Prosím o kontrolu logu Vyřešeno

[lin]

Zdravím, nedávno jsem si nepozorností do ntb nainstaloval nějaký balast. Vše jsem odinstaloval, ale někde muselo něco zůstat. Vždy po spuštění Chrome se znovu "nainstalují" rozšíření save on a save oonn. Proto se na vás obracím s prosbou o kontrolu logu, který je zde

Kód: Vybrat vše

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:02:22, on 1. 7. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Unable to get Internet Explorer version!


Boot mode: Normal

Running processes:
C:\Windows\syswow64\wwahost.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files\WindowsApps\Disney.WheresMyWater_1.13.0.23_x86__6rarf9sa4v8jt\WheresMyWater.WindowsStore.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\lin\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.fastsearchings.info/?pid=2356&r=2014/06/27&hid=7269220094913839908&lg=EN&cc=HR&unqvl=56
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.fastsearchings.info/?pid=2356&r=2014/06/27&hid=7269220094913839908&lg=EN&cc=HR&unqvl=56
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: saVe ono - {3A153C60-7EBA-1216-05D4-BF0051DF44FE} - (no file)
O2 - BHO: MySearch - {5F456C70-A7C7-1A43-3A42-0F1C34A18A62} - C:\Program Files (x86)\MySearch\n5s.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [TeamSpeak 3 Client] "C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe"
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\lin\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - Global Startup: Monitor Apache Servers.lnk = S:\Apache\bin\ApacheMonitor.exe
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - AppInit_DLLs:   
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apache - Apache Software Foundation - S:\Apache\bin\httpd.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MySQL - Unknown owner - S:\MySQL\MySQL.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 7549 bytes


Předem děkuji za pomoc

==================================================================================================================================
EDIT
==================================================================================================================================

Koukám, že se jako první krok téměř vždy radí toto. Tak jsem pro urychlení provedl zmiňovaný postup.

AdwCleaner (by Xplode)

Kód: Vybrat vše

# AdwCleaner v3.214 - Report created 01/07/2014 at 22:16:10
# Updated 29/06/2014 by Xplode
# Operating System : Windows 8.1 Pro  (64 bits)
# Username : lin - PROBOOK
# Running from : C:\Users\lin\Downloads\adwcleaner_3.214.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Found : C:\Program Files (x86)\MyPC Backup
Folder Found : C:\ProgramData\Adblocker
Folder Found : C:\ProgramData\save oN
Folder Found : C:\ProgramData\saVe ono
Folder Found : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehggnkmmkpihopkjhnhglnabicciikld
Folder Found : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\moihmnkmeeocglajcejhdkdfjdldgmfm
Folder Found : C:\Users\Administrator\AppData\Local\Chromatic Browser
Folder Found : C:\Users\Administrator\AppData\Local\torch
Folder Found : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehggnkmmkpihopkjhnhglnabicciikld
Folder Found : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\moihmnkmeeocglajcejhdkdfjdldgmfm
Folder Found : C:\Users\Guest\AppData\Local\Chromatic Browser
Folder Found : C:\Users\Guest\AppData\Local\torch
Folder Found : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehggnkmmkpihopkjhnhglnabicciikld
Folder Found : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\moihmnkmeeocglajcejhdkdfjdldgmfm
Folder Found : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Folder Found : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Found : C:\Users\lin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehggnkmmkpihopkjhnhglnabicciikld
Folder Found : C:\Users\lin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moihmnkmeeocglajcejhdkdfjdldgmfm
Folder Found : C:\Users\lin\AppData\Local\Chromatic Browser
Folder Found : C:\Users\lin\AppData\Local\torch
Folder Found : C:\Users\lin\Desktop\sygic

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Found : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Found : HKCU\Software\RegisteredApplicationsEx
Key Found : [x64] HKCU\Software\InstallCore
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Found : [x64] HKCU\Software\RegisteredApplicationsEx
Key Found : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\Software\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Found : HKLM\Software\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\S-4675958519

***** [ Browsers ] *****

-\\ Internet Explorer v0.0.0.0

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://websearch.fastsearchings.info/?pid=2356&r=2014/06/27&hid=7269220094913839908&lg=EN&cc=HR&unqvl=56
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://websearch.fastsearchings.info/?pid=2356&r=2014/06/27&hid=7269220094913839908&lg=EN&cc=HR&unqvl=56

-\\ Google Chrome v35.0.1916.153

[ File : C:\Users\lin\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found [Extension] : ehggnkmmkpihopkjhnhglnabicciikld
Found [Extension] : moihmnkmeeocglajcejhdkdfjdldgmfm

*************************

AdwCleaner[R0].txt - [4008 octets] - [01/07/2014 22:16:10]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [4068 octets] ##########


Malwarebytes' Anti-Malware

Kód: Vybrat vše

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 1. 7. 2014
Scan Time: 22:24:19
Logfile:
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.07.01.07
Rootkit Database: v2014.07.01.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: lin

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 291407
Time Elapsed: 8 min, 22 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 12
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{5F456C70-A7C7-1A43-3A42-0F1C34A18A62}, , [77e41189334847efab6bb0a02ed30bf5],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{5F456C70-A7C7-1A43-3A42-0F1C34A18A62}, , [77e41189334847efab6bb0a02ed30bf5],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{5F456C70-A7C7-1A43-3A42-0F1C34A18A62}, , [77e41189334847efab6bb0a02ed30bf5],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5F456C70-A7C7-1A43-3A42-0F1C34A18A62}, , [77e41189334847efab6bb0a02ed30bf5],
PUP.Optional.MultiPlug.A, HKU\S-1-5-21-3221567124-3434714104-2726676116-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{5F456C70-A7C7-1A43-3A42-0F1C34A18A62}, , [77e41189334847efab6bb0a02ed30bf5],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{5F456C70-A7C7-1A43-3A42-0F1C34A18A62}, , [77e41189334847efab6bb0a02ed30bf5],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{5F456C70-A7C7-1A43-3A42-0F1C34A18A62}, , [77e41189334847efab6bb0a02ed30bf5],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{5F456C70-A7C7-1A43-3A42-0F1C34A18A62}\INPROCSERVER32, , [77e41189334847efab6bb0a02ed30bf5],
PUP.Optional.Booster.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\S-4675958519, , [144755458bf0bd790e48baf57b87e020],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3221567124-3434714104-2726676116-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, , [12498c0ecbb0f244f75b03d1887ada26],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3221567124-3434714104-2726676116-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, , [a4b74d4de09b7db9590c15d5b94a42be],
PUP.Optional.WebSearchInfo, HKU\S-1-5-21-3221567124-3434714104-2726676116-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}, , [510ad9c1146741f5535e6593ae5545bb],

Registry Values: 2
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3221567124-3434714104-2726676116-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0M2P0U0F0B1O1O1G, , [a4b74d4de09b7db9590c15d5b94a42be]
PUP.Optional.WebSearchInfo, HKU\S-1-5-21-3221567124-3434714104-2726676116-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {BB74DE59-BC4C-4172-9AC4-73315F71CFFE}, , [d5869bffadce11254f635f992cd7f40c]

Registry Data: 4
PUP.Optional.WebSearchInfo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://websearch.fastsearchings.info/?pid=2356&r=2014/06/27&hid=7269220094913839908&lg=EN&cc=HR&unqvl=56, Good: (http://www.google.com), Bad: (http://websearch.fastsearchings.info/?pid=2356&r=2014/06/27&hid=7269220094913839908&lg=EN&cc=HR&unqvl=56),,[98c30d8dfd7edb5b6ae88302b74de11f]
PUP.Optional.FastSearchings.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://websearch.fastsearchings.info/?pid=2356&r=2014/06/27&hid=7269220094913839908&lg=EN&cc=HR&unqvl=56, Good: (www.google.com), Bad: (http://websearch.fastsearchings.info/?pid=2356&r=2014/06/27&hid=7269220094913839908&lg=EN&cc=HR&unqvl=56),,[84d774262556e650fd1f127e9470ad53]
PUP.Optional.WebSearchInfo, HKU\S-1-5-21-3221567124-3434714104-2726676116-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://websearch.fastsearchings.info/?pid=2356&r=2014/06/27&hid=7269220094913839908&lg=EN&cc=HR&unqvl=56, Good: (http://www.google.com), Bad: (http://websearch.fastsearchings.info/?pid=2356&r=2014/06/27&hid=7269220094913839908&lg=EN&cc=HR&unqvl=56),,[045747530a7139fdc38e6421986c5fa1]
PUP.Optional.FastSearchings.A, HKU\S-1-5-21-3221567124-3434714104-2726676116-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://websearch.fastsearchings.info/?pid=2356&r=2014/06/27&hid=7269220094913839908&lg=EN&cc=HR&unqvl=56, Good: (www.google.com), Bad: (http://websearch.fastsearchings.info/?pid=2356&r=2014/06/27&hid=7269220094913839908&lg=EN&cc=HR&unqvl=56),,[4d0ed6c40576f73f9f7e8d031ee6e818]

Folders: 1
PUP.Optional.SaveOn.A, C:\ProgramData\save oN, , [0c4fe9b1a3d81f174e3d5850d72b4fb1],

Files: 3
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\MySearch\n5s.x64.dll, , [77e41189334847efab6bb0a02ed30bf5],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\MySearch\n5s.dll, , [77e41189334847efab6bb0a02ed30bf5],
PUP.Optional.Multiplug, C:\ProgramData\saVe ono\_aUUlQCVLAf.exe, , [c4975d3d215a4fe72dbbbad9c33e06fa],

Physical Sectors: 0
(No malicious items detected)


(end)


[Reklama]

[Orcus]

Logy nedávej do CODE.

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

===================================================

- Znovu spusť MbAM a dej Skenovat nyní
- Po proběhnutí programu se ti objeví hláška, tak klikni na „Vše do karantény“ -> „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a ulož na Plochu.
- Zkopíruj sem celý obsah toho logu.

====================================================

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Smazat“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

====================================================

Stáhni si Junkware Removal Tool

na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

====================================================

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

[lin]

MbAM
bohužel žádná hláška nevyskočila, tak sem dávám to, co je uloženo v Logu v ProgramData
<?xml version="1.0" encoding="UTF-16" ?>
<mbam-log>
<header>
<date>2014/07/02 11:30:18 +0200</date>
<logfile>mbam-log-2014-07-02 (11-29-40).xml</logfile>
<isadmin>yes</isadmin>
</header>
<engine>
<version>2.00.2.1012</version>
<malware-database>v2014.07.02.03</malware-database>
<rootkit-database>v2014.07.01.01</rootkit-database>
<license>free</license>
<file-protection>disabled</file-protection>
<web-protection>disabled</web-protection>
<self-protection>disabled</self-protection>
</engine>
<system>
<osversion>Windows 8.1</osversion>
<arch>x64</arch>
<username>lin</username>
<filesys>NTFS</filesys>
</system>
<summary>
<type>threat</type>
<result>completed</result>
<objects>291006</objects>
<time>497</time>
<processes>0</processes>
<modules>0</modules>
<keys>12</keys>
<values>2</values>
<datas>4</datas>
<folders>1</folders>
<files>3</files>
<sectors>0</sectors>
</summary>
<options>
<memory>enabled</memory>
<startup>enabled</startup>
<filesystem>enabled</filesystem>
<archives>enabled</archives>
<rootkits>disabled</rootkits>
<deeprootkit>disabled</deeprootkit>
<heuristics>enabled</heuristics>
<pup>enabled</pup>
<pum>enabled</pum>
</options>
<items>
<key><path>HKLM\SOFTWARE\CLASSES\CLSID\{5F456C70-A7C7-1A43-3A42-0F1C34A18A62}</path><vendor>PUP.Optional.MultiPlug.A</vendor><action>success</action><hash>6b509ffb7dfe0a2cc55e9ab66a978a76</hash></key>
<key><path>HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{5F456C70-A7C7-1A43-3A42-0F1C34A18A62}</path><vendor>PUP.Optional.MultiPlug.A</vendor><action>success</action><hash>6b509ffb7dfe0a2cc55e9ab66a978a76</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{5F456C70-A7C7-1A43-3A42-0F1C34A18A62}</path><vendor>PUP.Optional.MultiPlug.A</vendor><action>success</action><hash>6b509ffb7dfe0a2cc55e9ab66a978a76</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5F456C70-A7C7-1A43-3A42-0F1C34A18A62}</path><vendor>PUP.Optional.MultiPlug.A</vendor><action>success</action><hash>6b509ffb7dfe0a2cc55e9ab66a978a76</hash></key>
<key><path>HKU\S-1-5-21-3221567124-3434714104-2726676116-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{5F456C70-A7C7-1A43-3A42-0F1C34A18A62}</path><vendor>PUP.Optional.MultiPlug.A</vendor><action>success</action><hash>6b509ffb7dfe0a2cc55e9ab66a978a76</hash></key>
<key><path>HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{5F456C70-A7C7-1A43-3A42-0F1C34A18A62}</path><vendor>PUP.Optional.MultiPlug.A</vendor><action>success</action><hash>6b509ffb7dfe0a2cc55e9ab66a978a76</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{5F456C70-A7C7-1A43-3A42-0F1C34A18A62}</path><vendor>PUP.Optional.MultiPlug.A</vendor><action>success</action><hash>6b509ffb7dfe0a2cc55e9ab66a978a76</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\CLSID\{5F456C70-A7C7-1A43-3A42-0F1C34A18A62}\INPROCSERVER32</path><vendor>PUP.Optional.MultiPlug.A</vendor><action>success</action><hash>6b509ffb7dfe0a2cc55e9ab66a978a76</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\S-4675958519</path><vendor>PUP.Optional.Booster.A</vendor><action>success</action><hash>36851684285393a3b5f99a155fa39868</hash></key>
<key><path>HKU\S-1-5-21-3221567124-3434714104-2726676116-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S</path><vendor>PUP.Optional.InstallCore.A</vendor><action>success</action><hash>ebd041595427db5bb4f6884c39c9ec14</hash></key>
<key><path>HKU\S-1-5-21-3221567124-3434714104-2726676116-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE</path><vendor>PUP.Optional.InstallCore.A</vendor><action>success</action><hash>d9e29cfeb3c8ef475469feec37cc916f</hash></key>
<key><path>HKU\S-1-5-21-3221567124-3434714104-2726676116-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}</path><vendor>PUP.Optional.WebSearchInfo</vendor><action>success</action><hash>5f5c74266b108caa96734aaf39ca0cf4</hash></key>
<value><path>HKU\S-1-5-21-3221567124-3434714104-2726676116-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE</path><valuename>tb</valuename><vendor>PUP.Optional.InstallCore.A</vendor><action>success</action><valuedata>0M2P0U0F0B1O1O1G</valuedata><hash>d9e29cfeb3c8ef475469feec37cc916f</hash></value>
<value><path>HKU\S-1-5-21-3221567124-3434714104-2726676116-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES</path><valuename>DefaultScope</valuename><vendor>PUP.Optional.WebSearchInfo</vendor><action>success</action><valuedata>{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}</valuedata><hash>a714bfdb116af83eea203abf897a49b7</hash></value>
<data><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN</path><valuename>Start Page</valuename><vendor>PUP.Optional.WebSearchInfo</vendor><action>replaced</action><valuedata>http://websearch.fastsearchings.info/?pid=2356&amp;r=2014/06/27&amp;hid=7269220094913839908&amp;lg=EN&amp;cc=HR&amp;unqvl=56</valuedata><baddata>http://websearch.fastsearchings.info/?pid=2356&amp;r=2014/06/27&amp;hid=7269220094913839908&amp;lg=EN&amp;cc=HR&amp;unqvl=56</baddata><gooddata>http://www.google.com</gooddata><hash>1f9c7e1ccfacb77fca04aed7cf359967</hash></data>
<data><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN</path><valuename>Start Page</valuename><vendor>PUP.Optional.FastSearchings.A</vendor><action>replaced</action><valuedata>http://websearch.fastsearchings.info/?pid=2356&amp;r=2014/06/27&amp;hid=7269220094913839908&amp;lg=EN&amp;cc=HR&amp;unqvl=56</valuedata><baddata>http://websearch.fastsearchings.info/?pid=2356&amp;r=2014/06/27&amp;hid=7269220094913839908&amp;lg=EN&amp;cc=HR&amp;unqvl=56</baddata><gooddata>www.google.com</gooddata><hash>9f1cd8c2a4d7fa3cddbb3060eb19847c</hash></data>
<data><path>HKU\S-1-5-21-3221567124-3434714104-2726676116-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN</path><valuename>Start Page</valuename><vendor>PUP.Optional.WebSearchInfo</vendor><action>replaced</action><valuedata>http://websearch.fastsearchings.info/?pid=2356&amp;r=2014/06/27&amp;hid=7269220094913839908&amp;lg=EN&amp;cc=HR&amp;unqvl=56</valuedata><baddata>http://websearch.fastsearchings.info/?pid=2356&amp;r=2014/06/27&amp;hid=7269220094913839908&amp;lg=EN&amp;cc=HR&amp;unqvl=56</baddata><gooddata>http://www.google.com</gooddata><hash>9c1f6e2c7b0042f48f3ea4e16d9734cc</hash></data>
<data><path>HKU\S-1-5-21-3221567124-3434714104-2726676116-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN</path><valuename>Start Page</valuename><vendor>PUP.Optional.FastSearchings.A</vendor><action>replaced</action><valuedata>http://websearch.fastsearchings.info/?pid=2356&amp;r=2014/06/27&amp;hid=7269220094913839908&amp;lg=EN&amp;cc=HR&amp;unqvl=56</valuedata><baddata>http://websearch.fastsearchings.info/?pid=2356&amp;r=2014/06/27&amp;hid=7269220094913839908&amp;lg=EN&amp;cc=HR&amp;unqvl=56</baddata><gooddata>www.google.com</gooddata><hash>64570e8c3b4077bfd1c891ff8084e31d</hash></data>
<folder><path>C:\ProgramData\save oN</path><vendor>PUP.Optional.SaveOn.A</vendor><action>success</action><hash>94279efce99254e26e75dccce51d09f7</hash></folder>
<file><path>C:\Program Files (x86)\MySearch\n5s.x64.dll</path><vendor>PUP.Optional.MultiPlug.A</vendor><action>success</action><hash>6b509ffb7dfe0a2cc55e9ab66a978a76</hash></file>
<file><path>C:\Program Files (x86)\MySearch\n5s.dll</path><vendor>PUP.Optional.MultiPlug.A</vendor><action>success</action><hash>6b509ffb7dfe0a2cc55e9ab66a978a76</hash></file>
<file><path>C:\ProgramData\saVe ono\_aUUlQCVLAf.exe</path><vendor>PUP.Optional.Multiplug</vendor><action>success</action><hash>c4f75a40c2b9f640c5326330837e857b</hash></file>
</items>
</mbam-log>

AdwCleaner
# AdwCleaner v3.214 - Report created 02/07/2014 at 12:03:11
# Updated 29/06/2014 by Xplode
# Operating System : Windows 8.1 Pro (64 bits)
# Username : lin - PROBOOK
# Running from : C:\Users\lin\Downloads\adwcleaner_3.214.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Adblocker
Folder Deleted : C:\ProgramData\saVe ono
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Users\Administrator\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\Guest\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Deleted : C:\Users\lin\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\lin\AppData\Local\torch
Folder Deleted : C:\Users\lin\Desktop\sygic
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehggnkmmkpihopkjhnhglnabicciikld
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehggnkmmkpihopkjhnhglnabicciikld
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehggnkmmkpihopkjhnhglnabicciikld
Folder Deleted : C:\Users\lin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehggnkmmkpihopkjhnhglnabicciikld
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\moihmnkmeeocglajcejhdkdfjdldgmfm
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\moihmnkmeeocglajcejhdkdfjdldgmfm
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\moihmnkmeeocglajcejhdkdfjdldgmfm
Folder Deleted : C:\Users\lin\AppData\Local\Google\Chrome\User Data\Default\Extensions\moihmnkmeeocglajcejhdkdfjdldgmfm

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKCU\Software\RegisteredApplicationsEx
Key Deleted : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKLM\Software\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}

***** [ Browsers ] *****

-\\ Internet Explorer v0.0.0.0


-\\ Google Chrome v35.0.1916.153

[ File : C:\Users\lin\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Extension] : ehggnkmmkpihopkjhnhglnabicciikld
Deleted [Extension] : moihmnkmeeocglajcejhdkdfjdldgmfm

*************************

AdwCleaner[R0].txt - [4160 octets] - [01/07/2014 22:16:10]
AdwCleaner[R1].txt - [3426 octets] - [02/07/2014 12:02:46]
AdwCleaner[S0].txt - [3274 octets] - [02/07/2014 12:03:11]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3334 octets] ##########

Junkware Removal Tool
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 Pro x64
Ran by lin on st 02. 07. 2014 at 12:09:29,93
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\mysearch"
Successfully deleted: [Folder] "C:\Program Files (x86)\mysearch"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on st 02. 07. 2014 at 12:12:29,71
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

RogueKiller
RogueKiller V9.1.0.0 (x64) [Jun 23 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 8.1 (6.3.9200 ) 64 bits version
Spuštěno v : Normální režim
Uživatel : lin [Práva správce]
Mód : Kontrola -- Datum : 07/02/2014 12:22:56

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 18 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 -> NALEZENO
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 -> NALEZENO
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{BC89D970-1800-40C7-AB71-9D3FF0A4F5C0} | DhcpNameServer : 10.0.0.138 -> NALEZENO
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{BC89D970-1800-40C7-AB71-9D3FF0A4F5C0} | DhcpNameServer : 10.0.0.138 -> NALEZENO
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-3221567124-3434714104-2726676116-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> NALEZENO
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-3221567124-3434714104-2726676116-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> NALEZENO
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-3221567124-3434714104-2726676116-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> NALEZENO
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-3221567124-3434714104-2726676116-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> NALEZENO
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> NALEZENO
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> NALEZENO
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-3221567124-3434714104-2726676116-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {645FF040-5081-101B-9F08-00AA002F954E} : 1 -> NALEZENO
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-3221567124-3434714104-2726676116-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {645FF040-5081-101B-9F08-00AA002F954E} : 1 -> NALEZENO
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NALEZENO
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NALEZENO
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NALEZENO
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NALEZENO
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-3221567124-3434714104-2726676116-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {645FF040-5081-101B-9F08-00AA002F954E} : 1 -> NALEZENO
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-3221567124-3434714104-2726676116-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {645FF040-5081-101B-9F08-00AA002F954E} : 1 -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: HGST HTS541010A9E680 +++++
--- User ---
[MBR] ae8bb51fcefdaa132fa7a1d71d5f82fe
[BSP] 151cba4d3034a90e88bdadea54f59444 : Linux MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 350 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 718848 | Size: 204451 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 419434496 | Size: 626276 MB
3 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 1702049790 | Size: 122789 MB
User = LL1 ... OK
User = LL2 ... OK

[jaro3]

. spusť znovu MbAM a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Pak klikni na "Prohledat " ,po jeho skončení:


- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)

- Klikni na "Smazat"
- Počkej, dokud Status box nezobrazí " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků

[lin]

MbAM
<?xml version="1.0" encoding="UTF-16" ?>
<mbam-log>
<header>
<date>2014/07/02 19:38:55 +0200</date>
<logfile>mbam-log-2014-07-02 (19-37-28).xml</logfile>
<isadmin>yes</isadmin>
</header>
<engine>
<version>2.00.2.1012</version>
<malware-database>v2014.07.02.05</malware-database>
<rootkit-database>v2014.07.01.01</rootkit-database>
<license>free</license>
<file-protection>disabled</file-protection>
<web-protection>disabled</web-protection>
<self-protection>disabled</self-protection>
</engine>
<system>
<osversion>Windows 8.1</osversion>
<arch>x64</arch>
<username>lin</username>
<filesys>NTFS</filesys>
</system>
<summary>
<type>threat</type>
<result>completed</result>
<objects>291224</objects>
<time>491</time>
<processes>0</processes>
<modules>0</modules>
<keys>0</keys>
<values>0</values>
<datas>0</datas>
<folders>0</folders>
<files>0</files>
<sectors>0</sectors>
</summary>
<options>
<memory>enabled</memory>
<startup>enabled</startup>
<filesystem>enabled</filesystem>
<archives>enabled</archives>
<rootkits>disabled</rootkits>
<deeprootkit>disabled</deeprootkit>
<heuristics>enabled</heuristics>
<pup>enabled</pup>
<pum>enabled</pum>
</options>
<items>
</items>
</mbam-log>

RogueKiller

TDSSKiller
20:00:41.0671 0x1678 TDSS rootkit removing tool 3.0.0.39 Jun 5 2014 20:35:54
20:00:45.0489 0x1678 ============================================================
20:00:45.0489 0x1678 Current date / time: 2014/07/02 20:00:45.0489
20:00:45.0489 0x1678 SystemInfo:
20:00:45.0489 0x1678
20:00:45.0489 0x1678 OS Version: 6.3.9600 ServicePack: 0.0
20:00:45.0489 0x1678 Product type: Workstation
20:00:45.0489 0x1678 ComputerName: PROBOOK
20:00:45.0489 0x1678 UserName: lin
20:00:45.0489 0x1678 Windows directory: C:\Windows
20:00:45.0489 0x1678 System windows directory: C:\Windows
20:00:45.0489 0x1678 Running under WOW64
20:00:45.0489 0x1678 Processor architecture: Intel x64
20:00:45.0489 0x1678 Number of processors: 4
20:00:45.0489 0x1678 Page size: 0x1000
20:00:45.0489 0x1678 Boot type: Normal boot
20:00:45.0489 0x1678 ============================================================
20:00:45.0712 0x1678 KLMD registered as C:\Windows\system32\drivers\93853668.sys
20:00:46.0120 0x1678 System UUID: {677E1BC4-3C0C-609F-A92D-C503F54DF730}
20:00:46.0549 0x1678 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:00:46.0552 0x1678 ============================================================
20:00:46.0552 0x1678 \Device\Harddisk0\DR0:
20:00:46.0552 0x1678 MBR partitions:
20:00:46.0552 0x1678 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAF000
20:00:46.0552 0x1678 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xAF800, BlocksNum 0x18F51800
20:00:46.0552 0x1678 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x19001000, BlocksNum 0x4C732022
20:00:46.0592 0x1678 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x72905000, BlocksNum 0x1400800
20:00:46.0607 0x1678 \Device\Harddisk0\DR0\Partition5: MBR, Type 0x7, StartLBA 0x73D06000, BlocksNum 0xA00000
20:00:46.0625 0x1678 ============================================================
20:00:46.0658 0x1678 C: <-> \Device\Harddisk0\DR0\Partition2
20:00:46.0697 0x1678 E: <-> \Device\Harddisk0\DR0\Partition3
20:00:46.0737 0x1678 L: <-> \Device\Harddisk0\DR0\Partition4
20:00:46.0762 0x1678 S: <-> \Device\Harddisk0\DR0\Partition5
20:00:46.0762 0x1678 ============================================================
20:00:46.0762 0x1678 Initialize success
20:00:46.0762 0x1678 ============================================================
20:00:49.0259 0x167c ============================================================
20:00:49.0259 0x167c Scan started
20:00:49.0259 0x167c Mode: Manual;
20:00:49.0259 0x167c ============================================================
20:00:49.0259 0x167c KSN ping started
20:01:11.0665 0x167c KSN ping finished: false
20:01:12.0785 0x167c ================ Scan system memory ========================
20:01:12.0785 0x167c System memory - ok
20:01:12.0785 0x167c ================ Scan services =============================
20:01:12.0909 0x167c [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys
20:01:12.0916 0x167c 1394ohci - ok
20:01:12.0934 0x167c [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\Windows\system32\drivers\3ware.sys
20:01:12.0936 0x167c 3ware - ok
20:01:12.0978 0x167c [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:01:12.0993 0x167c ACPI - ok
20:01:13.0022 0x167c [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\Windows\system32\Drivers\acpiex.sys
20:01:13.0024 0x167c acpiex - ok
20:01:13.0034 0x167c [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\Windows\System32\drivers\acpipagr.sys
20:01:13.0035 0x167c acpipagr - ok
20:01:13.0039 0x167c [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys
20:01:13.0039 0x167c AcpiPmi - ok
20:01:13.0043 0x167c [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\Windows\System32\drivers\acpitime.sys
20:01:13.0044 0x167c acpitime - ok
20:01:13.0110 0x167c [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:01:13.0112 0x167c AdobeARMservice - ok
20:01:13.0159 0x167c [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\Windows\system32\drivers\ADP80XX.SYS
20:01:13.0175 0x167c ADP80XX - ok
20:01:13.0207 0x167c [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:01:13.0212 0x167c AeLookupSvc - ok
20:01:13.0260 0x167c [ 7C7BE474915166B61B84C025F1F10157, 41F5E2C29F602D272138A6FA0E0FC3369491DABEFF123EF3914613979BA6BDA8 ] AFD C:\Windows\system32\drivers\afd.sys
20:01:13.0272 0x167c AFD - ok
20:01:13.0286 0x167c [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:01:13.0287 0x167c agp440 - ok
20:01:13.0305 0x167c [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache C:\Windows\system32\DRIVERS\ahcache.sys
20:01:13.0307 0x167c ahcache - ok
20:01:13.0329 0x167c [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG C:\Windows\System32\alg.exe
20:01:13.0331 0x167c ALG - ok
20:01:13.0363 0x167c [ 439F8344D8ACDAEFD6469415E56A76F1, BEC0E6138CC66098F441B0F247FDF0B11C895C59CF3C45F4D3FF3AD58C0F6C97 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
20:01:13.0368 0x167c AMD External Events Utility - ok
20:01:13.0391 0x167c [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\Windows\System32\drivers\amdk8.sys
20:01:13.0394 0x167c AmdK8 - ok
20:01:13.0727 0x167c [ CAF488C84A7F7470AD5D897D1FA46705, 3C30BAC7F6D882E5CF4DE0851236F1B7F4612B1FB696B090C4903778213DC06E ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
20:01:14.0055 0x167c amdkmdag - ok
20:01:14.0121 0x167c [ A5EE5FCA0E14E28B13C45FA773244BD6, 1A738852623B0A7CC327BD4D04F8B2933A17BB20DECEC8CEED4C73E11CEB2765 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
20:01:14.0133 0x167c amdkmdap - ok
20:01:14.0155 0x167c [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\Windows\System32\drivers\amdppm.sys
20:01:14.0157 0x167c AmdPPM - ok
20:01:14.0166 0x167c [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:01:14.0168 0x167c amdsata - ok
20:01:14.0196 0x167c [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
20:01:14.0201 0x167c amdsbs - ok
20:01:14.0218 0x167c [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:01:14.0219 0x167c amdxata - ok
20:01:14.0281 0x167c [ 4FC7BAC09543260A47AB9BFC7EDF446F, 109A56B6F921DCD80EE123D9F3202C8B640A89FF8C8A064260570D138488ECFA ] Apache S:\Apache\bin\httpd.exe
20:01:14.0282 0x167c Apache - ok
20:01:14.0331 0x167c [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID C:\Windows\system32\drivers\appid.sys
20:01:14.0333 0x167c AppID - ok
20:01:14.0359 0x167c [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:01:14.0360 0x167c AppIDSvc - ok
20:01:14.0387 0x167c [ 8D6F535461F6CFF75A8ADDF83024C904, F2A97EC4A6284F28B685A3CE2D450F61E75EE8692D718A6AA352D5734BBBAD7B ] Appinfo C:\Windows\System32\appinfo.dll
20:01:14.0389 0x167c Appinfo - ok
20:01:14.0405 0x167c [ 8176FBA685178FB0F52D46693474FA50, 69FE3692C7FE24289A479ADD74F2C782B59A099B7B07FE5ACFC4DA899E40BFDE ] AppMgmt C:\Windows\System32\appmgmts.dll
20:01:14.0409 0x167c AppMgmt - ok
20:01:14.0455 0x167c [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness C:\Windows\system32\AppReadiness.dll
20:01:14.0466 0x167c AppReadiness - ok
20:01:14.0523 0x167c [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc C:\Windows\system32\appxdeploymentserver.dll
20:01:14.0550 0x167c AppXSvc - ok
20:01:14.0570 0x167c [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:01:14.0572 0x167c arcsas - ok
20:01:14.0582 0x167c [ 3DB7721F06BC2FEDB25029EA23AB27DA, 221861148C66FE53E4D6EE49C6E656479AB5804A2D348A280A1CD8093E8AB788 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:01:14.0583 0x167c AsyncMac - ok
20:01:14.0596 0x167c [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\Windows\system32\drivers\atapi.sys
20:01:14.0597 0x167c atapi - ok
20:01:14.0717 0x167c [ 37B33DDE5490A2DF56DFB46580356E3F, 40FE378C9010B06FD7ADE30F76F916D5BDBB26525CF3D11D5780E2247B6099D8 ] athr C:\Windows\system32\DRIVERS\athwbx.sys
20:01:14.0820 0x167c athr - ok
20:01:14.0854 0x167c [ 886767FD022213F7885416134E9082E5, E248D82210FBEBF62C23EBEC74A976B2D1A4E62D3B7638D95B2574B77BA05DD0 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
20:01:14.0859 0x167c AudioEndpointBuilder - ok
20:01:14.0895 0x167c [ 79B134ECE836B406B212E28C24011538, 1B875DD23CCAD8A2759DCDBCDCF3DE14231B9DB5EEC8E84FE081E41A52A047A1 ] Audiosrv C:\Windows\System32\Audiosrv.dll
20:01:14.0912 0x167c Audiosrv - ok
20:01:14.0933 0x167c [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:01:14.0936 0x167c AxInstSV - ok
20:01:14.0968 0x167c [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
20:01:14.0979 0x167c b06bdrv - ok
20:01:14.0998 0x167c [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys
20:01:15.0000 0x167c BasicDisplay - ok
20:01:15.0050 0x167c [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\Windows\System32\drivers\BasicRender.sys
20:01:15.0052 0x167c BasicRender - ok
20:01:15.0063 0x167c [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\Windows\System32\drivers\bcmfn2.sys
20:01:15.0064 0x167c bcmfn2 - ok
20:01:15.0099 0x167c [ 5BD3A2351BEFCAC8757626271F8EFA89, 6508673210129CF7EFCA93EC7874208FAD361E37814EB4FE9E0EC034E73D5F16 ] BDESVC C:\Windows\System32\bdesvc.dll
20:01:15.0107 0x167c BDESVC - ok
20:01:15.0122 0x167c [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\Windows\system32\drivers\Beep.sys
20:01:15.0122 0x167c Beep - ok
20:01:15.0166 0x167c [ BBE15881FE11BE37112F8320C41DAFB9, 5CE92563628812FF6E00556D8E2DAD6ADCAAF0F4C3B90123F1D98ED6E3BB6DAD ] BFE C:\Windows\System32\bfe.dll
20:01:15.0182 0x167c BFE - ok
20:01:15.0229 0x167c [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS C:\Windows\System32\qmgr.dll
20:01:15.0250 0x167c BITS - ok
20:01:15.0277 0x167c [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:01:15.0280 0x167c bowser - ok
20:01:15.0308 0x167c [ F2559A492AF8D653D1F47ADABA4C3E97, 77347915FB433023769699DFC9511F54E69C7FC7AB75F57FDC1A58E64A7126DE ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
20:01:15.0314 0x167c BrokerInfrastructure - ok
20:01:15.0337 0x167c [ D528D6A92D187777691993DD757AF19A, 2C79978310193431E5FC462368424A172858D5351C92D4815C2A7E35B5DDE50C ] Browser C:\Windows\System32\browser.dll
20:01:15.0340 0x167c Browser - ok
20:01:15.0381 0x167c [ 39FFF1464DD0809B67D3E70E885485C8, B647D9A06D413DA92236D193515FCAFF9ADE826635F8A966CE1B3DA9A72A6C50 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
20:01:15.0393 0x167c BtFilter - ok
20:01:15.0403 0x167c [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys
20:01:15.0404 0x167c BthAvrcpTg - ok
20:01:15.0450 0x167c [ 131F1C8573E7BFB41C54FBF5309CCD94, DAFE51E3BADBD82A33B580F212B2D6520A120877C23F6D675521FEA2F4BA5A1F ] BthEnum C:\Windows\System32\drivers\BthEnum.sys
20:01:15.0452 0x167c BthEnum - ok
20:01:15.0473 0x167c [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys
20:01:15.0475 0x167c BthHFEnum - ok
20:01:15.0493 0x167c [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys
20:01:15.0494 0x167c bthhfhid - ok
20:01:15.0530 0x167c [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum C:\Windows\System32\drivers\BthLEEnum.sys
20:01:15.0536 0x167c BthLEEnum - ok
20:01:15.0546 0x167c [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys
20:01:15.0548 0x167c BTHMODEM - ok
20:01:15.0572 0x167c [ 3AFE71D80EDF5D4DE0C5731352905669, 3E370169B8C5D301954D1F1DA302F7A0DB2A034990E10B3D64458C48E5693205 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
20:01:15.0575 0x167c BthPan - ok
20:01:15.0638 0x167c [ 92370F46AF28D54B67C135FA8C2AFCFC, B1C0DBF27D392DEA8786AB9479C6CCD5A5DBDF3BE25ABA5FC7C6DB6D3EEE739B ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
20:01:15.0667 0x167c BTHPORT - ok
20:01:15.0695 0x167c [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv C:\Windows\system32\bthserv.dll
20:01:15.0697 0x167c bthserv - ok
20:01:15.0733 0x167c [ 23E75BED9076F856B36F5F934BBD5795, CCEB72B788522B7D52A6C07646005EBC68F9599D3714ECACF3A194CA47A1BE85 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
20:01:15.0735 0x167c BTHUSB - ok
20:01:15.0751 0x167c [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:01:15.0753 0x167c cdfs - ok
20:01:15.0779 0x167c [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\Windows\System32\drivers\cdrom.sys
20:01:15.0782 0x167c cdrom - ok
20:01:15.0808 0x167c [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc C:\Windows\System32\certprop.dll
20:01:15.0811 0x167c CertPropSvc - ok
20:01:15.0822 0x167c [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\Windows\System32\drivers\circlass.sys
20:01:15.0823 0x167c circlass - ok
20:01:15.0855 0x167c [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS C:\Windows\system32\drivers\CLFS.sys
20:01:15.0863 0x167c CLFS - ok
20:01:15.0896 0x167c [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\Windows\System32\drivers\CmBatt.sys
20:01:15.0897 0x167c CmBatt - ok
20:01:15.0937 0x167c [ 4627C1FBF2802425A408A2D2AF28CF85, 8B91C1BE1104BE93C0D689A20315FD106D89A076267493319B104EE73A90CDCB ] CNG C:\Windows\system32\Drivers\cng.sys
20:01:15.0948 0x167c CNG - ok
20:01:15.0979 0x167c [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\Windows\System32\drivers\CompositeBus.sys
20:01:15.0980 0x167c CompositeBus - ok
20:01:15.0984 0x167c COMSysApp - ok
20:01:16.0003 0x167c [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\Windows\system32\drivers\condrv.sys
20:01:16.0004 0x167c condrv - ok
20:01:16.0057 0x167c [ 6DB7264A95FE984FFA072BA79FA087C8, CF180663B24B1660CD04CB26D8663FB7F357C9CF5731B315635D63B7DB76BCEC ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
20:01:16.0063 0x167c cphs - ok
20:01:16.0094 0x167c [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:01:16.0097 0x167c CryptSvc - ok
20:01:16.0125 0x167c [ EE2F3C0D6ADBC975D6B621EC15ACF4E2, D158C0FACA6344BCD77616EC3D23212F9FD76D7D0C834ACA51998B80162106D5 ] CSC C:\Windows\system32\drivers\csc.sys
20:01:16.0137 0x167c CSC - ok
20:01:16.0167 0x167c [ 936D9E2871CEEFF6A33695D98374367B, C30D42E870F196C4FA20AF95C7B9D9C9C5414D6DDE71268F88C3FC5BF372E61B ] CscService C:\Windows\System32\cscsvc.dll
20:01:16.0183 0x167c CscService - ok
20:01:16.0204 0x167c [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\Windows\system32\drivers\dam.sys
20:01:16.0206 0x167c dam - ok
20:01:16.0251 0x167c [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:01:16.0264 0x167c DcomLaunch - ok
20:01:16.0307 0x167c [ AF3FF97AC2A73E70F8A8D11FB694175B, 3AA25BF9DED08056F52ACF246118C13C8816B5E8AA4D8606DB7DAB4E4E6A9169 ] defragsvc C:\Windows\System32\defragsvc.dll
20:01:16.0317 0x167c defragsvc - ok
20:01:16.0358 0x167c [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\Windows\system32\das.dll
20:01:16.0366 0x167c DeviceAssociationService - ok
20:01:16.0390 0x167c [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall C:\Windows\system32\umpnpmgr.dll
20:01:16.0394 0x167c DeviceInstall - ok
20:01:16.0409 0x167c [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\Windows\system32\Drivers\dfsc.sys
20:01:16.0413 0x167c Dfsc - ok
20:01:16.0443 0x167c [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
20:01:16.0445 0x167c dg_ssudbus - ok
20:01:16.0476 0x167c [ 8B107F55FD61654A6C9F1B819AEC5FC4, 773B1B9D3583F17B7C89BDE1EC4487ABB0AE039DF4583F8746460425443DA291 ] Dhcp C:\Windows\system32\dhcpcore.dll
20:01:16.0484 0x167c Dhcp - ok
20:01:16.0506 0x167c [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\Windows\system32\drivers\disk.sys
20:01:16.0509 0x167c disk - ok
20:01:16.0524 0x167c [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\Windows\System32\drivers\dmvsc.sys
20:01:16.0525 0x167c dmvsc - ok
20:01:16.0559 0x167c [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:01:16.0564 0x167c Dnscache - ok
20:01:16.0602 0x167c [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc C:\Windows\System32\dot3svc.dll
20:01:16.0608 0x167c dot3svc - ok
20:01:16.0623 0x167c [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS C:\Windows\system32\dps.dll
20:01:16.0628 0x167c DPS - ok
20:01:16.0669 0x167c [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:01:16.0670 0x167c drmkaud - ok
20:01:16.0696 0x167c [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll
20:01:16.0701 0x167c DsmSvc - ok
20:01:16.0767 0x167c [ C7D252742946DD395670649742FBD73D, 333CC984CF318D36EA8C5867077A1732A214445EB6B7CF7AC2E8F1C8259CD9C7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:01:16.0799 0x167c DXGKrnl - ok
20:01:16.0816 0x167c [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost C:\Windows\System32\eapsvc.dll
20:01:16.0819 0x167c Eaphost - ok
20:01:16.0929 0x167c [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\Windows\system32\drivers\evbda.sys
20:01:17.0021 0x167c ebdrv - ok
20:01:17.0054 0x167c [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS C:\Windows\System32\lsass.exe
20:01:17.0056 0x167c EFS - ok
20:01:17.0081 0x167c [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys
20:01:17.0083 0x167c EhStorClass - ok
20:01:17.0099 0x167c [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys
20:01:17.0102 0x167c EhStorTcgDrv - ok
20:01:17.0121 0x167c [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\Windows\System32\drivers\errdev.sys
20:01:17.0122 0x167c ErrDev - ok
20:01:17.0161 0x167c [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem C:\Windows\system32\es.dll
20:01:17.0169 0x167c EventSystem - ok
20:01:17.0196 0x167c [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\Windows\system32\drivers\exfat.sys
20:01:17.0200 0x167c exfat - ok
20:01:17.0221 0x167c [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:01:17.0225 0x167c fastfat - ok
20:01:17.0255 0x167c [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax C:\Windows\system32\fxssvc.exe
20:01:17.0269 0x167c Fax - ok
20:01:17.0287 0x167c [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\Windows\System32\drivers\fdc.sys
20:01:17.0289 0x167c fdc - ok
20:01:17.0305 0x167c [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost C:\Windows\system32\fdPHost.dll
20:01:17.0306 0x167c fdPHost - ok
20:01:17.0321 0x167c [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub C:\Windows\system32\fdrespub.dll
20:01:17.0322 0x167c FDResPub - ok
20:01:17.0340 0x167c [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc C:\Windows\system32\fhsvc.dll
20:01:17.0343 0x167c fhsvc - ok
20:01:17.0367 0x167c [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:01:17.0369 0x167c FileInfo - ok
20:01:17.0379 0x167c [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:01:17.0380 0x167c Filetrace - ok
20:01:17.0398 0x167c [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\Windows\System32\drivers\flpydisk.sys
20:01:17.0399 0x167c flpydisk - ok
20:01:17.0438 0x167c [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:01:17.0445 0x167c FltMgr - ok
20:01:17.0501 0x167c [ 3FA6DC6B29717E32E211C1FD821F2C75, E467F3775427C93CC2B87327B0A45669631A5FC460C558F6796BA26002A8BBFC ] FontCache C:\Windows\system32\FntCache.dll
20:01:17.0531 0x167c FontCache - ok
20:01:17.0597 0x167c [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:01:17.0598 0x167c FontCache3.0.0.0 - ok
20:01:17.0617 0x167c [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:01:17.0619 0x167c FsDepends - ok
20:01:17.0630 0x167c [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:01:17.0630 0x167c Fs_Rec - ok
20:01:17.0677 0x167c [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:01:17.0690 0x167c fvevol - ok
20:01:17.0706 0x167c [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\Windows\System32\drivers\fxppm.sys
20:01:17.0707 0x167c FxPPM - ok
20:01:17.0731 0x167c [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:01:17.0732 0x167c gagp30kx - ok
20:01:17.0741 0x167c [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys
20:01:17.0742 0x167c gencounter - ok
20:01:17.0773 0x167c [ EF3AE7773394DF49CE74AF78A1C8D23D, CB12FF004C460A89F12AFF2467512B479A07CA10D4280CD4E624A5A9CDAB9C1B ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys
20:01:17.0777 0x167c GPIOClx0101 - ok
20:01:17.0845 0x167c [ 383DA813409316D69603C1D849834D24, E1AAD3AB567457B00B8A378D5BA37ED653EE451FF79D071A8815FB8B1EB90DAF ] gpsvc C:\Windows\System32\gpsvc.dll
20:01:17.0873 0x167c gpsvc - ok
20:01:17.0907 0x167c [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:01:17.0918 0x167c HdAudAddService - ok
20:01:17.0937 0x167c [ 498288DD5CA42C2D36D125893E968C53, 03B62FA51F9195D77170DCEFF3A93A6898AA96FB610044DDAE83767DA12745C5 ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys
20:01:17.0940 0x167c HDAudBus - ok
20:01:17.0958 0x167c [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\Windows\System32\drivers\HidBatt.sys
20:01:17.0959 0x167c HidBatt - ok
20:01:17.0975 0x167c [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth C:\Windows\System32\drivers\hidbth.sys
20:01:17.0977 0x167c HidBth - ok
20:01:17.0992 0x167c [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys
20:01:17.0994 0x167c hidi2c - ok
20:01:18.0010 0x167c [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\Windows\System32\drivers\hidir.sys
20:01:18.0011 0x167c HidIr - ok
20:01:18.0034 0x167c [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv C:\Windows\system32\hidserv.dll
20:01:18.0035 0x167c hidserv - ok
20:01:18.0058 0x167c [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\Windows\System32\drivers\hidusb.sys
20:01:18.0059 0x167c HidUsb - ok
20:01:18.0078 0x167c [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:01:18.0082 0x167c hkmsvc - ok
20:01:18.0103 0x167c [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:01:18.0109 0x167c HomeGroupListener - ok
20:01:18.0150 0x167c [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:01:18.0158 0x167c HomeGroupProvider - ok
20:01:18.0190 0x167c [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:01:18.0192 0x167c HpSAMD - ok
20:01:18.0238 0x167c [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:01:18.0259 0x167c HTTP - ok
20:01:18.0272 0x167c [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:01:18.0273 0x167c hwpolicy - ok
20:01:18.0295 0x167c [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys
20:01:18.0296 0x167c hyperkbd - ok
20:01:18.0309 0x167c [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\Windows\system32\DRIVERS\HyperVideo.sys
20:01:18.0310 0x167c HyperVideo - ok
20:01:18.0335 0x167c [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt C:\Windows\System32\drivers\i8042prt.sys
20:01:18.0339 0x167c i8042prt - ok
20:01:18.0357 0x167c [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
20:01:18.0358 0x167c iaLPSSi_GPIO - ok
20:01:18.0371 0x167c [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\Windows\System32\drivers\iaLPSSi_I2C.sys
20:01:18.0374 0x167c iaLPSSi_I2C - ok
20:01:18.0409 0x167c [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\Windows\system32\drivers\iaStorAV.sys
20:01:18.0423 0x167c iaStorAV - ok
20:01:18.0454 0x167c [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:01:18.0462 0x167c iaStorV - ok
20:01:18.0467 0x167c IEEtwCollectorService - ok
20:01:18.0604 0x167c [ 0AECABC08F9AB4E504935B7662123B6E, 79D1C801A8FB0920469D6088158C518481485A065E8AF2E580FE4FCC1DE8F39B ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
20:01:18.0718 0x167c igfx - ok
20:01:18.0776 0x167c [ CFE7F0267B0C3077042FF291949B5546, 7B8C432632D0210119BFF57D4994F2B8F75307A9D6867353AF93BBA3F561595B ] IKEEXT C:\Windows\System32\ikeext.dll
20:01:18.0798 0x167c IKEEXT - ok
20:01:18.0823 0x167c [ F0F581A2299CB2BAB1DF2597BCDDB80F, EE485AF3049C87666BC6D6BFFC8A0EB4B95831D9061EB81848ECEE29C4232BF4 ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
20:01:18.0824 0x167c intaud_WaveExtensible - ok
20:01:18.0855 0x167c [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\Windows\system32\drivers\intelide.sys
20:01:18.0856 0x167c intelide - ok
20:01:18.0884 0x167c [ 139CFCDCD36B1B1782FD8C0014AC9B0E, E0D7E0E9B46A8CECE138D689820023BFA650FB689E4FD62855BED37E04F2D9FF ] intelpep C:\Windows\system32\drivers\intelpep.sys
20:01:18.0885 0x167c intelpep - ok
20:01:18.0898 0x167c [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\Windows\System32\drivers\intelppm.sys
20:01:18.0901 0x167c intelppm - ok
20:01:18.0917 0x167c [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:01:18.0919 0x167c IpFilterDriver - ok
20:01:18.0975 0x167c [ DFC4050D58565ADBEE793A8D4AEBDAE6, 89B900408F030CD45753A11D6AE6CBAB87E8B0E3F8401402D2D8713C045BF488 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:01:18.0994 0x167c iphlpsvc - ok
20:01:19.0020 0x167c [ FD9C9E9E3F0ED51502C7E8C066BE26B9, 290E74380F1543DD22C9F3821513B3E2FB42E995724238D8779CBBCB4FC386C8 ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys
20:01:19.0022 0x167c IPMIDRV - ok
20:01:19.0052 0x167c [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:01:19.0055 0x167c IPNAT - ok
20:01:19.0072 0x167c [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:01:19.0073 0x167c IRENUM - ok
20:01:19.0089 0x167c [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:01:19.0090 0x167c isapnp - ok
20:01:19.0125 0x167c [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys
20:01:19.0133 0x167c iScsiPrt - ok
20:01:19.0162 0x167c [ C2BC9AC9C6514230A481BDCA6A24BEFD, 84E41675D11EF2EEECED23C8469503C8D12810A2C6B6743D7AA322EB6DF7E68D ] iwdbus C:\Windows\System32\drivers\iwdbus.sys
20:01:19.0163 0x167c iwdbus - ok
20:01:19.0189 0x167c [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass C:\Windows\System32\drivers\kbdclass.sys
20:01:19.0191 0x167c kbdclass - ok
20:01:19.0203 0x167c [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid C:\Windows\System32\drivers\kbdhid.sys
20:01:19.0205 0x167c kbdhid - ok
20:01:19.0219 0x167c [ DB7A09BC90DF20F44F16F8B0F9ED3491, 2DF5E042284D61368A5801B2557351B2C4B1044AA6F966DF4DDCE7B453D1B9AE ] kbldfltr C:\Windows\system32\drivers\kbldfltr.sys
20:01:19.0220 0x167c kbldfltr - ok
20:01:19.0231 0x167c [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\Windows\system32\DRIVERS\kdnic.sys
20:01:19.0232 0x167c kdnic - ok
20:01:19.0243 0x167c [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso C:\Windows\system32\lsass.exe
20:01:19.0244 0x167c KeyIso - ok
20:01:19.0271 0x167c [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:01:19.0273 0x167c KSecDD - ok
20:01:19.0306 0x167c [ F88CC88F4A6D8476F1664E805CA18CC2, 2C61EE5EEA4FD45AA3FA927CC16E34EF90BD44324EAB14198AF65C3A27617991 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:01:19.0311 0x167c KSecPkg - ok
20:01:19.0325 0x167c [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:01:19.0326 0x167c ksthunk - ok
20:01:19.0362 0x167c [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm C:\Windows\system32\msdtckrm.dll
20:01:19.0370 0x167c KtmRm - ok
20:01:19.0404 0x167c [ 46378ECCB4A29AA81BF296641C2501EF, 5AB79BD824C00EF1338FDB8450692318AB14E0AE4145C30B37136767DFC1E4F9 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:01:19.0412 0x167c LanmanServer - ok
20:01:19.0439 0x167c [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:01:19.0446 0x167c LanmanWorkstation - ok
20:01:19.0481 0x167c [ 626D19F1771E1AE72208AE9A8F3082F7, 78FDB64545ED2EAE9F51C08120E21D2C3285208F6846BD8BBA08CAA839E7A0C4 ] lfsvc C:\Windows\System32\GeofenceMonitorService.dll
20:01:19.0492 0x167c lfsvc - ok
20:01:19.0513 0x167c [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:01:19.0514 0x167c lltdio - ok
20:01:19.0544 0x167c [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:01:19.0551 0x167c lltdsvc - ok
20:01:19.0562 0x167c [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:01:19.0564 0x167c lmhosts - ok
20:01:19.0579 0x167c [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:01:19.0581 0x167c LSI_SAS - ok
20:01:19.0610 0x167c [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
20:01:19.0612 0x167c LSI_SAS2 - ok
20:01:19.0628 0x167c [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\Windows\system32\drivers\lsi_sas3.sys
20:01:19.0630 0x167c LSI_SAS3 - ok
20:01:19.0635 0x167c [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys
20:01:19.0637 0x167c LSI_SSS - ok
20:01:19.0685 0x167c [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM C:\Windows\System32\lsm.dll
20:01:19.0700 0x167c LSM - ok
20:01:19.0732 0x167c [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\Windows\system32\drivers\luafv.sys
20:01:19.0735 0x167c luafv - ok
20:01:19.0758 0x167c [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\Windows\system32\drivers\megasas.sys
20:01:19.0760 0x167c megasas - ok
20:01:19.0806 0x167c [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\Windows\system32\drivers\megasr.sys
20:01:19.0818 0x167c megasr - ok
20:01:19.0843 0x167c [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS C:\Windows\system32\mmcss.dll
20:01:19.0846 0x167c MMCSS - ok
20:01:19.0868 0x167c [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\Windows\system32\drivers\modem.sys
20:01:19.0869 0x167c Modem - ok
20:01:19.0884 0x167c [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\Windows\System32\drivers\monitor.sys
20:01:19.0885 0x167c monitor - ok
20:01:19.0899 0x167c [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass C:\Windows\System32\drivers\mouclass.sys
20:01:19.0901 0x167c mouclass - ok
20:01:19.0919 0x167c [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid C:\Windows\System32\drivers\mouhid.sys
20:01:19.0920 0x167c mouhid - ok
20:01:19.0943 0x167c [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:01:19.0946 0x167c mountmgr - ok
20:01:19.0959 0x167c [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:01:19.0962 0x167c mpsdrv - ok
20:01:20.0006 0x167c [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:01:20.0024 0x167c MpsSvc - ok
20:01:20.0053 0x167c [ 1D55DADC22D21883A2F80297F5A5AE48, B79DF4AFC2A9CBC54E74233596544D6E41C8CAA0516BD57CA695D051EC780265 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:01:20.0057 0x167c MRxDAV - ok
20:01:20.0093 0x167c [ 0696F66E4D423793951A60562F794D14, E808E4E160C019F2F10762758F48C4565037974775CD267DF06B8B4A2CE26705 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:01:20.0101 0x167c mrxsmb - ok
20:01:20.0124 0x167c [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:01:20.0130 0x167c mrxsmb10 - ok
20:01:20.0167 0x167c [ DBA635C6398782C549E3BE45CF1D0411, E9806E075F401D3E7357E876C7F941F7DAFFBBEE065DC3FE556014F5D92EDAC0 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:01:20.0172 0x167c mrxsmb20 - ok
20:01:20.0197 0x167c [ 4E888019078AC363076A5433E89AA4F8, 3DEBDA290230B3E83F956C902C960E39463B7EFE86439199521356762769FD91 ] MsBridge C:\Windows\system32\DRIVERS\bridge.sys
20:01:20.0200 0x167c MsBridge - ok
20:01:20.0232 0x167c [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC C:\Windows\System32\msdtc.exe
20:01:20.0236 0x167c MSDTC - ok
20:01:20.0249 0x167c [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:01:20.0250 0x167c Msfs - ok
20:01:20.0267 0x167c [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys
20:01:20.0269 0x167c msgpiowin32 - ok
20:01:20.0281 0x167c [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:01:20.0281 0x167c mshidkmdf - ok
20:01:20.0306 0x167c [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys
20:01:20.0306 0x167c mshidumdf - ok
20:01:20.0317 0x167c [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:01:20.0318 0x167c msisadrv - ok
20:01:20.0349 0x167c [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:01:20.0353 0x167c MSiSCSI - ok
20:01:20.0357 0x167c msiserver - ok
20:01:20.0374 0x167c [ D22AE5313F6B7EFDDD8C117B5501F4A3, 1937EEE33BF9C4485F172B10FB17AEF3F3B8978371307F49C3338D74D96A8389 ] MsKeyboardFilter C:\Windows\System32\KeyboardFilterSvc.dll
20:01:20.0377 0x167c MsKeyboardFilter - ok
20:01:20.0405 0x167c [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:01:20.0405 0x167c MSKSSRV - ok
20:01:20.0420 0x167c [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp C:\Windows\system32\DRIVERS\mslldp.sys
20:01:20.0422 0x167c MsLldp - ok
20:01:20.0425 0x167c [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:01:20.0426 0x167c MSPCLOCK - ok
20:01:20.0430 0x167c [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:01:20.0430 0x167c MSPQM - ok
20:01:20.0456 0x167c [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:01:20.0464 0x167c MsRPC - ok
20:01:20.0497 0x167c [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\Windows\System32\drivers\mssmbios.sys
20:01:20.0498 0x167c mssmbios - ok
20:01:20.0508 0x167c [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:01:20.0508 0x167c MSTEE - ok
20:01:20.0513 0x167c [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\Windows\System32\drivers\MTConfig.sys
20:01:20.0514 0x167c MTConfig - ok
20:01:20.0531 0x167c [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\Windows\system32\Drivers\mup.sys
20:01:20.0533 0x167c Mup - ok
20:01:20.0538 0x167c [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\Windows\system32\drivers\mvumis.sys
20:01:20.0539 0x167c mvumis - ok
20:01:20.0589 0x167c MySQL - ok
20:01:20.0637 0x167c [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent C:\Windows\system32\qagentRT.dll
20:01:20.0647 0x167c napagent - ok
20:01:20.0682 0x167c [ 78514B073CC5775800A65BFB82A0D66B, DCD18E277569F23921E899F508860F89ABD417C74A7776152A4463284A989488 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:01:20.0691 0x167c NativeWifiP - ok
20:01:20.0720 0x167c [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc C:\Windows\System32\ncasvc.dll
20:01:20.0724 0x167c NcaSvc - ok
20:01:20.0745 0x167c [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService C:\Windows\System32\ncbservice.dll
20:01:20.0748 0x167c NcbService - ok
20:01:20.0758 0x167c [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll
20:01:20.0761 0x167c NcdAutoSetup - ok
20:01:20.0817 0x167c [ F21B77B4D74092A543807D3CEB711A88, 5C3C17A10E990070FAB317C0C5333DE768E408CAF43EC4FA9D18116C6EE3B3DC ] NDIS C:\Windows\system32\drivers\ndis.sys
20:01:20.0840 0x167c NDIS - ok
20:01:20.0854 0x167c [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:01:20.0855 0x167c NdisCap - ok
20:01:20.0872 0x167c [ 9F1DA20E943BE7AA4ED5F3E1EBA78B37, CCD99962917BBE256F64AE14CCC9FD12433C72B5DB98E0E57CA8F212A11B3C8F ] NdisImPlatform C:\Windows\system32\DRIVERS\NdisImPlatform.sys
20:01:20.0875 0x167c NdisImPlatform - ok
20:01:20.0895 0x167c [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:01:20.0896 0x167c NdisTapi - ok
20:01:20.0912 0x167c [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:01:20.0913 0x167c Ndisuio - ok
20:01:20.0926 0x167c [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\Windows\System32\drivers\NdisVirtualBus.sys
20:01:20.0927 0x167c NdisVirtualBus - ok
20:01:20.0953 0x167c [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:01:20.0956 0x167c NdisWan - ok
20:01:20.0963 0x167c [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\Windows\system32\DRIVERS\ndiswan.sys
20:01:20.0966 0x167c NdisWanLegacy - ok
20:01:20.0979 0x167c [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:01:20.0980 0x167c NDProxy - ok
20:01:20.0998 0x167c [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu C:\Windows\system32\drivers\Ndu.sys
20:01:21.0000 0x167c Ndu - ok
20:01:21.0012 0x167c [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:01:21.0013 0x167c NetBIOS - ok
20:01:21.0038 0x167c [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:01:21.0044 0x167c NetBT - ok
20:01:21.0054 0x167c [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon C:\Windows\system32\lsass.exe
20:01:21.0056 0x167c Netlogon - ok
20:01:21.0081 0x167c [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman C:\Windows\System32\netman.dll
20:01:21.0087 0x167c Netman - ok
20:01:21.0107 0x167c [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm C:\Windows\System32\netprofmsvc.dll
20:01:21.0119 0x167c netprofm - ok
20:01:21.0165 0x167c [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:01:21.0178 0x167c NetTcpPortSharing - ok

[lin]

20:01:21.0204 0x167c [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc C:\Windows\system32\DRIVERS\netvsc63.sys
20:01:21.0206 0x167c netvsc - ok
20:01:21.0239 0x167c [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc C:\Windows\System32\nlasvc.dll
20:01:21.0248 0x167c NlaSvc - ok
20:01:21.0268 0x167c [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:01:21.0269 0x167c Npfs - ok
20:01:21.0279 0x167c [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys
20:01:21.0280 0x167c npsvctrig - ok
20:01:21.0301 0x167c [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi C:\Windows\system32\nsisvc.dll
20:01:21.0302 0x167c nsi - ok
20:01:21.0313 0x167c [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:01:21.0314 0x167c nsiproxy - ok
20:01:21.0378 0x167c [ 1C80517BE6836A812F6A9B99B8321351, 7DBED4633820E201C9C242D961EF6F25BA2B1D5593BA60F707CC71A4014C2D4B ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:01:21.0420 0x167c Ntfs - ok
20:01:21.0434 0x167c [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\Windows\system32\drivers\Null.sys
20:01:21.0435 0x167c Null - ok
20:01:21.0458 0x167c [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:01:21.0461 0x167c nvraid - ok
20:01:21.0468 0x167c [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:01:21.0472 0x167c nvstor - ok
20:01:21.0478 0x167c [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:01:21.0481 0x167c nv_agp - ok
20:01:21.0536 0x167c [ 11E0B35479C895888BA3D7F619DCFFF3, 6ED82C19898101EC00BD64A9F90595C3D20AD2D2902AA8765B740FB3B9312DDF ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:01:21.0540 0x167c ose64 - ok
20:01:21.0577 0x167c [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:01:21.0586 0x167c p2pimsvc - ok
20:01:21.0622 0x167c [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc C:\Windows\system32\p2psvc.dll
20:01:21.0632 0x167c p2psvc - ok
20:01:21.0669 0x167c [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\Windows\System32\drivers\parport.sys
20:01:21.0672 0x167c Parport - ok
20:01:21.0683 0x167c [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:01:21.0686 0x167c partmgr - ok
20:01:21.0726 0x167c [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:01:21.0737 0x167c PcaSvc - ok
20:01:21.0767 0x167c [ 275AFE3FA35E8D78BE97695DF49817C6, 447CEBB16285AE073B4251D2DA71399306EF2DCB7F56286ABE2F0BD6C83EB489 ] pci C:\Windows\system32\drivers\pci.sys
20:01:21.0774 0x167c pci - ok
20:01:21.0783 0x167c [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\Windows\system32\drivers\pciide.sys
20:01:21.0784 0x167c pciide - ok
20:01:21.0817 0x167c [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:01:21.0820 0x167c pcmcia - ok
20:01:21.0834 0x167c [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\Windows\system32\drivers\pcw.sys
20:01:21.0835 0x167c pcw - ok
20:01:21.0870 0x167c [ B9D968D8E2B0F9C6301CEB39CFC9B9E4, 83F32831B0727F18B56DC3CAF37E45A3523D2BBCD54D1421F0DE5A0179D8A404 ] pdc C:\Windows\system32\drivers\pdc.sys
20:01:21.0872 0x167c pdc - ok
20:01:21.0922 0x167c [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:01:21.0936 0x167c PEAUTH - ok
20:01:22.0007 0x167c [ 084DE525DFE82AE7453DD527390FA110, 8216AE63AE740D97204CDED6543B66FC1FB55DB86D42FBA0EC629361C40F9EC0 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
20:01:22.0054 0x167c PeerDistSvc - ok
20:01:22.0109 0x167c [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:01:22.0110 0x167c PerfHost - ok
20:01:22.0168 0x167c [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla C:\Windows\system32\pla.dll
20:01:22.0199 0x167c pla - ok
20:01:22.0236 0x167c [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:01:22.0239 0x167c PlugPlay - ok
20:01:22.0258 0x167c [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:01:22.0259 0x167c PNRPAutoReg - ok
20:01:22.0277 0x167c [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:01:22.0284 0x167c PNRPsvc - ok
20:01:22.0315 0x167c [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:01:22.0324 0x167c PolicyAgent - ok
20:01:22.0346 0x167c [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power C:\Windows\system32\umpo.dll
20:01:22.0348 0x167c Power - ok
20:01:22.0377 0x167c [ E075CC071022BD4E9BE7C024717C0E0A, BE65A8C1082AE8DF8C37CA06B2BCC521478AC153EA7388B03F7FAE3913920E75 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:01:22.0379 0x167c PptpMiniport - ok
20:01:22.0491 0x167c [ B7DB57A000D46D4DE75BC0C563E58072, 8183EB09DC4D44DFF027CA0AAA8C09921A14F088C1BC427B6ACA42340AAF69E6 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
20:01:22.0575 0x167c PrintNotify - ok
20:01:22.0615 0x167c [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\Windows\System32\drivers\processr.sys
20:01:22.0617 0x167c Processor - ok
20:01:22.0649 0x167c [ B2A890D96C05E33FDD2BF3F3D4D0DF92, 3A29E17424429A5654D906E420D938148F09F57457356EFA72DA003B73F2D81E ] ProfSvc C:\Windows\system32\profsvc.dll
20:01:22.0654 0x167c ProfSvc - ok
20:01:22.0665 0x167c [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:01:22.0669 0x167c Psched - ok
20:01:22.0697 0x167c [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE C:\Windows\system32\qwave.dll
20:01:22.0704 0x167c QWAVE - ok
20:01:22.0718 0x167c [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:01:22.0720 0x167c QWAVEdrv - ok
20:01:22.0738 0x167c [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:01:22.0739 0x167c RasAcd - ok
20:01:22.0763 0x167c [ 55FE43112F61836D0581D615C72AA113, 35665E09BD74BD078A0BC49BF98102B5F3679A3FA2AC25FB629D448652D9938F ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:01:22.0765 0x167c RasAgileVpn - ok
20:01:22.0788 0x167c [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto C:\Windows\System32\rasauto.dll
20:01:22.0791 0x167c RasAuto - ok
20:01:22.0820 0x167c [ BBB6272B7F46C4640A8CDB8A70C3450F, 4266C3ABD0D1D0219F715EA0F155744F7C1E3A7B722BE863831B57AE785419A2 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:01:22.0822 0x167c Rasl2tp - ok
20:01:22.0868 0x167c [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan C:\Windows\System32\rasmans.dll
20:01:22.0880 0x167c RasMan - ok
20:01:22.0887 0x167c [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:01:22.0889 0x167c RasPppoe - ok
20:01:22.0895 0x167c [ 2B0F1677CDD08967005F34488559BC6F, FFF168EBD171C0B85A448AD1A04F66534E889AE1DC128F68EA3F35D5996C8D39 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:01:22.0897 0x167c RasSstp - ok
20:01:22.0936 0x167c [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:01:22.0944 0x167c rdbss - ok
20:01:22.0959 0x167c [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys
20:01:22.0960 0x167c rdpbus - ok
20:01:22.0991 0x167c [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
20:01:22.0995 0x167c RDPDR - ok
20:01:23.0010 0x167c [ 858776908AF838E3790F3261B799CDA6, 5BE4658540382D1B2F46E503CE175D74E3870FE492B8B8F37C3CFB34FF8E2DA8 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:01:23.0011 0x167c RdpVideoMiniport - ok
20:01:23.0045 0x167c [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:01:23.0050 0x167c rdyboost - ok
20:01:23.0098 0x167c [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS C:\Windows\system32\drivers\ReFS.sys
20:01:23.0114 0x167c ReFS - ok
20:01:23.0146 0x167c [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:01:23.0152 0x167c RemoteAccess - ok
20:01:23.0191 0x167c [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:01:23.0196 0x167c RemoteRegistry - ok
20:01:23.0234 0x167c [ 0527EF6E23B9FAB37DDCBC479C6CFA28, C004CE600074AC434F8B24A3383F8C0ACFA5476D9E3B1493B40911C78B028D64 ] RFCOMM C:\Windows\System32\drivers\rfcomm.sys
20:01:23.0239 0x167c RFCOMM - ok
20:01:23.0263 0x167c [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:01:23.0266 0x167c RpcEptMapper - ok
20:01:23.0287 0x167c [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator C:\Windows\system32\locator.exe
20:01:23.0288 0x167c RpcLocator - ok
20:01:23.0340 0x167c [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs C:\Windows\system32\rpcss.dll
20:01:23.0354 0x167c RpcSs - ok
20:01:23.0373 0x167c [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:01:23.0375 0x167c rspndr - ok
20:01:23.0409 0x167c [ 19764658C1468C2C0CEF133D28414A6B, 87AD4056F6C67052433A366B200B75613148B69B9B9D502AD926A7F7F037B8DE ] RTL8168 C:\Windows\system32\DRIVERS\Rt630x64.sys
20:01:23.0421 0x167c RTL8168 - ok
20:01:23.0467 0x167c [ 78CA6B333D92B3344AE6DC54013203A6, 368647BD2A737ECF079D8D1BEF3FFC379A563136FCCB0880861333B9EF150283 ] RTSPER C:\Windows\system32\DRIVERS\RtsPer.sys
20:01:23.0476 0x167c RTSPER - ok
20:01:23.0499 0x167c [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\Windows\System32\drivers\vms3cap.sys
20:01:23.0500 0x167c s3cap - ok
20:01:23.0521 0x167c [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs C:\Windows\system32\lsass.exe
20:01:23.0523 0x167c SamSs - ok
20:01:23.0552 0x167c [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:01:23.0555 0x167c sbp2port - ok
20:01:23.0584 0x167c [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:01:23.0589 0x167c SCardSvr - ok
20:01:23.0610 0x167c [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum C:\Windows\System32\ScDeviceEnum.dll
20:01:23.0613 0x167c ScDeviceEnum - ok
20:01:23.0630 0x167c [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:01:23.0632 0x167c scfilter - ok
20:01:23.0694 0x167c [ A95838FFFAEAA7500263D491575F7E0C, FEB79ECAE6D9AB0C29D9AFE12F60502A8357B3A382C0FACF4C6DA4852B6ECFA4 ] Schedule C:\Windows\system32\schedsvc.dll
20:01:23.0720 0x167c Schedule - ok
20:01:23.0752 0x167c [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc C:\Windows\System32\certprop.dll
20:01:23.0755 0x167c SCPolicySvc - ok
20:01:23.0806 0x167c [ FDEC5799BA499D18AFA3A540538866E7, 551EE0945FE4EC213FFF623E524500B57531EFEA2D76FA7ED1D2D605E7E2168F ] sdbus C:\Windows\System32\drivers\sdbus.sys
20:01:23.0813 0x167c sdbus - ok
20:01:23.0853 0x167c [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\Windows\System32\drivers\sdstor.sys
20:01:23.0855 0x167c sdstor - ok
20:01:23.0873 0x167c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:01:23.0874 0x167c secdrv - ok
20:01:23.0905 0x167c [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon C:\Windows\system32\seclogon.dll
20:01:23.0907 0x167c seclogon - ok
20:01:23.0915 0x167c [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS C:\Windows\System32\sens.dll
20:01:23.0917 0x167c SENS - ok
20:01:23.0935 0x167c [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:01:23.0940 0x167c SensrSvc - ok
20:01:23.0962 0x167c [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\Windows\system32\drivers\SerCx.sys
20:01:23.0964 0x167c SerCx - ok
20:01:23.0986 0x167c [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\Windows\system32\drivers\SerCx2.sys
20:01:23.0989 0x167c SerCx2 - ok
20:01:23.0994 0x167c [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\Windows\System32\drivers\serenum.sys
20:01:23.0995 0x167c Serenum - ok
20:01:24.0025 0x167c [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\Windows\System32\drivers\serial.sys
20:01:24.0028 0x167c Serial - ok
20:01:24.0032 0x167c [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse C:\Windows\System32\drivers\sermouse.sys
20:01:24.0033 0x167c sermouse - ok
20:01:24.0071 0x167c [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv C:\Windows\system32\sessenv.dll
20:01:24.0078 0x167c SessionEnv - ok
20:01:24.0088 0x167c [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\Windows\System32\drivers\sfloppy.sys
20:01:24.0089 0x167c sfloppy - ok
20:01:24.0122 0x167c [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:01:24.0132 0x167c SharedAccess - ok
20:01:24.0179 0x167c [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:01:24.0193 0x167c ShellHWDetection - ok
20:01:24.0214 0x167c [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
20:01:24.0215 0x167c SiSRaid2 - ok
20:01:24.0220 0x167c [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:01:24.0222 0x167c SiSRaid4 - ok
20:01:24.0230 0x167c [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost C:\Windows\System32\smphost.dll
20:01:24.0231 0x167c smphost - ok
20:01:24.0256 0x167c [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:01:24.0258 0x167c SNMPTRAP - ok
20:01:24.0293 0x167c [ 33977549C2CED09936E05BEE7659EAFF, EB95C72ED0EAC59A50E6882B2501049191A796542C42414FAF0028907C669B21 ] spaceport C:\Windows\system32\drivers\spaceport.sys
20:01:24.0303 0x167c spaceport - ok
20:01:24.0318 0x167c [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\Windows\system32\drivers\SpbCx.sys
20:01:24.0320 0x167c SpbCx - ok
20:01:24.0370 0x167c [ FE0CB40F36D3FCDD3A1B312EF72C38D5, 42EA50869752164764DFE8CE7E1C247BE8342A0C15F39158DC808E8A692C460F ] Spooler C:\Windows\System32\spoolsv.exe
20:01:24.0387 0x167c Spooler - ok
20:01:24.0581 0x167c [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\Windows\system32\sppsvc.exe
20:01:24.0750 0x167c sppsvc - ok
20:01:24.0798 0x167c [ 2B78788A1485F9B99A578A299DF42C02, A87183A9B13585C9E850437A45237105D39D7F3212ADB079D6AB430B67A59643 ] srv C:\Windows\system32\DRIVERS\srv.sys
20:01:24.0807 0x167c srv - ok
20:01:24.0864 0x167c [ FD163F487CBA9C98AFFEB546C80F49A2, 18DAAD173C0517F7BBF5D0C914302D98931E3BA6DAA36DC91D8DB0743EC40563 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:01:24.0878 0x167c srv2 - ok
20:01:24.0905 0x167c [ 716059F37BCCB1ABEDE99EBE82E8E362, 05F27B0FABBBC0E324F06D20ABEF51EDA3316C9F7F85C1AD24639CD6DE1BC8AC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:01:24.0911 0x167c srvnet - ok
20:01:24.0942 0x167c [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:01:24.0948 0x167c SSDPSRV - ok
20:01:24.0954 0x167c [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:01:24.0958 0x167c SstpSvc - ok
20:01:25.0006 0x167c [ 6E1A473DD2A4714EAF7D11E2315DF794, 4460546191072C7DF8B2E5A00577BA8E4FF5A1B2EA399DDF65EBE1AE4A5A5C84 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
20:01:25.0018 0x167c Steam Client Service - ok
20:01:25.0029 0x167c [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\Windows\system32\drivers\stexstor.sys
20:01:25.0030 0x167c stexstor - ok
20:01:25.0067 0x167c [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc C:\Windows\System32\wiaservc.dll
20:01:25.0081 0x167c stisvc - ok
20:01:25.0113 0x167c [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\Windows\system32\drivers\storahci.sys
20:01:25.0115 0x167c storahci - ok
20:01:25.0122 0x167c [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
20:01:25.0124 0x167c storflt - ok
20:01:25.0147 0x167c [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\Windows\system32\drivers\stornvme.sys
20:01:25.0149 0x167c stornvme - ok
20:01:25.0164 0x167c [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc C:\Windows\system32\storsvc.dll
20:01:25.0165 0x167c StorSvc - ok
20:01:25.0183 0x167c [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\Windows\system32\drivers\storvsc.sys
20:01:25.0185 0x167c storvsc - ok
20:01:25.0189 0x167c [ 03618F935379614837F915D04C45FC0E, 9CC0CBA7AFC58E7F921C13FA3F5269714F1F827535A311E11EA48689C4D539DE ] storvsp C:\Windows\System32\drivers\storvsp.sys
20:01:25.0191 0x167c storvsp - ok
20:01:25.0204 0x167c [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc C:\Windows\system32\svsvc.dll
20:01:25.0205 0x167c svsvc - ok
20:01:25.0222 0x167c [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum C:\Windows\System32\drivers\swenum.sys
20:01:25.0223 0x167c swenum - ok
20:01:25.0271 0x167c [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv C:\Windows\System32\swprv.dll
20:01:25.0286 0x167c swprv - ok
20:01:25.0322 0x167c [ 2CD7E4392A5E98FA1281B22F62A48E04, 6C0B0436C4BC2B083CEA0E22726A8855AF5FFD63FB9EF32CD82960AA9BEE0BE6 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
20:01:25.0334 0x167c SynTP - ok
20:01:25.0398 0x167c [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain C:\Windows\system32\sysmain.dll
20:01:25.0423 0x167c SysMain - ok
20:01:25.0463 0x167c [ D65B1C952AEB864C2BAC7A770B17ECCE, 3EFAAFFF73390D9CB660E0F42B305512396CF66ED06E4A20ED67E8722FB4355B ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
20:01:25.0470 0x167c SystemEventsBroker - ok
20:01:25.0498 0x167c [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\Windows\System32\TabSvc.dll
20:01:25.0502 0x167c TabletInputService - ok
20:01:25.0525 0x167c [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:01:25.0532 0x167c TapiSrv - ok
20:01:25.0626 0x167c [ 4B666AE119D2ADBAC816BEA7DB4D6881, FCF90241548B893B01CE016D1F0B3D1564B6A4B39ADFBAE077A52F5D8240C8C4 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:01:25.0677 0x167c Tcpip - ok
20:01:25.0734 0x167c [ 4B666AE119D2ADBAC816BEA7DB4D6881, FCF90241548B893B01CE016D1F0B3D1564B6A4B39ADFBAE077A52F5D8240C8C4 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:01:25.0774 0x167c TCPIP6 - ok
20:01:25.0798 0x167c [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:01:25.0799 0x167c tcpipreg - ok
20:01:25.0818 0x167c [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:01:25.0820 0x167c tdx - ok
20:01:25.0836 0x167c [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\Windows\System32\drivers\terminpt.sys
20:01:25.0837 0x167c terminpt - ok
20:01:25.0888 0x167c [ 2C77831737491F4D684D315B95C62883, 90A2574A281F19646CFCDA5FDF40063220058290D2D5523AD91B7E709EC36D3D ] TermService C:\Windows\System32\termsrv.dll
20:01:25.0910 0x167c TermService - ok
20:01:25.0918 0x167c [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes C:\Windows\system32\themeservice.dll
20:01:25.0921 0x167c Themes - ok
20:01:25.0955 0x167c [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER C:\Windows\system32\mmcss.dll
20:01:25.0957 0x167c THREADORDER - ok
20:01:25.0992 0x167c [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll
20:01:25.0999 0x167c TimeBroker - ok
20:01:26.0029 0x167c [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\Windows\system32\drivers\tpm.sys
20:01:26.0033 0x167c TPM - ok
20:01:26.0060 0x167c [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks C:\Windows\System32\trkwks.dll
20:01:26.0063 0x167c TrkWks - ok
20:01:26.0119 0x167c [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:01:26.0122 0x167c TrustedInstaller - ok
20:01:26.0153 0x167c [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:01:26.0155 0x167c TsUsbFlt - ok
20:01:26.0168 0x167c [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys
20:01:26.0170 0x167c TsUsbGD - ok
20:01:26.0191 0x167c [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:01:26.0194 0x167c tunnel - ok
20:01:26.0207 0x167c [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:01:26.0209 0x167c uagp35 - ok
20:01:26.0224 0x167c [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\Windows\System32\drivers\uaspstor.sys
20:01:26.0226 0x167c UASPStor - ok
20:01:26.0254 0x167c [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000 C:\Windows\System32\drivers\ucx01000.sys
20:01:26.0259 0x167c UCX01000 - ok
20:01:26.0288 0x167c [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:01:26.0294 0x167c udfs - ok
20:01:26.0307 0x167c [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\Windows\System32\drivers\UEFI.sys
20:01:26.0309 0x167c UEFI - ok
20:01:26.0336 0x167c [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:01:26.0339 0x167c UI0Detect - ok
20:01:26.0355 0x167c [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:01:26.0357 0x167c uliagpkx - ok
20:01:26.0369 0x167c [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\Windows\System32\drivers\umbus.sys
20:01:26.0371 0x167c umbus - ok
20:01:26.0386 0x167c [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\Windows\System32\drivers\umpass.sys
20:01:26.0387 0x167c UmPass - ok
20:01:26.0414 0x167c [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService C:\Windows\System32\umrdp.dll
20:01:26.0421 0x167c UmRdpService - ok
20:01:26.0440 0x167c [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost C:\Windows\System32\upnphost.dll
20:01:26.0451 0x167c upnphost - ok
20:01:26.0482 0x167c [ 433ECDE01A52691FA7ACA51C10C09B70, B896296A3F8EF2AF3AC5F0091B9848156608586F1E10A95D70700BAB51E8062A ] usbccgp C:\Windows\System32\drivers\usbccgp.sys
20:01:26.0486 0x167c usbccgp - ok
20:01:26.0514 0x167c [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir C:\Windows\System32\drivers\usbcir.sys
20:01:26.0517 0x167c usbcir - ok
20:01:26.0541 0x167c [ 5477D6E27C7D266EF8C152B9A25ADE5E, FEE81677D284A78A0C0FB60F887A952CFC759AE78B01206D73F59FE33612C519 ] usbehci C:\Windows\System32\drivers\usbehci.sys
20:01:26.0543 0x167c usbehci - ok
20:01:26.0562 0x167c [ DF56C2C04EFA328D7A66B69007130266, 719316EB25A8C7B82C7941D1C5B964CC4EDA4A997732F481526DE7356F6FC0D8 ] usbhub C:\Windows\System32\drivers\usbhub.sys
20:01:26.0573 0x167c usbhub - ok
20:01:26.0614 0x167c [ CFC52C49BEFE4D70D87FFA900EAB9777, 09A2F5D8AB07C3AE3F2B092F4DD7AE5838736CDC263016F188B442B32EC928F8 ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys
20:01:26.0626 0x167c USBHUB3 - ok
20:01:26.0642 0x167c [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\Windows\System32\drivers\usbohci.sys
20:01:26.0643 0x167c usbohci - ok
20:01:26.0646 0x167c [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\Windows\System32\drivers\usbprint.sys
20:01:26.0648 0x167c usbprint - ok
20:01:26.0689 0x167c [ EA23453240137F6773174E0D93F61A69, 579AD09FB428C2BB8B4055128620A7AADD1B606C1EA44B87A01D69A84232A5D9 ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS
20:01:26.0693 0x167c USBSTOR - ok
20:01:26.0720 0x167c [ BA4FA655E0FC577DB7436FC963932CE4, 3336FDECD4AEC6B316D4C0803E22A12719EBEDD1A9427C0DF5D3B263BE600EE6 ] usbuhci C:\Windows\System32\drivers\usbuhci.sys
20:01:26.0722 0x167c usbuhci - ok
20:01:26.0754 0x167c [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
20:01:26.0759 0x167c usbvideo - ok
20:01:26.0791 0x167c [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS
20:01:26.0800 0x167c USBXHCI - ok
20:01:26.0810 0x167c [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc C:\Windows\system32\lsass.exe
20:01:26.0811 0x167c VaultSvc - ok
20:01:26.0825 0x167c [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:01:26.0827 0x167c vdrvroot - ok
20:01:26.0887 0x167c [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds C:\Windows\System32\vds.exe
20:01:26.0914 0x167c vds - ok
20:01:26.0939 0x167c [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys
20:01:26.0943 0x167c VerifierExt - ok
20:01:27.0008 0x167c [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp C:\Windows\System32\drivers\vhdmp.sys
20:01:27.0023 0x167c vhdmp - ok
20:01:27.0038 0x167c [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\Windows\system32\drivers\viaide.sys
20:01:27.0039 0x167c viaide - ok
20:01:27.0073 0x167c [ 3CE922E34DB12D9F3C0EA856BC09687C, E50A1885FBC775E49614989ECFEA4ACBBDDA16AF459CC5361EED9E23CC7CD42C ] Vid C:\Windows\System32\drivers\Vid.sys
20:01:27.0078 0x167c Vid - ok
20:01:27.0088 0x167c [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus C:\Windows\system32\drivers\vmbus.sys
20:01:27.0091 0x167c vmbus - ok
20:01:27.0095 0x167c [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys
20:01:27.0096 0x167c VMBusHID - ok
20:01:27.0115 0x167c [ 68F8C26DEA2D42E8DEC0778943433C80, 81E8F9D62815F94952CEEABD0689473CC330F7890F66872DCD35A43C06ED33CD ] vmbusr C:\Windows\System32\drivers\vmbusr.sys
20:01:27.0118 0x167c vmbusr - ok
20:01:27.0159 0x167c [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
20:01:27.0171 0x167c vmicguestinterface - ok
20:01:27.0183 0x167c [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat C:\Windows\System32\ICSvc.dll
20:01:27.0192 0x167c vmicheartbeat - ok
20:01:27.0204 0x167c [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
20:01:27.0213 0x167c vmickvpexchange - ok
20:01:27.0226 0x167c [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv C:\Windows\System32\ICSvc.dll
20:01:27.0235 0x167c vmicrdv - ok
20:01:27.0247 0x167c [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown C:\Windows\System32\ICSvc.dll
20:01:27.0256 0x167c vmicshutdown - ok
20:01:27.0269 0x167c [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync C:\Windows\System32\ICSvc.dll
20:01:27.0278 0x167c vmictimesync - ok
20:01:27.0291 0x167c [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss C:\Windows\System32\ICSvc.dll
20:01:27.0300 0x167c vmicvss - ok
20:01:27.0326 0x167c [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:01:27.0328 0x167c volmgr - ok
20:01:27.0348 0x167c [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:01:27.0355 0x167c volmgrx - ok
20:01:27.0393 0x167c [ 4BB9BC49DEE1A319EC58274A7BBED663, 624491089623A5B68C01A6A000E60D450E8E467619ACEBB90C6FDED0CF670F95 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:01:27.0401 0x167c volsnap - ok
20:01:27.0417 0x167c [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci C:\Windows\System32\drivers\vpci.sys
20:01:27.0419 0x167c vpci - ok
20:01:27.0433 0x167c [ ADBE96C33D1A5BB1BBAF90B4BC84F523, 6E9C9ED3D51E4B6E494D42ECA6F824AD86D676C12C39BBE6B8BD96366BCB02DA ] vpcivsp C:\Windows\System32\drivers\vpcivsp.sys
20:01:27.0435 0x167c vpcivsp - ok
20:01:27.0443 0x167c [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:01:27.0446 0x167c vsmraid - ok
20:01:27.0505 0x167c [ E369C59F2C0852DDD090C07E0DDE0051, 4FAC94458EAAEED4F84A86FBAB8FBB332D0AF85BD528E63C0C058A2DA8E3011D ] VSS C:\Windows\system32\vssvc.exe
20:01:27.0535 0x167c VSS - ok
20:01:27.0561 0x167c [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys
20:01:27.0568 0x167c VSTXRAID - ok
20:01:27.0604 0x167c [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
20:01:27.0605 0x167c vwifibus - ok
20:01:27.0617 0x167c [ 6B26AD573CCDD5209DF4397438B76354, 2C8AC314EC471F6D8B0B12D49D621360A10DCADA7C52E73596730C954FF89FCF ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:01:27.0619 0x167c vwififlt - ok
20:01:27.0639 0x167c [ 0B48E0DFB44EE475F4FD8A8EE599AF30, 28271D4CA0C642304CD8826A3D514F44E3391F9D6D07A1595BB30CE65E7E3494 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
20:01:27.0640 0x167c vwifimp - ok
20:01:27.0669 0x167c [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time C:\Windows\system32\w32time.dll
20:01:27.0679 0x167c W32Time - ok
20:01:27.0693 0x167c [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\Windows\System32\drivers\wacompen.sys
20:01:27.0694 0x167c WacomPen - ok
20:01:27.0699 0x167c [ AFCD4054D61BD708B82991348ED1C763, EBDAC0E218F1DFC405DB3C8A2F014D20A17B0690EA381C750BED5C2AFCDFEBE3 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
20:01:27.0701 0x167c Wanarp - ok
20:01:27.0705 0x167c [ AFCD4054D61BD708B82991348ED1C763, EBDAC0E218F1DFC405DB3C8A2F014D20A17B0690EA381C750BED5C2AFCDFEBE3 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:01:27.0706 0x167c Wanarpv6 - ok
20:01:27.0776 0x167c [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine C:\Windows\system32\wbengine.exe
20:01:27.0807 0x167c wbengine - ok
20:01:27.0845 0x167c [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:01:27.0855 0x167c WbioSrvc - ok
20:01:27.0888 0x167c [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc C:\Windows\System32\wcmsvc.dll
20:01:27.0896 0x167c Wcmsvc - ok
20:01:27.0942 0x167c [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:01:27.0952 0x167c wcncsvc - ok
20:01:27.0974 0x167c [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:01:27.0976 0x167c WcsPlugInService - ok
20:01:28.0008 0x167c [ F5D4FA3E1F4879C361FFF3855259D2C2, 48C60FE4AAB011E2250157506FF0624031BFA346F8F2F8C6DFDF6F3CAA4F3F42 ] WdBoot C:\Windows\system32\drivers\WdBoot.sys
20:01:28.0009 0x167c WdBoot - ok
20:01:28.0055 0x167c [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:01:28.0072 0x167c Wdf01000 - ok
20:01:28.0096 0x167c [ 019CC610AD95FF47EAD7C08B7A683B96, BB9D42F8ED90ECA2E7B8C906E06A1EA859FAD9BD1B3492BB1E28C0D00004812A ] WdFilter C:\Windows\system32\drivers\WdFilter.sys
20:01:28.0101 0x167c WdFilter - ok
20:01:28.0131 0x167c [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:01:28.0134 0x167c WdiServiceHost - ok
20:01:28.0137 0x167c [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:01:28.0140 0x167c WdiSystemHost - ok
20:01:28.0161 0x167c [ 6CC1BB8F6851A262E2E824F0E92D5EEF, 45A88A984179BBA38C1F4434C4D6C2823C1FE6AFBE8CB0F656DAE0092D1D5611 ] WdNisDrv C:\Windows\system32\Drivers\WdNisDrv.sys
20:01:28.0164 0x167c WdNisDrv - ok
20:01:28.0182 0x167c WdNisSvc - ok
20:01:28.0213 0x167c [ 6588A957873326361AB1CAC4E76F8394, BE17880CEDCAE5ED3B983443E3777842646A3E48B661422A717656E11F6DBA94 ] WebClient C:\Windows\System32\webclnt.dll
20:01:28.0219 0x167c WebClient - ok
20:01:28.0235 0x167c [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc C:\Windows\system32\wecsvc.dll
20:01:28.0240 0x167c Wecsvc - ok
20:01:28.0251 0x167c [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC C:\Windows\system32\wephostsvc.dll
20:01:28.0253 0x167c WEPHOSTSVC - ok
20:01:28.0285 0x167c [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:01:28.0288 0x167c wercplsupport - ok
20:01:28.0316 0x167c [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc C:\Windows\System32\WerSvc.dll
20:01:28.0319 0x167c WerSvc - ok
20:01:28.0354 0x167c [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS C:\Windows\system32\DRIVERS\wfplwfs.sys
20:01:28.0357 0x167c WFPLWFS - ok
20:01:28.0378 0x167c [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc C:\Windows\System32\wiarpc.dll
20:01:28.0380 0x167c WiaRpc - ok
20:01:28.0403 0x167c [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:01:28.0404 0x167c WIMMount - ok
20:01:28.0406 0x167c WinDefend - ok
20:01:28.0449 0x167c [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
20:01:28.0466 0x167c WinHttpAutoProxySvc - ok
20:01:28.0515 0x167c [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:01:28.0520 0x167c Winmgmt - ok
20:01:28.0611 0x167c [ C8D6344BDE2691A196E61C0D3372EAB7, FF8EB79D8A7E298343C22B83276FF68293D08A9DA438BB22600BEFC4CA93A91D ] WinRM C:\Windows\system32\WsmSvc.dll
20:01:28.0663 0x167c WinRM - ok
20:01:28.0743 0x167c [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:01:28.0746 0x167c WinUsb - ok
20:01:28.0810 0x167c [ EF252510DB6C3511E30418BD2AC95A2D, 75B496F5C611129D9D19B382503830FDB0E2E61D4880D2821AE381DF578C5E56 ] WlanSvc C:\Windows\System32\wlansvc.dll
20:01:28.0841 0x167c WlanSvc - ok
20:01:28.0906 0x167c [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc C:\Windows\system32\wlidsvc.dll
20:01:28.0939 0x167c wlidsvc - ok
20:01:28.0968 0x167c [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys
20:01:28.0969 0x167c WmiAcpi - ok
20:01:29.0002 0x167c [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:01:29.0006 0x167c wmiApSrv - ok
20:01:29.0035 0x167c [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\Windows\system32\drivers\Wof.sys
20:01:29.0038 0x167c Wof - ok
20:01:29.0105 0x167c [ 5071E71CC05346D88C5A08EB8B5A05E3, EA2B14130EDD1846B2E25D310B0D49253CFB43C22D3DC7B3179DF7349CC4AEFB ] workfolderssvc C:\Windows\system32\workfolderssvc.dll
20:01:29.0137 0x167c workfolderssvc - ok
20:01:29.0170 0x167c [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys
20:01:29.0172 0x167c wpcfltr - ok
20:01:29.0194 0x167c [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:01:29.0196 0x167c WPCSvc - ok
20:01:29.0206 0x167c [ D27491CFCE452C154CECFA155AD0EBC8, 1F3F74C253E3B07DE7EFE27C34DD9AF08617C7B03BB44C2902F69BA9DA3F21F2 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:01:29.0209 0x167c WPDBusEnum - ok
20:01:29.0227 0x167c [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys
20:01:29.0229 0x167c WpdUpFltr - ok
20:01:29.0238 0x167c [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:01:29.0239 0x167c ws2ifsl - ok
20:01:29.0258 0x167c [ 9654DE19551093CD73874281E1573C94, 5E3513EC0CB180D90904BE8970AB64A4434279E8C467AE2CF693254E47B1D11E ] wscsvc C:\Windows\System32\wscsvc.dll
20:01:29.0262 0x167c wscsvc - ok
20:01:29.0265 0x167c WSearch - ok
20:01:29.0390 0x167c [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService C:\Windows\System32\WSService.dll
20:01:29.0506 0x167c WSService - ok
20:01:29.0621 0x167c [ 7E609FBF50774CC5A239420FE34EBB9C, 69B643B11717D51BC5D3F1CDE47D4C9E198AB8D9160C852DBE9B940E40AD8A57 ] wuauserv C:\Windows\system32\wuaueng.dll
20:01:29.0725 0x167c wuauserv - ok
20:01:29.0752 0x167c [ 2FEAE33E9B2B56104596E1BA444405A9, 0A142F50E06F6224B9CB36B3CE62BE0B36DE8B8DB9F9E05D287DFB884CC7826E ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:01:29.0755 0x167c WudfPf - ok
20:01:29.0769 0x167c [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys
20:01:29.0774 0x167c WUDFRd - ok
20:01:29.0803 0x167c [ BB73CBC65AABC4EA0A5C6A1474A0A743, D644B3C6A7202CADDADB3B68FE1B2A7C76B023FE58F667EED4D538C1F4A65D64 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:01:29.0806 0x167c wudfsvc - ok
20:01:29.0814 0x167c [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFWpdComp C:\Windows\system32\DRIVERS\WUDFRd.sys
20:01:29.0818 0x167c WUDFWpdComp - ok
20:01:29.0825 0x167c [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFWpdFs C:\Windows\system32\DRIVERS\WUDFRd.sys
20:01:29.0829 0x167c WUDFWpdFs - ok
20:01:29.0835 0x167c [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFWpdMtp C:\Windows\system32\DRIVERS\WUDFRd.sys
20:01:29.0839 0x167c WUDFWpdMtp - ok
20:01:29.0861 0x167c [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc C:\Windows\System32\wwansvc.dll
20:01:29.0872 0x167c WwanSvc - ok
20:01:29.0881 0x167c ================ Scan global ===============================
20:01:29.0910 0x167c [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\Windows\system32\basesrv.dll
20:01:29.0939 0x167c [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\Windows\system32\winsrv.dll
20:01:29.0971 0x167c [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\Windows\system32\sxssrv.dll
20:01:30.0005 0x167c [ 067CB90C277DB4A737D5DEABA3055972, C681BF013170F2D92A3FC4D783FC3F200CDC0C8173373B7ECC27FCF32A03CCBD ] C:\Windows\system32\services.exe
20:01:30.0013 0x167c [ Global ] - ok
20:01:30.0013 0x167c ================ Scan MBR ==================================
20:01:30.0029 0x167c [ EA923EB0EC0060F1451E9AD7B5762CFE ] \Device\Harddisk0\DR0
20:01:30.0146 0x167c \Device\Harddisk0\DR0 - ok
20:01:30.0146 0x167c ================ Scan VBR ==================================
20:01:30.0148 0x167c [ 26CFE17F5E9D715BE4E4D43900D8CB4B ] \Device\Harddisk0\DR0\Partition1
20:01:30.0219 0x167c \Device\Harddisk0\DR0\Partition1 - ok
20:01:30.0220 0x167c [ DE5485E6E1C159389D0A8889740EF6BC ] \Device\Harddisk0\DR0\Partition2
20:01:30.0287 0x167c \Device\Harddisk0\DR0\Partition2 - ok
20:01:30.0289 0x167c [ 161E79A458058D92A000DF77F044F2C6 ] \Device\Harddisk0\DR0\Partition3
20:01:30.0312 0x167c \Device\Harddisk0\DR0\Partition3 - ok
20:01:30.0333 0x167c [ FC226AE903023C09DAF3DBD4D95CB829 ] \Device\Harddisk0\DR0\Partition4
20:01:30.0341 0x167c \Device\Harddisk0\DR0\Partition4 - ok
20:01:30.0359 0x167c [ 1B32EE7A12CAFD5099A27B5DB8A2B8EF ] \Device\Harddisk0\DR0\Partition5
20:01:30.0360 0x167c \Device\Harddisk0\DR0\Partition5 - ok
20:01:30.0360 0x167c ================ Scan generic autorun ======================
20:01:30.0414 0x167c [ ED77575498921FE61B53A5EBB1F4136B, C52D3451F34E5115A1AAA424DC8F0A7A2AA3468726BA1873F0BCCFE1480FCB57 ] C:\Windows\system32\igfxtray.exe
20:01:30.0422 0x167c IgfxTray - ok
20:01:30.0462 0x167c [ F31985811DD87B61708B0E8484E88216, A61C4B48AFF70455FBD989FBAC3C9CF8C4C1425CF1F94296660036CF6E0E2B04 ] C:\Windows\system32\hkcmd.exe
20:01:30.0479 0x167c HotKeysCmds - ok
20:01:30.0513 0x167c [ C89C68961854E7A67946BE47D44EFAF4, 954EE4BF56F9602B6275B6F852BBB5F739147B3D1395AC07A02BDE0027828CFF ] C:\Windows\system32\igfxpers.exe
20:01:30.0528 0x167c Persistence - ok
20:01:30.0626 0x167c [ E7782EB41AF6060A835A1991122D22F2, 5A8C841FCBD8067FC86B815050C00D9CE9936727081638852BBE531859D5049C ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
20:01:30.0648 0x167c StartCCC - ok
20:01:30.0712 0x167c [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
20:01:30.0731 0x167c Adobe ARM - ok
20:01:30.0813 0x167c [ 1C10324F2D829B2820B8E626F5CA9445, 37BE9A93E1F2D46557567EED9F3BE6B4ED3C74A0C7F75FFAA72685426FAD50BB ] C:\Program Files (x86)\Steam\steam.exe
20:01:30.0840 0x167c Steam - ok
20:01:31.0168 0x167c [ C835EF01EC83433477DF9C37224EBEAF, 052A4325FB3DD342B4E6E1E2880666BEAFAE119E56D2649D23C331AAC209CD6F ] C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
20:01:31.0441 0x167c TeamSpeak 3 Client - ok
20:01:31.0525 0x167c [ 2A3FB4C98F139038E23330D2439DB8A4, DE9253AD362B03FA5D3D4912662398E5C4AC76F7274B83E51C251A6921A5B838 ] C:\Users\lin\AppData\Local\Facebook\Update\FacebookUpdate.exe
20:01:31.0528 0x167c Facebook Update - ok
20:01:31.0528 0x167c Waiting for KSN requests completion. In queue: 63
20:01:32.0530 0x167c Waiting for KSN requests completion. In queue: 63
20:01:33.0530 0x167c Waiting for KSN requests completion. In queue: 63
20:01:34.0628 0x167c AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.5.218.0 ), 0x60100 ( disabled : updated )
20:01:34.0650 0x167c Win FW state via NFP2: disabled
20:01:37.0090 0x167c ============================================================
20:01:37.0090 0x167c Scan finished
20:01:37.0090 0x167c ============================================================
20:01:37.0101 0x1254 Detected object count: 0
20:01:37.0101 0x1254 Actual detected object count: 0
20:02:12.0079 0x17e4 Deinitialize success

[Orcus]

Chybí log z Rogukilleru a v MBAM proveď nový sken + dodej log.

[lin]

Nechá se k logu z RogueKilleru ještě nějak dostat?

[Orcus]

Pokud ho nemáš, proveď novej sken a uvidíme, co to najde.

[lin]

MbAM
Malwarebytes Anti-Malware
http://www.malwarebytes.org

Datum skenování: 2. 7. 2014
Èas skenování: 22:57:41
Protokol: a.txt
Správce: Ano

Verze: 2.00.2.1012
Databáze malwaru: v2014.07.02.05
Databáze rootkitù: v2014.07.01.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Self-protection: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: lin

Typ skenu: Sken hrozeb
Výsledek: Dokonèeno
Prohledaných objektù: 292241
Uplynulý èas: 8 min, 7 sek

Pamì: Zapnuto
Po spuštìní: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristics: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(No malicious items detected)

Moduly: 0
(No malicious items detected)

Klíèe registru: 0
(No malicious items detected)

Hodnoty registru: 0
(No malicious items detected)

Data registru: 0
(No malicious items detected)

Složky: 0
(No malicious items detected)

Soubory: 0
(No malicious items detected)

Fyzické sektory: 0
(No malicious items detected)


(end)

RogueKiller
RogueKiller V9.1.0.0 (x64) [Jun 23 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 8.1 (6.3.9200 ) 64 bits version
Spuštěno v : Normální režim
Uživatel : lin [Práva správce]
Mód : Odebrat -- Datum : 07/02/2014 23:12:59

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 4 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 -> NAHRAZENO ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.138 -> NAHRAZENO ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{BC89D970-1800-40C7-AB71-9D3FF0A4F5C0} | DhcpNameServer : 10.0.0.138 -> NAHRAZENO ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{BC89D970-1800-40C7-AB71-9D3FF0A4F5C0} | DhcpNameServer : 10.0.0.138 -> NAHRAZENO ()

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 6 ¤¤¤
[CHROME:Addon] Default : Google Docs [aohghmighlieiainnegkcijnfilokake] -> VYMAZÁNO
[CHROME:Addon] Default : Google Drive [apdfllckaahabafndbhieahigkjlhalf] -> ERROR [2]
[CHROME:Addon] Default : YouTube [blpcfgokakmgnkcojhhkbfbldkacnbeo] -> ERROR [2]
[CHROME:Addon] Default : Google Search [coobgpohoikkiipiblmjeljniedjpjpf] -> ERROR [2]
[CHROME:Addon] Default : Google Wallet [nmmhkkegccagdldgiimedpiccmgmieda] -> ERROR [2]
[CHROME:Addon] Default : Gmail [pjkljhegncpnkpknbcohdijeoejaedia] -> ERROR [2]

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: HGST HTS541010A9E680 +++++
--- User ---
[MBR] ae8bb51fcefdaa132fa7a1d71d5f82fe
[BSP] 151cba4d3034a90e88bdadea54f59444 : Linux MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 350 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 718848 | Size: 204451 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 419434496 | Size: 626276 MB
3 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 1702049790 | Size: 122789 MB
User = LL1 ... OK
User = LL2 ... OK


============================================
RKreport_DEL_07022014_195713.log - RKreport_SCN_07022014_122256.log - RKreport_SCN_07022014_195439.log - RKreport_SCN_07022014_231120.log

[Orcus]

Všechny 3 logy OK. Co problémy?

[lin]

Řekl bych, že je vše v pohodě. Moc krát děkuji za pomoc. Ještě bych měl jeden dotaz. Postup uváděný výše je obecně platný, nebo se liší dle toho, co odhalí logy?