - ok
10:53:54.0978 6108 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
10:53:55.0009 6108 AeLookupSvc - ok
10:53:55.0072 6108 [ F81BB7E487EDCEAB630A7EE66CF23913 ] AFD C:\windows\system32\drivers\afd.sys
10:53:55.0087 6108 AFD - ok
10:53:55.0134 6108 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\windows\system32\drivers\agp440.sys
10:53:55.0150 6108 agp440 - ok
10:53:55.0181 6108 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\windows\system32\drivers\djsvs.sys
10:53:55.0197 6108 aic78xx - ok
10:53:55.0243 6108 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\windows\System32\alg.exe
10:53:55.0259 6108 ALG - ok
10:53:55.0306 6108 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\windows\system32\drivers\aliide.sys
10:53:55.0321 6108 aliide - ok
10:53:55.0353 6108 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\windows\system32\drivers\amdagp.sys
10:53:55.0353 6108 amdagp - ok
10:53:55.0384 6108 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\windows\system32\drivers\amdide.sys
10:53:55.0399 6108 amdide - ok
10:53:55.0415 6108 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
10:53:55.0431 6108 AmdK8 - ok
10:53:55.0462 6108 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
10:53:55.0462 6108 AmdPPM - ok
10:53:55.0509 6108 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\windows\system32\drivers\amdsata.sys
10:53:55.0509 6108 amdsata - ok
10:53:55.0540 6108 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\windows\system32\drivers\amdsbs.sys
10:53:55.0555 6108 amdsbs - ok
10:53:55.0571 6108 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\windows\system32\drivers\amdxata.sys
10:53:55.0587 6108 amdxata - ok
10:53:55.0696 6108 [ 6EAC742B758E110DD12EBC8446C07B6C ] Amsp C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
10:53:55.0727 6108 Amsp - ok
10:53:55.0758 6108 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\windows\system32\drivers\appid.sys
10:53:55.0758 6108 AppID - ok
10:53:55.0821 6108 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\windows\System32\appidsvc.dll
10:53:55.0821 6108 AppIDSvc - ok
10:53:55.0867 6108 [ EACFDF31921F51C097629F1F3C9129B4 ] Appinfo C:\windows\System32\appinfo.dll
10:53:55.0867 6108 Appinfo - ok
10:53:55.0899 6108 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\windows\system32\drivers\arc.sys
10:53:55.0899 6108 arc - ok
10:53:55.0930 6108 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\windows\system32\drivers\arcsas.sys
10:53:55.0930 6108 arcsas - ok
10:53:55.0961 6108 [ 956C7177DBDA0F02436868AD644CCF31 ] AsIO C:\windows\system32\drivers\AsIO.sys
10:53:55.0977 6108 AsIO - ok
10:53:56.0398 6108 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
10:53:56.0445 6108 aspnet_state - ok
10:53:56.0491 6108 [ A9A565C669786C402752F609AFDD0DD5 ] AsUpIO C:\windows\system32\drivers\AsUpIO.sys
10:53:56.0507 6108 AsUpIO - ok
10:53:56.0601 6108 [ 8165C8825C726A7D5EFDF863A2D1C28F ] ASUS InstantOn C:\Program Files\ASUS\InstantOn for EPC\InsOnSrv.exe
10:53:56.0616 6108 ASUS InstantOn - ok
10:53:56.0663 6108 [ 9E3579EB00FCD9264F83D75B7590BD0C ] AsusService C:\windows\system32\AsusService.exe
10:53:56.0710 6108 AsusService - ok
10:53:56.0788 6108 [ CCDA8D84FD02AEC52E62F296433AE9DC ] aswFsBlk C:\windows\system32\drivers\aswFsBlk.sys
10:53:56.0803 6108 aswFsBlk - ok
10:53:56.0835 6108 [ A6E20E62871A28A0F1C05B1681848FA7 ] aswMonFlt C:\windows\system32\drivers\aswMonFlt.sys
10:53:56.0850 6108 aswMonFlt - ok
10:53:56.0944 6108 [ 6844738D52970A0F482768EEA941C78E ] aswRdr C:\windows\System32\Drivers\aswrdr2.sys
10:53:56.0944 6108 aswRdr - ok
10:53:57.0006 6108 [ 657A61979F40D67CA29716149766FFA7 ] aswRvrt C:\windows\system32\drivers\aswRvrt.sys
10:53:57.0022 6108 aswRvrt - ok
10:53:57.0147 6108 [ 0E604867FC28F00D91CB0B00D2EC830D ] aswSnx C:\windows\system32\drivers\aswSnx.sys
10:53:57.0240 6108 aswSnx - ok
10:53:57.0381 6108 [ 6FC4AA106AA505394C908D37CCCB9148 ] aswSP C:\windows\system32\drivers\aswSP.sys
10:53:57.0412 6108 aswSP - ok
10:53:57.0474 6108 [ 33E21FFB063CA6C7E00D568467DC72E4 ] aswTdi C:\windows\system32\drivers\aswTdi.sys
10:53:57.0490 6108 aswTdi - ok
10:53:57.0568 6108 [ EDB0C9BA44B748E420CCA989FD8B826E ] aswVmm C:\windows\system32\drivers\aswVmm.sys
10:53:57.0583 6108 aswVmm - ok
10:53:57.0630 6108 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
10:53:57.0630 6108 AsyncMac - ok
10:53:57.0755 6108 [ 338C86357871C167A96AB976519BF59E ] atapi C:\windows\system32\drivers\atapi.sys
10:53:57.0755 6108 atapi - ok
10:53:58.0114 6108 [ 76BAB0C824E2D05B940C4DD40A9B08BF ] athr C:\windows\system32\DRIVERS\athr.sys
10:53:58.0176 6108 athr - ok
10:53:58.0441 6108 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
10:53:58.0473 6108 AudioEndpointBuilder - ok
10:53:58.0551 6108 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\windows\System32\Audiosrv.dll
10:53:58.0566 6108 Audiosrv - ok
10:53:58.0644 6108 [ 41735B82DB57E4EBE9504EC400FD120E ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
10:53:58.0660 6108 avast! Antivirus - ok
10:53:58.0707 6108 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\windows\System32\AxInstSV.dll
10:53:58.0722 6108 AxInstSV - ok
10:53:58.0847 6108 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\windows\system32\drivers\bxvbdx.sys
10:53:58.0909 6108 b06bdrv - ok
10:53:58.0956 6108 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\windows\system32\DRIVERS\b57nd60x.sys
10:53:58.0972 6108 b57nd60x - ok
10:53:59.0362 6108 [ 2BE0F23D494C301641C42EAD2FDCD4F2 ] BCM43XX C:\windows\system32\DRIVERS\bcmwl6.sys
10:53:59.0487 6108 BCM43XX - ok
10:53:59.0580 6108 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\windows\System32\bdesvc.dll
10:53:59.0596 6108 BDESVC - ok
10:53:59.0643 6108 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\windows\system32\drivers\Beep.sys
10:53:59.0658 6108 Beep - ok
10:53:59.0721 6108 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\windows\System32\bfe.dll
10:53:59.0736 6108 BFE - ok
10:53:59.0970 6108 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\windows\System32\qmgr.dll
10:54:00.0282 6108 BITS - ok
10:54:00.0345 6108 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
10:54:00.0345 6108 blbdrive - ok
10:54:00.0407 6108 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\windows\system32\DRIVERS\bowser.sys
10:54:00.0423 6108 bowser - ok
10:54:00.0485 6108 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
10:54:00.0501 6108 BrFiltLo - ok
10:54:00.0532 6108 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
10:54:00.0547 6108 BrFiltUp - ok
10:54:00.0610 6108 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\windows\System32\browser.dll
10:54:00.0625 6108 Browser - ok
10:54:00.0688 6108 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\windows\System32\Drivers\Brserid.sys
10:54:00.0703 6108 Brserid - ok
10:54:00.0750 6108 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
10:54:00.0766 6108 BrSerWdm - ok
10:54:00.0797 6108 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
10:54:00.0813 6108 BrUsbMdm - ok
10:54:00.0844 6108 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
10:54:00.0859 6108 BrUsbSer - ok
10:54:00.0906 6108 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
10:54:00.0922 6108 BthEnum - ok
10:54:01.0000 6108 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
10:54:01.0015 6108 BTHMODEM - ok
10:54:01.0047 6108 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
10:54:01.0062 6108 BthPan - ok
10:54:01.0171 6108 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
10:54:01.0187 6108 BTHPORT - ok
10:54:01.0265 6108 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\windows\system32\bthserv.dll
10:54:01.0281 6108 bthserv - ok
10:54:01.0327 6108 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
10:54:01.0343 6108 BTHUSB - ok
10:54:01.0437 6108 [ D57641BF7E6AF5C996EAB931AFADC271 ] btwampfl C:\windows\system32\drivers\btwampfl.sys
10:54:01.0499 6108 btwampfl - ok
10:54:01.0561 6108 [ 81471A7D64D1FC014D47A4CF33CD701E ] btwaudio C:\windows\system32\drivers\btwaudio.sys
10:54:01.0577 6108 btwaudio - ok
10:54:01.0624 6108 [ 098AF3559710FCEC05B7AA5159F435F9 ] btwavdt C:\windows\system32\DRIVERS\btwavdt.sys
10:54:01.0624 6108 btwavdt - ok
10:54:01.0795 6108 [ 8FCF8E276B5755DB87C8B015CAD1BC41 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
10:54:01.0905 6108 btwdins - ok
10:54:01.0967 6108 [ DE53089F0678CB5F0AFEB867ACB0FB05 ] btwl2cap C:\windows\system32\DRIVERS\btwl2cap.sys
10:54:01.0967 6108 btwl2cap - ok
10:54:02.0029 6108 [ E28EF3C4EF1849B876F850015066380B ] btwrchid C:\windows\system32\DRIVERS\btwrchid.sys
10:54:02.0029 6108 btwrchid - ok
10:54:02.0107 6108 [ 0A679709F97D085B8EFD40D3A116A59F ] CamthWDM C:\windows\system32\DRIVERS\CamthWDM.sys
10:54:02.0123 6108 CamthWDM - ok
10:54:02.0170 6108 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
10:54:02.0170 6108 cdfs - ok
10:54:02.0326 6108 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
10:54:02.0341 6108 cdrom - ok
10:54:02.0435 6108 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\windows\System32\certprop.dll
10:54:02.0435 6108 CertPropSvc - ok
10:54:02.0497 6108 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\windows\system32\drivers\circlass.sys
10:54:02.0513 6108 circlass - ok
10:54:02.0638 6108 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\windows\system32\CLFS.sys
10:54:02.0653 6108 CLFS - ok
10:54:02.0841 6108 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:54:02.0856 6108 clr_optimization_v2.0.50727_32 - ok
10:54:02.0903 6108 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:54:03.0355 6108 clr_optimization_v4.0.30319_32 - ok
10:54:03.0418 6108 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
10:54:03.0418 6108 CmBatt - ok
10:54:03.0621 6108 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\windows\system32\drivers\cmdide.sys
10:54:28.0737 6108 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
10:54:28.0737 6108 QWAVEdrv - ok
10:54:28.0768 6108 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
10:54:28.0768 6108 RasAcd - ok
10:54:28.0924 6108 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
10:54:28.0939 6108 RasAgileVpn - ok
10:54:29.0017 6108 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\windows\System32\rasauto.dll
10:54:29.0064 6108 RasAuto - ok
10:54:29.0111 6108 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
10:54:29.0111 6108 Rasl2tp - ok
10:54:29.0236 6108 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\windows\System32\rasmans.dll
10:54:29.0314 6108 RasMan - ok
10:54:29.0439 6108 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
10:54:29.0454 6108 RasPppoe - ok
10:54:29.0517 6108 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
10:54:29.0532 6108 RasSstp - ok
10:54:29.0595 6108 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
10:54:29.0610 6108 rdbss - ok
10:54:29.0657 6108 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\windows\system32\drivers\rdpbus.sys
10:54:29.0657 6108 rdpbus - ok
10:54:29.0719 6108 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
10:54:29.0735 6108 RDPCDD - ok
10:54:29.0782 6108 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
10:54:29.0797 6108 RDPENCDD - ok
10:54:29.0891 6108 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
10:54:29.0907 6108 RDPREFMP - ok
10:54:29.0953 6108 [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
10:54:29.0969 6108 RdpVideoMiniport - ok
10:54:30.0031 6108 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
10:54:30.0047 6108 RDPWD - ok
10:54:30.0094 6108 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
10:54:30.0141 6108 rdyboost - ok
10:54:30.0203 6108 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\windows\System32\mprdim.dll
10:54:30.0234 6108 RemoteAccess - ok
10:54:30.0281 6108 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\windows\system32\regsvc.dll
10:54:30.0359 6108 RemoteRegistry - ok
10:54:30.0406 6108 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
10:54:30.0421 6108 RFCOMM - ok
10:54:30.0453 6108 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
10:54:30.0484 6108 RpcEptMapper - ok
10:54:30.0531 6108 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\windows\system32\locator.exe
10:54:30.0546 6108 RpcLocator - ok
10:54:30.0655 6108 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\windows\system32\rpcss.dll
10:54:30.0718 6108 RpcSs - ok
10:54:30.0811 6108 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
10:54:30.0811 6108 rspndr - ok
10:54:30.0858 6108 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\windows\system32\lsass.exe
10:54:30.0874 6108 SamSs - ok
10:54:30.0905 6108 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\windows\system32\drivers\sbp2port.sys
10:54:30.0921 6108 sbp2port - ok
10:54:31.0014 6108 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\windows\System32\SCardSvr.dll
10:54:31.0061 6108 SCardSvr - ok
10:54:31.0108 6108 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
10:54:31.0108 6108 scfilter - ok
10:54:31.0217 6108 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\windows\system32\schedsvc.dll
10:54:31.0311 6108 Schedule - ok
10:54:31.0373 6108 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\windows\System32\certprop.dll
10:54:31.0389 6108 SCPolicySvc - ok
10:54:31.0467 6108 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\windows\System32\SDRSVC.dll
10:54:31.0513 6108 SDRSVC - ok
10:54:31.0607 6108 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\windows\system32\drivers\secdrv.sys
10:54:31.0623 6108 secdrv - ok
10:54:31.0669 6108 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\windows\system32\seclogon.dll
10:54:31.0716 6108 seclogon - ok
10:54:31.0763 6108 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\windows\System32\sens.dll
10:54:31.0794 6108 SENS - ok
10:54:31.0857 6108 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\windows\system32\drivers\serenum.sys
10:54:31.0857 6108 Serenum - ok
10:54:31.0903 6108 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\windows\system32\drivers\serial.sys
10:54:31.0919 6108 Serial - ok
10:54:31.0935 6108 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\windows\system32\drivers\sermouse.sys
10:54:31.0950 6108 sermouse - ok
10:54:32.0059 6108 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\windows\system32\sessenv.dll
10:54:32.0091 6108 SessionEnv - ok
10:54:32.0137 6108 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\windows\system32\drivers\sffdisk.sys
10:54:32.0153 6108 sffdisk - ok
10:54:32.0184 6108 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
10:54:32.0184 6108 sffp_mmc - ok
10:54:32.0215 6108 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
10:54:32.0215 6108 sffp_sd - ok
10:54:32.0247 6108 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
10:54:32.0247 6108 sfloppy - ok
10:54:32.0403 6108 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\windows\System32\ipnathlp.dll
10:54:32.0434 6108 SharedAccess - ok
10:54:32.0590 6108 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\windows\System32\shsvcs.dll
10:54:32.0652 6108 ShellHWDetection - ok
10:54:32.0699 6108 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\windows\system32\drivers\sisagp.sys
10:54:32.0715 6108 sisagp - ok
10:54:32.0761 6108 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
10:54:32.0761 6108 SiSRaid2 - ok
10:54:32.0808 6108 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
10:54:32.0824 6108 SiSRaid4 - ok
10:54:33.0276 6108 [ 73E3B5D1F1EB5FDC51A5C3437EEE3348 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
10:54:33.0463 6108 Skype C2C Service - ok
10:54:33.0588 6108 [ 3E587DBBDFF938DDE5D4CE4047BE9041 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
10:54:33.0604 6108 SkypeUpdate - ok
10:54:33.0666 6108 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\windows\system32\DRIVERS\smb.sys
10:54:33.0666 6108 Smb - ok
10:54:33.0791 6108 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\windows\System32\snmptrap.exe
10:54:33.0869 6108 SNMPTRAP - ok
10:54:33.0947 6108 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\windows\system32\drivers\spldr.sys
10:54:33.0963 6108 spldr - ok
10:54:34.0056 6108 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\windows\System32\spoolsv.exe
10:54:34.0150 6108 Spooler - ok
10:54:34.0353 6108 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\windows\system32\sppsvc.exe
10:54:34.0524 6108 sppsvc - ok
10:54:34.0618 6108 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\windows\system32\sppuinotify.dll
10:54:34.0649 6108 sppuinotify - ok
10:54:34.0727 6108 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\windows\system32\DRIVERS\srv.sys
10:54:34.0743 6108 srv - ok
10:54:34.0883 6108 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\windows\system32\DRIVERS\srv2.sys
10:54:34.0930 6108 srv2 - ok
10:54:35.0008 6108 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
10:54:35.0023 6108 srvnet - ok
10:54:35.0086 6108 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
10:54:35.0117 6108 SSDPSRV - ok
10:54:35.0538 6108 [ E855AC5D4B09F651CE96415C557FF92D ] ssinstall C:\windows\System32\ssins.exe
10:54:35.0694 6108 ssinstall - ok
10:54:35.0803 6108 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\windows\system32\sstpsvc.dll
10:54:35.0850 6108 SstpSvc - ok
10:54:35.0913 6108 [ 3F0164FBC0BD1ADBD02DF9759181451A ] ss_bbus C:\windows\system32\DRIVERS\ss_bbus.sys
10:54:35.0928 6108 ss_bbus - ok
10:54:36.0006 6108 [ B89D62206034E5FE573C80A24DD55675 ] ss_bmdfl C:\windows\system32\DRIVERS\ss_bmdfl.sys
10:54:36.0022 6108 ss_bmdfl - ok
10:54:36.0084 6108 [ 1ED0FCEA586FE2A416EE15196E5631DD ] ss_bmdm C:\windows\system32\DRIVERS\ss_bmdm.sys
10:54:36.0100 6108 ss_bmdm - ok
10:54:36.0162 6108 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\windows\system32\drivers\stexstor.sys
10:54:36.0162 6108 stexstor - ok
10:54:36.0396 6108 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\windows\System32\wiaservc.dll
10:54:36.0474 6108 StiSvc - ok
10:54:36.0537 6108 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\windows\system32\DRIVERS\swenum.sys
10:54:36.0552 6108 swenum - ok
10:54:36.0630 6108 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\windows\System32\swprv.dll
10:54:36.0693 6108 swprv - ok
10:54:36.0942 6108 [ 4DB524DCD5CECE0349D9F8C3738DA0B2 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
10:54:37.0051 6108 SynTP - ok
10:54:37.0301 6108 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\windows\system32\sysmain.dll
10:54:37.0410 6108 SysMain - ok
10:54:37.0519 6108 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\windows\System32\TabSvc.dll
10:54:37.0551 6108 TabletInputService - ok
10:54:37.0613 6108 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\windows\System32\tapisrv.dll
10:54:37.0675 6108 TapiSrv - ok
10:54:37.0722 6108 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\windows\System32\tbssvc.dll
10:54:37.0769 6108 TBS - ok
10:54:38.0050 6108 [ CA59F7C570AF70BC174F477CFE2D9EE3 ] Tcpip C:\windows\system32\drivers\tcpip.sys
10:54:38.0175 6108 Tcpip - ok
10:54:38.0533 6108 [ CA59F7C570AF70BC174F477CFE2D9EE3 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
10:54:38.0580 6108 TCPIP6 - ok
10:54:38.0814 6108 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
10:54:39.0001 6108 tcpipreg - ok
10:54:39.0204 6108 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
10:54:39.0204 6108 TDPIPE - ok
10:54:39.0235 6108 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
10:54:39.0251 6108 TDTCP - ok
10:54:39.0345 6108 [ B459575348C20E8121D6039DA063C704 ] tdx C:\windows\system32\DRIVERS\tdx.sys
10:54:39.0360 6108 tdx - ok
10:54:39.0407 6108 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
10:54:39.0423 6108 TermDD - ok
10:54:39.0532 6108 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\windows\System32\termsrv.dll
10:54:39.0625 6108 TermService - ok
10:54:39.0672 6108 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\windows\system32\themeservice.dll
10:54:39.0719 6108 Themes - ok
10:54:39.0828 6108 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\windows\system32\mmcss.dll
10:54:39.0859 6108 THREADORDER - ok
10:54:40.0156 6108 [ E5EFD1068D24F9F052A027CAFED3AA5A ] TiMiniService C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
10:54:40.0203 6108 TiMiniService - ok
10:54:40.0249 6108 [ DE87A23D2DDC7378D1C7AB681E20DE47 ] tmactmon C:\windows\system32\DRIVERS\tmactmon.sys
10:54:40.0265 6108 tmactmon - ok
10:54:40.0327 6108 [ 540C2B5DC47651C572C2804DC72FDDA8 ] tmcomm C:\windows\system32\DRIVERS\tmcomm.sys
10:54:40.0343 6108 tmcomm - ok
10:54:40.0421 6108 [ 2DE1FA64EBAFF376F2C038F64492F62C ] tmevtmgr C:\windows\system32\DRIVERS\tmevtmgr.sys
10:54:40.0437 6108 tmevtmgr - ok
10:54:40.0671 6108 [ 5A61679B2277B9AD550E30479A69503B ] tmtdi C:\windows\system32\DRIVERS\tmtdi.sys
10:54:40.0702 6108 tmtdi - ok
10:54:40.0764 6108 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\windows\System32\trkwks.dll
10:54:40.0811 6108 TrkWks - ok
10:54:40.0889 6108 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
10:54:40.0905 6108 TrustedInstaller - ok
10:54:41.0029 6108 [ B37B08F2E5EEB1A37E448E09BACE1101 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
10:54:41.0029 6108 tssecsrv - ok
10:54:41.0201 6108 [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
10:54:41.0217 6108 TsUsbFlt - ok
10:54:41.0310 6108 [ 57C527AF84748B5C2F5178C499C0B81F ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
10:54:41.0326 6108 TsUsbGD - ok
10:54:41.0451 6108 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
10:54:41.0466 6108 tunnel - ok
10:54:41.0513 6108 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\windows\system32\drivers\uagp35.sys
10:54:41.0529 6108 uagp35 - ok
10:54:41.0591 6108 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\windows\system32\DRIVERS\udfs.sys
10:54:41.0622 6108 udfs - ok
10:54:41.0716 6108 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\windows\system32\UI0Detect.exe
10:54:41.0763 6108 UI0Detect - ok
10:54:41.0794 6108 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
10:54:41.0809 6108 uliagpkx - ok
10:54:41.0872 6108 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\windows\system32\DRIVERS\umbus.sys
10:54:41.0887 6108 umbus - ok
10:54:41.0934 6108 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\windows\system32\drivers\umpass.sys
10:54:41.0950 6108 UmPass - ok
10:54:42.0043 6108 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\windows\System32\upnphost.dll
10:54:42.0121 6108 upnphost - ok
10:54:42.0168 6108 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
10:54:42.0184 6108 usbccgp - ok
10:54:42.0246 6108 [ 2352AB5F9F8F097BF9D41D5A4718A041 ] usbcir C:\windows\system32\drivers\usbcir.sys
10:54:42.0262 6108 usbcir - ok
10:54:42.0324 6108 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
10:54:42.0340 6108 usbehci - ok
10:54:42.0387 6108 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
10:54:42.0543 6108 usbhub - ok
10:54:42.0667 6108 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\windows\system32\drivers\usbohci.sys
10:54:42.0683 6108 usbohci - ok
10:54:42.0855 6108 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
10:54:42.0870 6108 usbprint - ok
10:54:43.0042 6108 [ FC6B21DB4B5B398AB93DBE59CBF11036 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
10:54:43.0057 6108 usbscan - ok
10:54:43.0104 6108 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
10:54:43.0120 6108 USBSTOR - ok
10:54:43.0213 6108 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\windows\system32\DRIVERS\usbuhci.sys
10:54:43.0229 6108 usbuhci - ok
10:54:43.0401 6108 [ DE014425522610BEDCA3821BB8C0F1D5 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
10:54:43.0416 6108 usbvideo - ok
10:54:43.0479 6108 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\windows\System32\uxsms.dll
10:54:43.0525 6108 UxSms - ok
10:54:43.0588 6108 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\windows\system32\lsass.exe
10:54:43.0603 6108 VaultSvc - ok
10:54:43.0666 6108 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
10:54:43.0681 6108 vdrvroot - ok
10:54:43.0775 6108 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\windows\System32\vds.exe
10:54:43.0853 6108 vds - ok
10:54:44.0071 6108 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
10:54:44.0087 6108 vga - ok
10:54:44.0196 6108 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\windows\System32\drivers\vga.sys
10:54:44.0212 6108 VgaSave - ok
10:54:44.0290 6108 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\windows\system32\drivers\vhdmp.sys
10:54:44.0305 6108 vhdmp - ok
10:54:44.0524 6108 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\windows\system32\drivers\viaagp.sys
10:54:44.0539 6108 viaagp - ok
10:54:44.0586 6108 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\windows\system32\drivers\viac7.sys
10:54:44.0602 6108 ViaC7 - ok
10:54:44.0649 6108 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\windows\system32\drivers\viaide.sys
10:54:44.0649 6108 viaide - ok
10:54:44.0742 6108 [ C37CE43FB54066FFB540729C6E6E194E ] VideAceWindowsService C:\ExpressGateUtil\VAWinService.exe
10:54:44.0742 6108 VideAceWindowsService - ok
10:54:44.0820 6108 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\windows\system32\drivers\volmgr.sys
10:54:44.0820 6108 volmgr - ok
10:54:44.0914 6108 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\windows\system32\drivers\volmgrx.sys
10:54:44.0945 6108 volmgrx - ok
10:54:45.0023 6108 [ C37AEE5966EB5929E2051AC7409B5730 ] volsnap C:\windows\system32\drivers\volsnap.sys
10:54:45.0054 6108 volsnap - ok
10:54:45.0163 6108 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
10:54:45.0304 6108 vsmraid - ok
10:54:45.0538 6108 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\windows\system32\vssvc.exe
10:54:45.0772 6108 VSS - ok
10:54:45.0819 6108 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
10:54:45.0834 6108 vwifibus - ok
10:54:45.0897 6108 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
10:54:45.0912 6108 vwififlt - ok
10:54:46.0021 6108 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\windows\system32\w32time.dll
10:54:46.0146 6108 W32Time - ok
10:54:46.0255 6108 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\windows\system32\drivers\wacompen.sys
10:54:46.0271 6108 WacomPen - ok
10:54:46.0333 6108 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
10:54:46.0349 6108 WANARP - ok
10:54:46.0365 6108 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
10:54:46.0380 6108 Wanarpv6 - ok
10:54:46.0614 6108 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\windows\system32\wbengine.exe
10:54:46.0739 6108 wbengine - ok
10:54:46.0817 6108 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
10:54:46.0879 6108 WbioSrvc - ok
10:54:47.0020 6108 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\windows\System32\wcncsvc.dll
10:54:47.0238 6108 wcncsvc - ok
10:54:47.0316 6108 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
10:54:47.0363 6108 WcsPlugInService - ok
10:54:47.0613 6108 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\windows\system32\drivers\wd.sys
10:54:47.0613 6108 Wd - ok
10:54:47.0847 6108 [ 25944D2CC49E0A6C581D02A74B7D6645 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
10:54:47.0987 6108 Wdf01000 - ok
10:54:48.0034 6108 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\windows\system32\wdi.dll
10:54:48.0081 6108 WdiServiceHost - ok
10:54:48.0112 6108 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\windows\system32\wdi.dll
10:54:48.0159 6108 WdiSystemHost - ok
10:54:48.0221 6108 [ 75E8EBD7040CE238684333F97014762A ] WebClient C:\windows\System32\webclnt.dll
10:54:48.0268 6108 WebClient - ok
10:54:48.0439 6108 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\windows\system32\wecsvc.dll
10:54:48.0486 6108 Wecsvc - ok
10:54:48.0533 6108 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\windows\System32\wercplsupport.dll
10:54:48.0580 6108 wercplsupport - ok
10:54:48.0642 6108 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\windows\System32\WerSvc.dll
10:54:48.0673 6108 WerSvc - ok
10:54:48.0736 6108 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
10:54:48.0736 6108 WfpLwf - ok
10:54:48.0783 6108 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\windows\system32\drivers\wimmount.sys
10:54:48.0783 6108 WIMMount - ok
10:54:49.0141 6108 [ 082CF481F659FAE0DE51AD060881EB47 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
10:54:49.0360 6108 WinDefend - ok
10:54:49.0422 6108 WinHttpAutoProxySvc - ok
10:54:49.0594 6108 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
10:54:49.0609 6108 Winmgmt - ok
10:54:49.0828 6108 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\windows\system32\WsmSvc.dll
10:54:49.0953 6108 WinRM - ok
10:54:50.0077 6108 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
10:54:50.0077 6108 WinUsb - ok
10:54:50.0233 6108 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\windows\System32\wlansvc.dll
10:54:50.0358 6108 Wlansvc - ok
10:54:50.0499 6108 [ 6067ACEF367E79914AF628FA1E9B5330 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
10:54:50.0530 6108 wlcrasvc - ok
10:54:51.0029 6108 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:54:51.0107 6108 wlidsvc - ok
10:54:51.0154 6108 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys
10:54:51.0154 6108 WmiAcpi - ok
10:54:51.0310 6108 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
10:54:51.0325 6108 wmiApSrv - ok
10:54:51.0559 6108 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
10:54:51.0637 6108 WMPNetworkSvc - ok
10:54:51.0700 6108 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\windows\System32\wpcsvc.dll
10:54:51.0731 6108 WPCSvc - ok
10:54:51.0762 6108 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
10:54:51.0809 6108 WPDBusEnum - ok
10:54:51.0887 6108 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
10:54:51.0887 6108 ws2ifsl - ok
10:54:51.0981 6108 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\windows\System32\wscsvc.dll
10:54:52.0012 6108 wscsvc - ok
10:54:52.0043 6108 WSearch - ok
10:54:52.0433 6108 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\windows\system32\wuaueng.dll
10:54:52.0527 6108 wuauserv - ok
10:54:52.0573 6108 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
10:54:52.0573 6108 WudfPf - ok
10:54:52.0605 6108 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
10:54:52.0620 6108 WUDFRd - ok
10:54:52.0651 6108 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\windows\System32\WUDFSvc.dll
10:54:52.0683 6108 wudfsvc - ok
10:54:52.0714 6108 [ 3C5E51C05BE9B56EAFF4E388C3AB25E4 ] WwanSvc C:\windows\System32\wwansvc.dll
10:54:52.0761 6108 WwanSvc - ok
10:54:52.0807 6108 ================ Scan global ===============================
10:54:52.0885 6108 [ DAB748AE0439955ED2FA22357533DDDB ] C:\windows\system32\basesrv.dll
10:54:52.0948 6108 [ 51BB04243DF6196C06E125898127E397 ] C:\windows\system32\winsrv.dll
10:54:52.0979 6108 [ 51BB04243DF6196C06E125898127E397 ] C:\windows\system32\winsrv.dll
10:54:53.0041 6108 [ 364455805E64882844EE9ACB72522830 ] C:\windows\system32\sxssrv.dll
10:54:53.0104 6108 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\windows\system32\services.exe
10:54:53.0135 6108 [Global] - ok
10:54:53.0135 6108 ================ Scan MBR ==================================
10:54:53.0151 6108 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:54:57.0550 6108 \Device\Harddisk0\DR0 - ok
10:54:57.0565 6108 ================ Scan VBR ==================================
10:54:57.0612 6108 [ C4261563CC553AC3C34F6528267C6C8E ] \Device\Harddisk0\DR0\Partition1
10:54:57.0612 6108 \Device\Harddisk0\DR0\Partition1 - ok
10:54:57.0675 6108 [ 5227DB24F17502F97DBE952E1B66BC39 ] \Device\Harddisk0\DR0\Partition2
10:54:57.0675 6108 \Device\Harddisk0\DR0\Partition2 - ok
10:54:57.0690 6108 ============================================================
10:54:57.0690 6108 Scan finished
10:54:57.0690 6108 ============================================================
10:54:58.0611 4608 Detected object count: 0
10:54:58.0611 4608 Actual detected object count: 0
10:53:24.0886 6044 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
10:53:26.0914 6044 ============================================================
10:53:26.0914 6044 Current date / time: 2013/10/27 10:53:26.0914
10:53:26.0914 6044 SystemInfo:
10:53:26.0914 6044
10:53:26.0914 6044 OS Version: 6.1.7601 ServicePack: 1.0
10:53:26.0914 6044 Product type: Workstation
10:53:26.0914 6044 ComputerName: MININOTAS
10:53:26.0929 6044 UserName: Jana
10:53:26.0929 6044 Windows directory: C:\windows
10:53:26.0929 6044 System windows directory: C:\windows
10:53:26.0929 6044 Processor architecture: Intel x86
10:53:26.0929 6044 Number of processors: 4
10:53:26.0929 6044 Page size: 0x1000
10:53:26.0929 6044 Boot type: Normal boot
10:53:26.0929 6044 ============================================================
10:53:31.0188 6044 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
10:53:31.0204 6044 ============================================================
10:53:31.0204 6044 \Device\Harddisk0\DR0:
10:53:31.0204 6044 MBR partitions:
10:53:31.0204 6044 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xC800000
10:53:31.0204 6044 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xE600800, BlocksNum 0x16E26000
10:53:31.0204 6044 ============================================================
10:53:31.0251 6044 C: <-> \Device\Harddisk0\DR0\Partition1
10:53:31.0422 6044 D: <-> \Device\Harddisk0\DR0\Partition2
10:53:31.0422 6044 ============================================================
10:53:31.0422 6044 Initialize success
10:53:31.0422 6044 ============================================================
10:53:49.0565 6108 ============================================================
10:53:49.0565 6108 Scan started
10:53:49.0565 6108 Mode: Manual;
10:53:49.0565 6108 ============================================================
10:53:53.0637 6108 ================ Scan system memory ========================
10:53:53.0637 6108 System memory - ok
10:53:53.0652 6108 ================ Scan services =============================
10:53:54.0073 6108 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
10:53:54.0120 6108 1394ohci - ok
10:53:54.0198 6108 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\windows\system32\drivers\ACPI.sys
10:53:54.0214 6108 ACPI - ok
10:53:54.0276 6108 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
10:53:54.0292 6108 AcpiPmi - ok
10:53:54.0401 6108 [ A283108E14F3970432C21AF4C0CB1BCE ] AdobeFlashPlayerUpdateSvc C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:53:54.0417 6108 AdobeFlashPlayerUpdateSvc - ok
10:53:54.0510 6108 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\windows\system32\drivers\adp94xx.sys
10:53:54.0541 6108 adp94xx - ok
10:53:54.0573 6108 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\windows\system32\drivers\adpahci.sys
10:53:54.0635 6108 adpahci - ok
10:53:54.0713 6108 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\windows\system32\drivers\adpu320.sys
10:53:54.0713 6108 adpu320 - ok
10:53:54.0900 6108 [ 993F7B0BA5188A0007C085AA10257B8E ] AdvancedSystemCareService6 C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
10:53:54.0931 6108 AdvancedSystemCareService6 - ok
10:53:54.0978 6108 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
10:53:55.0009 6108 AeLookupSvc - ok
10:53:55.0072 6108 [ F81BB7E487EDCEAB630A7EE66CF23913 ] AFD C:\windows\system32\drivers\afd.sys
10:53:55.0087 6108 AFD - ok
10:53:55.0134 6108 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\windows\system32\drivers\agp440.sys
10:53:55.0150 6108 agp440 - ok
10:53:55.0181 6108 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\windows\system32\drivers\djsvs.sys
10:53:55.0197 6108 aic78xx - ok
10:53:55.0243 6108 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\windows\System32\alg.exe
10:53:55.0259 6108 ALG - ok
10:53:55.0306 6108 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\windows\system32\drivers\aliide.sys
10:53:55.0321 6108 aliide - ok
10:53:55.0353 6108 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\windows\system32\drivers\amdagp.sys
10:53:55.0353 6108 amdagp - ok
10:53:55.0384 6108 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\windows\system32\drivers\amdide.sys
10:53:55.0399 6108 amdide - ok
10:53:55.0415 6108 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
10:53:55.0431 6108 AmdK8 - ok
10:53:55.0462 6108 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
10:53:55.0462 6108 AmdPPM - ok
10:53:55.0509 6108 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\windows\system32\drivers\amdsata.sys
10:53:55.0509 6108 amdsata - ok
10:53:55.0540 6108 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\windows\system32\drivers\amdsbs.sys
10:53:55.0555 6108 amdsbs - ok
10:53:55.0571 6108 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\windows\system32\drivers\amdxata.sys
10:53:55.0587 6108 amdxata - ok
10:53:55.0696 6108 [ 6EAC742B758E110DD12EBC8446C07B6C ] Amsp C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
10:53:55.0727 6108 Amsp - ok
10:53:55.0758 6108 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\windows\system32\drivers\appid.sys
10:53:55.0758 6108 AppID - ok
10:53:55.0821 6108 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\windows\System32\appidsvc.dll
10:53:55.0821 6108 AppIDSvc - ok
10:53:55.0867 6108 [ EACFDF31921F51C097629F1F3C9129B4 ] Appinfo C:\windows\System32\appinfo.dll
10:53:55.0867 6108 Appinfo - ok
10:53:55.0899 6108 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\windows\system32\drivers\arc.sys
10:53:55.0899 6108 arc - ok
10:53:55.0930 6108 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\windows\system32\drivers\arcsas.sys
10:53:55.0930 6108 arcsas - ok
10:53:55.0961 6108 [ 956C7177DBDA0F02436868AD644CCF31 ] AsIO C:\windows\system32\drivers\AsIO.sys
10:53:55.0977 6108 AsIO - ok
10:53:56.0398 6108 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
10:53:56.0445 6108 aspnet_state - ok
10:53:56.0491 6108 [ A9A565C669786C402752F609AFDD0DD5 ] AsUpIO C:\windows\system32\drivers\AsUpIO.sys
10:53:56.0507 6108 AsUpIO - ok
10:53:56.0601 6108 [ 8165C8825C726A7D5EFDF863A2D1C28F ] ASUS InstantOn C:\Program Files\ASUS\InstantOn for EPC\InsOnSrv.exe
10:53:56.0616 6108 ASUS InstantOn - ok
10:53:56.0663 6108 [ 9E3579EB00FCD9264F83D75B7590BD0C ] AsusService C:\windows\system32\AsusService.exe
10:53:56.0710 6108 AsusService - ok
10:53:56.0788 6108 [ CCDA8D84FD02AEC52E62F296433AE9DC ] aswFsBlk C:\windows\system32\drivers\aswFsBlk.sys
10:53:56.0803 6108 aswFsBlk - ok
10:53:56.0835 6108 [ A6E20E62871A28A0F1C05B1681848FA7 ] aswMonFlt C:\windows\system32\drivers\aswMonFlt.sys
10:53:56.0850 6108 aswMonFlt - ok
10:53:56.0944 6108 [ 6844738D52970A0F482768EEA941C78E ] aswRdr C:\windows\System32\Drivers\aswrdr2.sys
10:53:56.0944 6108 aswRdr - ok
10:53:57.0006 6108 [ 657A61979F40D67CA29716149766FFA7 ] aswRvrt C:\windows\system32\drivers\aswRvrt.sys
10:53:57.0022 6108 aswRvrt - ok
10:53:57.0147 6108 [ 0E604867FC28F00D91CB0B00D2EC830D ] aswSnx C:\windows\system32\drivers\aswSnx.sys
10:53:57.0240 6108 aswSnx - ok
10:53:57.0381 6108 [ 6FC4AA106AA505394C908D37CCCB9148 ] aswSP C:\windows\system32\drivers\aswSP.sys
10:53:57.0412 6108 aswSP - ok
10:53:57.0474 6108 [ 33E21FFB063CA6C7E00D568467DC72E4 ] aswTdi C:\windows\system32\drivers\aswTdi.sys
10:53:57.0490 6108 aswTdi - ok
10:53:57.0568 6108 [ EDB0C9BA44B748E420CCA989FD8B826E ] aswVmm C:\windows\system32\drivers\aswVmm.sys
10:53:57.0583 6108 aswVmm - ok
10:53:57.0630 6108 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
10:53:57.0630 6108 AsyncMac - ok
10:53:57.0755 6108 [ 338C86357871C167A96AB976519BF59E ] atapi C:\windows\system32\drivers\atapi.sys
10:53:57.0755 6108 atapi - ok
10:53:58.0114 6108 [ 76BAB0C824E2D05B940C4DD40A9B08BF ] athr C:\windows\system32\DRIVERS\athr.sys
10:53:58.0176 6108 athr - ok
10:53:58.0441 6108 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
10:53:58.0473 6108 AudioEndpointBuilder - ok
10:53:58.0551 6108 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\windows\System32\Audiosrv.dll
10:53:58.0566 6108 Audiosrv - ok
10:53:58.0644 6108 [ 41735B82DB57E4EBE9504EC400FD120E ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
10:53:58.0660 6108 avast! Antivirus - ok
10:53:58.0707 6108 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\windows\System32\AxInstSV.dll
10:53:58.0722 6108 AxInstSV - ok
10:53:58.0847 6108 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\windows\system32\drivers\bxvbdx.sys
10:53:58.0909 6108 b06bdrv - ok
10:53:58.0956 6108 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\windows\system32\DRIVERS\b57nd60x.sys
10:53:58.0972 6108 b57nd60x - ok
10:53:59.0362 6108 [ 2BE0F23D494C301641C42EAD2FDCD4F2 ] BCM43XX C:\windows\system32\DRIVERS\bcmwl6.sys
10:53:59.0487 6108 BCM43XX - ok
10:53:59.0580 6108 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\windows\System32\bdesvc.dll
10:53:59.0596 6108 BDESVC - ok
10:53:59.0643 6108 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\windows\system32\drivers\Beep.sys
10:53:59.0658 6108 Beep - ok
10:53:59.0721 6108 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\windows\System32\bfe.dll
10:53:59.0736 6108 BFE - ok
10:53:59.0970 6108 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\windows\System32\qmgr.dll
10:54:00.0282 6108 BITS - ok
10:54:00.0345 6108 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
10:54:00.0345 6108 blbdrive - ok
10:54:00.0407 6108 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\windows\system32\DRIVERS\bowser.sys
10:54:00.0423 6108 bowser - ok
10:54:00.0485 6108 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
10:54:00.0501 6108 BrFiltLo - ok
10:54:00.0532 6108 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
10:54:00.0547 6108 BrFiltUp - ok
10:54:00.0610 6108 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\windows\System32\browser.dll
10:54:00.0625 6108 Browser - ok
10:54:00.0688 6108 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\windows\System32\Drivers\Brserid.sys
10:54:00.0703 6108 Brserid - ok
10:54:00.0750 6108 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
10:54:00.0766 6108 BrSerWdm - ok
10:54:00.0797 6108 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
10:54:00.0813 6108 BrUsbMdm - ok
10:54:00.0844 6108 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
10:54:00.0859 6108 BrUsbSer - ok
10:54:00.0906 6108 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
10:54:00.0922 6108 BthEnum - ok
10:54:01.0000 6108 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
10:54:01.0015 6108 BTHMODEM - ok
10:54:01.0047 6108 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
10:54:01.0062 6108 BthPan - ok
10:54:01.0171 6108 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
10:54:01.0187 6108 BTHPORT - ok
10:54:01.0265 6108 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\windows\system32\bthserv.dll
10:54:01.0281 6108 bthserv - ok
10:54:01.0327 6108 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
10:54:01.0343 6108 BTHUSB - ok
10:54:01.0437 6108 [ D57641BF7E6AF5C996EAB931AFADC271 ] btwampfl C:\windows\system32\drivers\btwampfl.sys
10:54:01.0499 6108 btwampfl - ok
10:54:01.0561 6108 [ 81471A7D64D1FC014D47A4CF33CD701E ] btwaudio C:\windows\system32\drivers\btwaudio.sys
10:54:01.0577 6108 btwaudio - ok
10:54:01.0624 6108 [ 098AF3559710FCEC05B7AA5159F435F9 ] btwavdt C:\windows\system32\DRIVERS\btwavdt.sys
10:54:01.0624 6108 btwavdt - ok
10:54:01.0795 6108 [ 8FCF8E276B5755DB87C8B015CAD1BC41 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
10:54:01.0905 6108 btwdins - ok
10:54:01.0967 6108 [ DE53089F0678CB5F0AFEB867ACB0FB05 ] btwl2cap C:\windows\system32\DRIVERS\btwl2cap.sys
10:54:01.0967 6108 btwl2cap - ok
10:54:02.0029 6108 [ E28EF3C4EF1849B876F850015066380B ] btwrchid C:\windows\system32\DRIVERS\btwrchid.sys
10:54:02.0029 6108 btwrchid - ok
10:54:02.0107 6108 [ 0A679709F97D085B8EFD40D3A116A59F ] CamthWDM C:\windows\system32\DRIVERS\CamthWDM.sys
10:54:02.0123 6108 CamthWDM - ok
10:54:02.0170 6108 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
10:54:02.0170 6108 cdfs - ok
10:54:02.0326 6108 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
10:54:02.0341 6108 cdrom - ok
10:54:02.0435 6108 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\windows\System32\certprop.dll
10:54:02.0435 6108 CertPropSvc - ok
10:54:02.0497 6108 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\windows\system32\drivers\circlass.sys
10:54:02.0513 6108 circlass - ok
10:54:02.0638 6108 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\windows\system32\CLFS.sys
10:54:02.0653 6108 CLFS - ok
10:54:02.0841 6108 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:54:02.0856 6108 clr_optimization_v2.0.50727_32 - ok
10:54:02.0903 6108 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:54:03.0355 6108 clr_optimization_v4.0.30319_32 - ok
10:54:03.0418 6108 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
10:54:03.0418 6108 CmBatt - ok
10:54:03.0621 6108 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\windows\system32\drivers\cmdide.sys
Odesláno pravděpodobně z PC, pokud ne, tak z jiného zařízení.
Re: Prosím o kontrolu logu - seká se notebook
10:54:03.0636 6108 cmdide - ok
10:54:04.0089 6108 [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG C:\windows\system32\Drivers\cng.sys
10:54:04.0167 6108 CNG - ok
10:54:04.0291 6108 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\windows\system32\drivers\compbatt.sys
10:54:04.0307 6108 Compbatt - ok
10:54:04.0354 6108 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
10:54:04.0354 6108 CompositeBus - ok
10:54:04.0385 6108 COMSysApp - ok
10:54:04.0479 6108 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
10:54:04.0479 6108 crcdisk - ok
10:54:04.0572 6108 [ 7CA1BECEA5DE2643ADDAD32670E7A4C9 ] CryptSvc C:\windows\system32\cryptsvc.dll
10:54:04.0588 6108 CryptSvc - ok
10:54:04.0681 6108 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\windows\system32\rpcss.dll
10:54:04.0759 6108 DcomLaunch - ok
10:54:04.0853 6108 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\windows\System32\defragsvc.dll
10:54:04.0884 6108 defragsvc - ok
10:54:04.0947 6108 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\windows\system32\Drivers\dfsc.sys
10:54:04.0947 6108 DfsC - ok
10:54:05.0025 6108 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\windows\system32\dhcpcore.dll
10:54:05.0056 6108 Dhcp - ok
10:54:05.0118 6108 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\windows\system32\drivers\discache.sys
10:54:05.0134 6108 discache - ok
10:54:05.0196 6108 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\windows\system32\drivers\disk.sys
10:54:05.0196 6108 Disk - ok
10:54:05.0290 6108 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\windows\System32\dnsrslvr.dll
10:54:05.0305 6108 Dnscache - ok
10:54:05.0368 6108 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\windows\System32\dot3svc.dll
10:54:05.0399 6108 dot3svc - ok
10:54:05.0461 6108 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\windows\system32\dps.dll
10:54:05.0493 6108 DPS - ok
10:54:05.0539 6108 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
10:54:05.0555 6108 drmkaud - ok
10:54:05.0617 6108 [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01 C:\windows\system32\DRIVERS\dtsoftbus01.sys
10:54:05.0649 6108 dtsoftbus01 - ok
10:54:05.0805 6108 [ 71BC35067CABC02C9453AEAA42B2E43E ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
10:54:05.0898 6108 DXGKrnl - ok
10:54:05.0992 6108 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\windows\System32\eapsvc.dll
10:54:06.0007 6108 EapHost - ok
10:54:06.0491 6108 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\windows\system32\drivers\evbdx.sys
10:54:06.0631 6108 ebdrv - ok
10:54:06.0709 6108 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\windows\System32\lsass.exe
10:54:06.0725 6108 EFS - ok
10:54:06.0912 6108 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\windows\system32\drivers\elxstor.sys
10:54:06.0928 6108 elxstor - ok
10:54:06.0943 6108 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\windows\system32\drivers\errdev.sys
10:54:06.0959 6108 ErrDev - ok
10:54:07.0099 6108 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\windows\system32\es.dll
10:54:07.0209 6108 EventSystem - ok
10:54:07.0255 6108 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\windows\system32\drivers\exfat.sys
10:54:07.0271 6108 exfat - ok
10:54:07.0380 6108 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\windows\system32\drivers\fastfat.sys
10:54:07.0427 6108 fastfat - ok
10:54:07.0583 6108 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\windows\system32\fxssvc.exe
10:54:07.0645 6108 Fax - ok
10:54:07.0677 6108 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\windows\system32\drivers\fdc.sys
10:54:07.0692 6108 fdc - ok
10:54:07.0770 6108 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\windows\system32\fdPHost.dll
10:54:07.0786 6108 fdPHost - ok
10:54:07.0848 6108 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\windows\system32\fdrespub.dll
10:54:07.0864 6108 FDResPub - ok
10:54:07.0957 6108 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
10:54:07.0957 6108 FileInfo - ok
10:54:08.0020 6108 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\windows\system32\drivers\filetrace.sys
10:54:08.0035 6108 Filetrace - ok
10:54:08.0082 6108 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\windows\system32\drivers\flpydisk.sys
10:54:08.0098 6108 flpydisk - ok
10:54:08.0160 6108 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
10:54:08.0176 6108 FltMgr - ok
10:54:08.0363 6108 [ E12C4928B32ACE04610259647F072635 ] FontCache C:\windows\system32\FntCache.dll
10:54:08.0519 6108 FontCache - ok
10:54:08.0675 6108 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
10:54:08.0691 6108 FontCache3.0.0.0 - ok
10:54:08.0737 6108 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\windows\system32\drivers\FsDepends.sys
10:54:08.0753 6108 FsDepends - ok
10:54:08.0847 6108 [ BFAAA92861526BB0ADCD01E964AB6609 ] fssfltr C:\windows\system32\DRIVERS\fssfltr.sys
10:54:08.0862 6108 fssfltr - ok
10:54:09.0174 6108 [ 40CDFAD174B3D5E80F95DDA003C0B97F ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
10:54:09.0361 6108 fsssvc - ok
10:54:09.0424 6108 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
10:54:09.0424 6108 Fs_Rec - ok
10:54:09.0502 6108 [ E306A24D9694C724FA2491278BF50FDB ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
10:54:09.0549 6108 fvevol - ok
10:54:09.0627 6108 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
10:54:09.0627 6108 gagp30kx - ok
10:54:09.0767 6108 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\windows\System32\gpsvc.dll
10:54:09.0814 6108 gpsvc - ok
10:54:09.0939 6108 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
10:54:09.0970 6108 gupdate - ok
10:54:10.0001 6108 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
10:54:10.0001 6108 gupdatem - ok
10:54:10.0079 6108 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
10:54:10.0095 6108 hcw85cir - ok
10:54:10.0500 6108 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
10:54:10.0625 6108 HdAudAddService - ok
10:54:10.0687 6108 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
10:54:10.0703 6108 HDAudBus - ok
10:54:10.0797 6108 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\windows\system32\drivers\HidBatt.sys
10:54:10.0797 6108 HidBatt - ok
10:54:10.0875 6108 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\windows\system32\drivers\hidbth.sys
10:54:10.0890 6108 HidBth - ok
10:54:10.0953 6108 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\windows\system32\drivers\hidir.sys
10:54:10.0953 6108 HidIr - ok
10:54:11.0015 6108 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\windows\system32\hidserv.dll
10:54:11.0031 6108 hidserv - ok
10:54:11.0093 6108 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\windows\system32\drivers\hidusb.sys
10:54:11.0093 6108 HidUsb - ok
10:54:11.0155 6108 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\windows\system32\kmsvc.dll
10:54:11.0187 6108 hkmsvc - ok
10:54:11.0233 6108 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\windows\system32\ListSvc.dll
10:54:11.0265 6108 HomeGroupListener - ok
10:54:12.0123 6108 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\windows\system32\provsvc.dll
10:54:12.0653 6108 HomeGroupProvider - ok
10:54:13.0402 6108 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
10:54:13.0417 6108 HpSAMD - ok
10:54:13.0573 6108 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\windows\system32\drivers\HTTP.sys
10:54:13.0651 6108 HTTP - ok
10:54:13.0683 6108 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
10:54:13.0698 6108 hwpolicy - ok
10:54:13.0776 6108 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
10:54:13.0776 6108 i8042prt - ok
10:54:13.0854 6108 [ F4037A3FEDB92DD97C95F320766EA5C9 ] iaStor C:\windows\system32\drivers\iaStor.sys
10:54:13.0885 6108 iaStor - ok
10:54:13.0995 6108 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\windows\system32\drivers\iaStorV.sys
10:54:14.0026 6108 iaStorV - ok
10:54:14.0307 6108 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:54:14.0463 6108 idsvc - ok
10:54:14.0728 6108 [ 96FE1D82D1B4420D350AB6493C6FCE41 ] igddim32 C:\windows\system32\DRIVERS\igddim32.sys
10:54:14.0868 6108 igddim32 - ok
10:54:14.0946 6108 [ 30D8327539E11CFE5006BCF762F07EB9 ] igdkmd32 C:\windows\system32\DRIVERS\igdkmd32.sys
10:54:15.0009 6108 igdkmd32 - ok
10:54:15.0040 6108 [ 30D8327539E11CFE5006BCF762F07EB9 ] igfx C:\windows\system32\DRIVERS\igdkmd32.sys
10:54:15.0055 6108 igfx - ok
10:54:15.0133 6108 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\windows\system32\drivers\iirsp.sys
10:54:15.0149 6108 iirsp - ok
10:54:15.0258 6108 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\windows\System32\ikeext.dll
10:54:15.0336 6108 IKEEXT - ok
10:54:15.0960 6108 [ D4394A481B845CC1DF361A85751C071A ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHDA.sys
10:54:16.0241 6108 IntcAzAudAddService - ok
10:54:16.0303 6108 [ 8F4D251F1EA15FA97E8399128A72CC83 ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
10:54:16.0335 6108 IntcDAud - ok
10:54:16.0397 6108 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\windows\system32\drivers\intelide.sys
10:54:16.0397 6108 intelide - ok
10:54:16.0459 6108 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
10:54:16.0459 6108 intelppm - ok
10:54:16.0506 6108 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\windows\system32\ipbusenum.dll
10:54:16.0522 6108 IPBusEnum - ok
10:54:16.0553 6108 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
10:54:16.0569 6108 IpFilterDriver - ok
10:54:16.0662 6108 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\windows\System32\iphlpsvc.dll
10:54:16.0756 6108 iphlpsvc - ok
10:54:16.0834 6108 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
10:54:16.0849 6108 IPMIDRV - ok
10:54:16.0881 6108 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\windows\system32\drivers\ipnat.sys
10:54:16.0881 6108 IPNAT - ok
10:54:16.0959 6108 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\windows\system32\drivers\irenum.sys
10:54:16.0974 6108 IRENUM - ok
10:54:17.0021 6108 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\windows\system32\drivers\isapnp.sys
10:54:17.0021 6108 isapnp - ok
10:54:17.0083 6108 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
10:54:17.0099 6108 iScsiPrt - ok
10:54:17.0146 6108 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
10:54:17.0146 6108 kbdclass - ok
10:54:17.0208 6108 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
10:54:17.0208 6108 kbdhid - ok
10:54:17.0255 6108 [ 3EB803312987FF44265C87CB960DF6AB ] kbfiltr C:\windows\system32\DRIVERS\kbfiltr.sys
10:54:17.0271 6108 kbfiltr - ok
10:54:17.0317 6108 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\windows\system32\lsass.exe
10:54:17.0349 6108 KeyIso - ok
10:54:17.0395 6108 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
10:54:17.0411 6108 KSecDD - ok
10:54:17.0473 6108 [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
10:54:17.0489 6108 KSecPkg - ok
10:54:17.0614 6108 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\windows\system32\msdtckrm.dll
10:54:17.0661 6108 KtmRm - ok
10:54:17.0739 6108 [ 2D60DFAD37C101E35520E38F12B59770 ] L1C C:\windows\system32\DRIVERS\L1C62x86.sys
10:54:17.0739 6108 L1C - ok
10:54:17.0817 6108 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\windows\system32\srvsvc.dll
10:54:17.0895 6108 LanmanServer - ok
10:54:17.0957 6108 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
10:54:18.0082 6108 LanmanWorkstation - ok
10:54:18.0144 6108 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
10:54:18.0144 6108 lltdio - ok
10:54:18.0222 6108 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\windows\System32\lltdsvc.dll
10:54:18.0269 6108 lltdsvc - ok
10:54:18.0316 6108 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\windows\System32\lmhsvc.dll
10:54:18.0331 6108 lmhosts - ok
10:54:18.0425 6108 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
10:54:18.0425 6108 LSI_FC - ok
10:54:18.0456 6108 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
10:54:18.0456 6108 LSI_SAS - ok
10:54:18.0503 6108 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
10:54:18.0519 6108 LSI_SAS2 - ok
10:54:18.0581 6108 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
10:54:18.0581 6108 LSI_SCSI - ok
10:54:18.0643 6108 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\windows\system32\drivers\luafv.sys
10:54:18.0659 6108 luafv - ok
10:54:18.0706 6108 [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector C:\windows\system32\drivers\mbam.sys
10:54:18.0706 6108 MBAMProtector - ok
10:54:18.0799 6108 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
10:54:18.0831 6108 MBAMScheduler - ok
10:54:18.0940 6108 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
10:54:19.0018 6108 MBAMService - ok
10:54:19.0096 6108 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\windows\system32\drivers\megasas.sys
10:54:19.0111 6108 megasas - ok
10:54:19.0158 6108 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
10:54:19.0205 6108 MegaSR - ok
10:54:19.0267 6108 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\windows\system32\mmcss.dll
10:54:19.0299 6108 MMCSS - ok
10:54:19.0330 6108 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\windows\system32\drivers\modem.sys
10:54:19.0330 6108 Modem - ok
10:54:19.0408 6108 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\windows\system32\DRIVERS\monitor.sys
10:54:19.0423 6108 monitor - ok
10:54:19.0486 6108 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
10:54:19.0501 6108 mouclass - ok
10:54:19.0548 6108 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
10:54:19.0548 6108 mouhid - ok
10:54:19.0595 6108 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\windows\system32\drivers\mountmgr.sys
10:54:19.0611 6108 mountmgr - ok
10:54:19.0689 6108 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
10:54:19.0704 6108 MozillaMaintenance - ok
10:54:19.0782 6108 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\windows\system32\drivers\mpio.sys
10:54:19.0813 6108 mpio - ok
10:54:19.0876 6108 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
10:54:19.0891 6108 mpsdrv - ok
10:54:20.0094 6108 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\windows\system32\mpssvc.dll
10:54:20.0157 6108 MpsSvc - ok
10:54:20.0235 6108 [ 21F4B24ACFC79A483515BD986DD9043F ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
10:54:20.0250 6108 MRxDAV - ok
10:54:20.0297 6108 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
10:54:20.0313 6108 mrxsmb - ok
10:54:20.0359 6108 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
10:54:20.0375 6108 mrxsmb10 - ok
10:54:20.0437 6108 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
10:54:20.0437 6108 mrxsmb20 - ok
10:54:20.0515 6108 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\windows\system32\drivers\msahci.sys
10:54:20.0531 6108 msahci - ok
10:54:20.0578 6108 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\windows\system32\drivers\msdsm.sys
10:54:20.0593 6108 msdsm - ok
10:54:20.0671 6108 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\windows\System32\msdtc.exe
10:54:20.0687 6108 MSDTC - ok
10:54:20.0765 6108 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\windows\system32\drivers\Msfs.sys
10:54:20.0781 6108 Msfs - ok
10:54:20.0827 6108 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
10:54:20.0843 6108 mshidkmdf - ok
10:54:20.0874 6108 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
10:54:20.0890 6108 msisadrv - ok
10:54:20.0952 6108 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\windows\system32\iscsiexe.dll
10:54:20.0983 6108 MSiSCSI - ok
10:54:21.0015 6108 msiserver - ok
10:54:21.0061 6108 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
10:54:21.0077 6108 MSKSSRV - ok
10:54:21.0155 6108 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
10:54:21.0155 6108 MSPCLOCK - ok
10:54:21.0186 6108 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
10:54:21.0202 6108 MSPQM - ok
10:54:21.0264 6108 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
10:54:21.0280 6108 MsRPC - ok
10:54:21.0405 6108 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
10:54:21.0405 6108 mssmbios - ok
10:54:21.0467 6108 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
10:54:21.0483 6108 MSTEE - ok
10:54:21.0514 6108 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\windows\system32\drivers\MTConfig.sys
10:54:21.0529 6108 MTConfig - ok
10:54:21.0561 6108 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\windows\system32\Drivers\mup.sys
10:54:21.0576 6108 Mup - ok
10:54:21.0654 6108 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\windows\system32\qagentRT.dll
10:54:21.0717 6108 napagent - ok
10:54:21.0826 6108 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
10:54:21.0857 6108 NativeWifiP - ok
10:54:22.0013 6108 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\windows\system32\drivers\ndis.sys
10:54:22.0091 6108 NDIS - ok
10:54:22.0138 6108 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
10:54:22.0153 6108 NdisCap - ok
10:54:22.0216 6108 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
10:54:22.0216 6108 NdisTapi - ok
10:54:22.0278 6108 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
10:54:22.0294 6108 Ndisuio - ok
10:54:22.0356 6108 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
10:54:22.0372 6108 NdisWan - ok
10:54:22.0465 6108 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
10:54:22.0481 6108 NDProxy - ok
10:54:22.0559 6108 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
10:54:22.0559 6108 NetBIOS - ok
10:54:22.0684 6108 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
10:54:22.0715 6108 NetBT - ok
10:54:22.0824 6108 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\windows\system32\lsass.exe
10:54:22.0887 6108 Netlogon - ok
10:54:23.0027 6108 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\windows\System32\netman.dll
10:54:23.0074 6108 Netman - ok
10:54:23.0121 6108 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:54:23.0292 6108 NetMsmqActivator - ok
10:54:23.0323 6108 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:54:23.0339 6108 NetPipeActivator - ok
10:54:23.0448 6108 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\windows\System32\netprofm.dll
10:54:23.0511 6108 netprofm - ok
10:54:23.0573 6108 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:54:23.0573 6108 NetTcpActivator - ok
10:54:23.0635 6108 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:54:23.0651 6108 NetTcpPortSharing - ok
10:54:23.0760 6108 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
10:54:23.0760 6108 nfrd960 - ok
10:54:23.0916 6108 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\windows\System32\nlasvc.dll
10:54:23.0947 6108 NlaSvc - ok
10:54:24.0010 6108 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\windows\system32\drivers\Npfs.sys
10:54:24.0025 6108 Npfs - ok
10:54:24.0088 6108 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\windows\system32\nsisvc.dll
10:54:24.0135 6108 nsi - ok
10:54:24.0197 6108 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
10:54:24.0197 6108 nsiproxy - ok
10:54:24.0493 6108 [ 5E43D2B0EE64123D4880DFA6626DEFDE ] Ntfs C:\windows\system32\drivers\Ntfs.sys
10:54:24.0618 6108 Ntfs - ok
10:54:24.0712 6108 [ F9756A98D69098DCA8945D62858A812C ] Null C:\windows\system32\drivers\Null.sys
10:54:24.0727 6108 Null - ok
10:54:24.0790 6108 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\windows\system32\drivers\nvraid.sys
10:54:24.0790 6108 nvraid - ok
10:54:24.0837 6108 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\windows\system32\drivers\nvstor.sys
10:54:24.0852 6108 nvstor - ok
10:54:24.0915 6108 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\windows\system32\drivers\nv_agp.sys
10:54:24.0930 6108 nv_agp - ok
10:54:25.0164 6108 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:54:25.0195 6108 odserv - ok
10:54:25.0320 6108 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
10:54:25.0336 6108 ohci1394 - ok
10:54:25.0398 6108 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:54:25.0414 6108 ose - ok
10:54:25.0492 6108 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\windows\system32\pnrpsvc.dll
10:54:25.0539 6108 p2pimsvc - ok
10:54:25.0648 6108 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\windows\system32\p2psvc.dll
10:54:25.0710 6108 p2psvc - ok
10:54:25.0804 6108 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\windows\system32\drivers\parport.sys
10:54:25.0819 6108 Parport - ok
10:54:25.0897 6108 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\windows\system32\drivers\partmgr.sys
10:54:25.0913 6108 partmgr - ok
10:54:25.0960 6108 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\windows\system32\drivers\parvdm.sys
10:54:25.0960 6108 Parvdm - ok
10:54:26.0069 6108 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\windows\System32\pcasvc.dll
10:54:26.0116 6108 PcaSvc - ok
10:54:26.0163 6108 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\windows\system32\drivers\pci.sys
10:54:26.0194 6108 pci - ok
10:54:26.0256 6108 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\windows\system32\drivers\pciide.sys
10:54:26.0287 6108 pciide - ok
10:54:26.0350 6108 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\windows\system32\drivers\pcmcia.sys
10:54:26.0381 6108 pcmcia - ok
10:54:26.0428 6108 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\windows\system32\drivers\pcw.sys
10:54:26.0443 6108 pcw - ok
10:54:26.0615 6108 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\windows\system32\drivers\peauth.sys
10:54:26.0677 6108 PEAUTH - ok
10:54:27.0067 6108 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\windows\system32\pla.dll
10:54:27.0177 6108 pla - ok
10:54:27.0348 6108 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\windows\system32\umpnpmgr.dll
10:54:27.0395 6108 PlugPlay - ok
10:54:27.0489 6108 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
10:54:27.0520 6108 PNRPAutoReg - ok
10:54:27.0613 6108 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\windows\system32\pnrpsvc.dll
10:54:27.0660 6108 PNRPsvc - ok
10:54:27.0738 6108 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\windows\System32\ipsecsvc.dll
10:54:27.0769 6108 PolicyAgent - ok
10:54:27.0816 6108 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\windows\system32\umpo.dll
10:54:27.0863 6108 Power - ok
10:54:27.0910 6108 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
10:54:27.0925 6108 PptpMiniport - ok
10:54:27.0957 6108 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\windows\system32\drivers\processr.sys
10:54:27.0972 6108 Processor - ok
10:54:28.0066 6108 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\windows\system32\profsvc.dll
10:54:28.0097 6108 ProfSvc - ok
10:54:28.0128 6108 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\windows\system32\lsass.exe
10:54:28.0144 6108 ProtectedStorage - ok
10:54:28.0191 6108 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\windows\system32\DRIVERS\pacer.sys
10:54:28.0206 6108 Psched - ok
10:54:28.0409 6108 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\windows\system32\drivers\ql2300.sys
10:54:28.0487 6108 ql2300 - ok
10:54:28.0534 6108 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
10:54:28.0549 6108 ql40xx - ok
10:54:28.0612 6108 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\windows\system32\qwave.dll
10:54:28.0643 6108 QWAVE - ok
10:54:28.0737 6108 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
10:54:28.0737 6108 QWAVEdrv - ok
10:54:28.0768 6108 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
10:54:28.0768 6108 RasAcd - ok
10:54:28.0924 6108 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
10:54:28.0939 6108 RasAgileVpn - ok
10:54:29.0017 6108 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\windows\System32\rasauto.dll
10:54:29.0064 6108 RasAuto - ok
10:54:29.0111 6108 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
10:54:29.0111 6108 Rasl2tp - ok
10:54:29.0236 6108 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\windows\System32\rasmans.dll
10:54:29.0314 6108 RasMan - ok
10:54:29.0439 6108 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
10:54:29.0454 6108 RasPppoe - ok
10:54:29.0517 6108 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
10:54:29.0532 6108 RasSstp - ok
10:54:29.0595 6108 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
10:54:29.0610 6108 rdbss - ok
10:54:29.0657 6108 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\windows\system32\drivers\rdpbus.sys
10:54:29.0657 6108 rdpbus - ok
10:54:29.0719 6108 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
10:54:29.0735 6108 RDPCDD - ok
10:54:29.0782 6108 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
10:54:29.0797 6108 RDPENCDD - ok
10:54:29.0891 6108 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
10:54:29.0907 6108 RDPREFMP - ok
10:54:29.0953 6108 [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
10:54:29.0969 6108 RdpVideoMiniport - ok
10:54:30.0031 6108 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
10:54:30.0047 6108 RDPWD - ok
10:54:30.0094 6108 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
10:54:30.0141 6108 rdyboost - ok
10:54:30.0203 6108 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\windows\System32\mprdim.dll
10:54:30.0234 6108 RemoteAccess - ok
10:54:30.0281 6108 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\windows\system32\regsvc.dll
10:54:30.0359 6108 RemoteRegistry - ok
10:54:30.0406 6108 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
10:54:30.0421 6108 RFCOMM - ok
10:54:30.0453 6108 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
10:54:30.0484 6108 RpcEptMapper - ok
10:54:30.0531 6108 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\windows\system32\locator.exe
10:54:30.0546 6108 RpcLocator - ok
10:54:30.0655 6108 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\windows\system32\rpcss.dll
10:54:30.0718 6108 RpcSs - ok
10:54:30.0811 6108 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
10:54:30.0811 6108 rspndr - ok
10:54:30.0858 6108 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\windows\system32\lsass.exe
10:54:30.0874 6108 SamSs - ok
10:54:30.0905 6108 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\windows\system32\drivers\sbp2port.sys
10:54:30.0921 6108 sbp2port - ok
10:54:31.0014 6108 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\windows\System32\SCardSvr.dll
10:54:31.0061 6108 SCardSvr - ok
10:54:31.0108 6108 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
10:54:31.0108 6108 scfilter - ok
10:54:31.0217 6108 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\windows\system32\schedsvc.dll
10:54:31.0311 6108 Schedule - ok
10:54:31.0373 6108 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\windows\System32\certprop.dll
10:54:31.0389 6108 SCPolicySvc - ok
10:54:31.0467 6108 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\windows\System32\SDRSVC.dll
10:54:31.0513 6108 SDRSVC - ok
10:54:31.0607 6108 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\windows\system32\drivers\secdrv.sys
10:54:31.0623 6108 secdrv - ok
10:54:31.0669 6108 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\windows\system32\seclogon.dll
10:54:31.0716 6108 seclogon - ok
10:54:31.0763 6108 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\windows\System32\sens.dll
10:54:31.0794 6108 SENS - ok
10:54:31.0857 6108 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\windows\system32\drivers\serenum.sys
10:54:31.0857 6108 Serenum - ok
10:54:31.0903 6108 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\windows\system32\drivers\serial.sys
10:54:31.0919 6108 Serial - ok
10:54:31.0935 6108 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\windows\system32\drivers\sermouse.sys
10:54:31.0950 6108 sermouse - ok
10:54:32.0059 6108 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\windows\system32\sessenv.dll
10:54:32.0091 6108 SessionEnv - ok
10:54:32.0137 6108 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\windows\system32\drivers\sffdisk.sys
10:54:32.0153 6108 sffdisk - ok
10:54:32.0184 6108 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
10:54:32.0184 6108 sffp_mmc - ok
10:54:32.0215 6108 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
10:54:32.0215 6108 sffp_sd - ok
10:54:32.0247 6108 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
10:54:32.0247 6108 sfloppy - ok
10:54:32.0403 6108 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\windows\System32\ipnathlp.dll
10:54:32.0434 6108 SharedAccess - ok
10:54:32.0590 6108 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\windows\System32\shsvcs.dll
10:54:32.0652 6108 ShellHWDetection - ok
10:54:32.0699 6108 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\windows\system32\drivers\sisagp.sys
10:54:32.0715 6108 sisagp - ok
10:54:32.0761 6108 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
10:54:32.0761 6108 SiSRaid2 - ok
10:54:32.0808 6108 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
10:54:32.0824 6108 SiSRaid4 - ok
10:54:33.0276 6108 [ 73E3B5D1F1EB5FDC51A5C3437EEE3348 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
10:54:33.0463 6108 Skype C2C Service - ok
10:54:33.0588 6108 [ 3E587DBBDFF938DDE5D4CE4047BE9041 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
10:54:33.0604 6108 SkypeUpdate - ok
10:54:33.0666 6108 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\windows\system32\DRIVERS\smb.sys
10:54:33.0666 6108 Smb - ok
10:54:33.0791 6108 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\windows\System32\snmptrap.exe
10:54:33.0869 6108 SNMPTRAP - ok
10:54:33.0947 6108 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\windows\system32\drivers\spldr.sys
10:54:33.0963 6108 spldr - ok
10:54:34.0056 6108 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\windows\System32\spoolsv.exe
10:54:34.0150 6108 Spooler - ok
10:54:34.0353 6108 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\windows\system32\sppsvc.exe
10:54:34.0524 6108 sppsvc - ok
10:54:34.0618 6108 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\windows\system32\sppuinotify.dll
10:54:34.0649 6108 sppuinotify - ok
10:54:34.0727 6108 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\windows\system32\DRIVERS\srv.sys
10:54:34.0743 6108 srv - ok
10:54:34.0883 6108 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\windows\system32\DRIVERS\srv2.sys
10:54:34.0930 6108 srv2 - ok
10:54:35.0008 6108 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
10:54:35.0023 6108 srvnet - ok
10:54:35.0086 6108 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
10:54:35.0117 6108 SSDPSRV - ok
10:54:35.0538 6108 [ E855AC5D4B09F651CE96415C557FF92D ] ssinstall C:\windows\System32\ssins.exe
10:54:35.0694 6108 ssinstall - ok
10:54:35.0803 6108 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\windows\system32\sstpsvc.dll
10:54:35.0850 6108 SstpSvc - ok
10:54:35.0913 6108 [ 3F0164FBC0BD1ADBD02DF9759181451A ] ss_bbus C:\windows\system32\DRIVERS\ss_bbus.sys
10:54:35.0928 6108 ss_bbus - ok
10:54:36.0006 6108 [ B89D62206034E5FE573C80A24DD55675 ] ss_bmdfl C:\windows\system32\DRIVERS\ss_bmdfl.sys
10:54:36.0022 6108 ss_bmdfl - ok
10:54:36.0084 6108 [ 1ED0FCEA586FE2A416EE15196E5631DD ] ss_bmdm C:\windows\system32\DRIVERS\ss_bmdm.sys
10:54:36.0100 6108 ss_bmdm - ok
10:54:36.0162 6108 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\windows\system32\drivers\stexstor.sys
10:54:36.0162 6108 stexstor - ok
10:54:36.0396 6108 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\windows\System32\wiaservc.dll
10:54:36.0474 6108 StiSvc - ok
10:54:36.0537 6108 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\windows\system32\DRIVERS\swenum.sys
10:54:36.0552 6108 swenum - ok
10:54:36.0630 6108 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\windows\System32\swprv.dll
10:54:36.0693 6108 swprv - ok
10:54:36.0942 6108 [ 4DB524DCD5CECE0349D9F8C3738DA0B2 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
10:54:37.0051 6108 SynTP - ok
10:54:37.0301 6108 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\windows\system32\sysmain.dll
10:54:37.0410 6108 SysMain - ok
10:54:37.0519 6108 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\windows\System32\TabSvc.dll
10:54:37.0551 6108 TabletInputService - ok
10:54:37.0613 6108 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\windows\System32\tapisrv.dll
10:54:37.0675 6108 TapiSrv - ok
10:54:37.0722 6108 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\windows\System32\tbssvc.dll
10:54:37.0769 6108 TBS - ok
10:54:38.0050 6108 [ CA59F7C570AF70BC174F477CFE2D9EE3 ] Tcpip C:\windows\system32\drivers\tcpip.sys
10:54:38.0175 6108 Tcpip - ok
10:54:38.0533 6108 [ CA59F7C570AF70BC174F477CFE2D9EE3 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
10:54:38.0580 6108 TCPIP6 - ok
10:54:38.0814 6108 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
10:54:39.0001 6108 tcpipreg - ok
10:54:39.0204 6108 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
10:54:39.0204 6108 TDPIPE - ok
10:54:39.0235 6108 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
10:54:39.0251 6108 TDTCP - ok
10:54:39.0345 6108 [ B459575348C20E8121D6039DA063C704 ] tdx C:\windows\system32\DRIVERS\tdx.sys
10:54:39.0360 6108 tdx - ok
10:54:39.0407 6108 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
10:54:39.0423 6108 TermDD - ok
10:54:39.0532 6108 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\windows\System32\termsrv.dll
10:54:39.0625 6108 TermService - ok
10:54:39.0672 6108 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\windows\system32\themeservice.dll
10:54:39.0719 6108 Themes - ok
10:54:39.0828 6108 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\windows\system32\mmcss.dll
10:54:39.0859 6108 THREADORDER - ok
10:54:40.0156 6108 [ E5EFD1068D24F9F052A027CAFED3AA5A ] TiMiniService C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
10:54:40.0203 6108 TiMiniService - ok
10:54:40.0249 6108 [ DE87A23D2DDC7378D1C7AB681E20DE47 ] tmactmon C:\windows\system32\DRIVERS\tmactmon.sys
10:54:40.0265 6108 tmactmon - ok
10:54:40.0327 6108 [ 540C2B5DC47651C572C2804DC72FDDA8 ] tmcomm C:\windows\system32\DRIVERS\tmcomm.sys
10:54:40.0343 6108 tmcomm - ok
10:54:40.0421 6108 [ 2DE1FA64EBAFF376F2C038F64492F62C ] tmevtmgr C:\windows\system32\DRIVERS\tmevtmgr.sys
10:54:40.0437 6108 tmevtmgr - ok
10:54:40.0671 6108 [ 5A61679B2277B9AD550E30479A69503B ] tmtdi C:\windows\system32\DRIVERS\tmtdi.sys
10:54:40.0702 6108 tmtdi - ok
10:54:40.0764 6108 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\windows\System32\trkwks.dll
10:54:40.0811 6108 TrkWks - ok
10:54:40.0889 6108 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
10:54:40.0905 6108 TrustedInstaller - ok
10:54:41.0029 6108 [ B37B08F2E5EEB1A37E448E09BACE1101 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
10:54:41.0029 6108 tssecsrv - ok
10:54:41.0201 6108 [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
10:54:41.0217 6108 TsUsbFlt - ok
10:54:41.0310 6108 [ 57C527AF84748B5C2F5178C499C0B81F ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
10:54:41.0326 6108 TsUsbGD - ok
10:54:41.0451 6108 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
10:54:41.0466 6108 tunnel - ok
10:54:41.0513 6108 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\windows\system32\drivers\uagp35.sys
10:54:41.0529 6108 uagp35 - ok
10:54:41.0591 6108 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\windows\system32\DRIVERS\udfs.sys
10:54:41.0622 6108 udfs - ok
10:54:41.0716 6108 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\windows\system32\UI0Detect.exe
10:54:41.0763 6108 UI0Detect - ok
10:54:41.0794 6108 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
10:54:41.0809 6108 uliagpkx - ok
10:54:41.0872 6108 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\windows\system32\DRIVERS\umbus.sys
10:54:41.0887 6108 umbus - ok
10:54:41.0934 6108 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\windows\system32\drivers\umpass.sys
10:54:41.0950 6108 UmPass - ok
10:54:42.0043 6108 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\windows\System32\upnphost.dll
10:54:42.0121 6108 upnphost - ok
10:54:42.0168 6108 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
10:54:42.0184 6108 usbccgp - ok
10:54:42.0246 6108 [ 2352AB5F9F8F097BF9D41D5A4718A041 ] usbcir C:\windows\system32\drivers\usbcir.sys
10:54:42.0262 6108 usbcir - ok
10:54:42.0324 6108 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
10:54:42.0340 6108 usbehci - ok
10:54:42.0387 6108 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
10:54:42.0543 6108 usbhub - ok
10:54:42.0667 6108 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\windows\system32\drivers\usbohci.sys
10:54:42.0683 6108 usbohci - ok
10:54:42.0855 6108 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
10:54:42.0870 6108 usbprint - ok
10:54:43.0042 6108 [ FC6B21DB4B5B398AB93DBE59CBF11036 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
10:54:43.0057 6108 usbscan - ok
10:54:43.0104 6108 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
10:54:43.0120 6108 USBSTOR - ok
10:54:43.0213 6108 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\windows\system32\DRIVERS\usbuhci.sys
10:54:43.0229 6108 usbuhci - ok
10:54:43.0401 6108 [ DE014425522610BEDCA3821BB8C0F1D5 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
10:54:43.0416 6108 usbvideo - ok
10:54:43.0479 6108 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\windows\System32\uxsms.dll
10:54:43.0525 6108 UxSms - ok
10:54:43.0588 6108 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\windows\system32\lsass.exe
10:54:43.0603 6108 VaultSvc - ok
10:54:43.0666 6108 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
10:54:43.0681 6108 vdrvroot - ok
10:54:43.0775 6108 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\windows\System32\vds.exe
10:54:43.0853 6108 vds - ok
10:54:44.0071 6108 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
10:54:44.0087 6108 vga - ok
10:54:44.0196 6108 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\windows\System32\drivers\vga.sys
10:54:44.0212 6108 VgaSave - ok
10:54:44.0290 6108 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\windows\system32\drivers\vhdmp.sys
10:54:44.0305 6108 vhdmp - ok
10:54:44.0524 6108 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\windows\system32\drivers\viaagp.sys
10:54:44.0539 6108 viaagp - ok
10:54:44.0586 6108 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\windows\system32\drivers\viac7.sys
10:54:44.0602 6108 ViaC7 - ok
10:54:44.0649 6108 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\windows\system32\drivers\viaide.sys
10:54:44.0649 6108 viaide - ok
10:54:44.0742 6108 [ C37CE43FB54066FFB540729C6E6E194E ] VideAceWindowsService C:\ExpressGateUtil\VAWinService.exe
10:54:44.0742 6108 VideAceWindowsService - ok
10:54:44.0820 6108 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\windows\system32\drivers\volmgr.sys
10:54:44.0820 6108 volmgr - ok
10:54:44.0914 6108 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\windows\system32\drivers\volmgrx.sys
10:54:44.0945 6108 volmgrx - ok
10:54:45.0023 6108 [ C37AEE5966EB5929E2051AC7409B5730 ] volsnap C:\windows\system32\drivers\volsnap.sys
10:54:45.0054 6108 volsnap - ok
10:54:45.0163 6108 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
10:54:45.0304 6108 vsmraid - ok
10:54:45.0538 6108 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\windows\system32\vssvc.exe
10:54:45.0772 6108 VSS - ok
10:54:45.0819 6108 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
10:54:45.0834 6108 vwifibus - ok
10:54:45.0897 6108 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
10:54:45.0912 6108 vwififlt - ok
10:54:46.0021 6108 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\windows\system32\w32time.dll
10:54:46.0146 6108 W32Time - ok
10:54:46.0255 6108 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\windows\system32\drivers\wacompen.sys
10:54:46.0271 6108 WacomPen - ok
10:54:46.0333 6108 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
10:54:46.0349 6108 WANARP - ok
10:54:46.0365 6108 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
10:54:46.0380 6108 Wanarpv6 - ok
10:54:46.0614 6108 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\windows\system32\wbengine.exe
10:54:46.0739 6108 wbengine - ok
10:54:46.0817 6108 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
10:54:46.0879 6108 WbioSrvc - ok
10:54:47.0020 6108 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\windows\System32\wcncsvc.dll
10:54:47.0238 6108 wcncsvc - ok
10:54:47.0316 6108 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
10:54:47.0363 6108 WcsPlugInService - ok
10:54:47.0613 6108 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\windows\system32\drivers\wd.sys
10:54:47.0613 6108 Wd - ok
10:54:47.0847 6108 [ 25944D2CC49E0A6C581D02A74B7D6645 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
10:54:47.0987 6108 Wdf01000 - ok
10:54:48.0034 6108 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\windows\system32\wdi.dll
10:54:48.0081 6108 WdiServiceHost - ok
10:54:48.0112 6108 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\windows\system32\wdi.dll
10:54:48.0159 6108 WdiSystemHost - ok
10:54:48.0221 6108 [ 75E8EBD7040CE238684333F97014762A ] WebClient C:\windows\System32\webclnt.dll
10:54:48.0268 6108 WebClient - ok
10:54:48.0439 6108 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\windows\system32\wecsvc.dll
10:54:48.0486 6108 Wecsvc - ok
10:54:48.0533 6108 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\windows\System32\wercplsupport.dll
10:54:48.0580 6108 wercplsupport - ok
10:54:48.0642 6108 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\windows\System32\WerSvc.dll
10:54:48.0673 6108 WerSvc - ok
10:54:48.0736 6108 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
10:54:48.0736 6108 WfpLwf - ok
10:54:48.0783 6108 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\windows\system32\drivers\wimmount.sys
10:54:48.0783 6108 WIMMount - ok
10:54:49.0141 6108 [ 082CF481F659FAE0DE51AD060881EB47 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
10:54:49.0360 6108 WinDefend - ok
10:54:49.0422 6108 WinHttpAutoProxySvc - ok
10:54:49.0594 6108 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
10:54:49.0609 6108 Winmgmt - ok
10:54:49.0828 6108 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\windows\system32\WsmSvc.dll
10:54:49.0953 6108 WinRM - ok
10:54:50.0077 6108 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
10:54:50.0077 6108 WinUsb - ok
10:54:50.0233 6108 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\windows\System32\wlansvc.dll
10:54:50.0358 6108 Wlansvc - ok
10:54:50.0499 6108 [ 6067ACEF367E79914AF628FA1E9B5330 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
10:54:50.0530 6108 wlcrasvc - ok
10:54:51.0029 6108 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:54:51.0107 6108 wlidsvc - ok
10:54:51.0154 6108 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys
10:54:51.0154 6108 WmiAcpi - ok
10:54:51.0310 6108 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
10:54:51.0325 6108 wmiApSrv - ok
10:54:51.0559 6108 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
10:54:51.0637 6108 WMPNetworkSvc - ok
10:54:51.0700 6108 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\windows\System32\wpcsvc.dll
10:54:51.0731 6108 WPCSvc - ok
10:54:51.0762 6108 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
10:54:51.0809 6108 WPDBusEnum - ok
10:54:51.0887 6108 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
10:54:51.0887 6108 ws2ifsl - ok
10:54:51.0981 6108 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\windows\System32\wscsvc.dll
10:54:52.0012 6108 wscsvc - ok
10:54:52.0043 6108 WSearch - ok
10:54:52.0433 6108 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\windows\system32\wuaueng.dll
10:54:52.0527 6108 wuauserv - ok
10:54:52.0573 6108 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
10:54:52.0573 6108 WudfPf - ok
10:54:52.0605 6108 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
10:54:52.0620 6108 WUDFRd - ok
10:54:52.0651 6108 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\windows\System32\WUDFSvc.dll
10:54:52.0683 6108 wudfsvc - ok
10:54:52.0714 6108 [ 3C5E51C05BE9B56EAFF4E388C3AB25E4 ] WwanSvc C:\windows\System32\wwansvc.dll
10:54:52.0761 6108 WwanSvc - ok
10:54:52.0807 6108 ================ Scan global ===============================
10:54:52.0885 6108 [ DAB748AE0439955ED2FA22357533DDDB ] C:\windows\system32\basesrv.dll
10:54:52.0948 6108 [ 51BB04243DF6196C06E125898127E397 ] C:\windows\system32\winsrv.dll
10:54:52.0979 6108 [ 51BB04243DF6196C06E125898127E397 ] C:\windows\system32\winsrv.dll
10:54:53.0041 6108 [ 364455805E64882844EE9ACB72522830 ] C:\windows\system32\sxssrv.dll
10:54:53.0104 6108 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\windows\system32\services.exe
10:54:53.0135 6108 [Global] - ok
10:54:53.0135 6108 ================ Scan MBR ==================================
10:54:53.0151 6108 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:54:57.0550 6108 \Device\Harddisk0\DR0 - ok
10:54:57.0565 6108 ================ Scan VBR ==================================
10:54:57.0612 6108 [ C4261563CC553AC3C34F6528267C6C8E ] \Device\Harddisk0\DR0\Partition1
10:54:57.0612 6108 \Device\Harddisk0\DR0\Partition1 - ok
10:54:57.0675 6108 [ 5227DB24F17502F97DBE952E1B66BC39 ] \Device\Harddisk0\DR0\Partition2
10:54:57.0675 6108 \Device\Harddisk0\DR0\Partition2 - ok
10:54:57.0690 6108 ============================================================
10:54:57.0690 6108 Scan finished
10:54:57.0690 6108 ============================================================
10:54:58.0611 4608 Detected object count: 0
10:54:58.0611 4608 Actual detected object count: 0
10:54:04.0089 6108 [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG C:\windows\system32\Drivers\cng.sys
10:54:04.0167 6108 CNG - ok
10:54:04.0291 6108 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\windows\system32\drivers\compbatt.sys
10:54:04.0307 6108 Compbatt - ok
10:54:04.0354 6108 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
10:54:04.0354 6108 CompositeBus - ok
10:54:04.0385 6108 COMSysApp - ok
10:54:04.0479 6108 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
10:54:04.0479 6108 crcdisk - ok
10:54:04.0572 6108 [ 7CA1BECEA5DE2643ADDAD32670E7A4C9 ] CryptSvc C:\windows\system32\cryptsvc.dll
10:54:04.0588 6108 CryptSvc - ok
10:54:04.0681 6108 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\windows\system32\rpcss.dll
10:54:04.0759 6108 DcomLaunch - ok
10:54:04.0853 6108 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\windows\System32\defragsvc.dll
10:54:04.0884 6108 defragsvc - ok
10:54:04.0947 6108 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\windows\system32\Drivers\dfsc.sys
10:54:04.0947 6108 DfsC - ok
10:54:05.0025 6108 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\windows\system32\dhcpcore.dll
10:54:05.0056 6108 Dhcp - ok
10:54:05.0118 6108 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\windows\system32\drivers\discache.sys
10:54:05.0134 6108 discache - ok
10:54:05.0196 6108 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\windows\system32\drivers\disk.sys
10:54:05.0196 6108 Disk - ok
10:54:05.0290 6108 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\windows\System32\dnsrslvr.dll
10:54:05.0305 6108 Dnscache - ok
10:54:05.0368 6108 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\windows\System32\dot3svc.dll
10:54:05.0399 6108 dot3svc - ok
10:54:05.0461 6108 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\windows\system32\dps.dll
10:54:05.0493 6108 DPS - ok
10:54:05.0539 6108 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
10:54:05.0555 6108 drmkaud - ok
10:54:05.0617 6108 [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01 C:\windows\system32\DRIVERS\dtsoftbus01.sys
10:54:05.0649 6108 dtsoftbus01 - ok
10:54:05.0805 6108 [ 71BC35067CABC02C9453AEAA42B2E43E ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
10:54:05.0898 6108 DXGKrnl - ok
10:54:05.0992 6108 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\windows\System32\eapsvc.dll
10:54:06.0007 6108 EapHost - ok
10:54:06.0491 6108 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\windows\system32\drivers\evbdx.sys
10:54:06.0631 6108 ebdrv - ok
10:54:06.0709 6108 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\windows\System32\lsass.exe
10:54:06.0725 6108 EFS - ok
10:54:06.0912 6108 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\windows\system32\drivers\elxstor.sys
10:54:06.0928 6108 elxstor - ok
10:54:06.0943 6108 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\windows\system32\drivers\errdev.sys
10:54:06.0959 6108 ErrDev - ok
10:54:07.0099 6108 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\windows\system32\es.dll
10:54:07.0209 6108 EventSystem - ok
10:54:07.0255 6108 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\windows\system32\drivers\exfat.sys
10:54:07.0271 6108 exfat - ok
10:54:07.0380 6108 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\windows\system32\drivers\fastfat.sys
10:54:07.0427 6108 fastfat - ok
10:54:07.0583 6108 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\windows\system32\fxssvc.exe
10:54:07.0645 6108 Fax - ok
10:54:07.0677 6108 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\windows\system32\drivers\fdc.sys
10:54:07.0692 6108 fdc - ok
10:54:07.0770 6108 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\windows\system32\fdPHost.dll
10:54:07.0786 6108 fdPHost - ok
10:54:07.0848 6108 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\windows\system32\fdrespub.dll
10:54:07.0864 6108 FDResPub - ok
10:54:07.0957 6108 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
10:54:07.0957 6108 FileInfo - ok
10:54:08.0020 6108 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\windows\system32\drivers\filetrace.sys
10:54:08.0035 6108 Filetrace - ok
10:54:08.0082 6108 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\windows\system32\drivers\flpydisk.sys
10:54:08.0098 6108 flpydisk - ok
10:54:08.0160 6108 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
10:54:08.0176 6108 FltMgr - ok
10:54:08.0363 6108 [ E12C4928B32ACE04610259647F072635 ] FontCache C:\windows\system32\FntCache.dll
10:54:08.0519 6108 FontCache - ok
10:54:08.0675 6108 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
10:54:08.0691 6108 FontCache3.0.0.0 - ok
10:54:08.0737 6108 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\windows\system32\drivers\FsDepends.sys
10:54:08.0753 6108 FsDepends - ok
10:54:08.0847 6108 [ BFAAA92861526BB0ADCD01E964AB6609 ] fssfltr C:\windows\system32\DRIVERS\fssfltr.sys
10:54:08.0862 6108 fssfltr - ok
10:54:09.0174 6108 [ 40CDFAD174B3D5E80F95DDA003C0B97F ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
10:54:09.0361 6108 fsssvc - ok
10:54:09.0424 6108 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
10:54:09.0424 6108 Fs_Rec - ok
10:54:09.0502 6108 [ E306A24D9694C724FA2491278BF50FDB ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
10:54:09.0549 6108 fvevol - ok
10:54:09.0627 6108 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
10:54:09.0627 6108 gagp30kx - ok
10:54:09.0767 6108 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\windows\System32\gpsvc.dll
10:54:09.0814 6108 gpsvc - ok
10:54:09.0939 6108 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
10:54:09.0970 6108 gupdate - ok
10:54:10.0001 6108 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
10:54:10.0001 6108 gupdatem - ok
10:54:10.0079 6108 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
10:54:10.0095 6108 hcw85cir - ok
10:54:10.0500 6108 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
10:54:10.0625 6108 HdAudAddService - ok
10:54:10.0687 6108 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
10:54:10.0703 6108 HDAudBus - ok
10:54:10.0797 6108 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\windows\system32\drivers\HidBatt.sys
10:54:10.0797 6108 HidBatt - ok
10:54:10.0875 6108 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\windows\system32\drivers\hidbth.sys
10:54:10.0890 6108 HidBth - ok
10:54:10.0953 6108 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\windows\system32\drivers\hidir.sys
10:54:10.0953 6108 HidIr - ok
10:54:11.0015 6108 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\windows\system32\hidserv.dll
10:54:11.0031 6108 hidserv - ok
10:54:11.0093 6108 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\windows\system32\drivers\hidusb.sys
10:54:11.0093 6108 HidUsb - ok
10:54:11.0155 6108 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\windows\system32\kmsvc.dll
10:54:11.0187 6108 hkmsvc - ok
10:54:11.0233 6108 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\windows\system32\ListSvc.dll
10:54:11.0265 6108 HomeGroupListener - ok
10:54:12.0123 6108 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\windows\system32\provsvc.dll
10:54:12.0653 6108 HomeGroupProvider - ok
10:54:13.0402 6108 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
10:54:13.0417 6108 HpSAMD - ok
10:54:13.0573 6108 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\windows\system32\drivers\HTTP.sys
10:54:13.0651 6108 HTTP - ok
10:54:13.0683 6108 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
10:54:13.0698 6108 hwpolicy - ok
10:54:13.0776 6108 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
10:54:13.0776 6108 i8042prt - ok
10:54:13.0854 6108 [ F4037A3FEDB92DD97C95F320766EA5C9 ] iaStor C:\windows\system32\drivers\iaStor.sys
10:54:13.0885 6108 iaStor - ok
10:54:13.0995 6108 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\windows\system32\drivers\iaStorV.sys
10:54:14.0026 6108 iaStorV - ok
10:54:14.0307 6108 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:54:14.0463 6108 idsvc - ok
10:54:14.0728 6108 [ 96FE1D82D1B4420D350AB6493C6FCE41 ] igddim32 C:\windows\system32\DRIVERS\igddim32.sys
10:54:14.0868 6108 igddim32 - ok
10:54:14.0946 6108 [ 30D8327539E11CFE5006BCF762F07EB9 ] igdkmd32 C:\windows\system32\DRIVERS\igdkmd32.sys
10:54:15.0009 6108 igdkmd32 - ok
10:54:15.0040 6108 [ 30D8327539E11CFE5006BCF762F07EB9 ] igfx C:\windows\system32\DRIVERS\igdkmd32.sys
10:54:15.0055 6108 igfx - ok
10:54:15.0133 6108 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\windows\system32\drivers\iirsp.sys
10:54:15.0149 6108 iirsp - ok
10:54:15.0258 6108 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\windows\System32\ikeext.dll
10:54:15.0336 6108 IKEEXT - ok
10:54:15.0960 6108 [ D4394A481B845CC1DF361A85751C071A ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHDA.sys
10:54:16.0241 6108 IntcAzAudAddService - ok
10:54:16.0303 6108 [ 8F4D251F1EA15FA97E8399128A72CC83 ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
10:54:16.0335 6108 IntcDAud - ok
10:54:16.0397 6108 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\windows\system32\drivers\intelide.sys
10:54:16.0397 6108 intelide - ok
10:54:16.0459 6108 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
10:54:16.0459 6108 intelppm - ok
10:54:16.0506 6108 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\windows\system32\ipbusenum.dll
10:54:16.0522 6108 IPBusEnum - ok
10:54:16.0553 6108 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
10:54:16.0569 6108 IpFilterDriver - ok
10:54:16.0662 6108 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\windows\System32\iphlpsvc.dll
10:54:16.0756 6108 iphlpsvc - ok
10:54:16.0834 6108 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
10:54:16.0849 6108 IPMIDRV - ok
10:54:16.0881 6108 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\windows\system32\drivers\ipnat.sys
10:54:16.0881 6108 IPNAT - ok
10:54:16.0959 6108 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\windows\system32\drivers\irenum.sys
10:54:16.0974 6108 IRENUM - ok
10:54:17.0021 6108 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\windows\system32\drivers\isapnp.sys
10:54:17.0021 6108 isapnp - ok
10:54:17.0083 6108 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
10:54:17.0099 6108 iScsiPrt - ok
10:54:17.0146 6108 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
10:54:17.0146 6108 kbdclass - ok
10:54:17.0208 6108 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
10:54:17.0208 6108 kbdhid - ok
10:54:17.0255 6108 [ 3EB803312987FF44265C87CB960DF6AB ] kbfiltr C:\windows\system32\DRIVERS\kbfiltr.sys
10:54:17.0271 6108 kbfiltr - ok
10:54:17.0317 6108 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\windows\system32\lsass.exe
10:54:17.0349 6108 KeyIso - ok
10:54:17.0395 6108 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
10:54:17.0411 6108 KSecDD - ok
10:54:17.0473 6108 [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
10:54:17.0489 6108 KSecPkg - ok
10:54:17.0614 6108 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\windows\system32\msdtckrm.dll
10:54:17.0661 6108 KtmRm - ok
10:54:17.0739 6108 [ 2D60DFAD37C101E35520E38F12B59770 ] L1C C:\windows\system32\DRIVERS\L1C62x86.sys
10:54:17.0739 6108 L1C - ok
10:54:17.0817 6108 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\windows\system32\srvsvc.dll
10:54:17.0895 6108 LanmanServer - ok
10:54:17.0957 6108 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
10:54:18.0082 6108 LanmanWorkstation - ok
10:54:18.0144 6108 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
10:54:18.0144 6108 lltdio - ok
10:54:18.0222 6108 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\windows\System32\lltdsvc.dll
10:54:18.0269 6108 lltdsvc - ok
10:54:18.0316 6108 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\windows\System32\lmhsvc.dll
10:54:18.0331 6108 lmhosts - ok
10:54:18.0425 6108 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
10:54:18.0425 6108 LSI_FC - ok
10:54:18.0456 6108 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
10:54:18.0456 6108 LSI_SAS - ok
10:54:18.0503 6108 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
10:54:18.0519 6108 LSI_SAS2 - ok
10:54:18.0581 6108 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
10:54:18.0581 6108 LSI_SCSI - ok
10:54:18.0643 6108 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\windows\system32\drivers\luafv.sys
10:54:18.0659 6108 luafv - ok
10:54:18.0706 6108 [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector C:\windows\system32\drivers\mbam.sys
10:54:18.0706 6108 MBAMProtector - ok
10:54:18.0799 6108 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
10:54:18.0831 6108 MBAMScheduler - ok
10:54:18.0940 6108 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
10:54:19.0018 6108 MBAMService - ok
10:54:19.0096 6108 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\windows\system32\drivers\megasas.sys
10:54:19.0111 6108 megasas - ok
10:54:19.0158 6108 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
10:54:19.0205 6108 MegaSR - ok
10:54:19.0267 6108 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\windows\system32\mmcss.dll
10:54:19.0299 6108 MMCSS - ok
10:54:19.0330 6108 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\windows\system32\drivers\modem.sys
10:54:19.0330 6108 Modem - ok
10:54:19.0408 6108 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\windows\system32\DRIVERS\monitor.sys
10:54:19.0423 6108 monitor - ok
10:54:19.0486 6108 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
10:54:19.0501 6108 mouclass - ok
10:54:19.0548 6108 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
10:54:19.0548 6108 mouhid - ok
10:54:19.0595 6108 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\windows\system32\drivers\mountmgr.sys
10:54:19.0611 6108 mountmgr - ok
10:54:19.0689 6108 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
10:54:19.0704 6108 MozillaMaintenance - ok
10:54:19.0782 6108 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\windows\system32\drivers\mpio.sys
10:54:19.0813 6108 mpio - ok
10:54:19.0876 6108 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
10:54:19.0891 6108 mpsdrv - ok
10:54:20.0094 6108 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\windows\system32\mpssvc.dll
10:54:20.0157 6108 MpsSvc - ok
10:54:20.0235 6108 [ 21F4B24ACFC79A483515BD986DD9043F ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
10:54:20.0250 6108 MRxDAV - ok
10:54:20.0297 6108 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
10:54:20.0313 6108 mrxsmb - ok
10:54:20.0359 6108 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
10:54:20.0375 6108 mrxsmb10 - ok
10:54:20.0437 6108 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
10:54:20.0437 6108 mrxsmb20 - ok
10:54:20.0515 6108 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\windows\system32\drivers\msahci.sys
10:54:20.0531 6108 msahci - ok
10:54:20.0578 6108 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\windows\system32\drivers\msdsm.sys
10:54:20.0593 6108 msdsm - ok
10:54:20.0671 6108 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\windows\System32\msdtc.exe
10:54:20.0687 6108 MSDTC - ok
10:54:20.0765 6108 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\windows\system32\drivers\Msfs.sys
10:54:20.0781 6108 Msfs - ok
10:54:20.0827 6108 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
10:54:20.0843 6108 mshidkmdf - ok
10:54:20.0874 6108 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
10:54:20.0890 6108 msisadrv - ok
10:54:20.0952 6108 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\windows\system32\iscsiexe.dll
10:54:20.0983 6108 MSiSCSI - ok
10:54:21.0015 6108 msiserver - ok
10:54:21.0061 6108 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
10:54:21.0077 6108 MSKSSRV - ok
10:54:21.0155 6108 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
10:54:21.0155 6108 MSPCLOCK - ok
10:54:21.0186 6108 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
10:54:21.0202 6108 MSPQM - ok
10:54:21.0264 6108 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
10:54:21.0280 6108 MsRPC - ok
10:54:21.0405 6108 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
10:54:21.0405 6108 mssmbios - ok
10:54:21.0467 6108 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
10:54:21.0483 6108 MSTEE - ok
10:54:21.0514 6108 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\windows\system32\drivers\MTConfig.sys
10:54:21.0529 6108 MTConfig - ok
10:54:21.0561 6108 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\windows\system32\Drivers\mup.sys
10:54:21.0576 6108 Mup - ok
10:54:21.0654 6108 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\windows\system32\qagentRT.dll
10:54:21.0717 6108 napagent - ok
10:54:21.0826 6108 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
10:54:21.0857 6108 NativeWifiP - ok
10:54:22.0013 6108 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\windows\system32\drivers\ndis.sys
10:54:22.0091 6108 NDIS - ok
10:54:22.0138 6108 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
10:54:22.0153 6108 NdisCap - ok
10:54:22.0216 6108 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
10:54:22.0216 6108 NdisTapi - ok
10:54:22.0278 6108 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
10:54:22.0294 6108 Ndisuio - ok
10:54:22.0356 6108 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
10:54:22.0372 6108 NdisWan - ok
10:54:22.0465 6108 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
10:54:22.0481 6108 NDProxy - ok
10:54:22.0559 6108 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
10:54:22.0559 6108 NetBIOS - ok
10:54:22.0684 6108 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
10:54:22.0715 6108 NetBT - ok
10:54:22.0824 6108 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\windows\system32\lsass.exe
10:54:22.0887 6108 Netlogon - ok
10:54:23.0027 6108 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\windows\System32\netman.dll
10:54:23.0074 6108 Netman - ok
10:54:23.0121 6108 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:54:23.0292 6108 NetMsmqActivator - ok
10:54:23.0323 6108 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:54:23.0339 6108 NetPipeActivator - ok
10:54:23.0448 6108 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\windows\System32\netprofm.dll
10:54:23.0511 6108 netprofm - ok
10:54:23.0573 6108 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:54:23.0573 6108 NetTcpActivator - ok
10:54:23.0635 6108 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:54:23.0651 6108 NetTcpPortSharing - ok
10:54:23.0760 6108 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
10:54:23.0760 6108 nfrd960 - ok
10:54:23.0916 6108 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\windows\System32\nlasvc.dll
10:54:23.0947 6108 NlaSvc - ok
10:54:24.0010 6108 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\windows\system32\drivers\Npfs.sys
10:54:24.0025 6108 Npfs - ok
10:54:24.0088 6108 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\windows\system32\nsisvc.dll
10:54:24.0135 6108 nsi - ok
10:54:24.0197 6108 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
10:54:24.0197 6108 nsiproxy - ok
10:54:24.0493 6108 [ 5E43D2B0EE64123D4880DFA6626DEFDE ] Ntfs C:\windows\system32\drivers\Ntfs.sys
10:54:24.0618 6108 Ntfs - ok
10:54:24.0712 6108 [ F9756A98D69098DCA8945D62858A812C ] Null C:\windows\system32\drivers\Null.sys
10:54:24.0727 6108 Null - ok
10:54:24.0790 6108 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\windows\system32\drivers\nvraid.sys
10:54:24.0790 6108 nvraid - ok
10:54:24.0837 6108 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\windows\system32\drivers\nvstor.sys
10:54:24.0852 6108 nvstor - ok
10:54:24.0915 6108 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\windows\system32\drivers\nv_agp.sys
10:54:24.0930 6108 nv_agp - ok
10:54:25.0164 6108 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:54:25.0195 6108 odserv - ok
10:54:25.0320 6108 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
10:54:25.0336 6108 ohci1394 - ok
10:54:25.0398 6108 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:54:25.0414 6108 ose - ok
10:54:25.0492 6108 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\windows\system32\pnrpsvc.dll
10:54:25.0539 6108 p2pimsvc - ok
10:54:25.0648 6108 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\windows\system32\p2psvc.dll
10:54:25.0710 6108 p2psvc - ok
10:54:25.0804 6108 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\windows\system32\drivers\parport.sys
10:54:25.0819 6108 Parport - ok
10:54:25.0897 6108 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\windows\system32\drivers\partmgr.sys
10:54:25.0913 6108 partmgr - ok
10:54:25.0960 6108 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\windows\system32\drivers\parvdm.sys
10:54:25.0960 6108 Parvdm - ok
10:54:26.0069 6108 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\windows\System32\pcasvc.dll
10:54:26.0116 6108 PcaSvc - ok
10:54:26.0163 6108 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\windows\system32\drivers\pci.sys
10:54:26.0194 6108 pci - ok
10:54:26.0256 6108 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\windows\system32\drivers\pciide.sys
10:54:26.0287 6108 pciide - ok
10:54:26.0350 6108 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\windows\system32\drivers\pcmcia.sys
10:54:26.0381 6108 pcmcia - ok
10:54:26.0428 6108 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\windows\system32\drivers\pcw.sys
10:54:26.0443 6108 pcw - ok
10:54:26.0615 6108 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\windows\system32\drivers\peauth.sys
10:54:26.0677 6108 PEAUTH - ok
10:54:27.0067 6108 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\windows\system32\pla.dll
10:54:27.0177 6108 pla - ok
10:54:27.0348 6108 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\windows\system32\umpnpmgr.dll
10:54:27.0395 6108 PlugPlay - ok
10:54:27.0489 6108 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
10:54:27.0520 6108 PNRPAutoReg - ok
10:54:27.0613 6108 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\windows\system32\pnrpsvc.dll
10:54:27.0660 6108 PNRPsvc - ok
10:54:27.0738 6108 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\windows\System32\ipsecsvc.dll
10:54:27.0769 6108 PolicyAgent - ok
10:54:27.0816 6108 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\windows\system32\umpo.dll
10:54:27.0863 6108 Power - ok
10:54:27.0910 6108 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
10:54:27.0925 6108 PptpMiniport - ok
10:54:27.0957 6108 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\windows\system32\drivers\processr.sys
10:54:27.0972 6108 Processor - ok
10:54:28.0066 6108 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\windows\system32\profsvc.dll
10:54:28.0097 6108 ProfSvc - ok
10:54:28.0128 6108 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\windows\system32\lsass.exe
10:54:28.0144 6108 ProtectedStorage - ok
10:54:28.0191 6108 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\windows\system32\DRIVERS\pacer.sys
10:54:28.0206 6108 Psched - ok
10:54:28.0409 6108 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\windows\system32\drivers\ql2300.sys
10:54:28.0487 6108 ql2300 - ok
10:54:28.0534 6108 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
10:54:28.0549 6108 ql40xx - ok
10:54:28.0612 6108 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\windows\system32\qwave.dll
10:54:28.0643 6108 QWAVE - ok
10:54:28.0737 6108 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
10:54:28.0737 6108 QWAVEdrv - ok
10:54:28.0768 6108 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
10:54:28.0768 6108 RasAcd - ok
10:54:28.0924 6108 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
10:54:28.0939 6108 RasAgileVpn - ok
10:54:29.0017 6108 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\windows\System32\rasauto.dll
10:54:29.0064 6108 RasAuto - ok
10:54:29.0111 6108 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
10:54:29.0111 6108 Rasl2tp - ok
10:54:29.0236 6108 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\windows\System32\rasmans.dll
10:54:29.0314 6108 RasMan - ok
10:54:29.0439 6108 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
10:54:29.0454 6108 RasPppoe - ok
10:54:29.0517 6108 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
10:54:29.0532 6108 RasSstp - ok
10:54:29.0595 6108 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
10:54:29.0610 6108 rdbss - ok
10:54:29.0657 6108 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\windows\system32\drivers\rdpbus.sys
10:54:29.0657 6108 rdpbus - ok
10:54:29.0719 6108 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
10:54:29.0735 6108 RDPCDD - ok
10:54:29.0782 6108 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
10:54:29.0797 6108 RDPENCDD - ok
10:54:29.0891 6108 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
10:54:29.0907 6108 RDPREFMP - ok
10:54:29.0953 6108 [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
10:54:29.0969 6108 RdpVideoMiniport - ok
10:54:30.0031 6108 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
10:54:30.0047 6108 RDPWD - ok
10:54:30.0094 6108 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
10:54:30.0141 6108 rdyboost - ok
10:54:30.0203 6108 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\windows\System32\mprdim.dll
10:54:30.0234 6108 RemoteAccess - ok
10:54:30.0281 6108 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\windows\system32\regsvc.dll
10:54:30.0359 6108 RemoteRegistry - ok
10:54:30.0406 6108 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
10:54:30.0421 6108 RFCOMM - ok
10:54:30.0453 6108 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
10:54:30.0484 6108 RpcEptMapper - ok
10:54:30.0531 6108 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\windows\system32\locator.exe
10:54:30.0546 6108 RpcLocator - ok
10:54:30.0655 6108 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\windows\system32\rpcss.dll
10:54:30.0718 6108 RpcSs - ok
10:54:30.0811 6108 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
10:54:30.0811 6108 rspndr - ok
10:54:30.0858 6108 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\windows\system32\lsass.exe
10:54:30.0874 6108 SamSs - ok
10:54:30.0905 6108 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\windows\system32\drivers\sbp2port.sys
10:54:30.0921 6108 sbp2port - ok
10:54:31.0014 6108 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\windows\System32\SCardSvr.dll
10:54:31.0061 6108 SCardSvr - ok
10:54:31.0108 6108 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
10:54:31.0108 6108 scfilter - ok
10:54:31.0217 6108 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\windows\system32\schedsvc.dll
10:54:31.0311 6108 Schedule - ok
10:54:31.0373 6108 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\windows\System32\certprop.dll
10:54:31.0389 6108 SCPolicySvc - ok
10:54:31.0467 6108 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\windows\System32\SDRSVC.dll
10:54:31.0513 6108 SDRSVC - ok
10:54:31.0607 6108 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\windows\system32\drivers\secdrv.sys
10:54:31.0623 6108 secdrv - ok
10:54:31.0669 6108 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\windows\system32\seclogon.dll
10:54:31.0716 6108 seclogon - ok
10:54:31.0763 6108 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\windows\System32\sens.dll
10:54:31.0794 6108 SENS - ok
10:54:31.0857 6108 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\windows\system32\drivers\serenum.sys
10:54:31.0857 6108 Serenum - ok
10:54:31.0903 6108 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\windows\system32\drivers\serial.sys
10:54:31.0919 6108 Serial - ok
10:54:31.0935 6108 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\windows\system32\drivers\sermouse.sys
10:54:31.0950 6108 sermouse - ok
10:54:32.0059 6108 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\windows\system32\sessenv.dll
10:54:32.0091 6108 SessionEnv - ok
10:54:32.0137 6108 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\windows\system32\drivers\sffdisk.sys
10:54:32.0153 6108 sffdisk - ok
10:54:32.0184 6108 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
10:54:32.0184 6108 sffp_mmc - ok
10:54:32.0215 6108 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
10:54:32.0215 6108 sffp_sd - ok
10:54:32.0247 6108 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
10:54:32.0247 6108 sfloppy - ok
10:54:32.0403 6108 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\windows\System32\ipnathlp.dll
10:54:32.0434 6108 SharedAccess - ok
10:54:32.0590 6108 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\windows\System32\shsvcs.dll
10:54:32.0652 6108 ShellHWDetection - ok
10:54:32.0699 6108 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\windows\system32\drivers\sisagp.sys
10:54:32.0715 6108 sisagp - ok
10:54:32.0761 6108 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
10:54:32.0761 6108 SiSRaid2 - ok
10:54:32.0808 6108 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
10:54:32.0824 6108 SiSRaid4 - ok
10:54:33.0276 6108 [ 73E3B5D1F1EB5FDC51A5C3437EEE3348 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
10:54:33.0463 6108 Skype C2C Service - ok
10:54:33.0588 6108 [ 3E587DBBDFF938DDE5D4CE4047BE9041 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
10:54:33.0604 6108 SkypeUpdate - ok
10:54:33.0666 6108 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\windows\system32\DRIVERS\smb.sys
10:54:33.0666 6108 Smb - ok
10:54:33.0791 6108 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\windows\System32\snmptrap.exe
10:54:33.0869 6108 SNMPTRAP - ok
10:54:33.0947 6108 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\windows\system32\drivers\spldr.sys
10:54:33.0963 6108 spldr - ok
10:54:34.0056 6108 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\windows\System32\spoolsv.exe
10:54:34.0150 6108 Spooler - ok
10:54:34.0353 6108 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\windows\system32\sppsvc.exe
10:54:34.0524 6108 sppsvc - ok
10:54:34.0618 6108 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\windows\system32\sppuinotify.dll
10:54:34.0649 6108 sppuinotify - ok
10:54:34.0727 6108 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\windows\system32\DRIVERS\srv.sys
10:54:34.0743 6108 srv - ok
10:54:34.0883 6108 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\windows\system32\DRIVERS\srv2.sys
10:54:34.0930 6108 srv2 - ok
10:54:35.0008 6108 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
10:54:35.0023 6108 srvnet - ok
10:54:35.0086 6108 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
10:54:35.0117 6108 SSDPSRV - ok
10:54:35.0538 6108 [ E855AC5D4B09F651CE96415C557FF92D ] ssinstall C:\windows\System32\ssins.exe
10:54:35.0694 6108 ssinstall - ok
10:54:35.0803 6108 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\windows\system32\sstpsvc.dll
10:54:35.0850 6108 SstpSvc - ok
10:54:35.0913 6108 [ 3F0164FBC0BD1ADBD02DF9759181451A ] ss_bbus C:\windows\system32\DRIVERS\ss_bbus.sys
10:54:35.0928 6108 ss_bbus - ok
10:54:36.0006 6108 [ B89D62206034E5FE573C80A24DD55675 ] ss_bmdfl C:\windows\system32\DRIVERS\ss_bmdfl.sys
10:54:36.0022 6108 ss_bmdfl - ok
10:54:36.0084 6108 [ 1ED0FCEA586FE2A416EE15196E5631DD ] ss_bmdm C:\windows\system32\DRIVERS\ss_bmdm.sys
10:54:36.0100 6108 ss_bmdm - ok
10:54:36.0162 6108 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\windows\system32\drivers\stexstor.sys
10:54:36.0162 6108 stexstor - ok
10:54:36.0396 6108 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\windows\System32\wiaservc.dll
10:54:36.0474 6108 StiSvc - ok
10:54:36.0537 6108 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\windows\system32\DRIVERS\swenum.sys
10:54:36.0552 6108 swenum - ok
10:54:36.0630 6108 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\windows\System32\swprv.dll
10:54:36.0693 6108 swprv - ok
10:54:36.0942 6108 [ 4DB524DCD5CECE0349D9F8C3738DA0B2 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
10:54:37.0051 6108 SynTP - ok
10:54:37.0301 6108 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\windows\system32\sysmain.dll
10:54:37.0410 6108 SysMain - ok
10:54:37.0519 6108 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\windows\System32\TabSvc.dll
10:54:37.0551 6108 TabletInputService - ok
10:54:37.0613 6108 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\windows\System32\tapisrv.dll
10:54:37.0675 6108 TapiSrv - ok
10:54:37.0722 6108 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\windows\System32\tbssvc.dll
10:54:37.0769 6108 TBS - ok
10:54:38.0050 6108 [ CA59F7C570AF70BC174F477CFE2D9EE3 ] Tcpip C:\windows\system32\drivers\tcpip.sys
10:54:38.0175 6108 Tcpip - ok
10:54:38.0533 6108 [ CA59F7C570AF70BC174F477CFE2D9EE3 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
10:54:38.0580 6108 TCPIP6 - ok
10:54:38.0814 6108 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
10:54:39.0001 6108 tcpipreg - ok
10:54:39.0204 6108 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
10:54:39.0204 6108 TDPIPE - ok
10:54:39.0235 6108 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
10:54:39.0251 6108 TDTCP - ok
10:54:39.0345 6108 [ B459575348C20E8121D6039DA063C704 ] tdx C:\windows\system32\DRIVERS\tdx.sys
10:54:39.0360 6108 tdx - ok
10:54:39.0407 6108 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
10:54:39.0423 6108 TermDD - ok
10:54:39.0532 6108 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\windows\System32\termsrv.dll
10:54:39.0625 6108 TermService - ok
10:54:39.0672 6108 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\windows\system32\themeservice.dll
10:54:39.0719 6108 Themes - ok
10:54:39.0828 6108 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\windows\system32\mmcss.dll
10:54:39.0859 6108 THREADORDER - ok
10:54:40.0156 6108 [ E5EFD1068D24F9F052A027CAFED3AA5A ] TiMiniService C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
10:54:40.0203 6108 TiMiniService - ok
10:54:40.0249 6108 [ DE87A23D2DDC7378D1C7AB681E20DE47 ] tmactmon C:\windows\system32\DRIVERS\tmactmon.sys
10:54:40.0265 6108 tmactmon - ok
10:54:40.0327 6108 [ 540C2B5DC47651C572C2804DC72FDDA8 ] tmcomm C:\windows\system32\DRIVERS\tmcomm.sys
10:54:40.0343 6108 tmcomm - ok
10:54:40.0421 6108 [ 2DE1FA64EBAFF376F2C038F64492F62C ] tmevtmgr C:\windows\system32\DRIVERS\tmevtmgr.sys
10:54:40.0437 6108 tmevtmgr - ok
10:54:40.0671 6108 [ 5A61679B2277B9AD550E30479A69503B ] tmtdi C:\windows\system32\DRIVERS\tmtdi.sys
10:54:40.0702 6108 tmtdi - ok
10:54:40.0764 6108 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\windows\System32\trkwks.dll
10:54:40.0811 6108 TrkWks - ok
10:54:40.0889 6108 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
10:54:40.0905 6108 TrustedInstaller - ok
10:54:41.0029 6108 [ B37B08F2E5EEB1A37E448E09BACE1101 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
10:54:41.0029 6108 tssecsrv - ok
10:54:41.0201 6108 [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
10:54:41.0217 6108 TsUsbFlt - ok
10:54:41.0310 6108 [ 57C527AF84748B5C2F5178C499C0B81F ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
10:54:41.0326 6108 TsUsbGD - ok
10:54:41.0451 6108 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
10:54:41.0466 6108 tunnel - ok
10:54:41.0513 6108 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\windows\system32\drivers\uagp35.sys
10:54:41.0529 6108 uagp35 - ok
10:54:41.0591 6108 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\windows\system32\DRIVERS\udfs.sys
10:54:41.0622 6108 udfs - ok
10:54:41.0716 6108 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\windows\system32\UI0Detect.exe
10:54:41.0763 6108 UI0Detect - ok
10:54:41.0794 6108 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
10:54:41.0809 6108 uliagpkx - ok
10:54:41.0872 6108 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\windows\system32\DRIVERS\umbus.sys
10:54:41.0887 6108 umbus - ok
10:54:41.0934 6108 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\windows\system32\drivers\umpass.sys
10:54:41.0950 6108 UmPass - ok
10:54:42.0043 6108 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\windows\System32\upnphost.dll
10:54:42.0121 6108 upnphost - ok
10:54:42.0168 6108 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
10:54:42.0184 6108 usbccgp - ok
10:54:42.0246 6108 [ 2352AB5F9F8F097BF9D41D5A4718A041 ] usbcir C:\windows\system32\drivers\usbcir.sys
10:54:42.0262 6108 usbcir - ok
10:54:42.0324 6108 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
10:54:42.0340 6108 usbehci - ok
10:54:42.0387 6108 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
10:54:42.0543 6108 usbhub - ok
10:54:42.0667 6108 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\windows\system32\drivers\usbohci.sys
10:54:42.0683 6108 usbohci - ok
10:54:42.0855 6108 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
10:54:42.0870 6108 usbprint - ok
10:54:43.0042 6108 [ FC6B21DB4B5B398AB93DBE59CBF11036 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
10:54:43.0057 6108 usbscan - ok
10:54:43.0104 6108 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
10:54:43.0120 6108 USBSTOR - ok
10:54:43.0213 6108 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\windows\system32\DRIVERS\usbuhci.sys
10:54:43.0229 6108 usbuhci - ok
10:54:43.0401 6108 [ DE014425522610BEDCA3821BB8C0F1D5 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
10:54:43.0416 6108 usbvideo - ok
10:54:43.0479 6108 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\windows\System32\uxsms.dll
10:54:43.0525 6108 UxSms - ok
10:54:43.0588 6108 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\windows\system32\lsass.exe
10:54:43.0603 6108 VaultSvc - ok
10:54:43.0666 6108 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
10:54:43.0681 6108 vdrvroot - ok
10:54:43.0775 6108 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\windows\System32\vds.exe
10:54:43.0853 6108 vds - ok
10:54:44.0071 6108 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
10:54:44.0087 6108 vga - ok
10:54:44.0196 6108 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\windows\System32\drivers\vga.sys
10:54:44.0212 6108 VgaSave - ok
10:54:44.0290 6108 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\windows\system32\drivers\vhdmp.sys
10:54:44.0305 6108 vhdmp - ok
10:54:44.0524 6108 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\windows\system32\drivers\viaagp.sys
10:54:44.0539 6108 viaagp - ok
10:54:44.0586 6108 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\windows\system32\drivers\viac7.sys
10:54:44.0602 6108 ViaC7 - ok
10:54:44.0649 6108 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\windows\system32\drivers\viaide.sys
10:54:44.0649 6108 viaide - ok
10:54:44.0742 6108 [ C37CE43FB54066FFB540729C6E6E194E ] VideAceWindowsService C:\ExpressGateUtil\VAWinService.exe
10:54:44.0742 6108 VideAceWindowsService - ok
10:54:44.0820 6108 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\windows\system32\drivers\volmgr.sys
10:54:44.0820 6108 volmgr - ok
10:54:44.0914 6108 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\windows\system32\drivers\volmgrx.sys
10:54:44.0945 6108 volmgrx - ok
10:54:45.0023 6108 [ C37AEE5966EB5929E2051AC7409B5730 ] volsnap C:\windows\system32\drivers\volsnap.sys
10:54:45.0054 6108 volsnap - ok
10:54:45.0163 6108 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
10:54:45.0304 6108 vsmraid - ok
10:54:45.0538 6108 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\windows\system32\vssvc.exe
10:54:45.0772 6108 VSS - ok
10:54:45.0819 6108 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
10:54:45.0834 6108 vwifibus - ok
10:54:45.0897 6108 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
10:54:45.0912 6108 vwififlt - ok
10:54:46.0021 6108 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\windows\system32\w32time.dll
10:54:46.0146 6108 W32Time - ok
10:54:46.0255 6108 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\windows\system32\drivers\wacompen.sys
10:54:46.0271 6108 WacomPen - ok
10:54:46.0333 6108 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
10:54:46.0349 6108 WANARP - ok
10:54:46.0365 6108 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
10:54:46.0380 6108 Wanarpv6 - ok
10:54:46.0614 6108 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\windows\system32\wbengine.exe
10:54:46.0739 6108 wbengine - ok
10:54:46.0817 6108 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
10:54:46.0879 6108 WbioSrvc - ok
10:54:47.0020 6108 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\windows\System32\wcncsvc.dll
10:54:47.0238 6108 wcncsvc - ok
10:54:47.0316 6108 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
10:54:47.0363 6108 WcsPlugInService - ok
10:54:47.0613 6108 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\windows\system32\drivers\wd.sys
10:54:47.0613 6108 Wd - ok
10:54:47.0847 6108 [ 25944D2CC49E0A6C581D02A74B7D6645 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
10:54:47.0987 6108 Wdf01000 - ok
10:54:48.0034 6108 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\windows\system32\wdi.dll
10:54:48.0081 6108 WdiServiceHost - ok
10:54:48.0112 6108 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\windows\system32\wdi.dll
10:54:48.0159 6108 WdiSystemHost - ok
10:54:48.0221 6108 [ 75E8EBD7040CE238684333F97014762A ] WebClient C:\windows\System32\webclnt.dll
10:54:48.0268 6108 WebClient - ok
10:54:48.0439 6108 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\windows\system32\wecsvc.dll
10:54:48.0486 6108 Wecsvc - ok
10:54:48.0533 6108 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\windows\System32\wercplsupport.dll
10:54:48.0580 6108 wercplsupport - ok
10:54:48.0642 6108 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\windows\System32\WerSvc.dll
10:54:48.0673 6108 WerSvc - ok
10:54:48.0736 6108 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
10:54:48.0736 6108 WfpLwf - ok
10:54:48.0783 6108 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\windows\system32\drivers\wimmount.sys
10:54:48.0783 6108 WIMMount - ok
10:54:49.0141 6108 [ 082CF481F659FAE0DE51AD060881EB47 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
10:54:49.0360 6108 WinDefend - ok
10:54:49.0422 6108 WinHttpAutoProxySvc - ok
10:54:49.0594 6108 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
10:54:49.0609 6108 Winmgmt - ok
10:54:49.0828 6108 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\windows\system32\WsmSvc.dll
10:54:49.0953 6108 WinRM - ok
10:54:50.0077 6108 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
10:54:50.0077 6108 WinUsb - ok
10:54:50.0233 6108 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\windows\System32\wlansvc.dll
10:54:50.0358 6108 Wlansvc - ok
10:54:50.0499 6108 [ 6067ACEF367E79914AF628FA1E9B5330 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
10:54:50.0530 6108 wlcrasvc - ok
10:54:51.0029 6108 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:54:51.0107 6108 wlidsvc - ok
10:54:51.0154 6108 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys
10:54:51.0154 6108 WmiAcpi - ok
10:54:51.0310 6108 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
10:54:51.0325 6108 wmiApSrv - ok
10:54:51.0559 6108 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
10:54:51.0637 6108 WMPNetworkSvc - ok
10:54:51.0700 6108 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\windows\System32\wpcsvc.dll
10:54:51.0731 6108 WPCSvc - ok
10:54:51.0762 6108 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
10:54:51.0809 6108 WPDBusEnum - ok
10:54:51.0887 6108 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
10:54:51.0887 6108 ws2ifsl - ok
10:54:51.0981 6108 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\windows\System32\wscsvc.dll
10:54:52.0012 6108 wscsvc - ok
10:54:52.0043 6108 WSearch - ok
10:54:52.0433 6108 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\windows\system32\wuaueng.dll
10:54:52.0527 6108 wuauserv - ok
10:54:52.0573 6108 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
10:54:52.0573 6108 WudfPf - ok
10:54:52.0605 6108 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
10:54:52.0620 6108 WUDFRd - ok
10:54:52.0651 6108 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\windows\System32\WUDFSvc.dll
10:54:52.0683 6108 wudfsvc - ok
10:54:52.0714 6108 [ 3C5E51C05BE9B56EAFF4E388C3AB25E4 ] WwanSvc C:\windows\System32\wwansvc.dll
10:54:52.0761 6108 WwanSvc - ok
10:54:52.0807 6108 ================ Scan global ===============================
10:54:52.0885 6108 [ DAB748AE0439955ED2FA22357533DDDB ] C:\windows\system32\basesrv.dll
10:54:52.0948 6108 [ 51BB04243DF6196C06E125898127E397 ] C:\windows\system32\winsrv.dll
10:54:52.0979 6108 [ 51BB04243DF6196C06E125898127E397 ] C:\windows\system32\winsrv.dll
10:54:53.0041 6108 [ 364455805E64882844EE9ACB72522830 ] C:\windows\system32\sxssrv.dll
10:54:53.0104 6108 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\windows\system32\services.exe
10:54:53.0135 6108 [Global] - ok
10:54:53.0135 6108 ================ Scan MBR ==================================
10:54:53.0151 6108 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:54:57.0550 6108 \Device\Harddisk0\DR0 - ok
10:54:57.0565 6108 ================ Scan VBR ==================================
10:54:57.0612 6108 [ C4261563CC553AC3C34F6528267C6C8E ] \Device\Harddisk0\DR0\Partition1
10:54:57.0612 6108 \Device\Harddisk0\DR0\Partition1 - ok
10:54:57.0675 6108 [ 5227DB24F17502F97DBE952E1B66BC39 ] \Device\Harddisk0\DR0\Partition2
10:54:57.0675 6108 \Device\Harddisk0\DR0\Partition2 - ok
10:54:57.0690 6108 ============================================================
10:54:57.0690 6108 Scan finished
10:54:57.0690 6108 ============================================================
10:54:58.0611 4608 Detected object count: 0
10:54:58.0611 4608 Actual detected object count: 0
Odesláno pravděpodobně z PC, pokud ne, tak z jiného zařízení.
Re: Prosím o kontrolu logu - seká se notebook
Tady je log z RogueKiller:
RogueKiller V8.7.5 [Oct 22 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Jana [Práva správce]
Mód : Kontrola -- Datum : 10/27/2013 13:00:29
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 6 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
¤¤¤ naplánované úlohy : 0 ¤¤¤
¤¤¤ spuštění položky : 0 ¤¤¤
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] SSDT[70] : NtCreateKey @ 0x81E12009 -> HOOKED (Unknown @ 0x87EC1B80)
[Address] SSDT[74] : NtCreateMutant @ 0x81E2135A -> HOOKED (Unknown @ 0x87EC8AE0)
[Address] SSDT[79] : NtCreateProcess @ 0x81EED1D1 -> HOOKED (Unknown @ 0x87EC0680)
[Address] SSDT[80] : NtCreateProcessEx @ 0x81EED21C -> HOOKED (Unknown @ 0x87EC0980)
[Address] SSDT[86] : NtCreateSymbolicLinkObject @ 0x81E129D4 -> HOOKED (Unknown @ 0x87EC8EA0)
[Address] SSDT[87] : NtCreateThread @ 0x81EECFDA -> HOOKED (Unknown @ 0x87EC8420)
[Address] SSDT[88] : NtCreateThreadEx @ 0x81E814AB -> HOOKED (Unknown @ 0x87EC8600)
[Address] SSDT[93] : NtCreateUserProcess @ 0x81E7F3DD -> HOOKED (Unknown @ 0x87EC0C80)
[Address] SSDT[103] : NtDeleteKey @ 0x81DFCA58 -> HOOKED (Unknown @ 0x87EC2180)
[Address] SSDT[106] : NtDeleteValueKey @ 0x81DEE461 -> HOOKED (Unknown @ 0x87EC2A80)
[Address] SSDT[111] : NtDuplicateObject @ 0x81E42761 -> HOOKED (Unknown @ 0x87EC9080)
[Address] SSDT[190] : NtOpenProcess @ 0x81E22BA1 -> HOOKED (Unknown @ 0x87EC0F80)
[Address] SSDT[194] : NtOpenSection @ 0x81E7A9FB -> HOOKED (Unknown @ 0x87EC2FC0)
[Address] SSDT[198] : NtOpenThread @ 0x81E6F102 -> HOOKED (Unknown @ 0x87EC1280)
[Address] SSDT[290] : NtRenameKey @ 0x81EAD0EB -> HOOKED (Unknown @ 0x87EC2480)
[Address] SSDT[302] : NtRestoreKey @ 0x81EA2CA2 -> HOOKED (Unknown @ 0x87EC2780)
[Address] SSDT[350] : NtSetSystemInformation @ 0x81E5F37A -> HOOKED (Unknown @ 0x87EC8CC0)
[Address] SSDT[358] : NtSetValueKey @ 0x81E1B606 -> HOOKED (Unknown @ 0x87EC1E80)
[Address] SSDT[371] : NtTerminateThread @ 0x81E896CB -> HOOKED (Unknown @ 0x87EC1880)
[Inline] EAT @explorer.exe (?mg_csMapLock@CWinMsgEvent@@0VCCritSec@@A) : framedynos.dll -> HOOKED (C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll @ 0x701CC803)
¤¤¤ Externí včelstvo: ¤¤¤
¤¤¤ Nákaza : ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST9320325AS +++++
--- User ---
[MBR] 08824852bcacf7ad50f0a606645b04b6
[BSP] 157c58985a93fe14dfea6f66166b01ab : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 102400 Mo
1 - [XXXXXX] FAT32 (0x1b) [HIDDEN!] Offset (sectors): 209717248 | Size: 15360 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 241174528 | Size: 187468 Mo
3 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 625108992 | Size: 16 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[0]_S_10272013_130029.txt >>
RogueKiller V8.7.5 [Oct 22 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Jana [Práva správce]
Mód : Kontrola -- Datum : 10/27/2013 13:00:29
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 6 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
¤¤¤ naplánované úlohy : 0 ¤¤¤
¤¤¤ spuštění položky : 0 ¤¤¤
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] SSDT[70] : NtCreateKey @ 0x81E12009 -> HOOKED (Unknown @ 0x87EC1B80)
[Address] SSDT[74] : NtCreateMutant @ 0x81E2135A -> HOOKED (Unknown @ 0x87EC8AE0)
[Address] SSDT[79] : NtCreateProcess @ 0x81EED1D1 -> HOOKED (Unknown @ 0x87EC0680)
[Address] SSDT[80] : NtCreateProcessEx @ 0x81EED21C -> HOOKED (Unknown @ 0x87EC0980)
[Address] SSDT[86] : NtCreateSymbolicLinkObject @ 0x81E129D4 -> HOOKED (Unknown @ 0x87EC8EA0)
[Address] SSDT[87] : NtCreateThread @ 0x81EECFDA -> HOOKED (Unknown @ 0x87EC8420)
[Address] SSDT[88] : NtCreateThreadEx @ 0x81E814AB -> HOOKED (Unknown @ 0x87EC8600)
[Address] SSDT[93] : NtCreateUserProcess @ 0x81E7F3DD -> HOOKED (Unknown @ 0x87EC0C80)
[Address] SSDT[103] : NtDeleteKey @ 0x81DFCA58 -> HOOKED (Unknown @ 0x87EC2180)
[Address] SSDT[106] : NtDeleteValueKey @ 0x81DEE461 -> HOOKED (Unknown @ 0x87EC2A80)
[Address] SSDT[111] : NtDuplicateObject @ 0x81E42761 -> HOOKED (Unknown @ 0x87EC9080)
[Address] SSDT[190] : NtOpenProcess @ 0x81E22BA1 -> HOOKED (Unknown @ 0x87EC0F80)
[Address] SSDT[194] : NtOpenSection @ 0x81E7A9FB -> HOOKED (Unknown @ 0x87EC2FC0)
[Address] SSDT[198] : NtOpenThread @ 0x81E6F102 -> HOOKED (Unknown @ 0x87EC1280)
[Address] SSDT[290] : NtRenameKey @ 0x81EAD0EB -> HOOKED (Unknown @ 0x87EC2480)
[Address] SSDT[302] : NtRestoreKey @ 0x81EA2CA2 -> HOOKED (Unknown @ 0x87EC2780)
[Address] SSDT[350] : NtSetSystemInformation @ 0x81E5F37A -> HOOKED (Unknown @ 0x87EC8CC0)
[Address] SSDT[358] : NtSetValueKey @ 0x81E1B606 -> HOOKED (Unknown @ 0x87EC1E80)
[Address] SSDT[371] : NtTerminateThread @ 0x81E896CB -> HOOKED (Unknown @ 0x87EC1880)
[Inline] EAT @explorer.exe (?mg_csMapLock@CWinMsgEvent@@0VCCritSec@@A) : framedynos.dll -> HOOKED (C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll @ 0x701CC803)
¤¤¤ Externí včelstvo: ¤¤¤
¤¤¤ Nákaza : ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST9320325AS +++++
--- User ---
[MBR] 08824852bcacf7ad50f0a606645b04b6
[BSP] 157c58985a93fe14dfea6f66166b01ab : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 102400 Mo
1 - [XXXXXX] FAT32 (0x1b) [HIDDEN!] Offset (sectors): 209717248 | Size: 15360 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 241174528 | Size: 187468 Mo
3 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 625108992 | Size: 16 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[0]_S_10272013_130029.txt >>
Odesláno pravděpodobně z PC, pokud ne, tak z jiného zařízení.
-
memphisto
- Guru Level 13
- Příspěvky: 21113
- Registrován: září 06
- Bydliště: Zlín - České Budějovice
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu - seká se notebook
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje "Smazání- Finished "
- Klikni na "Zprávy " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller
Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je oznaèen pro odstranění, stačí restartovat počítač.
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje "Smazání- Finished "
- Klikni na "Zprávy " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller
Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je oznaèen pro odstranění, stačí restartovat počítač.
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Re: Prosím o kontrolu logu - seká se notebook
LOG č.2 z rogue:
RogueKiller V8.7.5 [Oct 22 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Jana [Práva správce]
Mód : Odebrat -- Datum : 10/27/2013 13:50:36
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 6 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
¤¤¤ naplánované úlohy : 0 ¤¤¤
¤¤¤ spuštění položky : 0 ¤¤¤
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] SSDT[70] : NtCreateKey @ 0x81E12009 -> HOOKED (Unknown @ 0x87EC1B80)
[Address] SSDT[74] : NtCreateMutant @ 0x81E2135A -> HOOKED (Unknown @ 0x87EC8AE0)
[Address] SSDT[79] : NtCreateProcess @ 0x81EED1D1 -> HOOKED (Unknown @ 0x87EC0680)
[Address] SSDT[80] : NtCreateProcessEx @ 0x81EED21C -> HOOKED (Unknown @ 0x87EC0980)
[Address] SSDT[86] : NtCreateSymbolicLinkObject @ 0x81E129D4 -> HOOKED (Unknown @ 0x87EC8EA0)
[Address] SSDT[87] : NtCreateThread @ 0x81EECFDA -> HOOKED (Unknown @ 0x87EC8420)
[Address] SSDT[88] : NtCreateThreadEx @ 0x81E814AB -> HOOKED (Unknown @ 0x87EC8600)
[Address] SSDT[93] : NtCreateUserProcess @ 0x81E7F3DD -> HOOKED (Unknown @ 0x87EC0C80)
[Address] SSDT[103] : NtDeleteKey @ 0x81DFCA58 -> HOOKED (Unknown @ 0x87EC2180)
[Address] SSDT[106] : NtDeleteValueKey @ 0x81DEE461 -> HOOKED (Unknown @ 0x87EC2A80)
[Address] SSDT[111] : NtDuplicateObject @ 0x81E42761 -> HOOKED (Unknown @ 0x87EC9080)
[Address] SSDT[190] : NtOpenProcess @ 0x81E22BA1 -> HOOKED (Unknown @ 0x87EC0F80)
[Address] SSDT[194] : NtOpenSection @ 0x81E7A9FB -> HOOKED (Unknown @ 0x87EC2FC0)
[Address] SSDT[198] : NtOpenThread @ 0x81E6F102 -> HOOKED (Unknown @ 0x87EC1280)
[Address] SSDT[290] : NtRenameKey @ 0x81EAD0EB -> HOOKED (Unknown @ 0x87EC2480)
[Address] SSDT[302] : NtRestoreKey @ 0x81EA2CA2 -> HOOKED (Unknown @ 0x87EC2780)
[Address] SSDT[350] : NtSetSystemInformation @ 0x81E5F37A -> HOOKED (Unknown @ 0x87EC8CC0)
[Address] SSDT[358] : NtSetValueKey @ 0x81E1B606 -> HOOKED (Unknown @ 0x87EC1E80)
[Address] SSDT[371] : NtTerminateThread @ 0x81E896CB -> HOOKED (Unknown @ 0x87EC1880)
[Inline] EAT @explorer.exe (?mg_csMapLock@CWinMsgEvent@@0VCCritSec@@A) : framedynos.dll -> HOOKED (C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll @ 0x701CC803)
¤¤¤ Externí včelstvo: ¤¤¤
¤¤¤ Nákaza : ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST9320325AS +++++
--- User ---
[MBR] 08824852bcacf7ad50f0a606645b04b6
[BSP] 157c58985a93fe14dfea6f66166b01ab : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 102400 Mo
1 - [XXXXXX] FAT32 (0x1b) [HIDDEN!] Offset (sectors): 209717248 | Size: 15360 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 241174528 | Size: 187468 Mo
3 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 625108992 | Size: 16 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[0]_D_10272013_135036.txt >>
RKreport[0]_S_10272013_130029.txt;RKreport[0]_S_10272013_134928.txt
RogueKiller V8.7.5 [Oct 22 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Jana [Práva správce]
Mód : Odebrat -- Datum : 10/27/2013 13:50:36
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 6 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
¤¤¤ naplánované úlohy : 0 ¤¤¤
¤¤¤ spuštění položky : 0 ¤¤¤
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] SSDT[70] : NtCreateKey @ 0x81E12009 -> HOOKED (Unknown @ 0x87EC1B80)
[Address] SSDT[74] : NtCreateMutant @ 0x81E2135A -> HOOKED (Unknown @ 0x87EC8AE0)
[Address] SSDT[79] : NtCreateProcess @ 0x81EED1D1 -> HOOKED (Unknown @ 0x87EC0680)
[Address] SSDT[80] : NtCreateProcessEx @ 0x81EED21C -> HOOKED (Unknown @ 0x87EC0980)
[Address] SSDT[86] : NtCreateSymbolicLinkObject @ 0x81E129D4 -> HOOKED (Unknown @ 0x87EC8EA0)
[Address] SSDT[87] : NtCreateThread @ 0x81EECFDA -> HOOKED (Unknown @ 0x87EC8420)
[Address] SSDT[88] : NtCreateThreadEx @ 0x81E814AB -> HOOKED (Unknown @ 0x87EC8600)
[Address] SSDT[93] : NtCreateUserProcess @ 0x81E7F3DD -> HOOKED (Unknown @ 0x87EC0C80)
[Address] SSDT[103] : NtDeleteKey @ 0x81DFCA58 -> HOOKED (Unknown @ 0x87EC2180)
[Address] SSDT[106] : NtDeleteValueKey @ 0x81DEE461 -> HOOKED (Unknown @ 0x87EC2A80)
[Address] SSDT[111] : NtDuplicateObject @ 0x81E42761 -> HOOKED (Unknown @ 0x87EC9080)
[Address] SSDT[190] : NtOpenProcess @ 0x81E22BA1 -> HOOKED (Unknown @ 0x87EC0F80)
[Address] SSDT[194] : NtOpenSection @ 0x81E7A9FB -> HOOKED (Unknown @ 0x87EC2FC0)
[Address] SSDT[198] : NtOpenThread @ 0x81E6F102 -> HOOKED (Unknown @ 0x87EC1280)
[Address] SSDT[290] : NtRenameKey @ 0x81EAD0EB -> HOOKED (Unknown @ 0x87EC2480)
[Address] SSDT[302] : NtRestoreKey @ 0x81EA2CA2 -> HOOKED (Unknown @ 0x87EC2780)
[Address] SSDT[350] : NtSetSystemInformation @ 0x81E5F37A -> HOOKED (Unknown @ 0x87EC8CC0)
[Address] SSDT[358] : NtSetValueKey @ 0x81E1B606 -> HOOKED (Unknown @ 0x87EC1E80)
[Address] SSDT[371] : NtTerminateThread @ 0x81E896CB -> HOOKED (Unknown @ 0x87EC1880)
[Inline] EAT @explorer.exe (?mg_csMapLock@CWinMsgEvent@@0VCCritSec@@A) : framedynos.dll -> HOOKED (C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll @ 0x701CC803)
¤¤¤ Externí včelstvo: ¤¤¤
¤¤¤ Nákaza : ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST9320325AS +++++
--- User ---
[MBR] 08824852bcacf7ad50f0a606645b04b6
[BSP] 157c58985a93fe14dfea6f66166b01ab : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 102400 Mo
1 - [XXXXXX] FAT32 (0x1b) [HIDDEN!] Offset (sectors): 209717248 | Size: 15360 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 241174528 | Size: 187468 Mo
3 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 625108992 | Size: 16 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[0]_D_10272013_135036.txt >>
RKreport[0]_S_10272013_130029.txt;RKreport[0]_S_10272013_134928.txt
Odesláno pravděpodobně z PC, pokud ne, tak z jiného zařízení.
Re: Prosím o kontrolu logu - seká se notebook
Po dlouhém skenování je tu i log z Combofix:
ComboFix 13-10-26.01 - Jana 27.10.2013 14:09:41.1.4 - x86
Microsoft Windows 7 Starter 6.1.7601.1.1250.420.1029.18.1012.329 [GMT 1:00]
Spuštěný z: c:\users\Jana\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Trend Micro Titanium *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Trend Micro Titanium *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\frapsvid.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-09-27 do 2013-10-27 )))))))))))))))))))))))))))))))
.
.
2013-10-27 15:11 . 2013-10-27 15:11 -------- d-----w- c:\users\Guest\AppData\Local\temp
2013-10-27 15:11 . 2013-10-27 15:11 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-10-26 20:32 . 2013-10-26 20:32 -------- d-----w- c:\windows\ERUNT
2013-10-20 15:35 . 2013-10-20 15:35 -------- d-----w- c:\users\Jana\AppData\Roaming\Malwarebytes
2013-10-20 15:34 . 2013-10-20 15:34 -------- d-----w- c:\programdata\Malwarebytes
2013-10-20 15:34 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-10-20 15:34 . 2013-10-20 15:35 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-10-20 14:49 . 2013-10-20 15:21 -------- d-----w- C:\AdwCleaner
2013-10-17 18:19 . 2013-10-17 18:27 -------- d-----w- c:\windows\system32\MRT
2013-10-15 15:29 . 2013-10-15 15:29 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2013-10-15 15:22 . 2013-07-04 11:50 530432 ----a-w- c:\windows\system32\comctl32.dll
2013-10-15 15:22 . 2013-07-03 04:02 36352 ----a-w- c:\windows\system32\drivers\usbscan.sys
2013-10-15 15:22 . 2013-07-03 03:36 55808 ----a-w- c:\windows\system32\drivers\hidclass.sys
2013-10-15 15:22 . 2013-07-03 03:36 25728 ----a-w- c:\windows\system32\drivers\hidparse.sys
2013-10-15 15:22 . 2013-09-08 02:07 1294272 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-10-15 15:22 . 2013-09-08 02:03 231424 ----a-w- c:\windows\system32\mswsock.dll
2013-10-15 15:22 . 2013-09-14 00:48 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2013-10-15 15:20 . 2013-07-04 11:57 205824 ----a-w- c:\windows\system32\WebClnt.dll
2013-10-15 15:20 . 2013-07-04 11:51 81920 ----a-w- c:\windows\system32\davclnt.dll
2013-10-15 15:20 . 2013-07-04 09:48 115712 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2013-10-15 15:20 . 2013-07-12 10:08 146816 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2013-10-15 15:20 . 2013-07-12 10:07 86016 ----a-w- c:\windows\system32\drivers\usbcir.sys
2013-10-15 15:20 . 2013-06-25 22:56 527064 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-10-15 15:06 . 2013-10-15 15:06 17813896 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2013-10-09 09:58 . 2013-10-09 09:58 4879744 ----a-w- c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2013-10-09 09:58 . 2013-10-09 09:58 4879744 ----a-w- c:\program files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-15 15:06 . 2012-08-18 11:06 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-10-15 15:06 . 2012-08-18 11:06 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-07 15:33 . 2012-12-08 10:24 2324216 ----a-w- c:\windows\system32\ssins.exe
2013-09-25 13:55 . 2013-09-25 13:55 388096 ----a-r- c:\users\Jana\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-09-13 15:57 . 2013-09-13 15:57 745472 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-09-13 15:57 . 2013-09-13 15:57 185344 ----a-w- c:\windows\system32\elshyph.dll
2013-09-13 15:57 . 2013-09-13 15:57 158720 ----a-w- c:\windows\system32\msls31.dll
2013-09-13 15:57 . 2013-09-13 15:57 138752 ----a-w- c:\windows\system32\wextract.exe
2013-09-13 15:57 . 2013-09-13 15:57 523264 ----a-w- c:\windows\system32\vbscript.dll
2013-09-13 15:57 . 2013-09-13 15:57 150528 ----a-w- c:\windows\system32\iexpress.exe
2013-09-13 15:57 . 2013-09-13 15:57 137216 ----a-w- c:\windows\system32\ieUnatt.exe
2013-09-13 15:57 . 2013-09-13 15:57 38400 ----a-w- c:\windows\system32\imgutil.dll
2013-09-13 15:57 . 2013-09-13 15:57 12800 ----a-w- c:\windows\system32\mshta.exe
2013-09-13 15:57 . 2013-09-13 15:57 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-09-13 15:57 . 2013-09-13 15:57 73728 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-09-13 15:57 . 2013-09-13 15:57 61952 ----a-w- c:\windows\system32\tdc.ocx
2013-09-13 15:57 . 2013-09-13 15:57 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-09-13 15:57 . 2013-09-13 15:57 719360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-09-13 15:57 . 2013-09-13 15:57 361984 ----a-w- c:\windows\system32\html.iec
2013-09-13 15:57 . 2013-09-13 15:57 23040 ----a-w- c:\windows\system32\licmgr10.dll
2013-09-13 15:57 . 2013-09-13 15:57 204800 ----a-w- c:\windows\system32\webcheck.dll
2013-09-13 15:57 . 2013-09-13 15:57 1441280 ----a-w- c:\windows\system32\inetcpl.cpl
2013-09-13 15:49 . 2013-09-13 15:49 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-09-13 15:49 . 2013-09-13 15:49 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-09-13 15:49 . 2013-09-13 15:49 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-09-13 15:49 . 2013-09-13 15:49 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-09-13 15:49 . 2013-09-13 15:49 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-09-13 15:49 . 2013-09-13 15:49 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-09-13 15:49 . 2013-09-13 15:49 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-09-13 15:49 . 2013-09-13 15:49 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-09-13 15:49 . 2013-09-13 15:49 906240 ----a-w- c:\windows\system32\FntCache.dll
2013-09-13 15:49 . 2013-09-13 15:49 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2013-09-13 15:49 . 2013-09-13 15:49 364544 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-09-13 15:49 . 2013-09-13 15:49 2284544 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2013-09-13 15:49 . 2013-09-13 15:49 220160 ----a-w- c:\windows\system32\d3d10core.dll
2013-09-13 15:49 . 2013-09-13 15:49 1158144 ----a-w- c:\windows\system32\XpsPrint.dll
2013-09-13 15:49 . 2013-09-13 15:49 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-09-13 15:49 . 2013-09-13 15:49 604160 ----a-w- c:\windows\system32\d3d10level9.dll
2013-09-13 15:49 . 2013-09-13 15:49 3419136 ----a-w- c:\windows\system32\d2d1.dll
2013-09-13 15:49 . 2013-09-13 15:49 293376 ----a-w- c:\windows\system32\dxgi.dll
2013-09-13 15:49 . 2013-09-13 15:49 249856 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-09-13 15:49 . 2013-09-13 15:49 207872 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-09-13 15:49 . 2013-09-13 15:49 1988096 ----a-w- c:\windows\system32\d3d10warp.dll
2013-09-13 15:49 . 2013-09-13 15:49 187392 ----a-w- c:\windows\system32\UIAnimation.dll
2013-09-13 15:49 . 2013-09-13 15:49 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2013-09-13 15:49 . 2013-09-13 15:49 1080832 ----a-w- c:\windows\system32\d3d10.dll
2013-09-13 15:33 . 2013-09-13 15:33 1505280 ----a-w- c:\windows\system32\d3d11.dll
2013-08-05 01:56 . 2013-09-13 16:04 133056 ----a-w- c:\windows\system32\drivers\ataport.sys
2013-08-02 01:50 . 2013-09-13 15:32 169984 ----a-w- c:\windows\system32\winsrv.dll
2013-08-02 01:49 . 2013-09-13 15:32 293376 ----a-w- c:\windows\system32\KernelBase.dll
2013-08-02 01:48 . 2013-09-13 15:32 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 4096 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3584 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-08-02 00:52 . 2013-09-13 15:32 271360 ----a-w- c:\windows\system32\conhost.exe
2013-08-02 00:43 . 2013-09-13 15:32 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 00:43 . 2013-09-13 15:32 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 00:43 . 2013-09-13 15:32 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-08-02 00:43 . 2013-09-13 15:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-11-29 08:26 . 2012-12-08 07:39 262112 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 23:32 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{CC5FC992-B0AA-47CD-9DC2-83445083CBB8}"
[HKEY_CLASSES_ROOT\CLSID\{CC5FC992-B0AA-47CD-9DC2-83445083CBB8}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{618A47A2-528B-4D9A-AFC8-97D3233511E2}"
[HKEY_CLASSES_ROOT\CLSID\{618A47A2-528B-4D9A-AFC8-97D3233511E2}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 6"="c:\program files\IObit\Advanced SystemCare 6\ASCTray.exe" [2012-09-24 490880]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728]
"Facebook Update"="c:\users\Jana\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-12-28 138096]
"Jet Screenshot"="c:\program files\Jet Screenshot\jetScreenshot.exe" [2013-01-11 1954056]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-06-21 19875432]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GfxServiceInstall"="c:\windows\system32\GfxCUIServiceInstall.vbs" [2012-06-27 131]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-12-19 41208]
"HotkeyMon"="AsusSender.exe" [2012-01-05 34728]
"HotkeyService"="AsusSender.exe" [2012-01-05 34728]
"SuperHybridEngine"="AsusSender.exe" [2012-01-05 34728]
"LiveUpdate"="AsusSender.exe" [2012-01-05 34728]
"CapsHook"="AsusSender.exe" [2012-01-05 34728]
"ASUSWebStorage"="c:\program files\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe" [2011-07-29 737104]
"VizorHtmlDialog.exe"="c:\program files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" [2010-10-08 1123664]
"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2010-10-12 112632]
"Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\VizorShortCut.exe" [2010-10-20 218448]
"VAWinAgent"="c:\expressgateutil\VAWinAgent.exe" [2012-01-12 45448]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-07-04 142144]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-07-04 175936]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-07-04 168256]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-09-02 10828392]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2011-05-05 2262312]
"ASUSPRP"="c:\program files\ASUS\APRP\APRP.EXE" [2012-08-18 3331312]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"WebcamMaxMoniter"="c:\program files\WebcamMax\wcmmon.exe" [2007-08-01 450048]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files\Asus\AsusVibe\AsusVibeLauncher.exe /start [2012-8-18 549040]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-5-21 828704]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-06-21 162408]
R3 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]
R3 aswVmm;aswVmm; [x]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-05-21 293928]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-05-21 33320]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2013-01-20 14848]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 98432]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 14848]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 123648]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-01-20 49664]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2013-01-20 27136]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 aswRvrt;aswRvrt; [x]
S1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [2010-08-03 11832]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-12-08 242240]
S1 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [2010-09-17 64080]
S2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files\IObit\Advanced SystemCare 6\ASCService.exe [2012-10-31 464256]
S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files\ASUS\InstantOn for EPC\InsOnSrv.exe [2011-12-01 92800]
S2 AsusService;Asus Launcher Service;c:\windows\system32\AsusService.exe [2012-01-11 224680]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-03-06 66336]
S2 CamthWDM;WebcamMax, WDM Video Capture;c:\windows\system32\DRIVERS\CamthWDM.sys [2007-01-11 243584]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-09 3275136]
S2 ssinstall;SInstalátor;c:\windows\System32\ssins.exe [2013-10-07 2324216]
S2 TiMiniService;TiMiniService;c:\program files\Trend Micro\Titanium\TiMiniService.exe [2010-09-17 161104]
S2 VideAceWindowsService;VideAceWindowsService;c:\expressgateutil\VAWinService.exe [2011-03-26 91464]
S3 igddim32;igddim32;c:\windows\system32\DRIVERS\igddim32.sys [2012-06-27 1349120]
S3 igdkmd32;igdkmd32;c:\windows\system32\DRIVERS\igdkmd32.sys [2012-06-27 435200]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-06-09 278528]
S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [2011-11-01 91760]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 22856]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-10-19 19:31 1185744 ----a-w- c:\program files\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-10-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-18 15:06]
.
2013-10-27 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2982817381-1060741672-405086574-1000Core.job
- c:\users\Jana\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-28 13:44]
.
2013-10-27 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2982817381-1060741672-405086574-1000UA.job
- c:\users\Jana\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-28 13:44]
.
2013-10-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-04-28 10:58]
.
2013-10-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-04-28 10:58]
.
2013-10-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2982817381-1060741672-405086574-1000Core.job
- c:\users\Jana\AppData\Local\Google\Update\GoogleUpdate.exe [2013-05-12 16:04]
.
2013-10-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2982817381-1060741672-405086574-1000UA.job
- c:\users\Jana\AppData\Local\Google\Update\GoogleUpdate.exe [2013-05-12 16:04]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MIF5BA~1\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\mvo7k138.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{8E5E2654-AD2D-48BF-AC2D-D17F00898D06}"=hex:51,66,7a,6c,4c,1d,38,12,3a,25,4d,
8a,1f,e3,d1,0d,d3,3b,92,3f,05,d7,c9,12
"{9E35E959-D723-4B5F-9207-2A94F8AB9068}"=hex:51,66,7a,6c,4c,1d,38,12,37,ea,26,
9a,11,99,31,0e,ed,11,69,d4,fd,f5,d4,7c
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{1CA1377B-DC1D-4A52-9585-6E06050FAC53}"=hex:51,66,7a,6c,4c,1d,38,12,15,34,b2,
18,2f,92,3c,0f,ea,93,2d,46,00,51,e8,47
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,38,12,07,5b,93,
aa,6e,60,ba,0b,f0,6d,b2,b7,80,44,00,83
"{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}"=hex:51,66,7a,6c,4c,1d,38,12,93,b9,bf,
bf,6c,b4,17,05,f4,25,43,ab,9a,4d,90,b8
"{D381FF29-7CFB-4D4E-B92A-C4EDDC696614}"=hex:51,66,7a,6c,4c,1d,38,12,47,fc,92,
d7,c9,32,20,08,c6,3c,87,ad,d9,37,22,00
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,
fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17
"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,
b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:0e,32,02,52,ac,b0,ce,01
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(4980)
c:\progra~1\ASUS\ASUSWE~1\30108~1.222\ASUSWS~1.DLL
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
c:\windows\system32\taskhost.exe
c:\program files\IObit\Advanced SystemCare 6\Monitor.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files\Trend Micro\Titanium\TiResumeSrv.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\ASUS\InstantOn for EPC\InsOnWMI.exe
c:\windows\system32\conhost.exe
c:\windows\system32\UI0Detect.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\conhost.exe
c:\windows\system32\cscript.exe
.
**************************************************************************
.
Celkový čas: 2013-10-27 16:45:43 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-10-27 15:45
.
Před spuštěním: Volných bajtů: 62 999 375 872
Po spuštění: Volných bajtů: 63 533 215 744
.
- - End Of File - - A65B4F01641A624EE1D563507839B864
A36C5E4F47E84449FF07ED3517B43A31
ComboFix 13-10-26.01 - Jana 27.10.2013 14:09:41.1.4 - x86
Microsoft Windows 7 Starter 6.1.7601.1.1250.420.1029.18.1012.329 [GMT 1:00]
Spuštěný z: c:\users\Jana\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Trend Micro Titanium *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Trend Micro Titanium *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\frapsvid.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-09-27 do 2013-10-27 )))))))))))))))))))))))))))))))
.
.
2013-10-27 15:11 . 2013-10-27 15:11 -------- d-----w- c:\users\Guest\AppData\Local\temp
2013-10-27 15:11 . 2013-10-27 15:11 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-10-26 20:32 . 2013-10-26 20:32 -------- d-----w- c:\windows\ERUNT
2013-10-20 15:35 . 2013-10-20 15:35 -------- d-----w- c:\users\Jana\AppData\Roaming\Malwarebytes
2013-10-20 15:34 . 2013-10-20 15:34 -------- d-----w- c:\programdata\Malwarebytes
2013-10-20 15:34 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-10-20 15:34 . 2013-10-20 15:35 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-10-20 14:49 . 2013-10-20 15:21 -------- d-----w- C:\AdwCleaner
2013-10-17 18:19 . 2013-10-17 18:27 -------- d-----w- c:\windows\system32\MRT
2013-10-15 15:29 . 2013-10-15 15:29 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2013-10-15 15:22 . 2013-07-04 11:50 530432 ----a-w- c:\windows\system32\comctl32.dll
2013-10-15 15:22 . 2013-07-03 04:02 36352 ----a-w- c:\windows\system32\drivers\usbscan.sys
2013-10-15 15:22 . 2013-07-03 03:36 55808 ----a-w- c:\windows\system32\drivers\hidclass.sys
2013-10-15 15:22 . 2013-07-03 03:36 25728 ----a-w- c:\windows\system32\drivers\hidparse.sys
2013-10-15 15:22 . 2013-09-08 02:07 1294272 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-10-15 15:22 . 2013-09-08 02:03 231424 ----a-w- c:\windows\system32\mswsock.dll
2013-10-15 15:22 . 2013-09-14 00:48 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2013-10-15 15:20 . 2013-07-04 11:57 205824 ----a-w- c:\windows\system32\WebClnt.dll
2013-10-15 15:20 . 2013-07-04 11:51 81920 ----a-w- c:\windows\system32\davclnt.dll
2013-10-15 15:20 . 2013-07-04 09:48 115712 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2013-10-15 15:20 . 2013-07-12 10:08 146816 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2013-10-15 15:20 . 2013-07-12 10:07 86016 ----a-w- c:\windows\system32\drivers\usbcir.sys
2013-10-15 15:20 . 2013-06-25 22:56 527064 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-10-15 15:06 . 2013-10-15 15:06 17813896 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2013-10-09 09:58 . 2013-10-09 09:58 4879744 ----a-w- c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2013-10-09 09:58 . 2013-10-09 09:58 4879744 ----a-w- c:\program files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-15 15:06 . 2012-08-18 11:06 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-10-15 15:06 . 2012-08-18 11:06 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-07 15:33 . 2012-12-08 10:24 2324216 ----a-w- c:\windows\system32\ssins.exe
2013-09-25 13:55 . 2013-09-25 13:55 388096 ----a-r- c:\users\Jana\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-09-13 15:57 . 2013-09-13 15:57 745472 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-09-13 15:57 . 2013-09-13 15:57 185344 ----a-w- c:\windows\system32\elshyph.dll
2013-09-13 15:57 . 2013-09-13 15:57 158720 ----a-w- c:\windows\system32\msls31.dll
2013-09-13 15:57 . 2013-09-13 15:57 138752 ----a-w- c:\windows\system32\wextract.exe
2013-09-13 15:57 . 2013-09-13 15:57 523264 ----a-w- c:\windows\system32\vbscript.dll
2013-09-13 15:57 . 2013-09-13 15:57 150528 ----a-w- c:\windows\system32\iexpress.exe
2013-09-13 15:57 . 2013-09-13 15:57 137216 ----a-w- c:\windows\system32\ieUnatt.exe
2013-09-13 15:57 . 2013-09-13 15:57 38400 ----a-w- c:\windows\system32\imgutil.dll
2013-09-13 15:57 . 2013-09-13 15:57 12800 ----a-w- c:\windows\system32\mshta.exe
2013-09-13 15:57 . 2013-09-13 15:57 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-09-13 15:57 . 2013-09-13 15:57 73728 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-09-13 15:57 . 2013-09-13 15:57 61952 ----a-w- c:\windows\system32\tdc.ocx
2013-09-13 15:57 . 2013-09-13 15:57 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-09-13 15:57 . 2013-09-13 15:57 719360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-09-13 15:57 . 2013-09-13 15:57 361984 ----a-w- c:\windows\system32\html.iec
2013-09-13 15:57 . 2013-09-13 15:57 23040 ----a-w- c:\windows\system32\licmgr10.dll
2013-09-13 15:57 . 2013-09-13 15:57 204800 ----a-w- c:\windows\system32\webcheck.dll
2013-09-13 15:57 . 2013-09-13 15:57 1441280 ----a-w- c:\windows\system32\inetcpl.cpl
2013-09-13 15:49 . 2013-09-13 15:49 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-09-13 15:49 . 2013-09-13 15:49 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-09-13 15:49 . 2013-09-13 15:49 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-09-13 15:49 . 2013-09-13 15:49 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-09-13 15:49 . 2013-09-13 15:49 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-09-13 15:49 . 2013-09-13 15:49 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-09-13 15:49 . 2013-09-13 15:49 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-09-13 15:49 . 2013-09-13 15:49 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-09-13 15:49 . 2013-09-13 15:49 906240 ----a-w- c:\windows\system32\FntCache.dll
2013-09-13 15:49 . 2013-09-13 15:49 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2013-09-13 15:49 . 2013-09-13 15:49 364544 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-09-13 15:49 . 2013-09-13 15:49 2284544 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2013-09-13 15:49 . 2013-09-13 15:49 220160 ----a-w- c:\windows\system32\d3d10core.dll
2013-09-13 15:49 . 2013-09-13 15:49 1158144 ----a-w- c:\windows\system32\XpsPrint.dll
2013-09-13 15:49 . 2013-09-13 15:49 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-09-13 15:49 . 2013-09-13 15:49 604160 ----a-w- c:\windows\system32\d3d10level9.dll
2013-09-13 15:49 . 2013-09-13 15:49 3419136 ----a-w- c:\windows\system32\d2d1.dll
2013-09-13 15:49 . 2013-09-13 15:49 293376 ----a-w- c:\windows\system32\dxgi.dll
2013-09-13 15:49 . 2013-09-13 15:49 249856 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-09-13 15:49 . 2013-09-13 15:49 207872 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-09-13 15:49 . 2013-09-13 15:49 1988096 ----a-w- c:\windows\system32\d3d10warp.dll
2013-09-13 15:49 . 2013-09-13 15:49 187392 ----a-w- c:\windows\system32\UIAnimation.dll
2013-09-13 15:49 . 2013-09-13 15:49 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2013-09-13 15:49 . 2013-09-13 15:49 1080832 ----a-w- c:\windows\system32\d3d10.dll
2013-09-13 15:33 . 2013-09-13 15:33 1505280 ----a-w- c:\windows\system32\d3d11.dll
2013-08-05 01:56 . 2013-09-13 16:04 133056 ----a-w- c:\windows\system32\drivers\ataport.sys
2013-08-02 01:50 . 2013-09-13 15:32 169984 ----a-w- c:\windows\system32\winsrv.dll
2013-08-02 01:49 . 2013-09-13 15:32 293376 ----a-w- c:\windows\system32\KernelBase.dll
2013-08-02 01:48 . 2013-09-13 15:32 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 4096 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3584 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-08-02 00:52 . 2013-09-13 15:32 271360 ----a-w- c:\windows\system32\conhost.exe
2013-08-02 00:43 . 2013-09-13 15:32 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 00:43 . 2013-09-13 15:32 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 00:43 . 2013-09-13 15:32 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-08-02 00:43 . 2013-09-13 15:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-11-29 08:26 . 2012-12-08 07:39 262112 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 23:32 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{CC5FC992-B0AA-47CD-9DC2-83445083CBB8}"
[HKEY_CLASSES_ROOT\CLSID\{CC5FC992-B0AA-47CD-9DC2-83445083CBB8}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{618A47A2-528B-4D9A-AFC8-97D3233511E2}"
[HKEY_CLASSES_ROOT\CLSID\{618A47A2-528B-4D9A-AFC8-97D3233511E2}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 6"="c:\program files\IObit\Advanced SystemCare 6\ASCTray.exe" [2012-09-24 490880]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728]
"Facebook Update"="c:\users\Jana\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-12-28 138096]
"Jet Screenshot"="c:\program files\Jet Screenshot\jetScreenshot.exe" [2013-01-11 1954056]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-06-21 19875432]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GfxServiceInstall"="c:\windows\system32\GfxCUIServiceInstall.vbs" [2012-06-27 131]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-12-19 41208]
"HotkeyMon"="AsusSender.exe" [2012-01-05 34728]
"HotkeyService"="AsusSender.exe" [2012-01-05 34728]
"SuperHybridEngine"="AsusSender.exe" [2012-01-05 34728]
"LiveUpdate"="AsusSender.exe" [2012-01-05 34728]
"CapsHook"="AsusSender.exe" [2012-01-05 34728]
"ASUSWebStorage"="c:\program files\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe" [2011-07-29 737104]
"VizorHtmlDialog.exe"="c:\program files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" [2010-10-08 1123664]
"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2010-10-12 112632]
"Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\VizorShortCut.exe" [2010-10-20 218448]
"VAWinAgent"="c:\expressgateutil\VAWinAgent.exe" [2012-01-12 45448]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-07-04 142144]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-07-04 175936]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-07-04 168256]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-09-02 10828392]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2011-05-05 2262312]
"ASUSPRP"="c:\program files\ASUS\APRP\APRP.EXE" [2012-08-18 3331312]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"WebcamMaxMoniter"="c:\program files\WebcamMax\wcmmon.exe" [2007-08-01 450048]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files\Asus\AsusVibe\AsusVibeLauncher.exe /start [2012-8-18 549040]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-5-21 828704]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-06-21 162408]
R3 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]
R3 aswVmm;aswVmm; [x]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-05-21 293928]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-05-21 33320]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2013-01-20 14848]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 98432]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 14848]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 123648]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-01-20 49664]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2013-01-20 27136]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 aswRvrt;aswRvrt; [x]
S1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [2010-08-03 11832]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-12-08 242240]
S1 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [2010-09-17 64080]
S2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files\IObit\Advanced SystemCare 6\ASCService.exe [2012-10-31 464256]
S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files\ASUS\InstantOn for EPC\InsOnSrv.exe [2011-12-01 92800]
S2 AsusService;Asus Launcher Service;c:\windows\system32\AsusService.exe [2012-01-11 224680]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-03-06 66336]
S2 CamthWDM;WebcamMax, WDM Video Capture;c:\windows\system32\DRIVERS\CamthWDM.sys [2007-01-11 243584]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-09 3275136]
S2 ssinstall;SInstalátor;c:\windows\System32\ssins.exe [2013-10-07 2324216]
S2 TiMiniService;TiMiniService;c:\program files\Trend Micro\Titanium\TiMiniService.exe [2010-09-17 161104]
S2 VideAceWindowsService;VideAceWindowsService;c:\expressgateutil\VAWinService.exe [2011-03-26 91464]
S3 igddim32;igddim32;c:\windows\system32\DRIVERS\igddim32.sys [2012-06-27 1349120]
S3 igdkmd32;igdkmd32;c:\windows\system32\DRIVERS\igdkmd32.sys [2012-06-27 435200]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-06-09 278528]
S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [2011-11-01 91760]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 22856]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-10-19 19:31 1185744 ----a-w- c:\program files\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-10-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-18 15:06]
.
2013-10-27 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2982817381-1060741672-405086574-1000Core.job
- c:\users\Jana\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-28 13:44]
.
2013-10-27 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2982817381-1060741672-405086574-1000UA.job
- c:\users\Jana\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-28 13:44]
.
2013-10-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-04-28 10:58]
.
2013-10-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-04-28 10:58]
.
2013-10-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2982817381-1060741672-405086574-1000Core.job
- c:\users\Jana\AppData\Local\Google\Update\GoogleUpdate.exe [2013-05-12 16:04]
.
2013-10-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2982817381-1060741672-405086574-1000UA.job
- c:\users\Jana\AppData\Local\Google\Update\GoogleUpdate.exe [2013-05-12 16:04]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MIF5BA~1\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\mvo7k138.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{8E5E2654-AD2D-48BF-AC2D-D17F00898D06}"=hex:51,66,7a,6c,4c,1d,38,12,3a,25,4d,
8a,1f,e3,d1,0d,d3,3b,92,3f,05,d7,c9,12
"{9E35E959-D723-4B5F-9207-2A94F8AB9068}"=hex:51,66,7a,6c,4c,1d,38,12,37,ea,26,
9a,11,99,31,0e,ed,11,69,d4,fd,f5,d4,7c
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{1CA1377B-DC1D-4A52-9585-6E06050FAC53}"=hex:51,66,7a,6c,4c,1d,38,12,15,34,b2,
18,2f,92,3c,0f,ea,93,2d,46,00,51,e8,47
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,38,12,07,5b,93,
aa,6e,60,ba,0b,f0,6d,b2,b7,80,44,00,83
"{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}"=hex:51,66,7a,6c,4c,1d,38,12,93,b9,bf,
bf,6c,b4,17,05,f4,25,43,ab,9a,4d,90,b8
"{D381FF29-7CFB-4D4E-B92A-C4EDDC696614}"=hex:51,66,7a,6c,4c,1d,38,12,47,fc,92,
d7,c9,32,20,08,c6,3c,87,ad,d9,37,22,00
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,
fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17
"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,
b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:0e,32,02,52,ac,b0,ce,01
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(4980)
c:\progra~1\ASUS\ASUSWE~1\30108~1.222\ASUSWS~1.DLL
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
c:\windows\system32\taskhost.exe
c:\program files\IObit\Advanced SystemCare 6\Monitor.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files\Trend Micro\Titanium\TiResumeSrv.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\ASUS\InstantOn for EPC\InsOnWMI.exe
c:\windows\system32\conhost.exe
c:\windows\system32\UI0Detect.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\conhost.exe
c:\windows\system32\cscript.exe
.
**************************************************************************
.
Celkový čas: 2013-10-27 16:45:43 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-10-27 15:45
.
Před spuštěním: Volných bajtů: 62 999 375 872
Po spuštění: Volných bajtů: 63 533 215 744
.
- - End Of File - - A65B4F01641A624EE1D563507839B864
A36C5E4F47E84449FF07ED3517B43A31
Odesláno pravděpodobně z PC, pokud ne, tak z jiného zařízení.
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu - seká se notebook
Spuštěný z: c:\users\Jana\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Trend Micro Titanium *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
dva antiviry , jeden odinstaluj , pak znovu Combofix.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Trend Micro Titanium *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
dva antiviry , jeden odinstaluj , pak znovu Combofix.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logu - seká se notebook
Tady je log č. 2 z ComboFix:
ComboFix 13-10-26.01 - Jana 28.10.2013 11:23:16.2.4 - x86
Microsoft Windows 7 Starter 6.1.7601.1.1250.420.1029.18.1012.391 [GMT 1:00]
Spuštěný z: c:\users\Jana\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Trend Micro Titanium *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Trend Micro Titanium *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-09-28 do 2013-10-28 )))))))))))))))))))))))))))))))
.
.
2013-10-28 10:53 . 2013-10-28 10:54 -------- d-----w- c:\users\Jana\AppData\Local\temp
2013-10-28 10:53 . 2013-10-28 10:53 -------- d-----w- c:\users\Guest\AppData\Local\temp
2013-10-28 10:53 . 2013-10-28 10:53 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-10-28 10:15 . 2013-10-16 00:20 7796464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B0086F55-92DD-4AA4-A3EE-C328A186AAA7}\mpengine.dll
2013-10-28 10:15 . 2013-09-03 13:35 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-10-28 10:01 . 2010-09-17 08:32 319456 ----a-w- c:\windows\DIFxAPI.dll
2013-10-28 10:01 . 2010-09-17 08:32 203600 ----a-w- c:\windows\TmNSCIns.dll
2013-10-26 20:32 . 2013-10-26 20:32 -------- d-----w- c:\windows\ERUNT
2013-10-20 15:35 . 2013-10-20 15:35 -------- d-----w- c:\users\Jana\AppData\Roaming\Malwarebytes
2013-10-20 15:34 . 2013-10-20 15:34 -------- d-----w- c:\programdata\Malwarebytes
2013-10-20 15:34 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-10-20 15:34 . 2013-10-20 15:35 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-10-20 14:49 . 2013-10-20 15:21 -------- d-----w- C:\AdwCleaner
2013-10-17 18:19 . 2013-10-17 18:27 -------- d-----w- c:\windows\system32\MRT
2013-10-15 15:29 . 2013-10-15 15:29 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2013-10-15 15:22 . 2013-07-04 11:50 530432 ----a-w- c:\windows\system32\comctl32.dll
2013-10-15 15:22 . 2013-07-03 04:02 36352 ----a-w- c:\windows\system32\drivers\usbscan.sys
2013-10-15 15:22 . 2013-07-03 03:36 55808 ----a-w- c:\windows\system32\drivers\hidclass.sys
2013-10-15 15:22 . 2013-07-03 03:36 25728 ----a-w- c:\windows\system32\drivers\hidparse.sys
2013-10-15 15:22 . 2013-09-08 02:07 1294272 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-10-15 15:22 . 2013-09-08 02:03 231424 ----a-w- c:\windows\system32\mswsock.dll
2013-10-15 15:22 . 2013-09-14 00:48 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2013-10-15 15:20 . 2013-07-04 11:57 205824 ----a-w- c:\windows\system32\WebClnt.dll
2013-10-15 15:20 . 2013-07-04 11:51 81920 ----a-w- c:\windows\system32\davclnt.dll
2013-10-15 15:20 . 2013-07-04 09:48 115712 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2013-10-15 15:20 . 2013-07-12 10:08 146816 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2013-10-15 15:20 . 2013-07-12 10:07 86016 ----a-w- c:\windows\system32\drivers\usbcir.sys
2013-10-15 15:20 . 2013-06-25 22:56 527064 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-10-15 15:06 . 2013-10-15 15:06 17813896 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2013-10-09 09:58 . 2013-10-09 09:58 4879744 ----a-w- c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2013-10-09 09:58 . 2013-10-09 09:58 4879744 ----a-w- c:\program files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-15 15:06 . 2012-08-18 11:06 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-10-15 15:06 . 2012-08-18 11:06 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-07 15:33 . 2012-12-08 10:24 2324216 ----a-w- c:\windows\system32\ssins.exe
2013-09-25 13:55 . 2013-09-25 13:55 388096 ----a-r- c:\users\Jana\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-09-13 15:57 . 2013-09-13 15:57 745472 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-09-13 15:57 . 2013-09-13 15:57 185344 ----a-w- c:\windows\system32\elshyph.dll
2013-09-13 15:57 . 2013-09-13 15:57 158720 ----a-w- c:\windows\system32\msls31.dll
2013-09-13 15:57 . 2013-09-13 15:57 138752 ----a-w- c:\windows\system32\wextract.exe
2013-09-13 15:57 . 2013-09-13 15:57 523264 ----a-w- c:\windows\system32\vbscript.dll
2013-09-13 15:57 . 2013-09-13 15:57 150528 ----a-w- c:\windows\system32\iexpress.exe
2013-09-13 15:57 . 2013-09-13 15:57 137216 ----a-w- c:\windows\system32\ieUnatt.exe
2013-09-13 15:57 . 2013-09-13 15:57 38400 ----a-w- c:\windows\system32\imgutil.dll
2013-09-13 15:57 . 2013-09-13 15:57 12800 ----a-w- c:\windows\system32\mshta.exe
2013-09-13 15:57 . 2013-09-13 15:57 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-09-13 15:57 . 2013-09-13 15:57 73728 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-09-13 15:57 . 2013-09-13 15:57 61952 ----a-w- c:\windows\system32\tdc.ocx
2013-09-13 15:57 . 2013-09-13 15:57 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-09-13 15:57 . 2013-09-13 15:57 719360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-09-13 15:57 . 2013-09-13 15:57 361984 ----a-w- c:\windows\system32\html.iec
2013-09-13 15:57 . 2013-09-13 15:57 23040 ----a-w- c:\windows\system32\licmgr10.dll
2013-09-13 15:57 . 2013-09-13 15:57 204800 ----a-w- c:\windows\system32\webcheck.dll
2013-09-13 15:57 . 2013-09-13 15:57 1441280 ----a-w- c:\windows\system32\inetcpl.cpl
2013-09-13 15:49 . 2013-09-13 15:49 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-09-13 15:49 . 2013-09-13 15:49 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-09-13 15:49 . 2013-09-13 15:49 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-09-13 15:49 . 2013-09-13 15:49 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-09-13 15:49 . 2013-09-13 15:49 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-09-13 15:49 . 2013-09-13 15:49 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-09-13 15:49 . 2013-09-13 15:49 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-09-13 15:49 . 2013-09-13 15:49 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-09-13 15:49 . 2013-09-13 15:49 906240 ----a-w- c:\windows\system32\FntCache.dll
2013-09-13 15:49 . 2013-09-13 15:49 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2013-09-13 15:49 . 2013-09-13 15:49 364544 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-09-13 15:49 . 2013-09-13 15:49 2284544 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2013-09-13 15:49 . 2013-09-13 15:49 220160 ----a-w- c:\windows\system32\d3d10core.dll
2013-09-13 15:49 . 2013-09-13 15:49 1158144 ----a-w- c:\windows\system32\XpsPrint.dll
2013-09-13 15:49 . 2013-09-13 15:49 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-09-13 15:49 . 2013-09-13 15:49 604160 ----a-w- c:\windows\system32\d3d10level9.dll
2013-09-13 15:49 . 2013-09-13 15:49 3419136 ----a-w- c:\windows\system32\d2d1.dll
2013-09-13 15:49 . 2013-09-13 15:49 293376 ----a-w- c:\windows\system32\dxgi.dll
2013-09-13 15:49 . 2013-09-13 15:49 249856 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-09-13 15:49 . 2013-09-13 15:49 207872 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-09-13 15:49 . 2013-09-13 15:49 1988096 ----a-w- c:\windows\system32\d3d10warp.dll
2013-09-13 15:49 . 2013-09-13 15:49 187392 ----a-w- c:\windows\system32\UIAnimation.dll
2013-09-13 15:49 . 2013-09-13 15:49 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2013-09-13 15:49 . 2013-09-13 15:49 1080832 ----a-w- c:\windows\system32\d3d10.dll
2013-09-13 15:33 . 2013-09-13 15:33 1505280 ----a-w- c:\windows\system32\d3d11.dll
2013-08-05 01:56 . 2013-09-13 16:04 133056 ----a-w- c:\windows\system32\drivers\ataport.sys
2013-08-02 01:50 . 2013-09-13 15:32 169984 ----a-w- c:\windows\system32\winsrv.dll
2013-08-02 01:49 . 2013-09-13 15:32 293376 ----a-w- c:\windows\system32\KernelBase.dll
2013-08-02 01:48 . 2013-09-13 15:32 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 4096 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3584 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-08-02 00:52 . 2013-09-13 15:32 271360 ----a-w- c:\windows\system32\conhost.exe
2013-08-02 00:43 . 2013-09-13 15:32 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 00:43 . 2013-09-13 15:32 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 00:43 . 2013-09-13 15:32 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-08-02 00:43 . 2013-09-13 15:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-11-29 08:26 . 2012-12-08 07:39 262112 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 23:32 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{CC5FC992-B0AA-47CD-9DC2-83445083CBB8}"
[HKEY_CLASSES_ROOT\CLSID\{CC5FC992-B0AA-47CD-9DC2-83445083CBB8}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{618A47A2-528B-4D9A-AFC8-97D3233511E2}"
[HKEY_CLASSES_ROOT\CLSID\{618A47A2-528B-4D9A-AFC8-97D3233511E2}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 6"="c:\program files\IObit\Advanced SystemCare 6\ASCTray.exe" [2012-09-24 490880]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728]
"Facebook Update"="c:\users\Jana\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-12-28 138096]
"Jet Screenshot"="c:\program files\Jet Screenshot\jetScreenshot.exe" [2013-01-11 1954056]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-06-21 19875432]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GfxServiceInstall"="c:\windows\system32\GfxCUIServiceInstall.vbs" [2012-06-27 131]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-12-19 41208]
"HotkeyMon"="AsusSender.exe" [2012-01-05 34728]
"HotkeyService"="AsusSender.exe" [2012-01-05 34728]
"SuperHybridEngine"="AsusSender.exe" [2012-01-05 34728]
"LiveUpdate"="AsusSender.exe" [2012-01-05 34728]
"CapsHook"="AsusSender.exe" [2012-01-05 34728]
"ASUSWebStorage"="c:\program files\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe" [2011-07-29 737104]
"VAWinAgent"="c:\expressgateutil\VAWinAgent.exe" [2012-01-12 45448]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-07-04 142144]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-07-04 175936]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-07-04 168256]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-09-02 10828392]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2011-05-05 2262312]
"ASUSPRP"="c:\program files\ASUS\APRP\APRP.EXE" [2012-08-18 3331312]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"WebcamMaxMoniter"="c:\program files\WebcamMax\wcmmon.exe" [2007-08-01 450048]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"000_TmTdiUninstall"="c:\windows\TmNSCIns.dll" [2010-09-17 203600]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files\Asus\AsusVibe\AsusVibeLauncher.exe /start [2012-8-18 549040]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-5-21 828704]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-09 3275136]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-06-21 162408]
R3 aswVmm;aswVmm; [x]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-05-21 293928]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-05-21 33320]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2013-01-20 14848]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 98432]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 14848]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 123648]
S0 aswRvrt;aswRvrt; [x]
S1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [2010-08-03 11832]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-12-08 242240]
S2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files\IObit\Advanced SystemCare 6\ASCService.exe [2012-10-31 464256]
S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files\ASUS\InstantOn for EPC\InsOnSrv.exe [2011-12-01 92800]
S2 AsusService;Asus Launcher Service;c:\windows\system32\AsusService.exe [2012-01-11 224680]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-03-06 66336]
S2 CamthWDM;WebcamMax, WDM Video Capture;c:\windows\system32\DRIVERS\CamthWDM.sys [2007-01-11 243584]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S2 ssinstall;SInstalátor;c:\windows\System32\ssins.exe [2013-10-07 2324216]
S3 igddim32;igddim32;c:\windows\system32\DRIVERS\igddim32.sys [2012-06-27 1349120]
S3 igdkmd32;igdkmd32;c:\windows\system32\DRIVERS\igdkmd32.sys [2012-06-27 435200]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-06-09 278528]
S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [2011-11-01 91760]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 22856]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
*Deregistered* - tmactmon
*Deregistered* - tmcomm
*Deregistered* - tmevtmgr
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-10-19 19:31 1185744 ----a-w- c:\program files\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-10-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-18 15:06]
.
2013-10-27 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2982817381-1060741672-405086574-1000Core.job
- c:\users\Jana\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-28 13:44]
.
2013-10-28 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2982817381-1060741672-405086574-1000UA.job
- c:\users\Jana\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-28 13:44]
.
2013-10-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-04-28 10:58]
.
2013-10-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-04-28 10:58]
.
2013-10-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2982817381-1060741672-405086574-1000Core.job
- c:\users\Jana\AppData\Local\Google\Update\GoogleUpdate.exe [2013-05-12 16:04]
.
2013-10-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2982817381-1060741672-405086574-1000UA.job
- c:\users\Jana\AppData\Local\Google\Update\GoogleUpdate.exe [2013-05-12 16:04]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MIF5BA~1\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\mvo7k138.default\
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{8E5E2654-AD2D-48BF-AC2D-D17F00898D06}"=hex:51,66,7a,6c,4c,1d,38,12,3a,25,4d,
8a,1f,e3,d1,0d,d3,3b,92,3f,05,d7,c9,12
"{9E35E959-D723-4B5F-9207-2A94F8AB9068}"=hex:51,66,7a,6c,4c,1d,38,12,37,ea,26,
9a,11,99,31,0e,ed,11,69,d4,fd,f5,d4,7c
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{1CA1377B-DC1D-4A52-9585-6E06050FAC53}"=hex:51,66,7a,6c,4c,1d,38,12,15,34,b2,
18,2f,92,3c,0f,ea,93,2d,46,00,51,e8,47
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,38,12,07,5b,93,
aa,6e,60,ba,0b,f0,6d,b2,b7,80,44,00,83
"{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}"=hex:51,66,7a,6c,4c,1d,38,12,93,b9,bf,
bf,6c,b4,17,05,f4,25,43,ab,9a,4d,90,b8
"{D381FF29-7CFB-4D4E-B92A-C4EDDC696614}"=hex:51,66,7a,6c,4c,1d,38,12,47,fc,92,
d7,c9,32,20,08,c6,3c,87,ad,d9,37,22,00
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,
fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17
"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,
b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:0e,32,02,52,ac,b0,ce,01
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-10-28 12:04:30
ComboFix-quarantined-files.txt 2013-10-28 11:04
ComboFix2.txt 2013-10-27 15:45
.
Před spuštěním: Volných bajtů: 62 758 375 424
Po spuštění: Volných bajtů: 63 837 913 088
.
- - End Of File - - 086C19FA72DB0303A5B37D92C7808B21
A36C5E4F47E84449FF07ED3517B43A31
ComboFix 13-10-26.01 - Jana 28.10.2013 11:23:16.2.4 - x86
Microsoft Windows 7 Starter 6.1.7601.1.1250.420.1029.18.1012.391 [GMT 1:00]
Spuštěný z: c:\users\Jana\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Trend Micro Titanium *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Trend Micro Titanium *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-09-28 do 2013-10-28 )))))))))))))))))))))))))))))))
.
.
2013-10-28 10:53 . 2013-10-28 10:54 -------- d-----w- c:\users\Jana\AppData\Local\temp
2013-10-28 10:53 . 2013-10-28 10:53 -------- d-----w- c:\users\Guest\AppData\Local\temp
2013-10-28 10:53 . 2013-10-28 10:53 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-10-28 10:15 . 2013-10-16 00:20 7796464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B0086F55-92DD-4AA4-A3EE-C328A186AAA7}\mpengine.dll
2013-10-28 10:15 . 2013-09-03 13:35 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-10-28 10:01 . 2010-09-17 08:32 319456 ----a-w- c:\windows\DIFxAPI.dll
2013-10-28 10:01 . 2010-09-17 08:32 203600 ----a-w- c:\windows\TmNSCIns.dll
2013-10-26 20:32 . 2013-10-26 20:32 -------- d-----w- c:\windows\ERUNT
2013-10-20 15:35 . 2013-10-20 15:35 -------- d-----w- c:\users\Jana\AppData\Roaming\Malwarebytes
2013-10-20 15:34 . 2013-10-20 15:34 -------- d-----w- c:\programdata\Malwarebytes
2013-10-20 15:34 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-10-20 15:34 . 2013-10-20 15:35 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-10-20 14:49 . 2013-10-20 15:21 -------- d-----w- C:\AdwCleaner
2013-10-17 18:19 . 2013-10-17 18:27 -------- d-----w- c:\windows\system32\MRT
2013-10-15 15:29 . 2013-10-15 15:29 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2013-10-15 15:22 . 2013-07-04 11:50 530432 ----a-w- c:\windows\system32\comctl32.dll
2013-10-15 15:22 . 2013-07-03 04:02 36352 ----a-w- c:\windows\system32\drivers\usbscan.sys
2013-10-15 15:22 . 2013-07-03 03:36 55808 ----a-w- c:\windows\system32\drivers\hidclass.sys
2013-10-15 15:22 . 2013-07-03 03:36 25728 ----a-w- c:\windows\system32\drivers\hidparse.sys
2013-10-15 15:22 . 2013-09-08 02:07 1294272 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-10-15 15:22 . 2013-09-08 02:03 231424 ----a-w- c:\windows\system32\mswsock.dll
2013-10-15 15:22 . 2013-09-14 00:48 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2013-10-15 15:20 . 2013-07-04 11:57 205824 ----a-w- c:\windows\system32\WebClnt.dll
2013-10-15 15:20 . 2013-07-04 11:51 81920 ----a-w- c:\windows\system32\davclnt.dll
2013-10-15 15:20 . 2013-07-04 09:48 115712 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2013-10-15 15:20 . 2013-07-12 10:08 146816 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2013-10-15 15:20 . 2013-07-12 10:07 86016 ----a-w- c:\windows\system32\drivers\usbcir.sys
2013-10-15 15:20 . 2013-06-25 22:56 527064 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-10-15 15:06 . 2013-10-15 15:06 17813896 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2013-10-09 09:58 . 2013-10-09 09:58 4879744 ----a-w- c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2013-10-09 09:58 . 2013-10-09 09:58 4879744 ----a-w- c:\program files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-15 15:06 . 2012-08-18 11:06 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-10-15 15:06 . 2012-08-18 11:06 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-07 15:33 . 2012-12-08 10:24 2324216 ----a-w- c:\windows\system32\ssins.exe
2013-09-25 13:55 . 2013-09-25 13:55 388096 ----a-r- c:\users\Jana\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-09-13 15:57 . 2013-09-13 15:57 745472 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-09-13 15:57 . 2013-09-13 15:57 185344 ----a-w- c:\windows\system32\elshyph.dll
2013-09-13 15:57 . 2013-09-13 15:57 158720 ----a-w- c:\windows\system32\msls31.dll
2013-09-13 15:57 . 2013-09-13 15:57 138752 ----a-w- c:\windows\system32\wextract.exe
2013-09-13 15:57 . 2013-09-13 15:57 523264 ----a-w- c:\windows\system32\vbscript.dll
2013-09-13 15:57 . 2013-09-13 15:57 150528 ----a-w- c:\windows\system32\iexpress.exe
2013-09-13 15:57 . 2013-09-13 15:57 137216 ----a-w- c:\windows\system32\ieUnatt.exe
2013-09-13 15:57 . 2013-09-13 15:57 38400 ----a-w- c:\windows\system32\imgutil.dll
2013-09-13 15:57 . 2013-09-13 15:57 12800 ----a-w- c:\windows\system32\mshta.exe
2013-09-13 15:57 . 2013-09-13 15:57 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-09-13 15:57 . 2013-09-13 15:57 73728 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-09-13 15:57 . 2013-09-13 15:57 61952 ----a-w- c:\windows\system32\tdc.ocx
2013-09-13 15:57 . 2013-09-13 15:57 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-09-13 15:57 . 2013-09-13 15:57 719360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-09-13 15:57 . 2013-09-13 15:57 361984 ----a-w- c:\windows\system32\html.iec
2013-09-13 15:57 . 2013-09-13 15:57 23040 ----a-w- c:\windows\system32\licmgr10.dll
2013-09-13 15:57 . 2013-09-13 15:57 204800 ----a-w- c:\windows\system32\webcheck.dll
2013-09-13 15:57 . 2013-09-13 15:57 1441280 ----a-w- c:\windows\system32\inetcpl.cpl
2013-09-13 15:49 . 2013-09-13 15:49 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-09-13 15:49 . 2013-09-13 15:49 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-09-13 15:49 . 2013-09-13 15:49 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-09-13 15:49 . 2013-09-13 15:49 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-09-13 15:49 . 2013-09-13 15:49 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-09-13 15:49 . 2013-09-13 15:49 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-09-13 15:49 . 2013-09-13 15:49 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-09-13 15:49 . 2013-09-13 15:49 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-09-13 15:49 . 2013-09-13 15:49 906240 ----a-w- c:\windows\system32\FntCache.dll
2013-09-13 15:49 . 2013-09-13 15:49 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2013-09-13 15:49 . 2013-09-13 15:49 364544 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-09-13 15:49 . 2013-09-13 15:49 2284544 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2013-09-13 15:49 . 2013-09-13 15:49 220160 ----a-w- c:\windows\system32\d3d10core.dll
2013-09-13 15:49 . 2013-09-13 15:49 1158144 ----a-w- c:\windows\system32\XpsPrint.dll
2013-09-13 15:49 . 2013-09-13 15:49 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-09-13 15:49 . 2013-09-13 15:49 604160 ----a-w- c:\windows\system32\d3d10level9.dll
2013-09-13 15:49 . 2013-09-13 15:49 3419136 ----a-w- c:\windows\system32\d2d1.dll
2013-09-13 15:49 . 2013-09-13 15:49 293376 ----a-w- c:\windows\system32\dxgi.dll
2013-09-13 15:49 . 2013-09-13 15:49 249856 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-09-13 15:49 . 2013-09-13 15:49 207872 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-09-13 15:49 . 2013-09-13 15:49 1988096 ----a-w- c:\windows\system32\d3d10warp.dll
2013-09-13 15:49 . 2013-09-13 15:49 187392 ----a-w- c:\windows\system32\UIAnimation.dll
2013-09-13 15:49 . 2013-09-13 15:49 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2013-09-13 15:49 . 2013-09-13 15:49 1080832 ----a-w- c:\windows\system32\d3d10.dll
2013-09-13 15:33 . 2013-09-13 15:33 1505280 ----a-w- c:\windows\system32\d3d11.dll
2013-08-05 01:56 . 2013-09-13 16:04 133056 ----a-w- c:\windows\system32\drivers\ataport.sys
2013-08-02 01:50 . 2013-09-13 15:32 169984 ----a-w- c:\windows\system32\winsrv.dll
2013-08-02 01:49 . 2013-09-13 15:32 293376 ----a-w- c:\windows\system32\KernelBase.dll
2013-08-02 01:48 . 2013-09-13 15:32 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 4096 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3584 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-08-02 01:48 . 2013-09-13 15:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-08-02 00:52 . 2013-09-13 15:32 271360 ----a-w- c:\windows\system32\conhost.exe
2013-08-02 00:43 . 2013-09-13 15:32 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 00:43 . 2013-09-13 15:32 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 00:43 . 2013-09-13 15:32 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-08-02 00:43 . 2013-09-13 15:32 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-11-29 08:26 . 2012-12-08 07:39 262112 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 23:32 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{CC5FC992-B0AA-47CD-9DC2-83445083CBB8}"
[HKEY_CLASSES_ROOT\CLSID\{CC5FC992-B0AA-47CD-9DC2-83445083CBB8}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{618A47A2-528B-4D9A-AFC8-97D3233511E2}"
[HKEY_CLASSES_ROOT\CLSID\{618A47A2-528B-4D9A-AFC8-97D3233511E2}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 6"="c:\program files\IObit\Advanced SystemCare 6\ASCTray.exe" [2012-09-24 490880]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728]
"Facebook Update"="c:\users\Jana\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-12-28 138096]
"Jet Screenshot"="c:\program files\Jet Screenshot\jetScreenshot.exe" [2013-01-11 1954056]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-06-21 19875432]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GfxServiceInstall"="c:\windows\system32\GfxCUIServiceInstall.vbs" [2012-06-27 131]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-12-19 41208]
"HotkeyMon"="AsusSender.exe" [2012-01-05 34728]
"HotkeyService"="AsusSender.exe" [2012-01-05 34728]
"SuperHybridEngine"="AsusSender.exe" [2012-01-05 34728]
"LiveUpdate"="AsusSender.exe" [2012-01-05 34728]
"CapsHook"="AsusSender.exe" [2012-01-05 34728]
"ASUSWebStorage"="c:\program files\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe" [2011-07-29 737104]
"VAWinAgent"="c:\expressgateutil\VAWinAgent.exe" [2012-01-12 45448]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-07-04 142144]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-07-04 175936]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-07-04 168256]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-09-02 10828392]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2011-05-05 2262312]
"ASUSPRP"="c:\program files\ASUS\APRP\APRP.EXE" [2012-08-18 3331312]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"WebcamMaxMoniter"="c:\program files\WebcamMax\wcmmon.exe" [2007-08-01 450048]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"000_TmTdiUninstall"="c:\windows\TmNSCIns.dll" [2010-09-17 203600]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files\Asus\AsusVibe\AsusVibeLauncher.exe /start [2012-8-18 549040]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-5-21 828704]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-09 3275136]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-06-21 162408]
R3 aswVmm;aswVmm; [x]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-05-21 293928]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-05-21 33320]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2013-01-20 14848]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 98432]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 14848]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 123648]
S0 aswRvrt;aswRvrt; [x]
S1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [2010-08-03 11832]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-12-08 242240]
S2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files\IObit\Advanced SystemCare 6\ASCService.exe [2012-10-31 464256]
S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files\ASUS\InstantOn for EPC\InsOnSrv.exe [2011-12-01 92800]
S2 AsusService;Asus Launcher Service;c:\windows\system32\AsusService.exe [2012-01-11 224680]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-03-06 66336]
S2 CamthWDM;WebcamMax, WDM Video Capture;c:\windows\system32\DRIVERS\CamthWDM.sys [2007-01-11 243584]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S2 ssinstall;SInstalátor;c:\windows\System32\ssins.exe [2013-10-07 2324216]
S3 igddim32;igddim32;c:\windows\system32\DRIVERS\igddim32.sys [2012-06-27 1349120]
S3 igdkmd32;igdkmd32;c:\windows\system32\DRIVERS\igdkmd32.sys [2012-06-27 435200]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-06-09 278528]
S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [2011-11-01 91760]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 22856]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
*Deregistered* - tmactmon
*Deregistered* - tmcomm
*Deregistered* - tmevtmgr
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-10-19 19:31 1185744 ----a-w- c:\program files\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-10-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-18 15:06]
.
2013-10-27 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2982817381-1060741672-405086574-1000Core.job
- c:\users\Jana\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-28 13:44]
.
2013-10-28 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2982817381-1060741672-405086574-1000UA.job
- c:\users\Jana\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-28 13:44]
.
2013-10-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-04-28 10:58]
.
2013-10-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-04-28 10:58]
.
2013-10-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2982817381-1060741672-405086574-1000Core.job
- c:\users\Jana\AppData\Local\Google\Update\GoogleUpdate.exe [2013-05-12 16:04]
.
2013-10-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2982817381-1060741672-405086574-1000UA.job
- c:\users\Jana\AppData\Local\Google\Update\GoogleUpdate.exe [2013-05-12 16:04]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MIF5BA~1\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\mvo7k138.default\
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{8E5E2654-AD2D-48BF-AC2D-D17F00898D06}"=hex:51,66,7a,6c,4c,1d,38,12,3a,25,4d,
8a,1f,e3,d1,0d,d3,3b,92,3f,05,d7,c9,12
"{9E35E959-D723-4B5F-9207-2A94F8AB9068}"=hex:51,66,7a,6c,4c,1d,38,12,37,ea,26,
9a,11,99,31,0e,ed,11,69,d4,fd,f5,d4,7c
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{1CA1377B-DC1D-4A52-9585-6E06050FAC53}"=hex:51,66,7a,6c,4c,1d,38,12,15,34,b2,
18,2f,92,3c,0f,ea,93,2d,46,00,51,e8,47
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,38,12,07,5b,93,
aa,6e,60,ba,0b,f0,6d,b2,b7,80,44,00,83
"{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}"=hex:51,66,7a,6c,4c,1d,38,12,93,b9,bf,
bf,6c,b4,17,05,f4,25,43,ab,9a,4d,90,b8
"{D381FF29-7CFB-4D4E-B92A-C4EDDC696614}"=hex:51,66,7a,6c,4c,1d,38,12,47,fc,92,
d7,c9,32,20,08,c6,3c,87,ad,d9,37,22,00
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,
fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17
"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,
b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:0e,32,02,52,ac,b0,ce,01
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-10-28 12:04:30
ComboFix-quarantined-files.txt 2013-10-28 11:04
ComboFix2.txt 2013-10-27 15:45
.
Před spuštěním: Volných bajtů: 62 758 375 424
Po spuštění: Volných bajtů: 63 837 913 088
.
- - End Of File - - 086C19FA72DB0303A5B37D92C7808B21
A36C5E4F47E84449FF07ED3517B43A31
Odesláno pravděpodobně z PC, pokud ne, tak z jiného zařízení.
-
Žbeky
- Moderátor
-
Guru Level 13
- Příspěvky: 22288
- Registrován: květen 08
- Bydliště: Vsetín - Pardubice
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu - seká se notebook
Pořád tam máš ty dva antiviry
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
Re: Prosím o kontrolu logu - seká se notebook
Já jsem jeden ještě před skenem smazal.
Odesláno pravděpodobně z PC, pokud ne, tak z jiného zařízení.
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu - seká se notebook
Smazal? Snad odinstaloval ne?
Udělej Combofix znovu.
Udělej Combofix znovu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 103 hostů