Prosím o kontrolu logu Vyřešeno

[akiller]

Hezký den, prosím o preventivní kontrolu logu

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:47:07, on 27.2.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16518)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\VideoLAN\VLC\vlc.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Mozilla Firefox\firefox.exe
G:\Instalačky\Správa počítače\HijackThis.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe

O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKCU\..\Run: [Cookienator] "C:\Program Files\Cookienator\cookienator.exe" /auto
O4 - HKCU\..\Run: [BitTorrent] "C:\Users\Petr\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{C6846616-3E73-45D0-840E-DAE156DADA32}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CS2\Services\Tcpip\..\{C6846616-3E73-45D0-840E-DAE156DADA32}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CS3\Services\Tcpip\..\{C6846616-3E73-45D0-840E-DAE156DADA32}: NameServer = 8.26.56.26,156.154.70.22
O20 - AppInit_DLLs: C:\Windows\System32\guard32.dll C:\Windows\system32\guard32.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences\FencesMenu.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FreemakeVideoCapture - Ellora Assets Corp. - C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

--
End of file - 5523 bytes

[Reklama]

[jaro3]

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.


Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode)

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Pokud budou problémy , spusť v nouz. režimu.

[akiller]

Zde je první log:

# AdwCleaner v3.020 - Report created 27/02/2014 at 19:04:56
# Updated 27/02/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Petr - INTEL
# Running from : C:\Users\Petr\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Found C:\Program Files\GreenTree Applications
Folder Found C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FirstRowSportApp.com
Folder Found C:\Users\Petr\AppData\Roaming\OpenCandy

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Key Found : HKLM\Software\caphyon
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F674F3C3-DBC8-4B57-A224-7D5677BFEA86}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16518


-\\ Mozilla Firefox v27.0.1 (cs)

[ File : C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\j8ivwl1h.default\prefs.js ]


-\\ Google Chrome v33.0.1750.117

[ File : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R2].txt - [1244 octets] - [27/02/2014 19:04:56]

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [1304 octets] ##########

[akiller]

A tady je druhý log:

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2014.02.27.07

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.16518
Petr :: INTEL [administrátor]

27.2.2014 19:10:03
MBAM-log-2014-02-27 (19-20-17).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 235868
Uplynulý čas: 9 minut, 19 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 2
HKCU\Software\InstallCore\1I1T1Q1S (PUP.Optional.InstallCore.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 1
HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Data: 0M2P0U0F0B1O1O1G -> Nebyla provedena žádná instrukce.

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 3
C:\Users\Petr\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\Petr\AppData\Roaming\OpenCandy\A9C61D2B890D4F5EAD685529FBE44CA4 (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\Petr\AppData\Roaming\OpenCandy\CCB11876644048ECBB68AD697CDC489F (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.

Nalezené soubory: 3
C:\Users\Petr\AppData\Roaming\OpenCandy\A9C61D2B890D4F5EAD685529FBE44CA4\Mobogenie_Setup_2.1.37_507.exe (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
C:\Users\Petr\AppData\Roaming\OpenCandy\A9C61D2B890D4F5EAD685529FBE44CA4\Setup507_p1v4.exe (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
C:\Users\Petr\AppData\Roaming\OpenCandy\CCB11876644048ECBB68AD697CDC489F\avg_tuht_stf_cs_2014_206_CZ.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.

(konec)

[jaro3]

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Vymazat-Clean“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

. spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujisti se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Můžeš sem pak vložit nový log z MbAM.

Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

[akiller]

Zde je log z Adw Cleaner: (p.s.: objevil se sám po restartu PC)

# AdwCleaner v3.020 - Report created 28/02/2014 at 12:29:27
# Updated 27/02/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Petr - INTEL
# Running from : C:\Users\Petr\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\GreenTree Applications
Folder Deleted : C:\Users\Petr\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FirstRowSportApp.com

***** [ Shortcuts ] *****


***** [ Registry ] *****

[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F674F3C3-DBC8-4B57-A224-7D5677BFEA86}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKLM\Software\caphyon

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16518


-\\ Mozilla Firefox v27.0.1 (cs)

[ File : C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\j8ivwl1h.default\prefs.js ]


-\\ Google Chrome v33.0.1750.117

[ File : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R2].txt - [1384 octets] - [27/02/2014 19:04:56]
AdwCleaner[R3].txt - [1444 octets] - [28/02/2014 12:23:47]
AdwCleaner[S1].txt - [1389 octets] - [28/02/2014 12:29:27]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1449 octets] ##########

[akiller]

Zde je log z JRT. Fakt to trvalo dlouho

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Home Premium x86
Ran by Petr on p  28.02.2014 at 12:46:26,86
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Petr\AppData\Roaming\mozilla\firefox\profiles\j8ivwl1h.default\minidumps [3 files]



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Petr\appdata\local\Google\Chrome\User Data\Default\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p  28.02.2014 at 16:30:22,64
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[akiller]

Zde je log z MBAM:

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2014.02.28.08

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.16518
Petr :: INTEL [administrátor]

28.2.2014 17:08:35
mbam-log-2014-02-28 (17-08-35).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 236340
Uplynulý čas: 6 minut, 21 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

[akiller]

A tady je log z Rogue Killer:

RogueKiller V8.8.10 [Feb 28 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Petr [Práva správce]
Mód : Kontrola -- Datum : 02/28/2014 17:25:59
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 5 ¤¤¤
[DNS][PUM] HKLM\[...]\CCSet\[...]\{C6846616-3E73-45D0-840E-DAE156DADA32} : NameServer (8.26.56.26,156.154.70.22 [UNITED STATES (US) - PHILIPPINES (PH)]) -> NALEZENO
[DNS][PUM] HKLM\[...]\CS002\[...]\{C6846616-3E73-45D0-840E-DAE156DADA32} : NameServer (8.26.56.26,156.154.70.22 [UNITED STATES (US) - PHILIPPINES (PH)]) -> NALEZENO
[DNS][PUM] HKLM\[...]\CS003\[...]\{C6846616-3E73-45D0-840E-DAE156DADA32} : NameServer (8.26.56.26,156.154.70.22 [UNITED STATES (US) - PHILIPPINES (PH)]) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] IRP[IRP_MJ_CREATE] : C:\Windows\System32\drivers\mountmgr.sys -> HOOKED (Unknown @ 0x85F2D1E8)
[Address] IRP[IRP_MJ_CLOSE] : C:\Windows\System32\drivers\mountmgr.sys -> HOOKED (Unknown @ 0x85F2D1E8)
[Address] IRP[IRP_MJ_DEVICE_CONTROL] : C:\Windows\System32\drivers\mountmgr.sys -> HOOKED (Unknown @ 0x85F2D1E8)
[Address] IRP[IRP_MJ_INTERNAL_DEVICE_CONTROL] : C:\Windows\System32\drivers\mountmgr.sys -> HOOKED (Unknown @ 0x85F2D1E8)
[Address] IRP[IRP_MJ_POWER] : C:\Windows\System32\drivers\mountmgr.sys -> HOOKED (Unknown @ 0x85F2D1E8)
[Address] IRP[IRP_MJ_SYSTEM_CONTROL] : C:\Windows\System32\drivers\mountmgr.sys -> HOOKED (Unknown @ 0x85F2D1E8)
[Address] IRP[IRP_MJ_PNP] : C:\Windows\System32\drivers\mountmgr.sys -> HOOKED (Unknown @ 0x85F2D1E8)
[Inline] EAT @explorer.exe (@Classes@TFiler@) : rtl150.bpl -> HOOKED (Unknown @ 0x3059296C)
[Inline] EAT @explorer.exe (@Classes@TReader@) : rtl150.bpl -> HOOKED (Unknown @ 0xB45933BC)
[Inline] EAT @explorer.exe (@Classes@TStreamWriter@) : rtl150.bpl -> HOOKED (Unknown @ 0x54599FB5)
[Inline] EAT @explorer.exe (@Comobj@TAutoObjectEvent@) : rtl150.bpl -> HOOKED (Unknown @ 0xDC5BB8A4)
[Inline] EAT @explorer.exe (@Msxml@IID_ISAXEntityResolver) : rtl150.bpl -> HOOKED (Unknown @ 0x1FB8BAB5)
[Inline] EAT @explorer.exe (@System@ExceptionClass) : rtl150.bpl -> HOOKED (Unknown @ 0xDD6A1039)
[Inline] EAT @explorer.exe (@Wincodec@CATID_WICFormatConverters) : rtl150.bpl -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x6490FC7F)
[Inline] EAT @explorer.exe (@Controls@TCustomTouchManager@) : vcl150.bpl -> HOOKED (Unknown @ 0x34772A44)
[Inline] EAT @explorer.exe (@Controls@TDockTree@) : vcl150.bpl -> HOOKED (Unknown @ 0xC0779121)
[Inline] EAT @explorer.exe (@Controls@TTouchManager@) : vcl150.bpl -> HOOKED (Unknown @ 0x34772FF8)
[Inline] EAT @explorer.exe (@Jclmath@Catalan) : Jcl150.bpl -> HOOKED (Unknown @ 0x00BF2040)
[Inline] EAT @explorer.exe (@Jclmath@Cbrt3) : Jcl150.bpl -> HOOKED (Unknown @ 0x90B1D717)
[Inline] EAT @explorer.exe (@Jclmath@LnPi) : Jcl150.bpl -> HOOKED (Unknown @ 0xCA671DA3)
[Inline] EAT @explorer.exe (@Jclmath@Log3) : Jcl150.bpl -> HOOKED (Unknown @ 0x84D25F65)
[Inline] EAT @explorer.exe (@Jclsimplexml@TJclSimpleXMLProps@) : Jcl150.bpl -> HOOKED (Unknown @ 0x4858BACA)
[Inline] EAT @explorer.exe (@Jclstructstorage@UnitVersioning) : Jcl150.bpl -> HOOKED (Unknown @ 0xF469DFA7)
[Inline] EAT @explorer.exe (@Jclwin32@RtdlNetGroupAdd) : Jcl150.bpl -> HOOKED (Unknown @ 0x3467D32D)
[Inline] EAT @explorer.exe (@Mscorlib_tlb@CLASS_AsymmetricSignatureDeformatter) : Jcl150.bpl -> HOOKED (Unknown @ 0x269C6902)
[Inline] EAT @explorer.exe (@Mscorlib_tlb@CLASS_Buffer) : Jcl150.bpl -> HOOKED (Unknown @ 0x8313E316)
[Inline] EAT @explorer.exe (@Mscorlib_tlb@CLASS_CaseInsensitiveComparer) : Jcl150.bpl -> HOOKED (Unknown @ 0x6C9E7D34)
[Inline] EAT @explorer.exe (@Mscorlib_tlb@CLASS_FileNotFoundException) : Jcl150.bpl -> HOOKED (Unknown @ 0xEB14FC04)
[Inline] EAT @explorer.exe (@Mscorlib_tlb@CLASS_JulianCalendar) : Jcl150.bpl -> HOOKED (Unknown @ 0x607DE6A9)
[Inline] EAT @explorer.exe (@Mscorlib_tlb@CLASS_PKCS1MaskGenerationMethod) : Jcl150.bpl -> HOOKED (Unknown @ 0x5E0E5459)
[Inline] EAT @explorer.exe (@Mscorlib_tlb@CLASS_ProgIdAttribute) : Jcl150.bpl -> HOOKED (Unknown @ 0x64693527)
[Inline] EAT @explorer.exe (@Mscorlib_tlb@CLASS_SHA384) : Jcl150.bpl -> HOOKED (Unknown @ 0x062DADDF)
[Inline] EAT @explorer.exe (@Mscorlib_tlb@CLASS_SoapDateTime) : Jcl150.bpl -> HOOKED (Unknown @ 0x886A688F)
[Inline] EAT @explorer.exe (@Mscorlib_tlb@IID_IChannel) : Jcl150.bpl -> HOOKED (Unknown @ 0xB577C87E)
[Inline] EAT @explorer.exe (@Mscorlib_tlb@IID__BitConverter) : Jcl150.bpl -> HOOKED (Unknown @ 0xD97E4C5E)
[Inline] EAT @explorer.exe (@Mscorlib_tlb@IID__CryptographicException) : Jcl150.bpl -> HOOKED (Unknown @ 0xFA6AC5AF)
[Inline] EAT @explorer.exe (@Mscorlib_tlb@IID__CustomAttributeBuilder) : Jcl150.bpl -> HOOKED (Unknown @ 0x47E035A9)
[Inline] EAT @explorer.exe (@Mscorlib_tlb@IID__ExternalException) : Jcl150.bpl -> HOOKED (Unknown @ 0x70C9C911)
[Inline] EAT @explorer.exe (@Mscorlib_tlb@IID__IsolatedStorageFilePermission) : Jcl150.bpl -> HOOKED (Unknown @ 0x292E9B90)
[Inline] EAT @explorer.exe (@Mscorlib_tlb@IID__Pointer) : Jcl150.bpl -> HOOKED (Unknown @ 0x03125CDC)
[Inline] EAT @explorer.exe (@Mscorlib_tlb@IID__RegionInfo) : Jcl150.bpl -> HOOKED (Unknown @ 0xD76F9F58)
[Inline] EAT @explorer.exe (@Mscorlib_tlb@IID__SiteIdentityPermission) : Jcl150.bpl -> HOOKED (Unknown @ 0x4E9A9BCB)
[Inline] EAT @explorer.exe (@Mscorlib_tlb@IID__ThaiBuddhistCalendar) : Jcl150.bpl -> HOOKED (Unknown @ 0xA3E88D47)

¤¤¤ Externí včelstvo: ¤¤¤
-> D:\windows\system32\config\SYSTEM | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\windows\system32\config\SOFTWARE | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\windows\system32\config\SECURITY | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\windows\system32\config\SAM | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\windows\system32\config\DEFAULT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\Documents and Settings\Default User\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\Documents and Settings\LocalService\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\Documents and Settings\NetworkService\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\Documents and Settings\UpdatusUser\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\Documents and Settings\uzivatel\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
[...]


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST1000DL002-9TT153 ATA Device +++++
--- User ---
[MBR] 2e92f243d9cda3df34ee8b0f7197a587
[BSP] 6ea2a0a3240d75624aa44b632b008c0d : Empty MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 250003 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 512007615 | Size: 703863 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) ST3320620AS ATA Device +++++
--- User ---
[MBR] 3d587ea86aab753af1ae05276d8313d8
[BSP] 84ca8f005dac36c956db86d60d557f65 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 149997 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 307195904 | Size: 155245 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_02282014_172559.txt >>

[jaro3]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

@echo off
del /q /a /f %systemroot%\system32\drivers\etc\hosts 2>nul
echo 127.0.0.1 localhost>>%systemroot%\system32\drivers\etc\hosts
exit


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:zev souboru: zde napiš: FixHosts.bat
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Poklepáním na soubor ho spusť.

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků

[akiller]

Zde je log z Rogue Killer:

RogueKiller V8.8.10 [Feb 28 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Petr [Práva správce]
Mód : Odebrat -- Datum : 02/28/2014 20:14:06
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 2 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Inline] EAT @explorer.exe (@Classes@TFiler@) : rtl150.bpl -> HOOKED (Unknown @ 0x3059296C)
[Inline] EAT @explorer.exe (@Classes@TReader@) : rtl150.bpl -> HOOKED (Unknown @ 0xB45933BC)
[Inline] EAT @explorer.exe (@Classes@TStreamWriter@) : rtl150.bpl -> HOOKED (Unknown @ 0x54599FB5)
[Inline] EAT @explorer.exe (@Comobj@TAutoObjectEvent@) : rtl150.bpl -> HOOKED (Unknown @ 0xDC5BB8A4)
[Inline] EAT @explorer.exe (@Msxml@IID_ISAXEntityResolver) : rtl150.bpl -> HOOKED (Unknown @ 0x1FB8BAB5)
[Inline] EAT @explorer.exe (@System@ExceptionClass) : rtl150.bpl -> HOOKED (Unknown @ 0xDD6A1039)
[Inline] EAT @explorer.exe (@Wincodec@CATID_WICFormatConverters) : rtl150.bpl -> HOOKED (C:\Windows\System32\bthprops.cpl @ 0x6490FC7F)
[Inline] EAT @explorer.exe (@Controls@TCustomTouchManager@) : vcl150.bpl -> HOOKED (Unknown @ 0x34772A44)
[Inline] EAT @explorer.exe (@Controls@TDockTree@) : vcl150.bpl -> HOOKED (Unknown @ 0xC0779121)
[Inline] EAT @explorer.exe (@Controls@TTouchManager@) : vcl150.bpl -> HOOKED (Unknown @ 0x34772FF8)
[Inline] EAT @explorer.exe (@Jclmath@Catalan) : Jcl150.bpl -> HOOKED (Unknown @ 0x00BF2040)
[Inline] EAT @explorer.exe (@Jclmath@Cbrt3) : Jcl150.bpl -> HOOKED (Unknown @ 0x90B1D717)
[Inline] EAT @explorer.exe (@Jclmath@LnPi) : Jcl150.bpl -> HOOKED (Unknown @ 0xCA671DA3)
[Inline] EAT @explorer.exe (@Jclmath@Log3) : Jcl150.bpl -> HOOKED (Unknown @ 0x84D25F65)
[Inline] EAT @explorer.exe (@Jclsimplexml@TJclSimpleXMLProps@) : Jcl150.bpl -> HOOKED (Unknown @ 0x4858BACA)
[Inline] EAT @explorer.exe (@Jclstructstorage@UnitVersioning) : Jcl150.bpl -> HOOKED (Unknown @ 0xF469DFA7)
[Inline] EAT @explorer.exe (@Jclwin32@RtdlNetGroupAdd) : Jcl150.bpl -> HOOKED (Unknown @ 0x3467D32D)
[Inline] EAT @explorer.exe (@Mscorlib_tlb@CLASS_AsymmetricSignatureDeformatter) : Jcl150.bpl -> HOOKED (Unknown @ 0x269C6902)
[Inline] EAT @explorer.exe (@Mscorlib_tlb@CLASS_Buffer) : Jcl150.bpl -> HOOKED (Unknown @ 0x8313E316)
[Inline] EAT @explorer.exe (@Mscorlib_tlb@CLASS_CaseInsensitiveComparer) : Jcl150.bpl -> HOOKED (Unknown @ 0x6C9E7D34)
[Inline] EAT @explorer.exe (@Mscorlib_tlb@CLASS_FileNotFoundException) : Jcl150.bpl -> HOOKED (Unknown @ 0xEB14FC04)
[Inline] EAT @explorer.exe (@Mscorlib_tlb@CLASS_JulianCalendar) : Jcl150.bpl -> HOOKED (Unknown @ 0x607DE6A9)
[Inline] EAT @explorer.exe (@Mscorlib_tlb@CLASS_PKCS1MaskGenerationMethod) : Jcl150.bpl -> HOOKED (Unknown @ 0x5E0E5459)
[Inline] EAT @explorer.exe (@Mscorlib_tlb@CLASS_ProgIdAttribute) : Jcl150.bpl -> HOOKED (Unknown @ 0x64693527)
[Inline] EAT @explorer.exe (@Mscorlib_tlb@CLASS_SHA384) : Jcl150.bpl -> HOOKED (Unknown @ 0x062DADDF)
[Inline] EAT @explorer.exe (@Mscorlib_tlb@CLASS_SoapDateTime) : Jcl150.bpl -> HOOKED (Unknown @ 0x886A688F)
[Inline] EAT @explorer.exe (@Mscorlib_tlb@IID_IChannel) : Jcl150.bpl -> HOOKED (Unknown @ 0xB577C87E)
[Inline] EAT @explorer.exe (@Mscorlib_tlb@IID__BitConverter) : Jcl150.bpl -> HOOKED (Unknown @ 0xD97E4C5E)
[Inline] EAT @explorer.exe (@Mscorlib_tlb@IID__CryptographicException) : Jcl150.bpl -> HOOKED (Unknown @ 0xFA6AC5AF)
[Inline] EAT @explorer.exe (@Mscorlib_tlb@IID__CustomAttributeBuilder) : Jcl150.bpl -> HOOKED (Unknown @ 0x47E035A9)
[Inline] EAT @explorer.exe (@Mscorlib_tlb@IID__ExternalException) : Jcl150.bpl -> HOOKED (Unknown @ 0x70C9C911)
[Inline] EAT @explorer.exe (@Mscorlib_tlb@IID__IsolatedStorageFilePermission) : Jcl150.bpl -> HOOKED (Unknown @ 0x292E9B90)
[Inline] EAT @explorer.exe (@Mscorlib_tlb@IID__Pointer) : Jcl150.bpl -> HOOKED (Unknown @ 0x03125CDC)
[Inline] EAT @explorer.exe (@Mscorlib_tlb@IID__RegionInfo) : Jcl150.bpl -> HOOKED (Unknown @ 0xD76F9F58)
[Inline] EAT @explorer.exe (@Mscorlib_tlb@IID__SiteIdentityPermission) : Jcl150.bpl -> HOOKED (Unknown @ 0x4E9A9BCB)
[Inline] EAT @explorer.exe (@Mscorlib_tlb@IID__ThaiBuddhistCalendar) : Jcl150.bpl -> HOOKED (Unknown @ 0xA3E88D47)

¤¤¤ Externí včelstvo: ¤¤¤
-> D:\windows\system32\config\SYSTEM | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\windows\system32\config\SOFTWARE | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\windows\system32\config\SECURITY | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\windows\system32\config\SAM | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\windows\system32\config\DEFAULT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\Documents and Settings\Default User\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\Documents and Settings\LocalService\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\Documents and Settings\NetworkService\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\Documents and Settings\UpdatusUser\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]
-> D:\Documents and Settings\uzivatel\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - C:] [Sys32 - FOUND] | USERINFO [Startup - FOUND]

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST1000DL002-9TT153 ATA Device +++++
--- User ---
[MBR] 2e92f243d9cda3df34ee8b0f7197a587
[BSP] 6ea2a0a3240d75624aa44b632b008c0d : Empty MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 250003 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 512007615 | Size: 703863 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) ST3320620AS ATA Device +++++
--- User ---
[MBR] 3d587ea86aab753af1ae05276d8313d8
[BSP] 84ca8f005dac36c956db86d60d557f65 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 149997 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 307195904 | Size: 155245 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_02282014_201406.txt >>
RKreport[0]_S_02282014_172559.txt;RKreport[0]_S_02282014_201358.txt

[akiller]

Zde je první polovina logu z TDSS:

20:21:21.0291 0x1038 TDSS rootkit removing tool 3.0.0.25 Feb 27 2014 15:23:02
20:21:26.0423 0x1038 ============================================================
20:21:26.0423 0x1038 Current date / time: 2014/02/28 20:21:26.0423
20:21:26.0423 0x1038 SystemInfo:
20:21:26.0423 0x1038
20:21:26.0423 0x1038 OS Version: 6.1.7601 ServicePack: 1.0
20:21:26.0423 0x1038 Product type: Workstation
20:21:26.0423 0x1038 ComputerName: INTEL
20:21:26.0423 0x1038 UserName: Petr
20:21:26.0423 0x1038 Windows directory: C:\Windows
20:21:26.0423 0x1038 System windows directory: C:\Windows
20:21:26.0423 0x1038 Processor architecture: Intel x86
20:21:26.0423 0x1038 Number of processors: 2
20:21:26.0423 0x1038 Page size: 0x1000
20:21:26.0423 0x1038 Boot type: Normal boot
20:21:26.0423 0x1038 ============================================================
20:21:27.0811 0x1038 KLMD registered as C:\Windows\system32\drivers\64689629.sys
20:21:28.0170 0x1038 System UUID: {88E9D295-A8DC-1977-EF41-89689C70A2C6}
20:21:28.0903 0x1038 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0CADE00 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:21:28.0935 0x1038 Drive \Device\Harddisk1\DR1 - Size: 0x4A85C4DE00 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:21:29.0013 0x1038 ============================================================
20:21:29.0013 0x1038 \Device\Harddisk0\DR0:
20:21:29.0013 0x1038 MBR partitions:
20:21:29.0013 0x1038 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1E849D80
20:21:29.0013 0x1038 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E849DBF, BlocksNum 0x55EBBC02
20:21:29.0013 0x1038 \Device\Harddisk1\DR1:
20:21:29.0013 0x1038 MBR partitions:
20:21:29.0013 0x1038 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x124F6BF3
20:21:29.0013 0x1038 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x124F7000, BlocksNum 0x12F36800
20:21:29.0013 0x1038 ============================================================
20:21:29.0044 0x1038 C: <-> \Device\Harddisk1\DR1\Partition2
20:21:29.0059 0x1038 D: <-> \Device\Harddisk1\DR1\Partition1
20:21:29.0075 0x1038 F: <-> \Device\Harddisk0\DR0\Partition1
20:21:29.0137 0x1038 G: <-> \Device\Harddisk0\DR0\Partition2
20:21:29.0137 0x1038 ============================================================
20:21:29.0137 0x1038 Initialize success
20:21:29.0137 0x1038 ============================================================
20:21:32.0944 0x15c4 ============================================================
20:21:32.0944 0x15c4 Scan started
20:21:32.0944 0x15c4 Mode: Manual;
20:21:32.0944 0x15c4 ============================================================
20:21:32.0944 0x15c4 KSN ping started
20:21:42.0335 0x15c4 KSN ping finished: true
20:21:42.0897 0x15c4 ================ Scan system memory ========================
20:21:42.0897 0x15c4 System memory - ok
20:21:42.0897 0x15c4 ================ Scan services =============================
20:21:43.0037 0x15c4 [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:21:43.0037 0x15c4 1394ohci - ok
20:21:43.0084 0x15c4 [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:21:43.0084 0x15c4 ACPI - ok
20:21:43.0115 0x15c4 [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:21:43.0115 0x15c4 AcpiPmi - ok
20:21:43.0146 0x15c4 [ 6D7F09CD92A9FEF3A8EFCE66231FDD79, FBEE01F2FFDB6854F682B4BE91673462A146927DD333D3C4DE66E6B86D9ED8DB ] adfs C:\Windows\system32\drivers\adfs.sys
20:21:43.0146 0x15c4 adfs - ok
20:21:43.0240 0x15c4 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
20:21:43.0240 0x15c4 AdobeARMservice - ok
20:21:43.0318 0x15c4 [ F7AB315A4D400CA876381D1E188A2E20, B6019C2E9B6801BB23C530C66D080F47330F48ADB0DD2813D50BE1408865BD91 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:21:43.0318 0x15c4 AdobeFlashPlayerUpdateSvc - ok
20:21:43.0411 0x15c4 [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
20:21:43.0411 0x15c4 adp94xx - ok
20:21:43.0458 0x15c4 [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
20:21:43.0458 0x15c4 adpahci - ok
20:21:43.0489 0x15c4 [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
20:21:43.0489 0x15c4 adpu320 - ok
20:21:43.0505 0x15c4 [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:21:43.0505 0x15c4 AeLookupSvc - ok
20:21:43.0536 0x15c4 [ F81BB7E487EDCEAB630A7EE66CF23913, 7D1638FD7E388EF670FA0A421762E0413351058A20DDF0F9988A383F05395A68 ] AFD C:\Windows\system32\drivers\afd.sys
20:21:43.0552 0x15c4 AFD - ok
20:21:43.0583 0x15c4 [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\drivers\agp440.sys
20:21:43.0583 0x15c4 agp440 - ok
20:21:43.0645 0x15c4 [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
20:21:43.0645 0x15c4 aic78xx - ok
20:21:43.0661 0x15c4 [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe
20:21:43.0661 0x15c4 ALG - ok
20:21:43.0692 0x15c4 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\drivers\aliide.sys
20:21:43.0692 0x15c4 aliide - ok
20:21:43.0708 0x15c4 [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
20:21:43.0708 0x15c4 amdagp - ok
20:21:43.0723 0x15c4 [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\drivers\amdide.sys
20:21:43.0723 0x15c4 amdide - ok
20:21:43.0739 0x15c4 [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
20:21:43.0739 0x15c4 AmdK8 - ok
20:21:43.0755 0x15c4 [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
20:21:43.0755 0x15c4 AmdPPM - ok
20:21:43.0770 0x15c4 [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:21:43.0770 0x15c4 amdsata - ok
20:21:43.0786 0x15c4 [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
20:21:43.0786 0x15c4 amdsbs - ok
20:21:43.0801 0x15c4 [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:21:43.0801 0x15c4 amdxata - ok
20:21:43.0833 0x15c4 [ AEA177F783E20150ACE5383EE368DA19, 8FA9EE27AA1F22E8B8FE33A21028CA1E0062BAA95CB132C20D55B98C03B4254F ] AppID C:\Windows\system32\drivers\appid.sys
20:21:43.0833 0x15c4 AppID - ok
20:21:43.0848 0x15c4 [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:21:43.0864 0x15c4 AppIDSvc - ok
20:21:43.0879 0x15c4 [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo C:\Windows\System32\appinfo.dll
20:21:43.0895 0x15c4 Appinfo - ok
20:21:43.0911 0x15c4 [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\DRIVERS\arc.sys
20:21:43.0911 0x15c4 arc - ok
20:21:43.0926 0x15c4 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
20:21:43.0926 0x15c4 arcsas - ok
20:21:44.0035 0x15c4 [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
20:21:44.0035 0x15c4 aspnet_state - ok
20:21:44.0051 0x15c4 [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:21:44.0051 0x15c4 AsyncMac - ok
20:21:44.0082 0x15c4 [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\drivers\atapi.sys
20:21:44.0082 0x15c4 atapi - ok
20:21:44.0129 0x15c4 [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:21:44.0145 0x15c4 AudioEndpointBuilder - ok
20:21:44.0160 0x15c4 [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] Audiosrv C:\Windows\System32\Audiosrv.dll
20:21:44.0160 0x15c4 Audiosrv - ok
20:21:44.0191 0x15c4 [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:21:44.0191 0x15c4 AxInstSV - ok
20:21:44.0223 0x15c4 [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
20:21:44.0238 0x15c4 b06bdrv - ok
20:21:44.0269 0x15c4 [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
20:21:44.0269 0x15c4 b57nd60x - ok
20:21:44.0301 0x15c4 [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll
20:21:44.0301 0x15c4 BDESVC - ok
20:21:44.0316 0x15c4 [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys
20:21:44.0316 0x15c4 Beep - ok
20:21:44.0347 0x15c4 [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\Windows\System32\bfe.dll
20:21:44.0394 0x15c4 BFE - ok
20:21:44.0722 0x15c4 [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\Windows\System32\qmgr.dll
20:21:44.0769 0x15c4 BITS - ok
20:21:44.0784 0x15c4 [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:21:44.0784 0x15c4 blbdrive - ok
20:21:44.0831 0x15c4 [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:21:44.0831 0x15c4 bowser - ok
20:21:44.0847 0x15c4 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:21:44.0847 0x15c4 BrFiltLo - ok
20:21:44.0862 0x15c4 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:21:44.0862 0x15c4 BrFiltUp - ok
20:21:44.0893 0x15c4 [ 77361D72A04F18809D0EFB6CCEB74D4B, 55E7DB65BB29FF421F138CDFF05E5ECFFC7C8862FAA68F6179A3BA9D6B69AE64 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
20:21:44.0893 0x15c4 BridgeMP - ok
20:21:44.0925 0x15c4 [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser C:\Windows\System32\browser.dll
20:21:44.0925 0x15c4 Browser - ok
20:21:44.0940 0x15c4 [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:21:44.0956 0x15c4 Brserid - ok
20:21:44.0971 0x15c4 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:21:44.0971 0x15c4 BrSerWdm - ok
20:21:44.0987 0x15c4 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:21:44.0987 0x15c4 BrUsbMdm - ok
20:21:44.0987 0x15c4 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:21:44.0987 0x15c4 BrUsbSer - ok
20:21:45.0003 0x15c4 [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
20:21:45.0018 0x15c4 BTHMODEM - ok
20:21:45.0034 0x15c4 [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll
20:21:45.0034 0x15c4 bthserv - ok
20:21:45.0081 0x15c4 [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:21:45.0081 0x15c4 cdfs - ok
20:21:45.0112 0x15c4 [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:21:45.0127 0x15c4 cdrom - ok
20:21:45.0159 0x15c4 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\Windows\System32\certprop.dll
20:21:45.0159 0x15c4 CertPropSvc - ok
20:21:45.0190 0x15c4 [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
20:21:45.0190 0x15c4 circlass - ok
20:21:45.0237 0x15c4 [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS C:\Windows\system32\CLFS.sys
20:21:45.0237 0x15c4 CLFS - ok
20:21:45.0268 0x15c4 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:21:45.0268 0x15c4 clr_optimization_v2.0.50727_32 - ok
20:21:45.0299 0x15c4 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:21:45.0299 0x15c4 clr_optimization_v4.0.30319_32 - ok
20:21:45.0315 0x15c4 [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:21:45.0315 0x15c4 CmBatt - ok
20:21:45.0439 0x15c4 [ 2A2D72271844C52F004901A60312B96A, A7782E78EE6797A100410C997B77C95B1D991E57C0E5025FC17324EF54C54F0F ] cmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
20:21:45.0673 0x15c4 cmdAgent - ok
20:21:45.0736 0x15c4 [ A1865742BBCF4C5F38FEE1258F8048FD, B9DD5CDC5EF8AEBEDA0AE2720AA55C1F3D0D9BAB4724CE56172FE86BE50E9B46 ] cmdGuard C:\Windows\system32\DRIVERS\cmdguard.sys
20:21:45.0767 0x15c4 cmdGuard - ok
20:21:45.0783 0x15c4 [ 221D000474F01B1606FFC3FF362D9333, AFC5090AD116C8F1767668F848CE43D615EFA7457005EBCE68E833F8E539B2D9 ] cmdHlp C:\Windows\system32\DRIVERS\cmdhlp.sys
20:21:45.0845 0x15c4 cmdHlp - ok
20:21:45.0861 0x15c4 [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:21:45.0861 0x15c4 cmdide - ok
20:21:45.0907 0x15c4 [ 85449EEBE8F8EBD6481EFBF0F352B4EB, E6FF04970C5A5BFDE7297A86C1C7B9BFE2E0F976A1A1AFB874CEB488DC6151CC ] CNG C:\Windows\system32\Drivers\cng.sys
20:21:45.0923 0x15c4 CNG - ok
20:21:45.0939 0x15c4 [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:21:45.0939 0x15c4 Compbatt - ok
20:21:45.0970 0x15c4 [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:21:45.0970 0x15c4 CompositeBus - ok
20:21:45.0970 0x15c4 COMSysApp - ok
20:21:45.0985 0x15c4 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
20:21:45.0985 0x15c4 crcdisk - ok
20:21:46.0001 0x15c4 [ C0EAD9F8AB83D41FF07303C75589C2B8, C89CAC39BCD2FA2DCC56D7EE84FF66127BCECCAE400E119FE41BF4C4D769504B ] Creative Audio Engine Licensing Service C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
20:21:46.0001 0x15c4 Creative Audio Engine Licensing Service - ok
20:21:46.0048 0x15c4 [ 7CA1BECEA5DE2643ADDAD32670E7A4C9, E3AB4CC52A97E3855D7EAB87363F807FDD2162ED8C76A036CD71549ED64E7797 ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:21:46.0048 0x15c4 CryptSvc - ok
20:21:46.0095 0x15c4 [ 69CDBA2B9C397E349A04FA70DD9170A2, 7879E58CB221063EF17A8A7677E81B47BFD600C3FC3353378690E4A2131327ED ] CTAudSvcService C:\Program Files\Creative\Shared Files\CTAudSvc.exe
20:21:46.0141 0x15c4 CTAudSvcService - ok
20:21:46.0188 0x15c4 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch C:\Windows\system32\rpcss.dll
20:21:46.0204 0x15c4 DcomLaunch - ok
20:21:46.0251 0x15c4 [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll
20:21:46.0266 0x15c4 defragsvc - ok
20:21:46.0297 0x15c4 [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:21:46.0297 0x15c4 DfsC - ok
20:21:46.0329 0x15c4 [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\Windows\system32\dhcpcore.dll
20:21:46.0329 0x15c4 Dhcp - ok
20:21:46.0391 0x15c4 [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys
20:21:46.0391 0x15c4 discache - ok
20:21:46.0422 0x15c4 [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\Windows\system32\DRIVERS\disk.sys
20:21:46.0422 0x15c4 Disk - ok
20:21:46.0453 0x15c4 [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:21:46.0469 0x15c4 Dnscache - ok
20:21:46.0500 0x15c4 [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\Windows\System32\dot3svc.dll
20:21:46.0516 0x15c4 dot3svc - ok
20:21:46.0531 0x15c4 [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\Windows\system32\dps.dll
20:21:46.0531 0x15c4 DPS - ok
20:21:46.0578 0x15c4 [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:21:46.0578 0x15c4 drmkaud - ok
20:21:46.0625 0x15c4 [ 71BC35067CABC02C9453AEAA42B2E43E, 713B19F2C08EA5E4C087F7A74A8856932CF33E19D63384823DD4E02ED8798619 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:21:46.0641 0x15c4 DXGKrnl - ok
20:21:46.0687 0x15c4 EagleXNt - ok
20:21:46.0703 0x15c4 [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll
20:21:46.0719 0x15c4 EapHost - ok
20:21:46.0859 0x15c4 [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
20:21:46.0906 0x15c4 ebdrv - ok
20:21:46.0937 0x15c4 [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] EFS C:\Windows\System32\lsass.exe
20:21:46.0937 0x15c4 EFS - ok
20:21:47.0015 0x15c4 [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:21:47.0031 0x15c4 ehRecvr - ok
20:21:47.0046 0x15c4 [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\Windows\ehome\ehsched.exe
20:21:47.0046 0x15c4 ehSched - ok
20:21:47.0077 0x15c4 [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
20:21:47.0093 0x15c4 elxstor - ok
20:21:47.0109 0x15c4 [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:21:47.0109 0x15c4 ErrDev - ok
20:21:47.0155 0x15c4 [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll
20:21:47.0171 0x15c4 EventSystem - ok
20:21:47.0187 0x15c4 [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys
20:21:47.0187 0x15c4 exfat - ok
20:21:47.0202 0x15c4 [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:21:47.0202 0x15c4 fastfat - ok
20:21:47.0233 0x15c4 [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\Windows\system32\fxssvc.exe
20:21:47.0249 0x15c4 Fax - ok
20:21:47.0265 0x15c4 [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:21:47.0265 0x15c4 fdc - ok
20:21:47.0296 0x15c4 [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll
20:21:47.0296 0x15c4 fdPHost - ok
20:21:47.0311 0x15c4 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll
20:21:47.0311 0x15c4 FDResPub - ok
20:21:47.0327 0x15c4 [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:21:47.0327 0x15c4 FileInfo - ok
20:21:47.0343 0x15c4 [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:21:47.0343 0x15c4 Filetrace - ok
20:21:47.0436 0x15c4 [ 1F63900E2EB00101B9ACA2B7A870704E, 5AFE1FC852937FECE6B33147BD0110436FE97F33BFDA3F69B1F5EDAD6FFC09C6 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
20:21:47.0452 0x15c4 FLEXnet Licensing Service - ok
20:21:47.0452 0x15c4 [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:21:47.0467 0x15c4 flpydisk - ok
20:21:47.0499 0x15c4 [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:21:47.0514 0x15c4 FltMgr - ok
20:21:47.0623 0x15c4 [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache C:\Windows\system32\FntCache.dll
20:21:47.0670 0x15c4 FontCache - ok
20:21:47.0717 0x15c4 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:21:47.0717 0x15c4 FontCache3.0.0.0 - ok
20:21:47.0795 0x15c4 [ EAE0C9154AB5C0EE46ACE1E860E16480, E8C88BD548F4BAC8499C99AE37147954F4423BD22C83F9F9C9FA8EB015AB5A65 ] FreemakeVideoCapture C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe
20:21:47.0811 0x15c4 FreemakeVideoCapture - ok
20:21:47.0826 0x15c4 [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:21:47.0826 0x15c4 FsDepends - ok
20:21:47.0857 0x15c4 [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:21:47.0857 0x15c4 Fs_Rec - ok
20:21:47.0904 0x15c4 [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:21:47.0904 0x15c4 fvevol - ok
20:21:47.0935 0x15c4 [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
20:21:47.0935 0x15c4 gagp30kx - ok
20:21:47.0982 0x15c4 [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc C:\Windows\System32\gpsvc.dll
20:21:48.0013 0x15c4 gpsvc - ok
20:21:48.0138 0x15c4 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
20:21:48.0138 0x15c4 gupdate - ok
20:21:48.0154 0x15c4 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
20:21:48.0154 0x15c4 gupdatem - ok
20:21:48.0169 0x15c4 [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:21:48.0169 0x15c4 hcw85cir - ok
20:21:48.0216 0x15c4 [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
20:21:48.0216 0x15c4 HDAudBus - ok
20:21:48.0247 0x15c4 [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
20:21:48.0263 0x15c4 HidBatt - ok
20:21:48.0279 0x15c4 [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
20:21:48.0279 0x15c4 HidBth - ok
20:21:48.0294 0x15c4 [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
20:21:48.0294 0x15c4 HidIr - ok
20:21:48.0310 0x15c4 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\System32\hidserv.dll
20:21:48.0310 0x15c4 hidserv - ok
20:21:48.0341 0x15c4 [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
20:21:48.0341 0x15c4 HidUsb - ok
20:21:48.0372 0x15c4 [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\Windows\system32\kmsvc.dll
20:21:48.0372 0x15c4 hkmsvc - ok
20:21:48.0403 0x15c4 [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:21:48.0403 0x15c4 HomeGroupListener - ok
20:21:48.0450 0x15c4 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:21:48.0450 0x15c4 HomeGroupProvider - ok
20:21:48.0481 0x15c4 [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:21:48.0481 0x15c4 HpSAMD - ok
20:21:48.0559 0x15c4 [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:21:48.0575 0x15c4 HTTP - ok
20:21:48.0622 0x15c4 [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:21:48.0622 0x15c4 hwpolicy - ok
20:21:48.0684 0x15c4 [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:21:48.0684 0x15c4 i8042prt - ok
20:21:48.0747 0x15c4 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:21:48.0762 0x15c4 iaStorV - ok
20:21:48.0871 0x15c4 [ C521D7EB6497BB1AF6AFA89E322FB43C, BDDCFCBB5B76A9295669B5AC9F732D6127199ED5C300770B554C4E4794F66BB7 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:21:48.0887 0x15c4 idsvc - ok
20:21:48.0949 0x15c4 IEEtwCollectorService - ok
20:21:48.0981 0x15c4 [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
20:21:48.0981 0x15c4 iirsp - ok
20:21:49.0043 0x15c4 [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT C:\Windows\System32\ikeext.dll
20:21:49.0059 0x15c4 IKEEXT - ok
20:21:49.0090 0x15c4 [ 3B6BE2DA5993B1E38613976FAF4AC83E, E77FF0D63F1A5F9679EED452F3383B5D8662B993722BEDBEA6C8A591306F3F41 ] inspect C:\Windows\system32\DRIVERS\inspect.sys
20:21:49.0121 0x15c4 inspect - ok
20:21:49.0137 0x15c4 [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\drivers\intelide.sys
20:21:49.0152 0x15c4 intelide - ok
20:21:49.0168 0x15c4 [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:21:49.0168 0x15c4 intelppm - ok
20:21:49.0183 0x15c4 [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:21:49.0199 0x15c4 IPBusEnum - ok
20:21:49.0199 0x15c4 [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:21:49.0215 0x15c4 IpFilterDriver - ok
20:21:49.0261 0x15c4 [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:21:49.0277 0x15c4 iphlpsvc - ok
20:21:49.0293 0x15c4 [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:21:49.0308 0x15c4 IPMIDRV - ok
20:21:49.0324 0x15c4 [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:21:49.0324 0x15c4 IPNAT - ok
20:21:49.0339 0x15c4 [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:21:49.0339 0x15c4 IRENUM - ok
20:21:49.0339 0x15c4 [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:21:49.0355 0x15c4 isapnp - ok
20:21:49.0371 0x15c4 [ CB7A9ABB12B8415BCE5D74994C7BA3AE, 464BFF3F5EEE985BE075E23E1813F5CB82A9A0771A92C6D889B13B867BCDF647 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:21:49.0371 0x15c4 iScsiPrt - ok
20:21:49.0386 0x15c4 [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
20:21:49.0386 0x15c4 kbdclass - ok
20:21:49.0402 0x15c4 [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
20:21:49.0402 0x15c4 kbdhid - ok
20:21:49.0417 0x15c4 [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] KeyIso C:\Windows\system32\lsass.exe
20:21:49.0417 0x15c4 KeyIso - ok
20:21:49.0433 0x15c4 [ F286830298323272260332D6ABC905C1, FF4CD182A95CA53119B228690D682EE9214BE131A0DBCB09B6189FBEBBFF902C ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:21:49.0449 0x15c4 KSecDD - ok
20:21:49.0449 0x15c4 [ D7C760D57B1656DD748B9E4AB6CB5A51, F8AE4185A6A9F7005DEFF1FDC03F395C6189825B482B8C650637FD29DE93AB68 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:21:49.0464 0x15c4 KSecPkg - ok
20:21:49.0480 0x15c4 [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll
20:21:49.0495 0x15c4 KtmRm - ok
20:21:49.0511 0x15c4 [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\Windows\System32\srvsvc.dll
20:21:49.0511 0x15c4 LanmanServer - ok
20:21:49.0527 0x15c4 [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:21:49.0527 0x15c4 LanmanWorkstation - ok
20:21:49.0589 0x15c4 [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:21:49.0589 0x15c4 lltdio - ok
20:21:49.0683 0x15c4 [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:21:49.0714 0x15c4 lltdsvc - ok
20:21:49.0729 0x15c4 [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:21:49.0745 0x15c4 lmhosts - ok
20:21:49.0761 0x15c4 [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
20:21:49.0761 0x15c4 LSI_FC - ok
20:21:49.0776 0x15c4 [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
20:21:49.0776 0x15c4 LSI_SAS - ok
20:21:49.0807 0x15c4 [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:21:49.0807 0x15c4 LSI_SAS2 - ok
20:21:49.0823 0x15c4 [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:21:49.0839 0x15c4 LSI_SCSI - ok
20:21:49.0854 0x15c4 [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys
20:21:49.0870 0x15c4 luafv - ok
20:21:49.0901 0x15c4 [ 1A7DB7A00A4B0D8DA24CD691A4547291, 604E29E827841EA06313172D9063FD946CE592BF844CEA8D10173CAA397704F8 ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2Mon.sys
20:21:49.0901 0x15c4 LVPr2Mon - ok
20:21:49.0963 0x15c4 [ 0DDFDCAA92C7F553328DB06BA599BEA9, DB779E38B1CF1CAD69193857043F8ED8BBEB603E97363CD798F6699431D94A41 ] LVPrcSrv C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
20:21:49.0963 0x15c4 LVPrcSrv - ok
20:21:50.0010 0x15c4 [ B895839B8743E400D7C7DAE156F74E7E, 52E13C6260F7E6718C782DF0B43D838FB4939B314695A7A9CB2012D8B224066B ] LVRS C:\Windows\system32\DRIVERS\lvrs.sys
20:21:50.0026 0x15c4 LVRS - ok
20:21:50.0057 0x15c4 [ 23F8EF78BB9553E465A476F3CEE5CA18, 22E19B9F16EC555CCA091841711C8D1938F7EBCD8C6AC82E77375AE5EA96610C ] LVUSBSta C:\Windows\system32\drivers\LVUSBSta.sys
20:21:50.0057 0x15c4 LVUSBSta - ok
20:21:50.0119 0x15c4 [ 4470E3C1E0C3378E4CAB137893C12C3A, CA8E66356F0E671D5454E561E7EAD74DE25DCF53BE452369F96ECACFA8709489 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
20:21:50.0119 0x15c4 MBAMProtector - ok
20:21:50.0197 0x15c4 [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:21:50.0213 0x15c4 MBAMScheduler - ok
20:21:50.0260 0x15c4 [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
20:21:50.0275 0x15c4 MBAMService - ok
20:21:50.0322 0x15c4 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:21:50.0322 0x15c4 Mcx2Svc - ok
20:21:50.0353 0x15c4 [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
20:21:50.0353 0x15c4 megasas - ok
20:21:50.0369 0x15c4 [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
20:21:50.0369 0x15c4 MegaSR - ok
20:21:50.0385 0x15c4 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll
20:21:50.0400 0x15c4 MMCSS - ok
20:21:50.0400 0x15c4 [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys
20:21:50.0400 0x15c4 Modem - ok
20:21:50.0400 0x15c4 [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:21:50.0416 0x15c4 monitor - ok
20:21:50.0416 0x15c4 [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:21:50.0416 0x15c4 mouclass - ok
20:21:50.0431 0x15c4 [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:21:50.0431 0x15c4 mouhid - ok
20:21:50.0463 0x15c4 [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:21:50.0463 0x15c4 mountmgr - ok
20:21:50.0525 0x15c4 [ 338037EFA0E8E8699B2667D57B751574, 59E0D39806D0C4EB57913AA013242837FD39AD378726AEE42D250CBA87C1C3BF ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:21:50.0525 0x15c4 MozillaMaintenance - ok
20:21:50.0572 0x15c4 [ E77DC03DD3C8E5A388BF9EED2A28F3D1, ED0DAA975D1EC35CE036F02596218E15CC6A054167628D12A0A5AD91B841F422 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
20:21:50.0587 0x15c4 MpFilter - ok
20:21:50.0619 0x15c4 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\Windows\system32\drivers\mpio.sys
20:21:50.0619 0x15c4 mpio - ok
20:21:50.0650 0x15c4 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:21:50.0650 0x15c4 mpsdrv - ok
20:21:50.0759 0x15c4 [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:21:50.0806 0x15c4 MpsSvc - ok
20:21:50.0837 0x15c4 [ 21F4B24ACFC79A483515BD986DD9043F, 22681907E02E0B723ABE2CEF0602D36C8EF862E7E2B62A9B40A5EF582E58D7BA ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:21:50.0837 0x15c4 MRxDAV - ok
20:21:50.0868 0x15c4 [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:21:50.0868 0x15c4 mrxsmb - ok
20:21:50.0884 0x15c4 [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:21:50.0899 0x15c4 mrxsmb10 - ok
20:21:50.0915 0x15c4 [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:21:50.0931 0x15c4 mrxsmb20 - ok
20:21:50.0962 0x15c4 [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\Windows\system32\drivers\msahci.sys
20:21:50.0962 0x15c4 msahci - ok
20:21:50.0977 0x15c4 [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:21:50.0977 0x15c4 msdsm - ok
20:21:51.0009 0x15c4 [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe
20:21:51.0009 0x15c4 MSDTC - ok
20:21:51.0040 0x15c4 [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:21:51.0055 0x15c4 Msfs - ok
20:21:51.0055 0x15c4 [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:21:51.0055 0x15c4 mshidkmdf - ok
20:21:51.0087 0x15c4 [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:21:51.0087 0x15c4 msisadrv - ok
20:21:51.0102 0x15c4 [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:21:51.0102 0x15c4 MSiSCSI - ok
20:21:51.0118 0x15c4 msiserver - ok
20:21:51.0149 0x15c4 [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:21:51.0149 0x15c4 MSKSSRV - ok
20:21:51.0196 0x15c4 [ B0F49DA36F30922F5DDC3B623B778FCE, EE025AEFA4A2095AFEABFB3A49639DA77D78068A3F5EEDA6C15D34853AFD5609 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe