PC-HELP.CZ

České diskuzní fórum o počítačích
https://pc-help.cnews.cz/

Prosím o kontrolu, problém s "mncpags.exe"

https://pc-help.cnews.cz/viewtopic.php?f=70&t=129766

Stránka 1 z 2

Prosím o kontrolu, problém s "mncpags.exe"

Napsal: 29 bře 2014 12:11
od Player1
Dobrý den, mám problém s programem mncpags.exe. Pri zapnuti PC vy vyskoci okno s hlaskou "mncpags.exe prestal pracovat", tady na foru mi bylo receno, ze nejde o sytemový proces a at se obrátím sem na tuto sekci na kontrolu logu HiJackThis

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:59:17, on 29.3.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16521)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [MSStp] C:\Windows\system32\msstp.vbe
O4 - HKLM\..\Run: [mncpagsSrv] C:\Windows\inf\mncpags.vbe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files\AMD AVT\bin\kdbsync.exe" aml
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 3604 bytes

Toto dělám poprvé tak snad je to správně a je tam vsechno :)

Re: Prosím o kontrolu, problém s "mncpags.exe"

Napsal: 29 bře 2014 12:12
od memphisto
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Re: Prosím o kontrolu, problém s "mncpags.exe"

Napsal: 29 bře 2014 12:47
od Player1
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 29.3.2014
Scan Time: 12:38:40
Logfile: MB log.txt
Administrator: Yes

Version: 2.00.0.1000
Malware Database: v2014.03.29.01
Rootkit Database: v2014.03.27.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled

OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: Admin

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 212877
Time Elapsed: 11 min, 40 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 1
PUP.Optional.Conduit.A, HKU\S-1-5-21-3321851790-3634758337-735559634-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CONDUIT\FF, , [ed180405eb90a294a143513038cb6e92],

Registry Values: 1
Trojan.Agent.VBS, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|MSStp, C:\Windows\system32\msstp.vbe, , [d035bd4c22590234e63d83db7092d729]

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 2
Trojan.Agent.VBS, C:\Windows\System32\msstp.vbe, , [d035bd4c22590234e63d83db7092d729],
PUP.Optional.PCPerformer.A, C:\Windows\System32\roboot.exe, , [4eb720e9df9c40f671e44c316e95916f],

Physical Sectors: 0
(No malicious items detected)


(end)



# AdwCleaner v3.022 - Report created 29/03/2014 at 12:44:09
# Updated 13/03/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (32 bits)
# Username : Admin - ADMIN-PC
# Running from : C:\Users\Admin\Downloads\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\END
File Found : C:\Windows\system32\roboot.exe
Folder Found : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4ni55833.default\Extensions\{96f454ea-9d38-474f-b504-56193e00c1a5}
Folder Found C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4ni55833.default\CT3289075
Folder Found C:\Windows\system32\AI_RecycleBin

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\Conduit

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16521


-\\ Mozilla Firefox v27.0.1 (cs)

[ File : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4ni55833.default\prefs.js ]

Line Found : user_pref("CT3289075.FF19Solved", "true");
Line Found : user_pref("CT3289075.UserID", "UN14680876221108692");
Line Found : user_pref("CT3289075.fullUserID", "UN14680876221108692.IN.20140315004208");
Line Found : user_pref("CT3289075.installDate", "15/03/2014 00:42:12");
Line Found : user_pref("CT3289075.installSessionId", "{ABEEA609-3007-402D-9EFF-D386A3E9EE40}");
Line Found : user_pref("CT3289075.installSp", "false");
Line Found : user_pref("CT3289075.installerVersion", "1.8.1.4");
Line Found : user_pref("CT3289075.searchRevert", "false");
Line Found : user_pref("CT3289075.searchUninstallUserMode", "1");
Line Found : user_pref("CT3289075.searchUserMode", "1");
Line Found : user_pref("CT3289075.toolbarInstallDate", "15-03-2014 00:42:09");
Line Found : user_pref("CT3289075.versionFromInstaller", "10.23.0.722");
Line Found : user_pref("CT3289075.xpeMode", "1");
Line Found : user_pref("smartbar.machineId", "NN1+8/YIRJPGWCWV0TSK3AJJMUDV7BSBUXHAOGLJFZQ+IYJIWNFU6NL8THT9KLJOW3WCYNJ77E3XOEWSJXSMGG");

-\\ Google Chrome v33.0.1750.154

[ File : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R1].txt - [2231 octets] - [29/03/2014 12:44:09]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [2291 octets] ##########

Re: Prosím o kontrolu, problém s "mncpags.exe"

Napsal: 29 bře 2014 19:46
od Player1
Co ted? poradi nekdo?

Re: Prosím o kontrolu, problém s "mncpags.exe"

Napsal: 29 bře 2014 22:08
od Orcus
Znovu spusť MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

====================================================

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Smazat“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

====================================================

Stáhni si Junkware Removal Tool

na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

====================================================

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

Re: Prosím o kontrolu, problém s "mncpags.exe"

Napsal: 29 bře 2014 23:37
od Player1
<?xml version="1.0" encoding="UTF-16"?>

-<mbam-log>


-<header>

<date>2014/03/29 22:51:35 +0100</date>

<log>mbam-log-2014-03-29 (22-43-06).xml</log>

<isadmin>yes</isadmin>

</header>


-<engine>

<version>2.00.0.1000</version>

<rules-database>v2014.03.29.06</rules-database>

<swissarmy-database>v2014.03.27.01</swissarmy-database>

<license>trial</license>

<file-protection>enabled</file-protection>

<web-protection>enabled</web-protection>

<self-protection>disabled</self-protection>

</engine>


-<system>

<osversion>Windows 7 Service Pack 1</osversion>

<arch>x86</arch>

<username>Admin</username>

<filesys>NTFS</filesys>

</system>


-<summary>

<type>threat</type>

<result>completed</result>

<objects>212939</objects>

<time>506</time>

<processes>0</processes>

<modules>0</modules>

<keys>1</keys>

<values>1</values>

<datas>0</datas>

<folders>0</folders>

<files>2</files>

<sectors>0</sectors>

</summary>


-<options>

<memory>enabled</memory>

<startup>enabled</startup>

<filesystem>enabled</filesystem>

<archives>enabled</archives>

<rootkits>disabled</rootkits>

<deeprootkit>disabled</deeprootkit>

<shuriken>enabled</shuriken>

<pup>enabled</pup>

<pum>enabled</pum>

</options>


-<items>


-<key>

<path>HKU\S-1-5-21-3321851790-3634758337-735559634-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CONDUIT\FF</path>

<vendor>PUP.Optional.Conduit.A</vendor>

<action>success</action>

<hash>25e5b4553f3ce650aea06d15e81b31cf</hash>

</key>


-<value>

<path>HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN</path>

<valuename>MSStp</valuename>

<vendor>Trojan.Agent.VBS</vendor>

<action>success</action>

<valuedata>C:\Windows\system32\msstp.vbe</valuedata>

<hash>14f6e029df9c092d0489035baa5802fe</hash>

</value>


-<file>

<path>C:\Windows\System32\msstp.vbe</path>

<vendor>Trojan.Agent.VBS</vendor>

<action>success</action>

<hash>14f6e029df9c092d0489035baa5802fe</hash>

</file>


-<file>

<path>C:\Windows\System32\roboot.exe</path>

<vendor>PUP.Optional.PCPerformer.A</vendor>

<action>success</action>

<hash>54b61bee06750333833c05786b98f50b</hash>

</file>

</items>

</mbam-log>


<?xml version="1.0" encoding="UTF-8"?>

-<logs>

<record subtype="Malware Protection" result="Starting" last_modified_tag="5991014b-b56d-4b5c-a359-b67a9e52df59" systemname="ADMIN-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-03-29T12:24:45.664483+01:00" LoggingEventType="2" severity="debug"/>

<record subtype="Malware Protection" result="Started" last_modified_tag="23300701-f86e-4a7f-8768-b5fde52c1d2f" systemname="ADMIN-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-03-29T12:24:45.670483+01:00" LoggingEventType="2" severity="debug"/>

<record subtype="Malicious Website Protection" result="Starting" last_modified_tag="e8d14062-af80-4b16-939d-9e15b230cb14" systemname="ADMIN-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-03-29T12:24:45.694485+01:00" LoggingEventType="2" severity="debug"/>

<record last_modified_tag="87ba023a-9103-4a6c-a6d6-e57b87ce4cd5" systemname="ADMIN-PC" username="SYSTEM" type="Update" source="Manual" datetime="2014-03-29T12:24:58.806546+01:00" LoggingEventType="1" severity="debug" toVersion="2014.3.27.1" name="Rootkit Database" fromVersion="2014.2.20.1"/>

<record subtype="Malicious Website Protection" result="Started" last_modified_tag="9b7deb81-9d5e-4e05-90fe-f51c54a0244e" systemname="ADMIN-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-03-29T12:25:19.262590+01:00" LoggingEventType="2" severity="debug"/>

<record last_modified_tag="085672a7-5178-486a-844a-06a820886b0d" systemname="ADMIN-PC" username="SYSTEM" type="Update" source="Manual" datetime="2014-03-29T12:26:01.162648+01:00" LoggingEventType="1" severity="debug" toVersion="2014.3.29.1" name="Malware Database" fromVersion="2014.3.4.9"/>

<record subtype="Refresh" result="Starting" last_modified_tag="45ed514b-b4b6-4772-91c9-93ac3de2aa92" systemname="ADMIN-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-03-29T12:26:02.356652+01:00" LoggingEventType="2" severity="debug"/>

<record subtype="Malicious Website Protection" result="Stopping" last_modified_tag="8ac1b651-9478-4cf6-b260-b265c2428269" systemname="ADMIN-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-03-29T12:26:02.356652+01:00" LoggingEventType="2" severity="debug"/>

<record subtype="Malicious Website Protection" result="Stopped" last_modified_tag="46c2a52e-2a70-4439-84e2-199876506ffb" systemname="ADMIN-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-03-29T12:26:02.516653+01:00" LoggingEventType="2" severity="debug"/>

<record subtype="Refresh" result="Success" last_modified_tag="a12b5063-5fca-46df-818a-6e1b8d6cd42d" systemname="ADMIN-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-03-29T12:26:05.700661+01:00" LoggingEventType="2" severity="debug"/>

<record subtype="Malicious Website Protection" result="Starting" last_modified_tag="66b37ff5-b1c6-4449-bba8-a38e11f181b8" systemname="ADMIN-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-03-29T12:26:05.720661+01:00" LoggingEventType="2" severity="debug"/>

<record subtype="Malicious Website Protection" result="Started" last_modified_tag="9e4e68ea-05e5-4740-a556-d8d802506e39" systemname="ADMIN-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-03-29T12:26:06.202663+01:00" LoggingEventType="2" severity="debug"/>

<record subtype="Malware Protection" result="Starting" last_modified_tag="07b8e563-401e-4363-9f74-5ccefc7607e0" systemname="ADMIN-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-03-29T19:40:04.389892+01:00" LoggingEventType="2" severity="debug"/>

<record subtype="Malware Protection" result="Started" last_modified_tag="d3e9a21d-2b36-4ff1-b348-c71cc24278f8" systemname="ADMIN-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-03-29T19:40:04.421093+01:00" LoggingEventType="2" severity="debug"/>

<record subtype="Malicious Website Protection" result="Starting" last_modified_tag="11665845-48e7-4ef9-9de1-49f8fe9f7622" systemname="ADMIN-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-03-29T19:40:04.436693+01:00" LoggingEventType="2" severity="debug"/>

<record subtype="Malicious Website Protection" result="Started" last_modified_tag="7442f8ec-a5b3-4787-a8a0-0d14c995d9ce" systemname="ADMIN-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-03-29T19:40:34.295145+01:00" LoggingEventType="2" severity="debug"/>

<record subtype="Malicious Website Protection" last_modified_tag="14f3d93d-7544-471b-9b29-d4cfdc55ebf9" systemname="ADMIN-PC" username="SYSTEM" type="Detection" source="Protection" datetime="2014-03-29T19:43:23.477604+01:00" LoggingEventType="0" severity="debug" port="62361" malwaretype="IP" ip="185.8.106.66" domain="msdrv64.com" direction="Outbound" process="C:\Program Files\Internet Explorer\iexplore.exe"/>

<record subtype="Malicious Website Protection" last_modified_tag="49c02a98-d62d-4546-bf45-0b07c4fac2c9" systemname="ADMIN-PC" username="SYSTEM" type="Detection" source="Protection" datetime="2014-03-29T19:43:23.527604+01:00" LoggingEventType="0" severity="debug" port="62361" malwaretype="IP" ip="185.8.106.66" domain="msdrv64.com" direction="Outbound" process="C:\Program Files\Internet Explorer\iexplore.exe"/>

<record subtype="Malware Protection" last_modified_tag="811bf5fd-da11-4f71-81fc-8c3894bf6d47" systemname="ADMIN-PC" username="SYSTEM" type="Detection" source="Protection" datetime="2014-03-29T19:44:50.340877+01:00" LoggingEventType="0" severity="debug" malwaretype="File" vendor="Trojan.BitMiner" hash="b84df7122d4e71c51563106355acf40c" filename="C:\Windows\inf\mncpags\mncpags.exe" action="Quarantine"/>

<record subtype="Malware Protection" last_modified_tag="0665b378-4db4-43c9-b3a5-1e77dcf01ba3" systemname="ADMIN-PC" username="SYSTEM" type="Detection" source="Protection" datetime="2014-03-29T19:46:03.296417+01:00" LoggingEventType="0" severity="debug" malwaretype="File" vendor="Trojan.BitMiner" hash="b84df7122d4e71c51563106355acf40c" filename="c:\windows\inf\mncpags\mncpags.exe" action="Quarantine"/>

<record result="Failed" last_modified_tag="8bffc437-5d68-46c9-8dbc-db932352628d" systemname="ADMIN-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-03-29T19:46:03.403423+01:00" LoggingEventType="2" severity="debug" filename="c:\windows\inf\mncpags\mncpags.exe" message="SDKQuarantine" code="1"/>

<record result="Failed" last_modified_tag="8bffc437-5d68-46c9-8dbc-db932352628d" systemname="ADMIN-PC" username="SYSTEM" type="Error" source="Protection" datetime="2014-03-29T19:46:03.408423+01:00" LoggingEventType="4" severity="debug" filename="c:\windows\inf\mncpags\mncpags.exe" message="SDKQuarantine" code="1"/>

<record last_modified_tag="2a679423-a3a7-4799-a594-34ae4db6894a" systemname="ADMIN-PC" username="SYSTEM" type="Update" source="Scheduler" datetime="2014-03-29T19:46:56.330450+01:00" LoggingEventType="1" severity="debug" toVersion="2014.3.29.4" name="Malware Database" fromVersion="2014.3.29.1"/>

<record subtype="Refresh" result="Starting" last_modified_tag="b9e3477e-db6e-427d-aa10-5c09ea84d79e" systemname="ADMIN-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-03-29T19:46:57.403511+01:00" LoggingEventType="2" severity="debug"/>

<record subtype="Malicious Website Protection" result="Stopping" last_modified_tag="f419309e-21e7-4660-8a26-9ec44b7f912d" systemname="ADMIN-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-03-29T19:46:57.412512+01:00" LoggingEventType="2" severity="debug"/>

<record subtype="Malicious Website Protection" result="Stopped" last_modified_tag="67a7d05d-024d-4429-b38d-9b1db2ee2658" systemname="ADMIN-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-03-29T19:46:57.539519+01:00" LoggingEventType="2" severity="debug"/>

<record subtype="Refresh" result="Success" last_modified_tag="f71ecf2e-e04a-4503-be9d-ef0125550672" systemname="ADMIN-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-03-29T19:47:01.026719+01:00" LoggingEventType="2" severity="debug"/>

<record subtype="Malicious Website Protection" result="Starting" last_modified_tag="433d2964-17a7-4335-af6e-8c102c5ea493" systemname="ADMIN-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-03-29T19:47:01.047720+01:00" LoggingEventType="2" severity="debug"/>

<record subtype="Malicious Website Protection" result="Started" last_modified_tag="3c2f5a67-7c54-4c95-9ee3-8972a1276984" systemname="ADMIN-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-03-29T19:47:01.580750+01:00" LoggingEventType="2" severity="debug"/>

<record last_modified_tag="29584987-1f23-4074-9260-7d5e0aee56a5" systemname="ADMIN-PC" username="SYSTEM" type="Update" source="Scheduler" datetime="2014-03-29T20:34:13.156605+01:00" LoggingEventType="1" severity="debug" toVersion="2014.3.29.5" name="Malware Database" fromVersion="2014.3.29.4"/>

<record subtype="Refresh" result="Starting" last_modified_tag="580ce1a9-9a76-448f-8f96-6fa18a3282de" systemname="ADMIN-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-03-29T20:34:14.427614+01:00" LoggingEventType="2" severity="debug"/>

<record subtype="Malicious Website Protection" result="Stopping" last_modified_tag="f9275395-4f39-404e-86b3-5e6c63373bc1" systemname="ADMIN-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-03-29T20:34:14.437614+01:00" LoggingEventType="2" severity="debug"/>

<record subtype="Malicious Website Protection" result="Stopped" last_modified_tag="7890ddf5-0c9d-4faf-b868-533d5c092a55" systemname="ADMIN-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-03-29T20:34:14.577614+01:00" LoggingEventType="2" severity="debug"/>

<record subtype="Refresh" result="Success" last_modified_tag="d1950abe-6597-4674-83aa-e9f7204e2572" systemname="ADMIN-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-03-29T20:34:18.121646+01:00" LoggingEventType="2" severity="debug"/>

<record subtype="Malicious Website Protection" result="Starting" last_modified_tag="0656f956-754c-42dd-9ff1-b10bb7dd924e" systemname="ADMIN-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-03-29T20:34:18.150647+01:00" LoggingEventType="2" severity="debug"/>

<record subtype="Malicious Website Protection" result="Started" last_modified_tag="d0ccf8b0-9514-449f-8627-40d44cd53647" systemname="ADMIN-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-03-29T20:34:18.769650+01:00" LoggingEventType="2" severity="debug"/>

<record last_modified_tag="cb444d83-5f4c-4521-ba28-d92d89bde847" systemname="ADMIN-PC" username="SYSTEM" type="Update" source="Scheduler" datetime="2014-03-29T21:36:51.491985+01:00" LoggingEventType="1" severity="debug" toVersion="2014.3.29.6" name="Malware Database" fromVersion="2014.3.29.5"/>

<record subtype="Refresh" result="Starting" last_modified_tag="7b5bba6a-28aa-42b9-a891-0838c7793fa3" systemname="ADMIN-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-03-29T21:36:52.587997+01:00" LoggingEventType="2" severity="debug"/>

<record subtype="Malicious Website Protection" result="Stopping" last_modified_tag="230a4864-bb4b-4e18-aa72-aecd793223db" systemname="ADMIN-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-03-29T21:36:52.597997+01:00" LoggingEventType="2" severity="debug"/>

<record subtype="Malicious Website Protection" result="Stopped" last_modified_tag="caf6ec83-cd4d-485e-81ac-4b4e58bf7263" systemname="ADMIN-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-03-29T21:36:52.719998+01:00" LoggingEventType="2" severity="debug"/>

<record subtype="Refresh" result="Success" last_modified_tag="965c12d4-bdd4-49d1-a1d8-ffbf64ae6f3a" systemname="ADMIN-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-03-29T21:36:56.380041+01:00" LoggingEventType="2" severity="debug"/>

<record subtype="Malicious Website Protection" result="Starting" last_modified_tag="f3f039d9-66a8-4548-a204-2a815f9bc21d" systemname="ADMIN-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-03-29T21:36:56.407042+01:00" LoggingEventType="2" severity="debug"/>

<record subtype="Malicious Website Protection" result="Started" last_modified_tag="7e135fb2-3dc0-4f93-84e9-741c28823207" systemname="ADMIN-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-03-29T21:36:57.012046+01:00" LoggingEventType="2" severity="debug"/>

<record subtype="Malicious Website Protection" last_modified_tag="e9d07c69-9ffd-4a47-806b-753b718743c3" systemname="ADMIN-PC" username="SYSTEM" type="Detection" source="Protection" datetime="2014-03-29T22:19:31.159708+01:00" LoggingEventType="0" severity="debug" port="63051" malwaretype="IP" ip="103.31.186.13" domain="mubdykneqwut.dyndns.biz" direction="Outbound" process="C:\Program Files\Mozilla Firefox\firefox.exe"/>

<record subtype="Malicious Website Protection" last_modified_tag="4b976b63-6291-4c44-a6d5-028ad1335864" systemname="ADMIN-PC" username="SYSTEM" type="Detection" source="Protection" datetime="2014-03-29T22:19:31.259713+01:00" LoggingEventType="0" severity="debug" port="63051" malwaretype="IP" ip="103.31.186.13" domain="mubdykneqwut.dyndns.biz" direction="Outbound" process="C:\Program Files\Mozilla Firefox\firefox.exe"/>

<record subtype="Malicious Website Protection" last_modified_tag="72403b94-c5f2-4dff-b95d-bfbd09df14d6" systemname="ADMIN-PC" username="SYSTEM" type="Detection" source="Protection" datetime="2014-03-29T22:19:31.386721+01:00" LoggingEventType="0" severity="debug" port="63052" malwaretype="IP" ip="103.31.186.13" domain="mubdykneqwut.dyndns.biz" direction="Outbound" process="C:\Program Files\Mozilla Firefox\firefox.exe"/>

<record subtype="Malware Protection" result="Starting" last_modified_tag="9f6b0e21-6284-43f4-8216-724716ce132a" systemname="ADMIN-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-03-29T22:53:01.292466+01:00" LoggingEventType="2" severity="debug"/>

<record subtype="Malware Protection" result="Started" last_modified_tag="2e7da098-0ffd-413b-abbb-f60441ba3247" systemname="ADMIN-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-03-29T22:53:01.342466+01:00" LoggingEventType="2" severity="debug"/>

<record subtype="Malicious Website Protection" result="Starting" last_modified_tag="b9428991-0140-4a22-84a1-68beca6eafca" systemname="ADMIN-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-03-29T22:53:01.352466+01:00" LoggingEventType="2" severity="debug"/>

<record subtype="Malicious Website Protection" result="Started" last_modified_tag="5c328d42-23c3-47bd-b19b-9bb597cc0225" systemname="ADMIN-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-03-29T22:53:45.320343+01:00" LoggingEventType="2" severity="debug"/>

</logs>



# AdwCleaner v3.022 - Report created 29/03/2014 at 23:12:04
# Updated 13/03/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (32 bits)
# Username : Admin - ADMIN-PC
# Running from : C:\Users\Admin\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Windows\system32\AI_RecycleBin
Folder Deleted : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4ni55833.default\CT3289075
Folder Deleted : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4ni55833.default\Extensions\{96f454ea-9d38-474f-b504-56193e00c1a5}
File Deleted : C:\END

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16521


-\\ Mozilla Firefox v28.0 (cs)

[ File : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4ni55833.default\prefs.js ]

Line Deleted : user_pref("CT3289075.FF19Solved", "true");
Line Deleted : user_pref("CT3289075.UserID", "UN14680876221108692");
Line Deleted : user_pref("CT3289075.fullUserID", "UN14680876221108692.IN.20140315004208");
Line Deleted : user_pref("CT3289075.installDate", "15/03/2014 00:42:12");
Line Deleted : user_pref("CT3289075.installSessionId", "{ABEEA609-3007-402D-9EFF-D386A3E9EE40}");
Line Deleted : user_pref("CT3289075.installSp", "false");
Line Deleted : user_pref("CT3289075.installerVersion", "1.8.1.4");
Line Deleted : user_pref("CT3289075.searchRevert", "false");
Line Deleted : user_pref("CT3289075.searchUninstallUserMode", "1");
Line Deleted : user_pref("CT3289075.searchUserMode", "1");
Line Deleted : user_pref("CT3289075.toolbarInstallDate", "15-03-2014 00:42:09");
Line Deleted : user_pref("CT3289075.versionFromInstaller", "10.23.0.722");
Line Deleted : user_pref("CT3289075.xpeMode", "1");
Line Deleted : user_pref("smartbar.machineId", "NN1+8/YIRJPGWCWV0TSK3AJJMUDV7BSBUXHAOGLJFZQ+IYJIWNFU6NL8THT9KLJOW3WCYNJ77E3XOEWSJXSMGG");

-\\ Google Chrome v33.0.1750.154

[ File : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [2324 octets] - [29/03/2014 23:08:09]
AdwCleaner[S0].txt - [2289 octets] - [29/03/2014 23:12:04]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2349 octets] ##########



~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 7 Ultimate x86
Ran by Admin on so 29.03.2014 at 23:23:32,41
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\4ni55833.default\minidumps [30 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 29.03.2014 at 23:25:14,65
Computer was rebooted
End of JRT log



RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Admin [Práva správce]
Mód : Kontrola -- Datum : 03/29/2014 23:35:07
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 4 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] EAT @explorer.exe (BeginBufferedAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x745F09AE)
[Address] EAT @explorer.exe (BeginBufferedPaint) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x745E49A1)
[Address] EAT @explorer.exe (BeginPanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74610731)
[Address] EAT @explorer.exe (BufferedPaintClear) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x745E6395)
[Address] EAT @explorer.exe (BufferedPaintInit) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x745E940E)
[Address] EAT @explorer.exe (BufferedPaintRenderAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x745F08ED)
[Address] EAT @explorer.exe (BufferedPaintSetAlpha) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x745FE6B3)
[Address] EAT @explorer.exe (BufferedPaintStopAllAnimations) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x745FD395)
[Address] EAT @explorer.exe (BufferedPaintUnInit) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x745E94AB)
[Address] EAT @explorer.exe (CloseThemeData) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x745E6A18)
[Address] EAT @explorer.exe (DrawThemeBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x745E3982)
[Address] EAT @explorer.exe (DrawThemeBackgroundEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x745FD9DA)
[Address] EAT @explorer.exe (DrawThemeEdge) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74603B52)
[Address] EAT @explorer.exe (DrawThemeIcon) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746135E7)
[Address] EAT @explorer.exe (DrawThemeParentBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x745E53E5)
[Address] EAT @explorer.exe (DrawThemeParentBackgroundEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x745E51BF)
[Address] EAT @explorer.exe (DrawThemeText) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x745E4EA1)
[Address] EAT @explorer.exe (DrawThemeTextEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x745E63E6)
[Address] EAT @explorer.exe (EnableThemeDialogTexture) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x745EFCAF)
[Address] EAT @explorer.exe (EnableTheming) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74612FEB)
[Address] EAT @explorer.exe (EndBufferedAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x745E3F9A)
[Address] EAT @explorer.exe (EndBufferedPaint) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x745E3F9A)
[Address] EAT @explorer.exe (EndPanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746106CC)
[Address] EAT @explorer.exe (GetBufferedPaintBits) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x745E4BAF)
[Address] EAT @explorer.exe (GetBufferedPaintDC) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x745F04BC)
[Address] EAT @explorer.exe (GetBufferedPaintTargetDC) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x745F0473)
[Address] EAT @explorer.exe (GetBufferedPaintTargetRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74612E7F)
[Address] EAT @explorer.exe (GetCurrentThemeName) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x745F05DD)
[Address] EAT @explorer.exe (GetThemeAppProperties) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x745F0FB1)
[Address] EAT @explorer.exe (GetThemeBackgroundContentRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x745ECD2E)
[Address] EAT @explorer.exe (GetThemeBackgroundExtent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x745EF8BF)
[Address] EAT @explorer.exe (GetThemeBackgroundRegion) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x745F165D)
[Address] EAT @explorer.exe (GetThemeBitmap) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x745EBF93)
[Address] EAT @explorer.exe (GetThemeBool) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x745E7C1F)
[Address] EAT @explorer.exe (GetThemeColor) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x745E616C)
[Address] EAT @explorer.exe (GetThemeDocumentationProperty) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74612932)
[Address] EAT @explorer.exe (GetThemeEnumValue) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x745E616C)
[Address] EAT @explorer.exe (GetThemeFilename) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74612412)
[Address] EAT @explorer.exe (GetThemeFont) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x745EFF21)
[Address] EAT @explorer.exe (GetThemeInt) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x745E616C)
[Address] EAT @explorer.exe (GetThemeIntList) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746123B1)
[Address] EAT @explorer.exe (GetThemeMargins) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x745E86E9)
[Address] EAT @explorer.exe (GetThemeMetric) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x745F06E2)
[Address] EAT @explorer.exe (GetThemePartSize) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x745ECDB1)
[Address] EAT @explorer.exe (GetThemePosition) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74612350)
[Address] EAT @explorer.exe (GetThemePropertyOrigin) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74603FBB)
[Address] EAT @explorer.exe (GetThemeRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x745F3611)
[Address] EAT @explorer.exe (GetThemeStream) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x745F39D9)
[Address] EAT @explorer.exe (GetThemeString) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746122E4)
[Address] EAT @explorer.exe (GetThemeSysBool) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74613172)
[Address] EAT @explorer.exe (GetThemeSysColor) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74603274)
[Address] EAT @explorer.exe (GetThemeSysColorBrush) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7461301E)
[Address] EAT @explorer.exe (GetThemeSysFont) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x746129C4)
[Address] EAT @explorer.exe (GetThemeSysInt) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74612BD3)
[Address] EAT @explorer.exe (GetThemeSysSize) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7461320B)
[Address] EAT @explorer.exe (GetThemeSysString) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74612B3F)
[Address] EAT @explorer.exe (GetThemeTextExtent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x745E2D57)
[Address] EAT @explorer.exe (GetThemeTextMetrics) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x745EF992)
[Address] EAT @explorer.exe (GetThemeTransitionDuration) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x745F1081)
[Address] EAT @explorer.exe (GetWindowTheme) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x745EDF46)
[Address] EAT @explorer.exe (HitTestThemeBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x745F3CE3)
[Address] EAT @explorer.exe (IsAppThemed) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x745EF869)
[Address] EAT @explorer.exe (IsCompositionActive) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x745E2E9A)
[Address] EAT @explorer.exe (IsThemeActive) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x745EF785)
[Address] EAT @explorer.exe (IsThemeBackgroundPartiallyTransparent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x745E60AB)
[Address] EAT @explorer.exe (IsThemeDialogTextureEnabled) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7461312B)
[Address] EAT @explorer.exe (IsThemePartDefined) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x745E85B4)
[Address] EAT @explorer.exe (OpenThemeData) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x745E73D2)
[Address] EAT @explorer.exe (OpenThemeDataEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74603D43)
[Address] EAT @explorer.exe (SetThemeAppProperties) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74613296)
[Address] EAT @explorer.exe (SetWindowTheme) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x745F0134)
[Address] EAT @explorer.exe (SetWindowThemeAttribute) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x745FCFE6)
[Address] EAT @explorer.exe (ThemeInitApiHook) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x745EB176)
[Address] EAT @explorer.exe (UpdatePanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7461068D)
[Address] EAT @explorer.exe (DllGetClassObject) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417CF9D)
[Address] EAT @explorer.exe (IEnumString_Next_WIC_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417E000)
[Address] EAT @explorer.exe (IEnumString_Reset_WIC_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417E029)
[Address] EAT @explorer.exe (IPropertyBag2_Write_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417E049)
[Address] EAT @explorer.exe (IWICBitmapClipper_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417DD2A)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportAnimation_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417EA9A)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportLossless_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417EABD)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportMultiframe_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417EAE0)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetContainerFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417E9D3)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetDeviceManufacturer_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417E9F6)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetDeviceModels_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417EA1F)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetFileExtensions_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417EA71)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetMimeTypes_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417EA48)
[Address] EAT @explorer.exe (IWICBitmapDecoder_CopyPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417D845)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417E9AA)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetDecoderInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417D822)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetFrameCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417D9A2)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetFrame_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417D868)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetMetadataQueryReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417D8DA)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetPreview_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417DC74)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417E9D3)
[Address] EAT @explorer.exe (IWICBitmapEncoder_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417DC05)
[Address] EAT @explorer.exe (IWICBitmapEncoder_CreateNewFrame_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417DB87)
[Address] EAT @explorer.exe (IWICBitmapEncoder_GetEncoderInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417DB5E)
[Address] EAT @explorer.exe (IWICBitmapEncoder_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417D9A2)
[Address] EAT @explorer.exe (IWICBitmapEncoder_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417DB32)
[Address] EAT @explorer.exe (IWICBitmapEncoder_SetPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417DBDC)
[Address] EAT @explorer.exe (IWICBitmapEncoder_SetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417DBB3)
[Address] EAT @explorer.exe (IWICBitmapFlipRotator_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417DD2A)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417D88E)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetMetadataQueryReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417D8DA)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417D8B7)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417D9C5)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417EB03)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417DFB7)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417DB06)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417DA17)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetSize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417D9E5)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417DADD)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_WriteSource_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417DA71)
[Address] EAT @explorer.exe (IWICBitmapLock_GetDataPointer_STA_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417D7FC)
[Address] EAT @explorer.exe (IWICBitmapLock_GetStride_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417DC25)
[Address] EAT @explorer.exe (IWICBitmapScaler_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417DCFE)
[Address] EAT @explorer.exe (IWICBitmapSource_CopyPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417D822)
[Address] EAT @explorer.exe (IWICBitmapSource_CopyPixels_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417DC48)
[Address] EAT @explorer.exe (IWICBitmapSource_GetPixelFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417DC25)
[Address] EAT @explorer.exe (IWICBitmapSource_GetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417D7FC)
[Address] EAT @explorer.exe (IWICBitmapSource_GetSize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417D91D)
[Address] EAT @explorer.exe (IWICBitmap_Lock_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417E981)
[Address] EAT @explorer.exe (IWICBitmap_SetPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417DC74)
[Address] EAT @explorer.exe (IWICBitmap_SetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417DC97)
[Address] EAT @explorer.exe (IWICColorContext_InitializeFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417EB75)
[Address] EAT @explorer.exe (IWICComponentFactory_CreateMetadataWriterFromReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417D7AA)
[Address] EAT @explorer.exe (IWICComponentFactory_CreateQueryWriterFromBlockWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417D7D3)
[Address] EAT @explorer.exe (IWICComponentInfo_GetAuthor_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417E958)
[Address] EAT @explorer.exe (IWICComponentInfo_GetCLSID_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417DC25)
[Address] EAT @explorer.exe (IWICComponentInfo_GetFriendlyName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417E9AA)
[Address] EAT @explorer.exe (IWICComponentInfo_GetSpecVersion_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417D88E)
[Address] EAT @explorer.exe (IWICComponentInfo_GetVersion_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417E981)
[Address] EAT @explorer.exe (IWICFastMetadataEncoder_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417D8FD)
[Address] EAT @explorer.exe (IWICFastMetadataEncoder_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417DC25)
[Address] EAT @explorer.exe (IWICFormatConverter_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417DCC7)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapClipper_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417D557)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFlipRotator_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417D580)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromHBITMAP_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417D6BA)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromHICON_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417D6E6)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417D656)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromSource_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417D62D)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapScaler_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417D52E)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmap_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417D68B)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateComponentInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417D4D9)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromFileHandle_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417D4A1)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromFilename_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417D466)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417D42E)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateEncoder_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417D5D2)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFastMetadataEncoderFromDecoder_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417D70C)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFastMetadataEncoderFromFrameDecode_Prox>Ê) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417D732)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFormatConverter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417D505)
[Address] EAT @explorer.exe (IWICImagingFactory_CreatePalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417DADD)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateQueryWriterFromReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417D781)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417D758)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417D5A9)
[Address] EAT @explorer.exe (IWICMetadataBlockReader_GetCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417DC25)
[Address] EAT @explorer.exe (IWICMetadataBlockReader_GetReaderByIndex_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417D7FC)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetContainerFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417DFB7)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetEnumerator_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417D822)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetLocation_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417E049)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417D7FC)
[Address] EAT @explorer.exe (IWICMetadataQueryWriter_RemoveMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417D8DA)
[Address] EAT @explorer.exe (IWICMetadataQueryWriter_SetMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417DFDA)
[Address] EAT @explorer.exe (IWICPalette_GetColorCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417D96C)
[Address] EAT @explorer.exe (IWICPalette_GetColors_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417D88E)
[Address] EAT @explorer.exe (IWICPalette_GetType_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417D845)
[Address] EAT @explorer.exe (IWICPalette_HasAlpha_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417D9A2)
[Address] EAT @explorer.exe (IWICPalette_InitializeCustom_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417EB75)
[Address] EAT @explorer.exe (IWICPalette_InitializeFromBitmap_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417D943)
[Address] EAT @explorer.exe (IWICPalette_InitializeFromPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417D822)
[Address] EAT @explorer.exe (IWICPalette_InitializePredefined_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417D91D)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetBitsPerPixel_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417EB03)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetChannelCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417DD50)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetChannelMask_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417EB26)
[Address] EAT @explorer.exe (IWICStream_InitializeFromIStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417DD50)
[Address] EAT @explorer.exe (IWICStream_InitializeFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417DD73)
[Address] EAT @explorer.exe (WICConvertBitmapSource) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417DDB8)
[Address] EAT @explorer.exe (WICCreateBitmapFromSection) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417DF8D)
[Address] EAT @explorer.exe (WICCreateBitmapFromSectionEx) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417DE8C)
[Address] EAT @explorer.exe (WICCreateColorContext_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417EB52)
[Address] EAT @explorer.exe (WICCreateImagingFactory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417D02B)
[Address] EAT @explorer.exe (WICGetMetadataContentSize) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417E61D)
[Address] EAT @explorer.exe (WICMapGuidToShortName) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417D0EC)
[Address] EAT @explorer.exe (WICMapSchemaToName) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417D2E0)
[Address] EAT @explorer.exe (WICMapShortNameToGuid) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417D217)
[Address] EAT @explorer.exe (WICMatchMetadataContent) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417E072)
[Address] EAT @explorer.exe (WICSerializeMetadataContent) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417E1B4)
[Address] EAT @explorer.exe (WICSetEncoderFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7417DD99)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD800JB-00JJA0 ATA Device +++++
--- User ---
[MBR] ac2f17d530c3f24ed0e6bcba3e533331
[BSP] 2c3fd9afef49606bb390baf270ef5165 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 76217 MB
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_03292014_233507.txt >>

Tak snad to je všechno to, co potrebujes

Re: Prosím o kontrolu, problém s "mncpags.exe"

Napsal: 30 bře 2014 09:19
od Orcus
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "

- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje "Smazání- Finished "
- Klikni na "Zprávy " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

====================================================

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Pokud se log nevejde do jedné zprávy, rozděl jej na více částí.

Re: Prosím o kontrolu, problém s "mncpags.exe"

Napsal: 30 bře 2014 12:30
od Player1
RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Admin [Práva správce]
Mód : Odebrat -- Datum : 03/30/2014 12:06:38
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 4 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] EAT @explorer.exe (BeginBufferedAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749009AE)
[Address] EAT @explorer.exe (BeginBufferedPaint) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748F49A1)
[Address] EAT @explorer.exe (BeginPanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74920731)
[Address] EAT @explorer.exe (BufferedPaintClear) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748F6395)
[Address] EAT @explorer.exe (BufferedPaintInit) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748F940E)
[Address] EAT @explorer.exe (BufferedPaintRenderAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749008ED)
[Address] EAT @explorer.exe (BufferedPaintSetAlpha) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7490E6B3)
[Address] EAT @explorer.exe (BufferedPaintStopAllAnimations) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7490D395)
[Address] EAT @explorer.exe (BufferedPaintUnInit) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748F94AB)
[Address] EAT @explorer.exe (CloseThemeData) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748F6A18)
[Address] EAT @explorer.exe (DrawThemeBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748F3982)
[Address] EAT @explorer.exe (DrawThemeBackgroundEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7490D9DA)
[Address] EAT @explorer.exe (DrawThemeEdge) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74913B52)
[Address] EAT @explorer.exe (DrawThemeIcon) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749235E7)
[Address] EAT @explorer.exe (DrawThemeParentBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748F53E5)
[Address] EAT @explorer.exe (DrawThemeParentBackgroundEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748F51BF)
[Address] EAT @explorer.exe (DrawThemeText) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748F4EA1)
[Address] EAT @explorer.exe (DrawThemeTextEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748F63E6)
[Address] EAT @explorer.exe (EnableThemeDialogTexture) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748FFCAF)
[Address] EAT @explorer.exe (EnableTheming) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74922FEB)
[Address] EAT @explorer.exe (EndBufferedAnimation) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748F3F9A)
[Address] EAT @explorer.exe (EndBufferedPaint) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748F3F9A)
[Address] EAT @explorer.exe (EndPanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749206CC)
[Address] EAT @explorer.exe (GetBufferedPaintBits) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748F4BAF)
[Address] EAT @explorer.exe (GetBufferedPaintDC) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749004BC)
[Address] EAT @explorer.exe (GetBufferedPaintTargetDC) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74900473)
[Address] EAT @explorer.exe (GetBufferedPaintTargetRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74922E7F)
[Address] EAT @explorer.exe (GetCurrentThemeName) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749005DD)
[Address] EAT @explorer.exe (GetThemeAppProperties) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74900FB1)
[Address] EAT @explorer.exe (GetThemeBackgroundContentRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748FCD2E)
[Address] EAT @explorer.exe (GetThemeBackgroundExtent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748FF8BF)
[Address] EAT @explorer.exe (GetThemeBackgroundRegion) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7490165D)
[Address] EAT @explorer.exe (GetThemeBitmap) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748FBF93)
[Address] EAT @explorer.exe (GetThemeBool) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748F7C1F)
[Address] EAT @explorer.exe (GetThemeColor) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748F616C)
[Address] EAT @explorer.exe (GetThemeDocumentationProperty) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74922932)
[Address] EAT @explorer.exe (GetThemeEnumValue) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748F616C)
[Address] EAT @explorer.exe (GetThemeFilename) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74922412)
[Address] EAT @explorer.exe (GetThemeFont) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748FFF21)
[Address] EAT @explorer.exe (GetThemeInt) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748F616C)
[Address] EAT @explorer.exe (GetThemeIntList) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749223B1)
[Address] EAT @explorer.exe (GetThemeMargins) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748F86E9)
[Address] EAT @explorer.exe (GetThemeMetric) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749006E2)
[Address] EAT @explorer.exe (GetThemePartSize) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748FCDB1)
[Address] EAT @explorer.exe (GetThemePosition) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74922350)
[Address] EAT @explorer.exe (GetThemePropertyOrigin) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74913FBB)
[Address] EAT @explorer.exe (GetThemeRect) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74903611)
[Address] EAT @explorer.exe (GetThemeStream) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749039D9)
[Address] EAT @explorer.exe (GetThemeString) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749222E4)
[Address] EAT @explorer.exe (GetThemeSysBool) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74923172)
[Address] EAT @explorer.exe (GetThemeSysColor) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74913274)
[Address] EAT @explorer.exe (GetThemeSysColorBrush) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7492301E)
[Address] EAT @explorer.exe (GetThemeSysFont) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749229C4)
[Address] EAT @explorer.exe (GetThemeSysInt) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74922BD3)
[Address] EAT @explorer.exe (GetThemeSysSize) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7492320B)
[Address] EAT @explorer.exe (GetThemeSysString) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74922B3F)
[Address] EAT @explorer.exe (GetThemeTextExtent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748F2D57)
[Address] EAT @explorer.exe (GetThemeTextMetrics) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748FF992)
[Address] EAT @explorer.exe (GetThemeTransitionDuration) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74901081)
[Address] EAT @explorer.exe (GetWindowTheme) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748FDF46)
[Address] EAT @explorer.exe (HitTestThemeBackground) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74903CE3)
[Address] EAT @explorer.exe (IsAppThemed) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748FF869)
[Address] EAT @explorer.exe (IsCompositionActive) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748F2E9A)
[Address] EAT @explorer.exe (IsThemeActive) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748FF785)
[Address] EAT @explorer.exe (IsThemeBackgroundPartiallyTransparent) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748F60AB)
[Address] EAT @explorer.exe (IsThemeDialogTextureEnabled) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7492312B)
[Address] EAT @explorer.exe (IsThemePartDefined) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748F85B4)
[Address] EAT @explorer.exe (OpenThemeData) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748F73D2)
[Address] EAT @explorer.exe (OpenThemeDataEx) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74913D43)
[Address] EAT @explorer.exe (SetThemeAppProperties) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74923296)
[Address] EAT @explorer.exe (SetWindowTheme) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74900134)
[Address] EAT @explorer.exe (SetWindowThemeAttribute) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7490CFE6)
[Address] EAT @explorer.exe (ThemeInitApiHook) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748FB176)
[Address] EAT @explorer.exe (UpdatePanningFeedback) : PROPSYS.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7492068D)
[Address] EAT @explorer.exe (DllGetClassObject) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448CF9D)
[Address] EAT @explorer.exe (IEnumString_Next_WIC_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448E000)
[Address] EAT @explorer.exe (IEnumString_Reset_WIC_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448E029)
[Address] EAT @explorer.exe (IPropertyBag2_Write_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448E049)
[Address] EAT @explorer.exe (IWICBitmapClipper_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448DD2A)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportAnimation_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448EA9A)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportLossless_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448EABD)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportMultiframe_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448EAE0)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetContainerFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448E9D3)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetDeviceManufacturer_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448E9F6)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetDeviceModels_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448EA1F)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetFileExtensions_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448EA71)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetMimeTypes_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448EA48)
[Address] EAT @explorer.exe (IWICBitmapDecoder_CopyPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448D845)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448E9AA)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetDecoderInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448D822)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetFrameCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448D9A2)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetFrame_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448D868)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetMetadataQueryReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448D8DA)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetPreview_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448DC74)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448E9D3)
[Address] EAT @explorer.exe (IWICBitmapEncoder_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448DC05)
[Address] EAT @explorer.exe (IWICBitmapEncoder_CreateNewFrame_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448DB87)
[Address] EAT @explorer.exe (IWICBitmapEncoder_GetEncoderInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448DB5E)
[Address] EAT @explorer.exe (IWICBitmapEncoder_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448D9A2)
[Address] EAT @explorer.exe (IWICBitmapEncoder_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448DB32)
[Address] EAT @explorer.exe (IWICBitmapEncoder_SetPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448DBDC)
[Address] EAT @explorer.exe (IWICBitmapEncoder_SetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448DBB3)
[Address] EAT @explorer.exe (IWICBitmapFlipRotator_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448DD2A)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448D88E)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetMetadataQueryReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448D8DA)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448D8B7)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448D9C5)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448EB03)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448DFB7)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetColorContexts_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448DB06)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448DA17)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetSize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448D9E5)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetThumbnail_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448DADD)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_WriteSource_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448DA71)
[Address] EAT @explorer.exe (IWICBitmapLock_GetDataPointer_STA_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448D7FC)
[Address] EAT @explorer.exe (IWICBitmapLock_GetStride_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448DC25)
[Address] EAT @explorer.exe (IWICBitmapScaler_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448DCFE)
[Address] EAT @explorer.exe (IWICBitmapSource_CopyPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448D822)
[Address] EAT @explorer.exe (IWICBitmapSource_CopyPixels_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448DC48)
[Address] EAT @explorer.exe (IWICBitmapSource_GetPixelFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448DC25)
[Address] EAT @explorer.exe (IWICBitmapSource_GetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448D7FC)
[Address] EAT @explorer.exe (IWICBitmapSource_GetSize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448D91D)
[Address] EAT @explorer.exe (IWICBitmap_Lock_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448E981)
[Address] EAT @explorer.exe (IWICBitmap_SetPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448DC74)
[Address] EAT @explorer.exe (IWICBitmap_SetResolution_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448DC97)
[Address] EAT @explorer.exe (IWICColorContext_InitializeFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448EB75)
[Address] EAT @explorer.exe (IWICComponentFactory_CreateMetadataWriterFromReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448D7AA)
[Address] EAT @explorer.exe (IWICComponentFactory_CreateQueryWriterFromBlockWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448D7D3)
[Address] EAT @explorer.exe (IWICComponentInfo_GetAuthor_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448E958)
[Address] EAT @explorer.exe (IWICComponentInfo_GetCLSID_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448DC25)
[Address] EAT @explorer.exe (IWICComponentInfo_GetFriendlyName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448E9AA)
[Address] EAT @explorer.exe (IWICComponentInfo_GetSpecVersion_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448D88E)
[Address] EAT @explorer.exe (IWICComponentInfo_GetVersion_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448E981)
[Address] EAT @explorer.exe (IWICFastMetadataEncoder_Commit_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448D8FD)
[Address] EAT @explorer.exe (IWICFastMetadataEncoder_GetMetadataQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448DC25)
[Address] EAT @explorer.exe (IWICFormatConverter_Initialize_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448DCC7)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapClipper_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448D557)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFlipRotator_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448D580)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromHBITMAP_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448D6BA)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromHICON_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448D6E6)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448D656)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromSource_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448D62D)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapScaler_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448D52E)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmap_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448D68B)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateComponentInfo_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448D4D9)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromFileHandle_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448D4A1)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromFilename_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448D466)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448D42E)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateEncoder_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448D5D2)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFastMetadataEncoderFromDecoder_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448D70C)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFastMetadataEncoderFromFrameDecode_Prox)È«¬@—aø"9) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448D732)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFormatConverter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448D505)
[Address] EAT @explorer.exe (IWICImagingFactory_CreatePalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448DADD)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateQueryWriterFromReader_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448D781)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateQueryWriter_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448D758)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448D5A9)
[Address] EAT @explorer.exe (IWICMetadataBlockReader_GetCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448DC25)
[Address] EAT @explorer.exe (IWICMetadataBlockReader_GetReaderByIndex_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448D7FC)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetContainerFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448DFB7)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetEnumerator_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448D822)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetLocation_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448E049)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448D7FC)
[Address] EAT @explorer.exe (IWICMetadataQueryWriter_RemoveMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448D8DA)
[Address] EAT @explorer.exe (IWICMetadataQueryWriter_SetMetadataByName_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448DFDA)
[Address] EAT @explorer.exe (IWICPalette_GetColorCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448D96C)
[Address] EAT @explorer.exe (IWICPalette_GetColors_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448D88E)
[Address] EAT @explorer.exe (IWICPalette_GetType_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448D845)
[Address] EAT @explorer.exe (IWICPalette_HasAlpha_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448D9A2)
[Address] EAT @explorer.exe (IWICPalette_InitializeCustom_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448EB75)
[Address] EAT @explorer.exe (IWICPalette_InitializeFromBitmap_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448D943)
[Address] EAT @explorer.exe (IWICPalette_InitializeFromPalette_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448D822)
[Address] EAT @explorer.exe (IWICPalette_InitializePredefined_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448D91D)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetBitsPerPixel_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448EB03)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetChannelCount_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448DD50)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetChannelMask_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448EB26)
[Address] EAT @explorer.exe (IWICStream_InitializeFromIStream_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448DD50)
[Address] EAT @explorer.exe (IWICStream_InitializeFromMemory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448DD73)
[Address] EAT @explorer.exe (WICConvertBitmapSource) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448DDB8)
[Address] EAT @explorer.exe (WICCreateBitmapFromSection) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448DF8D)
[Address] EAT @explorer.exe (WICCreateBitmapFromSectionEx) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448DE8C)
[Address] EAT @explorer.exe (WICCreateColorContext_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448EB52)
[Address] EAT @explorer.exe (WICCreateImagingFactory_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448D02B)
[Address] EAT @explorer.exe (WICGetMetadataContentSize) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448E61D)
[Address] EAT @explorer.exe (WICMapGuidToShortName) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448D0EC)
[Address] EAT @explorer.exe (WICMapSchemaToName) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448D2E0)
[Address] EAT @explorer.exe (WICMapShortNameToGuid) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448D217)
[Address] EAT @explorer.exe (WICMatchMetadataContent) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448E072)
[Address] EAT @explorer.exe (WICSerializeMetadataContent) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448E1B4)
[Address] EAT @explorer.exe (WICSetEncoderFormat_Proxy) : XmlLite.dll -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x7448DD99)
[Address] EAT @firefox.exe (BeginBufferedAnimation) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749009AE)
[Address] EAT @firefox.exe (BeginBufferedPaint) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748F49A1)
[Address] EAT @firefox.exe (BeginPanningFeedback) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74920731)
[Address] EAT @firefox.exe (BufferedPaintClear) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748F6395)
[Address] EAT @firefox.exe (BufferedPaintInit) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748F940E)
[Address] EAT @firefox.exe (BufferedPaintRenderAnimation) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749008ED)
[Address] EAT @firefox.exe (BufferedPaintSetAlpha) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7490E6B3)
[Address] EAT @firefox.exe (BufferedPaintStopAllAnimations) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7490D395)
[Address] EAT @firefox.exe (BufferedPaintUnInit) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748F94AB)
[Address] EAT @firefox.exe (CloseThemeData) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748F6A18)
[Address] EAT @firefox.exe (DrawThemeBackground) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748F3982)
[Address] EAT @firefox.exe (DrawThemeBackgroundEx) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7490D9DA)
[Address] EAT @firefox.exe (DrawThemeEdge) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74913B52)
[Address] EAT @firefox.exe (DrawThemeIcon) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749235E7)
[Address] EAT @firefox.exe (DrawThemeParentBackground) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748F53E5)
[Address] EAT @firefox.exe (DrawThemeParentBackgroundEx) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748F51BF)
[Address] EAT @firefox.exe (DrawThemeText) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748F4EA1)
[Address] EAT @firefox.exe (DrawThemeTextEx) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748F63E6)
[Address] EAT @firefox.exe (EnableThemeDialogTexture) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748FFCAF)
[Address] EAT @firefox.exe (EnableTheming) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74922FEB)
[Address] EAT @firefox.exe (EndBufferedAnimation) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748F3F9A)
[Address] EAT @firefox.exe (EndBufferedPaint) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748F3F9A)
[Address] EAT @firefox.exe (EndPanningFeedback) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749206CC)
[Address] EAT @firefox.exe (GetBufferedPaintBits) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748F4BAF)
[Address] EAT @firefox.exe (GetBufferedPaintDC) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749004BC)
[Address] EAT @firefox.exe (GetBufferedPaintTargetDC) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74900473)
[Address] EAT @firefox.exe (GetBufferedPaintTargetRect) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74922E7F)
[Address] EAT @firefox.exe (GetCurrentThemeName) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749005DD)
[Address] EAT @firefox.exe (GetThemeAppProperties) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74900FB1)
[Address] EAT @firefox.exe (GetThemeBackgroundContentRect) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748FCD2E)
[Address] EAT @firefox.exe (GetThemeBackgroundExtent) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748FF8BF)
[Address] EAT @firefox.exe (GetThemeBackgroundRegion) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7490165D)
[Address] EAT @firefox.exe (GetThemeBitmap) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748FBF93)
[Address] EAT @firefox.exe (GetThemeBool) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748F7C1F)
[Address] EAT @firefox.exe (GetThemeColor) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748F616C)
[Address] EAT @firefox.exe (GetThemeDocumentationProperty) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74922932)
[Address] EAT @firefox.exe (GetThemeEnumValue) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748F616C)
[Address] EAT @firefox.exe (GetThemeFilename) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74922412)
[Address] EAT @firefox.exe (GetThemeFont) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748FFF21)
[Address] EAT @firefox.exe (GetThemeInt) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748F616C)
[Address] EAT @firefox.exe (GetThemeIntList) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749223B1)
[Address] EAT @firefox.exe (GetThemeMargins) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748F86E9)
[Address] EAT @firefox.exe (GetThemeMetric) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749006E2)
[Address] EAT @firefox.exe (GetThemePartSize) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748FCDB1)
[Address] EAT @firefox.exe (GetThemePosition) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74922350)
[Address] EAT @firefox.exe (GetThemePropertyOrigin) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74913FBB)
[Address] EAT @firefox.exe (GetThemeRect) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74903611)
[Address] EAT @firefox.exe (GetThemeStream) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749039D9)
[Address] EAT @firefox.exe (GetThemeString) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749222E4)
[Address] EAT @firefox.exe (GetThemeSysBool) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74923172)
[Address] EAT @firefox.exe (GetThemeSysColor) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74913274)
[Address] EAT @firefox.exe (GetThemeSysColorBrush) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7492301E)
[Address] EAT @firefox.exe (GetThemeSysFont) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x749229C4)
[Address] EAT @firefox.exe (GetThemeSysInt) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74922BD3)
[Address] EAT @firefox.exe (GetThemeSysSize) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7492320B)
[Address] EAT @firefox.exe (GetThemeSysString) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74922B3F)
[Address] EAT @firefox.exe (GetThemeTextExtent) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748F2D57)
[Address] EAT @firefox.exe (GetThemeTextMetrics) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748FF992)
[Address] EAT @firefox.exe (GetThemeTransitionDuration) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74901081)
[Address] EAT @firefox.exe (GetWindowTheme) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748FDF46)
[Address] EAT @firefox.exe (HitTestThemeBackground) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74903CE3)
[Address] EAT @firefox.exe (IsAppThemed) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748FF869)
[Address] EAT @firefox.exe (IsCompositionActive) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748F2E9A)
[Address] EAT @firefox.exe (IsThemeActive) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748FF785)
[Address] EAT @firefox.exe (IsThemeBackgroundPartiallyTransparent) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748F60AB)
[Address] EAT @firefox.exe (IsThemeDialogTextureEnabled) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7492312B)
[Address] EAT @firefox.exe (IsThemePartDefined) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748F85B4)
[Address] EAT @firefox.exe (OpenThemeData) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748F73D2)
[Address] EAT @firefox.exe (OpenThemeDataEx) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74913D43)
[Address] EAT @firefox.exe (SetThemeAppProperties) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74923296)
[Address] EAT @firefox.exe (SetWindowTheme) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x74900134)
[Address] EAT @firefox.exe (SetWindowThemeAttribute) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7490CFE6)
[Address] EAT @firefox.exe (ThemeInitApiHook) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x748FB176)
[Address] EAT @firefox.exe (UpdatePanningFeedback) : propsys.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x7492068D)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD800JB-00JJA0 ATA Device +++++
--- User ---
[MBR] ac2f17d530c3f24ed0e6bcba3e533331
[BSP] 2c3fd9afef49606bb390baf270ef5165 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 76217 MB
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_03302014_120638.txt >>
RKreport[0]_S_03292014_233507.txt;RKreport[0]_S_03302014_120600.txt

Re: Prosím o kontrolu, problém s "mncpags.exe"

Napsal: 30 bře 2014 12:32
od Player1
1 ze 2


12:19:02.0626 0760 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
12:19:09.0927 0760 Perform update action was selected
12:19:09.0927 3612 Deinitialize succes



12:20:44.0125 0x02b4 TDSS rootkit removing tool 3.0.0.26 Mar 24 2014 07:28:43
12:20:49.0398 0x02b4 ============================================================
12:20:49.0398 0x02b4 Current date / time: 2014/03/30 12:20:49.0398
12:20:49.0398 0x02b4 SystemInfo:
12:20:49.0398 0x02b4
12:20:49.0398 0x02b4 OS Version: 6.1.7601 ServicePack: 1.0
12:20:49.0398 0x02b4 Product type: Workstation
12:20:49.0398 0x02b4 ComputerName: ADMIN-PC
12:20:49.0398 0x02b4 UserName: Admin
12:20:49.0398 0x02b4 Windows directory: C:\Windows
12:20:49.0398 0x02b4 System windows directory: C:\Windows
12:20:49.0398 0x02b4 Processor architecture: Intel x86
12:20:49.0398 0x02b4 Number of processors: 2
12:20:49.0398 0x02b4 Page size: 0x1000
12:20:49.0398 0x02b4 Boot type: Normal boot
12:20:49.0398 0x02b4 ============================================================
12:20:51.0426 0x02b4 KLMD registered as C:\Windows\system32\drivers\16918411.sys
12:20:51.0769 0x02b4 System UUID: {E365AB6E-D66A-A3AA-CD95-BE75B891547F}
12:20:52.0690 0x02b4 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x8F74, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000050
12:20:52.0690 0x02b4 ============================================================
12:20:52.0690 0x02b4 \Device\Harddisk0\DR0:
12:20:52.0690 0x02b4 MBR partitions:
12:20:52.0690 0x02b4 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
12:20:52.0690 0x02b4 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x94DC800
12:20:52.0690 0x02b4 ============================================================
12:20:52.0705 0x02b4 C: <-> \Device\Harddisk0\DR0\Partition2
12:20:52.0705 0x02b4 ============================================================
12:20:52.0705 0x02b4 Initialize success
12:20:52.0705 0x02b4 ============================================================
12:20:55.0950 0x0578 ============================================================
12:20:55.0950 0x0578 Scan started
12:20:55.0950 0x0578 Mode: Manual;
12:20:55.0950 0x0578 ============================================================
12:20:55.0950 0x0578 KSN ping started
12:20:58.0649 0x0578 KSN ping finished: true
12:20:59.0164 0x0578 ================ Scan system memory ========================
12:20:59.0164 0x0578 System memory - ok
12:20:59.0164 0x0578 ================ Scan services =============================
12:20:59.0320 0x0578 [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:20:59.0320 0x0578 1394ohci - ok
12:20:59.0444 0x0578 [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:20:59.0460 0x0578 ACPI - ok
12:20:59.0491 0x0578 [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:20:59.0491 0x0578 AcpiPmi - ok
12:20:59.0554 0x0578 [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
12:20:59.0585 0x0578 adp94xx - ok
12:20:59.0600 0x0578 [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
12:20:59.0600 0x0578 adpahci - ok
12:20:59.0616 0x0578 [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
12:20:59.0616 0x0578 adpu320 - ok
12:20:59.0647 0x0578 [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:20:59.0647 0x0578 AeLookupSvc - ok
12:20:59.0710 0x0578 [ F81BB7E487EDCEAB630A7EE66CF23913, 7D1638FD7E388EF670FA0A421762E0413351058A20DDF0F9988A383F05395A68 ] AFD C:\Windows\system32\drivers\afd.sys
12:20:59.0710 0x0578 AFD - ok
12:20:59.0741 0x0578 [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\drivers\agp440.sys
12:20:59.0741 0x0578 agp440 - ok
12:20:59.0772 0x0578 [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
12:20:59.0788 0x0578 aic78xx - ok
12:20:59.0803 0x0578 [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe
12:20:59.0803 0x0578 ALG - ok
12:20:59.0850 0x0578 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\drivers\aliide.sys
12:20:59.0850 0x0578 aliide - ok
12:20:59.0897 0x0578 [ EB7C2F213A219CA9CF807B6888186070, 710F4F6370984B093CFCE8BC517DC6B9ADBB14E7D123DF89F400FE7D0F2BCBF0 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
12:20:59.0912 0x0578 AMD External Events Utility - ok
12:20:59.0944 0x0578 [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
12:20:59.0944 0x0578 amdagp - ok
12:20:59.0975 0x0578 [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\drivers\amdide.sys
12:20:59.0975 0x0578 amdide - ok
12:20:59.0990 0x0578 [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
12:20:59.0990 0x0578 AmdK8 - ok
12:21:00.0396 0x0578 [ 92D358D9E637F4BF4C2F87CF0B85B494, 3D6CAC4E0B58B2EAA0A7307C3DA4008D67ABA91AA03672197FCDE33148B83241 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
12:21:00.0536 0x0578 amdkmdag - ok
12:21:00.0599 0x0578 [ 6DC621388E76DC43D8558A20603B5A9E, B9687D90350711127715FA78093BED452D571DFB5C71C28B082AB03AAE75D9E7 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
12:21:00.0599 0x0578 amdkmdap - ok
12:21:00.0599 0x0578 [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
12:21:00.0614 0x0578 AmdPPM - ok
12:21:00.0646 0x0578 [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:21:00.0646 0x0578 amdsata - ok
12:21:00.0677 0x0578 [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
12:21:00.0677 0x0578 amdsbs - ok
12:21:00.0692 0x0578 [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:21:00.0692 0x0578 amdxata - ok
12:21:00.0739 0x0578 [ AEA177F783E20150ACE5383EE368DA19, 8FA9EE27AA1F22E8B8FE33A21028CA1E0062BAA95CB132C20D55B98C03B4254F ] AppID C:\Windows\system32\drivers\appid.sys
12:21:00.0739 0x0578 AppID - ok
12:21:00.0786 0x0578 [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:21:00.0786 0x0578 AppIDSvc - ok
12:21:00.0817 0x0578 [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo C:\Windows\System32\appinfo.dll
12:21:00.0817 0x0578 Appinfo - ok
12:21:00.0864 0x0578 [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt C:\Windows\System32\appmgmts.dll
12:21:00.0864 0x0578 AppMgmt - ok
12:21:00.0880 0x0578 [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\DRIVERS\arc.sys
12:21:00.0895 0x0578 arc - ok
12:21:00.0895 0x0578 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
12:21:00.0895 0x0578 arcsas - ok
12:21:00.0926 0x0578 [ 2B4E66FAC6503494A2C6F32BB6AB3826, 923EBBE8111E73D5B8ECC2DB10F8EA2629A3264C3A535D01C3C118A3B4C91782 ] AsIO C:\Windows\system32\drivers\AsIO.sys
12:21:00.0926 0x0578 AsIO - ok
12:21:01.0004 0x0578 [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
12:21:01.0051 0x0578 aspnet_state - ok
12:21:01.0067 0x0578 [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:21:01.0067 0x0578 AsyncMac - ok
12:21:01.0114 0x0578 [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\drivers\atapi.sys
12:21:01.0114 0x0578 atapi - ok
12:21:01.0160 0x0578 [ 434192D027A6A11E32E1C74C7C43E1ED, EA4A981B42EC16C2457D80218E94D7B339E05629A028ED5A011D8C7C1039BFD2 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW73.sys
12:21:01.0160 0x0578 AtiHDAudioService - ok
12:21:01.0223 0x0578 [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:21:01.0223 0x0578 AudioEndpointBuilder - ok
12:21:01.0254 0x0578 [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] Audiosrv C:\Windows\System32\Audiosrv.dll
12:21:01.0270 0x0578 Audiosrv - ok
12:21:01.0301 0x0578 [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:21:01.0301 0x0578 AxInstSV - ok
12:21:01.0348 0x0578 [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
12:21:01.0379 0x0578 b06bdrv - ok
12:21:01.0426 0x0578 [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
12:21:01.0426 0x0578 b57nd60x - ok
12:21:01.0457 0x0578 [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll
12:21:01.0457 0x0578 BDESVC - ok
12:21:01.0472 0x0578 [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys
12:21:01.0472 0x0578 Beep - ok
12:21:01.0535 0x0578 [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\Windows\System32\bfe.dll
12:21:01.0550 0x0578 BFE - ok
12:21:01.0597 0x0578 [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\Windows\System32\qmgr.dll
12:21:01.0613 0x0578 BITS - ok
12:21:01.0628 0x0578 [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:21:01.0628 0x0578 blbdrive - ok
12:21:01.0660 0x0578 [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:21:01.0660 0x0578 bowser - ok
12:21:01.0660 0x0578 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:21:01.0660 0x0578 BrFiltLo - ok
12:21:01.0675 0x0578 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:21:01.0675 0x0578 BrFiltUp - ok
12:21:01.0706 0x0578 [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser C:\Windows\System32\browser.dll
12:21:01.0706 0x0578 Browser - ok
12:21:01.0738 0x0578 [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:21:01.0753 0x0578 Brserid - ok
12:21:01.0753 0x0578 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:21:01.0753 0x0578 BrSerWdm - ok
12:21:01.0769 0x0578 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:21:01.0769 0x0578 BrUsbMdm - ok
12:21:01.0769 0x0578 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:21:01.0769 0x0578 BrUsbSer - ok
12:21:01.0769 0x0578 [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
12:21:01.0769 0x0578 BTHMODEM - ok
12:21:01.0816 0x0578 [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll
12:21:01.0816 0x0578 bthserv - ok
12:21:01.0831 0x0578 [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:21:01.0831 0x0578 cdfs - ok
12:21:01.0878 0x0578 [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:21:01.0878 0x0578 cdrom - ok
12:21:01.0925 0x0578 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\Windows\System32\certprop.dll
12:21:01.0925 0x0578 CertPropSvc - ok
12:21:01.0956 0x0578 [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
12:21:01.0956 0x0578 circlass - ok
12:21:01.0987 0x0578 [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS C:\Windows\system32\CLFS.sys
12:21:02.0003 0x0578 CLFS - ok
12:21:02.0050 0x0578 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:21:02.0050 0x0578 clr_optimization_v2.0.50727_32 - ok
12:21:02.0112 0x0578 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:21:02.0190 0x0578 clr_optimization_v4.0.30319_32 - ok
12:21:02.0190 0x0578 [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:21:02.0206 0x0578 CmBatt - ok
12:21:02.0221 0x0578 [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:21:02.0221 0x0578 cmdide - ok
12:21:02.0268 0x0578 [ 85449EEBE8F8EBD6481EFBF0F352B4EB, E6FF04970C5A5BFDE7297A86C1C7B9BFE2E0F976A1A1AFB874CEB488DC6151CC ] CNG C:\Windows\system32\Drivers\cng.sys
12:21:02.0268 0x0578 CNG - ok
12:21:02.0284 0x0578 [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
12:21:02.0284 0x0578 Compbatt - ok
12:21:02.0330 0x0578 [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
12:21:02.0330 0x0578 CompositeBus - ok
12:21:02.0346 0x0578 COMSysApp - ok
12:21:02.0362 0x0578 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
12:21:02.0362 0x0578 crcdisk - ok
12:21:02.0424 0x0578 [ 7CA1BECEA5DE2643ADDAD32670E7A4C9, E3AB4CC52A97E3855D7EAB87363F807FDD2162ED8C76A036CD71549ED64E7797 ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:21:02.0424 0x0578 CryptSvc - ok
12:21:02.0455 0x0578 [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC C:\Windows\system32\drivers\csc.sys
12:21:02.0471 0x0578 CSC - ok
12:21:02.0518 0x0578 [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService C:\Windows\System32\cscsvc.dll
12:21:02.0533 0x0578 CscService - ok
12:21:02.0564 0x0578 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch C:\Windows\system32\rpcss.dll
12:21:02.0580 0x0578 DcomLaunch - ok
12:21:02.0611 0x0578 [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll
12:21:02.0627 0x0578 defragsvc - ok
12:21:02.0674 0x0578 [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:21:02.0674 0x0578 DfsC - ok
12:21:02.0720 0x0578 [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\Windows\system32\dhcpcore.dll
12:21:02.0720 0x0578 Dhcp - ok
12:21:02.0752 0x0578 [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys
12:21:02.0752 0x0578 discache - ok
12:21:02.0783 0x0578 [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\Windows\system32\DRIVERS\disk.sys
12:21:02.0783 0x0578 Disk - ok
12:21:02.0798 0x0578 [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:21:02.0798 0x0578 Dnscache - ok
12:21:02.0845 0x0578 [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\Windows\System32\dot3svc.dll
12:21:02.0861 0x0578 dot3svc - ok
12:21:02.0908 0x0578 [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\Windows\system32\dps.dll
12:21:02.0923 0x0578 DPS - ok
12:21:02.0954 0x0578 [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:21:02.0954 0x0578 drmkaud - ok
12:21:03.0001 0x0578 [ 00C161B3D20AE0F9C7C3C0EB53AB7155, 38FE83B482FA580B292F7DFC8B372C78AECD6FF53EC41EB7BF4A2461827CDD64 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
12:21:03.0017 0x0578 dtsoftbus01 - ok
12:21:03.0064 0x0578 [ 71BC35067CABC02C9453AEAA42B2E43E, 713B19F2C08EA5E4C087F7A74A8856932CF33E19D63384823DD4E02ED8798619 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:21:03.0079 0x0578 DXGKrnl - ok
12:21:03.0110 0x0578 [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll
12:21:03.0110 0x0578 EapHost - ok
12:21:03.0251 0x0578 [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
12:21:03.0329 0x0578 ebdrv - ok
12:21:03.0376 0x0578 [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] EFS C:\Windows\System32\lsass.exe
12:21:03.0376 0x0578 EFS - ok
12:21:03.0438 0x0578 [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:21:03.0469 0x0578 ehRecvr - ok
12:21:03.0500 0x0578 [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\Windows\ehome\ehsched.exe
12:21:03.0500 0x0578 ehSched - ok
12:21:03.0547 0x0578 [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
12:21:03.0563 0x0578 elxstor - ok
12:21:03.0594 0x0578 [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:21:03.0594 0x0578 ErrDev - ok
12:21:03.0625 0x0578 [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll
12:21:03.0625 0x0578 EventSystem - ok
12:21:03.0656 0x0578 [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys
12:21:03.0656 0x0578 exfat - ok
12:21:03.0672 0x0578 [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:21:03.0672 0x0578 fastfat - ok
12:21:03.0734 0x0578 [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\Windows\system32\fxssvc.exe
12:21:03.0766 0x0578 Fax - ok
12:21:03.0766 0x0578 [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:21:03.0766 0x0578 fdc - ok
12:21:03.0781 0x0578 [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll
12:21:03.0797 0x0578 fdPHost - ok
12:21:03.0797 0x0578 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll
12:21:03.0797 0x0578 FDResPub - ok
12:21:03.0812 0x0578 [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:21:03.0828 0x0578 FileInfo - ok
12:21:03.0828 0x0578 [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:21:03.0828 0x0578 Filetrace - ok
12:21:03.0844 0x0578 [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:21:03.0859 0x0578 flpydisk - ok
12:21:03.0890 0x0578 [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:21:03.0890 0x0578 FltMgr - ok
12:21:03.0968 0x0578 [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache C:\Windows\system32\FntCache.dll
12:21:03.0984 0x0578 FontCache - ok
12:21:04.0062 0x0578 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
12:21:04.0062 0x0578 FontCache3.0.0.0 - ok
12:21:04.0078 0x0578 [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:21:04.0078 0x0578 FsDepends - ok
12:21:04.0093 0x0578 [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:21:04.0093 0x0578 Fs_Rec - ok
12:21:04.0140 0x0578 [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:21:04.0140 0x0578 fvevol - ok
12:21:04.0171 0x0578 [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
12:21:04.0171 0x0578 gagp30kx - ok
12:21:04.0218 0x0578 [ 5C230948DD6652228F88CA7AE6CB276C, EDEC6E6B9E2B0CDB6934460EF473FBEAC290DF4A33536A47B3EB1786BDCA197B ] gdrv C:\Windows\gdrv.sys
12:21:04.0218 0x0578 gdrv - ok
12:21:04.0265 0x0578 [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc C:\Windows\System32\gpsvc.dll
12:21:04.0296 0x0578 gpsvc - ok
12:21:04.0405 0x0578 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
12:21:04.0405 0x0578 gupdate - ok
12:21:04.0421 0x0578 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
12:21:04.0421 0x0578 gupdatem - ok
12:21:04.0436 0x0578 [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:21:04.0436 0x0578 hcw85cir - ok
12:21:04.0530 0x0578 [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:21:04.0546 0x0578 HdAudAddService - ok
12:21:04.0561 0x0578 [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
12:21:04.0561 0x0578 HDAudBus - ok
12:21:04.0561 0x0578 [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
12:21:04.0561 0x0578 HidBatt - ok
12:21:04.0577 0x0578 [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
12:21:04.0577 0x0578 HidBth - ok
12:21:04.0592 0x0578 [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
12:21:04.0592 0x0578 HidIr - ok
12:21:04.0624 0x0578 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\system32\hidserv.dll
12:21:04.0624 0x0578 hidserv - ok
12:21:04.0639 0x0578 [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
12:21:04.0639 0x0578 HidUsb - ok
12:21:04.0670 0x0578 [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\Windows\system32\kmsvc.dll
12:21:04.0670 0x0578 hkmsvc - ok
12:21:04.0717 0x0578 [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:21:04.0717 0x0578 HomeGroupListener - ok
12:21:04.0764 0x0578 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:21:04.0764 0x0578 HomeGroupProvider - ok
12:21:04.0795 0x0578 [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:21:04.0795 0x0578 HpSAMD - ok
12:21:04.0858 0x0578 [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:21:04.0873 0x0578 HTTP - ok
12:21:04.0904 0x0578 [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:21:04.0904 0x0578 hwpolicy - ok
12:21:04.0951 0x0578 [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
12:21:04.0951 0x0578 i8042prt - ok
12:21:04.0967 0x0578 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:21:04.0982 0x0578 iaStorV - ok
12:21:05.0045 0x0578 [ C521D7EB6497BB1AF6AFA89E322FB43C, BDDCFCBB5B76A9295669B5AC9F732D6127199ED5C300770B554C4E4794F66BB7 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:21:05.0092 0x0578 idsvc - ok
12:21:05.0123 0x0578 IEEtwCollectorService - ok
12:21:05.0326 0x0578 [ AD626F6964F4D364D226C39E06872DD3, 5D52F89930BB07D4D2D0FC12143BD233B5D2C238527B3B4CAD74736D1EC84218 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
12:21:05.0388 0x0578 igfx - ok
12:21:05.0435 0x0578 [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
12:21:05.0435 0x0578 iirsp - ok
12:21:05.0482 0x0578 [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT C:\Windows\System32\ikeext.dll
12:21:05.0497 0x0578 IKEEXT - ok
12:21:05.0544 0x0578 [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\drivers\intelide.sys
12:21:05.0544 0x0578 intelide - ok
12:21:05.0560 0x0578 [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:21:05.0560 0x0578 intelppm - ok
12:21:05.0591 0x0578 [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:21:05.0591 0x0578 IPBusEnum - ok
12:21:05.0606 0x0578 [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:21:05.0622 0x0578 IpFilterDriver - ok
12:21:05.0653 0x0578 [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:21:05.0669 0x0578 iphlpsvc - ok
12:21:05.0700 0x0578 [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:21:05.0716 0x0578 IPMIDRV - ok
12:21:05.0731 0x0578 [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:21:05.0731 0x0578 IPNAT - ok
12:21:05.0747 0x0578 [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:21:05.0747 0x0578 IRENUM - ok
12:21:05.0762 0x0578 [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:21:05.0762 0x0578 isapnp - ok
12:21:05.0809 0x0578 [ CB7A9ABB12B8415BCE5D74994C7BA3AE, 464BFF3F5EEE985BE075E23E1813F5CB82A9A0771A92C6D889B13B867BCDF647 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:21:05.0825 0x0578 iScsiPrt - ok
12:21:05.0856 0x0578 [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
12:21:05.0856 0x0578 kbdclass - ok
12:21:05.0903 0x0578 [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
12:21:05.0903 0x0578 kbdhid - ok
12:21:05.0918 0x0578 [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] KeyIso C:\Windows\system32\lsass.exe
12:21:05.0918 0x0578 KeyIso - ok
12:21:05.0950 0x0578 [ F286830298323272260332D6ABC905C1, FF4CD182A95CA53119B228690D682EE9214BE131A0DBCB09B6189FBEBBFF902C ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:21:05.0950 0x0578 KSecDD - ok
12:21:05.0965 0x0578 [ D7C760D57B1656DD748B9E4AB6CB5A51, F8AE4185A6A9F7005DEFF1FDC03F395C6189825B482B8C650637FD29DE93AB68 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:21:05.0981 0x0578 KSecPkg - ok
12:21:06.0012 0x0578 [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll
12:21:06.0028 0x0578 KtmRm - ok
12:21:06.0059 0x0578 [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\Windows\system32\srvsvc.dll
12:21:06.0059 0x0578 LanmanServer - ok
12:21:06.0074 0x0578 [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:21:06.0074 0x0578 LanmanWorkstation - ok
12:21:06.0121 0x0578 [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:21:06.0121 0x0578 lltdio - ok
12:21:06.0152 0x0578 [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:21:06.0184 0x0578 lltdsvc - ok
12:21:06.0199 0x0578 [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:21:06.0199 0x0578 lmhosts - ok
12:21:06.0230 0x0578 [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
12:21:06.0230 0x0578 LSI_FC - ok
12:21:06.0246 0x0578 [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
12:21:06.0246 0x0578 LSI_SAS - ok
12:21:06.0262 0x0578 [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:21:06.0262 0x0578 LSI_SAS2 - ok
12:21:06.0277 0x0578 [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:21:06.0277 0x0578 LSI_SCSI - ok
12:21:06.0293 0x0578 [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys
12:21:06.0293 0x0578 luafv - ok
12:21:06.0340 0x0578 [ C846349849475B7EC8B20A825449D531, FCDA5D745BB79D52C4699AC7C618CD933C357DD55FB028B5459F569AE7FDE1EF ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
12:21:06.0340 0x0578 MBAMProtector - ok
12:21:06.0449 0x0578 [ 47DF4BC3D1561B6DAFA0862735FA1493, 88791A710DD71CCAE9FB772AD85BE94BA21B65D7C85937BE85D5B12885EC4CD3 ] MBAMScheduler C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
12:21:06.0542 0x0578 MBAMScheduler - ok
12:21:06.0620 0x0578 [ 2CFC417EED3BF5DDA255CB7EF7E09D45, C70C3AC5A2D97904F2E27669AFE5F7EED0F25B387BEFD42B68E36D44F9A3D37D ] MBAMService C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
12:21:06.0652 0x0578 MBAMService - ok
12:21:06.0698 0x0578 [ 661B911FA04E73FB073FF9B1C9BD2E05, C5FD4F528A59141418DA279291E88E51D406D01FAD36435569D97E95FBA66164 ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
12:21:06.0698 0x0578 MBAMSwissArmy - ok
12:21:06.0730 0x0578 [ B87359E4DF9FA726772633C48D1E8029, 0869F4FF795882917A35C2A5DEB24AAC218AB648615E263286929C5EF3258CAC ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
12:21:06.0730 0x0578 MBAMWebAccessControl - ok
12:21:06.0761 0x0578 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:21:06.0761 0x0578 Mcx2Svc - ok
12:21:06.0776 0x0578 [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
12:21:06.0776 0x0578 megasas - ok
12:21:06.0792 0x0578 [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
12:21:06.0808 0x0578 MegaSR - ok
12:21:06.0823 0x0578 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll
12:21:06.0839 0x0578 MMCSS - ok
12:21:06.0854 0x0578 [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys
12:21:06.0854 0x0578 Modem - ok
12:21:06.0870 0x0578 [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:21:06.0870 0x0578 monitor - ok
12:21:06.0886 0x0578 [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:21:06.0901 0x0578 mouclass - ok
12:21:06.0917 0x0578 [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:21:06.0917 0x0578 mouhid - ok
12:21:06.0948 0x0578 [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:21:06.0948 0x0578 mountmgr - ok
12:21:06.0995 0x0578 [ AEE4E9CC59CDEB55B1ECB0E596E796BE, 674F6F38D86D238AFD6223E03A862F8B43DD8499FBC2D4B7A04E510EC5EACF3B ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
12:21:07.0010 0x0578 MozillaMaintenance - ok
12:21:07.0042 0x0578 [ E77DC03DD3C8E5A388BF9EED2A28F3D1, ED0DAA975D1EC35CE036F02596218E15CC6A054167628D12A0A5AD91B841F422 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
12:21:07.0042 0x0578 MpFilter - ok
12:21:07.0057 0x0578 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\Windows\system32\drivers\mpio.sys
12:21:07.0057 0x0578 mpio - ok
12:21:07.0166 0x0578 [ 65C34426C83EFA32D48380A97717997B, CD7EB6BFBB0BE382BA21055460D9A72323F09AF3194A22D8EDB28D5DB3BAE8E7 ] MpKsl6245a2b6 c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{29BD27A0-639C-46C6-905D-7D5E9B7E4C45}\MpKsl6245a2b6.sys
12:21:07.0166 0x0578 MpKsl6245a2b6 - ok
12:21:07.0198 0x0578 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:21:07.0198 0x0578 mpsdrv - ok
12:21:07.0244 0x0578 [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:21:07.0260 0x0578 MpsSvc - ok
12:21:07.0291 0x0578 [ 21F4B24ACFC79A483515BD986DD9043F, 22681907E02E0B723ABE2CEF0602D36C8EF862E7E2B62A9B40A5EF582E58D7BA ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:21:07.0291 0x0578 MRxDAV - ok
12:21:07.0338 0x0578 [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:21:07.0338 0x0578 mrxsmb - ok
12:21:07.0354 0x0578 [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:21:07.0369 0x0578 mrxsmb10 - ok
12:21:07.0385 0x0578 [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:21:07.0385 0x0578 mrxsmb20 - ok
12:21:07.0416 0x0578 [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\Windows\system32\drivers\msahci.sys
12:21:07.0416 0x0578 msahci - ok
12:21:07.0447 0x0578 [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:21:07.0447 0x0578 msdsm - ok
12:21:07.0478 0x0578 [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe
12:21:07.0478 0x0578 MSDTC - ok
12:21:07.0525 0x0578 [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:21:07.0525 0x0578 Msfs - ok
12:21:07.0541 0x0578 [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:21:07.0541 0x0578 mshidkmdf - ok
12:21:07.0572 0x0578 [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:21:07.0572 0x0578 msisadrv - ok
12:21:07.0603 0x0578 [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:21:07.0603 0x0578 MSiSCSI - ok
12:21:07.0619 0x0578 msiserver - ok
12:21:07.0650 0x0578 [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:21:07.0650 0x0578 MSKSSRV - ok
12:21:07.0697 0x0578 [ B0F49DA36F30922F5DDC3B623B778FCE, EE025AEFA4A2095AFEABFB3A49639DA77D78068A3F5EEDA6C15D34853AFD5609 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
12:21:07.0697 0x0578 MsMpSvc - ok
12:21:07.0728 0x0578 [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:21:07.0728 0x0578 MSPCLOCK - ok
12:21:07.0728 0x0578 [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:21:07.0728 0x0578 MSPQM - ok
12:21:07.0759 0x0578 [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:21:07.0759 0x0578 MsRPC - ok
12:21:07.0790 0x0578 [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
12:21:07.0806 0x0578 mssmbios - ok
12:21:07.0822 0x0578 [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:21:07.0822 0x0578 MSTEE - ok
12:21:07.0822 0x0578 [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
12:21:07.0822 0x0578 MTConfig - ok
12:21:07.0853 0x0578 [ 0F24624106D8042E7F27882D9D6FF5C0, 2CD6E0962FB20EB8E1033CE1663FD223807BAE1FBE27D3AC9582FB765F2C70F0 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
12:21:07.0853 0x0578 MTsensor - ok
12:21:07.0868 0x0578 [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\Windows\system32\Drivers\mup.sys
12:21:07.0868 0x0578 Mup - ok
12:21:07.0915 0x0578 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\Windows\system32\qagentRT.dll

Re: Prosím o kontrolu, problém s "mncpags.exe"

Napsal: 30 bře 2014 12:33
od Player1
12:21:07.0962 0x0578 [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:21:07.0962 0x0578 NativeWifiP - ok
12:21:08.0040 0x0578 [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS C:\Windows\system32\drivers\ndis.sys
12:21:08.0056 0x0578 NDIS - ok
12:21:08.0071 0x0578 [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:21:08.0071 0x0578 NdisCap - ok
12:21:08.0087 0x0578 [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:21:08.0087 0x0578 NdisTapi - ok
12:21:08.0118 0x0578 [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:21:08.0118 0x0578 Ndisuio - ok
12:21:08.0149 0x0578 [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:21:08.0165 0x0578 NdisWan - ok
12:21:08.0196 0x0578 [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:21:08.0196 0x0578 NDProxy - ok
12:21:08.0212 0x0578 [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:21:08.0227 0x0578 NetBIOS - ok
12:21:08.0258 0x0578 [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:21:08.0258 0x0578 NetBT - ok
12:21:08.0274 0x0578 [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] Netlogon C:\Windows\system32\lsass.exe
12:21:08.0274 0x0578 Netlogon - ok
12:21:08.0305 0x0578 [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\Windows\System32\netman.dll
12:21:08.0321 0x0578 Netman - ok
12:21:08.0352 0x0578 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:21:08.0383 0x0578 NetMsmqActivator - ok
12:21:08.0399 0x0578 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:21:08.0399 0x0578 NetPipeActivator - ok
12:21:08.0414 0x0578 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\Windows\System32\netprofm.dll
12:21:08.0430 0x0578 netprofm - ok
12:21:08.0446 0x0578 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:21:08.0446 0x0578 NetTcpActivator - ok
12:21:08.0446 0x0578 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:21:08.0461 0x0578 NetTcpPortSharing - ok
12:21:08.0461 0x0578 [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
12:21:08.0477 0x0578 nfrd960 - ok
12:21:08.0508 0x0578 [ 32FF06EC6D946EF791D98D6C838A3090, 319BDD491CB22D0CCCCE76A2854CF469D7AF046289F9C56CD03AE3D3CBC0275E ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
12:21:08.0508 0x0578 NisDrv - ok
12:21:08.0539 0x0578 [ 42D33042371BFB1A7D40834590CAFD30, 53DA3618EC10293B2DF686E291A4EF6ACBBD41D116EC762D54106D201A784E87 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
12:21:08.0539 0x0578 NisSrv - ok
12:21:08.0586 0x0578 [ 374071043F9E4231EE43BE2BB48DD36D, C4FA3FC40CC49DBBB91901D14210A55D3831FAC9F9B3FF45FCA7F5CF242C9E92 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:21:08.0602 0x0578 NlaSvc - ok
12:21:08.0602 0x0578 [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:21:08.0617 0x0578 Npfs - ok
12:21:08.0633 0x0578 [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\Windows\system32\nsisvc.dll
12:21:08.0633 0x0578 nsi - ok
12:21:08.0648 0x0578 [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:21:08.0648 0x0578 nsiproxy - ok
12:21:08.0726 0x0578 [ 5E43D2B0EE64123D4880DFA6626DEFDE, 164413A22DE58B19EA2B4120034B46D6BE1F424B80C3421E10BE5C81153D049F ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:21:08.0742 0x0578 Ntfs - ok
12:21:08.0758 0x0578 [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\Windows\system32\drivers\Null.sys
12:21:08.0758 0x0578 Null - ok
12:21:08.0804 0x0578 [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:21:08.0804 0x0578 nvraid - ok
12:21:08.0820 0x0578 [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:21:08.0836 0x0578 nvstor - ok
12:21:08.0851 0x0578 [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:21:08.0851 0x0578 nv_agp - ok
12:21:08.0882 0x0578 [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:21:08.0882 0x0578 ohci1394 - ok
12:21:08.0914 0x0578 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:21:08.0929 0x0578 p2pimsvc - ok
12:21:08.0960 0x0578 [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\Windows\system32\p2psvc.dll
12:21:08.0976 0x0578 p2psvc - ok
12:21:08.0992 0x0578 [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\Windows\system32\DRIVERS\parport.sys
12:21:08.0992 0x0578 Parport - ok
12:21:09.0023 0x0578 [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:21:09.0023 0x0578 partmgr - ok
12:21:09.0038 0x0578 [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
12:21:09.0038 0x0578 Parvdm - ok
12:21:09.0054 0x0578 [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:21:09.0054 0x0578 PcaSvc - ok
12:21:09.0101 0x0578 [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\Windows\system32\drivers\pci.sys
12:21:09.0101 0x0578 pci - ok
12:21:09.0132 0x0578 [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\Windows\system32\drivers\pciide.sys
12:21:09.0132 0x0578 pciide - ok
12:21:09.0148 0x0578 [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
12:21:09.0163 0x0578 pcmcia - ok
12:21:09.0179 0x0578 [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\Windows\system32\drivers\pcw.sys
12:21:09.0179 0x0578 pcw - ok
12:21:09.0226 0x0578 [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:21:09.0226 0x0578 PEAUTH - ok
12:21:09.0304 0x0578 [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
12:21:09.0319 0x0578 PeerDistSvc - ok
12:21:09.0413 0x0578 [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\Windows\system32\pla.dll
12:21:09.0491 0x0578 pla - ok
12:21:09.0522 0x0578 [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:21:09.0538 0x0578 PlugPlay - ok
12:21:09.0569 0x0578 [ 831883B107684301F48ACE752C963984, EAF383C4ACC17DBB060BB8398225222175E028E1E332E2CE0548C97DAED3620E ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
12:21:09.0569 0x0578 PnkBstrA - ok
12:21:09.0584 0x0578 [ E24106A5EAECDDFF00B25497049DD65F, B1BA1AEBC15A0EF04DA95E5ED2E4E6C5B9FBE8B0D80E7582A1A1B59C5724BD64 ] PnkBstrB C:\Windows\system32\PnkBstrB.exe
12:21:09.0584 0x0578 PnkBstrB - ok
12:21:09.0600 0x0578 [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:21:09.0600 0x0578 PNRPAutoReg - ok
12:21:09.0616 0x0578 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:21:09.0631 0x0578 PNRPsvc - ok
12:21:09.0662 0x0578 [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:21:09.0678 0x0578 PolicyAgent - ok
12:21:09.0725 0x0578 [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\Windows\system32\umpo.dll
12:21:09.0725 0x0578 Power - ok
12:21:09.0772 0x0578 [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:21:09.0772 0x0578 PptpMiniport - ok
12:21:09.0787 0x0578 [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\Windows\system32\DRIVERS\processr.sys
12:21:09.0787 0x0578 Processor - ok
12:21:09.0834 0x0578 [ CADEFAC453040E370A1BDFF3973BE00D, 2E3DD8DA702468D8AB0F3CE27188B1991D4CB015FB36BAE4C6E7996B61CF49B8 ] ProfSvc C:\Windows\system32\profsvc.dll
12:21:09.0834 0x0578 ProfSvc - ok
12:21:09.0850 0x0578 [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:21:09.0850 0x0578 ProtectedStorage - ok
12:21:09.0881 0x0578 [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:21:09.0896 0x0578 Psched - ok
12:21:09.0959 0x0578 [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
12:21:10.0006 0x0578 ql2300 - ok
12:21:10.0021 0x0578 [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
12:21:10.0021 0x0578 ql40xx - ok
12:21:10.0052 0x0578 [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\Windows\system32\qwave.dll
12:21:10.0068 0x0578 QWAVE - ok
12:21:10.0084 0x0578 [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:21:10.0084 0x0578 QWAVEdrv - ok
12:21:10.0099 0x0578 [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:21:10.0099 0x0578 RasAcd - ok
12:21:10.0130 0x0578 [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:21:10.0130 0x0578 RasAgileVpn - ok
12:21:10.0146 0x0578 [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\Windows\System32\rasauto.dll
12:21:10.0146 0x0578 RasAuto - ok
12:21:10.0162 0x0578 [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:21:10.0162 0x0578 Rasl2tp - ok
12:21:10.0208 0x0578 [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\Windows\System32\rasmans.dll
12:21:10.0224 0x0578 RasMan - ok
12:21:10.0240 0x0578 [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:21:10.0240 0x0578 RasPppoe - ok
12:21:10.0255 0x0578 [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:21:10.0255 0x0578 RasSstp - ok
12:21:10.0302 0x0578 [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:21:10.0302 0x0578 rdbss - ok
12:21:10.0333 0x0578 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:21:10.0333 0x0578 rdpbus - ok
12:21:10.0364 0x0578 [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:21:10.0364 0x0578 RDPCDD - ok
12:21:10.0396 0x0578 [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
12:21:10.0411 0x0578 RDPDR - ok
12:21:10.0442 0x0578 [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:21:10.0442 0x0578 RDPENCDD - ok
12:21:10.0458 0x0578 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:21:10.0458 0x0578 RDPREFMP - ok
12:21:10.0489 0x0578 [ 68A0387F58E226DEEE23D9715955572A, F95BB1D2BB3E79AF47B1C715BB5E3003EEF888AAA963F46F4A2FE8AFBD4F37A4 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:21:10.0505 0x0578 RdpVideoMiniport - ok
12:21:10.0536 0x0578 [ F031683E6D1FEA157ABB2FF260B51E61, 83B552819A5964152882C527E1421DBCEAACC74DEB897E3C4B53F52F1467FED3 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:21:10.0536 0x0578 RDPWD - ok
12:21:10.0583 0x0578 [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:21:10.0583 0x0578 rdyboost - ok
12:21:10.0614 0x0578 [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:21:10.0614 0x0578 RemoteAccess - ok
12:21:10.0645 0x0578 [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:21:10.0645 0x0578 RemoteRegistry - ok
12:21:10.0661 0x0578 [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:21:10.0676 0x0578 RpcEptMapper - ok
12:21:10.0692 0x0578 [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\Windows\system32\locator.exe
12:21:10.0708 0x0578 RpcLocator - ok
12:21:10.0723 0x0578 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs C:\Windows\system32\rpcss.dll
12:21:10.0739 0x0578 RpcSs - ok
12:21:10.0754 0x0578 [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:21:10.0754 0x0578 rspndr - ok
12:21:10.0786 0x0578 [ 26A9D6227D12B9D9DA5A81BB9B55D810, 65AB233248B09619BE47A44008544FDFAA6C60C671F8659DB85B97693677B3F9 ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
12:21:10.0786 0x0578 RTL8167 - ok
12:21:10.0817 0x0578 [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap C:\Windows\system32\drivers\vms3cap.sys
12:21:10.0817 0x0578 s3cap - ok
12:21:10.0848 0x0578 [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] SamSs C:\Windows\system32\lsass.exe
12:21:10.0848 0x0578 SamSs - ok
12:21:10.0879 0x0578 [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:21:10.0879 0x0578 sbp2port - ok
12:21:10.0910 0x0578 [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:21:10.0910 0x0578 SCardSvr - ok
12:21:10.0926 0x0578 [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:21:10.0926 0x0578 scfilter - ok
12:21:10.0988 0x0578 [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule C:\Windows\system32\schedsvc.dll
12:21:11.0035 0x0578 Schedule - ok
12:21:11.0051 0x0578 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\Windows\System32\certprop.dll
12:21:11.0051 0x0578 SCPolicySvc - ok
12:21:11.0082 0x0578 [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:21:11.0098 0x0578 SDRSVC - ok
12:21:11.0113 0x0578 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:21:11.0129 0x0578 secdrv - ok
12:21:11.0144 0x0578 [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\Windows\system32\seclogon.dll
12:21:11.0144 0x0578 seclogon - ok
12:21:11.0160 0x0578 [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\Windows\System32\sens.dll
12:21:11.0160 0x0578 SENS - ok
12:21:11.0176 0x0578 [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:21:11.0176 0x0578 SensrSvc - ok
12:21:11.0191 0x0578 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:21:11.0207 0x0578 Serenum - ok
12:21:11.0207 0x0578 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:21:11.0222 0x0578 Serial - ok
12:21:11.0238 0x0578 [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
12:21:11.0238 0x0578 sermouse - ok
12:21:11.0285 0x0578 [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\Windows\system32\sessenv.dll
12:21:11.0285 0x0578 SessionEnv - ok
12:21:11.0316 0x0578 [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:21:11.0316 0x0578 sffdisk - ok
12:21:11.0332 0x0578 [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:21:11.0332 0x0578 sffp_mmc - ok
12:21:11.0347 0x0578 [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:21:11.0347 0x0578 sffp_sd - ok
12:21:11.0363 0x0578 [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
12:21:11.0363 0x0578 sfloppy - ok
12:21:11.0394 0x0578 [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:21:11.0410 0x0578 SharedAccess - ok
12:21:11.0456 0x0578 [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:21:11.0472 0x0578 ShellHWDetection - ok
12:21:11.0488 0x0578 [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\Windows\system32\drivers\sisagp.sys
12:21:11.0488 0x0578 sisagp - ok
12:21:11.0519 0x0578 [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:21:11.0519 0x0578 SiSRaid2 - ok
12:21:11.0550 0x0578 [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
12:21:11.0550 0x0578 SiSRaid4 - ok
12:21:11.0566 0x0578 [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:21:11.0581 0x0578 Smb - ok
12:21:11.0612 0x0578 [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:21:11.0612 0x0578 SNMPTRAP - ok
12:21:11.0644 0x0578 [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\Windows\system32\drivers\spldr.sys
12:21:11.0644 0x0578 spldr - ok
12:21:11.0690 0x0578 [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler C:\Windows\System32\spoolsv.exe
12:21:11.0706 0x0578 Spooler - ok
12:21:11.0862 0x0578 [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc C:\Windows\system32\sppsvc.exe
12:21:11.0909 0x0578 sppsvc - ok
12:21:11.0940 0x0578 [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:21:11.0956 0x0578 sppuinotify - ok
12:21:12.0018 0x0578 [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv C:\Windows\system32\DRIVERS\srv.sys
12:21:12.0034 0x0578 srv - ok
12:21:12.0080 0x0578 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:21:12.0096 0x0578 srv2 - ok
12:21:12.0174 0x0578 [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:21:12.0174 0x0578 srvnet - ok
12:21:12.0205 0x0578 [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:21:12.0205 0x0578 SSDPSRV - ok
12:21:12.0221 0x0578 [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:21:12.0221 0x0578 SstpSvc - ok
12:21:12.0283 0x0578 [ 2F3B5A3567FFB343D8867C3D34C687F1, D01971412506746B2EA1CBB0ACF9472889ABBC23318C1332BEC9C8256011183E ] Steam Client Service C:\Program Files\Common Files\Steam\SteamService.exe
12:21:12.0299 0x0578 Steam Client Service - ok
12:21:12.0314 0x0578 [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
12:21:12.0314 0x0578 stexstor - ok
12:21:12.0361 0x0578 [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc C:\Windows\System32\wiaservc.dll
12:21:12.0377 0x0578 StiSvc - ok
12:21:12.0392 0x0578 [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt C:\Windows\system32\drivers\vmstorfl.sys
12:21:12.0392 0x0578 storflt - ok
12:21:12.0439 0x0578 [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc C:\Windows\system32\drivers\storvsc.sys
12:21:12.0439 0x0578 storvsc - ok
12:21:12.0470 0x0578 [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\Windows\system32\drivers\swenum.sys
12:21:12.0470 0x0578 swenum - ok
12:21:12.0502 0x0578 [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\Windows\System32\swprv.dll
12:21:12.0517 0x0578 swprv - ok
12:21:12.0533 0x0578 Synth3dVsc - ok
12:21:12.0595 0x0578 [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain C:\Windows\system32\sysmain.dll
12:21:12.0642 0x0578 SysMain - ok
12:21:12.0689 0x0578 [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
12:21:12.0689 0x0578 TabletInputService - ok
12:21:12.0720 0x0578 [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv C:\Windows\System32\tapisrv.dll
12:21:12.0751 0x0578 TapiSrv - ok
12:21:12.0767 0x0578 [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\Windows\System32\tbssvc.dll
12:21:12.0782 0x0578 TBS - ok
12:21:12.0860 0x0578 [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:21:12.0876 0x0578 Tcpip - ok
12:21:12.0938 0x0578 [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:21:12.0970 0x0578 TCPIP6 - ok
12:21:13.0001 0x0578 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:21:13.0001 0x0578 tcpipreg - ok
12:21:13.0032 0x0578 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:21:13.0032 0x0578 TDPIPE - ok
12:21:13.0048 0x0578 [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:21:13.0048 0x0578 TDTCP - ok
12:21:13.0079 0x0578 [ B459575348C20E8121D6039DA063C704, 1B4328A9EA39FF5A57F258E02254D04B73455F1DF7C997C13702A8B2F12D0347 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:21:13.0079 0x0578 tdx - ok
12:21:13.0094 0x0578 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD C:\Windows\system32\drivers\termdd.sys
12:21:13.0094 0x0578 TermDD - ok
12:21:13.0141 0x0578 [ 382C804C92811BE57829D8E550A900E2, 5F52C2E7902024CF1C9CC0069F411C3F19CCA3DB209F437FA0F3932D4898EB50 ] TermService C:\Windows\System32\termsrv.dll
12:21:13.0157 0x0578 TermService - ok
12:21:13.0172 0x0578 [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\Windows\system32\themeservice.dll
12:21:13.0172 0x0578 Themes - ok
12:21:13.0188 0x0578 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\Windows\system32\mmcss.dll
12:21:13.0188 0x0578 THREADORDER - ok
12:21:13.0219 0x0578 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\Windows\System32\trkwks.dll
12:21:13.0219 0x0578 TrkWks - ok
12:21:13.0282 0x0578 [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:21:13.0282 0x0578 TrustedInstaller - ok
12:21:13.0328 0x0578 [ B37B08F2E5EEB1A37E448E09BACE1101, 32CC9E06B88BAB6FAB4696B744548DFCE9199A7FD2BA8B019F269CA75895852C ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:21:13.0328 0x0578 tssecsrv - ok
12:21:13.0360 0x0578 [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:21:13.0360 0x0578 TsUsbFlt - ok
12:21:13.0360 0x0578 tsusbhub - ok
12:21:13.0406 0x0578 [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:21:13.0406 0x0578 tunnel - ok
12:21:13.0438 0x0578 [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
12:21:13.0438 0x0578 uagp35 - ok
12:21:13.0484 0x0578 [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:21:13.0500 0x0578 udfs - ok
12:21:13.0516 0x0578 [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:21:13.0516 0x0578 UI0Detect - ok
12:21:13.0547 0x0578 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:21:13.0547 0x0578 uliagpkx - ok
12:21:13.0578 0x0578 [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus C:\Windows\system32\drivers\umbus.sys
12:21:13.0578 0x0578 umbus - ok
12:21:13.0594 0x0578 [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
12:21:13.0594 0x0578 UmPass - ok
12:21:13.0656 0x0578 [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService C:\Windows\System32\umrdp.dll
12:21:13.0656 0x0578 UmRdpService - ok
12:21:13.0703 0x0578 [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\Windows\System32\upnphost.dll
12:21:13.0703 0x0578 upnphost - ok
12:21:13.0734 0x0578 [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
12:21:13.0734 0x0578 usbccgp - ok
12:21:13.0765 0x0578 [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:21:13.0765 0x0578 usbcir - ok
12:21:13.0796 0x0578 [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci C:\Windows\system32\drivers\usbehci.sys
12:21:13.0796 0x0578 usbehci - ok
12:21:13.0859 0x0578 [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:21:13.0859 0x0578 usbhub - ok
12:21:13.0890 0x0578 [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:21:13.0890 0x0578 usbohci - ok
12:21:13.0906 0x0578 [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:21:13.0906 0x0578 usbprint - ok
12:21:13.0937 0x0578 [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:21:13.0937 0x0578 USBSTOR - ok
12:21:13.0968 0x0578 [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
12:21:13.0968 0x0578 usbuhci - ok
12:21:13.0984 0x0578 [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\Windows\System32\uxsms.dll
12:21:13.0984 0x0578 UxSms - ok
12:21:13.0999 0x0578 [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] VaultSvc C:\Windows\system32\lsass.exe
12:21:13.0999 0x0578 VaultSvc - ok
12:21:14.0030 0x0578 [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:21:14.0030 0x0578 vdrvroot - ok
12:21:14.0077 0x0578 [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds C:\Windows\System32\vds.exe
12:21:14.0093 0x0578 vds - ok
12:21:14.0124 0x0578 [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:21:14.0124 0x0578 vga - ok
12:21:14.0140 0x0578 [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\Windows\System32\drivers\vga.sys
12:21:14.0140 0x0578 VgaSave - ok
12:21:14.0155 0x0578 VGPU - ok
12:21:14.0186 0x0578 [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:21:14.0186 0x0578 vhdmp - ok
12:21:14.0218 0x0578 [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\Windows\system32\drivers\viaagp.sys
12:21:14.0218 0x0578 viaagp - ok
12:21:14.0249 0x0578 [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
12:21:14.0249 0x0578 ViaC7 - ok
12:21:14.0280 0x0578 [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\Windows\system32\drivers\viaide.sys
12:21:14.0280 0x0578 viaide - ok
12:21:14.0311 0x0578 [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus C:\Windows\system32\drivers\vmbus.sys
12:21:14.0327 0x0578 vmbus - ok
12:21:14.0327 0x0578 [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
12:21:14.0327 0x0578 VMBusHID - ok
12:21:14.0358 0x0578 [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:21:14.0358 0x0578 volmgr - ok
12:21:14.0389 0x0578 [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:21:14.0405 0x0578 volmgrx - ok
12:21:14.0420 0x0578 [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:21:14.0420 0x0578 volsnap - ok
12:21:14.0452 0x0578 [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
12:21:14.0452 0x0578 vsmraid - ok
12:21:14.0514 0x0578 [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS C:\Windows\system32\vssvc.exe
12:21:14.0545 0x0578 VSS - ok
12:21:14.0561 0x0578 [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
12:21:14.0561 0x0578 vwifibus - ok
12:21:14.0592 0x0578 [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\Windows\system32\w32time.dll
12:21:14.0592 0x0578 W32Time - ok
12:21:14.0623 0x0578 [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
12:21:14.0623 0x0578 WacomPen - ok
12:21:14.0670 0x0578 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:21:14.0670 0x0578 WANARP - ok
12:21:14.0670 0x0578 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:21:14.0670 0x0578 Wanarpv6 - ok
12:21:14.0764 0x0578 [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
12:21:14.0810 0x0578 WatAdminSvc - ok
12:21:14.0888 0x0578 [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine C:\Windows\system32\wbengine.exe
12:21:14.0920 0x0578 wbengine - ok
12:21:14.0935 0x0578 [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:21:14.0951 0x0578 WbioSrvc - ok
12:21:14.0982 0x0578 [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:21:14.0998 0x0578 wcncsvc - ok
12:21:15.0013 0x0578 [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:21:15.0013 0x0578 WcsPlugInService - ok
12:21:15.0044 0x0578 [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\Windows\system32\DRIVERS\wd.sys
12:21:15.0044 0x0578 Wd - ok
12:21:15.0107 0x0578 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:21:15.0122 0x0578 Wdf01000 - ok
12:21:15.0138 0x0578 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:21:15.0138 0x0578 WdiServiceHost - ok
12:21:15.0138 0x0578 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:21:15.0138 0x0578 WdiSystemHost - ok
12:21:15.0185 0x0578 [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient C:\Windows\System32\webclnt.dll
12:21:15.0200 0x0578 WebClient - ok
12:21:15.0216 0x0578 [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:21:15.0232 0x0578 Wecsvc - ok
12:21:15.0247 0x0578 [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:21:15.0247 0x0578 wercplsupport - ok
12:21:15.0278 0x0578 [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\Windows\System32\WerSvc.dll
12:21:15.0278 0x0578 WerSvc - ok
12:21:15.0294 0x0578 [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:21:15.0294 0x0578 WfpLwf - ok
12:21:15.0310 0x0578 [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:21:15.0310 0x0578 WIMMount - ok
12:21:15.0388 0x0578 [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
12:21:15.0419 0x0578 WinDefend - ok
12:21:15.0450 0x0578 WinHttpAutoProxySvc - ok
12:21:15.0497 0x0578 [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:21:15.0512 0x0578 Winmgmt - ok
12:21:15.0590 0x0578 [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM C:\Windows\system32\WsmSvc.dll
12:21:15.0622 0x0578 WinRM - ok
12:21:15.0668 0x0578 [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:21:15.0700 0x0578 Wlansvc - ok
12:21:15.0731 0x0578 [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:21:15.0746 0x0578 WmiAcpi - ok
12:21:15.0778 0x0578 [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:21:15.0778 0x0578 wmiApSrv - ok
12:21:15.0856 0x0578 [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
12:21:15.0871 0x0578 WMPNetworkSvc - ok
12:21:15.0902 0x0578 [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:21:15.0902 0x0578 WPCSvc - ok
12:21:15.0934 0x0578 [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:21:15.0949 0x0578 WPDBusEnum - ok
12:21:15.0965 0x0578 [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:21:15.0965 0x0578 ws2ifsl - ok
12:21:15.0980 0x0578 [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\Windows\System32\wscsvc.dll
12:21:15.0980 0x0578 wscsvc - ok
12:21:15.0980 0x0578 WSearch - ok
12:21:16.0074 0x0578 [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv C:\Windows\system32\wuaueng.dll
12:21:16.0105 0x0578 wuauserv - ok
12:21:16.0136 0x0578 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:21:16.0136 0x0578 WudfPf - ok
12:21:16.0168 0x0578 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:21:16.0168 0x0578 WUDFRd - ok
12:21:16.0199 0x0578 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:21:16.0199 0x0578 wudfsvc - ok
12:21:16.0246 0x0578 [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc C:\Windows\System32\wwansvc.dll
12:21:16.0261 0x0578 WwanSvc - ok
12:21:16.0261 0x0578 ================ Scan global ===============================
12:21:16.0308 0x0578 [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
12:21:16.0355 0x0578 [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
12:21:16.0370 0x0578 [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
12:21:16.0402 0x0578 [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
12:21:16.0417 0x0578 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
12:21:16.0417 0x0578 [ Global ] - ok
12:21:16.0417 0x0578 ================ Scan MBR ==================================
12:21:16.0433 0x0578 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:21:16.0776 0x0578 \Device\Harddisk0\DR0 - ok
12:21:16.0776 0x0578 ================ Scan VBR ==================================
12:21:16.0776 0x0578 [ A8B25C045B93DE7CFF82C728C4F30B37 ] \Device\Harddisk0\DR0\Partition1
12:21:16.0776 0x0578 \Device\Harddisk0\DR0\Partition1 - ok
12:21:16.0776 0x0578 [ A53D72A2CA6CEC9ED4B14136E0C9D912 ] \Device\Harddisk0\DR0\Partition2
12:21:16.0792 0x0578 \Device\Harddisk0\DR0\Partition2 - ok
12:21:16.0792 0x0578 Waiting for KSN requests completion. In queue: 325
12:21:17.0806 0x0578 Waiting for KSN requests completion. In queue: 325
12:21:18.0820 0x0578 Waiting for KSN requests completion. In queue: 13
12:21:19.0849 0x0578 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.4.304.0 ), 0x61000 ( enabled : updated )
12:21:19.0849 0x0578 Win FW state via NFP2: enabled
12:21:22.0564 0x0578 ============================================================
12:21:22.0564 0x0578 Scan finished
12:21:22.0564 0x0578 ============================================================
12:21:22.0564 0x0e5c Detected object count: 0
12:21:22.0564 0x0e5c Actual detected object count: 0
12:21:43.0343 0x07e4 Deinitialize success

Re: Prosím o kontrolu, problém s "mncpags.exe"

Napsal: 30 bře 2014 16:29
od memphisto
Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je oznaèen pro odstranění, stačí restartovat počítač.

Re: Prosím o kontrolu, problém s "mncpags.exe"

Napsal: 30 bře 2014 21:01
od Player1
ComboFix 14-03-24.01 - Admin 30.03.2014 20:48:36.2.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.2047.1154 [GMT 2:00]
Spuštěný z: c:\users\Admin\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\tmp4158.tmp
c:\windows\system32\tmp4198.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-02-28 do 2014-03-30 )))))))))))))))))))))))))))))))
.
.
2099-06-01 05:36 . 2014-03-07 10:42 -------- d-----w- c:\windows\Panther
2014-03-30 18:53 . 2014-03-30 18:53 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-03-30 18:43 . 2014-03-07 04:35 7969936 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{79C86A3D-C6A9-4D3C-87A7-2E502830593F}\mpengine.dll
2014-03-29 22:27 . 2014-03-07 04:35 7969936 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-03-29 22:20 . 2014-03-29 22:20 -------- d-----w- c:\windows\ERUNT
2014-03-29 22:08 . 2014-03-29 22:12 -------- d-----w- C:\AdwCleaner
2014-03-29 18:51 . 2014-03-07 14:54 765968 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CCA926FA-37C5-4332-81A5-951AE09A3034}\gapaengine.dll
2014-03-29 11:24 . 2014-03-30 18:28 107736 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-03-29 11:24 . 2014-03-29 11:24 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-03-29 11:24 . 2014-03-29 11:24 -------- d-----w- c:\programdata\Malwarebytes
2014-03-29 11:24 . 2014-03-05 08:26 51416 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-03-29 11:24 . 2014-03-05 08:26 73432 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-03-29 11:24 . 2014-03-05 08:26 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-03-29 10:42 . 2014-03-29 10:42 -------- d-----w- c:\program files\Trend Micro
2014-03-25 00:07 . 2014-03-25 00:07 -------- d-----w- c:\windows\system32\xlive
2014-03-25 00:07 . 2014-03-25 00:07 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2014-03-24 23:18 . 2014-03-24 23:09 377856 ----a-w- c:\windows\system32\binkw32.dll
2014-03-24 23:17 . 2014-03-24 23:17 -------- d-----w- c:\programdata\Logs
2014-03-23 19:46 . 2014-03-23 19:46 -------- d-----w- c:\program files\FIFA 13
2014-03-23 16:00 . 2014-03-23 16:00 -------- d-----w- c:\programdata\Caphyon
2014-03-23 15:57 . 2014-03-23 19:58 -------- d-----w- c:\program files\VideoLAN
2014-03-21 22:00 . 2013-12-21 08:56 454656 ----a-w- c:\windows\system32\vbscript.dll
2014-03-21 15:46 . 2014-03-21 15:46 -------- d-----w- c:\windows\Migration
2014-03-19 20:50 . 2013-11-23 18:26 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2014-03-19 20:49 . 2014-02-04 02:04 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-03-19 20:49 . 2013-12-24 23:09 1987584 ----a-w- c:\windows\system32\d3d10warp.dll
2014-03-19 20:49 . 2013-11-26 08:16 3419136 ----a-w- c:\windows\system32\d2d1.dll
2014-03-19 20:41 . 2014-03-19 21:41 -------- d-----w- c:\programdata\ProgeCAD
2014-03-19 20:41 . 2013-09-16 10:32 4821504 ----a-w- c:\windows\system32\cdintf450.dll
2014-03-19 20:40 . 2014-03-19 20:40 -------- d-----w- c:\program files\ProgeCAD
2014-03-17 20:30 . 2014-03-17 20:34 -------- d-----w- c:\program files\Google
2014-03-17 20:00 . 2014-03-17 20:00 -------- d-----w- c:\programdata\ATI
2014-03-17 20:00 . 2014-03-17 20:00 -------- d-----w- c:\programdata\AMD
2014-03-17 20:00 . 2014-03-17 20:00 -------- d-----w- c:\program files\AMD AVT
2014-03-17 20:00 . 2014-03-17 20:00 -------- d-----w- c:\program files\AMD APP
2014-03-17 19:50 . 2014-03-17 19:50 -------- d-----w- C:\AMD
2014-03-17 14:10 . 2014-03-17 14:10 243128 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-03-17 14:10 . 2014-03-17 14:10 -------- d-----w- c:\program files\DAEMON Tools Lite
2014-03-17 09:52 . 2014-03-17 09:52 -------- d-----w- c:\program files\CCleaner
2014-03-17 00:46 . 2013-07-04 11:50 530432 ----a-w- c:\windows\system32\comctl32.dll
2014-03-17 00:46 . 2013-07-03 03:36 55808 ----a-w- c:\windows\system32\drivers\hidclass.sys
2014-03-17 00:46 . 2013-07-03 03:36 25728 ----a-w- c:\windows\system32\drivers\hidparse.sys
2014-03-17 00:45 . 2013-09-14 00:48 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2014-03-17 00:45 . 2013-09-08 02:03 231424 ----a-w- c:\windows\system32\mswsock.dll
2014-03-17 00:45 . 2012-02-11 05:37 317440 ----a-w- c:\windows\system32\spoolsv.exe
2014-03-17 00:45 . 2013-07-09 04:50 652800 ----a-w- c:\windows\system32\rpcrt4.dll
2014-03-17 00:45 . 2012-08-22 17:16 712048 ----a-w- c:\windows\system32\drivers\ndis.sys
2014-03-17 00:45 . 2012-07-04 19:45 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2014-03-17 00:45 . 2013-07-09 04:52 175104 ----a-w- c:\windows\system32\wintrust.dll
2014-03-17 00:45 . 2013-10-04 01:56 1796096 ----a-w- c:\windows\system32\authui.dll
2014-03-17 00:45 . 2013-10-04 01:58 152576 ----a-w- c:\windows\system32\SmartcardCredentialProvider.dll
2014-03-17 00:45 . 2013-10-04 01:56 168960 ----a-w- c:\windows\system32\credui.dll
2014-03-17 00:42 . 2014-02-04 02:04 509440 ----a-w- c:\windows\system32\qedit.dll
2014-03-17 00:42 . 2013-10-30 02:19 301568 ----a-w- c:\windows\system32\msieftp.dll
2014-03-17 00:37 . 2013-09-25 02:01 136640 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-03-17 00:37 . 2013-09-25 02:01 67520 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2014-03-17 00:37 . 2013-09-25 01:57 99840 ----a-w- c:\windows\system32\sspicli.dll
2014-03-17 00:37 . 2013-09-25 01:57 247808 ----a-w- c:\windows\system32\schannel.dll
2014-03-17 00:37 . 2013-09-25 01:56 1038848 ----a-w- c:\windows\system32\lsasrv.dll
2014-03-17 00:37 . 2013-07-04 12:16 369848 ----a-w- c:\windows\system32\drivers\cng.sys
2014-03-17 00:37 . 2013-09-25 01:57 22016 ----a-w- c:\windows\system32\secur32.dll
2014-03-17 00:37 . 2013-09-25 01:56 220160 ----a-w- c:\windows\system32\ncrypt.dll
2014-03-17 00:37 . 2013-09-25 00:49 22016 ----a-w- c:\windows\system32\lsass.exe
2014-03-17 00:37 . 2013-09-25 00:49 15872 ----a-w- c:\windows\system32\sspisrv.dll
2014-03-17 00:32 . 2013-12-06 02:02 2048 ----a-w- c:\windows\system32\msxml3r.dll
2014-03-17 00:32 . 2013-12-06 02:02 1237504 ----a-w- c:\windows\system32\msxml3.dll
2014-03-17 00:32 . 2013-10-12 02:04 121856 ----a-w- c:\windows\system32\wshom.ocx
2014-03-17 00:32 . 2013-10-12 02:03 163840 ----a-w- c:\windows\system32\scrrun.dll
2014-03-17 00:32 . 2013-10-12 01:15 141824 ----a-w- c:\windows\system32\wscript.exe
2014-03-17 00:32 . 2013-10-12 01:15 126976 ----a-w- c:\windows\system32\cscript.exe
2014-03-17 00:32 . 2012-08-21 20:12 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2014-03-16 23:58 . 2013-10-19 01:36 159232 ----a-w- c:\windows\system32\imagehlp.dll
2014-03-16 23:55 . 2013-08-01 11:03 729024 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2014-03-16 23:55 . 2013-04-10 05:18 218984 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2014-03-16 23:55 . 2013-05-10 03:20 24576 ----a-w- c:\windows\system32\cryptdlg.dll
2014-03-16 23:55 . 2013-11-12 02:07 2048 ----a-w- c:\windows\system32\tzres.dll
2014-03-16 23:55 . 2013-08-29 01:51 3969472 ----a-w- c:\windows\system32\ntkrnlpa.exe
2014-03-16 23:55 . 2013-08-29 01:51 3914176 ----a-w- c:\windows\system32\ntoskrnl.exe
2014-03-16 23:54 . 2013-08-29 01:50 1289096 ----a-w- c:\windows\system32\ntdll.dll
2014-03-16 23:54 . 2013-08-29 01:50 619520 ----a-w- c:\windows\system32\tdh.dll
2014-03-16 23:54 . 2013-08-29 01:48 640512 ----a-w- c:\windows\system32\advapi32.dll
2014-03-16 23:54 . 2013-07-20 10:33 102608 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-03-16 23:54 . 2014-01-28 02:07 185344 ----a-w- c:\windows\system32\wwansvc.dll
2014-03-16 23:54 . 2013-03-19 03:33 40960 ----a-w- c:\windows\system32\wwanprotdim.dll
2014-03-16 23:54 . 2013-04-26 04:55 492544 ----a-w- c:\windows\system32\win32spl.dll
2014-03-16 23:54 . 2013-06-06 03:01 295424 ----a-w- c:\windows\system32\atmfd.dll
2014-03-16 23:53 . 2013-06-06 04:52 26112 ----a-w- c:\windows\system32\lpk.dll
2014-03-16 23:53 . 2013-06-06 04:51 70656 ----a-w- c:\windows\system32\fontsub.dll
2014-03-16 23:53 . 2013-06-06 04:50 10240 ----a-w- c:\windows\system32\dciman32.dll
2014-03-16 23:53 . 2013-06-06 03:01 34304 ----a-w- c:\windows\system32\atmlib.dll
2014-03-16 23:53 . 2011-02-25 05:30 2616320 ----a-w- c:\windows\explorer.exe
2014-03-16 20:19 . 2013-03-17 17:21 3649536 ----a-w- c:\windows\system32\x264vfw.dll
2014-03-16 20:19 . 2011-12-07 18:32 216064 ----a-w- c:\windows\system32\lagarith.dll
2014-03-16 20:19 . 2011-06-24 15:44 243200 ----a-w- c:\windows\system32\xvidvfw.dll
2014-03-16 20:19 . 2011-06-24 15:28 650752 ----a-w- c:\windows\system32\xvidcore.dll
2014-03-16 20:19 . 2012-07-21 11:54 122880 ----a-w- c:\windows\system32\ac3acm.acm
2014-03-16 20:19 . 2014-02-06 18:00 112640 ----a-w- c:\windows\system32\ff_vfw.dll
2014-03-16 20:19 . 2014-03-16 20:19 -------- d-----w- c:\program files\K-Lite Codec Pack
2014-03-16 14:38 . 2014-03-16 14:38 -------- d-----w- c:\program files\Microsoft Silverlight
2014-03-16 10:49 . 2013-08-28 00:57 434688 ----a-w- c:\windows\system32\scavengeui.dll
2014-03-16 10:49 . 2013-05-13 03:08 903168 ----a-w- c:\windows\system32\certutil.exe
2014-03-16 10:49 . 2013-05-13 03:08 43008 ----a-w- c:\windows\system32\certenc.dll
2014-03-16 10:49 . 2012-10-03 16:42 52224 ----a-w- c:\windows\system32\nlaapi.dll
2014-03-16 10:49 . 2012-10-03 16:42 242176 ----a-w- c:\windows\system32\nlasvc.dll
2014-03-16 10:49 . 2012-10-03 16:42 175104 ----a-w- c:\windows\system32\netcorehc.dll
2014-03-16 10:49 . 2012-10-03 16:42 156672 ----a-w- c:\windows\system32\ncsi.dll
2014-03-16 10:49 . 2012-10-03 16:40 499712 ----a-w- c:\windows\system32\iphlpsvc.dll
2014-03-16 10:49 . 2012-10-03 15:21 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2014-03-16 10:49 . 2012-10-03 16:42 18944 ----a-w- c:\windows\system32\netevent.dll
2014-03-16 00:36 . 2014-03-23 15:33 -------- d-----w- c:\programdata\Razer
2014-03-16 00:12 . 2014-03-16 00:12 -------- d-----w- c:\program files\Smart PC Utilities
2014-03-15 23:01 . 2014-03-15 23:01 -------- d-sh--w- c:\programdata\SecuROM
2014-03-15 11:35 . 2014-03-15 11:35 -------- d-----w- c:\programdata\Ubisoft
2014-03-14 21:31 . 2014-02-07 01:07 2349056 ----a-w- c:\windows\system32\win32k.sys
2014-03-14 21:29 . 2013-04-25 23:30 1505280 ----a-w- c:\windows\system32\d3d11.dll
2014-03-14 21:29 . 2013-07-25 08:57 1620992 ----a-w- c:\windows\system32\WMVDECOD.DLL
2014-03-14 10:49 . 2014-03-14 10:49 -------- d-----w- c:\windows\system32\Adobe
2014-03-13 20:10 . 2013-10-04 01:49 81408 ----a-w- c:\windows\system32\drivers\drmk.sys
2014-03-13 20:10 . 2013-10-04 01:17 177152 ----a-w- c:\windows\system32\drivers\portcls.sys
2014-03-13 20:08 . 2013-10-12 02:03 656896 ----a-w- c:\windows\system32\nshwfp.dll
2014-03-13 20:08 . 2013-10-12 02:01 679424 ----a-w- c:\windows\system32\IKEEXT.DLL
2014-03-13 20:08 . 2013-10-12 02:01 216576 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2014-03-12 23:39 . 2013-12-01 13:10 218200 ----a-w- c:\windows\system32\unrar.dll
2014-03-12 20:57 . 2012-10-09 17:40 193536 ----a-w- c:\windows\system32\dhcpcore6.dll
2014-03-12 20:55 . 2013-11-27 01:14 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-21 15:42 . 2014-03-21 15:42 208384 ----a-w- c:\windows\system32\webcheck.dll
2014-03-10 08:04 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"ATICustomerCare"="c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-05-04 311296]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 948440]
"mncpagsSrv"="c:\windows\inf\mncpags.vbe" [2014-01-19 1342]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-04-29 642304]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2014-03-09 280576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2014-02-25 21:57 1821888 ----a-w- c:\program files\Steam\Steam.exe
.
R2 MBAMService;MBAMService;c:\program files\Malwarebytes Anti-Malware\mbamservice.exe [2014-03-05 857912]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-03-01 108032]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-09-27 104768]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [2013-10-23 280288]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2014-03-07 1343400]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2014-03-17 243128]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2013-04-30 217088]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2012-05-14 86656]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2014-03-05 23256]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-05-22 167936]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-03-17 20:32 1150280 ----a-w- c:\program files\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-03-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-03-17 20:30]
.
2014-03-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-03-17 20:30]
.
.
------- Doplňkový sken -------
.
TCP: DhcpNameServer = 192.168.1.1 10.0.0.138
FF - ProfilePath - c:\users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\4ni55833.default\
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3321851790-3634758337-735559634-1000\Software\SecuROM\License information*]
"datasecu"=hex:fb,fd,0f,08,3a,29,01,38,79,21,0a,b8,49,82,52,ab,41,15,4c,d4,24,
e9,d6,5d,e2,0a,ee,05,a3,c0,96,49,cc,2f,be,e2,35,4a,e6,68,d1,7b,12,d3,36,1f,\
"rkeysecu"=hex:6c,8d,1b,13,f7,d4,cf,9d,a4,27,0b,87,4b,4c,8e,66
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-03-30 20:54:24
ComboFix-quarantined-files.txt 2014-03-30 18:54
.
Před spuštěním: Volných bajtů: 34 133 622 784
Po spuštění: Volných bajtů: 34 032 881 664
.
- - End Of File - - 9E78D38C5353F059B7055378DD9165EB
A36C5E4F47E84449FF07ED3517B43A31
Časové pásmo: UTC+02:00
Stránka 1 z 2
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/