PC-HELP.CZ

Dobrý den, prosím o kontrolu logu, počítač běží čím dál tím pomaleji. Děkuji.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:03:27, on 30. 6. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16921)
Boot mode: Normal

Running processes:
C:\Users\Milan\AppData\Roaming\BitTorrent\BitTorrent.exe
C:\Users\Milan\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Users\Milan\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE15\CSISYN~1.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Microsoft Office\Office15\OUTLOOK.EXE
C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\PS3 Media Server\pms.exe
C:\Program Files (x86)\PS3 Media Server\pms.exe
C:\Program Files (x86)\PS3 Media Server\pms.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Milan\Desktop\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
O4 - HKCU\..\Run: [BitTorrent] "C:\Users\Milan\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /EPT "EPLTarget\P0000000000000000" /M "Epson Stylus SX235"
O4 - HKCU\..\Run: [EPLTarget\P0000000000000001] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /EPT "EPLTarget\P0000000000000001" /M "Epson Stylus SX235"
O4 - HKCU\..\Run: [SkyDrive] "C:\Users\Milan\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
O4 - Startup: Dropbox.lnk = Milan\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Outlook 2013.lnk = ?
O4 - Startup: PerfectDisk 12.5.lnk = C:\Program Files\Raxco\PerfectDisk\PerfectDisk.exe
O4 - Global Startup: TMMonitor.lnk = C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Export do &Tahiti - C:\Program Files (x86)\LightComp eDoklady Skenováni\iehelper.html
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NPVR Recording Service - Unknown owner - C:\Program Files (x86)\NPVR\NRecord.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Stardock Start8 (Start8) - Stardock Software, Inc - C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11189 bytes

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.


Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode)
http://www.bleepingcomputer.com/download/adwcleaner/

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na b] Kopírovat do schránky [/b]a a vlož sem celý log.

- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).

Pokud budou problémy , spusť v nouz. režimu.

AdwClenaer:

# AdwCleaner v3.214 - Report created 30/06/2014 at 22:54:09
# Updated 29/06/2014 by Xplode
# Operating System : Windows 8 Pro N (64 bits)
# Username : Milan - MILAN3
# Running from : C:\Users\Milan\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\Ask.xml
File Found : C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Found : C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Found : C:\Users\Milan\AppData\Local\Temp\Uninstall.exe
File Found : C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\g1arxuzx.default\searchplugins\Ask.xml
File Found : C:\Windows\System32\roboot64.exe
File Found : C:\Windows\System32\Tasks\SMupdate1
Folder Found : C:\Program Files (x86)\ShopperPro
Folder Found : C:\Program Files\DCE
Folder Found : C:\ProgramData\RegClean
Folder Found : C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam
Folder Found : C:\Users\Milan\AppData\Roaming\OpenCandy

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Found : HKCU\Software\smarttweak
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Found : [x64] HKCU\Software\smarttweak
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\acaoakiamfeidcmgooclgeleejkbaecf
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Found : HKLM\Software\SafetyNut
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : [x64] HKLM\SOFTWARE\Goobzo

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16921


-\\ Mozilla Firefox v30.0 (cs)

[ File : C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\g1arxuzx.default\prefs.js ]


-\\ Google Chrome v35.0.1916.153

[ File : C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found [Startup_urls] : hxxp://search.babylon.com/?affID=111304 ... 6d57454adf
Found [Extension] : cigiagpbkapepgklncnajbakkpkopmam

*************************

AdwCleaner[R0].txt - [5896 octets] - [30/06/2014 22:54:09]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [5956 octets] ##########

Malwarebytes:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 30. 6. 2014
Scan Time: 23:11:08
Logfile:
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.06.30.09
Rootkit Database: v2014.06.30.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8
CPU: x64
File System: NTFS
User: Milan

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 279517
Time Elapsed: 18 min, 2 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 2
PUP.Optional.iWebar.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\iWebar, , [2a77a1dd136887aff92ead218a78b947],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2283341887-1235302589-3062213845-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, , [b9e815693f3cfe380e3f936afb0852ae],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 8
PUP.Optional.OpenCandy, C:\Users\Milan\AppData\Roaming\OpenCandy, , [9b0626584d2e63d332085e37c73bfb05],
PUP.Optional.OpenCandy, C:\Users\Milan\AppData\Roaming\OpenCandy\219C0570EDFA408EB43DFDDC373945B8, , [9b0626584d2e63d332085e37c73bfb05],
PUP.Optional.OpenCandy, C:\Users\Milan\AppData\Roaming\OpenCandy\5F9355ACDDF84B63962A17BC80B47BAE, , [9b0626584d2e63d332085e37c73bfb05],
PUP.Optional.OpenCandy, C:\Users\Milan\AppData\Roaming\OpenCandy\FC584E7C33F44DAB8FE249155A7A27AF, , [9b0626584d2e63d332085e37c73bfb05],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam, , [336ee797a8d345f15a841881c53d956b],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\0.1_0, , [336ee797a8d345f15a841881c53d956b],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dfohdbmjdkfijghgklbickfnaepghgba, , [841dc0be7407ef4757c8f4a90af8926e],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cigiagpbkapepgklncnajbakkpkopmam, , [f1b09ee01467fd39a08a9e00ee142fd1],

Files: 37
PUP.Optional.OpenCandy, C:\Users\Milan\AppData\Roaming\GRETECH\GomPlayer\GrLauncherTempSetup.exe, , [7c25d9a55229082e7cf76d44e222de22],
PUP.Optional.Somoto, C:\Users\Milan\AppData\Local\Temp\nseB3EA.tmp, , [6e334f2f6318a4929155d73ff311ce32],
Riskware.BitcoinMiner, C:\Users\Milan\AppData\Local\Temp\setup1.exe, , [554c433b4932c76f026256f19d64a957],
PUP.Optional.Somoto, C:\Users\Milan\AppData\Local\Temp\UpdateCheckerSetup.exe, , [237ea8d6eb90ec4a000838efaa566a96],
PUP.Optional.ScramblePacker.A, C:\Users\Milan\AppData\Local\Temp\Install_30697\iwebar.exe, , [5f4278066d0ec86e3f42a8d9f011867a],
PUP.Optional.ScramblePacker.A, C:\Users\Milan\AppData\Local\Temp\Install_30697\sense.exe, , [861bc3bb1764290d0e73156cbc450bf5],
PUP.Optional.ScramblePacker.A, C:\Users\Milan\AppData\Local\Installer\Install_21266\sense.exe, , [3c65136be19aef47a9d8453c956c7789],
PUP.Optional.Superfish.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, , [6041b0cea6d5cd6904552397de24bf41],
PUP.Optional.Superfish.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, , [c2df9ae48bf051e542175b5f0ff329d7],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cigiagpbkapepgklncnajbakkpkopmam_0.localstorage, , [6e33acd2abd02610f635784ac33fc739],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cigiagpbkapepgklncnajbakkpkopmam_0.localstorage-journal, , [940dceb0a0dbe650062512b09e64f907],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dfohdbmjdkfijghgklbickfnaepghgba_0.localstorage, , [e9b894ea1566b97d52ea2e96936f4ab6],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dfohdbmjdkfijghgklbickfnaepghgba_0.localstorage-journal, , [0f92d0aeafcce84eee4ef1d339c90000],
PUP.Optional.OpenCandy, C:\Users\Milan\AppData\Roaming\OpenCandy\219C0570EDFA408EB43DFDDC373945B8\avg_tuht_stf_cs_2014_206_CZ.exe, , [9b0626584d2e63d332085e37c73bfb05],
PUP.Optional.OpenCandy, C:\Users\Milan\AppData\Roaming\OpenCandy\5F9355ACDDF84B63962A17BC80B47BAE\avg_tuht_stf_cs_2014_206_CZ.exe, , [9b0626584d2e63d332085e37c73bfb05],
PUP.Optional.OpenCandy, C:\Users\Milan\AppData\Roaming\OpenCandy\FC584E7C33F44DAB8FE249155A7A27AF\avg_tuht_stf_cs_2014_206_CZ.exe, , [9b0626584d2e63d332085e37c73bfb05],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\0.1_0\background.js, , [336ee797a8d345f15a841881c53d956b],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\0.1_0\bookmarklet.js, , [336ee797a8d345f15a841881c53d956b],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\0.1_0\icon-128.png, , [336ee797a8d345f15a841881c53d956b],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\0.1_0\icon-16.png, , [336ee797a8d345f15a841881c53d956b],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\0.1_0\icon-48.png, , [336ee797a8d345f15a841881c53d956b],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\0.1_0\manifest.json, , [336ee797a8d345f15a841881c53d956b],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dfohdbmjdkfijghgklbickfnaepghgba\000005.ldb, , [841dc0be7407ef4757c8f4a90af8926e],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dfohdbmjdkfijghgklbickfnaepghgba\000012.log, , [841dc0be7407ef4757c8f4a90af8926e],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dfohdbmjdkfijghgklbickfnaepghgba\CURRENT, , [841dc0be7407ef4757c8f4a90af8926e],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dfohdbmjdkfijghgklbickfnaepghgba\LOCK, , [841dc0be7407ef4757c8f4a90af8926e],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dfohdbmjdkfijghgklbickfnaepghgba\LOG, , [841dc0be7407ef4757c8f4a90af8926e],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dfohdbmjdkfijghgklbickfnaepghgba\LOG.old, , [841dc0be7407ef4757c8f4a90af8926e],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dfohdbmjdkfijghgklbickfnaepghgba\MANIFEST-000010, , [841dc0be7407ef4757c8f4a90af8926e],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cigiagpbkapepgklncnajbakkpkopmam\000005.ldb, , [f1b09ee01467fd39a08a9e00ee142fd1],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cigiagpbkapepgklncnajbakkpkopmam\000015.log, , [f1b09ee01467fd39a08a9e00ee142fd1],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cigiagpbkapepgklncnajbakkpkopmam\CURRENT, , [f1b09ee01467fd39a08a9e00ee142fd1],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cigiagpbkapepgklncnajbakkpkopmam\LOCK, , [f1b09ee01467fd39a08a9e00ee142fd1],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cigiagpbkapepgklncnajbakkpkopmam\LOG, , [f1b09ee01467fd39a08a9e00ee142fd1],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cigiagpbkapepgklncnajbakkpkopmam\LOG.old, , [f1b09ee01467fd39a08a9e00ee142fd1],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cigiagpbkapepgklncnajbakkpkopmam\MANIFEST-000013, , [f1b09ee01467fd39a08a9e00ee142fd1],
PUP.Optional.Babylon.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "startup_urls": [ "http://search.babylon.com/?affID=111304&tt=4512_6&babsrc=HP_ss&mntrId=3eb0141c000000000000426d57454adf", "http://mysearch.avg.com?cid={05DDF639-BCB1-4DAD-8794-EB21106516CA}&mid=d3d26bcca6d147d290aa0d47e705e2b6-9b664f897b8b5b54efece9fed45319ad3f9f2065&lang=en&ds=es011&coid=avgtbdises&cmpid=&pr=sa&d=2014-01-05 11:51:23&v=17.2.0.38&pid=safeguard&sg=&sap=hp" ],), ,[11904e30aecd6ccabc801d9fac58a15f]

Physical Sectors: 0
(No malicious items detected)


(end)

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean“

Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

. spusť znovu MbAM a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.

Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

Adw:

# AdwCleaner v3.214 - Report created 01/07/2014 at 21:27:21
# Updated 29/06/2014 by Xplode
# Operating System : Windows 8 Pro N (64 bits)
# Username : Milan - MILAN3
# Running from : C:\Users\Milan\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\RegClean
Folder Deleted : C:\Program Files (x86)\ShopperPro
Folder Deleted : C:\Program Files\DCE
Folder Deleted : C:\Users\Milan\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Milan\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\g1arxuzx.default\searchplugins\Ask.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\Ask.xml
File Deleted : C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Windows\System32\Tasks\SMupdate1

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\acaoakiamfeidcmgooclgeleejkbaecf
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKCU\Software\smarttweak
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKLM\Software\SafetyNut
Key Deleted : [x64] HKLM\SOFTWARE\Goobzo
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16921


-\\ Mozilla Firefox v30.0 (cs)

[ File : C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\g1arxuzx.default\prefs.js ]


-\\ Google Chrome v35.0.1916.153

[ File : C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Startup_urls] : hxxp://search.babylon.com/?affID=111304 ... 6d57454adf
Deleted [Extension] : cigiagpbkapepgklncnajbakkpkopmam

*************************

AdwCleaner[R0].txt - [6056 octets] - [30/06/2014 22:54:09]
AdwCleaner[R1].txt - [6116 octets] - [01/07/2014 21:24:32]
AdwCleaner[S0].txt - [5535 octets] - [01/07/2014 21:27:21]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5595 octets] ##########

Junkware:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8 Pro N x64
Ran by Milan on Łt 01. 07. 2014 at 21:37:47,04
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Milan\AppData\Roaming\mozilla\firefox\profiles\g1arxuzx.default\minidumps [13 files]



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Łt 01. 07. 2014 at 21:47:54,69
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

MbAM:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 1. 7. 2014
Scan Time: 21:56:49
Logfile: mb.log
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.07.01.07
Rootkit Database: v2014.07.01.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8
CPU: x64
File System: NTFS
User: Milan

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 280282
Time Elapsed: 19 min, 56 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 1
PUP.Optional.iWebar.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\iWebar, Quarantined, [0853c8d2adce7cbaf6bce0ef946e48b8],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 4
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam, Quarantined, [46155941710a2313ffcdc7d31ce6748c],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\0.1_0, Quarantined, [46155941710a2313ffcdc7d31ce6748c],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dfohdbmjdkfijghgklbickfnaepghgba, Quarantined, [1843cecccab157df41ccfba36d959967],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cigiagpbkapepgklncnajbakkpkopmam, Quarantined, [80dbc4d64e2d56e05eba6a359072fe02],

Files: 32
PUP.Optional.OpenCandy, C:\Users\Milan\AppData\Roaming\GRETECH\GomPlayer\GrLauncherTempSetup.exe, Quarantined, [6bf0dac0e4975bdb7cdf347f16eeb54b],
PUP.Optional.Somoto, C:\Users\Milan\AppData\Local\Temp\nseB3EA.tmp, Quarantined, [acaf2e6c4a31e74f6929a474f70dd32d],
Riskware.BitcoinMiner, C:\Users\Milan\AppData\Local\Temp\setup1.exe, Quarantined, [a2b92e6ca1daf34304919ea9e021cd33],
PUP.Optional.Somoto, C:\Users\Milan\AppData\Local\Temp\UpdateCheckerSetup.exe, Quarantined, [66f563378dee3bfb7f89cc5b0ff1639d],
PUP.Optional.ScramblePacker.A, C:\Users\Milan\AppData\Local\Temp\Install_30697\iwebar.exe, Quarantined, [5506d1c9710a9f97773d01803cc5a65a],
PUP.Optional.ScramblePacker.A, C:\Users\Milan\AppData\Local\Temp\Install_30697\sense.exe, Quarantined, [ca9196042e4d86b010a41d647c85659b],
PUP.Optional.ScramblePacker.A, C:\Users\Milan\AppData\Local\Installer\Install_21266\sense.exe, Quarantined, [5209f5a55c1f78bee1d3b1d06e93916f],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cigiagpbkapepgklncnajbakkpkopmam_0.localstorage, Quarantined, [86d5cad03744171f5e59fcc746bca759],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cigiagpbkapepgklncnajbakkpkopmam_0.localstorage-journal, Quarantined, [78e36a3082f9d462a611dce711f160a0],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dfohdbmjdkfijghgklbickfnaepghgba_0.localstorage, Quarantined, [5dfe7525c8b37bbb4385efd662a06997],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dfohdbmjdkfijghgklbickfnaepghgba_0.localstorage-journal, Quarantined, [e4772674512ad95d12b6ebda27db31cf],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\0.1_0\background.js, Quarantined, [46155941710a2313ffcdc7d31ce6748c],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\0.1_0\bookmarklet.js, Quarantined, [46155941710a2313ffcdc7d31ce6748c],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\0.1_0\icon-128.png, Quarantined, [46155941710a2313ffcdc7d31ce6748c],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\0.1_0\icon-16.png, Quarantined, [46155941710a2313ffcdc7d31ce6748c],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\0.1_0\icon-48.png, Quarantined, [46155941710a2313ffcdc7d31ce6748c],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\0.1_0\manifest.json, Quarantined, [46155941710a2313ffcdc7d31ce6748c],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dfohdbmjdkfijghgklbickfnaepghgba\000005.ldb, Quarantined, [1843cecccab157df41ccfba36d959967],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dfohdbmjdkfijghgklbickfnaepghgba\000012.log, Quarantined, [1843cecccab157df41ccfba36d959967],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dfohdbmjdkfijghgklbickfnaepghgba\CURRENT, Quarantined, [1843cecccab157df41ccfba36d959967],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dfohdbmjdkfijghgklbickfnaepghgba\LOCK, Quarantined, [1843cecccab157df41ccfba36d959967],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dfohdbmjdkfijghgklbickfnaepghgba\LOG, Quarantined, [1843cecccab157df41ccfba36d959967],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dfohdbmjdkfijghgklbickfnaepghgba\LOG.old, Quarantined, [1843cecccab157df41ccfba36d959967],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dfohdbmjdkfijghgklbickfnaepghgba\MANIFEST-000010, Quarantined, [1843cecccab157df41ccfba36d959967],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cigiagpbkapepgklncnajbakkpkopmam\000005.ldb, Quarantined, [80dbc4d64e2d56e05eba6a359072fe02],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cigiagpbkapepgklncnajbakkpkopmam\000015.log, Quarantined, [80dbc4d64e2d56e05eba6a359072fe02],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cigiagpbkapepgklncnajbakkpkopmam\CURRENT, Quarantined, [80dbc4d64e2d56e05eba6a359072fe02],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cigiagpbkapepgklncnajbakkpkopmam\LOCK, Quarantined, [80dbc4d64e2d56e05eba6a359072fe02],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cigiagpbkapepgklncnajbakkpkopmam\LOG, Quarantined, [80dbc4d64e2d56e05eba6a359072fe02],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cigiagpbkapepgklncnajbakkpkopmam\LOG.old, Quarantined, [80dbc4d64e2d56e05eba6a359072fe02],
PUP.Optional.CrossRider.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cigiagpbkapepgklncnajbakkpkopmam\MANIFEST-000013, Quarantined, [80dbc4d64e2d56e05eba6a359072fe02],
PUP.Optional.Babylon.A, C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "startup_urls": [ "http://search.babylon.com/?affID=111304&tt=4512_6&babsrc=HP_ss&mntrId=3eb0141c000000000000426d57454adf", "http://mysearch.avg.com?cid={05DDF639-BCB1-4DAD-8794-EB21106516CA}&mid=d3d26bcca6d147d290aa0d47e705e2b6-9b664f897b8b5b54efece9fed45319ad3f9f2065&lang=en&ds=es011&coid=avgtbdises&cmpid=&pr=sa&d=2014-01-05 11:51:23&v=17.2.0.38&pid=safeguard&sg=&sap=hp" ],), Replaced,[c8937b1fee8d082e2709a61835cfa957]

Physical Sectors: 0
(No malicious items detected)


(end)

RogueKiller:

RogueKiller V9.1.0.0 (x64) [Jun 23 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 8 (6.2.9200 ) 64 bits version
Spuštěno v : Normální režim
Uživatel : Milan [Práva správce]
Mód : Kontrola -- Datum : 07/01/2014 22:34:04

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 8 ¤¤¤
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-2283341887-1235302589-3062213845-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> NALEZENO
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-2283341887-1235302589-3062213845-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> NALEZENO
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-2283341887-1235302589-3062213845-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> NALEZENO
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-2283341887-1235302589-3062213845-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> NALEZENO
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NALEZENO
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NALEZENO
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NALEZENO
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NALEZENO

¤¤¤ naplánované úlohy : 3 ¤¤¤
[Suspicious.Path] \\{91E5AE74-F91C-4AB6-B683-41AC352852BA} -- C:\Windows\system32\pcalua.exe (-a C:\Users\Milan\Desktop\Windows-Media-Player-11-For-X64_11_64-bit.exe -d C:\Users\Milan\Desktop) -> NALEZENO
[Suspicious.Path] \\{C7076373-00D5-4CB2-AD69-E6DF814C2AD9} -- C:\Windows\system32\pcalua.exe (-a C:\Users\Milan\Desktop\wmp11-windowsxp-x86-CS-CZ.exe -d C:\Users\Milan\Desktop) -> NALEZENO
[Suspicious.Path] \\{F075EAA5-0E4B-45F9-A54B-B86E45FA9B90} -- C:\Windows\system32\pcalua.exe (-a C:\Users\Milan\Desktop\coreaacSetup.exe -d C:\Users\Milan\Desktop) -> NALEZENO

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 64 ¤¤¤
[EAT:Addr] (explorer.exe) CSCDLL.dll - BatMeterIconAnimationReset : C:\Windows\system32\BatMeter.dll @ 0x7fb7a544554
[EAT:Addr] (explorer.exe) CSCDLL.dll - BatMeterIconThemeReset : C:\Windows\system32\BatMeter.dll @ 0x7fb7a5446ec
[EAT:Addr] (explorer.exe) CSCDLL.dll - BatMeterOnDeviceChange : C:\Windows\system32\BatMeter.dll @ 0x7fb7a544134
[EAT:Addr] (explorer.exe) CSCDLL.dll - CleanupBatteryData : C:\Windows\system32\BatMeter.dll @ 0x7fb7a541884
[EAT:Addr] (explorer.exe) CSCDLL.dll - CreateBatteryData : C:\Windows\system32\BatMeter.dll @ 0x7fb7a542b98
[EAT:Addr] (explorer.exe) CSCDLL.dll - GetBatMeterIconAnimationState : C:\Windows\system32\BatMeter.dll @ 0x7fb7a5441f0
[EAT:Addr] (explorer.exe) CSCDLL.dll - GetBatMeterIconAnimationTimeDelay : C:\Windows\system32\BatMeter.dll @ 0x7fb7a544370
[EAT:Addr] (explorer.exe) CSCDLL.dll - GetBatMeterIconAnimationUpdate : C:\Windows\system32\BatMeter.dll @ 0x7fb7a544494
[EAT:Addr] (explorer.exe) CSCDLL.dll - GetBatteryCapacityInfo : C:\Windows\system32\BatMeter.dll @ 0x7fb7a543f18
[EAT:Addr] (explorer.exe) CSCDLL.dll - GetBatteryDetails : C:\Windows\system32\BatMeter.dll @ 0x7fb7a545ad0
[EAT:Addr] (explorer.exe) CSCDLL.dll - GetBatteryImmersiveIcon : C:\Windows\system32\BatMeter.dll @ 0x7fb7a542060
[EAT:Addr] (explorer.exe) CSCDLL.dll - GetBatteryInfo : C:\Windows\system32\BatMeter.dll @ 0x7fb7a545100
[EAT:Addr] (explorer.exe) CSCDLL.dll - GetBatteryStatusText : C:\Windows\system32\BatMeter.dll @ 0x7fb7a545190
[EAT:Addr] (explorer.exe) CSCDLL.dll - GetBatteryWorkingState : C:\Windows\system32\BatMeter.dll @ 0x7fb7a5419c0
[EAT:Addr] (explorer.exe) CSCDLL.dll - IsBatteryBad : C:\Windows\system32\BatMeter.dll @ 0x7fb7a543f0c
[EAT:Addr] (explorer.exe) CSCDLL.dll - IsBatteryHealthWarningEnabled : C:\Windows\system32\BatMeter.dll @ 0x7fb7a543f00
[EAT:Addr] (explorer.exe) CSCDLL.dll - IsBatteryLevelCritical : C:\Windows\system32\BatMeter.dll @ 0x7fb7a543ec4
[EAT:Addr] (explorer.exe) CSCDLL.dll - IsBatteryLevelLow : C:\Windows\system32\BatMeter.dll @ 0x7fb7a543ed8
[EAT:Addr] (explorer.exe) CSCDLL.dll - IsBatteryLevelReserve : C:\Windows\system32\BatMeter.dll @ 0x7fb7a543eec
[EAT:Addr] (explorer.exe) CSCDLL.dll - PowerCapabilities : C:\Windows\system32\BatMeter.dll @ 0x7fb7a541560
[EAT:Addr] (explorer.exe) CSCDLL.dll - QueryBatteryData : C:\Windows\system32\BatMeter.dll @ 0x7fb7a542c44
[EAT:Addr] (explorer.exe) CSCDLL.dll - SetBatteryHealthWarningState : C:\Windows\system32\BatMeter.dll @ 0x7fb7a543f00
[EAT:Addr] (explorer.exe) CSCDLL.dll - SetBatteryLevel : C:\Windows\system32\BatMeter.dll @ 0x7fb7a5427a0
[EAT:Addr] (explorer.exe) CSCDLL.dll - SetBatteryWorkingState : C:\Windows\system32\BatMeter.dll @ 0x7fb7a541048
[EAT:Addr] (explorer.exe) CSCDLL.dll - SubscribeBatteryUpdateNotification : C:\Windows\system32\BatMeter.dll @ 0x7fb7a541fb8
[EAT:Addr] (explorer.exe) CSCDLL.dll - UnsubscribeBatteryUpdateNotification : C:\Windows\system32\BatMeter.dll @ 0x7fb7a541980
[EAT:Addr] (explorer.exe) CSCDLL.dll - UpdateBatteryData : C:\Windows\system32\BatMeter.dll @ 0x7fb7a5450c4
[EAT:Addr] (explorer.exe) CSCDLL.dll - UpdateBatteryDataAsync : C:\Windows\system32\BatMeter.dll @ 0x7fb7a541b60
[EAT:Addr] (explorer.exe) twext.dll - BiChangeApplicationStateForPackageName : C:\Windows\System32\twinapi.dll @ 0x7fb77b4ab80
[EAT:Addr] (explorer.exe) twext.dll - BiChangeSessionState : C:\Windows\System32\twinapi.dll @ 0x7fb77b653d8
[EAT:Addr] (explorer.exe) twext.dll - BiNotifyNewSession : C:\Windows\System32\twinapi.dll @ 0x7fb77b66f0c
[EAT:Addr] (explorer.exe) twext.dll - BiPtActivateWorkItem : C:\Windows\System32\twinapi.dll @ 0x7fb77bbbce0
[EAT:Addr] (explorer.exe) twext.dll - BiPtAssociateActivationProxy : C:\Windows\System32\twinapi.dll @ 0x7fb77b6a7ec
[EAT:Addr] (explorer.exe) twext.dll - BiPtAssociateApplicationExtensionClass : C:\Windows\System32\twinapi.dll @ 0x7fb77bbbbd0
[EAT:Addr] (explorer.exe) twext.dll - BiPtCreateEventForPackageName : C:\Windows\System32\twinapi.dll @ 0x7fb77bbbac0
[EAT:Addr] (explorer.exe) twext.dll - BiPtDeleteEvent : C:\Windows\System32\twinapi.dll @ 0x7fb77bbba50
[EAT:Addr] (explorer.exe) twext.dll - BiPtDisassociateWorkItem : C:\Windows\System32\twinapi.dll @ 0x7fb77bbb9b0
[EAT:Addr] (explorer.exe) twext.dll - BiPtEnumerateBrokeredEvents : C:\Windows\System32\twinapi.dll @ 0x7fb77b66a70
[EAT:Addr] (explorer.exe) twext.dll - BiPtEnumerateWorkItemsForPackageName : C:\Windows\System32\twinapi.dll @ 0x7fb77bbb8c0
[EAT:Addr] (explorer.exe) twext.dll - BiPtFreeMemory : C:\Windows\System32\twinapi.dll @ 0x7fb77b45fe0
[EAT:Addr] (explorer.exe) twext.dll - BiPtQueryBrokeredEvent : C:\Windows\System32\twinapi.dll @ 0x7fb77b45df0
[EAT:Addr] (explorer.exe) twext.dll - BiPtQuerySystemStateBroadcastChannels : C:\Windows\System32\twinapi.dll @ 0x7fb77b66a0c
[EAT:Addr] (explorer.exe) twext.dll - BiPtQueryWorkItem : C:\Windows\System32\twinapi.dll @ 0x7fb77bbb804
[EAT:Addr] (explorer.exe) twext.dll - BiPtSignalEvent : C:\Windows\System32\twinapi.dll @ 0x7fb77bbb738
[EAT:Addr] (explorer.exe) twext.dll - BiPtSignalMultipleEvents : C:\Windows\System32\twinapi.dll @ 0x7fb77bbb660
[EAT:Addr] (explorer.exe) twext.dll - BiResetActiveSessionForPackage : C:\Windows\System32\twinapi.dll @ 0x7fb77bbb57c
[EAT:Addr] (explorer.exe) twext.dll - BiSetActiveSessionForPackage : C:\Windows\System32\twinapi.dll @ 0x7fb77bbb4e0
[EAT:Addr] (explorer.exe) twext.dll - BiUpdateLockScreenApplications : C:\Windows\System32\twinapi.dll @ 0x7fb77bbb430
[EAT:Addr] (explorer.exe) twext.dll - DllCanUnloadNow : C:\Windows\System32\twinapi.dll @ 0x7fb77b41340
[EAT:Addr] (explorer.exe) twext.dll - DllGetActivationFactory : C:\Windows\System32\twinapi.dll @ 0x7fb77b42f60
[EAT:Addr] (explorer.exe) twext.dll - DllGetClassObject : C:\Windows\System32\twinapi.dll @ 0x7fb77b42110
[EAT:Addr] (explorer.exe) twext.dll - PsmBlockAppStateChangeCompletion : C:\Windows\System32\twinapi.dll @ 0x7fb77bbbdd4
[EAT:Addr] (explorer.exe) twext.dll - PsmIsProcessInApplication : C:\Windows\System32\twinapi.dll @ 0x7fb77b57d60
[EAT:Addr] (explorer.exe) twext.dll - PsmQueryApplicationInformation : C:\Windows\System32\twinapi.dll @ 0x7fb77b473f0
[EAT:Addr] (explorer.exe) twext.dll - PsmQueryApplicationList : C:\Windows\System32\twinapi.dll @ 0x7fb77b42770
[EAT:Addr] (explorer.exe) twext.dll - PsmQueryCurrentAppState : C:\Windows\System32\twinapi.dll @ 0x7fb77bbbd70
[EAT:Addr] (explorer.exe) twext.dll - PsmQueryProcessList : C:\Windows\System32\twinapi.dll @ 0x7fb77b424f0
[EAT:Addr] (explorer.exe) twext.dll - PsmRegisterAppStateChangeNotification : C:\Windows\System32\twinapi.dll @ 0x7fb77b4cf00
[EAT:Addr] (explorer.exe) twext.dll - PsmRegisterApplicationNotification : C:\Windows\System32\twinapi.dll @ 0x7fb77b471e0
[EAT:Addr] (explorer.exe) twext.dll - PsmSetApplicationState : C:\Windows\System32\twinapi.dll @ 0x7fb77b4a870
[EAT:Addr] (explorer.exe) twext.dll - PsmShutdownApplication : C:\Windows\System32\twinapi.dll @ 0x7fb77bbbec0
[EAT:Addr] (explorer.exe) twext.dll - PsmUnblockAppStateChangeCompletion : C:\Windows\System32\twinapi.dll @ 0x7fb77bbbe0c
[EAT:Addr] (explorer.exe) twext.dll - PsmUnregisterAppStateChangeNotification : C:\Windows\System32\twinapi.dll @ 0x7fb77b50a68
[EAT:Addr] (explorer.exe) twext.dll - PsmWaitForAppResume : C:\Windows\System32\twinapi.dll @ 0x7fb77bbbe5c

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST9500325AS +++++
--- User ---
[MBR] de5c97a3bbbba8d9f4d4a0c81dfe66d2
[BSP] 56a869d5861d7d68e5497d7a7af532d1 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 200 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 411648 | Size: 431938 MB
2 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 885020672 | Size: 29692 MB
3 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 945829888 | Size: 15109 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: Generic- Multi-Card USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva" a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

====================================================

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Pokud se log nevejde do jedné zprávy, rozděl jej na více částí.

RogueKiller V9.1.0.0 (x64) [Jun 23 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 8 (6.2.9200 ) 64 bits version
Spuštěno v : Normální režim
Uživatel : Milan [Práva správce]
Mód : Odebrat -- Datum : 07/02/2014 20:08:51

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 8 ¤¤¤
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-2283341887-1235302589-3062213845-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> VYMAZÁNO
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-2283341887-1235302589-3062213845-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> VYMAZÁNO
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-2283341887-1235302589-3062213845-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> ERROR [2]
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-2283341887-1235302589-3062213845-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> ERROR [2]
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NAHRAZENO (0)
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NAHRAZENO (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NAHRAZENO (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 3 ¤¤¤
[Suspicious.Path] \\{91E5AE74-F91C-4AB6-B683-41AC352852BA} -- C:\Windows\system32\pcalua.exe (-a C:\Users\Milan\Desktop\Windows-Media-Player-11-For-X64_11_64-bit.exe -d C:\Users\Milan\Desktop) -> VYMAZÁNO
[Suspicious.Path] \\{C7076373-00D5-4CB2-AD69-E6DF814C2AD9} -- C:\Windows\system32\pcalua.exe (-a C:\Users\Milan\Desktop\wmp11-windowsxp-x86-CS-CZ.exe -d C:\Users\Milan\Desktop) -> VYMAZÁNO
[Suspicious.Path] \\{F075EAA5-0E4B-45F9-A54B-B86E45FA9B90} -- C:\Windows\system32\pcalua.exe (-a C:\Users\Milan\Desktop\coreaacSetup.exe -d C:\Users\Milan\Desktop) -> VYMAZÁNO

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 4 ¤¤¤
[EAT:Addr] (explorer.exe) shpafact.dll - DllCanUnloadNow : C:\Windows\System32\qmgrprxy.dll @ 0x7f86e577ab0
[EAT:Addr] (explorer.exe) shpafact.dll - DllGetClassObject : C:\Windows\System32\qmgrprxy.dll @ 0x7f86e577a68
[EAT:Addr] (explorer.exe) shpafact.dll - DllRegisterServer : C:\Windows\System32\qmgrprxy.dll @ 0x7f86e577b00
[EAT:Addr] (explorer.exe) shpafact.dll - DllUnregisterServer : C:\Windows\System32\qmgrprxy.dll @ 0x7f86e577b34

¤¤¤ Webové prohlížeče : 3 ¤¤¤
[FIREFX:Addon] g1arxuzx.default : avast! Online Security [wrc@avast.com] -> VYMAZÁNO
[CHROME:Addon] Default : Google Docs [aohghmighlieiainnegkcijnfilokake] -> VYMAZÁNO
[CHROME:Addon] Default : Adblock Plus [cfhdojbkjhnklbpkdaibdccddilifddb] -> ERROR [2]

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST9500325AS +++++
--- User ---
[MBR] de5c97a3bbbba8d9f4d4a0c81dfe66d2
[BSP] 56a869d5861d7d68e5497d7a7af532d1 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 200 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 411648 | Size: 431938 MB
2 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 885020672 | Size: 29692 MB
3 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 945829888 | Size: 15109 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: Generic- Multi-Card USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )


============================================
RKreport_SCN_07012014_223404.log - RKreport_SCN_07022014_200659.log


20:16:18.0959 0x0810 TDSS rootkit removing tool 3.0.0.39 Jun 5 2014 20:35:54
20:16:22.0397 0x0810 ============================================================
20:16:22.0397 0x0810 Current date / time: 2014/07/02 20:16:22.0397
20:16:22.0397 0x0810 SystemInfo:
20:16:22.0397 0x0810
20:16:22.0397 0x0810 OS Version: 6.2.9200 ServicePack: 0.0
20:16:22.0397 0x0810 Product type: Workstation
20:16:22.0397 0x0810 ComputerName: MILAN3
20:16:22.0397 0x0810 UserName: Milan
20:16:22.0397 0x0810 Windows directory: C:\Windows
20:16:22.0397 0x0810 System windows directory: C:\Windows
20:16:22.0397 0x0810 Running under WOW64
20:16:22.0397 0x0810 Processor architecture: Intel x64
20:16:22.0397 0x0810 Number of processors: 4
20:16:22.0397 0x0810 Page size: 0x1000
20:16:22.0397 0x0810 Boot type: Normal boot
20:16:22.0397 0x0810 ============================================================
20:16:23.0710 0x0810 KLMD registered as C:\Windows\system32\drivers\50454935.sys
20:16:24.0210 0x0810 System UUID: {16E0C345-9DAF-7E10-58AF-1085665BFAE3}
20:16:24.0866 0x0810 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:16:24.0897 0x0810 ============================================================
20:16:24.0897 0x0810 \Device\Harddisk0\DR0:
20:16:24.0897 0x0810 MBR partitions:
20:16:24.0897 0x0810 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
20:16:24.0897 0x0810 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x34BA1000
20:16:24.0913 0x0810 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x34C06000, BlocksNum 0x39FD800
20:16:24.0913 0x0810 ============================================================
20:16:24.0975 0x0810 C: <-> \Device\Harddisk0\DR0\Partition2
20:16:25.0022 0x0810 E: <-> \Device\Harddisk0\DR0\Partition3
20:16:25.0022 0x0810 ============================================================
20:16:25.0038 0x0810 Initialize success
20:16:25.0038 0x0810 ============================================================
20:16:28.0147 0x0df8 ============================================================
20:16:28.0147 0x0df8 Scan started
20:16:28.0147 0x0df8 Mode: Manual;
20:16:28.0147 0x0df8 ============================================================
20:16:28.0147 0x0df8 KSN ping started
20:16:29.0163 0x0df8 KSN ping finished: true
20:16:31.0351 0x0df8 ================ Scan system memory ========================
20:16:31.0351 0x0df8 System memory - ok
20:16:31.0351 0x0df8 ================ Scan services =============================
20:16:31.0522 0x0df8 [ E890C46E4754F0DF51BAFCC8D2E07498, E620D03030F3B65442E0A5CB8B59016A6E8DB3BCA52741977B8897B34438E902 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys
20:16:31.0538 0x0df8 1394ohci - ok
20:16:31.0569 0x0df8 [ 4F18D4C7EA14F11A7211F60D553C03DB, 09AB6D2D8E9B7B6D6A97708551C0E4B34538947A15EA2A69C11764D7BC0BB7F6 ] 3ware C:\Windows\system32\drivers\3ware.sys
20:16:31.0569 0x0df8 3ware - ok
20:16:31.0710 0x0df8 [ ADC420616C501B45D26C0FD3EF1E54E4, 29FC41D40A35AC5476E2A673CE5B12684E0CFA12A1AEBEEBE5883FBA5CA68B67 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
20:16:31.0710 0x0df8 ACDaemon - ok
20:16:31.0757 0x0df8 [ 975AABEB243B800C23626D6B652C5A9C, FB02336F26AF10BA2A0D1B97C33CB1D78BB90CA51EF008A613A0274779798FAD ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:16:31.0788 0x0df8 ACPI - ok
20:16:31.0804 0x0df8 [ DC968C37822117E576B933F34A2D130C, 4C94E00ADC242296D7CBBFC7346D5F9AE5FE1B0C616ECA3BDE10A7B34FD2040B ] acpiex C:\Windows\system32\Drivers\acpiex.sys
20:16:31.0804 0x0df8 acpiex - ok
20:16:31.0819 0x0df8 [ 0CA9F7C3A78227C21A0A7854E245CFB2, D54147C9C1EE2F0098B863B0852E027DB89D6FA67F6B7FD54F609D9715A11442 ] acpipagr C:\Windows\System32\drivers\acpipagr.sys
20:16:31.0819 0x0df8 acpipagr - ok
20:16:31.0851 0x0df8 [ 8EB8DA03B142D3DD1EB9ED8107A76C43, 24B9B24F9A5BDF3AAD13C4EE0638497D9CA4A100096C6EAE403E0215EA89C439 ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys
20:16:31.0851 0x0df8 AcpiPmi - ok
20:16:31.0866 0x0df8 [ CBCE725C5D86ABA7D2604E22951AA9B8, DE0440F0E943F057EBCD01DB4B1E12DBC241FBF03C42021306D322AB88FF8F21 ] acpitime C:\Windows\System32\drivers\acpitime.sys
20:16:31.0866 0x0df8 acpitime - ok
20:16:31.0898 0x0df8 [ DC201246A14CB3B274DF59FAF539AB07, D4DAED256E9EDD5ADD7384E9FD9F8DC2B1029543BC894367B582BA7119FABD94 ] ACPIVPC C:\Windows\System32\drivers\AcpiVpc.sys
20:16:31.0898 0x0df8 ACPIVPC - ok
20:16:31.0960 0x0df8 [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:16:31.0960 0x0df8 AdobeARMservice - ok
20:16:32.0116 0x0df8 [ 09E7C37DF4A911C8A9AA8BF88ACD10AA, E881E0BBDCED58F28E0BA8DC27372EDFFFF2C57EE31CD13A032FDC9F7C831B5A ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:16:32.0132 0x0df8 AdobeFlashPlayerUpdateSvc - ok
20:16:32.0194 0x0df8 [ 93C6388592B99925C1D1576E465BC80F, 4C48BE5471DA4788357D71E90DFEA20FE320C7AAE1F4C55AFBE2E46FEA5CF8FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:16:32.0210 0x0df8 adp94xx - ok
20:16:32.0257 0x0df8 [ D27763E0247292654E7F7D16444C7C72, 0314C713D31E2B34F215B52F804F014D876E6ED92DC656CC3E27920CCD36CF0E ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:16:32.0273 0x0df8 adpahci - ok
20:16:32.0304 0x0df8 [ 67B90070FF48F794AF19F9FCF0080D75, 5D0D352606D58D2CA0814F38EF7B1774C030BE44353DF5910CBFAAF4FDE64ED6 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:16:32.0304 0x0df8 adpu320 - ok
20:16:32.0366 0x0df8 [ 974AE60BF5B90E31412D93596C968E5B, 092B59C2B67C4618E7B1800615D1DF7199482F60D0D27BD91763F7F8D7FC883F ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:16:32.0366 0x0df8 AeLookupSvc - ok
20:16:32.0413 0x0df8 [ 6CCD1135320109D6B219F1A6E04AD9F6, B97D4DF46DF0EFC106BD3E248C70809F3F47DF3FD1CA039A0A3923E1FA05A969 ] Afc C:\Windows\syswow64\drivers\Afc.sys
20:16:32.0413 0x0df8 Afc - ok
20:16:32.0491 0x0df8 [ 7C0E0EDF18D6CC565D7BFBB451709FA5, 47C21CD9D87B5C1B5EB14F6166B5E3349B1A6F10501E63CCED8D52A9FE22765D ] AFD C:\Windows\system32\drivers\afd.sys
20:16:32.0507 0x0df8 AFD - ok
20:16:32.0554 0x0df8 [ 01590377A5AB19E792528C628A2A68F9, F3A4B6CA4E8D4436E44E36D7F7EEF3DC861D1EE50D41F4273226C4ED95674B84 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:16:32.0554 0x0df8 agp440 - ok
20:16:32.0616 0x0df8 [ D1BE8E6E5B3AF23A4393AF1BF867977A, B3AE97D35A9304198715D76F6C3F0545AA176FDEBA6C2055782558B11DFA14EB ] ALG C:\Windows\System32\alg.exe
20:16:32.0616 0x0df8 ALG - ok
20:16:32.0679 0x0df8 [ 025E8C755BE293E50854D26D1BBE5133, 4373639689306A3D8FE0F862072711BAD5DBAA45E105CD3129586439A90EE070 ] AllUserInstallAgent C:\Windows\system32\AUInstallAgent.dll
20:16:32.0694 0x0df8 AllUserInstallAgent - ok
20:16:32.0726 0x0df8 [ 5A81054B824004B1ECC04F0034A1CDF9, 73A1986A4B346C425157216EBF16CC90EFFC642EDF6109E6364CF0552E3388FD ] AmdK8 C:\Windows\System32\drivers\amdk8.sys
20:16:32.0726 0x0df8 AmdK8 - ok
20:16:32.0757 0x0df8 [ B849D453E644FAB9BC8EF6DC8CA9C4C6, B803CDA478D3385937C44CBB05A0E65ABACEFEBA682975787C44E2904FB89D2D ] AmdPPM C:\Windows\System32\drivers\amdppm.sys
20:16:32.0757 0x0df8 AmdPPM - ok
20:16:32.0788 0x0df8 [ 35A0EB5AECB0FA3C41A2FB514A562304, 737783ABF348288471AC7051D4DC6CB336D686C94EC7B8938DCA74AFE9BECB1C ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:16:32.0804 0x0df8 amdsata - ok
20:16:32.0851 0x0df8 [ 00452671904F5EE94B50BF0219C97164, 99F9B86D3DB3E10B014120A63CD43CBAAB22C8E38851090ABE37D89ABD61F7B6 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
20:16:32.0851 0x0df8 amdsbs - ok
20:16:32.0882 0x0df8 [ EA3FFE53E92E59C87E3ECA9BEB20D9B7, DC0B8B798720F5F75F8AFD3383CF69194282AEEE84DCACB97382F4C86E1D3E49 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:16:32.0882 0x0df8 amdxata - ok
20:16:32.0913 0x0df8 [ 83B3682CE922FB0F415734B26D9D6233, 9102E8B410BB1AE426770896B6AB584D1F02830337FBB2DEC182F3F19832F35F ] AppID C:\Windows\system32\drivers\appid.sys
20:16:32.0913 0x0df8 AppID - ok
20:16:32.0944 0x0df8 [ CE2BEAD7F31816FF0AC490D048C969F9, 7D24C5A9E8F7C21CC6D8BF2CA29A8B79DDE7EEDE2F37D36B9071ECE1CF61371F ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:16:32.0944 0x0df8 AppIDSvc - ok
20:16:32.0976 0x0df8 [ 4F750B7EFCB6520AE01E01D082D7D476, AD2A67D727A1D4DD0BBACC6B4BB432FA9A14D50D8BA292B95A4747CEC9F85728 ] Appinfo C:\Windows\System32\appinfo.dll
20:16:32.0976 0x0df8 Appinfo - ok
20:16:33.0007 0x0df8 [ 2D14788C5D0836292BEB27BBE109BE56, D032FDBD9E1708F77348655DE00DB395E38EB27A7EC3FB2EF3BA07D22CBC1402 ] AppMgmt C:\Windows\System32\appmgmts.dll
20:16:33.0007 0x0df8 AppMgmt - ok
20:16:33.0038 0x0df8 [ E933401B392387F4BE34DE8BAF1722A7, 57CC6DE31E2C82D2B12509F0A5EC9EC70DD2EF6A1F31A66ADF62DC6AE0A67323 ] arc C:\Windows\system32\drivers\arc.sys
20:16:33.0038 0x0df8 arc - ok
20:16:33.0070 0x0df8 [ 07CA323EF2E8247A568AB0F3662AD644, 1224B41193F0E9B164732BA5BF707A13427C82C1D8C3EDC2AAE5C5C75454B9F6 ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:16:33.0085 0x0df8 arcsas - ok
20:16:33.0116 0x0df8 [ 340B0467E98A8C92697D73034DB4BCB7, 342572B566747A05DA5391CFC027A6703AECCE29C3D288428884D8641A35D0F5 ] aswHwid C:\Windows\system32\drivers\aswHwid.sys
20:16:33.0116 0x0df8 aswHwid - ok
20:16:33.0132 0x0df8 [ ED5B09937D559FFA53FC988D20031E98, EC9E50C9BC2184AE93944EA3115A25BADF5FFB91D11776498EBC9A0D60029A84 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
20:16:33.0132 0x0df8 aswMonFlt - ok
20:16:33.0148 0x0df8 [ 33C77DCB0AEC76E26BD6352A1A5281BB, CEA7BB3407C1F900DE5CB09F42AF7734811F86B7DE0085FADC7AAE8178D59665 ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys
20:16:33.0148 0x0df8 aswRdr - ok
20:16:33.0163 0x0df8 [ BF5B9E9E97CED45208E498D9FA73688F, BCB2CC516EAD040573D80599C2306ECB26FCCB16A97B940327CD3A3CE9077877 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
20:16:33.0163 0x0df8 aswRvrt - ok
20:16:33.0226 0x0df8 [ F88CE00A7736C349ED1414D7ECDC9BED, 8C0783CE32968874065C2F46088B34F9C872F26C98AB8E8BA895D84CCB25E534 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
20:16:33.0241 0x0df8 aswSnx - ok
20:16:33.0273 0x0df8 [ 3AE912B08E2A1ABB2B63F3C56BED95C2, BE99BA3A74427444FEE5D47D70BDBA631DBBF50D80B0483C0675F87119926765 ] aswSP C:\Windows\system32\drivers\aswSP.sys
20:16:33.0273 0x0df8 aswSP - ok
20:16:33.0335 0x0df8 [ A7115ED31675BB823CFA9FE571C25676, DEEBB3920934DCDDD488DCFCB1E6F4C7EFDD3C79F31E41D59E292C3CF9400E95 ] aswStm C:\Windows\system32\drivers\aswStm.sys
20:16:33.0351 0x0df8 aswStm - ok
20:16:33.0366 0x0df8 [ 47CBD3F64E412FFAFD93404580A3C7B9, F9B02E232416BAFC21BCBCDC0A3D9E5E855BFAF11F29ED2C4C469692E6688278 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
20:16:33.0382 0x0df8 aswVmm - ok
20:16:33.0398 0x0df8 [ 74DBAEC35366C4EE7670428808715A6A, 3B3A7A81CD8038C4750560B94A9247C4409410780B312BA71EDF2E393DCA7474 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:16:33.0398 0x0df8 AsyncMac - ok
20:16:33.0413 0x0df8 [ A721FF570C2387E383BDDEA9632863C9, 45DD7787F44A2C742560FEB03AB66910C2F0002D95BB02C55EEDE973AA92AD24 ] atapi C:\Windows\system32\drivers\atapi.sys
20:16:33.0429 0x0df8 atapi - ok
20:16:33.0694 0x0df8 [ DECE3E2832F125A41A02FB59F4C54EEA, 2994024E5C295E9FDF4C6C0A8F2B17C07C158AD1567BEDA46A482C6C08F460BC ] athr C:\Windows\system32\DRIVERS\athrx.sys
20:16:33.0757 0x0df8 athr - ok
20:16:33.0835 0x0df8 [ BCD7A47EF587DC00DD61D12D9C2D1E44, 95BC9AC8BA8A86DB5C7A6317002BD9872F193B401A0C58DF252DCF3D4A7541E2 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
20:16:33.0835 0x0df8 AudioEndpointBuilder - ok
20:16:33.0882 0x0df8 [ 599B3F685A263A114FFAF3BE29C49C75, 579E9561BA8537888E061E303F3F89E2E6F8B8DED74369C3767DB10B35CD45E8 ] Audiosrv C:\Windows\System32\Audiosrv.dll
20:16:33.0913 0x0df8 Audiosrv - ok
20:16:34.0023 0x0df8 [ 37D17AE2936867F88EB3C4CBCBC6B8A1, E1F4D288CE1E5482A5594C8F9EEDE1E8134466F5E0C7DA32D88985497CD8588B ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
20:16:34.0023 0x0df8 avast! Antivirus - ok
20:16:34.0070 0x0df8 [ 89491EF71D5EA011127832C588002853, 05620E4235956D8446FB9604F930738C8AA97E3A74C907E37F7CC08B8EDA0461 ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:16:34.0085 0x0df8 AxInstSV - ok
20:16:34.0132 0x0df8 [ 87AB5BB072A3F128541D5B815F82FFDD, 186AF33D3DE90638C3E165CAC3DA17295E8A80CDB523F9BE4AF7D38CA6954905 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
20:16:34.0132 0x0df8 b06bdrv - ok
20:16:34.0210 0x0df8 [ 81703BC5D68DEDBB086C2368FBE7B334, CFD4A55C8045C482F8D410514F3211AEFA00097AB395F5A04BFE983ED6254F6B ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys
20:16:34.0210 0x0df8 BasicDisplay - ok
20:16:34.0226 0x0df8 [ 5EC68164E14D25675C98BBB5F09E8606, 1D7EDB21C87039FC5F39F46460AD852BC4EC6B179B1C205D189DD3C397343435 ] BasicRender C:\Windows\System32\drivers\BasicRender.sys
20:16:34.0226 0x0df8 BasicRender - ok
20:16:34.0257 0x0df8 [ 89143A7BA7850F5C7E61B43BB44B6418, 00BB781DF87D4FF1BAFD318AFE237296B4F5925023BA4486405EC0A384C88D8F ] BDESVC C:\Windows\System32\bdesvc.dll
20:16:34.0273 0x0df8 BDESVC - ok
20:16:34.0288 0x0df8 [ 9E7AEA59776D904607985AFFE7E5E183, C3DB745A9F4DA7CB9628A7913DD52B2444B14FEB9D588FF6558CF52CEB8955EB ] Beep C:\Windows\system32\drivers\Beep.sys
20:16:34.0288 0x0df8 Beep - ok
20:16:34.0351 0x0df8 [ 53AA55632B94622F2DC3695E86EF9363, 9B5BB8EDA48A37AE97BCD42D83B25A6D10AA6231EABE745DCCE6D60E19094A6F ] BFE C:\Windows\System32\bfe.dll
20:16:34.0382 0x0df8 BFE - ok
20:16:34.0429 0x0df8 [ D598C44A7072D3108D8D8102EC5E07F7, D7472E9BAAB7B6E1D30F4E153412E2A16EE5C08DE2BF8BFF4D65089825226FE0 ] BITS C:\Windows\System32\qmgr.dll
20:16:34.0476 0x0df8 BITS - ok
20:16:34.0491 0x0df8 [ B17AC10B47C7FCB44D22A1F06415840E, 990D6F629D93F4F913D218ACE5187A26DCB762BAFB2BB279CCE8CAF2755D85A5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:16:34.0491 0x0df8 bowser - ok
20:16:34.0523 0x0df8 [ 038FA1B55531E7020DB705B42FCCE373, 023E87E3204D64890D6FEA78E762E5BC5BD0A59325EBC264834727779EEEDBC5 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
20:16:34.0523 0x0df8 BrokerInfrastructure - ok
20:16:34.0554 0x0df8 [ 310068BDA80B1D55C36580FD8A873FAF, A75412FF1F483461F526E9A359DCEECA5E683441514464D5ED82D1A9740D583E ] Browser C:\Windows\System32\browser.dll
20:16:34.0554 0x0df8 Browser - ok
20:16:34.0585 0x0df8 [ 6695200F455E251F0BCC9CE4D0978D59, 4DB2F967E449581A9330EF43E794B45B93581564B20C5B991FC1EC665A640D69 ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys
20:16:34.0601 0x0df8 BthAvrcpTg - ok
20:16:34.0616 0x0df8 [ 616EB8748C988AEE98D93DA141C3D3B4, 15A055B0496BDB29CBCF6EEBF112D4BA1C7A2FF39124728830D0FD1FD7A404CB ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys
20:16:34.0616 0x0df8 BthHFEnum - ok
20:16:34.0663 0x0df8 [ DCB4EBD928A6FB368BE6CAE522412DE1, 9E1345F29467054689B9F48B5CCB567760D36610A4EA9AF41B829EAD60347269 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys
20:16:34.0663 0x0df8 bthhfhid - ok
20:16:34.0695 0x0df8 [ 033916CE8784A848B9A3D686B7F66D97, B4D0514D59646CF6B70D4FA488CF95C38EA38CC5C509329CC8753E897C640AFA ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys
20:16:34.0695 0x0df8 BTHMODEM - ok
20:16:34.0741 0x0df8 [ A4387C3D271959313E2577DB7BE8BA7A, C71474802102102EBE04DF036EEB2F5FB3380BE288E3842F19F234EFAE977D70 ] bthserv C:\Windows\system32\bthserv.dll
20:16:34.0741 0x0df8 bthserv - ok
20:16:34.0851 0x0df8 [ 27C684D57A49DAB19BCE9D69529E8BE7, C4F01023C4ED71D4DD6C86543DD9795F98AF85626E64F4363665D528D52F5B2A ] Cam5607 C:\Windows\System32\Drivers\BisonC07.sys
20:16:34.0882 0x0df8 Cam5607 - ok
20:16:34.0913 0x0df8 [ 990B1BABE6E81FB18E65A87EBEFB1772, 1820D4AC57E1D4B7FB5AA89C277B16910ED73712878D2B43FE542CE16DFE16C3 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:16:34.0913 0x0df8 cdfs - ok
20:16:34.0945 0x0df8 [ 339BFF85D788268752DA8C9644B188EE, C2279F1A39AED39865A5027D2FD087F8E82F3ED8C94BA4D922855B98E792AFC5 ] cdrom C:\Windows\System32\drivers\cdrom.sys
20:16:34.0945 0x0df8 cdrom - ok
20:16:34.0976 0x0df8 [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] CertPropSvc C:\Windows\System32\certprop.dll
20:16:34.0991 0x0df8 CertPropSvc - ok
20:16:35.0007 0x0df8 [ F64B7D1A37CC1D5F421D5359EEC81E2E, 2B4879DD32B2C20B94847755E22B1BCBE2B567B3989C57A9BA2DD783307EFFDB ] circlass C:\Windows\System32\drivers\circlass.sys
20:16:35.0007 0x0df8 circlass - ok
20:16:35.0054 0x0df8 [ 9905168708DB68849B879B5548F68AB3, B7A495E57B9398704988DC472126CBC5B8D76761A34F51732FBF6CC88E3AB79A ] CLFS C:\Windows\system32\drivers\CLFS.sys
20:16:35.0070 0x0df8 CLFS - ok
20:16:35.0116 0x0df8 [ 50F92C943F18B070F166D019DFAB3D9A, A997EAFFC1598B1D0A9E1A4475F25418CA8AA6B703B53A71B1AF028E247C9950 ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
20:16:35.0116 0x0df8 clwvd - ok
20:16:35.0132 0x0df8 [ 2DC8538A2260647484A6C921CA837313, 094059DD66B0C50A1CAE288F920107B0B6AD1AA5758284E35B92C131EDEA30EA ] CmBatt C:\Windows\System32\drivers\CmBatt.sys
20:16:35.0132 0x0df8 CmBatt - ok
20:16:35.0163 0x0df8 [ DBF9E5346431557BF56F41E7F8EC0DC1, D5FA34C873DA9BE40301D53198355556506AB5145B78B14D0AA88570A0058589 ] CNG C:\Windows\system32\Drivers\cng.sys
20:16:35.0179 0x0df8 CNG - ok
20:16:35.0195 0x0df8 [ 0E5B1E9E7122EDAAF1F6CE047965CA92, 803E585B92D1E2E5B6BF67BE511E88DC2629A12407C3E30F7AEFB544D390A9B8 ] CompositeBus C:\Windows\System32\drivers\CompositeBus.sys
20:16:35.0195 0x0df8 CompositeBus - ok
20:16:35.0210 0x0df8 COMSysApp - ok
20:16:35.0210 0x0df8 [ D9CB0782AF819548072AA45B70F8B22D, 04796F39ABB88759A534DE3D0C51F684BF2A8DE1F4028B657CCFDBDD39A6618C ] condrv C:\Windows\system32\drivers\condrv.sys
20:16:35.0210 0x0df8 condrv - ok
20:16:35.0257 0x0df8 [ 5CE2742F063731EC10C1B2EE386A2C08, 309919BDDD4649AFB95A99DCF8AFC3BAE10F9BC1E2819C0794CFD0F80682C223 ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:16:35.0257 0x0df8 CryptSvc - ok
20:16:35.0304 0x0df8 [ F2C69C3D98249DE14D4B2832516D4FD5, 5F622A61A99202802B35532036CFCFDFB1FDEC32465BA8CCAB4C4FAFA336FC2A ] CSC C:\Windows\system32\drivers\csc.sys
20:16:35.0320 0x0df8 CSC - ok
20:16:35.0382 0x0df8 [ 22CCB6AFF617AAC6121DF6CDA5ABF3F4, 7F6F888CF4D7EF93144A791891E41858F7C0CDDC0B65ED09B9CD55EE3734FCCF ] CscService C:\Windows\System32\cscsvc.dll
20:16:35.0413 0x0df8 CscService - ok
20:16:35.0445 0x0df8 [ FAEF4C245BE832DB41B15DAAC336AFB7, 1F8C98AB0DF4327FCB01FE0356025488E19B48A45FFFA50576B49A8587FAC42B ] dam C:\Windows\system32\drivers\dam.sys
20:16:35.0445 0x0df8 dam - ok
20:16:35.0460 0x0df8 DCE - ok
20:16:35.0523 0x0df8 [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:16:35.0554 0x0df8 DcomLaunch - ok
20:16:35.0570 0x0df8 [ 7194353A9303E80BA0B22187E559EB13, 80AB8FAD012A712E3658541ACEB66BBBF3518E839E3C32173F6FB0FFA7B699E3 ] DefragFS C:\Windows\system32\drivers\DefragFS.sys
20:16:35.0570 0x0df8 DefragFS - ok
20:16:35.0616 0x0df8 [ C8650D1F61149AA546BDBC99172EBBC1, D9592ED1B6F23B6EC76A0B93635B6E38702311B0A6982F0F9DEC37FCDAF1288B ] defragsvc C:\Windows\System32\defragsvc.dll
20:16:35.0632 0x0df8 defragsvc - ok
20:16:35.0695 0x0df8 [ 5EAEF67AE2AF4D2DC664B649DB7B2E16, ADAC7FD6AC12B50F4998C5EB0BD770DD4B80A94C4CC1B9376AD77648E48D012D ] DeviceAssociationService C:\Windows\system32\das.dll
20:16:35.0710 0x0df8 DeviceAssociationService - ok
20:16:35.0726 0x0df8 [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] DeviceInstall C:\Windows\system32\umpnpmgr.dll
20:16:35.0741 0x0df8 DeviceInstall - ok
20:16:35.0773 0x0df8 [ 431141C6859990824D17F71C30A78728, 448B3DC20C8FDD5B66217E0E01DBCC4904F94BDA0826F109D139DDD2C2D7FBF2 ] Dfsc C:\Windows\system32\Drivers\dfsc.sys
20:16:35.0773 0x0df8 Dfsc - ok
20:16:35.0804 0x0df8 [ 9E0E72222264745ADEB0E5AC680B0ED6, 576AFC8741695396A3B8E9DBDD3703E9D70370437D09D162262E47A140D101B4 ] Dhcp C:\Windows\system32\dhcpcore.dll
20:16:35.0820 0x0df8 Dhcp - ok
20:16:35.0835 0x0df8 [ 3C736FAE17BA6F91BA37594AAB139CD0, 34304A194105B19E7ADD80108DC85C3B7AA9E942C84A7EF93C475CE1D9AE4615 ] discache C:\Windows\system32\drivers\discache.sys
20:16:35.0835 0x0df8 discache - ok
20:16:35.0866 0x0df8 [ AE3786294CC246A5403783E1B86A0168, 29A7B4B490CBB16DAEF5D67D0A58A2577CF3FEE8F889484DB867F6913D9D2A28 ] disk C:\Windows\system32\drivers\disk.sys
20:16:35.0866 0x0df8 disk - ok
20:16:35.0866 0x0df8 [ 82A7C72593793FE1EADA7A305BD1567A, 75F432E4C75AE9EFF553BD860B3B250853BDDA85C17DBD9B7242D74593506A86 ] dmvsc C:\Windows\System32\drivers\dmvsc.sys
20:16:35.0866 0x0df8 dmvsc - ok
20:16:35.0898 0x0df8 [ 066B9710B36AB550E01EEFCA52155968, DCA9F3F4856A6866D3F5A2EEE34E96A83F40198DB0B5AC6381A7568DE1F56FAB ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:16:35.0913 0x0df8 Dnscache - ok
20:16:35.0960 0x0df8 [ 9949AD2ABA168A618D46C799D6CC898C, DFAC86A0AEE83C9EFE1BEE9EC15C8CAF1D619D55AF3ACC3986057A5AC985D06A ] dot3svc C:\Windows\System32\dot3svc.dll
20:16:35.0960 0x0df8 dot3svc - ok
20:16:36.0023 0x0df8 [ 27069CFFF29B7F04F4B1BB10154BE52B, 6869626F9A1D3F64224883C5E661638CEE893A3E29651C7B9302A03E52180415 ] dot4 C:\Windows\system32\DRIVERS\Dot4.sys
20:16:36.0023 0x0df8 dot4 - ok
20:16:36.0054 0x0df8 [ 0BD906A79F9CE3013F7D9D0AC45F9F9D, 2F7D5082E7E226D5EBEA164A8ACEE0A447C96EB1829224A6EFA3E7B4EFEE1D14 ] Dot4Print C:\Windows\System32\drivers\Dot4Prt.sys
20:16:36.0054 0x0df8 Dot4Print - ok
20:16:36.0070 0x0df8 [ B7D595F2F464F7B628AD53F06547792C, F5D06A91EF54FBF56305FCC882B854350B266B2A005D80CC77AEBC2929440729 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
20:16:36.0070 0x0df8 dot4usb - ok
20:16:36.0117 0x0df8 [ 109FC3F80BF4F4DC5A071058074F13C1, F30736F45BA1811D59E9CB1C172D8D1EA9F5A7D36DCFFBFC9E7E02448C1CF851 ] DPS C:\Windows\system32\dps.dll
20:16:36.0117 0x0df8 DPS - ok
20:16:36.0132 0x0df8 [ 9C7C183F937951AE17C5B8B3259CF3FF, 8ED607139F15D08B4835ACF864421BA4C08C88FE90B9AAF707F5D8514D7731B1 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:16:36.0148 0x0df8 drmkaud - ok
20:16:36.0179 0x0df8 [ F87F4AAAF6664906248D11D5E579A53B, F283932F68ED93891EEF00C18724359AB7057E922A3CDC8BC6F33F84D2B0BEE5 ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll
20:16:36.0195 0x0df8 DsmSvc - ok
20:16:36.0226 0x0df8 [ 6A0E850DDCB136AA3D2FB7234382DF12, C01863E95F45E1B74AC65C9CD12C8DC769299218255B3C94E3EBF58C4D79FEF3 ] dtsoftbus01 C:\Windows\System32\drivers\dtsoftbus01.sys
20:16:36.0241 0x0df8 dtsoftbus01 - ok
20:16:36.0320 0x0df8 [ E6AF4DF1817953D73C519B17CF849756, 26A90EB368A3F572086F223ABED87B8FC6F998AE401C9E52BEB5EE76AB052702 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:16:36.0351 0x0df8 DXGKrnl - ok
20:16:36.0413 0x0df8 [ 58BA473DD88F5FC1932282BA683AA03E, B8A4407D3006D91BE88F9C5389AC1CACC73BEBF6F66433A1E5EB8E58E8836C12 ] Eaphost C:\Windows\System32\eapsvc.dll
20:16:36.0413 0x0df8 Eaphost - ok
20:16:36.0632 0x0df8 [ 5AB97B3282D7D6114949D1EB5C8598E4, FB9449CC1CDC12C12AA0469BB6ACC770CB011250EDFD86E9600E754610608EFD ] ebdrv C:\Windows\system32\drivers\evbda.sys
20:16:36.0695 0x0df8 ebdrv - ok
20:16:36.0742 0x0df8 [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] EFS C:\Windows\System32\lsass.exe
20:16:36.0757 0x0df8 EFS - ok
20:16:36.0773 0x0df8 [ 66D60BD9A4C05616ABECA2A901475098, 8111550DB03FFD72F1822F47B16F075DA92874B64F19342D7CF60B0EE648AFEF ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys
20:16:36.0788 0x0df8 EhStorClass - ok
20:16:36.0804 0x0df8 [ A61D0F543024E458C0FE32352E1978E2, BDE6BC140300EAF790F16466C28897CE0BD7D94DCED13FDE20AA4AACA0F6A4FD ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys
20:16:36.0820 0x0df8 EhStorTcgDrv - ok
20:16:36.0867 0x0df8 [ 194E8100D57FC13BEF88129BAAD07E46, 745D24ADD99ED182FCCA30C6B85167484B74D3EFD631AF92AA57AAD73F474631 ] EPSON_PM_RPCV4_04 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
20:16:36.0882 0x0df8 EPSON_PM_RPCV4_04 - ok
20:16:36.0929 0x0df8 [ D790D058D67582DB9C84C2D33695FE6B, A5763D7F6D191EA4B290B3E92D842AC36FD46DF598472E70B46E45D8CCD2F912 ] ErrDev C:\Windows\System32\drivers\errdev.sys
20:16:36.0929 0x0df8 ErrDev - ok
20:16:37.0038 0x0df8 [ F9E01C2D9F8BC049E04CF5DC24A5F638, CB6CCB59C77D4A59DDA846608AABEF1DFEC24C8422712AB8D59E27C13D731D2E ] EventSystem C:\Windows\system32\es.dll
20:16:37.0070 0x0df8 EventSystem - ok
20:16:37.0101 0x0df8 [ 7A4D6FEB8C52B3FE855E4DCDF9107E03, 6B0146A4C9AD32DCDC2DEE8E8C5A29F687665458486449E0D37B151ED63B8ADC ] exfat C:\Windows\system32\drivers\exfat.sys
20:16:37.0101 0x0df8 exfat - ok
20:16:37.0132 0x0df8 [ 60996602A7111FD2D086E803F33E4282, E62A91C90F8542990BEA4E6A5D9DD3D070F4EB23B4C13414C5DA2B0219509749 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:16:37.0132 0x0df8 fastfat - ok
20:16:37.0195 0x0df8 [ F0E7F8382ED5E138B0DFA4CB5058BCFE, 6247C7B75F975F5AB080FFB9881EF58A6F360219F7AF2DE871F38E80CAF3B62C ] Fax C:\Windows\system32\fxssvc.exe
20:16:37.0242 0x0df8 Fax - ok
20:16:37.0257 0x0df8 [ 73B2D11DF0B6E03A0CB0323218ACB3E4, BA9256919BAA2E0760F6A658B557FDC389ACE8F9820D1A41FD995FC5613F5AA6 ] fdc C:\Windows\System32\drivers\fdc.sys
20:16:37.0257 0x0df8 fdc - ok
20:16:37.0288 0x0df8 [ 0828E3E7BD77C89149EAD3232BFD38DB, A6A296647A4EDBFF59124E3A9C0AB48759AA1738615ACFA5A454FF6BD3C31BA2 ] fdPHost C:\Windows\system32\fdPHost.dll
20:16:37.0288 0x0df8 fdPHost - ok
20:16:37.0304 0x0df8 [ 872506AAB591E8908DF4461475AF92DF, 772F2D08CB95775E438822B9EA005CBA92ED4071ADAB2C0101156A7D037D4704 ] FDResPub C:\Windows\system32\fdrespub.dll
20:16:37.0304 0x0df8 FDResPub - ok
20:16:37.0335 0x0df8 [ 0588950D93A426F97C7AAADB1A9B0458, ABCB3619BD58CAC438FC032495AE45A7B6FFDD4BD33C1B3D1BC7F9F13FCB727A ] fhsvc C:\Windows\system32\fhsvc.dll
20:16:37.0351 0x0df8 fhsvc - ok
20:16:37.0367 0x0df8 [ 88A9EBACD1058ABB237A6B4E96E7F397, 263D25D33B679EB01D97763701347C31B2F72E28CE2C7EC8013EA77756D98BE1 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:16:37.0367 0x0df8 FileInfo - ok
20:16:37.0398 0x0df8 [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02, 1D7BFB00D74A28AC13ECBA1E0036D50EE79266AC02CEDB2632466BF9DD46F211 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:16:37.0398 0x0df8 Filetrace - ok
20:16:37.0413 0x0df8 [ B1D4C168FF7B8579E3745888658FFB1D, 1A5C13E902A0C788A8B995ADD2FBC3303005911C0AA3F3F4497D3016AA0EF583 ] flpydisk C:\Windows\System32\drivers\flpydisk.sys
20:16:37.0413 0x0df8 flpydisk - ok
20:16:37.0445 0x0df8 [ B33EC133AE4E6C1881D2302D93D2467D, 77E3A16257EA3698B3FCD947D004144E8D1EEE48EF5C82DF49B1B9B2B3C61DB2 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:16:37.0460 0x0df8 FltMgr - ok
20:16:37.0523 0x0df8 [ 0BCDC0FF11B984162B0CF0FF6E9E0146, D44A3CECBA36B7A64854E244FA6B5E65047896BF9983D20B431410FBBA36697A ] FontCache C:\Windows\system32\FntCache.dll
20:16:37.0601 0x0df8 FontCache - ok
20:16:37.0695 0x0df8 [ 0B56259F5611787222A04A8F254E51D4, F77AEC0ACBFAF9154E32223B84B613229DACCD953AEBC3E96C27570F9AB10FD0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:16:37.0710 0x0df8 FontCache3.0.0.0 - ok
20:16:37.0726 0x0df8 [ A5F7873A39E4E9FAAAE59B7E9E36B705, 32036109F5A50E9F3BEF97C5B28AE8179B3A5E22517868A83CADE4671FF90DEC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:16:37.0726 0x0df8 FsDepends - ok
20:16:37.0757 0x0df8 [ A6DD7D491F587F4BC13FB972977DC8E8, B86F97F17F6F443EC16DEF67CCA4EF78AFE56078D2877838A982FECB19557C87 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:16:37.0757 0x0df8 Fs_Rec - ok
20:16:37.0820 0x0df8 [ C1646A95EAC515F60CDB2A7A8A013C1E, F559B83C02B17265EDE95DD497C1A94E402F07EC251FC47449F789907AFFED14 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:16:37.0851 0x0df8 fvevol - ok
20:16:37.0867 0x0df8 [ A969D92973DFA895E7776B4BFE36DBB2, 7528E6983ECC59291A7A386E4E459B19D1593ABDDFFD276E2F01B0EA21693E20 ] FxPPM C:\Windows\System32\drivers\fxppm.sys
20:16:37.0867 0x0df8 FxPPM - ok
20:16:37.0913 0x0df8 [ 52BC441E07A827EBAB70CDC7EAEDB28D, 8DECBD8E12EA52039742599CFBBF0D3B6610B57EF8D9DAEEEA33D202A478D286 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:16:37.0913 0x0df8 gagp30kx - ok
20:16:37.0945 0x0df8 [ 721F8EEF5E9747F32670DEFF7FB92541, E0A8EF70753E260C2C7D93D316B5EF9589DB086FDF829BDA2958C6A09CE471A6 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys
20:16:37.0945 0x0df8 gencounter - ok
20:16:37.0992 0x0df8 [ FC2B8B06BDBD3B6457F5A3DA9AD2410E, 4BF196E1CAC94E9265EBEB68F41C3E29F0C709ECFF9420B5B1C9C82680D5D6A8 ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys
20:16:37.0992 0x0df8 GPIOClx0101 - ok
20:16:38.0054 0x0df8 [ 5358678C6370F2ADC5291849F6503262, 841633D7A936C3889690C67E189BAD4C6B294C196FFFE5B564FCECDFE46A9E52 ] gpsvc C:\Windows\System32\gpsvc.dll
20:16:38.0163 0x0df8 gpsvc - ok
20:16:38.0257 0x0df8 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:16:38.0257 0x0df8 gupdate - ok
20:16:38.0289 0x0df8 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:16:38.0304 0x0df8 gupdatem - ok
20:16:38.0351 0x0df8 [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
20:16:38.0367 0x0df8 gusvc - ok
20:16:38.0414 0x0df8 [ 630555943E5A3FE21010CE91EC7FC84F, 20D7247A4363EE9E851501D89A466564ADCAEC304DE42280E4E09AD8499436A9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:16:38.0429 0x0df8 HdAudAddService - ok
20:16:38.0460 0x0df8 [ 7D87B5B6C7188D553E11B59DC7F0B111, FC633DB71E1D72E8AD8F89BBB54324CC6ED17F5594EF55DD0BDB58EE1F601FF5 ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys
20:16:38.0460 0x0df8 HDAudBus - ok
20:16:38.0476 0x0df8 [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\System32\drivers\HECIx64.sys
20:16:38.0476 0x0df8 HECIx64 - ok
20:16:38.0507 0x0df8 [ 3F76BBA53D65E85A7F53E7A71082082C, D1E18815BB19CD11007C4A66162C76F55D4FE6B09B34ED45969C7ECC29D394AD ] HidBatt C:\Windows\System32\drivers\HidBatt.sys
20:16:38.0507 0x0df8 HidBatt - ok
20:16:38.0601 0x0df8 [ 085F150D002B7F0153D3C06DDF33A143, 41847FD02608ECFE3A6B4B38CBDE8416B0EF17491868511FD704B0BCC280338E ] HidBth C:\Windows\System32\drivers\hidbth.sys
20:16:38.0601 0x0df8 HidBth - ok
20:16:38.0648 0x0df8 [ CC4A07E51D89575CAB6F4EB590D87CD4, DFB4EAF0923EF9FF6C42EDD1EA5E4025F243C9BE2D03D5423FE8A897DC01D657 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys
20:16:38.0663 0x0df8 hidi2c - ok
20:16:38.0695 0x0df8 [ DC96F7DACB777CDEAEF9958A50BFDA06, 7CE79F32D5EE65C0178CFF56523825D3EE01095B2CE8C67634A6604A821A9086 ] HidIr C:\Windows\System32\drivers\hidir.sys
20:16:38.0695 0x0df8 HidIr - ok
20:16:38.0726 0x0df8 [ FAC37D7B3D6354A5A5E19A45B50B4008, 2962B552A1DA545DFDEF0886582E82596FE8A3A19AAF989B025AFDA84D16D4EC ] hidserv C:\Windows\system32\hidserv.dll
20:16:38.0742 0x0df8 hidserv - ok
20:16:38.0789 0x0df8 [ 012C354B4AB48E9A7A657DF39E3A2073, B15D0089CE509FF1CF73DFE095425C1C99FC3971622DCAAD9CAEB989A12A4FDB ] HidUsb C:\Windows\System32\drivers\hidusb.sys
20:16:38.0804 0x0df8 HidUsb - ok
20:16:38.0820 0x0df8 [ 43F884B61A24377567CD0FEB35236334, B3BA36B527C8D6D83DE2FBCD8D503B87FD2611BF15B07A7BC138DC8BAE6A50C1 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:16:38.0835 0x0df8 hkmsvc - ok
20:16:38.0882 0x0df8 [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF, E6967F3F465C6E903221BC0FCBAE7D05FD18C0BF110D929335F5935364B3C1BC ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:16:38.0898 0x0df8 HomeGroupListener - ok
20:16:38.0960 0x0df8 [ E0D9F6FE18FA7F53ADD29AF719CE2B7E, B965DCC72625188F3B896CB447B7696F22687266EAFC5AA270E2AD53DD9F324D ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:16:38.0992 0x0df8 HomeGroupProvider - ok
20:16:39.0007 0x0df8 [ 64DB7A8D97CA53DCCF93D0A1E08342CF, 02CAB7F28D3830C482683425C60044239C6F1562556688A274CA2C237C846E76 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:16:39.0007 0x0df8 HpSAMD - ok
20:16:39.0070 0x0df8 [ F4A91D985EB9D1D2717D538F3424603C, 454AD2FF3A7963B9835AEF300F6672F92D0CCF59593BA2CCC83F0EC1446BB659 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:16:39.0085 0x0df8 HTTP - ok
20:16:39.0101 0x0df8 [ 2A98301068801700906C06649860FE94, 664394A52326289DCA0828B0041A105653F4FEF3E3DCCC3787AAE0F6FDC73A14 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:16:39.0101 0x0df8 hwpolicy - ok
20:16:39.0117 0x0df8 [ DC76901D82097C9E297F20C287CB9A27, 01A412D0D8A65050BE4250A7C4B9F98A4C43FD891827761E0C830369A5F9F09C ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys
20:16:39.0117 0x0df8 hyperkbd - ok
20:16:39.0164 0x0df8 [ 716413AB3CA12DE0A7222D28C1C9352C, B82B586BD9DBD70DDA19A02504E8CB00DA53677703AB848B53387601C5BAD3D3 ] HyperVideo C:\Windows\system32\DRIVERS\HyperVideo.sys
20:16:39.0164 0x0df8 HyperVideo - ok
20:16:39.0179 0x0df8 [ C9E9CBF73AFFBFE3E801EFB516787BA3, 1A850D614BDA6AA4195CC657702BC6242BA51B90131717743182AA160F65E72C ] i8042prt C:\Windows\System32\drivers\i8042prt.sys
20:16:39.0179 0x0df8 i8042prt - ok
20:16:39.0226 0x0df8 [ 5E394EBD26FD68AA9300332C46BEDD62, 56A5DA7CE08C07B519E55D0A46AA9D10B640349808EFE02B3278267B75B5F603 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:16:39.0242 0x0df8 iaStorV - ok
20:16:39.0273 0x0df8 [ 24847A06B84339FEEDE5CABF3D27D320, 7727B1DAD0D4A1D474FBBEFCEBDF36A1F07D1AA300869AE57A24ED91BF84B6B4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
20:16:39.0273 0x0df8 iirsp - ok
20:16:39.0320 0x0df8 [ E455C83E029121270BED73CDAC381F37, 433D525C19DBF26FAC28853C606C872D973104842B0EF1B2BF2EAC85457E2953 ] IKEEXT C:\Windows\System32\ikeext.dll
20:16:39.0367 0x0df8 IKEEXT - ok
20:16:39.0382 0x0df8 [ 4F37726CF764CA18A8A84F85EF3A7F24, 6212B23917526E127CE641A11A58DA93651FFE70829C4079FE465DBDC81CF470 ] intelide C:\Windows\system32\drivers\intelide.sys
20:16:39.0398 0x0df8 intelide - ok
20:16:39.0414 0x0df8 [ E15CDF68DD73423F15D4AC404793AF0D, E2D0136AF68D1A73EB3A63C83284B4661222CB0A4AFACCF276CB57CBD4850287 ] intelppm C:\Windows\System32\drivers\intelppm.sys
20:16:39.0414 0x0df8 intelppm - ok
20:16:39.0460 0x0df8 [ 8FCA66234A0933D796BB780B7953BAB9, 7DD677F5EE09A8D7A75C9E475B5E6B3DCA49D1E846C7D160B839D7029B1C5B6D ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:16:39.0460 0x0df8 IpFilterDriver - ok
20:16:39.0539 0x0df8 [ C217B8D2E58C57A319B16125C3D4B69C, 905BB858E1782BD08FF080A4A604CE662440A15601B178FBD30269C306C04CCF ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:16:39.0601 0x0df8 iphlpsvc - ok
20:16:39.0632 0x0df8 [ A4071DA3AE419F9694BFCB267C7DB8D7, 392DEE1DA51606C29418A98D2861F115E9F67C688B4281C53E87BA73A98809FB ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys
20:16:39.0632 0x0df8 IPMIDRV - ok
20:16:39.0726 0x0df8 [ 3969B9C218DD3FAA9F4ED2FFC3651C02, 93447F124CC55FB17055126432194153E1BB8F0FD95A47608494B6834A5F7089 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:16:39.0726 0x0df8 IPNAT - ok
20:16:39.0757 0x0df8 [ 25CD7C4BB2863FFC2B0B311F0AEBF77C, 4099BAA2DB4ADB93B878D71E241B7D9EB7E0EE7ED0FE2450CCB9E4718B3726EB ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:16:39.0757 0x0df8 IRENUM - ok
20:16:39.0789 0x0df8 [ D940C5BB9DC92E588533C19ABCC3D2C2, D1442854CEDE86F2C187A35851E74C873D34B772C60BC118FA1577F79C03364D ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:16:39.0789 0x0df8 isapnp - ok
20:16:39.0851 0x0df8 [ E6530FD4F61B40F338BF4355A21B9A09, FE9BF039B9901BEC260A69F7C49ACFA9881AD470DCCBA70C7EC36F518DA71702 ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys
20:16:39.0851 0x0df8 iScsiPrt - ok
20:16:39.0882 0x0df8 [ 8FBD94B69D6423E20ABCD59D86368B21, 218EF992095E365EC917413749856A64D55D8129D77098E24D670843233377F4 ] kbdclass C:\Windows\System32\drivers\kbdclass.sys
20:16:39.0882 0x0df8 kbdclass - ok
20:16:39.0898 0x0df8 [ E88C932ABDF8185A62C8F2FC7B051FB6, 67F9AF58237A11F0BF3D15AA5B32E5CE66B7AA039B999D938F7F6E63DCEA7A6E ] kbdhid C:\Windows\System32\drivers\kbdhid.sys
20:16:39.0898 0x0df8 kbdhid - ok
20:16:39.0914 0x0df8 [ FB6C185092E18011EF49989425C2AA87, 043524409E0A764201DD221C48B7DEEA0D161945EB37D4B88313BAB2299949DF ] kdnic C:\Windows\system32\DRIVERS\kdnic.sys
20:16:39.0914 0x0df8 kdnic - ok
20:16:39.0929 0x0df8 [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] KeyIso C:\Windows\system32\lsass.exe
20:16:39.0929 0x0df8 KeyIso - ok
20:16:39.0960 0x0df8 [ 8B3EB6372436195B8EA8AE09A184BCE2, 9AFB7A9D6AEEBF5994C85B355155024768116E2D537C9FA169BC3F4594ECD35C ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:16:39.0960 0x0df8 KSecDD - ok
20:16:39.0992 0x0df8 [ 3DD9C86EA88E8B5A51904AD87E1F2E78, F9EC9A571212117C01934CD29057EB1B3FA095F670294244AF7D9387D3F6E555 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:16:39.0992 0x0df8 KSecPkg - ok
20:16:40.0007 0x0df8 [ 81492FEEBF2F26455B00EE8DBAE8A1B0, E33AA2DFB2D3BB30B02CDADA2EC290F86329DA3198327A653F39A843D86390B9 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:16:40.0007 0x0df8 ksthunk - ok
20:16:40.0085 0x0df8 [ 5825DBACEDC3812B5CF8D40B997BF210, 1C2997BCC707C1029B21876E093038CE3BBF6E6694B4CCF7EEDD47172ED9A541 ] KtmRm C:\Windows\system32\msdtckrm.dll
20:16:40.0101 0x0df8 KtmRm - ok
20:16:40.0179 0x0df8 [ 256EE31588257E8A555DBFAA13F1908E, B6817F632EDEA483E35BF26846DCDD4E95E860620959179B2A5D8AD7EEDDB126 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:16:40.0195 0x0df8 LanmanServer - ok
20:16:40.0226 0x0df8 [ 16650912BE5A94B40E0B3B4C39652B56, 908C2C9367AE0AC9AECB5D91514BB33ACD746D99F19C1A8DD6A9550E9CAD9E00 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:16:40.0242 0x0df8 LanmanWorkstation - ok
20:16:40.0257 0x0df8 [ CEEFD29FC551F289810B0B9381B321DC, 900F206B487B2190D9363F28AA4BA0CD7DCFE1D005BE05A48AF74B1B81194691 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:16:40.0273 0x0df8 lltdio - ok
20:16:40.0304 0x0df8 [ BCF53485E0A94722CDE3C4A93CD8EB8C, D24E1066EB102245A89A5D17D608DB9DF6B71C99F1C77E070B95EFD17D268141 ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:16:40.0320 0x0df8 lltdsvc - ok
20:16:40.0335 0x0df8 [ 5A2F7F1CBC2E631A497DAD16164E06D2, 35274FC6C386380B01B5E8F467E71A2C4E2FB2AD701554F9B1A9B036B0340142 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:16:40.0351 0x0df8 lmhosts - ok
20:16:40.0367 0x0df8 [ 022CDD12161B063D7852B1075BF3FFF2, E21267243AF2FC208D27E67827B1264A762C99AECEDB7AD2C48A04F421A6B2F0 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:16:40.0367 0x0df8 LSI_SAS - ok
20:16:40.0382 0x0df8 [ 07AD59D669B996F29F91817F0ECFA34F, 026F332F862D142BFFC9D169CCD17A35BFB6B301EEC72AA13E16369B3520919C ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
20:16:40.0398 0x0df8 LSI_SAS2 - ok
20:16:40.0398 0x0df8 [ 216FB796AA4E252ACCE93B1BCB80B5EC, 5B1E49B5F7B9C7A778198D27F8EE500FE35DC32D40B22A3D6ED67560BEB04212 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
20:16:40.0398 0x0df8 LSI_SCSI - ok
20:16:40.0414 0x0df8 [ 5E80530AF37102488EE980B4A92AF99F, 364E18EAD9AC22F8A306B24C6C43E58224F6BE2744EFEAA2484696B8D9880851 ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys
20:16:40.0414 0x0df8 LSI_SSS - ok
20:16:40.0460 0x0df8 [ D85E906ACB458BE4BF5F3C9B35404A74, BE054A5521F6D2E88BC4A4A9A7DD74A73CFAD80EDDD0C86491A6F4629BE3DAB5 ] LSM C:\Windows\System32\lsm.dll
20:16:40.0476 0x0df8 LSM - ok
20:16:40.0507 0x0df8 [ 2BDC5D711FA61307CE6190D47C956368, 6BCDC6CBB9783F1ABE8957BDA94AF977DFB2A310BB6D19085EFC8609C97FD180 ] luafv C:\Windows\system32\drivers\luafv.sys
20:16:40.0507 0x0df8 luafv - ok
20:16:40.0539 0x0df8 [ 9B0D829C3BE4E7472DB9DD2B79908E3C, ACED5806FFF39E84007B5A3DCB16315329DC53007F46B1BEEDC391CC659F7DD3 ] megasas C:\Windows\system32\drivers\megasas.sys
20:16:40.0539 0x0df8 megasas - ok
20:16:40.0570 0x0df8 [ ECC3F54C7AFC318271C4F0B4606D8DB0, FD1ACB18B8C912C7A57DABCD5460800DD0721A82E09C8D79C47B3392D61CBEA6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
20:16:40.0570 0x0df8 MegaSR - ok
20:16:40.0617 0x0df8 [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] MMCSS C:\Windows\system32\mmcss.dll
20:16:40.0617 0x0df8 MMCSS - ok
20:16:40.0632 0x0df8 [ 780098AD5DA8A4822E2563984C85EF7B, 29312970774E944B5ED388316CF3D350DCABF721F9695737B0AC56BE878B0446 ] Modem C:\Windows\system32\drivers\modem.sys
20:16:40.0632 0x0df8 Modem - ok
20:16:40.0664 0x0df8 [ EA8EAD3F5B762F889CC7F3966625B48B, B701A42E5E08B7BC6601560446146803182E5DC631AB73E9408F19CB6432F121 ] monitor C:\Windows\System32\drivers\monitor.sys
20:16:40.0679 0x0df8 monitor - ok
20:16:40.0695 0x0df8 [ 618446B98C79776654340CE27C73485E, EFE7169FDD545933B5949DA2D09266971C0C3E6894E7BD8AFE29E41567C72B16 ] mouclass C:\Windows\System32\drivers\mouclass.sys
20:16:40.0695 0x0df8 mouclass - ok
20:16:40.0726 0x0df8 [ C0ADEBED913295803B579ED288936CBB, 58F71541166D1DA07C18FBD27458D55E3F8AD7291CB7496B3A2F01372A5B0CAE ] mouhid C:\Windows\System32\drivers\mouhid.sys
20:16:40.0726 0x0df8 mouhid - ok
20:16:40.0742 0x0df8 [ 89D263DBF08119CE16273991C120D6DD, 9771EDAD266F0E234E71DFB6792F396710E051F2ADCA5CDADEBBD2790D0E6054 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:16:40.0742 0x0df8 mountmgr - ok
20:16:40.0804 0x0df8 [ 26EA1DAD601EE3ACAC301D66F07BA219, C9594BB15D53D4AC2156CCCD2DB65B2C20620F1F60DA85F48D1586FC10028096 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:16:40.0804 0x0df8 MozillaMaintenance - ok
20:16:40.0898 0x0df8 [ 4CCBBD4944777CA100B9A6C2F149A46F, 7FC172FAF8266BFBBBBAD94FD67EA3C1872F5927DC3900A9A54DB2DFE34E7415 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:16:40.0898 0x0df8 mpsdrv - ok
20:16:40.0945 0x0df8 [ 9DE3341BD4E14BC5FADFCAD3019F2D0D, 37E0531EADABC6D4BCC496826651D4D14CF0D10156FF13C11BDE466084B44FF4 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:16:40.0992 0x0df8 MpsSvc - ok
20:16:41.0023 0x0df8 [ 3D70147F55F1EC84EB9139ED7FFE48BC, 12429C2FDDDA13815F0E18F9009011AA5360955759A23A38175543F480CB92EF ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:16:41.0039 0x0df8 MRxDAV - ok
20:16:41.0101 0x0df8 [ 7A761AEE58658378BBA45D360F874CB0, 31972E63D93E07D92EF69571B7ED1E69B1358DCA5BEED62A9372F6411B4DFDB3 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:16:41.0101 0x0df8 mrxsmb - ok
20:16:41.0132 0x0df8 [ 06D5F2FA3C61E8EA91648EA8E9F99FD3, C665B7896501D42C73955F4EAF4FA3C6B2C9286957D6023C235AFBF9BFB761C6 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:16:41.0132 0x0df8 mrxsmb10 - ok
20:16:41.0148 0x0df8 [ 697B78CE3925E4FBFC544232A5E9E2EB, 2D03425513572F6098BAAF82C0EDB49EBAB88438971D349CA1917DA0BDB76334 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:16:41.0148 0x0df8 mrxsmb20 - ok
20:16:41.0179 0x0df8 [ 98487487D6B3797CA927E9D7B030AE13, 05840AF0DD2E3CB596DA768DBD0728B52210EC05B55AB5921E697AD8956938DD ] MsBridge C:\Windows\system32\DRIVERS\bridge.sys
20:16:41.0179 0x0df8 MsBridge - ok
20:16:41.0226 0x0df8 [ 4A07458EB4F17573BD39F22029A991C1, 74D7A1882EA4D19B8F090C2813489E5D3F759BF4AF2D88AE852EC6510C405B5E ] MSDTC C:\Windows\System32\msdtc.exe
20:16:41.0226 0x0df8 MSDTC - ok
20:16:41.0242 0x0df8 [ 3886F1F2A4D2900ABAA7E4486BEEE6A2, ECCA22985838A914EDC866C491DEB64B9FF5110EFA9BEE541F634AC5EC3081F9 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:16:41.0257 0x0df8 Msfs - ok
20:16:41.0289 0x0df8 [ C32A7A39B960A42BA9D4FBE47213CA03, 4DA48587138972DA5E95AEDBBBE73BA8CCADC8172C6654427ABEAC8047B27E95 ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys
20:16:41.0289 0x0df8 msgpiowin32 - ok
20:16:41.0304 0x0df8 [ D3857A767B91A061B408CCAB02DA4F40, A4D780772086AD8717EE6DC2B6189F796939FB5E5AA08FD9D1984101998FBECF ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:16:41.0304 0x0df8 mshidkmdf - ok
20:16:41.0304 0x0df8 [ 839B48910FB1E887635C48F3EC11A05E, F8CFD99911500CC1B6A90C8E2A1697BD5A6E5776A62A62FE5B342FE204C936B1 ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys
20:16:41.0304 0x0df8 mshidumdf - ok
20:16:41.0336 0x0df8 [ 55C0DB741E3AB7463242B185B1C2997C, D2E2A5B48A64EA0EC2A6566C08E65A38D11CEA64BCA7B57793BA0D009E4D974A ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:16:41.0336 0x0df8 msisadrv - ok
20:16:41.0367 0x0df8 [ 216C6B035A4BA5560E1255BD8E5BB89F, A14E038604B9A5506DB145A4D9F51E2751AC825240D2744924F39C332B5DE00B ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:16:41.0367 0x0df8 MSiSCSI - ok
20:16:41.0367 0x0df8 msiserver - ok
20:16:41.0398 0x0df8 [ 509809566E49F4411055864EA8D437CD, 70F37BF9C759E8BCA1C6AC8FB9805950925E1C648ED37E8561A0F7A407DFDC28 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:16:41.0398 0x0df8 MSKSSRV - ok
20:16:41.0414 0x0df8 [ 63145201D6458E4958E572E7D6FC2604, EDD4A8A3BBE94B983554B1117734E66A2647B867269C5F0567C47EDE6F3FACCB ] MsLldp C:\Windows\system32\DRIVERS\mslldp.sys
20:16:41.0429 0x0df8 MsLldp - ok
20:16:41.0445 0x0df8 [ 99D526E803DB6D7FF290FD98B6204641, 4AFAA3B1186621AEAD19E12D3DBE104DD8FCD5C106F9EC3ADA4AD1BC7093E61F ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:16:41.0445 0x0df8 MSPCLOCK - ok
20:16:41.0476 0x0df8 [ 06FA77C3E2A491ADCD704C5E73006269, 465A7EE5387E6C11398A554F73437278F5BF110356E7F49F315905C1F2459278 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:16:41.0476 0x0df8 MSPQM - ok
20:16:41.0507 0x0df8 [ E134EC4DE11CF78CB01432D180710D84, BB111F97AEEFDCA5866B157E9957599CD7A4952B5BCCA0B0BCA9EDFCD17E61FE ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:16:41.0507 0x0df8 MsRPC - ok
20:16:41.0523 0x0df8 [ B5AECF12F09DEE97C9FCAA5BA016CE1E, F5305C4CE6C93A3A3481BD13BE0C23FE26571E11029ACFFE75FB78913681FCFC ] mssmbios C:\Windows\System32\drivers\mssmbios.sys
20:16:41.0539 0x0df8 mssmbios - ok
20:16:41.0554 0x0df8 [ 72D66A05E0F99F2528F6C6204FD22AA1, B14D433BC5795F1DC4C672302285E665DC012693E75574F60664AAD8874DE562 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:16:41.0554 0x0df8 MSTEE - ok
20:16:41.0554 0x0df8 [ 8AAAE399FC255FA105D4158CBA289001, 2F55C02605B4A3406B289FF9D46C76260B9138E3DE96AFAEA0E0522E5A2A746C ] MTConfig C:\Windows\System32\drivers\MTConfig.sys
20:16:41.0554 0x0df8 MTConfig - ok
20:16:41.0586 0x0df8 [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A, 00D33A4AB3E7C5F65F59C63F8E2FD27EF38D5484595F785D5632E9414E29352C ] Mup C:\Windows\system32\Drivers\mup.sys
20:16:41.0586 0x0df8 Mup - ok
20:16:41.0601 0x0df8 [ 3A1E095277BBD406CEA8EA6B76950664, 47838F307A6354E77C19A7B1F3F3E22726EF60403B611F358AD6FFE81D7214E7 ] mvumis C:\Windows\system32\drivers\mvumis.sys
20:16:41.0601 0x0df8 mvumis - ok
20:16:41.0648 0x0df8 [ 4B18840511D720BA118D3017E8165875, 724458A69269A5AE57E8DAB74FF3C198A79B6F7A9602BF38A70B4A40543ED167 ] napagent C:\Windows\system32\qagentRT.dll
20:16:41.0679 0x0df8 napagent - ok
20:16:41.0695 0x0df8 [ 43D7388A90A4C6EA346A4D6FF0377479, DFDCFA448B49C8A577056070AF516F08CD2E452706A3CF9173195ABA4256F35D ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:16:41.0711 0x0df8 NativeWifiP - ok
20:16:41.0726 0x0df8 [ 6A0C3996DA7DAE6D6939676D786EEEC4, 6E8A4C6234FD3040BC889E92016A4D5AC7BCAF5059521E50C733966163A546A0 ] NcaSvc C:\Windows\System32\ncasvc.dll
20:16:41.0742 0x0df8 NcaSvc - ok
20:16:41.0757 0x0df8 [ C982FE4CC91DECE2259F494FCEB4030F, 4C285407E6F9FBBA92180F4063AEFB736ED142D802F0151002F0CC20AB7BB4E5 ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll
20:16:41.0757 0x0df8 NcdAutoSetup - ok
20:16:41.0836 0x0df8 [ A10E176F3B2BF83EDE7B5C4658C93B66, 42F2FAEB4A29BBC6727D7E159D3E7E2E66D33785E5C98496EEB44D281601A23E ] NDIS C:\Windows\system32\drivers\ndis.sys
20:16:41.0851 0x0df8 NDIS - ok
20:16:41.0867 0x0df8 [ 39C8A1D9D46F5E83A016BCAB72455284, 80DBED610E0818C2C7122FBC5BC8C15BCE981538AE48DC48F464A86389AF3F68 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:16:41.0867 0x0df8 NdisCap - ok
20:16:41.0914 0x0df8 [ 762941932B7E4C588E48A577BA9D6440, 71FA1870E398CB848D8294FEF6C60E0499CAB9A16EC3F487564C41072590E4F3 ] NdisImPlatform C:\Windows\system32\DRIVERS\NdisImPlatform.sys
20:16:41.0914 0x0df8 NdisImPlatform - ok
20:16:41.0945 0x0df8 [ 7A6F8A6D0E01432EBA294EF29CDD0FA7, D902AE15194A9F8A2198914FC76184FE7E2B589747275952A04A52853128FDB8 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:16:41.0945 0x0df8 NdisTapi - ok
20:16:41.0976 0x0df8 [ 79AB68BB3FFF974AD4F41FA559F4EC67, 1745EC6520B48E325C56D98A1F4DB9CE135FE3E097B3D66E6598791132CAD7BD ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:16:41.0976 0x0df8 Ndisuio - ok
20:16:42.0007 0x0df8 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:16:42.0007 0x0df8 NdisWan - ok
20:16:42.0023 0x0df8 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NDISWANLEGACY C:\Windows\system32\DRIVERS\ndiswan.sys
20:16:42.0023 0x0df8 NDISWANLEGACY - ok
20:16:42.0039 0x0df8 [ 3730942D7DB2F8BB5F84542B7FF6F650, 89C9D7D7305205BDB304CE6DA7D1A57EDE86A9D77429698802A39D75EB78CAAB ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:16:42.0039 0x0df8 NDProxy - ok
20:16:42.0054 0x0df8 [ D3F60A4345FCA9C1BE68AD7D0D6DE770, 214AF09F4B021C2F8655FBC8AC8C801E89CD9115CDE690FAEBDA69D63D660EDD ] Ndu C:\Windows\system32\drivers\Ndu.sys
20:16:42.0054 0x0df8 Ndu - ok
20:16:42.0086 0x0df8 [ 7C203A76394F9AE68F69EEE5F9612C4A, 2222654915913BDC9367A2075714906A10CF22C047A7494CD59CB71834ED1B62 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:16:42.0086 0x0df8 NetBIOS - ok
20:16:42.0101 0x0df8 [ 7CEC25C682D319D484630B3952C31A11, 025C46B367E0570E9E3F9DF1564C3E47B1524E9E9A180BBDF0E9C684838F5E42 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:16:42.0101 0x0df8 NetBT - ok
20:16:42.0117 0x0df8 [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] Netlogon C:\Windows\system32\lsass.exe
20:16:42.0132 0x0df8 Netlogon - ok
20:16:42.0148 0x0df8 [ 89519D29CBEC2121CA65CC29C4D345E0, F3BA7BCAFEC8DD8B29837458D1B2B1DEE748AEAAAE0575FD3AAE65CFC72A04CD ] Netman C:\Windows\System32\netman.dll
20:16:42.0164 0x0df8 Netman - ok
20:16:42.0195 0x0df8 [ 79FA9393C67EBBF92A56923592CF7A7C, A8AB8A6346B97B68810CC632F425085BE9E63ACAED0F119A7BFD03F2DA4AA5F6 ] netprofm C:\Windows\System32\netprofmsvc.dll
20:16:42.0226 0x0df8 netprofm - ok
20:16:42.0273 0x0df8 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:16:42.0320 0x0df8 NetTcpPortSharing - ok
20:16:42.0367 0x0df8 [ 12DD2800E4EEA37DC9AE256AD62423B4, 34740469EEA8740CBACD881CB232C9ABB9AB180DE5F45336BC6DBE154259F29B ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
20:16:42.0367 0x0df8 nfrd960 - ok
20:16:42.0414 0x0df8 [ 80ABCD4C2DE9FD832477303AE0CA3BE5, 98F3958E650CEB1006D92980503E1B176D2CA55D2A6742C1C27CDE829D137DA9 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:16:42.0445 0x0df8 NlaSvc - ok
20:16:42.0461 0x0df8 [ 17E19A742FB30C002F8B43575451DBE1, 59D226A4A5B5281C399BE96C694915E38EEAF335D31F346B0C65D8F469D7C9C3 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:16:42.0476 0x0df8 Npfs - ok
20:16:42.0492 0x0df8 [ 8ED299C30792544264E558BEA79F0947, 8A03FDA9AADB79ECBCBCDC988B7D8CF0672689C9DF673A2ECFE0D2D88A9C6A6B ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys
20:16:42.0492 0x0df8 npsvctrig - ok
20:16:42.0507 0x0df8 NPVR Recording Service - ok
20:16:42.0539 0x0df8 [ 832B5FDF0B5577713FD7F2465FCD0ACE, 4A551CDBACED47DD781EC59F8B59A13D66EFD85DCF636BCFCBACFE5972A78E93 ] nsi C:\Windows\system32\nsisvc.dll
20:16:42.0539 0x0df8 nsi - ok
20:16:42.0554 0x0df8 [ 689B3B1E95C70ABF7AFF29F9406EF1E0, 8B62D8AE53E1B3218158FADC0075682AB06D18998CF5DE82C920A9CD91C0652F ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:16:42.0554 0x0df8 nsiproxy - ok
20:16:42.0648 0x0df8 [ 7BE3EDFFA3216F989A6BDCB14795DD08, 19A2D0120C46CA9BCFBC16DC3E65687ACDDCBA33B79128188652BA2AFAA2EE2F ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:16:42.0679 0x0df8 Ntfs - ok
20:16:42.0711 0x0df8 [ 4163ADE07DB51843AE31F65B94F5398D, 4349E7EF1EE1E71E1F436BA42F5B58871D82B987D513BA2D6E1CEB8A21BD1B20 ] Null C:\Windows\system32\drivers\Null.sys
20:16:42.0711 0x0df8 Null - ok
20:16:42.0742 0x0df8 [ E366A5681C50785D4ED04FCFD65C3415, 7FF7B4B8F09E773401AE879897E60BF494B57B9ACEE990204A4C98A3FB183A33 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
20:16:42.0757 0x0df8 NVHDA - ok
20:16:43.0304 0x0df8 [ 0AC797F70F2F3E5B69A34FF2F63496F3, 80A811F8234BA00779BA76AAF41E830FB6CED03667E6E8F430C14DEBF2E45DD9 ] nvlddmkm

C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:16:43.0539 0x0df8 nvlddmkm - ok
20:16:43.0679 0x0df8 [ 903A40C958D471F9D30D29FA6D2800A4, 4641F8E8B20EE9AF8AB61E61AD74D41A4E9F51C906EC5F3BDC484FFAFB540E69 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
20:16:43.0804 0x0df8 NvNetworkService - ok
20:16:43.0820 0x0df8 [ D6D34118263412D3AAA8348A9572B7F2, 66106A25BC5A4CA7697A23ED67CEDB5C0BF678EA70FD967A405D2DF76F4CA3A4 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:16:43.0820 0x0df8 nvraid - ok
20:16:43.0882 0x0df8 [ 27AFC428D1D32ABD04A86763A4EDDEA9, 0920866013A8C8CFEE00E6AECDD41736F5501C49837E2D785998734F087F6B98 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:16:43.0882 0x0df8 nvstor - ok
20:16:44.0508 0x0df8 [ 68DE8D996D8FF628AB6B3D422035F862, 239CE5BE15F39966AE5243971FE75BDFB35359F92C8294C61155C863F4B3C40E ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
20:16:44.0804 0x0df8 NvStreamSvc - ok
20:16:44.0914 0x0df8 [ C135A25E8CF21EB631AB041ABB1F73EA, D0A3DC0411E888D0934B7579EEB980FA7824E3F22F70819A33411D8B8BC9EE42 ] nvsvc C:\Windows\system32\nvvsvc.exe
20:16:45.0023 0x0df8 nvsvc - ok
20:16:45.0101 0x0df8 [ 09216A70CC364D0974F606F6F2109210, 60877154D4DF5287D1989CDAA9863CD6DACA528D06233238498854A10C868C20 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
20:16:45.0101 0x0df8 nvvad_WaveExtensible - ok
20:16:45.0133 0x0df8 [ 051CFB5107BAAE510419BDC41F8C4036, 9990906F17A3886EF301D2AA6556263B52A1C0554C6BD18331AF44ECECAEE4B5 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:16:45.0148 0x0df8 nv_agp - ok
20:16:45.0258 0x0df8 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:16:45.0258 0x0df8 ose - ok
20:16:45.0320 0x0df8 [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:16:45.0351 0x0df8 p2pimsvc - ok
20:16:45.0383 0x0df8 [ 4319FD931DCD796435ECB5DB4A04FBA5, 20185B2F359EEC202B37019A4E4F5B914ADCF78B97AF0CBD91EECED2259FC6DE ] p2psvc C:\Windows\system32\p2psvc.dll
20:16:45.0398 0x0df8 p2psvc - ok
20:16:45.0429 0x0df8 [ 4563DAF8C6A740AD7F501E219BD10766, 7A1212DDAE2D66A9C2041262796904E36036CDC4C5B75C2F66B8DF9D89F7C25D ] Parport C:\Windows\System32\drivers\parport.sys
20:16:45.0429 0x0df8 Parport - ok
20:16:45.0461 0x0df8 [ D6ACCF9F2EEEEA711C14EFD976E573F3, 60D2A81832A8D24F91C3EF134440D5026354917F59462BACBCE7A01D84767D91 ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:16:45.0461 0x0df8 partmgr - ok
20:16:45.0492 0x0df8 [ 4811D9EC53649105A5A8BEA661B0F936, C77907E03D0561500FCFEAFAC323E9679E66297329901A0CA2BD7E919419A8E8 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:16:45.0523 0x0df8 PcaSvc - ok
20:16:45.0539 0x0df8 [ 4A003E8F718C1E6A2050CA98CD53E3E2, BCC3BE1EC3FA4967353371D85094D096940A7B5944A6FFCA31E8FBE83D92CC6C ] pci C:\Windows\system32\drivers\pci.sys
20:16:45.0539 0x0df8 pci - ok
20:16:45.0570 0x0df8 [ F9908D274D458220F91E89B54D78D837, 1E89ABFA6B375383E0297CEE5AF66E37F90E16DD21ABA5C91777A86CDF013B4D ] pciide C:\Windows\system32\drivers\pciide.sys
20:16:45.0570 0x0df8 pciide - ok
20:16:45.0586 0x0df8 [ 84D19CB6102627932DCB5DFDF89FE269, 2F9C47E076645B35877D9ACA77968EFFCDA8794D76265CD9A4AAA239C4B33C5F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:16:45.0601 0x0df8 pcmcia - ok
20:16:45.0617 0x0df8 [ CEBBAD5391C2644560C55628A40BFD27, 8AAA6EBD8D89FC91AECCCF1452F53C5650A1A17027FF4E64D224371404CE4C8B ] pcw C:\Windows\system32\drivers\pcw.sys
20:16:45.0617 0x0df8 pcw - ok
20:16:45.0758 0x0df8 [ C77DD8658E5DFA4CAD3E8BC624D57DD6, 629E4BF8EB8F48611BB3A7F3D51B1A3F26502649BD71AEA5F86DA4A076FBD67D ] PDAgent C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
20:16:45.0851 0x0df8 PDAgent - ok
20:16:45.0898 0x0df8 [ 0698DEDEAD6A00AD0D468C687D830FBF, B9DCA1A61F2EF80DB26380F390F2E9A17114D33129D61CF465B949B6A7916CAA ] pdc C:\Windows\system32\drivers\pdc.sys
20:16:45.0898 0x0df8 pdc - ok
20:16:46.0054 0x0df8 [ A5807A41FC0B0BBC4F67F0E5389B21A8, B79B2935B6C993FD7172622CDF076FF8653F8954F2140CE925590F3837122FFE ] PDEngine C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe
20:16:46.0117 0x0df8 PDEngine - ok
20:16:46.0148 0x0df8 [ 9F5E27C8B88A8DA1DC93E93A5C27BB9B, 296516C813F0AFE1BC6B837B213141C0B07F06448F706988990B802FA89D45DC ] PDFSFilter C:\Windows\system32\DRIVERS\PDFsFilter.sys
20:16:46.0148 0x0df8 PDFSFilter - ok
20:16:46.0195 0x0df8 [ 61FE70659CD43E07F94DA4DC31DEC493, 3739B6670B440173FD81DE3D47B0B90FAF296802AD4F57C05BF5CF191BF16022 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:16:46.0211 0x0df8 PEAUTH - ok
20:16:46.0336 0x0df8 [ DF0D9BDCB600913F40FF125BF8CE1979, 63544C3CEAF47FEEB761FD25BCAE53610C7AD65B7B2295C49D72A7C3C78A376D ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
20:16:46.0476 0x0df8 PeerDistSvc - ok
20:16:46.0539 0x0df8 [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A, 459CF99D5243C4ACAA38C7B426ADC52F1044C759D06A925D475DF6213AEB85CD ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:16:46.0554 0x0df8 PerfHost - ok
20:16:46.0648 0x0df8 [ 6E84BFF58F7643499277F29DFA2F8C8D, 401CCF137F35D9690C7B56B2BFEDB2DB72709EBE38626D787904B67640EF6F14 ] pla C:\Windows\system32\pla.dll
20:16:46.0726 0x0df8 pla - ok
20:16:46.0758 0x0df8 [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:16:46.0773 0x0df8 PlugPlay - ok
20:16:46.0805 0x0df8 [ 8E2414E818C26C4A9C70CB2B8567F04F, A16B22AE143BA070C562FBE5DEF32F7E228F50B302B66E46B46C44C0F50A4461 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:16:46.0805 0x0df8 PNRPAutoReg - ok
20:16:46.0851 0x0df8 [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:16:46.0851 0x0df8 PNRPsvc - ok
20:16:46.0898 0x0df8 [ 0108C8E5176D590F242701EF5A62CC26, 3A72F5D4402663B7445F6B3C55F01E83A619B6192F7D3CC2DE3C57F9F50D5A2D ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:16:46.0930 0x0df8 PolicyAgent - ok
20:16:46.0961 0x0df8 [ F1E067F56373F11EA4B785CAE823740A, 69BD30E64DA17595FF29C9C9FF9AD4F2F4BE29B688FBAC9DABB2FA9D13A47FF0 ] Power C:\Windows\system32\umpo.dll
20:16:46.0961 0x0df8 Power - ok
20:16:46.0992 0x0df8 [ 362D47E5B4D67270DE4B8606036F4ADD, 716E229C68D91AEA5B5629F60133D5CBDC0C95ABA54D9DC6264E923CAF4DC6C0 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:16:46.0992 0x0df8 PptpMiniport - ok
20:16:47.0148 0x0df8 [ 9D59831262CAD44E709D695FC9D5E7AB, F95C5475F91DA667C8D5C96253944CE8A0F2C9B1ED4DF8703E5D1D47A0C730B5 ] PrintNotify C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
20:16:47.0305 0x0df8 PrintNotify - ok
20:16:47.0351 0x0df8 [ DD979EB6A7212F60E4AFBE96EDC7AE6D, BC681D64C5B8F08FD4613D71111853FCD5B05E4BD127D2C6258BAED7627105BE ] Processor C:\Windows\System32\drivers\processr.sys
20:16:47.0367 0x0df8 Processor - ok
20:16:47.0398 0x0df8 [ 429E8502AD2227CF88F8840FC5BD590D, A186DA46C083580ACEDE9C7E3156865034302CD803140EEEC8E1DE16DA4BC99B ] ProfSvc C:\Windows\system32\profsvc.dll
20:16:47.0445 0x0df8 ProfSvc - ok
20:16:47.0476 0x0df8 [ EB8034147D4820CD31BFCB11A2A652DF, B10B5E16B7A05D2DB2D5D1945B6146DE15EEDE2C778772A59F104706B5145E46 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:16:47.0476 0x0df8 Psched - ok
20:16:47.0523 0x0df8 [ 0AFBF333B6F87A2F598EAB379AF100B8, D11F3A4D7E4463B62E2DBDE5FC61425B1FDFB07DD1A19BC001D479CA1F554510 ] QWAVE C:\Windows\system32\qwave.dll
20:16:47.0586 0x0df8 QWAVE - ok
20:16:47.0601 0x0df8 [ 13D47BB0CCA2FC51BD15F8E85C6A078E, EA832A9511007C9E8599C3066E1FA66BE869E8A27886D9A9AC590BD4DFBD1A15 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:16:47.0617 0x0df8 QWAVEdrv - ok
20:16:47.0648 0x0df8 [ 873C60F8178100557740A832FCE10B5F, 400EF60CB2C98E2AFE122AF3D01CCE56A1548AF865345EE2194AB74DBCBF4C48 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:16:47.0648 0x0df8 RasAcd - ok
20:16:47.0680 0x0df8 [ 69B93F623B130976243ECA3D84CC99CA, F27617E651EADFAEE479619AAB01CDAA98111BA63E204D5C44A1256732CB0100 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:16:47.0695 0x0df8 RasAgileVpn - ok
20:16:47.0711 0x0df8 [ 005F6E54C4A2DA4EBF68FB0392CE8BB0, 2F3C90A04964D4D906238BD557D90F7AC05DF86FE9729C4378B39431F54DDAE3 ] RasAuto C:\Windows\System32\rasauto.dll
20:16:47.0711 0x0df8 RasAuto - ok
20:16:47.0742 0x0df8 [ A14D625C5AEE5FFE0F47D1A1D419FAAE, 1229B81C23340AD5B436B1FD227876EB41715CE6BD270BA367F18879D26B8F04 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:16:47.0742 0x0df8 Rasl2tp - ok
20:16:47.0773 0x0df8 [ C923C785A2DE0B396AD6D13ACAFF2DE9, 4F950DA776FBABEC7D546983D6F3018733F61268A4BF95C01D4836AD000BD073 ] RasMan C:\Windows\System32\rasmans.dll
20:16:47.0789 0x0df8 RasMan - ok
20:16:47.0820 0x0df8 [ 00695B9C2DB6111064499C529E90C042, 3CD4DF4D8001C2BBF52EEEB1F0D587209878BEAC339D268892477AD840D490F1 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:16:47.0820 0x0df8 RasPppoe - ok
20:16:47.0836 0x0df8 [ A7F24D8CD1956B0A1FDCB86CC5114DE4, 30489D235362DF62B105378597168B13F4BAC74A8EDDBDA25237E3C017B69FEE ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:16:47.0851 0x0df8 RasSstp - ok
20:16:47.0914 0x0df8 [ CA03D642ACE58E1BA54E4B383F91CD69, 39BB942603801CF11FBEA28E24F8C8D1EF2AF615D1FABF951683A015D6A6EF37 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:16:47.0930 0x0df8 rdbss - ok
20:16:47.0945 0x0df8 [ CA7DF5EC95D8DE0DD24BE7FF97369F68, 153E6F716CA935DBCACB8FF1BB8DE5F5551CE3D18878225470E45893CA69BDB8 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys
20:16:47.0945 0x0df8 rdpbus - ok
20:16:47.0977 0x0df8 [ B2A3AD74FF2E2FFA73AF2567108231B3, DF8CEA6215F75C634D56F6B8AE11ECCEEB5F8CBC091AC3D6D9F7DE214B00A439 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
20:16:47.0977 0x0df8 RDPDR - ok
20:16:48.0008 0x0df8 [ 57F4787E4602A3FCA719C0A33137C6DA, D03AE59A184EB5D126F8EAB9D36EE406ABB8B9ED834F2D2496DDB1349FF56F89 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:16:48.0008 0x0df8 RdpVideoMiniport - ok
20:16:48.0070 0x0df8 [ B3CB0721E81E30419CE7D837EF4EA151, EC9410818661BF77E4A19694E3A3030E1D983B36F49C72E27F92A1424E0729C2 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:16:48.0086 0x0df8 RDPWD - ok
20:16:48.0117 0x0df8 [ 62C1F8A0685FE07E998AA296C4F697C4, C636AB2D0F139003A6AD7A12E9DC13EE4485A62F30DA59AF842FF02FE07442EE ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:16:48.0117 0x0df8 rdyboost - ok
20:16:48.0164 0x0df8 [ 3663CCF243EE0C04E9F6F91ED1737273, 31D06445996F99A7F6B32004D1BA63A21C61DE125373F860BA9A9DE5278E8293 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:16:48.0180 0x0df8 RemoteAccess - ok
20:16:48.0258 0x0df8 [ E80DD61E52EDFFF9DA1ED7260A68855B, 97909F42AE35E28B8F98C01A1D8BAD80A949CDCA0C88FB4ACF0A655DC7C10E45 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:16:48.0289 0x0df8 RemoteRegistry - ok
20:16:48.0336 0x0df8 [ A10B40CF9EB57D24E44717A2D38A00F4, 6964D1C49C032757E656436556470C5B8446E9DC6456D77D1A9303224AD90021 ] RivaTuner64 C:\Program Files (x86)\RivaTuner v2.23\RivaTuner64.sys
20:16:48.0336 0x0df8 RivaTuner64 - ok
20:16:48.0430 0x0df8 [ 73F2E030B5C24E4E41401B5F0D59E6FD, FAA8B5E3159684E0836900C6EAF63857B445F7F180169B56D5790F097EDAA38B ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:16:48.0461 0x0df8 RpcEptMapper - ok
20:16:48.0492 0x0df8 [ 10B21284B3D964AB3DC45490E57D422E, 12D5E3A7785F21C99C5EAD14A88EB7A86A058E26C091991339356D99D196CC13 ] RpcLocator C:\Windows\system32\locator.exe
20:16:48.0492 0x0df8 RpcLocator - ok
20:16:48.0555 0x0df8 [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] RpcSs C:\Windows\system32\rpcss.dll
20:16:48.0602 0x0df8 RpcSs - ok
20:16:48.0617 0x0df8 [ E04E770DD198B9399640717145E79EBF, 2F9BECB7E4B0A522C6370FD39CFD7DFD3FB5D0A779AECCED2EE855629FA3C952 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:16:48.0617 0x0df8 rspndr - ok
20:16:48.0664 0x0df8 [ B88880586ACD3EDEFCD0F9C2A6C1EE27, 901EEA6C7CC4AA19C3D79E52D4892F9965B61D51DBE0855ACCB64BB6B2260353 ] RTL2832UBDA C:\Windows\system32\drivers\RTL2832UBDA.sys
20:16:48.0664 0x0df8 RTL2832UBDA - ok
20:16:48.0680 0x0df8 [ 4C04300EE6A5E780FD4E2F0806AECA0E, 85C01DDABEC393D85DD5F243EDF4792036209BCC01CE23296F0305AD1D2CFA71 ] RTL2832UUSB C:\Windows\System32\Drivers\RTL2832UUSB.sys
20:16:48.0680 0x0df8 RTL2832UUSB - ok
20:16:48.0695 0x0df8 [ 19FAA5E7CF3D5263F4E79450A03E50CA, 372CA259C8996B2B0283698F10A8FFD381E549BC9221EB105056DAEB4023B446 ] RTL2832U_IRHID C:\Windows\System32\drivers\RTL2832U_IRHID.sys
20:16:48.0695 0x0df8 RTL2832U_IRHID - ok
20:16:48.0742 0x0df8 [ 15923AA360F7675D3D43C9669316A0BA, AD1852732082140C62CC44A01914162E44BF412B4A852DF27DC0E0765E64288F ] RTL8168 C:\Windows\system32\DRIVERS\Rt630x64.sys
20:16:48.0773 0x0df8 RTL8168 - ok
20:16:48.0789 0x0df8 [ 752EC7DCD2F96871A3857EEE6AFE965A, 1D0640966B9147A06ED0E733711773E6B4AB8AC6D962D5B369ECB04170D18AD8 ] s3cap C:\Windows\System32\drivers\vms3cap.sys
20:16:48.0789 0x0df8 s3cap - ok
20:16:48.0820 0x0df8 [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] SamSs C:\Windows\system32\lsass.exe
20:16:48.0820 0x0df8 SamSs - ok
20:16:48.0867 0x0df8 [ 9C7B28CE0D136DB226E24DB3BC817F92, E9DE55D6432ADD08EC75F99F2B5D2BD1F553F4EE55991B1767B1578351EE0BF2 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:16:48.0867 0x0df8 sbp2port - ok
20:16:48.0930 0x0df8 [ 14316954FCE79C9DE5A0AFF9D42C83AA, B60FB1FAC0299F9560761411711E86EDFA2F8D27B58230E2E4BB37736FAB2287 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:16:48.0961 0x0df8 SCardSvr - ok
20:16:48.0977 0x0df8 [ 5D7733A12756B267FCA021672B26BC9E, 01CE5B5F49914B9E099BD909A66296F3A40644AE47BA1D5EBFFB30CD33C70A4A ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:16:48.0992 0x0df8 scfilter - ok
20:16:49.0055 0x0df8 [ 03F58B3FA4B5329F21F770B1EF8D984A, 32976E64E4960E5996E3CA2F8BA9374E01201C461DE52AF0FA14BA75C784AC25 ] Schedule C:\Windows\system32\schedsvc.dll
20:16:49.0164 0x0df8 Schedule - ok
20:16:49.0258 0x0df8 [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] SCPolicySvc C:\Windows\System32\certprop.dll
20:16:49.0258 0x0df8 SCPolicySvc - ok
20:16:49.0305 0x0df8 [ F58B030A0664385C707B8C1C63682041, E46AADAA2CD687B9A4B564DC5B002493C8480542588E660BC3DF89EAF9DB0427 ] sdbus C:\Windows\System32\drivers\sdbus.sys
20:16:49.0320 0x0df8 sdbus - ok
20:16:49.0367 0x0df8 [ 92968277ED491E4B3DDA361E3952361E, 71C50853BB2126A34C7CD014EE44D4B8B39F589E2E8E8E8F4C982E07498E3899 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:16:49.0383 0x0df8 SDRSVC - ok
20:16:49.0414 0x0df8 [ BB107AA9980B0DA4E19A3A90C3BD4460, BCB4CF0FFF1FD57302557B68044A88C8EEAAE57C2FEAE8EAD1F410F960298B6D ] sdstor C:\Windows\System32\drivers\sdstor.sys
20:16:49.0414 0x0df8 sdstor - ok
20:16:49.0430 0x0df8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:16:49.0445 0x0df8 secdrv - ok
20:16:49.0461 0x0df8 [ CD282626738B6BC92B6E7CD0AAE95B63, 1A56567C781786C85C63E24E79186EE5C82D3EB2679061B21BA0571A3A6CB7F5 ] seclogon C:\Windows\system32\seclogon.dll
20:16:49.0477 0x0df8 seclogon - ok
20:16:49.0492 0x0df8 [ 9C51620998F0763039DFA6BF68E475ED, 9E496ADE7CE9A446BE8A2C2FC61B462D966778A94A4C147AABBD25C4821C2BCE ] SENS C:\Windows\System32\sens.dll
20:16:49.0508 0x0df8 SENS - ok
20:16:49.0539 0x0df8 [ 0D50B4B860DAB65241628D04CD33ACAE, 2AA897C3F9ED076AB9244A32745D18489B076F3ED28A35B868C472131C5B5B46 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:16:49.0539 0x0df8 SensrSvc - ok
20:16:49.0586 0x0df8 [ 87C46B239A7EEF30FDFDD5E9BD46130C, F36FB5B20AC58FBD31F7E636059D2D865B751E178E51A03B94ABE0BBD1AB1EC9 ] SerCx C:\Windows\system32\drivers\SerCx.sys
20:16:49.0586 0x0df8 SerCx - ok
20:16:49.0617 0x0df8 [ 7A1F9347C85FD55E39B8A76B3A25C5AD, 03AF3B23285278A38F4CBEAB7FD326A48FA1EC7F8D044C059CE5403C6D225639 ] Serenum C:\Windows\System32\drivers\serenum.sys
20:16:49.0617 0x0df8 Serenum - ok
20:16:49.0633 0x0df8 [ F640A0A218BBF857F1D04A15D7D939F6, 948C13886281FE7947E10FB7B34D5CCFE512FB632F1132B6062AC85149F79950 ] Serial C:\Windows\System32\drivers\serial.sys
20:16:49.0633 0x0df8 Serial - ok
20:16:49.0664 0x0df8 [ F1A5F56B2620B862CC28FF96A0A6DAAB, E5367212B2CADF3820D657CFC27CD961547E28DAB950C68E1380CF97FB68F3F4 ] sermouse C:\Windows\System32\drivers\sermouse.sys
20:16:49.0664 0x0df8 sermouse - ok
20:16:49.0695 0x0df8 [ CB60A60340788C8D6DE2A269D28086AB, 2D8948E59BB9B00E16D20E425F80E7B862957DBAC9A4D1484E5191FAF333B60D ] SessionEnv C:\Windows\system32\sessenv.dll
20:16:49.0711 0x0df8 SessionEnv - ok
20:16:49.0742 0x0df8 [ 7EE65419B29302C795714FF8073969A1, E28D89A5423E3A5062030EB2418E9435DD5D8B9D16570046E782D3FCFDA2E79A ] sfloppy C:\Windows\System32\drivers\sfloppy.sys
20:16:49.0742 0x0df8 sfloppy - ok
20:16:49.0789 0x0df8 [ 090AE16F79C8EAD04E6031F863DA85F3, 3F27BE46DF602B53940414A6E9FEB23B36CFFB8E9A7F41440C3315B8E27D0029 ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:16:49.0820 0x0df8 SharedAccess - ok
20:16:49.0852 0x0df8 [ A77F3ABE13FCC698511E5DEC7ACEBD5F, 78A43FDA9F770FD8BA107605DB44BC71D8B89D7E75560DA783AA6356C1873C15 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:16:49.0898 0x0df8 ShellHWDetection - ok
20:16:49.0930 0x0df8 [ 2560721D6F16D5B611C36A3A9D28C1B2, 15C30404902654ABA5DB5367FC5BD31343B12A3FC22B4BC5A26B09016447B5ED ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
20:16:49.0945 0x0df8 SiSRaid2 - ok
20:16:49.0961 0x0df8 [ 3AA8FDE1DBF65BB8B88B053529554A0D, 8060D946344D043D336F4735363C23C37C91A6DB3F81E575C267B2EC2BECB0EC ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:16:49.0961 0x0df8 SiSRaid4 - ok
20:16:49.0992 0x0df8 [ E660156A4588A84305CB772FD2C0DB21, 9492EB6578D4A689945E1FC2440EFA77D461049CDB2D00A645969A71B7DA68E1 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:16:50.0008 0x0df8 SNMPTRAP - ok
20:16:50.0039 0x0df8 [ 9110193D93960E38B8692E4519C75D72, 789381B4CCC056EE431E78E2339AC9802264A1CE4B378DDA9769649664C9A7A0 ] spaceport C:\Windows\system32\drivers\spaceport.sys
20:16:50.0039 0x0df8 spaceport - ok
20:16:50.0070 0x0df8 [ 3D8679C8DF52EB26EB7583A4E0A29202, DCD9B69299275857712AB200C014AE820C8A9F7E53C4A335A84518FBE4BB56BB ] SpbCx C:\Windows\system32\drivers\SpbCx.sys
20:16:50.0070 0x0df8 SpbCx - ok
20:16:50.0117 0x0df8 [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan C:\Windows\syswow64\speedfan.sys
20:16:50.0117 0x0df8 speedfan - ok
20:16:50.0195 0x0df8 [ 3F215BF2D4D8D6756298B25B579772C2, 744192D1635E5D296BFD399E870B70592202CEAF95C31C2D2B226A868D33A3FD ] Spooler C:\Windows\System32\spoolsv.exe
20:16:50.0242 0x0df8 Spooler - ok
20:16:50.0414 0x0df8 [ 061A977C920FBE4BF71FF47C966DDDCA, 746516396B72E4ADB05D978C819CD45FE44EE194756F6DA50121D755439CA590 ] sppsvc C:\Windows\system32\sppsvc.exe
20:16:50.0617 0x0df8 sppsvc - ok
20:16:50.0680 0x0df8 [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6, 61EEB1349489CB85204F1B4E398BE24EDC01FB914120C9DD0487F8EE1EDA055E ] srv C:\Windows\system32\DRIVERS\srv.sys
20:16:50.0695 0x0df8 srv - ok
20:16:50.0742 0x0df8 [ 8504ADDE9C146C6295B16D13A0007560, 715E3752AE4A276FA8DAFA3B52B699C45D97E747CB25FE4AE307241D206319B7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:16:50.0742 0x0df8 srv2 - ok
20:16:50.0789 0x0df8 [ BB0F9E19C5CE4DC765B263E2A5561DE1, F7DBC96E049625E4312D8F588FCF2B4AC6318C04D04758982FE9B51DABEC2DAE ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:16:50.0789 0x0df8 srvnet - ok
20:16:50.0836 0x0df8 [ 7A20882D76D4A78240A5AC9F2C2EBA21, ACA05211EE542999A118BBD2CD051038A7DC8C40C4B8971DC6514BA90E90EC61 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:16:50.0852 0x0df8 SSDPSRV - ok
20:16:50.0867 0x0df8 [ D233B16999A8E626F6004BD7814C57EC, 5BBFE5DDF1269617ABD1BDBED85A79D99BB52EA29C2BB3A8F4A1827BFAA1A747 ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:16:50.0867 0x0df8 SstpSvc - ok
20:16:50.0930 0x0df8 [ 882E2063832AA21716D2C17F11BE4079, 8E2E20960B1D6A2E9C26AB1E1A7BD4571C12B04DD73BB0BA77A22111B78ACD37 ] Start8 C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
20:16:50.0930 0x0df8 Start8 - ok
20:16:50.0992 0x0df8 [ 718D79F2E7EC3AFFD3661DA81F93BBEA, BA2A4E58E5EE06392EE6F4C2E738DC807EC5A8B9F6DD4B7935FE27CBC648E390 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
20:16:51.0008 0x0df8 Stereo Service - ok
20:16:51.0055 0x0df8 [ 4E85355B94CFCB67C135F6521A4895A7, AC4FC65C1E62A54B3834E7FE0A2B1ECC48A2AA563AE5BD508326EE68FFFBBEEE ] stexstor C:\Windows\system32\drivers\stexstor.sys
20:16:51.0070 0x0df8 stexstor - ok
20:16:51.0133 0x0df8 [ BAC8A721736AECC55A4F71523AEAB65F, B52E1303B13A961A5FC190829E55B6F28ACA409A6EEF44B358D1D210558FE1D8 ] stisvc C:\Windows\System32\wiaservc.dll
20:16:51.0211 0x0df8 stisvc - ok
20:16:51.0242 0x0df8 [ B240874B2CA0CD02E8CD11E140B14C57, 0FDBEE3DB644175A30065CAF020F375703ADC45A33221788C010F3111707FC25 ] storahci C:\Windows\system32\drivers\storahci.sys
20:16:51.0258 0x0df8 storahci - ok
20:16:51.0274 0x0df8 [ F74DBC95A57B1EE866D3732EB5F79BE2, E4FE9D5CD0A385ACB60D5D5E8D969F26C3A6BC0C08FF0838DBE9CA106229C8DE ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
20:16:51.0274 0x0df8 storflt - ok
20:16:51.0305 0x0df8 [ 5337E138B49ED1F44CCBA4073BC35C20, 2B296973215E3865A56C46DC3D27F1460D96BC321558CE7A911B05B0E7BF397F ] StorSvc C:\Windows\system32\storsvc.dll
20:16:51.0305 0x0df8 StorSvc - ok
20:16:51.0320 0x0df8 [ 543CD3CC0E05B8D8815E0D4F040B6F59, 4B57C9534E94A0A67FC82DBD4FAECACA180BEC281FB477550A37C0A04777E09E ] storvsc C:\Windows\system32\drivers\storvsc.sys
20:16:51.0336 0x0df8 storvsc - ok
20:16:51.0352 0x0df8 [ 1A36AC469140F87CDE62D7F8524E270C, B07086E0D844567FF0A880366EA8ED8042F8ED744E6AB1FD9539F360905A07F2 ] storvsp C:\Windows\System32\drivers\storvsp.sys
20:16:51.0352 0x0df8 storvsp - ok
20:16:51.0352 0x0df8 [ 8BC1C1ED6EF9C985A3FAA6A72F41679A, 82CC77030D23013572B4A64A64B6156789F253BF56268B790093CE3D345410A0 ] svsvc C:\Windows\system32\svsvc.dll
20:16:51.0367 0x0df8 svsvc - ok
20:16:51.0399 0x0df8 [ 4AFD66AAE74FFB5986BC240744DC5FC9, 0C9347614E3FD3B4D3B29FA4A5DA23FF6EE4CD9A1FFC378B855B8DE61B2876CF ] swenum C:\Windows\System32\drivers\swenum.sys
20:16:51.0399 0x0df8 swenum - ok
20:16:51.0430 0x0df8 [ 502F9488540051F3E6C39889ECFA76BB, 22ABD681BE4CF8A1F484C6363C1334B1EF7A6C074D837B0121DE1896887B84C6 ] swprv C:\Windows\System32\swprv.dll
20:16:51.0477 0x0df8 swprv - ok
20:16:51.0586 0x0df8 [ A06CB9269D29EE3D0F3F5630ABB660B8, 519A01FC7D9414B26CCBC23E7FB1CEAF1C91CD173B4F4A4025F8316B7460C584 ] SysMain C:\Windows\system32\sysmain.dll
20:16:51.0695 0x0df8 SysMain - ok
20:16:51.0742 0x0df8 [ 6FB88606C4A71E1BFAF97D63A676C673, D72F93A482E989ACA50F9647B7AD699A4656AEAACF377BB2B8CEBB094B748852 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
20:16:51.0758 0x0df8 SystemEventsBroker - ok
20:16:51.0774 0x0df8 [ A6C06C45C44AD06C70AF8899AEC15BDC, AC2CCCDBA6B94BA85A6D41B47343193D175786D4ECF71AE9C7766ADD63A1273F ] TabletInputService C:\Windows\System32\TabSvc.dll
20:16:51.0789 0x0df8 TabletInputService - ok
20:16:51.0820 0x0df8 [ 88B7721AB551C4325036B25A34A2BF7B, 2817CC6294542524EC373A674535F913440736BEBE81233CA91D5ECD93620B02 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:16:51.0820 0x0df8 TapiSrv - ok
20:16:51.0992 0x0df8 [ 0E0C16EE82E2F4EBC2FBCA24C8F00D9E, F8B2A0257442E00C5D7C5A15BBD84194D0F0C071424656CA4B8EC850B6898D10 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:16:52.0039 0x0df8 Tcpip - ok
20:16:52.0164 0x0df8 [ 0E0C16EE82E2F4EBC2FBCA24C8F00D9E, F8B2A0257442E00C5D7C5A15BBD84194D0F0C071424656CA4B8EC850B6898D10 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:16:52.0211 0x0df8 TCPIP6 - ok
20:16:52.0242 0x0df8 [ 8F2A13A5DF99D72FDDE87F502A66F989, 2228C62ACDB4CBBFDD2BE705E604E0B9A8AEA7146F65F2D8B9B2A2FB49ACFAE1 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:16:52.0242 0x0df8 tcpipreg - ok
20:16:52.0258 0x0df8 [ 73DC722CE5DF26D7638CE2446F2655C7, 9B8E6F6DEA5E0C2AEAC24A31897D2E73F86EF44F1C25FEF82D2C860353793817 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:16:52.0274 0x0df8 tdx - ok
20:16:52.0477 0x0df8 [ 9CC341BE32EEC138702795768DE9DE99, 61F580B40075680C72E40286BC6D69E94653A0F5574FFE08B46A9011AC88C58B ] TeamViewer9 C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
20:16:52.0680 0x0df8 TeamViewer9 - ok
20:16:52.0727 0x0df8 [ F7C8AB5D8AFFAA318D6A21093D139BF4, 0A35052EF7DC8615783A23897358D8C579BE694363615C9563FF629E7B719991 ] terminpt C:\Windows\System32\drivers\terminpt.sys
20:16:52.0742 0x0df8 terminpt - ok
20:16:52.0836 0x0df8 [ 541EE228D0DEF392F7B2DFD885DD021B, 594D6538FA4DB5EF4D130007D7C29051EC2EDCA39EBB119695B58E9CBB0EB728 ] TermService C:\Windows\System32\termsrv.dll
20:16:52.0883 0x0df8 TermService - ok
20:16:52.0899 0x0df8 [ 519A6F672FFF56B7D8EE8C730CEC8ECD, 2B36F10C0AE16A261DC0887B1050808BA1F0568F3879E4ABC3D370F08C3FADB7 ] Themes C:\Windows\system32\themeservice.dll
20:16:52.0899 0x0df8 Themes - ok
20:16:52.0930 0x0df8 [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] THREADORDER C:\Windows\system32\mmcss.dll
20:16:52.0930 0x0df8 THREADORDER - ok
20:16:52.0992 0x0df8 [ 4515B9E4140F04FB3907692DF89FCA87, F68EC56524BDA877646E987BE7414C1D622BD9FF05A5AEADCA39030FDC2B0115 ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll
20:16:53.0008 0x0df8 TimeBroker - ok
20:16:53.0055 0x0df8 [ E94F7A7B48C7638D1F3F8089344C97B7, 276CDE59614D563A52529BCC4BFC726E5F5BE131C9C4142558A644D79328C810 ] TPM C:\Windows\system32\drivers\tpm.sys
20:16:53.0070 0x0df8 TPM - ok
20:16:53.0086 0x0df8 [ 8C8CF3041B27E7657ADD0EE17F6DBFCA, A6846478B9E7B0A509E5A28C6C7B66ED39F0247F9AFF01E3C3CADC0DBEF3CA00 ] TrkWks C:\Windows\System32\trkwks.dll
20:16:53.0102 0x0df8 TrkWks - ok
20:16:53.0149 0x0df8 [ 8ABBB5CE0C62E0A6D28F32F44B7F865C, 4C78FE2A4A25A758D5191C4EDB2A6FE691FF82E7C16C0F146DC96DAD87D4F64E ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:16:53.0149 0x0df8 TrustedInstaller - ok
20:16:53.0164 0x0df8 [ 4E7C5FB10A50435523DE0CAA37DE2BD3, D6206DF61950F2541FB754E57C4D9EF9FA0CC1EDD6F6FA4E45F02B47958493F7 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:16:53.0180 0x0df8 TsUsbFlt - ok
20:16:53.0195 0x0df8 [ 16D684A820872EE54F6370703AC0B513, 795E20484358424CE9FA766937DD99413025A8AF967D03490392E8E02A382D0B ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys
20:16:53.0195 0x0df8 TsUsbGD - ok
20:16:53.0274 0x0df8 [ F265F75053F4E60BF6C12E7C85937387, 414D1C931D37AA651EBE5E46B4A587F694ACB0A77CA0476C9D79A629EDE0BB80 ] TuneUp.Defrag C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe
20:16:53.0336 0x0df8 TuneUp.Defrag - ok
20:16:53.0367 0x0df8 [ 78C9EE193AC2B4CBDBC48B620314D740, 41523E47D321BFF5778F5E453545B928C0A469C3BBA51578E74D6721D7DF9273 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:16:53.0367 0x0df8 tunnel - ok
20:16:53.0414 0x0df8 [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A, AA7DA2207C0236F47859A4791F9D7301E7ADB50A59D831DC859ECC7CA70D3E1D ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:16:53.0414 0x0df8 uagp35 - ok
20:16:53.0430 0x0df8 [ 6FD6D03B7752C78712E5CFF29A305026, F09C5188AAFCF4C77B05BA1E604F9912782A9F1371F72F959288EBC2725407ED ] UASPStor C:\Windows\System32\drivers\uaspstor.sys
20:16:53.0430 0x0df8 UASPStor - ok
20:16:53.0461 0x0df8 [ 061BA3EE0D2BE17944990544008CF190, C9236D368EC2281B545E8C008BC2801F21A9716ED3D4DAEDB0751A5008346E81 ] UCX01000 C:\Windows\System32\drivers\ucx01000.sys
20:16:53.0477 0x0df8 UCX01000 - ok
20:16:53.0508 0x0df8 [ 25C50F4EDF70D0A831E0566BD181CCF2, F2F9E86FB5617C16077D2073EC0AA747F76F1EB5148BA110347A84F3C3569F83 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:16:53.0524 0x0df8 udfs - ok
20:16:53.0555 0x0df8 [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D, 16DE6E0894C356A58AF12BEC2FE9B188F147DD4B16CB2414DE600CE4127F929D ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:16:53.0555 0x0df8 UI0Detect - ok
20:16:53.0602 0x0df8 [ 07FEBCDF24FABA0D47B635D85A0FFB7A, 452C04B14681EBCE8B1B25B75A1B7CC978722B7DDE54D624E17841B14ACCF65D ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:16:53.0602 0x0df8 uliagpkx - ok
20:16:53.0617 0x0df8 [ 02CEB3FE6152668A7BA420B93B664860, 613F27540FD1EFE2442E326F507DACD5A25691C8481937022B7E1104F3E6E9E2 ] umbus C:\Windows\System32\drivers\umbus.sys
20:16:53.0617 0x0df8 umbus - ok
20:16:53.0649 0x0df8 [ 991EE6B5FC41EAEF99C8AF5B92F2CA09, 30AAD7D18FF5962CEC7180359D148EED5A1BF193DDB2B34508897FC3EBA692C3 ] UmPass C:\Windows\System32\drivers\umpass.sys
20:16:53.0649 0x0df8 UmPass - ok
20:16:53.0695 0x0df8 [ 43FEFB040A0CC30F795FBF544169594D, F2A730C0F7C883321C378D4564120A40428D7F8E393F02C8D6A08934795A35C7 ] UmRdpService C:\Windows\System32\umrdp.dll
20:16:53.0711 0x0df8 UmRdpService - ok
20:16:53.0805 0x0df8 [ 14D22C411854AA2560AFC94CD2D5E61F, BB376734733671C02319E6DB1800D41212694446FD65465498C92D4ECBFE7458 ] upnphost C:\Windows\System32\upnphost.dll
20:16:53.0836 0x0df8 upnphost - ok
20:16:53.0899 0x0df8 [ C976C4306F9AE133D6BBD47FDFC3BF92, 820413D92D6A89055A7F26523BF5CC4B668610C4A06E8B0D163FBF929B1DFA9A ] usbccgp C:\Windows\System32\drivers\usbccgp.sys
20:16:53.0899 0x0df8 usbccgp - ok
20:16:53.0930 0x0df8 [ 427B6DB8C05A5A977E8C3525370A2595, C67222CA9123AE12D953995326B3B582C146CEA89594B7209DB0B1F628A0118D ] usbcir C:\Windows\System32\drivers\usbcir.sys
20:16:53.0945 0x0df8 usbcir - ok
20:16:53.0961 0x0df8 [ B24FDEB1B18496F1B463782235AA3AF1, 3F5036F36987C8007D03DAFC3EC30615515BE96D9A1DF879BCD4EB0E66CD50B1 ] usbehci C:\Windows\System32\drivers\usbehci.sys
20:16:53.0961 0x0df8 usbehci - ok
20:16:54.0008 0x0df8 [ F8C2A832DF9403F5EA8080CBDBDA95FB, 50E9455465672BC13EB945BEC132D2F30BA2EB25C68928D2B4C256F2DB292A83 ] usbhub C:\Windows\System32\drivers\usbhub.sys
20:16:54.0024 0x0df8 usbhub - ok
20:16:54.0055 0x0df8 [ E5F7328B1D29BCE791862CD3C0DD382A, E520D75CA6E4EDB06F576D97FB6B7CFD46A3EF3A3AC881537DE3BB8C862FE8C3 ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys
20:16:54.0070 0x0df8 USBHUB3 - ok
20:16:54.0086 0x0df8 [ 325F6179009B5A7F6118951A5BA422AB, 756CB2893530485E8C3ACFF5A40F4C6EB446E72B2296E8772058E407A5E066DE ] usbohci C:\Windows\System32\drivers\usbohci.sys
20:16:54.0086 0x0df8 usbohci - ok
20:16:54.0102 0x0df8 [ 9FDBA6982582A6F2354144980F641E7B, 054A65412CB22C5BE970FD3A266E140110D869B614B9F9894628D553CE82C991 ] usbprint C:\Windows\System32\drivers\usbprint.sys
20:16:54.0102 0x0df8 usbprint - ok
20:16:54.0133 0x0df8 [ AD91D1BBE5D3CF4501887DC1C09384FD, ED9E27CD1D52401087427EC20E389FBE2497193483C2E53E8DE5D70DACF5D928 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
20:16:54.0133 0x0df8 usbscan - ok
20:16:54.0149 0x0df8 [ BFC7FE4AAEB61317A921871B4085EF4B, CBC3FBAEAD6C82A437CC87A97007EF807C64053AB8FA5C3233C2A0CF6FC8D019 ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS
20:16:54.0164 0x0df8 USBSTOR - ok
20:16:54.0180 0x0df8 [ 1ABF657259DB57F7E5558E4DF1357C0C, 34EAF5DEA3293CFA96BA81B036305FD90ABAE05B9CB73D4F54FB236448C1978C ] usbuhci C:\Windows\System32\drivers\usbuhci.sys
20:16:54.0180 0x0df8 usbuhci - ok
20:16:54.0211 0x0df8 [ 9EF7C01D3ACCBC243B5CB1A95865B2FF, 367A7640B4992E68EB3E1BBD78D3014742F4CC4056750E389048C653251DAD33 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
20:16:54.0211 0x0df8 usbvideo - ok
20:16:54.0227 0x0df8 [ 8DC398D7B8E02C929A2096E74A170970, 87B3CE84D05F50C33935B28F0AFF1CB15DAA4530768BA1FB25C311609CD4B0A5 ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS
20:16:54.0242 0x0df8 USBXHCI - ok
20:16:54.0258 0x0df8 [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] VaultSvc C:\Windows\system32\lsass.exe
20:16:54.0274 0x0df8 VaultSvc - ok
20:16:54.0289 0x0df8 [ BACECBFF9C97F7627A60B0E0F1FE7EE8, DC82F767D066B93A48A090DC7146EBCCDC54B43C6CD9DF29A160E09E3A531DC8 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:16:54.0289 0x0df8 vdrvroot - ok
20:16:54.0336 0x0df8 [ 1B4488988E5E7512E6C5CD1255E9E973, B82C26E767A8895CFFD76C11D07D5C945C38E1BD32CC27D20A6C0FA7F6064FC5 ] vds C:\Windows\System32\vds.exe
20:16:54.0414 0x0df8 vds - ok
20:16:54.0430 0x0df8 [ 74FA2D4368DE6F6CE14393EDF1F342BE, C5CE4164B2C3D583A7FB8687ADEADCDB08D36A5AB1965E5FC6949AEED15881C8 ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys
20:16:54.0446 0x0df8 VerifierExt - ok
20:16:54.0477 0x0df8 [ 500BE6B2E49883720D0AE8BB859ED7A3, 4606B02A3E8123510676E554635EB5ECF9DC5F2B83928710C8563787C52CC102 ] vhdmp C:\Windows\System32\drivers\vhdmp.sys
20:16:54.0492 0x0df8 vhdmp - ok
20:16:54.0508 0x0df8 [ F5B4A14B00E89250C50982AC762DDD1D, 581CD97DD42E74A82F06BFB827DFC82618B4A8667ACA7E93C628BB0D056CE8F0 ] viaide C:\Windows\system32\drivers\viaide.sys
20:16:54.0508 0x0df8 viaide - ok
20:16:54.0539 0x0df8 [ 0E43886F01C85B47BA0A3157274BCF59, C81E1841B1138D8C224FAF76258F7EB65145CCAF7938CA86CBADD8FFF79BA596 ] Vid C:\Windows\System32\drivers\Vid.sys
20:16:54.0539 0x0df8 Vid - ok
20:16:54.0571 0x0df8 [ 78DB50F7329F6D1311658DABFFFC8BE0, 8CB0C831608033C4BC1D2DA7FAA7D429333A3654E76A989F7AF85BFC5F086BE9 ] vmbus C:\Windows\system32\drivers\vmbus.sys
20:16:54.0571 0x0df8 vmbus - ok
20:16:54.0602 0x0df8 [ ECFEE2F2BA3932C7880D1A8F67D68F91, 57DCD55A518A9FBDEF72B511C643B1062C3F7BD339F4B0FC19E9D84C615B968D ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys
20:16:54.0602 0x0df8 VMBusHID - ok
20:16:54.0617 0x0df8 [ B4F432A51826FFC66F4DF72A83E8E4B1, 2C6F4D477F91605A3685FCF9EC6EA798E74C6853CC91547A749E9C050E7C19E8 ] vmbusr C:\Windows\System32\drivers\vmbusr.sys
20:16:54.0633 0x0df8 vmbusr - ok
20:16:54.0696 0x0df8 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicheartbeat C:\Windows\System32\ICSvc.dll
20:16:54.0727 0x0df8 vmicheartbeat - ok
20:16:54.0758 0x0df8 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmickvpexchange C:\Windows\System32\ICSvc.dll
20:16:54.0774 0x0df8 vmickvpexchange - ok
20:16:54.0789 0x0df8 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicrdv C:\Windows\System32\ICSvc.dll
20:16:54.0805 0x0df8 vmicrdv - ok
20:16:54.0821 0x0df8 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicshutdown C:\Windows\System32\ICSvc.dll
20:16:54.0836 0x0df8 vmicshutdown - ok
20:16:54.0836 0x0df8 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmictimesync C:\Windows\System32\ICSvc.dll
20:16:54.0852 0x0df8 vmictimesync - ok
20:16:54.0867 0x0df8 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicvss C:\Windows\System32\ICSvc.dll
20:16:54.0867 0x0df8 vmicvss - ok
20:16:54.0930 0x0df8 [ CB60FAAED8B49B812EBBF77EB87D9B18, ADA7C68D4C4981555ED48981E8B7ACBEEF5C39F902EB98782FC3DFF495FE0C33 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:16:54.0930 0x0df8 volmgr - ok
20:16:54.0977 0x0df8 [ A74101DA9809251BCD0E5A26BAE0F824, 15A3A7CC31A13C5882812C344D0937A8A4503D12DB07B9F7F2A8191B739CDBF7 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:16:54.0992 0x0df8 volmgrx - ok
20:16:55.0039 0x0df8 [ 78A5BBA3819FFFC62FFEC3E2220D102D, A95797B97D576374C2CDA8A09E6C51A89BADE428AAA89D5093579C85062E5874 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:16:55.0039 0x0df8 volsnap - ok
20:16:55.0071 0x0df8 [ A8DA1C1B52ECEA3726DEBED4FF1B700D, 75C024EC3858DF24FB82FE105BDD1E37900D53EFE9D72F42CDDFFD0742525586 ] vpci C:\Windows\System32\drivers\vpci.sys
20:16:55.0086 0x0df8 vpci - ok
20:16:55.0086 0x0df8 [ 0190AFFF28F600461C0164353CC7EE27, D112DF69C9E629EC77FB95E7ACDDAAE24B5028C84454134BD26FEF9CC953AC0E ] vpcivsp C:\Windows\System32\drivers\vpcivsp.sys
20:16:55.0086 0x0df8 vpcivsp - ok
20:16:55.0102 0x0df8 [ 38A60CD9C009C55C6D3B5586F8E6A353, 7F7E2AE39F1A0A5245650911E310E0948BC22A18262A16FA76B44A042D66312D ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:16:55.0102 0x0df8 vsmraid - ok
20:16:55.0274 0x0df8 [ D0C69E44BC1E1D4AD290FD84104623D8, 4C86760EA4BD2A64FFD42D89284EC3E5048CB2F0F6F3B80D017B41C0D2456A90 ] VSS C:\Windows\system32\vssvc.exe
20:16:55.0352 0x0df8 VSS - ok
20:16:55.0367 0x0df8 [ A0F6FE0FC2F647C22BBFD6BD4249DBCC, AC2F3C70EDCA0AFBB2606267DFE6D3E8E7B0772140153BAD6B0A9EDE6A1D2F29 ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys
20:16:55.0367 0x0df8 VSTXRAID - ok
20:16:55.0430 0x0df8 [ 62460A45435A26A334907E3F2EA45611, FEF86E05117CC0AAB8211CA1542776EB620BD4699BD590D91F16621ED35B9824 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
20:16:55.0430 0x0df8 vwifibus - ok
20:16:55.0461 0x0df8 [ 095E943D27025E4D588AF0A72CC2318F, 3CE406A202F93EF8C4BC7317621A672670D734C69166393CA7256D5E5E667041 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:16:55.0461 0x0df8 vwififlt - ok
20:16:55.0477 0x0df8 [ 73FA1A41A97A5C34ADC03B3577FF1A86, CBA4BC0DA837C163587BBB4BF2AC1549C72440307C984D3CDF8995023718136C ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
20:16:55.0477 0x0df8 vwifimp - ok
20:16:55.0571 0x0df8 [ F690B6EEAA94576727B24376D7ED3601, A61EE96024C8FC4058481DFB1E7F0AD746565368672FA3B6BA8F9E23D0F47E4C ] W32Time C:\Windows\system32\w32time.dll
20:16:55.0617 0x0df8 W32Time - ok
20:16:55.0664 0x0df8 [ 6B806E893714019969E2B50D7EF6A4D9, 38FE2B01082DC4C2A0C11A292016A727F48C3DF1293DC3A0216B2254A452263F ] WacomPen C:\Windows\System32\drivers\wacompen.sys
20:16:55.0664 0x0df8 WacomPen - ok
20:16:55.0711 0x0df8 [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
20:16:55.0711 0x0df8 Wanarp - ok
20:16:55.0727 0x0df8 [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:16:55.0742 0x0df8 Wanarpv6 - ok
20:16:55.0852 0x0df8 [ 42DF22F8C448E7CD219F6D63743505E2, 063F4280C7BD20CE1360436B76A17DFE17FF611F75337A47373D098CC6C263BF ] wbengine C:\Windows\system32\wbengine.exe
20:16:55.0961 0x0df8 wbengine - ok
20:16:56.0008 0x0df8 [ 31D37B2F6069C631EF0557D322924812, 6E18A1060F3C8F4BF220E286C44327866A8F9109E74928AA2D8C2DA9C452038B ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:16:56.0024 0x0df8 WbioSrvc - ok
20:16:56.0071 0x0df8 [ AF1349386D4C6786EF4E34FACEF15042, 6B33778409BC54C1955B92508ADDEBAFD629141961B71C94A91DC4CFE8391A13 ] Wcmsvc C:\Windows\System32\wcmsvc.dll
20:16:56.0086 0x0df8 Wcmsvc - ok
20:16:56.0133 0x0df8 [ 5B5FEAB51172F5513C2CF7B39CFA6A01, 4FDAC5168E00D44781C6F5D98ECD4977A12663C5CE6FFDFF9DBC89A28D6212D8 ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:16:56.0164 0x0df8 wcncsvc - ok
20:16:56.0196 0x0df8 [ E19556D414332E2BEBA1F368229006B4, AB3454EC85D7B6E62D44C4510C1547AE7F736558588E54B0E265F7B3A5810E15 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:16:56.0196 0x0df8 WcsPlugInService - ok
20:16:56.0243 0x0df8 [ B3A4D918DAB90505B6BC7B70632913CB, ECC19DCD7902C29D0682C70B9546CF8B82477A32147EE30EB6750D8499605B46 ] Wd C:\Windows\system32\drivers\wd.sys
20:16:56.0243 0x0df8 Wd - ok
20:16:56.0274 0x0df8 [ 3772FF85F0098686B0DCD77076AE0786, 8B0221F6003C53856676FFD9CDCFF43DF29B410AB2F340C10BB858F0E6EC14CE ] WdBoot C:\Windows\system32\drivers\WdBoot.sys
20:16:56.0274 0x0df8 WdBoot - ok
20:16:56.0368 0x0df8 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:16:56.0383 0x0df8 Wdf01000 - ok
20:16:56.0414 0x0df8 [ AB6F7DE8BFBF61A42F8764D9A621BD8B, DEFDC9FDC0B234403EE1339105B8D12B486D77B3BA01A703339B5DB8B95FA4D8 ] WdFilter C:\Windows\system32\drivers\WdFilter.sys
20:16:56.0430 0x0df8 WdFilter - ok
20:16:56.0446 0x0df8 [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:16:56.0461 0x0df8 WdiServiceHost - ok
20:16:56.0492 0x0df8 [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:16:56.0492 0x0df8 WdiSystemHost - ok
20:16:56.0539 0x0df8 [ 9B1384CE8E681D2D77BB3524B8E86311, BDEF9D0A79A7C26A88088A306F91632F300E587736CDD2C64717EC54DD6E89FF ] WebClient C:\Windows\System32\webclnt.dll
20:16:56.0539 0x0df8 WebClient - ok
20:16:56.0571 0x0df8 [ 35FD720943D4FCD75C3275BF062FF140, 9D8345E6DE1AE23F93AD0B52D27D1CCFD69EF7EE50654F92CA999BEC4570A773 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:16:56.0586 0x0df8 Wecsvc - ok
20:16:56.0602 0x0df8 [ 4D2612E3C462B68F499D840B1133263E, 4DDAEB4480AEC31A8184838588E0D3DFA31CE6D2FA6E906926860C75F52DC7B7 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:16:56.0602 0x0df8 wercplsupport - ok
20:16:56.0618 0x0df8 [ 5F70EBFC1F75B487DE79501E3CCBDB54, 2FCA57BF60A43B03BB42FBF22BBFC19AD2266FBBD818494AD114125E6E433321 ] WerSvc C:\Windows\System32\WerSvc.dll
20:16:56.0633 0x0df8 WerSvc - ok
20:16:56.0664 0x0df8 [ 44BB9C31E6242C4BD1CE7C2B440C2533, E603BB001028918B687818E930340008C752679B133037367A8A8E41DA559FFE ] WFPLWFS C:\Windows\system32\DRIVERS\wfplwfs.sys
20:16:56.0664 0x0df8 WFPLWFS - ok
20:16:56.0696 0x0df8 [ 60E0C220593DA4F7C289CB909D2DBAE0, 057CA7727F748600CC155043081AB9E3244763CF4913F317D13226A515F6FDB6 ] WiaRpc C:\Windows\System32\wiarpc.dll
20:16:56.0696 0x0df8 WiaRpc - ok
20:16:56.0758 0x0df8 [ A3C7624A42A3447EF5EDD1ED37FE4E60, BD8BDF0A571873FA8277878AF7AED11196CFF1B4DF1EA6BA13BD4887D7B63B94 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:16:56.0758 0x0df8 WIMMount - ok
20:16:56.0789 0x0df8 WinDefend - ok
20:16:56.0883 0x0df8 [ 7911470B6018059A880469A63B65700A, 4B6131491A028FBCA54AC261112D183EFD42E98160545C8E8DFBDA01C87B3FB5 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
20:16:56.0930 0x0df8 WinHttpAutoProxySvc - ok
20:16:56.0993 0x0df8 [ 3D6B518B71C75C8FA4115A33615C107A, ED7A266013D29D3B1A462464735C3632BEA121D1B32553907AEAA0B00595C3DF ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:16:56.0993 0x0df8 Winmgmt - ok
20:16:57.0133 0x0df8 [ 8E212A627F33F6FC3B5F3BB47212F66E, 9BBFE26ABFA14F346FE3711D13D959523EEA23608A33C16F3D750D66CA511911 ] WinRM C:\Windows\system32\WsmSvc.dll
20:16:57.0289 0x0df8 WinRM - ok
20:16:57.0352 0x0df8 [ BB20956C424531003F7FA6CD36F11D5D, 2C55F1C7553A527A7C4C34E730BE943269AE23928731C64D3DC945E07AE1771E ] winusb C:\Windows\system32\DRIVERS\winusb.sys
20:16:57.0352 0x0df8 winusb - ok
20:16:57.0414 0x0df8 [ 6351724B8FA0255C2DBD970297F00B93, A02F274479F9F32E30C75A5BD991B008B3CCB47D380D5870563EF918DAC5730E ] WlanSvc C:\Windows\System32\wlansvc.dll
20:16:57.0477 0x0df8 WlanSvc - ok
20:16:57.0571 0x0df8 [ B330CE47FB74A6BE9A3FFFF4B3F64D9B, B76226808406D8B38DE2D3A8CCE633BB507022C8BAAA6C3DAD34204CC6CE1284 ] wlidsvc C:\Windows\system32\wlidsvc.dll
20:16:57.0664 0x0df8 wlidsvc - ok
20:16:57.0680 0x0df8 [ E2A596CACFC6504306CDB7B593B90084, DF89CF57249553CE922C841F18B99A213185FA1099C053B9BB8C0F6E5BC3FEC0 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys
20:16:57.0696 0x0df8 WmiAcpi - ok
20:16:57.0727 0x0df8 [ D113499052C5E541906B727779F0F959, 05FB51086C0A0CE3812A7E6098C5A454ECCFE8553669CFA715153564F2226DB0 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:16:57.0743 0x0df8 wmiApSrv - ok
20:16:57.0774 0x0df8 WMPNetworkSvc - ok
20:16:57.0914 0x0df8 [ 83B6CA03C846FCD47F9883D77D1EB27B, 1616DBBC95085B6618B7F884383507E2A54D561A41288E79FA6DC99218C02802 ] WMZuneComm C:\Program Files\Zune\WMZuneComm.exe
20:16:57.0946 0x0df8 WMZuneComm - ok
20:16:58.0008 0x0df8 [ C6FF953D5D6F2EAE3B8883474D5076B3, 001CBB7FBC30209C892869258E5ABD3F0932886E156ECB10DCA599F6D32648BE ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys
20:16:58.0008 0x0df8 wpcfltr - ok
20:16:58.0055 0x0df8 [ A6ED163169876BFD2437E872FE2F1509, C13E8676800EEEF690F51C4DEA660B36C8734AE2CCAAC48054E10D74B98949B8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:16:58.0055 0x0df8 WPCSvc - ok
20:16:58.0086 0x0df8 [ 3013658A4D327854BEEC4A08D9655194, C4CF5AA6A47CC55E7037B0BFE20AE0A6442ADDC5DEB89D6861C98C61851FA821 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:16:58.0102 0x0df8 WPDBusEnum - ok
20:16:58.0133 0x0df8 [ 0346CAFC181C91C6E2330332EB332ED6, D46F44C339399CAAE13CD71C53A169E95065208E07E5420DE00A4509D6CB056F ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys
20:16:58.0133 0x0df8 WpdUpFltr - ok
20:16:58.0164 0x0df8 [ BC8B5CB336E63BB25EAD1CE8EDD34B81, A42759956EDCCC6D0688240AA4F833FB9CA132D42D2D901CDCBB24DCE1788C1D ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:16:58.0164 0x0df8 ws2ifsl - ok
20:16:58.0196 0x0df8 [ 012CFE7F0F95266F554EE3B91EE2128A, 866312F6BF7369BE686F1BA9F01311C99E95E268C6E63BE37C841F54F5AA0DB8 ] wscsvc C:\Windows\System32\wscsvc.dll
20:16:58.0211 0x0df8 wscsvc - ok
20:16:58.0243 0x0df8 [ 74EFDA0526862C3D8D01A776182798EA, 7C9AD6118CB344C63B60A8BA5FA8C85ADED30933821ABD1427857E826EFC2952 ] WSDPrintDevice C:\Windows\System32\drivers\WSDPrint.sys
20:16:58.0243 0x0df8 WSDPrintDevice - ok
20:16:58.0274 0x0df8 [ FA07DF46070F0826139709EF4D31FB71, 8F46A55D5C4336536E7974C9CEAFED55E7E9E9BF133D2AD0F6A55174F70B2F03 ] WSDScan C:\Windows\System32\drivers\WSDScan.sys
20:16:58.0289 0x0df8 WSDScan - ok
20:16:58.0289 0x0df8 WSearch - ok
20:16:58.0414 0x0df8 [ D4D04839F3DFAF09D94BAB1016F7A297, 944A41D251F522EE87189C1D01CF7EEE2C70BF4353BA4005C44F03DB485F843F ] WSService C:\Windows\System32\WSService.dll
20:16:58.0555 0x0df8 WSService - ok
20:16:58.0836 0x0df8 [ 311E5E1976E0BD9110A88B93158055D5, F1AA738D6AD74C33785EEFE1FBE8A869AAB62417B7D079389293AB1209A849C1 ] wuauserv C:\Windows\system32\wuaueng.dll
20:16:58.0977 0x0df8 wuauserv - ok
20:16:59.0008 0x0df8 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:16:59.0008 0x0df8 WudfPf - ok
20:16:59.0071 0x0df8 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys
20:16:59.0086 0x0df8 WUDFRd - ok
20:16:59.0118 0x0df8 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:16:59.0133 0x0df8 wudfsvc - ok
20:16:59.0165 0x0df8 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdFs C:\Windows\system32\DRIVERS\WUDFRd.sys
20:16:59.0165 0x0df8 WUDFWpdFs - ok
20:16:59.0211 0x0df8 [ 6D9E07436B6646EC8F7EFFD39B6BA288, 82C1CEA93ECEF17D221AD0F87C5BD96F3FD8143841C16BD9608BD4D58D90B8E0 ] WwanSvc C:\Windows\System32\wwansvc.dll
20:16:59.0243 0x0df8 WwanSvc - ok
20:16:59.0618 0x0df8 [ 67B787C34FB2888D01B130AE007042D8, E44878E53F265C89F271B08B81C129105E42D1C78C14467B2D96E28A9A428B1A ] ZuneNetworkSvc C:\Program Files\Zune\ZuneNss.exe
20:16:59.0930 0x0df8 ZuneNetworkSvc - ok
20:17:00.0040 0x0df8 [ 4D89FC1C20CF655739EFAC5DA81A67BC, 788D0A5B9972ED6D80242C0C5E80AB0FAB44A708B896D5F724AC1559A291C8DD ] ZuneWlanCfgSvc C:\Program Files\Zune\ZuneWlanCfgSvc.exe
20:17:00.0071 0x0df8 ZuneWlanCfgSvc - ok
20:17:00.0086 0x0df8 ================ Scan global ===============================
20:17:00.0118 0x0df8 [ DDC1AFBF9DDF880CE9BD3896114D8DED, E2406231EA4D2689A5EDFA9BD1A1BC064359D8D23B37F113A18B5EAE3E2D4050 ] C:\Windows\system32\basesrv.dll
20:17:00.0149 0x0df8 [ E9343076AE704D20BB0D01F3AF3EFFEF, FF2CE4146945976F9480690505CECD3C7C719BAF0F633E6192C8272C75EF295D ] C:\Windows\system32\winsrv.dll
20:17:00.0196 0x0df8 [ BD7C6949984D19AAA609896B675E7357, 5B46538B27BC70F5A3805AA63F6AACDC780C7168468FB535F2D35CF26B9DEE06 ] C:\Windows\system32\sxssrv.dll
20:17:00.0243 0x0df8 [ 8F226143046435C75C033B0C52E90FFE, 54FA316485B57D7B8104FE621F5F40DEC35E3D57C3DF46B5F7EACF57445FE7CA ] C:\Windows\system32\services.exe
20:17:00.0243 0x0df8 [ Global ] - ok
20:17:00.0258 0x0df8 ================ Scan MBR ==================================
20:17:00.0274 0x0df8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:17:00.0618 0x0df8 \Device\Harddisk0\DR0 - ok
20:17:00.0618 0x0df8 ================ Scan VBR ==================================
20:17:00.0618 0x0df8 [ 5FFF6748C8E4DEDA192EE5103E99657D ] \Device\Harddisk0\DR0\Partition1
20:17:00.0649 0x0df8 \Device\Harddisk0\DR0\Partition1 - ok
20:17:00.0649 0x0df8 [ D6D8E02219F8F2E2E0022B8E7000D9A4 ] \Device\Harddisk0\DR0\Partition2
20:17:00.0665 0x0df8 \Device\Harddisk0\DR0\Partition2 - ok
20:17:00.0696 0x0df8 [ A5ABF12CD4E4B3D8F86EBCFEFB44416F ] \Device\Harddisk0\DR0\Partition3
20:17:00.0696 0x0df8 \Device\Harddisk0\DR0\Partition3 - ok
20:17:00.0696 0x0df8 ================ Scan generic autorun ======================
20:17:00.0915 0x0df8 [ A0012C1D9B8648C20C00202418B9D02F, 833AFB6BCABBF9991C811D6D1BF2C7B95A584F46D93C6B3F49CA2A8A6BE5E657 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
20:17:00.0946 0x0df8 NvBackend - ok
20:17:00.0993 0x0df8 [ 3A6209AC494296C24C2065CB4392B5F4, 944556A8521D4E59EE35B364C9FB1A3846924D512E73C2CB32DD440022E6B1B5 ] C:\Windows\system32\rundll32.exe
20:17:01.0008 0x0df8 ShadowPlay - ok
20:17:01.0040 0x0df8 [ 0FEBED0093D2FD38DA6C6E5DE1ADA24C, 6C6B186A2FC1DFD800041B160A7D71F5F1B3C70D62C7696B8DA89148A8D87D47 ] C:\Program Files\Zune\ZuneLauncher.exe
20:17:01.0040 0x0df8 Zune Launcher - ok
20:17:01.0461 0x0df8 [ 5CA0EB9538C6ACEBDC3593FC53527B9D, 35AC60899254C7414FF42BCDA4165FB58F6369BD5EDCAC24EBB1B5A095664CAC ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
20:17:01.0540 0x0df8 AvastUI.exe - ok
20:17:01.0665 0x0df8 [ 48BE298F7FD1BEF4D8FBACB04D8D95C4, D375B3F6E850E4B0EC81BAA0E554C356BE2248AA77C6C56F5267CA05460FE4EB ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
20:17:01.0680 0x0df8 Adobe ARM - ok
20:17:01.0758 0x0df8 [ B00F98FF6FE8682FF941BEB2559BF191, EB443E294C5609F426BF6EE388F3A4B71EFE2C6A8216C0F6DE7AE6DB382BF620 ] C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
20:17:01.0758 0x0df8 YouCam Mirage - ok
20:17:01.0790 0x0df8 [ 7CD9BF0A5F47F9584E59BDF674FD1C5D, 821F2A5380B1E64B0629D67259BA92A923D5D405526CB6C44BC422294C031C1F ] C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe
20:17:01.0790 0x0df8 YouCam Tray - ok
20:17:02.0087 0x0df8 [ 236D5BD908CC856B8260F587B5E203AB, 4F39F23D0C5AA22564AFFB7B7676D283D90F6796DF9474E0941CDDD187DCD394 ] C:\Users\Milan\AppData\Roaming\BitTorrent\BitTorrent.exe
20:17:02.0118 0x0df8 BitTorrent - ok
20:17:02.0305 0x0df8 [ 683C9DF0582D8EEFAA90CE1514019BC1, 62C875888029BF32C19656B13C5504016209E4553B0B93FAE21F3930149EE9CA ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
20:17:02.0368 0x0df8 DAEMON Tools Lite - ok
20:17:02.0462 0x0df8 [ 2287DAEA100837E40232FD9053F635D8, 8E905B8BC72F8DD6C7C71A7E04CD8D8EC1E9AD2B77EF5A48E089E439A75043D6 ] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE
20:17:02.0462 0x0df8 EPLTarget\P0000000000000000 - ok
20:17:02.0493 0x0df8 [ 2287DAEA100837E40232FD9053F635D8, 8E905B8BC72F8DD6C7C71A7E04CD8D8EC1E9AD2B77EF5A48E089E439A75043D6 ] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE
20:17:02.0493 0x0df8 EPLTarget\P0000000000000001 - ok
20:17:02.0587 0x0df8 [ A7D0579C12290B3BE6FAFA6BE3E714A5, 7F18A0A7D48D10C6C8B1EF13A393080F492B6343D55AE47575B3671C968B291E ] C:\Users\Milan\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
20:17:02.0602 0x0df8 SkyDrive - ok
20:17:02.0602 0x0df8 Waiting for KSN requests completion. In queue: 141
20:17:03.0665 0x0df8 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.5.218.0 ), 0x60100 ( disabled : updated )
20:17:03.0665 0x0df8 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2018.391 ), 0x41000 ( enabled : updated )
20:17:03.0665 0x0df8 Win FW state via NFP2: enabled
20:17:04.0618 0x0df8 ============================================================
20:17:04.0618 0x0df8 Scan finished
20:17:04.0618 0x0df8 ============================================================
20:17:04.0634 0x0b44 Detected object count: 0
20:17:04.0634 0x0b44 Actual detected object count: 0
20:17:17.0150 0x19d8 Deinitialize success

RK OK, TDSS čisté. Co problémy?

jj, je to lepší, díky. Jenom se mi po zapnutí začali objevovat na ploše soubory s koncovkou .ini a jsou jakoby matné, nebo jak to říct.

V možnostech slož zakaž zobrazování skrytých souborů a zas je neuvidíš.


Vyčisti systém CCleanerem

====================================================

Stáhni si zde DelFix
http://general-changelog-team.fr/fr/dow ... e/9-delfix

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore) .
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci.

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem. Jinak je zpráva zde:
v C: \ DelFix.txt

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.

Ok, dobře, děkuji.