prosím o kontrolu

Příspěvekod **jaro3** » 26 bře 2014 18:20

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

MbAM---zkoušel si při ukládání jiný název?

Reklama

Lojza · Příspěvekod **Lojza** » 27 bře 2014 10:34

RogueKiller V8.8.14 [Mar 26 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Jana - Bryndová [Práva správce]
Mód : Odebrat -- Datum : 03/27/2014 10:28:11
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 4 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ SMENU][PUM] HKLM\[...]\Advanced : Start_ShowRecentDocs (0) -> NAHRAZENO (1)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HTS545016B9A300 +++++
--- User ---
[MBR] 1c20ee640785dc6dd111eb875892510e
[BSP] d52f6175396562ec6753d898950d9d6d : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 2048 | Size: 11264 MB
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 23070720 | Size: 141361 MB
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_03272014_102811.txt >>
RKreport[0]_S_03262014_125130.txt;RKreport[0]_S_03272014_102757.txt

Lojza · Příspěvekod **Lojza** » 27 bře 2014 10:35

MbAM jsem uložil pod winlogon.exe a pak spustil instalaci, ale při té nastaly stejné problémy.

Příspěvekod **jaro3** » 27 bře 2014 17:21

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Lojza · Příspěvekod **Lojza** » 28 bře 2014 10:10

10:01:59.0125 0x09ac TDSS rootkit removing tool 3.0.0.26 Mar 24 2014 07:28:43
10:02:03.0109 0x09ac ============================================================
10:02:03.0109 0x09ac Current date / time: 2014/03/28 10:02:03.0109
10:02:03.0109 0x09ac SystemInfo:
10:02:03.0109 0x09ac
10:02:03.0109 0x09ac OS Version: 5.1.2600 ServicePack: 3.0
10:02:03.0109 0x09ac Product type: Workstation
10:02:03.0109 0x09ac ComputerName: EMACHINE-CF7226
10:02:03.0109 0x09ac UserName: Jana - Bryndová
10:02:03.0109 0x09ac Windows directory: C:\WINDOWS
10:02:03.0109 0x09ac System windows directory: C:\WINDOWS
10:02:03.0109 0x09ac Processor architecture: Intel x86
10:02:03.0109 0x09ac Number of processors: 2
10:02:03.0109 0x09ac Page size: 0x1000
10:02:03.0109 0x09ac Boot type: Normal boot
10:02:03.0109 0x09ac ============================================================
10:02:04.0546 0x09ac KLMD registered as C:\WINDOWS\system32\drivers\46716583.sys
10:02:05.0156 0x09ac System UUID: {953ECBE8-3653-04DC-0A13-EC5C7D0BC7F1}
10:02:07.0953 0x09ac Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
10:02:07.0953 0x09ac ============================================================
10:02:07.0953 0x09ac \Device\Harddisk0\DR0:
10:02:07.0953 0x09ac MBR partitions:
10:02:07.0953 0x09ac \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1600800, BlocksNum 0x11418800
10:02:07.0953 0x09ac ============================================================
10:02:08.0000 0x09ac C: <-> \Device\Harddisk0\DR0\Partition1
10:02:08.0000 0x09ac ============================================================
10:02:08.0000 0x09ac Initialize success
10:02:08.0000 0x09ac ============================================================
10:02:15.0734 0x0c9c ============================================================
10:02:15.0734 0x0c9c Scan started
10:02:15.0734 0x0c9c Mode: Manual;
10:02:15.0734 0x0c9c ============================================================
10:02:15.0734 0x0c9c KSN ping started
10:02:18.0296 0x0c9c KSN ping finished: true
10:02:18.0515 0x0c9c ================ Scan system memory ========================
10:02:18.0515 0x0c9c System memory - ok
10:02:18.0515 0x0c9c ================ Scan services =============================
10:02:18.0718 0x0c9c Abiosdsk - ok
10:02:18.0781 0x0c9c [ 6ABB91494FE6C59089B9336452AB2EA3, FA28396820E44F991891042E051A4414485B54D456F252E03E3FFE1B4B4CF843 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
10:02:18.0781 0x0c9c abp480n5 - ok
10:02:19.0031 0x0c9c [ 4FE34F1F3126B61FCC6B2043AA8112C9, DE370865E47A5D2A4B227EEFFB42384F67F08D622BF936A9C9CEF70CC47F324B ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
10:02:19.0046 0x0c9c ACPI - ok
10:02:19.0062 0x0c9c [ AFDFF022A01F0B11C776F0860C3B282F, 135E5257B62D921B76271014301E9EA1E2383D5DBB04E475DC3A7EFFD2561F56 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
10:02:19.0062 0x0c9c ACPIEC - ok
10:02:19.0156 0x0c9c [ 9D96B0D5855FD1B98023B3EEC9F06786, E4C79233158BE8AA4E9C6DD71585E5D2703A5156531EB3D692D7D81BC443E844 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:02:19.0468 0x0c9c AdobeFlashPlayerUpdateSvc - ok
10:02:19.0531 0x0c9c [ 9A11864873DA202C996558B2106B0BBC, 4C68F1DBD1541291DD0FAB78DB42B25FA051CD9F55ED869173E3219CD31500C4 ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
10:02:19.0531 0x0c9c adpu160m - ok
10:02:19.0578 0x0c9c [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
10:02:19.0578 0x0c9c aec - ok
10:02:19.0625 0x0c9c [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
10:02:19.0640 0x0c9c AFD - ok
10:02:19.0671 0x0c9c [ 08FD04AA961BDC77FB983F328334E3D7, A784EC8A9EDB579262366B5A9AB177DB7BEC0A421BDE85431D0AD4959D5AF5E7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
10:02:19.0671 0x0c9c agp440 - ok
10:02:19.0718 0x0c9c [ 03A7E0922ACFE1B07D5DB2EEB0773063, 93EEA872A5642C95FF19C81F8EFFB9B52742A14DBF138784F0F713AD18C413ED ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
10:02:19.0718 0x0c9c agpCPQ - ok
10:02:19.0750 0x0c9c [ C23EA9B5F46C7F7910DB3EAB648FF013, 92C84E9AF278A3B55D56C4F8E6C10E3EF1F7B336A44A018AED6DC51A46671F0B ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
10:02:19.0750 0x0c9c Aha154x - ok
10:02:19.0796 0x0c9c [ 19DD0FB48B0C18892F70E2E7D61A1529, 95BA1568E8E08314508CA0E1F95555891E70399AEC312C793B46A841F56FFDCF ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
10:02:19.0796 0x0c9c aic78u2 - ok
10:02:19.0828 0x0c9c [ B7FE594A7468AA0132DEB03FB8E34326, BF0DC2B8C474DB151589BA9968264413521DDD9E7316B752B2FA40C24200FBE0 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
10:02:19.0828 0x0c9c aic78xx - ok
10:02:19.0859 0x0c9c [ E0A6FA244B8624D78FE5FF6F56A33BAE, 26B828FDB03AE4A4F1DC7A1792F9BAD69CF947897D47F5E567F24F4B6D5CB541 ] Alerter C:\WINDOWS\system32\alrsvc.dll
10:02:19.0875 0x0c9c Alerter - ok
10:02:19.0906 0x0c9c [ 88842DE939A827577BF24243699AC80A, A49C9A6A9941F3A2FBBCFE1F6DB48B632739D00670AC98ECCCBC7FD9E786B21A ] ALG C:\WINDOWS\System32\alg.exe
10:02:19.0906 0x0c9c ALG - ok
10:02:19.0937 0x0c9c [ 1140AB9938809700B46BB88E46D72A96, 369379ECC5941ACE984A7F31EAABB66A2E693EDBADA639B86D26FD681D45608E ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
10:02:19.0937 0x0c9c AliIde - ok
10:02:19.0953 0x0c9c [ CB08AED0DE2DD889A8A820CD8082D83C, B1A9D493390AEDF6EFF8BCAA3B33EC31758452AB497C34C0728CDDA1D8DCBF2A ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
10:02:19.0953 0x0c9c alim1541 - ok
10:02:20.0109 0x0c9c [ 267FC636801EDC5AB28E14036349E3BE, CFEF5DF5F9BE820283376BB86DB3CF6609C02D316A742E17459A2BFA42E724E0 ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys
10:02:20.0203 0x0c9c Ambfilt - ok
10:02:20.0250 0x0c9c [ 95B4FB835E28AA1336CEEB07FD5B9398, 36CD3B14EF78B01FB653B78187FAA63C4DD5F4137AC3B91D81256A350EEDCBC1 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
10:02:20.0250 0x0c9c amdagp - ok
10:02:20.0281 0x0c9c [ 79F5ADD8D24BD6893F2903A3E2F3FAD6, 9B179F0B6A559639D3AE3975CEBF2718294BE5743517BEE06586F0D258164C81 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
10:02:20.0296 0x0c9c amsint - ok
10:02:20.0296 0x0c9c AppMgmt - ok
10:02:20.0328 0x0c9c [ 62D318E9A0C8FC9B780008E724283707, 1A69806AB2BDECCEB5EB23A80700B3F98983D5D67F78839CBF269087FA460757 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
10:02:20.0328 0x0c9c asc - ok
10:02:20.0343 0x0c9c [ 69EB0CC7714B32896CCBFD5EDCBEA447, 1CB506B5F71F84EFD26961010681D0A79AA7B266573378E3D2755125DF5D6BB6 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
10:02:20.0343 0x0c9c asc3350p - ok
10:02:20.0375 0x0c9c [ 5D8DE112AA0254B907861E9E9C31D597, 557C93E82A71131D226267151C84B197503831A16263DDFE040E996B605CA9E8 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
10:02:20.0375 0x0c9c asc3550 - ok
10:02:20.0453 0x0c9c [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
10:02:20.0468 0x0c9c aspnet_state - ok
10:02:20.0500 0x0c9c [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
10:02:20.0515 0x0c9c AsyncMac - ok
10:02:20.0546 0x0c9c [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
10:02:20.0562 0x0c9c atapi - ok
10:02:20.0562 0x0c9c Atdisk - ok
10:02:20.0593 0x0c9c [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
10:02:20.0609 0x0c9c Atmarpc - ok
10:02:20.0656 0x0c9c [ DE31B88962A8645DBA5A37B993E7B0F1, CA93F25A3FD0CE68BB9B8E3AB6B813BF38DE3EDDFC990291B3957FAA59B2B274 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
10:02:20.0656 0x0c9c AudioSrv - ok
10:02:20.0703 0x0c9c [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
10:02:20.0703 0x0c9c audstub - ok
10:02:20.0937 0x0c9c [ C4DD93C82227D964897940C68391A577, 5E0B0B2926FC76CE2503F9EFAB9060C4176CA7594BC19407AEC1E0A32503B5DB ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
10:02:21.0078 0x0c9c BCM43XX - ok
10:02:21.0140 0x0c9c [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
10:02:21.0140 0x0c9c Beep - ok
10:02:21.0218 0x0c9c [ 19395D092FD85DDC2D9C7729CF5A2AC8, 7640F36BA19698EE8A6257BF78A8C57DD9D734BED9CA6BB9B68603BAEA092412 ] BITS C:\WINDOWS\system32\qmgr.dll
10:02:21.0265 0x0c9c BITS - ok
10:02:21.0312 0x0c9c [ 89E739BBA5F636297EA5B5F811189E06, 151B32B12F5DD0D388134DA2471FE9741CF22B9C408DA58FEF8019D3C4EC836B ] Browser C:\WINDOWS\System32\browser.dll
10:02:21.0328 0x0c9c Browser - ok
10:02:21.0375 0x0c9c [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
10:02:21.0375 0x0c9c cbidf - ok
10:02:21.0375 0x0c9c [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
10:02:21.0390 0x0c9c cbidf2k - ok
10:02:21.0421 0x0c9c [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
10:02:21.0421 0x0c9c CCDECODE - ok
10:02:21.0453 0x0c9c [ F3EC03299634490E97BBCE94CD2954C7, CDC85ADA27E0D501581CE6F28D7E1941E90411FA8E8F2C43A68BAA8CB78E85DD ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
10:02:21.0453 0x0c9c cd20xrnt - ok
10:02:21.0484 0x0c9c [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
10:02:21.0484 0x0c9c Cdaudio - ok
10:02:21.0515 0x0c9c [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
10:02:21.0531 0x0c9c Cdfs - ok
10:02:21.0562 0x0c9c [ 4B0A100EAF5C49EF3CCA8C641431EACC, 88D9C066FFB863910EE1863CE63D38846ACA2DF72D6B5FDFCE0F3379A6DA5EF9 ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
10:02:21.0562 0x0c9c Cdrom - ok
10:02:21.0578 0x0c9c Changer - ok
10:02:21.0593 0x0c9c [ E390DC1D7C461D7D56EC53402F329928, FB37F84E71353CD83FCDDD39C898C6D84C05130C5F1BEF022E3DFDE160398C0E ] CiSvc C:\WINDOWS\system32\cisvc.exe
10:02:21.0609 0x0c9c CiSvc - ok
10:02:21.0640 0x0c9c [ 064507A8DFA8C5C7E2FFDDD3E6F424FA, 1725067BC759484A7185A4F1A44ED3CBE481529D187FE98EF279425B79177EB1 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
10:02:21.0640 0x0c9c ClipSrv - ok
10:02:21.0687 0x0c9c [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:02:21.0718 0x0c9c clr_optimization_v2.0.50727_32 - ok
10:02:21.0750 0x0c9c [ 0F6C187D38D98F8DF904589A5F94D411, DB987093446216CEE913AC27503BF7E23E5A62DF169B355730285DAB64F6ED28 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
10:02:21.0750 0x0c9c CmBatt - ok
10:02:21.0796 0x0c9c [ 964D0F042ACA51D5644779EB9D9EE40F, C82294A8EE961231B7DAFB7E7998E53D1857B7E4B2F8B98EAE1FB496A73E181F ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
10:02:21.0796 0x0c9c CmdIde - ok
10:02:21.0828 0x0c9c [ 6E4C9F21F0FAE8940661144F41B13203, 731202A0DD021FCF9287FEA631212603AAAC23F9E7F76B2882F913B18A971F1C ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
10:02:21.0828 0x0c9c Compbatt - ok
10:02:21.0843 0x0c9c COMSysApp - ok
10:02:21.0906 0x0c9c [ 3EE529119EED34CD212A215E8C40D4B6, A6B71F3D4EE7358CA85F010E6271A6B72226D25DF30ED331DA830639ED3E9903 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
10:02:21.0906 0x0c9c Cpqarray - ok
10:02:21.0953 0x0c9c [ F3AB0933CBD166D271992F411C27CCAF, 50E01F3B058F814BE914FA5050B2D972E8584A467719A5ABCF9D9EBD596A54A7 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
10:02:21.0953 0x0c9c CryptSvc - ok
10:02:22.0000 0x0c9c [ E550E7418984B65A78299D248F0A7F36, 52F6BD1027E91F9A90AFAB82C7F2A0314B7E55262F5293D5F9F8F12135EDD88C ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
10:02:22.0015 0x0c9c dac2w2k - ok
10:02:22.0031 0x0c9c [ 683789CAA3864EB46125AE86FF677D34, B725D026E069AD253192E21245260CBA44EF3C72781616A2CAD0BF0E2D86D510 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
10:02:22.0031 0x0c9c dac960nt - ok
10:02:22.0093 0x0c9c [ BE27674D1CBC3214AEC84B4336A38BBF, 3DF5F9A9E97595A61314B2731DF4F3D3C19D1B9D2291624A63B8E1861FFC2D76 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
10:02:22.0125 0x0c9c DcomLaunch - ok
10:02:22.0156 0x0c9c [ 8C9A53E285AC5E6704844D0459EC85BE, 9E86AF4C06CEC007C9B1590B6E056319603E4D79BED0C2471C6F1BC251B380CF ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
10:02:22.0171 0x0c9c Dhcp - ok
10:02:22.0203 0x0c9c [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
10:02:22.0203 0x0c9c Disk - ok
10:02:22.0218 0x0c9c dmadmin - ok
10:02:22.0312 0x0c9c [ DB5FD2BF5B07DC54BFCB3664FF05BD7C, 46074FBBC5E4A40A7B3A45636089DEDD2A619778C7DCD797571C2BB64D775F7E ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
10:02:22.0359 0x0c9c dmboot - ok
10:02:22.0390 0x0c9c [ FFF1720AF51171F32F1EAD5CF71F2810, 2E40D63DC7670C1E88A532DB8923A98ABC8481C351C4D915C2753E10BA77F36D ] dmio C:\WINDOWS\system32\drivers\dmio.sys
10:02:22.0406 0x0c9c dmio - ok
10:02:22.0421 0x0c9c [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
10:02:22.0421 0x0c9c dmload - ok
10:02:22.0453 0x0c9c [ 2BFEFE9E865655A76982F050450B9591, 15C7D093D638770519AA43E7D8897310F32AB1F217027F5750D799494A985C35 ] dmserver C:\WINDOWS\System32\dmserver.dll
10:02:22.0453 0x0c9c dmserver - ok
10:02:22.0500 0x0c9c [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
10:02:22.0500 0x0c9c DMusic - ok
10:02:22.0531 0x0c9c [ DFAA406BF19F4EE806A6F8D4342137F7, EE2C11B3E37565FC009E323607B2F5F148F9219012EDF848CEFC1B273DAA98A9 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
10:02:22.0546 0x0c9c Dnscache - ok
10:02:22.0578 0x0c9c [ 4A3E2BD20157A0946751229E92EB8621, D8C00CC2C18C517F7262EBC3C511C062E5ABA797056AEB22AC5DEB306BA8C526 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
10:02:22.0578 0x0c9c Dot3svc - ok
10:02:22.0625 0x0c9c [ 40F3B93B4E5B0126F2F5C0A7A5E22660, 8AFFF28903037F5E36BB5352F2B236A217558FCC0146B23C787606C3F21243DB ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
10:02:22.0625 0x0c9c dpti2o - ok
10:02:22.0640 0x0c9c [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
10:02:22.0640 0x0c9c drmkaud - ok
10:02:22.0734 0x0c9c [ E2B2853A0210D6EDAB2261870BD80C1A, BAC20DFFCFD8C324BC5B9CDA7BAFD553BBA8E3ED9224FDCF471357A456AC0A61 ] DsiWMIService C:\Program Files\Launch Manager\dsiwmis.exe
10:02:22.0750 0x0c9c DsiWMIService - ok
10:02:22.0796 0x0c9c [ 0887D9C2BE8D940778CAD1E3B85F2A41, 2E30DC06D46A5E174B7CAA2D70BDB697015495942572E90425E2EE7AC541BCF4 ] EapHost C:\WINDOWS\System32\eapsvc.dll
10:02:22.0796 0x0c9c EapHost - ok
10:02:22.0812 0x0c9c [ A2A4912798F2BE706ABADD3D30800D16, CCCCA389D22525D984DE9B59E4CEBE0EEEF315F725176EB5C4DC1A5B6157234A ] ERSvc C:\WINDOWS\System32\ersvc.dll
10:02:22.0812 0x0c9c ERSvc - ok
10:02:22.0859 0x0c9c [ D13DF42A6E5ACF48960BD1F5E256C2F6, 1ADC0010A57515B27E94A134290B530C3763E933BFFDE1D9CADD1AB1694CB8E4 ] EUCR C:\WINDOWS\system32\DRIVERS\EUCR6SK.SYS
10:02:22.0859 0x0c9c EUCR - ok
10:02:22.0906 0x0c9c [ 9EF697AF07BB8DD82C3B02CA953A95B7, F26033E660B8FF1BDB9E88CDA205CE128C03138AF6BEC05DB3CF2D95C16D86C6 ] Eventlog C:\WINDOWS\system32\services.exe
10:02:22.0921 0x0c9c Eventlog - ok
10:02:22.0953 0x0c9c [ A371F11EF07653591C8DE26AFB13CE7F, 1192EDC8B146F1C27E8CD7E126DDC044F8B368C2E891A90CD81620D48C9550B6 ] EventSystem C:\WINDOWS\system32\es.dll
10:02:22.0968 0x0c9c EventSystem - ok
10:02:23.0031 0x0c9c [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
10:02:23.0031 0x0c9c Fastfat - ok
10:02:23.0078 0x0c9c [ EE9A2B9EA968A792A053C9D1A86BF870, 39798179F2EA42216CBE98F08ADA3675A87BD0C31A66534367B96CB129AF36BA ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
10:02:23.0078 0x0c9c FastUserSwitchingCompatibility - ok
10:02:23.0140 0x0c9c [ 2CD14C70D1D81AF054AA5ED8024DCAE6, 24371258846C461140DFDC905F0C0E21750AA9A3472E114C6A8D81E6E098AD17 ] Fax C:\WINDOWS\system32\fxssvc.exe
10:02:23.0156 0x0c9c Fax - ok
10:02:23.0203 0x0c9c [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
10:02:23.0203 0x0c9c Fdc - ok
10:02:23.0250 0x0c9c [ AC366695A0796560AA37215AD5762AAF, 6ADC7443EA42D77199D4879AF3C33A07914116C69A34B895D8CB8444EE50077F ] Fips C:\WINDOWS\system32\drivers\Fips.sys
10:02:23.0250 0x0c9c Fips - ok
10:02:23.0265 0x0c9c [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
10:02:23.0265 0x0c9c Flpydisk - ok
10:02:23.0281 0x0c9c [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
10:02:23.0296 0x0c9c FltMgr - ok
10:02:23.0343 0x0c9c [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
10:02:23.0359 0x0c9c FontCache3.0.0.0 - ok
10:02:23.0375 0x0c9c [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:02:23.0375 0x0c9c Fs_Rec - ok
10:02:23.0390 0x0c9c [ 4E664D8541DB4A66B73A24257E322E1F, 17A2140AFE2B41E579FCCAFB82532853AD90A6EDBCB13DE80741DAE0AD5B4CC9 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
10:02:23.0406 0x0c9c Ftdisk - ok
10:02:23.0484 0x0c9c [ 6858C318E8DAA40E747E6FB9B214E104, B9EAA473FE9FDB1E3BFE3A3A98B6E1999E315DBCB028BB0771F1AA1D6C72F75A ] GameConsoleService C:\Program Files\eMachines Games\eMachines Game Console\GameConsoleService.exe
10:02:23.0500 0x0c9c GameConsoleService - ok
10:02:23.0546 0x0c9c [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
10:02:23.0546 0x0c9c Gpc - ok
10:02:23.0609 0x0c9c [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
10:02:23.0609 0x0c9c HDAudBus - ok
10:02:23.0703 0x0c9c [ FCFE31FB75F8A6295B6B0AF87A626282, 6BA385797DBC73EB29EFE3293B80C21B1B8A1E9B87A462476E73C526C9565E5F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
10:02:23.0703 0x0c9c helpsvc - ok
10:02:23.0718 0x0c9c HidServ - ok
10:02:23.0781 0x0c9c [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
10:02:23.0781 0x0c9c HidUsb - ok
10:02:23.0828 0x0c9c [ 7A6B320928F86BC851530D63C82965D9, 1F628759D31098DFBC05244735B5A62ACD8E45DBC5C9D236260D68EB8F1E28F5 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
10:02:23.0828 0x0c9c hkmsvc - ok
10:02:23.0875 0x0c9c [ B028377DEA0546A5FCFBA928A8AEFAE0, FD7B34A6036AD443014B16394A5F051A298CEE4276D50525FB9F15A0D2684C8B ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
10:02:23.0875 0x0c9c hpn - ok
10:02:23.0937 0x0c9c [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
10:02:23.0953 0x0c9c HTTP - ok
10:02:24.0000 0x0c9c [ 58FE2F2DA3BC5573F4A35B3760D3125F, B241ACCE426402EC64DC34C49CECB8CDC0851986D54BFCCED7040D6C43F5787A ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
10:02:24.0015 0x0c9c HTTPFilter - ok
10:02:24.0062 0x0c9c [ 4183BE439981BBC77EF2C1D66629F124, 929C544A7A30ABBBFB35822E0F4AB7F68F9456C443634B8C39773C8430DDE42C ] Huawei C:\WINDOWS\system32\DRIVERS\ewdcsc.sys
10:02:24.0078 0x0c9c Huawei - ok
10:02:24.0109 0x0c9c [ 20330198554B7DDB44403AF21D6AE179, F6FEFD3B436DDFBA08FF7599A98AE4FE0857ADB8A9E43FFE7B648E8487CC44BD ] hwdatacard C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
10:02:24.0109 0x0c9c hwdatacard - ok
10:02:24.0140 0x0c9c [ 922065957563D851B5A68B95AADAC6AD, 8E3E962473A7C67CE050EF47078191FEB55511685FD764F7F652CD3260867ED3 ] hwusbdev C:\WINDOWS\system32\DRIVERS\ewusbdev.sys
10:02:24.0156 0x0c9c hwusbdev - ok
10:02:24.0187 0x0c9c [ 9368670BD426EBEA5E8B18A62416EC28, 0ED865F8FB79F0B6309521925280E8640DB5CA6F75377434830536899734B6EE ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
10:02:24.0187 0x0c9c i2omgmt - ok
10:02:24.0218 0x0c9c [ F10863BF1CCC290BABD1A09188AE49E0, BC038EAE6C8A76D56A5AD27035DC0369D6E766711E9FAA7467144370851F1615 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
10:02:24.0218 0x0c9c i2omp - ok
10:02:24.0265 0x0c9c [ C528E27945367191E7BAE364930B6932, 1B95C7B49B4CAE734DC6C9EC22555C5356EEC856B8491C761C777479264CF854 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
10:02:24.0265 0x0c9c i8042prt - ok
10:02:24.0343 0x0c9c [ 7548066DF68A8A1A56B043359F915F37, 6225DDE554E45858374CBD284A85A00F773089A667C08492187A637232B8BD9A ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
10:02:24.0375 0x0c9c IAANTMON - ok
10:02:24.0531 0x0c9c [ 0E501525F2B67AA17FE143D7C5E6A649, FAF020413A2A7406645A5D90C5826B6CA5F61FC9630D4A55B0A10F110C482E24 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
10:02:24.0640 0x0c9c ialm - ok
10:02:24.0703 0x0c9c [ D483687EACE0C065EE772481A96E05F5, A22200E90C78DFE73FE0FBEED5331AB43CD7133651FD125595C4DB604AD71B29 ] iaStor C:\WINDOWS\system32\drivers\iaStor.sys
10:02:24.0718 0x0c9c iaStor - ok
10:02:24.0828 0x0c9c [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:02:24.0890 0x0c9c idsvc - ok
10:02:24.0953 0x0c9c [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
10:02:24.0953 0x0c9c Imapi - ok
10:02:25.0000 0x0c9c [ F7B93AAFAD33B2320954C17E26C8D361, 8CFDB11A68B59E195F280BE08B25FA59F1F70833832919B8BECCE17616999934 ] ImapiService C:\WINDOWS\system32\imapi.exe
10:02:25.0015 0x0c9c ImapiService - ok
10:02:25.0062 0x0c9c [ 4A40E045FAEE58631FD8D91AFC620719, 7A2FD81BD483821B3DA01B1CD7215423EDD719CBE3862C0342FF7D21A17AF437 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
10:02:25.0062 0x0c9c ini910u - ok
10:02:25.0500 0x0c9c [ F574D00AB0319D8AB38FFF0739C8659B, AABCDC33CCCE699E38D7F191E69086BEF5EDB5BD226ECB1D111FCDA55ED05B4E ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
10:02:25.0796 0x0c9c IntcAzAudAddService - ok
10:02:25.0859 0x0c9c [ 57D928E548B38502ABBA7A77A6EB7312, AD26B8096D918269BD7D9D454BB93850BCE595CE9E2A396F45777E7312396B33 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
10:02:25.0859 0x0c9c IntelIde - ok
10:02:25.0890 0x0c9c [ 27B290D632AF2CF3CF40BFDDB7370985, 2C266777B4A96706658B8C9A7B30D15D6E495C815FAE23A0A1FC747E9B5AE363 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
10:02:25.0890 0x0c9c intelppm - ok
10:02:25.0937 0x0c9c [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
10:02:25.0937 0x0c9c Ip6Fw - ok
10:02:25.0968 0x0c9c [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:02:25.0968 0x0c9c IpFilterDriver - ok
10:02:26.0000 0x0c9c [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
10:02:26.0000 0x0c9c IpInIp - ok
10:02:26.0031 0x0c9c [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
10:02:26.0046 0x0c9c IpNat - ok
10:02:26.0078 0x0c9c [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
10:02:26.0093 0x0c9c IPSec - ok
10:02:26.0109 0x0c9c [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
10:02:26.0125 0x0c9c IRENUM - ok
10:02:26.0156 0x0c9c [ CC9F8A2D60AED1A51A3AC34C59B987AE, CBF69817BE3D9A4617390B1A3306074CB8581F21562CD1357D32BC3E542F3CEE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
10:02:26.0156 0x0c9c isapnp - ok
10:02:26.0203 0x0c9c [ 1B6162FE7F66B1A71A4B70F941C4AA9B, C2EA494BAB0513A6027414FB1E75834F980A77852D0DC8559E8942FC222A075A ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
10:02:26.0203 0x0c9c Kbdclass - ok
10:02:26.0265 0x0c9c [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
10:02:26.0281 0x0c9c kmixer - ok
10:02:26.0296 0x0c9c [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
10:02:26.0296 0x0c9c KSecDD - ok
10:02:26.0343 0x0c9c [ D99D73FB21394F2CBA4B6F34361F88FA, 1CDE91E971E2AC7ED558997E0302B35337FF1DB5B8A1B60913D140A3A1FF7F6F ] L1c C:\WINDOWS\system32\DRIVERS\l1c51x86.sys
10:02:26.0359 0x0c9c L1c - ok
10:02:26.0421 0x0c9c [ 3428E8F86F8ADD36B42FB23542C7B3E4, 9CF643D1A70AF08407ACD5FD6FE4B8777521DDF41B5E63C2E6E1E4CAAC69A403 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
10:02:26.0421 0x0c9c LanmanServer - ok
10:02:26.0484 0x0c9c [ 936C1D110232D23B621CB0196E4F80F0, 2DE3AF93E20F1DC7A6FF31B18054EA4D2350387E4DA91C4B16D451384F0C57E2 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
10:02:26.0500 0x0c9c lanmanworkstation - ok
10:02:26.0500 0x0c9c lbrtfdc - ok
10:02:26.0546 0x0c9c [ 0AB159F536E3E8F7F07113702A07CCA5, 3218C553183E6697C663B6D12790E09756B50505590858DD5AC62411D37CDD7C ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
10:02:26.0546 0x0c9c LmHosts - ok
10:02:26.0593 0x0c9c [ 221CD1C815B8A6B79389C3F5D1018DE8, 6D0D25D6669C4F9452F74EC72C6138A41D9408E01AF5FD01C08F27BE7BC9C905 ] Messenger C:\WINDOWS\System32\msgsvc.dll
10:02:26.0593 0x0c9c Messenger - ok
10:02:26.0640 0x0c9c [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
10:02:26.0640 0x0c9c mnmdd - ok
10:02:26.0687 0x0c9c [ 9A57D046F88F4B69751B11FD40088A61, 62F65433024CE411F111A88723747B8A83B31076FBAF4CFF40FD02A53D7FF7DF ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
10:02:26.0687 0x0c9c mnmsrvc - ok
10:02:26.0718 0x0c9c [ 44032B0C6D9954D3FD26438330B99EE7, A49749A4C00D50F57170AA5DA9E2DEECC8C524A48B144C8B784894F2C202FBEE ] Modem C:\WINDOWS\system32\drivers\Modem.sys
10:02:26.0718 0x0c9c Modem - ok
10:02:26.0859 0x0c9c [ C7D9F9717916B34C1B00DD4834AF485C, A9512A03E8142C83534189963F90ADA6FA425BD606928C40C3D724177105A658 ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys
10:02:26.0937 0x0c9c Monfilt - ok
10:02:26.0968 0x0c9c [ 4CB582831DBDE63CE43B45D771218374, 6D470B26197C5B388983D9213D48D2CDE934C9591572876DC7790FE4B59E0845 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
10:02:26.0968 0x0c9c Mouclass - ok
10:02:27.0015 0x0c9c [ BB269EBA740737AB749B214D568B6812, ABF41D9B521EBBE674E76981CAD31F8FD05976DE7070266C3956FDB67C83C4C2 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
10:02:27.0015 0x0c9c mouhid - ok
10:02:27.0062 0x0c9c [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
10:02:27.0062 0x0c9c MountMgr - ok
10:02:27.0093 0x0c9c [ E77DC03DD3C8E5A388BF9EED2A28F3D1, ED0DAA975D1EC35CE036F02596218E15CC6A054167628D12A0A5AD91B841F422 ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys
10:02:27.0109 0x0c9c MpFilter - ok
10:02:27.0203 0x0c9c [ 65C34426C83EFA32D48380A97717997B, CD7EB6BFBB0BE382BA21055460D9A72323F09AF3194A22D8EDB28D5DB3BAE8E7 ] MpKsl266fb0ed c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{F1CCC3B8-86FC-4E03-ADCC-841AEA773ADB}\MpKsl266fb0ed.sys
10:02:27.0203 0x0c9c MpKsl266fb0ed - ok
10:02:27.0250 0x0c9c [ 3F4BB95E5A44F3BE34824E8E7CAF0737, 9A4F9E63AA55B779AF3563C66C8E40D9C42FF3BB5F533F70905ADC7A44EA7DAD ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
10:02:27.0250 0x0c9c mraid35x - ok
10:02:27.0312 0x0c9c [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
10:02:27.0312 0x0c9c MRxDAV - ok
10:02:27.0390 0x0c9c [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
10:02:27.0406 0x0c9c MRxSmb - ok
10:02:27.0453 0x0c9c [ 6DB4D1521CABA9A5FFAB54ADE0AE867D, 78D63EE2C0B0852F0771071C099643242EBC9F4DA28847B93BCE9C3CC1091938 ] MSDTC C:\WINDOWS\system32\msdtc.exe
10:02:27.0453 0x0c9c MSDTC - ok
10:02:27.0468 0x0c9c [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
10:02:27.0468 0x0c9c Msfs - ok
10:02:27.0484 0x0c9c MSIServer - ok
10:02:27.0500 0x0c9c [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
10:02:27.0500 0x0c9c MSKSSRV - ok
10:02:27.0562 0x0c9c [ B0F49DA36F30922F5DDC3B623B778FCE, EE025AEFA4A2095AFEABFB3A49639DA77D78068A3F5EEDA6C15D34853AFD5609 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
10:02:27.0562 0x0c9c MsMpSvc - ok
10:02:27.0593 0x0c9c [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
10:02:27.0593 0x0c9c MSPCLOCK - ok
10:02:27.0625 0x0c9c [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
10:02:27.0625 0x0c9c MSPQM - ok
10:02:27.0656 0x0c9c [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
10:02:27.0656 0x0c9c mssmbios - ok
10:02:27.0687 0x0c9c [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
10:02:27.0687 0x0c9c MSTEE - ok
10:02:27.0734 0x0c9c [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
10:02:27.0734 0x0c9c Mup - ok
10:02:27.0765 0x0c9c [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
10:02:27.0781 0x0c9c NABTSFEC - ok
10:02:27.0843 0x0c9c [ 6EA362E9DB03D44F6B996F4D8BE237E9, FE6B4C546D26C4A2832CF4CB280B86B1723E10E46A3C24AF6C9856FCCAE9D1FC ] napagent C:\WINDOWS\System32\qagentrt.dll
10:02:27.0859 0x0c9c napagent - ok
10:02:27.0906 0x0c9c [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
10:02:27.0906 0x0c9c NDIS - ok
10:02:27.0937 0x0c9c [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
10:02:27.0937 0x0c9c NdisIP - ok
10:02:27.0968 0x0c9c [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:02:27.0968 0x0c9c NdisTapi - ok
10:02:28.0015 0x0c9c [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
10:02:28.0031 0x0c9c Ndisuio - ok
10:02:28.0046 0x0c9c [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:02:28.0062 0x0c9c NdisWan - ok
10:02:28.0093 0x0c9c [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
10:02:28.0093 0x0c9c NDProxy - ok
10:02:28.0125 0x0c9c [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
10:02:28.0125 0x0c9c NetBIOS - ok
10:02:28.0156 0x0c9c [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
10:02:28.0156 0x0c9c NetBT - ok
10:02:28.0203 0x0c9c [ 933DE774986EC85E48210C44AB431DE6, B8C85085003792B8744D96585CE6F2BC474EEEEC364A100CCBCE08176D91E75C ] NetDDE C:\WINDOWS\system32\netdde.exe
10:02:28.0218 0x0c9c NetDDE - ok
10:02:28.0234 0x0c9c [ 933DE774986EC85E48210C44AB431DE6, B8C85085003792B8744D96585CE6F2BC474EEEEC364A100CCBCE08176D91E75C ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
10:02:28.0234 0x0c9c NetDDEdsdm - ok
10:02:28.0281 0x0c9c [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] Netlogon C:\WINDOWS\system32\lsass.exe
10:02:28.0281 0x0c9c Netlogon - ok
10:02:28.0312 0x0c9c [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40, 588C8BA14A7255FD36A88960CBE34341301773765ECF2A9A0F1760A509A08A5B ] Netman C:\WINDOWS\System32\netman.dll
10:02:28.0328 0x0c9c Netman - ok
10:02:28.0375 0x0c9c [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:02:28.0375 0x0c9c NetTcpPortSharing - ok
10:02:28.0437 0x0c9c [ 39EE7C3BFBC64BA87CC8CF67386E814C, B93CCB625CE370D9A49C9374D24C939D7C9FEF81401F4F822C51E12677D77E01 ] Nla C:\WINDOWS\System32\mswsock.dll
10:02:28.0453 0x0c9c Nla - ok
10:02:28.0500 0x0c9c [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
10:02:28.0500 0x0c9c Npfs - ok
10:02:28.0578 0x0c9c [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
10:02:28.0609 0x0c9c Ntfs - ok
10:02:28.0625 0x0c9c [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
10:02:28.0625 0x0c9c NtLmSsp - ok
10:02:28.0687 0x0c9c [ 023DD70573D644F3D9C8B1258A7BFD08, 9A1D3210ED5FD8BEDF92ED577A9B30E37035408A73EB66A8C950B75AB7539B83 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
10:02:28.0718 0x0c9c NtmsSvc - ok
10:02:28.0765 0x0c9c [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
10:02:28.0765 0x0c9c Null - ok
10:02:28.0796 0x0c9c [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
10:02:28.0796 0x0c9c NwlnkFlt - ok
10:02:28.0812 0x0c9c [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
10:02:28.0812 0x0c9c NwlnkFwd - ok
10:02:28.0937 0x0c9c [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:02:28.0968 0x0c9c odserv - ok
10:02:29.0015 0x0c9c [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:02:29.0015 0x0c9c ose - ok
10:02:29.0062 0x0c9c [ 46F8DB73B4A53E543F8E371DC7C75BAE, F6C5E7DE4B4AE0ED785DB075BE14EA6A0FC9050C95669B26DEF2B82D7B7D3B2C ] Parport C:\WINDOWS\system32\drivers\Parport.sys
10:02:29.0062 0x0c9c Parport - ok
10:02:29.0109 0x0c9c [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
10:02:29.0109 0x0c9c PartMgr - ok
10:02:29.0140 0x0c9c [ 1FAE19D0457176318BBA4A8795656EBC, 5F3D6CABA203A0485D67F63A6A81151724EE200BE49ED095CFCB1EF29C19D19F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
10:02:29.0140 0x0c9c ParVdm - ok
10:02:29.0171 0x0c9c [ 6CE351D149CB4BEFC702951E471E1730, 758327683BB45F01D5AE550AF21856822B4CF55E17F2A4F452F559088D242B37 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
10:02:29.0187 0x0c9c PCI - ok
10:02:29.0187 0x0c9c PCIDump - ok
10:02:29.0218 0x0c9c [ 2DA4EC85E0EA7A45C6B2A05820492D5A, A8C6BD93D3BC33A5B36EB523997EF9E0783B6E6EAFB6E7F58BCC2629009BDCF9 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
10:02:29.0218 0x0c9c PCIIde - ok
10:02:29.0265 0x0c9c [ 4FC31E6C19A5CE5198B1ABFF94CAE758, A031E21EC1F15DA5E8429269F435337FA961C3C06D535DAFD448C7355F33FD0C ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
10:02:29.0265 0x0c9c Pcmcia - ok
10:02:29.0281 0x0c9c PDCOMP - ok
10:02:29.0296 0x0c9c PDFRAME - ok
10:02:29.0312 0x0c9c PDRELI - ok
10:02:29.0328 0x0c9c PDRFRAME - ok

Lojza · Příspěvekod **Lojza** » 28 bře 2014 10:11

10:02:29.0343 0x0c9c [ 6C14B9C19BA84F73D3A86DBA11133101, 2CFB7E027E43C1B3890985DFD7987B23E4E3CC003E3FD2583E4A8AC1F8A13B26 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
10:02:29.0359 0x0c9c perc2 - ok
10:02:29.0375 0x0c9c [ F50F7C27F131AFE7BEBA13E14A3B9416, C0498EA65B908C07A734324ED70DB27F434FAAA815DD02F1BC429A3AB6C663D5 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
10:02:29.0375 0x0c9c perc2hib - ok
10:02:29.0437 0x0c9c [ 9EF697AF07BB8DD82C3B02CA953A95B7, F26033E660B8FF1BDB9E88CDA205CE128C03138AF6BEC05DB3CF2D95C16D86C6 ] PlugPlay C:\WINDOWS\system32\services.exe
10:02:29.0437 0x0c9c PlugPlay - ok
10:02:29.0453 0x0c9c [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
10:02:29.0453 0x0c9c PolicyAgent - ok
10:02:29.0500 0x0c9c [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
10:02:29.0500 0x0c9c PptpMiniport - ok
10:02:29.0515 0x0c9c [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
10:02:29.0515 0x0c9c ProtectedStorage - ok
10:02:29.0531 0x0c9c [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
10:02:29.0546 0x0c9c PSched - ok
10:02:29.0546 0x0c9c [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
10:02:29.0562 0x0c9c Ptilink - ok
10:02:29.0593 0x0c9c [ 0A63FB54039EB5662433CABA3B26DBA7, A1FB923EB2D08D89D24E8AD7042BBED7CB1DBDA9A5B77BDD188E9913BADAB0EF ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
10:02:29.0593 0x0c9c ql1080 - ok
10:02:29.0609 0x0c9c [ 6503449E1D43A0FF0201AD5CB1B8C706, F1EFC2DE5998615CB182D7984366631FE956AE1ECA9AC777F26FCA2E6F2E05A6 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
10:02:29.0625 0x0c9c Ql10wnt - ok
10:02:29.0640 0x0c9c [ 156ED0EF20C15114CA097A34A30D8A01, 7490B90D4C88B7A9BADB9473D4033535F054C797ABF6D542CB859DA5C9B2586A ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
10:02:29.0640 0x0c9c ql12160 - ok
10:02:29.0656 0x0c9c [ 70F016BEBDE6D29E864C1230A07CC5E6, 895BC2C888F6566086FC1399F499A401D447E57333BC9F9C6DBAFE0F117603D6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
10:02:29.0671 0x0c9c ql1240 - ok
10:02:29.0687 0x0c9c [ 907F0AEEA6BC451011611E732BD31FCF, F9E7023BD1042963110D0A613054D094437868B20779F23C316A38E4781A6152 ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
10:02:29.0687 0x0c9c ql1280 - ok
10:02:29.0718 0x0c9c [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:02:29.0718 0x0c9c RasAcd - ok
10:02:29.0750 0x0c9c [ 2B5E44EA009F2F374B980E1E9A70635D, 62D8FDB80C8ACBA2C42C12760B785587C43BEDFE015EC5C41B25F2BB735EFEB0 ] RasAuto C:\WINDOWS\System32\rasauto.dll
10:02:29.0765 0x0c9c RasAuto - ok
10:02:29.0781 0x0c9c [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
10:02:29.0796 0x0c9c Rasl2tp - ok
10:02:29.0828 0x0c9c [ D57554C664B64604BD1EE13EA2C07E77, B090C05B91EA602BFF9A5E89AB1A0FFDE869611961FF749DA8B3F4D00F04E756 ] RasMan C:\WINDOWS\System32\rasmans.dll
10:02:29.0843 0x0c9c RasMan - ok
10:02:29.0859 0x0c9c [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:02:29.0859 0x0c9c RasPppoe - ok
10:02:29.0890 0x0c9c [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
10:02:29.0890 0x0c9c Raspti - ok
10:02:29.0921 0x0c9c [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:02:29.0937 0x0c9c Rdbss - ok
10:02:29.0937 0x0c9c [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
10:02:29.0953 0x0c9c RDPCDD - ok
10:02:30.0000 0x0c9c [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
10:02:30.0015 0x0c9c rdpdr - ok
10:02:30.0062 0x0c9c [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
10:02:30.0078 0x0c9c RDPWD - ok
10:02:30.0109 0x0c9c [ C0D9D9711CB74EE9BC66353D8CBDAB0E, F1AF9A26910707E76BF213D8DE5C902B0088D8A29EBDFF72DE6A4D867E298CC8 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
10:02:30.0125 0x0c9c RDSessMgr - ok
10:02:30.0171 0x0c9c [ 611BFD220305BE3A85AE876EA47D4AA5, FDF87878EB3886649025E5A12F1C3FC9072D66CCD3217944710085C1F8A4512E ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
10:02:30.0171 0x0c9c redbook - ok
10:02:30.0218 0x0c9c [ 127C26B5371651043450E52542099ABA, 98AADAD8D5211CB894AA7C59B6299861B1F44B6D8F46AB5837E7D2F5B615B14A ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
10:02:30.0234 0x0c9c RemoteAccess - ok
10:02:30.0265 0x0c9c [ 718B3BDC0BC3C2F7D065A53D26202AF9, 9E58243628F1E1396AB82A80D046FF50803A230EE07B007E0CA5D744C77B091A ] RpcLocator C:\WINDOWS\system32\locator.exe
10:02:30.0281 0x0c9c RpcLocator - ok
10:02:30.0328 0x0c9c [ BE27674D1CBC3214AEC84B4336A38BBF, 3DF5F9A9E97595A61314B2731DF4F3D3C19D1B9D2291624A63B8E1861FFC2D76 ] RpcSs C:\WINDOWS\system32\rpcss.dll
10:02:30.0343 0x0c9c RpcSs - ok
10:02:30.0390 0x0c9c [ 09AB2E71E58B078038E3BFDBA7FFC984, 8CA277DEEF6376B0F48C6BA5DBBC3E8AF2245983BA9AF6AB83D1A920D35FAF93 ] RSVP C:\WINDOWS\system32\rsvp.exe
10:02:30.0406 0x0c9c RSVP - ok
10:02:30.0640 0x0c9c [ EFA699F02DF6C4C58EA0BD81BA1A23BD, 9126B2AF94C232D9B52226D334F79B7512C96C4896BB5DF7874593D8D938E7F7 ] S6000KNT C:\WINDOWS\system32\Drivers\S6000KNT.sys
10:02:30.0812 0x0c9c S6000KNT - ok
10:02:30.0859 0x0c9c [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] SamSs C:\WINDOWS\system32\lsass.exe
10:02:30.0859 0x0c9c SamSs - ok
10:02:30.0921 0x0c9c [ 410046E401EB11E1E6749E9DEEA41D4A, 9507268ACD24EF51E994DC418E8EB3E10DEDE61EE892226A22A5DA7662397E25 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
10:02:30.0921 0x0c9c SCardSvr - ok
10:02:30.0968 0x0c9c [ 3FF232A7731621B8902D81D42418C93C, 2030C9A843D9555170179883BD4CC1E978D5FC5EC0D7FCA56518224E428BE421 ] Schedule C:\WINDOWS\system32\schedsvc.dll
10:02:30.0968 0x0c9c Schedule - ok
10:02:31.0015 0x0c9c [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
10:02:31.0015 0x0c9c Secdrv - ok
10:02:31.0046 0x0c9c [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6, 82EEB2345AC19050FAB202DE76C2CDD93E753F5AB67789A86A1726D3040C02E5 ] seclogon C:\WINDOWS\System32\seclogon.dll
10:02:31.0062 0x0c9c seclogon - ok
10:02:31.0078 0x0c9c [ A530B75C10C23C9AB28FDB6CE719E21F, 14568DF6457758E2F534A46A8E6245C364895C3993BEF2B5A889B98DBB201A27 ] SENS C:\WINDOWS\system32\sens.dll
10:02:31.0078 0x0c9c SENS - ok
10:02:31.0109 0x0c9c [ B842729337C9B921615C40D3C1A1AF96, 503670A56423B996C6ED6AE95F07FB88910767C4A2041A4BE9070C57A016E7FA ] Serial C:\WINDOWS\system32\drivers\Serial.sys
10:02:31.0109 0x0c9c Serial - ok
10:02:31.0156 0x0c9c [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
10:02:31.0156 0x0c9c Sfloppy - ok
10:02:31.0218 0x0c9c [ F58FACA9621D2DB01BD0927D9A0A208E, 239C87E09261BC9D1DBE99DABCFC4787D42289E8769563A5EFB323BE6F177C9A ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
10:02:31.0250 0x0c9c SharedAccess - ok
10:02:31.0281 0x0c9c [ EE9A2B9EA968A792A053C9D1A86BF870, 39798179F2EA42216CBE98F08ADA3675A87BD0C31A66534367B96CB129AF36BA ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
10:02:31.0281 0x0c9c ShellHWDetection - ok
10:02:31.0296 0x0c9c Simbad - ok
10:02:31.0343 0x0c9c [ 6B33D0EBD30DB32E27D1D78FE946A754, CDA3D082D370B079C06D943DA124D76BAF0C5DB264FB0C893148EF6322D2FABE ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
10:02:31.0343 0x0c9c sisagp - ok
10:02:31.0359 0x0c9c [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
10:02:31.0359 0x0c9c SLIP - ok
10:02:31.0390 0x0c9c [ 83C0F71F86D3BDAF915685F3D568B20E, 10B24723914A5A9E27A592FD58DAE2207B6E49F13A17CD2B1477C51D2D609D2E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
10:02:31.0390 0x0c9c Sparrow - ok
10:02:31.0421 0x0c9c [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
10:02:31.0421 0x0c9c splitter - ok
10:02:31.0468 0x0c9c [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
10:02:31.0484 0x0c9c Spooler - ok
10:02:31.0515 0x0c9c [ 94610C8653635E4459316A0050D55CE7, D148D33B3D2B0757060531C526F2161504A8D7C4E5957D092C7EBDB007271339 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
10:02:31.0515 0x0c9c sr - ok
10:02:31.0578 0x0c9c [ 35B91147124F64AC8081A2EDB9EA4DEE, 1609D19156DAC6EE3C2D2350B062966B64D9CDC289E9B8FEB6D244AAEBE90BBF ] srservice C:\WINDOWS\system32\srsvc.dll
10:02:31.0593 0x0c9c srservice - ok
10:02:31.0640 0x0c9c [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
10:02:31.0656 0x0c9c Srv - ok
10:02:31.0687 0x0c9c [ BECD5271DC4E3B7C3D035F790FCBC1E5, D63B9DB81332553C963EC5057D241CE2287AF652387333C1FD79AF8C9B5F2BA7 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
10:02:31.0703 0x0c9c SSDPSRV - ok
10:02:31.0750 0x0c9c [ C1CDD9275F6A115BB0AE1D55D8D27BA6, CD0511FD7F6AD832CBEB931C605AB3AD217631C57399CB8033248D27619541E4 ] stisvc C:\WINDOWS\system32\wiaservc.dll
10:02:31.0765 0x0c9c stisvc - ok
10:02:31.0812 0x0c9c [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
10:02:31.0812 0x0c9c streamip - ok
10:02:31.0843 0x0c9c [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
10:02:31.0843 0x0c9c swenum - ok
10:02:31.0890 0x0c9c [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
10:02:31.0890 0x0c9c swmidi - ok
10:02:31.0906 0x0c9c SwPrv - ok
10:02:31.0953 0x0c9c [ 1FF3217614018630D0A6758630FC698C, 78A3075BBFF5D7ADEAC1527E65ACA8527BFC509DF124D44410BB46C4D96C96BB ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
10:02:31.0953 0x0c9c symc810 - ok
10:02:32.0000 0x0c9c [ 070E001D95CF725186EF8B20335F933C, B98B29FB01741AF3B4BB02C76A4D117EA04FE4CC4F8CDB491F9216931704A6D8 ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
10:02:32.0000 0x0c9c symc8xx - ok
10:02:32.0015 0x0c9c [ 80AC1C4ABBE2DF3B738BF15517A51F2C, CCF82D09C63F4FA98BCBEF3A1DC8C02D4269B78256D0B6213E815D9BBE174432 ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
10:02:32.0015 0x0c9c sym_hi - ok
10:02:32.0046 0x0c9c [ BF4FAB949A382A8E105F46EBB4937058, FE7C114A19D50E37463CDD3605C26105A779EEA79CB92BF98267C7BE809D853B ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
10:02:32.0046 0x0c9c sym_u3 - ok
10:02:32.0093 0x0c9c [ 5CDD124913E91C7F79B4D5CAE1C7C4DE, CA4A3DD211CA1227921FBB190AA86291203AA84651B4AF769F9031D698E22FDF ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
10:02:32.0093 0x0c9c SynTP - ok
10:02:32.0125 0x0c9c [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
10:02:32.0125 0x0c9c sysaudio - ok
10:02:32.0171 0x0c9c [ CE06F01B88ACE199A1BF460CAC29C110, 3CD89E5B8E53203287D889C107E4795225742DB6C6ACA2DC0611BD9728382A27 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
10:02:32.0171 0x0c9c SysmonLog - ok
10:02:32.0218 0x0c9c [ C2546CD7A398476F9DF5614B2AE160E8, 11C8435BA983553E9C0806494E9B3C7080515C0375B0604F029D89B50726161A ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
10:02:32.0234 0x0c9c TapiSrv - ok
10:02:32.0296 0x0c9c [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
10:02:32.0312 0x0c9c Tcpip - ok
10:02:32.0359 0x0c9c [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
10:02:32.0359 0x0c9c TDPIPE - ok
10:02:32.0375 0x0c9c [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
10:02:32.0375 0x0c9c TDTCP - ok
10:02:32.0406 0x0c9c [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
10:02:32.0406 0x0c9c TermDD - ok
10:02:32.0468 0x0c9c [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E, 3D2B1D899061448EAD993CDE97D1EF50DD64728E9F44D80FEAE591198A937653 ] TermService C:\WINDOWS\System32\termsrv.dll
10:02:32.0484 0x0c9c TermService - ok
10:02:32.0515 0x0c9c [ EE9A2B9EA968A792A053C9D1A86BF870, 39798179F2EA42216CBE98F08ADA3675A87BD0C31A66534367B96CB129AF36BA ] Themes C:\WINDOWS\System32\shsvcs.dll
10:02:32.0531 0x0c9c Themes - ok
10:02:32.0578 0x0c9c [ 8044C4E4448D115F67A9FC1B67CE677F, B4397BD900A3CC0F232D66D85635D12FB8302C98BCD060B3F2A4D1DA27979501 ] tidnet C:\WINDOWS\system32\DRIVERS\tidnet.sys
10:02:32.0640 0x0c9c tidnet - ok
10:02:32.0671 0x0c9c [ FD4FD7D6FDA5C019ED86025D7BE1510F, A2C3B5D452AE48B1D9C48B74CE4A44A9F058737C0A55327FA44BEC9DE2F7D28D ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
10:02:32.0671 0x0c9c TosIde - ok
10:02:32.0718 0x0c9c [ 38853304CCB938D30E0C4CDE8D2C2A8A, 966E7BCC9F63A1A7777F8A12E51C2A91EC688CE96109943ADC4CB4EB58DC34A6 ] TrkWks C:\WINDOWS\system32\trkwks.dll
10:02:32.0718 0x0c9c TrkWks - ok
10:02:32.0765 0x0c9c [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
10:02:32.0765 0x0c9c Udfs - ok
10:02:32.0796 0x0c9c [ 1B698A51CD528D8DA4FFAED66DFC51B9, FC3F12D25EE0E99AFE056502FCCFC052854699C21B99D559FAF1244F206DFB4F ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
10:02:32.0796 0x0c9c ultra - ok
10:02:32.0843 0x0c9c [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
10:02:32.0875 0x0c9c Update - ok
10:02:32.0968 0x0c9c [ F9EC9ACD504D823D9B9CA98A4F8D3CA2, 58DAD5111C598F14CB199FE6A61FA5918F29513B778A8664FD05EFAB3C665D4F ] Updater Service C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
10:02:32.0984 0x0c9c Updater Service - ok
10:02:33.0046 0x0c9c [ 651BD90DCEE5B7BDC74A2EB7C9266F9E, AF7662BCA0819F82CE5EE0863E47149CC127DE664CB3DC6359B63FBD71DB54F8 ] upnphost C:\WINDOWS\System32\upnphost.dll
10:02:33.0062 0x0c9c upnphost - ok
10:02:33.0078 0x0c9c [ 20A0F6A11959E92908717D09E87D670D, 3DD6C99AB0F70FAA43DF470B30078B8A51B8AF735CD5C50DBB195FEA70F4C36E ] UPS C:\WINDOWS\System32\ups.exe
10:02:33.0093 0x0c9c UPS - ok
10:02:33.0125 0x0c9c [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
10:02:33.0125 0x0c9c usbccgp - ok
10:02:33.0156 0x0c9c [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
10:02:33.0156 0x0c9c usbehci - ok
10:02:33.0218 0x0c9c [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
10:02:33.0218 0x0c9c usbhub - ok
10:02:33.0250 0x0c9c [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
10:02:33.0265 0x0c9c USBSTOR - ok
10:02:33.0296 0x0c9c [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
10:02:33.0296 0x0c9c usbuhci - ok
10:02:33.0343 0x0c9c [ 813236B1183CFCF289E367BD5DE6E29E, 167FE18A96F330AEEC1A4C419770C15EFEB536D43838285E51E7A62E95DF4674 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
10:02:33.0343 0x0c9c usbvideo - ok
10:02:33.0375 0x0c9c [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
10:02:33.0375 0x0c9c VgaSave - ok
10:02:33.0421 0x0c9c [ 754292CE5848B3738281B4F3607EAEF4, B0DCC9E9F8F78671FF878B493264C3B1DD2ED4A7167E3F5495F66ABF5FACB86C ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
10:02:33.0421 0x0c9c viaagp - ok
10:02:33.0437 0x0c9c [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E, FC7FFD53FCC0F81587EFF26A43C141D25C43DBC68311520CE2BCDD739CA58CA9 ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
10:02:33.0437 0x0c9c ViaIde - ok
10:02:33.0468 0x0c9c [ 28A4B296B47782173C346E376CB374D1, FE799FE4A41752A2B47027EA88214BF3E39B317302939F4A2D0F2A4EFAAC2F13 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
10:02:33.0484 0x0c9c VolSnap - ok
10:02:33.0546 0x0c9c [ D6BA1A63D9E00933F1CD2A885573AFB2, 36311A060635CEC1DBB6D8A746B8A4D007706EAE97D51A5E12F9958AB16BE486 ] VSS C:\WINDOWS\System32\vssvc.exe
10:02:33.0562 0x0c9c VSS - ok
10:02:33.0609 0x0c9c [ FA4E1CDBA256787F2149F4AAD07BC91F, 1B5FC5248335D70094D04501AA2C30F54782B58FF8D573BE8E784A21529C7CAF ] W32Time C:\WINDOWS\system32\w32time.dll
10:02:33.0609 0x0c9c W32Time - ok
10:02:33.0640 0x0c9c [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:02:33.0656 0x0c9c Wanarp - ok
10:02:33.0718 0x0c9c [ D918617B46457B9AC28027722E30F647, 407284D3055DC11944D4EE7E4357E7CF9CAF8CA40CA50633AB6FD4A82CB7EEA6 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
10:02:33.0750 0x0c9c Wdf01000 - ok
10:02:33.0765 0x0c9c WDICA - ok
10:02:33.0812 0x0c9c [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
10:02:33.0812 0x0c9c wdmaud - ok
10:02:33.0875 0x0c9c [ 47AE51048A82DFA1CD6B51D369F7E169, 742F2162B8BDE00D83715093EA9743338964597ED22648B9F4F139D7278235A4 ] WebClient C:\WINDOWS\System32\webclnt.dll
10:02:33.0875 0x0c9c WebClient - ok
10:02:33.0968 0x0c9c [ E488332126E3B1182D2B8A0C35408EC6, F9F60911DF0A539753B2BEF6FAD2D0AED1BC1C3F43509F79D9AF2F810CDE5D9B ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
10:02:33.0968 0x0c9c winmgmt - ok
10:02:34.0031 0x0c9c [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
10:02:34.0046 0x0c9c WmdmPmSN - ok
10:02:34.0078 0x0c9c [ C42584FD66CE9E17403AEBCA199F7BDB, E3F2E1066F36AE5D33D4482239B2E556BE0C137923C9A120DFB36EC82F2E77B0 ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
10:02:34.0078 0x0c9c WmiAcpi - ok
10:02:34.0125 0x0c9c [ 23F6F03272F7E5679F1F050AED5ACEE6, 87EBE773F3E8FFE2F1E1DB435BB0E8852031AA88112EB791085AD3DA918B49CC ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
10:02:34.0125 0x0c9c WmiApSrv - ok
10:02:34.0265 0x0c9c [ 3739866D20ABD42F26A7B85F9E2560AF, 9DD01194A553590146A1A1D790B2F891D244C8C0EE34DA423CF2B1F7418BD3AC ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
10:02:34.0312 0x0c9c WMPNetworkSvc - ok
10:02:34.0359 0x0c9c [ 4C86D5FAF78194995AF9CC1075F65DD3, D3B23BB0971E0DBC0A51720067489C224323B603178E91149BF56F779DE352F0 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
10:02:34.0375 0x0c9c wscsvc - ok
10:02:34.0406 0x0c9c [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
10:02:34.0406 0x0c9c WSTCODEC - ok
10:02:34.0437 0x0c9c [ C1364564800EE9784192145324A23308, 5345BAE00364233594C9CF99CE2CC485E65B5D4FFBB81C86B2950EDA2427584C ] wuauserv C:\WINDOWS\system32\wuauserv.dll
10:02:34.0437 0x0c9c wuauserv - ok
10:02:34.0468 0x0c9c [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
10:02:34.0468 0x0c9c WudfPf - ok
10:02:34.0515 0x0c9c [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
10:02:34.0531 0x0c9c WudfRd - ok
10:02:34.0562 0x0c9c [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
10:02:34.0578 0x0c9c WudfSvc - ok
10:02:34.0640 0x0c9c [ A27D4BA7264C0BF52F32D10405BEA1D4, 5F28607CCAB15FB601BEB35FF0B1A5CD27C678C6D1CA724E842C33EED4579B8C ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
10:02:34.0671 0x0c9c WZCSVC - ok
10:02:34.0703 0x0c9c [ EAA4BB9EDB3FB10CF8979FE65E63658F, B80EB477100FD3E26513360E09DB6EBF0C8D8B0618F1F4BF1F387ABA6DEC9B64 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
10:02:34.0718 0x0c9c xmlprov - ok
10:02:34.0734 0x0c9c ================ Scan global ===============================
10:02:34.0765 0x0c9c [ F36278E42C8C5DF03CE17DAC8231C91C, D012A3C8F394DF4F0BF5D5A4C10E73BBF427762B7D3DB6CF5FAB96536E082B7A ] C:\WINDOWS\system32\basesrv.dll
10:02:34.0812 0x0c9c [ 4C0AA4ABC4E21672B55D8A700AF2B2A6, FAC6B8E2698D0EB12A0ACE62EA398AD05AB6AC5C39740A1E8BDAAF0BFDD5B4A3 ] C:\WINDOWS\system32\winsrv.dll
10:02:34.0859 0x0c9c [ 4C0AA4ABC4E21672B55D8A700AF2B2A6, FAC6B8E2698D0EB12A0ACE62EA398AD05AB6AC5C39740A1E8BDAAF0BFDD5B4A3 ] C:\WINDOWS\system32\winsrv.dll
10:02:34.0906 0x0c9c [ 9EF697AF07BB8DD82C3B02CA953A95B7, F26033E660B8FF1BDB9E88CDA205CE128C03138AF6BEC05DB3CF2D95C16D86C6 ] C:\WINDOWS\system32\services.exe
10:02:34.0906 0x0c9c [ Global ] - ok
10:02:34.0906 0x0c9c ================ Scan MBR ==================================
10:02:34.0937 0x0c9c [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
10:02:35.0187 0x0c9c \Device\Harddisk0\DR0 - ok
10:02:35.0187 0x0c9c ================ Scan VBR ==================================
10:02:35.0187 0x0c9c [ 59FACDCDBAB5306E6B55612525F4A0CC ] \Device\Harddisk0\DR0\Partition1
10:02:35.0218 0x0c9c \Device\Harddisk0\DR0\Partition1 - ok
10:02:35.0218 0x0c9c Waiting for KSN requests completion. In queue: 218
10:02:36.0218 0x0c9c Waiting for KSN requests completion. In queue: 218
10:02:37.0218 0x0c9c Waiting for KSN requests completion. In queue: 218
10:02:38.0296 0x0c9c AV detected via SS1: Microsoft Security Essentials, 4.4.0304.0, enabled, updated
10:02:38.0296 0x0c9c Win FW state via NFM: enabled
10:02:40.0781 0x0c9c ============================================================
10:02:40.0781 0x0c9c Scan finished
10:02:40.0781 0x0c9c ============================================================
10:02:40.0796 0x0c90 Detected object count: 0
10:02:40.0796 0x0c90 Actual detected object count: 0
10:03:30.0750 0x0988 Deinitialize success

Lojza · Příspěvekod **Lojza** » 28 bře 2014 10:32

ComboFix 14-03-24.01 - Jana - Bryndová 28.03.2014 10:21:14.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1013.672 [GMT 1:00]
Spuštěný z: c:\documents and settings\Jana - Bryndovß\Plocha\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-02-28 do 2014-03-28 )))))))))))))))))))))))))))))))
.
.
2014-03-27 09:29 . 2014-03-07 04:35 7969936 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{F1CCC3B8-86FC-4E03-ADCC-841AEA773ADB}\mpengine.dll
2014-03-27 09:28 . 2014-03-07 04:35 7969936 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-03-25 16:59 . 2014-03-25 16:59 -------- d-----w- c:\windows\ERUNT
2014-03-25 16:35 . 2014-03-25 16:35 -------- d-----w- c:\documents and settings\Administrator
2014-03-25 16:25 . 2014-03-25 16:54 -------- d-----w- C:\AdwCleaner
2014-03-25 13:58 . 2014-03-25 13:58 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-03-25 13:58 . 2014-03-25 13:58 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-03-25 12:45 . 2014-03-25 12:45 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2014-03-25 12:17 . 2014-03-25 12:17 -------- d-----w- c:\program files\CCleaner
2014-03-10 17:43 . 2014-02-26 23:28 13312 -c----w- c:\windows\system32\dllcache\xp_eos.exe
2014-03-10 17:43 . 2014-02-26 23:28 13312 ------w- c:\windows\system32\xp_eos.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-24 16:05 . 2010-05-04 11:38 920064 ----a-w- c:\windows\system32\wininet.dll
2014-02-24 11:35 . 2010-05-04 11:38 43520 ----a-w- c:\windows\system32\licmgr10.dll
2014-02-24 11:35 . 2010-05-04 11:38 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2014-02-24 11:35 . 2010-05-04 11:38 18944 ----a-w- c:\windows\system32\corpol.dll
2014-02-24 10:54 . 2010-05-04 11:38 385024 ----a-w- c:\windows\system32\html.iec
2014-02-07 06:36 . 2010-05-04 11:38 1879040 ----a-w- c:\windows\system32\win32k.sys
2014-02-05 08:55 . 2010-05-04 11:38 563712 ----a-w- c:\windows\system32\qedit.dll
2014-01-19 07:32 . 2011-06-24 11:17 231584 ------w- c:\windows\system32\MpSigStub.exe
2014-01-04 03:12 . 2010-05-04 11:38 420864 ----a-w- c:\windows\system32\vbscript.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 948440]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-23 926896]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\S6000Mnt]
S6000Rmv.dll [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AzMixerSel]
2009-12-11 05:59 59936 ----a-w- c:\program files\Realtek\Audio\Drivers\AzMixerSel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2008-04-14 12:00 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2009-11-16 14:56 173592 ----a-w- c:\windows\system32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
2009-06-04 17:03 186904 ----a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2009-11-16 14:56 141336 ----a-w- c:\windows\system32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
2010-04-08 04:18 908368 ----a-w- c:\program files\Launch Manager\LManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 06:52 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2009-11-16 14:56 141336 ----a-w- c:\windows\system32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2010-03-12 21:53 19521056 ----a-w- c:\windows\RTHDCPL.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2010-02-05 08:46 1692968 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Documents and Settings\\Jana - Bryndová\\Plocha\\Skype.exe"=
.
R1 tidnet;TID NDIS Protocol Driver;c:\windows\system32\drivers\tidnet.sys [15.9.2009 10:51 19200]
R2 DsiWMIService;Dritek WMI Service;c:\program files\Launch Manager\dsiwmis.exe [4.5.2010 12:39 312400]
R2 Updater Service;Updater Service;c:\program files\eMachines\eMachines Updater\UpdaterService.exe [4.5.2010 4:39 243232]
R3 L1c;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [4.5.2010 12:39 60456]
R3 S6000KNT;S6000KNT_WebCam Driver;c:\windows\system32\drivers\S6000KNT.sys [4.3.2011 16:23 3221120]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [4.5.2010 4:22 1691480]
S3 EUCR;EUCR;c:\windows\system32\drivers\EUCR6SK.sys [4.5.2010 4:25 108752]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\drivers\ewdcsc.sys [4.6.2011 14:37 24448]
S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\drivers\ewusbdev.sys [4.6.2011 14:37 100736]
.
Obsah adresáře 'Naplánované úlohy'
.
2014-03-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-25 13:58]
.
2014-03-28 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job
- c:\program files\Microsoft Security Client\MpCmdRun.exe [2013-10-23 14:01]
.
2014-03-12 c:\windows\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
- c:\windows\system32\xp_eos.exe [2014-03-10 23:28]
.
2014-03-28 c:\windows\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
- c:\windows\system32\xp_eos.exe [2014-03-10 23:28]
.
2014-03-28 c:\windows\Tasks\User_Feed_Synchronization-{BE2A05DF-ED8D-4FFC-8A05-AC0916509731}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
mStart Page = hxxp://homepage.emachines.com/rdr.aspx? ... 5r4842r629
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.254
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe
MSConfigStartUp-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-03-28 10:28
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2014-03-28 10:30:06
ComboFix-quarantined-files.txt 2014-03-28 09:30
.
Před spuštěním: Volných bajtů: 124 411 441 152
Po spuštění: Volných bajtů: 124 411 400 192
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - F9A978352B48756DFD6FF80D157DAF78
5C616939100B85E558DA92B899A0FC36

Příspěvekod **jaro3** » 28 bře 2014 18:57

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Vlož nový log z HJT + info o problémech.

Lojza · Příspěvekod **Lojza** » 29 bře 2014 11:02

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2014-03-29 10:58:57
-----------------------------
10:58:57.078 OS Version: Windows 5.1.2600 Service Pack 3
10:58:57.078 Number of processors: 2 586 0x1C0A
10:58:57.078 ComputerName: EMACHINE-CF7226 UserName: Jana - Bryndová
10:58:58.328 Initialize success
10:59:06.906 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
10:59:06.906 Disk 0 Vendor: Hitachi_ PBBO Size: 152627MB BusType: 3
10:59:07.062 Disk 0 MBR read successfully
10:59:07.062 Disk 0 MBR scan
10:59:07.062 Disk 0 Windows VISTA default MBR code
10:59:07.078 Disk 0 Partition 1 00 12 Compaq diag NTFS 11264 MB offset 2048
10:59:07.109 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 141361 MB offset 23070720
10:59:07.109 Disk 0 scanning sectors +312578048
10:59:07.187 Disk 0 scanning C:\WINDOWS\system32\drivers
10:59:13.015 Service scanning
10:59:19.953 Service MpKsl268ad266 c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{9F2B6D19-F4DB-405E-8437-3ED648B3498B}\MpKsl268ad266.sys **LOCKED** 32
10:59:27.078 Modules scanning
10:59:33.359 Disk 0 trace - called modules:
10:59:33.390 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll iaStor.sys
10:59:33.406 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x865789c0]
10:59:33.421 3 CLASSPNP.SYS[f7632fd7] -> nt!IofCallDriver -> \Device\0000005f[0x8657c910]
10:59:33.421 5 ACPI.sys[f74c9620] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x86579028]
10:59:33.437 Scan finished successfully
11:00:09.984 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Jana - Bryndová\Plocha\MBR.dat"
11:00:10.000 The log file has been saved successfully to "C:\Documents and Settings\Jana - Bryndová\Plocha\aswMBR.txt"

Lojza · Příspěvekod **Lojza** » 29 bře 2014 11:03

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:03:07, on 29.3.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Launch Manager\dsiwmis.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Jana - Bryndová\Plocha\HijackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.emachines.com/rdr.aspx? ... 5r4842r629
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files\Launch Manager\dsiwmis.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\eMachines Games\eMachines Game Console\GameConsoleService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: Updater Service - Acer Group - C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe

--
End of file - 5010 bytes

Lojza · Příspěvekod **Lojza** » 29 bře 2014 11:17

Žádné problémy nepozoruji. Ani před tím jsem nepozoroval.

Jen mi myslím ComboFix nainstaloval nějaká Microsoft Windows Recovery Console, která se mě při spouštění Win ptá, na OS, který chci spustit:
Microsoft Windows Recovery Console
do not select this [ladící program byl aktivován]
Microsoft Windows XP Home Edition

ptá se to asi 2 s a pak to spustí normálně XPčka, ale je to takové otravné malinko. Dá se to nějak vypnout, nebo se toho nějak jinak zbavit?

Příspěvekod **jaro3** » 29 bře 2014 11:35

Dá:
Odstranění konzoly pro zotavení
Otevřete složku Tento počítač.
Poklepejte na pevný disk, na kterém je nainstalována konzola pro zotavení.
V nabídce Nástroje klepněte na příkaz Možnosti složky.
Klepněte na kartu Zobrazit.
Klepněte na přepínač Zobrazit skryté soubory a složky, zrušte zaškrtnutí políčka Skrýt chráněné soubory operačního systému a klepněte na tlačítko OK.
V kořenovém adresáři odstraňte složku \Cmdcons.
V kořenovém adresáři odstraňte soubor Cmldr.
V kořenovém adresáři klepněte pravým tlačítkem myši na soubor Boot.ini a potom klepněte na příkaz Vlastnosti.
Zrušte zaškrtnutí políčka Jen pro čtení a klepněte na tlačítko OK.
Otevřete soubor Boot.ini v programu Poznámkový blok a odstraňte položku konzoly pro zotavení. Položka bude vypadat podobně jako tento řádek:

Kód: Vybrat vše

C:\cmdcons\bootsect.dat="Microsoft Windows Recovery Console" /cmdcons

Uložte a zavřete soubor.
Upozornění

Nesprávné změny souboru Boot.ini mohou zabránit restartování počítače. Přesvědčte se, že jste odstranili pouze položku konzoly pro zotavení.
Poznámky

Složku Tento počítač otevřete klepnutím na tlačítko Start a na příkaz Tento počítač.
Po dokončení tohoto postupu doporučujeme změnit atribut souboru Boot.ini zpět na hodnotu Jen pro čtení. Pravděpodobně budete také chtít znovu skrýt systémové soubory.

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.

prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu

Kdo je online