preventivni kontrola logu po roce

[strambm]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:23:55, on 11.11.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16720)
Boot mode: Normal

Running processes:
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\system32\taskhost.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Windows\Samsung\PanelMgr\SSMMgr.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files\SmarThru Office\BackUpSvr.exe
C:\Program Files\SmarThru Office\LegacyLauncher.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
C:\Users\Admin\AppData\Local\Google\Update\1.3.21.165\GoogleCrashHandler.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Users\Admin\Downloads\hijackthis.exe
C:\windows\system32\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\windows\Samsung\PanelMgr\ssmmgr.exe /autorun
O4 - HKLM\..\Run: [STO Backup Service] C:\Program Files\SmarThru Office\BackUpSvr.exe
O4 - HKLM\..\Run: [STO Launcher Service] C:\Program Files\SmarThru Office\LegacyLauncher.exe /run
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Google Update] "C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://c:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\System32\avgrsstx.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_b3d7bbbd6875f4bb\aestsrv.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\windows\system32\atiesrxx.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\windows\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: RoxMediaDB10 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: Samsung Network Fax Server - Samsung Software Center, Moscow - C:\windows\system32\spool\drivers\w32x86\3\NetFaxServer.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_b3d7bbbd6875f4bb\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 10130 bytes

[Reklama]

[jaro3]

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.


Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Pokud budou problémy , spusť v nouz. režimu.

[strambm]

adwcleaner:

# AdwCleaner v3.003 - Report created 17/11/2013 at 10:34:10
# Updated 07/09/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Admin - ADMIN-PC0122
# Running from : C:\Users\Admin\Downloads\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16736


-\\ Mozilla Firefox v25.0 (en-US)

[ File : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nzfefp7r.default\prefs.js ]


-\\ Google Chrome v

[ File : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1435 octets] - [17/11/2013 10:34:10]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1495 octets] ##########







mbam:
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.11.17.02

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16736
Admin :: ADMIN-PC0122 [administrátor]

Ochrana: Povolena

17.11.2013 10:45:42
MBAM-log-2013-11-17 (10-51-53).txt

Typ: Blesková kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: Registr | Systémové soubory | P2P
Kontrolované objekty: 187542
Uplynulý čas: 5 minut, 51 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 1
C:\Program Files\Windows Defender\setup\alkare.fok (Trojan.Agent) -> Nebyla provedena žádná instrukce.

(konec)

[memphisto]

V obou programech nech vše smazat a dodej logy po smazání

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

Stáhni si Junkware Removal Tool

na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

[strambm]

AdwCleaner:
# AdwCleaner v3.003 - Report created 17/11/2013 at 20:14:15
# Updated 07/09/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Admin - ADMIN-PC0122
# Running from : C:\Users\Admin\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16736


-\\ Mozilla Firefox v25.0 (en-US)

[ File : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nzfefp7r.default\prefs.js ]


-\\ Google Chrome v

[ File : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1575 octets] - [17/11/2013 10:34:10]
AdwCleaner[R1].txt - [1635 octets] - [17/11/2013 20:12:40]
AdwCleaner[S0].txt - [1570 octets] - [17/11/2013 20:14:15]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1630 octets] ##########




mbam:
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.11.17.03

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16736
Admin :: ADMIN-PC0122 [administrátor]

Ochrana: Povolena

17.11.2013 20:19:03
mbam-log-2013-11-17 (20-19-03).txt

Typ: Blesková kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: Registr | Systémové soubory | P2P
Kontrolované objekty: 187053
Uplynulý čas: 3 minut, 31 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 1
C:\Program Files\Windows Defender\setup\alkare.fok (Trojan.Agent) -> Přesun do karantény a smazání se zdařilo.

(konec)



RogueKiller:
RogueKiller V8.7.8 [Nov 14 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Admin [Práva správce]
Mód : Kontrola -- Datum : 11/17/2013 20:33:11
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 4 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 5 ¤¤¤
[All Users][SUSP UNIC] Síť ??� zástupce.lnk : C:\Users\All Users\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Síť ??� zástupce.lnk [x] -> NALEZENO
[Default][SUSP UNIC] Síť ??� zástupce.lnk : C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Síť ??� zástupce.lnk [x] -> NALEZENO
[Default User][SUSP UNIC] Síť ??� zástupce.lnk : C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Síť ??� zástupce.lnk [x] -> NALEZENO
[desktop.ini][SUSP UNIC] Síť ??� zástupce.lnk : C:\Users\desktop.ini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Síť ??� zástupce.lnk [x] -> NALEZENO
[Public][SUSP UNIC] Síť ??� zástupce.lnk : C:\Users\Public\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Síť ??� zástupce.lnk [x] -> NALEZENO

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Inline] EAT @explorer.exe (?_Clocptr@_Locimp@locale@std@@0PAV123@A) : MSVCP90.dll -> HOOKED (Unknown @ 0x72966BA4)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD3200BEKT-60F3T1 ATA Device +++++
--- User ---
[MBR] 6377f0b355823be67bbabdfbb841267f
[BSP] 0632f5c82f519ba9facfc9d839f8c155 : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 300 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 616448 | Size: 287535 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 589488128 | Size: 15360 Mo
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 620945408 | Size: 2043 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_11172013_203311.txt >>




JRT:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x86
Ran by Admin on ne 17.11.2013 at 20:40:58,99
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\nzfefp7r.default\minidumps [30 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ne 17.11.2013 at 20:50:46,98
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[jaro3]

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.

[strambm]

Rogue:
RogueKiller V8.7.8 [Nov 14 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Admin [Práva správce]
Mód : Odebrat -- Datum : 11/21/2013 18:15:17
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 5 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 5 ¤¤¤
[All Users][SUSP UNIC] Síť ??� zástupce.lnk : C:\Users\All Users\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Síť ??� zástupce.lnk [x] ->
[Default][SUSP UNIC] Síť ??� zástupce.lnk : C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Síť ??� zástupce.lnk [x] ->
[Default User][SUSP UNIC] Síť ??� zástupce.lnk : C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Síť ??� zástupce.lnk [x] ->
[desktop.ini][SUSP UNIC] Síť ??� zástupce.lnk : C:\Users\desktop.ini\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Síť ??� zástupce.lnk [x] ->
[Public][SUSP UNIC] Síť ??� zástupce.lnk : C:\Users\Public\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Síť ??� zástupce.lnk [x] ->

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Inline] EAT @explorer.exe (?_Clocptr@_Locimp@locale@std@@0PAV123@A) : MSVCP90.dll -> HOOKED (Unknown @ 0x726D3BA4)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD3200BEKT-60F3T1 ATA Device +++++
--- User ---
[MBR] 6377f0b355823be67bbabdfbb841267f
[BSP] 0632f5c82f519ba9facfc9d839f8c155 : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 300 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 616448 | Size: 287535 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 589488128 | Size: 15360 Mo
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 620945408 | Size: 2043 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_11212013_181517.txt >>
RKreport[0]_S_11172013_203311.txt;RKreport[0]_S_11212013_180619.txt;RKreport[0]_S_11212013_181452.txt
alize success


DTSS:
http://pastebin.com/YW345RFh

[Orcus]

TDSS log sem vlož na několik částí. Na pastebinu ho fakt lovit nebudeme.

[strambm]

18:19:07.0341 0x1478 TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
18:19:10.0961 0x1478 ============================================================
18:19:10.0961 0x1478 Current date / time: 2013/11/21 18:19:10.0961
18:19:10.0961 0x1478 SystemInfo:
18:19:10.0962 0x1478
18:19:10.0962 0x1478 OS Version: 6.1.7601 ServicePack: 1.0
18:19:10.0962 0x1478 Product type: Workstation
18:19:10.0962 0x1478 ComputerName: ADMIN-PC0122
18:19:10.0966 0x1478 UserName: Admin
18:19:10.0966 0x1478 Windows directory: C:\windows
18:19:10.0966 0x1478 System windows directory: C:\windows
18:19:10.0966 0x1478 Processor architecture: Intel x86
18:19:10.0966 0x1478 Number of processors: 2
18:19:10.0966 0x1478 Page size: 0x1000
18:19:10.0966 0x1478 Boot type: Normal boot
18:19:10.0966 0x1478 ============================================================
18:19:13.0860 0x1478 KLMD registered as C:\windows\system32\drivers\24964221.sys
18:19:14.0272 0x1478 System UUID: {8F82AE2B-DFD9-6CBC-125B-5A10879F5DE1}
18:19:15.0988 0x1478 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:19:15.0994 0x1478 ============================================================
18:19:15.0994 0x1478 \Device\Harddisk0\DR0:
18:19:15.0994 0x1478 MBR partitions:
18:19:15.0994 0x1478 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x96000
18:19:15.0994 0x1478 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x96800, BlocksNum 0x23197800
18:19:15.0994 0x1478 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x2322E000, BlocksNum 0x1E00000
18:19:15.0995 0x1478 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x2502E000, BlocksNum 0x3FD800
18:19:15.0995 0x1478 ============================================================
18:19:16.0019 0x1478 C: <-> \Device\Harddisk0\DR0\Partition2
18:19:16.0045 0x1478 E: <-> \Device\Harddisk0\DR0\Partition4
18:19:16.0046 0x1478 ============================================================
18:19:16.0046 0x1478 Initialize success
18:19:16.0046 0x1478 ============================================================
18:19:19.0394 0x13a4 ============================================================
18:19:19.0394 0x13a4 Scan started
18:19:19.0394 0x13a4 Mode: Manual;
18:19:19.0394 0x13a4 ============================================================
18:19:19.0394 0x13a4 KSN ping started
18:19:25.0374 0x13a4 KSN ping finished: true
18:19:25.0963 0x13a4 ================ Scan system memory ========================
18:19:25.0964 0x13a4 System memory - ok
18:19:25.0965 0x13a4 ================ Scan services =============================
18:19:26.0190 0x13a4 [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
18:19:26.0207 0x13a4 1394ohci - ok
18:19:26.0318 0x13a4 [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\windows\system32\drivers\ACPI.sys
18:19:26.0345 0x13a4 ACPI - ok
18:19:26.0388 0x13a4 [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
18:19:26.0391 0x13a4 AcpiPmi - ok
18:19:26.0486 0x13a4 [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
18:19:26.0494 0x13a4 AdobeARMservice - ok
18:19:26.0602 0x13a4 [ A283108E14F3970432C21AF4C0CB1BCE, 1D3219EF916D54232838870EDE557296AACB714B456ED0AAE0DE3CE3822F4643 ] AdobeFlashPlayerUpdateSvc C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:19:26.0627 0x13a4 AdobeFlashPlayerUpdateSvc - ok
18:19:26.0715 0x13a4 [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
18:19:26.0756 0x13a4 adp94xx - ok
18:19:26.0815 0x13a4 [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
18:19:26.0843 0x13a4 adpahci - ok
18:19:26.0888 0x13a4 [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
18:19:26.0903 0x13a4 adpu320 - ok
18:19:26.0952 0x13a4 [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc C:\windows\System32\aelupsvc.dll
18:19:26.0960 0x13a4 AeLookupSvc - ok
18:19:27.0054 0x13a4 [ 827DBC22C96EECF6D36A13162FABAFD3, EBBC04A6AD3BC83E3791569C1120BBBB59AF70512FA2CEB6A8BA2A257F3F6C32 ] AESTFilters C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_b3d7bbbd6875f4bb\aestsrv.exe
18:19:27.0063 0x13a4 AESTFilters - ok
18:19:27.0147 0x13a4 [ F81BB7E487EDCEAB630A7EE66CF23913, 7D1638FD7E388EF670FA0A421762E0413351058A20DDF0F9988A383F05395A68 ] AFD C:\windows\system32\drivers\afd.sys
18:19:27.0179 0x13a4 AFD - ok
18:19:27.0229 0x13a4 [ 6416F9B6B220F0A890525C38235AFAD7, C2A643E1BA75CD00C1C7F62475A7122AA95530A835AE62CF0FD9EADFA07B7EBD ] AgereModemAudio C:\Program Files\LSI SoftModem\agrsmsvc.exe
18:19:27.0232 0x13a4 AgereModemAudio - ok
18:19:27.0390 0x13a4 [ FAA5A0B80E011464C7654851CE3D7FE7, 464C847FF24F0BB1D0DC8C783BD9488F80EA86C9C50D274A330A2D2B2F70D914 ] AgereSoftModem C:\windows\system32\DRIVERS\AGRSM.sys
18:19:27.0500 0x13a4 AgereSoftModem - ok
18:19:27.0578 0x13a4 [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\windows\system32\drivers\agp440.sys
18:19:27.0585 0x13a4 agp440 - ok
18:19:27.0617 0x13a4 [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\windows\system32\DRIVERS\djsvs.sys
18:19:27.0626 0x13a4 aic78xx - ok
18:19:27.0668 0x13a4 [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\windows\System32\alg.exe
18:19:27.0677 0x13a4 ALG - ok
18:19:27.0709 0x13a4 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\windows\system32\drivers\aliide.sys
18:19:27.0712 0x13a4 aliide - ok
18:19:27.0767 0x13a4 [ A236CEE2BF90381E981EBB870429FA9B, 47311728773C6E5ED5E122536DBD3A02C0F7E72E9343066111DE8690626C6398 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
18:19:27.0785 0x13a4 AMD External Events Utility - ok
18:19:27.0821 0x13a4 [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\windows\system32\drivers\amdagp.sys
18:19:27.0828 0x13a4 amdagp - ok
18:19:27.0876 0x13a4 [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\windows\system32\drivers\amdide.sys
18:19:27.0882 0x13a4 amdide - ok
18:19:27.0924 0x13a4 [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
18:19:27.0930 0x13a4 AmdK8 - ok
18:19:27.0979 0x13a4 [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
18:19:27.0986 0x13a4 AmdPPM - ok
18:19:28.0048 0x13a4 [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata C:\windows\system32\drivers\amdsata.sys
18:19:28.0056 0x13a4 amdsata - ok
18:19:28.0097 0x13a4 [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
18:19:28.0113 0x13a4 amdsbs - ok
18:19:28.0165 0x13a4 [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata C:\windows\system32\drivers\amdxata.sys
18:19:28.0169 0x13a4 amdxata - ok
18:19:28.0214 0x13a4 [ AEA177F783E20150ACE5383EE368DA19, 8FA9EE27AA1F22E8B8FE33A21028CA1E0062BAA95CB132C20D55B98C03B4254F ] AppID C:\windows\system32\drivers\appid.sys
18:19:28.0220 0x13a4 AppID - ok
18:19:28.0252 0x13a4 [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc C:\windows\System32\appidsvc.dll
18:19:28.0257 0x13a4 AppIDSvc - ok
18:19:28.0307 0x13a4 [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo C:\windows\System32\appinfo.dll
18:19:28.0314 0x13a4 Appinfo - ok
18:19:28.0383 0x13a4 [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\windows\system32\DRIVERS\arc.sys
18:19:28.0393 0x13a4 arc - ok
18:19:28.0425 0x13a4 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
18:19:28.0434 0x13a4 arcsas - ok
18:19:28.0597 0x13a4 [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
18:19:28.0656 0x13a4 aspnet_state - ok
18:19:28.0704 0x13a4 [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
18:19:28.0708 0x13a4 AsyncMac - ok
18:19:28.0753 0x13a4 [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\windows\system32\drivers\atapi.sys
18:19:28.0756 0x13a4 atapi - ok
18:19:29.0307 0x13a4 [ A4252328D2B1520571102992EF0B0E5C, 5D2F5B2898CE5235D5084C27E223453C22A9C0731039052E9658604FF70DE65A ] atikmdag C:\windows\system32\DRIVERS\atikmdag.sys
18:19:29.0553 0x13a4 atikmdag - ok
18:19:29.0631 0x13a4 [ B73C832088DD54B55E04FF6F9646AD8C, 52A9F9240FAFB2F50E48579F02221CC0D6872F834104F91EF63ADC6AA82A2CD0 ] AtiPcie C:\windows\system32\DRIVERS\AtiPcie.sys
18:19:29.0634 0x13a4 AtiPcie - ok
18:19:29.0670 0x13a4 [ A8ABF9CA3B8781A69CA5025BCDA42706, E0511D3A916141E521A9B64C8B1EBE566F6634E8804873153270D06411EF3A38 ] ATP C:\windows\system32\DRIVERS\cmdatp.sys
18:19:29.0673 0x13a4 ATP - ok
18:19:29.0750 0x13a4 [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
18:19:29.0784 0x13a4 AudioEndpointBuilder - ok
18:19:29.0934 0x13a4 [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] Audiosrv C:\windows\System32\Audiosrv.dll
18:19:29.0982 0x13a4 Audiosrv - ok
18:19:30.0085 0x13a4 [ C4D15594DB5BE042D3346EA58DF87D89, 8E24868518DE53F28C92C473A415BED613665287F338B815FEDE21D151F01962 ] avg9wd C:\Program Files\AVG\AVG9\avgwdsvc.exe
18:19:30.0115 0x13a4 avg9wd - ok
18:19:30.0259 0x13a4 [ A9F4D19DE72C738759330D10D35C4398, 46D760EBFBABF3FDCD02F4AC38180FBFFEFFA36F68C18602695A9FCB6C4C13DE ] AvgLdx86 C:\windows\System32\Drivers\avgldx86.sys
18:19:30.0281 0x13a4 AvgLdx86 - ok
18:19:30.0353 0x13a4 [ 80FF2B1B7EEDA966394F0BAA895BBF4B, D8F5C111837707DC37975C1E315FCD33BF96AB21D89874CB0290134A44C46BEF ] AvgMfx86 C:\windows\System32\Drivers\avgmfx86.sys
18:19:30.0357 0x13a4 AvgMfx86 - ok
18:19:30.0497 0x13a4 [ 9A7A93388F503A34E7339AE7F9997449, 9549146C19EAF65DB98314A7CCB0AB27503DC812B521444CBEA5493998ADAA80 ] AvgTdiX C:\windows\System32\Drivers\avgtdix.sys
18:19:30.0520 0x13a4 AvgTdiX - ok
18:19:30.0635 0x13a4 [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\windows\System32\AxInstSV.dll
18:19:30.0675 0x13a4 AxInstSV - ok
18:19:30.0815 0x13a4 [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\windows\system32\DRIVERS\bxvbdx.sys
18:19:30.0856 0x13a4 b06bdrv - ok
18:19:30.0956 0x13a4 [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\windows\system32\DRIVERS\b57nd60x.sys
18:19:30.0994 0x13a4 b57nd60x - ok
18:19:31.0243 0x13a4 [ B9E94D37FC08525D893B632A0CA2E18C, F7DAA087267F47A3CE669BE587C85B8DAC518CAFE1CC4858B475F2F835F414EA ] BCM43XX C:\windows\system32\DRIVERS\bcmwl6.sys
18:19:31.0388 0x13a4 BCM43XX - ok
18:19:31.0489 0x13a4 [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\windows\System32\bdesvc.dll
18:19:31.0500 0x13a4 BDESVC - ok
18:19:31.0534 0x13a4 [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\windows\system32\drivers\Beep.sys
18:19:31.0536 0x13a4 Beep - ok
18:19:31.0633 0x13a4 [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\windows\System32\bfe.dll
18:19:31.0683 0x13a4 BFE - ok
18:19:31.0776 0x13a4 [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\windows\system32\qmgr.dll
18:19:31.0837 0x13a4 BITS - ok
18:19:31.0882 0x13a4 [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
18:19:31.0887 0x13a4 blbdrive - ok
18:19:31.0933 0x13a4 [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser C:\windows\system32\DRIVERS\bowser.sys
18:19:31.0940 0x13a4 bowser - ok
18:19:31.0979 0x13a4 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
18:19:31.0981 0x13a4 BrFiltLo - ok
18:19:32.0008 0x13a4 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
18:19:32.0010 0x13a4 BrFiltUp - ok
18:19:32.0063 0x13a4 [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser C:\windows\System32\browser.dll
18:19:32.0075 0x13a4 Browser - ok
18:19:32.0130 0x13a4 [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\windows\System32\Drivers\Brserid.sys
18:19:32.0156 0x13a4 Brserid - ok
18:19:32.0188 0x13a4 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
18:19:32.0196 0x13a4 BrSerWdm - ok
18:19:32.0224 0x13a4 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
18:19:32.0226 0x13a4 BrUsbMdm - ok
18:19:32.0245 0x13a4 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
18:19:32.0248 0x13a4 BrUsbSer - ok
18:19:32.0298 0x13a4 [ 2865A5C8E98C70C605F417908CEBB3A4, B1C5AC228BD7072AF8668C009C6CDC13EE9FCB9481F57524300F37C40BF1E935 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
18:19:32.0303 0x13a4 BthEnum - ok
18:19:32.0337 0x13a4 [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
18:19:32.0344 0x13a4 BTHMODEM - ok
18:19:32.0379 0x13a4 [ AD1872E5829E8A2C3B5B4B641C3EAB0E, 8C2DBCAC08DDB41E2B44E257C55FA2D0272959B308EFF9EAF5FF9AE1E4A0AA39 ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
18:19:32.0389 0x13a4 BthPan - ok
18:19:32.0466 0x13a4 [ 1153DE2E4F5941E10C399CB5592F78A1, 2B88AF246D62F72FA9F5B921B0375AE59A0F263672472D5EC9FDB5CA5EF51C31 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
18:19:32.0502 0x13a4 BTHPORT - ok
18:19:32.0536 0x13a4 [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\windows\system32\bthserv.dll
18:19:32.0544 0x13a4 bthserv - ok
18:19:32.0577 0x13a4 [ C81E9413A25A439F436B1D4B6A0CF9E9, A4C290163207AED22C70C7F90B28F6FC24892889643D60D915059405AC5A4A72 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
18:19:32.0585 0x13a4 BTHUSB - ok
18:19:32.0643 0x13a4 [ D57D29132EFE13A83133D9BD449E0CF1, 8C12FC2404A53EFA028B3423A96F2B5ADDE1640A964AFAF2C460E73338551FFB ] btwaudio C:\windows\system32\drivers\btwaudio.sys
18:19:32.0652 0x13a4 btwaudio - ok
18:19:32.0691 0x13a4 [ D282C14A69357D0E1BAFAECC2CA98C3A, 1F576218591B87920641F7E2FA349E477032C4C38DF5A6584738DC0280E203A9 ] btwavdt C:\windows\system32\drivers\btwavdt.sys
18:19:32.0702 0x13a4 btwavdt - ok
18:19:32.0815 0x13a4 [ 7D2DD14E60CE4FF3308D66FDA7990546, FB92C2FAE8C9F3F25A5766BFB1A05CD4D7BF8FB84F548752C17476926B21153F ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
18:19:32.0871 0x13a4 btwdins - ok
18:19:32.0904 0x13a4 [ AAFD7CB76BA61FBB08E302DA208C974A, 1B342095E373ECCA1775B30E92CD337BECEB4BA9F821132C33507A646E6A341C ] btwl2cap C:\windows\system32\DRIVERS\btwl2cap.sys
18:19:32.0908 0x13a4 btwl2cap - ok
18:19:32.0934 0x13a4 [ 02EB4D2B05967DF2D32F29C84AB1FB17, 95B7901F7BCE41DF53309158AC12888BA1F82FF2E576BF3ED0E67EA3CFAB1288 ] btwrchid C:\windows\system32\DRIVERS\btwrchid.sys
18:19:32.0938 0x13a4 btwrchid - ok
18:19:32.0984 0x13a4 [ D87F9ED09460A796DF724024482890AA, 77AF0FD9120AAF834837009BDE9167B0E0B768CB07F57D0871921ACBEF1A80C9 ] C-DillaSrv C:\windows\system32\DRIVERS\CDANTSRV.EXE
18:19:32.0990 0x13a4 C-DillaSrv - ok
18:19:33.0171 0x13a4 catchme - ok
18:19:33.0220 0x13a4 [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
18:19:33.0228 0x13a4 cdfs - ok
18:19:33.0278 0x13a4 [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\windows\system32\drivers\cdrom.sys
18:19:33.0290 0x13a4 cdrom - ok
18:19:33.0343 0x13a4 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\windows\System32\certprop.dll
18:19:33.0352 0x13a4 CertPropSvc - ok
18:19:33.0388 0x13a4 [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\windows\system32\DRIVERS\circlass.sys
18:19:33.0393 0x13a4 circlass - ok
18:19:33.0456 0x13a4 [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS C:\windows\system32\CLFS.sys
18:19:33.0481 0x13a4 CLFS - ok
18:19:33.0535 0x13a4 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:19:33.0547 0x13a4 clr_optimization_v2.0.50727_32 - ok
18:19:33.0596 0x13a4 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:19:33.0677 0x13a4 clr_optimization_v4.0.30319_32 - ok
18:19:33.0710 0x13a4 [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
18:19:33.0713 0x13a4 CmBatt - ok
18:19:33.0756 0x13a4 [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\windows\system32\drivers\cmdide.sys
18:19:33.0759 0x13a4 cmdide - ok
18:19:33.0830 0x13a4 [ 85449EEBE8F8EBD6481EFBF0F352B4EB, E6FF04970C5A5BFDE7297A86C1C7B9BFE2E0F976A1A1AFB874CEB488DC6151CC ] CNG C:\windows\system32\Drivers\cng.sys
18:19:33.0865 0x13a4 CNG - ok
18:19:33.0962 0x13a4 [ F9A79C5B27037821112C50A9C8FB367A, D9990AE1A0CA767E54C9D3FD2C6EA2A068DFD5A270102E915F71648A0C59097B ] Com4QLBEx C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
18:19:33.0997 0x13a4 Com4QLBEx - ok
18:19:34.0039 0x13a4 [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
18:19:34.0043 0x13a4 Compbatt - ok
18:19:34.0091 0x13a4 [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
18:19:34.0096 0x13a4 CompositeBus - ok
18:19:34.0126 0x13a4 COMSysApp - ok
18:19:34.0161 0x13a4 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
18:19:34.0164 0x13a4 crcdisk - ok
18:19:34.0232 0x13a4 [ 7CA1BECEA5DE2643ADDAD32670E7A4C9, E3AB4CC52A97E3855D7EAB87363F807FDD2162ED8C76A036CD71549ED64E7797 ] CryptSvc C:\windows\system32\cryptsvc.dll
18:19:34.0247 0x13a4 CryptSvc - ok
18:19:34.0438 0x13a4 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch C:\windows\system32\rpcss.dll
18:19:34.0480 0x13a4 DcomLaunch - ok
18:19:34.0543 0x13a4 [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\windows\System32\defragsvc.dll
18:19:34.0569 0x13a4 defragsvc - ok
18:19:34.0617 0x13a4 [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC C:\windows\system32\Drivers\dfsc.sys
18:19:34.0626 0x13a4 DfsC - ok
18:19:34.0684 0x13a4 DgiVecp - ok
18:19:34.0749 0x13a4 [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\windows\system32\dhcpcore.dll
18:19:34.0776 0x13a4 Dhcp - ok
18:19:34.0809 0x13a4 [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\windows\system32\drivers\discache.sys
18:19:34.0816 0x13a4 discache - ok
18:19:34.0855 0x13a4 [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\windows\system32\DRIVERS\disk.sys
18:19:34.0862 0x13a4 Disk - ok
18:19:34.0917 0x13a4 [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache C:\windows\System32\dnsrslvr.dll
18:19:34.0933 0x13a4 Dnscache - ok
18:19:35.0002 0x13a4 [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\windows\System32\dot3svc.dll
18:19:35.0036 0x13a4 dot3svc - ok
18:19:35.0106 0x13a4 [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\windows\system32\dps.dll
18:19:35.0123 0x13a4 DPS - ok
18:19:35.0169 0x13a4 [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud C:\windows\system32\drivers\drmkaud.sys
18:19:35.0172 0x13a4 drmkaud - ok
18:19:35.0284 0x13a4 [ 71BC35067CABC02C9453AEAA42B2E43E, 713B19F2C08EA5E4C087F7A74A8856932CF33E19D63384823DD4E02ED8798619 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
18:19:35.0354 0x13a4 DXGKrnl - ok
18:19:35.0465 0x13a4 [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\windows\System32\eapsvc.dll
18:19:35.0478 0x13a4 EapHost - ok
18:19:35.0837 0x13a4 [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\windows\system32\DRIVERS\evbdx.sys
18:19:36.0018 0x13a4 ebdrv - ok
18:19:36.0080 0x13a4 [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] EFS C:\windows\System32\lsass.exe
18:19:36.0084 0x13a4 EFS - ok
18:19:36.0177 0x13a4 [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\windows\ehome\ehRecvr.exe
18:19:36.0230 0x13a4 ehRecvr - ok
18:19:36.0266 0x13a4 [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\windows\ehome\ehsched.exe
18:19:36.0276 0x13a4 ehSched - ok
18:19:36.0355 0x13a4 [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
18:19:36.0390 0x13a4 elxstor - ok
18:19:36.0438 0x13a4 [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\windows\system32\drivers\errdev.sys
18:19:36.0441 0x13a4 ErrDev - ok
18:19:36.0506 0x13a4 [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\windows\system32\es.dll
18:19:36.0534 0x13a4 EventSystem - ok
18:19:36.0579 0x13a4 [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\windows\system32\drivers\exfat.sys
18:19:36.0593 0x13a4 exfat - ok
18:19:36.0708 0x13a4 [ 2D5ED81E5A8A2B77768BA724E3F8E538, B836C0BA54905A008CBE66DCE27837D9829159E4C7197EDA4F1C30326CB89304 ] EzVpnSvc C:\Program Files\COMODO\Unite\EzVpnSvc.exe
18:19:36.0742 0x13a4 EzVpnSvc - ok
18:19:36.0790 0x13a4 [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\windows\system32\drivers\fastfat.sys
18:19:36.0805 0x13a4 fastfat - ok
18:19:36.0898 0x13a4 [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\windows\system32\fxssvc.exe
18:19:36.0950 0x13a4 Fax - ok
18:19:36.0987 0x13a4 [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\windows\system32\DRIVERS\fdc.sys
18:19:36.0991 0x13a4 fdc - ok
18:19:37.0014 0x13a4 [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\windows\system32\fdPHost.dll
18:19:37.0021 0x13a4 fdPHost - ok
18:19:37.0045 0x13a4 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\windows\system32\fdrespub.dll
18:19:37.0053 0x13a4 FDResPub - ok
18:19:37.0080 0x13a4 [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
18:19:37.0087 0x13a4 FileInfo - ok
18:19:37.0113 0x13a4 [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\windows\system32\drivers\filetrace.sys
18:19:37.0117 0x13a4 Filetrace - ok
18:19:37.0143 0x13a4 [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
18:19:37.0148 0x13a4 flpydisk - ok
18:19:37.0207 0x13a4 [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
18:19:37.0228 0x13a4 FltMgr - ok
18:19:37.0366 0x13a4 [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache C:\windows\system32\FntCache.dll
18:19:37.0468 0x13a4 FontCache - ok
18:19:37.0539 0x13a4 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:19:37.0547 0x13a4 FontCache3.0.0.0 - ok
18:19:37.0577 0x13a4 [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\windows\system32\drivers\FsDepends.sys
18:19:37.0584 0x13a4 FsDepends - ok
18:19:37.0616 0x13a4 [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
18:19:37.0619 0x13a4 Fs_Rec - ok
18:19:37.0674 0x13a4 [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
18:19:37.0694 0x13a4 fvevol - ok
18:19:37.0728 0x13a4 [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
18:19:37.0735 0x13a4 gagp30kx - ok
18:19:37.0774 0x13a4 GarenaPEngine - ok
18:19:37.0848 0x13a4 GGSAFERDriver - ok
18:19:37.0958 0x13a4 [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc C:\windows\System32\gpsvc.dll
18:19:38.0015 0x13a4 gpsvc - ok
18:19:38.0109 0x13a4 [ 7929A161F9951D173CA9900FE7067391, 35F329B3476D34E02C31B8050E1AB8C74BA0F3114A6B48AFED8F98751EFF44AB ] hamachi C:\windows\system32\DRIVERS\hamachi.sys
18:19:38.0113 0x13a4 hamachi - ok
18:19:38.0142 0x13a4 [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
18:19:38.0146 0x13a4 hcw85cir - ok
18:19:38.0216 0x13a4 [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
18:19:38.0245 0x13a4 HdAudAddService - ok
18:19:38.0310 0x13a4 [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
18:19:38.0321 0x13a4 HDAudBus - ok
18:19:38.0351 0x13a4 [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
18:19:38.0355 0x13a4 HidBatt - ok
18:19:38.0397 0x13a4 [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
18:19:38.0407 0x13a4 HidBth - ok
18:19:38.0442 0x13a4 [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\windows\system32\DRIVERS\hidir.sys
18:19:38.0448 0x13a4 HidIr - ok
18:19:38.0484 0x13a4 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\windows\System32\hidserv.dll
18:19:38.0493 0x13a4 hidserv - ok
18:19:38.0533 0x13a4 [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
18:19:38.0537 0x13a4 HidUsb - ok
18:19:38.0583 0x13a4 [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\windows\system32\kmsvc.dll
18:19:38.0595 0x13a4 hkmsvc - ok
18:19:38.0660 0x13a4 [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\windows\system32\ListSvc.dll
18:19:38.0694 0x13a4 HomeGroupListener - ok
18:19:38.0754 0x13a4 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\windows\system32\provsvc.dll
18:19:38.0776 0x13a4 HomeGroupProvider - ok
18:19:38.0807 0x13a4 [ 1210960FF8928950D2A786895B0C424A, 22C8785E024CFDD3A43FAEAAA96B8332C37E9B6C765AB7AFBCD3DAA2DC9EFFC7 ] HpqKbFiltr C:\windows\system32\DRIVERS\HpqKbFiltr.sys
18:19:38.0810 0x13a4 HpqKbFiltr - ok
18:19:38.0875 0x13a4 [ FDF273A845F1FFCCEADF363AAF47582F, 9BB99346A977225EF77261CD3CF4219A238EB06FFE2DB91D00A0037BDCFECEF1 ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
18:19:38.0910 0x13a4 hpqwmiex - ok
18:19:38.0954 0x13a4 [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
18:19:38.0962 0x13a4 HpSAMD - ok
18:19:39.0066 0x13a4 [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP C:\windows\system32\drivers\HTTP.sys
18:19:39.0115 0x13a4 HTTP - ok
18:19:39.0209 0x13a4 [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
18:19:39.0212 0x13a4 hwpolicy - ok
18:19:39.0270 0x13a4 [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
18:19:39.0279 0x13a4 i8042prt - ok
18:19:39.0334 0x13a4 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
18:19:39.0366 0x13a4 iaStorV - ok
18:19:39.0486 0x13a4 [ C521D7EB6497BB1AF6AFA89E322FB43C, BDDCFCBB5B76A9295669B5AC9F732D6127199ED5C300770B554C4E4794F66BB7 ] idsvc C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:19:39.0588 0x13a4 idsvc - ok
18:19:40.0132 0x13a4 [ AD626F6964F4D364D226C39E06872DD3, 5D52F89930BB07D4D2D0FC12143BD233B5D2C238527B3B4CAD74736D1EC84218 ] igfx C:\windows\system32\DRIVERS\igdkmd32.sys
18:19:40.0562 0x13a4 igfx - ok
18:19:40.0665 0x13a4 [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
18:19:40.0671 0x13a4 iirsp - ok
18:19:40.0776 0x13a4 [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT C:\windows\System32\ikeext.dll
18:19:40.0841 0x13a4 IKEEXT - ok
18:19:40.0898 0x13a4 [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\windows\system32\drivers\intelide.sys
18:19:40.0902 0x13a4 intelide - ok
18:19:40.0948 0x13a4 [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
18:19:40.0956 0x13a4 intelppm - ok
18:19:40.0999 0x13a4 [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\windows\system32\ipbusenum.dll
18:19:41.0013 0x13a4 IPBusEnum - ok
18:19:41.0047 0x13a4 [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
18:19:41.0054 0x13a4 IpFilterDriver - ok
18:19:41.0142 0x13a4 [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
18:19:41.0193 0x13a4 iphlpsvc - ok
18:19:41.0251 0x13a4 [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
18:19:41.0260 0x13a4 IPMIDRV - ok
18:19:41.0301 0x13a4 [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\windows\system32\drivers\ipnat.sys
18:19:41.0313 0x13a4 IPNAT - ok
18:19:41.0346 0x13a4 [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\windows\system32\drivers\irenum.sys
18:19:41.0349 0x13a4 IRENUM - ok
18:19:41.0379 0x13a4 [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\windows\system32\drivers\isapnp.sys
18:19:41.0385 0x13a4 isapnp - ok
18:19:41.0459 0x13a4 [ CB7A9ABB12B8415BCE5D74994C7BA3AE, 464BFF3F5EEE985BE075E23E1813F5CB82A9A0771A92C6D889B13B867BCDF647 ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
18:19:41.0483 0x13a4 iScsiPrt - ok
18:19:41.0520 0x13a4 [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
18:19:41.0526 0x13a4 kbdclass - ok
18:19:41.0553 0x13a4 [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
18:19:41.0559 0x13a4 kbdhid - ok
18:19:41.0589 0x13a4 [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] KeyIso C:\windows\system32\lsass.exe
18:19:41.0596 0x13a4 KeyIso - ok
18:19:41.0640 0x13a4 [ F286830298323272260332D6ABC905C1, FF4CD182A95CA53119B228690D682EE9214BE131A0DBCB09B6189FBEBBFF902C ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
18:19:41.0648 0x13a4 KSecDD - ok
18:19:41.0697 0x13a4 [ D7C760D57B1656DD748B9E4AB6CB5A51, F8AE4185A6A9F7005DEFF1FDC03F395C6189825B482B8C650637FD29DE93AB68 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
18:19:41.0712 0x13a4 KSecPkg - ok
18:19:41.0783 0x13a4 [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\windows\system32\msdtckrm.dll
18:19:41.0826 0x13a4 KtmRm - ok
18:19:41.0894 0x13a4 [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\windows\System32\srvsvc.dll
18:19:41.0917 0x13a4 LanmanServer - ok
18:19:41.0973 0x13a4 [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
18:19:41.0991 0x13a4 LanmanWorkstation - ok
18:19:42.0064 0x13a4 [ 83D8BE94E1CBCBE2EA8372DB1A95A159, 28D18C7B93EFB6C83023D39A54489DDE98DE578AFCC06DD0712D00DE7CD48968 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
18:19:42.0072 0x13a4 LightScribeService - ok
18:19:42.0124 0x13a4 [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
18:19:42.0130 0x13a4 lltdio - ok
18:19:42.0194 0x13a4 [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\windows\System32\lltdsvc.dll
18:19:42.0228 0x13a4 lltdsvc - ok
18:19:42.0253 0x13a4 [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\windows\System32\lmhsvc.dll
18:19:42.0264 0x13a4 lmhosts - ok
18:19:42.0319 0x13a4 [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
18:19:42.0330 0x13a4 LSI_FC - ok
18:19:42.0365 0x13a4 [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
18:19:42.0375 0x13a4 LSI_SAS - ok
18:19:42.0406 0x13a4 [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
18:19:42.0413 0x13a4 LSI_SAS2 - ok
18:19:42.0459 0x13a4 [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
18:19:42.0470 0x13a4 LSI_SCSI - ok
18:19:42.0509 0x13a4 [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\windows\system32\drivers\luafv.sys
18:19:42.0519 0x13a4 luafv - ok
18:19:42.0582 0x13a4 [ 4470E3C1E0C3378E4CAB137893C12C3A, CA8E66356F0E671D5454E561E7EAD74DE25DCF53BE452369F96ECACFA8709489 ] MBAMProtector C:\windows\system32\drivers\mbam.sys
18:19:42.0586 0x13a4 MBAMProtector - ok
18:19:42.0668 0x13a4 [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:19:42.0708 0x13a4 MBAMScheduler - ok
18:19:42.0814 0x13a4 [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
18:19:42.0881 0x13a4 MBAMService - ok
18:19:43.0000 0x13a4 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
18:19:43.0014 0x13a4 Mcx2Svc - ok
18:19:43.0048 0x13a4 [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\windows\system32\DRIVERS\megasas.sys
18:19:43.0053 0x13a4 megasas - ok
18:19:43.0098 0x13a4 [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
18:19:43.0122 0x13a4 MegaSR - ok
18:19:43.0172 0x13a4 [ 64B96DE8C492BD435372D9130A535F1D, B253682F140CD548489AE6CD2EC281C382E8D3C4C3BE9A423DFEB963E37D665C ] MfeAVFK C:\windows\system32\drivers\MfeAVFK.sys
18:19:43.0181 0x13a4 MfeAVFK - ok
18:19:43.0211 0x13a4 [ 078E87A89D36CC3516F19D5FB518BDDC, 09C80B948D638D67805EA21CFC9C8FE29685BBDE167385248CD763F9E1C9A1F4 ] MfeBOPK C:\windows\system32\drivers\MfeBOPK.sys
18:19:43.0216 0x13a4 MfeBOPK - ok
18:19:43.0264 0x13a4 [ 168C565101FD5B9DB694EFDEC91FAFA9, 1F7E469BDE079C85EE6CB6F02423E4F93C5FE373BDEA5CCD62173AA31934AFB4 ] mfehidk C:\windows\system32\drivers\mfehidk.sys
18:19:43.0286 0x13a4 mfehidk - ok
18:19:43.0326 0x13a4 [ E0842F67DC9BC4D21D1E319610EBE9E5, 7FEBA23EDA99D092775AE8F41AE0B5812C6C6CB95DAB387FF5845FE6113B1E40 ] MfeRKDK C:\windows\system32\drivers\MfeRKDK.sys
18:19:43.0331 0x13a4 MfeRKDK - ok
18:19:43.0364 0x13a4 [ 43A7ACBBD70ECD62F0B63486C72089A3, 2A50971FF6C42A63857B5972E4CF01E9632A5B7E3149A395446F9CB72A19C987 ] mfetdik C:\windows\system32\drivers\mfetdik.sys
18:19:43.0370 0x13a4 mfetdik - ok
18:19:43.0437 0x13a4 Microsoft SharePoint Workspace Audit Service - ok
18:19:43.0482 0x13a4 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\windows\system32\mmcss.dll
18:19:43.0493 0x13a4 MMCSS - ok
18:19:43.0530 0x13a4 [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\windows\system32\drivers\modem.sys
18:19:43.0535 0x13a4 Modem - ok
18:19:43.0572 0x13a4 [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\windows\system32\DRIVERS\monitor.sys
18:19:43.0577 0x13a4 monitor - ok
18:19:43.0626 0x13a4 [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
18:19:43.0632 0x13a4 mouclass - ok
18:19:43.0666 0x13a4 [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
18:19:43.0670 0x13a4 mouhid - ok
18:19:43.0723 0x13a4 [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr C:\windows\system32\drivers\mountmgr.sys
18:19:43.0732 0x13a4 mountmgr - ok
18:19:43.0810 0x13a4 [ 5E0686615A80A6279B2314E13CD23F6E, 659931AB2DD395FAA2E5036D02BC6AAE8A7E4C9FF1A902B1FF9C15E878C89E77 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:19:43.0825 0x13a4 MozillaMaintenance - ok
18:19:43.0870 0x13a4 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\windows\system32\drivers\mpio.sys
18:19:43.0887 0x13a4 mpio - ok
18:19:43.0936 0x13a4 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
18:19:43.0944 0x13a4 mpsdrv - ok
18:19:44.0051 0x13a4 [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\windows\system32\mpssvc.dll
18:19:44.0109 0x13a4 MpsSvc - ok
18:19:44.0171 0x13a4 [ 21F4B24ACFC79A483515BD986DD9043F, 22681907E02E0B723ABE2CEF0602D36C8EF862E7E2B62A9B40A5EF582E58D7BA ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
18:19:44.0184 0x13a4 MRxDAV - ok
18:19:44.0232 0x13a4 [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
18:19:44.0245 0x13a4 mrxsmb - ok
18:19:44.0305 0x13a4 [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
18:19:44.0328 0x13a4 mrxsmb10 - ok
18:19:44.0370 0x13a4 [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
18:19:44.0381 0x13a4 mrxsmb20 - ok
18:19:44.0419 0x13a4 [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\windows\system32\drivers\msahci.sys
18:19:44.0424 0x13a4 msahci - ok
18:19:44.0479 0x13a4 [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\windows\system32\drivers\msdsm.sys
18:19:44.0492 0x13a4 msdsm - ok
18:19:44.0540 0x13a4 [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\windows\System32\msdtc.exe
18:19:44.0566 0x13a4 MSDTC - ok
18:19:44.0626 0x13a4 [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\windows\system32\drivers\Msfs.sys
18:19:44.0631 0x13a4 Msfs - ok
18:19:44.0658 0x13a4 [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
18:19:44.0662 0x13a4 mshidkmdf - ok
18:19:44.0708 0x13a4 [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
18:19:44.0712 0x13a4 msisadrv - ok
18:19:44.0759 0x13a4 [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\windows\system32\iscsiexe.dll
18:19:44.0776 0x13a4 MSiSCSI - ok
18:19:44.0797 0x13a4 msiserver - ok
18:19:44.0834 0x13a4 [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
18:19:44.0837 0x13a4 MSKSSRV - ok
18:19:44.0880 0x13a4 [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
18:19:44.0883 0x13a4 MSPCLOCK - ok
18:19:44.0914 0x13a4 [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
18:19:44.0916 0x13a4 MSPQM - ok
18:19:44.0966 0x13a4 [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
18:19:44.0984 0x13a4 MsRPC - ok
18:19:45.0025 0x13a4 [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\windows\system32\drivers\mssmbios.sys
18:19:45.0030 0x13a4 mssmbios - ok
18:19:45.0055 0x13a4 [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\windows\system32\drivers\MSTEE.sys
18:19:45.0058 0x13a4 MSTEE - ok
18:19:45.0088 0x13a4 [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
18:19:45.0092 0x13a4 MTConfig - ok
18:19:45.0139 0x13a4 [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\windows\system32\Drivers\mup.sys
18:19:45.0146 0x13a4 Mup - ok
18:19:45.0227 0x13a4 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\windows\system32\qagentRT.dll
18:19:45.0266 0x13a4 napagent - ok
18:19:45.0334 0x13a4 [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
18:19:45.0360 0x13a4 NativeWifiP - ok
18:19:45.0480 0x13a4 [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS C:\windows\system32\drivers\ndis.sys
18:19:45.0547 0x13a4 NDIS - ok
18:19:45.0581 0x13a4 [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
18:19:45.0586 0x13a4 NdisCap - ok
18:19:45.0624 0x13a4 [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
18:19:45.0628 0x13a4 NdisTapi - ok
18:19:45.0679 0x13a4 [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
18:19:45.0686 0x13a4 Ndisuio - ok

[strambm]

18:19:45.0735 0x13a4 [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
18:19:45.0747 0x13a4 NdisWan - ok
18:19:45.0802 0x13a4 [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\windows\system32\drivers\NDProxy.sys
18:19:45.0808 0x13a4 NDProxy - ok
18:19:45.0835 0x13a4 [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
18:19:45.0840 0x13a4 NetBIOS - ok
18:19:45.0902 0x13a4 [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
18:19:45.0921 0x13a4 NetBT - ok
18:19:45.0948 0x13a4 [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] Netlogon C:\windows\system32\lsass.exe
18:19:45.0956 0x13a4 Netlogon - ok
18:19:46.0023 0x13a4 [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\windows\System32\netman.dll
18:19:46.0056 0x13a4 Netman - ok
18:19:46.0104 0x13a4 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:19:46.0147 0x13a4 NetMsmqActivator - ok
18:19:46.0190 0x13a4 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:19:46.0205 0x13a4 NetPipeActivator - ok
18:19:46.0283 0x13a4 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\windows\System32\netprofm.dll
18:19:46.0323 0x13a4 netprofm - ok
18:19:46.0353 0x13a4 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:19:46.0369 0x13a4 NetTcpActivator - ok
18:19:46.0395 0x13a4 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:19:46.0410 0x13a4 NetTcpPortSharing - ok
18:19:46.0443 0x13a4 [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
18:19:46.0450 0x13a4 nfrd960 - ok
18:19:46.0523 0x13a4 [ 374071043F9E4231EE43BE2BB48DD36D, C4FA3FC40CC49DBBB91901D14210A55D3831FAC9F9B3FF45FCA7F5CF242C9E92 ] NlaSvc C:\windows\System32\nlasvc.dll
18:19:46.0552 0x13a4 NlaSvc - ok
18:19:46.0634 0x13a4 [ B0A67DE1A128389AEA4D42C5A56215FD, BE70916D507622991408C8256934819B8096A7FDAF2C7BA362AD5786E30F647C ] nmwcd C:\windows\system32\drivers\ccdcmb.sys
18:19:46.0638 0x13a4 nmwcd - ok
18:19:46.0674 0x13a4 [ 025C54F9F8C8BC1894EA38529C742C54, 176CF78E6202B020551E25AC9D05C6BF7782A8D24A93C545CEAD9B16437A528C ] nmwcdc C:\windows\system32\drivers\ccdcmbo.sys
18:19:46.0678 0x13a4 nmwcdc - ok
18:19:46.0715 0x13a4 [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\windows\system32\drivers\Npfs.sys
18:19:46.0722 0x13a4 Npfs - ok
18:19:46.0753 0x13a4 [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\windows\system32\nsisvc.dll
18:19:46.0763 0x13a4 nsi - ok
18:19:46.0790 0x13a4 [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
18:19:46.0795 0x13a4 nsiproxy - ok
18:19:46.0977 0x13a4 [ 5E43D2B0EE64123D4880DFA6626DEFDE, 164413A22DE58B19EA2B4120034B46D6BE1F424B80C3421E10BE5C81153D049F ] Ntfs C:\windows\system32\drivers\Ntfs.sys
18:19:47.0090 0x13a4 Ntfs - ok
18:19:47.0162 0x13a4 [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\windows\system32\drivers\Null.sys
18:19:47.0167 0x13a4 Null - ok
18:19:47.0230 0x13a4 [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid C:\windows\system32\drivers\nvraid.sys
18:19:47.0243 0x13a4 nvraid - ok
18:19:47.0283 0x13a4 [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor C:\windows\system32\drivers\nvstor.sys
18:19:47.0299 0x13a4 nvstor - ok
18:19:47.0346 0x13a4 [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
18:19:47.0359 0x13a4 nv_agp - ok
18:19:47.0406 0x13a4 [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
18:19:47.0416 0x13a4 ohci1394 - ok
18:19:47.0481 0x13a4 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:19:47.0507 0x13a4 ose - ok
18:19:48.0051 0x13a4 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:19:48.0547 0x13a4 osppsvc - ok
18:19:48.0681 0x13a4 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\windows\system32\pnrpsvc.dll
18:19:48.0723 0x13a4 p2pimsvc - ok
18:19:48.0794 0x13a4 [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\windows\system32\p2psvc.dll
18:19:48.0845 0x13a4 p2psvc - ok
18:19:48.0884 0x13a4 [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\windows\system32\DRIVERS\parport.sys
18:19:48.0894 0x13a4 Parport - ok
18:19:48.0944 0x13a4 [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr C:\windows\system32\drivers\partmgr.sys
18:19:48.0951 0x13a4 partmgr - ok
18:19:48.0981 0x13a4 [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\windows\system32\DRIVERS\parvdm.sys
18:19:48.0984 0x13a4 Parvdm - ok
18:19:49.0030 0x13a4 [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc C:\windows\System32\pcasvc.dll
18:19:49.0051 0x13a4 PcaSvc - ok
18:19:49.0096 0x13a4 [ FD2041E9BA03DB7764B2248F02475079, DECEED110524BF83B4097188BF24BF0DDE1CE838DF7748B0DC807ABE351EB20A ] pccsmcfd C:\windows\system32\DRIVERS\pccsmcfd.sys
18:19:49.0102 0x13a4 pccsmcfd - ok
18:19:49.0173 0x13a4 [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\windows\system32\drivers\pci.sys
18:19:49.0189 0x13a4 pci - ok
18:19:49.0225 0x13a4 [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\windows\system32\drivers\pciide.sys
18:19:49.0228 0x13a4 pciide - ok
18:19:49.0284 0x13a4 [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
18:19:49.0302 0x13a4 pcmcia - ok
18:19:49.0343 0x13a4 [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\windows\system32\drivers\pcw.sys
18:19:49.0349 0x13a4 pcw - ok
18:19:49.0385 0x13a4 pdfcDispatcher - ok
18:19:49.0492 0x13a4 [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH C:\windows\system32\drivers\peauth.sys
18:19:49.0547 0x13a4 PEAUTH - ok
18:19:49.0790 0x13a4 [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\windows\system32\pla.dll
18:19:49.0959 0x13a4 pla - ok
18:19:50.0046 0x13a4 [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay C:\windows\system32\umpnpmgr.dll
18:19:50.0082 0x13a4 PlugPlay - ok
18:19:50.0117 0x13a4 [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
18:19:50.0128 0x13a4 PNRPAutoReg - ok
18:19:50.0182 0x13a4 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\windows\system32\pnrpsvc.dll
18:19:50.0219 0x13a4 PNRPsvc - ok
18:19:50.0301 0x13a4 [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
18:19:50.0337 0x13a4 PolicyAgent - ok
18:19:50.0401 0x13a4 [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\windows\system32\umpo.dll
18:19:50.0421 0x13a4 Power - ok
18:19:50.0462 0x13a4 [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
18:19:50.0470 0x13a4 PptpMiniport - ok
18:19:50.0508 0x13a4 [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\windows\system32\DRIVERS\processr.sys
18:19:50.0515 0x13a4 Processor - ok
18:19:50.0571 0x13a4 [ CADEFAC453040E370A1BDFF3973BE00D, 2E3DD8DA702468D8AB0F3CE27188B1991D4CB015FB36BAE4C6E7996B61CF49B8 ] ProfSvc C:\windows\system32\profsvc.dll
18:19:50.0593 0x13a4 ProfSvc - ok
18:19:50.0625 0x13a4 [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] ProtectedStorage C:\windows\system32\lsass.exe
18:19:50.0633 0x13a4 ProtectedStorage - ok
18:19:50.0689 0x13a4 [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\windows\system32\DRIVERS\pacer.sys
18:19:50.0700 0x13a4 Psched - ok
18:19:50.0735 0x13a4 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E, 20ABD8372B242FD356AC143E7EB56F93CFEA4988ED1B0C4434CB64C387D7F66C ] PxHelp20 C:\windows\system32\Drivers\PxHelp20.sys
18:19:50.0742 0x13a4 PxHelp20 - ok
18:19:50.0912 0x13a4 [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
18:19:51.0041 0x13a4 ql2300 - ok
18:19:51.0111 0x13a4 [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
18:19:51.0122 0x13a4 ql40xx - ok
18:19:51.0171 0x13a4 [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\windows\system32\qwave.dll
18:19:51.0203 0x13a4 QWAVE - ok
18:19:51.0235 0x13a4 [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
18:19:51.0242 0x13a4 QWAVEdrv - ok
18:19:51.0264 0x13a4 [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
18:19:51.0268 0x13a4 RasAcd - ok
18:19:51.0312 0x13a4 [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
18:19:51.0318 0x13a4 RasAgileVpn - ok
18:19:51.0351 0x13a4 [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\windows\System32\rasauto.dll
18:19:51.0369 0x13a4 RasAuto - ok
18:19:51.0398 0x13a4 [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
18:19:51.0407 0x13a4 Rasl2tp - ok
18:19:51.0474 0x13a4 [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\windows\System32\rasmans.dll
18:19:51.0514 0x13a4 RasMan - ok
18:19:51.0545 0x13a4 [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
18:19:51.0554 0x13a4 RasPppoe - ok
18:19:51.0587 0x13a4 [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
18:19:51.0599 0x13a4 RasSstp - ok
18:19:51.0668 0x13a4 [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
18:19:51.0692 0x13a4 rdbss - ok
18:19:51.0732 0x13a4 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
18:19:51.0736 0x13a4 rdpbus - ok
18:19:51.0786 0x13a4 [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
18:19:51.0790 0x13a4 RDPCDD - ok
18:19:51.0834 0x13a4 [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
18:19:51.0838 0x13a4 RDPENCDD - ok
18:19:51.0878 0x13a4 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
18:19:51.0883 0x13a4 RDPREFMP - ok
18:19:51.0946 0x13a4 [ F031683E6D1FEA157ABB2FF260B51E61, 83B552819A5964152882C527E1421DBCEAACC74DEB897E3C4B53F52F1467FED3 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
18:19:51.0973 0x13a4 RDPWD - ok
18:19:52.0041 0x13a4 [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
18:19:52.0059 0x13a4 rdyboost - ok
18:19:52.0104 0x13a4 [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\windows\System32\mprdim.dll
18:19:52.0111 0x13a4 RemoteAccess - ok
18:19:52.0140 0x13a4 [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\windows\system32\regsvc.dll
18:19:52.0151 0x13a4 RemoteRegistry - ok
18:19:52.0183 0x13a4 [ CB928D9E6DAF51879DD6BA8D02F01321, DFD263B67DDF98AE09AF6D6986CBC7BE3206BCE8403AAC51BCF9459E78233D12 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
18:19:52.0191 0x13a4 RFCOMM - ok
18:19:52.0375 0x13a4 [ 85F9924FB26D924C4A10DC620AE2C350, 52DC870426EF36851D5037EB244B156F66CE2D661E0378232E12F635DDFE3D1A ] RoxMediaDB10 c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
18:19:52.0497 0x13a4 RoxMediaDB10 - ok
18:19:52.0523 0x13a4 [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
18:19:52.0529 0x13a4 RpcEptMapper - ok
18:19:52.0561 0x13a4 [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\windows\system32\locator.exe
18:19:52.0567 0x13a4 RpcLocator - ok
18:19:52.0644 0x13a4 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs C:\windows\system32\rpcss.dll
18:19:52.0682 0x13a4 RpcSs - ok
18:19:52.0719 0x13a4 [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
18:19:52.0727 0x13a4 rspndr - ok
18:19:52.0754 0x13a4 [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] SamSs C:\windows\system32\lsass.exe
18:19:52.0762 0x13a4 SamSs - ok
18:19:52.0874 0x13a4 [ E905E54744AB3E81651345D2B96E48C1, C9FDFC20584E8620980813E7016D149FC6D5BAC093B98FF46EC195ED57750A96 ] Samsung Network Fax Server C:\windows\system32\spool\drivers\w32x86\3\NetFaxServer.exe
18:19:52.0936 0x13a4 Samsung Network Fax Server - ok
18:19:53.0003 0x13a4 [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\windows\system32\drivers\sbp2port.sys
18:19:53.0013 0x13a4 sbp2port - ok
18:19:53.0054 0x13a4 [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\windows\System32\SCardSvr.dll
18:19:53.0079 0x13a4 SCardSvr - ok
18:19:53.0126 0x13a4 [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
18:19:53.0133 0x13a4 scfilter - ok
18:19:53.0260 0x13a4 [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule C:\windows\system32\schedsvc.dll
18:19:53.0353 0x13a4 Schedule - ok
18:19:53.0403 0x13a4 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\windows\System32\certprop.dll
18:19:53.0411 0x13a4 SCPolicySvc - ok
18:19:53.0467 0x13a4 [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\windows\System32\SDRSVC.dll
18:19:53.0490 0x13a4 SDRSVC - ok
18:19:53.0518 0x13a4 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\windows\system32\drivers\secdrv.sys
18:19:53.0524 0x13a4 secdrv - ok
18:19:53.0551 0x13a4 [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\windows\system32\seclogon.dll
18:19:53.0561 0x13a4 seclogon - ok
18:19:53.0589 0x13a4 [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\windows\system32\sens.dll
18:19:53.0603 0x13a4 SENS - ok
18:19:53.0640 0x13a4 [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\windows\system32\sensrsvc.dll
18:19:53.0652 0x13a4 SensrSvc - ok
18:19:53.0683 0x13a4 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\windows\system32\DRIVERS\serenum.sys
18:19:53.0687 0x13a4 Serenum - ok
18:19:53.0717 0x13a4 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\windows\system32\DRIVERS\serial.sys
18:19:53.0727 0x13a4 Serial - ok
18:19:53.0756 0x13a4 [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
18:19:53.0762 0x13a4 sermouse - ok
18:19:53.0886 0x13a4 [ 668043F192AB9659761A349A4703600D, 44443E477A38913C6973817C06C25A776574F2C0F9F52609F070BAFA836EBE2E ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
18:19:53.0953 0x13a4 ServiceLayer - ok
18:19:54.0052 0x13a4 [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\windows\system32\sessenv.dll
18:19:54.0070 0x13a4 SessionEnv - ok
18:19:54.0112 0x13a4 [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\windows\system32\drivers\sffdisk.sys
18:19:54.0118 0x13a4 sffdisk - ok
18:19:54.0143 0x13a4 [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
18:19:54.0149 0x13a4 sffp_mmc - ok
18:19:54.0180 0x13a4 [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
18:19:54.0186 0x13a4 sffp_sd - ok
18:19:54.0226 0x13a4 [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
18:19:54.0231 0x13a4 sfloppy - ok
18:19:54.0295 0x13a4 [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\windows\System32\ipnathlp.dll
18:19:54.0338 0x13a4 SharedAccess - ok
18:19:54.0405 0x13a4 [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\windows\System32\shsvcs.dll
18:19:54.0443 0x13a4 ShellHWDetection - ok
18:19:54.0482 0x13a4 [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\windows\system32\drivers\sisagp.sys
18:19:54.0489 0x13a4 sisagp - ok
18:19:54.0541 0x13a4 [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
18:19:54.0547 0x13a4 SiSRaid2 - ok
18:19:54.0577 0x13a4 [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
18:19:54.0586 0x13a4 SiSRaid4 - ok
18:19:54.0650 0x13a4 [ F07AF60B152221472FBDB2FECEC4896D, A18FDCE8462A48429E249C44F0E49F844F2E3A4B5215349DE104F34D935EF983 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
18:19:54.0666 0x13a4 SkypeUpdate - ok
18:19:54.0708 0x13a4 [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\windows\system32\DRIVERS\smb.sys
18:19:54.0717 0x13a4 Smb - ok
18:19:54.0782 0x13a4 [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\windows\System32\snmptrap.exe
18:19:54.0793 0x13a4 SNMPTRAP - ok
18:19:55.0012 0x13a4 [ D8ABA1293B82E7AF2F78B67CA46FCB3D, DECD137E16174A3E32E50460713E59907F2DEA28ACE67C6EFE2AB9E820303EA5 ] SNP2UVC C:\windows\system32\DRIVERS\snp2uvc.sys
18:19:55.0173 0x13a4 SNP2UVC - ok
18:19:55.0236 0x13a4 [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\windows\system32\drivers\spldr.sys
18:19:55.0241 0x13a4 spldr - ok
18:19:55.0324 0x13a4 [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler C:\windows\System32\spoolsv.exe
18:19:55.0361 0x13a4 Spooler - ok
18:19:55.0706 0x13a4 [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc C:\windows\system32\sppsvc.exe
18:19:55.0930 0x13a4 sppsvc - ok
18:19:55.0988 0x13a4 [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify C:\windows\system32\sppuinotify.dll
18:19:56.0002 0x13a4 sppuinotify - ok
18:19:56.0055 0x13a4 [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv C:\windows\system32\DRIVERS\srv.sys
18:19:56.0085 0x13a4 srv - ok
18:19:56.0138 0x13a4 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
18:19:56.0154 0x13a4 srv2 - ok
18:19:56.0184 0x13a4 [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
18:19:56.0196 0x13a4 srvnet - ok
18:19:56.0235 0x13a4 [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\windows\System32\ssdpsrv.dll
18:19:56.0257 0x13a4 SSDPSRV - ok
18:19:56.0322 0x13a4 [ EF3458337D7341A05169CEFC73709264, C9D0AE966CFA02F7B72586C2A6E2AFA9818C9F4856A4E9625B79BC5A886FC193 ] SSPORT C:\windows\system32\Drivers\SSPORT.sys
18:19:56.0325 0x13a4 SSPORT - ok
18:19:56.0369 0x13a4 [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\windows\system32\sstpsvc.dll
18:19:56.0387 0x13a4 SstpSvc - ok
18:19:56.0502 0x13a4 [ A8D11FB4733AF636A96FC7C67417D893, FEF8393181C141E6D79E4B960FB017DCF02EDD581E106494E45C80CC7CF3A258 ] STacSV C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_b3d7bbbd6875f4bb\STacSV.exe
18:19:56.0523 0x13a4 STacSV - ok
18:19:56.0550 0x13a4 StarOpen - ok
18:19:56.0584 0x13a4 [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
18:19:56.0589 0x13a4 stexstor - ok
18:19:56.0686 0x13a4 [ 901703459C668331DF0C0245F6B8160A, A319FDFA4F3796ABEB3FCF797D2417080C5ABCD27CC84D315E3202CB5C6CA379 ] STHDA C:\windows\system32\DRIVERS\stwrt.sys
18:19:56.0740 0x13a4 STHDA - ok
18:19:56.0834 0x13a4 [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc C:\windows\System32\wiaservc.dll
18:19:56.0895 0x13a4 StiSvc - ok
18:19:56.0948 0x13a4 [ FF5EB78AF7DFB68C2FB363537AAF753E, BF34EBC28A18D31ADA21098FCD2F2D5FACE7AA9B49DB1AFA4AD248B2A58FE86E ] stllssvr c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
18:19:56.0959 0x13a4 stllssvr - ok
18:19:57.0000 0x13a4 [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\windows\system32\drivers\swenum.sys
18:19:57.0006 0x13a4 swenum - ok
18:19:57.0164 0x13a4 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
18:19:57.0215 0x13a4 SwitchBoard - ok
18:19:57.0272 0x13a4 [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\windows\System32\swprv.dll
18:19:57.0323 0x13a4 swprv - ok
18:19:57.0386 0x13a4 [ 1DE40024679CDE0E573465253519730E, 9F96F30431CE9E41615EDC92392053C46B060EF98C47C0430E4E973723A49583 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
18:19:57.0407 0x13a4 SynTP - ok
18:19:57.0559 0x13a4 [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain C:\windows\system32\sysmain.dll
18:19:57.0676 0x13a4 SysMain - ok
18:19:57.0750 0x13a4 [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\windows\System32\TabSvc.dll
18:19:57.0767 0x13a4 TabletInputService - ok
18:19:57.0830 0x13a4 [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv C:\windows\System32\tapisrv.dll
18:19:57.0873 0x13a4 TapiSrv - ok
18:19:57.0908 0x13a4 [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\windows\System32\tbssvc.dll
18:19:57.0922 0x13a4 TBS - ok
18:19:58.0106 0x13a4 [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] Tcpip C:\windows\system32\drivers\tcpip.sys
18:19:58.0228 0x13a4 Tcpip - ok
18:19:58.0438 0x13a4 [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
18:19:58.0560 0x13a4 TCPIP6 - ok
18:19:58.0641 0x13a4 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
18:19:58.0647 0x13a4 tcpipreg - ok
18:19:58.0688 0x13a4 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
18:19:58.0695 0x13a4 TDPIPE - ok
18:19:58.0723 0x13a4 [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
18:19:58.0728 0x13a4 TDTCP - ok
18:19:58.0777 0x13a4 [ B459575348C20E8121D6039DA063C704, 1B4328A9EA39FF5A57F258E02254D04B73455F1DF7C997C13702A8B2F12D0347 ] tdx C:\windows\system32\DRIVERS\tdx.sys
18:19:58.0786 0x13a4 tdx - ok
18:19:58.0837 0x13a4 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD C:\windows\system32\drivers\termdd.sys
18:19:58.0844 0x13a4 TermDD - ok
18:19:58.0939 0x13a4 [ 382C804C92811BE57829D8E550A900E2, 5F52C2E7902024CF1C9CC0069F411C3F19CCA3DB209F437FA0F3932D4898EB50 ] TermService C:\windows\System32\termsrv.dll
18:19:58.0994 0x13a4 TermService - ok
18:19:59.0084 0x13a4 [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\windows\system32\themeservice.dll
18:19:59.0096 0x13a4 Themes - ok
18:19:59.0133 0x13a4 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\windows\system32\mmcss.dll
18:19:59.0144 0x13a4 THREADORDER - ok
18:19:59.0184 0x13a4 [ 5AD05191DC8B444A7BA4D79B76C42A30, 6166E939A5A240388EBA5AF7FF335DC413F2BBCF74C2E1D310F4BE2A5454A610 ] TPM C:\windows\system32\drivers\tpm.sys
18:19:59.0191 0x13a4 TPM - ok
18:19:59.0227 0x13a4 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\windows\System32\trkwks.dll
18:19:59.0243 0x13a4 TrkWks - ok
18:19:59.0316 0x13a4 [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
18:19:59.0344 0x13a4 TrustedInstaller - ok
18:19:59.0394 0x13a4 [ B37B08F2E5EEB1A37E448E09BACE1101, 32CC9E06B88BAB6FAB4696B744548DFCE9199A7FD2BA8B019F269CA75895852C ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
18:19:59.0399 0x13a4 tssecsrv - ok
18:19:59.0449 0x13a4 [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
18:19:59.0457 0x13a4 TsUsbFlt - ok
18:19:59.0519 0x13a4 [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
18:19:59.0533 0x13a4 tunnel - ok
18:19:59.0561 0x13a4 [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
18:19:59.0568 0x13a4 uagp35 - ok
18:19:59.0622 0x13a4 [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs C:\windows\system32\DRIVERS\udfs.sys
18:19:59.0657 0x13a4 udfs - ok
18:19:59.0708 0x13a4 [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\windows\system32\UI0Detect.exe
18:19:59.0725 0x13a4 UI0Detect - ok
18:19:59.0778 0x13a4 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
18:19:59.0787 0x13a4 uliagpkx - ok
18:19:59.0833 0x13a4 [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus C:\windows\system32\drivers\umbus.sys
18:19:59.0840 0x13a4 umbus - ok
18:19:59.0879 0x13a4 [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\windows\system32\DRIVERS\umpass.sys
18:19:59.0882 0x13a4 UmPass - ok
18:19:59.0998 0x13a4 [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\windows\System32\upnphost.dll
18:20:00.0116 0x13a4 upnphost - ok
18:20:00.0157 0x13a4 [ 78B74AF8727A28C128E164E9B53A5413, B731A85DF22FABB8F253C68FC2C7F5DAF8282C516B8BA875AB6A01502323FDDC ] upperdev C:\windows\system32\DRIVERS\usbser_lowerflt.sys
18:20:00.0160 0x13a4 upperdev - ok
18:20:00.0203 0x13a4 [ 71D97F1A3CC47A56728F7A400A3F8295, ED3FDB73D8A98D9BAF702C0F5C7AD79D525D19DCE1487D442536913BEA5C7F15 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
18:20:00.0208 0x13a4 usbccgp - ok
18:20:00.0245 0x13a4 [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir C:\windows\system32\drivers\usbcir.sys
18:20:00.0251 0x13a4 usbcir - ok
18:20:00.0280 0x13a4 [ C4FB8E7ADEA9B5CEEA885A1B504B7E40, 3E0AE5D236890452F2EA33504309A7E5FE49C567FF6F68A83A5987F05ED01BF0 ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
18:20:00.0285 0x13a4 usbehci - ok
18:20:00.0321 0x13a4 [ 86AA95ACB611001E26CD2C0145F2225A, 584D26E8C9407A4E717DCBF2D3819DB441C2D455B5FDA6654FBA3794E19B4D51 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
18:20:00.0344 0x13a4 usbhub - ok
18:20:00.0366 0x13a4 [ DCDF9855145A14DFCA0AB32308871961, 9A21013AD032195D54CE655DE5363E78BB74CC55C40B889520B478892F4BA40A ] usbohci C:\windows\system32\DRIVERS\usbohci.sys
18:20:00.0370 0x13a4 usbohci - ok
18:20:00.0403 0x13a4 [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
18:20:00.0405 0x13a4 usbprint - ok
18:20:00.0434 0x13a4 [ FC6B21DB4B5B398AB93DBE59CBF11036, A94094C208F376405C07822A6143001EF1B12AE93205CD8002E87F6EB45F6374 ] usbscan C:\windows\system32\drivers\usbscan.sys
18:20:00.0438 0x13a4 usbscan - ok
18:20:00.0477 0x13a4 [ 007C0C8D5B01D82ACEB70431D15083F6, 7EAF68CD3C38D3CD2CDFEE9ECE1DFB38E274F1F9E6F70B73BCE1336E87D5496C ] usbser C:\windows\system32\drivers\usbser.sys
18:20:00.0481 0x13a4 usbser - ok
18:20:00.0525 0x13a4 [ 4F8FBC51A1C0A17310846B417A447F91, A283240C88D8A38839F8E21AD9A099AF55118140569362A6F3ED623D2C009D42 ] UsbserFilt C:\windows\system32\DRIVERS\usbser_lowerfltj.sys
18:20:00.0527 0x13a4 UsbserFilt - ok
18:20:00.0551 0x13a4 [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
18:20:00.0556 0x13a4 USBSTOR - ok
18:20:00.0581 0x13a4 [ 8E51D04175BAA14C4F79AA5F6D248770, 6CE2E45E272734A5D1D0C4CE2BD7B61C61C7538903E87203E376495D198EFBD0 ] usbuhci C:\windows\system32\drivers\usbuhci.sys
18:20:00.0584 0x13a4 usbuhci - ok
18:20:00.0639 0x13a4 [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
18:20:00.0648 0x13a4 usbvideo - ok
18:20:00.0675 0x13a4 [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\windows\System32\uxsms.dll
18:20:00.0682 0x13a4 UxSms - ok
18:20:00.0699 0x13a4 [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] VaultSvc C:\windows\system32\lsass.exe
18:20:00.0703 0x13a4 VaultSvc - ok
18:20:00.0731 0x13a4 [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
18:20:00.0734 0x13a4 vdrvroot - ok
18:20:00.0795 0x13a4 [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds C:\windows\System32\vds.exe
18:20:00.0837 0x13a4 vds - ok
18:20:00.0867 0x13a4 [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
18:20:00.0871 0x13a4 vga - ok
18:20:00.0900 0x13a4 [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\windows\System32\drivers\vga.sys
18:20:00.0903 0x13a4 VgaSave - ok
18:20:00.0944 0x13a4 [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp C:\windows\system32\drivers\vhdmp.sys
18:20:00.0953 0x13a4 vhdmp - ok
18:20:00.0982 0x13a4 [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\windows\system32\drivers\viaagp.sys
18:20:00.0985 0x13a4 viaagp - ok
18:20:01.0017 0x13a4 [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\windows\system32\DRIVERS\viac7.sys
18:20:01.0021 0x13a4 ViaC7 - ok
18:20:01.0055 0x13a4 [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\windows\system32\drivers\viaide.sys
18:20:01.0057 0x13a4 viaide - ok
18:20:01.0077 0x13a4 [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr C:\windows\system32\drivers\volmgr.sys
18:20:01.0082 0x13a4 volmgr - ok
18:20:01.0123 0x13a4 [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\windows\system32\drivers\volmgrx.sys
18:20:01.0138 0x13a4 volmgrx - ok
18:20:01.0167 0x13a4 [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap C:\windows\system32\drivers\volsnap.sys
18:20:01.0184 0x13a4 volsnap - ok
18:20:01.0220 0x13a4 [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
18:20:01.0228 0x13a4 vsmraid - ok
18:20:01.0301 0x13a4 [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS C:\windows\system32\vssvc.exe
18:20:01.0369 0x13a4 VSS - ok
18:20:01.0389 0x13a4 [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
18:20:01.0391 0x13a4 vwifibus - ok
18:20:01.0412 0x13a4 [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
18:20:01.0417 0x13a4 vwififlt - ok
18:20:01.0443 0x13a4 [ A3F04CBEA6C2A10E6CB01F8B47611882, 32AFE18B07FECA30BC95831A5DC94C784E543784DF16165334A777DC84E91EF3 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
18:20:01.0445 0x13a4 vwifimp - ok
18:20:01.0494 0x13a4 [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\windows\system32\w32time.dll
18:20:01.0513 0x13a4 W32Time - ok
18:20:01.0538 0x13a4 [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
18:20:01.0540 0x13a4 WacomPen - ok
18:20:01.0582 0x13a4 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
18:20:01.0585 0x13a4 WANARP - ok
18:20:01.0593 0x13a4 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
18:20:01.0597 0x13a4 Wanarpv6 - ok
18:20:01.0787 0x13a4 [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
18:20:01.0856 0x13a4 WatAdminSvc - ok
18:20:02.0127 0x13a4 [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine C:\windows\system32\wbengine.exe
18:20:02.0289 0x13a4 wbengine - ok
18:20:02.0406 0x13a4 [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
18:20:02.0449 0x13a4 WbioSrvc - ok
18:20:02.0530 0x13a4 [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc C:\windows\System32\wcncsvc.dll
18:20:02.0589 0x13a4 wcncsvc - ok
18:20:02.0631 0x13a4 [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
18:20:02.0644 0x13a4 WcsPlugInService - ok
18:20:02.0674 0x13a4 [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\windows\system32\DRIVERS\wd.sys
18:20:02.0679 0x13a4 Wd - ok
18:20:02.0777 0x13a4 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
18:20:02.0828 0x13a4 Wdf01000 - ok
18:20:02.0902 0x13a4 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost C:\windows\system32\wdi.dll
18:20:02.0919 0x13a4 WdiServiceHost - ok
18:20:02.0939 0x13a4 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost C:\windows\system32\wdi.dll
18:20:02.0956 0x13a4 WdiSystemHost - ok
18:20:03.0022 0x13a4 [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient C:\windows\System32\webclnt.dll
18:20:03.0062 0x13a4 WebClient - ok
18:20:03.0105 0x13a4 [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\windows\system32\wecsvc.dll
18:20:03.0137 0x13a4 Wecsvc - ok
18:20:03.0167 0x13a4 [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\windows\System32\wercplsupport.dll
18:20:03.0175 0x13a4 wercplsupport - ok
18:20:03.0210 0x13a4 [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\windows\System32\WerSvc.dll
18:20:03.0230 0x13a4 WerSvc - ok
18:20:03.0253 0x13a4 [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
18:20:03.0257 0x13a4 WfpLwf - ok
18:20:03.0287 0x13a4 [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\windows\system32\drivers\wimmount.sys
18:20:03.0289 0x13a4 WIMMount - ok
18:20:03.0383 0x13a4 [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
18:20:03.0426 0x13a4 WinDefend - ok
18:20:03.0471 0x13a4 WinHttpAutoProxySvc - ok
18:20:03.0539 0x13a4 [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
18:20:03.0548 0x13a4 Winmgmt - ok
18:20:03.0648 0x13a4 [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM C:\windows\system32\WsmSvc.dll
18:20:03.0735 0x13a4 WinRM - ok
18:20:03.0856 0x13a4 [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
18:20:03.0862 0x13a4 WinUsb - ok
18:20:03.0974 0x13a4 [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\windows\System32\wlansvc.dll
18:20:04.0074 0x13a4 Wlansvc - ok
18:20:04.0108 0x13a4 [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
18:20:04.0111 0x13a4 WmiAcpi - ok
18:20:04.0166 0x13a4 [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
18:20:04.0181 0x13a4 wmiApSrv - ok
18:20:04.0335 0x13a4 [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
18:20:04.0462 0x13a4 WMPNetworkSvc - ok
18:20:04.0508 0x13a4 [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\windows\System32\wpcsvc.dll
18:20:04.0520 0x13a4 WPCSvc - ok
18:20:04.0576 0x13a4 [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
18:20:04.0593 0x13a4 WPDBusEnum - ok
18:20:04.0643 0x13a4 [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
18:20:04.0647 0x13a4 ws2ifsl - ok
18:20:04.0685 0x13a4 [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\windows\system32\wscsvc.dll
18:20:04.0701 0x13a4 wscsvc - ok
18:20:04.0717 0x13a4 WSearch - ok
18:20:04.0981 0x13a4 [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv C:\windows\system32\wuaueng.dll
18:20:05.0165 0x13a4 wuauserv - ok
18:20:05.0224 0x13a4 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
18:20:05.0232 0x13a4 WudfPf - ok
18:20:05.0281 0x13a4 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
18:20:05.0297 0x13a4 WUDFRd - ok
18:20:05.0346 0x13a4 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\windows\System32\WUDFSvc.dll
18:20:05.0365 0x13a4 wudfsvc - ok
18:20:05.0429 0x13a4 [ 3C5E51C05BE9B56EAFF4E388C3AB25E4, 10D9FDEDAB1FB2E76D54661AFA5C1A6B1B0980525F38F5D061537077841C6AEE ] WwanSvc C:\windows\System32\wwansvc.dll
18:20:05.0463 0x13a4 WwanSvc - ok
18:20:05.0549 0x13a4 [ 3EB1576F77B60A6C79DD7742B67219B8, 92027D2DA2A9A574F8C37870079BCC7790A03D5C22E677C4A91BF52549CB44DC ] yukonw7 C:\windows\system32\DRIVERS\yk62x86.sys
18:20:05.0580 0x13a4 yukonw7 - ok
18:20:05.0641 0x13a4 ================ Scan global ===============================
18:20:05.0682 0x13a4 [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\windows\system32\basesrv.dll
18:20:05.0742 0x13a4 [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\windows\system32\winsrv.dll
18:20:05.0800 0x13a4 [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\windows\system32\winsrv.dll
18:20:05.0850 0x13a4 [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\windows\system32\sxssrv.dll
18:20:05.0918 0x13a4 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\windows\system32\services.exe
18:20:05.0949 0x13a4 [ Global ] - ok
18:20:05.0950 0x13a4 ================ Scan MBR ==================================
18:20:05.0988 0x13a4 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
18:20:06.0321 0x13a4 \Device\Harddisk0\DR0 - ok
18:20:06.0322 0x13a4 ================ Scan VBR ==================================
18:20:06.0333 0x13a4 [ CCDE37EA65F16924A64B72640EF3FE12 ] \Device\Harddisk0\DR0\Partition1
18:20:06.0339 0x13a4 \Device\Harddisk0\DR0\Partition1 - ok
18:20:06.0361 0x13a4 [ 75720E990AB1B714E1AD2ACFC9885E9D ] \Device\Harddisk0\DR0\Partition2
18:20:06.0365 0x13a4 \Device\Harddisk0\DR0\Partition2 - ok
18:20:06.0405 0x13a4 [ A891AB4863E553B9F5D09E07B975B90D ] \Device\Harddisk0\DR0\Partition3
18:20:06.0411 0x13a4 \Device\Harddisk0\DR0\Partition3 - ok
18:20:06.0436 0x13a4 [ D6B2329EF8B9F974F40DA144AF0D7ADA ] \Device\Harddisk0\DR0\Partition4
18:20:06.0439 0x13a4 \Device\Harddisk0\DR0\Partition4 - ok
18:20:06.0442 0x13a4 Waiting for KSN requests completion. In queue: 101
18:20:07.0442 0x13a4 Waiting for KSN requests completion. In queue: 101
18:20:08.0442 0x13a4 Waiting for KSN requests completion. In queue: 101
18:20:09.0668 0x13a4 AV detected via SS2: AVG Anti-Virus Free, C:\Program Files\AVG\AVG9\avgwsc.exe ( 9.0.0.832 ), 0x40000 ( disabled : updated )
18:20:09.0691 0x13a4 Win FW state via NFP2: disabled
18:20:12.0580 0x13a4 ============================================================
18:20:12.0580 0x13a4 Scan finished
18:20:12.0580 0x13a4 ============================================================
18:20:12.0631 0x03ac Detected object count: 0
18:20:12.0631 0x03ac Actual detected object count: 0
18:20:35.0159 0x0cec Deinitialize success

[jaro3]

TDSS čistý. Koukal sem, že tam máš ještě AVG9. To je trochu stará verze (tuším že podporu pro ní jsme ukončovali někdy ve 2010, když jsem na TP dělal). Nainstaluj si verzi 2014.
Orcus.


Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[strambm]

ComboFix 13-11-19.01 - Admin 21.11.2013 19:42:59.4.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.2813.1922 [GMT 1:00]
Spuštěný z: c:\users\Admin\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\FlashPlayerApp.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-10-21 do 2013-11-21 )))))))))))))))))))))))))))))))
.
.
2013-11-21 18:55 . 2013-11-21 18:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-11-21 18:10 . 2013-11-21 18:12 -------- d-----w- c:\users\Admin\AppData\Roaming\TS3Client
2013-11-21 18:10 . 2013-11-21 18:10 -------- d-----w- c:\program files\TeamSpeak 3 Client
2013-11-21 17:55 . 2013-11-21 17:55 -------- d-----w- c:\users\Admin\AppData\Local\Overwolf
2013-11-17 19:36 . 2013-11-17 19:36 -------- d-----w- c:\windows\ERUNT
2013-11-17 09:34 . 2013-11-17 19:14 -------- d-----w- C:\AdwCleaner
2013-11-14 21:50 . 2013-11-16 13:21 -------- d-----w- c:\program files\OpenTTD
2013-11-14 21:33 . 2013-11-14 21:33 -------- d-----w- c:\users\Admin\AppData\Roaming\Comodo
2013-11-14 21:29 . 2011-04-14 10:01 17816 ----a-w- c:\windows\system32\drivers\cmdatp.sys
2013-11-14 21:29 . 2013-11-14 21:29 -------- d-----w- c:\program files\COMODO
2013-11-14 21:26 . 2013-11-14 21:27 -------- d-----w- c:\users\Administrator
2013-11-14 20:58 . 2013-11-14 20:58 -------- d-----w- c:\programdata\COMODO
2013-11-13 09:26 . 2013-10-12 06:08 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-11-13 09:26 . 2013-10-12 07:02 2877952 ----a-w- c:\windows\system32\jscript9.dll
2013-11-13 09:26 . 2013-10-12 07:03 217600 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2013-11-13 09:26 . 2013-10-12 07:02 108032 ----a-w- c:\program files\Internet Explorer\jsdebuggeride.dll
2013-11-13 05:56 . 2013-10-04 01:58 152576 ----a-w- c:\windows\system32\SmartcardCredentialProvider.dll
2013-11-11 19:05 . 2013-11-11 19:05 -------- d-----w- c:\program files\CCleaner
2013-11-02 10:07 . 2013-11-02 10:07 -------- d-----w- c:\programdata\Oracle
2013-11-02 10:07 . 2013-11-02 10:07 -------- d-----w- c:\program files\Common Files\Java
2013-11-02 10:07 . 2013-10-08 06:50 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-10-30 21:57 . 2013-10-30 21:57 -------- d-----w- c:\programdata\Mosaic
2013-10-30 00:11 . 2013-11-11 18:54 -------- d-----w- c:\programdata\Autodesk
2013-10-30 00:11 . 2013-10-30 00:11 -------- d-----w- c:\users\Admin\AppData\Roaming\Autodesk
2013-10-30 00:11 . 2013-10-30 00:11 -------- d-----w- c:\users\Admin\AppData\Local\Autodesk
2013-10-30 00:10 . 2013-10-30 00:10 -------- d-----w- c:\program files\Autodesk
2013-10-29 12:41 . 2013-10-29 12:41 -------- d-----w- C:\816e4d74d3ce7168b0d9
2013-10-29 12:10 . 2013-09-04 01:14 76288 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-10-29 12:10 . 2013-09-04 01:14 43008 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-10-29 12:10 . 2013-09-04 01:15 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-10-29 12:10 . 2013-09-04 01:14 284672 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-10-29 12:10 . 2013-09-04 01:14 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-10-29 12:10 . 2013-09-04 01:14 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-10-29 12:10 . 2013-09-04 01:14 6016 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-10-29 12:05 . 2013-10-29 12:05 -------- d-----w- c:\users\Admin\AppData\Local\Akamai
2013-10-29 12:05 . 2013-10-29 12:05 -------- d-----w- C:\Autodesk
2013-10-29 11:00 . 2013-10-29 11:10 -------- d-----w- c:\users\Admin\SICHR13
2013-10-29 10:58 . 2013-10-29 10:58 -------- d-----w- c:\program files\OEZ
2013-10-29 10:17 . 2013-11-11 18:46 -------- d-----w- C:\KLIMSA
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-09 21:52 . 2013-03-15 19:53 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-09-25 01:57 . 2013-11-13 05:56 247808 ----a-w- c:\windows\system32\schannel.dll
2013-09-14 00:48 . 2013-10-11 04:57 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2013-09-08 02:07 . 2013-10-11 04:57 1294272 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-09-08 02:03 . 2013-10-11 04:57 231424 ----a-w- c:\windows\system32\mswsock.dll
2013-08-29 01:51 . 2013-10-11 04:57 3969472 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-08-29 01:51 . 2013-10-11 04:57 3914176 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-08-29 01:50 . 2013-10-11 04:57 1289096 ----a-w- c:\windows\system32\ntdll.dll
2013-08-29 01:50 . 2013-10-11 04:57 619520 ----a-w- c:\windows\system32\tdh.dll
2013-08-29 01:48 . 2013-10-11 04:57 640512 ----a-w- c:\windows\system32\advapi32.dll
2013-08-29 01:12 . 2013-10-11 04:57 28160 ----a-w- c:\windows\system32\drivers\usbser.sys
2013-08-28 01:04 . 2013-10-11 04:56 2348544 ----a-w- c:\windows\system32\win32k.sys
2013-08-28 00:57 . 2013-10-11 04:56 434688 ----a-w- c:\windows\system32\scavengeui.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-06-17 2363392]
"NokiaSuite.exe"="c:\program files\Nokia\Nokia Suite\NokiaSuite.exe" [2011-11-01 1053056]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-07-27 288312]
"PDF Complete"="c:\program files\PDF Complete\pdfsty.exe" [2009-06-18 563736]
"WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-07-30 1545512]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-08-04 98304]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-07-13 458844]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2012-01-27 2077536]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\SSMMgr.exe" [2009-11-26 614400]
"STO Backup Service"="c:\program files\SmarThru Office\BackUpSvr.exe" [2010-08-03 192512]
"STO Launcher Service"="c:\program files\SmarThru Office\LegacyLauncher.exe" [2010-08-03 335872]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2013-03-21 280576]
.
c:\users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-5-15 384512]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-30 795936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\avgrsstx.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 GarenaPEngine;GarenaPEngine;c:\users\Admin\AppData\Local\Temp\VIC9A5D.tmp [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files\Garena Plus\Room\safedrv.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 22856]
R3 RoxMediaDB10;RoxMediaDB10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-06-13 1120752]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-07-11 1343400]
S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2013-01-16 226016]
S1 AvgTdiX;AVG Free Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2011-05-06 243152]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_b3d7bbbd6875f4bb\aestsrv.exe [2009-03-02 81920]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-04 176128]
S2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2010-07-17 308136]
S2 EzVpnSvc;COMODO Unite MultiLogin Service;c:\program files\COMODO\Unite\EzVpnSvc.exe [2011-08-22 360752]
S2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [2009-06-18 635416]
S2 Samsung Network Fax Server;Samsung Network Fax Server;c:\windows\system32\spool\drivers\w32x86\3\NetFaxServer.exe [2009-12-01 165888]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2009-05-27 5120]
S3 ATP;Comodo Unite Miniport Driver;c:\windows\system32\DRIVERS\cmdatp.sys [2011-04-14 17816]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-07-20 313856]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 19:11 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-11-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-15 21:52]
.
2013-11-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1294438792-3714271561-327485916-1001Core.job
- c:\users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-18 14:07]
.
2013-11-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1294438792-3714271561-327485916-1001UA.job
- c:\users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-18 14:07]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\sign
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojeplatba.cz\www
TCP: DhcpNameServer = 62.113.218.183 8.8.8.8
FF - ProfilePath - c:\users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\nzfefp7r.default\
.
.
------- Asociace souborů -------
.
.scr=AutoCADScriptFile
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\GarenaPEngine]
"ImagePath"="\??\c:\users\Admin\AppData\Local\Temp\VIC9A5D.tmp"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2013-11-21 19:59:01
ComboFix-quarantined-files.txt 2013-11-21 18:59
.
Před spuštěním: Volných bajtů: 232 128 098 304
Po spuštění: Volných bajtů: 232 295 403 520
.
- - End Of File - - 2E323490FADE5A366EBB343D20C171E7
5C616939100B85E558DA92B899A0FC36