PC-HELP.CZ

Zdravím,
prosím o kontrolu logu,nějak se mi začal sekat PC

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:59:11, on 16. 3. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16843)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhostex.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Windows\Explorer.EXE
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x86__8wekyb3d8bbwe\LiveComm.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
C:\Program Files\Serviio\bin\ServiioConsole.exe
C:\Windows\ImmersiveControlPanel\SystemSettings.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
C:\Users\David\Documents\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=13415
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [ShadowPlay] C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [HP Deskjet 3050A J611 series (NET)] "C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN23L510M305PJ:NW" -scfn "HP Deskjet 3050A J611 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\David\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\David\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - Startup: Serviio.lnk = C:\Program Files\Serviio\bin\ServiioConsole.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Serviio - Unknown owner - C:\Program Files\Serviio\bin\ServiioService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

--
End of file - 5316 bytes

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2014.03.16.02

Windows 8 x86 NTFS
Internet Explorer 10.0.9200.16843
David :: DAVIDUV-PC [administrátor]

Ochrana: Povolena

16. 3. 2014 19:18:21
MBAM-log-2014-03-16 (19-24-59).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 203582
Uplynulý čas: 5 minut, 53 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 5
HKCU\Software\AppDataLow\Software\Crossrider (PUP.Optional.CrossRider.A) -> Nebyla provedena žádná instrukce.
HKCU\Software\AppDataLow\Software\HQ-Video-Pro-1.4 (PUP.Optional.HQVideoPro.A) -> Nebyla provedena žádná instrukce.
HKCU\Software\InstalledBrowserExtensions\HQ-Video (PUP.Optional.HQVideoProfessional.A) -> Nebyla provedena žádná instrukce.
HKLM\Software\HQ-Video-Pro-1.4 (PUP.Optional.HQVideoPro.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HQ-Video-Pro-1.4 (PUP.Optional.HQVideoPro.A) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 1
C:\Program Files\HQ-Video-Pro-1.4 (PUP.Optional.HQVideoPro.A) -> Nebyla provedena žádná instrukce.

Nalezené soubory: 21
C:\Users\David\Downloads\dx11.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\David\Downloads\rld.dll (VirTool.Obfuscator) -> Nebyla provedena žádná instrukce.
C:\Windows\Tasks\HQ-Video-Pro-1.4-chromeinstaller.job (PUP.Optional.HQVideoPro.A) -> Nebyla provedena žádná instrukce.
C:\Windows\Tasks\HQ-Video-Pro-1.4-codedownloader.job (PUP.Optional.HQVideoPro.A) -> Nebyla provedena žádná instrukce.
C:\Windows\Tasks\HQ-Video-Pro-1.4-enabler.job (PUP.Optional.HQVideoPro.A) -> Nebyla provedena žádná instrukce.
C:\Windows\Tasks\HQ-Video-Pro-1.4-firefoxinstaller.job (PUP.Optional.HQVideoPro.A) -> Nebyla provedena žádná instrukce.
C:\Windows\Tasks\HQ-Video-Pro-1.4-updater.job (PUP.Optional.HQVideoPro.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\HQ-Video-Pro-1.4\52920.crx (PUP.Optional.HQVideoPro.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\HQ-Video-Pro-1.4\52920.xpi (PUP.Optional.HQVideoPro.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\HQ-Video-Pro-1.4\background.html (PUP.Optional.HQVideoPro.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\HQ-Video-Pro-1.4\HQ-Video-Pro-1.4-bg.exe (PUP.Optional.HQVideoPro.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\HQ-Video-Pro-1.4\HQ-Video-Pro-1.4-bho.dll (PUP.Optional.HQVideoPro.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\HQ-Video-Pro-1.4\HQ-Video-Pro-1.4-chromeinstaller.exe (PUP.Optional.HQVideoPro.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\HQ-Video-Pro-1.4\HQ-Video-Pro-1.4-codedownloader.exe (PUP.Optional.HQVideoPro.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\HQ-Video-Pro-1.4\HQ-Video-Pro-1.4-enabler.exe (PUP.Optional.HQVideoPro.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\HQ-Video-Pro-1.4\HQ-Video-Pro-1.4-firefoxinstaller.exe (PUP.Optional.HQVideoPro.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\HQ-Video-Pro-1.4\HQ-Video-Pro-1.4-updater.exe (PUP.Optional.HQVideoPro.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\HQ-Video-Pro-1.4\HQ-Video-Pro-1.4.ico (PUP.Optional.HQVideoPro.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\HQ-Video-Pro-1.4\Installer.log (PUP.Optional.HQVideoPro.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\HQ-Video-Pro-1.4\Uninstall.exe (PUP.Optional.HQVideoPro.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\HQ-Video-Pro-1.4\utils.exe (PUP.Optional.HQVideoPro.A) -> Nebyla provedena žádná instrukce.

(konec)


# AdwCleaner v3.022 - Report created 16/03/2014 at 19:08:17
# Updated 13/03/2014 by Xplode
# Operating System : Windows 8 Pro (32 bits)
# Username : David - DAVIDUV-PC
# Running from : C:\Users\David\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Windows\System32\Tasks\HQ-Video-Pro-1.4-codedownloader
File Found : C:\Windows\System32\Tasks\HQ-Video-Pro-1.4-enabler
File Found : C:\Windows\System32\Tasks\HQ-Video-Pro-1.4-firefoxinstaller
File Found : C:\Windows\System32\Tasks\HQ-Video-Pro-1.4-chromeinstaller
File Found : C:\Windows\System32\Tasks\HQ-Video-Pro-1.4-updater
File Found : C:\Windows\Tasks\HQ-Video-Pro-1.4-codedownloader.job
File Found : C:\Windows\Tasks\HQ-Video-Pro-1.4-enabler.job
File Found : C:\Windows\Tasks\HQ-Video-Pro-1.4-firefoxinstaller.job
File Found : C:\Windows\Tasks\HQ-Video-Pro-1.4-chromeinstaller.job
File Found : C:\Windows\Tasks\HQ-Video-Pro-1.4-updater.job
Folder Found : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\5s5n9421.default\Extensions\f6b78e05-0819-4914-a9b1-53baf8fa3cd8@5f1a7616-ab87-4cb2-b56e-1218d848ce49.com
Folder Found C:\Program Files\HQ-Video-Pro-1.4

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\AppDataLow\Software\HQ-Video-Pro-1.4
Key Found : HKCU\Software\installedbrowserextensions
Key Found : HKLM\Software\HQ-Video-Pro-1.4
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4d7fa28e-846d-41e9-838f-fc560cd261e4}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4d7fa28e-846d-41e9-838f-fc560cd261e4}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85bf9d4f-b8bb-41eb-819d-e657b6d5ae4e}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85bf9d4f-b8bb-41eb-819d-e657b6d5ae4e}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\HQ-Video-Pro-1.4-codedownloader
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\HQ-Video-Pro-1.4-enabler
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\HQ-Video-Pro-1.4-firefoxinstaller
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\HQ-Video-Pro-1.4-chromeinstaller
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\HQ-Video-Pro-1.4-updater
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0008E5DC-A200-4C55-989F-CC3FDB14F646}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A105CC9E-C5F4-408B-A8A9-C6C7A7E082EB}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B072965A-37E4-4E3A-85EE-4DCD56868E87}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BC3A9649-963B-40CA-AE68-2809E0FB474B}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA1AE3E4-3EC2-447F-8BE5-1814A588E395}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HQ-Video-Pro-1.4

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16843


-\\ Mozilla Firefox v27.0.1 (cs)

[ File : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\5s5n9421.default\prefs.js ]

Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.InstallationThankYouPage", true);
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.InstallationTime", 1394304233);
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.active", true);
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.addressbar", "NA");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.addressbarenhanced", "");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920_dbWasSet", true);
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920_dbWasSet_FF25_FIX", true[...]
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.asyncdb.was_copied", "true");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.asyncdb_dbWasSet", true);
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.asyncdb_dbWasSet_FF25_FIX", true);
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.asyncinternaldb.was_copied", "true");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.asyncinternaldb_dbWasSet", true);
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.asyncinternaldb_dbWasSet_FF25_FIX", true);
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.backgroundver", 1);
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.certdomaininstaller", "");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.changeprevious", false);
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.cookie.InstallationTime.value", "%221394304233%22");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.cookie.InstallerParams.value", "%7B%22source_id%22%3A%22001186%22%2C%22sub_id%22%3A%220%22%2C%22uz[...]
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.cookie._GPL_aoi.value", "%221394568110%22");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.cookie._GPL_parent_zoneid.value", "%22535170%22");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.cookie.iframe-exists.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.cookie.iframe-exists.value", "true");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.cookie.jw_token.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.cookie.jw_token.value", "%22e1b9de81-ac38-63b3-9bb0-32e1b0aeed85%22");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.description", "HQ Videos is an add-on for your Internet browser that enhances your online experien[...]
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.domain", "");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.enablesearch", false);
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.homepage", "");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.iframe", false);
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3A%2275D25E4478594302948ECB0D2BF0D[...]
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.internaldb.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.internaldb.InstallerParams.value", "%7B%22source_id%22%3A%22001186%22%2C%22sub_id%22%3A%220%22%2C%[...]
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.internaldb.InstallerParamsCache.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.internaldb.InstallerParamsCache.value", "%7B%22source_id%22%3A%22001186%22%2C%22sub_id%22%3A%220%2[...]
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.internaldb.InstallerUserIdentifiersCache.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.internaldb.InstallerUserIdentifiersCache.value", "%7B%22installer_bic%22%3A%2275D25E4478594302948E[...]
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.internaldb.Resources_appVer.value", "27");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.internaldb.Resources_lastVersion.value", "1");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.internaldb.Resources_meta.value", "%7B%7D");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.internaldb.Resources_nextCheck.expiration", "Sun Mar 16 2014 22:27:02 GMT+0100");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.internaldb.Resources_nextCheck.value", "true");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.internaldb.Resources_queue.value", "%7B%7D");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.internaldb.Resources_remote_resources.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.internaldb.Resources_remote_resources.value", "%7B%22remoteId%22%3A0%7D");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.internaldb.__defualt_browser__.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.internaldb.__defualt_browser__.value", "%22ff%22");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.internaldb.installer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.internaldb.installer.value", "%7B%22InstallerIdentifiers%22%3A%7B%22installer_bic%22%3A%2275D25E44[...]
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.internaldb.monetization_plugin_bundledUrls.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.internaldb.monetization_plugin_bundledWithHash.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.internaldb.monetization_plugin_bundledWithHash.value", "null");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.internaldb.monetization_plugin_last_executable_request.expiration", "Mon Mar 17 2014 06:50:21 GMT+[...]
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.internaldb.monetization_plugin_last_executable_request.value", "%22hxxp%3A//data-cdn.mbamupdates.c[...]
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.internaldb.monetization_plugin_notBundledArr_.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.internaldb.monetization_plugin_notBundledArr_.value", "%5B%5D");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.lastDailyReport", "1394983224801");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.lastUpdate", "1394983622452");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.manifesturl", "");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.name", "HQ-Video-Pro-1.4");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.newtab", "");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.opensearch", "");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.pluginsurl", "hxxps://w9u6a2p6.ssl.hwcdn.net/plugin/apps/52920/plugins/094/ff/plugins.json");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.pluginsversion", 24);
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.publisher", "HQ-Video");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.searchstatus", 0);
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.setnewtab", false);
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.thankyou", "");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.updateinterval", 360);
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.52920.ver", 27);
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.FilesValidatorDueTime", "1394983284074");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.apps", "52920");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.bic", "144a340c7fd2255bc7a94660b59c072a");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.cid", 52920);
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.firstrun", false);
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.hadappinstalled", true);
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.installationdate", 1394308336);
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.modetype", "production");
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.reportInstall", true);
Line Found : user_pref("extensions.af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920.statsDailyCounter", 20);
Line Found : user_pref("extensions.crossrider.bic", "144a340c7fd2255bc7a94660b59c072a");

*************************

AdwCleaner[R0].txt - [18818 octets] - [16/03/2014 19:04:41]
AdwCleaner[R1].txt - [18737 octets] - [16/03/2014 19:08:17]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [18798 octets] ##########

V obou nech vše smazat a dodej log po smazání

Stáhni si Junkware Removal Tool

na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.


Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2014.03.16.02

Windows 8 x86 NTFS
Internet Explorer 10.0.9200.16843
David :: DAVIDUV-PC [administrátor]

Ochrana: Povolena

17. 3. 2014 20:09:32
mbam-log-2014-03-17 (20-09-32).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 203876
Uplynulý čas: 5 minut, 38 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

# AdwCleaner v3.022 - Report created 17/03/2014 at 20:17:30
# Updated 13/03/2014 by Xplode
# Operating System : Windows 8 Pro (32 bits)
# Username : David - DAVIDUV-PC
# Running from : C:\Users\David\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16843


-\\ Mozilla Firefox v27.0.1 (cs)

[ File : C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\5s5n9421.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [18818 octets] - [16/03/2014 19:04:41]
AdwCleaner[R1].txt - [18879 octets] - [16/03/2014 19:08:17]
AdwCleaner[R2].txt - [1015 octets] - [17/03/2014 19:53:11]
AdwCleaner[R3].txt - [793 octets] - [17/03/2014 20:17:30]
AdwCleaner[S0].txt - [1081 octets] - [17/03/2014 19:53:44]

########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [912 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 8 Pro x86
Ran by David on po 17. 03. 2014 at 19:57:54,34
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0B9EC7CE-288E-49C7-9EB8-0D2D628C8A16}



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\David\AppData\Roaming\mozilla\firefox\profiles\5s5n9421.default\minidumps [6 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 17. 03. 2014 at 20:02:08,61
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

RogueKiller V8.8.11 [Mar 14 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 8 (6.2.9200 ) 32 bits version
Spuštěno v : Normální režim
Uživatel : David [Práva správce]
Mód : Kontrola -- Datum : 03/17/2014 20:06:46
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 9 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\David\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> NALEZENO
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\David\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-583023661-1224011286-1607613400-1001\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\David\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-583023661-1224011286-1607613400-1001\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\David\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] IAT @explorer.exe (CoTaskMemFree) : api-ms-win-core-com-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77CF3700)
[Address] IAT @explorer.exe (CoInitializeEx) : api-ms-win-core-com-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77D09DF5)
[Address] IAT @explorer.exe (CoUninitialize) : api-ms-win-core-com-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77D0963D)
[Address] IAT @explorer.exe (CreateStreamOnHGlobal) : api-ms-win-core-com-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77D397D7)
[Address] IAT @explorer.exe (CoGetApartmentType) : api-ms-win-core-com-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77D0A9CD)
[Address] IAT @explorer.exe (CoWaitForMultipleHandles) : api-ms-win-core-com-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77D38B73)
[Address] IAT @explorer.exe (CoFreeUnusedLibraries) : api-ms-win-core-com-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77D42329)
[Address] IAT @explorer.exe (CoEnableCallCancellation) : api-ms-win-core-com-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77D16635)
[Address] IAT @explorer.exe (CoDisableCallCancellation) : api-ms-win-core-com-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77D1666B)
[Address] IAT @explorer.exe (CoCancelCall) : api-ms-win-core-com-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77D9E323)
[Address] IAT @explorer.exe (StringFromGUID2) : api-ms-win-core-com-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77D0A428)
[Address] IAT @explorer.exe (PropVariantClear) : api-ms-win-core-com-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77D0AAF0)
[Address] IAT @explorer.exe (CoMarshalInterThreadInterfaceInStream) : api-ms-win-core-com-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77D3F6D4)
[Address] IAT @explorer.exe (CoReleaseMarshalData) : api-ms-win-core-com-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77D196E2)
[Address] IAT @explorer.exe (CoCreateInstance) : api-ms-win-core-com-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77D0C859)
[Address] IAT @explorer.exe (CoRevokeClassObject) : api-ms-win-core-com-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77D434F6)
[Address] IAT @explorer.exe (CoRegisterClassObject) : api-ms-win-core-com-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77D44757)
[Address] IAT @explorer.exe (CoGetInterfaceAndReleaseStream) : api-ms-win-core-com-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77D3F684)
[Address] IAT @explorer.exe (CoGetMalloc) : api-ms-win-core-com-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77CF3838)
[Address] IAT @explorer.exe (CoCreateFreeThreadedMarshaler) : api-ms-win-core-com-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77D0D270)
[Address] IAT @explorer.exe (CoTaskMemAlloc) : api-ms-win-core-com-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77CF37D7)
[Address] IAT @explorer.exe (CLSIDFromString) : api-ms-win-core-com-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77D38056)
[Address] IAT @explorer.exe (CoTaskMemRealloc) : api-ms-win-core-com-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77D0AACA)
[Address] IAT @explorer.exe (InterlockedExchange) : api-ms-win-core-interlocked-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550CEF9)
[Address] IAT @explorer.exe (InterlockedIncrement) : api-ms-win-core-interlocked-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550CE9B)
[Address] IAT @explorer.exe (InterlockedCompareExchange) : api-ms-win-core-interlocked-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550CF0C)
[Address] IAT @explorer.exe (InterlockedDecrement) : api-ms-win-core-interlocked-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550CE8A)
[Address] IAT @explorer.exe (RegCreateKeyExW) : api-ms-win-core-registry-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7552B580)
[Address] IAT @explorer.exe (RegEnumValueW) : api-ms-win-core-registry-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551C5C4)
[Address] IAT @explorer.exe (RegQueryInfoKeyW) : api-ms-win-core-registry-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551C171)
[Address] IAT @explorer.exe (RegQueryValueExW) : api-ms-win-core-registry-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550FBB6)
[Address] IAT @explorer.exe (RegCloseKey) : api-ms-win-core-registry-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550F832)
[Address] IAT @explorer.exe (RegOpenKeyExW) : api-ms-win-core-registry-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550F625)
[Address] IAT @explorer.exe (RegGetValueW) : api-ms-win-core-registry-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551296A)
[Address] IAT @explorer.exe (RegOpenCurrentUser) : api-ms-win-core-registry-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x755163B3)
[Address] IAT @explorer.exe (RegEnumKeyExW) : api-ms-win-core-registry-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551AA19)
[Address] IAT @explorer.exe (RegDeleteValueW) : api-ms-win-core-registry-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75521401)
[Address] IAT @explorer.exe (RegSetValueExW) : api-ms-win-core-registry-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7552B72B)
[Address] IAT @explorer.exe (OpenProcessToken) : api-ms-win-core-processthreads-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550E647)
[Address] IAT @explorer.exe (OpenThreadToken) : api-ms-win-core-processthreads-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550E612)
[Address] IAT @explorer.exe (CloseHandle) : api-ms-win-core-handle-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550D140)
[Address] IAT @explorer.exe (DuplicateHandle) : api-ms-win-core-handle-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550DA22)
[Address] IAT @explorer.exe (SetUnhandledExceptionFilter) : api-ms-win-core-errorhandling-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x755270D7)
[Address] IAT @explorer.exe (SetErrorMode) : api-ms-win-core-errorhandling-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75512EBF)
[Address] IAT @explorer.exe (GetLastError) : api-ms-win-core-errorhandling-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550CEEF)
[Address] IAT @explorer.exe (RaiseException) : api-ms-win-core-errorhandling-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75511F9B)
[Address] IAT @explorer.exe (UnhandledExceptionFilter) : api-ms-win-core-errorhandling-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7559705F)
[Address] IAT @explorer.exe (WaitForSingleObject) : api-ms-win-core-synch-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75502151)
[Address] IAT @explorer.exe (OpenMutexW) : api-ms-win-core-synch-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551BACE)
[Address] IAT @explorer.exe (InitializeCriticalSectionEx) : api-ms-win-core-synch-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x755153BA)
[Address] IAT @explorer.exe (WaitForMultipleObjectsEx) : api-ms-win-core-synch-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550CFBE)
[Address] IAT @explorer.exe (SetEvent) : api-ms-win-core-synch-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550D08C)
[Address] IAT @explorer.exe (OpenEventW) : api-ms-win-core-synch-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551229A)
[Address] IAT @explorer.exe (CreateEventW) : api-ms-win-core-synch-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550D997)
[Address] IAT @explorer.exe (ResetEvent) : api-ms-win-core-synch-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550D0B2)
[Address] IAT @explorer.exe (CreateMutexW) : api-ms-win-core-synch-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75510EE1)
[Address] IAT @explorer.exe (ReleaseMutex) : api-ms-win-core-synch-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75501005)
[Address] IAT @explorer.exe (Sleep) : api-ms-win-core-synch-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75502284)
[Address] IAT @explorer.exe (CharNextW) : api-ms-win-core-string-l2-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551663E)
[Address] IAT @explorer.exe (CharUpperW) : api-ms-win-core-string-l2-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551695B)
[Address] IAT @explorer.exe (CharPrevW) : api-ms-win-core-string-l2-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75519AAC)
[Address] IAT @explorer.exe (CharLowerW) : api-ms-win-core-string-l2-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551E111)
[Address] IAT @explorer.exe (IsCharAlphaNumericW) : api-ms-win-core-string-l2-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551BDE7)
[Address] IAT @explorer.exe (HeapDestroy) : api-ms-win-core-heap-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x755104F7)
[Address] IAT @explorer.exe (HeapSetInformation) : api-ms-win-core-heap-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551467B)
[Address] IAT @explorer.exe (GetProcessHeap) : api-ms-win-core-heap-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550CEB1)
[Address] IAT @explorer.exe (WideCharToMultiByte) : api-ms-win-core-string-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75511CCD)
[Address] IAT @explorer.exe (MultiByteToWideChar) : api-ms-win-core-string-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75510C61)
[Address] IAT @explorer.exe (CompareStringW) : api-ms-win-core-string-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550EC17)
[Address] IAT @explorer.exe (CompareStringOrdinal) : api-ms-win-core-string-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75517E2F)
[Address] IAT @explorer.exe (FreeLibrary) : api-ms-win-core-libraryloader-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550DD11)
[Address] IAT @explorer.exe (GetProcAddress) : api-ms-win-core-libraryloader-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550FCFE)
[Address] IAT @explorer.exe (LoadLibraryExW) : api-ms-win-core-libraryloader-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551273E)
[Address] IAT @explorer.exe (LockResource) : api-ms-win-core-libraryloader-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550D7DF)
[Address] IAT @explorer.exe (GetModuleHandleW) : api-ms-win-core-libraryloader-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550DC84)
[Address] IAT @explorer.exe (LoadResource) : api-ms-win-core-libraryloader-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x755175B2)
[Address] IAT @explorer.exe (FindResourceExW) : api-ms-win-core-libraryloader-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551748B)
[Address] IAT @explorer.exe (GetModuleFileNameW) : api-ms-win-core-libraryloader-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550E0AF)
[Address] IAT @explorer.exe (FreeLibraryAndExitThread) : api-ms-win-core-libraryloader-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550E033)
[Address] IAT @explorer.exe (GetModuleHandleExW) : api-ms-win-core-libraryloader-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x755120DA)
[Address] IAT @explorer.exe (LoadStringW) : api-ms-win-core-libraryloader-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75513BD1)
[Address] IAT @explorer.exe (GetModuleHandleA) : api-ms-win-core-libraryloader-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550E3CA)
[Address] IAT @explorer.exe (GetCurrentDirectoryW) : api-ms-win-core-processenvironment-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x755154B6)
[Address] IAT @explorer.exe (GetCommandLineW) : api-ms-win-core-processenvironment-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x755153E2)
[Address] IAT @explorer.exe (SearchPathW) : api-ms-win-core-processenvironment-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7555C406)
[Address] IAT @explorer.exe (ExpandEnvironmentStringsW) : api-ms-win-core-processenvironment-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550EDE9)
[Address] IAT @explorer.exe (CallNtPowerInformation) : api-ms-win-power-base-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\powrprof.dll @ 0x75411DCC)
[Address] IAT @explorer.exe (GetPwrCapabilities) : api-ms-win-power-base-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\powrprof.dll @ 0x7541367D)
[Address] IAT @explorer.exe (GetTokenInformation) : api-ms-win-security-base-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550E773)
[Address] IAT @explorer.exe (GetSidSubAuthority) : api-ms-win-security-base-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75516446)
[Address] IAT @explorer.exe (CreateWellKnownSid) : api-ms-win-security-base-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75522A05)
[Address] IAT @explorer.exe (GetLengthSid) : api-ms-win-security-base-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550E66F)
[Address] IAT @explorer.exe (IsValidSid) : api-ms-win-security-base-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550E6D5)
[Address] IAT @explorer.exe (CopySid) : api-ms-win-security-base-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550E688)
[Address] IAT @explorer.exe (GetSidSubAuthorityCount) : api-ms-win-security-base-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551645F)
[Address] IAT @explorer.exe (CheckTokenMembership) : api-ms-win-security-base-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75510329)
[Address] IAT @explorer.exe (PathCchAddExtension) : api-ms-win-core-path-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7553A8C1)
[Address] IAT @explorer.exe (PathCchCombine) : api-ms-win-core-path-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x755186CF)
[Address] IAT @explorer.exe (PathCchAppend) : api-ms-win-core-path-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x755211EC)
[Address] IAT @explorer.exe (GetLongPathNameW) : api-ms-win-core-file-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75532C8D)
[Address] IAT @explorer.exe (ReadFile) : api-ms-win-core-file-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551384C)
[Address] IAT @explorer.exe (CreateFileW) : api-ms-win-core-file-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x755126CE)
[Address] IAT @explorer.exe (WriteFile) : api-ms-win-core-file-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550DA7F)
[Address] IAT @explorer.exe (GetFileSize) : api-ms-win-core-file-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x755102B9)
[Address] IAT @explorer.exe (FindClose) : api-ms-win-core-file-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75514A48)
[Address] IAT @explorer.exe (CompareFileTime) : api-ms-win-core-file-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75511648)
[Address] IAT @explorer.exe (DeleteFileW) : api-ms-win-core-file-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551402F)
[Address] IAT @explorer.exe (FindNextFileW) : api-ms-win-core-file-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75514B4D)
[Address] IAT @explorer.exe (FindFirstFileW) : api-ms-win-core-file-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x755149EA)
[Address] IAT @explorer.exe (GetFileAttributesW) : api-ms-win-core-file-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75512D76)
[Address] IAT @explorer.exe (GetTickCount64) : api-ms-win-core-sysinfo-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550D21E)
[Address] IAT @explorer.exe (GetTickCount) : api-ms-win-core-sysinfo-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550CE5B)
[Address] IAT @explorer.exe (GetProductInfo) : api-ms-win-core-sysinfo-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7552A3A1)
[Address] IAT @explorer.exe (GetVersionExW) : api-ms-win-core-sysinfo-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550EE47)
[Address] IAT @explorer.exe (GetSystemDirectoryW) : api-ms-win-core-sysinfo-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x755143EE)
[Address] IAT @explorer.exe (GetSystemTimeAsFileTime) : api-ms-win-core-sysinfo-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550D306)
[Address] IAT @explorer.exe (GetSystemTime) : api-ms-win-core-sysinfo-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550ECE5)
[Address] IAT @explorer.exe (GetWindowsDirectoryW) : api-ms-win-core-sysinfo-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x755169A0)
[Address] IAT @explorer.exe (GetLocalTime) : api-ms-win-core-sysinfo-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550F145)
[Address] IAT @explorer.exe (GetDynamicTimeZoneInformation) : api-ms-win-core-timezone-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75552B27)
[Address] IAT @explorer.exe (GetTimeZoneInformation) : api-ms-win-core-timezone-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x755200B1)
[Address] IAT @explorer.exe (SystemTimeToFileTime) : api-ms-win-core-timezone-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75512141)
[Address] IAT @explorer.exe (GetTimeFormatEx) : api-ms-win-core-datetime-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75522599)
[Address] IAT @explorer.exe (GetDateFormatEx) : api-ms-win-core-datetime-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x755225C9)
[Address] IAT @explorer.exe (GetDateFormatW) : api-ms-win-core-datetime-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75532516)
[Address] IAT @explorer.exe (MapViewOfFile) : api-ms-win-core-memory-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75512BB9)
[Address] IAT @explorer.exe (VirtualAlloc) : api-ms-win-core-memory-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550D3DD)
[Address] IAT @explorer.exe (UnmapViewOfFile) : api-ms-win-core-memory-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550D2A3)
[Address] IAT @explorer.exe (CreateFileMappingW) : api-ms-win-core-memory-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75512D4F)
[Address] IAT @explorer.exe (VirtualFree) : api-ms-win-core-memory-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550DD5A)
[Address] IAT @explorer.exe (StrStrIW) : api-ms-win-core-shlwapi-obsolete-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551F51E)
[Address] IAT @explorer.exe (StrTrimW) : api-ms-win-core-shlwapi-obsolete-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551DF67)
[Address] IAT @explorer.exe (StrCmpNICW) : api-ms-win-core-shlwapi-obsolete-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7555D843)
[Address] IAT @explorer.exe (StrCmpNW) : api-ms-win-core-shlwapi-obsolete-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7555CC6A)
[Address] IAT @explorer.exe (StrToIntW) : api-ms-win-core-shlwapi-obsolete-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7555DD73)
[Address] IAT @explorer.exe (StrChrW) : api-ms-win-core-shlwapi-obsolete-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7555D80F)
[Address] IAT @explorer.exe (StrCmpICW) : api-ms-win-core-shlwapi-obsolete-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7555D76D)
[Address] IAT @explorer.exe (StrCmpNIW) : api-ms-win-core-shlwapi-obsolete-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551F7C6)
[Address] IAT @explorer.exe (StrRStrIW) : api-ms-win-core-shlwapi-obsolete-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75557664)
[Address] IAT @explorer.exe (StrCmpIW) : api-ms-win-core-shlwapi-obsolete-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x755343B9)
[Address] IAT @explorer.exe (SHLoadIndirectString) : api-ms-win-core-shlwapi-obsolete-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551FB3B)
[Address] IAT @explorer.exe (StrChrIW) : api-ms-win-core-shlwapi-obsolete-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75535923)
[Address] IAT @explorer.exe (StrCmpW) : api-ms-win-core-shlwapi-obsolete-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7555CED7)
[Address] IAT @explorer.exe (StrCmpCW) : api-ms-win-core-shlwapi-obsolete-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75516B0D)
[Address] IAT @explorer.exe (QISearch) : api-ms-win-core-shlwapi-obsolete-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550DEB8)
[Address] IAT @explorer.exe (StrCmpICA) : api-ms-win-core-shlwapi-obsolete-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550DF6D)
[Address] IAT @explorer.exe (GetUserDefaultUILanguage) : api-ms-win-core-localization-obsolete-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551172A)
[Address] IAT @explorer.exe (CoRegisterMessageFilter) : api-ms-win-core-com-private-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77D391D2)
[Address] IAT @explorer.exe (SHRegGetUSValueW) : api-ms-win-core-registryuserspecific-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75530829)
[Address] IAT @explorer.exe (SHRegGetBoolUSValueW) : api-ms-win-core-registryuserspecific-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75537F7A)
[Address] IAT @explorer.exe (PathRemoveExtensionW) : api-ms-win-core-shlwapi-legacy-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75521111)
[Address] IAT @explorer.exe (PathIsFileSpecW) : api-ms-win-core-shlwapi-legacy-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x755374FF)
[Address] IAT @explorer.exe (PathGetDriveNumberW) : api-ms-win-core-shlwapi-legacy-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7555D9BF)
[Address] IAT @explorer.exe (PathRemoveFileSpecW) : api-ms-win-core-shlwapi-legacy-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7553208C)
[Address] IAT @explorer.exe (PathCommonPrefixW) : api-ms-win-core-shlwapi-legacy-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75520BFB)
[Address] IAT @explorer.exe (PathStripPathW) : api-ms-win-core-shlwapi-legacy-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x755626F0)
[Address] IAT @explorer.exe (PathStripToRootW) : api-ms-win-core-shlwapi-legacy-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7553224C)
[Address] IAT @explorer.exe (PathFindExtensionW) : api-ms-win-core-shlwapi-legacy-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75519964)
[Address] IAT @explorer.exe (PathQuoteSpacesW) : api-ms-win-core-shlwapi-legacy-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75557B36)
[Address] IAT @explorer.exe (SHExpandEnvironmentStringsW) : api-ms-win-core-shlwapi-legacy-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75519C9B)
[Address] IAT @explorer.exe (PathFileExistsW) : api-ms-win-core-shlwapi-legacy-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75516B45)
[Address] IAT @explorer.exe (PathGetArgsW) : api-ms-win-core-shlwapi-legacy-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7555BE61)
[Address] IAT @explorer.exe (PathRemoveBlanksW) : api-ms-win-core-shlwapi-legacy-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7552A588)
[Address] IAT @explorer.exe (PathFindFileNameW) : api-ms-win-core-shlwapi-legacy-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7555D899)
[Address] IAT @explorer.exe (PathCombineW) : api-ms-win-core-shlwapi-legacy-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551E1CF)
[Address] IAT @explorer.exe (PathParseIconLocationW) : api-ms-win-core-shlwapi-legacy-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75562A5F)
[Address] IAT @explorer.exe (PathIsRootW) : api-ms-win-core-shlwapi-legacy-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551E367)
[Address] IAT @explorer.exe (PathIsPrefixW) : api-ms-win-core-shlwapi-legacy-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75520D6E)
[Address] IAT @explorer.exe (RegCreateKeyW) : api-ms-win-core-registry-l2-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\advapi32.dll @ 0x759C879E)
[Address] IAT @explorer.exe (RoGetActivationFactory) : api-ms-win-core-winrt-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77D476B7)
[Address] IAT @explorer.exe (WindowsDeleteString) : api-ms-win-core-winrt-string-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77D41360)
[Address] IAT @explorer.exe (WindowsCreateString) : api-ms-win-core-winrt-string-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77D415A1)
[Address] IAT @explorer.exe (WindowsGetStringRawBuffer) : api-ms-win-core-winrt-string-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77D4116D)
[Address] IAT @explorer.exe (GetLocaleInfoW) : api-ms-win-core-localization-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75513457)
[Address] IAT @explorer.exe (GetThreadUILanguage) : api-ms-win-core-localization-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75520B2D)
[Address] IAT @explorer.exe (QueryFullProcessImageNameW) : api-ms-win-core-psapi-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7555E179)
[Address] IAT @explorer.exe (StopTraceW) : api-ms-win-eventing-controller-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75552934)
[Address] IAT @explorer.exe (EnableTraceEx2) : api-ms-win-eventing-controller-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7554960E)
[Address] IAT @explorer.exe (StartTraceW) : api-ms-win-eventing-controller-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75549E6F)
[Address] IAT @explorer.exe (DeactivateActCtx) : api-ms-win-core-sidebyside-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551029B)
[Address] IAT @explorer.exe (ReleaseActCtx) : api-ms-win-core-sidebyside-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551025F)
[Address] IAT @explorer.exe (ActivateActCtx) : api-ms-win-core-sidebyside-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551027D)
[Address] IAT @explorer.exe (CreateActCtxW) : api-ms-win-core-sidebyside-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x755167FF)
[Address] IAT @explorer.exe (ChangeTimerQueueTimer) : api-ms-win-core-threadpool-legacy-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550E072)
[Address] IAT @explorer.exe (DeleteTimerQueueTimer) : api-ms-win-core-threadpool-legacy-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551056D)
[Address] IAT @explorer.exe (CreateTimerQueueTimer) : api-ms-win-core-threadpool-legacy-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x755105BA)
[Address] IAT @explorer.exe (QueueUserWorkItem) : api-ms-win-core-threadpool-legacy-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550E81C)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) SAMSUNG HD322HJ ATA Device +++++
--- User ---
[MBR] c4f0130b503e6981bdf367e742d54ec2
[BSP] 8885088a6f919f82e2719db26f2c7c66 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 305142 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_03172014_200646.txt >>

Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "

- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje "Smazání- Finished "
- Klikni na "Zprávy " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

====================================================

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

RogueKiller V8.8.11 [Mar 14 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 8 (6.2.9200 ) 32 bits version
Spuštěno v : Normální režim
Uživatel : David [Práva správce]
Mód : Odebrat -- Datum : 03/18/2014 20:58:29
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 9 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\David\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> VYMAZÁNO
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\David\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> VYMAZÁNO
[RUN][SUSP PATH] HKUS\S-1-5-21-583023661-1224011286-1607613400-1001\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\David\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> [0x2] Systém nemůže nalézt uvedený soubor.
[RUN][SUSP PATH] HKUS\S-1-5-21-583023661-1224011286-1607613400-1001\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\David\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> [0x2] Systém nemůže nalézt uvedený soubor.
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] IAT @explorer.exe (CoTaskMemFree) : api-ms-win-core-com-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77CF3700)
[Address] IAT @explorer.exe (CoInitializeEx) : api-ms-win-core-com-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77D09DF5)
[Address] IAT @explorer.exe (CoUninitialize) : api-ms-win-core-com-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77D0963D)
[Address] IAT @explorer.exe (CreateStreamOnHGlobal) : api-ms-win-core-com-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77D397D7)
[Address] IAT @explorer.exe (CoGetApartmentType) : api-ms-win-core-com-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77D0A9CD)
[Address] IAT @explorer.exe (CoWaitForMultipleHandles) : api-ms-win-core-com-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77D38B73)
[Address] IAT @explorer.exe (CoFreeUnusedLibraries) : api-ms-win-core-com-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77D42329)
[Address] IAT @explorer.exe (CoEnableCallCancellation) : api-ms-win-core-com-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77D16635)
[Address] IAT @explorer.exe (CoDisableCallCancellation) : api-ms-win-core-com-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77D1666B)
[Address] IAT @explorer.exe (CoCancelCall) : api-ms-win-core-com-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77D9E323)
[Address] IAT @explorer.exe (StringFromGUID2) : api-ms-win-core-com-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77D0A428)
[Address] IAT @explorer.exe (PropVariantClear) : api-ms-win-core-com-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77D0AAF0)
[Address] IAT @explorer.exe (CoMarshalInterThreadInterfaceInStream) : api-ms-win-core-com-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77D3F6D4)
[Address] IAT @explorer.exe (CoReleaseMarshalData) : api-ms-win-core-com-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77D196E2)
[Address] IAT @explorer.exe (CoCreateInstance) : api-ms-win-core-com-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77D0C859)
[Address] IAT @explorer.exe (CoRevokeClassObject) : api-ms-win-core-com-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77D434F6)
[Address] IAT @explorer.exe (CoRegisterClassObject) : api-ms-win-core-com-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77D44757)
[Address] IAT @explorer.exe (CoGetInterfaceAndReleaseStream) : api-ms-win-core-com-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77D3F684)
[Address] IAT @explorer.exe (CoGetMalloc) : api-ms-win-core-com-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77CF3838)
[Address] IAT @explorer.exe (CoCreateFreeThreadedMarshaler) : api-ms-win-core-com-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77D0D270)
[Address] IAT @explorer.exe (CoTaskMemAlloc) : api-ms-win-core-com-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77CF37D7)
[Address] IAT @explorer.exe (CLSIDFromString) : api-ms-win-core-com-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77D38056)
[Address] IAT @explorer.exe (CoTaskMemRealloc) : api-ms-win-core-com-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77D0AACA)
[Address] IAT @explorer.exe (InterlockedExchange) : api-ms-win-core-interlocked-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550CEF9)
[Address] IAT @explorer.exe (InterlockedIncrement) : api-ms-win-core-interlocked-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550CE9B)
[Address] IAT @explorer.exe (InterlockedCompareExchange) : api-ms-win-core-interlocked-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550CF0C)
[Address] IAT @explorer.exe (InterlockedDecrement) : api-ms-win-core-interlocked-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550CE8A)
[Address] IAT @explorer.exe (RegCreateKeyExW) : api-ms-win-core-registry-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7552B580)
[Address] IAT @explorer.exe (RegEnumValueW) : api-ms-win-core-registry-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551C5C4)
[Address] IAT @explorer.exe (RegQueryInfoKeyW) : api-ms-win-core-registry-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551C171)
[Address] IAT @explorer.exe (RegQueryValueExW) : api-ms-win-core-registry-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550FBB6)
[Address] IAT @explorer.exe (RegCloseKey) : api-ms-win-core-registry-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550F832)
[Address] IAT @explorer.exe (RegOpenKeyExW) : api-ms-win-core-registry-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550F625)
[Address] IAT @explorer.exe (RegGetValueW) : api-ms-win-core-registry-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551296A)
[Address] IAT @explorer.exe (RegOpenCurrentUser) : api-ms-win-core-registry-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x755163B3)
[Address] IAT @explorer.exe (RegEnumKeyExW) : api-ms-win-core-registry-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551AA19)
[Address] IAT @explorer.exe (RegDeleteValueW) : api-ms-win-core-registry-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75521401)
[Address] IAT @explorer.exe (RegSetValueExW) : api-ms-win-core-registry-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7552B72B)
[Address] IAT @explorer.exe (OpenProcessToken) : api-ms-win-core-processthreads-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550E647)
[Address] IAT @explorer.exe (OpenThreadToken) : api-ms-win-core-processthreads-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550E612)
[Address] IAT @explorer.exe (CloseHandle) : api-ms-win-core-handle-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550D140)
[Address] IAT @explorer.exe (DuplicateHandle) : api-ms-win-core-handle-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550DA22)
[Address] IAT @explorer.exe (SetUnhandledExceptionFilter) : api-ms-win-core-errorhandling-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x755270D7)
[Address] IAT @explorer.exe (SetErrorMode) : api-ms-win-core-errorhandling-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75512EBF)
[Address] IAT @explorer.exe (GetLastError) : api-ms-win-core-errorhandling-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550CEEF)
[Address] IAT @explorer.exe (RaiseException) : api-ms-win-core-errorhandling-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75511F9B)
[Address] IAT @explorer.exe (UnhandledExceptionFilter) : api-ms-win-core-errorhandling-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7559705F)
[Address] IAT @explorer.exe (WaitForSingleObject) : api-ms-win-core-synch-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75502151)
[Address] IAT @explorer.exe (OpenMutexW) : api-ms-win-core-synch-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551BACE)
[Address] IAT @explorer.exe (InitializeCriticalSectionEx) : api-ms-win-core-synch-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x755153BA)
[Address] IAT @explorer.exe (WaitForMultipleObjectsEx) : api-ms-win-core-synch-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550CFBE)
[Address] IAT @explorer.exe (SetEvent) : api-ms-win-core-synch-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550D08C)
[Address] IAT @explorer.exe (OpenEventW) : api-ms-win-core-synch-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551229A)
[Address] IAT @explorer.exe (CreateEventW) : api-ms-win-core-synch-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550D997)
[Address] IAT @explorer.exe (ResetEvent) : api-ms-win-core-synch-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550D0B2)
[Address] IAT @explorer.exe (CreateMutexW) : api-ms-win-core-synch-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75510EE1)
[Address] IAT @explorer.exe (ReleaseMutex) : api-ms-win-core-synch-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75501005)
[Address] IAT @explorer.exe (Sleep) : api-ms-win-core-synch-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75502284)
[Address] IAT @explorer.exe (CharNextW) : api-ms-win-core-string-l2-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551663E)
[Address] IAT @explorer.exe (CharUpperW) : api-ms-win-core-string-l2-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551695B)
[Address] IAT @explorer.exe (CharPrevW) : api-ms-win-core-string-l2-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75519AAC)
[Address] IAT @explorer.exe (CharLowerW) : api-ms-win-core-string-l2-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551E111)
[Address] IAT @explorer.exe (IsCharAlphaNumericW) : api-ms-win-core-string-l2-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551BDE7)
[Address] IAT @explorer.exe (HeapDestroy) : api-ms-win-core-heap-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x755104F7)
[Address] IAT @explorer.exe (HeapSetInformation) : api-ms-win-core-heap-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551467B)
[Address] IAT @explorer.exe (GetProcessHeap) : api-ms-win-core-heap-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550CEB1)
[Address] IAT @explorer.exe (WideCharToMultiByte) : api-ms-win-core-string-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75511CCD)
[Address] IAT @explorer.exe (MultiByteToWideChar) : api-ms-win-core-string-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75510C61)
[Address] IAT @explorer.exe (CompareStringW) : api-ms-win-core-string-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550EC17)
[Address] IAT @explorer.exe (CompareStringOrdinal) : api-ms-win-core-string-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75517E2F)
[Address] IAT @explorer.exe (FreeLibrary) : api-ms-win-core-libraryloader-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550DD11)
[Address] IAT @explorer.exe (GetProcAddress) : api-ms-win-core-libraryloader-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550FCFE)
[Address] IAT @explorer.exe (LoadLibraryExW) : api-ms-win-core-libraryloader-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551273E)
[Address] IAT @explorer.exe (LockResource) : api-ms-win-core-libraryloader-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550D7DF)
[Address] IAT @explorer.exe (GetModuleHandleW) : api-ms-win-core-libraryloader-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550DC84)
[Address] IAT @explorer.exe (LoadResource) : api-ms-win-core-libraryloader-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x755175B2)
[Address] IAT @explorer.exe (FindResourceExW) : api-ms-win-core-libraryloader-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551748B)
[Address] IAT @explorer.exe (GetModuleFileNameW) : api-ms-win-core-libraryloader-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550E0AF)
[Address] IAT @explorer.exe (FreeLibraryAndExitThread) : api-ms-win-core-libraryloader-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550E033)
[Address] IAT @explorer.exe (GetModuleHandleExW) : api-ms-win-core-libraryloader-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x755120DA)
[Address] IAT @explorer.exe (LoadStringW) : api-ms-win-core-libraryloader-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75513BD1)
[Address] IAT @explorer.exe (GetModuleHandleA) : api-ms-win-core-libraryloader-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550E3CA)
[Address] IAT @explorer.exe (GetCurrentDirectoryW) : api-ms-win-core-processenvironment-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x755154B6)
[Address] IAT @explorer.exe (GetCommandLineW) : api-ms-win-core-processenvironment-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x755153E2)
[Address] IAT @explorer.exe (SearchPathW) : api-ms-win-core-processenvironment-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7555C406)
[Address] IAT @explorer.exe (ExpandEnvironmentStringsW) : api-ms-win-core-processenvironment-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550EDE9)
[Address] IAT @explorer.exe (CallNtPowerInformation) : api-ms-win-power-base-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\powrprof.dll @ 0x75411DCC)
[Address] IAT @explorer.exe (GetPwrCapabilities) : api-ms-win-power-base-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\powrprof.dll @ 0x7541367D)
[Address] IAT @explorer.exe (GetTokenInformation) : api-ms-win-security-base-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550E773)
[Address] IAT @explorer.exe (GetSidSubAuthority) : api-ms-win-security-base-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75516446)
[Address] IAT @explorer.exe (CreateWellKnownSid) : api-ms-win-security-base-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75522A05)
[Address] IAT @explorer.exe (GetLengthSid) : api-ms-win-security-base-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550E66F)
[Address] IAT @explorer.exe (IsValidSid) : api-ms-win-security-base-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550E6D5)
[Address] IAT @explorer.exe (CopySid) : api-ms-win-security-base-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550E688)
[Address] IAT @explorer.exe (GetSidSubAuthorityCount) : api-ms-win-security-base-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551645F)
[Address] IAT @explorer.exe (CheckTokenMembership) : api-ms-win-security-base-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75510329)
[Address] IAT @explorer.exe (PathCchAddExtension) : api-ms-win-core-path-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7553A8C1)
[Address] IAT @explorer.exe (PathCchCombine) : api-ms-win-core-path-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x755186CF)
[Address] IAT @explorer.exe (PathCchAppend) : api-ms-win-core-path-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x755211EC)
[Address] IAT @explorer.exe (GetLongPathNameW) : api-ms-win-core-file-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75532C8D)
[Address] IAT @explorer.exe (ReadFile) : api-ms-win-core-file-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551384C)
[Address] IAT @explorer.exe (CreateFileW) : api-ms-win-core-file-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x755126CE)
[Address] IAT @explorer.exe (WriteFile) : api-ms-win-core-file-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550DA7F)
[Address] IAT @explorer.exe (GetFileSize) : api-ms-win-core-file-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x755102B9)
[Address] IAT @explorer.exe (FindClose) : api-ms-win-core-file-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75514A48)
[Address] IAT @explorer.exe (CompareFileTime) : api-ms-win-core-file-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75511648)
[Address] IAT @explorer.exe (DeleteFileW) : api-ms-win-core-file-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551402F)
[Address] IAT @explorer.exe (FindNextFileW) : api-ms-win-core-file-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75514B4D)
[Address] IAT @explorer.exe (FindFirstFileW) : api-ms-win-core-file-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x755149EA)
[Address] IAT @explorer.exe (GetFileAttributesW) : api-ms-win-core-file-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75512D76)
[Address] IAT @explorer.exe (GetTickCount64) : api-ms-win-core-sysinfo-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550D21E)
[Address] IAT @explorer.exe (GetTickCount) : api-ms-win-core-sysinfo-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550CE5B)
[Address] IAT @explorer.exe (GetProductInfo) : api-ms-win-core-sysinfo-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7552A3A1)
[Address] IAT @explorer.exe (GetVersionExW) : api-ms-win-core-sysinfo-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550EE47)
[Address] IAT @explorer.exe (GetSystemDirectoryW) : api-ms-win-core-sysinfo-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x755143EE)
[Address] IAT @explorer.exe (GetSystemTimeAsFileTime) : api-ms-win-core-sysinfo-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550D306)
[Address] IAT @explorer.exe (GetSystemTime) : api-ms-win-core-sysinfo-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550ECE5)
[Address] IAT @explorer.exe (GetWindowsDirectoryW) : api-ms-win-core-sysinfo-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x755169A0)
[Address] IAT @explorer.exe (GetLocalTime) : api-ms-win-core-sysinfo-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550F145)
[Address] IAT @explorer.exe (GetDynamicTimeZoneInformation) : api-ms-win-core-timezone-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75552B27)
[Address] IAT @explorer.exe (GetTimeZoneInformation) : api-ms-win-core-timezone-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x755200B1)
[Address] IAT @explorer.exe (SystemTimeToFileTime) : api-ms-win-core-timezone-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75512141)
[Address] IAT @explorer.exe (GetTimeFormatEx) : api-ms-win-core-datetime-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75522599)
[Address] IAT @explorer.exe (GetDateFormatEx) : api-ms-win-core-datetime-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x755225C9)
[Address] IAT @explorer.exe (GetDateFormatW) : api-ms-win-core-datetime-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75532516)
[Address] IAT @explorer.exe (MapViewOfFile) : api-ms-win-core-memory-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75512BB9)
[Address] IAT @explorer.exe (VirtualAlloc) : api-ms-win-core-memory-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550D3DD)
[Address] IAT @explorer.exe (UnmapViewOfFile) : api-ms-win-core-memory-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550D2A3)
[Address] IAT @explorer.exe (CreateFileMappingW) : api-ms-win-core-memory-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75512D4F)
[Address] IAT @explorer.exe (VirtualFree) : api-ms-win-core-memory-l1-1-1.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550DD5A)
[Address] IAT @explorer.exe (StrStrIW) : api-ms-win-core-shlwapi-obsolete-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551F51E)
[Address] IAT @explorer.exe (StrTrimW) : api-ms-win-core-shlwapi-obsolete-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551DF67)
[Address] IAT @explorer.exe (StrCmpNICW) : api-ms-win-core-shlwapi-obsolete-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7555D843)
[Address] IAT @explorer.exe (StrCmpNW) : api-ms-win-core-shlwapi-obsolete-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7555CC6A)
[Address] IAT @explorer.exe (StrToIntW) : api-ms-win-core-shlwapi-obsolete-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7555DD73)
[Address] IAT @explorer.exe (StrChrW) : api-ms-win-core-shlwapi-obsolete-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7555D80F)
[Address] IAT @explorer.exe (StrCmpICW) : api-ms-win-core-shlwapi-obsolete-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7555D76D)
[Address] IAT @explorer.exe (StrCmpNIW) : api-ms-win-core-shlwapi-obsolete-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551F7C6)
[Address] IAT @explorer.exe (StrRStrIW) : api-ms-win-core-shlwapi-obsolete-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75557664)
[Address] IAT @explorer.exe (StrCmpIW) : api-ms-win-core-shlwapi-obsolete-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x755343B9)
[Address] IAT @explorer.exe (SHLoadIndirectString) : api-ms-win-core-shlwapi-obsolete-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551FB3B)
[Address] IAT @explorer.exe (StrChrIW) : api-ms-win-core-shlwapi-obsolete-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75535923)
[Address] IAT @explorer.exe (StrCmpW) : api-ms-win-core-shlwapi-obsolete-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7555CED7)
[Address] IAT @explorer.exe (StrCmpCW) : api-ms-win-core-shlwapi-obsolete-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75516B0D)
[Address] IAT @explorer.exe (QISearch) : api-ms-win-core-shlwapi-obsolete-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550DEB8)
[Address] IAT @explorer.exe (StrCmpICA) : api-ms-win-core-shlwapi-obsolete-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550DF6D)
[Address] IAT @explorer.exe (GetUserDefaultUILanguage) : api-ms-win-core-localization-obsolete-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551172A)
[Address] IAT @explorer.exe (CoRegisterMessageFilter) : api-ms-win-core-com-private-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77D391D2)
[Address] IAT @explorer.exe (SHRegGetUSValueW) : api-ms-win-core-registryuserspecific-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75530829)
[Address] IAT @explorer.exe (SHRegGetBoolUSValueW) : api-ms-win-core-registryuserspecific-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75537F7A)
[Address] IAT @explorer.exe (PathRemoveExtensionW) : api-ms-win-core-shlwapi-legacy-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75521111)
[Address] IAT @explorer.exe (PathIsFileSpecW) : api-ms-win-core-shlwapi-legacy-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x755374FF)
[Address] IAT @explorer.exe (PathGetDriveNumberW) : api-ms-win-core-shlwapi-legacy-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7555D9BF)
[Address] IAT @explorer.exe (PathRemoveFileSpecW) : api-ms-win-core-shlwapi-legacy-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7553208C)
[Address] IAT @explorer.exe (PathCommonPrefixW) : api-ms-win-core-shlwapi-legacy-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75520BFB)
[Address] IAT @explorer.exe (PathStripPathW) : api-ms-win-core-shlwapi-legacy-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x755626F0)
[Address] IAT @explorer.exe (PathStripToRootW) : api-ms-win-core-shlwapi-legacy-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7553224C)
[Address] IAT @explorer.exe (PathFindExtensionW) : api-ms-win-core-shlwapi-legacy-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75519964)
[Address] IAT @explorer.exe (PathQuoteSpacesW) : api-ms-win-core-shlwapi-legacy-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75557B36)
[Address] IAT @explorer.exe (SHExpandEnvironmentStringsW) : api-ms-win-core-shlwapi-legacy-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75519C9B)
[Address] IAT @explorer.exe (PathFileExistsW) : api-ms-win-core-shlwapi-legacy-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75516B45)
[Address] IAT @explorer.exe (PathGetArgsW) : api-ms-win-core-shlwapi-legacy-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7555BE61)
[Address] IAT @explorer.exe (PathRemoveBlanksW) : api-ms-win-core-shlwapi-legacy-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7552A588)
[Address] IAT @explorer.exe (PathFindFileNameW) : api-ms-win-core-shlwapi-legacy-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7555D899)
[Address] IAT @explorer.exe (PathCombineW) : api-ms-win-core-shlwapi-legacy-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551E1CF)
[Address] IAT @explorer.exe (PathParseIconLocationW) : api-ms-win-core-shlwapi-legacy-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75562A5F)
[Address] IAT @explorer.exe (PathIsRootW) : api-ms-win-core-shlwapi-legacy-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551E367)
[Address] IAT @explorer.exe (PathIsPrefixW) : api-ms-win-core-shlwapi-legacy-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75520D6E)
[Address] IAT @explorer.exe (RegCreateKeyW) : api-ms-win-core-registry-l2-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\advapi32.dll @ 0x759C879E)
[Address] IAT @explorer.exe (RoGetActivationFactory) : api-ms-win-core-winrt-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77D476B7)
[Address] IAT @explorer.exe (WindowsDeleteString) : api-ms-win-core-winrt-string-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77D41360)
[Address] IAT @explorer.exe (WindowsCreateString) : api-ms-win-core-winrt-string-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77D415A1)
[Address] IAT @explorer.exe (WindowsGetStringRawBuffer) : api-ms-win-core-winrt-string-l1-1-0.dll -> HOOKED (C:\Windows\SYSTEM32\combase.dll @ 0x77D4116D)
[Address] IAT @explorer.exe (GetLocaleInfoW) : api-ms-win-core-localization-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75513457)
[Address] IAT @explorer.exe (GetThreadUILanguage) : api-ms-win-core-localization-l1-2-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75520B2D)
[Address] IAT @explorer.exe (QueryFullProcessImageNameW) : api-ms-win-core-psapi-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7555E179)
[Address] IAT @explorer.exe (StopTraceW) : api-ms-win-eventing-controller-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75552934)
[Address] IAT @explorer.exe (EnableTraceEx2) : api-ms-win-eventing-controller-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7554960E)
[Address] IAT @explorer.exe (StartTraceW) : api-ms-win-eventing-controller-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x75549E6F)
[Address] IAT @explorer.exe (DeactivateActCtx) : api-ms-win-core-sidebyside-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551029B)
[Address] IAT @explorer.exe (ReleaseActCtx) : api-ms-win-core-sidebyside-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551025F)
[Address] IAT @explorer.exe (ActivateActCtx) : api-ms-win-core-sidebyside-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551027D)
[Address] IAT @explorer.exe (CreateActCtxW) : api-ms-win-core-sidebyside-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x755167FF)
[Address] IAT @explorer.exe (ChangeTimerQueueTimer) : api-ms-win-core-threadpool-legacy-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550E072)
[Address] IAT @explorer.exe (DeleteTimerQueueTimer) : api-ms-win-core-threadpool-legacy-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7551056D)
[Address] IAT @explorer.exe (CreateTimerQueueTimer) : api-ms-win-core-threadpool-legacy-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x755105BA)
[Address] IAT @explorer.exe (QueueUserWorkItem) : api-ms-win-core-threadpool-legacy-l1-1-0.dll -> HOOKED (C:\Windows\system32\KERNELBASE.dll @ 0x7550E81C)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) SAMSUNG HD322HJ ATA Device +++++
--- User ---
[MBR] c4f0130b503e6981bdf367e742d54ec2
[BSP] 8885088a6f919f82e2719db26f2c7c66 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 305142 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_03182014_205829.txt >>
RKreport[0]_S_03172014_200646.txt;RKreport[0]_S_03182014_205735.txt

Log z TDSSkileru mi sem nejde vlozit ma pres 100 000 znaku ,ale nic mi to tam nenaslo.

Potom jej vlož na části.


====================================================

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

====================================================

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je označen pro odstranění, stačí restartovat počítač.

Pokud budou problémy , spusť v nouz. režimu.

20:59:56.0427 0x0f6c TDSS rootkit removing tool 3.0.0.25 Feb 27 2014 15:23:02
21:00:01.0374 0x0f6c ============================================================
21:00:01.0374 0x0f6c Current date / time: 2014/03/18 21:00:01.0374
21:00:01.0374 0x0f6c SystemInfo:
21:00:01.0374 0x0f6c
21:00:01.0374 0x0f6c OS Version: 6.2.9200 ServicePack: 0.0
21:00:01.0374 0x0f6c Product type: Workstation
21:00:01.0374 0x0f6c ComputerName: DAVIDUV-PC
21:00:01.0374 0x0f6c UserName: David
21:00:01.0374 0x0f6c Windows directory: C:\Windows
21:00:01.0374 0x0f6c System windows directory: C:\Windows
21:00:01.0374 0x0f6c Processor architecture: Intel x86
21:00:01.0374 0x0f6c Number of processors: 2
21:00:01.0374 0x0f6c Page size: 0x1000
21:00:01.0374 0x0f6c Boot type: Normal boot
21:00:01.0374 0x0f6c ============================================================
21:00:02.0071 0x0f6c KLMD registered as C:\Windows\system32\drivers\08017150.sys
21:00:02.0147 0x0f6c System UUID: {E8442179-C007-E988-008E-7E3B9BF1D7D5}
21:00:02.0551 0x0f6c Drive \Device\Harddisk0\DR0 - Size: 0x4A85C4DE00 (298.09 Gb), SectorSize: 0x200, Cylinders: 0xA181, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050
21:00:02.0613 0x0f6c ============================================================
21:00:02.0613 0x0f6c \Device\Harddisk0\DR0:
21:00:02.0613 0x0f6c MBR partitions:
21:00:02.0613 0x0f6c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:00:02.0613 0x0f6c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x253FB000
21:00:02.0613 0x0f6c ============================================================
21:00:02.0645 0x0f6c C: <-> \Device\Harddisk0\DR0\Partition2
21:00:02.0645 0x0f6c ============================================================
21:00:02.0645 0x0f6c Initialize success
21:00:02.0645 0x0f6c ============================================================
21:00:05.0591 0x0d34 ============================================================
21:00:05.0591 0x0d34 Scan started
21:00:05.0591 0x0d34 Mode: Manual;
21:00:05.0591 0x0d34 ============================================================
21:00:05.0591 0x0d34 KSN ping started
21:00:07.0977 0x0d34 KSN ping finished: true
21:00:08.0377 0x0d34 ================ Scan system memory ========================
21:00:08.0378 0x0d34 System memory - ok
21:00:08.0378 0x0d34 ================ Scan services =============================
21:00:08.0517 0x0d34 [ E7B9E170EFF01486D3118E372BA0AF21, 70A640CBA334F087D216D13005E98484DE125541A941D669398673243B714189 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys
21:00:08.0522 0x0d34 1394ohci - ok
21:00:08.0541 0x0d34 [ 96191579DDB1A201A2FB79C1D05680B4, 0A21C2F3031A9D147DF3E34F25F382B54A62B8764C05A26C388C4F05F56E6F73 ] 3ware C:\Windows\system32\drivers\3ware.sys
21:00:08.0543 0x0d34 3ware - ok
21:00:08.0582 0x0d34 [ B69DD3D0C195558ED5A4CF69A9D241A4, B4358F678F7CC3AA85E1E06B233A788E4A2B13A489436E85314F633EE4728B62 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:00:08.0590 0x0d34 ACPI - ok
21:00:08.0605 0x0d34 [ 3A5DA97644B9E2662CFF186A8798519C, 8AF47B3C6C2CDACD1323E97B9C02FDDFA2CAF68D660B4E8713B160D3C81491ED ] acpiex C:\Windows\system32\Drivers\acpiex.sys
21:00:08.0610 0x0d34 acpiex - ok
21:00:08.0622 0x0d34 [ 87C4AE693CA8AB6E2A13B7C7453466DB, 127D0B337F6B26DCC00E8FBC6A0A403DBEF1436D2F3B2C81B2AAA0DE6B0A879F ] acpipagr C:\Windows\System32\drivers\acpipagr.sys
21:00:08.0623 0x0d34 acpipagr - ok
21:00:08.0629 0x0d34 [ C7D2BA04BA3C6CA702C2615A0C50469C, AA6EF530F76B89BA380DF696AE88E63D345407A6164D7DA67827B362144B6F8C ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys
21:00:08.0630 0x0d34 AcpiPmi - ok
21:00:08.0646 0x0d34 [ 38E110C96B2ACAB4D9A701777C9BCD98, D62A26C5EE6B9900F4BCC1B941437A9B6115478563FC8B77860D783BE83C32A9 ] acpitime C:\Windows\System32\drivers\acpitime.sys
21:00:08.0647 0x0d34 acpitime - ok
21:00:08.0694 0x0d34 [ 9D96B0D5855FD1B98023B3EEC9F06786, E4C79233158BE8AA4E9C6DD71585E5D2703A5156531EB3D692D7D81BC443E844 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:00:08.0699 0x0d34 AdobeFlashPlayerUpdateSvc - ok
21:00:08.0724 0x0d34 [ 2FE756FD6E0336990D0B3652A07EBB9B, 17B803E37096E89EF02EF30E7D26B82BCD21469C98092B83D853B1108E1CD757 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
21:00:08.0732 0x0d34 adp94xx - ok
21:00:08.0749 0x0d34 [ CC579EC50EE5435A4070306C0E4EF9E6, CEEF9B8821B6C68AA217B7650DD778381670807E7487D0E82367585FE6C6F494 ] adpahci C:\Windows\system32\drivers\adpahci.sys
21:00:08.0755 0x0d34 adpahci - ok
21:00:08.0764 0x0d34 [ 82743090D0259BF9F1373AD48372CBAC, B667E0F830B4250737955E6F83D5AC39FCEFB2FB27F37EEBF89E130D0055F550 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
21:00:08.0767 0x0d34 adpu320 - ok
21:00:08.0835 0x0d34 [ 5D4FC8F08B45241857776E44AC71F0ED, D7FFD69FC3FF95ABFC0CC3FFDD290370AD0332A6E9C7FCB5E56371CA33C4557B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:00:08.0840 0x0d34 AeLookupSvc - ok
21:00:08.0886 0x0d34 [ F12EFEE4DD20519D0DDF8D78704EE4DE, C4484905527F5827249BA1042D37A7EA610096E6813B2ED8DB86652E3F2F7303 ] AFD C:\Windows\system32\drivers\afd.sys
21:00:08.0896 0x0d34 AFD - ok
21:00:08.0915 0x0d34 [ 73BB2C687305C4195ED7511587B041AA, AF3151C3BDBEEEF422B6A2672E376AA0FC0AF5E800A48659256CDE7E522FBE13 ] agp440 C:\Windows\system32\drivers\agp440.sys
21:00:08.0916 0x0d34 agp440 - ok
21:00:08.0941 0x0d34 [ B5A707E902BE5FC9B93C389FBA6EDF9C, 3274D0FC8B3CC0C27EBE3D1E7AA31BF261F265FA31B0EF767F15289E2843A1D6 ] ALG C:\Windows\System32\alg.exe
21:00:08.0943 0x0d34 ALG - ok
21:00:09.0002 0x0d34 [ 8F12F6811F8C4C248E2FAA8779C6FCFE, FFFF2F7F3E60FDF669D37B2396B987CBAE9E32E74C5D59297AB7B5BCE7B3ADAA ] AllUserInstallAgent C:\Windows\system32\AUInstallAgent.dll
21:00:09.0006 0x0d34 AllUserInstallAgent - ok
21:00:09.0021 0x0d34 [ E44885EA3E89A54BF14C78892CE85EA0, C80C5FA0D1CE02E1E03D4EEC6C77A3C3ACAFFE5A01F24A66183EB4447C027801 ] amdagp C:\Windows\system32\drivers\amdagp.sys
21:00:09.0023 0x0d34 amdagp - ok
21:00:09.0041 0x0d34 [ FFDBB0DC75CDF6A3CC63B3DF790313EB, 1B98218B120894CCE2F86B9EC6C18B764FF7FF004EB5BAE4CD1086EB3579610D ] AmdK8 C:\Windows\System32\drivers\amdk8.sys
21:00:09.0043 0x0d34 AmdK8 - ok
21:00:09.0052 0x0d34 [ DF7FE35014C17CC4659C2531F9EA5A36, 1C8B38C4901A3734EA4FCF50034F1FB23A5FAB78CE6092903088B774D1C31EEE ] AmdPPM C:\Windows\System32\drivers\amdppm.sys
21:00:09.0054 0x0d34 AmdPPM - ok
21:00:09.0068 0x0d34 [ 8D5D89177552EDFD5C9730CCE79F7FCC, 5A62F0FA7C2A2EBDD88B0670CA017B96C82D1591BF50DDC58B93518CEF67D179 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:00:09.0070 0x0d34 amdsata - ok
21:00:09.0091 0x0d34 [ 5725597CF5E002FB665C6C69787DAA8A, E2C284A4380C014319DA29B3224EDB45E12FE0FE0ED81C35AA5A1A91D9BDF7EE ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
21:00:09.0096 0x0d34 amdsbs - ok
21:00:09.0107 0x0d34 [ FB336B5F110770CF22F6BFEB1906E773, C1673F45081137E29E22DBF1BDE882ADC9E9508CF72EF1583A53339B65098E35 ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:00:09.0108 0x0d34 amdxata - ok
21:00:09.0145 0x0d34 [ AFFF44130E2010557078FF30A447F062, 9523F55F314639E431ACDB71ED50926D694A4E742F031D0650F45B3C55694538 ] andnetadb C:\Windows\System32\Drivers\lgandnetadb.sys
21:00:09.0147 0x0d34 andnetadb - ok
21:00:09.0177 0x0d34 [ 2DB03F8818A6BDABD72E5D9ED582F489, 5559C7ABE2E0FAB36507160F2C0076E6402AA574DC832198C0A4021D1DA70DA8 ] AndNetDiag C:\Windows\system32\DRIVERS\lgandnetdiag.sys
21:00:09.0178 0x0d34 AndNetDiag - ok
21:00:09.0201 0x0d34 [ B5F56697FE088BCD9EFB59B11B0FF671, 31F228D80EFB3E4A4DB0F795394BBC33EC4F33771A75485059D758DCB43821FD ] ANDNetModem C:\Windows\system32\DRIVERS\lgandnetmodem.sys
21:00:09.0202 0x0d34 ANDNetModem - ok
21:00:09.0219 0x0d34 [ CB3613E82A5B058AB6A69846B0DDC6C5, 56C2E1DD51C8EDB5057A2DCF5B12400695715BDCF81A9D75C786186D08B80147 ] AppID C:\Windows\system32\drivers\appid.sys
21:00:09.0221 0x0d34 AppID - ok
21:00:09.0256 0x0d34 [ 721C445A7EE59589B26EE0DC767A7967, 2EFE73128524DC70D61FE8B3429AAEA23F29F931E904949BD554BD50F93D9797 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:00:09.0258 0x0d34 AppIDSvc - ok
21:00:09.0295 0x0d34 [ 2153ADB83E48B54B384FF9651D695913, 979CD19EB1B7EAC864937663F172ED0BFDD246248178BC0C939F4EA845802EC3 ] Appinfo C:\Windows\System32\appinfo.dll
21:00:09.0297 0x0d34 Appinfo - ok
21:00:09.0321 0x0d34 [ 8F0F777B167CADDF9D206180B8558433, 4811E247DC398C3E0F49AD494CF3DB4349678D9D3A0DB2CE8F684E4E63515BF9 ] AppMgmt C:\Windows\System32\appmgmts.dll
21:00:09.0326 0x0d34 AppMgmt - ok
21:00:09.0345 0x0d34 [ A0982052EE6B01DC9B0CB7FEFD13040F, BB307503D44BBA825A4FA3B2E138F6603D06CC1BDADD25AEDF4CEDF8F456C58B ] arc C:\Windows\system32\drivers\arc.sys
21:00:09.0347 0x0d34 arc - ok
21:00:09.0369 0x0d34 [ 7E17A734B0D33B8F9287F28F1C583DD7, FE5B11768A17BFDBE5566DC3FC9E33F6D692B74321D2945CDE1EE9C5C49A7FC4 ] arcsas C:\Windows\system32\drivers\arcsas.sys
21:00:09.0372 0x0d34 arcsas - ok
21:00:09.0406 0x0d34 [ 61953E5E1FFAEAF246A610BEE2554879, AF489668BC4DCA5CFC81BF056C6AFC7CE4E5B917413FE513B13830B210524785 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
21:00:09.0408 0x0d34 aswMonFlt - ok
21:00:09.0433 0x0d34 [ 2206985EF126AB90F3D7F1A020589DC9, F9BAA1E5B087977A113B9F46C3F6C9E41D36D87DBCF5BA4632FE1BD6099E6424 ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys
21:00:09.0435 0x0d34 aswRdr - ok
21:00:09.0451 0x0d34 [ F385467DF95D0A73775CB3B076B8B969, D427A5F4FB4D1DAB04AFC29E7EC510844F907ABBA053538995E65747BAD37422 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
21:00:09.0452 0x0d34 aswRvrt - ok
21:00:09.0484 0x0d34 [ 8CD8710457FCC1CDE88CBFA3AA119B92, B750481B2D44E2D01DEF500276A7253731EDD2BCB117B083EE10FAA7A8FFF729 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
21:00:09.0502 0x0d34 aswSnx - ok
21:00:09.0525 0x0d34 [ C1F95C9481F46B96E23A276639C55AC9, 75F7BCF74E46E3A8EC9AF0DB5D7FCA280DCAF97BD932767DCBDE66E26BF0E7CE ] aswSP C:\Windows\system32\drivers\aswSP.sys
21:00:09.0533 0x0d34 aswSP - ok
21:00:09.0552 0x0d34 [ BFE2A154BC197656ACA0FF917564406D, 9D93F4374A879CEC1B12A510CA126EFD26A032E0028092C85038B97A51DA92C0 ] aswStm C:\Windows\system32\drivers\aswStm.sys
21:00:09.0554 0x0d34 aswStm - ok
21:00:09.0575 0x0d34 [ 1B0662514A68C3A42E60D240C5ABEF28, 71301759C135895C72CAED297A669BA58B3F73E0B7E46DB981F6559D5D5E2B89 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
21:00:09.0579 0x0d34 aswVmm - ok
21:00:09.0592 0x0d34 [ E12BC771325E70C2A875136B0BAF491E, B01621A5B26551A9AA0D379976ABB6CF1672F8F9A7689A651AFAB4A8E72DF343 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:00:09.0593 0x0d34 AsyncMac - ok
21:00:09.0606 0x0d34 [ 48D8C3F2006698691F5AE0BB595FDCC8, 374DC9E6DF7D97A1AEBBA38F04387B0621C8C994056DC7679F02F2FBE6C6C6E7 ] atapi C:\Windows\system32\drivers\atapi.sys
21:00:09.0607 0x0d34 atapi - ok
21:00:09.0648 0x0d34 [ 5FC6CF6B66485CE46F6193080B525F77, CBB33B54810035521AA01FBE9DCF636901B06BAF2E7A979A939D3409B2D12993 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
21:00:09.0652 0x0d34 AudioEndpointBuilder - ok
21:00:09.0692 0x0d34 [ CE5284B94EC4FE9A9AE25A40E73CF675, 11668A2C26398E0E595274EB773401FD28531DDF60E90E5EA0804D9444338561 ] Audiosrv C:\Windows\System32\Audiosrv.dll
21:00:09.0707 0x0d34 Audiosrv - ok
21:00:09.0754 0x0d34 [ CC42F104172B4A62793083D380867317, 0B09823419B328E29EB9FFBD033B3295590E414F31E7B37F11F62BD4B7EBAF06 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
21:00:09.0755 0x0d34 avast! Antivirus - ok
21:00:09.0787 0x0d34 [ 3F642D45EC0BE2E4843C35A2A1AA93D5, 2F00E40B6C0105D6EF9B1F37B7635E30197DF5F6455DA4AF08D3F38E7A117F1A ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:00:09.0791 0x0d34 AxInstSV - ok
21:00:09.0806 0x0d34 [ A96A499B6C931B7242D964D5D695A506, 8AFA1F9709494DF7D541868B3A9C9041E83BA7F02605D86A1DE84F3BE7905C7D ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys
21:00:09.0807 0x0d34 BasicDisplay - ok
21:00:09.0819 0x0d34 [ D313E4D7DF0187CEDA121793F937EA89, 213D1F9115D929E2103D193BEF72BD14BA0828A3629F99940F42B07989DCAC49 ] BasicRender C:\Windows\System32\drivers\BasicRender.sys
21:00:09.0820 0x0d34 BasicRender - ok
21:00:09.0854 0x0d34 [ 30D98AE688C681196D411CA65E5E90D1, A1F01227523648AAFCB777554885F49E61829940B44E1DA888E6DC117B50072D ] BDESVC C:\Windows\System32\bdesvc.dll
21:00:09.0859 0x0d34 BDESVC - ok
21:00:09.0873 0x0d34 [ E53DDF8C101E3CB6A0483D592A8CC476, DB688B7E857D9A95F61773E6CA5C2F6CED22B1E781822730AF31BBCAD63C4BBA ] Beep C:\Windows\system32\drivers\Beep.sys
21:00:09.0874 0x0d34 Beep - ok
21:00:09.0910 0x0d34 [ 29A9288E5ADE3805899B1FC1905B43D3, 06E3543F265D8E7EF4352DA129007D8C7B63F22548F766370CAD7B309CA08197 ] BFE C:\Windows\System32\bfe.dll
21:00:09.0923 0x0d34 BFE - ok
21:00:09.0969 0x0d34 [ 6723B30920D4371367F468DF6061A7E9, 39D7B7F5EB2A3D7B30B49DDD92ED90B0BF57C864AC10F61E5C730AC85108777F ] BITS C:\Windows\System32\qmgr.dll
21:00:09.0988 0x0d34 BITS - ok
21:00:10.0007 0x0d34 [ D7148E90581185DB2CC6A2EED9C8281C, 8E8D87E744895CE035EF484EFE66D2BA1CAC7947058F0CE40F6B13AA3FFF3FEC ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:00:10.0009 0x0d34 bowser - ok
21:00:10.0031 0x0d34 [ CCD0AAF957BE9FF1EF46E59A2824E992, 9BC60E5393CAAABCC0AC0624C17BFE4393A0F7E4A609C9E491BFC4CB5031A038 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
21:00:10.0035 0x0d34 BrokerInfrastructure - ok
21:00:10.0071 0x0d34 [ 771EE7009E428CCC3476838CB22DBA8D, ABA093468160F9D3E73B19F38E43299972FD583883BDD824BE366D0D3E3F8C49 ] Browser C:\Windows\System32\browser.dll
21:00:10.0075 0x0d34 Browser - ok
21:00:10.0096 0x0d34 [ 9053BEDE5844021CBF53273A5FE37333, 548F0BBE764268943C5DF10C3ABC693195FDB036CDF23365BFE77092CA46729A ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys
21:00:10.0097 0x0d34 BthAvrcpTg - ok
21:00:10.0111 0x0d34 [ 3EEEA1B69C16A8D159B53896EC78420C, 048039CE173B1ACBBBF97500107F2E2C1BDA1A58C2CD0F7B279D16CCCEB0A88B ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys
21:00:10.0112 0x0d34 BthHFEnum - ok
21:00:10.0140 0x0d34 [ 403C9BA247F4D4C0E4FF6FFA5F096EF6, EEFF77282788ACBE94B82FB3D3C795C2698C47A3F53EB9B39E3F90118FFAB013 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys
21:00:10.0141 0x0d34 bthhfhid - ok
21:00:10.0154 0x0d34 [ 0C706A8B022A44413F6C36ECEAAA2838, 7C2476F99AF4391FAEADA7F37B14631BEA15950F837176167D7036CC3A48CF39 ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys
21:00:10.0155 0x0d34 BTHMODEM - ok
21:00:10.0170 0x0d34 [ 171AF9795CABEC4985D45640D3A5F8F0, D50FD89FDC392720FBB0FE23341EAE95E446FC98D5487B7EE0EDC2533CA0D5A9 ] bthserv C:\Windows\system32\bthserv.dll
21:00:10.0172 0x0d34 bthserv - ok
21:00:10.0185 0x0d34 [ 00B4FA77732C7823D292ECD672660882, 214102B841193654BFCF6618F7D3D1928D303A01EB44A57E6333AA72CFD9F124 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:00:10.0187 0x0d34 cdfs - ok
21:00:10.0208 0x0d34 [ 4E707EC5071DD8F5C29A7410780BD4C3, 425881E5A122439A86D3C1CD54CD5CD0A122CE6689A1798887759D714E5E586C ] cdrom C:\Windows\System32\drivers\cdrom.sys
21:00:10.0211 0x0d34 cdrom - ok
21:00:10.0235 0x0d34 [ BAEE72BFBEC7B96AA85F861A6F4FE428, 78E6C63848C5AFCD67C08F2A17BFD764524B8A9117EAF74CD5514F8239E155CB ] CertPropSvc C:\Windows\System32\certprop.dll
21:00:10.0239 0x0d34 CertPropSvc - ok
21:00:10.0256 0x0d34 [ 17BE1CB162768E886B2BBA63F8B89371, 115EB95F7203BD62F7B9DE051592849195BD1ED8F42C58F1BA32419DEE18275D ] circlass C:\Windows\System32\drivers\circlass.sys
21:00:10.0257 0x0d34 circlass - ok
21:00:10.0291 0x0d34 [ D5370A0D3A8F7E531FE9BA3E3C81BAC8, F9E795D2D8E7AD553C69BA148C910AF1BB30864F90B3A17D69944BBB595A0740 ] CLFS C:\Windows\system32\drivers\CLFS.sys
21:00:10.0296 0x0d34 CLFS - ok
21:00:10.0324 0x0d34 [ 16744C84320D33880E38DF7409585EBF, 1ED734A585BBBDECFB3E248EBFEC26FAC6B6931C5E469772E30EC7BA5FC53667 ] CmBatt C:\Windows\System32\drivers\CmBatt.sys
21:00:10.0325 0x0d34 CmBatt - ok
21:00:10.0369 0x0d34 [ D4EF3370F53CF9647B6D33A512DDC2E9, 34D333885A85E14AF118C68DC9117793071C2CC4EAED4B570691722C34CC5610 ] CNG C:\Windows\system32\Drivers\cng.sys
21:00:10.0378 0x0d34 CNG - ok
21:00:10.0406 0x0d34 [ 765969F18ABD50298AA880E803D2096F, 3289A99611E7E5E3876E102D63249177A3714D60E49EF8C71813C337C1E44FF3 ] cnghwassist C:\Windows\system32\DRIVERS\cnghwassist.sys
21:00:10.0407 0x0d34 cnghwassist - ok
21:00:10.0424 0x0d34 [ 357444DE560252A907F8B687005B3DCA, EE9D4FB34E8DF1AED4C16C47507820D958BE270E0761DF5C178DAB66491BAAE3 ] CompositeBus C:\Windows\System32\drivers\CompositeBus.sys
21:00:10.0425 0x0d34 CompositeBus - ok
21:00:10.0429 0x0d34 COMSysApp - ok
21:00:10.0442 0x0d34 [ F1B79B7B595B0D7990756C12FA64F00E, AD7D3984D2A519ED8AD472AC61011B6371C1D18BB2DA8CBE5E74AE062E238AD0 ] condrv C:\Windows\system32\drivers\condrv.sys
21:00:10.0443 0x0d34 condrv - ok
21:00:10.0472 0x0d34 [ 14CCD65AE749AC76584CA5F0916300D3, 1D36C1C8DE27B7981D14AF1EB41531CAC1DC64898ACC54BB8D46431370641331 ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:00:10.0475 0x0d34 CryptSvc - ok
21:00:10.0516 0x0d34 [ 5531D4CFCBB6CBBD5BFB9E5FD089FADF, 86FFC15BB5848EEB863D4016971F5ADDB2234611428A6D7741E10F717BD18C93 ] CSC C:\Windows\system32\drivers\csc.sys
21:00:10.0524 0x0d34 CSC - ok
21:00:10.0580 0x0d34 [ A36C84BAC3128A6A3F41136A6ED426B1, AEDB1FAABACB304546D9432BACF0A7B1DB5BAB203EA381A885DC8D0386036855 ] CscService C:\Windows\System32\cscsvc.dll
21:00:10.0599 0x0d34 CscService - ok
21:00:10.0623 0x0d34 [ 8D0CCEBAF0A108F9867CEF13107EAF0C, 0419C365071BB3D29C4F0DB1093B03B227AD30AE51D51BCE672B13C0E1A5239A ] CXAVSAUD C:\Windows\system32\DRIVERS\pvavsaud.sys
21:00:10.0624 0x0d34 CXAVSAUD - ok
21:00:10.0653 0x0d34 [ EE5C5712BBA245CD0C394EF54410CBEB, 4C1624A81C2EF7B927F3628A5695EC4D8A073E57070024037FE9D5B46D4F8C9A ] dam C:\Windows\system32\drivers\dam.sys
21:00:10.0655 0x0d34 dam - ok
21:00:10.0714 0x0d34 [ BCD3562ACB27B8137BF809F61BA44E80, 3BE2617996696AD8A2402C0767E55CE53EF48B4234660C9948E153B5ACBE98C7 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:00:10.0732 0x0d34 DcomLaunch - ok
21:00:10.0777 0x0d34 [ 3D36FBE5ABAF0D531085C5D3381DC770, 87FAF495F6403EAA3728C6D100A7A87A6D9AE2376E29D654B6BEDA4394F08090 ] defragsvc C:\Windows\System32\defragsvc.dll
21:00:10.0785 0x0d34 defragsvc - ok
21:00:10.0809 0x0d34 [ E5935B79D5AE9288AEB72487E1A1B662, 2DED999FCC89C29649E519D7545A40925E8AD1785EF00EA6826A36B441863012 ] DeviceAssociationService C:\Windows\system32\das.dll
21:00:10.0816 0x0d34 DeviceAssociationService - ok
21:00:10.0851 0x0d34 [ 84C433F0FA896BACFAB67D0B22CFA73C, 10C3C9326A011C3E2006C0FA119BBEF9C5C622BB9D10175527D6D07837D3F07A ] DeviceInstall C:\Windows\system32\umpnpmgr.dll
21:00:10.0858 0x0d34 DeviceInstall - ok
21:00:10.0874 0x0d34 [ B21FDAC50FCD4CE53C203F097273532A, C148DA5FE4A8A98FE63CBB36CF8B57DD339535CEE62B49A707E41F97794C0232 ] Dfsc C:\Windows\system32\Drivers\dfsc.sys
21:00:10.0876 0x0d34 Dfsc - ok
21:00:10.0910 0x0d34 [ 120BFA182545EE73B832595137E080F8, 8B1C528E1C836F9F3D3CF241B39C2FF25757DCD6B776C2ED4E298B5849C034ED ] Dhcp C:\Windows\system32\dhcpcore.dll
21:00:10.0918 0x0d34 Dhcp - ok
21:00:10.0929 0x0d34 [ C0C87CCE88C4532B575AD60A95E7FD57, E1E8EF3FEDA44E39F36687D5387E7E84216D0A37A8DE0EADAC3B96C6761E01A0 ] discache C:\Windows\system32\drivers\discache.sys
21:00:10.0930 0x0d34 discache - ok
21:00:10.0962 0x0d34 [ 4E3237D8266580412CCA774321056111, 781B4CF6ED4F26C0D3EEB77805DE9B3696E7D1BFF54D9344D2955D5AAC11D137 ] disk C:\Windows\system32\drivers\disk.sys
21:00:10.0964 0x0d34 disk - ok
21:00:10.0979 0x0d34 [ 9B20A9DB154249E0E40036BC8BDC3E38, F506C7DDE0FC8014F579D82AE35522B76E5F5FFCC89E401F17E1B31C02E79697 ] dmvsc C:\Windows\System32\drivers\dmvsc.sys
21:00:10.0980 0x0d34 dmvsc - ok
21:00:11.0017 0x0d34 [ 090D65A0A412F9056F16297D5A5B830F, 4AE813F1603814102056F9F747B9A9623E42AA5E538CC05F936031DF12BD1BDB ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:00:11.0023 0x0d34 Dnscache - ok
21:00:11.0058 0x0d34 [ 7F0C01E0C0BB063136DF09845FFC4CE1, 94542591AF4BCED1EDCF033D6617CC0A1AAE592BB7ACDC51AC6B26C32B9C6DB2 ] dot3svc C:\Windows\System32\dot3svc.dll
21:00:11.0065 0x0d34 dot3svc - ok
21:00:11.0086 0x0d34 [ 07D96198AFB530CF4A0A9B5C0E49073F, 988B50CDA4EBC3A8626A947CB741F74F6682877AB313822B717D88CDA2227A6B ] DPS C:\Windows\system32\dps.dll
21:00:11.0092 0x0d34 DPS - ok
21:00:11.0117 0x0d34 [ 50B8D915F3514EC8BE7DF0D2EDEC44BA, 4956FDF10BF18A2C26A987EAA5B8695057823B11B459BB5554B1B5A1940FFE40 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:00:11.0118 0x0d34 drmkaud - ok
21:00:11.0148 0x0d34 [ 4C925A9D110897409544F19D3EC460A3, 2781E2D8FEF82F1DA5BD5C83419AB21057FE2747B853284F8F7F0EFF813542A2 ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll
21:00:11.0154 0x0d34 DsmSvc - ok
21:00:11.0189 0x0d34 [ 687AF6BB383885FF6A64071B189A7F3E, 1C751B8DD27F63E88D0223A8434CED7589AC00EC6275938C59D1B954F0354F78 ] dtsoftbus01 C:\Windows\System32\drivers\dtsoftbus01.sys
21:00:11.0194 0x0d34 dtsoftbus01 - ok
21:00:11.0244 0x0d34 [ A2FF22D087311E34902D122ED4D1FE58, 9A6F700A5129D2C85587ACBB005FBC660CD8D222A5684683B4CF00EA2D299329 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:00:11.0268 0x0d34 DXGKrnl - ok
21:00:11.0310 0x0d34 [ 59ECF01342E0CDB726C7948E36A43309, 045AB706C24B6717ABBEA749D5382A2EBB894D871CCA641D7CDC40DB76F38B76 ] EapHost C:\Windows\System32\eapsvc.dll
21:00:11.0313 0x0d34 EapHost - ok
21:00:11.0344 0x0d34 [ 0118D8C2B0B04F6B6FE620EADDA53449, 00D1D9EA3150F83D99DA7E31EA96872CB18F7092A58E75763714CD546B8D23A7 ] EFS C:\Windows\System32\lsass.exe
21:00:11.0347 0x0d34 EFS - ok
21:00:11.0362 0x0d34 [ BC7119CF5B5BC9F54C8FAE221C3227F2, 96F089419DD28E84F81A23BE6EDDC2440DDE58B626031EE2778F55708747EA42 ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys
21:00:11.0364 0x0d34 EhStorClass - ok
21:00:11.0380 0x0d34 [ 1A5945FA87A05A97A1175657B7BA4EDB, A4909FF016E363E3C3E6F7236C5A867C20BA0FD88D09828272809FA8323AE5F6 ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys
21:00:11.0383 0x0d34 EhStorTcgDrv - ok
21:00:11.0398 0x0d34 [ 8B22B788A329645F08AB4F86B9580AF3, 7C0772A049AA0279E46334BE210038666E543437305A5FCF31750B10F6012B95 ] ErrDev C:\Windows\System32\drivers\errdev.sys
21:00:11.0399 0x0d34 ErrDev - ok
21:00:11.0426 0x0d34 [ 39FB0D2C74D4201F01BA30D06162525A, D37571D3B7F50282A45168A64F379331E7ACAECF74578A6F2C3A403F6342E429 ] EventSystem C:\Windows\system32\es.dll
21:00:11.0435 0x0d34 EventSystem - ok
21:00:11.0457 0x0d34 [ B60B2A0E110D640440263268FC02C726, 4E90F01E2E65987DFF1BD919277D800B8A32DF693862D7D3D8D78EBB3C07DA07 ] exfat C:\Windows\system32\drivers\exfat.sys
21:00:11.0461 0x0d34 exfat - ok
21:00:11.0477 0x0d34 [ C8B18803E1521225BDBA86B5F7D2E9FC, B28722E9CE8474E5A85219F65B4748EB154455DB138FF428182B2F3FCDEDC108 ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:00:11.0481 0x0d34 fastfat - ok
21:00:11.0521 0x0d34 [ 22A38E2F78153AB500482FD0D4A9DB65, 43BE0D52487DED1CD608210D2786D010A5E5A7652A5273950707FE1FFD59DBA0 ] Fax C:\Windows\system32\fxssvc.exe
21:00:11.0533 0x0d34 Fax - ok
21:00:11.0544 0x0d34 [ 9709867A1354A4D10046ADE31DA67511, 0DF012548E04E5AA2B7A65CB328E46F8BA8D202D8638F6D72BA0802880A8AD0B ] fdc C:\Windows\System32\drivers\fdc.sys
21:00:11.0545 0x0d34 fdc - ok
21:00:11.0560 0x0d34 [ E099DF1CE3285FCA613AF84D792DBC15, 1F8037BE6385BF7BC3C572A696E83FC28E09FDA1BAB05F3AE0C9AE873FF2120A ] fdPHost C:\Windows\system32\fdPHost.dll
21:00:11.0563 0x0d34 fdPHost - ok
21:00:11.0579 0x0d34 [ 141B98F42D71B4F5CFB0D8D4769FBA0C, CEF7061874C9AB713F793768D273153351E7C883FF4B4006EBCFA3758BC8173E ] FDResPub C:\Windows\system32\fdrespub.dll
21:00:11.0581 0x0d34 FDResPub - ok
21:00:11.0609 0x0d34 [ 2754F16876B03037CCA6FBD8C20E1686, 5BFA9925AD7786692A412264262BC10D45E10FF2FACE5C05CF6AC7BF7FB06C21 ] fhsvc C:\Windows\system32\fhsvc.dll
21:00:11.0613 0x0d34 fhsvc - ok
21:00:11.0630 0x0d34 [ 1018AE04A4D36BA60247C2C22D7BA7D1, CA0A60CCCD31A34E78F6A494288FE152B3977ECB45C8C8AD5ACCC36FDE02C411 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:00:11.0632 0x0d34 FileInfo - ok
21:00:11.0645 0x0d34 [ 3A2F87EF4400B5E542E2C2BA8FAB4222, 9145B79639FEACE79274C4DE05FA5D2FF79B4E0A57A802DFB9A0844DAC7A8A76 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:00:11.0646 0x0d34 Filetrace - ok
21:00:11.0659 0x0d34 [ F37314C92AB8C876DB478A36A6D9FF0E, 68238B5242F9CB2D62BCD26B206E6BA49364A9B18EDFE7EE9DBFEC642A13345E ] flpydisk C:\Windows\System32\drivers\flpydisk.sys
21:00:11.0660 0x0d34 flpydisk - ok
21:00:11.0682 0x0d34 [ 13C0B6F6EFD0D5C6871C07B56CB5403D, 7D099F06CB9FE72B36477D60A8B6DADAE3FDB6B20D40F0D1620A471E88EE68A5 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:00:11.0688 0x0d34 FltMgr - ok
21:00:11.0749 0x0d34 [ 89FB9BDDCEC278661EAF57639F9920D7, EBA1597399B636CA9FA4D61C7A4B53756C4D993EA3FE3D00A91B73D5284AE256 ] FontCache C:\Windows\system32\FntCache.dll
21:00:11.0778 0x0d34 FontCache - ok
21:00:11.0882 0x0d34 [ 2AAF650823623D89B5FE5C399FC5D1BD, 101E96BF8CA63BAF69C4F4EDAFAB42D39A8203D3A70BB131693828CEDC882CE2 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:00:11.0884 0x0d34 FontCache3.0.0.0 - ok
21:00:11.0893 0x0d34 [ 16D4CC9AE485BC60B6AE026FF2497DE8, 8247B2C487782A15F74CB2E39A6BB9357E0D86CFC4D3CCBFA116BA33DD8EC7AB ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:00:11.0895 0x0d34 FsDepends - ok
21:00:11.0912 0x0d34 [ 28E64CAC27FE3A7CA34E2F93E9A8092A, AFEF4BABE162581217FCA01AD2E637A9049B584F6FFB562355E1EDD61DABFB4F ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:00:11.0913 0x0d34 Fs_Rec - ok
21:00:11.0956 0x0d34 [ EB45DB29D3B3BCD557F4A57DADA7B2BE, 59A0B548F14E8144D94AB5546138E4AF7D37359DA3BDF70FCD4F78CFF71FC2EA ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:00:11.0965 0x0d34 fvevol - ok
21:00:11.0995 0x0d34 [ 05F58A34B5E1EB3274AE7B0875A143EF, 59C5A3FC486D508653FC50A9F6021C106B5612210FB488BE46F8F589FB774047 ] FxPPM C:\Windows\System32\drivers\fxppm.sys
21:00:11.0996 0x0d34 FxPPM - ok
21:00:12.0036 0x0d34 [ B5AD0B13AD7FD1C749FC45D81392B9DF, 2C5CA3934A47538292F537DB5E60740C12C6D489BFEE378015A1F4CD63963843 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
21:00:12.0038 0x0d34 gagp30kx - ok
21:00:12.0067 0x0d34 [ A9608FF3B1B577BFC969A7B6797B1FC1, 2D90C1554C099BC7666A24F26ECEFAFC4CC03DE7F7FE1AA2991FE3283EF9D590 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys
21:00:12.0068 0x0d34 gencounter - ok
21:00:12.0102 0x0d34 [ 1F4CF4223F27C515A9F6F5FE4D268E67, 3E43F739E27FB14F1B303FB1E096F7095AD8E3CED8FD0F0CA18AC43B85878C0E ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys
21:00:12.0105 0x0d34 GPIOClx0101 - ok
21:00:12.0169 0x0d34 [ B13CCD3028A44C6E16E03A3E1AD95FA4, 151CB2605C3B7FA8A3925B07CFF5F999EA7F3D6D5F9881C3149609826B4B90A5 ] gpsvc C:\Windows\System32\gpsvc.dll
21:00:12.0206 0x0d34 gpsvc - ok
21:00:12.0241 0x0d34 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
21:00:12.0244 0x0d34 gupdate - ok
21:00:12.0249 0x0d34 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
21:00:12.0252 0x0d34 gupdatem - ok
21:00:12.0283 0x0d34 [ 89D57B5741BAB84D7B846FEE23D576BE, 6AC4B2186432A6D222D0505B115DA43D73B121C49AEDD6D5EFD819AE76FFFE39 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:00:12.0289 0x0d34 HdAudAddService - ok
21:00:12.0295 0x0d34 [ 4A219AB84D6936C2A61FF44D32EF378D, 75D2B5D6BFF3BB17AC2B364D655BA1E6AD368C68A5CC5ED286454380FEE89C87 ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys
21:00:12.0297 0x0d34 HDAudBus - ok
21:00:12.0302 0x0d34 [ 8CBCFA78D2B43CCC23BF5A4C09A700CA, DBAB62EB256146BAF02D1B043ACE7F1A2DEB2D29FD0150848CC7629A670B217F ] HidBatt C:\Windows\System32\drivers\HidBatt.sys
21:00:12.0303 0x0d34 HidBatt - ok
21:00:12.0335 0x0d34 [ 9133AFFBA020B97100703DB8E598C73F, 523256CA84D15E55A1AE32609FB53A9E7EE0F5FF85CEC1D26005E3F5BBE6A3AF ] HidBth C:\Windows\System32\drivers\hidbth.sys
21:00:12.0337 0x0d34 HidBth - ok
21:00:12.0361 0x0d34 [ 804019176228EBE260A821C5688CAFD2, FA762B5020248C53DB7C17A69182A6FBF31DCF13EC8B5433E1B6E9B6ADE6E0D6 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys
21:00:12.0362 0x0d34 hidi2c - ok
21:00:12.0373 0x0d34 [ 11A4D12F4CADD18CDA334C2756FE450A, 54ACCD91991D223E5A93BDFF0A4D270F0746945836796FBF04DB42EE33708FD0 ] HidIr C:\Windows\System32\drivers\hidir.sys
21:00:12.0374 0x0d34 HidIr - ok
21:00:12.0397 0x0d34 [ C0A9999E5B4C1953C6B07CD9105B41FD, A83C91DC0BC3A4E19877846A567A2A39C83FA9B468CC508405137A91E77F0780 ] hidserv C:\Windows\system32\hidserv.dll
21:00:12.0401 0x0d34 hidserv - ok
21:00:12.0414 0x0d34 [ 48ADFEFD445291AE7D619B3F4638B092, 043C879544C04FBDD01EE6A44E2FD635F7BF9033238F92EA23A1C29AAEB4D5A1 ] HidUsb C:\Windows\System32\drivers\hidusb.sys
21:00:12.0415 0x0d34 HidUsb - ok
21:00:12.0451 0x0d34 [ 40AAA716A3F2E494E7F533C45DA3E7E8, 1A0085CCBFC7E67B6C6028B76361A45E6706FFE2C37F763C3A434FB66EBBC0F1 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:00:12.0457 0x0d34 hkmsvc - ok
21:00:12.0497 0x0d34 [ F4847FFB1D1FD522B4B3848A6A97BE47, 25D64A2F16E840926EB577BFFC6D3B668B88B2FB9A812A3EA6ED178204A4A778 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:00:12.0506 0x0d34 HomeGroupListener - ok
21:00:12.0542 0x0d34 [ EFC6EEA348478FBAFCF2B2D03DE0B127, 82B6CFFE1A55D847D33D15AD0539C80902CE9587F0E0ADFDA4425525CD8F5278 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:00:12.0552 0x0d34 HomeGroupProvider - ok
21:00:12.0571 0x0d34 [ D7544353157E11864C00A48BC90EF183, 5991C823E8C18E7650FFE8B33D19E552D2D91DB76957895C2719B04B0CCCE0BD ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:00:12.0573 0x0d34 HpSAMD - ok
21:00:12.0619 0x0d34 [ 8FE9867871C32E9B9A3276C61A0FACC0, 1AAAD1F11FB09B1D322A376EA63E8AD61B06C45646C1014F5E95DBF2C0C413B2 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:00:12.0637 0x0d34 HTTP - ok
21:00:12.0652 0x0d34 [ 4A3E6732E5BEF6DF531A217B5EBB5C54, BA259C5F3D1FA4B16DB709F6D417F2998751C9983F73712C4F62E50CF661E788 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:00:12.0653 0x0d34 hwpolicy - ok
21:00:12.0665 0x0d34 [ 0F819743721DFB5906734243ED0CE935, A67E7ED2B0948E494C3953A6639AC75AB88B9CE33C3E107E64290CC4EBDD8A92 ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys
21:00:12.0666 0x0d34 hyperkbd - ok
21:00:12.0681 0x0d34 [ A14A2EBA22929901F64B496C1D555982, DD9C19B1D01B0E3A6423BA1932428C49DE4CDC1DA8D1E0B7D55CEF5568D7FA1D ] HyperVideo C:\Windows\system32\DRIVERS\HyperVideo.sys
21:00:12.0682 0x0d34 HyperVideo - ok
21:00:12.0695 0x0d34 [ 11EDC37780E8A2F8E311D73F7658A4D7, CB60EFBD16467692C0877DE70FF34F54058CABB38413FD03F7905156D2FE4AB8 ] i8042prt C:\Windows\System32\drivers\i8042prt.sys
21:00:12.0697 0x0d34 i8042prt - ok
21:00:12.0716 0x0d34 [ C444F83C318BE18719DC1FDAEFF10898, E5A9D49A478D67BF0530930276B7A5C751CF49C72710FA37E50283F145DAE44B ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:00:12.0723 0x0d34 iaStorV - ok
21:00:12.0735 0x0d34 [ 7BB542C7156FA72CC83C1177BB190F94, BD50E0CBB67521EEDC9F6156ED85C3086B3A64F417CE04B7E1FB6040D10E1017 ] iirsp C:\Windows\system32\drivers\iirsp.sys
21:00:12.0737 0x0d34 iirsp - ok
21:00:12.0780 0x0d34 [ 051874425696386EC3D4C3FB475F25C2, 2D569DBBC72ABF1FC2B4D921B9339ED0A953EC8BB7A1F72F21A5745D54A7B6A7 ] IKEEXT C:\Windows\System32\ikeext.dll
21:00:12.0798 0x0d34 IKEEXT - ok
21:00:12.0815 0x0d34 [ A43BC9416741ABEA2B8DF60D2C0EA6A2, 74FF63BB16F62B1085CF2D09E666EA8B5965A6CE44A98F1F9CF9C6ABCA7BD23C ] intelide C:\Windows\system32\drivers\intelide.sys
21:00:12.0816 0x0d34 intelide - ok
21:00:12.0837 0x0d34 [ BE23B0DF1401DC890B5CEFA369B1BD8E, 56039BEE1B1CE35D2ED3C6D26AEFB35CA6DD3E00F536BBE337473051D3BD98C1 ] intelppm C:\Windows\System32\drivers\intelppm.sys
21:00:12.0839 0x0d34 intelppm - ok
21:00:12.0852 0x0d34 [ AB308167857138B84E4DECDF2000DD27, D761E84A3B0986B4351D970110701BF4E628C19941552FC436CA8559A5E4B468 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:00:12.0854 0x0d34 IpFilterDriver - ok
21:00:12.0904 0x0d34 [ 933DBF31E0632B96B74D1A1230AA2199, 5FA8540674D5481F1846CE14533CA32C18398DF2A129B4C2B53DFA8361FB5AAE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:00:12.0924 0x0d34 iphlpsvc - ok
21:00:12.0931 0x0d34 [ 7E4FEE6D5C5BC52199C481DAC564FE43, BA4EA6A83CEB08D2781C7F64069A9DE39A93457A2FB04AA8AEF2DB1695F16250 ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys
21:00:12.0933 0x0d34 IPMIDRV - ok
21:00:12.0960 0x0d34 [ 57B0C0D982013C72911A3F5CBA795034, 2A09BC1565772C3698153A7F0B9727A8B8DA4A98CC3E3290A1D8FC2350E9168C ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:00:12.0963 0x0d34 IPNAT - ok
21:00:12.0988 0x0d34 [ 9D6DB34476AC6448B3CA59D8676F7CE6, A77A8207719F571D62EE8AE3D3185E7C5D9F44747DD1276418B0B4B4C6B5182B ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:00:12.0989 0x0d34 IRENUM - ok
21:00:12.0999 0x0d34 [ 2E1347C9CC7DDB43183AF725135ACF0D, 08AF2DDFD929332D0C373CA9FFD75E86A5109C6F228F6391C3AD4841922045BB ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:00:13.0001 0x0d34 isapnp - ok
21:00:13.0022 0x0d34 [ 6AC2FF3AF40AE6AC39B097A07225B95B, ADD8A8DE5E72C4EA716882C860B9DD0E8869FEEAE3B8A41A223FA891370D73CA ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys
21:00:13.0027 0x0d34 iScsiPrt - ok
21:00:13.0044 0x0d34 [ 4533BE9F8D67BDCF5FECA87DCC345448, 89852E7479EFD73309037083B43DB94AAACC2FA4BB323C547F87CD66C59C20D7 ] kbdclass C:\Windows\System32\drivers\kbdclass.sys
21:00:13.0046 0x0d34 kbdclass - ok
21:00:13.0056 0x0d34 [ 8F73A6DAEF7F7D102FBBA6F3EBC47F97, 5FBF9348D9886961E8FD771E8B4F81FA37B0EBC076AC62C5D4A024078CC4CF1F ] kbdhid C:\Windows\System32\drivers\kbdhid.sys
21:00:13.0057 0x0d34 kbdhid - ok
21:00:13.0070 0x0d34 [ F7E302012680B0617C904B58594E0376, 2269289081D3E03270C8D3675D1B5901B0EE0C6C8F6A9F3381B3C34BDAF07E1A ] kdnic C:\Windows\system32\DRIVERS\kdnic.sys
21:00:13.0071 0x0d34 kdnic - ok
21:00:13.0086 0x0d34 [ 0118D8C2B0B04F6B6FE620EADDA53449, 00D1D9EA3150F83D99DA7E31EA96872CB18F7092A58E75763714CD546B8D23A7 ] KeyIso C:\Windows\system32\lsass.exe
21:00:13.0089 0x0d34 KeyIso - ok
21:00:13.0118 0x0d34 [ 137AB78B8510F9E432C4793C0CF4CD80, D10C163570096B10EA2847ED7929AE829ABA756064D8F0174915297BA00BB491 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:00:13.0120 0x0d34 KSecDD - ok
21:00:13.0154 0x0d34 [ 90226157B0130F9F11A3890BAE6F07AA, ADF4FF6D4AA42C58C218D8DB581D2C726796A8FB6D234492A9D97AA37067BC0D ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:00:13.0157 0x0d34 KSecPkg - ok
21:00:13.0193 0x0d34 [ C2ADC979C11A858949ECC1B9233B884C, 43AB852954F801D31956C17513F8178B1F2AB9808BB64A3995C794651960EE5C ] KtmRm C:\Windows\system32\msdtckrm.dll
21:00:13.0203 0x0d34 KtmRm - ok
21:00:13.0232 0x0d34 [ 57BA03D561180AFABCB812A57704BFA7, AC516431F1109A62AD4F6A5B4CEF159C5B7C23DBB7EC6530F553796FF3E97354 ] LanmanServer C:\Windows\system32\srvsvc.dll
21:00:13.0242 0x0d34 LanmanServer - ok
21:00:13.0275 0x0d34 [ 7867CD2CC05D8B1377DC7FEE93716015, 22546EFB97DE4EC89A5FDB5FC0779C3DCC9EEA885B7340B88C55B25A4CFA5698 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:00:13.0283 0x0d34 LanmanWorkstation - ok
21:00:13.0303 0x0d34 [ AD581D8BA8C2CE46933D44392BA35C24, 9520352D564AD670BC003B90ACDB8EFCD581D2540286729708E1085C659EF262 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:00:13.0305 0x0d34 lltdio - ok
21:00:13.0342 0x0d34 [ BCDCFD2C2115334419EF025C533AB6C5, 8461B3A9B721905A46020B2384B7587FB699D87E13050390D1D7936CB1EB9C83 ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:00:13.0350 0x0d34 lltdsvc - ok
21:00:13.0365 0x0d34 [ FBA8BDF947B5289E85324F00043CC5D8, 28091B1CB0137024E4EDA28A8AD0C3C090090942E8D2CEC242CFAFE91F7E69F2 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:00:13.0368 0x0d34 lmhosts - ok
21:00:13.0382 0x0d34 [ 6B01CB678E1E390CEA9514D4774EFB51, D1454269D2054C71ED732D34E5D625E468ED01689824603704E64A6AF0125629 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
21:00:13.0384 0x0d34 LSI_SAS - ok
21:00:13.0397 0x0d34 [ 4C3AFBA9ED36535313054AC26532E9DE, 1557BEA6F30B1DE7C4D9E4FECB6DDF8AFA87D91586ACD5B700E1966446F2DA85 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
21:00:13.0399 0x0d34 LSI_SAS2 - ok
21:00:13.0409 0x0d34 [ 0715DC27611C202D04BC0365D666DD27, EAF76A9A5CD515C874AB1964A035CEC7FF446FDFE642A67491028190B464CE38 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
21:00:13.0411 0x0d34 LSI_SCSI - ok
21:00:13.0423 0x0d34 [ DB6B9554AA4F83212E80D5107D8C53EE, CF8032926AAE9846291FCEDE10E8633AAE01DCCBE67F6907584A61259FFE7DC4 ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys
21:00:13.0424 0x0d34 LSI_SSS - ok
21:00:13.0467 0x0d34 [ 7607DE91C0BFB0FC7210349F16737D16, FA97B56E4EAA91A1110C5D959F0AF5E6387B781B7A3052D63D7C3504A377A7BA ] LSM C:\Windows\System32\lsm.dll
21:00:13.0478 0x0d34 LSM - ok
21:00:13.0497 0x0d34 [ F731770C339FEB6563397D410793A756, 6338F009BE439AE507AC878ACE92D96A8A87FD9EFEA2B47D5A350A835C98A427 ] luafv C:\Windows\system32\drivers\luafv.sys
21:00:13.0499 0x0d34 luafv - ok
21:00:13.0528 0x0d34 [ 4470E3C1E0C3378E4CAB137893C12C3A, CA8E66356F0E671D5454E561E7EAD74DE25DCF53BE452369F96ECACFA8709489 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
21:00:13.0529 0x0d34 MBAMProtector - ok
21:00:13.0583 0x0d34 [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
21:00:13.0591 0x0d34 MBAMScheduler - ok
21:00:13.0628 0x0d34 [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
21:00:13.0642 0x0d34 MBAMService - ok
21:00:13.0653 0x0d34 [ 125C3C5A315500A1AD54F0B4766AF815, 6ED651E48818B56EB772B5278D7A4BC183FC02599C5C6554ACA9B8DBA65AEC2B ] megasas C:\Windows\system32\drivers\megasas.sys
21:00:13.0655 0x0d34 megasas - ok
21:00:13.0678 0x0d34 [ 05457CC7F5586C6E8D02FFA7F23FCEDF, 9D5C4E6988701515FC745F0833ABE81749779235615EE3FEC74825E9C7B1B1FF ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
21:00:13.0683 0x0d34 MegaSR - ok
21:00:13.0715 0x0d34 [ CAAAB04E7775D8F11E166482F3596539, FE4D2043E63586521F84CEC0C12764AE97EF58E2BE2666BA21692D95A965734A ] MMCSS C:\Windows\system32\mmcss.dll
21:00:13.0719 0x0d34 MMCSS - ok
21:00:13.0736 0x0d34 [ 049E433162AFE9B08C05D81D2C62CD61, 3CA4F3D569E2E827A1E70E3FACF65739499E23890848896BEF91B93230249746 ] Modem C:\Windows\system32\drivers\modem.sys
21:00:13.0737 0x0d34 Modem - ok
21:00:13.0772 0x0d34 [ 81F2FEE55660E51820C93A388AE8FEB9, 70E492BE3B94963CD8AD8DD2BB1EAD0B723FFF6DCD8FD11383BC6EA9AB888DA4 ] monitor C:\Windows\System32\drivers\monitor.sys
21:00:13.0773 0x0d34 monitor - ok
21:00:13.0788 0x0d34 [ 9D3F069A705325E7B7CEA36BFB65E616, C32805CBD337F17BB263F1A7677DD03EE4E7017A53C671606C96EF1F686D8B68 ] mouclass C:\Windows\System32\drivers\mouclass.sys
21:00:13.0790 0x0d34 mouclass - ok
21:00:13.0799 0x0d34 [ 3C3C50AA12E2E48A9FEAA4BF5AA789A0, 47463F054E8FDD5A857AC2B589BDD9312074D90F8F5A4F4B9194A983E7C888FE ] mouhid C:\Windows\System32\drivers\mouhid.sys
21:00:13.0800 0x0d34 mouhid - ok
21:00:13.0814 0x0d34 [ 13D8E3077EF0AE583F4634236D9A0992, B3ACB79B56738A4462BBA6E30A513523FFA0C00B6E7F5AF9C7DD61DDF1B71146 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:00:13.0816 0x0d34 mountmgr - ok
21:00:13.0902 0x0d34 [ 338037EFA0E8E8699B2667D57B751574, 59E0D39806D0C4EB57913AA013242837FD39AD378726AEE42D250CBA87C1C3BF ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
21:00:13.0905 0x0d34 MozillaMaintenance - ok
21:00:13.0928 0x0d34 [ E8AA1C862C926126FBAD748565205586, 8717E41C7AECCD8DAA994C57EC048F965C9B8F88695D7044B36DFBDCBA577002 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:00:13.0930 0x0d34 mpsdrv - ok
21:00:13.0962 0x0d34 [ 23B5BCA94C50D0B87684C10867F83136, A7936E46628B94E18B8DF6E056C30E599916296D8D22CF8EAE25B1F5442014FD ] MpsSvc C:\Windows\system32\mpssvc.dll
21:00:13.0985 0x0d34 MpsSvc - ok
21:00:14.0001 0x0d34 [ 329E3ACBFC616666D3D04C6FDC1B71E0, 124D98145025966987B6973B9B3A52A11AB99B72F036616D8D41B64717676523 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:00:14.0004 0x0d34 MRxDAV - ok
21:00:14.0035 0x0d34 [ 5FAC7AC77D9ADD42579EDF678F08DF9F, 1C569D63DA93C7A8F9AAF47D1CF6DD86D67A4445145E682404B7F32803956942 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:00:14.0041 0x0d34 mrxsmb - ok
21:00:14.0060 0x0d34 [ B9F3DA35CDE171B5CBA70319AD7D5E59, A05FD89B048CBF96FFC0E78E58304B1468E2C0272288FEB200C0B92361239722 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:00:14.0065 0x0d34 mrxsmb10 - ok
21:00:14.0078 0x0d34 [ 96E88C54A0CF32A74483819DA7DA3A15, 1F5A5B56DEC670B1B786BC3B6DA0A3A480B5F24414C57E219C57A98073C493C1 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:00:14.0081 0x0d34 mrxsmb20 - ok
21:00:14.0098 0x0d34 [ 61E23CF0A54EDBAE5CFE3322E960ECC9, FA6BC02B2502BAB383A0A021B4283CF48513CF8CE2F2902C80F3F992F82B82DE ] MsBridge C:\Windows\system32\DRIVERS\bridge.sys
21:00:14.0101 0x0d34 MsBridge - ok
21:00:14.0119 0x0d34 [ 37594E0C3119827CA7F8D16D187239E0, A41B23E7EFC03F87D6DE6937D1E695AE386E04C21192E5D037BE00B756F39DDC ] MSDTC C:\Windows\System32\msdtc.exe
21:00:14.0124 0x0d34 MSDTC - ok
21:00:14.0142 0x0d34 [ 651DEF4337DD77E6A607CEE49D3C4B30, C236987022AAF21BCF076D73D51A93DD12CAFDADC3CC2291790EF1F5B54CC4AA ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:00:14.0143 0x0d34 Msfs - ok
21:00:14.0171 0x0d34 [ 8F47F5F31F001C4F97840DB723618DD0, 226FA6B25BC8ACB0989743A7F76493D7F6BF82618F0888FF1B6EE11DC73D5357 ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys
21:00:14.0172 0x0d34 msgpiowin32 - ok
21:00:14.0185 0x0d34 [ 26BBD77D23FFABB14C3291A1B8555EA5, C49421E288922F4E55D4A30929D6EC459FFDA7F74E0F75D0E0F242A06CC4EA52 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:00:14.0186 0x0d34 mshidkmdf - ok
21:00:14.0194 0x0d34 [ 51808FEF911B77758A6CF7CEB469AF9E, C5CECAC8CB7BA8DE3B41F7C9EA4C1EB57FE36798D74EB31A521BD0AE60F37812 ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys
21:00:14.0195 0x0d34 mshidumdf - ok
21:00:14.0209 0x0d34 [ F103DF830D370B7535FDA3D477C8D8A0, B46C8C3767FBFEC39F43BD7018227B69D9BBEB1EA8D2BB73E9590931719F4B6E ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:00:14.0210 0x0d34 msisadrv - ok
21:00:14.0251 0x0d34 [ 2C777DD7FD2340F9F9F8BD76B9810956, B626AC922488274C2EA82F880FE9041EFBC9017F8C87A1316312E9B5BB7EE3B9 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:00:14.0257 0x0d34 MSiSCSI - ok
21:00:14.0262 0x0d34 msiserver - ok
21:00:14.0285 0x0d34 [ 3FCF6AA904516872CF70ED248F86889B, 00D72A08BDFBE1E10F7C05C144D50946708CDF42258C0F353B677B35696DC1D7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:00:14.0286 0x0d34 MSKSSRV - ok
21:00:14.0312 0x0d34 [ 10C229EAC28FDB8550EE93D955932F83, 5A45CE23CEADB7234C38C85173D35897CB7D2AA132B7391EF8014C1BEE439932 ] MsLldp C:\Windows\system32\DRIVERS\mslldp.sys
21:00:14.0314 0x0d34 MsLldp - ok
21:00:14.0328 0x0d34 [ BA786F089895196E18120F66F996A3D2, 5760FBD42095205C02BBBE31FDFFFD5E81B7152014A7838AC946D664B61337CA ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:00:14.0329 0x0d34 MSPCLOCK - ok
21:00:14.0339 0x0d34 [ 362950A5F7B1794DA9CB985AF7BBCC4B, 2F106BEC7533FE7E584A04369390D487563B7D5E1B92FBAF9ABB8F97457DE829 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:00:14.0340 0x0d34 MSPQM - ok
21:00:14.0355 0x0d34 [ 79A14AB6C6A5B01E9CE99937D1304D13, EC2FF1D0E3BF3C056D111803D3EAAB64F35E40CE4354F765F1EDF76A5C05341F ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:00:14.0360 0x0d34 MsRPC - ok
21:00:14.0377 0x0d34 [ A819A3006C27870AF05E408AD06FACFF, C97A384944962E6A5DAC416A98342B7BFFE3B0793A33EA099DA0951F2A5F5067 ] mssmbios C:\Windows\System32\drivers\mssmbios.sys
21:00:14.0378 0x0d34 mssmbios - ok
21:00:14.0382 0x0d34 [ FB1D61A2998A5C4456C6B73DD41D5352, C11FDA9240A36BA45878C70416F5A40E34A127B4D2F0F7E65F1E9D407D69338D ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:00:14.0383 0x0d34 MSTEE - ok
21:00:14.0388 0x0d34 [ 3CC687876469F0FD3B2D936FA7A6EC59, A61610E34DD8258924ECD9FF95E28D69CAC90DC6EE3BF64CE3126332761625FD ] MTConfig C:\Windows\System32\drivers\MTConfig.sys
21:00:14.0389 0x0d34 MTConfig - ok
21:00:14.0403 0x0d34 [ 6779B2A319A563C68B56DE8491E9EA76, DFD78A3931014668E88274DFCDCB08713FD5E5DEE14F9AF16BCACA45604FB5C8 ] Mup C:\Windows\system32\Drivers\mup.sys
21:00:14.0405 0x0d34 Mup - ok
21:00:14.0418 0x0d34 [ 1DEF95DC467131BF4AB52A8F72C42D89, 9141A50E1C472D09D273E02C48B2C36CEE5EC6E4A7E9E568A096A144F9B7AB91 ] mvumis C:\Windows\system32\drivers\mvumis.sys
21:00:14.0420 0x0d34 mvumis - ok
21:00:14.0467 0x0d34 [ 34FEF8CBBD7C4FACDD6AB68E39E02062, EE10E2C22A2DEC635BC97E4C044052232353891B63D81C429FE2984D278C8371 ] napagent C:\Windows\system32\qagentRT.dll
21:00:14.0479 0x0d34 napagent - ok
21:00:14.0520 0x0d34 [ D48E3B33BD911BA28413A4337456724F, B68A782BDEB0B2E592A6FE72E1BAC3636D6385B6535443608B2F8B2F42705BC6 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:00:14.0527 0x0d34 NativeWifiP - ok
21:00:14.0557 0x0d34 [ 4B947B7F1ADCF1AE86B0EB717D55CE0C, 6E0A0C1AA5B4DB709DFC28C708176731C934A48451E7AE8F11DE75DEAB7CAAE7 ] NcaSvc C:\Windows\System32\ncasvc.dll
21:00:14.0564 0x0d34 NcaSvc - ok
21:00:14.0576 0x0d34 [ 466C47B1335533884C06CA88D073B759, F2C989EA1FE487020E35FDF121721D81FAA6E2A51FF7E12309D933EFECFE0FEA ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll
21:00:14.0581 0x0d34 NcdAutoSetup - ok
21:00:14.0627 0x0d34 [ 46D2FC2CB94830C57EA760CE6FD32F37, 7447C101AE34ED97E405FECBC8A28ECF9D3E5575307AB0B2A17D4A9C81845F99 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:00:14.0643 0x0d34 NDIS - ok
21:00:14.0660 0x0d34 [ 9B8BC481DEEAA07C51DA214D2CEF2FC9, 187D3BE38CF64AA695512ACCB2D0050772F07A21E200AFA6C6BA6030A2680AD9 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:00:14.0661 0x0d34 NdisCap - ok
21:00:14.0683 0x0d34 [ 1EA68DB9E05248EF9B940D6D0A0725B3, 7D3DADA83FCF7346516907D5CBF2F9AD2D49955A3F9F29ED2DCCB51F7B44D3D1 ] NdisImPlatform C:\Windows\system32\DRIVERS\NdisImPlatform.sys
21:00:14.0686 0x0d34 NdisImPlatform - ok
21:00:14.0713 0x0d34 [ 71F6E2AF63B0E52B36CEE7F0AE076A18, 7CADADA8D93581EAA1BFFB27D71C61569AF640FC41DD6C5F7988066AA9BF9B16 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:00:14.0714 0x0d34 NdisTapi - ok
21:00:14.0737 0x0d34 [ DDC67239BFE82DC5A878039B464B1968, 11A9DDC53C1FBF12623964BF2788C5B3F6F1C45D4F283A7CC407E4050CD1F071 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:00:14.0738 0x0d34 Ndisuio - ok
21:00:14.0758 0x0d34 [ 556DB924D61BC4A5E0F95D383E9B1009, 17848845E920400CA1C97F6A8F1FD9CEF66C7B761663EFB3809DC80F7F3BB748 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:00:14.0761 0x0d34 NdisWan - ok
21:00:14.0768 0x0d34 [ 556DB924D61BC4A5E0F95D383E9B1009, 17848845E920400CA1C97F6A8F1FD9CEF66C7B761663EFB3809DC80F7F3BB748 ] NDISWANLEGACY C:\Windows\system32\DRIVERS\ndiswan.sys
21:00:14.0771 0x0d34 NDISWANLEGACY - ok
21:00:14.0799 0x0d34 [ B8C10B9DE50120E8CA3E995F94CA80D7, B3EC4335ADA2B5CABB054C9723167E910C105CF7D51BE94508ABDB814F6570D5 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:00:14.0801 0x0d34 NDProxy - ok
21:00:14.0816 0x0d34 [ 583F95CEFCD5D896B5531BD338030401, 0CB24459430CBDC367B86B8085C14D0F9DC1992BC1B282F543641583B752CF38 ] Ndu C:\Windows\system32\drivers\Ndu.sys
21:00:14.0819 0x0d34 Ndu - ok
21:00:14.0835 0x0d34 [ 4CA677A214248DB8227F8035B546F7D0, 50B89A5AF9423EE0820E7E15F22345EF9EFB284882B2C4CDC6E86B898C74108D ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:00:14.0836 0x0d34 NetBIOS - ok
21:00:14.0857 0x0d34 [ 303A053C25E468B9925C22288BEF8484, 7A5BCE4B6BB0D20187E4F9E253D86F0F6ACD90C16367DD427F6FB5DE76B79A5F ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:00:14.0863 0x0d34 NetBT - ok
21:00:14.0877 0x0d34 [ 0118D8C2B0B04F6B6FE620EADDA53449, 00D1D9EA3150F83D99DA7E31EA96872CB18F7092A58E75763714CD546B8D23A7 ] Netlogon C:\Windows\system32\lsass.exe
21:00:14.0880 0x0d34 Netlogon - ok
21:00:14.0920 0x0d34 [ A54157CE7FF480834897CC0FA6DDF620, E126AA31791CE374E83472C51BEDE5EBD80CF3A6B69B10767D50E26C2AC328BA ] Netman C:\Windows\System32\netman.dll
21:00:14.0929 0x0d34 Netman - ok
21:00:14.0979 0x0d34 [ 58E8D9AD811E1BAEA04EAFB7D987FEA9, 7C4356C5D1D8511DB1A14F6AF92846BA8500DA8ED30C6C2333B7A5A4FD243F4C ] netprofm C:\Windows\System32\netprofmsvc.dll
21:00:14.0992 0x0d34 netprofm - ok
21:00:15.0044 0x0d34 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:00:15.0048 0x0d34 NetTcpPortSharing - ok
21:00:15.0058 0x0d34 [ 4B539272E9F5C3B8D9714D137FD340A6, 382E36ADA5B80119915B4A3506EDBE4EAB96427CFFD591B9AC2930884C60A67B ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
21:00:15.0060 0x0d34 nfrd960 - ok
21:00:15.0094 0x0d34 [ 6906D71601703792F395CF8497209FDD, 5F82CB1BD19AACF4D28959123F6422A9263A13A51F9EB7669C2C614BF4EC75B1 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:00:15.0106 0x0d34 NlaSvc - ok
21:00:15.0120 0x0d34 [ EAC569A77BE92B247FCA51E498B17DF1, 3295DB8AC8BE62AE39A4EF212E1E02E72F4AC13F56D3D6105590A0906B27DD69 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:00:15.0121 0x0d34 Npfs - ok
21:00:15.0140 0x0d34 [ 6E994702ED294CDBED7621590EC75735, 475DAD1282C2959C385397D93D99EB610081A05A85D0210735FBDF160FA64A38 ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys
21:00:15.0141 0x0d34 npsvctrig - ok
21:00:15.0153 0x0d34 [ 61C583D971CC3411CCD3D58704E9301B, 4B4A24B39FAA4E755C016253B69CE48A7FEBF1D1A910D4373D7F60C2CF2A8D63 ] nsi C:\Windows\system32\nsisvc.dll
21:00:15.0158 0x0d34 nsi - ok
21:00:15.0174 0x0d34 [ 9588CCD14571FA22F8F2ECCF198AB448, 7F194114CD81E2DEE36D1000B8A89402399216815837C34239B35EA1CCD7A59D ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:00:15.0175 0x0d34 nsiproxy - ok
21:00:15.0256 0x0d34 [ 99C73E3FE9B36275BD91D2009F2BA2E0, DD872226ABA5A1DCD5AAFF2D733213513A10B7F37C4684FEA24694A42D1ED9B9 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:00:15.0291 0x0d34 Ntfs - ok
21:00:15.0303 0x0d34 [ 0F965AF67042AF539274738FFD0C8C71, 69CE25330134F30B6FE9205D7AAAEC1B6EE2D9784300DD7816295B766B2BA027 ] Null C:\Windows\system32\drivers\Null.sys
21:00:15.0304 0x0d34 Null - ok
21:00:15.0331 0x0d34 [ 9F8EE4948B7ADD9D12F778F61A2758A4, 9848C7D97AC000BF7A00BAE12593E48E14D36D7FFFCF25A163FAAB446691032F ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys
21:00:15.0335 0x0d34 NVHDA - ok
21:00:15.0681 0x0d34 [ 054559C7155EAE6F4D8063174D3066B7, F224E2673BE34C49F94BA83CCF9B7ED64B6E3456A0283BB7871BE75AB8BBEC4A ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:00:15.0871 0x0d34 nvlddmkm - ok
21:00:15.0975 0x0d34 [ D2FE0376285A783693469422678E878B, 9F0B1A6694CA7BDAAA3B26BE1D344A3FC7B98162518A259C273360EFF075CD75 ] NvNetworkService C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
21:00:16.0006 0x0d34 NvNetworkService - ok
21:00:16.0042 0x0d34 [ BD23FF50A9A59AAF48052F5E7D0682B0, 36177EA9B24B5F6E9A5F4431056AC0B682B3495A0373468E8B37662DB434A31F ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:00:16.0045 0x0d34 nvraid - ok
21:00:16.0065 0x0d34 [ 108DD54A5B1E73F583AF7DC94CCE52B8, 5F581FEAFEA38FD7DBB4F2159C16395FBD2E02ABC53F580DAADA1D40DA216E99 ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:00:16.0068 0x0d34 nvstor - ok
21:00:16.0587 0x0d34 [ DA09A1DAEBD38226C0CB22BA8D967F63, 55654C3D4D96185E5754DE63C08D40FA6CB46FAECBAACA6CEAB0F48E643C392C ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
21:00:16.0885 0x0d34 NvStreamSvc - ok
21:00:16.0955 0x0d34 [ A57002E448D6BFCE2111FAA7F47FC584, 36C2197C87E403DA631490C0E86FD5F8ADF1AEA2F07B6AAF46C2020C0C8A2533 ] nvsvc C:\Windows\system32\nvvsvc.exe
21:00:16.0971 0x0d34 nvsvc - ok
21:00:16.0998 0x0d34 [ D230D757C084FB8D7BC4936E3D6334B8, 28F6416C2C8B174F388B42F7951E2D35B42EA5443DC9A89A016FCDE8A3D57F4A ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad32v.sys
21:00:17.0000 0x0d34 nvvad_WaveExtensible - ok
21:00:17.0030 0x0d34 [ 5ED87C9C51CFE59B1DDFF8290719E0E4, 29AF0085237B8E0E972BD4909734A613216E6BC13EBBECF35142D65FF0F64293 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:00:17.0032 0x0d34 nv_agp - ok
21:00:17.0067 0x0d34 [ BB3916021D0AC8D33C02C1161B7A2621, 01452A201C2CA555706356CF1EB9890BD4857DD906DFC1CF66AAA3E29D4562A2 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:00:17.0077 0x0d34 p2pimsvc - ok
21:00:17.0095 0x0d34 [ 433A776514D8A57DA92467991AE2FEFF, 44ABE749266FBAFE4AE72B7777572D458A2E4ED77A256CF59FDFAEBA3CBE5827 ] p2psvc C:\Windows\system32\p2psvc.dll
21:00:17.0107 0x0d34 p2psvc - ok
21:00:17.0122 0x0d34 [ 8BCE63AF5B52642E832630F862DE96EF, 8D5D282A3F9CADA3A08211997828E36979400A048A850D3E06E7E66C90D90F6F ] Parport C:\Windows\System32\drivers\parport.sys
21:00:17.0124 0x0d34 Parport - ok
21:00:17.0159 0x0d34 [ 7289BE4566F0E5126868EB6E4292CC3C, CD4FA356D20CAE3743298A3999AFC1AA2EDC13A70FFCF8B06CC195069952121D ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:00:17.0161 0x0d34 partmgr - ok
21:00:17.0170 0x0d34 [ 49A439FEAB060F74B8EC7DBF44D4A7BA, FCA6A9809A9930902DA8C9F1643F0A77CBF81012FC43ED5B039C3A1E5F9A67C7 ] Parvdm C:\Windows\System32\drivers\parvdm.sys
21:00:17.0171 0x0d34 Parvdm - ok
21:00:17.0206 0x0d34 [ B06FF821B79BED0912579A48140A4C46, D323AD0F77325C6D0D21E5C2AA6B58426912287C84FBF70215D1FE6A2BD410C5 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:00:17.0218 0x0d34 PcaSvc - ok
21:00:17.0232 0x0d34 [ EA828C84C8948D0E4994C1E0A45EB05F, 5B6BB5AA870BC2F46CA8E037B21DC0B9748C2D26E3C2C9079330302783FAC5B9 ] pci C:\Windows\system32\drivers\pci.sys
21:00:17.0236 0x0d34 pci - ok
21:00:17.0253 0x0d34 [ B4444133ED61F87FD49A2ADD28285115, 26DB2CF0B9832FE5677C108C833A8A416354EC91707AD54A05A01F0F6906074D ] pciide C:\Windows\system32\drivers\pciide.sys
21:00:17.0254 0x0d34 pciide - ok
21:00:17.0272 0x0d34 [ 6E11FDE71F2015007CDD4AE9D2D700C9, BA9D2D9433B947A0B47F879FA7689C7C5F6DB28B93CDA32C672B8A72E92C7E3C ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
21:00:17.0276 0x0d34 pcmcia - ok
21:00:17.0292 0x0d34 [ 8A56B080B12950D448D556FE4BA6C68C, 850DB538CE4F65E18F5402E57BE5FF458F1EF68C8BBA5A7B0B5EBF3E4C5B990F ] pcw C:\Windows\system32\drivers\pcw.sys
21:00:17.0294 0x0d34 pcw - ok
21:00:17.0324 0x0d34 [ 58F99F74C33B7615ABEECF70BAD5FE1E, 6FDD34677313194A12256153D60B57524446378063BD45BAA5183BC6D56C97C6 ] pdc C:\Windows\system32\drivers\pdc.sys
21:00:17.0326 0x0d34 pdc - ok
21:00:17.0381 0x0d34 [ 8C7EE53A9F6A5F01E77DBB81654E5B66, 61AD022CCBBF0BBFD8815EF60E7F88F7E2C8AB99C19E5EC29F1A7616A24D96EE ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:00:17.0400 0x0d34 PEAUTH - ok
21:00:17.0477 0x0d34 [ D90D72035BA6DB320C9700E16552D0FE, 0DD0FD650A7532ACC9C5BC5D98F41484852DBC17929A55D99632C04A04D06C97 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
21:00:17.0528 0x0d34 PeerDistSvc - ok
21:00:17.0594 0x0d34 [ CCF3E6C601D71A4CBB4C08B5591E5D26, 93976471B32211328FCDBBEC10BCA0E9B4497A8A6AA21125894CE54E11A7014F ] pla C:\Windows\system32\pla.dll
21:00:17.0631 0x0d34 pla - ok
21:00:17.0651 0x0d34 [ 84C433F0FA896BACFAB67D0B22CFA73C, 10C3C9326A011C3E2006C0FA119BBEF9C5C622BB9D10175527D6D07837D3F07A ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:00:17.0657 0x0d34 PlugPlay - ok
21:00:17.0673 0x0d34 [ 7BB1FAB338641C440FDCDEB8B243648A, 8A9DAA73A674409EE7A8CEDED2769F3B365FBB183A1EC510BEE00F30A7DF8119 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:00:17.0678 0x0d34 PNRPAutoReg - ok
21:00:17.0688 0x0d34 [ BB3916021D0AC8D33C02C1161B7A2621, 01452A201C2CA555706356CF1EB9890BD4857DD906DFC1CF66AAA3E29D4562A2 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:00:17.0697 0x0d34 PNRPsvc - ok
21:00:17.0731 0x0d34 [ 9DC57EB201F2F77E874084176EAD5BCF, 6B0E37955FAA6E1835D9280669B2AA703DE846C1B8D1EDEE32B46A5206699069 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:00:17.0742 0x0d34 PolicyAgent - ok
21:00:17.0767 0x0d34 [ 556848D77F36645260DE452513A54F5D, 9DE2522EEE25FED38F52320418D1280AE0DABDD6BFD6018034970D2D414849F2 ] Power C:\Windows\system32\umpo.dll
21:00:17.0773 0x0d34 Power - ok
21:00:17.0801 0x0d34 [ 03D522782A0BB5108C8A43A10EE51CB0, B1CE7693A119091B5924125B6C1CCBD7DC8519F7D649DBE9F5FD667E4F8F6861 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:00:17.0803 0x0d34 PptpMiniport - ok
21:00:17.0940 0x0d34 [ 2D55A1BE48C6D5B695D05A829E528D42, AC797C4FD9912BAD8A91E9596455276A6CBA2E98D36EE17A1687FE24BC9442C8 ] PrintNotify C:\Windows\system32\spool\DRIVERS\W32X86\3\PrintConfig.dll
21:00:17.0992 0x0d34 PrintNotify - ok
21:00:18.0012 0x0d34 [ BD23C45A654066374E3EC7F4EF8FC9B6, 7B91547F65BB4767E6D842559A3347770AFC2A5CFA628C65F91DC1BBC479B6F2 ] Processor C:\Windows\System32\drivers\processr.sys
21:00:18.0014 0x0d34 Processor - ok

21:00:18.0029 0x0d34 [ FEE5D89ABE17FBD24FE8A6FD91543316, 9B6BB5CE63963ABB9535B5FCA64A605EC01A93A7799FFD78404E714F757524ED ] ProfSvc C:\Windows\system32\profsvc.dll
21:00:18.0037 0x0d34 ProfSvc - ok
21:00:18.0061 0x0d34 [ 42E46DC7767F5AB664E3F6B36D9764AD, E4D6D493DC0C7A3881572BB238744AF8B040D40C9A4A53F2A5067FBAE63DC21C ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:00:18.0064 0x0d34 Psched - ok
21:00:18.0103 0x0d34 [ 9D8D860A9CF57A47E0041C9BDA415130, FADAB842C0C8EA69E6341B192F64946FB1C2EC25DF21EF789FB94CBBEA2B3DBF ] QWAVE C:\Windows\system32\qwave.dll
21:00:18.0112 0x0d34 QWAVE - ok
21:00:18.0124 0x0d34 [ 29E548E1C511BFBE56FA6438488DE0E0, 9C8E314FEA828BDAF91F54D338339116AD26203D91A7043B7DB006940F20888A ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:00:18.0125 0x0d34 QWAVEdrv - ok
21:00:18.0137 0x0d34 [ C07E9331431C78D41F30E62A15E1D324, AEB4ACD4352149CC5EE88CCB73386559FDC03735E1F641271CE7D137EF923ED1 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:00:18.0138 0x0d34 RasAcd - ok
21:00:18.0173 0x0d34 [ F63755B2DCE1BE7927F5CEAB7991EFED, 6BBDC6ED8948CCF47F196E5F1109FE29137B05F796D5C0A52524F146277CB89E ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:00:18.0174 0x0d34 RasAgileVpn - ok
21:00:18.0200 0x0d34 [ 63A57B7DDF705E4D7D6B0FF86BDBBF96, DD2B68A0C0F7EBDB38DA7D9F6B211B88F498404B55F8E6ED552988272377B573 ] RasAuto C:\Windows\System32\rasauto.dll
21:00:18.0207 0x0d34 RasAuto - ok
21:00:18.0222 0x0d34 [ 6E0649D7325D85C47C844EB3267E4625, 56D80C2AC5D6EFE28FA7EEAD042ACA4E400A6CAF46DE639E7FA3A8370EBB8344 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:00:18.0225 0x0d34 Rasl2tp - ok
21:00:18.0239 0x0d34 [ FA17FE26953E6B0DE7A5A966253869E9, 313D036927D7D27D839688DD047823C6EE856B2702A8CDB65D68DB956AB6A73A ] RasMan C:\Windows\System32\rasmans.dll
21:00:18.0251 0x0d34 RasMan - ok
21:00:18.0265 0x0d34 [ 5BA6DB7AD04A8EADE0A41E6C8427582B, 2ADCDCA17983A684CCB215F589DF40C0CC5BF7B74FB537048DFF13C18EF9C760 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:00:18.0268 0x0d34 RasPppoe - ok
21:00:18.0283 0x0d34 [ 3A421DDA09E3BF96E9D698D13FDC139E, 97069847CFCE7A15FCD918FA782D23B5F04298FB06DA1279932AD52F0F3D2662 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:00:18.0286 0x0d34 RasSstp - ok
21:00:18.0327 0x0d34 [ ED1CBB55D5946520994FCD8CA9596D9D, 327D85863D1AB8D4B1F63963D105F493DF9339DD18ED14D1DB676B2FA986EE34 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:00:18.0335 0x0d34 rdbss - ok
21:00:18.0352 0x0d34 [ 4FB0345ADE5C2E15EA1A22F173E71D37, 9E2D9C111F0C3B52EE0AB5E914C60490929B9EA27F5D643CD1C0CAA1E7AC5FE5 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys
21:00:18.0354 0x0d34 rdpbus - ok
21:00:18.0372 0x0d34 [ 2CAD2A13569741C67CD9C52F97E0F992, 4093D72D191972BF4111B6F9FC69AEA4669B330F2BD4463777990822316BB166 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
21:00:18.0376 0x0d34 RDPDR - ok
21:00:18.0402 0x0d34 [ 40083918DB637FCB8A2C2453A2284603, C5D6874BA98762F035BE7EF0CDFACD3859DA369CA2F3470091D59CCB8A084F12 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:00:18.0404 0x0d34 RdpVideoMiniport - ok
21:00:18.0424 0x0d34 [ EA0E833A1418C28E6085DFFA68731EA5, B9D18B4F5E32AE73EF70AF3BADA878970727A32A26E94245D567AA22B589A85C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:00:18.0429 0x0d34 RDPWD - ok
21:00:18.0450 0x0d34 [ 38A8012D03150D6852B9CDDB24280F1A, EDFBDC31D42BE580B34726EE165A822E21B14A5CAB5FED874D9C600454CDFC45 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:00:18.0454 0x0d34 rdyboost - ok
21:00:18.0480 0x0d34 [ 9F38A0A16958C33552C92EAE5AFC9E5F, A6972B39BC5AA9F647361BC6ECAB603F49204C0FF9C0FA9BF524BC9F2AEE129E ] RemoteAccess C:\Windows\System32\mprdim.dll
21:00:18.0486 0x0d34 RemoteAccess - ok
21:00:18.0507 0x0d34 [ 8331C0CF128BD1A56440B2E82AAA5EB5, 91F7A7E116F509E1455F4CF955A996CBF65C769CF3A3D21079DB77E9E38D6414 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:00:18.0514 0x0d34 RemoteRegistry - ok
21:00:18.0542 0x0d34 [ 5AF682962162FCDB85B56CB8A0DB5E6B, 38A5EFFA4AFBD8E3AB936803198890F68FD7668E34D8BF48D59883001C4F35D9 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:00:18.0548 0x0d34 RpcEptMapper - ok
21:00:18.0560 0x0d34 [ A8DDFFFBA3F655C82AB5D4A249E4D414, A11C67BB58C7518FCEEB87F3693343CD662B6971605EE7E6CE0AE298BBB3D632 ] RpcLocator C:\Windows\system32\locator.exe
21:00:18.0564 0x0d34 RpcLocator - ok
21:00:18.0601 0x0d34 [ BCD3562ACB27B8137BF809F61BA44E80, 3BE2617996696AD8A2402C0767E55CE53EF48B4234660C9948E153B5ACBE98C7 ] RpcSs C:\Windows\system32\rpcss.dll
21:00:18.0620 0x0d34 RpcSs - ok
21:00:18.0642 0x0d34 [ C7BD738B9BF45E797A6089AF946BAC47, 1AE7B4671444AF1D597A2E69AF07809DA6B1277532EC74157BE64F914ADC684F ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:00:18.0644 0x0d34 rspndr - ok
21:00:18.0693 0x0d34 [ BF93264AE817867448A1A8D9F650A288, 6FFE2D8E990C622AF66413245F859B1E3ED0B240C6A7C6A3872DF1B50D2CD35D ] RTL8168 C:\Windows\system32\DRIVERS\Rt630x86.sys
21:00:18.0702 0x0d34 RTL8168 - ok
21:00:18.0730 0x0d34 [ E21867D4A8FF3824150E56979E333610, 00FD801EAF2D7104537D33FD5044E314A13743FB9E94DA72F8D7A3AD66CFD1F2 ] s3cap C:\Windows\System32\drivers\vms3cap.sys
21:00:18.0730 0x0d34 s3cap - ok
21:00:18.0742 0x0d34 [ 0118D8C2B0B04F6B6FE620EADDA53449, 00D1D9EA3150F83D99DA7E31EA96872CB18F7092A58E75763714CD546B8D23A7 ] SamSs C:\Windows\system32\lsass.exe
21:00:18.0745 0x0d34 SamSs - ok
21:00:18.0761 0x0d34 [ 434F805B0B3840A52C19C96A7BB64AA3, B5B92E07091ECB75B1A72AF1E15F856C05492236D5F86137163DAE60B64CCA44 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:00:18.0763 0x0d34 sbp2port - ok
21:00:18.0791 0x0d34 [ B1B737661EF9D779FEE8866CC38F7B98, DD3DC0057A280F59FF83C6F8D111B28A60AE53200FE0732CEE71C8E207584169 ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:00:18.0799 0x0d34 SCardSvr - ok
21:00:18.0809 0x0d34 [ 3F21FBE0550B41240B6A864F6C8C15E4, ED54180631DEADDF76649E3B78D5CFC213274075E3BD11541D99C7765CC048CD ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:00:18.0811 0x0d34 scfilter - ok
21:00:18.0861 0x0d34 [ F1866E47D02F60A62C78870F80E09E49, 9BEA677B5F96230B252219C3A7705ABB6F1F886076ECC21D491D5269F66C436A ] Schedule C:\Windows\system32\schedsvc.dll
21:00:18.0887 0x0d34 Schedule - ok
21:00:18.0903 0x0d34 [ BAEE72BFBEC7B96AA85F861A6F4FE428, 78E6C63848C5AFCD67C08F2A17BFD764524B8A9117EAF74CD5514F8239E155CB ] SCPolicySvc C:\Windows\System32\certprop.dll
21:00:18.0906 0x0d34 SCPolicySvc - ok
21:00:18.0932 0x0d34 [ 6F685ED83090697ED608372722D32B9E, FAE3AB971A47D6A0BA28C75B27E0CF7F09B28AD800DD76C0AF4D715C931AB338 ] sdbus C:\Windows\System32\drivers\sdbus.sys
21:00:18.0936 0x0d34 sdbus - ok
21:00:18.0943 0x0d34 [ B433671D5A6D36D35141A56B6E75D086, 46E8DBE722E8422ECDF5F4410F26100B55F0799A0293AFFF27AD3BD4DF0FC9E7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:00:18.0949 0x0d34 SDRSVC - ok
21:00:18.0967 0x0d34 [ 29A975CB4DDA873C80B0AAA91FFA74B8, CCD1956D2AB61F6A26555034356A773B820FA34F14A2CE8567AB5BBFE136B801 ] sdstor C:\Windows\System32\drivers\sdstor.sys
21:00:18.0969 0x0d34 sdstor - ok
21:00:18.0979 0x0d34 [ A8CC993CED4DF9710ADAABC9DA66B660, 76D64D0D762DCF05AE494749514D91D3F0FF4EC2D0A1FFEA8A5F8708832DF17C ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:00:18.0980 0x0d34 secdrv - ok
21:00:18.0992 0x0d34 [ B83564D1603B821CCD82CC335C87AD97, 05E75C0E0F69637462FE6F844FBF6835558E5FD0660A8C0CBA621DC3E2F39C9B ] seclogon C:\Windows\system32\seclogon.dll
21:00:18.0997 0x0d34 seclogon - ok
21:00:19.0012 0x0d34 [ 64355214ECE4573F553353597779EF11, EE47948A806B75EC62A02E13D4A01882DA2F68D05C4D87C98DF96A80590CC115 ] SENS C:\Windows\System32\sens.dll
21:00:19.0018 0x0d34 SENS - ok
21:00:19.0032 0x0d34 [ 7E4F0DCAF6739C830B8043CCBF79ABBF, 2028E9BDE0DE22D700EB1CC5488CD2FB404FDC3AB77D551A14EB1E76816C38F5 ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:00:19.0040 0x0d34 SensrSvc - ok
21:00:19.0054 0x0d34 [ 3DE395F302C4DCD3D4792EB786A7B402, 7D6EB490079DE0E05B69B27862F4722B2CC7BAEBCB99C5BD4BF991BD76434348 ] SerCx C:\Windows\system32\drivers\SerCx.sys
21:00:19.0056 0x0d34 SerCx - ok
21:00:19.0070 0x0d34 [ C706C88BAEE6B23C86C791EF47D901D4, 626378C827D9877575098475B6AB7C30D19B6904AAD1ABD4F369E8880A443586 ] Serenum C:\Windows\System32\drivers\serenum.sys
21:00:19.0071 0x0d34 Serenum - ok
21:00:19.0087 0x0d34 [ F492965E2EDDB1BCA2E000A1085BE082, 6897D67B22483635F896C04C3FDDA320CF2716EE75D22D1C839B324668CC5A4B ] Serial C:\Windows\System32\drivers\serial.sys
21:00:19.0089 0x0d34 Serial - ok
21:00:19.0103 0x0d34 [ 409C91880A6A70FDD33CFEDC43D0F808, 306FC21667EC8C360E09E3B7CDEF8CCF99D08A33E4041195B968706B75DD6349 ] sermouse C:\Windows\System32\drivers\sermouse.sys
21:00:19.0104 0x0d34 sermouse - ok
21:00:19.0178 0x0d34 [ 8175C24B7852613A33323EFC9054979A, 66F12E4887B166A4DA2E5A42858E83E35FF57B87664C914E0F825CE4D33C2A62 ] Serviio C:\Program Files\Serviio\bin\ServiioService.exe
21:00:19.0186 0x0d34 Serviio - ok
21:00:19.0203 0x0d34 [ E19B1B639B5017BF6224744565B08E38, 80E3EF170E3DB3FCA318D3EE2DAA49FF27814AD53DB4FABB6567A8BBBD269B98 ] SessionEnv C:\Windows\system32\sessenv.dll
21:00:19.0213 0x0d34 SessionEnv - ok
21:00:19.0229 0x0d34 [ BDF7F7AC3700DAF0A19D19C008D408C0, E56F2E8669D1DFF7F0EFDA95F3247E685E25ABA17321A1DB51B5F7CD75512337 ] sfloppy C:\Windows\System32\drivers\sfloppy.sys
21:00:19.0230 0x0d34 sfloppy - ok
21:00:19.0268 0x0d34 [ 578AA5D3C4A4C1052C9B13B4FA748B00, ABFA1E1E64B1CFD7AA52D47580A77C0D1AAF935B694FAA7876C815398744D325 ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:00:19.0279 0x0d34 SharedAccess - ok
21:00:19.0307 0x0d34 [ C416B8E2EF38D100DA19C4DA8A3E8A17, 1939FB82DEDF5BC7A9F70A0B6013E4C76D8384823400BA9DE15477A86C3C9D40 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:00:19.0323 0x0d34 ShellHWDetection - ok
21:00:19.0340 0x0d34 [ A5A3C56B5E46F77E6992A3772F8E4C8D, 87368D7F54964D699D648771F035F70FBB3FB504FA64106CFE4E3E7784C6E5AD ] sisagp C:\Windows\system32\drivers\sisagp.sys
21:00:19.0341 0x0d34 sisagp - ok
21:00:19.0346 0x0d34 [ 39763193254A265FDA6F08EF375549DF, 19FD327F61F4057221C180DFA3C0BF6BD35FF3F6185E677A10877B74A8DA0B02 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
21:00:19.0348 0x0d34 SiSRaid2 - ok
21:00:19.0364 0x0d34 [ 2A95CC135283B3C56B783171532B62D0, 5041D60D1F89C0551C7237FCF1C3F59C5124C98CDA10B2669255E9A859FD4B93 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
21:00:19.0366 0x0d34 SiSRaid4 - ok
21:00:19.0385 0x0d34 [ 1FA732F662375B134B510B44686BABD2, 19AABA3445994003592EFFA46476C0892028DB0BC8E9ACCC9EBBB4471CDA433A ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:00:19.0390 0x0d34 SNMPTRAP - ok
21:00:19.0423 0x0d34 [ D9F46CF618066EB615B26AF03B8BEF7F, 7BCE94C3A2F7E241F659E6D07CED328CEE7E74227C8CBB59B45099B051B795D4 ] spaceport C:\Windows\system32\drivers\spaceport.sys
21:00:19.0428 0x0d34 spaceport - ok
21:00:19.0441 0x0d34 [ C8E9372645392E23CF36B4C1686B1509, 7D894F94240172C2DD7E95BF0EBC698F1F261C53767EFCD46AB2E3A7F9B412C9 ] SpbCx C:\Windows\system32\drivers\SpbCx.sys
21:00:19.0443 0x0d34 SpbCx - ok
21:00:19.0473 0x0d34 [ D246A6F32CD74A0AE1F00EF7C73A1DBC, 771CFD6D6474DE9CF0ABAF2AF3E800125217CC7EAEA92D6D04F8274080961E5E ] Spooler C:\Windows\System32\spoolsv.exe
21:00:19.0487 0x0d34 Spooler - ok
21:00:19.0638 0x0d34 [ 34E2F63B923188EF08379BA7441BBA56, 61B38055BB1982A8BEC6270392074B5975C9CE768A77B5269C387BAFCE048A4C ] sppsvc C:\Windows\system32\sppsvc.exe
21:00:19.0713 0x0d34 sppsvc - ok
21:00:19.0747 0x0d34 [ 8B20E19AF56E21E9549D4CA496BB78D6, 31DE1ACAFDD97E1BA978A88C2649D50B089C0550ACCE6AD6B88E6DFC7BCA3021 ] srv C:\Windows\system32\DRIVERS\srv.sys
21:00:19.0754 0x0d34 srv - ok
21:00:19.0801 0x0d34 [ DD81ABA1081A9A4E2999568C0DB61A49, 97D959242C7FFA57143B954CB99C46D06E2944C12013AD2C9F79CC02302CF862 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:00:19.0810 0x0d34 srv2 - ok
21:00:19.0831 0x0d34 [ C4006F04178E58192FFD0A82A5E5E897, 41AD71B9AFB2E6944F7E97BE698B86B08B826F6481AA83A793AE6166A888C5F2 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:00:19.0835 0x0d34 srvnet - ok
21:00:19.0856 0x0d34 [ 9B4B2E29751312BF65CBE301AFB746A1, 1D7A8F818A6ABCE927E393E91D365B6269BF03D15A0D5BB212A683CDF49565BB ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:00:19.0865 0x0d34 SSDPSRV - ok
21:00:19.0879 0x0d34 [ F23D18AF0C34B5167BA72F9B95EEAB06, 4565F7740650456C559BCF692CFD060556F540C42610CFC19EABE20630D60E9F ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:00:19.0885 0x0d34 SstpSvc - ok
21:00:19.0939 0x0d34 [ B5D2F4BF587FD60AF75B09EFC1AD0E0A, 2033D6DFCA7A48E338D94427AEC82DA761618D5D3AEB22E5A64427D2C2DB0350 ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
21:00:19.0947 0x0d34 Stereo Service - ok
21:00:19.0957 0x0d34 [ CC17B7A7C4DD72BE2B10DAF254147A2B, E208860E58D1B9E8B3481404BA67A2B6131415B329ADED5BDE8C35B40B9372C3 ] stexstor C:\Windows\system32\drivers\stexstor.sys
21:00:19.0958 0x0d34 stexstor - ok
21:00:19.0986 0x0d34 [ A17F30E2007BFBB0010FF4166A426088, 361E99D1D60875BA51CAF337F4B5D4C5AF20B79EDBE45332DD6334032F2450BC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
21:00:19.0987 0x0d34 StillCam - ok
21:00:20.0032 0x0d34 [ B9A28B6DA5EFEE202FAD396FEDFE73D8, EE7F313EFAAE36337B51F3A1EAB68906F9116B6A6F4365C515EAC89CCED5B4FB ] StiSvc C:\Windows\System32\wiaservc.dll
21:00:20.0048 0x0d34 StiSvc - ok
21:00:20.0079 0x0d34 [ EC9B71B41184284E65F496B39C572F30, 78F8874E76501D8DEBFFC86463FC4078B5C8CDA930F93A28DE168730C2EC74A8 ] storahci C:\Windows\system32\drivers\storahci.sys
21:00:20.0081 0x0d34 storahci - ok
21:00:20.0097 0x0d34 [ B00DA575ADF228C1D33269CDE92A68EC, 33787F3314CB28B0112E24D1E4160E76A051B102BB54B800FE44DBB2AA0B331E ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
21:00:20.0098 0x0d34 storflt - ok
21:00:20.0109 0x0d34 [ 9AA77CAD9ADF035109B9E65EB3F8D61A, 9CB8A2D0DA85FED8D1B1C809C15BC25C0905B10F32B018A1E6D7DB7D224E631D ] StorSvc C:\Windows\system32\storsvc.dll
21:00:20.0114 0x0d34 StorSvc - ok
21:00:20.0126 0x0d34 [ 5C538C4975B53C31500BC535FF436CDC, 84FE3FA917970B00C73AF4364357204548956D23286F5CC5BFFA76996C30F358 ] storvsc C:\Windows\system32\drivers\storvsc.sys
21:00:20.0127 0x0d34 storvsc - ok
21:00:20.0142 0x0d34 [ 8DF8D4AEADF32F5D4C6FFA9936E16A10, BC8A7B1E63B4BDE541E51338CF20247D62944665C2A68C40145787EEC90C1847 ] svsvc C:\Windows\system32\svsvc.dll
21:00:20.0147 0x0d34 svsvc - ok
21:00:20.0166 0x0d34 [ 8DCA45AD5E2D83E00A1952BE2B541A27, FA80FD42EFB4F0D27CC28DC3E92C5D365D851389643D7E083B5A8AD493E10815 ] swenum C:\Windows\System32\drivers\swenum.sys
21:00:20.0167 0x0d34 swenum - ok
21:00:20.0188 0x0d34 [ B53421FCD315F35837A07716E9F7A1E7, C38F0E84343B0A0E253B90949B2E707C5F0C3266BDDAF728D0F9B8CDAD81592E ] swprv C:\Windows\System32\swprv.dll
21:00:20.0201 0x0d34 swprv - ok
21:00:20.0273 0x0d34 [ 3F2E97730BE6855F51E2512B377E346E, CDEE720055A35CFE0B0A06FE8A5A034AB705DC5771A3D2FF219754A234AA8C1E ] SysMain C:\Windows\system32\sysmain.dll
21:00:20.0305 0x0d34 SysMain - ok
21:00:20.0328 0x0d34 [ 20A4983586DC02E81D4CC17A3D0399DF, A515270B35AE1332B594F25A5DCA7D897CF666032868B21316528A3817DC5ACB ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
21:00:20.0335 0x0d34 SystemEventsBroker - ok
21:00:20.0349 0x0d34 [ 3705A5E2A2834EA94EF073D87AF88D8F, 739DADA36D2061104866DAC763C8963E81A4779DC9F7C57D7B892DCEAF09FF40 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:00:20.0356 0x0d34 TabletInputService - ok
21:00:20.0366 0x0d34 [ 4A10477302BB35A17ED818CD8720478A, BA8916728A27ACE600292AC40AE2F5FB6864DC07A0AD4845644CBF5DA1C53536 ] TapiSrv C:\Windows\System32\tapisrv.dll
21:00:20.0377 0x0d34 TapiSrv - ok
21:00:20.0470 0x0d34 [ CCB7F95A25DBF8ABD14476810BF7EAD0, EBF61432764FFB106381C788754DE330DD697F2F7C72FE7ADF294B1434C73573 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:00:20.0504 0x0d34 Tcpip - ok
21:00:20.0555 0x0d34 [ CCB7F95A25DBF8ABD14476810BF7EAD0, EBF61432764FFB106381C788754DE330DD697F2F7C72FE7ADF294B1434C73573 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:00:20.0588 0x0d34 TCPIP6 - ok
21:00:20.0605 0x0d34 [ D40FB114D559FDDE599293E1B5107644, A716D610199DF1DB3D59EF83E2BB7251C3E3398D63747ED51626F6876ED58AE0 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:00:20.0607 0x0d34 tcpipreg - ok
21:00:20.0624 0x0d34 [ 0886D9F1B5A5334FBB143A260E4BFB5C, 97850CE2E2852913E9C190FAA7D5AC4E7223C0F0F63844E440968C8788104B20 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:00:20.0627 0x0d34 tdx - ok
21:00:20.0640 0x0d34 [ 0E099CC6D72DD47CAB9CC3D5DDF0A93E, 5F76385F0087A7C2823FDA92081919DD22EB90CB6C140417522AC0A00AD5E49B ] terminpt C:\Windows\System32\drivers\terminpt.sys
21:00:20.0641 0x0d34 terminpt - ok
21:00:20.0669 0x0d34 [ 10DA7F780EF287FEA7D70C1633C68F0B, 826A196631142742FDE0735F9970D9FA8C4A7648F916E8598F440C1687B41019 ] TermService C:\Windows\System32\termsrv.dll
21:00:20.0686 0x0d34 TermService - ok
21:00:20.0704 0x0d34 [ 14378287DC6D4CF1E3279AA9EBD70665, 50AD9D328802097DF85D10486521AEDA980CDA37FCD47DA4C77ACF607A4F633B ] Themes C:\Windows\system32\themeservice.dll
21:00:20.0710 0x0d34 Themes - ok
21:00:20.0723 0x0d34 [ CAAAB04E7775D8F11E166482F3596539, FE4D2043E63586521F84CEC0C12764AE97EF58E2BE2666BA21692D95A965734A ] THREADORDER C:\Windows\system32\mmcss.dll
21:00:20.0727 0x0d34 THREADORDER - ok
21:00:20.0748 0x0d34 [ BAD3F8C116412AF06DEE2883333BAB9E, 7BF53CA62F71ADA7FC858AEB6534BAC6BCFF0E5B722CE759F44B8476C24142C8 ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll
21:00:20.0755 0x0d34 TimeBroker - ok
21:00:20.0781 0x0d34 [ A7A43D0865B8E5D2E46CAF6BA423D0AC, 053CC21EC2F6D57850547F932B288CB7E9D775BE80D62FE0C79CFBE4B534D93B ] TPM C:\Windows\system32\drivers\tpm.sys
21:00:20.0784 0x0d34 TPM - ok
21:00:20.0802 0x0d34 [ 7B19BA44B3A44494DBA300206FABA998, 3D69F17E4D25C0D72E8A575FEB3763E600835ABBE64F460A166EED27BA0878C0 ] TrkWks C:\Windows\System32\trkwks.dll
21:00:20.0808 0x0d34 TrkWks - ok
21:00:20.0853 0x0d34 [ 02D1FC0FDA92FB34434166C612F95E5B, 5D4F98B77C9014BBCCF8A009F6B49E7AF0F42035DD3388AFCE67FDB6E38444A6 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:00:20.0855 0x0d34 TrustedInstaller - ok
21:00:20.0874 0x0d34 [ B9E622309DE8C780E6818531586F2221, B43A6C6DC2CE521BDEB381C9E6B7D2B5951FC5290145C5131BB4B324A52D990C ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:00:20.0875 0x0d34 TsUsbFlt - ok
21:00:20.0888 0x0d34 [ 074440A1C04913F7DF81839565A47917, F5AC1F6B44B0BA924C20CEEF6824D20E000D2C9E7D2041D0AB2A70332771998D ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys
21:00:20.0890 0x0d34 TsUsbGD - ok
21:00:20.0908 0x0d34 [ 62EE13D4EE7DB793C13F33F51A21170E, 7597353FF7E272A9A2ED6835F0E6C5980F19C2AB243C7AA34CDA4D11B4307007 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:00:20.0911 0x0d34 tunnel - ok
21:00:20.0924 0x0d34 [ E0750A399E378C8433165C843FD7F732, B9C12C7FA1C029988B3CAFA6D2BDBA36FE0CB3BF25793821608964750CB9A63E ] uagp35 C:\Windows\system32\drivers\uagp35.sys
21:00:20.0927 0x0d34 uagp35 - ok
21:00:20.0944 0x0d34 [ B3B9DDEEFC3B823B3067DCADCD80014D, CA1F7B7E79820F401112CB5568E4DF3D4FE93B24EE29BDCD97DD5539FA1405DC ] UASPStor C:\Windows\System32\drivers\uaspstor.sys
21:00:20.0947 0x0d34 UASPStor - ok
21:00:20.0980 0x0d34 [ 14AF2FDF422E64F5D287B94E7CDEB13E, B670F6F189E7F010F1197C9AFE0986503FCA1F71EBB3C910B337FD81959794E5 ] UCX01000 C:\Windows\System32\drivers\ucx01000.sys
21:00:20.0985 0x0d34 UCX01000 - ok
21:00:21.0019 0x0d34 [ F7C3F24307957862CA4E0E11DDC88B2F, 1F4A52955F72CD858C8442B63AAA8FA18612D8BF34D91CED27D52658D40C9E78 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:00:21.0024 0x0d34 udfs - ok
21:00:21.0040 0x0d34 [ 3F7B87F8E850907783AC681AF542601D, BBAB875B6DD8275B6B21633F2FA95542FBDA8DB17FAD4B77013FD38033453C18 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:00:21.0046 0x0d34 UI0Detect - ok
21:00:21.0056 0x0d34 [ C4FE9CC8AA769B1D140C07308574969D, BBD51A54D35B15FE72A0096A10A350911C15B07B232F933D6A80E38CFA6C8B8E ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:00:21.0058 0x0d34 uliagpkx - ok
21:00:21.0067 0x0d34 [ D54E16CE5FF8493E611CFF34F96F5A00, 65666C17E0CD6935D54C121D582D44C4C83DA7E7967CA2809CC7CD2590DC67B8 ] umbus C:\Windows\System32\drivers\umbus.sys
21:00:21.0069 0x0d34 umbus - ok
21:00:21.0083 0x0d34 [ 4F92FB5D2353C1B75F0C3138C1822FC3, 807A38D264E84ABD4275B696B1762BAA1BD5D143279EB305D8C9255BB697FF92 ] UmPass C:\Windows\System32\drivers\umpass.sys
21:00:21.0084 0x0d34 UmPass - ok
21:00:21.0105 0x0d34 [ CC0CC034C75F8D445B7E561BA018E166, 3431B446D7612F027066A878199A5600417521738F6CDB880E1AC39BA4A37FB4 ] UmRdpService C:\Windows\System32\umrdp.dll
21:00:21.0115 0x0d34 UmRdpService - ok
21:00:21.0130 0x0d34 [ 4359A695FB0CF5C0C78A7FD2DACABC00, CB2EC1CF683ECA588C9C7C3F4DA0FE32B6E02DC4424D96F55763FF5330E79B1F ] upnphost C:\Windows\System32\upnphost.dll
21:00:21.0144 0x0d34 upnphost - ok
21:00:21.0169 0x0d34 [ F433A6D23B444461CEC9A8125350916C, 4BBB37B5F73AD710F6345ED9B1FB065314584E65D98D410CEE7261C363970898 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
21:00:21.0172 0x0d34 usbaudio - ok
21:00:21.0186 0x0d34 [ D982889116DBD5B36DA276B3C52BC751, 50292E34838750A841ED684A986F74B35317F420556DE45B64AAB1020B02E9B1 ] usbccgp C:\Windows\System32\drivers\usbccgp.sys
21:00:21.0188 0x0d34 usbccgp - ok
21:00:21.0207 0x0d34 [ 157FA08A7E30735A032C08F39F6F7C55, 1A48D961D2BA8A948EBD967CA854E34260A9FB26D5BDD5C7BF3DF9A21B4CB19E ] usbcir C:\Windows\System32\drivers\usbcir.sys
21:00:21.0209 0x0d34 usbcir - ok
21:00:21.0239 0x0d34 [ 09C8E68669444AFE92B71480110952B1, 0F9FE4F596D1FC196F6D7A6ABD9EACB415B75D51D8E32E78109755AD9AF9D1B9 ] usbehci C:\Windows\System32\drivers\usbehci.sys
21:00:21.0241 0x0d34 usbehci - ok
21:00:21.0267 0x0d34 [ 03E855AD3F47B802542B0812F47FB9BD, 3D83C605E5221365ED03C8FE5C373C0E9E8A8AB5F0C850ECA5FD78AED1F74F58 ] usbhub C:\Windows\System32\drivers\usbhub.sys
21:00:21.0274 0x0d34 usbhub - ok
21:00:21.0309 0x0d34 [ C92A1374885D78D6853AA18F5920FBDE, ADA5584D14ACC25EA1ED650B8C689172319A0280E212FAE5A3518F8500D0C744 ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys
21:00:21.0317 0x0d34 USBHUB3 - ok
21:00:21.0328 0x0d34 [ D3641BCE4BE9858423CF0FA843A77AC1, 92AC3997CCB5FA84DD41774ED6417E095AE83E1E00E7A1E208B89AA266DEB456 ] usbohci C:\Windows\System32\drivers\usbohci.sys
21:00:21.0329 0x0d34 usbohci - ok
21:00:21.0344 0x0d34 [ 3B68E41FDF2B053F148E4AA0B456A435, 5CFDCBAB8BDC711EB0CDCAE82693A809CA7785A23E837E877EF32194F7282E05 ] usbprint C:\Windows\System32\drivers\usbprint.sys
21:00:21.0345 0x0d34 usbprint - ok
21:00:21.0359 0x0d34 [ 6EE1CB13D89DFC95B6D7A90B38113F34, 1740EB93B379348071810E7B572C207CED38E7527E43051EB44FB2C8FB3C3E46 ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS
21:00:21.0362 0x0d34 USBSTOR - ok
21:00:21.0377 0x0d34 [ 043BC3831B94A57122BE351658B61DC2, 849E7B8B6E8C9D1B4D6B1343B41117B8F012CB1606F0D8491BBD15DD506AAA2B ] usbuhci C:\Windows\System32\drivers\usbuhci.sys
21:00:21.0378 0x0d34 usbuhci - ok
21:00:21.0397 0x0d34 [ 6AC515E4FEA8A0FDAA3F80C4CB112AEA, A4F2C6B186FFBC8541080726D9FA259282BD91AD25C7839DC68629C44F6478AD ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
21:00:21.0401 0x0d34 usbvideo - ok
21:00:21.0423 0x0d34 [ BAF8495C4D3301C3C75A88454C53517F, A79EF756A55E860DA4E05FEDD232115D54D0FEF60881DE483D16404F8C4D3C7F ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS
21:00:21.0428 0x0d34 USBXHCI - ok
21:00:21.0437 0x0d34 [ 0118D8C2B0B04F6B6FE620EADDA53449, 00D1D9EA3150F83D99DA7E31EA96872CB18F7092A58E75763714CD546B8D23A7 ] VaultSvc C:\Windows\system32\lsass.exe
21:00:21.0441 0x0d34 VaultSvc - ok
21:00:21.0449 0x0d34 [ 0AA85E1C967652071D283147AC4B17CD, CA643FA1B71751D286C55C36BD9A7492E899526F7851839208A46AE17E65D59D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:00:21.0451 0x0d34 vdrvroot - ok
21:00:21.0482 0x0d34 [ 7F3DF007481BC1215EC2485E93558E65, AEDF57A019959E8B495F6DEECC5CD0635DF8A67EDAA1072966C4323E9B958DE9 ] vds C:\Windows\System32\vds.exe
21:00:21.0497 0x0d34 vds - ok
21:00:21.0518 0x0d34 [ F70882757673FA7D4E466D811E1AC029, 6C940022DEF2F1D174953C15B73A3197218BD5528821923580657B2BED9FA607 ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys
21:00:21.0520 0x0d34 VerifierExt - ok
21:00:21.0544 0x0d34 [ 01F65399F930E5F26D39F18C1F665B03, AB688CEFFA2313A32757A20788E2BDC0C32DE42592231C7C0F26DEE51E7DE1A7 ] vhdmp C:\Windows\System32\drivers\vhdmp.sys
21:00:21.0551 0x0d34 vhdmp - ok
21:00:21.0560 0x0d34 [ 91A67D2DDDD75D173A6590B75E305E3C, 06B05073187B93263FE1697DAC2A76EAB16265EEE16E3CE86575B5DA97673AB7 ] viaagp C:\Windows\system32\drivers\viaagp.sys
21:00:21.0562 0x0d34 viaagp - ok
21:00:21.0573 0x0d34 [ 05DD6EA970A2493D8BFCE2CFCF2F445C, BB4AC5ECFAFA72282DCFBCD9469FA098CEB71CE545A8FF389B1294280FDC9C17 ] ViaC7 C:\Windows\System32\drivers\viac7.sys
21:00:21.0576 0x0d34 ViaC7 - ok
21:00:21.0583 0x0d34 [ 11283532CE62BA51557D00E09262ED78, 150AF6DE38A1B4C286AAAD465A5284C141B174FF9196C8F96132241B83757C4F ] viaide C:\Windows\system32\drivers\viaide.sys
21:00:21.0585 0x0d34 viaide - ok
21:00:21.0601 0x0d34 [ 2E4777120FC246CCF76A69C7BB4AEF57, FA156E7D1B19375FB5B8AB8E2E925FDC68D709109FEE4E5CDD785E666AB653AC ] vmbus C:\Windows\system32\drivers\vmbus.sys
21:00:21.0604 0x0d34 vmbus - ok
21:00:21.0615 0x0d34 [ FA7B57977E55B60409FD9E36FC57395C, 380EA7ED9FDCE6CF3E134391A87685FB92DD8A468BDEEF22A4E3E7EF694A5820 ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys
21:00:21.0617 0x0d34 VMBusHID - ok
21:00:21.0649 0x0d34 [ 57AE02EE534B4BF0E09462C6C2665D55, 3A74EA800A69D9B6F67114287022F50FC027EDB0DB64D39DC8D8A9597DB309E8 ] vmicheartbeat C:\Windows\System32\ICSvc.dll
21:00:21.0658 0x0d34 vmicheartbeat - ok
21:00:21.0667 0x0d34 [ 57AE02EE534B4BF0E09462C6C2665D55, 3A74EA800A69D9B6F67114287022F50FC027EDB0DB64D39DC8D8A9597DB309E8 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
21:00:21.0675 0x0d34 vmickvpexchange - ok
21:00:21.0684 0x0d34 [ 57AE02EE534B4BF0E09462C6C2665D55, 3A74EA800A69D9B6F67114287022F50FC027EDB0DB64D39DC8D8A9597DB309E8 ] vmicrdv C:\Windows\System32\ICSvc.dll
21:00:21.0691 0x0d34 vmicrdv - ok
21:00:21.0701 0x0d34 [ 57AE02EE534B4BF0E09462C6C2665D55, 3A74EA800A69D9B6F67114287022F50FC027EDB0DB64D39DC8D8A9597DB309E8 ] vmicshutdown C:\Windows\System32\ICSvc.dll
21:00:21.0708 0x0d34 vmicshutdown - ok
21:00:21.0718 0x0d34 [ 57AE02EE534B4BF0E09462C6C2665D55, 3A74EA800A69D9B6F67114287022F50FC027EDB0DB64D39DC8D8A9597DB309E8 ] vmictimesync C:\Windows\System32\ICSvc.dll
21:00:21.0725 0x0d34 vmictimesync - ok
21:00:21.0734 0x0d34 [ 57AE02EE534B4BF0E09462C6C2665D55, 3A74EA800A69D9B6F67114287022F50FC027EDB0DB64D39DC8D8A9597DB309E8 ] vmicvss C:\Windows\System32\ICSvc.dll
21:00:21.0742 0x0d34 vmicvss - ok
21:00:21.0756 0x0d34 [ 7E8BCEEA56197925D944CA7D230596F7, 6259BBFCF75C407650181C8260F9AB7E0A2F2DFD0BAEBEC9D56B9731268D6A25 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:00:21.0758 0x0d34 volmgr - ok
21:00:21.0776 0x0d34 [ 9C21037D3983D9B93190D2AA16570395, DEA24368100F610BBDD320AE86E220928B228DD66A0836FB83193ABE2F7991F7 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:00:21.0782 0x0d34 volmgrx - ok
21:00:21.0801 0x0d34 [ C9C8573006D7A8391AFE35D99036B6A0, E81CE16FAE15BBCE8E3FDE6C372C384424E243071474A779F6515A3D18658193 ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:00:21.0807 0x0d34 volsnap - ok
21:00:21.0821 0x0d34 [ C5B79DA9C82C01EEFAABA713A858649E, 1C1F88224C537EF6FC3BC5A52C7B53492CF10A9A79EBF603CA073961462DB6FD ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
21:00:21.0825 0x0d34 vsmraid - ok
21:00:21.0879 0x0d34 [ 39FA161A2CD3DFA1062AD2A0F9B91F00, E2EF530C0C89FF20E36215E7F34A3A0EF7837E03C894BC064EBB1E00E9591F2D ] VSS C:\Windows\system32\vssvc.exe
21:00:21.0906 0x0d34 VSS - ok
21:00:21.0919 0x0d34 [ AB5F5CC034E31E496606E666657F3CC2, 0730FEB03820C1B63BB7B1C3F72E67CAC199683C770ED70F077335F7360C6BAC ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys
21:00:21.0925 0x0d34 VSTXRAID - ok
21:00:21.0940 0x0d34 [ 23044877230094EE20D057BC63ED19F0, 60AE16156335720B4204A8AA3ED48633A803B7B76AB2185FBF8A429DA5A6CD00 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
21:00:21.0941 0x0d34 vwifibus - ok
21:00:21.0978 0x0d34 [ 56A40C6DFB12E33B88887C4F9D5917FF, 1701ACF3C2F71C2BCC211EA0F110F85383E09C5554836FC57FFAF76C1ADA7244 ] W32Time C:\Windows\system32\w32time.dll
21:00:21.0989 0x0d34 W32Time - ok
21:00:22.0004 0x0d34 [ B4254668F5806AAA051A320FE88146F6, 12C6C79DF6D385F7A1E827B54AF42D7005379B8C5420A62CAC64CA181BDB2CD2 ] WacomPen C:\Windows\System32\drivers\wacompen.sys
21:00:22.0005 0x0d34 WacomPen - ok
21:00:22.0039 0x0d34 [ 44D1EF3CDB0B286FD73A7C0144CC6B1E, 98FDCF1079D04B44CDF183C3BF2FC97E5B65E486E834265200A9B96F958F1D1B ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
21:00:22.0041 0x0d34 Wanarp - ok
21:00:22.0046 0x0d34 [ 44D1EF3CDB0B286FD73A7C0144CC6B1E, 98FDCF1079D04B44CDF183C3BF2FC97E5B65E486E834265200A9B96F958F1D1B ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:00:22.0048 0x0d34 Wanarpv6 - ok
21:00:22.0097 0x0d34 [ 09EA8F80C26FEAAE7D34AC82A871A909, 92F040B3313F2C7866FFDDF9E810D4C4B74FED2124B9C13D5143F69061A0CBE2 ] wbengine C:\Windows\system32\wbengine.exe
21:00:22.0127 0x0d34 wbengine - ok
21:00:22.0140 0x0d34 [ D7AB5A0119A208B53784863DF403C2F2, BD94564BC57BB2762043A7312A7474480BF6E94B4B025F45FB36FF3B2C1F6F5B ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:00:22.0149 0x0d34 WbioSrvc - ok
21:00:22.0186 0x0d34 [ 9591603AB1933FABD38CD19A5697A676, 7FC65C5516FF0D3D66E5A94C9CC843255C46D6037E83254A4DED9976AAFDF71B ] Wcmsvc C:\Windows\System32\wcmsvc.dll
21:00:22.0196 0x0d34 Wcmsvc - ok
21:00:22.0233 0x0d34 [ 2569DC92526501CA292A1985F54D174B, 6D8161EB1CDB8B56E2CC093F80E02C9DADEAD1CEAA28A8273FE3DAD7EFAF5023 ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:00:22.0247 0x0d34 wcncsvc - ok
21:00:22.0257 0x0d34 [ 1B0A5043CC13F7DEB9873CC464FB11C7, F80C52F5D41884B7583C455D3B4FE3B2AC5133D7BEB973FDC127A75209051EAB ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:00:22.0263 0x0d34 WcsPlugInService - ok
21:00:22.0275 0x0d34 [ 9BF0CE1E215789664EB563A52EC0B83B, DD593BB20B6C691964FED6E5D6021FF20044D1D41D147226B3824F417531EAC8 ] Wd C:\Windows\system32\drivers\wd.sys
21:00:22.0277 0x0d34 Wd - ok
21:00:22.0318 0x0d34 [ 85EAA1E93EA71967721033939EF5210C, B333BD2A0DC22DC6B995DCA1B7A18F848E1606617DAB0AE199564F06E2254BAF ] WdBoot C:\Windows\system32\drivers\WdBoot.sys
21:00:22.0319 0x0d34 WdBoot - ok
21:00:22.0365 0x0d34 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:00:22.0375 0x0d34 Wdf01000 - ok
21:00:22.0397 0x0d34 [ B69E026E2426A01F2857C0BF79DF3D31, B3AF0F67CECA2AD7375186E14807ABC74C3ECA9B47FCF55632497E208DDF3922 ] WdFilter C:\Windows\system32\drivers\WdFilter.sys
21:00:22.0402 0x0d34 WdFilter - ok
21:00:22.0417 0x0d34 [ 2FC34E39DD120AB985DF1F63B10A4B4D, 5EBF98440B36F8A2FB8537F116E8E382746DB8C08E353A200875F8C6E0343345 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:00:22.0424 0x0d34 WdiServiceHost - ok
21:00:22.0429 0x0d34 [ 2FC34E39DD120AB985DF1F63B10A4B4D, 5EBF98440B36F8A2FB8537F116E8E382746DB8C08E353A200875F8C6E0343345 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:00:22.0436 0x0d34 WdiSystemHost - ok
21:00:22.0460 0x0d34 [ 07577AD2DA7D82B8A077DA4C1981DB9B, C787FD83CCC364FF5E0C65532D2246A9ED2BAD4ED18CBAD192130EB6C6673D24 ] WebClient C:\Windows\System32\webclnt.dll
21:00:22.0468 0x0d34 WebClient - ok
21:00:22.0477 0x0d34 [ 476746404FC104242EE8F049F2A6FA4A, 85C71C0C6D234EE71788C36545A30E8AF061EDDFAA20791563FE4D4F3B327F7B ] Wecsvc C:\Windows\system32\wecsvc.dll
21:00:22.0485 0x0d34 Wecsvc - ok
21:00:22.0502 0x0d34 [ B8A6C4812FD65EF95EB0F723A48C2462, 81A27AEEF8FE04A438DB87FAEC0F4DEFBE6786CA0ED04CF459EFBC6A5BCC6279 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:00:22.0508 0x0d34 wercplsupport - ok
21:00:22.0530 0x0d34 [ B40442F17F77B11F5F1BA961BB806E2B, 9E0E37E8DECFB090E49B492FF59DB1B498D97A5487508422FD2B7E132FFA8FC4 ] WerSvc C:\Windows\System32\WerSvc.dll
21:00:22.0537 0x0d34 WerSvc - ok
21:00:22.0561 0x0d34 [ 5EB8464B7E9FC7C9FDE98A9534C9EE6F, 615E76B8A3B4D6470B4CFEA7A578B87BEE4AD5D7C9F6665C748261BF70555A5F ] WFPLWFS C:\Windows\system32\DRIVERS\wfplwfs.sys
21:00:22.0562 0x0d34 WFPLWFS - ok
21:00:22.0576 0x0d34 [ 1764AA30CDF8AF8995D4A3CEADF6AB0D, C2876EEBF059222B74D85C2F7C5BC11F1B1A69A4103BF60D02DD0DE8630979DF ] WiaRpc C:\Windows\System32\wiarpc.dll
21:00:22.0582 0x0d34 WiaRpc - ok
21:00:22.0607 0x0d34 [ 8B7BBA41B67E92B73BAFEBDF570B3703, 02B278E591C0FA8600D8B0A46EA63D45A8C28788B1DF7202E0B9C62C18292B52 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:00:22.0608 0x0d34 WIMMount - ok
21:00:22.0652 0x0d34 [ B910DC7D38F3834119F9C35A56418B3D, 1D0985A49602F80A7F8FB06031DD0415E55AC7EDCD5B5C0E131092DBE73CBA43 ] WinDefend C:\Program Files\Windows Defender\MsMpEng.exe
21:00:22.0652 0x0d34 WinDefend - ok
21:00:22.0699 0x0d34 [ 7A4797475ABAD6ECF1BCB08637922ECA, EFD91794165E06139D5488F0EFA53652620AA002F814E6BA6A364B7204CB0A36 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
21:00:22.0720 0x0d34 WinHttpAutoProxySvc - ok
21:00:22.0778 0x0d34 [ 62B866B25BA8A3FCAEC457738DDA726E, F8112C6FC2A08F0E3E79CF8AB113147DEBFEBFFD79AFB4E412452146DB5F0AE7 ] winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:00:22.0782 0x0d34 winmgmt - ok
21:00:22.0854 0x0d34 [ EE08CA40473062F2962F1ED25C85306C, AED6BC65C0A710274CEC9ED811543419184CF36B9351FCB6626B53A5CC73F53D ] WinRM C:\Windows\system32\WsmSvc.dll
21:00:22.0898 0x0d34 WinRM - ok
21:00:22.0934 0x0d34 [ 30122927052480564DB0695B0CEADE62, 46731BCEDDF89E35808F0C4070F0FB34AE382E7D4A76FA4435340C5FE3931F09 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
21:00:22.0936 0x0d34 WinUsb - ok
21:00:22.0982 0x0d34 [ 70752CC656FE991392C1FD262D386863, F4ED96F0AD6E1E6A7EACDF55870B4D324CEDF9962F828D6921D675A18902E2A1 ] WlanSvc C:\Windows\System32\wlansvc.dll
21:00:23.0014 0x0d34 WlanSvc - ok
21:00:23.0085 0x0d34 [ 7194769CA375358E5BD89929C2C47B4C, BE1B2C7AC9B223764F12EAADD17782A38586234E251A9B6F9B5764AB06C6A650 ] wlidsvc C:\Windows\system32\wlidsvc.dll
21:00:23.0126 0x0d34 wlidsvc - ok
21:00:23.0135 0x0d34 [ F8A31500A1B7EFDB95E5103A7C7275C1, 5D265CCD4F30603FBCF53BA60BCFF2A8B0801215B63FA6837AE6D401BFD1D416 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys
21:00:23.0136 0x0d34 WmiAcpi - ok
21:00:23.0169 0x0d34 [ 8899BED47FE375EE665AD1821598E471, 5E30CF5B49B675A5158300CACFCFA496D8D0060F8633BC22B40BE7D9D248C05A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:00:23.0172 0x0d34 wmiApSrv - ok
21:00:23.0256 0x0d34 [ 207CB1C1770997621C1798E78EADCBBD, 4F8A1B3DCB1DEBD36D14758F80FF80363A3761D0938FB5932646EE2D56234551 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
21:00:23.0281 0x0d34 WMPNetworkSvc - ok
21:00:23.0308 0x0d34 [ 9C3F5C7B716247756575235A3218FD38, 45F7814D706844E241FFEC5B45D4AD1A7B897992862FEEB12F944D733DE90B21 ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys
21:00:23.0309 0x0d34 wpcfltr - ok
21:00:23.0332 0x0d34 [ 32B4145D0513E913C13A73C3E640C931, 63381DDC0DB272C661F57085C0911173BB3D76F788F7038767102D2A259E7AC0 ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:00:23.0338 0x0d34 WPCSvc - ok
21:00:23.0360 0x0d34 [ 27AD1D070DFF4F508F063779CC8882C4, A8E0CDDF57F2DBFE38D0BE7C08360F37B63DE693B7BC11E3D45A362B7408C017 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:00:23.0367 0x0d34 WPDBusEnum - ok
21:00:23.0379 0x0d34 [ E5DCECD5A6A21AE48E94F6C9DC0E093C, C478397D77AA457A7A94724A653273BF95F84D6CA89F6C8BF34FBD987E3B8326 ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys
21:00:23.0380 0x0d34 WpdUpFltr - ok
21:00:23.0407 0x0d34 [ 7CB94AFFC7F56C8E645381DB9C23F845, DEDAA1BF36D419A9F48854F838935B3223E4F8FB8224E922739F03C8BDB051C7 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:00:23.0408 0x0d34 ws2ifsl - ok
21:00:23.0439 0x0d34 [ 463628A91197979E29B3794D8CCB7600, DC6848DAD0DA90F9C60048E419D0987C5D2FBAA0BEB7869CEB42927772BBE524 ] wscsvc C:\Windows\System32\wscsvc.dll
21:00:23.0446 0x0d34 wscsvc - ok
21:00:23.0451 0x0d34 WSearch - ok
21:00:23.0558 0x0d34 [ 9E172AED2556DF2048DD9020B302F09C, 4E023DF0D3439E50FD8E9F24E52A9DACF0E2D6BD616C849DF5B07EB081C1F5DF ] WSService C:\Windows\System32\WSService.dll
21:00:23.0604 0x0d34 WSService - ok
21:00:23.0726 0x0d34 [ 83010BCEE96ED2A95BA9F63E72274DDE, 4A13DF9ECD696ED6990DA59B5696AC467E2A5B2C39B789DFF4634A4C24066840 ] wuauserv C:\Windows\system32\wuaueng.dll
21:00:23.0791 0x0d34 wuauserv - ok
21:00:23.0808 0x0d34 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:00:23.0810 0x0d34 WudfPf - ok
21:00:23.0823 0x0d34 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys
21:00:23.0827 0x0d34 WUDFRd - ok
21:00:23.0853 0x0d34 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:00:23.0861 0x0d34 wudfsvc - ok
21:00:23.0868 0x0d34 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFWpdFs C:\Windows\system32\DRIVERS\WUDFRd.sys
21:00:23.0872 0x0d34 WUDFWpdFs - ok
21:00:23.0878 0x0d34 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFWpdMtp C:\Windows\system32\DRIVERS\WUDFRd.sys
21:00:23.0882 0x0d34 WUDFWpdMtp - ok
21:00:23.0922 0x0d34 [ 9450B8D5C88ADD67EA982E071C48D681, 0BBA2A5A21E3112929A56D89B2A1DF77634591D37A93F25BD3A92E4C1F5A6244 ] WwanSvc C:\Windows\System32\wwansvc.dll
21:00:23.0935 0x0d34 WwanSvc - ok
21:00:23.0941 0x0d34 ================ Scan global ===============================
21:00:23.0991 0x0d34 [ 8D41654D0A9E15635ACF5E18FF470AB1, A85D1F6C3D63D7991E9B29B8A21C68776B7AEB617EFA45836E0686649A03CD55 ] C:\Windows\system32\basesrv.dll
21:00:24.0034 0x0d34 [ 1EEFCA33A6329CE675FEFFBC563140A9, 13223ED01330BA68292E4687AA25F2C277ECFF37C01EE419F90937A0C2E15500 ] C:\Windows\system32\winsrv.dll
21:00:24.0073 0x0d34 [ 78A87B9D36AAD6AFD6A24915389E1221, 06CE868DABC517646EB6A8D1DBD27BD4DEF4F047D2517516FECFF460D88DD860 ] C:\Windows\system32\sxssrv.dll
21:00:24.0112 0x0d34 [ 6528BAACA25356FE226904DD36C82BA7, C88BB8C5434E5F7F71732EA30F799B038904647B31600CF6FEEBABAA064C5EAF ] C:\Windows\system32\services.exe
21:00:24.0122 0x0d34 [ Global ] - ok
21:00:24.0122 0x0d34 ================ Scan MBR ==================================
21:00:24.0132 0x0d34 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
21:00:24.0309 0x0d34 \Device\Harddisk0\DR0 - ok
21:00:24.0309 0x0d34 ================ Scan VBR ==================================
21:00:24.0311 0x0d34 [ 9D88E7B2BB30EDDBE4912BB301B77C30 ] \Device\Harddisk0\DR0\Partition1
21:00:24.0324 0x0d34 \Device\Harddisk0\DR0\Partition1 - ok
21:00:24.0327 0x0d34 [ 5FD509AEBD2DAB5D2222A5ACF9856FB7 ] \Device\Harddisk0\DR0\Partition2
21:00:24.0335 0x0d34 \Device\Harddisk0\DR0\Partition2 - ok
21:00:24.0336 0x0d34 Waiting for KSN requests completion. In queue: 386
21:00:25.0337 0x0d34 Waiting for KSN requests completion. In queue: 386
21:00:26.0337 0x0d34 Waiting for KSN requests completion. In queue: 386
21:00:27.0338 0x0d34 Waiting for KSN requests completion. In queue: 386
21:00:28.0338 0x0d34 Waiting for KSN requests completion. In queue: 386
21:00:29.0338 0x0d34 Waiting for KSN requests completion. In queue: 386
21:00:30.0338 0x0d34 Waiting for KSN requests completion. In queue: 386
21:00:31.0338 0x0d34 Waiting for KSN requests completion. In queue: 386
21:00:32.0338 0x0d34 Waiting for KSN requests completion. In queue: 386
21:00:33.0338 0x0d34 Waiting for KSN requests completion. In queue: 356
21:00:34.0347 0x0d34 Waiting for KSN requests completion. In queue: 356
21:00:35.0361 0x0d34 Waiting for KSN requests completion. In queue: 356
21:00:36.0362 0x0d34 Waiting for KSN requests completion. In queue: 356
21:00:37.0362 0x0d34 Waiting for KSN requests completion. In queue: 356
21:00:38.0362 0x0d34 Waiting for KSN requests completion. In queue: 356
21:00:39.0362 0x0d34 Waiting for KSN requests completion. In queue: 356
21:00:40.0362 0x0d34 Waiting for KSN requests completion. In queue: 356
21:00:41.0362 0x0d34 Waiting for KSN requests completion. In queue: 356
21:00:42.0362 0x0d34 Waiting for KSN requests completion. In queue: 356
21:00:43.0362 0x0d34 Waiting for KSN requests completion. In queue: 44
21:00:44.0363 0x0d34 Waiting for KSN requests completion. In queue: 44
21:00:45.0409 0x0d34 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.4.304.0 ), 0x60100 ( disabled : updated )
21:00:45.0419 0x0d34 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2013.292 ), 0x42000 ( disabled : updated )
21:00:45.0432 0x0d34 Win FW state via NFP2: enabled
21:00:47.0806 0x0d34 ============================================================
21:00:47.0806 0x0d34 Scan finished
21:00:47.0806 0x0d34 ============================================================
21:00:47.0814 0x1480 Detected object count: 0
21:00:47.0814 0x1480 Actual detected object count: 0
21:00:59.0364 0x0c60 Deinitialize success

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2014-03-18 21:40:05
-----------------------------
21:40:05.240 OS Version: Windows 6.2.9200
21:40:05.241 Number of processors: 2 586 0xF0B
21:40:05.243 ComputerName: DAVIDUV-PC UserName: David
21:40:05.970 Initialize success
21:40:09.216 AVAST engine defs: 14031801
21:40:17.291 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-6
21:40:17.292 Disk 0 Vendor: SAMSUNG_HD322HJ 1AG01118 Size: 305244MB BusType: 3
21:40:17.432 Disk 0 MBR read successfully
21:40:17.435 Disk 0 MBR scan
21:40:17.438 Disk 0 Windows XP default MBR code
21:40:17.444 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
21:40:17.448 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 305142 MB offset 206848
21:40:17.460 Disk 0 scanning sectors +625137664
21:40:17.512 Disk 0 scanning C:\Windows\system32\drivers
21:40:24.635 Service scanning
21:40:39.705 Modules scanning
21:40:43.229 Disk 0 trace - called modules:
21:40:43.252 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
21:40:43.256 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85851030]
21:40:43.470 3 CLASSPNP.SYS[8232f0a0] -> nt!IofCallDriver -> [0x848f3338]
21:40:43.475 5 ACPI.sys[8bee549a] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP3T0L0-6[0x84bee870]
21:40:44.033 AVAST engine scan C:\Windows
21:40:45.425 AVAST engine scan C:\Windows\system32
21:42:26.867 AVAST engine scan C:\Windows\system32\drivers
21:42:36.257 AVAST engine scan C:\Users\David
21:47:47.114 AVAST engine scan C:\ProgramData
21:48:01.637 Scan finished successfully
21:48:49.255 Disk 0 MBR has been saved successfully to "C:\Users\David\Desktop\MBR.dat"
21:48:49.260 The log file has been saved successfully to "C:\Users\David\Desktop\aswMBR.txt"