prosím o kontrolu logu Vyřešeno

[MontyY]

Junkware
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Ultimate x64
Ran by doma on p  20.12.2013 at 12:29:50,62
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p  20.12.2013 at 12:34:30,13
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[Reklama]

[MontyY]

Rogue
RogueKiller V8.7.13 _x64_ [Dec 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : doma [Práva správce]
Mód : Odebrat -- Datum : 12/20/2013 12:49:37
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 7 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\doma\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> VYMAZÁNO
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\doma\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> VYMAZÁNO
[RUN][SUSP PATH] HKCU\[...]\RunOnce : Application Restart #4 (C:\Users\doma\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\doma\AppData\Local\Pokki\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --flag-switches-begin --flag-switches-end --restore-last-session [x][x]) -> VYMAZÁNO
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST1000DM 003-1CH162 SATA Disk Device +++++
--- User ---
[MBR] 1394fe40befdcb184552b4d340a1ee5a
[BSP] f1fba2c71cff7a7925ea63e653f47f63 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 353768 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 724723712 | Size: 599999 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_12202013_124937.txt >>
RKreport[0]_S_12192013_190041.txt;RKreport[0]_S_12202013_124917.txt

[MontyY]

tds
12:52:59.0173 0x1084 TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
12:53:01.0630 0x1084 ============================================================
12:53:01.0630 0x1084 Current date / time: 2013/12/20 12:53:01.0630
12:53:01.0631 0x1084 SystemInfo:
12:53:01.0631 0x1084
12:53:01.0631 0x1084 OS Version: 6.1.7601 ServicePack: 1.0
12:53:01.0631 0x1084 Product type: Workstation
12:53:01.0631 0x1084 ComputerName: DOMA-PC
12:53:01.0631 0x1084 UserName: doma
12:53:01.0631 0x1084 Windows directory: C:\Windows
12:53:01.0631 0x1084 System windows directory: C:\Windows
12:53:01.0631 0x1084 Running under WOW64
12:53:01.0631 0x1084 Processor architecture: Intel x64
12:53:01.0631 0x1084 Number of processors: 6
12:53:01.0631 0x1084 Page size: 0x1000
12:53:01.0631 0x1084 Boot type: Normal boot
12:53:01.0632 0x1084 ============================================================
12:53:01.0731 0x1084 KLMD registered as C:\Windows\system32\drivers\27353236.sys
12:53:01.0919 0x1084 System UUID: {3AE67164-8E2D-04ED-DBAF-DAED5816CC55}
12:53:02.0377 0x1084 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:53:02.0392 0x1084 ============================================================
12:53:02.0392 0x1084 \Device\Harddisk0\DR0:
12:53:02.0392 0x1084 MBR partitions:
12:53:02.0392 0x1084 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
12:53:02.0392 0x1084 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x2B2F4000
12:53:02.0392 0x1084 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x2B326800, BlocksNum 0x493DF800
12:53:02.0392 0x1084 ============================================================
12:53:02.0418 0x1084 C: <-> \Device\Harddisk0\DR0\Partition2
12:53:02.0442 0x1084 D: <-> \Device\Harddisk0\DR0\Partition3
12:53:02.0442 0x1084 ============================================================
12:53:02.0442 0x1084 Initialize success
12:53:02.0442 0x1084 ============================================================
12:53:03.0840 0x1170 ============================================================
12:53:03.0840 0x1170 Scan started
12:53:03.0840 0x1170 Mode: Manual;
12:53:03.0840 0x1170 ============================================================
12:53:03.0840 0x1170 KSN ping started
12:53:06.0271 0x1170 KSN ping finished: true
12:53:06.0376 0x1170 ================ Scan system memory ========================
12:53:06.0376 0x1170 System memory - ok
12:53:06.0376 0x1170 ================ Scan services =============================
12:53:06.0456 0x1170 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:53:06.0466 0x1170 1394ohci - ok
12:53:06.0510 0x1170 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:53:06.0515 0x1170 ACPI - ok
12:53:06.0519 0x1170 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:53:06.0520 0x1170 AcpiPmi - ok
12:53:06.0590 0x1170 [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:53:06.0593 0x1170 AdobeARMservice - ok
12:53:06.0649 0x1170 [ 1BA1AB4141A92EB34DA99F1249CA2D4D, 43ADF35146E61E0DE58D2ACC2994538F6025135ECEB30073BEF05A804BB38107 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:53:06.0660 0x1170 AdobeFlashPlayerUpdateSvc - ok
12:53:06.0693 0x1170 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
12:53:06.0704 0x1170 adp94xx - ok
12:53:06.0719 0x1170 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
12:53:06.0724 0x1170 adpahci - ok
12:53:06.0738 0x1170 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
12:53:06.0741 0x1170 adpu320 - ok
12:53:06.0758 0x1170 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:53:06.0760 0x1170 AeLookupSvc - ok
12:53:06.0795 0x1170 [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\Windows\system32\drivers\afd.sys
12:53:06.0803 0x1170 AFD - ok
12:53:06.0815 0x1170 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
12:53:06.0817 0x1170 agp440 - ok
12:53:06.0833 0x1170 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
12:53:06.0835 0x1170 ALG - ok
12:53:06.0847 0x1170 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
12:53:06.0848 0x1170 aliide - ok
12:53:06.0851 0x1170 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
12:53:06.0852 0x1170 amdide - ok
12:53:06.0855 0x1170 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
12:53:06.0857 0x1170 AmdK8 - ok
12:53:06.0877 0x1170 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
12:53:06.0878 0x1170 AmdPPM - ok
12:53:06.0889 0x1170 [ 6EC6D772EAE38DC17C14AED9B178D24B, B4FB936B31B1265B8CC6B426C64965C34D0CCF1638E645ACD65E88F4AFFC57A6 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:53:06.0891 0x1170 amdsata - ok
12:53:06.0906 0x1170 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
12:53:06.0909 0x1170 amdsbs - ok
12:53:06.0918 0x1170 [ 1142A21DB581A84EA5597B03A26EBAA0, F94EB140D0CD068760D7EB081FF75154C75DAC75E5E24B6DE4E4F9CE65A70343 ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:53:06.0918 0x1170 amdxata - ok
12:53:06.0936 0x1170 [ EE4797DFEBBE8ACDB548DD8E80BE0A88, 9D56F835A5A9C045829EDFB546379E3448C9E539E5C2608B559DE4D052FEC769 ] amd_sata C:\Windows\system32\DRIVERS\amd_sata.sys
12:53:06.0937 0x1170 amd_sata - ok
12:53:06.0941 0x1170 [ D56EAD71A86FD2ACAE2DB47D0A6A3A41, 2E5E6D0E00D25765CC8B9997B26DE43F305966BFA518CB72EA7CA77152001726 ] amd_xata C:\Windows\system32\DRIVERS\amd_xata.sys
12:53:06.0942 0x1170 amd_xata - ok
12:53:06.0954 0x1170 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
12:53:06.0955 0x1170 AppID - ok
12:53:06.0969 0x1170 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:53:06.0970 0x1170 AppIDSvc - ok
12:53:06.0993 0x1170 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
12:53:06.0996 0x1170 Appinfo - ok
12:53:07.0024 0x1170 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
12:53:07.0029 0x1170 AppMgmt - ok
12:53:07.0043 0x1170 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
12:53:07.0045 0x1170 arc - ok
12:53:07.0058 0x1170 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
12:53:07.0059 0x1170 arcsas - ok
12:53:07.0089 0x1170 [ 7D6179DB30EE10500D9570BC6FD5FDBA, 4C43A6C295E61C7BF41FCC34821C579B1C3249B73CA3A45D91EAF4E122286C0A ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys
12:53:07.0091 0x1170 asmthub3 - ok
12:53:07.0107 0x1170 [ F5DAC44918FC38F6416CAFC7E3CC3190, 2D5458810266BF49B7819920F18D4295A9CDE18922BC47FE37B2742F29D43189 ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys
12:53:07.0113 0x1170 asmtxhci - ok
12:53:07.0182 0x1170 [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:53:07.0184 0x1170 aspnet_state - ok
12:53:07.0202 0x1170 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:53:07.0203 0x1170 AsyncMac - ok
12:53:07.0219 0x1170 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
12:53:07.0220 0x1170 atapi - ok
12:53:07.0257 0x1170 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:53:07.0277 0x1170 AudioEndpointBuilder - ok
12:53:07.0292 0x1170 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:53:07.0303 0x1170 AudioSrv - ok
12:53:07.0324 0x1170 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:53:07.0328 0x1170 AxInstSV - ok
12:53:07.0343 0x1170 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
12:53:07.0350 0x1170 b06bdrv - ok
12:53:07.0363 0x1170 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:53:07.0367 0x1170 b57nd60a - ok
12:53:07.0416 0x1170 [ 47480F4260DAE9AA589BCAF924B3767A, 00C46D6714BE9B24682A953F0BC05004AEAC664073E0418DFF5CB9B738281993 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe
12:53:07.0420 0x1170 BBSvc - ok
12:53:07.0442 0x1170 [ 6BF743CBF3BCD09DAB79245E60E1AE62, AF21BA914790B187ED32FB7A16586E371D803D167EFFC4949047FBAF74A782F3 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe
12:53:07.0452 0x1170 BBUpdate - ok
12:53:07.0470 0x1170 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
12:53:07.0473 0x1170 BDESVC - ok
12:53:07.0486 0x1170 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
12:53:07.0486 0x1170 Beep - ok
12:53:07.0548 0x1170 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
12:53:07.0572 0x1170 BFE - ok
12:53:07.0608 0x1170 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
12:53:07.0625 0x1170 BITS - ok
12:53:07.0641 0x1170 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:53:07.0642 0x1170 blbdrive - ok
12:53:07.0667 0x1170 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:53:07.0671 0x1170 bowser - ok
12:53:07.0679 0x1170 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
12:53:07.0680 0x1170 BrFiltLo - ok
12:53:07.0686 0x1170 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
12:53:07.0687 0x1170 BrFiltUp - ok
12:53:07.0713 0x1170 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
12:53:07.0717 0x1170 Browser - ok
12:53:07.0727 0x1170 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:53:07.0733 0x1170 Brserid - ok
12:53:07.0738 0x1170 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:53:07.0739 0x1170 BrSerWdm - ok
12:53:07.0743 0x1170 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:53:07.0743 0x1170 BrUsbMdm - ok
12:53:07.0747 0x1170 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:53:07.0747 0x1170 BrUsbSer - ok
12:53:07.0753 0x1170 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
12:53:07.0754 0x1170 BTHMODEM - ok
12:53:07.0761 0x1170 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
12:53:07.0763 0x1170 bthserv - ok
12:53:07.0776 0x1170 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:53:07.0778 0x1170 cdfs - ok
12:53:07.0817 0x1170 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:53:07.0824 0x1170 cdrom - ok
12:53:07.0878 0x1170 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
12:53:07.0880 0x1170 CertPropSvc - ok
12:53:07.0890 0x1170 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
12:53:07.0891 0x1170 circlass - ok
12:53:07.0908 0x1170 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
12:53:07.0914 0x1170 CLFS - ok
12:53:07.0957 0x1170 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:53:07.0958 0x1170 clr_optimization_v2.0.50727_32 - ok
12:53:07.0985 0x1170 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:53:07.0990 0x1170 clr_optimization_v2.0.50727_64 - ok
12:53:08.0043 0x1170 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:53:08.0047 0x1170 clr_optimization_v4.0.30319_32 - ok
12:53:08.0059 0x1170 [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:53:08.0063 0x1170 clr_optimization_v4.0.30319_64 - ok
12:53:08.0069 0x1170 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
12:53:08.0070 0x1170 CmBatt - ok
12:53:08.0078 0x1170 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:53:08.0079 0x1170 cmdide - ok
12:53:08.0113 0x1170 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
12:53:08.0120 0x1170 CNG - ok
12:53:08.0135 0x1170 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
12:53:08.0135 0x1170 Compbatt - ok
12:53:08.0147 0x1170 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
12:53:08.0148 0x1170 CompositeBus - ok
12:53:08.0160 0x1170 COMSysApp - ok
12:53:08.0170 0x1170 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
12:53:08.0171 0x1170 crcdisk - ok
12:53:08.0195 0x1170 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:53:08.0200 0x1170 CryptSvc - ok
12:53:08.0233 0x1170 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
12:53:08.0241 0x1170 CSC - ok
12:53:08.0269 0x1170 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
12:53:08.0283 0x1170 CscService - ok
12:53:08.0316 0x1170 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:53:08.0328 0x1170 DcomLaunch - ok
12:53:08.0347 0x1170 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
12:53:08.0353 0x1170 defragsvc - ok
12:53:08.0378 0x1170 dfiytuln - ok
12:53:08.0391 0x1170 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:53:08.0393 0x1170 DfsC - ok
12:53:08.0410 0x1170 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
12:53:08.0417 0x1170 Dhcp - ok
12:53:08.0430 0x1170 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
12:53:08.0431 0x1170 discache - ok
12:53:08.0446 0x1170 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
12:53:08.0448 0x1170 Disk - ok
12:53:08.0463 0x1170 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
12:53:08.0464 0x1170 dmvsc - ok
12:53:08.0506 0x1170 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:53:08.0516 0x1170 Dnscache - ok
12:53:08.0543 0x1170 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
12:53:08.0557 0x1170 dot3svc - ok
12:53:08.0579 0x1170 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
12:53:08.0586 0x1170 DPS - ok
12:53:08.0611 0x1170 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:53:08.0612 0x1170 drmkaud - ok
12:53:08.0642 0x1170 [ 6A0E850DDCB136AA3D2FB7234382DF12, C01863E95F45E1B74AC65C9CD12C8DC769299218255B3C94E3EBF58C4D79FEF3 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
12:53:08.0649 0x1170 dtsoftbus01 - ok
12:53:08.0722 0x1170 [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:53:08.0746 0x1170 DXGKrnl - ok
12:53:08.0758 0x1170 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
12:53:08.0761 0x1170 EapHost - ok
12:53:08.0840 0x1170 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
12:53:08.0894 0x1170 ebdrv - ok
12:53:08.0924 0x1170 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS C:\Windows\System32\lsass.exe
12:53:08.0926 0x1170 EFS - ok
12:53:09.0004 0x1170 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:53:09.0021 0x1170 ehRecvr - ok
12:53:09.0034 0x1170 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
12:53:09.0036 0x1170 ehSched - ok
12:53:09.0069 0x1170 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
12:53:09.0077 0x1170 elxstor - ok
12:53:09.0093 0x1170 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:53:09.0093 0x1170 ErrDev - ok
12:53:09.0124 0x1170 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
12:53:09.0130 0x1170 EventSystem - ok
12:53:09.0137 0x1170 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
12:53:09.0140 0x1170 exfat - ok
12:53:09.0158 0x1170 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:53:09.0161 0x1170 fastfat - ok
12:53:09.0183 0x1170 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
12:53:09.0195 0x1170 Fax - ok
12:53:09.0199 0x1170 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
12:53:09.0200 0x1170 fdc - ok
12:53:09.0225 0x1170 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
12:53:09.0227 0x1170 fdPHost - ok
12:53:09.0239 0x1170 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
12:53:09.0241 0x1170 FDResPub - ok
12:53:09.0251 0x1170 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:53:09.0252 0x1170 FileInfo - ok
12:53:09.0264 0x1170 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:53:09.0264 0x1170 Filetrace - ok
12:53:09.0268 0x1170 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
12:53:09.0268 0x1170 flpydisk - ok
12:53:09.0288 0x1170 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:53:09.0292 0x1170 FltMgr - ok
12:53:09.0339 0x1170 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
12:53:09.0362 0x1170 FontCache - ok
12:53:09.0396 0x1170 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:53:09.0396 0x1170 FontCache3.0.0.0 - ok
12:53:09.0410 0x1170 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:53:09.0413 0x1170 FsDepends - ok
12:53:09.0445 0x1170 [ B3EB502D2C3F47C47415F85387DFAEF1, 5240D4281BB9FBFBFEB98522D12F0C006BE063C084C2E6E23DACB6606CDC25AE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
12:53:09.0446 0x1170 fssfltr - ok
12:53:09.0542 0x1170 [ B6AB40819ECEC4BA07266EC0EBBC85A7, 71D385043720B622305FD64BD1187C6FFD7191C30794F95629CF6BFDC0A25BA2 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
12:53:09.0570 0x1170 fsssvc - ok
12:53:09.0603 0x1170 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:53:09.0603 0x1170 Fs_Rec - ok
12:53:09.0637 0x1170 [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:53:09.0648 0x1170 fvevol - ok
12:53:09.0671 0x1170 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
12:53:09.0674 0x1170 gagp30kx - ok
12:53:09.0736 0x1170 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
12:53:09.0754 0x1170 gpsvc - ok
12:53:09.0790 0x1170 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:53:09.0792 0x1170 gupdate - ok
12:53:09.0797 0x1170 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:53:09.0799 0x1170 gupdatem - ok
12:53:09.0813 0x1170 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
12:53:09.0814 0x1170 hamachi - ok
12:53:09.0817 0x1170 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:53:09.0818 0x1170 hcw85cir - ok
12:53:09.0845 0x1170 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:53:09.0851 0x1170 HdAudAddService - ok
12:53:09.0864 0x1170 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
12:53:09.0866 0x1170 HDAudBus - ok
12:53:09.0869 0x1170 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
12:53:09.0870 0x1170 HidBatt - ok
12:53:09.0874 0x1170 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
12:53:09.0876 0x1170 HidBth - ok
12:53:09.0888 0x1170 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
12:53:09.0889 0x1170 HidIr - ok
12:53:09.0899 0x1170 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
12:53:09.0902 0x1170 hidserv - ok
12:53:09.0930 0x1170 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:53:09.0930 0x1170 HidUsb - ok
12:53:09.0939 0x1170 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:53:09.0942 0x1170 hkmsvc - ok
12:53:09.0955 0x1170 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:53:09.0961 0x1170 HomeGroupListener - ok
12:53:09.0984 0x1170 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:53:09.0988 0x1170 HomeGroupProvider - ok
12:53:09.0999 0x1170 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:53:10.0001 0x1170 HpSAMD - ok
12:53:10.0036 0x1170 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:53:10.0048 0x1170 HTTP - ok
12:53:10.0063 0x1170 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:53:10.0064 0x1170 hwpolicy - ok
12:53:10.0082 0x1170 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
12:53:10.0083 0x1170 i8042prt - ok
12:53:10.0100 0x1170 [ 3DF4395A7CF8B7A72A5F4606366B8C2D, 483588B8FC6E05488ED631C4E1CFC398553FEBFA2CD2BB527B4DF12D19774F80 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:53:10.0107 0x1170 iaStorV - ok
12:53:10.0146 0x1170 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:53:10.0159 0x1170 idsvc - ok
12:53:10.0180 0x1170 IEEtwCollectorService - ok
12:53:10.0190 0x1170 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
12:53:10.0191 0x1170 iirsp - ok
12:53:10.0225 0x1170 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
12:53:10.0242 0x1170 IKEEXT - ok
12:53:10.0342 0x1170 [ 2BEE14AC102CF1259AC99ABF53291A8B, 45FAF81302E7A575D378A67F4EF75C89FDDE3B16AC3155BB2803A54D3A7B0DD3 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:53:10.0401 0x1170 IntcAzAudAddService - ok
12:53:10.0435 0x1170 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
12:53:10.0436 0x1170 intelide - ok
12:53:10.0461 0x1170 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\drivers\intelppm.sys
12:53:10.0464 0x1170 intelppm - ok
12:53:10.0498 0x1170 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:53:10.0501 0x1170 IPBusEnum - ok
12:53:10.0506 0x1170 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:53:10.0508 0x1170 IpFilterDriver - ok
12:53:10.0532 0x1170 [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:53:10.0547 0x1170 iphlpsvc - ok
12:53:10.0553 0x1170 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:53:10.0554 0x1170 IPMIDRV - ok
12:53:10.0560 0x1170 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:53:10.0562 0x1170 IPNAT - ok
12:53:10.0585 0x1170 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:53:10.0586 0x1170 IRENUM - ok
12:53:10.0590 0x1170 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:53:10.0591 0x1170 isapnp - ok
12:53:10.0617 0x1170 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:53:10.0621 0x1170 iScsiPrt - ok
12:53:10.0642 0x1170 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:53:10.0643 0x1170 kbdclass - ok
12:53:10.0652 0x1170 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
12:53:10.0653 0x1170 kbdhid - ok
12:53:10.0666 0x1170 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso C:\Windows\system32\lsass.exe
12:53:10.0668 0x1170 KeyIso - ok
12:53:10.0684 0x1170 [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:53:10.0686 0x1170 KSecDD - ok
12:53:10.0695 0x1170 [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:53:10.0698 0x1170 KSecPkg - ok
12:53:10.0718 0x1170 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:53:10.0718 0x1170 ksthunk - ok
12:53:10.0737 0x1170 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
12:53:10.0746 0x1170 KtmRm - ok
12:53:10.0770 0x1170 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
12:53:10.0776 0x1170 LanmanServer - ok
12:53:10.0802 0x1170 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:53:10.0806 0x1170 LanmanWorkstation - ok
12:53:10.0827 0x1170 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:53:10.0828 0x1170 lltdio - ok
12:53:10.0856 0x1170 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:53:10.0863 0x1170 lltdsvc - ok
12:53:10.0889 0x1170 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:53:10.0891 0x1170 lmhosts - ok
12:53:10.0903 0x1170 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
12:53:10.0905 0x1170 LSI_FC - ok
12:53:10.0916 0x1170 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
12:53:10.0918 0x1170 LSI_SAS - ok
12:53:10.0928 0x1170 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
12:53:10.0929 0x1170 LSI_SAS2 - ok
12:53:10.0940 0x1170 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
12:53:10.0942 0x1170 LSI_SCSI - ok
12:53:10.0957 0x1170 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
12:53:10.0959 0x1170 luafv - ok
12:53:10.0999 0x1170 [ 024DA28053D57E9E32BEE52600576BBB, 8EC636DAB90A835DEBA2EC6176F4547EEF557415FF77C6378EF423569702731E ] MarvinBus C:\Windows\system32\DRIVERS\MarvinBus64.sys
12:53:11.0011 0x1170 MarvinBus - ok
12:53:11.0034 0x1170 [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
12:53:11.0034 0x1170 MBAMProtector - ok
12:53:11.0077 0x1170 [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
12:53:11.0084 0x1170 MBAMScheduler - ok
12:53:11.0110 0x1170 [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
12:53:11.0121 0x1170 MBAMService - ok
12:53:11.0204 0x1170 [ 968BFF74AEB683C962960ECE0CAE4135, 3E08B39DE27FE27A27BD3E81486F0FCA1947D4B50BFE0167A0C27CE48DD56793 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe
12:53:11.0211 0x1170 McComponentHostService - ok
12:53:11.0240 0x1170 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:53:11.0244 0x1170 Mcx2Svc - ok
12:53:11.0259 0x1170 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
12:53:11.0261 0x1170 megasas - ok
12:53:11.0279 0x1170 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
12:53:11.0286 0x1170 MegaSR - ok
12:53:11.0309 0x1170 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
12:53:11.0313 0x1170 MMCSS - ok
12:53:11.0326 0x1170 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
12:53:11.0327 0x1170 Modem - ok
12:53:11.0348 0x1170 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:53:11.0349 0x1170 monitor - ok
12:53:11.0378 0x1170 [ C030F9E822A057C1A7A9BB4EA3E8877E, 2CCEC87DEB972B6B0196A08D3781002929E9107137FE3A61F1626D3BEE26630A ] MotioninJoyXFilter C:\Windows\system32\DRIVERS\MijXfilt.sys
12:53:11.0381 0x1170 MotioninJoyXFilter - ok
12:53:11.0403 0x1170 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:53:11.0405 0x1170 mouclass - ok
12:53:11.0413 0x1170 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:53:11.0414 0x1170 mouhid - ok
12:53:11.0428 0x1170 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:53:11.0430 0x1170 mountmgr - ok
12:53:11.0467 0x1170 [ C6B88D62F20AC646C6BD5C032EC2FAF9, 111A07939F3C5A46F0C51B9D6F5C1D8478099E32EFD88BC260467109ADD975F8 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
12:53:11.0473 0x1170 MpFilter - ok
12:53:11.0490 0x1170 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
12:53:11.0494 0x1170 mpio - ok
12:53:11.0519 0x1170 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:53:11.0522 0x1170 mpsdrv - ok
12:53:11.0557 0x1170 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:53:11.0575 0x1170 MpsSvc - ok
12:53:11.0590 0x1170 [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:53:11.0592 0x1170 MRxDAV - ok
12:53:11.0610 0x1170 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:53:11.0613 0x1170 mrxsmb - ok
12:53:11.0627 0x1170 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:53:11.0631 0x1170 mrxsmb10 - ok
12:53:11.0643 0x1170 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:53:11.0646 0x1170 mrxsmb20 - ok
12:53:11.0649 0x1170 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
12:53:11.0650 0x1170 msahci - ok
12:53:11.0666 0x1170 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:53:11.0668 0x1170 msdsm - ok
12:53:11.0684 0x1170 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
12:53:11.0687 0x1170 MSDTC - ok
12:53:11.0704 0x1170 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:53:11.0705 0x1170 Msfs - ok
12:53:11.0720 0x1170 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:53:11.0721 0x1170 mshidkmdf - ok
12:53:11.0735 0x1170 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:53:11.0736 0x1170 msisadrv - ok
12:53:11.0759 0x1170 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:53:11.0763 0x1170 MSiSCSI - ok
12:53:11.0766 0x1170 msiserver - ok
12:53:11.0792 0x1170 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:53:11.0793 0x1170 MSKSSRV - ok
12:53:11.0836 0x1170 [ 7675E15D1B2180745E4DA4D26AAD7385, 729AA6C610F67028CFFFF64B772FFA1CAE7581D37F8909BDA423D52AF85C92C8 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
12:53:11.0837 0x1170 MsMpSvc - ok
12:53:11.0851 0x1170 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:53:11.0853 0x1170 MSPCLOCK - ok
12:53:11.0863 0x1170 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:53:11.0864 0x1170 MSPQM - ok
12:53:11.0899 0x1170 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:53:11.0916 0x1170 MsRPC - ok
12:53:11.0936 0x1170 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
12:53:11.0937 0x1170 mssmbios - ok
12:53:11.0946 0x1170 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:53:11.0947 0x1170 MSTEE - ok
12:53:11.0959 0x1170 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
12:53:11.0960 0x1170 MTConfig - ok
12:53:11.0974 0x1170 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
12:53:11.0975 0x1170 Mup - ok
12:53:12.0008 0x1170 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
12:53:12.0018 0x1170 napagent - ok
12:53:12.0045 0x1170 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:53:12.0051 0x1170 NativeWifiP - ok
12:53:12.0089 0x1170 [ 79B47FD40D9A817E932F9D26FAC0A81C, 53E260B8BFC50BA45FA73BFCF4E58C233890D0EAA9DEFDCCBB55FD3EB992FF2D ] NDIS C:\Windows\system32\drivers\ndis.sys
12:53:12.0104 0x1170 NDIS - ok
12:53:12.0119 0x1170 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:53:12.0120 0x1170 NdisCap - ok
12:53:12.0139 0x1170 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:53:12.0140 0x1170 NdisTapi - ok
12:53:12.0143 0x1170 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:53:12.0144 0x1170 Ndisuio - ok
12:53:12.0157 0x1170 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:53:12.0160 0x1170 NdisWan - ok
12:53:12.0177 0x1170 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:53:12.0178 0x1170 NDProxy - ok
12:53:12.0188 0x1170 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:53:12.0189 0x1170 NetBIOS - ok
12:53:12.0206 0x1170 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:53:12.0211 0x1170 NetBT - ok
12:53:12.0225 0x1170 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon C:\Windows\system32\lsass.exe
12:53:12.0226 0x1170 Netlogon - ok
12:53:12.0248 0x1170 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
12:53:12.0256 0x1170 Netman - ok
12:53:12.0293 0x1170 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:53:12.0295 0x1170 NetMsmqActivator - ok
12:53:12.0300 0x1170 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:53:12.0302 0x1170 NetPipeActivator - ok
12:53:12.0328 0x1170 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
12:53:12.0338 0x1170 netprofm - ok
12:53:12.0342 0x1170 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:53:12.0345 0x1170 NetTcpActivator - ok
12:53:12.0349 0x1170 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:53:12.0351 0x1170 NetTcpPortSharing - ok
12:53:12.0376 0x1170 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
12:53:12.0377 0x1170 nfrd960 - ok
12:53:12.0421 0x1170 [ ACE8C64C57E4A711473C8BC10ADF692B, 53D8083CE78DB5527080B4570AC28ABAA262667744A319707AE0C46E46B297F9 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
12:53:12.0428 0x1170 NisDrv - ok
12:53:12.0463 0x1170 [ 6247E8B31ED0A9D6BC5A26276E49BEB3, 230C0C560492C454B9EB14B50EB4A78DC74FAB6B662449A0EA3114B3E671BFF3 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
12:53:12.0479 0x1170 NisSrv - ok
12:53:12.0503 0x1170 [ 1EE99A89CC788ADA662441D1E9830529, 6B4FDD74BB81E12BD4B25A3E8AECB0FA77FA0075D454DD1D6DC1790ADF1F2AA8 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:53:12.0512 0x1170 NlaSvc - ok
12:53:12.0523 0x1170 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:53:12.0524 0x1170 Npfs - ok
12:53:12.0531 0x1170 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
12:53:12.0533 0x1170 nsi - ok
12:53:12.0548 0x1170 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:53:12.0549 0x1170 nsiproxy - ok
12:53:12.0611 0x1170 [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:53:12.0639 0x1170 Ntfs - ok
12:53:12.0654 0x1170 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
12:53:12.0655 0x1170 Null - ok
12:53:12.0708 0x1170 [ 554964B900AE2954B8B589B6287034AC, C6C9EA3ADAFEBBF2AF944E4A0656BD795AD37706008CC0CA3F2150BD709476E7 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
12:53:12.0717 0x1170 NVHDA - ok
12:53:13.0061 0x1170 [ F554291C0A11F5B713B54C5886D4AA31, 65B7DF4BB3DFF616DC2C863988E30F901E14221C00E2A99A2079E19D91D93BAE ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:53:13.0269 0x1170 nvlddmkm - ok
12:53:13.0347 0x1170 [ 1D3878E5722F0AB3C22D04E88AC4AC55, F36048FA1CDDA5065AD1DEF1F08A241D1859A1BC199B073DCD1C355257A97D7C ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
12:53:13.0369 0x1170 NvNetworkService - ok
12:53:13.0389 0x1170 [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48, 7738785DE8B50D69993F4408498B812D0283FEE5C04FF5B89C20F149B44E9737 ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:53:13.0392 0x1170 nvraid - ok
12:53:13.0407 0x1170 [ F7CD50FE7139F07E77DA8AC8033D1832, DA96F4B15C8165E6AE1D00E03A062C66CA3A3089E4FF0E9E11CE00B154DD12EC ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:53:13.0410 0x1170 nvstor - ok
12:53:13.0800 0x1170 [ 34F09EE6871318C287E65949A683B198, 0ADD3DC6BFE77C932913A3D8C227FBBBC81100B94B5E3CEFD430DE1B2F09E3AE ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
12:53:14.0050 0x1170 NvStreamSvc - ok
12:53:14.0117 0x1170 [ 8E99BF264C1F20934A67E91BC9F4FB20, 89AA8823B751F4CEF4E862F1270E7EFDA81A6E5D9C5F72625CBF83C70B312353 ] nvsvc C:\Windows\system32\nvvsvc.exe
12:53:14.0132 0x1170 nvsvc - ok
12:53:14.0148 0x1170 [ E54A699931F73E52C6DA2DA2776BA98D, F600F4C5535F9C170265EF0B6BEE9D03F19A07A6A7B45FD606B2E64D085CA0BF ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
12:53:14.0149 0x1170 nvvad_WaveExtensible - ok
12:53:14.0158 0x1170 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:53:14.0160 0x1170 nv_agp - ok
12:53:14.0165 0x1170 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:53:14.0167 0x1170 ohci1394 - ok
12:53:14.0205 0x1170 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:53:14.0223 0x1170 p2pimsvc - ok
12:53:14.0245 0x1170 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
12:53:14.0257 0x1170 p2psvc - ok
12:53:14.0356 0x1170 [ 836266D31F9B7920ED04C4775E401FBC, 422BF0F5CBCB45047C75741EE3D02D93BE3A7EC01C8E622079DC24893DF65DFC ] PanService C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe
12:53:14.0387 0x1170 PanService - ok
12:53:14.0404 0x1170 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
12:53:14.0406 0x1170 Parport - ok
12:53:14.0424 0x1170 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:53:14.0426 0x1170 partmgr - ok
12:53:14.0441 0x1170 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
12:53:14.0446 0x1170 PcaSvc - ok
12:53:14.0459 0x1170 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
12:53:14.0462 0x1170 pci - ok
12:53:14.0476 0x1170 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
12:53:14.0476 0x1170 pciide - ok
12:53:14.0494 0x1170 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
12:53:14.0498 0x1170 pcmcia - ok
12:53:14.0508 0x1170 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
12:53:14.0509 0x1170 pcw - ok
12:53:14.0548 0x1170 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:53:14.0568 0x1170 PEAUTH - ok
12:53:14.0619 0x1170 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
12:53:14.0645 0x1170 PeerDistSvc - ok
12:53:14.0697 0x1170 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:53:14.0700 0x1170 PerfHost - ok
12:53:14.0767 0x1170 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
12:53:14.0795 0x1170 pla - ok
12:53:14.0849 0x1170 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:53:14.0867 0x1170 PlugPlay - ok
12:53:14.0876 0x1170 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:53:14.0878 0x1170 PNRPAutoReg - ok
12:53:14.0899 0x1170 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:53:14.0906 0x1170 PNRPsvc - ok
12:53:14.0935 0x1170 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:53:14.0948 0x1170 PolicyAgent - ok
12:53:14.0973 0x1170 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
12:53:14.0978 0x1170 Power - ok

[MontyY]

12:53:15.0008 0x1170 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:53:15.0010 0x1170 PptpMiniport - ok
12:53:15.0020 0x1170 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
12:53:15.0022 0x1170 Processor - ok
12:53:15.0038 0x1170 [ 5C78838B4D166D1A27DB3A8A820C799A, BBF7E1D0B6754CF06BF3936671FDF5BF6E845CA5678D0940EA54E9212B539B7F ] ProfSvc C:\Windows\system32\profsvc.dll
12:53:15.0044 0x1170 ProfSvc - ok
12:53:15.0050 0x1170 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
12:53:15.0052 0x1170 ProtectedStorage - ok
12:53:15.0065 0x1170 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:53:15.0067 0x1170 Psched - ok
12:53:15.0118 0x1170 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
12:53:15.0143 0x1170 ql2300 - ok
12:53:15.0157 0x1170 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
12:53:15.0159 0x1170 ql40xx - ok
12:53:15.0176 0x1170 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
12:53:15.0182 0x1170 QWAVE - ok
12:53:15.0199 0x1170 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:53:15.0200 0x1170 QWAVEdrv - ok
12:53:15.0212 0x1170 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:53:15.0213 0x1170 RasAcd - ok
12:53:15.0233 0x1170 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:53:15.0234 0x1170 RasAgileVpn - ok
12:53:15.0245 0x1170 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
12:53:15.0248 0x1170 RasAuto - ok
12:53:15.0260 0x1170 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:53:15.0262 0x1170 Rasl2tp - ok
12:53:15.0277 0x1170 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
12:53:15.0286 0x1170 RasMan - ok
12:53:15.0298 0x1170 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:53:15.0300 0x1170 RasPppoe - ok
12:53:15.0313 0x1170 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:53:15.0315 0x1170 RasSstp - ok
12:53:15.0334 0x1170 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:53:15.0339 0x1170 rdbss - ok
12:53:15.0348 0x1170 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:53:15.0349 0x1170 rdpbus - ok
12:53:15.0376 0x1170 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:53:15.0377 0x1170 RDPCDD - ok
12:53:15.0411 0x1170 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
12:53:15.0418 0x1170 RDPDR - ok
12:53:15.0426 0x1170 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:53:15.0428 0x1170 RDPENCDD - ok
12:53:15.0446 0x1170 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:53:15.0447 0x1170 RDPREFMP - ok
12:53:15.0470 0x1170 [ 70CBA1A0C98600A2AA1863479B35CB90, 91A133297921B4955817176251AFC5283DA3C7D2099700C4C92ECC94DBE9A99E ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:53:15.0471 0x1170 RdpVideoMiniport - ok
12:53:15.0506 0x1170 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:53:15.0516 0x1170 RDPWD - ok
12:53:15.0543 0x1170 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:53:15.0548 0x1170 rdyboost - ok
12:53:15.0568 0x1170 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:53:15.0573 0x1170 RemoteAccess - ok
12:53:15.0591 0x1170 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:53:15.0598 0x1170 RemoteRegistry - ok
12:53:15.0610 0x1170 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:53:15.0614 0x1170 RpcEptMapper - ok
12:53:15.0633 0x1170 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
12:53:15.0635 0x1170 RpcLocator - ok
12:53:15.0664 0x1170 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
12:53:15.0676 0x1170 RpcSs - ok
12:53:15.0691 0x1170 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:53:15.0693 0x1170 rspndr - ok
12:53:15.0742 0x1170 [ 61A04C0C084D560BBEF1D09604608262, 27230BDFB479FBD1B18BB4035059A52F8BE74B19190951EAC95D569E284421B3 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
12:53:15.0755 0x1170 RTL8167 - ok
12:53:15.0776 0x1170 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
12:53:15.0777 0x1170 s3cap - ok
12:53:15.0792 0x1170 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs C:\Windows\system32\lsass.exe
12:53:15.0795 0x1170 SamSs - ok
12:53:15.0814 0x1170 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:53:15.0819 0x1170 sbp2port - ok
12:53:15.0840 0x1170 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:53:15.0847 0x1170 SCardSvr - ok
12:53:15.0864 0x1170 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:53:15.0865 0x1170 scfilter - ok
12:53:15.0913 0x1170 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
12:53:15.0934 0x1170 Schedule - ok
12:53:15.0956 0x1170 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
12:53:15.0958 0x1170 SCPolicySvc - ok
12:53:15.0973 0x1170 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:53:15.0979 0x1170 SDRSVC - ok
12:53:15.0999 0x1170 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:53:16.0000 0x1170 secdrv - ok
12:53:16.0005 0x1170 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
12:53:16.0008 0x1170 seclogon - ok
12:53:16.0024 0x1170 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
12:53:16.0027 0x1170 SENS - ok
12:53:16.0041 0x1170 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:53:16.0043 0x1170 SensrSvc - ok
12:53:16.0077 0x1170 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:53:16.0079 0x1170 Serenum - ok
12:53:16.0097 0x1170 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:53:16.0100 0x1170 Serial - ok
12:53:16.0111 0x1170 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
12:53:16.0112 0x1170 sermouse - ok
12:53:16.0132 0x1170 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
12:53:16.0138 0x1170 SessionEnv - ok
12:53:16.0142 0x1170 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:53:16.0143 0x1170 sffdisk - ok
12:53:16.0156 0x1170 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:53:16.0157 0x1170 sffp_mmc - ok
12:53:16.0161 0x1170 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:53:16.0162 0x1170 sffp_sd - ok
12:53:16.0166 0x1170 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
12:53:16.0167 0x1170 sfloppy - ok
12:53:16.0198 0x1170 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:53:16.0209 0x1170 SharedAccess - ok
12:53:16.0235 0x1170 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:53:16.0243 0x1170 ShellHWDetection - ok
12:53:16.0265 0x1170 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
12:53:16.0266 0x1170 SiSRaid2 - ok
12:53:16.0276 0x1170 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
12:53:16.0278 0x1170 SiSRaid4 - ok
12:53:16.0418 0x1170 [ 9F712B26EE3B0242DE997A42FD302E2C, 12663EB108F158282A965EE70980627C2F2332BA7944D7DE03B78E18BEB87D26 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
12:53:16.0471 0x1170 Skype C2C Service - ok
12:53:16.0537 0x1170 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
12:53:16.0544 0x1170 SkypeUpdate - ok
12:53:16.0558 0x1170 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:53:16.0561 0x1170 Smb - ok
12:53:16.0580 0x1170 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:53:16.0582 0x1170 SNMPTRAP - ok
12:53:16.0596 0x1170 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
12:53:16.0597 0x1170 spldr - ok
12:53:16.0622 0x1170 [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler C:\Windows\System32\spoolsv.exe
12:53:16.0638 0x1170 Spooler - ok
12:53:16.0731 0x1170 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
12:53:16.0790 0x1170 sppsvc - ok
12:53:16.0815 0x1170 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:53:16.0818 0x1170 sppuinotify - ok
12:53:16.0847 0x1170 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
12:53:16.0855 0x1170 srv - ok
12:53:16.0870 0x1170 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:53:16.0877 0x1170 srv2 - ok
12:53:16.0898 0x1170 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:53:16.0901 0x1170 srvnet - ok
12:53:16.0915 0x1170 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:53:16.0921 0x1170 SSDPSRV - ok
12:53:16.0932 0x1170 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:53:16.0935 0x1170 SstpSvc - ok
12:53:17.0028 0x1170 [ 7DE35FB26617D9AEF44CEFE9FAC5C51A, ADAFD4690D61070DEEC7D04CBE565C73EF92A17F9C16B7FDD1375D38CD54395A ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
12:53:17.0045 0x1170 Steam Client Service - ok
12:53:17.0100 0x1170 [ 49D9C17FDDFAC66F27FA735E94923216, 18C8FE5B794927989CDD3BB7A5500C73CCC23559470EEB37D42FD9AD04098C0D ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
12:53:17.0115 0x1170 Stereo Service - ok
12:53:17.0132 0x1170 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
12:53:17.0132 0x1170 stexstor - ok
12:53:17.0171 0x1170 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
12:53:17.0185 0x1170 stisvc - ok
12:53:17.0208 0x1170 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
12:53:17.0209 0x1170 storflt - ok
12:53:17.0226 0x1170 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
12:53:17.0227 0x1170 storvsc - ok
12:53:17.0234 0x1170 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
12:53:17.0235 0x1170 swenum - ok
12:53:17.0258 0x1170 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
12:53:17.0270 0x1170 swprv - ok
12:53:17.0287 0x1170 [ C3A39C4079305480972D29C44B868C78, 8F1BB75C743256F905EAEDE744B6082C53774C49126875FB4E4FBA30F5478B17 ] Synth3dVsc C:\Windows\system32\drivers\synth3dvsc.sys
12:53:17.0288 0x1170 Synth3dVsc - ok
12:53:17.0340 0x1170 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
12:53:17.0373 0x1170 SysMain - ok
12:53:17.0401 0x1170 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:53:17.0405 0x1170 TabletInputService - ok
12:53:17.0428 0x1170 [ B08740047145B9BCE15BF75CA0F9718A, 3E2A8A5A2A4DC4D0F05E22EA2C0EBD85AA5C7C6854E873D53538D1F54B8F7C63 ] tap0901t C:\Windows\system32\DRIVERS\tap0901t.sys
12:53:17.0429 0x1170 tap0901t - ok
12:53:17.0458 0x1170 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
12:53:17.0475 0x1170 TapiSrv - ok
12:53:17.0495 0x1170 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
12:53:17.0500 0x1170 TBS - ok
12:53:17.0591 0x1170 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:53:17.0623 0x1170 Tcpip - ok
12:53:17.0663 0x1170 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:53:17.0694 0x1170 TCPIP6 - ok
12:53:17.0709 0x1170 [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:53:17.0711 0x1170 tcpipreg - ok
12:53:17.0718 0x1170 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:53:17.0718 0x1170 TDPIPE - ok
12:53:17.0738 0x1170 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:53:17.0738 0x1170 TDTCP - ok
12:53:17.0756 0x1170 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:53:17.0758 0x1170 tdx - ok
12:53:17.0781 0x1170 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
12:53:17.0783 0x1170 TermDD - ok
12:53:17.0786 0x1170 [ 2B5BDFF688EC9871D7EC5837833374E9, BD6C629FA2938987ABF95B790B20F0B7D4D023D5013E575F343A802D6213074E ] terminpt C:\Windows\system32\drivers\terminpt.sys
12:53:17.0787 0x1170 terminpt - ok
12:53:17.0816 0x1170 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
12:53:17.0831 0x1170 TermService - ok
12:53:17.0848 0x1170 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
12:53:17.0851 0x1170 Themes - ok
12:53:17.0868 0x1170 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
12:53:17.0870 0x1170 THREADORDER - ok
12:53:17.0880 0x1170 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
12:53:17.0884 0x1170 TrkWks - ok
12:53:17.0918 0x1170 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:53:17.0921 0x1170 TrustedInstaller - ok
12:53:17.0945 0x1170 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:53:17.0946 0x1170 tssecsrv - ok
12:53:17.0951 0x1170 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:53:17.0952 0x1170 TsUsbFlt - ok
12:53:17.0956 0x1170 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
12:53:17.0956 0x1170 TsUsbGD - ok
12:53:17.0968 0x1170 [ E1748D04AE40118B62BC18AC86032192, A954B141D1B27272C771D14F3B40C7CC1F572DD72559F2C96182EFBE2B095FDE ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
12:53:17.0971 0x1170 tsusbhub - ok
12:53:18.0000 0x1170 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:53:18.0002 0x1170 tunnel - ok
12:53:18.0090 0x1170 [ 9B67EEB5ECCA7E7A57942D967DD59089, 6CD1575BB52A936875DB6E2EA541C7630CF1B0BC4947A5B12356F7C493316324 ] TunngleService C:\Program Files (x86)\Tunngle\TnglCtrl.exe
12:53:18.0110 0x1170 TunngleService - ok
12:53:18.0115 0x1170 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
12:53:18.0117 0x1170 uagp35 - ok
12:53:18.0137 0x1170 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:53:18.0143 0x1170 udfs - ok
12:53:18.0160 0x1170 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:53:18.0162 0x1170 UI0Detect - ok
12:53:18.0185 0x1170 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:53:18.0186 0x1170 uliagpkx - ok
12:53:18.0213 0x1170 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:53:18.0214 0x1170 umbus - ok
12:53:18.0247 0x1170 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
12:53:18.0248 0x1170 UmPass - ok
12:53:18.0277 0x1170 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
12:53:18.0284 0x1170 UmRdpService - ok
12:53:18.0309 0x1170 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
12:53:18.0320 0x1170 upnphost - ok
12:53:18.0342 0x1170 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
12:53:18.0345 0x1170 usbaudio - ok
12:53:18.0359 0x1170 [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829, 5D6E404FE0AB875202CA1A3E8E9D2F4368DF6ACCFA1C872ECFAF8399CBA3A485 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:53:18.0362 0x1170 usbccgp - ok
12:53:18.0386 0x1170 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:53:18.0388 0x1170 usbcir - ok
12:53:18.0406 0x1170 [ 74EE782B1D9C241EFE425565854C661C, E8258EA65B0FCAD4E077B176E9D9324646B652D6E651241E397346A39770D065 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
12:53:18.0407 0x1170 usbehci - ok
12:53:18.0423 0x1170 [ 504901430B6E03B99EBB6BF26E0868C6, D00C0904B7008305DCA5D1E6FED153DD8875CAD14D80348E59F42A182FA7E832 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
12:53:18.0424 0x1170 usbfilter - ok
12:53:18.0447 0x1170 [ DC96BD9CCB8403251BCF25047573558E, 66EBF8A6B3BC0634F32DDCC8BA31F1EB5987E8C6853E1DC26005E3EED0945565 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:53:18.0454 0x1170 usbhub - ok
12:53:18.0471 0x1170 [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
12:53:18.0472 0x1170 usbohci - ok
12:53:18.0480 0x1170 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
12:53:18.0481 0x1170 usbprint - ok
12:53:18.0493 0x1170 [ D76510CFA0FC09023077F22C2F979D86, 5662281C6D515423255D3C262EA368DBAFC250235E535FBFA3E59D3487695439 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:53:18.0496 0x1170 USBSTOR - ok
12:53:18.0500 0x1170 [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
12:53:18.0501 0x1170 usbuhci - ok
12:53:18.0521 0x1170 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
12:53:18.0525 0x1170 usbvideo - ok
12:53:18.0542 0x1170 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
12:53:18.0545 0x1170 UxSms - ok
12:53:18.0551 0x1170 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc C:\Windows\system32\lsass.exe
12:53:18.0553 0x1170 VaultSvc - ok
12:53:18.0567 0x1170 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:53:18.0569 0x1170 vdrvroot - ok
12:53:18.0594 0x1170 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
12:53:18.0606 0x1170 vds - ok
12:53:18.0611 0x1170 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:53:18.0613 0x1170 vga - ok
12:53:18.0621 0x1170 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
12:53:18.0622 0x1170 VgaSave - ok
12:53:18.0625 0x1170 VGPU - ok
12:53:18.0642 0x1170 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:53:18.0646 0x1170 vhdmp - ok
12:53:18.0662 0x1170 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
12:53:18.0663 0x1170 viaide - ok
12:53:18.0688 0x1170 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
12:53:18.0692 0x1170 vmbus - ok
12:53:18.0704 0x1170 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
12:53:18.0705 0x1170 VMBusHID - ok
12:53:18.0729 0x1170 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:53:18.0730 0x1170 volmgr - ok
12:53:18.0750 0x1170 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:53:18.0756 0x1170 volmgrx - ok
12:53:18.0771 0x1170 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:53:18.0776 0x1170 volsnap - ok
12:53:18.0789 0x1170 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
12:53:18.0792 0x1170 vsmraid - ok
12:53:18.0838 0x1170 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
12:53:18.0865 0x1170 VSS - ok
12:53:18.0877 0x1170 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
12:53:18.0878 0x1170 vwifibus - ok
12:53:18.0900 0x1170 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
12:53:18.0909 0x1170 W32Time - ok
12:53:18.0927 0x1170 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
12:53:18.0928 0x1170 WacomPen - ok
12:53:18.0958 0x1170 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:53:18.0960 0x1170 WANARP - ok
12:53:18.0964 0x1170 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:53:18.0965 0x1170 Wanarpv6 - ok
12:53:19.0040 0x1170 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
12:53:19.0061 0x1170 WatAdminSvc - ok
12:53:19.0105 0x1170 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
12:53:19.0131 0x1170 wbengine - ok
12:53:19.0151 0x1170 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:53:19.0157 0x1170 WbioSrvc - ok
12:53:19.0177 0x1170 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:53:19.0187 0x1170 wcncsvc - ok
12:53:19.0196 0x1170 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:53:19.0199 0x1170 WcsPlugInService - ok
12:53:19.0202 0x1170 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
12:53:19.0203 0x1170 Wd - ok
12:53:19.0237 0x1170 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:53:19.0250 0x1170 Wdf01000 - ok
12:53:19.0270 0x1170 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:53:19.0274 0x1170 WdiServiceHost - ok
12:53:19.0277 0x1170 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:53:19.0280 0x1170 WdiSystemHost - ok
12:53:19.0299 0x1170 [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient C:\Windows\System32\webclnt.dll
12:53:19.0306 0x1170 WebClient - ok
12:53:19.0324 0x1170 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:53:19.0330 0x1170 Wecsvc - ok
12:53:19.0344 0x1170 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:53:19.0347 0x1170 wercplsupport - ok
12:53:19.0361 0x1170 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
12:53:19.0365 0x1170 WerSvc - ok
12:53:19.0385 0x1170 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:53:19.0386 0x1170 WfpLwf - ok
12:53:19.0399 0x1170 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:53:19.0400 0x1170 WIMMount - ok
12:53:19.0422 0x1170 WinDefend - ok
12:53:19.0432 0x1170 WinHttpAutoProxySvc - ok
12:53:19.0482 0x1170 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:53:19.0488 0x1170 Winmgmt - ok
12:53:19.0570 0x1170 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
12:53:19.0609 0x1170 WinRM - ok
12:53:19.0659 0x1170 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:53:19.0678 0x1170 Wlansvc - ok
12:53:19.0824 0x1170 [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:53:19.0868 0x1170 wlidsvc - ok
12:53:19.0875 0x1170 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
12:53:19.0876 0x1170 WmiAcpi - ok
12:53:19.0902 0x1170 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:53:19.0905 0x1170 wmiApSrv - ok
12:53:19.0931 0x1170 WMPNetworkSvc - ok
12:53:19.0941 0x1170 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:53:19.0944 0x1170 WPCSvc - ok
12:53:19.0957 0x1170 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:53:19.0961 0x1170 WPDBusEnum - ok
12:53:19.0973 0x1170 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:53:19.0974 0x1170 ws2ifsl - ok
12:53:19.0991 0x1170 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
12:53:19.0995 0x1170 wscsvc - ok
12:53:19.0997 0x1170 WSearch - ok
12:53:20.0068 0x1170 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
12:53:20.0121 0x1170 wuauserv - ok
12:53:20.0138 0x1170 [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:53:20.0141 0x1170 WudfPf - ok
12:53:20.0168 0x1170 [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9DC3E3D6B17B4BF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:53:20.0172 0x1170 WUDFRd - ok
12:53:20.0189 0x1170 [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:53:20.0193 0x1170 wudfsvc - ok
12:53:20.0210 0x1170 [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll
12:53:20.0217 0x1170 WwanSvc - ok
12:53:20.0234 0x1170 [ 9176C0822FAA649E45121875BE32F5D2, B7A7A906A7BB0F760ED241F998C647D728C4DB5D8778AFE585DF38331165803F ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
12:53:20.0235 0x1170 xusb21 - ok
12:53:20.0258 0x1170 ================ Scan global ===============================
12:53:20.0284 0x1170 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
12:53:20.0318 0x1170 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:53:20.0345 0x1170 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:53:20.0373 0x1170 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:53:20.0403 0x1170 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
12:53:20.0413 0x1170 [ Global ] - ok
12:53:20.0413 0x1170 ================ Scan MBR ==================================
12:53:20.0423 0x1170 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:53:20.0568 0x1170 \Device\Harddisk0\DR0 - ok
12:53:20.0569 0x1170 ================ Scan VBR ==================================
12:53:20.0572 0x1170 [ C122D2A4D1AF36CF4F2251C7C8B59693 ] \Device\Harddisk0\DR0\Partition1
12:53:20.0575 0x1170 \Device\Harddisk0\DR0\Partition1 - ok
12:53:20.0588 0x1170 [ 7F1FEBB22B3D6360BB034F1CEBDBDE17 ] \Device\Harddisk0\DR0\Partition2
12:53:20.0591 0x1170 \Device\Harddisk0\DR0\Partition2 - ok
12:53:20.0611 0x1170 [ FDCDF7C2A2391D3B20826D9B01B2D385 ] \Device\Harddisk0\DR0\Partition3
12:53:20.0613 0x1170 \Device\Harddisk0\DR0\Partition3 - ok
12:53:20.0614 0x1170 Waiting for KSN requests completion. In queue: 344
12:53:21.0614 0x1170 Waiting for KSN requests completion. In queue: 34
12:53:22.0614 0x1170 Waiting for KSN requests completion. In queue: 34
12:53:23.0633 0x1170 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.4.304.0 ), 0x61000 ( enabled : updated )
12:53:23.0666 0x1170 Win FW state via NFP2: disabled
12:53:26.0064 0x1170 ============================================================
12:53:26.0064 0x1170 Scan finished
12:53:26.0064 0x1170 ============================================================
12:53:26.0076 0x0a38 Detected object count: 0
12:53:26.0076 0x0a38 Actual detected object count: 0
12:53:34.0806 0x0dbc Deinitialize success

[MontyY]

A jen když mám puštěný malwarbytes tak mi tu každý 2 mins vyskakuje stránka zablokována .,, a nějáký proces ., něco špatně ?

[jaro3]

To nevím , ale je dobře , že se to zablokuje..

Jiné problémy jsou?

[MontyY]

obrázky třeba když si dám do seznamu př ( klávesnice .,, dám zboží ., tak to načítá dlouho ty obrázky ., všude na fb ., nebo nenačtou vůbec ., ale s tím se dá žít ale ten malware jak mi to tu spamuje tak každých 30 sec mě štve za 12 dní končí test lhůta .,, pak to zas nebude blokovat nic a budu mít plnej pc virů ?
A jen já se v tom nevyznám ., měl sem tam hodně nalezených virů ?

[MontyY]

proces kmpservice.exe to píše ten malw .,

[jaro3]

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[MontyY]

ComboFix 13-12-21.01 - doma 22.12.2013 21:13:30.1.6 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.3996.2546 [GMT 1:00]
Spuštěný z: c:\users\doma\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\DefaultTab
c:\program files (x86)\DefaultTab\DefaultTab.crx
c:\program files (x86)\DefaultTab\DefaultTabHost.exe
c:\program files (x86)\DefaultTab\DefaultTabHost.json
c:\program files (x86)\DefaultTab\DefaultTabSearch.exe
c:\program files (x86)\DefaultTab\uid
c:\users\doma\AppData\Local\Temp\nsjCDD.tmp\System.dll
c:\users\doma\AppData\Roaming\DefaultTab\DefaultTab
c:\users\doma\AppData\Roaming\DefaultTab\DefaultTab\addon.ico
c:\users\doma\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.cfg
c:\users\doma\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll
c:\users\doma\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabStart.exe
c:\users\doma\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabStart64.exe
c:\users\doma\AppData\Roaming\DefaultTab\DefaultTab\defaulttabuninstaller.exe
c:\users\doma\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabWrap.dll
c:\users\doma\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabWrap64.dll
c:\users\doma\AppData\Roaming\DefaultTab\DefaultTab\DT.ico
c:\users\doma\AppData\Roaming\DefaultTab\DefaultTab\dtupdate.exe
c:\users\doma\AppData\Roaming\DefaultTab\DefaultTab\searchhere.ico
c:\users\doma\AppData\Roaming\DefaultTab\DefaultTab\uninstalldt.exe
c:\windows\msxml4-KB954430-enu.LOG
c:\windows\msxml4-KB973688-enu.LOG
c:\windows\SysWow64\frapsvid.dll
c:\windows\SysWow64\SET1762.tmp
c:\windows\SysWow64\SET201E.tmp
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_DefaultTabSearch
-------\Service_DefaultTabUpdate
-------\Service_DefaultTabUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-11-22 do 2013-12-22 )))))))))))))))))))))))))))))))
.
.
2013-12-22 20:22 . 2013-12-22 20:22 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-12-22 19:34 . 2013-12-22 19:34 -------- d-----w- c:\users\doma\AppData\Local\PunkBuster
2013-12-22 19:33 . 2013-12-22 19:33 -------- d-----w- c:\users\doma\.android
2013-12-22 19:33 . 2013-12-22 20:20 -------- d-----w- c:\users\doma\AppData\Roaming\defaulttab
2013-12-22 19:33 . 2013-12-22 19:33 -------- d-----w- c:\users\doma\AppData\Local\cache
2013-12-22 19:33 . 2013-12-22 19:33 -------- d-----w- c:\users\doma\AppData\Roaming\newnext.me
2013-12-22 19:33 . 2013-12-22 19:33 -------- d-----w- c:\users\doma\AppData\Local\genienext
2013-12-22 19:31 . 2013-12-22 19:32 -------- d-----w- c:\users\doma\AppData\Roaming\GameRanger
2013-12-22 19:22 . 2013-12-22 19:36 103736 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-12-22 19:21 . 2013-12-22 19:34 66872 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2013-12-22 19:19 . 2013-12-22 19:19 -------- d-----w- c:\program files (x86)\Activision
2013-12-22 16:21 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{127DFEE2-F07E-4FE1-9AA6-298CE904888D}\mpengine.dll
2013-12-21 19:21 . 2013-12-22 19:04 -------- d-----w- c:\users\doma\AppData\Local\CrashDumps
2013-12-21 16:42 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-12-20 11:29 . 2013-12-20 11:29 -------- d-----w- c:\windows\ERUNT
2013-12-18 21:59 . 2013-12-19 17:35 -------- d-----w- C:\AdwCleaner
2013-12-18 21:48 . 2013-12-18 21:48 -------- d-----w- c:\users\doma\AppData\Roaming\Malwarebytes
2013-12-18 21:48 . 2013-12-18 21:48 -------- d-----w- c:\programdata\Malwarebytes
2013-12-18 21:48 . 2013-12-18 21:48 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-12-18 21:48 . 2013-04-04 13:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-12-18 17:09 . 2013-12-18 17:09 388096 ----a-r- c:\users\doma\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-12-18 17:09 . 2013-12-18 17:09 -------- d-----w- c:\program files (x86)\Trend Micro
2013-12-15 14:12 . 2013-12-15 14:13 -------- d-----w- c:\windows\system32\MRT
2013-12-12 02:39 . 2013-10-30 01:24 3155968 ----a-w- c:\windows\system32\win32k.sys
2013-12-11 14:50 . 2013-12-11 14:50 -------- d-----w- c:\program files\McAfee Security Scan
2013-12-11 02:05 . 2013-10-14 17:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2013-12-11 02:01 . 2013-12-11 02:01 878080 ----a-w- c:\windows\system32\advapi32.dll
2013-12-11 02:00 . 2013-12-11 02:00 327168 ----a-w- c:\windows\system32\mswsock.dll
2013-12-11 02:00 . 2013-12-11 02:00 231424 ----a-w- c:\windows\SysWow64\mswsock.dll
2013-12-11 02:00 . 2013-12-11 02:00 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-12-09 17:13 . 2013-12-10 15:58 -------- d-----w- c:\programdata\Tunngle
2013-12-09 17:13 . 2009-09-16 06:02 31232 ----a-w- c:\windows\system32\drivers\tap0901t.sys
2013-12-09 17:12 . 2013-12-09 17:13 -------- d-----w- c:\program files (x86)\Tunngle
2013-12-09 16:40 . 2013-12-09 18:26 -------- d-----w- c:\users\doma\AppData\Roaming\Tunngle
2013-12-09 16:37 . 2013-12-10 18:21 -------- d-----w- c:\program files (x86)\Steam
2013-12-08 23:20 . 2013-12-08 23:20 -------- d-----w- c:\users\doma\AppData\Roaming\AVAST Software
2013-12-08 23:19 . 2013-12-08 23:19 334648 ----a-w- c:\windows\system32\aswBoot.exe
2013-12-08 23:17 . 2013-12-08 23:17 -------- d-----w- c:\users\doma\AppData\Roaming\TuneUp Software
2013-12-08 23:16 . 2013-12-09 20:57 -------- d-----w- C:\$AVG
2013-12-08 23:16 . 2013-12-09 21:00 -------- d-----w- c:\programdata\AVG2014
2013-12-08 23:13 . 2013-12-09 21:58 -------- d-----w- c:\programdata\AVAST Software
2013-12-08 23:12 . 2013-12-09 21:42 -------- d-----w- c:\programdata\MFAData
2013-12-08 23:12 . 2013-12-08 23:12 -------- d-----w- c:\users\doma\AppData\Local\MFAData
2013-12-08 22:55 . 2013-12-09 15:30 -------- d-----w- c:\programdata\la3Xn373
2013-12-06 20:46 . 2013-12-06 20:46 -------- d-----w- c:\users\doma\AppData\Local\EMU
2013-12-06 17:44 . 2013-11-11 15:01 2559776 ----a-w- c:\windows\system32\nvsvcr.dll
2013-12-06 17:21 . 2013-12-06 17:21 -------- d-----w- c:\users\doma\AppData\Local\NVIDIA Corporation
2013-12-06 17:20 . 2013-11-29 16:56 1096480 ----a-w- c:\windows\system32\nvspcap64.dll
2013-12-06 17:20 . 2013-11-29 16:56 979744 ----a-w- c:\windows\SysWow64\nvspcap.dll
2013-12-06 17:20 . 2013-10-30 17:03 39200 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2013-12-06 17:20 . 2013-10-30 17:02 32544 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2013-12-06 17:17 . 2013-12-06 17:21 -------- d-----w- c:\users\doma\AppData\Local\NVIDIA
2013-12-06 14:48 . 2013-12-06 20:02 -------- d-----w- c:\programdata\McAfee Security Scan
2013-12-06 14:48 . 2013-12-06 14:48 -------- d-----w- c:\programdata\McAfee
2013-12-06 14:27 . 2013-12-06 20:02 -------- d-----w- c:\users\doma\AppData\Roaming\MotioninJoy
2013-12-06 14:27 . 2010-05-03 15:12 328712 ----a-w- c:\windows\system32\MijFrc.dll
2013-12-06 14:27 . 2013-12-06 20:02 -------- d-----w- c:\program files\MotioninJoy
2013-12-06 14:27 . 2012-05-12 11:31 121416 ----a-w- c:\windows\system32\drivers\MijXfilt.sys
2013-12-06 14:27 . 2011-12-07 18:42 74960 ----a-w- c:\windows\system32\drivers\xusb21.sys
2013-12-06 14:27 . 2011-12-07 18:42 1721576 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
2013-12-06 14:24 . 2013-12-22 19:49 -------- d-----w- c:\users\doma\AppData\Local\Mobogenie
2013-12-06 14:24 . 2013-12-06 14:24 -------- d-----w- c:\users\wangzhisong
2013-12-06 14:24 . 2013-12-22 19:48 -------- d-----w- c:\program files (x86)\Mobogenie
2013-12-06 07:32 . 2013-10-27 17:20 965000 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E4768300-9793-4DDA-8294-46EADCC70A00}\gapaengine.dll
2013-12-05 22:02 . 2013-12-05 22:02 -------- d-----w- c:\program files (x86)\UltraISO
2013-12-05 21:00 . 2013-12-10 15:07 -------- d-----w- c:\program files (x86)\NARUTO SHIPPUDEN Ultimate Ninja STORM 3 Full Burst
2013-12-05 09:14 . 2013-12-05 09:14 -------- d-----w- c:\users\doma\AppData\Roaming\AdobeUM
2013-12-03 21:14 . 2013-12-03 21:14 -------- d-----w- c:\programdata\Logs
2013-12-02 02:00 . 2013-12-02 02:00 -------- d-----w- c:\program files (x86)\MSXML 4.0
2013-12-01 21:46 . 2004-03-29 16:23 90112 ----a-w- c:\windows\unvise32.exe
2013-12-01 21:46 . 2013-12-01 21:46 -------- d-----w- c:\program files (x86)\LooksBuilderSE
2013-12-01 21:43 . 2013-12-01 21:43 -------- d-----w- c:\program files (x86)\Common Files\Pinnacle
2013-12-01 21:42 . 2013-12-01 21:42 -------- d-----w- c:\users\doma\AppData\Local\Downloaded Installations
2013-12-01 21:42 . 2013-12-16 21:27 -------- d-----w- c:\users\doma\AppData\Local\Pinnacle
2013-12-01 21:42 . 2013-12-01 21:42 -------- d-----w- c:\programdata\Pinnacle Studio Ultimate Collection
2013-12-01 21:39 . 2013-12-01 21:39 -------- d-----w- c:\program files (x86)\Common Files\Pegasus Imaging
2013-12-01 21:39 . 2013-12-06 20:02 -------- d-----w- c:\program files (x86)\Pinnacle
2013-12-01 21:39 . 2013-12-01 21:39 -------- d-----w- c:\programdata\Studio 14
2013-12-01 21:39 . 2013-12-01 21:39 -------- d-----w- c:\programdata\Pinnacle Studio Plus
2013-12-01 21:39 . 2013-12-01 21:39 -------- d-----w- c:\program files (x86)\Common Files\Yahoo!
2013-12-01 21:37 . 2013-12-01 21:41 -------- d-----w- c:\programdata\Pinnacle
2013-11-30 22:37 . 2013-11-30 22:37 -------- d-----w- c:\users\doma\AppData\Local\Zoner
2013-11-30 22:37 . 2013-11-30 22:37 -------- d-----w- c:\users\doma\AppData\Roaming\Zoner
2013-11-30 22:37 . 2013-11-30 22:37 -------- d-----w- c:\programdata\Zoner
2013-11-30 22:36 . 2013-11-30 22:36 -------- d-----w- c:\program files\Zoner
2013-11-30 19:03 . 2013-11-30 19:03 -------- d-----w- c:\users\doma\AppData\Local\Rockstar Games
2013-11-30 19:03 . 2013-11-30 19:03 -------- d-sh--w- c:\programdata\SecuROM
2013-11-30 16:38 . 2013-11-30 16:38 -------- d-----w- c:\program files (x86)\Black_Box
2013-11-30 16:37 . 2010-08-03 10:11 819200 --sha-w- c:\windows\SysWow64\xvidcore.dll
2013-11-30 16:37 . 2010-08-03 10:11 180224 --sha-w- c:\windows\SysWow64\xvidvfw.dll
2013-11-29 19:54 . 2013-11-29 19:54 -------- d-----w- c:\users\doma\Tracing
2013-11-29 19:53 . 2013-11-29 19:53 -------- d-----w- c:\windows\cs
2013-11-29 19:51 . 2013-11-29 19:51 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2013-11-29 19:51 . 2013-02-05 21:06 57840 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2013-11-29 19:50 . 2013-11-29 19:51 -------- d-----w- c:\program files\Windows Live
2013-11-29 19:50 . 2013-11-29 19:50 -------- d-----w- c:\windows\PCHEALTH
2013-11-29 19:49 . 2013-11-29 19:51 -------- d-----w- c:\program files (x86)\Windows Live
2013-11-29 19:48 . 2013-11-29 19:48 -------- d-----w- c:\program files (x86)\Microsoft SkyDrive
2013-11-29 19:48 . 2013-11-29 19:48 -------- d-----r- c:\users\doma\SkyDrive
2013-11-29 19:48 . 2013-11-29 19:48 -------- d-----w- c:\programdata\Microsoft SkyDrive
2013-11-29 19:47 . 2013-12-15 22:21 -------- d-----w- c:\users\doma\AppData\Local\Windows Live
2013-11-29 19:46 . 2013-11-29 19:46 -------- d-----w- c:\program files (x86)\Common Files\Windows Live
2013-11-28 19:53 . 2013-11-28 19:53 -------- d-----w- c:\program files\OBS
2013-11-28 19:53 . 2013-11-28 19:53 -------- d-----w- c:\program files (x86)\OBS
2013-11-28 11:47 . 2013-11-28 11:47 -------- d-----w- C:\TopCD
2013-11-28 11:10 . 2013-11-28 11:10 45056 ----a-r- c:\users\doma\AppData\Roaming\Microsoft\Installer\{D98C9637-93DA-44DB-B73A-B11A1192AB26}\GameShadow.exe1_D9316813509243FDA4C292F72F483E61.exe
2013-11-28 11:10 . 2013-11-28 11:10 45056 ----a-r- c:\users\doma\AppData\Roaming\Microsoft\Installer\{D98C9637-93DA-44DB-B73A-B11A1192AB26}\GameShadow.exe_D9316813509243FDA4C292F72F483E61.exe
2013-11-28 11:10 . 2013-11-28 11:10 40960 ----a-r- c:\users\doma\AppData\Roaming\Microsoft\Installer\{D98C9637-93DA-44DB-B73A-B11A1192AB26}\GSDR.exe_D9316813509243FDA4C292F72F483E61.exe
2013-11-28 11:10 . 2013-11-28 11:10 -------- d-----w- c:\program files (x86)\GameShadow
2013-11-28 11:10 . 2013-11-28 11:10 -------- d-----w- c:\windows\Downloaded Installations
2013-11-27 01:36 . 2013-11-27 01:36 -------- d-----w- c:\users\doma\AppData\Local\SKIDROW
2013-11-27 01:33 . 2013-12-09 16:50 -------- d-----w- c:\program files (x86)\Common Files\Steam
2013-11-27 01:22 . 2013-11-27 01:22 -------- d-----w- c:\users\doma\AppData\Roaming\fltk.org
2013-11-27 01:22 . 2013-11-27 01:22 -------- d-----w- c:\programdata\fltk.org
2013-11-27 01:22 . 2013-11-27 01:22 -------- d-----w- c:\users\doma\AppData\Roaming\NVIDIA
2013-11-27 01:17 . 2013-11-27 01:17 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2013-11-27 01:10 . 2013-11-27 01:10 -------- d-----w- c:\program files (x86)\Frictional Games
2013-11-26 18:52 . 2013-11-26 18:52 -------- d-----w- C:\Fraps
2013-11-26 18:27 . 2013-11-26 18:48 -------- d-----w- c:\users\doma\AppData\Roaming\Nico Mak Computing
2013-11-26 18:26 . 2013-11-27 12:02 -------- d-----w- c:\program files (x86)\DsNET Corp
2013-11-25 22:27 . 2013-12-20 11:55 -------- d-----w- c:\users\doma\AppData\Roaming\Skype
2013-11-25 22:27 . 2013-11-25 22:27 -------- d-----r- c:\program files (x86)\Skype
2013-11-25 22:27 . 2013-11-25 22:27 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-11-25 22:27 . 2013-11-25 22:27 -------- d-----w- c:\programdata\Skype
2013-11-25 22:24 . 2009-03-18 16:35 33856 ---ha-w- c:\windows\system32\hamachi.sys
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-11 19:50 . 2013-10-27 21:43 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-11 19:50 . 2013-10-27 21:43 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-11 02:01 . 2013-12-11 02:01 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-11-29 19:50 . 2012-07-17 13:37 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-11-19 10:21 . 2010-11-21 03:27 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-11-14 11:56 . 2013-10-27 21:38 18293608 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-11-14 11:56 . 2013-10-27 21:38 1436528 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-11-14 11:56 . 2013-10-27 21:38 18208624 ----a-w- c:\windows\system32\nvd3dumx.dll
2013-11-14 11:56 . 2013-10-27 21:38 15218504 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-11-14 11:56 . 2013-10-27 21:38 3069608 ----a-w- c:\windows\system32\nvapi64.dll
2013-11-14 11:56 . 2013-10-27 21:38 2697248 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-11-11 15:02 . 2013-10-27 21:39 6674208 ----a-w- c:\windows\system32\nvcpl.dll
2013-11-11 15:02 . 2013-10-27 21:39 3490080 ----a-w- c:\windows\system32\nvsvc64.dll
2013-11-11 15:01 . 2013-10-27 21:39 922912 ----a-w- c:\windows\system32\nvvsvc.exe
2013-11-11 15:01 . 2013-10-27 21:39 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-11-11 15:01 . 2013-10-27 21:39 219424 ----a-w- c:\windows\system32\nvmctray.dll
2013-11-11 15:01 . 2013-10-27 21:39 3467927 ----a-w- c:\windows\system32\nvcoproc.bin
2013-11-11 08:09 . 2010-11-21 03:24 14848 ----a-w- c:\windows\system32\slwga.dll
2013-11-11 08:09 . 2010-11-21 03:24 1008640 ----a-w- c:\windows\system32\user32.dll
2013-11-11 08:09 . 2010-11-21 03:24 419840 ----a-w- c:\windows\system32\systemcpl.dll
2013-11-11 08:09 . 2010-11-21 03:23 13824 ----a-w- c:\windows\SysWow64\slwga.dll
2013-11-11 08:09 . 2010-11-21 03:24 833024 ----a-w- c:\windows\SysWow64\user32.dll
2013-11-11 07:59 . 2013-11-11 07:59 590112 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-11-05 14:59 . 2013-11-05 14:59 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-10-30 17:02 . 2013-10-27 21:38 35104 ----a-w- c:\windows\system32\nvaudcap64v.dll
2013-10-29 02:14 . 2013-10-29 02:14 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-10-29 02:14 . 2013-10-29 02:14 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-10-29 02:14 . 2013-10-29 02:14 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2013-10-29 02:14 . 2013-10-29 02:14 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-10-29 02:14 . 2013-10-29 02:14 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-10-29 02:14 . 2013-10-29 02:14 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-10-29 02:14 . 2013-10-29 02:14 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-10-29 02:14 . 2013-10-29 02:14 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-10-29 02:14 . 2013-10-29 02:14 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-10-29 02:14 . 2013-10-29 02:14 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-10-29 02:14 . 2013-10-29 02:14 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-10-29 02:14 . 2013-10-29 02:14 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-10-29 02:14 . 2013-10-29 02:14 3928064 ----a-w- c:\windows\system32\d2d1.dll
2013-10-29 02:14 . 2013-10-29 02:14 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2013-10-29 02:14 . 2013-10-29 02:14 363008 ----a-w- c:\windows\system32\dxgi.dll
2013-10-29 02:14 . 2013-10-29 02:14 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-10-29 02:14 . 2013-10-29 02:14 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-10-29 02:14 . 2013-10-29 02:14 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-10-29 02:14 . 2013-10-29 02:14 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-10-29 02:14 . 2013-10-29 02:14 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-10-29 02:14 . 2013-10-29 02:14 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-10-29 02:14 . 2013-10-29 02:14 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-10-29 02:14 . 2013-10-29 02:14 296960 ----a-w- c:\windows\system32\d3d10core.dll
2013-10-29 02:14 . 2013-10-29 02:14 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2013-10-29 02:14 . 2013-10-29 02:14 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2013-10-29 02:14 . 2013-10-29 02:14 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-10-29 02:14 . 2013-10-29 02:14 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-10-29 02:14 . 2013-10-29 02:14 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2013-10-29 02:14 . 2013-10-29 02:14 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-10-29 02:14 . 2013-10-29 02:14 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2013-10-29 02:14 . 2013-10-29 02:14 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
2013-10-29 02:14 . 2013-10-29 02:14 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2013-10-29 02:14 . 2013-10-29 02:14 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
2013-10-29 02:14 . 2013-10-29 02:14 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-10-29 02:14 . 2013-10-29 02:14 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2013-10-29 02:14 . 2013-10-29 02:14 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-10-29 02:14 . 2013-10-29 02:14 1238528 ----a-w- c:\windows\system32\d3d10.dll
2013-10-29 02:14 . 2013-10-29 02:14 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2013-10-29 02:14 . 2013-10-29 02:14 1175552 ----a-w- c:\windows\system32\FntCache.dll
2013-10-29 02:14 . 2013-10-29 02:14 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2013-10-29 02:14 . 2013-10-29 02:14 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll
2013-10-29 02:14 . 2013-10-29 02:14 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-10-29 02:14 . 2013-10-29 02:14 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-10-29 02:14 . 2013-10-29 02:14 194560 ----a-w- c:\windows\system32\d3d10_1.dll
2013-10-29 02:14 . 2013-10-29 02:14 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2013-10-29 02:14 . 2013-10-29 02:14 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
2013-10-29 02:14 . 2013-10-29 02:14 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2013-10-29 02:14 . 2013-10-29 02:14 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2013-10-29 02:14 . 2013-10-29 02:14 1988096 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2013-10-29 02:14 . 2013-10-29 02:14 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2013-10-29 02:14 . 2013-10-29 02:14 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-10-29 02:13 . 2013-10-29 02:13 1887232 ----a-w- c:\windows\system32\d3d11.dll
2013-10-29 02:13 . 2013-10-29 02:13 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll
2013-10-28 00:20 . 2013-10-28 00:20 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2013-10-27 17:31 . 2008-10-30 10:57 3851784 ----a-w- c:\windows\d3dx9_39.dll
2013-10-27 17:30 . 2008-10-30 10:57 3851784 ----a-w- c:\windows\system32\d3dx9_39.dll
2013-10-27 17:27 . 2013-10-27 17:26 4241280 ----a-w- c:\windows\system32\dffsetup-d3dx9_39.exe
2013-10-27 17:20 . 2013-11-06 09:36 965000 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-10-16 00:48 . 2013-10-27 21:38 1884448 ----a-w- c:\windows\system32\nvdispco6433158.dll
2013-10-16 00:48 . 2013-10-27 21:38 18290536 ----a-w- c:\windows\system32\SET1549.tmp
2013-10-16 00:48 . 2013-10-27 21:38 18243632 ----a-w- c:\windows\system32\SETBCE.tmp
2013-10-16 00:48 . 2013-10-27 21:38 1511712 ----a-w- c:\windows\system32\nvdispgenco6433158.dll
2013-10-16 00:48 . 2013-10-27 21:38 1435504 ----a-w- c:\windows\system32\SET1161.tmp
2013-10-16 00:48 . 2013-10-27 21:38 3067560 ----a-w- c:\windows\system32\SET41B.tmp
2013-10-12 02:30 . 2013-11-14 08:00 830464 ----a-w- c:\windows\system32\nshwfp.dll
2013-10-12 02:29 . 2013-11-14 08:00 859648 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-10-12 02:29 . 2013-11-14 08:00 324096 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-10-12 02:03 . 2013-11-14 08:00 656896 ----a-w- c:\windows\SysWow64\nshwfp.dll
2013-10-12 02:01 . 2013-11-14 08:00 216576 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2013-10-05 20:25 . 2013-11-14 08:00 1474048 ----a-w- c:\windows\system32\crypt32.dll
2013-10-05 19:57 . 2013-11-14 08:00 1168384 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-10-03 02:23 . 2013-11-14 08:00 404480 ----a-w- c:\windows\system32\gdi32.dll
2013-10-03 02:00 . 2013-11-14 08:00 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2013-09-28 01:09 . 2013-11-14 08:00 497152 ----a-w- c:\windows\system32\drivers\afd.sys
2013-09-27 08:53 . 2013-09-27 08:53 248240 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2010-08-03 10:11 819200 --sha-w- c:\windows\SysWOW64\xvidcore.dll
2010-08-03 10:11 180224 --sha-w- c:\windows\SysWOW64\xvidvfw.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2010-11-21 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
[-] 2013-11-11 . 2C353B6CE0C8D03225CAA2AF33B68D79 . 1008640 . . [6.1.7601.17514] .. c:\windows\system32\user32.dll
.
[-] 2013-11-11 . 861C4346F9281DC0380DE72C8D55D6BE . 833024 . . [6.1.7601.17514] .. c:\windows\SysWOW64\user32.dll
[7] 2010-11-21 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-11-29 19:48 220632 ----a-w- c:\users\doma\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-11-29 19:48 220632 ----a-w- c:\users\doma\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-11-29 19:48 220632 ----a-w- c:\users\doma\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"EADM"="c:\program files (x86)\Origin\Origin.exe" [2013-11-25 3551576]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-11-14 20584608]
"NextLive"="c:\users\doma\AppData\Roaming\newnext.me\nengine.dll" [2013-11-14 1283584]
"Zoner Photo Studio Autoupdate"="c:\program files\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE" [2012-10-18 752736]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" [2013-05-16 1062472]
"VNT"="c:\program files (x86)\VNT\vntldr.exe" [2013-11-08 202192]
"mobilegeni daemon"="c:\program files (x86)\Mobogenie\DaemonProcess.exe" [2013-12-10 761024]
.
c:\users\doma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
GameRanger.lnk - c:\users\doma\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe /autostart [2013-7-2 1824928]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files (x86)\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.130\SSScheduler.exe [2013-9-6 324320]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 dfiytuln;dfiytuln;c:\windows\system32\drivers\dfiytuln.sys;c:\windows\SYSNATIVE\drivers\dfiytuln.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.130\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.130\McCHSvc.exe [x]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys;c:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe;c:\program files (x86)\Tunngle\TnglCtrl.exe [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 PanService;PandoraService;c:\program files (x86)\PANDORA.TV\PanService\KMPService.exe;c:\program files (x86)\PANDORA.TV\PanService\KMPService.exe [x]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys;c:\windows\SYSNATIVE\DRIVERS\tap0901t.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-05 22:15 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-12-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-27 19:50]
.
2013-12-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-10-28 00:03]
.
2013-12-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-10-28 00:03]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-11-29 19:48 244696 ----a-w- c:\users\doma\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-11-29 19:48 244696 ----a-w- c:\users\doma\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-11-29 19:48 244696 ----a-w- c:\users\doma\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2013-08-19 7202520]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-09-19 1028896]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 1266912]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2013-11-29 2273056]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2013-11-29 1096480]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{41545533-2D53-4154-00A7-7A786E7484D7} - c:\program files (x86)\AskPartnerNetwork\Toolbar\ATU3-SAT\Passport.dll
BHO-{41545534-2D56-3743-00A7-7A786E7484D7} - c:\program files (x86)\AskPartnerNetwork\Toolbar\ATU4-V7C\Passport.dll
BHO-{7F6AFBF1-E065-4627-A2FD-810366367D01} - c:\users\doma\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll
Toolbar-{41545534-2D56-3743-00A7-7A786E7484D7} - c:\program files (x86)\AskPartnerNetwork\Toolbar\ATU4-V7C\Passport.dll
Toolbar-{41545533-2D53-4154-00A7-7A786E7484D7} - c:\program files (x86)\AskPartnerNetwork\Toolbar\ATU3-SAT\Passport.dll
Wow6432Node-HKCU-Run-Overwolf - c:\program files (x86)\Overwolf\Overwolf.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
BHO-{41545533-2D53-4154-00A7-7A786E7484D7} - c:\program files (x86)\AskPartnerNetwork\Toolbar\ATU3-SAT\Passport_x64.dll
BHO-{41545534-2D56-3743-00A7-7A786E7484D7} - c:\program files (x86)\AskPartnerNetwork\Toolbar\ATU4-V7C\Passport_x64.dll
Toolbar-{41545534-2D56-3743-00A7-7A786E7484D7} - c:\program files (x86)\AskPartnerNetwork\Toolbar\ATU4-V7C\Passport_x64.dll
Toolbar-{41545533-2D53-4154-00A7-7A786E7484D7} - c:\program files (x86)\AskPartnerNetwork\Toolbar\ATU3-SAT\Passport_x64.dll
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
AddRemove-DefaultTab - c:\users\doma\AppData\Roaming\defaulttab\defaulttab\uninstalldt.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3922030091-4069231028-3011548383-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-3922030091-4069231028-3011548383-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\PANDORA.TV\PanService\KMPProcess.exe
.
**************************************************************************
.
Celkový čas: 2013-12-22 23:05:51 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-12-22 22:05
.
Před spuštěním: Volných bajtů: 188 822 327 296
Po spuštění: Volných bajtů: 188 505 067 520
.
- - End Of File - - C8A160AA017A7D8D5697C08CED8C79FE
A36C5E4F47E84449FF07ED3517B43A31

[MontyY]

nechápu jak se v tomhle můžete vyznat

[jaro3]

Odinstaluj:
McAfee Security Scan
BingBar

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::
Collect::
c:\windows\system32\drivers\dfiytuln.sys

File::
c:\windows\system32\SET1549.tmp
c:\windows\system32\SETBCE.tmp
c:\windows\system32\SET1161.tmp
c:\windows\system32\SET41B.tmp
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Folder::
c:\program files\McAfee Security Scan
C:\$AVG
c:\programdata\AVG2014
c:\programdata\AVAST Software
c:\programdata\McAfee Security Scan
c:\programdata\McAfee
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Google\Update

DirLook::
c:\programdata\la3Xn373

Driver::
dfiytuln
SkypeUpdate
McComponentHostService

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"seznam-listicka-distribuce"=-

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
c:\windows\system32\user32.dll

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.