kontrola logu Vyřešeno

[Ajven]

Problem sa riesil uz v teme: "problem s JS/Toolbar.Crossrider.B" v sekci "Obsah fóra ‹ Bezpečnost ‹ Viry, antiviry, firewally…"

Ajven
zdravim,

kupil som si novy notebook, naistaloval som si tam Windows 8. Takze co sa tyka programov alebo potencialnych skodcov by mal byt cisty. Ako prve som si nasinstaloval drivers z dvd a potom som si v podstate naistaloval zakladne aplikacie (firefox, vlc, spotify, adobe reader, flash player, winrar, gimp, openoffice, cccleaner a eset smart security) Nechcel som si tam schvalne davat ziadne cracknute veci, takze vsetko je bud free alebo mam zakupene.

Problem nastal po prvom restarte. Eset mi zacal vyhadzovat na pravej strane obrazovky mnozstvo "potencialne nebezpecnych suborov" a PC je jednoznacne pomalsie ako bolo. (System som si naistaloval pred cca 9 hodinami)

Spustil som si preto smart kontrolu v eset smart security a naslo mi nieco cez 600! infiltracii (v zivote som mal dohromady mozno 10 virusov). Problem je vsetky infiltracie su tie iste "JS/Toolbar.Crossrider.B" a Eset mi ich nemoze vyliecit. Skusal som nieco pohladat na google, ale niaky konkretny navod na to, ako sa toho zbavit som nenasiel.

Stretol sa tu niekto s podobnym problemom? Vobec neviem, co mam robit nikdy som sa s nicim takym nestretol...

Za kazdu odpoved budem vdacny

Ajven

Blue Spirit

Není ten Toolbar vidět v Ovládacích panelech aby se dal odinstalovat? Nainstaluj https://www.malwarebytes.org/free/ klikni na Aktualizace a následně Kontrolor, možná to odstraní.

Pic
Vlož log z HIJackThis do stejnojmenné sekce a požádej o pomoc. Návod najdeš v Články a návody.

Ajven

Naistaloval som ten Malwarebytes a spravil kontrolu.. Nieco som zmazal, ale evidentne mi to nepomohlo. Co som spozoroval je, ze ak pouzijem browser IE a nie Firefox, tak mi nezacne Eset hlasit o tych infiltraciach. Udeje sa tak jedine ak idem na Internet cez Firefox alebo ak kliknem na Eset.

Idem skusit ten log ako pise "Pic" a napisem ci to pomohlo. :)

***

No teraz mam pre zmenu problem aj HijackThis



Scan mi po odkliknuti "OK" prebehne cely, bohuzial sa mi ale nevytvoti log. Mozem postnut aj len screenshoty (2), kedze txt mi nevytvorilo?

tak teda posielam tie dva screeny logu z HijackThis...:

[Reklama]

[jaro3]

Vlož log z HJT:
viewtopic.php?f=70&t=5119
ne screeny.

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.


Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode)

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Pokud budou problémy , spusť v nouz. režimu.

[Ajven]

ok spravil som vsetko ako si pisal.

Log z HJT mi vsak nevypise- preto som dal tie screeny.

Log z AdwCleaner a Malwarebytes:

# AdwCleaner v3.020 - Report created 03/03/2014 at 20:03:42
# Updated 27/02/2014 by Xplode
# Operating System : Windows 8 Pro (64 bits)
# Username : Ajven - AJVEN-NOTEBOOK
# Running from : C:\Users\Ajven\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\installedbrowserextensions
Key Found : [x64] HKCU\Software\installedbrowserextensions
Key Found : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522072278}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566076678}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522072278}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566076678}

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16798


-\\ Mozilla Firefox v27.0.1 (sk)

[ File : C:\Users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\prefs.js ]

Line Found : user_pref("extensions.crossrider.bic", "14484f74be04b8ea47015ac287b3b004");

*************************

AdwCleaner[R0].txt - [1299 octets] - [03/03/2014 19:58:18]
AdwCleaner[R1].txt - [1207 octets] - [03/03/2014 20:03:42]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [1267 octets] ##########



Malwarebytes Anti-Malware (Skúšobná verzia) 1.75.0.1300
www.malwarebytes.org

Verzia databázy: v2014.03.03.04

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16798
Ajven :: AJVEN-NOTEBOOK [administrátor]

Ochrana: Zapnuté

3.3.2014 20:07:55
mbam-log-2014-03-03 (20-07-55).txt

Typ kontroly: Rýchla kontrola
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 233224
Uplynutý čas: 3 min, 17 sek

Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)

Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)

Detegované registračné kľúče: 0
(Škodlivé položky neboli zistené)

Detegované registračné hodnoty: 0
(Škodlivé položky neboli zistené)

Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)

Detegované priečinky: 0
(Škodlivé položky neboli zistené)

Detegované súbory: 0
(Škodlivé položky neboli zistené)

(koniec)

[Orcus]

HJT spusť jako správce. Pravý klik na ikonu, nikoliv zástupce.

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Smazat“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

====================================================

Stáhni si Junkware Removal Tool

na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

====================================================

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

[Ajven]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:15:35, on 4.3.2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16798)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Users\Ajven\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O4 - HKLM\..\Run: [BtTray] "C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Ajven\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\WINDOWS\SysWow64\skype4com.dll
O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - http://www.BitComet.com - C:\Program Files\BitComet\tools\BitCometService.exe
O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8752 bytes



# AdwCleaner v3.020 - Report created 04/03/2014 at 00:24:16
# Updated 27/02/2014 by Xplode
# Operating System : Windows 8 Pro (64 bits)
# Username : Ajven - AJVEN-NOTEBOOK
# Running from : C:\Users\Ajven\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522072278}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566076678}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522072278}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566076678}
Key Deleted : HKCU\Software\installedbrowserextensions

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16798


-\\ Mozilla Firefox v27.0.1 (sk)

[ File : C:\Users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\prefs.js ]

Line Deleted : user_pref("extensions.crossrider.bic", "14484f74be04b8ea47015ac287b3b004");

*************************

AdwCleaner[R0].txt - [1299 octets] - [04/03/2014 00:22:07]
AdwCleaner[S0].txt - [1164 octets] - [04/03/2014 00:24:16]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1224 octets] ##########


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 8 Pro x64
Ran by Ajven on ut 04.03.2014 at 0:29:20,07
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110511071178}



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Ajven\AppData\Roaming\mozilla\firefox\profiles\wq1r4qc5.default\minidumps [1 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ut 04.03.2014 at 0:39:48,57
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


RogueKiller V8.8.10 _x64_ [Feb 28 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 8 (6.2.9200 ) 64 bits version
Started in : Normal mode
User : Ajven [Admin rights]
Mode : Scan -- Date : 03/04/2014 00:44:28
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 6 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) HGST HTS725050A7E630 +++++
--- User ---
[MBR] b49e1304493ca56c48fcb4a2ab3101b4
[BSP] 519d09c4812b82b0b18bc34acb434474 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 476838 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_S_03042014_004428.txt >>

[jaro3]

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků

[Ajven]

RogueKiller V8.8.10 _x64_ [Feb 28 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 8 (6.2.9200 ) 64 bits version
Started in : Normal mode
User : Ajven [Admin rights]
Mode : Remove -- Date : 03/04/2014 12:23:46
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 6 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> DELETED
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2)
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) HGST HTS725050A7E630 +++++
--- User ---
[MBR] b49e1304493ca56c48fcb4a2ab3101b4
[BSP] 519d09c4812b82b0b18bc34acb434474 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 476838 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_D_03042014_122346.txt >>
RKreport[0]_S_03042014_004428.txt;RKreport[0]_S_03042014_122252.txt



12:26:26.0737 0x07dc TDSS rootkit removing tool 3.0.0.25 Feb 27 2014 15:23:02
12:26:38.0893 0x07dc ============================================================
12:26:38.0893 0x07dc Current date / time: 2014/03/04 12:26:38.0893
12:26:38.0893 0x07dc SystemInfo:
12:26:38.0893 0x07dc
12:26:38.0893 0x07dc OS Version: 6.2.9200 ServicePack: 0.0
12:26:38.0893 0x07dc Product type: Workstation
12:26:38.0893 0x07dc ComputerName: AJVEN-NOTEBOOK
12:26:38.0893 0x07dc UserName: Ajven
12:26:38.0893 0x07dc Windows directory: C:\WINDOWS
12:26:38.0893 0x07dc System windows directory: C:\WINDOWS
12:26:38.0893 0x07dc Running under WOW64
12:26:38.0893 0x07dc Processor architecture: Intel x64
12:26:38.0893 0x07dc Number of processors: 2
12:26:38.0893 0x07dc Page size: 0x1000
12:26:38.0893 0x07dc Boot type: Normal boot
12:26:38.0893 0x07dc ============================================================
12:26:39.0940 0x07dc KLMD registered as C:\WINDOWS\system32\drivers\94058011.sys
12:26:40.0065 0x07dc System UUID: {97F423B7-9A9B-F108-7C00-52A001D658F8}
12:26:40.0597 0x07dc Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:26:40.0612 0x07dc ============================================================
12:26:40.0612 0x07dc \Device\Harddisk0\DR0:
12:26:40.0612 0x07dc MBR partitions:
12:26:40.0612 0x07dc \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
12:26:40.0612 0x07dc \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
12:26:40.0612 0x07dc ============================================================
12:26:40.0628 0x07dc C: <-> \Device\Harddisk0\DR0\Partition2
12:26:40.0628 0x07dc ============================================================
12:26:40.0628 0x07dc Initialize success
12:26:40.0628 0x07dc ============================================================
12:26:47.0456 0x0f24 ============================================================
12:26:47.0456 0x0f24 Scan started
12:26:47.0456 0x0f24 Mode: Manual;
12:26:47.0456 0x0f24 ============================================================
12:26:47.0456 0x0f24 KSN ping started
12:26:49.0832 0x0f24 KSN ping finished: true
12:26:50.0222 0x0f24 ================ Scan system memory ========================
12:26:50.0222 0x0f24 System memory - ok
12:26:50.0222 0x0f24 ================ Scan services =============================
12:26:50.0363 0x0f24 [ E890C46E4754F0DF51BAFCC8D2E07498, E620D03030F3B65442E0A5CB8B59016A6E8DB3BCA52741977B8897B34438E902 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
12:26:50.0378 0x0f24 1394ohci - ok
12:26:50.0394 0x0f24 [ 4F18D4C7EA14F11A7211F60D553C03DB, 09AB6D2D8E9B7B6D6A97708551C0E4B34538947A15EA2A69C11764D7BC0BB7F6 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
12:26:50.0394 0x0f24 3ware - ok
12:26:50.0410 0x0f24 [ A3BDA4D1186C8F47FA1BC8E91F197537, 9E0D9E5DD562E0D28874F272929736A8669903D755A7D214DCE7385CB34DD3A6 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
12:26:50.0425 0x0f24 ACPI - ok
12:26:50.0425 0x0f24 [ DC968C37822117E576B933F34A2D130C, 4C94E00ADC242296D7CBBFC7346D5F9AE5FE1B0C616ECA3BDE10A7B34FD2040B ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
12:26:50.0425 0x0f24 acpiex - ok
12:26:50.0457 0x0f24 [ 0CA9F7C3A78227C21A0A7854E245CFB2, D54147C9C1EE2F0098B863B0852E027DB89D6FA67F6B7FD54F609D9715A11442 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
12:26:50.0457 0x0f24 acpipagr - ok
12:26:50.0457 0x0f24 [ 8EB8DA03B142D3DD1EB9ED8107A76C43, 24B9B24F9A5BDF3AAD13C4EE0638497D9CA4A100096C6EAE403E0215EA89C439 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
12:26:50.0457 0x0f24 AcpiPmi - ok
12:26:50.0457 0x0f24 [ CBCE725C5D86ABA7D2604E22951AA9B8, DE0440F0E943F057EBCD01DB4B1E12DBC241FBF03C42021306D322AB88FF8F21 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
12:26:50.0457 0x0f24 acpitime - ok
12:26:50.0535 0x0f24 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:26:50.0535 0x0f24 AdobeARMservice - ok
12:26:50.0691 0x0f24 [ F7AB315A4D400CA876381D1E188A2E20, B6019C2E9B6801BB23C530C66D080F47330F48ADB0DD2813D50BE1408865BD91 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:26:50.0707 0x0f24 AdobeFlashPlayerUpdateSvc - ok
12:26:50.0754 0x0f24 [ 93C6388592B99925C1D1576E465BC80F, 4C48BE5471DA4788357D71E90DFEA20FE320C7AAE1F4C55AFBE2E46FEA5CF8FB ] adp94xx C:\WINDOWS\system32\drivers\adp94xx.sys
12:26:50.0769 0x0f24 adp94xx - ok
12:26:50.0800 0x0f24 [ D27763E0247292654E7F7D16444C7C72, 0314C713D31E2B34F215B52F804F014D876E6ED92DC656CC3E27920CCD36CF0E ] adpahci C:\WINDOWS\system32\drivers\adpahci.sys
12:26:50.0800 0x0f24 adpahci - ok
12:26:50.0816 0x0f24 [ 67B90070FF48F794AF19F9FCF0080D75, 5D0D352606D58D2CA0814F38EF7B1774C030BE44353DF5910CBFAAF4FDE64ED6 ] adpu320 C:\WINDOWS\system32\drivers\adpu320.sys
12:26:50.0832 0x0f24 adpu320 - ok
12:26:50.0863 0x0f24 [ AB34A3211A1D2AB977DE00CD7BC5A464, B893D957718BB56E10CAFE5F393AAC62FC541B391539B06D6C684AEB37B685F1 ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
12:26:50.0879 0x0f24 AeLookupSvc - ok
12:26:50.0910 0x0f24 [ 7C0E0EDF18D6CC565D7BFBB451709FA5, 47C21CD9D87B5C1B5EB14F6166B5E3349B1A6F10501E63CCED8D52A9FE22765D ] AFD C:\WINDOWS\system32\drivers\afd.sys
12:26:50.0925 0x0f24 AFD - ok
12:26:50.0957 0x0f24 [ 01590377A5AB19E792528C628A2A68F9, F3A4B6CA4E8D4436E44E36D7F7EEF3DC861D1EE50D41F4273226C4ED95674B84 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
12:26:50.0957 0x0f24 agp440 - ok
12:26:50.0972 0x0f24 [ D1BE8E6E5B3AF23A4393AF1BF867977A, B3AE97D35A9304198715D76F6C3F0545AA176FDEBA6C2055782558B11DFA14EB ] ALG C:\WINDOWS\System32\alg.exe
12:26:50.0972 0x0f24 ALG - ok
12:26:51.0019 0x0f24 [ 025E8C755BE293E50854D26D1BBE5133, 4373639689306A3D8FE0F862072711BAD5DBAA45E105CD3129586439A90EE070 ] AllUserInstallAgent C:\WINDOWS\system32\AUInstallAgent.dll
12:26:51.0035 0x0f24 AllUserInstallAgent - ok
12:26:51.0035 0x0f24 [ FB88D16B55F788EEB7590584FE2D8F1A, 96DDFF3D0139FC268E43C5CB2F1455BC1EAD99883453933B4B639166AAB0ED38 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
12:26:51.0050 0x0f24 AmdK8 - ok
12:26:51.0050 0x0f24 [ 81402FF3373CE4DF77D5C874E369A985, 83F2091A6D97314CD3216176365ABD1D0FB74686BA457022712DE8F355AD1D90 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
12:26:51.0050 0x0f24 AmdPPM - ok
12:26:51.0066 0x0f24 [ 35A0EB5AECB0FA3C41A2FB514A562304, 737783ABF348288471AC7051D4DC6CB336D686C94EC7B8938DCA74AFE9BECB1C ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
12:26:51.0066 0x0f24 amdsata - ok
12:26:51.0066 0x0f24 [ 00452671904F5EE94B50BF0219C97164, 99F9B86D3DB3E10B014120A63CD43CBAAB22C8E38851090ABE37D89ABD61F7B6 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
12:26:51.0082 0x0f24 amdsbs - ok
12:26:51.0097 0x0f24 [ EA3FFE53E92E59C87E3ECA9BEB20D9B7, DC0B8B798720F5F75F8AFD3383CF69194282AEEE84DCACB97382F4C86E1D3E49 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
12:26:51.0097 0x0f24 amdxata - ok
12:26:51.0113 0x0f24 [ 83B3682CE922FB0F415734B26D9D6233, 9102E8B410BB1AE426770896B6AB584D1F02830337FBB2DEC182F3F19832F35F ] AppID C:\WINDOWS\system32\drivers\appid.sys
12:26:51.0129 0x0f24 AppID - ok
12:26:51.0129 0x0f24 [ CE2BEAD7F31816FF0AC490D048C969F9, 7D24C5A9E8F7C21CC6D8BF2CA29A8B79DDE7EEDE2F37D36B9071ECE1CF61371F ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
12:26:51.0144 0x0f24 AppIDSvc - ok
12:26:51.0160 0x0f24 [ D64C4AFEE8277F35EF729A2B924666B0, 543AA2B2CD09820437646CFE01AFDBA6B764AA588E663759DEB93CB4F25E09D7 ] Appinfo C:\WINDOWS\System32\appinfo.dll
12:26:51.0160 0x0f24 Appinfo - ok
12:26:51.0191 0x0f24 [ 2D14788C5D0836292BEB27BBE109BE56, D032FDBD9E1708F77348655DE00DB395E38EB27A7EC3FB2EF3BA07D22CBC1402 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
12:26:51.0191 0x0f24 AppMgmt - ok
12:26:51.0207 0x0f24 [ E933401B392387F4BE34DE8BAF1722A7, 57CC6DE31E2C82D2B12509F0A5EC9EC70DD2EF6A1F31A66ADF62DC6AE0A67323 ] arc C:\WINDOWS\system32\drivers\arc.sys
12:26:51.0207 0x0f24 arc - ok
12:26:51.0222 0x0f24 [ 07CA323EF2E8247A568AB0F3662AD644, 1224B41193F0E9B164732BA5BF707A13427C82C1D8C3EDC2AAE5C5C75454B9F6 ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
12:26:51.0222 0x0f24 arcsas - ok
12:26:51.0363 0x0f24 [ E40AF754F43E3B44E2D6DE829267AD52, 5F9427E595A56464807D071205FB4DFD6BB21B68058E67529DC1727D32FAB0AD ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
12:26:51.0363 0x0f24 ASLDRService - ok
12:26:51.0394 0x0f24 [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
12:26:51.0394 0x0f24 ASMMAP64 - ok
12:26:51.0457 0x0f24 [ 6A122B4F0E5293CACFA8A5F2CBA9B356, 9D69076B697BEE8742E32EBEF1802D829DEA6B1D93AF485D11CC89A08CA4D809 ] ASUS InstantOn C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
12:26:51.0472 0x0f24 ASUS InstantOn - ok
12:26:51.0472 0x0f24 ASUSProcObsrv - ok
12:26:51.0488 0x0f24 [ 74DBAEC35366C4EE7670428808715A6A, 3B3A7A81CD8038C4750560B94A9247C4409410780B312BA71EDF2E393DCA7474 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:26:51.0504 0x0f24 AsyncMac - ok
12:26:51.0504 0x0f24 [ A721FF570C2387E383BDDEA9632863C9, 45DD7787F44A2C742560FEB03AB66910C2F0002D95BB02C55EEDE973AA92AD24 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
12:26:51.0504 0x0f24 atapi - ok
12:26:51.0519 0x0f24 [ DBC598E47E7A382E60E2A4745D41FEF9, A810AC197CA456B0285E2CAE6986D38B31F4ADA32BEB47EC7A48A2B2196BA639 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
12:26:51.0535 0x0f24 ATKGFNEXSrv - ok
12:26:51.0582 0x0f24 [ 41CEAFFCF3550785E59E3EC9BEE8D97A, 89FE604088B65B82AA794E1DA8429033CD2F05FFB2D7EFAAC7B967C7A83D1B1E ] ATKWMIACPIIO C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
12:26:51.0582 0x0f24 ATKWMIACPIIO - ok
12:26:51.0613 0x0f24 [ 74D09AC81A7BD9E5361B3F623F78608A, D97271ED81F7408892CDDFC00168FF0000E6507B46A0197B1FB81F86B9034C9F ] ATP C:\WINDOWS\System32\drivers\AsusTP.sys
12:26:51.0613 0x0f24 ATP - ok
12:26:51.0644 0x0f24 [ BCD7A47EF587DC00DD61D12D9C2D1E44, 95BC9AC8BA8A86DB5C7A6317002BD9872F193B401A0C58DF252DCF3D4A7541E2 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
12:26:51.0660 0x0f24 AudioEndpointBuilder - ok
12:26:51.0707 0x0f24 [ 810F30FF8490ED5ED510621DF10DE320, DC75EB2A98642AC97F6C16810CCF4C71BDECFB2E0B962DA859ABD7182CE59970 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
12:26:51.0738 0x0f24 Audiosrv - ok
12:26:51.0754 0x0f24 [ 89491EF71D5EA011127832C588002853, 05620E4235956D8446FB9604F930738C8AA97E3A74C907E37F7CC08B8EDA0461 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
12:26:51.0769 0x0f24 AxInstSV - ok
12:26:51.0800 0x0f24 [ 45C6EC94DE3D466B4B452EA0E3870321, 2C32648B91B9824579309D64C899ADEF626E10E75EE66EE95C22CBE71ED1864D ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
12:26:51.0816 0x0f24 b06bdrv - ok
12:26:51.0832 0x0f24 [ 81703BC5D68DEDBB086C2368FBE7B334, CFD4A55C8045C482F8D410514F3211AEFA00097AB395F5A04BFE983ED6254F6B ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
12:26:51.0847 0x0f24 BasicDisplay - ok
12:26:51.0863 0x0f24 [ 5EC68164E14D25675C98BBB5F09E8606, 1D7EDB21C87039FC5F39F46460AD852BC4EC6B179B1C205D189DD3C397343435 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
12:26:51.0863 0x0f24 BasicRender - ok
12:26:51.0894 0x0f24 [ 5BEC02F0A82187227E7457F4600DDFDA, 1B3C25D91F324FB21493C904BFA6D60DB8CB7D49A083E54CA9FFC4F3EDAE3CF4 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
12:26:51.0894 0x0f24 BDESVC - ok
12:26:51.0925 0x0f24 [ 9E7AEA59776D904607985AFFE7E5E183, C3DB745A9F4DA7CB9628A7913DD52B2444B14FEB9D588FF6558CF52CEB8955EB ] Beep C:\WINDOWS\system32\drivers\Beep.sys
12:26:51.0925 0x0f24 Beep - ok
12:26:51.0988 0x0f24 [ 53AA55632B94622F2DC3695E86EF9363, 9B5BB8EDA48A37AE97BCD42D83B25A6D10AA6231EABE745DCCE6D60E19094A6F ] BFE C:\WINDOWS\System32\bfe.dll
12:26:52.0004 0x0f24 BFE - ok
12:26:52.0097 0x0f24 BITCOMET_HELPER_SERVICE - ok
12:26:52.0160 0x0f24 [ D598C44A7072D3108D8D8102EC5E07F7, D7472E9BAAB7B6E1D30F4E153412E2A16EE5C08DE2BF8BFF4D65089825226FE0 ] BITS C:\WINDOWS\System32\qmgr.dll
12:26:52.0191 0x0f24 BITS - ok
12:26:52.0300 0x0f24 [ 7B9ED6E90100A6EBD9759CB7D2ED7BAE, 68EDFAEEB0CD09838276C9B7B01E1D2F0B9FE61D3DBEEC3AD4CC0004A431ACBC ] BlueSoleilCS C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
12:26:52.0347 0x0f24 BlueSoleilCS - ok
12:26:52.0379 0x0f24 [ B17AC10B47C7FCB44D22A1F06415840E, 990D6F629D93F4F913D218ACE5187A26DCB762BAFB2BB279CCE8CAF2755D85A5 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
12:26:52.0379 0x0f24 bowser - ok
12:26:52.0441 0x0f24 [ 038FA1B55531E7020DB705B42FCCE373, 023E87E3204D64890D6FEA78E762E5BC5BD0A59325EBC264834727779EEEDBC5 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
12:26:52.0441 0x0f24 BrokerInfrastructure - ok
12:26:52.0472 0x0f24 [ 310068BDA80B1D55C36580FD8A873FAF, A75412FF1F483461F526E9A359DCEECA5E683441514464D5ED82D1A9740D583E ] Browser C:\WINDOWS\System32\browser.dll
12:26:52.0472 0x0f24 Browser - ok
12:26:52.0488 0x0f24 [ 0B485584F43ABC41895BC32C8E52339A, 9CC33994F10B013AC58F2944703F8640E9B8C8D741E5493D18EE8B60BB6253AC ] BsHelpCS C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
12:26:52.0488 0x0f24 BsHelpCS - ok
12:26:52.0504 0x0f24 [ 34AAF6FD68B8403E76F0D08A8C1C1DA3, 2255F88C04E89AA80231B67287D81271DC226007F01CFCB55EB1EBF640C6FCF5 ] BtAudioBusSrv C:\WINDOWS\System32\Drivers\BtAudioBus.sys
12:26:52.0504 0x0f24 BtAudioBusSrv - ok
12:26:52.0551 0x0f24 [ F17DEEAC7D51D44CF1BFF8DD4F0A2B6D, 2EA75F8D7D3BDDDE19B48D71D09C797BBACD40800BF557F6FD9047CA62FF2B9F ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
12:26:52.0551 0x0f24 BthAvrcpTg - ok
12:26:52.0582 0x0f24 [ A8B20D852B07AE19A13B5D47EC4E4C3B, 86571C9E2BA15BB169CAB2D24C4D0598154C02FD173638CAFC685A7F6B09472D ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys
12:26:52.0582 0x0f24 BthEnum - ok
12:26:52.0613 0x0f24 [ 616EB8748C988AEE98D93DA141C3D3B4, 15A055B0496BDB29CBCF6EEBF112D4BA1C7A2FF39124728830D0FD1FD7A404CB ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
12:26:52.0613 0x0f24 BthHFEnum - ok
12:26:52.0644 0x0f24 [ DCB4EBD928A6FB368BE6CAE522412DE1, 9E1345F29467054689B9F48B5CCB567760D36610A4EA9AF41B829EAD60347269 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
12:26:52.0644 0x0f24 bthhfhid - ok
12:26:52.0676 0x0f24 [ 9C09D5F1257F1748A4EAB0E8584FAF61, 2BD1109682AD5DC2AA6BABFB4759162BD160CDB2D6632FD28B4D942798936631 ] BthL2caScoIfSrv C:\WINDOWS\System32\Drivers\BtL2caScoIf.sys
12:26:52.0676 0x0f24 BthL2caScoIfSrv - ok
12:26:52.0722 0x0f24 [ 42201C346F0B8C458E1E9CDE04D68A2C, 6168FD0D10CD06B00B5C79D5D2B5C353AAC22FD99CE8D417DDBA33ED63CFB8BF ] BthLEEnum C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys
12:26:52.0722 0x0f24 BthLEEnum - ok
12:26:52.0738 0x0f24 [ 033916CE8784A848B9A3D686B7F66D97, B4D0514D59646CF6B70D4FA488CF95C38EA38CC5C509329CC8753E897C640AFA ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
12:26:52.0738 0x0f24 BTHMODEM - ok
12:26:52.0816 0x0f24 [ 091BB978E9504D0AD14586929431A957, ACED02B879026A228E35F40847C210BC30A5AFC948FFE922DB21663E4A8DFF1D ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
12:26:52.0816 0x0f24 BthPan - ok
12:26:52.0894 0x0f24 [ 13795CAA34239D97A7211E7F9D96E012, C4F3402B063A7CFCE386D1AE9255975A199164BA9E7DCDB6129725213A0642B1 ] BTHPORT C:\WINDOWS\System32\Drivers\BTHport.sys
12:26:52.0926 0x0f24 BTHPORT - ok
12:26:52.0972 0x0f24 [ A4387C3D271959313E2577DB7BE8BA7A, C71474802102102EBE04DF036EEB2F5FB3380BE288E3842F19F234EFAE977D70 ] bthserv C:\WINDOWS\system32\bthserv.dll
12:26:52.0972 0x0f24 bthserv - ok
12:26:53.0004 0x0f24 [ 1F715957F5236D30B6020A19A4271F6A, C06B637C2C6919E2DE1055AE249AE3EAF7B4890799F22BF5757CC10CEF145043 ] BTHUSB C:\WINDOWS\System32\Drivers\BTHUSB.sys
12:26:53.0004 0x0f24 BTHUSB - ok
12:26:53.0019 0x0f24 [ 6F9C5E08B53E9AB0C1AE380B87F41A9C, 3B6565E6463168C8FCAE631D569167F79E9DD53D8850760920A5ADE018040312 ] btUrbFilterDrv C:\WINDOWS\System32\Drivers\IvtUrbBtFlt.sys
12:26:53.0035 0x0f24 btUrbFilterDrv - ok
12:26:53.0066 0x0f24 [ 990B1BABE6E81FB18E65A87EBEFB1772, 1820D4AC57E1D4B7FB5AA89C277B16910ED73712878D2B43FE542CE16DFE16C3 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
12:26:53.0066 0x0f24 cdfs - ok
12:26:53.0066 0x0f24 [ 339BFF85D788268752DA8C9644B188EE, C2279F1A39AED39865A5027D2FD087F8E82F3ED8C94BA4D922855B98E792AFC5 ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
12:26:53.0082 0x0f24 cdrom - ok
12:26:53.0097 0x0f24 [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
12:26:53.0113 0x0f24 CertPropSvc - ok
12:26:53.0129 0x0f24 [ F64B7D1A37CC1D5F421D5359EEC81E2E, 2B4879DD32B2C20B94847755E22B1BCBE2B567B3989C57A9BA2DD783307EFFDB ] circlass C:\WINDOWS\System32\drivers\circlass.sys
12:26:53.0129 0x0f24 circlass - ok
12:26:53.0160 0x0f24 [ 9905168708DB68849B879B5548F68AB3, B7A495E57B9398704988DC472126CBC5B8D76761A34F51732FBF6CC88E3AB79A ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
12:26:53.0160 0x0f24 CLFS - ok
12:26:53.0191 0x0f24 [ 2DC8538A2260647484A6C921CA837313, 094059DD66B0C50A1CAE288F920107B0B6AD1AA5758284E35B92C131EDEA30EA ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
12:26:53.0191 0x0f24 CmBatt - ok
12:26:53.0222 0x0f24 [ 1894FD2D5966A81D3B07A7C4D8724D59, 18DCE6DF0DE39DFD1358A1E061AD97099699CE430BCB906AFB7F51277681461D ] CNG C:\WINDOWS\system32\Drivers\cng.sys
12:26:53.0238 0x0f24 CNG - ok
12:26:53.0254 0x0f24 [ 0E5B1E9E7122EDAAF1F6CE047965CA92, 803E585B92D1E2E5B6BF67BE511E88DC2629A12407C3E30F7AEFB544D390A9B8 ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
12:26:53.0254 0x0f24 CompositeBus - ok
12:26:53.0254 0x0f24 COMSysApp - ok
12:26:53.0269 0x0f24 [ D9CB0782AF819548072AA45B70F8B22D, 04796F39ABB88759A534DE3D0C51F684BF2A8DE1F4028B657CCFDBDD39A6618C ] condrv C:\WINDOWS\system32\drivers\condrv.sys
12:26:53.0269 0x0f24 condrv - ok
12:26:53.0457 0x0f24 [ 815F3180B5117E42E422188E9CCC89C6, 69E539D33F3B9F3562FE4B21D853EEBB15DBD2106509FEBD476D04562F34AC08 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
12:26:53.0472 0x0f24 cphs - ok
12:26:53.0504 0x0f24 [ 5CE2742F063731EC10C1B2EE386A2C08, 309919BDDD4649AFB95A99DCF8AFC3BAE10F9BC1E2819C0794CFD0F80682C223 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
12:26:53.0519 0x0f24 CryptSvc - ok
12:26:53.0566 0x0f24 [ FFDF18821C031B39E15F35BAB0185840, 0BDE018C8B1759BEE47FE718F8502DF42F9CD1CBD7697E43C3C91EDF5FB725C0 ] CSC C:\WINDOWS\system32\drivers\csc.sys
12:26:53.0582 0x0f24 CSC - ok
12:26:53.0613 0x0f24 [ 22CCB6AFF617AAC6121DF6CDA5ABF3F4, 7F6F888CF4D7EF93144A791891E41858F7C0CDDC0B65ED09B9CD55EE3734FCCF ] CscService C:\WINDOWS\System32\cscsvc.dll
12:26:53.0644 0x0f24 CscService - ok
12:26:53.0676 0x0f24 [ FAEF4C245BE832DB41B15DAAC336AFB7, 1F8C98AB0DF4327FCB01FE0356025488E19B48A45FFFA50576B49A8587FAC42B ] dam C:\WINDOWS\system32\drivers\dam.sys
12:26:53.0676 0x0f24 dam - ok
12:26:53.0722 0x0f24 [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
12:26:53.0754 0x0f24 DcomLaunch - ok
12:26:53.0801 0x0f24 [ C8650D1F61149AA546BDBC99172EBBC1, D9592ED1B6F23B6EC76A0B93635B6E38702311B0A6982F0F9DEC37FCDAF1288B ] defragsvc C:\WINDOWS\System32\defragsvc.dll
12:26:53.0816 0x0f24 defragsvc - ok
12:26:53.0847 0x0f24 [ 5EAEF67AE2AF4D2DC664B649DB7B2E16, ADAC7FD6AC12B50F4998C5EB0BD770DD4B80A94C4CC1B9376AD77648E48D012D ] DeviceAssociationService C:\WINDOWS\system32\das.dll
12:26:53.0863 0x0f24 DeviceAssociationService - ok
12:26:53.0910 0x0f24 [ D7A3877D9E126E21925DA873677C1D65, 466FAB854A6F4C8B5D2B398C46131AF6683B20AB9157C5243B03E62FB35DDD74 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
12:26:53.0910 0x0f24 DeviceInstall - ok
12:26:53.0941 0x0f24 [ 09D9EB9E7898F8E6561473A20CC808B9, 0F511593D36084843E5138AF6D55FE08D77803968AE12A236A02368DB364347E ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
12:26:53.0941 0x0f24 Dfsc - ok
12:26:53.0972 0x0f24 [ 6DBE7FE196F8E9D212DCC34EDDF7C3C1, 3E1D63E2237476C2CB500B8B68565A43A639DBE187B79EC69D25C0B32F3494FA ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
12:26:53.0988 0x0f24 Dhcp - ok
12:26:54.0004 0x0f24 [ 3C736FAE17BA6F91BA37594AAB139CD0, 34304A194105B19E7ADD80108DC85C3B7AA9E942C84A7EF93C475CE1D9AE4615 ] discache C:\WINDOWS\system32\drivers\discache.sys
12:26:54.0019 0x0f24 discache - ok
12:26:54.0019 0x0f24 [ 560495FF4CA22E1D9B1972FA18F43B6F, 41FFDD4C1097AA857A8177E34F101A1A9C1429A4E8DEC3D395C6135A9E112CD6 ] disk C:\WINDOWS\system32\drivers\disk.sys
12:26:54.0019 0x0f24 disk - ok
12:26:54.0051 0x0f24 [ 82A7C72593793FE1EADA7A305BD1567A, 75F432E4C75AE9EFF553BD860B3B250853BDDA85C17DBD9B7242D74593506A86 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
12:26:54.0051 0x0f24 dmvsc - ok
12:26:54.0066 0x0f24 [ 9ACE7E657107EB51E5E89FD883F2FD2D, B52505BE805E992D74A7EE0D22185ACFE56DAB6D6707B5905A20AB21CB1431B8 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
12:26:54.0066 0x0f24 Dnscache - ok
12:26:54.0113 0x0f24 [ 9949AD2ABA168A618D46C799D6CC898C, DFAC86A0AEE83C9EFE1BEE9EC15C8CAF1D619D55AF3ACC3986057A5AC985D06A ] dot3svc C:\WINDOWS\System32\dot3svc.dll
12:26:54.0113 0x0f24 dot3svc - ok
12:26:54.0144 0x0f24 [ 109FC3F80BF4F4DC5A071058074F13C1, F30736F45BA1811D59E9CB1C172D8D1EA9F5A7D36DCFFBFC9E7E02448C1CF851 ] DPS C:\WINDOWS\system32\dps.dll
12:26:54.0144 0x0f24 DPS - ok
12:26:54.0160 0x0f24 [ 9C7C183F937951AE17C5B8B3259CF3FF, 8ED607139F15D08B4835ACF864421BA4C08C88FE90B9AAF707F5D8514D7731B1 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
12:26:54.0176 0x0f24 drmkaud - ok
12:26:54.0191 0x0f24 [ BF48F32EE248C3D371DA5DC93BBEADA7, C8E9B685A8F2F99140382557F11E362D899E7EC6693ADEFE762F0A3850585C63 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
12:26:54.0207 0x0f24 DsmSvc - ok
12:26:54.0238 0x0f24 [ 6A0E850DDCB136AA3D2FB7234382DF12, C01863E95F45E1B74AC65C9CD12C8DC769299218255B3C94E3EBF58C4D79FEF3 ] dtsoftbus01 C:\WINDOWS\System32\drivers\dtsoftbus01.sys
12:26:54.0238 0x0f24 dtsoftbus01 - ok
12:26:54.0332 0x0f24 [ E6AF4DF1817953D73C519B17CF849756, 26A90EB368A3F572086F223ABED87B8FC6F998AE401C9E52BEB5EE76AB052702 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
12:26:54.0363 0x0f24 DXGKrnl - ok
12:26:54.0410 0x0f24 [ FE96AA1A36E76588C80DF1040286DDE1, 86EED8A0B59CD1930E6282997537ED94333FC7D45E3FE5A4D82057E1C8E5C2CD ] eamonm C:\WINDOWS\system32\DRIVERS\eamonm.sys
12:26:54.0410 0x0f24 eamonm - ok
12:26:54.0441 0x0f24 [ 58BA473DD88F5FC1932282BA683AA03E, B8A4407D3006D91BE88F9C5389AC1CACC73BEBF6F66433A1E5EB8E58E8836C12 ] Eaphost C:\WINDOWS\System32\eapsvc.dll
12:26:54.0441 0x0f24 Eaphost - ok
12:26:54.0582 0x0f24 [ C815C4FAE6A816DFB58975F3D0396692, BCFB286137163C4760367F0056688D18168407CA5ED9DED95179F967FCC035DE ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
12:26:54.0644 0x0f24 ebdrv - ok
12:26:54.0691 0x0f24 [ FD4BC52A6978A50A81B01E2C74D8737E, 5F12870CB83E7821F12A27E9BB30A80C58A7E81C36DA972194EBF333A5C90E62 ] edevmon C:\WINDOWS\system32\DRIVERS\edevmon.sys
12:26:54.0691 0x0f24 edevmon - ok
12:26:54.0723 0x0f24 [ 6E0E63801FBEF27995107B8269BCFAAD, FE3FA6B369527613D64860984BE02C8CEAD1174A7E8428E3DA9B95761BA46513 ] EFS C:\WINDOWS\System32\lsass.exe
12:26:54.0723 0x0f24 EFS - ok
12:26:54.0754 0x0f24 [ 807BA90D47F8885C09E1D6AFBB706E18, A803FE639C9C87733CA73D8F6C04A8CEB28DC45EEEA6CEC01ED3D4124C8E48EA ] ehdrv C:\WINDOWS\system32\DRIVERS\ehdrv.sys
12:26:54.0754 0x0f24 ehdrv - ok
12:26:54.0785 0x0f24 [ 66D60BD9A4C05616ABECA2A901475098, 8111550DB03FFD72F1822F47B16F075DA92874B64F19342D7CF60B0EE648AFEF ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
12:26:54.0785 0x0f24 EhStorClass - ok
12:26:54.0785 0x0f24 [ A61D0F543024E458C0FE32352E1978E2, BDE6BC140300EAF790F16466C28897CE0BD7D94DCED13FDE20AA4AACA0F6A4FD ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
12:26:54.0785 0x0f24 EhStorTcgDrv - ok
12:26:55.0004 0x0f24 [ 4CB575D97653FA91FFB02DA3105EB084, 59FB4D2485EEDBCC56D92C1F5DF3FEAE67D751F3AD7AEA7590F3C73107C829E8 ] ekrn C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
12:26:55.0019 0x0f24 ekrn - ok
12:26:55.0051 0x0f24 [ 00A81DC02BA17FB4BFCFA026DC47458F, 1B95BD51727E66B023BA4F2C9F57E69496790582CB272D57FE4BC15BA64952D8 ] epfw C:\WINDOWS\system32\DRIVERS\epfw.sys
12:26:55.0066 0x0f24 epfw - ok
12:26:55.0098 0x0f24 [ 3B085449438B2BCFD09CC84A0B90D1DB, 098DD64CC446E3960F93C0CDA495069DB6E7D9397CAC857E09E9FA323F5D31B2 ] EpfwLWF C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys
12:26:55.0098 0x0f24 EpfwLWF - ok
12:26:55.0129 0x0f24 [ 91D54747A07F56ADCE1B6CFD3387AF60, 6F27AC896EA360284F6868BA1FEB55AE9325C914E54D73AECC5EBC8328650D41 ] epfwwfp C:\WINDOWS\system32\DRIVERS\epfwwfp.sys
12:26:55.0129 0x0f24 epfwwfp - ok
12:26:55.0144 0x0f24 [ D790D058D67582DB9C84C2D33695FE6B, A5763D7F6D191EA4B290B3E92D842AC36FD46DF598472E70B46E45D8CCD2F912 ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
12:26:55.0144 0x0f24 ErrDev - ok
12:26:55.0238 0x0f24 [ F9E01C2D9F8BC049E04CF5DC24A5F638, CB6CCB59C77D4A59DDA846608AABEF1DFEC24C8422712AB8D59E27C13D731D2E ] EventSystem C:\WINDOWS\system32\es.dll
12:26:55.0254 0x0f24 EventSystem - ok
12:26:55.0285 0x0f24 [ 7A4D6FEB8C52B3FE855E4DCDF9107E03, 6B0146A4C9AD32DCDC2DEE8E8C5A29F687665458486449E0D37B151ED63B8ADC ] exfat C:\WINDOWS\system32\drivers\exfat.sys
12:26:55.0285 0x0f24 exfat - ok
12:26:55.0301 0x0f24 [ 60996602A7111FD2D086E803F33E4282, E62A91C90F8542990BEA4E6A5D9DD3D070F4EB23B4C13414C5DA2B0219509749 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
12:26:55.0301 0x0f24 fastfat - ok
12:26:55.0348 0x0f24 [ F0E7F8382ED5E138B0DFA4CB5058BCFE, 6247C7B75F975F5AB080FFB9881EF58A6F360219F7AF2DE871F38E80CAF3B62C ] Fax C:\WINDOWS\system32\fxssvc.exe
12:26:55.0363 0x0f24 Fax - ok
12:26:55.0379 0x0f24 [ 73B2D11DF0B6E03A0CB0323218ACB3E4, BA9256919BAA2E0760F6A658B557FDC389ACE8F9820D1A41FD995FC5613F5AA6 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
12:26:55.0379 0x0f24 fdc - ok
12:26:55.0410 0x0f24 [ 0828E3E7BD77C89149EAD3232BFD38DB, A6A296647A4EDBFF59124E3A9C0AB48759AA1738615ACFA5A454FF6BD3C31BA2 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
12:26:55.0426 0x0f24 fdPHost - ok
12:26:55.0426 0x0f24 [ 872506AAB591E8908DF4461475AF92DF, 772F2D08CB95775E438822B9EA005CBA92ED4071ADAB2C0101156A7D037D4704 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
12:26:55.0426 0x0f24 FDResPub - ok
12:26:55.0473 0x0f24 [ 0588950D93A426F97C7AAADB1A9B0458, ABCB3619BD58CAC438FC032495AE45A7B6FFDD4BD33C1B3D1BC7F9F13FCB727A ] fhsvc C:\WINDOWS\system32\fhsvc.dll
12:26:55.0473 0x0f24 fhsvc - ok
12:26:55.0488 0x0f24 [ 88A9EBACD1058ABB237A6B4E96E7F397, 263D25D33B679EB01D97763701347C31B2F72E28CE2C7EC8013EA77756D98BE1 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
12:26:55.0488 0x0f24 FileInfo - ok
12:26:55.0504 0x0f24 [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02, 1D7BFB00D74A28AC13ECBA1E0036D50EE79266AC02CEDB2632466BF9DD46F211 ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
12:26:55.0504 0x0f24 Filetrace - ok
12:26:55.0519 0x0f24 [ B1D4C168FF7B8579E3745888658FFB1D, 1A5C13E902A0C788A8B995ADD2FBC3303005911C0AA3F3F4497D3016AA0EF583 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
12:26:55.0519 0x0f24 flpydisk - ok
12:26:55.0551 0x0f24 [ B33EC133AE4E6C1881D2302D93D2467D, 77E3A16257EA3698B3FCD947D004144E8D1EEE48EF5C82DF49B1B9B2B3C61DB2 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
12:26:55.0551 0x0f24 FltMgr - ok
12:26:55.0613 0x0f24 [ 305CB1E16576F436BC8797E629A3D46D, E3644AE3FA8F755D306D9C4177262CEC451B33731074508B139F3F86AC1B5AE6 ] FontCache C:\WINDOWS\system32\FntCache.dll
12:26:55.0644 0x0f24 FontCache - ok
12:26:55.0676 0x0f24 [ A5F7873A39E4E9FAAAE59B7E9E36B705, 32036109F5A50E9F3BEF97C5B28AE8179B3A5E22517868A83CADE4671FF90DEC ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
12:26:55.0676 0x0f24 FsDepends - ok
12:26:55.0676 0x0f24 [ A6DD7D491F587F4BC13FB972977DC8E8, B86F97F17F6F443EC16DEF67CCA4EF78AFE56078D2877838A982FECB19557C87 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:26:55.0676 0x0f24 Fs_Rec - ok
12:26:55.0723 0x0f24 [ 79E687A2829B9EBDF488F78260651094, 205F2FA215DC40A08E08F261F3474883FFF7B27F8ECB5DF6467A1C5903608373 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
12:26:55.0723 0x0f24 fvevol - ok
12:26:55.0754 0x0f24 [ 3EF3FCCC0E70EEC5C2AD996F32BBA642, AC452FD68519DD1EFC971D223CBB3702F38146CB4203E2F6A4302EE3F76144EB ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
12:26:55.0754 0x0f24 FxPPM - ok
12:26:55.0769 0x0f24 [ 52BC441E07A827EBAB70CDC7EAEDB28D, 8DECBD8E12EA52039742599CFBBF0D3B6610B57EF8D9DAEEEA33D202A478D286 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
12:26:55.0785 0x0f24 gagp30kx - ok
12:26:55.0801 0x0f24 [ 721F8EEF5E9747F32670DEFF7FB92541, E0A8EF70753E260C2C7D93D316B5EF9589DB086FDF829BDA2958C6A09CE471A6 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
12:26:55.0801 0x0f24 gencounter - ok
12:26:55.0832 0x0f24 [ A1F17108F3ED752D2614D767792327C5, A4FDFD827C2044A2585918789206F6EC2092DBF99531F8FE0B255CF8B21AF27A ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
12:26:55.0832 0x0f24 GPIOClx0101 - ok
12:26:55.0894 0x0f24 [ 5358678C6370F2ADC5291849F6503262, 841633D7A936C3889690C67E189BAD4C6B294C196FFFE5B564FCECDFE46A9E52 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
12:26:55.0926 0x0f24 gpsvc - ok
12:26:55.0973 0x0f24 [ C2504AA983B5D411F7D31402E8B57725, B07370E6BF87546F2557C423F7450CBE90E2A13042DEA2864B6047EFE9F459C5 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
12:26:55.0973 0x0f24 HdAudAddService - ok
12:26:55.0988 0x0f24 [ 8D6810577E9C4F56DCB8E9BACAC7287B, A3E1FDBD368BFA315B1D1E947B6B58C240CA9E2652581E1ED1C6F5F33292BD54 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
12:26:55.0988 0x0f24 HDAudBus - ok
12:26:56.0019 0x0f24 [ 3F76BBA53D65E85A7F53E7A71082082C, D1E18815BB19CD11007C4A66162C76F55D4FE6B09B34ED45969C7ECC29D394AD ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
12:26:56.0019 0x0f24 HidBatt - ok
12:26:56.0066 0x0f24 [ 085F150D002B7F0153D3C06DDF33A143, 41847FD02608ECFE3A6B4B38CBDE8416B0EF17491868511FD704B0BCC280338E ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
12:26:56.0066 0x0f24 HidBth - ok
12:26:56.0098 0x0f24 [ CC4A07E51D89575CAB6F4EB590D87CD4, DFB4EAF0923EF9FF6C42EDD1EA5E4025F243C9BE2D03D5423FE8A897DC01D657 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
12:26:56.0098 0x0f24 hidi2c - ok
12:26:56.0129 0x0f24 [ DC96F7DACB777CDEAEF9958A50BFDA06, 7CE79F32D5EE65C0178CFF56523825D3EE01095B2CE8C67634A6604A821A9086 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
12:26:56.0129 0x0f24 HidIr - ok
12:26:56.0176 0x0f24 [ FAC37D7B3D6354A5A5E19A45B50B4008, 2962B552A1DA545DFDEF0886582E82596FE8A3A19AAF989B025AFDA84D16D4EC ] hidserv C:\WINDOWS\system32\hidserv.dll
12:26:56.0176 0x0f24 hidserv - ok
12:26:56.0223 0x0f24 [ 894D982CEAB8CD45A56AE2C9988E86C0, AA2DEB62CB69FF1AEF772989342F2CF77CA48F212C9489A92A4FF97FD46D3866 ] HIDSwitch C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys
12:26:56.0223 0x0f24 HIDSwitch - ok
12:26:56.0254 0x0f24 [ 012C354B4AB48E9A7A657DF39E3A2073, B15D0089CE509FF1CF73DFE095425C1C99FC3971622DCAAD9CAEB989A12A4FDB ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
12:26:56.0254 0x0f24 HidUsb - ok
12:26:56.0301 0x0f24 [ 43F884B61A24377567CD0FEB35236334, B3BA36B527C8D6D83DE2FBCD8D503B87FD2611BF15B07A7BC138DC8BAE6A50C1 ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
12:26:56.0316 0x0f24 hkmsvc - ok
12:26:56.0348 0x0f24 [ 6CC1AD7B0E071C317B7FB8FC6AEF0EDA, 2A907E87E491F76B75F13CD921962EA4D1FF4C705E393F8FA3F48EC701E668F5 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
12:26:56.0363 0x0f24 HomeGroupListener - ok
12:26:56.0410 0x0f24 [ E0D9F6FE18FA7F53ADD29AF719CE2B7E, B965DCC72625188F3B896CB447B7696F22687266EAFC5AA270E2AD53DD9F324D ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
12:26:56.0426 0x0f24 HomeGroupProvider - ok
12:26:56.0441 0x0f24 [ 64DB7A8D97CA53DCCF93D0A1E08342CF, 02CAB7F28D3830C482683425C60044239C6F1562556688A274CA2C237C846E76 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
12:26:56.0441 0x0f24 HpSAMD - ok
12:26:56.0504 0x0f24 [ F4A91D985EB9D1D2717D538F3424603C, 454AD2FF3A7963B9835AEF300F6672F92D0CCF59593BA2CCC83F0EC1446BB659 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
12:26:56.0519 0x0f24 HTTP - ok
12:26:56.0566 0x0f24 [ 2A98301068801700906C06649860FE94, 664394A52326289DCA0828B0041A105653F4FEF3E3DCCC3787AAE0F6FDC73A14 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
12:26:56.0566 0x0f24 hwpolicy - ok
12:26:56.0582 0x0f24 [ DC76901D82097C9E297F20C287CB9A27, 01A412D0D8A65050BE4250A7C4B9F98A4C43FD891827761E0C830369A5F9F09C ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
12:26:56.0582 0x0f24 hyperkbd - ok
12:26:56.0582 0x0f24 [ 716413AB3CA12DE0A7222D28C1C9352C, B82B586BD9DBD70DDA19A02504E8CB00DA53677703AB848B53387601C5BAD3D3 ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
12:26:56.0598 0x0f24 HyperVideo - ok
12:26:56.0613 0x0f24 [ C9E9CBF73AFFBFE3E801EFB516787BA3, 1A850D614BDA6AA4195CC657702BC6242BA51B90131717743182AA160F65E72C ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
12:26:56.0613 0x0f24 i8042prt - ok
12:26:56.0691 0x0f24 [ 6C91E425ACE29594BD574DE38AC9B76D, 697784E4C7AF08B1F35662D8AD871E6890CECE22B6E64985B7C1A66C10DA390D ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
12:26:56.0707 0x0f24 iaStorA - ok
12:26:56.0723 0x0f24 [ 5E394EBD26FD68AA9300332C46BEDD62, 56A5DA7CE08C07B519E55D0A46AA9D10B640349808EFE02B3278267B75B5F603 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
12:26:56.0738 0x0f24 iaStorV - ok
12:26:56.0848 0x0f24 [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
12:26:56.0848 0x0f24 ICCS - ok
12:26:57.0051 0x0f24 [ ACD1812E8A531E1CEA09BA3991371E48, 87CAE32D26A36B0AEF8EC884CDFE3E6A572C9330206E004BD63423ED00BB5A62 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
12:26:57.0098 0x0f24 IconMan_R - ok
12:26:57.0301 0x0f24 [ 348214F96642FD4FEF630DE021BA3540, B6A7D2EA41F6866F5AFF5022BB459E5AFF683FF2FF470B84F3E911C8AEC47C30 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
12:26:57.0426 0x0f24 igfx - ok
12:26:57.0473 0x0f24 [ 24847A06B84339FEEDE5CABF3D27D320, 7727B1DAD0D4A1D474FBBEFCEBDF36A1F07D1AA300869AE57A24ED91BF84B6B4 ] iirsp C:\WINDOWS\system32\drivers\iirsp.sys
12:26:57.0473 0x0f24 iirsp - ok
12:26:57.0566 0x0f24 [ E455C83E029121270BED73CDAC381F37, 433D525C19DBF26FAC28853C606C872D973104842B0EF1B2BF2EAC85457E2953 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
12:26:57.0582 0x0f24 IKEEXT - ok
12:26:57.0738 0x0f24 [ 6C7970A8E0546A4D9466E0045C7DB199, 70F2D58514C8E1A1E10B833236213F87F34AEB06ACC0D4C0DF61FCD69F8F1E07 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
12:26:57.0816 0x0f24 IntcAzAudAddService - ok
12:26:57.0848 0x0f24 [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
12:26:57.0863 0x0f24 IntcDAud - ok
12:26:57.0941 0x0f24 [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
12:26:57.0957 0x0f24 Intel(R) Capability Licensing Service Interface - ok
12:26:58.0004 0x0f24 [ 9656F8E29F6C3161A3E99BCD3A472FF9, 30AD00B53CCB2E4121508729F3471D3C0568F1C32324C398382C97E8BC43ECF0 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
12:26:58.0020 0x0f24 Intel(R) ME Service - ok
12:26:58.0035 0x0f24 [ 4F37726CF764CA18A8A84F85EF3A7F24, 6212B23917526E127CE641A11A58DA93651FFE70829C4079FE465DBDC81CF470 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
12:26:58.0035 0x0f24 intelide - ok
12:26:58.0051 0x0f24 [ F9E126AA767E2E6E3128434A43C9F713, 1BF023083158DB1D76E89C77D383C082F1CA19F00C8FC3B0C30A93263A32BCEA ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
12:26:58.0051 0x0f24 intelppm - ok
12:26:58.0066 0x0f24 [ 8FCA66234A0933D796BB780B7953BAB9, 7DD677F5EE09A8D7A75C9E475B5E6B3DCA49D1E846C7D160B839D7029B1C5B6D ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:26:58.0066 0x0f24 IpFilterDriver - ok
12:26:58.0113 0x0f24 [ C217B8D2E58C57A319B16125C3D4B69C, 905BB858E1782BD08FF080A4A604CE662440A15601B178FBD30269C306C04CCF ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
12:26:58.0145 0x0f24 iphlpsvc - ok
12:26:58.0145 0x0f24 [ 6E98A046A12AA113F8898AA5D612BD6E, 28816CC1F03F2BFBF099C087C0BB6949E959F44C888DD2D0528FF7ED5D665ECF ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
12:26:58.0145 0x0f24 IPMIDRV - ok
12:26:58.0160 0x0f24 [ 3969B9C218DD3FAA9F4ED2FFC3651C02, 93447F124CC55FB17055126432194153E1BB8F0FD95A47608494B6834A5F7089 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
12:26:58.0160 0x0f24 IPNAT - ok
12:26:58.0176 0x0f24 [ 25CD7C4BB2863FFC2B0B311F0AEBF77C, 4099BAA2DB4ADB93B878D71E241B7D9EB7E0EE7ED0FE2450CCB9E4718B3726EB ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
12:26:58.0176 0x0f24 IRENUM - ok
12:26:58.0176 0x0f24 [ D940C5BB9DC92E588533C19ABCC3D2C2, D1442854CEDE86F2C187A35851E74C873D34B772C60BC118FA1577F79C03364D ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
12:26:58.0176 0x0f24 isapnp - ok
12:26:58.0207 0x0f24 [ F5F0DE1B7F256997501EECECE9648108, F9B602EA6B278980A299BB7A393ED09388761DE56162AC998398AB95B5A4EC3E ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
12:26:58.0207 0x0f24 iScsiPrt - ok
12:26:58.0270 0x0f24 [ 78ABBE558F57144047F10A0F50FE4B2F, 6BE608F7697D83FD6C7E6EA422AC5637933BDC96B1044C12DE9A419CE7D6F6CE ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
12:26:58.0270 0x0f24 jhi_service - ok
12:26:58.0285 0x0f24 [ 8FBD94B69D6423E20ABCD59D86368B21, 218EF992095E365EC917413749856A64D55D8129D77098E24D670843233377F4 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
12:26:58.0301 0x0f24 kbdclass - ok
12:26:58.0301 0x0f24 [ E88C932ABDF8185A62C8F2FC7B051FB6, 67F9AF58237A11F0BF3D15AA5B32E5CE66B7AA039B999D938F7F6E63DCEA7A6E ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
12:26:58.0301 0x0f24 kbdhid - ok
12:26:58.0348 0x0f24 [ A8080BEBCDB7A16495CE1205921DCAC5, D4B0EF97B75BF75934A0BEEE48CACD20E8F505600C3A07243DF7627680EE8552 ] kbfiltr C:\WINDOWS\System32\drivers\kbfiltr.sys
12:26:58.0348 0x0f24 kbfiltr - ok
12:26:58.0348 0x0f24 [ FB6C185092E18011EF49989425C2AA87, 043524409E0A764201DD221C48B7DEEA0D161945EB37D4B88313BAB2299949DF ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
12:26:58.0348 0x0f24 kdnic - ok
12:26:58.0379 0x0f24 [ 6E0E63801FBEF27995107B8269BCFAAD, FE3FA6B369527613D64860984BE02C8CEAD1174A7E8428E3DA9B95761BA46513 ] KeyIso C:\WINDOWS\system32\lsass.exe
12:26:58.0379 0x0f24 KeyIso - ok
12:26:58.0395 0x0f24 [ A4751040DB14E30E61A4E47481C77274, 860B6B5892B9C876EAC85395E4520D29AAD8E350B8B30F3914FFEF671FDEDE68 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
12:26:58.0395 0x0f24 KSecDD - ok
12:26:58.0410 0x0f24 [ E427D299CFE267A2465D3AAF81440ED9, 78F2649FDFF78C358E4FF8EB9772F726A23457658C1CCEABA4D4DEF6927A0423 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
12:26:58.0410 0x0f24 KSecPkg - ok
12:26:58.0410 0x0f24 [ 81492FEEBF2F26455B00EE8DBAE8A1B0, E33AA2DFB2D3BB30B02CDADA2EC290F86329DA3198327A653F39A843D86390B9 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
12:26:58.0410 0x0f24 ksthunk - ok
12:26:58.0457 0x0f24 [ 5825DBACEDC3812B5CF8D40B997BF210, 1C2997BCC707C1029B21876E093038CE3BBF6E6694B4CCF7EEDD47172ED9A541 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
12:26:58.0457 0x0f24 KtmRm - ok
12:26:58.0504 0x0f24 [ 256EE31588257E8A555DBFAA13F1908E, B6817F632EDEA483E35BF26846DCDD4E95E860620959179B2A5D8AD7EEDDB126 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
12:26:58.0504 0x0f24 LanmanServer - ok
12:26:58.0535 0x0f24 [ 16650912BE5A94B40E0B3B4C39652B56, 908C2C9367AE0AC9AECB5D91514BB33ACD746D99F19C1A8DD6A9550E9CAD9E00 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
12:26:58.0551 0x0f24 LanmanWorkstation - ok
12:26:58.0582 0x0f24 [ CEEFD29FC551F289810B0B9381B321DC, 900F206B487B2190D9363F28AA4BA0CD7DCFE1D005BE05A48AF74B1B81194691 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
12:26:58.0582 0x0f24 lltdio - ok
12:26:58.0598 0x0f24 [ BCF53485E0A94722CDE3C4A93CD8EB8C, D24E1066EB102245A89A5D17D608DB9DF6B71C99F1C77E070B95EFD17D268141 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
12:26:58.0613 0x0f24 lltdsvc - ok
12:26:58.0629 0x0f24 [ 5A2F7F1CBC2E631A497DAD16164E06D2, 35274FC6C386380B01B5E8F467E71A2C4E2FB2AD701554F9B1A9B036B0340142 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
12:26:58.0629 0x0f24 lmhosts - ok
12:26:58.0707 0x0f24 [ 2C24DC448DBE8DB9BE1441B824C57E79, DA2257EEC964A47D03C2BB13317FD788E51D4685E2395B303ED7B2575FEF3B19 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
12:26:58.0707 0x0f24 LMS - ok
12:26:58.0738 0x0f24 [ 022CDD12161B063D7852B1075BF3FFF2, E21267243AF2FC208D27E67827B1264A762C99AECEDB7AD2C48A04F421A6B2F0 ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
12:26:58.0754 0x0f24 LSI_SAS - ok
12:26:58.0754 0x0f24 [ 07AD59D669B996F29F91817F0ECFA34F, 026F332F862D142BFFC9D169CCD17A35BFB6B301EEC72AA13E16369B3520919C ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
12:26:58.0770 0x0f24 LSI_SAS2 - ok
12:26:58.0770 0x0f24 [ 216FB796AA4E252ACCE93B1BCB80B5EC, 5B1E49B5F7B9C7A778198D27F8EE500FE35DC32D40B22A3D6ED67560BEB04212 ] LSI_SCSI C:\WINDOWS\system32\drivers\lsi_scsi.sys
12:26:58.0770 0x0f24 LSI_SCSI - ok
12:26:58.0785 0x0f24 [ 5E80530AF37102488EE980B4A92AF99F, 364E18EAD9AC22F8A306B24C6C43E58224F6BE2744EFEAA2484696B8D9880851 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
12:26:58.0785 0x0f24 LSI_SSS - ok
12:26:58.0816 0x0f24 [ A57BA284F5996FFD32DCDBC41A4657DB, 2106B83873A824BC83EF42FAC9DD9A0F741209535A84AE65EA8E786519920043 ] LSM C:\WINDOWS\System32\lsm.dll
12:26:58.0816 0x0f24 LSM - ok
12:26:58.0848 0x0f24 [ 2BDC5D711FA61307CE6190D47C956368, 6BCDC6CBB9783F1ABE8957BDA94AF977DFB2A310BB6D19085EFC8609C97FD180 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
12:26:58.0848 0x0f24 luafv - ok
12:26:58.0879 0x0f24 [ 9D7D85912CF4D473CE4908AE61934762, 56F92DC8A47B75C17CE9478259F91ADA199A0541CBFF3500F110843068CA0459 ] m76usb C:\WINDOWS\System32\drivers\m76usb.sys
12:26:58.0895 0x0f24 m76usb - ok
12:26:58.0926 0x0f24 [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
12:26:58.0926 0x0f24 MBAMProtector - ok
12:26:58.0973 0x0f24 [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
12:26:58.0973 0x0f24 MBAMScheduler - ok
12:26:59.0020 0x0f24 [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
12:26:59.0035 0x0f24 MBAMService - ok
12:26:59.0051 0x0f24 [ 9B0D829C3BE4E7472DB9DD2B79908E3C, ACED5806FFF39E84007B5A3DCB16315329DC53007F46B1BEEDC391CC659F7DD3 ] megasas C:\WINDOWS\system32\drivers\megasas.sys
12:26:59.0051 0x0f24 megasas - ok
12:26:59.0066 0x0f24 [ ECC3F54C7AFC318271C4F0B4606D8DB0, FD1ACB18B8C912C7A57DABCD5460800DD0721A82E09C8D79C47B3392D61CBEA6 ] MegaSR C:\WINDOWS\system32\drivers\MegaSR.sys
12:26:59.0066 0x0f24 MegaSR - ok
12:26:59.0129 0x0f24 [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
12:26:59.0129 0x0f24 MEIx64 - ok
12:26:59.0160 0x0f24 [ DBD28A7997CF7303E610989C565C9B29, 4BCB9920357DDDC9433EA73B683FAAE15572EC0346ED45F61B19EC503F5A9FED ] MMCSS C:\WINDOWS\system32\mmcss.dll
12:26:59.0160 0x0f24 MMCSS - ok
12:26:59.0191 0x0f24 [ 780098AD5DA8A4822E2563984C85EF7B, 29312970774E944B5ED388316CF3D350DCABF721F9695737B0AC56BE878B0446 ] Modem C:\WINDOWS\system32\drivers\modem.sys
12:26:59.0191 0x0f24 Modem - ok
12:26:59.0238 0x0f24 [ EA8EAD3F5B762F889CC7F3966625B48B, B701A42E5E08B7BC6601560446146803182E5DC631AB73E9408F19CB6432F121 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
12:26:59.0238 0x0f24 monitor - ok
12:26:59.0254 0x0f24 [ 618446B98C79776654340CE27C73485E, EFE7169FDD545933B5949DA2D09266971C0C3E6894E7BD8AFE29E41567C72B16 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
12:26:59.0254 0x0f24 mouclass - ok
12:26:59.0285 0x0f24 [ C0ADEBED913295803B579ED288936CBB, 58F71541166D1DA07C18FBD27458D55E3F8AD7291CB7496B3A2F01372A5B0CAE ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
12:26:59.0285 0x0f24 mouhid - ok
12:26:59.0317 0x0f24 [ 89D263DBF08119CE16273991C120D6DD, 9771EDAD266F0E234E71DFB6792F396710E051F2ADCA5CDADEBBD2790D0E6054 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
12:26:59.0317 0x0f24 mountmgr - ok
12:26:59.0410 0x0f24 [ 338037EFA0E8E8699B2667D57B751574, 59E0D39806D0C4EB57913AA013242837FD39AD378726AEE42D250CBA87C1C3BF ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:26:59.0410 0x0f24 MozillaMaintenance - ok
12:26:59.0410 0x0f24 [ 36BF4D86F166ACBC14F0B8B8F90CBCEA, 9127DB0ABCCF57DEEB6447EEE33C5F4724472763DB1941D6FA74C745512D0DA2 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
12:26:59.0410 0x0f24 mpsdrv - ok
12:26:59.0457 0x0f24 [ 411EA973A1961C287927DF13891EB41E, 1DA42631346FF8B43443A4DCE838AEB3C7166FBB272FC47740B09A1A1CE5CCBC ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
12:26:59.0488 0x0f24 MpsSvc - ok
12:26:59.0488 0x0f24 [ 3D70147F55F1EC84EB9139ED7FFE48BC, 12429C2FDDDA13815F0E18F9009011AA5360955759A23A38175543F480CB92EF ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
12:26:59.0488 0x0f24 MRxDAV - ok
12:26:59.0535 0x0f24 [ 93179D48066918323628CB016D8C94DC, FE110BF7A10EDD1DF7F6B933D373FCA51F37413282EBC4187E7C9B1965186BCC ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:26:59.0551 0x0f24 mrxsmb - ok
12:26:59.0582 0x0f24 [ 06D5F2FA3C61E8EA91648EA8E9F99FD3, C665B7896501D42C73955F4EAF4FA3C6B2C9286957D6023C235AFBF9BFB761C6 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
12:26:59.0582 0x0f24 mrxsmb10 - ok
12:26:59.0613 0x0f24 [ 5C7DD2E5759FFCCD2C7341C1B90F2B26, 9822FA53E6067C0E39B7A3A3F1E88719D5D8B055D86FF894F0475B158289EA45 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
12:26:59.0613 0x0f24 mrxsmb20 - ok
12:26:59.0660 0x0f24 [ 98487487D6B3797CA927E9D7B030AE13, 05840AF0DD2E3CB596DA768DBD0728B52210EC05B55AB5921E697AD8956938DD ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
12:26:59.0660 0x0f24 MsBridge - ok
12:26:59.0692 0x0f24 [ 4A07458EB4F17573BD39F22029A991C1, 74D7A1882EA4D19B8F090C2813489E5D3F759BF4AF2D88AE852EC6510C405B5E ] MSDTC C:\WINDOWS\System32\msdtc.exe
12:26:59.0692 0x0f24 MSDTC - ok
12:26:59.0707 0x0f24 [ 3886F1F2A4D2900ABAA7E4486BEEE6A2, ECCA22985838A914EDC866C491DEB64B9FF5110EFA9BEE541F634AC5EC3081F9 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
12:26:59.0723 0x0f24 Msfs - ok
12:26:59.0770 0x0f24 [ C32A7A39B960A42BA9D4FBE47213CA03, 4DA48587138972DA5E95AEDBBBE73BA8CCADC8172C6654427ABEAC8047B27E95 ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
12:26:59.0770 0x0f24 msgpiowin32 - ok
12:26:59.0785 0x0f24 [ D3857A767B91A061B408CCAB02DA4F40, A4D780772086AD8717EE6DC2B6189F796939FB5E5AA08FD9D1984101998FBECF ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
12:26:59.0785 0x0f24 mshidkmdf - ok
12:26:59.0801 0x0f24 [ 839B48910FB1E887635C48F3EC11A05E, F8CFD99911500CC1B6A90C8E2A1697BD5A6E5776A62A62FE5B342FE204C936B1 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
12:26:59.0801 0x0f24 mshidumdf - ok
12:26:59.0801 0x0f24 [ 55C0DB741E3AB7463242B185B1C2997C, D2E2A5B48A64EA0EC2A6566C08E65A38D11CEA64BCA7B57793BA0D009E4D974A ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
12:26:59.0801 0x0f24 msisadrv - ok
12:26:59.0848 0x0f24 [ 216C6B035A4BA5560E1255BD8E5BB89F, A14E038604B9A5506DB145A4D9F51E2751AC825240D2744924F39C332B5DE00B ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
12:26:59.0848 0x0f24 MSiSCSI - ok
12:26:59.0848 0x0f24 msiserver - ok
12:26:59.0895 0x0f24 [ 509809566E49F4411055864EA8D437CD, 70F37BF9C759E8BCA1C6AC8FB9805950925E1C648ED37E8561A0F7A407DFDC28 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:26:59.0895 0x0f24 MSKSSRV - ok
12:26:59.0910 0x0f24 [ 63145201D6458E4958E572E7D6FC2604, EDD4A8A3BBE94B983554B1117734E66A2647B867269C5F0567C47EDE6F3FACCB ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
12:26:59.0926 0x0f24 MsLldp - ok
12:26:59.0942 0x0f24 [ 99D526E803DB6D7FF290FD98B6204641, 4AFAA3B1186621AEAD19E12D3DBE104DD8FCD5C106F9EC3ADA4AD1BC7093E61F ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:26:59.0942 0x0f24 MSPCLOCK - ok
12:26:59.0942 0x0f24 [ 06FA77C3E2A491ADCD704C5E73006269, 465A7EE5387E6C11398A554F73437278F5BF110356E7F49F315905C1F2459278 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
12:26:59.0942 0x0f24 MSPQM - ok
12:26:59.0988 0x0f24 [ E134EC4DE11CF78CB01432D180710D84, BB111F97AEEFDCA5866B157E9957599CD7A4952B5BCCA0B0BCA9EDFCD17E61FE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
12:26:59.0988 0x0f24 MsRPC - ok
12:27:00.0020 0x0f24 [ B5AECF12F09DEE97C9FCAA5BA016CE1E, F5305C4CE6C93A3A3481BD13BE0C23FE26571E11029ACFFE75FB78913681FCFC ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
12:27:00.0020 0x0f24 mssmbios - ok
12:27:00.0035 0x0f24 [ 72D66A05E0F99F2528F6C6204FD22AA1, B14D433BC5795F1DC4C672302285E665DC012693E75574F60664AAD8874DE562 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
12:27:00.0035 0x0f24 MSTEE - ok
12:27:00.0035 0x0f24 [ 8AAAE399FC255FA105D4158CBA289001, 2F55C02605B4A3406B289FF9D46C76260B9138E3DE96AFAEA0E0522E5A2A746C ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
12:27:00.0051 0x0f24 MTConfig - ok
12:27:00.0051 0x0f24 [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A, 00D33A4AB3E7C5F65F59C63F8E2FD27EF38D5484595F785D5632E9414E29352C ] Mup C:\WINDOWS\system32\Drivers\mup.sys
12:27:00.0051 0x0f24 Mup - ok
12:27:00.0067 0x0f24 [ 3A1E095277BBD406CEA8EA6B76950664, 47838F307A6354E77C19A7B1F3F3E22726EF60403B611F358AD6FFE81D7214E7 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
12:27:00.0067 0x0f24 mvumis - ok
12:27:00.0113 0x0f24 [ 4B18840511D720BA118D3017E8165875, 724458A69269A5AE57E8DAB74FF3C198A79B6F7A9602BF38A70B4A40543ED167 ] napagent C:\WINDOWS\system32\qagentRT.dll
12:27:00.0129 0x0f24 napagent - ok
12:27:00.0145 0x0f24 [ 43D7388A90A4C6EA346A4D6FF0377479, DFDCFA448B49C8A577056070AF516F08CD2E452706A3CF9173195ABA4256F35D ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
12:27:00.0160 0x0f24 NativeWifiP - ok
12:27:00.0192 0x0f24 [ 6A0C3996DA7DAE6D6939676D786EEEC4, 6E8A4C6234FD3040BC889E92016A4D5AC7BCAF5059521E50C733966163A546A0 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
12:27:00.0192 0x0f24 NcaSvc - ok
12:27:00.0207 0x0f24 [ C982FE4CC91DECE2259F494FCEB4030F, 4C285407E6F9FBBA92180F4063AEFB736ED142D802F0151002F0CC20AB7BB4E5 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
12:27:00.0223 0x0f24 NcdAutoSetup - ok

[Ajven]

12:27:00.0270 0x0f24 [ 03CFE4108D1DE16D6C59455B5C73319C, 0816BAB06457F7ED53F658E53314A7A1D5A0398151186A47CE11A3017D002161 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
12:27:00.0301 0x0f24 NDIS - ok
12:27:00.0332 0x0f24 [ 39C8A1D9D46F5E83A016BCAB72455284, 80DBED610E0818C2C7122FBC5BC8C15BCE981538AE48DC48F464A86389AF3F68 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
12:27:00.0332 0x0f24 NdisCap - ok
12:27:00.0348 0x0f24 [ 762941932B7E4C588E48A577BA9D6440, 71FA1870E398CB848D8294FEF6C60E0499CAB9A16EC3F487564C41072590E4F3 ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
12:27:00.0348 0x0f24 NdisImPlatform - ok
12:27:00.0379 0x0f24 [ 7A6F8A6D0E01432EBA294EF29CDD0FA7, D902AE15194A9F8A2198914FC76184FE7E2B589747275952A04A52853128FDB8 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:27:00.0379 0x0f24 NdisTapi - ok
12:27:00.0395 0x0f24 [ 79AB68BB3FFF974AD4F41FA559F4EC67, 1745EC6520B48E325C56D98A1F4DB9CE135FE3E097B3D66E6598791132CAD7BD ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:27:00.0410 0x0f24 Ndisuio - ok
12:27:00.0426 0x0f24 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:27:00.0442 0x0f24 NdisWan - ok
12:27:00.0442 0x0f24 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NDISWANLEGACY C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:27:00.0442 0x0f24 NDISWANLEGACY - ok
12:27:00.0488 0x0f24 [ 3730942D7DB2F8BB5F84542B7FF6F650, 89C9D7D7305205BDB304CE6DA7D1A57EDE86A9D77429698802A39D75EB78CAAB ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
12:27:00.0488 0x0f24 NDProxy - ok
12:27:00.0488 0x0f24 [ D3F60A4345FCA9C1BE68AD7D0D6DE770, 214AF09F4B021C2F8655FBC8AC8C801E89CD9115CDE690FAEBDA69D63D660EDD ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
12:27:00.0504 0x0f24 Ndu - ok
12:27:00.0520 0x0f24 [ 7C203A76394F9AE68F69EEE5F9612C4A, 2222654915913BDC9367A2075714906A10CF22C047A7494CD59CB71834ED1B62 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
12:27:00.0520 0x0f24 NetBIOS - ok
12:27:00.0535 0x0f24 [ 7CEC25C682D319D484630B3952C31A11, 025C46B367E0570E9E3F9DF1564C3E47B1524E9E9A180BBDF0E9C684838F5E42 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
12:27:00.0551 0x0f24 NetBT - ok
12:27:00.0582 0x0f24 [ 6E0E63801FBEF27995107B8269BCFAAD, FE3FA6B369527613D64860984BE02C8CEAD1174A7E8428E3DA9B95761BA46513 ] Netlogon C:\WINDOWS\system32\lsass.exe
12:27:00.0582 0x0f24 Netlogon - ok
12:27:00.0645 0x0f24 [ 89519D29CBEC2121CA65CC29C4D345E0, F3BA7BCAFEC8DD8B29837458D1B2B1DEE748AEAAAE0575FD3AAE65CFC72A04CD ] Netman C:\WINDOWS\System32\netman.dll
12:27:00.0660 0x0f24 Netman - ok
12:27:00.0707 0x0f24 [ 79FA9393C67EBBF92A56923592CF7A7C, A8AB8A6346B97B68810CC632F425085BE9E63ACAED0F119A7BFD03F2DA4AA5F6 ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
12:27:00.0707 0x0f24 netprofm - ok
12:27:00.0832 0x0f24 [ 080417AC9E51B2B29656EC26B62E87F1, F85B0F301396913427CA410AEA302119BBDC625AFDB560D9B7A08E9E622AEB8E ] netr28x C:\WINDOWS\system32\DRIVERS\netr28x.sys
12:27:00.0879 0x0f24 netr28x - ok
12:27:00.0957 0x0f24 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:27:00.0973 0x0f24 NetTcpPortSharing - ok
12:27:01.0004 0x0f24 [ 12DD2800E4EEA37DC9AE256AD62423B4, 34740469EEA8740CBACD881CB232C9ABB9AB180DE5F45336BC6DBE154259F29B ] nfrd960 C:\WINDOWS\system32\drivers\nfrd960.sys
12:27:01.0004 0x0f24 nfrd960 - ok
12:27:01.0051 0x0f24 [ 80ABCD4C2DE9FD832477303AE0CA3BE5, 98F3958E650CEB1006D92980503E1B176D2CA55D2A6742C1C27CDE829D137DA9 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
12:27:01.0067 0x0f24 NlaSvc - ok
12:27:01.0082 0x0f24 [ 17E19A742FB30C002F8B43575451DBE1, 59D226A4A5B5281C399BE96C694915E38EEAF335D31F346B0C65D8F469D7C9C3 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
12:27:01.0082 0x0f24 Npfs - ok
12:27:01.0129 0x0f24 [ 8ED299C30792544264E558BEA79F0947, 8A03FDA9AADB79ECBCBCDC988B7D8CF0672689C9DF673A2ECFE0D2D88A9C6A6B ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
12:27:01.0129 0x0f24 npsvctrig - ok
12:27:01.0160 0x0f24 [ 832B5FDF0B5577713FD7F2465FCD0ACE, 4A551CDBACED47DD781EC59F8B59A13D66EFD85DCF636BCFCBACFE5972A78E93 ] nsi C:\WINDOWS\system32\nsisvc.dll
12:27:01.0160 0x0f24 nsi - ok
12:27:01.0176 0x0f24 [ 689B3B1E95C70ABF7AFF29F9406EF1E0, 8B62D8AE53E1B3218158FADC0075682AB06D18998CF5DE82C920A9CD91C0652F ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
12:27:01.0176 0x0f24 nsiproxy - ok
12:27:01.0317 0x0f24 [ 76929F4A69E425911A63B407E26C2589, 17896DB6EDEF2637D159432DB61E8B5FA2F4F54B5F50BCD6215827C321ED2C2A ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
12:27:01.0348 0x0f24 Ntfs - ok
12:27:01.0363 0x0f24 [ 4163ADE07DB51843AE31F65B94F5398D, 4349E7EF1EE1E71E1F436BA42F5B58871D82B987D513BA2D6E1CEB8A21BD1B20 ] Null C:\WINDOWS\system32\drivers\Null.sys
12:27:01.0363 0x0f24 Null - ok
12:27:01.0817 0x0f24 [ E71E299FF15390E585BACF2C18F55078, 7A51D989DA55349B1761839DEAFD593B6E6F88C433B132E7B027467E050FBA67 ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
12:27:02.0098 0x0f24 nvlddmkm - ok
12:27:02.0145 0x0f24 [ FCC3A3F875C8CF258F71BE2F2CAA2355, BD174C47329F0A15D821E51997E4CDAA68FB9BFD72A89A2F2A85A8603625EB18 ] nvpciflt C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
12:27:02.0145 0x0f24 nvpciflt - ok
12:27:02.0160 0x0f24 [ D6D34118263412D3AAA8348A9572B7F2, 66106A25BC5A4CA7697A23ED67CEDB5C0BF678EA70FD967A405D2DF76F4CA3A4 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
12:27:02.0160 0x0f24 nvraid - ok
12:27:02.0176 0x0f24 [ 27AFC428D1D32ABD04A86763A4EDDEA9, 0920866013A8C8CFEE00E6AECDD41736F5501C49837E2D785998734F087F6B98 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
12:27:02.0176 0x0f24 nvstor - ok
12:27:02.0239 0x0f24 [ 415695F5A54E91E869EEBFEA261361A6, 1829C15E07D902686171C8A66EB03040A037CAC1E00E24BF598030D9DA795CEC ] nvsvc C:\WINDOWS\system32\nvvsvc.exe
12:27:02.0254 0x0f24 nvsvc - ok
12:27:02.0364 0x0f24 [ AA130938A27BB80A8B6438EF83232275, 7C5A4863CD22413723C9F7658855E34088A2F89DF740531ED7986F67A30935E0 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
12:27:02.0395 0x0f24 nvUpdatusService - ok
12:27:02.0410 0x0f24 [ 051CFB5107BAAE510419BDC41F8C4036, 9990906F17A3886EF301D2AA6556263B52A1C0554C6BD18331AF44ECECAEE4B5 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
12:27:02.0410 0x0f24 nv_agp - ok
12:27:02.0457 0x0f24 [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
12:27:02.0473 0x0f24 p2pimsvc - ok
12:27:02.0504 0x0f24 [ 4319FD931DCD796435ECB5DB4A04FBA5, 20185B2F359EEC202B37019A4E4F5B914ADCF78B97AF0CBD91EECED2259FC6DE ] p2psvc C:\WINDOWS\system32\p2psvc.dll
12:27:02.0520 0x0f24 p2psvc - ok
12:27:02.0551 0x0f24 [ 4563DAF8C6A740AD7F501E219BD10766, 7A1212DDAE2D66A9C2041262796904E36036CDC4C5B75C2F66B8DF9D89F7C25D ] Parport C:\WINDOWS\System32\drivers\parport.sys
12:27:02.0551 0x0f24 Parport - ok
12:27:02.0551 0x0f24 Partizan - ok
12:27:02.0582 0x0f24 [ D6ACCF9F2EEEEA711C14EFD976E573F3, 60D2A81832A8D24F91C3EF134440D5026354917F59462BACBCE7A01D84767D91 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
12:27:02.0582 0x0f24 partmgr - ok
12:27:02.0629 0x0f24 [ 4811D9EC53649105A5A8BEA661B0F936, C77907E03D0561500FCFEAFAC323E9679E66297329901A0CA2BD7E919419A8E8 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
12:27:02.0645 0x0f24 PcaSvc - ok
12:27:02.0676 0x0f24 [ 4A003E8F718C1E6A2050CA98CD53E3E2, BCC3BE1EC3FA4967353371D85094D096940A7B5944A6FFCA31E8FBE83D92CC6C ] pci C:\WINDOWS\system32\drivers\pci.sys
12:27:02.0676 0x0f24 pci - ok
12:27:02.0707 0x0f24 [ F9908D274D458220F91E89B54D78D837, 1E89ABFA6B375383E0297CEE5AF66E37F90E16DD21ABA5C91777A86CDF013B4D ] pciide C:\WINDOWS\system32\drivers\pciide.sys
12:27:02.0707 0x0f24 pciide - ok
12:27:02.0723 0x0f24 [ 84D19CB6102627932DCB5DFDF89FE269, 2F9C47E076645B35877D9ACA77968EFFCDA8794D76265CD9A4AAA239C4B33C5F ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
12:27:02.0723 0x0f24 pcmcia - ok
12:27:02.0754 0x0f24 [ CEBBAD5391C2644560C55628A40BFD27, 8AAA6EBD8D89FC91AECCCF1452F53C5650A1A17027FF4E64D224371404CE4C8B ] pcw C:\WINDOWS\system32\drivers\pcw.sys
12:27:02.0754 0x0f24 pcw - ok
12:27:02.0785 0x0f24 [ 0698DEDEAD6A00AD0D468C687D830FBF, B9DCA1A61F2EF80DB26380F390F2E9A17114D33129D61CF465B949B6A7916CAA ] pdc C:\WINDOWS\system32\drivers\pdc.sys
12:27:02.0785 0x0f24 pdc - ok
12:27:02.0848 0x0f24 [ 61FE70659CD43E07F94DA4DC31DEC493, 3739B6670B440173FD81DE3D47B0B90FAF296802AD4F57C05BF5CF191BF16022 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
12:27:02.0864 0x0f24 PEAUTH - ok
12:27:02.0957 0x0f24 [ DF0D9BDCB600913F40FF125BF8CE1979, 63544C3CEAF47FEEB761FD25BCAE53610C7AD65B7B2295C49D72A7C3C78A376D ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll
12:27:03.0020 0x0f24 PeerDistSvc - ok
12:27:03.0098 0x0f24 [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A, 459CF99D5243C4ACAA38C7B426ADC52F1044C759D06A925D475DF6213AEB85CD ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
12:27:03.0098 0x0f24 PerfHost - ok
12:27:03.0160 0x0f24 [ 6E84BFF58F7643499277F29DFA2F8C8D, 401CCF137F35D9690C7B56B2BFEDB2DB72709EBE38626D787904B67640EF6F14 ] pla C:\WINDOWS\system32\pla.dll
12:27:03.0207 0x0f24 pla - ok
12:27:03.0239 0x0f24 [ D7A3877D9E126E21925DA873677C1D65, 466FAB854A6F4C8B5D2B398C46131AF6683B20AB9157C5243B03E62FB35DDD74 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
12:27:03.0239 0x0f24 PlugPlay - ok
12:27:03.0254 0x0f24 [ 8E2414E818C26C4A9C70CB2B8567F04F, A16B22AE143BA070C562FBE5DEF32F7E228F50B302B66E46B46C44C0F50A4461 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
12:27:03.0254 0x0f24 PNRPAutoReg - ok
12:27:03.0285 0x0f24 [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
12:27:03.0301 0x0f24 PNRPsvc - ok
12:27:03.0348 0x0f24 [ 0108C8E5176D590F242701EF5A62CC26, 3A72F5D4402663B7445F6B3C55F01E83A619B6192F7D3CC2DE3C57F9F50D5A2D ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
12:27:03.0348 0x0f24 PolicyAgent - ok
12:27:03.0410 0x0f24 [ AAD0C7235F804728373026EEFFDBCA6C, 930592ED085A14A7AC48F0D889627CAB865C8DAD3274544CEAC40C1F0730FD13 ] Power C:\WINDOWS\system32\umpo.dll
12:27:03.0410 0x0f24 Power - ok
12:27:03.0442 0x0f24 [ 362D47E5B4D67270DE4B8606036F4ADD, 716E229C68D91AEA5B5629F60133D5CBDC0C95ABA54D9DC6264E923CAF4DC6C0 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:27:03.0442 0x0f24 PptpMiniport - ok
12:27:03.0614 0x0f24 [ 9D59831262CAD44E709D695FC9D5E7AB, F95C5475F91DA667C8D5C96253944CE8A0F2C9B1ED4DF8703E5D1D47A0C730B5 ] PrintNotify C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
12:27:03.0676 0x0f24 PrintNotify - ok
12:27:03.0692 0x0f24 [ 8DA167F8967AB35A2487095CB1B879A0, 78FD1D87F0A52254DFD71B76BEEA4179CECF830D1CF623A12FBD991B7C1CDDC1 ] Processor C:\WINDOWS\System32\drivers\processr.sys
12:27:03.0692 0x0f24 Processor - ok
12:27:03.0739 0x0f24 [ 429E8502AD2227CF88F8840FC5BD590D, A186DA46C083580ACEDE9C7E3156865034302CD803140EEEC8E1DE16DA4BC99B ] ProfSvc C:\WINDOWS\system32\profsvc.dll
12:27:03.0739 0x0f24 ProfSvc - ok
12:27:03.0770 0x0f24 [ EB8034147D4820CD31BFCB11A2A652DF, B10B5E16B7A05D2DB2D5D1945B6146DE15EEDE2C778772A59F104706B5145E46 ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
12:27:03.0770 0x0f24 Psched - ok
12:27:03.0817 0x0f24 [ 0AFBF333B6F87A2F598EAB379AF100B8, D11F3A4D7E4463B62E2DBDE5FC61425B1FDFB07DD1A19BC001D479CA1F554510 ] QWAVE C:\WINDOWS\system32\qwave.dll
12:27:03.0817 0x0f24 QWAVE - ok
12:27:03.0848 0x0f24 [ 13D47BB0CCA2FC51BD15F8E85C6A078E, EA832A9511007C9E8599C3066E1FA66BE869E8A27886D9A9AC590BD4DFBD1A15 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
12:27:03.0848 0x0f24 QWAVEdrv - ok
12:27:03.0879 0x0f24 [ 873C60F8178100557740A832FCE10B5F, 400EF60CB2C98E2AFE122AF3D01CCE56A1548AF865345EE2194AB74DBCBF4C48 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:27:03.0879 0x0f24 RasAcd - ok
12:27:03.0911 0x0f24 [ 69B93F623B130976243ECA3D84CC99CA, F27617E651EADFAEE479619AAB01CDAA98111BA63E204D5C44A1256732CB0100 ] RasAgileVpn C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
12:27:03.0911 0x0f24 RasAgileVpn - ok
12:27:03.0942 0x0f24 [ 005F6E54C4A2DA4EBF68FB0392CE8BB0, 2F3C90A04964D4D906238BD557D90F7AC05DF86FE9729C4378B39431F54DDAE3 ] RasAuto C:\WINDOWS\System32\rasauto.dll
12:27:03.0942 0x0f24 RasAuto - ok
12:27:03.0973 0x0f24 [ A14D625C5AEE5FFE0F47D1A1D419FAAE, 1229B81C23340AD5B436B1FD227876EB41715CE6BD270BA367F18879D26B8F04 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:27:03.0973 0x0f24 Rasl2tp - ok
12:27:04.0004 0x0f24 [ C923C785A2DE0B396AD6D13ACAFF2DE9, 4F950DA776FBABEC7D546983D6F3018733F61268A4BF95C01D4836AD000BD073 ] RasMan C:\WINDOWS\System32\rasmans.dll
12:27:04.0020 0x0f24 RasMan - ok
12:27:04.0036 0x0f24 [ 00695B9C2DB6111064499C529E90C042, 3CD4DF4D8001C2BBF52EEEB1F0D587209878BEAC339D268892477AD840D490F1 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:27:04.0036 0x0f24 RasPppoe - ok
12:27:04.0067 0x0f24 [ A7F24D8CD1956B0A1FDCB86CC5114DE4, 30489D235362DF62B105378597168B13F4BAC74A8EDDBDA25237E3C017B69FEE ] RasSstp C:\WINDOWS\system32\DRIVERS\rassstp.sys
12:27:04.0067 0x0f24 RasSstp - ok
12:27:04.0114 0x0f24 [ CA03D642ACE58E1BA54E4B383F91CD69, 39BB942603801CF11FBEA28E24F8C8D1EF2AF615D1FABF951683A015D6A6EF37 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:27:04.0114 0x0f24 rdbss - ok
12:27:04.0129 0x0f24 [ CA7DF5EC95D8DE0DD24BE7FF97369F68, 153E6F716CA935DBCACB8FF1BB8DE5F5551CE3D18878225470E45893CA69BDB8 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
12:27:04.0129 0x0f24 rdpbus - ok
12:27:04.0129 0x0f24 [ B2A3AD74FF2E2FFA73AF2567108231B3, DF8CEA6215F75C634D56F6B8AE11ECCEEB5F8CBC091AC3D6D9F7DE214B00A439 ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
12:27:04.0145 0x0f24 RDPDR - ok
12:27:04.0145 0x0f24 [ 3B4F32CA8B37584ECF98BCE136E38B96, 2B39224FEF5C0AE000FF667B3D6C3C279DBEE8EABAE2F5C40BBCF6DDFFD4DE3C ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
12:27:04.0145 0x0f24 RdpVideoMiniport - ok
12:27:04.0161 0x0f24 [ B3CB0721E81E30419CE7D837EF4EA151, EC9410818661BF77E4A19694E3A3030E1D983B36F49C72E27F92A1424E0729C2 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
12:27:04.0161 0x0f24 RDPWD - ok
12:27:04.0192 0x0f24 [ 62C1F8A0685FE07E998AA296C4F697C4, C636AB2D0F139003A6AD7A12E9DC13EE4485A62F30DA59AF842FF02FE07442EE ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
12:27:04.0207 0x0f24 rdyboost - ok
12:27:04.0239 0x0f24 [ 3663CCF243EE0C04E9F6F91ED1737273, 31D06445996F99A7F6B32004D1BA63A21C61DE125373F860BA9A9DE5278E8293 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
12:27:04.0239 0x0f24 RemoteAccess - ok
12:27:04.0286 0x0f24 [ E80DD61E52EDFFF9DA1ED7260A68855B, 97909F42AE35E28B8F98C01A1D8BAD80A949CDCA0C88FB4ACF0A655DC7C10E45 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
12:27:04.0286 0x0f24 RemoteRegistry - ok
12:27:04.0317 0x0f24 [ CCBFCABDFE2BC22F0645CEAADDB36004, 279EA9075079F91165027CEFD4FBC61A213CA602EE7DE106F7D2D243468706AA ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys
12:27:04.0317 0x0f24 RFCOMM - ok
12:27:04.0332 0x0f24 [ 381E606B90F32E501D1E2C852D211AB9, F307DA40A376C694868EB30186EA6420705C8BFCEA74B25F988E67FE728F0A8D ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
12:27:04.0348 0x0f24 RpcEptMapper - ok
12:27:04.0364 0x0f24 [ 10B21284B3D964AB3DC45490E57D422E, 12D5E3A7785F21C99C5EAD14A88EB7A86A058E26C091991339356D99D196CC13 ] RpcLocator C:\WINDOWS\system32\locator.exe
12:27:04.0364 0x0f24 RpcLocator - ok
12:27:04.0411 0x0f24 [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] RpcSs C:\WINDOWS\system32\rpcss.dll
12:27:04.0426 0x0f24 RpcSs - ok
12:27:04.0504 0x0f24 [ C648C1FC380D17CB1D6CEEBA168CB15F, 88BC4626353D54D1A2ABC144585DD7E6EDF24BBAF7677C27E6CFAA477329E83E ] RSBASTOR C:\WINDOWS\system32\DRIVERS\RtsBaStor.sys
12:27:04.0504 0x0f24 RSBASTOR - ok
12:27:04.0536 0x0f24 [ E04E770DD198B9399640717145E79EBF, 2F9BECB7E4B0A522C6370FD39CFD7DFD3FB5D0A779AECCED2EE855629FA3C952 ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
12:27:04.0536 0x0f24 rspndr - ok
12:27:04.0582 0x0f24 [ D9C5260772FDA64AB729C0B4822F11E3, D52B79C4D30D18AD5DE60EFE68BFAF4221C0F4D226F5067312CE546EDE4E89CE ] RTL8168 C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
12:27:04.0598 0x0f24 RTL8168 - ok
12:27:04.0645 0x0f24 [ 752EC7DCD2F96871A3857EEE6AFE965A, 1D0640966B9147A06ED0E733711773E6B4AB8AC6D962D5B369ECB04170D18AD8 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
12:27:04.0645 0x0f24 s3cap - ok
12:27:04.0676 0x0f24 [ 6E0E63801FBEF27995107B8269BCFAAD, FE3FA6B369527613D64860984BE02C8CEAD1174A7E8428E3DA9B95761BA46513 ] SamSs C:\WINDOWS\system32\lsass.exe
12:27:04.0676 0x0f24 SamSs - ok
12:27:04.0676 0x0f24 [ 9C7B28CE0D136DB226E24DB3BC817F92, E9DE55D6432ADD08EC75F99F2B5D2BD1F553F4EE55991B1767B1578351EE0BF2 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
12:27:04.0676 0x0f24 sbp2port - ok
12:27:04.0707 0x0f24 [ 14316954FCE79C9DE5A0AFF9D42C83AA, B60FB1FAC0299F9560761411711E86EDFA2F8D27B58230E2E4BB37736FAB2287 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
12:27:04.0707 0x0f24 SCardSvr - ok
12:27:04.0754 0x0f24 [ 5D7733A12756B267FCA021672B26BC9E, 01CE5B5F49914B9E099BD909A66296F3A40644AE47BA1D5EBFFB30CD33C70A4A ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
12:27:04.0754 0x0f24 scfilter - ok
12:27:04.0801 0x0f24 [ ED40ED9A65F3E79A8C43DD50C5FDADBF, 2323BFAB1BC3D661A376650B7AC14C7780C92BA575DA048F3C7611CDB3F7F04A ] Schedule C:\WINDOWS\system32\schedsvc.dll
12:27:04.0848 0x0f24 Schedule - ok
12:27:04.0864 0x0f24 [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
12:27:04.0879 0x0f24 SCPolicySvc - ok
12:27:04.0911 0x0f24 [ 047315E75392CEA447ACC86257824C16, 955F065C026DA807BDA241546A619913DA39112BD8CDBDB82562B2883317CE0B ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
12:27:04.0911 0x0f24 sdbus - ok
12:27:04.0957 0x0f24 [ 92968277ED491E4B3DDA361E3952361E, 71C50853BB2126A34C7CD014EE44D4B8B39F589E2E8E8E8F4C982E07498E3899 ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
12:27:04.0957 0x0f24 SDRSVC - ok
12:27:04.0973 0x0f24 [ 6BF842A03DAA25CBBA9A585E25731E06, A13C4AA4061B698E43A5E752188E23E7F89D3F843B9EDCBED2992B01F5F7D3D3 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
12:27:04.0973 0x0f24 sdstor - ok
12:27:04.0989 0x0f24 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
12:27:04.0989 0x0f24 secdrv - ok
12:27:05.0004 0x0f24 [ CD282626738B6BC92B6E7CD0AAE95B63, 1A56567C781786C85C63E24E79186EE5C82D3EB2679061B21BA0571A3A6CB7F5 ] seclogon C:\WINDOWS\system32\seclogon.dll
12:27:05.0004 0x0f24 seclogon - ok
12:27:05.0036 0x0f24 [ 9C51620998F0763039DFA6BF68E475ED, 9E496ADE7CE9A446BE8A2C2FC61B462D966778A94A4C147AABBD25C4821C2BCE ] SENS C:\WINDOWS\System32\sens.dll
12:27:05.0036 0x0f24 SENS - ok
12:27:05.0051 0x0f24 [ 0D50B4B860DAB65241628D04CD33ACAE, 2AA897C3F9ED076AB9244A32745D18489B076F3ED28A35B868C472131C5B5B46 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
12:27:05.0067 0x0f24 SensrSvc - ok
12:27:05.0098 0x0f24 [ 87C46B239A7EEF30FDFDD5E9BD46130C, F36FB5B20AC58FBD31F7E636059D2D865B751E178E51A03B94ABE0BBD1AB1EC9 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
12:27:05.0098 0x0f24 SerCx - ok
12:27:05.0098 0x0f24 [ 7A1F9347C85FD55E39B8A76B3A25C5AD, 03AF3B23285278A38F4CBEAB7FD326A48FA1EC7F8D044C059CE5403C6D225639 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
12:27:05.0098 0x0f24 Serenum - ok
12:27:05.0129 0x0f24 [ F640A0A218BBF857F1D04A15D7D939F6, 948C13886281FE7947E10FB7B34D5CCFE512FB632F1132B6062AC85149F79950 ] Serial C:\WINDOWS\System32\drivers\serial.sys
12:27:05.0129 0x0f24 Serial - ok
12:27:05.0145 0x0f24 [ F1A5F56B2620B862CC28FF96A0A6DAAB, E5367212B2CADF3820D657CFC27CD961547E28DAB950C68E1380CF97FB68F3F4 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
12:27:05.0145 0x0f24 sermouse - ok
12:27:05.0161 0x0f24 [ CB60A60340788C8D6DE2A269D28086AB, 2D8948E59BB9B00E16D20E425F80E7B862957DBAC9A4D1484E5191FAF333B60D ] SessionEnv C:\WINDOWS\system32\sessenv.dll
12:27:05.0176 0x0f24 SessionEnv - ok
12:27:05.0176 0x0f24 [ 7EE65419B29302C795714FF8073969A1, E28D89A5423E3A5062030EB2418E9435DD5D8B9D16570046E782D3FCFDA2E79A ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
12:27:05.0176 0x0f24 sfloppy - ok
12:27:05.0223 0x0f24 [ 090AE16F79C8EAD04E6031F863DA85F3, 3F27BE46DF602B53940414A6E9FEB23B36CFFB8E9A7F41440C3315B8E27D0029 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
12:27:05.0239 0x0f24 SharedAccess - ok
12:27:05.0286 0x0f24 [ A77F3ABE13FCC698511E5DEC7ACEBD5F, 78A43FDA9F770FD8BA107605DB44BC71D8B89D7E75560DA783AA6356C1873C15 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
12:27:05.0301 0x0f24 ShellHWDetection - ok
12:27:05.0301 0x0f24 [ 2560721D6F16D5B611C36A3A9D28C1B2, 15C30404902654ABA5DB5367FC5BD31343B12A3FC22B4BC5A26B09016447B5ED ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
12:27:05.0301 0x0f24 SiSRaid2 - ok
12:27:05.0332 0x0f24 [ 3AA8FDE1DBF65BB8B88B053529554A0D, 8060D946344D043D336F4735363C23C37C91A6DB3F81E575C267B2EC2BECB0EC ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
12:27:05.0332 0x0f24 SiSRaid4 - ok
12:27:05.0348 0x0f24 [ E660156A4588A84305CB772FD2C0DB21, 9492EB6578D4A689945E1FC2440EFA77D461049CDB2D00A645969A71B7DA68E1 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
12:27:05.0348 0x0f24 SNMPTRAP - ok
12:27:05.0379 0x0f24 [ 9110193D93960E38B8692E4519C75D72, 789381B4CCC056EE431E78E2339AC9802264A1CE4B378DDA9769649664C9A7A0 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
12:27:05.0395 0x0f24 spaceport - ok
12:27:05.0411 0x0f24 [ 3D8679C8DF52EB26EB7583A4E0A29202, DCD9B69299275857712AB200C014AE820C8A9F7E53C4A335A84518FBE4BB56BB ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
12:27:05.0411 0x0f24 SpbCx - ok
12:27:05.0457 0x0f24 [ 3F215BF2D4D8D6756298B25B579772C2, 744192D1635E5D296BFD399E870B70592202CEAF95C31C2D2B226A868D33A3FD ] Spooler C:\WINDOWS\System32\spoolsv.exe
12:27:05.0473 0x0f24 Spooler - ok
12:27:05.0645 0x0f24 [ 061A977C920FBE4BF71FF47C966DDDCA, 746516396B72E4ADB05D978C819CD45FE44EE194756F6DA50121D755439CA590 ] sppsvc C:\WINDOWS\system32\sppsvc.exe
12:27:05.0754 0x0f24 sppsvc - ok
12:27:05.0801 0x0f24 [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6, 61EEB1349489CB85204F1B4E398BE24EDC01FB914120C9DD0487F8EE1EDA055E ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
12:27:05.0817 0x0f24 srv - ok
12:27:05.0864 0x0f24 [ 56218A571ECF8D55E0CDFF8DF2546CF1, 44B34722108EDDC8757A0B7C939A854457BB7EBC92A83C4284DFFAECFC2E3619 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
12:27:05.0879 0x0f24 srv2 - ok
12:27:05.0911 0x0f24 [ 14FC338B80CFF7E04215133B568D15C4, 1F437BE0EC887097F0C3409D4198A20981FC325FDF915532AB85070D337DEF2B ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
12:27:05.0911 0x0f24 srvnet - ok
12:27:05.0942 0x0f24 [ 7A20882D76D4A78240A5AC9F2C2EBA21, ACA05211EE542999A118BBD2CD051038A7DC8C40C4B8971DC6514BA90E90EC61 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
12:27:05.0957 0x0f24 SSDPSRV - ok
12:27:05.0973 0x0f24 [ D233B16999A8E626F6004BD7814C57EC, 5BBFE5DDF1269617ABD1BDBED85A79D99BB52EA29C2BB3A8F4A1827BFAA1A747 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
12:27:05.0989 0x0f24 SstpSvc - ok
12:27:06.0004 0x0f24 [ 4E85355B94CFCB67C135F6521A4895A7, AC4FC65C1E62A54B3834E7FE0A2B1ECC48A2AA563AE5BD508326EE68FFFBBEEE ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
12:27:06.0004 0x0f24 stexstor - ok
12:27:06.0114 0x0f24 [ BAC8A721736AECC55A4F71523AEAB65F, B52E1303B13A961A5FC190829E55B6F28ACA409A6EEF44B358D1D210558FE1D8 ] stisvc C:\WINDOWS\System32\wiaservc.dll
12:27:06.0129 0x0f24 stisvc - ok
12:27:06.0161 0x0f24 [ B240874B2CA0CD02E8CD11E140B14C57, 0FDBEE3DB644175A30065CAF020F375703ADC45A33221788C010F3111707FC25 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
12:27:06.0161 0x0f24 storahci - ok
12:27:06.0192 0x0f24 [ F74DBC95A57B1EE866D3732EB5F79BE2, E4FE9D5CD0A385ACB60D5D5E8D969F26C3A6BC0C08FF0838DBE9CA106229C8DE ] storflt C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
12:27:06.0192 0x0f24 storflt - ok
12:27:06.0208 0x0f24 [ 5337E138B49ED1F44CCBA4073BC35C20, 2B296973215E3865A56C46DC3D27F1460D96BC321558CE7A911B05B0E7BF397F ] StorSvc C:\WINDOWS\system32\storsvc.dll
12:27:06.0208 0x0f24 StorSvc - ok
12:27:06.0208 0x0f24 [ 543CD3CC0E05B8D8815E0D4F040B6F59, 4B57C9534E94A0A67FC82DBD4FAECACA180BEC281FB477550A37C0A04777E09E ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
12:27:06.0223 0x0f24 storvsc - ok
12:27:06.0239 0x0f24 [ 1A36AC469140F87CDE62D7F8524E270C, B07086E0D844567FF0A880366EA8ED8042F8ED744E6AB1FD9539F360905A07F2 ] storvsp C:\WINDOWS\System32\drivers\storvsp.sys
12:27:06.0239 0x0f24 storvsp - ok
12:27:06.0348 0x0f24 [ 8BC1C1ED6EF9C985A3FAA6A72F41679A, 82CC77030D23013572B4A64A64B6156789F253BF56268B790093CE3D345410A0 ] svsvc C:\WINDOWS\system32\svsvc.dll
12:27:06.0364 0x0f24 svsvc - ok
12:27:06.0379 0x0f24 [ 4AFD66AAE74FFB5986BC240744DC5FC9, 0C9347614E3FD3B4D3B29FA4A5DA23FF6EE4CD9A1FFC378B855B8DE61B2876CF ] swenum C:\WINDOWS\System32\drivers\swenum.sys
12:27:06.0379 0x0f24 swenum - ok
12:27:06.0411 0x0f24 [ 502F9488540051F3E6C39889ECFA76BB, 22ABD681BE4CF8A1F484C6363C1334B1EF7A6C074D837B0121DE1896887B84C6 ] swprv C:\WINDOWS\System32\swprv.dll
12:27:06.0426 0x0f24 swprv - ok
12:27:06.0520 0x0f24 [ A06CB9269D29EE3D0F3F5630ABB660B8, 519A01FC7D9414B26CCBC23E7FB1CEAF1C91CD173B4F4A4025F8316B7460C584 ] SysMain C:\WINDOWS\system32\sysmain.dll
12:27:06.0551 0x0f24 SysMain - ok
12:27:06.0598 0x0f24 [ 6FB88606C4A71E1BFAF97D63A676C673, D72F93A482E989ACA50F9647B7AD699A4656AEAACF377BB2B8CEBB094B748852 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
12:27:06.0598 0x0f24 SystemEventsBroker - ok
12:27:06.0629 0x0f24 [ A6C06C45C44AD06C70AF8899AEC15BDC, AC2CCCDBA6B94BA85A6D41B47343193D175786D4ECF71AE9C7766ADD63A1273F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
12:27:06.0629 0x0f24 TabletInputService - ok
12:27:06.0661 0x0f24 [ 88B7721AB551C4325036B25A34A2BF7B, 2817CC6294542524EC373A674535F913440736BEBE81233CA91D5ECD93620B02 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
12:27:06.0661 0x0f24 TapiSrv - ok
12:27:06.0770 0x0f24 [ DD4249F03598043DED6FA540EB14898A, 7015BD1A692F75D54B0F96E5EDC5C4DF41B0C831E85D0F6EF0AFBEFCA2F6DA83 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
12:27:06.0817 0x0f24 Tcpip - ok
12:27:06.0879 0x0f24 [ DD4249F03598043DED6FA540EB14898A, 7015BD1A692F75D54B0F96E5EDC5C4DF41B0C831E85D0F6EF0AFBEFCA2F6DA83 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:27:06.0926 0x0f24 TCPIP6 - ok
12:27:06.0942 0x0f24 [ 8F2A13A5DF99D72FDDE87F502A66F989, 2228C62ACDB4CBBFDD2BE705E604E0B9A8AEA7146F65F2D8B9B2A2FB49ACFAE1 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
12:27:06.0958 0x0f24 tcpipreg - ok
12:27:06.0973 0x0f24 [ 73DC722CE5DF26D7638CE2446F2655C7, 9B8E6F6DEA5E0C2AEAC24A31897D2E73F86EF44F1C25FEF82D2C860353793817 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
12:27:06.0973 0x0f24 tdx - ok
12:27:06.0989 0x0f24 [ F7C8AB5D8AFFAA318D6A21093D139BF4, 0A35052EF7DC8615783A23897358D8C579BE694363615C9563FF629E7B719991 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
12:27:06.0989 0x0f24 terminpt - ok
12:27:07.0036 0x0f24 [ 541EE228D0DEF392F7B2DFD885DD021B, 594D6538FA4DB5EF4D130007D7C29051EC2EDCA39EBB119695B58E9CBB0EB728 ] TermService C:\WINDOWS\System32\termsrv.dll
12:27:07.0067 0x0f24 TermService - ok
12:27:07.0083 0x0f24 [ 519A6F672FFF56B7D8EE8C730CEC8ECD, 2B36F10C0AE16A261DC0887B1050808BA1F0568F3879E4ABC3D370F08C3FADB7 ] Themes C:\WINDOWS\system32\themeservice.dll
12:27:07.0083 0x0f24 Themes - ok
12:27:07.0114 0x0f24 [ DBD28A7997CF7303E610989C565C9B29, 4BCB9920357DDDC9433EA73B683FAAE15572EC0346ED45F61B19EC503F5A9FED ] THREADORDER C:\WINDOWS\system32\mmcss.dll
12:27:07.0129 0x0f24 THREADORDER - ok
12:27:07.0145 0x0f24 [ 4515B9E4140F04FB3907692DF89FCA87, F68EC56524BDA877646E987BE7414C1D622BD9FF05A5AEADCA39030FDC2B0115 ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
12:27:07.0145 0x0f24 TimeBroker - ok
12:27:07.0176 0x0f24 [ 6F0BFF80EE2A5BC841286A51F893CBAD, 79C58352002D9E3274170B6933FE3600F7C74E9DDB38C74805C42C53ADD35F28 ] TPM C:\WINDOWS\system32\drivers\tpm.sys
12:27:07.0176 0x0f24 TPM - ok
12:27:07.0208 0x0f24 [ 8C8CF3041B27E7657ADD0EE17F6DBFCA, A6846478B9E7B0A509E5A28C6C7B66ED39F0247F9AFF01E3C3CADC0DBEF3CA00 ] TrkWks C:\WINDOWS\System32\trkwks.dll
12:27:07.0208 0x0f24 TrkWks - ok
12:27:07.0270 0x0f24 [ 8ABBB5CE0C62E0A6D28F32F44B7F865C, 4C78FE2A4A25A758D5191C4EDB2A6FE691FF82E7C16C0F146DC96DAD87D4F64E ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
12:27:07.0286 0x0f24 TrustedInstaller - ok
12:27:07.0301 0x0f24 [ 4E7C5FB10A50435523DE0CAA37DE2BD3, D6206DF61950F2541FB754E57C4D9EF9FA0CC1EDD6F6FA4E45F02B47958493F7 ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
12:27:07.0301 0x0f24 TsUsbFlt - ok
12:27:07.0333 0x0f24 [ 16D684A820872EE54F6370703AC0B513, 795E20484358424CE9FA766937DD99413025A8AF967D03490392E8E02A382D0B ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
12:27:07.0333 0x0f24 TsUsbGD - ok
12:27:07.0364 0x0f24 [ 78C9EE193AC2B4CBDBC48B620314D740, 41523E47D321BFF5778F5E453545B928C0A469C3BBA51578E74D6721D7DF9273 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
12:27:07.0364 0x0f24 tunnel - ok
12:27:07.0379 0x0f24 [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A, AA7DA2207C0236F47859A4791F9D7301E7ADB50A59D831DC859ECC7CA70D3E1D ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
12:27:07.0379 0x0f24 uagp35 - ok
12:27:07.0395 0x0f24 [ 6FD6D03B7752C78712E5CFF29A305026, F09C5188AAFCF4C77B05BA1E604F9912782A9F1371F72F959288EBC2725407ED ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
12:27:07.0395 0x0f24 UASPStor - ok
12:27:07.0442 0x0f24 [ 061BA3EE0D2BE17944990544008CF190, C9236D368EC2281B545E8C008BC2801F21A9716ED3D4DAEDB0751A5008346E81 ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
12:27:07.0442 0x0f24 UCX01000 - ok
12:27:07.0473 0x0f24 [ DC5A461591C71AF7F19DC048A81E3F88, C6689C70B6CDE5A5707C06ABDC9CABF87CCE549BD23B96969EF3AA177A889320 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
12:27:07.0489 0x0f24 udfs - ok
12:27:07.0520 0x0f24 [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D, 16DE6E0894C356A58AF12BEC2FE9B188F147DD4B16CB2414DE600CE4127F929D ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
12:27:07.0520 0x0f24 UI0Detect - ok
12:27:07.0520 0x0f24 [ 07FEBCDF24FABA0D47B635D85A0FFB7A, 452C04B14681EBCE8B1B25B75A1B7CC978722B7DDE54D624E17841B14ACCF65D ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
12:27:07.0520 0x0f24 uliagpkx - ok
12:27:07.0536 0x0f24 [ 02CEB3FE6152668A7BA420B93B664860, 613F27540FD1EFE2442E326F507DACD5A25691C8481937022B7E1104F3E6E9E2 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
12:27:07.0536 0x0f24 umbus - ok
12:27:07.0567 0x0f24 [ 991EE6B5FC41EAEF99C8AF5B92F2CA09, 30AAD7D18FF5962CEC7180359D148EED5A1BF193DDB2B34508897FC3EBA692C3 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
12:27:07.0567 0x0f24 UmPass - ok
12:27:07.0598 0x0f24 [ 43FEFB040A0CC30F795FBF544169594D, F2A730C0F7C883321C378D4564120A40428D7F8E393F02C8D6A08934795A35C7 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
12:27:07.0598 0x0f24 UmRdpService - ok
12:27:07.0739 0x0f24 [ E1A119AD21F5AFE22EB516C549306D3D, 48769D5E7A78B7A2C00F1F6798AC133CF3E0B2C76F71D3719BD741DDD8F2D229 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
12:27:07.0754 0x0f24 UNS - ok
12:27:07.0786 0x0f24 [ 14D22C411854AA2560AFC94CD2D5E61F, BB376734733671C02319E6DB1800D41212694446FD65465498C92D4ECBFE7458 ] upnphost C:\WINDOWS\System32\upnphost.dll
12:27:07.0801 0x0f24 upnphost - ok
12:27:07.0833 0x0f24 [ C976C4306F9AE133D6BBD47FDFC3BF92, 820413D92D6A89055A7F26523BF5CC4B668610C4A06E8B0D163FBF929B1DFA9A ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
12:27:07.0833 0x0f24 usbccgp - ok
12:27:07.0848 0x0f24 [ 427B6DB8C05A5A977E8C3525370A2595, C67222CA9123AE12D953995326B3B582C146CEA89594B7209DB0B1F628A0118D ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
12:27:07.0848 0x0f24 usbcir - ok
12:27:07.0879 0x0f24 [ B24FDEB1B18496F1B463782235AA3AF1, 3F5036F36987C8007D03DAFC3EC30615515BE96D9A1DF879BCD4EB0E66CD50B1 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
12:27:07.0879 0x0f24 usbehci - ok
12:27:07.0911 0x0f24 [ F8C2A832DF9403F5EA8080CBDBDA95FB, 50E9455465672BC13EB945BEC132D2F30BA2EB25C68928D2B4C256F2DB292A83 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
12:27:07.0926 0x0f24 usbhub - ok
12:27:07.0973 0x0f24 [ E5F7328B1D29BCE791862CD3C0DD382A, E520D75CA6E4EDB06F576D97FB6B7CFD46A3EF3A3AC881537DE3BB8C862FE8C3 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
12:27:07.0989 0x0f24 USBHUB3 - ok
12:27:08.0004 0x0f24 [ 325F6179009B5A7F6118951A5BA422AB, 756CB2893530485E8C3ACFF5A40F4C6EB446E72B2296E8772058E407A5E066DE ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
12:27:08.0004 0x0f24 usbohci - ok
12:27:08.0036 0x0f24 [ 9FDBA6982582A6F2354144980F641E7B, 054A65412CB22C5BE970FD3A266E140110D869B614B9F9894628D553CE82C991 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
12:27:08.0036 0x0f24 usbprint - ok
12:27:08.0067 0x0f24 [ F77177F6C95B2116EE7AD23B5EF57007, 646E345DE5AFF26B338E17BC9D03D0EDA5608DF77D7685DE7AFF6E4113B9EB87 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
12:27:08.0067 0x0f24 USBSTOR - ok
12:27:08.0083 0x0f24 [ 1ABF657259DB57F7E5558E4DF1357C0C, 34EAF5DEA3293CFA96BA81B036305FD90ABAE05B9CB73D4F54FB236448C1978C ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
12:27:08.0083 0x0f24 usbuhci - ok
12:27:08.0114 0x0f24 [ 9EF7C01D3ACCBC243B5CB1A95865B2FF, 367A7640B4992E68EB3E1BBD78D3014742F4CC4056750E389048C653251DAD33 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
12:27:08.0114 0x0f24 usbvideo - ok
12:27:08.0145 0x0f24 [ 8DC398D7B8E02C929A2096E74A170970, 87B3CE84D05F50C33935B28F0AFF1CB15DAA4530768BA1FB25C311609CD4B0A5 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
12:27:08.0161 0x0f24 USBXHCI - ok
12:27:08.0176 0x0f24 [ 6E0E63801FBEF27995107B8269BCFAAD, FE3FA6B369527613D64860984BE02C8CEAD1174A7E8428E3DA9B95761BA46513 ] VaultSvc C:\WINDOWS\system32\lsass.exe
12:27:08.0176 0x0f24 VaultSvc - ok
12:27:08.0192 0x0f24 [ BACECBFF9C97F7627A60B0E0F1FE7EE8, DC82F767D066B93A48A090DC7146EBCCDC54B43C6CD9DF29A160E09E3A531DC8 ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
12:27:08.0192 0x0f24 vdrvroot - ok
12:27:08.0239 0x0f24 [ 728C2DEEE875D6968632638922D6A1D7, 0E0D0770F435143D141A669CD361BC2C0D494BBC6BCA3A1CE16985F5B8DE7390 ] vds C:\WINDOWS\System32\vds.exe
12:27:08.0255 0x0f24 vds - ok
12:27:08.0255 0x0f24 [ 74FA2D4368DE6F6CE14393EDF1F342BE, C5CE4164B2C3D583A7FB8687ADEADCDB08D36A5AB1965E5FC6949AEED15881C8 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
12:27:08.0255 0x0f24 VerifierExt - ok
12:27:08.0286 0x0f24 [ 500BE6B2E49883720D0AE8BB859ED7A3, 4606B02A3E8123510676E554635EB5ECF9DC5F2B83928710C8563787C52CC102 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
12:27:08.0301 0x0f24 vhdmp - ok
12:27:08.0317 0x0f24 [ F5B4A14B00E89250C50982AC762DDD1D, 581CD97DD42E74A82F06BFB827DFC82618B4A8667ACA7E93C628BB0D056CE8F0 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
12:27:08.0317 0x0f24 viaide - ok
12:27:08.0348 0x0f24 [ 0E43886F01C85B47BA0A3157274BCF59, C81E1841B1138D8C224FAF76258F7EB65145CCAF7938CA86CBADD8FFF79BA596 ] Vid C:\WINDOWS\System32\drivers\Vid.sys
12:27:08.0348 0x0f24 Vid - ok
12:27:08.0364 0x0f24 [ 78DB50F7329F6D1311658DABFFFC8BE0, 8CB0C831608033C4BC1D2DA7FAA7D429333A3654E76A989F7AF85BFC5F086BE9 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
12:27:08.0364 0x0f24 vmbus - ok
12:27:08.0380 0x0f24 [ ECFEE2F2BA3932C7880D1A8F67D68F91, 57DCD55A518A9FBDEF72B511C643B1062C3F7BD339F4B0FC19E9D84C615B968D ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
12:27:08.0380 0x0f24 VMBusHID - ok
12:27:08.0380 0x0f24 [ B4F432A51826FFC66F4DF72A83E8E4B1, 2C6F4D477F91605A3685FCF9EC6EA798E74C6853CC91547A749E9C050E7C19E8 ] vmbusr C:\WINDOWS\System32\drivers\vmbusr.sys
12:27:08.0380 0x0f24 vmbusr - ok
12:27:08.0426 0x0f24 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
12:27:08.0426 0x0f24 vmicheartbeat - ok
12:27:08.0442 0x0f24 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
12:27:08.0458 0x0f24 vmickvpexchange - ok
12:27:08.0458 0x0f24 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
12:27:08.0473 0x0f24 vmicrdv - ok
12:27:08.0489 0x0f24 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
12:27:08.0489 0x0f24 vmicshutdown - ok
12:27:08.0505 0x0f24 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
12:27:08.0520 0x0f24 vmictimesync - ok
12:27:08.0520 0x0f24 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicvss C:\WINDOWS\System32\ICSvc.dll
12:27:08.0536 0x0f24 vmicvss - ok
12:27:08.0551 0x0f24 [ CB60FAAED8B49B812EBBF77EB87D9B18, ADA7C68D4C4981555ED48981E8B7ACBEEF5C39F902EB98782FC3DFF495FE0C33 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
12:27:08.0551 0x0f24 volmgr - ok
12:27:08.0583 0x0f24 [ A74101DA9809251BCD0E5A26BAE0F824, 15A3A7CC31A13C5882812C344D0937A8A4503D12DB07B9F7F2A8191B739CDBF7 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
12:27:08.0583 0x0f24 volmgrx - ok
12:27:08.0614 0x0f24 [ 2FB3CDFD5EAF4CD9D4AFAF96877D13AE, 26FD9DBCFAEDE0F945D80B11769741A3A837F84461263217A43C458B674566EE ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
12:27:08.0614 0x0f24 volsnap - ok
12:27:08.0630 0x0f24 [ A8DA1C1B52ECEA3726DEBED4FF1B700D, 75C024EC3858DF24FB82FE105BDD1E37900D53EFE9D72F42CDDFFD0742525586 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
12:27:08.0630 0x0f24 vpci - ok
12:27:08.0630 0x0f24 [ 0190AFFF28F600461C0164353CC7EE27, D112DF69C9E629EC77FB95E7ACDDAAE24B5028C84454134BD26FEF9CC953AC0E ] vpcivsp C:\WINDOWS\System32\drivers\vpcivsp.sys
12:27:08.0630 0x0f24 vpcivsp - ok
12:27:08.0645 0x0f24 [ 38A60CD9C009C55C6D3B5586F8E6A353, 7F7E2AE39F1A0A5245650911E310E0948BC22A18262A16FA76B44A042D66312D ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
12:27:08.0645 0x0f24 vsmraid - ok
12:27:08.0739 0x0f24 [ D0C69E44BC1E1D4AD290FD84104623D8, 4C86760EA4BD2A64FFD42D89284EC3E5048CB2F0F6F3B80D017B41C0D2456A90 ] VSS C:\WINDOWS\system32\vssvc.exe
12:27:08.0770 0x0f24 VSS - ok
12:27:08.0786 0x0f24 [ A0F6FE0FC2F647C22BBFD6BD4249DBCC, AC2F3C70EDCA0AFBB2606267DFE6D3E8E7B0772140153BAD6B0A9EDE6A1D2F29 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
12:27:08.0801 0x0f24 VSTXRAID - ok
12:27:08.0817 0x0f24 [ 62460A45435A26A334907E3F2EA45611, FEF86E05117CC0AAB8211CA1542776EB620BD4699BD590D91F16621ED35B9824 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
12:27:08.0817 0x0f24 vwifibus - ok
12:27:08.0833 0x0f24 [ 095E943D27025E4D588AF0A72CC2318F, 3CE406A202F93EF8C4BC7317621A672670D734C69166393CA7256D5E5E667041 ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys
12:27:08.0833 0x0f24 vwififlt - ok
12:27:08.0833 0x0f24 [ 73FA1A41A97A5C34ADC03B3577FF1A86, CBA4BC0DA837C163587BBB4BF2AC1549C72440307C984D3CDF8995023718136C ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys
12:27:08.0833 0x0f24 vwifimp - ok
12:27:08.0880 0x0f24 [ F690B6EEAA94576727B24376D7ED3601, A61EE96024C8FC4058481DFB1E7F0AD746565368672FA3B6BA8F9E23D0F47E4C ] W32Time C:\WINDOWS\system32\w32time.dll
12:27:08.0880 0x0f24 W32Time - ok
12:27:08.0895 0x0f24 [ 6B806E893714019969E2B50D7EF6A4D9, 38FE2B01082DC4C2A0C11A292016A727F48C3DF1293DC3A0216B2254A452263F ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
12:27:08.0911 0x0f24 WacomPen - ok
12:27:08.0942 0x0f24 [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:27:08.0942 0x0f24 Wanarp - ok
12:27:08.0942 0x0f24 [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:27:08.0942 0x0f24 Wanarpv6 - ok
12:27:09.0020 0x0f24 [ 42DF22F8C448E7CD219F6D63743505E2, 063F4280C7BD20CE1360436B76A17DFE17FF611F75337A47373D098CC6C263BF ] wbengine C:\WINDOWS\system32\wbengine.exe
12:27:09.0051 0x0f24 wbengine - ok
12:27:09.0083 0x0f24 [ 31D37B2F6069C631EF0557D322924812, 6E18A1060F3C8F4BF220E286C44327866A8F9109E74928AA2D8C2DA9C452038B ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
12:27:09.0098 0x0f24 WbioSrvc - ok
12:27:09.0114 0x0f24 [ D9C1E82651BF19C6FF69CEC6FD400124, 93B96481A5B26F5617B16DD775AF0F8CE9001B30251FFF58D6EF9044D5EE91CD ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
12:27:09.0130 0x0f24 Wcmsvc - ok
12:27:09.0145 0x0f24 [ 68C2831A05A339DA8462C6F45BFCB84C, A7F79EF9D337B775851C8BB585CA6279C9ACD56B36B28594AA5B4C29B4DF9516 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
12:27:09.0145 0x0f24 wcncsvc - ok
12:27:09.0161 0x0f24 [ E19556D414332E2BEBA1F368229006B4, AB3454EC85D7B6E62D44C4510C1547AE7F736558588E54B0E265F7B3A5810E15 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
12:27:09.0176 0x0f24 WcsPlugInService - ok
12:27:09.0208 0x0f24 [ B3A4D918DAB90505B6BC7B70632913CB, ECC19DCD7902C29D0682C70B9546CF8B82477A32147EE30EB6750D8499605B46 ] Wd C:\WINDOWS\system32\drivers\wd.sys
12:27:09.0208 0x0f24 Wd - ok
12:27:09.0223 0x0f24 [ FD47DF026B32969B8A68721A0243E8EE, 57A7B9B40CEDADFB023AEDD9F29869F1B93EA2596F47B5DDC233D57FC585CCE1 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
12:27:09.0239 0x0f24 WdBoot - ok
12:27:09.0286 0x0f24 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
12:27:09.0301 0x0f24 Wdf01000 - ok
12:27:09.0317 0x0f24 [ 5F425D842DD6ADE9F95A51A0616AFAD7, 807B8E6A4FE443A362076C225F588A8C897CFE24A6367F4D461C8F6D3EF004C5 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
12:27:09.0317 0x0f24 WdFilter - ok
12:27:09.0348 0x0f24 [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
12:27:09.0348 0x0f24 WdiServiceHost - ok
12:27:09.0348 0x0f24 [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
12:27:09.0364 0x0f24 WdiSystemHost - ok
12:27:09.0380 0x0f24 [ F2002DA5E6B78C15B2CD48CFF8F0FBB6, 4281100271761521F75F4D5A3D2E9FF40A9C7D81CEDAFD2EDD95788534090CA6 ] WebClient C:\WINDOWS\System32\webclnt.dll
12:27:09.0380 0x0f24 WebClient - ok
12:27:09.0395 0x0f24 [ 35FD720943D4FCD75C3275BF062FF140, 9D8345E6DE1AE23F93AD0B52D27D1CCFD69EF7EE50654F92CA999BEC4570A773 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
12:27:09.0395 0x0f24 Wecsvc - ok
12:27:09.0411 0x0f24 [ 4D2612E3C462B68F499D840B1133263E, 4DDAEB4480AEC31A8184838588E0D3DFA31CE6D2FA6E906926860C75F52DC7B7 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
12:27:09.0411 0x0f24 wercplsupport - ok
12:27:09.0442 0x0f24 [ 5F70EBFC1F75B487DE79501E3CCBDB54, 2FCA57BF60A43B03BB42FBF22BBFC19AD2266FBBD818494AD114125E6E433321 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
12:27:09.0442 0x0f24 WerSvc - ok
12:27:09.0489 0x0f24 [ 44BB9C31E6242C4BD1CE7C2B440C2533, E603BB001028918B687818E930340008C752679B133037367A8A8E41DA559FFE ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
12:27:09.0489 0x0f24 WFPLWFS - ok
12:27:09.0505 0x0f24 [ 60E0C220593DA4F7C289CB909D2DBAE0, 057CA7727F748600CC155043081AB9E3244763CF4913F317D13226A515F6FDB6 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
12:27:09.0505 0x0f24 WiaRpc - ok
12:27:09.0536 0x0f24 [ A3C7624A42A3447EF5EDD1ED37FE4E60, BD8BDF0A571873FA8277878AF7AED11196CFF1B4DF1EA6BA13BD4887D7B63B94 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
12:27:09.0536 0x0f24 WIMMount - ok
12:27:09.0567 0x0f24 WinDefend - ok
12:27:09.0614 0x0f24 [ 1369928779943B5C7AABA263E6E2BBC1, 5DB4E77912051839B842F43B01933A07D72BD9E772F129573B1504361A9AA6A4 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
12:27:09.0630 0x0f24 WinHttpAutoProxySvc - ok
12:27:09.0723 0x0f24 [ 3D6B518B71C75C8FA4115A33615C107A, ED7A266013D29D3B1A462464735C3632BEA121D1B32553907AEAA0B00595C3DF ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
12:27:09.0723 0x0f24 Winmgmt - ok
12:27:09.0848 0x0f24 [ 8E212A627F33F6FC3B5F3BB47212F66E, 9BBFE26ABFA14F346FE3711D13D959523EEA23608A33C16F3D750D66CA511911 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
12:27:09.0926 0x0f24 WinRM - ok
12:27:09.0989 0x0f24 [ CAC452B32656A0A51356912F4A9943CA, 36C5F537C9D288245F359E7CF2BF1FA4C04D8387134143790720D0097D8363D0 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
12:27:10.0020 0x0f24 WlanSvc - ok
12:27:10.0114 0x0f24 [ B330CE47FB74A6BE9A3FFFF4B3F64D9B, B76226808406D8B38DE2D3A8CCE633BB507022C8BAAA6C3DAD34204CC6CE1284 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
12:27:10.0161 0x0f24 wlidsvc - ok
12:27:10.0208 0x0f24 [ E2A596CACFC6504306CDB7B593B90084, DF89CF57249553CE922C841F18B99A213185FA1099C053B9BB8C0F6E5BC3FEC0 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
12:27:10.0208 0x0f24 WmiAcpi - ok
12:27:10.0255 0x0f24 [ D113499052C5E541906B727779F0F959, 05FB51086C0A0CE3812A7E6098C5A454ECCFE8553669CFA715153564F2226DB0 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
12:27:10.0255 0x0f24 wmiApSrv - ok
12:27:10.0270 0x0f24 WMPNetworkSvc - ok
12:27:10.0302 0x0f24 [ C6FF953D5D6F2EAE3B8883474D5076B3, 001CBB7FBC30209C892869258E5ABD3F0932886E156ECB10DCA599F6D32648BE ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
12:27:10.0302 0x0f24 wpcfltr - ok
12:27:10.0333 0x0f24 [ A6ED163169876BFD2437E872FE2F1509, C13E8676800EEEF690F51C4DEA660B36C8734AE2CCAAC48054E10D74B98949B8 ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
12:27:10.0333 0x0f24 WPCSvc - ok
12:27:10.0380 0x0f24 [ 3013658A4D327854BEEC4A08D9655194, C4CF5AA6A47CC55E7037B0BFE20AE0A6442ADDC5DEB89D6861C98C61851FA821 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
12:27:10.0380 0x0f24 WPDBusEnum - ok
12:27:10.0411 0x0f24 [ 0346CAFC181C91C6E2330332EB332ED6, D46F44C339399CAAE13CD71C53A169E95065208E07E5420DE00A4509D6CB056F ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
12:27:10.0411 0x0f24 WpdUpFltr - ok
12:27:10.0426 0x0f24 [ 58D492F986EC519ECDD54D93618758F8, 7B9FA33B6D579CEC385D3E28A97F8C8B6662D612DB6CE35C6055E72E94EBF16A ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
12:27:10.0442 0x0f24 ws2ifsl - ok
12:27:10.0473 0x0f24 [ 012CFE7F0F95266F554EE3B91EE2128A, 866312F6BF7369BE686F1BA9F01311C99E95E268C6E63BE37C841F54F5AA0DB8 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
12:27:10.0489 0x0f24 wscsvc - ok
12:27:10.0489 0x0f24 WSearch - ok
12:27:10.0598 0x0f24 [ D4D04839F3DFAF09D94BAB1016F7A297, 944A41D251F522EE87189C1D01CF7EEE2C70BF4353BA4005C44F03DB485F843F ] WSService C:\WINDOWS\System32\WSService.dll
12:27:10.0645 0x0f24 WSService - ok
12:27:10.0817 0x0f24 [ 311E5E1976E0BD9110A88B93158055D5, F1AA738D6AD74C33785EEFE1FBE8A869AAB62417B7D079389293AB1209A849C1 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
12:27:10.0895 0x0f24 wuauserv - ok
12:27:10.0942 0x0f24 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
12:27:10.0942 0x0f24 WudfPf - ok
12:27:10.0958 0x0f24 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
12:27:10.0958 0x0f24 WUDFRd - ok
12:27:10.0989 0x0f24 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
12:27:10.0989 0x0f24 wudfsvc - ok
12:27:11.0005 0x0f24 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
12:27:11.0005 0x0f24 WUDFWpdFs - ok
12:27:11.0036 0x0f24 [ 9FE55B90B1778C4FE351ECD1AEFD8AAF, FEFDB31D2956C18536BD17A4B031495AEC62679247FD177D7B29BA26DFA6FBC1 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
12:27:11.0052 0x0f24 WwanSvc - ok
12:27:11.0067 0x0f24 ================ Scan global ===============================
12:27:11.0114 0x0f24 [ DDC1AFBF9DDF880CE9BD3896114D8DED, E2406231EA4D2689A5EDFA9BD1A1BC064359D8D23B37F113A18B5EAE3E2D4050 ] C:\WINDOWS\system32\basesrv.dll
12:27:11.0145 0x0f24 [ B36597EF454D4FEA2F11429A9A1424BD, B312998C6B5BE4B03803D2FACC0FBE1D025B538D6E681E99FE587941B0C7EF3A ] C:\WINDOWS\system32\winsrv.dll
12:27:11.0192 0x0f24 [ BD7C6949984D19AAA609896B675E7357, 5B46538B27BC70F5A3805AA63F6AACDC780C7168468FB535F2D35CF26B9DEE06 ] C:\WINDOWS\system32\sxssrv.dll
12:27:11.0223 0x0f24 [ 754A2CC1F32107EA87CBD305ABE3E618, C5587F286397D8C398F78F738FFD402CCF5487B4415D794E8F3CB430D717C9B4 ] C:\WINDOWS\system32\services.exe
12:27:11.0239 0x0f24 [ Global ] - ok
12:27:11.0239 0x0f24 ================ Scan MBR ==================================
12:27:11.0255 0x0f24 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:27:11.0505 0x0f24 \Device\Harddisk0\DR0 - ok
12:27:11.0505 0x0f24 ================ Scan VBR ==================================
12:27:11.0505 0x0f24 [ 73BC63736CDA1AB2A90AFFC8405B7D6C ] \Device\Harddisk0\DR0\Partition1
12:27:11.0520 0x0f24 \Device\Harddisk0\DR0\Partition1 - ok
12:27:11.0520 0x0f24 [ 585FD4B5078B7F88A5A3888744C937C9 ] \Device\Harddisk0\DR0\Partition2
12:27:11.0520 0x0f24 \Device\Harddisk0\DR0\Partition2 - ok
12:27:11.0520 0x0f24 Waiting for KSN requests completion. In queue: 100
12:27:12.0536 0x0f24 Waiting for KSN requests completion. In queue: 100
12:27:13.0552 0x0f24 Waiting for KSN requests completion. In queue: 100
12:27:14.0583 0x0f24 AV detected via SS2: ESET Smart Security 7.0, C:\Program Files\ESET\ESET Smart Security\ecmd.exe ( 7.0.302.0 ), 0x42000 ( disabled : updated )
12:27:14.0599 0x0f24 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.3.215.0 ), 0x60100 ( disabled : updated )
12:27:14.0599 0x0f24 FW detected via SS2: ESET personal firewall, C:\Program Files\ESET\ESET Smart Security\ecmd.exe ( 7.0.302.0 ), 0x40010 ( disabled )
12:27:14.0599 0x0f24 Win FW state via NFP2: enabled
12:27:16.0974 0x0f24 ============================================================
12:27:16.0974 0x0f24 Scan finished
12:27:16.0974 0x0f24 ============================================================
12:27:16.0974 0x0afc Detected object count: 0
12:27:16.0974 0x0afc Actual detected object count: 0
12:27:30.0006 0x0704 Deinitialize success

[jaro3]

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[Ajven]

ComboFix 14-03-04.03 - Ajven 04.03.2014 19:15:37.1.2 - x64
Microsoft Windows 8 Pro 6.2.9200.0.1250.421.2057.18.3982.2479 [GMT 0:00]
Running from: c:\users\Ajven\Desktop\ComboFix.exe
AV: ESET Smart Security 7.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET personal firewall *Disabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 7.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\defaults\preferences\prefs.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\manifest.xml
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins.json
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\1_base.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\102_dealply_m.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\103_intext_5_m.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\104_jollywallet_m.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\108_icm_m.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\119_similar_web_m.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\123_intext_adv_m.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\13_CrossriderAppUtils.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\14_CrossriderUtils.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\155_ibario_pops_m.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\16_FFAppAPIWrapper.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\17_jQuery.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\177_crossriderDashboard.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\178_revizer_ws_dynamic_m.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\179_revizer_p_dynamic_m.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\180_bpo_serp_m.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\182_openUrl.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\183_tabsWrapper.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\184_noproblemppc_m.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\190_pops_5_m.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\191_ciuvo_m.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\195_icm_convertmedia_m.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\207_dbWrapper.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\21_debug.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\22_resources.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\220_icm_base_m.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\221_icm_downloads_m.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\223_imonomy_m.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\226_set_campaign_id_m.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\231_revizer_ws_dynamic_2_m.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\28_initializer.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\4_jquery_1_7_1.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\47_resources_background.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\64_appApiMessage-1.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\64_appApiMessage.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\7_hooks.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\72_appApiValidation.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\78_CrossriderInfo.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\87_ginyas_wrapper.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\9_search_engine_hook.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\91_monetizationLoader.js.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\93_superfish_no_coupons_m.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\plugins\98_omniCommands.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\userCode\background.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\extensionData\userCode\extension.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome.manifest
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\api.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\api\asyncDB.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\api\background.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\api\browserAction.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\api\contextMenu.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\api\dbManager.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\api\dom_bg.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\api\fileManager.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\api\firefox.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\api\firefoxNotifications.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\api\firefoxOmnibox.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\api\message.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\api\pageAction.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\api\request.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\api\tabs.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\api\webRequest.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\api\windowsMessagingHandler.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\background.html
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\baseObject.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\browser.xul
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\core\addressBarChangeObserver.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\core\console.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\core\consts.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\core\delegate.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\core\extensionDataStore.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\core\folderIOWrapper.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\core\httpObserver.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\core\IDBWrapper.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\core\installer.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\core\logFile.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\core\prefs.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\core\progressListenerObserver.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\core\registry.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\core\reloadObserver.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\core\reports.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\core\requestObject.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\core\searchSettings.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\core\uninstallObserver.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\core\updateManager.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\core\utils.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\core\xhr.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\dialog.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\ffCoreFilesIndex.txt
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\main.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\options.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\options.xul
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\platformVersion.js
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\chrome\content\search_dialog.xul
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\install.rdf
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\locale\en-US\translations.dtd
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\skin\button1.png
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\skin\button2.png
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\skin\button3.png
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\skin\button4.png
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\skin\button5.png
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\skin\crossrider_statusbar.png
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\skin\icon128.png
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\skin\icon16.png
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\skin\icon24.png
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\skin\icon48.png
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\skin\panelarrow-up.png
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\skin\popup.html
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\skin\skin.css
c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com\skin\update.css
.
.
((((((((((((((((((((((((( Files Created from 2014-02-04 to 2014-03-04 )))))))))))))))))))))))))))))))
.
.
2014-03-04 19:23 . 2014-03-04 19:23 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-03-04 00:29 . 2014-03-04 00:29 -------- d-----w- c:\windows\ERUNT
2014-03-04 00:22 . 2014-03-04 00:24 -------- d-----w- C:\AdwCleaner
2014-03-03 19:26 . 2014-02-17 22:03 78304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-03 19:26 . 2014-02-17 22:03 694240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-03-03 15:00 . 2014-03-03 15:05 -------- d-----r- c:\windows\BrowserChoice
2014-03-03 14:53 . 2012-11-26 02:15 16114176 ----a-w- c:\program files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2014-03-03 14:53 . 2012-11-26 02:14 15541248 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2014-03-03 14:24 . 2014-03-03 14:24 -------- d-----w- c:\program files (x86)\Trend Micro
2014-03-03 11:39 . 2014-03-03 11:39 -------- d-----w- c:\programdata\Malwarebytes
2014-03-03 11:39 . 2013-04-04 14:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-03-03 11:39 . 2014-03-03 11:39 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2014-03-03 01:36 . 2014-03-03 01:36 -------- d-----w- c:\windows\system32\appmgmt
2014-03-03 01:08 . 2014-03-03 01:08 2 --shatr- c:\windows\winstart.bat
2014-03-03 00:39 . 2014-03-03 00:39 -------- d-----w- c:\programdata\MFAData
2014-03-03 00:39 . 2014-03-03 00:39 -------- d--h--w- c:\programdata\Common Files
2014-03-02 22:34 . 2014-03-02 22:38 -------- d-----w- c:\windows\SysWow64\NV
2014-03-02 22:34 . 2014-03-02 22:38 -------- d-----w- c:\windows\system32\NV
2014-03-02 22:23 . 2014-03-02 22:25 -------- d-----w- c:\windows\system32\MRT
2014-03-02 22:19 . 2012-10-10 07:04 94208 ----a-w- c:\windows\system32\synceng.dll
2014-03-02 22:19 . 2012-10-10 06:31 72192 ----a-w- c:\windows\SysWow64\synceng.dll
2014-03-02 22:17 . 2013-12-04 23:43 1845248 ----a-w- c:\windows\system32\msxml3.dll
2014-03-02 22:17 . 2013-12-04 23:37 1419264 ----a-w- c:\windows\SysWow64\msxml3.dll
2014-03-02 22:17 . 2013-10-10 09:21 1160192 ----a-w- c:\windows\system32\IKEEXT.DLL
2014-03-02 22:17 . 2013-10-10 11:53 96600 ----a-w- c:\windows\system32\drivers\wfplwfs.sys
2014-03-02 22:17 . 2013-10-10 09:20 723968 ----a-w- c:\windows\system32\BFE.DLL
2014-03-02 22:17 . 2013-06-10 19:16 888832 ----a-w- c:\windows\system32\nshwfp.dll
2014-03-02 22:17 . 2013-06-10 19:15 381952 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2014-03-02 22:17 . 2013-06-10 19:10 702464 ----a-w- c:\windows\SysWow64\nshwfp.dll
2014-03-02 22:17 . 2013-06-10 19:10 245248 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2014-03-02 22:15 . 2012-11-26 04:21 71168 ----a-w- c:\windows\SysWow64\ncryptsslp.dll
2014-03-02 22:15 . 2012-11-26 04:20 86016 ----a-w- c:\windows\system32\ncryptsslp.dll
2014-03-02 22:15 . 2013-10-19 05:45 62976 ----a-w- c:\windows\system32\imagehlp.dll
2014-03-02 22:15 . 2013-10-19 04:04 59392 ----a-w- c:\windows\SysWow64\imagehlp.dll
2014-03-02 22:15 . 2013-07-06 00:15 652288 ----a-w- c:\windows\system32\comctl32.dll
2014-03-02 22:15 . 2013-07-04 02:13 541696 ----a-w- c:\windows\SysWow64\comctl32.dll
2014-03-02 22:14 . 2013-04-10 22:35 2035200 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkObj.dll
2014-03-02 22:14 . 2013-04-11 04:12 1029632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\journal.dll
2014-03-02 22:14 . 2013-04-11 04:12 1413632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\InkObj.dll
2014-03-02 22:14 . 2013-04-10 22:35 1617920 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2014-03-02 22:14 . 2013-04-10 22:35 1318912 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2014-03-02 22:14 . 2013-04-10 22:35 1306112 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2014-03-02 22:14 . 2013-04-10 22:35 1272320 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2014-03-02 22:14 . 2013-11-01 05:53 2232664 ----a-w- c:\windows\system32\drivers\tcpip.sys
2014-03-02 22:14 . 2013-03-02 09:59 411880 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2014-03-02 22:13 . 2013-01-10 01:40 303848 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2014-03-02 22:13 . 2013-10-02 23:25 1300992 ----a-w- c:\windows\system32\gdi32.dll
2014-03-02 22:13 . 2013-10-01 22:22 1022976 ----a-w- c:\windows\SysWow64\gdi32.dll
2014-03-02 22:13 . 2013-12-09 00:45 523776 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-03-02 22:13 . 2013-12-08 23:59 600064 ----a-w- c:\windows\system32\vbscript.dll
2014-03-02 22:13 . 2012-08-31 00:52 17888 ----a-w- c:\windows\system32\msvcr100_clr0400.dll
2014-03-02 22:13 . 2012-08-31 00:53 17888 ----a-w- c:\windows\SysWow64\msvcr100_clr0400.dll
2014-03-02 22:11 . 2013-06-22 05:45 785624 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2014-03-02 22:11 . 2013-06-22 05:45 54488 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2014-03-02 22:11 . 2013-07-05 22:02 99328 ----a-w- c:\windows\system32\drivers\usbcir.sys
2014-03-02 22:11 . 2013-07-05 22:01 210560 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2014-03-02 22:11 . 2013-07-01 22:14 25600 ----a-w- c:\windows\system32\drivers\usbprint.sys
2014-03-02 22:11 . 2013-06-29 03:08 32768 ----a-w- c:\windows\system32\drivers\hidparse.sys
2014-03-02 22:11 . 2013-06-29 03:07 83968 ----a-w- c:\windows\system32\drivers\hidclass.sys
2014-03-02 22:11 . 2013-05-04 04:48 27648 ----a-w- c:\windows\system32\drivers\hidusb.sys
2014-03-02 22:05 . 2013-10-01 23:37 1569280 ----a-w- c:\windows\SysWow64\crypt32.dll
2014-03-02 22:05 . 2013-10-01 23:26 1890816 ----a-w- c:\windows\system32\crypt32.dll
2014-03-02 22:04 . 2013-05-23 23:02 1314816 ----a-w- c:\windows\system32\rpcrt4.dll
2014-03-02 22:04 . 2013-05-23 22:25 694272 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2014-03-02 22:03 . 2013-04-23 23:13 1013248 ----a-w- c:\windows\SysWow64\certutil.exe
2014-03-02 22:03 . 2013-04-23 23:12 109056 ----a-w- c:\windows\SysWow64\cryptnet.dll
2014-03-02 22:03 . 2013-04-23 22:56 1255936 ----a-w- c:\windows\system32\certutil.exe
2014-03-02 22:03 . 2013-04-23 22:55 141312 ----a-w- c:\windows\system32\cryptnet.dll
2014-03-02 22:01 . 2013-05-26 23:17 35328 ----a-w- c:\windows\SysWow64\atmlib.dll
2014-03-02 22:00 . 2013-04-11 22:30 1421312 ----a-w- c:\windows\SysWow64\DWrite.dll
2014-03-02 22:00 . 2013-04-11 22:22 1838080 ----a-w- c:\windows\system32\DWrite.dll
2014-03-02 22:00 . 2013-07-01 01:42 79192 ----a-w- c:\windows\system32\drivers\usbehci.sys
2014-03-02 22:00 . 2013-07-01 01:42 623448 ----a-w- c:\windows\system32\drivers\usbhub.sys
2014-03-02 22:00 . 2013-07-01 01:42 498008 ----a-w- c:\windows\system32\drivers\usbport.sys
2014-03-02 22:00 . 2013-07-01 01:42 21848 ----a-w- c:\windows\system32\drivers\usbd.sys
2014-03-02 22:00 . 2013-06-29 03:07 32256 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2014-03-02 22:00 . 2013-06-29 03:06 120832 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2014-03-02 22:00 . 2012-11-20 04:56 27136 ----a-w- c:\windows\system32\drivers\usbohci.sys
2014-03-02 22:00 . 2013-02-12 00:17 20992 ----a-w- c:\windows\system32\drivers\usb8023.sys
2014-03-02 22:00 . 2014-03-02 22:00 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2014-03-02 21:58 . 2013-05-15 02:25 888320 ----a-w- c:\windows\system32\autochk.exe
2014-03-02 21:58 . 2013-05-15 02:25 542208 ----a-w- c:\windows\system32\untfs.dll
2014-03-02 21:58 . 2013-05-15 02:24 793088 ----a-w- c:\windows\SysWow64\autochk.exe
2014-03-02 21:58 . 2013-05-15 02:24 482816 ----a-w- c:\windows\SysWow64\untfs.dll
2014-03-02 21:58 . 2013-05-30 23:24 1257472 ----a-w- c:\windows\system32\kernel32.dll
2014-03-02 21:58 . 2013-12-04 23:43 583680 ----a-w- c:\windows\system32\msdrm.dll
2014-03-02 21:58 . 2013-12-04 23:37 451072 ----a-w- c:\windows\SysWow64\msdrm.dll
2014-03-02 21:58 . 2013-04-27 05:20 733184 ----a-w- c:\windows\system32\win32spl.dll
2014-03-02 21:58 . 2013-04-02 23:37 25088 ----a-w- c:\windows\SysWow64\cryptdlg.dll
2014-03-02 21:58 . 2013-04-02 23:12 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2014-03-02 21:56 . 2014-02-01 09:19 1084928 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2014-03-02 21:55 . 2013-07-13 06:18 337408 ----a-w- c:\windows\system32\wintrust.dll
2014-03-02 21:54 . 2013-03-15 00:17 861184 ----a-w- c:\windows\system32\drivers\http.sys
2014-03-02 21:53 . 2013-04-09 04:49 231936 ----a-w- c:\windows\system32\fhengine.dll
2014-03-02 21:51 . 2013-09-28 03:35 288768 ----a-w- c:\windows\system32\drivers\portcls.sys
2014-03-02 21:51 . 2012-10-11 05:45 370176 ----a-w- c:\windows\system32\SysFxUI.dll
2014-03-02 21:51 . 2012-10-11 05:19 5632 ----a-w- c:\windows\system32\drivers\drmkaud.sys
2014-03-02 21:51 . 2012-10-11 05:18 111616 ----a-w- c:\windows\system32\drivers\drmk.sys
2014-03-02 21:51 . 2012-11-07 23:04 149264 ----a-w- c:\program files\Windows Defender\SymSrv.dll
2014-03-02 21:51 . 2012-11-07 23:04 1558912 ----a-w- c:\program files\Windows Defender\DbgHelp.dll
2014-03-02 21:51 . 2013-04-11 06:40 6987528 ----a-w- c:\windows\system32\ntoskrnl.exe
2014-03-02 21:49 . 2013-11-01 05:38 312320 ----a-w- c:\windows\system32\msieftp.dll
2014-03-02 21:49 . 2013-11-01 03:49 273408 ----a-w- c:\windows\SysWow64\msieftp.dll
2014-03-02 21:49 . 2012-12-13 04:00 2048 ----a-w- c:\windows\system32\tzres.dll
2014-03-02 21:49 . 2012-12-13 03:59 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-03-02 20:53 . 2014-03-02 20:53 -------- d-----w- c:\program files\Classic Shell
2014-03-02 20:45 . 2014-03-02 20:45 -------- d-----w- c:\program files\ESET
2014-03-02 20:44 . 2014-03-02 20:45 -------- d-----w- c:\program files\GIMP 2
2014-03-02 20:31 . 2014-03-02 20:31 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-03-02 20:31 . 2014-03-02 20:31 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2014-03-02 20:31 . 2014-03-02 20:31 -------- d-----w- c:\programdata\DAEMON Tools Lite
2014-03-02 20:21 . 2014-03-02 20:21 -------- d-----w- c:\programdata\McAfee
2014-03-02 20:05 . 2014-03-02 20:06 -------- d-----w- c:\program files (x86)\OpenOffice 4
2014-03-02 20:04 . 2014-03-02 20:04 -------- d-----w- c:\program files\CCleaner
2014-03-02 19:50 . 2014-03-02 19:50 -------- d-----w- c:\program files (x86)\VideoLAN
2014-03-02 19:47 . 2014-03-02 19:47 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2014-03-02 19:44 . 2014-03-02 19:44 -------- d-----w- c:\program files\WinRAR
2014-03-02 19:37 . 2014-03-02 19:38 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2014-03-02 19:12 . 2014-03-02 19:13 -------- d-----w- c:\programdata\P4G
2014-03-02 19:12 . 2014-03-02 19:12 -------- d-----w- c:\program files\ASUS
2014-03-02 19:07 . 2014-03-02 19:07 -------- d-----w- C:\eSupport
2014-03-02 19:07 . 2012-08-02 03:22 14992 ----a-w- c:\windows\system32\drivers\kbfiltr.sys
2014-03-02 19:02 . 2014-03-02 19:02 -------- d-----w- c:\programdata\Ralink Bluetooth Stack
2014-03-02 19:01 . 2014-03-02 19:01 -------- d-----w- c:\program files (x86)\Ralink Corporation
2014-03-02 18:59 . 2013-04-13 10:22 2482960 ----a-w- c:\windows\system32\drivers\netr28x.sys
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-10 08:13 . 2013-12-10 08:13 18286416 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-12-10 08:13 . 2013-12-10 08:13 15855568 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2013-12-10 08:13 . 2013-12-10 08:13 32544 ----a-w- c:\windows\system32\drivers\nvpciflt.sys
2013-12-10 08:13 . 2013-12-10 08:13 9480328 ----a-w- c:\windows\SysWow64\nvopencl.dll
2013-12-10 08:13 . 2013-12-10 08:13 30344480 ----a-w- c:\windows\system32\nvoglv64.dll
2013-12-10 08:13 . 2013-12-10 08:13 22933792 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2013-12-10 08:13 . 2013-12-10 08:13 11374520 ----a-w- c:\windows\system32\nvopencl.dll
2013-12-10 08:13 . 2013-12-10 08:13 317472 ----a-w- c:\windows\system32\nvoglshim64.dll
2013-12-10 08:13 . 2013-12-10 08:13 266984 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2013-12-10 08:13 . 2013-12-10 08:13 12572960 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-12-10 08:13 . 2013-12-10 08:13 655136 ----a-w- c:\windows\system32\NvIFR64.dll
2013-12-10 08:13 . 2013-12-10 08:13 560416 ----a-w- c:\windows\SysWow64\NvIFR.dll
2013-12-10 08:13 . 2013-12-10 08:13 696096 ----a-w- c:\windows\system32\NvFBC64.dll
2013-12-10 08:13 . 2013-12-10 08:13 599840 ----a-w- c:\windows\SysWow64\NvFBC.dll
2013-12-10 08:13 . 2013-12-10 08:13 1884448 ----a-w- c:\windows\system32\nvdispco6433165.dll
2013-12-10 08:13 . 2013-12-10 08:13 18199872 ----a-w- c:\windows\system32\nvd3dumx.dll
2013-12-10 08:13 . 2013-12-10 08:13 15212336 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-12-10 08:13 . 2013-12-10 08:13 1511712 ----a-w- c:\windows\system32\nvdispgenco6433165.dll
2013-12-10 08:13 . 2013-12-10 08:13 9524088 ----a-w- c:\windows\SysWow64\nvcuda.dll
2013-12-10 08:13 . 2013-12-10 08:13 3131680 ----a-w- c:\windows\system32\nvcuvid.dll
2013-12-10 08:13 . 2013-12-10 08:13 3124512 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-12-10 08:13 . 2013-12-10 08:13 2946848 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2013-12-10 08:13 . 2013-12-10 08:13 2747168 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2013-12-10 08:13 . 2013-12-10 08:13 11426568 ----a-w- c:\windows\system32\nvcuda.dll
2013-12-10 08:12 . 2013-12-10 08:12 2695200 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-12-10 08:12 . 2013-12-10 08:12 25257248 ----a-w- c:\windows\system32\nvcompiler.dll
2013-12-10 08:12 . 2013-12-10 08:12 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2013-10-04 18:33 627712 ----a-w- c:\program files\Classic Shell\ClassicExplorer32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352]
"Spotify Web Helper"="c:\users\Ajven\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-03-02 1171968]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BtTray"="c:\program files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe" [2013-01-10 379904]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"PromptOnSecureDesktop"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
R3 ASUSProcObsrv;ASUS Process Creation/Termination Observer;d:\i386\AsPrOb64.sys;d:\i386\AsPrOb64.sys [x]
R3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;c:\program files\BitComet\tools\BitCometService.exe;c:\program files\BitComet\tools\BitCometService.exe [x]
R3 vmicheartbeat;Hyper-V Heartbeat Service;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S0 edevmon;edevmon;c:\windows\system32\DRIVERS\edevmon.sys;c:\windows\SYSNATIVE\DRIVERS\edevmon.sys [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\System32\drivers\dtsoftbus01.sys;c:\windows\SYSNATIVE\drivers\dtsoftbus01.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe;c:\program files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ATP;ASUS Input Device;c:\windows\System32\drivers\AsusTP.sys;c:\windows\SYSNATIVE\drivers\AsusTP.sys [x]
S3 BtAudioBusSrv;Ralink Bluetooth Audio Bus Service;c:\windows\System32\Drivers\BtAudioBus.sys;c:\windows\SYSNATIVE\Drivers\BtAudioBus.sys [x]
S3 BthL2caScoIfSrv;Bluetooth Profile Interface Driver Service;c:\windows\System32\Drivers\BtL2caScoIf.sys;c:\windows\SYSNATIVE\Drivers\BtL2caScoIf.sys [x]
S3 BthLEEnum;Bluetooth Low Energy Driver;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 btUrbFilterDrv;IVT URB Bluetooth Filter Driver Service;c:\windows\System32\Drivers\IvtUrbBtFlt.sys;c:\windows\SYSNATIVE\Drivers\IvtUrbBtFlt.sys [x]
S3 HIDSwitch;ASUS Wireless Radio Control;c:\windows\System32\drivers\AsHIDSwitch64.sys;c:\windows\SYSNATIVE\drivers\AsHIDSwitch64.sys [x]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 m76usb;M76USB Bluetooth Device Driver;c:\windows\System32\drivers\m76usb.sys;c:\windows\SYSNATIVE\drivers\m76usb.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 RSBASTOR;Realtek PCIE CardReader Driver - BA;c:\windows\system32\DRIVERS\RtsBaStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsBaStor.sys [x]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2014-03-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-02 20:21]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2013-10-04 18:34 774144 ----a-w- c:\program files\Classic Shell\ClassicExplorer64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-12-13 172144]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-12-13 399984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-12-13 441968]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-05-30 13550152]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2013-09-12 5618456]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\
FF - prefs.js: browser.startup.homepage - google.sk
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{11111111-1111-1111-1111-110511071178} - c:\program files (x86)\Plus-HD-7.6\Plus-HD-7.6-bho64.dll
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Completion time: 2014-03-04 19:25:38
ComboFix-quarantined-files.txt 2014-03-04 19:25
.
Pre-Run: 426 877 755 392 bytes free
Post-Run: 426 802 749 440 bytes free
.
- - End Of File - - FB417ABCE9E81DD12D1AD966EB382B4A

[jaro3]

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::
Folder::
c:\programdata\McAfee

Driver::

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

[Ajven]

ComboFix 14-03-04.03 - Ajven 04.03.2014 19:50:40.2.2 - x64
Microsoft Windows 8 Pro 6.2.9200.0.1250.421.2057.18.3982.2654 [GMT 0:00]
Running from: c:\users\Ajven\Desktop\ComboFix.exe
Command switches used :: c:\users\Ajven\Desktop\CFScript.txt
AV: ESET Smart Security 7.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET personal firewall *Disabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 7.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\McAfee
c:\programdata\McAfee\MCLOGS\McUICnt\McUicnt\McUicnt000.log
c:\programdata\McAfee\MCLOGS\PartnerCustom\McCHSvc\McCHSvc000.log
c:\programdata\McAfee\MCLOGS\PartnerCustom\McUicnt\McUicnt000.log
c:\programdata\McAfee\MCLOGS\PartnerCustom\SecurityScan_Release\SecurityScan_Release000.log
c:\programdata\McAfee\MCLOGS\PartnerCustom\SSScheduler\SSScheduler000.log
c:\programdata\McAfee\MCLOGS\SecurityScanner\McUicnt\McUicnt000.log
.
.
((((((((((((((((((((((((( Files Created from 2014-02-04 to 2014-03-04 )))))))))))))))))))))))))))))))
.
.
2014-03-04 19:57 . 2014-03-04 19:57 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-03-04 00:29 . 2014-03-04 00:29 -------- d-----w- c:\windows\ERUNT
2014-03-04 00:22 . 2014-03-04 00:24 -------- d-----w- C:\AdwCleaner
2014-03-03 19:26 . 2014-02-17 22:03 78304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-03 19:26 . 2014-02-17 22:03 694240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-03-03 15:00 . 2014-03-03 15:05 -------- d-----r- c:\windows\BrowserChoice
2014-03-03 14:53 . 2012-11-26 02:15 16114176 ----a-w- c:\program files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2014-03-03 14:53 . 2012-11-26 02:14 15541248 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2014-03-03 14:24 . 2014-03-03 14:24 -------- d-----w- c:\program files (x86)\Trend Micro
2014-03-03 11:39 . 2014-03-03 11:39 -------- d-----w- c:\programdata\Malwarebytes
2014-03-03 11:39 . 2013-04-04 14:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-03-03 11:39 . 2014-03-03 11:39 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2014-03-03 01:36 . 2014-03-03 01:36 -------- d-----w- c:\windows\system32\appmgmt
2014-03-03 01:08 . 2014-03-03 01:08 2 --shatr- c:\windows\winstart.bat
2014-03-03 00:39 . 2014-03-03 00:39 -------- d-----w- c:\programdata\MFAData
2014-03-03 00:39 . 2014-03-03 00:39 -------- d--h--w- c:\programdata\Common Files
2014-03-02 22:34 . 2014-03-02 22:38 -------- d-----w- c:\windows\SysWow64\NV
2014-03-02 22:34 . 2014-03-02 22:38 -------- d-----w- c:\windows\system32\NV
2014-03-02 22:23 . 2014-03-02 22:25 -------- d-----w- c:\windows\system32\MRT
2014-03-02 22:19 . 2012-10-10 07:04 94208 ----a-w- c:\windows\system32\synceng.dll
2014-03-02 22:19 . 2012-10-10 06:31 72192 ----a-w- c:\windows\SysWow64\synceng.dll
2014-03-02 22:17 . 2013-12-04 23:43 1845248 ----a-w- c:\windows\system32\msxml3.dll
2014-03-02 22:17 . 2013-12-04 23:37 1419264 ----a-w- c:\windows\SysWow64\msxml3.dll
2014-03-02 22:17 . 2013-10-10 09:21 1160192 ----a-w- c:\windows\system32\IKEEXT.DLL
2014-03-02 22:17 . 2013-10-10 11:53 96600 ----a-w- c:\windows\system32\drivers\wfplwfs.sys
2014-03-02 22:17 . 2013-10-10 09:20 723968 ----a-w- c:\windows\system32\BFE.DLL
2014-03-02 22:17 . 2013-06-10 19:16 888832 ----a-w- c:\windows\system32\nshwfp.dll
2014-03-02 22:17 . 2013-06-10 19:15 381952 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2014-03-02 22:17 . 2013-06-10 19:10 702464 ----a-w- c:\windows\SysWow64\nshwfp.dll
2014-03-02 22:17 . 2013-06-10 19:10 245248 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2014-03-02 22:15 . 2012-11-26 04:21 71168 ----a-w- c:\windows\SysWow64\ncryptsslp.dll
2014-03-02 22:15 . 2012-11-26 04:20 86016 ----a-w- c:\windows\system32\ncryptsslp.dll
2014-03-02 22:15 . 2013-10-19 05:45 62976 ----a-w- c:\windows\system32\imagehlp.dll
2014-03-02 22:15 . 2013-10-19 04:04 59392 ----a-w- c:\windows\SysWow64\imagehlp.dll
2014-03-02 22:15 . 2013-07-06 00:15 652288 ----a-w- c:\windows\system32\comctl32.dll
2014-03-02 22:15 . 2013-07-04 02:13 541696 ----a-w- c:\windows\SysWow64\comctl32.dll
2014-03-02 22:14 . 2013-04-10 22:35 2035200 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkObj.dll
2014-03-02 22:14 . 2013-04-11 04:12 1029632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\journal.dll
2014-03-02 22:14 . 2013-04-11 04:12 1413632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\InkObj.dll
2014-03-02 22:14 . 2013-04-10 22:35 1617920 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2014-03-02 22:14 . 2013-04-10 22:35 1318912 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2014-03-02 22:14 . 2013-04-10 22:35 1306112 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2014-03-02 22:14 . 2013-04-10 22:35 1272320 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2014-03-02 22:14 . 2013-11-01 05:53 2232664 ----a-w- c:\windows\system32\drivers\tcpip.sys
2014-03-02 22:14 . 2013-03-02 09:59 411880 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2014-03-02 22:13 . 2013-01-10 01:40 303848 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2014-03-02 22:13 . 2013-10-02 23:25 1300992 ----a-w- c:\windows\system32\gdi32.dll
2014-03-02 22:13 . 2013-10-01 22:22 1022976 ----a-w- c:\windows\SysWow64\gdi32.dll
2014-03-02 22:13 . 2013-12-09 00:45 523776 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-03-02 22:13 . 2013-12-08 23:59 600064 ----a-w- c:\windows\system32\vbscript.dll
2014-03-02 22:13 . 2012-08-31 00:52 17888 ----a-w- c:\windows\system32\msvcr100_clr0400.dll
2014-03-02 22:13 . 2012-08-31 00:53 17888 ----a-w- c:\windows\SysWow64\msvcr100_clr0400.dll
2014-03-02 22:11 . 2013-06-22 05:45 785624 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2014-03-02 22:11 . 2013-06-22 05:45 54488 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2014-03-02 22:11 . 2013-07-05 22:02 99328 ----a-w- c:\windows\system32\drivers\usbcir.sys
2014-03-02 22:11 . 2013-07-05 22:01 210560 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2014-03-02 22:11 . 2013-07-01 22:14 25600 ----a-w- c:\windows\system32\drivers\usbprint.sys
2014-03-02 22:11 . 2013-06-29 03:08 32768 ----a-w- c:\windows\system32\drivers\hidparse.sys
2014-03-02 22:11 . 2013-06-29 03:07 83968 ----a-w- c:\windows\system32\drivers\hidclass.sys
2014-03-02 22:11 . 2013-05-04 04:48 27648 ----a-w- c:\windows\system32\drivers\hidusb.sys
2014-03-02 22:05 . 2013-10-01 23:37 1569280 ----a-w- c:\windows\SysWow64\crypt32.dll
2014-03-02 22:05 . 2013-10-01 23:26 1890816 ----a-w- c:\windows\system32\crypt32.dll
2014-03-02 22:04 . 2013-05-23 23:02 1314816 ----a-w- c:\windows\system32\rpcrt4.dll
2014-03-02 22:04 . 2013-05-23 22:25 694272 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2014-03-02 22:03 . 2013-04-23 23:13 1013248 ----a-w- c:\windows\SysWow64\certutil.exe
2014-03-02 22:03 . 2013-04-23 23:12 109056 ----a-w- c:\windows\SysWow64\cryptnet.dll
2014-03-02 22:03 . 2013-04-23 22:56 1255936 ----a-w- c:\windows\system32\certutil.exe
2014-03-02 22:03 . 2013-04-23 22:55 141312 ----a-w- c:\windows\system32\cryptnet.dll
2014-03-02 22:01 . 2013-05-26 23:17 35328 ----a-w- c:\windows\SysWow64\atmlib.dll
2014-03-02 22:00 . 2013-04-11 22:30 1421312 ----a-w- c:\windows\SysWow64\DWrite.dll
2014-03-02 22:00 . 2013-04-11 22:22 1838080 ----a-w- c:\windows\system32\DWrite.dll
2014-03-02 22:00 . 2013-07-01 01:42 79192 ----a-w- c:\windows\system32\drivers\usbehci.sys
2014-03-02 22:00 . 2013-07-01 01:42 623448 ----a-w- c:\windows\system32\drivers\usbhub.sys
2014-03-02 22:00 . 2013-07-01 01:42 498008 ----a-w- c:\windows\system32\drivers\usbport.sys
2014-03-02 22:00 . 2013-07-01 01:42 21848 ----a-w- c:\windows\system32\drivers\usbd.sys
2014-03-02 22:00 . 2013-06-29 03:07 32256 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2014-03-02 22:00 . 2013-06-29 03:06 120832 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2014-03-02 22:00 . 2012-11-20 04:56 27136 ----a-w- c:\windows\system32\drivers\usbohci.sys
2014-03-02 22:00 . 2013-02-12 00:17 20992 ----a-w- c:\windows\system32\drivers\usb8023.sys
2014-03-02 22:00 . 2014-03-02 22:00 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2014-03-02 21:58 . 2013-05-15 02:25 888320 ----a-w- c:\windows\system32\autochk.exe
2014-03-02 21:58 . 2013-05-15 02:25 542208 ----a-w- c:\windows\system32\untfs.dll
2014-03-02 21:58 . 2013-05-15 02:24 793088 ----a-w- c:\windows\SysWow64\autochk.exe
2014-03-02 21:58 . 2013-05-15 02:24 482816 ----a-w- c:\windows\SysWow64\untfs.dll
2014-03-02 21:58 . 2013-05-30 23:24 1257472 ----a-w- c:\windows\system32\kernel32.dll
2014-03-02 21:58 . 2013-12-04 23:43 583680 ----a-w- c:\windows\system32\msdrm.dll
2014-03-02 21:58 . 2013-12-04 23:37 451072 ----a-w- c:\windows\SysWow64\msdrm.dll
2014-03-02 21:58 . 2013-04-27 05:20 733184 ----a-w- c:\windows\system32\win32spl.dll
2014-03-02 21:58 . 2013-04-02 23:37 25088 ----a-w- c:\windows\SysWow64\cryptdlg.dll
2014-03-02 21:58 . 2013-04-02 23:12 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2014-03-02 21:56 . 2014-02-01 09:19 1084928 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2014-03-02 21:55 . 2013-07-13 06:18 337408 ----a-w- c:\windows\system32\wintrust.dll
2014-03-02 21:54 . 2013-03-15 00:17 861184 ----a-w- c:\windows\system32\drivers\http.sys
2014-03-02 21:53 . 2013-04-09 04:49 231936 ----a-w- c:\windows\system32\fhengine.dll
2014-03-02 21:51 . 2013-09-28 03:35 288768 ----a-w- c:\windows\system32\drivers\portcls.sys
2014-03-02 21:51 . 2012-10-11 05:45 370176 ----a-w- c:\windows\system32\SysFxUI.dll
2014-03-02 21:51 . 2012-10-11 05:19 5632 ----a-w- c:\windows\system32\drivers\drmkaud.sys
2014-03-02 21:51 . 2012-10-11 05:18 111616 ----a-w- c:\windows\system32\drivers\drmk.sys
2014-03-02 21:51 . 2012-11-07 23:04 149264 ----a-w- c:\program files\Windows Defender\SymSrv.dll
2014-03-02 21:51 . 2012-11-07 23:04 1558912 ----a-w- c:\program files\Windows Defender\DbgHelp.dll
2014-03-02 21:51 . 2013-04-11 06:40 6987528 ----a-w- c:\windows\system32\ntoskrnl.exe
2014-03-02 21:49 . 2013-11-01 05:38 312320 ----a-w- c:\windows\system32\msieftp.dll
2014-03-02 21:49 . 2013-11-01 03:49 273408 ----a-w- c:\windows\SysWow64\msieftp.dll
2014-03-02 21:49 . 2012-12-13 04:00 2048 ----a-w- c:\windows\system32\tzres.dll
2014-03-02 21:49 . 2012-12-13 03:59 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-03-02 20:53 . 2014-03-02 20:53 -------- d-----w- c:\program files\Classic Shell
2014-03-02 20:45 . 2014-03-02 20:45 -------- d-----w- c:\program files\ESET
2014-03-02 20:44 . 2014-03-02 20:45 -------- d-----w- c:\program files\GIMP 2
2014-03-02 20:31 . 2014-03-02 20:31 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-03-02 20:31 . 2014-03-02 20:31 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2014-03-02 20:31 . 2014-03-02 20:31 -------- d-----w- c:\programdata\DAEMON Tools Lite
2014-03-02 20:05 . 2014-03-02 20:06 -------- d-----w- c:\program files (x86)\OpenOffice 4
2014-03-02 20:04 . 2014-03-02 20:04 -------- d-----w- c:\program files\CCleaner
2014-03-02 19:50 . 2014-03-02 19:50 -------- d-----w- c:\program files (x86)\VideoLAN
2014-03-02 19:47 . 2014-03-02 19:47 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2014-03-02 19:44 . 2014-03-02 19:44 -------- d-----w- c:\program files\WinRAR
2014-03-02 19:37 . 2014-03-02 19:38 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2014-03-02 19:12 . 2014-03-02 19:13 -------- d-----w- c:\programdata\P4G
2014-03-02 19:12 . 2014-03-02 19:12 -------- d-----w- c:\program files\ASUS
2014-03-02 19:07 . 2014-03-02 19:07 -------- d-----w- C:\eSupport
2014-03-02 19:07 . 2012-08-02 03:22 14992 ----a-w- c:\windows\system32\drivers\kbfiltr.sys
2014-03-02 19:02 . 2014-03-02 19:02 -------- d-----w- c:\programdata\Ralink Bluetooth Stack
2014-03-02 19:01 . 2014-03-02 19:01 -------- d-----w- c:\program files (x86)\Ralink Corporation
2014-03-02 18:59 . 2013-04-13 10:22 2482960 ----a-w- c:\windows\system32\drivers\netr28x.sys
2014-03-02 18:59 . 2013-03-29 12:59 334000 ----a-w- c:\windows\system32\RaCoInstx.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-10 08:13 . 2013-12-10 08:13 18286416 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-12-10 08:13 . 2013-12-10 08:13 15855568 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2013-12-10 08:13 . 2013-12-10 08:13 32544 ----a-w- c:\windows\system32\drivers\nvpciflt.sys
2013-12-10 08:13 . 2013-12-10 08:13 9480328 ----a-w- c:\windows\SysWow64\nvopencl.dll
2013-12-10 08:13 . 2013-12-10 08:13 30344480 ----a-w- c:\windows\system32\nvoglv64.dll
2013-12-10 08:13 . 2013-12-10 08:13 22933792 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2013-12-10 08:13 . 2013-12-10 08:13 11374520 ----a-w- c:\windows\system32\nvopencl.dll
2013-12-10 08:13 . 2013-12-10 08:13 317472 ----a-w- c:\windows\system32\nvoglshim64.dll
2013-12-10 08:13 . 2013-12-10 08:13 266984 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2013-12-10 08:13 . 2013-12-10 08:13 12572960 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-12-10 08:13 . 2013-12-10 08:13 655136 ----a-w- c:\windows\system32\NvIFR64.dll
2013-12-10 08:13 . 2013-12-10 08:13 560416 ----a-w- c:\windows\SysWow64\NvIFR.dll
2013-12-10 08:13 . 2013-12-10 08:13 696096 ----a-w- c:\windows\system32\NvFBC64.dll
2013-12-10 08:13 . 2013-12-10 08:13 599840 ----a-w- c:\windows\SysWow64\NvFBC.dll
2013-12-10 08:13 . 2013-12-10 08:13 1884448 ----a-w- c:\windows\system32\nvdispco6433165.dll
2013-12-10 08:13 . 2013-12-10 08:13 18199872 ----a-w- c:\windows\system32\nvd3dumx.dll
2013-12-10 08:13 . 2013-12-10 08:13 15212336 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-12-10 08:13 . 2013-12-10 08:13 1511712 ----a-w- c:\windows\system32\nvdispgenco6433165.dll
2013-12-10 08:13 . 2013-12-10 08:13 9524088 ----a-w- c:\windows\SysWow64\nvcuda.dll
2013-12-10 08:13 . 2013-12-10 08:13 3131680 ----a-w- c:\windows\system32\nvcuvid.dll
2013-12-10 08:13 . 2013-12-10 08:13 3124512 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-12-10 08:13 . 2013-12-10 08:13 2946848 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2013-12-10 08:13 . 2013-12-10 08:13 2747168 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2013-12-10 08:13 . 2013-12-10 08:13 11426568 ----a-w- c:\windows\system32\nvcuda.dll
2013-12-10 08:12 . 2013-12-10 08:12 2695200 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-12-10 08:12 . 2013-12-10 08:12 25257248 ----a-w- c:\windows\system32\nvcompiler.dll
2013-12-10 08:12 . 2013-12-10 08:12 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2013-10-04 18:33 627712 ----a-w- c:\program files\Classic Shell\ClassicExplorer32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352]
"Spotify Web Helper"="c:\users\Ajven\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-03-02 1171968]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BtTray"="c:\program files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe" [2013-01-10 379904]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"PromptOnSecureDesktop"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
R3 ASUSProcObsrv;ASUS Process Creation/Termination Observer;d:\i386\AsPrOb64.sys;d:\i386\AsPrOb64.sys [x]
R3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;c:\program files\BitComet\tools\BitCometService.exe;c:\program files\BitComet\tools\BitCometService.exe [x]
R3 vmicheartbeat;Hyper-V Heartbeat Service;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\System32\drivers\dtsoftbus01.sys;c:\windows\SYSNATIVE\drivers\dtsoftbus01.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe;c:\program files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ATP;ASUS Input Device;c:\windows\System32\drivers\AsusTP.sys;c:\windows\SYSNATIVE\drivers\AsusTP.sys [x]
S3 BtAudioBusSrv;Ralink Bluetooth Audio Bus Service;c:\windows\System32\Drivers\BtAudioBus.sys;c:\windows\SYSNATIVE\Drivers\BtAudioBus.sys [x]
S3 BthL2caScoIfSrv;Bluetooth Profile Interface Driver Service;c:\windows\System32\Drivers\BtL2caScoIf.sys;c:\windows\SYSNATIVE\Drivers\BtL2caScoIf.sys [x]
S3 BthLEEnum;Bluetooth Low Energy Driver;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 btUrbFilterDrv;IVT URB Bluetooth Filter Driver Service;c:\windows\System32\Drivers\IvtUrbBtFlt.sys;c:\windows\SYSNATIVE\Drivers\IvtUrbBtFlt.sys [x]
S3 HIDSwitch;ASUS Wireless Radio Control;c:\windows\System32\drivers\AsHIDSwitch64.sys;c:\windows\SYSNATIVE\drivers\AsHIDSwitch64.sys [x]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 m76usb;M76USB Bluetooth Device Driver;c:\windows\System32\drivers\m76usb.sys;c:\windows\SYSNATIVE\drivers\m76usb.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 RSBASTOR;Realtek PCIE CardReader Driver - BA;c:\windows\system32\DRIVERS\RtsBaStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsBaStor.sys [x]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2014-03-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-02 20:21]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{11111111-1111-1111-1111-110511071178}]
c:\program files (x86)\Plus-HD-7.6\Plus-HD-7.6-bho64.dll [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2013-10-04 18:34 774144 ----a-w- c:\program files\Classic Shell\ClassicExplorer64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-12-13 172144]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-12-13 399984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-12-13 441968]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-05-30 13550152]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2013-09-12 5618456]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Ajven\AppData\Roaming\Mozilla\Firefox\Profiles\wq1r4qc5.default\
FF - prefs.js: browser.startup.homepage - google.sk
.
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
c:\program files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Completion time: 2014-03-04 20:02:55 - machine was rebooted
ComboFix-quarantined-files.txt 2014-03-04 20:02
ComboFix2.txt 2014-03-04 19:25
.
Pre-Run: 426 477 797 376 bytes free
Post-Run: 426 232 451 072 bytes free
.
- - End Of File - - CE39BED1AED143CD3B380BA8B714BDA9






Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:08:52, on 4.3.2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16798)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Users\Ajven\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O4 - HKLM\..\Run: [BtTray] "C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Ajven\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\WINDOWS\SysWow64\skype4com.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - www.BitComet.com - C:\Program Files\BitComet\tools\BitCometService.exe
O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8596 bytes


idem este stiahnut ten aswMBR...