Kontrola logu (Google Error) 2 Vyřešeno

[ToXiK]

Další počítač s touto hláškou:
We're sorry... but your computer or network may be sending automated queries. To protect our users, we can't process your request right now.

Log:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:26:46, on 19.3.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16521)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Gmail Notifier\gnotify.exe
C:\Program Files\Gmail Notifier2\Gmail Notifier.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Windows\system32\DllHost.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Gmail Notifier.exe] C:\Program Files\Gmail Notifier2\Gmail Notifier.exe /startup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
--
End of file - 5584 bytes

[Reklama]

[jaro3]

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.


Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode)

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Pokud budou problémy , spusť v nouz. režimu.

[ToXiK]

# AdwCleaner v3.022 - Report created 20/03/2014 at 22:13:23
# Updated 13/03/2014 by Xplode
# Operating System : Windows 7 Home Basic Service Pack 1 (32 bits)
# Username : Hrysa - HRYSA-PC
# Running from : C:\Users\Hrysa\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16521


-\\ Mozilla Firefox v27.0.1 (cs)

[ File : C:\Users\Hrysa\AppData\Roaming\Mozilla\Firefox\Profiles\1kinznj9.default\prefs.js ]


-\\ Google Chrome v33.0.1750.154

[ File : C:\Users\Hrysa\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [903 octets] - [20/03/2014 22:13:23]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [962 octets] ##########

[ToXiK]

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2014.03.20.06

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.16521
Hrysa :: HRYSA-PC [administrátor]

Ochrana: Povolena

20.3.2014 23:01:24
MBAM-log-2014-03-20 (23-17-59).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 204264
Uplynulý čas: 15 minut, 40 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 2
C:\Windows\inf\ntvdm.vbe (Malware.Trace) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\ntvdm.inf (Malware.Trace) -> Nebyla provedena žádná instrukce.

(konec)

[jaro3]

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Vymazat-Clean“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

. spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujisti se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Můžeš sem pak vložit nový log z MbAM.

Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

[ToXiK]

# AdwCleaner v3.022 - Report created 21/03/2014 at 19:00:14
# Updated 13/03/2014 by Xplode
# Operating System : Windows 7 Home Basic Service Pack 1 (32 bits)
# Username : Hrysa - HRYSA-PC
# Running from : C:\Users\Hrysa\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16521


-\\ Mozilla Firefox v27.0.1 (cs)

[ File : C:\Users\Hrysa\AppData\Roaming\Mozilla\Firefox\Profiles\1kinznj9.default\prefs.js ]


-\\ Google Chrome v33.0.1750.154

[ File : C:\Users\Hrysa\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1041 octets] - [20/03/2014 22:13:23]
AdwCleaner[R1].txt - [1102 octets] - [21/03/2014 18:58:53]
AdwCleaner[S0].txt - [1028 octets] - [21/03/2014 19:00:14]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1088 octets] ##########

[ToXiK]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Home Basic x86
Ran by Hrysa on p  21.03.2014 at 19:25:17,76
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Hrysa\AppData\Roaming\mozilla\firefox\profiles\1kinznj9.default\minidumps [13 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p  21.03.2014 at 19:29:19,66
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[ToXiK]

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2014.03.20.06

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.16521
Hrysa :: HRYSA-PC [administrátor]

Ochrana: Zakázána

21.3.2014 19:56:19
mbam-log-2014-03-21 (19-56-19).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 204008
Uplynulý čas: 9 minut, 1 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 1
C:\Windows\inf\ntvdm.inf (Malware.Trace) -> Přesun do karantény a smazání se zdařilo.

(konec)

[ToXiK]

RogueKiller V8.8.12 [Mar 20 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Hrysa [Práva správce]
Mód : Kontrola -- Datum : 03/21/2014 20:09:57
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 6 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 genuine.microsoft.com
127.0.0.1 mpa.one.microsoft.com
127.0.0.1 sls.microsoft.com


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD1600BEVE-00UYT0 ATA Device +++++
--- User ---
[MBR] 1b44e355cc61614cc4555b29f8ed2ca2
[BSP] e8f37d9ad7bceaab0e9c1a6d86922158 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 51200 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 105064448 | Size: 101325 MB
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) ADATA USB Flash Drive USB Device +++++
--- User ---
[MBR] a3ea32f8e69c86f90abca4c6e9595b92
[BSP] 33a07a59d299ab4ea9f4ab0156f9d86f : Windows XP MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 56 | Size: 7604 MB
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

+++++ PhysicalDrive2: (\\.\PHYSICALDRIVE2 @ USB) ADATA NH13 USB Device +++++
--- User ---
[MBR] 587a1fb97d26b25a41c4c02785f6f7a6
[BSP] 899e35800a458c07fcdf52f0a2fb26ac : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 715402 MB
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

Dokončeno : << RKreport[0]_S_03212014_200957.txt >>

[Orcus]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

@echo off
del /q /a /f %systemroot%\system32\drivers\etc\hosts 2>nul
echo 127.0.0.1 localhost>>%systemroot%\system32\drivers\etc\hosts
exit


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:zev souboru: zde napiš: FixHosts.bat
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Poklepáním na soubor ho spusť.

====================================================

Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "

- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje "Smazání- Finished "
- Klikni na "Zprávy " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

====================================================

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

[ToXiK]

RogueKiller V8.8.12 [Mar 20 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Hrysa [Práva správce]
Mód : Odebrat -- Datum : 03/23/2014 13:23:43
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 6 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> NAHRAZENO (1)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD1600BEVE-00UYT0 ATA Device +++++
--- User ---
[MBR] 1b44e355cc61614cc4555b29f8ed2ca2
[BSP] e8f37d9ad7bceaab0e9c1a6d86922158 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 51200 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 105064448 | Size: 101325 MB
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) ADATA USB Flash Drive USB Device +++++
--- User ---
[MBR] a3ea32f8e69c86f90abca4c6e9595b92
[BSP] 33a07a59d299ab4ea9f4ab0156f9d86f : Windows XP MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 56 | Size: 7604 MB
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

Dokončeno : << RKreport[0]_D_03232014_132343.txt >>
RKreport[0]_S_03232014_132315.txt

[ToXiK]

13:27:31.0477 1428 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
13:27:33.0477 1428 ============================================================
13:27:33.0477 1428 Current date / time: 2014/03/23 13:27:33.0477
13:27:33.0477 1428 SystemInfo:
13:27:33.0477 1428
13:27:33.0477 1428 OS Version: 6.1.7601 ServicePack: 1.0
13:27:33.0477 1428 Product type: Workstation
13:27:33.0477 1428 ComputerName: HRYSA-PC
13:27:33.0477 1428 UserName: Hrysa
13:27:33.0477 1428 Windows directory: C:\Windows
13:27:33.0477 1428 System windows directory: C:\Windows
13:27:33.0477 1428 Processor architecture: Intel x86
13:27:33.0477 1428 Number of processors: 1
13:27:33.0477 1428 Page size: 0x1000
13:27:33.0477 1428 Boot type: Normal boot
13:27:33.0477 1428 ============================================================
13:27:34.0852 1428 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x11EE4, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000050
13:27:34.0883 1428 Drive \Device\Harddisk1\DR1 - Size: 0x1DB500000 (7.43 Gb), SectorSize: 0x200, Cylinders: 0x3C9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:27:34.0883 1428 ============================================================
13:27:34.0883 1428 \Device\Harddisk0\DR0:
13:27:34.0883 1428 MBR partitions:
13:27:34.0883 1428 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
13:27:34.0883 1428 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x6400000
13:27:34.0883 1428 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x6432800, BlocksNum 0xC5E6800
13:27:34.0883 1428 \Device\Harddisk1\DR1:
13:27:34.0883 1428 MBR partitions:
13:27:34.0883 1428 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x38, BlocksNum 0xEDA7C8
13:27:34.0883 1428 ============================================================
13:27:35.0008 1428 C: <-> \Device\Harddisk0\DR0\Partition2
13:27:35.0071 1428 D: <-> \Device\Harddisk0\DR0\Partition3
13:27:35.0102 1428 ============================================================
13:27:35.0102 1428 Initialize success
13:27:35.0102 1428 ============================================================
13:27:38.0196 1560 ============================================================
13:27:38.0196 1560 Scan started
13:27:38.0196 1560 Mode: Manual;
13:27:38.0196 1560 ============================================================
13:27:38.0946 1560 ================ Scan system memory ========================
13:27:38.0946 1560 System memory - ok
13:27:38.0946 1560 ================ Scan services =============================
13:27:39.0211 1560 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
13:27:39.0211 1560 1394ohci - ok
13:27:39.0243 1560 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
13:27:39.0258 1560 ACPI - ok
13:27:39.0274 1560 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
13:27:39.0274 1560 AcpiPmi - ok
13:27:39.0368 1560 [ B362181ED3771DC03B4141927C80F801 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
13:27:39.0368 1560 AdobeARMservice - ok
13:27:39.0399 1560 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
13:27:39.0399 1560 adp94xx - ok
13:27:39.0430 1560 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\drivers\adpahci.sys
13:27:39.0430 1560 adpahci - ok
13:27:39.0461 1560 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
13:27:39.0461 1560 adpu320 - ok
13:27:39.0524 1560 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:27:39.0524 1560 AeLookupSvc - ok
13:27:39.0571 1560 [ F81BB7E487EDCEAB630A7EE66CF23913 ] AFD C:\Windows\system32\drivers\afd.sys
13:27:39.0571 1560 AFD - ok
13:27:39.0602 1560 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
13:27:39.0602 1560 agp440 - ok
13:27:39.0649 1560 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
13:27:39.0649 1560 aic78xx - ok
13:27:39.0711 1560 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
13:27:39.0711 1560 ALG - ok
13:27:39.0758 1560 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
13:27:39.0758 1560 aliide - ok
13:27:39.0774 1560 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
13:27:39.0790 1560 amdagp - ok
13:27:39.0805 1560 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
13:27:39.0805 1560 amdide - ok
13:27:39.0836 1560 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
13:27:39.0836 1560 AmdK8 - ok
13:27:39.0868 1560 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
13:27:39.0868 1560 AmdPPM - ok
13:27:39.0915 1560 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
13:27:39.0915 1560 amdsata - ok
13:27:39.0946 1560 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
13:27:39.0946 1560 amdsbs - ok
13:27:39.0977 1560 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
13:27:39.0993 1560 amdxata - ok
13:27:40.0024 1560 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
13:27:40.0024 1560 AppID - ok
13:27:40.0071 1560 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:27:40.0071 1560 AppIDSvc - ok
13:27:40.0149 1560 [ EACFDF31921F51C097629F1F3C9129B4 ] Appinfo C:\Windows\System32\appinfo.dll
13:27:40.0149 1560 Appinfo - ok
13:27:40.0180 1560 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\drivers\arc.sys
13:27:40.0180 1560 arc - ok
13:27:40.0196 1560 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\drivers\arcsas.sys
13:27:40.0196 1560 arcsas - ok
13:27:40.0258 1560 [ 66597AD6098352D11239C0C42100B176 ] ASLDRService C:\Program Files\ATK Hotkey\ASLDRSrv.exe
13:27:40.0258 1560 ASLDRService - ok
13:27:40.0383 1560 [ 9D768C43FEF254DD50B1DBF8AD5C4C0B ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
13:27:40.0430 1560 aspnet_state - ok
13:27:40.0493 1560 [ 6F1505608202BBD179095A6A150D103F ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
13:27:40.0493 1560 aswMonFlt - ok
13:27:40.0540 1560 [ 2206985EF126AB90F3D7F1A020589DC9 ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys
13:27:40.0540 1560 aswRdr - ok
13:27:40.0586 1560 [ F385467DF95D0A73775CB3B076B8B969 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
13:27:40.0586 1560 aswRvrt - ok
13:27:40.0665 1560 [ 0F639D0526820BA7872C963813E0EB8D ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
13:27:40.0665 1560 aswSnx - ok
13:27:40.0711 1560 [ 7BA7543EA7936A7ADA615F6DE7C95494 ] aswSP C:\Windows\system32\drivers\aswSP.sys
13:27:40.0711 1560 aswSP - ok
13:27:40.0758 1560 [ 37A6A39C1792BA961EE6172A0F3CA236 ] aswStm C:\Windows\system32\drivers\aswStm.sys
13:27:40.0758 1560 aswStm - ok
13:27:40.0774 1560 [ 71B22453B4CE84A4A4B28833ECA7EB18 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
13:27:40.0774 1560 aswTdi - ok
13:27:40.0821 1560 [ 1B0662514A68C3A42E60D240C5ABEF28 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
13:27:40.0821 1560 aswVmm - ok
13:27:40.0868 1560 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:27:40.0868 1560 AsyncMac - ok
13:27:40.0915 1560 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
13:27:40.0915 1560 atapi - ok
13:27:40.0977 1560 [ 2A5E4F4C40E1394F213DB1027507D5FE ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
13:27:40.0977 1560 Ati External Event Utility - ok
13:27:41.0055 1560 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:27:41.0071 1560 AudioEndpointBuilder - ok
13:27:41.0102 1560 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
13:27:41.0118 1560 Audiosrv - ok
13:27:41.0180 1560 [ D74884939D53612FD84AC82C59CCFE27 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
13:27:41.0180 1560 avast! Antivirus - ok
13:27:41.0227 1560 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:27:41.0227 1560 AxInstSV - ok
13:27:41.0290 1560 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys
13:27:41.0305 1560 b06bdrv - ok
13:27:41.0352 1560 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
13:27:41.0352 1560 b57nd60x - ok
13:27:41.0461 1560 [ EB7C2DADF52F50F69F198C14C3556DC1 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys
13:27:41.0461 1560 BCM43XX - ok
13:27:41.0493 1560 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
13:27:41.0508 1560 BDESVC - ok
13:27:41.0524 1560 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
13:27:41.0524 1560 Beep - ok
13:27:41.0586 1560 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
13:27:41.0602 1560 BFE - ok
13:27:41.0665 1560 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
13:27:41.0696 1560 BITS - ok
13:27:41.0727 1560 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
13:27:41.0727 1560 blbdrive - ok
13:27:41.0774 1560 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:27:41.0774 1560 bowser - ok
13:27:41.0805 1560 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
13:27:41.0805 1560 BrFiltLo - ok
13:27:41.0836 1560 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
13:27:41.0836 1560 BrFiltUp - ok
13:27:41.0868 1560 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
13:27:41.0883 1560 Browser - ok
13:27:41.0915 1560 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
13:27:41.0915 1560 Brserid - ok
13:27:41.0930 1560 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
13:27:41.0946 1560 BrSerWdm - ok
13:27:41.0961 1560 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
13:27:41.0961 1560 BrUsbMdm - ok
13:27:41.0977 1560 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
13:27:41.0977 1560 BrUsbSer - ok
13:27:42.0040 1560 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
13:27:42.0040 1560 BthEnum - ok
13:27:42.0055 1560 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
13:27:42.0055 1560 BTHMODEM - ok
13:27:42.0086 1560 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
13:27:42.0102 1560 BthPan - ok
13:27:42.0149 1560 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
13:27:42.0165 1560 BTHPORT - ok
13:27:42.0211 1560 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
13:27:42.0211 1560 bthserv - ok
13:27:42.0243 1560 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
13:27:42.0243 1560 BTHUSB - ok
13:27:42.0290 1560 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:27:42.0290 1560 cdfs - ok
13:27:42.0352 1560 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:27:42.0352 1560 cdrom - ok
13:27:42.0383 1560 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
13:27:42.0399 1560 CertPropSvc - ok
13:27:42.0446 1560 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\drivers\circlass.sys
13:27:42.0446 1560 circlass - ok
13:27:42.0493 1560 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
13:27:42.0493 1560 CLFS - ok
13:27:42.0571 1560 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:27:42.0586 1560 clr_optimization_v2.0.50727_32 - ok
13:27:42.0633 1560 [ E87213F37A13E2B54391E40934F071D0 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:27:42.0743 1560 clr_optimization_v4.0.30319_32 - ok
13:27:42.0821 1560 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
13:27:42.0821 1560 CmBatt - ok
13:27:42.0868 1560 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:27:42.0868 1560 cmdide - ok
13:27:42.0961 1560 [ 85449EEBE8F8EBD6481EFBF0F352B4EB ] CNG C:\Windows\system32\Drivers\cng.sys
13:27:42.0961 1560 CNG - ok
13:27:43.0024 1560 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
13:27:43.0024 1560 Compbatt - ok
13:27:43.0071 1560 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
13:27:43.0071 1560 CompositeBus - ok
13:27:43.0102 1560 COMSysApp - ok
13:27:43.0133 1560 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
13:27:43.0133 1560 crcdisk - ok
13:27:43.0196 1560 [ 7CA1BECEA5DE2643ADDAD32670E7A4C9 ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:27:43.0211 1560 CryptSvc - ok
13:27:43.0258 1560 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
13:27:43.0274 1560 DcomLaunch - ok
13:27:43.0321 1560 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
13:27:43.0321 1560 defragsvc - ok
13:27:43.0368 1560 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:27:43.0368 1560 DfsC - ok
13:27:43.0415 1560 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
13:27:43.0430 1560 Dhcp - ok
13:27:43.0477 1560 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
13:27:43.0477 1560 discache - ok
13:27:43.0508 1560 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\drivers\disk.sys
13:27:43.0508 1560 Disk - ok
13:27:43.0555 1560 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:27:43.0571 1560 Dnscache - ok
13:27:43.0602 1560 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
13:27:43.0602 1560 dot3svc - ok
13:27:43.0633 1560 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
13:27:43.0649 1560 DPS - ok
13:27:43.0711 1560 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:27:43.0711 1560 drmkaud - ok
13:27:43.0774 1560 [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
13:27:43.0774 1560 dtsoftbus01 - ok
13:27:43.0836 1560 [ 71BC35067CABC02C9453AEAA42B2E43E ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:27:43.0852 1560 DXGKrnl - ok
13:27:43.0868 1560 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
13:27:43.0883 1560 EapHost - ok
13:27:44.0024 1560 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\drivers\evbdx.sys
13:27:44.0055 1560 ebdrv - ok
13:27:44.0086 1560 [ 803B370865D907EA21DC0C2B6A8936B5 ] EFS C:\Windows\System32\lsass.exe
13:27:44.0102 1560 EFS - ok
13:27:44.0133 1560 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\drivers\elxstor.sys
13:27:44.0133 1560 elxstor - ok
13:27:44.0165 1560 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:27:44.0165 1560 ErrDev - ok
13:27:44.0227 1560 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
13:27:44.0243 1560 EventSystem - ok
13:27:44.0258 1560 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
13:27:44.0258 1560 exfat - ok
13:27:44.0290 1560 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:27:44.0290 1560 fastfat - ok
13:27:44.0352 1560 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
13:27:44.0383 1560 Fax - ok
13:27:44.0415 1560 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\drivers\fdc.sys
13:27:44.0415 1560 fdc - ok
13:27:44.0446 1560 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
13:27:44.0461 1560 fdPHost - ok
13:27:44.0477 1560 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
13:27:44.0493 1560 FDResPub - ok
13:27:44.0508 1560 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:27:44.0508 1560 FileInfo - ok
13:27:44.0540 1560 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:27:44.0540 1560 Filetrace - ok
13:27:44.0555 1560 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
13:27:44.0555 1560 flpydisk - ok
13:27:44.0586 1560 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:27:44.0602 1560 FltMgr - ok
13:27:44.0665 1560 [ E12C4928B32ACE04610259647F072635 ] FontCache C:\Windows\system32\FntCache.dll
13:27:44.0696 1560 FontCache - ok
13:27:44.0774 1560 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
13:27:44.0774 1560 FontCache3.0.0.0 - ok
13:27:44.0805 1560 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:27:44.0805 1560 FsDepends - ok
13:27:44.0836 1560 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:27:44.0836 1560 Fs_Rec - ok
13:27:44.0883 1560 [ E306A24D9694C724FA2491278BF50FDB ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:27:44.0899 1560 fvevol - ok
13:27:44.0946 1560 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
13:27:44.0946 1560 gagp30kx - ok
13:27:45.0008 1560 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
13:27:45.0024 1560 gpsvc - ok
13:27:45.0086 1560 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
13:27:45.0086 1560 gupdate - ok
13:27:45.0102 1560 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
13:27:45.0102 1560 gupdatem - ok
13:27:45.0149 1560 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
13:27:45.0149 1560 hcw85cir - ok
13:27:45.0196 1560 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:27:45.0196 1560 HdAudAddService - ok
13:27:45.0243 1560 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
13:27:45.0243 1560 HDAudBus - ok
13:27:45.0258 1560 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
13:27:45.0258 1560 HidBatt - ok
13:27:45.0290 1560 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\drivers\hidbth.sys
13:27:45.0290 1560 HidBth - ok
13:27:45.0336 1560 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\drivers\hidir.sys
13:27:45.0352 1560 HidIr - ok
13:27:45.0383 1560 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
13:27:45.0383 1560 hidserv - ok
13:27:45.0446 1560 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:27:45.0446 1560 HidUsb - ok
13:27:45.0493 1560 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
13:27:45.0508 1560 hkmsvc - ok
13:27:45.0540 1560 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:27:45.0540 1560 HomeGroupListener - ok
13:27:45.0586 1560 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:27:45.0602 1560 HomeGroupProvider - ok
13:27:45.0649 1560 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
13:27:45.0649 1560 HpSAMD - ok
13:27:45.0680 1560 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:27:45.0680 1560 HTTP - ok
13:27:45.0711 1560 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:27:45.0711 1560 hwpolicy - ok
13:27:45.0758 1560 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
13:27:45.0758 1560 i8042prt - ok
13:27:45.0805 1560 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
13:27:45.0805 1560 iaStorV - ok
13:27:45.0899 1560 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:27:45.0930 1560 idsvc - ok
13:27:45.0977 1560 IEEtwCollectorService - ok
13:27:45.0993 1560 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\drivers\iirsp.sys
13:27:45.0993 1560 iirsp - ok
13:27:46.0055 1560 [ B9C54120F46392100478F58F374E5709 ] IKEEXT C:\Windows\System32\ikeext.dll
13:27:46.0071 1560 IKEEXT - ok
13:27:46.0227 1560 [ F2C17D2C3D70C389193D9954E375E5E3 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
13:27:46.0258 1560 IntcAzAudAddService - ok
13:27:46.0321 1560 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
13:27:46.0321 1560 intelide - ok
13:27:46.0352 1560 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:27:46.0352 1560 intelppm - ok
13:27:46.0399 1560 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:27:46.0399 1560 IPBusEnum - ok
13:27:46.0430 1560 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:27:46.0430 1560 IpFilterDriver - ok
13:27:46.0493 1560 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:27:46.0524 1560 iphlpsvc - ok
13:27:46.0540 1560 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
13:27:46.0540 1560 IPMIDRV - ok
13:27:46.0555 1560 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:27:46.0571 1560 IPNAT - ok
13:27:46.0602 1560 [ 9F7E491FB0BA0F9E370163834FC1FE31 ] irda C:\Windows\system32\DRIVERS\irda.sys
13:27:46.0602 1560 irda - ok
13:27:46.0665 1560 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:27:46.0665 1560 IRENUM - ok
13:27:46.0696 1560 [ 4220D2F03D5C4226D0A1AA4B84025E45 ] Irmon C:\Windows\System32\irmon.dll
13:27:46.0696 1560 Irmon - ok
13:27:46.0743 1560 [ D04DA73127FFED720DFC4EB673A23E04 ] irsir C:\Windows\system32\DRIVERS\irsir.sys
13:27:46.0743 1560 irsir - ok
13:27:46.0774 1560 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:27:46.0774 1560 isapnp - ok
13:27:46.0805 1560 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
13:27:46.0821 1560 iScsiPrt - ok
13:27:46.0852 1560 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:27:46.0852 1560 kbdclass - ok
13:27:46.0899 1560 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
13:27:46.0899 1560 kbdhid - ok
13:27:46.0930 1560 [ 803B370865D907EA21DC0C2B6A8936B5 ] KeyIso C:\Windows\system32\lsass.exe
13:27:46.0946 1560 KeyIso - ok
13:27:46.0993 1560 [ F286830298323272260332D6ABC905C1 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:27:46.0993 1560 KSecDD - ok
13:27:47.0024 1560 [ D7C760D57B1656DD748B9E4AB6CB5A51 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:27:47.0024 1560 KSecPkg - ok
13:27:47.0071 1560 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
13:27:47.0086 1560 KtmRm - ok
13:27:47.0149 1560 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
13:27:47.0149 1560 LanmanServer - ok
13:27:47.0211 1560 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:27:47.0211 1560 LanmanWorkstation - ok
13:27:47.0274 1560 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:27:47.0274 1560 lltdio - ok
13:27:47.0321 1560 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:27:47.0336 1560 lltdsvc - ok
13:27:47.0352 1560 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
13:27:47.0368 1560 lmhosts - ok
13:27:47.0399 1560 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
13:27:47.0399 1560 LSI_FC - ok
13:27:47.0446 1560 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
13:27:47.0446 1560 LSI_SAS - ok
13:27:47.0461 1560 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
13:27:47.0461 1560 LSI_SAS2 - ok
13:27:47.0493 1560 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
13:27:47.0493 1560 LSI_SCSI - ok
13:27:47.0508 1560 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
13:27:47.0508 1560 luafv - ok
13:27:47.0571 1560 [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
13:27:47.0571 1560 MBAMProtector - ok
13:27:47.0618 1560 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
13:27:47.0633 1560 MBAMScheduler - ok
13:27:47.0680 1560 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
13:27:47.0696 1560 MBAMService - ok
13:27:47.0727 1560 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\drivers\megasas.sys
13:27:47.0727 1560 megasas - ok
13:27:47.0758 1560 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
13:27:47.0758 1560 MegaSR - ok
13:27:47.0805 1560 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
13:27:47.0821 1560 MMCSS - ok
13:27:47.0836 1560 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
13:27:47.0836 1560 Modem - ok
13:27:47.0883 1560 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:27:47.0883 1560 monitor - ok
13:27:47.0915 1560 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:27:47.0915 1560 mouclass - ok
13:27:47.0946 1560 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:27:47.0946 1560 mouhid - ok
13:27:47.0977 1560 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
13:27:47.0977 1560 mountmgr - ok
13:27:48.0024 1560 [ 338037EFA0E8E8699B2667D57B751574 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
13:27:48.0040 1560 MozillaMaintenance - ok
13:27:48.0071 1560 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
13:27:48.0071 1560 mpio - ok
13:27:48.0102 1560 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:27:48.0102 1560 mpsdrv - ok
13:27:48.0165 1560 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
13:27:48.0196 1560 MpsSvc - ok
13:27:48.0243 1560 [ 21F4B24ACFC79A483515BD986DD9043F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:27:48.0243 1560 MRxDAV - ok
13:27:48.0274 1560 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:27:48.0274 1560 mrxsmb - ok
13:27:48.0321 1560 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:27:48.0321 1560 mrxsmb10 - ok
13:27:48.0368 1560 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:27:48.0368 1560 mrxsmb20 - ok
13:27:48.0415 1560 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
13:27:48.0415 1560 msahci - ok
13:27:48.0430 1560 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:27:48.0446 1560 msdsm - ok
13:27:48.0493 1560 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
13:27:48.0493 1560 MSDTC - ok
13:27:48.0540 1560 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:27:48.0540 1560 Msfs - ok
13:27:48.0571 1560 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
13:27:48.0571 1560 mshidkmdf - ok
13:27:48.0602 1560 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:27:48.0602 1560 msisadrv - ok
13:27:48.0665 1560 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:27:48.0665 1560 MSiSCSI - ok
13:27:48.0680 1560 msiserver - ok
13:27:48.0743 1560 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:27:48.0743 1560 MSKSSRV - ok
13:27:48.0774 1560 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:27:48.0774 1560 MSPCLOCK - ok
13:27:48.0790 1560 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:27:48.0805 1560 MSPQM - ok
13:27:48.0836 1560 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:27:48.0836 1560 MsRPC - ok
13:27:48.0868 1560 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
13:27:48.0868 1560 mssmbios - ok
13:27:48.0883 1560 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:27:48.0883 1560 MSTEE - ok
13:27:48.0930 1560 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
13:27:48.0930 1560 MTConfig - ok
13:27:48.0993 1560 [ 97AFFA9D95FFE20EEE6229BC6BE166CF ] MTsensor C:\Windows\system32\DRIVERS\ATKACPI.sys
13:27:48.0993 1560 MTsensor - ok
13:27:49.0008 1560 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
13:27:49.0008 1560 Mup - ok
13:27:49.0055 1560 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
13:27:49.0071 1560 napagent - ok
13:27:49.0118 1560 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:27:49.0118 1560 NativeWifiP - ok
13:27:49.0196 1560 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
13:27:49.0211 1560 NDIS - ok
13:27:49.0243 1560 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
13:27:49.0243 1560 NdisCap - ok
13:27:49.0274 1560 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:27:49.0274 1560 NdisTapi - ok
13:27:49.0305 1560 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:27:49.0305 1560 Ndisuio - ok
13:27:49.0321 1560 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:27:49.0321 1560 NdisWan - ok
13:27:49.0352 1560 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:27:49.0352 1560 NDProxy - ok