Prosím o kontrolu logu..mám podozrenie na vírus Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

michael_corleone
nováček
Příspěvky: 18
Registrován: květen 14
Pohlaví: Muž
Stav:
Offline

Prosím o kontrolu logu..mám podozrenie na vírus

Příspěvekod michael_corleone » 11 kvě 2014 15:15

Dobrý deň, pri spustení počítača sa mi zobrazujú 3 vyskakovacie okná...vyzerajú viď príloha...mám podozrenie na malware alebo niečo iné...skúšal som kontrolu cez program Malwarebytes...niečo mi detekovalo aj odstránilo ale problém pretrváva...Na Vašom fóre som sa preklikal až k sekcii HiJackThis...spravil som si log...viete mi prosím pomôcť? Za odpoveď predom Vďaka.
Tu je log:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:43:23, on 11. 5. 2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16496)

FIREFOX: 27.0.1 (sk)
Boot mode: Normal

Running processes:
D:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\ASUSTek Computer Inc\ASUS U3100MINI PLUS V2 Utilities\RTLRCtl.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\USB Camera2\VM332_STI.EXE
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
D:\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\PROGRA~2\PCTRAN~1\webie.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
O4 - HKLM\..\Run: [332BigDog] C:\Program Files (x86)\USB Camera2\VM332_STI.EXE
O4 - HKLM\..\Run: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [mncugniSrv] C:\Windows\system32\mncugni.vbe
O4 - HKLM\..\Run: [mnchkiinSrv] C:\Windows\system32\mnchkiin.vbe
O4 - HKLM\..\Run: [mnctytdeySrv] C:\Windows\system32\mnctytdey.vbe
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-681498786-4294844652-27751896-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-681498786-4294844652-27751896-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: Remote Control.lnk = C:\Program Files (x86)\ASUSTek Computer Inc\ASUS U3100MINI PLUS V2 Utilities\RTLRCtl.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: WebTran - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\PROGRA~2\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\PROGRA~2\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: &Nastaviť prekladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\PROGRA~2\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\PROGRA~2\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: Preložiť &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\PROGRA~2\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\PROGRA~2\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: Preložiť &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\PROGRA~2\PCTRAN~1\webie.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - D:\Program Files (x86)\Advanced SystemCare 7\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\Windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\Windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 14168 bytes
Přílohy
Snímka.PNG

Reklama
Uživatelský avatar
Orcus
člen Security týmu
Elite Level 10.5
Elite Level 10.5
Příspěvky: 10645
Registrován: duben 10
Bydliště: Okolo rostou 3 růže =o)
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu..mám podozrenie na vírus

Příspěvekod Orcus » 11 kvě 2014 18:07

V HJT fixni:
O4 - HKLM\..\Run: [mncugniSrv] C:\Windows\system32\mncugni.vbe
O4 - HKLM\..\Run: [mnchkiinSrv] C:\Windows\system32\mnchkiin.vbe
O4 - HKLM\..\Run: [mnctytdeySrv] C:\Windows\system32\mnctytdey.vbe
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup

===================================================

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.

===================================================

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

===================================================

Stáhni AdwCleaner (by Xplode)

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

===================================================

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na b] Kopírovat do schránky [/b]a a vlož sem celý log.

- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).

Pokud budou problémy , spusť v nouz. režimu.
Láska hřeje, ale uhlí je uhlí. :fire:



Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.

Pár rad k bezpečnosti PC.

Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix

Pokud budete spokojeni , můžete podpořit naše fórum.

michael_corleone
nováček
Příspěvky: 18
Registrován: květen 14
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu..mám podozrenie na vírus

Příspěvekod michael_corleone » 11 kvě 2014 19:47

Log z AdwCleaner:
# AdwCleaner v3.207 - Report created 11/05/2014 at 19:16:02
# Updated 05/05/2014 by Xplode
# Operating System : Windows 7 Professional (64 bits)
# Username : Braňo - BRAŇO-PC
# Running from : D:\Downloads\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Users\Braňo\AppData\Roaming\Mozilla\Firefox\Profiles\ttr0a54h.default\user.js
Folder Found : C:\Program Files (x86)\Common Files\Spigot
Folder Found : C:\Users\Braňo\AppData\Roaming\pdfforge
Folder Found : C:\Users\BRAO~1\AppData\Local\Temp\AskSearch

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\Search Settings
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Found : HKLM\Software\systweak
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Value Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}]

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16496


-\\ Mozilla Firefox v27.0.1 (sk)

[ File : C:\Users\Braňo\AppData\Roaming\Mozilla\Firefox\Profiles\ttr0a54h.default\prefs.js ]


-\\ Google Chrome v34.0.1847.131

[ File : C:\Users\Braňo\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found [Search Provider] : hxxp://search.babylon.com/?mntrId=bcd75 ... =109217&q={searchTerms}
Found [Extension] : hbcennhacfaagdopikcegfcobcadeocj
Found [Extension] : icdlfehblmklkikfigmjhbmmpmkmpooj
Found [Extension] : mhkaekfpcppmmioggniknbnbdbcigpkk
Found [Extension] : pfndaklgolladniicklehhancnlgocpp

*************************

AdwCleaner[R0].txt - [2437 octets] - [11/05/2014 19:16:02]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [2497 octets] ##########

Log z Malwarebytes:
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 11. 5. 2014
Scan Time: 19:39:19
Logfile:
Administrator: Yes

Version: 2.00.1.1004
Malware Database: v2014.05.11.07
Rootkit Database: v2014.03.27.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled

OS: Windows 7
CPU: x64
File System: NTFS
User: Braňo

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 299787
Time Elapsed: 6 min, 13 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

Problém zmizol už pri fixnutí v HJT...Som "Čistý"? :-) Zatiaľ ďakujem

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu..mám podozrenie na vírus

Příspěvekod jaro3 » 12 kvě 2014 09:38

Ještě to projedem:

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean

Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit

-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

Windows7 -- chybí Ti SP1 , doinstaluj.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

michael_corleone
nováček
Příspěvky: 18
Registrován: květen 14
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu..mám podozrenie na vírus

Příspěvekod michael_corleone » 12 kvě 2014 20:20

AdwCleaner log:
# AdwCleaner v3.208 - Report created 12/05/2014 at 19:39:22
# Updated 11/05/2014 by Xplode
# Operating System : Windows 7 Professional (64 bits)
# Username : Braňo - BRAŇO-PC
# Running from : D:\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\Common Files\Spigot
Folder Deleted : C:\Users\BRAO~1\AppData\Local\Temp\AskSearch
Folder Deleted : C:\Users\Braňo\AppData\Roaming\pdfforge
File Deleted : C:\Users\Braňo\AppData\Roaming\Mozilla\Firefox\Profiles\ttr0a54h.default\user.js

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\bi_client_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\bi_client_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKLM\Software\systweak

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16496


-\\ Mozilla Firefox v27.0.1 (sk)

[ File : C:\Users\Braňo\AppData\Roaming\Mozilla\Firefox\Profiles\ttr0a54h.default\prefs.js ]


-\\ Google Chrome v34.0.1847.131

[ File : C:\Users\Braňo\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://search.babylon.com/?mntrId=bcd75 ... =109217&q={searchTerms}
Deleted [Extension] : hbcennhacfaagdopikcegfcobcadeocj
Deleted [Extension] : icdlfehblmklkikfigmjhbmmpmkmpooj
Deleted [Extension] : mhkaekfpcppmmioggniknbnbdbcigpkk
Deleted [Extension] : pfndaklgolladniicklehhancnlgocpp

*************************

AdwCleaner[R0].txt - [2589 octets] - [11/05/2014 19:16:02]
AdwCleaner[R1].txt - [2649 octets] - [11/05/2014 19:27:32]
AdwCleaner[R2].txt - [2281 octets] - [12/05/2014 19:37:37]
AdwCleaner[S0].txt - [2240 octets] - [12/05/2014 19:39:22]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2300 octets] ##########

JRT log:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x64
Ran by Braĺo on po 12. 05. 2014 at 19:47:13,92
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Braĺo\AppData\Roaming\mozilla\firefox\profiles\ttr0a54h.default\minidumps [87 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 12. 05. 2014 at 19:54:28,39
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
RK log:
RogueKiller V8.8.15 _x64_ [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operačný systém : Windows 7 (6.1.7600 ) 64 bits version
Spustené v : Normálny režim
Užívateľ : Braňo [Práva Správcu]
Režim : Kontrola -- Dátum : 05/12/2014 20:11:26
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy : 0 ¤¤¤

¤¤¤ Záznamy Registrov : 5 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NÁJDENÉ
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NÁJDENÉ
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> NÁJDENÉ
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NÁJDENÉ
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NÁJDENÉ

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spustenie položky : 0 ¤¤¤

¤¤¤ webové prehliadače : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštne súbory / Adresáre: ¤¤¤

¤¤¤ Ovládač : [NENAHRATÉ 0x0] ¤¤¤
[Address] EAT @explorer.exe (DllCanUnloadNow) : NetworkExplorer.dll -> HOOKED (C:\Windows\system32\imapi2.dll @ 0xF4826EDC)
[Address] EAT @explorer.exe (DllGetClassObject) : NetworkExplorer.dll -> HOOKED (C:\Windows\system32\imapi2.dll @ 0xF4822164)
[Address] EAT @explorer.exe (DllRegisterServer) : NetworkExplorer.dll -> HOOKED (C:\Windows\system32\imapi2.dll @ 0xF48612E0)
[Address] EAT @explorer.exe (DllUnregisterServer) : NetworkExplorer.dll -> HOOKED (C:\Windows\system32\imapi2.dll @ 0xF486146C)

¤¤¤ Vonkajšie Hives: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Súbor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST500LT012-9WS142 +++++
--- User ---
[MBR] 3e67948c36c95327886256255f8c4e98
[BSP] 15fc16227e8fccae680f59a76c9e4889 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 39900 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 81922048 | Size: 435830 MB
3 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 974502272 | Size: 1108 MB
User = LL1 ... OK!
User = LL2 ... OK!

Dokončené : << RKreport[0]_S_05122014_201126.txt >>

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu..mám podozrenie na vírus

Příspěvekod jaro3 » 13 kvě 2014 09:34

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

michael_corleone
nováček
Příspěvky: 18
Registrován: květen 14
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu..mám podozrenie na vírus

Příspěvekod michael_corleone » 13 kvě 2014 20:46

V tom RogueKillerovi...po skončení Preskenu, nie je prístupné tlačítko "Zmazať" a ani "Správa"...sú prístupné až po ukončení Skenu spusteného tlačítkom Prehladať...bolo to myslené že mám dať aj ten sken? Nerád by som niečo pokašlal...

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu..mám podozrenie na vírus

Příspěvekod jaro3 » 14 kvě 2014 09:40

Po prescanu musíš dát napřed prohledat , až to skonří teprve potom dát smazat.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

michael_corleone
nováček
Příspěvky: 18
Registrován: květen 14
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu..mám podozrenie na vírus

Příspěvekod michael_corleone » 14 kvě 2014 19:49

RogueKiller V8.8.15 _x64_ [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operačný systém : Windows 7 (6.1.7600 ) 64 bits version
Spustené v : Normálny režim
Užívateľ : Braňo [Práva Správcu]
Režim : Odebrať -- Dátum : 05/14/2014 19:39:14
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy : 0 ¤¤¤

¤¤¤ Záznamy Registrov : 5 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZANÉ
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZANÉ
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> NAHRADENÉ (1)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRADENÉ (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRADENÉ (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spustenie položky : 0 ¤¤¤

¤¤¤ webové prehliadače : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštne súbory / Adresáre: ¤¤¤

¤¤¤ Ovládač : [NENAHRATÉ 0x0] ¤¤¤
[Address] EAT @explorer.exe (LdapGetLastError) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF3981D8)
[Address] EAT @explorer.exe (LdapMapErrorToWin32) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF372BA4)
[Address] EAT @explorer.exe (LdapUTF8ToUnicode) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF397FA0)
[Address] EAT @explorer.exe (LdapUnicodeToUTF8) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF3644A8)
[Address] EAT @explorer.exe (ber_alloc_t) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38E62C)
[Address] EAT @explorer.exe (ber_bvdup) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38E54C)
[Address] EAT @explorer.exe (ber_bvecfree) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38E500)
[Address] EAT @explorer.exe (ber_bvfree) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38E4BC)
[Address] EAT @explorer.exe (ber_first_element) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38E73C)
[Address] EAT @explorer.exe (ber_flatten) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38E7EC)
[Address] EAT @explorer.exe (ber_free) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38E48C)
[Address] EAT @explorer.exe (ber_init) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38E384)
[Address] EAT @explorer.exe (ber_next_element) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38E7B0)
[Address] EAT @explorer.exe (ber_peek_tag) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38E700)
[Address] EAT @explorer.exe (ber_printf) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38E8D4)
[Address] EAT @explorer.exe (ber_scanf) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38EB48)
[Address] EAT @explorer.exe (ber_skip_tag) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38E6C4)
[Address] EAT @explorer.exe (cldap_open) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF36E254)
[Address] EAT @explorer.exe (cldap_openA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF36E254)
[Address] EAT @explorer.exe (cldap_openW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38F19C)
[Address] EAT @explorer.exe (ldap_abandon) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF3852C0)
[Address] EAT @explorer.exe (ldap_add) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF385BD8)
[Address] EAT @explorer.exe (ldap_addA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF385BD8)
[Address] EAT @explorer.exe (ldap_addW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF385AF8)
[Address] EAT @explorer.exe (ldap_add_ext) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF385D38)
[Address] EAT @explorer.exe (ldap_add_extA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF385D38)
[Address] EAT @explorer.exe (ldap_add_extW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF385C48)
[Address] EAT @explorer.exe (ldap_add_ext_s) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38600C)
[Address] EAT @explorer.exe (ldap_add_ext_sA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38600C)
[Address] EAT @explorer.exe (ldap_add_ext_sW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF385EA4)
[Address] EAT @explorer.exe (ldap_add_s) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF385C28)
[Address] EAT @explorer.exe (ldap_add_sA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF385C28)
[Address] EAT @explorer.exe (ldap_add_sW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF385C08)
[Address] EAT @explorer.exe (ldap_bind) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF388034)
[Address] EAT @explorer.exe (ldap_bindA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF388034)
[Address] EAT @explorer.exe (ldap_bindW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF387F20)
[Address] EAT @explorer.exe (ldap_bind_s) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF388050)
[Address] EAT @explorer.exe (ldap_bind_sA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF388050)
[Address] EAT @explorer.exe (ldap_bind_sW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF369B64)
[Address] EAT @explorer.exe (ldap_check_filterA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF396F0C)
[Address] EAT @explorer.exe (ldap_check_filterW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF396D08)
[Address] EAT @explorer.exe (ldap_cleanup) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38C080)
[Address] EAT @explorer.exe (ldap_close_extended_op) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38BB9C)
[Address] EAT @explorer.exe (ldap_compare) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF388C38)
[Address] EAT @explorer.exe (ldap_compareA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF388C38)
[Address] EAT @explorer.exe (ldap_compareW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF388B40)
[Address] EAT @explorer.exe (ldap_compare_ext) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF388DD0)
[Address] EAT @explorer.exe (ldap_compare_extA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF388DD0)
[Address] EAT @explorer.exe (ldap_compare_extW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF388CC0)
[Address] EAT @explorer.exe (ldap_compare_ext_s) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF3891B0)
[Address] EAT @explorer.exe (ldap_compare_ext_sA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF3891B0)
[Address] EAT @explorer.exe (ldap_compare_ext_sW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38902C)
[Address] EAT @explorer.exe (ldap_compare_s) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF388C98)
[Address] EAT @explorer.exe (ldap_compare_sA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF388C98)
[Address] EAT @explorer.exe (ldap_compare_sW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF388C70)
[Address] EAT @explorer.exe (ldap_conn_from_msg) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF398208)
[Address] EAT @explorer.exe (ldap_connect) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF36BF14)
[Address] EAT @explorer.exe (ldap_control_free) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF389800)
[Address] EAT @explorer.exe (ldap_control_freeA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF389800)
[Address] EAT @explorer.exe (ldap_control_freeW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF389810)
[Address] EAT @explorer.exe (ldap_controls_free) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF3897F4)
[Address] EAT @explorer.exe (ldap_controls_freeA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF3897F4)
[Address] EAT @explorer.exe (ldap_controls_freeW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF36FD18)
[Address] EAT @explorer.exe (ldap_count_entries) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF36D2DC)
[Address] EAT @explorer.exe (ldap_count_references) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF397BE8)
[Address] EAT @explorer.exe (ldap_count_values) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF3942A0)
[Address] EAT @explorer.exe (ldap_count_valuesA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF3942A0)
[Address] EAT @explorer.exe (ldap_count_valuesW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF36D270)
[Address] EAT @explorer.exe (ldap_count_values_len) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF36D270)
[Address] EAT @explorer.exe (ldap_create_page_control) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF3908D4)
[Address] EAT @explorer.exe (ldap_create_page_controlA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF3908D4)
[Address] EAT @explorer.exe (ldap_create_page_controlW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF390800)
[Address] EAT @explorer.exe (ldap_create_sort_control) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF3965A4)
[Address] EAT @explorer.exe (ldap_create_sort_controlA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF3965A4)
[Address] EAT @explorer.exe (ldap_create_sort_controlW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF3965C0)
[Address] EAT @explorer.exe (ldap_create_vlv_controlA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF3914A4)
[Address] EAT @explorer.exe (ldap_create_vlv_controlW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF391480)
[Address] EAT @explorer.exe (ldap_delete) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38AA90)
[Address] EAT @explorer.exe (ldap_deleteA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38AA90)
[Address] EAT @explorer.exe (ldap_deleteW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38AA60)
[Address] EAT @explorer.exe (ldap_delete_ext) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38AAF4)
[Address] EAT @explorer.exe (ldap_delete_extA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38AAF4)
[Address] EAT @explorer.exe (ldap_delete_extW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38A978)
[Address] EAT @explorer.exe (ldap_delete_ext_s) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38ADA0)
[Address] EAT @explorer.exe (ldap_delete_ext_sA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38ADA0)
[Address] EAT @explorer.exe (ldap_delete_ext_sW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38AC50)
[Address] EAT @explorer.exe (ldap_delete_s) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38AAE0)
[Address] EAT @explorer.exe (ldap_delete_sA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38AAE0)
[Address] EAT @explorer.exe (ldap_delete_sW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38AAC0)
[Address] EAT @explorer.exe (ldap_dn2ufn) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38DCE4)
[Address] EAT @explorer.exe (ldap_dn2ufnA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38DCE4)
[Address] EAT @explorer.exe (ldap_dn2ufnW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38DA38)
[Address] EAT @explorer.exe (ldap_encode_sort_controlA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF396C3C)
[Address] EAT @explorer.exe (ldap_encode_sort_controlW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF396B74)
[Address] EAT @explorer.exe (ldap_err2string) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF362200)
[Address] EAT @explorer.exe (ldap_err2stringA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF362200)
[Address] EAT @explorer.exe (ldap_err2stringW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF398040)
[Address] EAT @explorer.exe (ldap_escape_filter_element) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF361588)
[Address] EAT @explorer.exe (ldap_escape_filter_elementA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF361588)
[Address] EAT @explorer.exe (ldap_escape_filter_elementW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF396F88)
[Address] EAT @explorer.exe (ldap_explode_dn) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38D968)
[Address] EAT @explorer.exe (ldap_explode_dnA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38D968)
[Address] EAT @explorer.exe (ldap_explode_dnW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38D6DC)
[Address] EAT @explorer.exe (ldap_extended_operation) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38B6D4)
[Address] EAT @explorer.exe (ldap_extended_operationA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38B6D4)
[Address] EAT @explorer.exe (ldap_extended_operationW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38B5E4)
[Address] EAT @explorer.exe (ldap_extended_operation_sA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38B840)
[Address] EAT @explorer.exe (ldap_extended_operation_sW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38BA1C)
[Address] EAT @explorer.exe (ldap_first_attribute) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF386DF4)
[Address] EAT @explorer.exe (ldap_first_attributeA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF386DF4)
[Address] EAT @explorer.exe (ldap_first_attributeW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF36D360)
[Address] EAT @explorer.exe (ldap_first_entry) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF367A68)
[Address] EAT @explorer.exe (ldap_first_reference) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF397A78)
[Address] EAT @explorer.exe (ldap_free_controls) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF3897F4)
[Address] EAT @explorer.exe (ldap_free_controlsA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF3897F4)
[Address] EAT @explorer.exe (ldap_free_controlsW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF3897F4)
[Address] EAT @explorer.exe (ldap_get_dn) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF3942C0)
[Address] EAT @explorer.exe (ldap_get_dnA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF3942C0)
[Address] EAT @explorer.exe (ldap_get_dnW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF36FDD0)
[Address] EAT @explorer.exe (ldap_get_next_page) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38FE30)
[Address] EAT @explorer.exe (ldap_get_next_page_s) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38FFDC)
[Address] EAT @explorer.exe (ldap_get_option) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38BC58)
[Address] EAT @explorer.exe (ldap_get_optionA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38BC58)
[Address] EAT @explorer.exe (ldap_get_optionW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF36CE54)
[Address] EAT @explorer.exe (ldap_get_paged_count) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF390248)
[Address] EAT @explorer.exe (ldap_get_values) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF39412C)
[Address] EAT @explorer.exe (ldap_get_valuesA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF39428C)
[Address] EAT @explorer.exe (ldap_get_valuesW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF3685A4)
[Address] EAT @explorer.exe (ldap_get_values_len) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF36DC94)
[Address] EAT @explorer.exe (ldap_get_values_lenA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF36DC94)
[Address] EAT @explorer.exe (ldap_get_values_lenW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF36868C)
[Address] EAT @explorer.exe (ldap_init) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38F230)
[Address] EAT @explorer.exe (ldap_initA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38F230)
[Address] EAT @explorer.exe (ldap_initW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF36BF94)
[Address] EAT @explorer.exe (ldap_memfree) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF36965C)
[Address] EAT @explorer.exe (ldap_memfreeA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF36965C)
[Address] EAT @explorer.exe (ldap_memfreeW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF36FEC0)
[Address] EAT @explorer.exe (ldap_modify) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38C964)
[Address] EAT @explorer.exe (ldap_modifyA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38C964)
[Address] EAT @explorer.exe (ldap_modifyW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38C884)
[Address] EAT @explorer.exe (ldap_modify_ext) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38CAC4)
[Address] EAT @explorer.exe (ldap_modify_extA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38CAC4)
[Address] EAT @explorer.exe (ldap_modify_extW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38C9D4)
[Address] EAT @explorer.exe (ldap_modify_ext_s) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38CD98)
[Address] EAT @explorer.exe (ldap_modify_ext_sA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38CD98)
[Address] EAT @explorer.exe (ldap_modify_ext_sW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38CC30)
[Address] EAT @explorer.exe (ldap_modify_s) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38C9B4)
[Address] EAT @explorer.exe (ldap_modify_sA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38C9B4)
[Address] EAT @explorer.exe (ldap_modify_sW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38C994)
[Address] EAT @explorer.exe (ldap_modrdn) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF393468)
[Address] EAT @explorer.exe (ldap_modrdn2) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF39303C)
[Address] EAT @explorer.exe (ldap_modrdn2A) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF39303C)
[Address] EAT @explorer.exe (ldap_modrdn2W) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF392E70)
[Address] EAT @explorer.exe (ldap_modrdn2_s) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF39330C)
[Address] EAT @explorer.exe (ldap_modrdn2_sA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF39330C)
[Address] EAT @explorer.exe (ldap_modrdn2_sW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF3931C4)
[Address] EAT @explorer.exe (ldap_modrdnA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF393468)
[Address] EAT @explorer.exe (ldap_modrdnW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF393454)
[Address] EAT @explorer.exe (ldap_modrdn_s) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF393490)
[Address] EAT @explorer.exe (ldap_modrdn_sA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF393490)
[Address] EAT @explorer.exe (ldap_modrdn_sW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF39347C)
[Address] EAT @explorer.exe (ldap_msgfree) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF362980)
[Address] EAT @explorer.exe (ldap_next_attribute) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF386EA8)
[Address] EAT @explorer.exe (ldap_next_attributeA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF386EA8)
[Address] EAT @explorer.exe (ldap_next_attributeW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF36D3E4)
[Address] EAT @explorer.exe (ldap_next_entry) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF36FBD0)
[Address] EAT @explorer.exe (ldap_next_reference) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF397B28)
[Address] EAT @explorer.exe (ldap_open) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38F124)
[Address] EAT @explorer.exe (ldap_openA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38F124)
[Address] EAT @explorer.exe (ldap_openW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38F114)
[Address] EAT @explorer.exe (ldap_parse_extended_resultA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF392154)
[Address] EAT @explorer.exe (ldap_parse_extended_resultW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF392080)
[Address] EAT @explorer.exe (ldap_parse_page_control) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF390C98)
[Address] EAT @explorer.exe (ldap_parse_page_controlA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF390C98)
[Address] EAT @explorer.exe (ldap_parse_page_controlW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF390BD0)
[Address] EAT @explorer.exe (ldap_parse_reference) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF397D60)
[Address] EAT @explorer.exe (ldap_parse_referenceA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF397D60)
[Address] EAT @explorer.exe (ldap_parse_referenceW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF397CAC)
[Address] EAT @explorer.exe (ldap_parse_result) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF391F80)
[Address] EAT @explorer.exe (ldap_parse_resultA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF391F80)
[Address] EAT @explorer.exe (ldap_parse_resultW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF391E80)
[Address] EAT @explorer.exe (ldap_parse_sort_control) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF3966F4)
[Address] EAT @explorer.exe (ldap_parse_sort_controlA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF3966F4)
[Address] EAT @explorer.exe (ldap_parse_sort_controlW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF3967C0)
[Address] EAT @explorer.exe (ldap_parse_vlv_controlA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF391A14)
[Address] EAT @explorer.exe (ldap_parse_vlv_controlW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF391934)
[Address] EAT @explorer.exe (ldap_perror) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF398090)
[Address] EAT @explorer.exe (ldap_rename_ext) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF3935B4)
[Address] EAT @explorer.exe (ldap_rename_extA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF3935B4)
[Address] EAT @explorer.exe (ldap_rename_extW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF3934A4)
[Address] EAT @explorer.exe (ldap_rename_ext_s) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF3939BC)
[Address] EAT @explorer.exe (ldap_rename_ext_sA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF3939BC)
[Address] EAT @explorer.exe (ldap_rename_ext_sW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF393844)
[Address] EAT @explorer.exe (ldap_result) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF36D988)
[Address] EAT @explorer.exe (ldap_result2error) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF368BF0)
[Address] EAT @explorer.exe (ldap_sasl_bindA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF395CB0)
[Address] EAT @explorer.exe (ldap_sasl_bindW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF395EC4)
[Address] EAT @explorer.exe (ldap_sasl_bind_sA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF396004)
[Address] EAT @explorer.exe (ldap_sasl_bind_sW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF396208)
[Address] EAT @explorer.exe (ldap_search) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF36DE04)
[Address] EAT @explorer.exe (ldap_searchA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF36DE04)
[Address] EAT @explorer.exe (ldap_searchW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF394320)
[Address] EAT @explorer.exe (ldap_search_abandon_page) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF390538)
[Address] EAT @explorer.exe (ldap_search_ext) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF3946D4)
[Address] EAT @explorer.exe (ldap_search_extA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF3946D4)
[Address] EAT @explorer.exe (ldap_search_extW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF3945B0)
[Address] EAT @explorer.exe (ldap_search_ext_s) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF3948E0)
[Address] EAT @explorer.exe (ldap_search_ext_sA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF3948E0)
[Address] EAT @explorer.exe (ldap_search_ext_sW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF368A10)
[Address] EAT @explorer.exe (ldap_search_init_page) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38F910)
[Address] EAT @explorer.exe (ldap_search_init_pageA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38F910)
[Address] EAT @explorer.exe (ldap_search_init_pageW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38F7F0)
[Address] EAT @explorer.exe (ldap_search_s) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF39443C)
[Address] EAT @explorer.exe (ldap_search_sA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF39443C)
[Address] EAT @explorer.exe (ldap_search_sW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF36D130)
[Address] EAT @explorer.exe (ldap_search_st) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF394478)
[Address] EAT @explorer.exe (ldap_search_stA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF394478)
[Address] EAT @explorer.exe (ldap_search_stW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF36D16C)
[Address] EAT @explorer.exe (ldap_set_dbg_flags) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF39809C)
[Address] EAT @explorer.exe (ldap_set_dbg_routine) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF398090)
[Address] EAT @explorer.exe (ldap_set_option) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38BD1C)
[Address] EAT @explorer.exe (ldap_set_optionA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38BD1C)
[Address] EAT @explorer.exe (ldap_set_optionW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF36BE90)
[Address] EAT @explorer.exe (ldap_simple_bind) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF387FF4)
[Address] EAT @explorer.exe (ldap_simple_bindA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF387FF4)
[Address] EAT @explorer.exe (ldap_simple_bindW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF387D88)
[Address] EAT @explorer.exe (ldap_simple_bind_s) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF388014)
[Address] EAT @explorer.exe (ldap_simple_bind_sA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF388014)
[Address] EAT @explorer.exe (ldap_simple_bind_sW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF387E54)
[Address] EAT @explorer.exe (ldap_sslinit) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38F1AC)
[Address] EAT @explorer.exe (ldap_sslinitA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38F1AC)
[Address] EAT @explorer.exe (ldap_sslinitW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF36BFA0)
[Address] EAT @explorer.exe (ldap_start_tls_sA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF397A50)
[Address] EAT @explorer.exe (ldap_start_tls_sW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF397A2C)
[Address] EAT @explorer.exe (ldap_startup) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38C034)
[Address] EAT @explorer.exe (ldap_stop_tls_s) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF397690)
[Address] EAT @explorer.exe (ldap_ufn2dn) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38E240)
[Address] EAT @explorer.exe (ldap_ufn2dnA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38E240)
[Address] EAT @explorer.exe (ldap_ufn2dnW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF38DD90)
[Address] EAT @explorer.exe (ldap_unbind) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF368294)
[Address] EAT @explorer.exe (ldap_unbind_s) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF36D96C)
[Address] EAT @explorer.exe (ldap_value_free) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF366620)
[Address] EAT @explorer.exe (ldap_value_freeA) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF366620)
[Address] EAT @explorer.exe (ldap_value_freeW) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF366684)
[Address] EAT @explorer.exe (ldap_value_free_len) : WS2_32.dll -> HOOKED (C:\Windows\system32\WLDAP32.dll @ 0xFF366684)

¤¤¤ Vonkajšie Hives: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Súbor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST500LT012-9WS142 +++++
--- User ---
[MBR] 3e67948c36c95327886256255f8c4e98
[BSP] 15fc16227e8fccae680f59a76c9e4889 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 39900 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 81922048 | Size: 435830 MB
3 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 974502272 | Size: 1108 MB
User = LL1 ... OK!
User = LL2 ... OK!

Dokončené : << RKreport[0]_D_05142014_193914.txt >>
RKreport[0]_S_05142014_193835.txt

michael_corleone
nováček
Příspěvky: 18
Registrován: květen 14
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu..mám podozrenie na vírus

Příspěvekod michael_corleone » 14 kvě 2014 19:54

20:07:28.0953 0x0d94 TDSS rootkit removing tool 3.0.0.34 Apr 29 2014 18:20:10
20:07:37.0486 0x0d94 ============================================================
20:07:37.0486 0x0d94 Current date / time: 2014/05/14 20:07:37.0486
20:07:37.0486 0x0d94 SystemInfo:
20:07:37.0486 0x0d94
20:07:37.0486 0x0d94 OS Version: 6.1.7600 ServicePack: 0.0
20:07:37.0486 0x0d94 Product type: Workstation
20:07:37.0486 0x0d94 ComputerName: BRAŇO-PC
20:07:37.0486 0x0d94 UserName: Braňo
20:07:37.0486 0x0d94 Windows directory: C:\Windows
20:07:37.0486 0x0d94 System windows directory: C:\Windows
20:07:37.0486 0x0d94 Running under WOW64
20:07:37.0486 0x0d94 Processor architecture: Intel x64
20:07:37.0486 0x0d94 Number of processors: 4
20:07:37.0486 0x0d94 Page size: 0x1000
20:07:37.0486 0x0d94 Boot type: Normal boot
20:07:37.0486 0x0d94 ============================================================
20:07:37.0767 0x0d94 KLMD registered as C:\Windows\system32\drivers\88541035.sys
20:07:37.0970 0x0d94 System UUID: {22796F91-F9DD-2870-7701-67D3C1AD359E}
20:07:38.0329 0x0d94 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:07:38.0344 0x0d94 ============================================================
20:07:38.0344 0x0d94 \Device\Harddisk0\DR0:
20:07:38.0344 0x0d94 MBR partitions:
20:07:38.0344 0x0d94 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
20:07:38.0344 0x0d94 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x4DEE000
20:07:38.0344 0x0d94 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x4E20800, BlocksNum 0x3533B000
20:07:38.0344 0x0d94 ============================================================
20:07:38.0360 0x0d94 C: <-> \Device\Harddisk0\DR0\Partition2
20:07:38.0391 0x0d94 D: <-> \Device\Harddisk0\DR0\Partition3
20:07:38.0391 0x0d94 ============================================================
20:07:38.0391 0x0d94 Initialize success
20:07:38.0391 0x0d94 ============================================================
20:07:39.0951 0x08b8 ============================================================
20:07:39.0951 0x08b8 Scan started
20:07:39.0951 0x08b8 Mode: Manual;
20:07:39.0951 0x08b8 ============================================================
20:07:39.0951 0x08b8 KSN ping started
20:07:53.0773 0x08b8 KSN ping finished: true
20:07:54.0178 0x08b8 ================ Scan system memory ========================
20:07:54.0178 0x08b8 System memory - ok
20:07:54.0178 0x08b8 ================ Scan services =============================
20:07:54.0412 0x08b8 [ 1B00662092F9F9568B995902F0CC40D5, D345014CF146FA57B2682C189D5E7F27D4C78F321F2723D912D623E777C2BB70 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
20:07:54.0428 0x08b8 1394ohci - ok
20:07:54.0553 0x08b8 [ ADC420616C501B45D26C0FD3EF1E54E4, 29FC41D40A35AC5476E2A673CE5B12684E0CFA12A1AEBEEBE5883FBA5CA68B67 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
20:07:54.0553 0x08b8 ACDaemon - ok
20:07:54.0600 0x08b8 [ 6F11E88748CDEFD2F76AA215F97DDFE5, BD0B3561EDCDE5EFD89372793CFD09DF879709BF469542F4A049705CBA9FD060 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
20:07:54.0600 0x08b8 ACPI - ok
20:07:54.0631 0x08b8 [ 63B05A0420CE4BF0E4AF6DCC7CADA254, 56BCC219D6B886FD42B7D335B4A7BBA3C9BC148220CBD99F8583FB505DAE63BF ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
20:07:54.0631 0x08b8 AcpiPmi - ok
20:07:54.0678 0x08b8 [ 5E813B11629007309E4FC0F0FD2B7C30, A8FDC3994D236248B7FAEA572E987C8D5903AF5305E06D624909DE786FA811BA ] ACPIVPC C:\Windows\system32\DRIVERS\AcpiVpc.sys
20:07:54.0678 0x08b8 ACPIVPC - ok
20:07:54.0724 0x08b8 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:07:54.0724 0x08b8 AdobeARMservice - ok
20:07:54.0834 0x08b8 [ 09E7C37DF4A911C8A9AA8BF88ACD10AA, E881E0BBDCED58F28E0BA8DC27372EDFFFF2C57EE31CD13A032FDC9F7C831B5A ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:07:54.0834 0x08b8 AdobeFlashPlayerUpdateSvc - ok
20:07:54.0896 0x08b8 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
20:07:54.0912 0x08b8 adp94xx - ok
20:07:54.0943 0x08b8 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
20:07:54.0958 0x08b8 adpahci - ok
20:07:54.0958 0x08b8 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
20:07:54.0974 0x08b8 adpu320 - ok
20:07:55.0130 0x08b8 [ 6C856C581ACE1785CE3FC2414E9859A3, 2A1CA4C76212BA264861F561F01D973945A1565E30FA009F5AB0BC9D13B729E9 ] AdvancedSystemCareService7 D:\Program Files (x86)\Advanced SystemCare 7\ASCService.exe
20:07:55.0146 0x08b8 AdvancedSystemCareService7 - ok
20:07:55.0192 0x08b8 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:07:55.0192 0x08b8 AeLookupSvc - ok
20:07:55.0239 0x08b8 [ 6CCD1135320109D6B219F1A6E04AD9F6, B97D4DF46DF0EFC106BD3E248C70809F3F47DF3FD1CA039A0A3923E1FA05A969 ] Afc C:\Windows\syswow64\drivers\Afc.sys
20:07:55.0255 0x08b8 Afc - ok
20:07:55.0364 0x08b8 [ DB9D6C6B2CD95A9CA414D045B627422E, A4A0B2ACBFE311C20EF9F06A49DBE02CE90433C2364B292F6E8F78F6C274DF88 ] AFD C:\Windows\system32\drivers\afd.sys
20:07:55.0380 0x08b8 AFD - ok
20:07:55.0426 0x08b8 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
20:07:55.0426 0x08b8 agp440 - ok
20:07:55.0442 0x08b8 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
20:07:55.0442 0x08b8 ALG - ok
20:07:55.0473 0x08b8 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
20:07:55.0473 0x08b8 aliide - ok
20:07:55.0489 0x08b8 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
20:07:55.0489 0x08b8 amdide - ok
20:07:55.0504 0x08b8 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
20:07:55.0504 0x08b8 AmdK8 - ok
20:07:55.0536 0x08b8 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
20:07:55.0536 0x08b8 AmdPPM - ok
20:07:55.0567 0x08b8 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9, 786B30C86FA7FEC6BA2569FF818044AA0F7C134693304ED0FF7BD0541F9A755F ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:07:55.0582 0x08b8 amdsata - ok
20:07:55.0598 0x08b8 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
20:07:55.0614 0x08b8 amdsbs - ok
20:07:55.0614 0x08b8 [ DB27766102C7BF7E95140A2AA81D042E, 489F812B596EA06E53D891CD05047AA17CDF752854BBD553BA65D10799AF78DF ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:07:55.0629 0x08b8 amdxata - ok
20:07:55.0676 0x08b8 [ 449D90F1FB6402773C2F1ECCEAE15F74, D432D3F9D9AD14C70324B13C0A82A5BADC0EA4927B2E49B8BC31A5DEE6440374 ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
20:07:55.0676 0x08b8 AMPPAL - ok
20:07:55.0692 0x08b8 [ 449D90F1FB6402773C2F1ECCEAE15F74, D432D3F9D9AD14C70324B13C0A82A5BADC0EA4927B2E49B8BC31A5DEE6440374 ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
20:07:55.0692 0x08b8 AMPPALP - ok
20:07:55.0816 0x08b8 [ AB6E5B9333101E414D8F04BC570064F1, 4BB20C0ECE2C655B8E3A40E8C69A7B6974B73D3585AEDF47A0C52582D17BDAF6 ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
20:07:55.0848 0x08b8 AMPPALR3 - ok
20:07:55.0879 0x08b8 [ 42FD751B27FA0E9C69BB39F39E409594, DE349CAA570957868CA1CB0BE0FAF551CD4D44FD53EBC4391B9C1C7B9CF295D2 ] AppID C:\Windows\system32\drivers\appid.sys
20:07:55.0879 0x08b8 AppID - ok
20:07:55.0910 0x08b8 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:07:55.0910 0x08b8 AppIDSvc - ok
20:07:55.0941 0x08b8 [ D065BE66822847B7F127D1F90158376E, 20F911F390FF23C2C42361A449C4344DB59F1DC21EDD1E7EBC4E80914DEF7824 ] Appinfo C:\Windows\System32\appinfo.dll
20:07:55.0941 0x08b8 Appinfo - ok
20:07:56.0004 0x08b8 [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:07:56.0019 0x08b8 Apple Mobile Device - ok
20:07:56.0066 0x08b8 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
20:07:56.0082 0x08b8 AppMgmt - ok
20:07:56.0113 0x08b8 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
20:07:56.0128 0x08b8 arc - ok
20:07:56.0144 0x08b8 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
20:07:56.0160 0x08b8 arcsas - ok
20:07:56.0284 0x08b8 [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:07:56.0284 0x08b8 aspnet_state - ok
20:07:56.0331 0x08b8 [ 6A2A1E4F6CFE33653E7F34A13D707F22, B19BF989CA7EF78D0CFD30D2C20FDA23F1135105E35CD85F050E12118BEC02DA ] ASUSVRC64 C:\Windows\system32\DRIVERS\AsusVRC64.sys
20:07:56.0331 0x08b8 ASUSVRC64 - ok
20:07:56.0362 0x08b8 [ 0ACC3F49015E628590CA4372322EB46B, EB4E22EB4E840261168AF750E878E7A28CC080A89CEF77B5037C2897C40D1DE3 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
20:07:56.0362 0x08b8 aswMonFlt - ok
20:07:56.0394 0x08b8 [ 679712B7A353EE665B9301592164A172, CA3C918106A355BAFD0833BB493DF2CCBC2D0F90CA7EBF5E27CC088C7170B0E0 ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys
20:07:56.0394 0x08b8 aswRdr - ok
20:07:56.0409 0x08b8 [ C04F7B373881009D7994D9BF55D24AB4, 5DEEA804F4F9862024F40A204E88DBCFFBDD2DC87CA86145E3FB649CFCCDC624 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
20:07:56.0425 0x08b8 aswRvrt - ok
20:07:56.0487 0x08b8 [ 43599E630DFC30AD4E6A2B4B269EB1C0, DA6C7FDC1F6A57117B17F697A94190CC0BB9E32B8CBB4F8C042AA461361CC74C ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
20:07:56.0503 0x08b8 aswSnx - ok
20:07:56.0565 0x08b8 [ F22DE5F5BA8ADA0A861441B624B51EB5, 58EF9FB3328B6B470F3652DBCE8ACEDAEE6839AC393889A02052298CA204689B ] aswSP C:\Windows\system32\drivers\aswSP.sys
20:07:56.0565 0x08b8 aswSP - ok
20:07:56.0596 0x08b8 [ FD3EA14ADF6216BDF4030DB2EFD43D96, 2D3009008AAE93285301B5844DC214D6B05ECB05D37AE08895D8E7187A0BB619 ] aswStm C:\Windows\system32\drivers\aswStm.sys
20:07:56.0596 0x08b8 aswStm - ok
20:07:56.0612 0x08b8 [ 42886789F6A5A3DE69686BDE84806A38, 96D5FBC5BFDBDEB497EC26C2224CF37032F0D20852E4E1FE382E9F80F6E1618A ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
20:07:56.0612 0x08b8 aswTdi - ok
20:07:56.0628 0x08b8 [ 90399625F341AB76BA4B85A5E860EB1F, 92DD461B14240222F451F971642844A4DAD9DF4FFEAA8F12D16EA117822BEEF3 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
20:07:56.0628 0x08b8 aswVmm - ok
20:07:56.0643 0x08b8 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:07:56.0643 0x08b8 AsyncMac - ok
20:07:56.0674 0x08b8 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\DRIVERS\atapi.sys
20:07:56.0674 0x08b8 atapi - ok
20:07:56.0706 0x08b8 [ 78B183A794A08978EA0A8D017054352B, 5C9BEF59619F235BB1F81A9BD88A39D7C7D594443F198B68B5373F20001937C3 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
20:07:56.0706 0x08b8 AthBTPort - ok
20:07:56.0768 0x08b8 [ 42EF52D591A53CBE43D82C6C96F50A59, DABABDD7AA6C8D31FA5432EBEC41D4BC79D51A4EB93F7B2CB5D130915B367B3F ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
20:07:56.0784 0x08b8 AtherosSvc - ok
20:07:56.0924 0x08b8 [ FA196131665C0517EF5516EE64C2CB4D, 864FC74041A954B42D02AE405B145C0824EE80A12EACC739F75AFE60B0BFF8BD ] athr C:\Windows\system32\DRIVERS\athrx.sys
20:07:57.0018 0x08b8 athr - ok
20:07:57.0064 0x08b8 [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:07:57.0064 0x08b8 AudioEndpointBuilder - ok
20:07:57.0080 0x08b8 [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:07:57.0096 0x08b8 AudioSrv - ok
20:07:57.0158 0x08b8 [ CC42F104172B4A62793083D380867317, 0B09823419B328E29EB9FFBD033B3295590E414F31E7B37F11F62BD4B7EBAF06 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
20:07:57.0158 0x08b8 avast! Antivirus - ok
20:07:57.0174 0x08b8 [ B20B5FA5CA050E9926E4D1DB81501B32, 91B9038349BA07E32DE809E6798167EE44087809EB1174B84EC16580040F1BE0 ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:07:57.0189 0x08b8 AxInstSV - ok
20:07:57.0236 0x08b8 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
20:07:57.0252 0x08b8 b06bdrv - ok
20:07:57.0298 0x08b8 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:07:57.0298 0x08b8 b57nd60a - ok
20:07:57.0298 0x08b8 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
20:07:57.0314 0x08b8 BDESVC - ok
20:07:57.0314 0x08b8 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
20:07:57.0330 0x08b8 Beep - ok
20:07:57.0376 0x08b8 [ 4992C609A6315671463E30F6512BC022, 3020034556EAC25CD90F41D3BFFDD0BB2C3D1C5BAC4359F4B71B84A9FC404495 ] BFE C:\Windows\System32\bfe.dll
20:07:57.0376 0x08b8 BFE - ok
20:07:57.0439 0x08b8 [ 7F0C323FE3DA28AA4AA1BDA3F575707F, 7FF09CBC16A9E5F357A76FF79A3F0DD047957D474031F51A6BB4916C7911F005 ] BITS C:\Windows\System32\qmgr.dll
20:07:57.0454 0x08b8 BITS - ok
20:07:57.0486 0x08b8 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:07:57.0501 0x08b8 blbdrive - ok
20:07:57.0532 0x08b8 [ 19D20159708E152267E53B66677A4995, 6401FA5C3EFF26BED075FEC68F868CD8D0598FDB45EA9381810615F7252F7A9A ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:07:57.0532 0x08b8 bowser - ok
20:07:57.0564 0x08b8 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:07:57.0564 0x08b8 BrFiltLo - ok
20:07:57.0579 0x08b8 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:07:57.0579 0x08b8 BrFiltUp - ok
20:07:57.0610 0x08b8 [ 6B054C67AAA87843504E8E3C09102009, 284AA58625FBDBFECB851A35407331B40BAEC141F2DCEDB9F15733BAB22F5C81 ] Browser C:\Windows\System32\browser.dll
20:07:57.0626 0x08b8 Browser - ok
20:07:57.0642 0x08b8 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:07:57.0657 0x08b8 Brserid - ok
20:07:57.0657 0x08b8 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:07:57.0657 0x08b8 BrSerWdm - ok
20:07:57.0673 0x08b8 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:07:57.0673 0x08b8 BrUsbMdm - ok
20:07:57.0673 0x08b8 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:07:57.0673 0x08b8 BrUsbSer - ok
20:07:57.0751 0x08b8 [ EDEBD26DF631A78483707C3F7429027F, C0D78A3C7CF93A58B68978D919B496DEEAEA307534845393ACEB8BAEAC07398A ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
20:07:57.0766 0x08b8 BTATH_A2DP - ok
20:07:57.0782 0x08b8 [ 2F22177BFEA75326DC0C535D71985A4E, B376062624EFE2DA677412FEA699178ED77CB0F395F5A97929A30A0CE84699C0 ] btath_avdt C:\Windows\system32\drivers\btath_avdt.sys
20:07:57.0782 0x08b8 btath_avdt - ok
20:07:57.0829 0x08b8 [ D438A33D568C76C24E8D7394981F42DC, E5884C20E55B8EDC8E19C55DDFBE4A8FDFBE2327ACE94BFC2BFD3BCEE6EBC2AD ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
20:07:57.0829 0x08b8 BTATH_BUS - ok
20:07:57.0844 0x08b8 [ 6EFA8C93009E0BE0886C2422C7D20BC5, 55717C459893B533C9F21FAA997004001646F43629F4DA9D8464408E20575F02 ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
20:07:57.0860 0x08b8 BTATH_HCRP - ok
20:07:57.0876 0x08b8 [ 168506D0F0C8DF588F8A7E25C58A2DE6, EF744D95797F66D8D7F79B3256AEB3255D161A61BCA9D39CDB3F3699079AC61B ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
20:07:57.0876 0x08b8 BTATH_LWFLT - ok
20:07:57.0907 0x08b8 [ 7C8FB1D73BD279DD914CCA6ED0F4F62B, 936492E05E760A65DF507651E18A7BB331FDEE9FBEF7ABC556389308F53726F0 ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
20:07:57.0922 0x08b8 BTATH_RCP - ok
20:07:57.0954 0x08b8 [ 58D67C18894F96E89C076150BB76AD40, 8F7281092B8487F53683A14AADD4340BE825F6ADD1C4A63F269EF92538FC41FE ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
20:07:57.0954 0x08b8 BtFilter - ok
20:07:58.0000 0x08b8 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
20:07:58.0000 0x08b8 BthEnum - ok
20:07:58.0016 0x08b8 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
20:07:58.0032 0x08b8 BTHMODEM - ok
20:07:58.0047 0x08b8 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
20:07:58.0047 0x08b8 BthPan - ok
20:07:58.0078 0x08b8 [ D59773C7FDD3D795D6FE402EEEA8D71E, 9A26A1A3254D7BCDFADFFC9FD5D1A53A3DF12AC874FB2525AD33B87E42EFC5B1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
20:07:58.0094 0x08b8 BTHPORT - ok
20:07:58.0141 0x08b8 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
20:07:58.0141 0x08b8 bthserv - ok
20:07:58.0156 0x08b8 [ 588762F716C2B7A2054AFBC3D58E5C21, CD44B0200B2E0A81073563BE84ECF9C092F4B5E9DC166A8F0690D6272913CCB7 ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
20:07:58.0156 0x08b8 BTHSSecurityMgr - ok
20:07:58.0172 0x08b8 [ 8504842634DD144C075B6B0C982CCEC4, BFBB8D67F146FBD4813BB8B29A3865C222966DA2B043732A5BCD759A40F4E5CE ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
20:07:58.0172 0x08b8 BTHUSB - ok
20:07:58.0203 0x08b8 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:07:58.0219 0x08b8 cdfs - ok
20:07:58.0250 0x08b8 [ 83D2D75E1EFB81B3450C18131443F7DB, F2C686C980D818E797818E75B808E1E0B51B2045840A4BFC32D860B7DB4DFA22 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:07:58.0250 0x08b8 cdrom - ok
20:07:58.0281 0x08b8 [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] CertPropSvc C:\Windows\System32\certprop.dll
20:07:58.0297 0x08b8 CertPropSvc - ok
20:07:58.0312 0x08b8 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
20:07:58.0312 0x08b8 circlass - ok
20:07:58.0344 0x08b8 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
20:07:58.0359 0x08b8 CLFS - ok
20:07:58.0390 0x08b8 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:07:58.0390 0x08b8 clr_optimization_v2.0.50727_32 - ok
20:07:58.0422 0x08b8 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:07:58.0437 0x08b8 clr_optimization_v2.0.50727_64 - ok
20:07:58.0515 0x08b8 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:07:58.0531 0x08b8 clr_optimization_v4.0.30319_32 - ok
20:07:58.0531 0x08b8 [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:07:58.0546 0x08b8 clr_optimization_v4.0.30319_64 - ok
20:07:58.0593 0x08b8 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:07:58.0593 0x08b8 CmBatt - ok
20:07:58.0593 0x08b8 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
20:07:58.0609 0x08b8 cmdide - ok
20:07:58.0656 0x08b8 [ CA7720B73446FDDEC5C69519C1174C98, F24796765587CC1D653A04783B1659564F42E600DA3AFA3DED724592B291D033 ] CNG C:\Windows\system32\Drivers\cng.sys
20:07:58.0671 0x08b8 CNG - ok
20:07:58.0780 0x08b8 [ 9F6DE1995A188615CEEE908E750A34ED, 66ADA2F7C21661FA059BB1B931B4191BC180EAF55C50CEDB24D9F34CEE1E78E3 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
20:07:58.0796 0x08b8 CnxtHdAudService - ok
20:07:58.0812 0x08b8 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:07:58.0812 0x08b8 Compbatt - ok
20:07:58.0843 0x08b8 [ F26B3A86F6FA87CA360B879581AB4123, 723904362614FE47F6CC0EA0656BA1B47EA32D73BAFB61688A5E5CAE4340B1BF ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
20:07:58.0843 0x08b8 CompositeBus - ok
20:07:58.0843 0x08b8 COMSysApp - ok
20:07:58.0921 0x08b8 [ C30FBFDB0A1B298C3D9A5EE1BBDFCB14, 3940882DF4D68B81B34B431F358E9F5247E72BE00322BF445C9A6E9E26AE9544 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
20:07:58.0936 0x08b8 cphs - ok
20:07:59.0030 0x08b8 [ D0C2CAA17C7B6D2200E1B5AA9D07135E, 5B3705B47DC15F2B61CA3821B883B9CD114D83FCC3344D11EB1D3DF495D75ABE ] cpuz135 C:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys
20:07:59.0046 0x08b8 cpuz135 - ok
20:07:59.0092 0x08b8 cpuz136 - ok
20:07:59.0124 0x08b8 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
20:07:59.0124 0x08b8 crcdisk - ok
20:07:59.0170 0x08b8 [ BAF19B633933A9FB4883D27D66C39E9A, 2D8ABB5161736CCCADA67B3E6A8D70B0B5E1E3FE6084561891F394DA191B3439 ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:07:59.0170 0x08b8 CryptSvc - ok
20:07:59.0217 0x08b8 [ 4A6173C2279B498CD8F57CAE504564CB, FF3CD404FD91EDE38C21780362CE892BFBBC2526B146BEBD139C7413EB29A216 ] CSC C:\Windows\system32\drivers\csc.sys
20:07:59.0233 0x08b8 CSC - ok
20:07:59.0264 0x08b8 [ 873FBF927C06E5CEE04DEC617502F8FD, 8B452ED5D003337E66634EEC3D5C9FBA4D05FF5AE776239F3B769FAA505E729C ] CscService C:\Windows\System32\cscsvc.dll
20:07:59.0280 0x08b8 CscService - ok
20:07:59.0326 0x08b8 [ F160B26B26BA4AFE8CECC12ED5AC231E, 8DA8921A40B67ACFC7E47A54870181CDA1866901A3E8B3A2393D7C006C6B3A42 ] CxAudMsg C:\Windows\system32\CxAudMsg64.exe
20:07:59.0326 0x08b8 CxAudMsg - ok
20:07:59.0389 0x08b8 [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:07:59.0404 0x08b8 DcomLaunch - ok
20:07:59.0436 0x08b8 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
20:07:59.0436 0x08b8 defragsvc - ok
20:07:59.0482 0x08b8 [ 9C253CE7311CA60FC11C774692A13208, 23507138576DB75AA8B7415140F7B5D8A90CB2661796223870461C721A36AEBF ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:07:59.0482 0x08b8 DfsC - ok
20:07:59.0514 0x08b8 [ CE3B9562D997F69B330D181A8875960F, 6FEE6622859198C5C13545867EF7CFE8EDC991360E976F792313DAA9C82CC5C8 ] Dhcp C:\Windows\system32\dhcpcore.dll
20:07:59.0514 0x08b8 Dhcp - ok
20:07:59.0545 0x08b8 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
20:07:59.0545 0x08b8 discache - ok
20:07:59.0560 0x08b8 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
20:07:59.0560 0x08b8 Disk - ok
20:07:59.0607 0x08b8 [ 85CF424C74A1D5EC33533E1DBFF9920A, 882D5FA0D5EC053D76A0C46A6047A621D607651693CF94E5506219EECCC8D079 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:07:59.0607 0x08b8 Dnscache - ok
20:07:59.0638 0x08b8 [ 14452ACDB09B70964C8C21BF80A13ACB, DA0AAAC04626EFF4256D7095FF1DDA1F1B17676E26990C418BDF5090476F2AB4 ] dot3svc C:\Windows\System32\dot3svc.dll
20:07:59.0638 0x08b8 dot3svc - ok
20:07:59.0654 0x08b8 [ 8C2BA6BEA949EE6E68385F5692BAFB94, 1047F473DCE0FB56BEA5C1B7929752C1FBAB5983C8202ABB4EEA48FCD60A353A ] DPS C:\Windows\system32\dps.dll
20:07:59.0654 0x08b8 DPS - ok
20:07:59.0685 0x08b8 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:07:59.0701 0x08b8 drmkaud - ok
20:07:59.0748 0x08b8 [ 6A0E850DDCB136AA3D2FB7234382DF12, C01863E95F45E1B74AC65C9CD12C8DC769299218255B3C94E3EBF58C4D79FEF3 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
20:07:59.0763 0x08b8 dtsoftbus01 - ok
20:07:59.0810 0x08b8 [ 1633B9ABF52784A1331476397A48CBEF, 697780697C4C55FCCF5FB65C93FB37B3F5A43BF0C59FDBB9EF822D0E993E47BD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:07:59.0826 0x08b8 DXGKrnl - ok
20:07:59.0872 0x08b8 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
20:07:59.0872 0x08b8 EapHost - ok
20:07:59.0982 0x08b8 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
20:08:00.0060 0x08b8 ebdrv - ok
20:08:00.0106 0x08b8 [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] EFS C:\Windows\System32\lsass.exe
20:08:00.0106 0x08b8 EFS - ok
20:08:00.0184 0x08b8 [ 47C071994C3F649F23D9CD075AC9304A, B7AA2DD6AD14F18A19620F5FB79D50C630D3750E72DD67BF8D105CC4F5CE1D46 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:08:00.0216 0x08b8 ehRecvr - ok
20:08:00.0247 0x08b8 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
20:08:00.0247 0x08b8 ehSched - ok
20:08:00.0294 0x08b8 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
20:08:00.0309 0x08b8 elxstor - ok
20:08:00.0325 0x08b8 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
20:08:00.0325 0x08b8 ErrDev - ok
20:08:00.0387 0x08b8 [ 14D498FB39BB60D1A36160F22BB4CA8E, 488EB9D0574EB091D3B04D0C7C94CD531CDF3AE08EE39A11582A0B6380FBD887 ] ETD C:\Windows\system32\DRIVERS\ETD.sys
20:08:00.0387 0x08b8 ETD - ok
20:08:00.0450 0x08b8 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
20:08:00.0465 0x08b8 EventSystem - ok
20:08:00.0590 0x08b8 [ 64D25284A4E9D11CA0722AF3F30FD970, C7C40CA8AC444F7B0F88086396C17316348480EBA09109222897B5A42AD655DF ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
20:08:00.0606 0x08b8 EvtEng - ok
20:08:00.0637 0x08b8 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
20:08:00.0652 0x08b8 exfat - ok
20:08:00.0668 0x08b8 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:08:00.0668 0x08b8 fastfat - ok
20:08:00.0715 0x08b8 [ D607B2F1BEE3992AA6C2C92C0A2F0855, E22301C8F01DBF0A38A85165959BB070647C996CB1BCD50FDFE3DDDCA427DF2A ] Fax C:\Windows\system32\fxssvc.exe
20:08:00.0730 0x08b8 Fax - ok
20:08:00.0730 0x08b8 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:08:00.0730 0x08b8 fdc - ok
20:08:00.0777 0x08b8 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
20:08:00.0777 0x08b8 fdPHost - ok
20:08:00.0793 0x08b8 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
20:08:00.0808 0x08b8 FDResPub - ok
20:08:00.0824 0x08b8 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:08:00.0824 0x08b8 FileInfo - ok
20:08:00.0840 0x08b8 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:08:00.0840 0x08b8 Filetrace - ok
20:08:00.0933 0x08b8 [ 227846995AFEEFA70D328BF5334A86A5, B8EF22DE552B44E7DC352742C775BB6B4992B653AF4B66B231A60182CE7A7201 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
20:08:00.0949 0x08b8 FLEXnet Licensing Service - ok
20:08:00.0964 0x08b8 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:08:00.0964 0x08b8 flpydisk - ok
20:08:00.0980 0x08b8 [ F7866AF72ABBAF84B1FA5AA195378C59, 9D522044FE9C18FB3EC327E675737C01F2A8231DDE900421D3A431596946A7F8 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:08:00.0996 0x08b8 FltMgr - ok
20:08:01.0058 0x08b8 [ CB5E4B9C319E3C6BB363EB7E58A4A051, C9DCF2C2A6AFE0A0F3E23A265843D0C423C08B2E54702C5B389CF293D9A6BAC5 ] FontCache C:\Windows\system32\FntCache.dll
20:08:01.0074 0x08b8 FontCache - ok
20:08:01.0120 0x08b8 [ 8D89E3131C27FDD6932189CB785E1B7A, AC7DA4C5E6D2E41D1A1DE146E46F034FAF0FB11AD801F070F2D5CD08166E9EB7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:08:01.0120 0x08b8 FontCache3.0.0.0 - ok
20:08:01.0136 0x08b8 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:08:01.0136 0x08b8 FsDepends - ok
20:08:01.0183 0x08b8 [ D3E3F93D67821A2DB2B3D9FAC2DC2064, 727FAA7E15A20ED3A37668D294ABDE6EAF1C87C34EE283C99EE3303E85001404 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:08:01.0183 0x08b8 Fs_Rec - ok
20:08:01.0245 0x08b8 [ 1F44F8559E61A8306ECC67BB1E168B7C, 5B7CDD4EDF128B48817145357BB36E2107F0D081C26004B44BFF7C63AD29D99B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:08:01.0261 0x08b8 fvevol - ok
20:08:01.0292 0x08b8 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
20:08:01.0292 0x08b8 gagp30kx - ok
20:08:01.0308 0x08b8 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:08:01.0308 0x08b8 GEARAspiWDM - ok
20:08:01.0370 0x08b8 [ FE5AB4525BC2EC68B9119A6E5D40128B, 088DE37982CEE78A0C1181389A3BFF1E352DF504074B3E8F3EA244DB271BF216 ] gpsvc C:\Windows\System32\gpsvc.dll
20:08:01.0401 0x08b8 gpsvc - ok
20:08:01.0479 0x08b8 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:08:01.0479 0x08b8 gupdate - ok
20:08:01.0510 0x08b8 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:08:01.0526 0x08b8 gupdatem - ok
20:08:01.0526 0x08b8 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:08:01.0526 0x08b8 hcw85cir - ok
20:08:01.0573 0x08b8 [ 6410F6F415B2A5A9037224C41DA8BF12, 5B8452BC49FDA2215281D27B22FA9BE46B0460F51C4DC70E58B687CFB541F3A5 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:08:01.0588 0x08b8 HdAudAddService - ok
20:08:01.0635 0x08b8 [ 0A49913402747A0B67DE940FB42CBDBB, 61A45DBDCEB4A2D5C3C28F6BC8C5ADC51D0240A7553DF44BCC4355FC06F72B83 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
20:08:01.0651 0x08b8 HDAudBus - ok
20:08:01.0651 0x08b8 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
20:08:01.0651 0x08b8 HidBatt - ok
20:08:01.0666 0x08b8 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
20:08:01.0666 0x08b8 HidBth - ok
20:08:01.0682 0x08b8 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
20:08:01.0682 0x08b8 HidIr - ok
20:08:01.0713 0x08b8 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
20:08:01.0713 0x08b8 hidserv - ok
20:08:01.0744 0x08b8 [ B3BF6B5B50006DEF50B66306D99FCF6F, D39A1DEBE7C464922919826D15199ED25E263BF58633593DD412D78F98921417 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:08:01.0744 0x08b8 HidUsb - ok
20:08:01.0760 0x08b8 [ EFA58EDE58DD74388FFD04CB32681518, 76D81F9BC1A4D85A779B79DEC23B79F1568AA236CD49247414093CDC1FCC150F ] hkmsvc C:\Windows\system32\kmsvc.dll
20:08:01.0776 0x08b8 hkmsvc - ok
20:08:01.0807 0x08b8 [ 046B2673767CA626E2CFB7FDF735E9E8, 9C932DCC5DE9B1919AB38C01D76AD7BBAF491DE6D158662407974748BC0B4C6C ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:08:01.0807 0x08b8 HomeGroupListener - ok
20:08:01.0838 0x08b8 [ 06A7422224D9865A5613710A089987DF, EF604B4B6918D3FDC8E90ED9004E6E7340E0F399C214C65CCE3A7C8C576FA1C0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:08:01.0838 0x08b8 HomeGroupProvider - ok
20:08:01.0869 0x08b8 [ 0886D440058F203EBA0E1825E4355914, BC49C4CEFE324A08C864A4BF4FEA9A70151FAB7CC30BDC28344F3FFD2F500070 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
20:08:01.0869 0x08b8 HpSAMD - ok
20:08:01.0900 0x08b8 [ CEE049CAC4EFA7F4E1E4AD014414A5D4, 433AE2D845850F1D7A48275BBD87B3F0E7DD48F2282C727C4B777ECD92CC331D ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:08:01.0900 0x08b8 HTTP - ok
20:08:01.0916 0x08b8 [ F17766A19145F111856378DF337A5D79, FC1633FB865A5324EBCBE5F97D297B899FABBDD965D862C2EFC743CD36F47E62 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:08:01.0916 0x08b8 hwpolicy - ok
20:08:01.0932 0x08b8 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
20:08:01.0947 0x08b8 i8042prt - ok
20:08:01.0978 0x08b8 [ C224331A54571C8C9162F7714400BBBD, C2CA4881ACD46071E67435BE5E3DB133D0743B026FD20D6D6E26B2FE7A03FCAA ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
20:08:01.0994 0x08b8 iaStor - ok
20:08:02.0072 0x08b8 [ 7D4B9A48430ED57ACA6373B71D5904CA, 6ED72DAA7A4951142F036364E8F237E74246EF3E9EA089448DEF15380DAB0DB3 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
20:08:02.0072 0x08b8 IAStorDataMgrSvc - ok
20:08:02.0119 0x08b8 [ B75E45C564E944A2657167D197AB29DA, 622EA73F4D9CAE17628C18148FB241817A0AE6D80A74B099204ED27C1A750B24 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:08:02.0134 0x08b8 iaStorV - ok
20:08:02.0212 0x08b8 [ 2F2BE70D3E02B6FA877921AB9516D43C, E04255EE4BD95FC1539EB1EB9F702B039F65993D31A4531DA487274543EF5226 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:08:02.0228 0x08b8 idsvc - ok
20:08:02.0602 0x08b8 [ 937CB7CC3E71A93771B72C8C52B9EA81, C9D1093A87452454E957C738ED176A41BD34A19412F50D319D1AD15D6749D06F ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
20:08:02.0946 0x08b8 igfx - ok
20:08:02.0992 0x08b8 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
20:08:02.0992 0x08b8 iirsp - ok
20:08:03.0039 0x08b8 [ C5B4683680DF085B57BC53E5EF34861F, 9C06517DFCB3ED7BB1166F7EB6CCC8713E6B68283C75420C0EDC182094AA1B8F ] IKEEXT C:\Windows\System32\ikeext.dll
20:08:03.0055 0x08b8 IKEEXT - ok
20:08:03.0102 0x08b8 [ 6C9FFFECA9FED31347D211C5D1FFBD2D, 36CF8B847FAED0D978B3169ED550CC958025902CAC1D7D304E2684B2483E72B8 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
20:08:03.0102 0x08b8 IntcDAud - ok
20:08:03.0180 0x08b8 [ 832CE330DD987227B7DEA8C03F22AEFA, 3DE64D9519D9D865D4C1AA7483D846F0154392B6685BDC451DEC7DA5EA0E2B2E ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
20:08:03.0195 0x08b8 Intel(R) Capability Licensing Service Interface - ok
20:08:03.0211 0x08b8 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
20:08:03.0211 0x08b8 intelide - ok
20:08:03.0242 0x08b8 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:08:03.0242 0x08b8 intelppm - ok
20:08:03.0273 0x08b8 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:08:03.0289 0x08b8 IPBusEnum - ok
20:08:03.0304 0x08b8 [ 722DD294DF62483CECAAE6E094B4D695, 41ABB42EF969EA8A84B546908EBBDC2411D964DE101CE6DD3D7ECF109085E0C0 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:08:03.0304 0x08b8 IpFilterDriver - ok
20:08:03.0336 0x08b8 [ F8E058D17363EC580E4B7232778B6CB5, 02352919F349C57930A0B032FBDC45327FB473D310DE7AC721F4694FDE7D21FB ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:08:03.0336 0x08b8 iphlpsvc - ok
20:08:03.0351 0x08b8 [ E2B4A4494DB7CB9B89B55CA268C337C5, C59BC4AA03D10647641EC7533F78BC7E2EA6FC48B8B2CF1A49B5148EF40A90FB ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
20:08:03.0351 0x08b8 IPMIDRV - ok
20:08:03.0367 0x08b8 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:08:03.0367 0x08b8 IPNAT - ok
20:08:03.0460 0x08b8 [ B6E8B931EFEF4112C6A401931627DC6B, 89A0745360928F7DD0A522FF5FBFEED4FC831F37D6CF88D5E66FA91FD6F0A1DF ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:08:03.0476 0x08b8 iPod Service - ok
20:08:03.0507 0x08b8 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:08:03.0507 0x08b8 IRENUM - ok
20:08:03.0507 0x08b8 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
20:08:03.0507 0x08b8 isapnp - ok
20:08:03.0523 0x08b8 [ FA4D2557DE56D45B0A346F93564BE6E1, 2827EC3582FF59FFD55BBD4A4F0DDFFEAD4F2537FA043B3A69904FE920B1619C ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
20:08:03.0538 0x08b8 iScsiPrt - ok
20:08:03.0570 0x08b8 [ D596D915CF091DA1F8CE4BD38BB5D509, 9B4D246B6886FFD9BE329F3543B819FC010661B0F70206F16ECBF25A7B12AA6F ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
20:08:03.0570 0x08b8 iusb3hcs - ok
20:08:03.0616 0x08b8 [ 023896E23B61543A15A230EED996D911, 2F8D15B67AB2C1E87EA46F2CB9DBA564865D89DEA93A83B44A9B148883B96731 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
20:08:03.0616 0x08b8 iusb3hub - ok
20:08:03.0663 0x08b8 [ 7FAEC13F1ADD619F4B5B2D2CBF841E8E, E7ED64DD26FD4EA04C2C32C33BDA16FB985F3C6F1F8451480A0D24375B7F57AC ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
20:08:03.0663 0x08b8 iusb3xhc - ok
20:08:03.0726 0x08b8 [ 09CA717536671E0896E07D239EE6740F, 5E1A4A1490D38DBDF21DD655D2139FC2856F5CAED6A72C4C6E65BF6C01C896CE ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
20:08:03.0726 0x08b8 jhi_service - ok
20:08:03.0757 0x08b8 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:08:03.0757 0x08b8 kbdclass - ok
20:08:03.0788 0x08b8 [ 6DEF98F8541E1B5DCEB2C822A11F7323, F6EE4A7A6A7A1F243D32CA9241CA4816C92EB7BF2AADDD09234968C2CAAE6C0D ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:08:03.0788 0x08b8 kbdhid - ok
20:08:03.0819 0x08b8 [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] KeyIso C:\Windows\system32\lsass.exe
20:08:03.0819 0x08b8 KeyIso - ok
20:08:03.0850 0x08b8 [ 4F4B5FDE429416877DE7143044582EB5, A28FFEA078DBD91F3CC28088810EEEB727107B3F0F48370B44D87DC8F8C55B99 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:08:03.0850 0x08b8 KSecDD - ok
20:08:03.0866 0x08b8 [ 6F40465A44ECDC1731BEFAFEC5BDD03C, 317334D414D0AF73CB4D9CA11EA80C641E786760B8800F2795D0CB38378DBB80 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:08:03.0882 0x08b8 KSecPkg - ok
20:08:03.0897 0x08b8 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:08:03.0897 0x08b8 ksthunk - ok
20:08:03.0928 0x08b8 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
20:08:03.0944 0x08b8 KtmRm - ok
20:08:03.0991 0x08b8 [ FC741259B7C22379EE83257D7CF91151, 37FAA2E03DFE8C04762178EC7C0AD7AB383155772EFF857D7D27225F8DF29C5B ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
20:08:03.0991 0x08b8 L1C - ok
20:08:04.0053 0x08b8 [ 81F1D04D4D0E433099365127375FD501, C2A81B5A482C974E8108806486EC28CB2D81400D42639682FE7B7A9BDF14BA9B ] LanmanServer C:\Windows\system32\srvsvc.dll
20:08:04.0069 0x08b8 LanmanServer - ok
20:08:04.0100 0x08b8 [ 27026EAC8818E8A6C00A1CAD2F11D29A, A12858CCB3B2419D66C667A46B106DA7A7BA97FFFA9634BFAE95DDF193C430D5 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:08:04.0100 0x08b8 LanmanWorkstation - ok
20:08:04.0131 0x08b8 [ BE166935083F9C38EDFDC21B9A7A679B, 89C64DBE58E1B974208AAAA5CC757C599B1439C205C3C48BF16BA054A06DBC94 ] LHDmgr C:\Windows\system32\DRIVERS\LhdX64.sys
20:08:04.0131 0x08b8 LHDmgr - ok
20:08:04.0287 0x08b8 [ 935E2093CEED8198C820B7F60BB63167, 7C8A7A0501BA31624143C576B0D8C6C74AF7869A9734E4AB142715B766F2B59D ] LiveUpdateSvc C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
20:08:04.0318 0x08b8 LiveUpdateSvc - ok
20:08:04.0365 0x08b8 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:08:04.0365 0x08b8 lltdio - ok
20:08:04.0412 0x08b8 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:08:04.0428 0x08b8 lltdsvc - ok
20:08:04.0459 0x08b8 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:08:04.0459 0x08b8 lmhosts - ok
20:08:04.0506 0x08b8 [ A60D56228FF3EE7EC1A56A908924680E, A50D75BB87CF4858681720380E9E1EF7FDFE1411E10D856F3E7BBAF3FB1EDDFC ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:08:04.0521 0x08b8 LMS - ok
20:08:04.0552 0x08b8 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
20:08:04.0552 0x08b8 LSI_FC - ok
20:08:04.0584 0x08b8 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
20:08:04.0584 0x08b8 LSI_SAS - ok
20:08:04.0599 0x08b8 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:08:04.0599 0x08b8 LSI_SAS2 - ok
20:08:04.0615 0x08b8 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:08:04.0615 0x08b8 LSI_SCSI - ok
20:08:04.0630 0x08b8 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
20:08:04.0630 0x08b8 luafv - ok
20:08:04.0677 0x08b8 [ FD5465B876D55534117963FAAA4B9DFC, 63A822A1EEEC42C30CCC9477431E310E3D360489A68BBCD805124681F21C0B6B ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
20:08:04.0677 0x08b8 MBAMProtector - ok
20:08:04.0786 0x08b8 [ 0E08BDD7326E657D59DB40BAD23D8169, 428C6CCCC0BB540DFD35847776140D60C186B9D2D14F0ACCD1A4D42A8877BD98 ] MBAMScheduler D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
20:08:04.0818 0x08b8 MBAMScheduler - ok
20:08:04.0896 0x08b8 [ A8E7F3DB083EB0839DFC1C763CDD2594, BDF416E360A52130B23B029C89E6406A97FB0516C52C7E63B94CAECEEB431A2E ] MBAMService D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
20:08:04.0927 0x08b8 MBAMService - ok
20:08:04.0958 0x08b8 [ F84C8F1000BC11E3B7B23CBD3BAFF111, BB4C4FFE3F6C9E5C16C06F6F666F177B94E1CF878397BCC0BDAF6EB3341AAED8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:08:04.0974 0x08b8 Mcx2Svc - ok
20:08:04.0989 0x08b8 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
20:08:04.0989 0x08b8 megasas - ok
20:08:05.0005 0x08b8 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
20:08:05.0005 0x08b8 MegaSR - ok
20:08:05.0020 0x08b8 [ 6B01B7414A105B9E51652089A03027CF, 9B113DC22F7D0D0B376E577C6D7083F9EDC09BBFE47726393E16D4FDAAAE21FE ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
20:08:05.0036 0x08b8 MEIx64 - ok
20:08:05.0052 0x08b8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
20:08:05.0052 0x08b8 MMCSS - ok
20:08:05.0067 0x08b8 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
20:08:05.0067 0x08b8 Modem - ok
20:08:05.0083 0x08b8 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:08:05.0083 0x08b8 monitor - ok
20:08:05.0114 0x08b8 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:08:05.0114 0x08b8 mouclass - ok
20:08:05.0114 0x08b8 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:08:05.0114 0x08b8 mouhid - ok
20:08:05.0145 0x08b8 [ 791AF66C4D0E7C90A3646066386FB571, BF67643099494AEADDDC85E4D97AFF1017806A1DF554F9BE6C864FFECC9EAF42 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:08:05.0145 0x08b8 mountmgr - ok
20:08:05.0176 0x08b8 [ 338037EFA0E8E8699B2667D57B751574, 59E0D39806D0C4EB57913AA013242837FD39AD378726AEE42D250CBA87C1C3BF ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:08:05.0192 0x08b8 MozillaMaintenance - ok
20:08:05.0192 0x08b8 [ 609D1D87649ECC19796F4D76D4C15CEA, 5369F4C83FBAE9C4CFB9ACD36F07479E3F3FD784D79B82AE8D95B818B9F9CE00 ] mpio C:\Windows\system32\DRIVERS\mpio.sys
20:08:05.0208 0x08b8 mpio - ok
20:08:05.0208 0x08b8 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:08:05.0223 0x08b8 mpsdrv - ok
20:08:05.0254 0x08b8 [ AECAB449567D1846DAD63ECE49E893E3, 7A67A16A3E04574B7CAD097632ABA9B361BBEFDD6B36B7B8E3A1996EC529C2DC ] MpsSvc C:\Windows\system32\mpssvc.dll
20:08:05.0254 0x08b8 MpsSvc - ok
20:08:05.0286 0x08b8 [ 30524261BB51D96D6FCBAC20C810183C, 19598A9CD0EAAE4ACBF1069E721AB2853452F33FCFB3B5113F023A88A90BF42D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:08:05.0286 0x08b8 MRxDAV - ok
20:08:05.0317 0x08b8 [ 040D62A9D8AD28922632137ACDD984F2, D9457BDA88C2E3AA4E716C0657B77A4A3E212328CDABD5C18279B6440E1C1594 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:08:05.0317 0x08b8 mrxsmb - ok
20:08:05.0332 0x08b8 [ F0067552F8F9B33D7C59403AB808A3CB, 698B63528E1943BB4253BF7578DC128AA824C71BD04FF0521277E68B20656C02 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:08:05.0348 0x08b8 mrxsmb10 - ok
20:08:05.0364 0x08b8 [ 3C142D31DE9F2F193218A53FE2632051, 026B3A932A95D5160B64E470FC414F3D388D429317D5EAEA2D476F715C4CAE75 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:08:05.0364 0x08b8 mrxsmb20 - ok
20:08:05.0379 0x08b8 [ 5C37497276E3B3A5488B23A326A754B7, 9982FCDAFB963868EB93A4DEF811A3167488EB5246BAC3F4AE960506FDF63967 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
20:08:05.0379 0x08b8 msahci - ok
20:08:05.0410 0x08b8 [ 8D27B597229AED79430FB9DB3BCBFBD0, 3D58E08B47E8AE419D405BF263929DFA6F2F5F0C2D79FD8D6F2CED6452F6F248 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
20:08:05.0426 0x08b8 msdsm - ok
20:08:05.0442 0x08b8 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
20:08:05.0442 0x08b8 MSDTC - ok
20:08:05.0457 0x08b8 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:08:05.0457 0x08b8 Msfs - ok
20:08:05.0488 0x08b8 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:08:05.0488 0x08b8 mshidkmdf - ok
20:08:05.0504 0x08b8 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
20:08:05.0504 0x08b8 msisadrv - ok
20:08:05.0520 0x08b8 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:08:05.0535 0x08b8 MSiSCSI - ok
20:08:05.0535 0x08b8 msiserver - ok
20:08:05.0551 0x08b8 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:08:05.0566 0x08b8 MSKSSRV - ok
20:08:05.0566 0x08b8 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:08:05.0566 0x08b8 MSPCLOCK - ok
20:08:05.0582 0x08b8 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:08:05.0582 0x08b8 MSPQM - ok
20:08:05.0598 0x08b8 [ 89CB141AA8616D8C6A4610FA26C60964, 76E72F6A0348EDC58A8E6F88C7F024B8B077670400BD5A833811DAFCF9F517CC ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:08:05.0598 0x08b8 MsRPC - ok
20:08:05.0613 0x08b8 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
20:08:05.0613 0x08b8 mssmbios - ok
20:08:05.0629 0x08b8 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:08:05.0629 0x08b8 MSTEE - ok
20:08:05.0660 0x08b8 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
20:08:05.0660 0x08b8 MTConfig - ok
20:08:05.0676 0x08b8 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
20:08:05.0676 0x08b8 Mup - ok
20:08:05.0707 0x08b8 [ E3B58E3011B207C5289D11173B30E298, 68BDF7DE4FD5E38D33DBAD2A2E05E32BABA8BBD85DBC4364AF7CD62C54C6B539 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
20:08:05.0722 0x08b8 MyWiFiDHCPDNS - ok
20:08:05.0769 0x08b8 [ 4987E079A4530FA737A128BE54B63B12, 27E51CC7D4D90DC4397575491DE7EFE15808709F097E2828E46AA73C771A47A4 ] napagent C:\Windows\system32\qagentRT.dll
20:08:05.0800 0x08b8 napagent - ok
20:08:05.0816 0x08b8 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:08:05.0816 0x08b8 NativeWifiP - ok
20:08:05.0878 0x08b8 [ CAD515DBD07D082BB317D9928CE8962C, 7AFA6D6154AC68F9FCC37B7B3324F7A170AE91035805026445F24F6EB4FB7F2E ] NDIS C:\Windows\system32\drivers\ndis.sys
20:08:05.0894 0x08b8 NDIS - ok
20:08:05.0925 0x08b8 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:08:05.0925 0x08b8 NdisCap - ok
20:08:05.0941 0x08b8 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:08:05.0956 0x08b8 NdisTapi - ok
20:08:05.0972 0x08b8 [ F105BA1E22BF1F2EE8F005D4305E4BEC, 723DA09E13D0F50634D9F114590B837D16F7B36AA0DA2AB8F8C2D9991624EA8F ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:08:05.0972 0x08b8 Ndisuio - ok
Naposledy upravil(a) michael_corleone dne 14 kvě 2014 20:19, celkem upraveno 2 x.

Uživatelský avatar
Orcus
člen Security týmu
Elite Level 10.5
Elite Level 10.5
Příspěvky: 10645
Registrován: duben 10
Bydliště: Okolo rostou 3 růže =o)
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu..mám podozrenie na vírus

Příspěvekod Orcus » 14 kvě 2014 20:02

Log z TDSS není celý. :-/ Dodej zbytek.

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je označen pro odstranění, stačí restartovat počítač.

Pokud budou problémy , spusť v nouz. režimu.
Láska hřeje, ale uhlí je uhlí. :fire:



Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.

Pár rad k bezpečnosti PC.

Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix

Pokud budete spokojeni , můžete podpořit naše fórum.

michael_corleone
nováček
Příspěvky: 18
Registrován: květen 14
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu..mám podozrenie na vírus

Příspěvekod michael_corleone » 14 kvě 2014 20:14

20:08:05.0988 0x08b8 [ 557DFAB9CA1FCB036AC77564C010DAD3, 8A21B342AFE5B498FB62EDDC81A3ADA9570677B7A382666090E0ABB1F85FEF29 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:08:05.0988 0x08b8 NdisWan - ok
20:08:06.0003 0x08b8 [ 659B74FB74B86228D6338D643CD3E3CF, 83D741B7A2A204A661A80C226212749F514800060D05E217FA6DC14D62F38F80 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:08:06.0003 0x08b8 NDProxy - ok
20:08:06.0019 0x08b8 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:08:06.0019 0x08b8 NetBIOS - ok
20:08:06.0034 0x08b8 [ 9162B273A44AB9DCE5B44362731D062A, 5A1BA6DBFEBB2618DC9D4CC55FA071C170A5D22FFB24CE62DD5B3210D8B45F39 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:08:06.0034 0x08b8 NetBT - ok
20:08:06.0050 0x08b8 [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] Netlogon C:\Windows\system32\lsass.exe
20:08:06.0050 0x08b8 Netlogon - ok
20:08:06.0066 0x08b8 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
20:08:06.0081 0x08b8 Netman - ok
20:08:06.0159 0x08b8 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:08:06.0175 0x08b8 NetMsmqActivator - ok
20:08:06.0190 0x08b8 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:08:06.0190 0x08b8 NetPipeActivator - ok
20:08:06.0222 0x08b8 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
20:08:06.0237 0x08b8 netprofm - ok
20:08:06.0284 0x08b8 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:08:06.0300 0x08b8 NetTcpActivator - ok
20:08:06.0300 0x08b8 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:08:06.0300 0x08b8 NetTcpPortSharing - ok
20:08:06.0346 0x08b8 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
20:08:06.0362 0x08b8 nfrd960 - ok
20:08:06.0393 0x08b8 [ D9A0CE66046D6EFA0C61BAA885CBA0A8, 06C3331C7F3EE0E0B95E8302CB80315E965587C4D6231785B8ACF3FAE4731FAF ] NlaSvc C:\Windows\System32\nlasvc.dll
20:08:06.0393 0x08b8 NlaSvc - ok
20:08:06.0409 0x08b8 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:08:06.0409 0x08b8 Npfs - ok
20:08:06.0424 0x08b8 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
20:08:06.0424 0x08b8 nsi - ok
20:08:06.0440 0x08b8 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:08:06.0440 0x08b8 nsiproxy - ok
20:08:06.0518 0x08b8 [ 9A6089B056EA1B83B36424FC9D0A300E, EA60282C5A32B497921B568C1FE735F5BDB9D954DDC4E609F7F3CAE5ED823CEC ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:08:06.0549 0x08b8 Ntfs - ok
20:08:06.0565 0x08b8 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
20:08:06.0565 0x08b8 Null - ok
20:08:06.0924 0x08b8 [ 0218E1CE8F7B5D404980192B9112D03A, 30BFBDC8F4BFF9DCAE71940AFD3F3E8CCC71C950F3B4A9717A70FF667F6DDC9E ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:08:07.0095 0x08b8 nvlddmkm - ok
20:08:07.0111 0x08b8 [ 2E334C10BFAB37BDF2A66F6E0D36C061, AD7577E3A348D6A3BE170B507458EF04ABDA898CC5F7CA36D45262437BE20941 ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
20:08:07.0111 0x08b8 nvpciflt - ok
20:08:07.0158 0x08b8 [ A4D9C9A608A97F59307C2F2600EDC6A4, D786F4CA2D10BAC31CE14A338C442F7027D4BB2E955AB99BC44C2F241D383BBE ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:08:07.0173 0x08b8 nvraid - ok
20:08:07.0189 0x08b8 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9, 8D5337742A0F5B04D636C163CE77D4A9B3684CF81170026912A402513B44BA77 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:08:07.0204 0x08b8 nvstor - ok
20:08:07.0251 0x08b8 [ B7973C405247C5A44BA46B12A4B7AEEA, DF25E4CB7093EFF528C47A51C68CD1B0A93AE273D078804B7E09E74163753AA8 ] nvsvc C:\Windows\system32\nvvsvc.exe
20:08:07.0267 0x08b8 nvsvc - ok
20:08:07.0376 0x08b8 [ F313FFEA01C3DFF4E7E763DA29B0FF36, 6D9FA981A27E120DB7AF9B6545B476ACA08B511CB01A202553017F63A4709188 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
20:08:07.0407 0x08b8 nvUpdatusService - ok
20:08:07.0423 0x08b8 nvvad_WaveExtensible - ok
20:08:07.0438 0x08b8 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
20:08:07.0454 0x08b8 nv_agp - ok
20:08:07.0532 0x08b8 [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:08:07.0548 0x08b8 odserv - ok
20:08:07.0579 0x08b8 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
20:08:07.0579 0x08b8 ohci1394 - ok
20:08:07.0610 0x08b8 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:08:07.0610 0x08b8 ose - ok
20:08:07.0641 0x08b8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:08:07.0641 0x08b8 p2pimsvc - ok
20:08:07.0672 0x08b8 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
20:08:07.0672 0x08b8 p2psvc - ok
20:08:07.0688 0x08b8 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:08:07.0688 0x08b8 Parport - ok
20:08:07.0719 0x08b8 [ 90061B1ACFE8CCAA5345750FFE08D8B8, 76309683FFDF380AF9C6E1D9A52E46B011A0BF1026D747181D01F3312B7541C7 ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:08:07.0735 0x08b8 partmgr - ok
20:08:07.0750 0x08b8 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
20:08:07.0766 0x08b8 PcaSvc - ok
20:08:07.0797 0x08b8 [ 3FDE033DFB0D07F8B7D5C9A3044AA121, 2C23B4FA34BA3060884B0168A830DD395A3853855CD6DF4065FBB303DFB4A87E ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
20:08:07.0813 0x08b8 pccsmcfd - ok
20:08:07.0844 0x08b8 [ F36F6504009F2FB0DFD1B17A116AD74B, 33A4C217F7DC5E5B7E1B6CF335327C8FE6CC5D6D048D420252965574CAD83918 ] pci C:\Windows\system32\DRIVERS\pci.sys
20:08:07.0844 0x08b8 pci - ok
20:08:07.0860 0x08b8 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\DRIVERS\pciide.sys
20:08:07.0860 0x08b8 pciide - ok
20:08:07.0875 0x08b8 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
20:08:07.0891 0x08b8 pcmcia - ok
20:08:07.0906 0x08b8 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
20:08:07.0906 0x08b8 pcw - ok
20:08:07.0922 0x08b8 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:08:07.0938 0x08b8 PEAUTH - ok
20:08:08.0016 0x08b8 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
20:08:08.0047 0x08b8 PeerDistSvc - ok
20:08:08.0094 0x08b8 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:08:08.0094 0x08b8 PerfHost - ok
20:08:08.0140 0x08b8 [ 557E9A86F65F0DE18C9B6751DFE9D3F1, 630EE5A80335929517A22D130C75CBCE882B92978372A6F36C30B9D353C7BB07 ] pla C:\Windows\system32\pla.dll
20:08:08.0187 0x08b8 pla - ok
20:08:08.0234 0x08b8 [ 98B1721B8718164293B9701B98C52D77, 27F5F00D4AA394D4D8D0A0062EDC3F944B603E07CAAEDC5CC959BA1E8C208C2A ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:08:08.0265 0x08b8 PlugPlay - ok
20:08:08.0265 0x08b8 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:08:08.0281 0x08b8 PNRPAutoReg - ok
20:08:08.0296 0x08b8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:08:08.0296 0x08b8 PNRPsvc - ok
20:08:08.0328 0x08b8 [ 166EB40D1F5B47E615DE3D0FFFE5F243, E32BCCA0D25CD631C221986EBE9F6C54BF2F12DE1672D69CCC4E22AD07D0525A ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:08:08.0343 0x08b8 PolicyAgent - ok
20:08:08.0374 0x08b8 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
20:08:08.0374 0x08b8 Power - ok
20:08:08.0406 0x08b8 [ 27CC19E81BA5E3403C48302127BDA717, C580FC552DDF9C163FC325B38B05C06FFD696495E4C01514BCD6346CFE4F0B40 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:08:08.0406 0x08b8 PptpMiniport - ok
20:08:08.0421 0x08b8 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
20:08:08.0421 0x08b8 Processor - ok
20:08:08.0468 0x08b8 [ 97293447431311C06703368AD0F6C4BE, 302A3CA8F6961717D95469B20A8A71954D4ECFCDF4638238D3D44AAE5A8D9B8B ] ProfSvc C:\Windows\system32\profsvc.dll
20:08:08.0484 0x08b8 ProfSvc - ok
20:08:08.0484 0x08b8 [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:08:08.0499 0x08b8 ProtectedStorage - ok
20:08:08.0530 0x08b8 [ EE992183BD8EAEFD9973F352E587A299, 6B28930FAA0A54FAADDAF2231553D7F5D45C7227454C6D49A86DFC9EF6BC9043 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:08:08.0530 0x08b8 Psched - ok
20:08:08.0593 0x08b8 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
20:08:08.0624 0x08b8 ql2300 - ok
20:08:08.0640 0x08b8 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
20:08:08.0655 0x08b8 ql40xx - ok
20:08:08.0686 0x08b8 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
20:08:08.0686 0x08b8 QWAVE - ok
20:08:08.0702 0x08b8 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:08:08.0702 0x08b8 QWAVEdrv - ok
20:08:08.0718 0x08b8 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:08:08.0718 0x08b8 RasAcd - ok
20:08:08.0749 0x08b8 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:08:08.0749 0x08b8 RasAgileVpn - ok
20:08:08.0780 0x08b8 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
20:08:08.0780 0x08b8 RasAuto - ok
20:08:08.0796 0x08b8 [ 87A6E852A22991580D6D39ADC4790463, 0F757C6E5B57DFC239CE1BEC88EF16C07E7F1A40D629A9A6DF3CB6B88FB9E642 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:08:08.0796 0x08b8 Rasl2tp - ok
20:08:08.0827 0x08b8 [ 47394ED3D16D053F5906EFE5AB51CC83, FE5D1249788DB6D85C55769251B0AED738D3BBA04DF57124E03397D3C0599286 ] RasMan C:\Windows\System32\rasmans.dll
20:08:08.0842 0x08b8 RasMan - ok
20:08:08.0858 0x08b8 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:08:08.0858 0x08b8 RasPppoe - ok
20:08:08.0874 0x08b8 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:08:08.0874 0x08b8 RasSstp - ok
20:08:08.0889 0x08b8 [ 3BAC8142102C15D59A87757C1D41DCE5, C0C2C6887EA5A439E69221196348382ACE3E1942C9C6E0A970E153890F71724C ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:08:08.0905 0x08b8 rdbss - ok
20:08:08.0920 0x08b8 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
20:08:08.0920 0x08b8 rdpbus - ok
20:08:08.0936 0x08b8 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:08:08.0936 0x08b8 RDPCDD - ok
20:08:08.0967 0x08b8 [ 9706B84DBABFC4B4CA46C5A82B14DFA3, AFDC07C257BCB768861483A1842FFB647523946B16DA2812EFAE4FD3252BA303 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
20:08:08.0967 0x08b8 RDPDR - ok
20:08:08.0967 0x08b8 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:08:08.0983 0x08b8 RDPENCDD - ok
20:08:08.0998 0x08b8 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:08:08.0998 0x08b8 RDPREFMP - ok
20:08:09.0030 0x08b8 [ 447DE7E3DEA39D422C1504F245B668B1, C54D90D2F9405E011E490D3C2F0F64488B87B969C95E367C076BBFCFD8654909 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:08:09.0045 0x08b8 RDPWD - ok
20:08:09.0076 0x08b8 [ 634B9A2181D98F15941236886164EC8B, 15C55F05FD3CD751F619F18E2ADF91552AE82146501CD031402277F496A5B7D8 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:08:09.0076 0x08b8 rdyboost - ok
20:08:09.0154 0x08b8 [ F3AF2B43F35DBB3A0EB9FEEEC7D62217, 5BFB97BFE94F52CE02DFB2B7E8A9AD34AE489B77BA689F63D733EFB65548D734 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
20:08:09.0154 0x08b8 RegSrvc - ok
20:08:09.0186 0x08b8 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:08:09.0186 0x08b8 RemoteAccess - ok
20:08:09.0232 0x08b8 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:08:09.0248 0x08b8 RemoteRegistry - ok
20:08:09.0279 0x08b8 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
20:08:09.0295 0x08b8 RFCOMM - ok
20:08:09.0310 0x08b8 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:08:09.0310 0x08b8 RpcEptMapper - ok
20:08:09.0326 0x08b8 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
20:08:09.0342 0x08b8 RpcLocator - ok
20:08:09.0357 0x08b8 [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] RpcSs C:\Windows\system32\rpcss.dll
20:08:09.0373 0x08b8 RpcSs - ok
20:08:09.0388 0x08b8 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:08:09.0388 0x08b8 rspndr - ok
20:08:09.0435 0x08b8 [ 88AB579F407A3D02918B8DCC4E6E34B3, 2CEEA32598C067A803B0360CD7E9760B0EED62AEE10086CED72D9130F8FDBA37 ] RSUSBVSTOR C:\Windows\system32\Drivers\RtsUVStor.sys
20:08:09.0451 0x08b8 RSUSBVSTOR - ok
20:08:09.0482 0x08b8 [ F916979BAD2565625A565C88D4D04A2F, 8FE08A25C0AF5C048E93C3CFD624C1B1F044E1380CE964FE87E61BE1981F0C93 ] RTL2832UBDA C:\Windows\system32\drivers\RTL2832UBDA.sys
20:08:09.0498 0x08b8 RTL2832UBDA - ok
20:08:09.0529 0x08b8 [ 06560C03CAC954B02CDDA6AEA1BA530C, 3E321DFD03A1D2447FE22273074744992F7692BAE10C3C879AFC10FE8B967528 ] RTL2832UUSB C:\Windows\system32\Drivers\RTL2832UUSB.sys
20:08:09.0529 0x08b8 RTL2832UUSB - ok
20:08:09.0544 0x08b8 [ 88AF6E02AB19DF7FD07ECDF9C91E9AF6, C890DCCC875F957CAAD4655EBFF384E3C5998040CA2BA360E92C96A647D1C399 ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys
20:08:09.0560 0x08b8 s3cap - ok
20:08:09.0576 0x08b8 [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] SamSs C:\Windows\system32\lsass.exe
20:08:09.0576 0x08b8 SamSs - ok
20:08:09.0591 0x08b8 [ E3BBB89983DAF5622C1D50CF49F28227, 49370DC142D577D657BF5755AA9B8625C35D3DDAF1F9466B4888507FB8E6FF07 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
20:08:09.0607 0x08b8 sbp2port - ok
20:08:09.0638 0x08b8 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:08:09.0654 0x08b8 SCardSvr - ok
20:08:09.0669 0x08b8 [ C94DA20C7E3BA1DCA269BC8460D98387, E1A5629728A79233B62BA87B4354BC3A332A853CC36A60E77B34923F4BCA8A61 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:08:09.0669 0x08b8 scfilter - ok
20:08:09.0716 0x08b8 [ 624D0F5FF99428BB90A5B8A4123E918E, 90A43E6F09B56CB86A3E3851F8E5ABB74905AEB70296F4B87BEDBC3027E65E86 ] Schedule C:\Windows\system32\schedsvc.dll
20:08:09.0747 0x08b8 Schedule - ok
20:08:09.0763 0x08b8 [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] SCPolicySvc C:\Windows\System32\certprop.dll
20:08:09.0763 0x08b8 SCPolicySvc - ok
20:08:09.0763 0x08b8 [ 765A27C3279CE11D14CB9E4F5869FCA5, B6C2EFFBA938828FEF7FE992A4C88B3154D053763C38762DCE13252FE9571FA1 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:08:09.0778 0x08b8 SDRSVC - ok
20:08:09.0794 0x08b8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:08:09.0794 0x08b8 secdrv - ok
20:08:09.0810 0x08b8 [ 463B386EBC70F98DA5DFF85F7E654346, 8E27B18B04AF587719D1DAE75A042DB998E06CAE112BD68626EF046036D2DCDC ] seclogon C:\Windows\system32\seclogon.dll
20:08:09.0810 0x08b8 seclogon - ok
20:08:09.0825 0x08b8 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
20:08:09.0825 0x08b8 SENS - ok
20:08:09.0825 0x08b8 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:08:09.0825 0x08b8 SensrSvc - ok
20:08:09.0841 0x08b8 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:08:09.0841 0x08b8 Serenum - ok
20:08:09.0856 0x08b8 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:08:09.0856 0x08b8 Serial - ok
20:08:09.0856 0x08b8 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
20:08:09.0872 0x08b8 sermouse - ok
20:08:09.0934 0x08b8 [ 78F7BB9F4924BE164294C59B8C3FC096, 75051A6A8B0DBB16CD70855A408134270EEAF0C127BAAE5B592DB53BB87C085B ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
20:08:09.0950 0x08b8 ServiceLayer - ok
20:08:09.0966 0x08b8 [ C3BC61CE47FF6F4E88AB8A3B429A36AF, 6CA53AD0CB7215BAE3467EC1FD490E3A18504BD6CD4F0FABF9BD37516AB9DFE0 ] SessionEnv C:\Windows\system32\sessenv.dll
20:08:09.0981 0x08b8 SessionEnv - ok
20:08:10.0012 0x08b8 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:08:10.0012 0x08b8 sffdisk - ok
20:08:10.0028 0x08b8 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:08:10.0028 0x08b8 sffp_mmc - ok
20:08:10.0028 0x08b8 [ 178298F767FE638C9FEDCBDEF58BB5E4, 053D12CFEE5C54EA7D06F9C9CAE93544FE258A4825CDE2A14090BC81A96E1CF7 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:08:10.0044 0x08b8 sffp_sd - ok
20:08:10.0044 0x08b8 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
20:08:10.0044 0x08b8 sfloppy - ok
20:08:10.0090 0x08b8 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:08:10.0090 0x08b8 SharedAccess - ok
20:08:10.0122 0x08b8 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF, 1C1D17301A4D37DBF906955CCABD2A3FDA47AFB24CBA978CF851123762249848 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:08:10.0122 0x08b8 ShellHWDetection - ok
20:08:10.0153 0x08b8 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:08:10.0153 0x08b8 SiSRaid2 - ok
20:08:10.0168 0x08b8 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
20:08:10.0184 0x08b8 SiSRaid4 - ok
20:08:10.0246 0x08b8 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
20:08:10.0262 0x08b8 SkypeUpdate - ok
20:08:10.0278 0x08b8 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:08:10.0293 0x08b8 Smb - ok
20:08:10.0309 0x08b8 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:08:10.0324 0x08b8 SNMPTRAP - ok
20:08:10.0324 0x08b8 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
20:08:10.0340 0x08b8 spldr - ok
20:08:10.0387 0x08b8 [ F8E1FA03CB70D54A9892AC88B91D1E7B, 55EECAAD4C7EC0868BE937F4ADDA026AFDFCC614E94DE4B3248BFF2BE7FF13E8 ] Spooler C:\Windows\System32\spoolsv.exe
20:08:10.0402 0x08b8 Spooler - ok
20:08:10.0527 0x08b8 [ 913D843498553A1BC8F8DBAD6358E49F, F8B931FDABF669D642CBDCD2FF31E07F8A5E2D5F72E11D4A8FF219CCFB5825E9 ] sppsvc C:\Windows\system32\sppsvc.exe
20:08:10.0636 0x08b8 sppsvc - ok
20:08:10.0652 0x08b8 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:08:10.0652 0x08b8 sppuinotify - ok
20:08:10.0699 0x08b8 [ 2408C0366D96BCDF63E8F1C78E4A29C5, 66F646890695B5D80536E88B1566C8765D89CFE25954ED650F6D773EFF045016 ] srv C:\Windows\system32\DRIVERS\srv.sys
20:08:10.0730 0x08b8 srv - ok
20:08:10.0746 0x08b8 [ 76548F7B818881B47D8D1AE1BE9C11F8, 8F1356B07A6A55746FC71B6DB0322128941AE890850196F2B19BC01E6FC9B41C ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:08:10.0761 0x08b8 srv2 - ok
20:08:10.0777 0x08b8 [ 0AF6E19D39C70844C5CAA8FB0183C36E, 4494EEFDEA7198888D32E74727E5BC0AC628FFA70B1FE7EB59DBEEDC1A95D0DD ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:08:10.0777 0x08b8 srvnet - ok
20:08:10.0792 0x08b8 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:08:10.0792 0x08b8 SSDPSRV - ok
20:08:10.0808 0x08b8 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:08:10.0808 0x08b8 SstpSvc - ok
20:08:10.0839 0x08b8 Steam Client Service - ok
20:08:10.0855 0x08b8 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
20:08:10.0870 0x08b8 stexstor - ok
20:08:10.0902 0x08b8 [ 52D0E33B681BD0F33FDC08812FEE4F7D, BBEBC0773402F6697D2F14F63E5E4FDC2180466E7FDBD306E408535B10160249 ] stisvc C:\Windows\System32\wiaservc.dll
20:08:10.0917 0x08b8 stisvc - ok
20:08:10.0933 0x08b8 [ FFD7A6F15B14234B5B0E5D49E7961895, 9553BDB65D021DA621BDFF1C180B9F4C6355FC748BAE854CE114D4B3EFF307B7 ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
20:08:10.0933 0x08b8 storflt - ok
20:08:10.0948 0x08b8 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
20:08:10.0964 0x08b8 StorSvc - ok
20:08:10.0995 0x08b8 [ 8FCCBEFC5C440B3C23454656E551B09A, 392A38D0B18B7FD08ACBE3E56ADCB235FA49BDB99F81E0820434D57332FA8FF7 ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys
20:08:10.0995 0x08b8 storvsc - ok
20:08:11.0011 0x08b8 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
20:08:11.0011 0x08b8 swenum - ok
20:08:11.0042 0x08b8 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
20:08:11.0042 0x08b8 swprv - ok
20:08:11.0089 0x08b8 [ 3C1284516A62078FB68F768DE4F1A7BE, 67ECD462335EF88773E4BAEAB230A68EC92A25F8CD8F115873F669205AE6A1A9 ] SysMain C:\Windows\system32\sysmain.dll
20:08:11.0120 0x08b8 SysMain - ok
20:08:11.0136 0x08b8 [ 238935C3CF2854886DC7CBB2A0E2CC66, BBF7A70BF218A544CC1A6FB81F75EAD29D418794162936BE197D6D61FE0DB1C4 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:08:11.0136 0x08b8 TabletInputService - ok
20:08:11.0167 0x08b8 [ 884264AC597B690C5707C89723BB8E7B, 9BF209A4128019421F7EC4AFF71103C5F411DB6CFB32AAC1633E789AD7A30708 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:08:11.0167 0x08b8 TapiSrv - ok
20:08:11.0182 0x08b8 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
20:08:11.0198 0x08b8 TBS - ok
20:08:11.0260 0x08b8 [ 5CFB7AB8F9524D1A1E14369DE63B83CC, BC22FC5714A6A8F8CF95D3D9656332D7B315FF7CFA50C0DEB7437A30651D10C7 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:08:11.0307 0x08b8 Tcpip - ok
20:08:11.0385 0x08b8 [ 5CFB7AB8F9524D1A1E14369DE63B83CC, BC22FC5714A6A8F8CF95D3D9656332D7B315FF7CFA50C0DEB7437A30651D10C7 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:08:11.0416 0x08b8 TCPIP6 - ok
20:08:11.0432 0x08b8 [ 76D078AF6F587B162D50210F761EB9ED, 3813171036B4036306CADC29F877ADAE44B241DDF65B3699C352B7CDA9EC68C9 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:08:11.0432 0x08b8 tcpipreg - ok
20:08:11.0448 0x08b8 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:08:11.0448 0x08b8 TDPIPE - ok
20:08:11.0479 0x08b8 [ 7518F7BCFD4B308ABC9192BACAF6C970, CF08E547EF4059DA3F5A2FCBA98939E84092BB6E0E37F9BBCD1E4D9EBB8A58BB ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:08:11.0479 0x08b8 TDTCP - ok
20:08:11.0479 0x08b8 [ 079125C4B17B01FCAEEBCE0BCB290C0F, B2DF1F2317EF5DCF0A89327332E9F2770ED604005B3138C095FF01AA63B91437 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:08:11.0494 0x08b8 tdx - ok
20:08:11.0510 0x08b8 [ C448651339196C0E869A355171875522, C12441CF21D7D47804952B968689D78E3BA0323A90C4C811B54A6B2E6260BAD4 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
20:08:11.0510 0x08b8 TermDD - ok
20:08:11.0557 0x08b8 [ 0F05EC2887BFE197AD82A13287D2F404, 78C8A8FE9B1101430CA79875DA34413C35B6D7A5EE1932E454C50731335437A6 ] TermService C:\Windows\System32\termsrv.dll
20:08:11.0557 0x08b8 TermService - ok
20:08:11.0588 0x08b8 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
20:08:11.0588 0x08b8 Themes - ok
20:08:11.0604 0x08b8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
20:08:11.0619 0x08b8 THREADORDER - ok
20:08:11.0635 0x08b8 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
20:08:11.0635 0x08b8 TrkWks - ok
20:08:11.0697 0x08b8 [ 840F7FB849F5887A49BA18C13B2DA920, A59C40A090E03C0136A865FC54508BA938E7B467C8198BC009FE263E6C275781 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:08:11.0697 0x08b8 TrustedInstaller - ok
20:08:11.0728 0x08b8 [ 61B96C26131E37B24E93327A0BD1FB95, 7C551B6FD0447258BC3FDED72D8D41A0E8B731562170C264295592D45F85D9FF ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:08:11.0728 0x08b8 tssecsrv - ok
20:08:11.0760 0x08b8 [ 3836171A2CDF3AF8EF10856DB9835A70, 74CD0A21B4E5B47E8D762CC28282CA8D512D424EC591D90099B9F8D034AA2FC2 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:08:11.0760 0x08b8 tunnel - ok
20:08:11.0775 0x08b8 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
20:08:11.0775 0x08b8 uagp35 - ok
20:08:11.0791 0x08b8 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB, DBAEA010F11A5EFD961B1841308EA3F220A9FFB01F364BA9B8F72200DA2BBCD8 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:08:11.0791 0x08b8 udfs - ok
20:08:11.0822 0x08b8 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:08:11.0822 0x08b8 UI0Detect - ok
20:08:11.0838 0x08b8 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
20:08:11.0853 0x08b8 uliagpkx - ok
20:08:11.0869 0x08b8 [ EAB6C35E62B1B0DB0D1B48B671D3A117, E65034BF757AE4D21F69D7A91A7990E326A29A0CE9F871FD704B5E6CCC821FF0 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:08:11.0869 0x08b8 umbus - ok
20:08:11.0869 0x08b8 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
20:08:11.0884 0x08b8 UmPass - ok
20:08:11.0900 0x08b8 [ AF0AC98EE5077EB844413EB54287FDE3, 1586326510DE94E2735EFAD94A68D06DB5B7347B68055A9EA8B95E19D91A2E69 ] UmRdpService C:\Windows\System32\umrdp.dll
20:08:11.0916 0x08b8 UmRdpService - ok
20:08:12.0009 0x08b8 [ A0153CC9D28568A10BDAEE5EC612CFC8, C980FBB978545A1DDCA9FAB88CD9468FE1EF39D93272F0BEE13B7625B9787547 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
20:08:12.0025 0x08b8 UNS - ok
20:08:12.0072 0x08b8 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
20:08:12.0087 0x08b8 upnphost - ok
20:08:12.0134 0x08b8 [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
20:08:12.0134 0x08b8 USBAAPL64 - ok
20:08:12.0165 0x08b8 [ 7B6A127C93EE590E4D79A5F2A76FE46F, 6F178916EF6D58D1E5B26C0D9D95C276B776505BFC9F716BB1E3ABD3B2B72FCE ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:08:12.0181 0x08b8 usbccgp - ok
20:08:12.0212 0x08b8 [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
20:08:12.0212 0x08b8 usbcir - ok
20:08:12.0228 0x08b8 [ 92969BA5AC44E229C55A332864F79677, 4ED1E1049E7641D3FFF5D296F2D59060225CE52AB9F7B5CA618898B46A772F98 ] usbehci C:\Windows\system32\drivers\usbehci.sys
20:08:12.0228 0x08b8 usbehci - ok
20:08:12.0259 0x08b8 [ E7DF1CFD28CA86B35EF5ADD0735CEEF3, AA751288EC34D61D934D7E8C036B60BBCEDC2A746815623478BB015D87D6A998 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:08:12.0259 0x08b8 usbhub - ok
20:08:12.0290 0x08b8 [ F1BB1E55F1E7A65C5839CCC7B36D773E, 4F517F81FA5688D78D3627EA7D2EA16AD4EB410D7624FE483C7AF26951E579A9 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:08:12.0306 0x08b8 usbohci - ok
20:08:12.0321 0x08b8 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:08:12.0321 0x08b8 usbprint - ok
20:08:12.0352 0x08b8 [ 0F0C72A657C622286013788B886968AD, A1492B07BD76E60E5228FBCFB73F96CA5B7AA0E2110EB27C72803A618C88C51E ] usbser C:\Windows\system32\DRIVERS\usbser.sys
20:08:12.0352 0x08b8 usbser - ok
20:08:12.0368 0x08b8 [ F39983647BC1F3E6100778DDFE9DCE29, 3BD36594F7C753680DB5A4354B1D6A33FC3011631D2D56DD4B2464AA99C85F7B ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:08:12.0384 0x08b8 USBSTOR - ok
20:08:12.0399 0x08b8 [ BC3070350A491D84B518D7CCA9ABD36F, 96FFF9F76A93CF4806297AE7C11A5C6D1E7A9980260E6CFC960F8247D5032161 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:08:12.0399 0x08b8 usbuhci - ok
20:08:12.0462 0x08b8 [ 7CB8C573C6E4A2714402CC0A36EAB4FE, FCD65AA3723617F58F77C4DA93CE910C712B8AA9411B5C4A60DC6C684EA53C1B ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
20:08:12.0462 0x08b8 usbvideo - ok
20:08:12.0493 0x08b8 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
20:08:12.0508 0x08b8 UxSms - ok
20:08:12.0524 0x08b8 [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] VaultSvc C:\Windows\system32\lsass.exe
20:08:12.0524 0x08b8 VaultSvc - ok
20:08:12.0555 0x08b8 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
20:08:12.0555 0x08b8 vdrvroot - ok
20:08:12.0586 0x08b8 [ 44D73E0BBC1D3C8981304BA15135C2F2, 2849387BBCFB0189AF5604D2F7A631BD5D6BBB2CA73AF6E870069AF382A74DED ] vds C:\Windows\System32\vds.exe
20:08:12.0602 0x08b8 vds - ok
20:08:12.0618 0x08b8 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:08:12.0618 0x08b8 vga - ok
20:08:12.0633 0x08b8 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
20:08:12.0633 0x08b8 VgaSave - ok
20:08:12.0664 0x08b8 [ C82E748660F62A242B2DFAC1442F22A4, 24AD6CAA918C5AB6F461D88825885C8637C224001AAD7A80BDC240368CDB0B7E ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
20:08:12.0680 0x08b8 vhdmp - ok
20:08:12.0696 0x08b8 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
20:08:12.0696 0x08b8 viaide - ok
20:08:12.0774 0x08b8 [ BEEC7DB99737B083C62A84D1328571D2, D292A902457D6829F5F1494A559B83558316361C4B2BBC3BA446165F9E4235D8 ] vm332avs C:\Windows\system32\Drivers\vm332avs.sys
20:08:12.0789 0x08b8 vm332avs - ok
20:08:12.0820 0x08b8 [ 1501699D7EDA984ABC4155A7DA5738D1, 448DFEFF565F1467F387E4EC9782DDD48B8FFDDF6B1EA46A790C2782C20BD952 ] vmbus C:\Windows\system32\DRIVERS\vmbus.sys
20:08:12.0820 0x08b8 vmbus - ok
20:08:12.0820 0x08b8 [ AE10C35761889E65A6F7176937C5592C, 9DC27647B6149C9B2523799F85B18122CCE749264624FE2E5FE843FE00642BBE ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys
20:08:12.0820 0x08b8 VMBusHID - ok
20:08:12.0836 0x08b8 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3, 91F2B935E1E88C5542650F7D679A75D0562F4A5812179D1EC146D4B6351361E2 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
20:08:12.0836 0x08b8 volmgr - ok
20:08:12.0852 0x08b8 [ 99B0CBB569CA79ACAED8C91461D765FB, 5BE394A39A941DE2AA1212E66B7068F90D423FA816238657CB9B2DA8BBE69B9B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:08:12.0867 0x08b8 volmgrx - ok
20:08:12.0898 0x08b8 [ 9E425AC5C9A5A973273D169F43B4F5E1, 64C9A9D4A39865E56F01B4FDE1B56034C4B2A2AEF2ABE15EC1C37911C59595B0 ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
20:08:12.0898 0x08b8 volsnap - ok
20:08:12.0914 0x08b8 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
20:08:12.0930 0x08b8 vsmraid - ok
20:08:13.0008 0x08b8 [ 787898BF9FB6D7BD87A36E2D95C899BA, A6C0C7402B1A198E7B3D6D7D283FCB5815AC429DA68FC9B54C67707F3233CCB5 ] VSS C:\Windows\system32\vssvc.exe
20:08:13.0039 0x08b8 VSS - ok
20:08:13.0054 0x08b8 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:08:13.0054 0x08b8 vwifibus - ok
20:08:13.0070 0x08b8 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] VWiFiFlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:08:13.0070 0x08b8 VWiFiFlt - ok
20:08:13.0086 0x08b8 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
20:08:13.0086 0x08b8 vwifimp - ok
20:08:13.0101 0x08b8 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
20:08:13.0101 0x08b8 W32Time - ok
20:08:13.0117 0x08b8 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
20:08:13.0117 0x08b8 WacomPen - ok
20:08:13.0164 0x08b8 [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:08:13.0164 0x08b8 WANARP - ok
20:08:13.0179 0x08b8 [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:08:13.0179 0x08b8 Wanarpv6 - ok
20:08:13.0288 0x08b8 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
20:08:13.0320 0x08b8 WatAdminSvc - ok
20:08:13.0398 0x08b8 [ 5AB1BB85BD8B5089CC5D64200DEDAE68, 28777D4F3CD07C8E3465B6DA0FCA994E0B93071A3A0D4D1D64C1DF633DD1C64F ] wbengine C:\Windows\system32\wbengine.exe
20:08:13.0444 0x08b8 wbengine - ok
20:08:13.0460 0x08b8 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:08:13.0460 0x08b8 WbioSrvc - ok
20:08:13.0476 0x08b8 [ DD1BAE8EBFC653824D29CCF8C9054D68, 81D6640222FE276D721168745F6BB905D4E756909A9B2C706AF25465D748772D ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:08:13.0491 0x08b8 wcncsvc - ok
20:08:13.0507 0x08b8 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:08:13.0507 0x08b8 WcsPlugInService - ok
20:08:13.0538 0x08b8 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
20:08:13.0538 0x08b8 Wd - ok
20:08:13.0585 0x08b8 [ 442783E2CB0DA19873B7A63833FF4CB4, 09254970265476214F3187CC22A4F9C7C2769D419600E83FBE302C3A103E527F ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:08:13.0600 0x08b8 Wdf01000 - ok
20:08:13.0616 0x08b8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:08:13.0616 0x08b8 WdiServiceHost - ok
20:08:13.0632 0x08b8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:08:13.0632 0x08b8 WdiSystemHost - ok
20:08:13.0678 0x08b8 [ 733006127F235BE7C35354EBEE7B9A7B, 2C7E7030D586C36261F33F29883337695493D48CEA415D6DBA7C5635845A5B32 ] WebClient C:\Windows\System32\webclnt.dll
20:08:13.0678 0x08b8 WebClient - ok
20:08:13.0694 0x08b8 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:08:13.0710 0x08b8 Wecsvc - ok
20:08:13.0725 0x08b8 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:08:13.0725 0x08b8 wercplsupport - ok
20:08:13.0756 0x08b8 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
20:08:13.0756 0x08b8 WerSvc - ok
20:08:13.0788 0x08b8 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:08:13.0788 0x08b8 WfpLwf - ok
20:08:13.0803 0x08b8 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:08:13.0803 0x08b8 WIMMount - ok
20:08:13.0834 0x08b8 WinDefend - ok
20:08:13.0834 0x08b8 WinHttpAutoProxySvc - ok
20:08:13.0881 0x08b8 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:08:13.0881 0x08b8 Winmgmt - ok
20:08:13.0944 0x08b8 [ 41FBB751936B387F9179E7F03A74FE29, 7A73D887BEC19DFC485ED42B4E6ABEBF824555139B81EA30731A00773E707464 ] WinRM C:\Windows\system32\WsmSvc.dll
20:08:13.0975 0x08b8 WinRM - ok
20:08:14.0006 0x08b8 [ 817EAFF5D38674EDD7713B9DFB8E9791, F6E0BFC503BA7395F92989C11B454D1F1E58E29302BA203801449A2C5236E84D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:08:14.0022 0x08b8 WinUsb - ok
20:08:14.0068 0x08b8 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
20:08:14.0084 0x08b8 Wlansvc - ok
20:08:14.0224 0x08b8 [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:08:14.0302 0x08b8 wlidsvc - ok
20:08:14.0318 0x08b8 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
20:08:14.0318 0x08b8 WmiAcpi - ok
20:08:14.0349 0x08b8 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:08:14.0349 0x08b8 wmiApSrv - ok
20:08:14.0365 0x08b8 WMPNetworkSvc - ok
20:08:14.0396 0x08b8 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:08:14.0396 0x08b8 WPCSvc - ok
20:08:14.0412 0x08b8 [ 2E57DDF2880A7E52E76F41C7E96D327B, D24E19B6091C197D77D71BC044CE2E5A57BE0A2F00D1BB0732E380A398230E63 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:08:14.0427 0x08b8 WPDBusEnum - ok
20:08:14.0427 0x08b8 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:08:14.0427 0x08b8 ws2ifsl - ok
20:08:14.0458 0x08b8 [ 8F9F3969933C02DA96EB0F84576DB43E, C424D7B881A4DCC348433CF02044383013E32DB94CC66D1D20E1866CB3B0F952 ] wscsvc C:\Windows\System32\wscsvc.dll
20:08:14.0474 0x08b8 wscsvc - ok
20:08:14.0474 0x08b8 WSearch - ok
20:08:14.0536 0x08b8 [ 83575C43B2BFE9AB0661A7F957E843C0, 6FCE62721902A4F35F1A4CED8AF60A0346CFAB657ED92DE4CEFF19BDB830D32D ] wsvd C:\Windows\system32\DRIVERS\wsvd.sys
20:08:14.0536 0x08b8 wsvd - ok
20:08:14.0646 0x08b8 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
20:08:14.0708 0x08b8 wuauserv - ok
20:08:14.0755 0x08b8 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:08:14.0755 0x08b8 WudfPf - ok
20:08:14.0786 0x08b8 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:08:14.0786 0x08b8 WUDFRd - ok
20:08:14.0802 0x08b8 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:08:14.0802 0x08b8 wudfsvc - ok
20:08:14.0833 0x08b8 [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll
20:08:14.0833 0x08b8 WwanSvc - ok
20:08:14.0864 0x08b8 [ D65B42FBF19C676AA01AE95EC62F7764, 20536DEE96A2F00456AF14A8893AABA6801132EBDA8E4F600FEE85DC0903F77F ] ZAtheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
20:08:14.0864 0x08b8 ZAtheros Bt&Wlan Coex Agent - ok
20:08:14.0958 0x08b8 [ 74713CB32792F9C7632DAA7DA22CA974, 1B1D907F8F18AE22E36F371EE6417D068C01FB4F9413571444AF3845A27F3C4D ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
20:08:14.0973 0x08b8 ZeroConfigService - ok
20:08:15.0004 0x08b8 ================ Scan global ===============================
20:08:15.0020 0x08b8 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
20:08:15.0051 0x08b8 [ 3FB74FF230B5D240A57AE1C4A3D0459D, 7A4036CAC3BAAEC719E4152F2CAA9D9B69DACBDC7502147D7160D04AE70BC8DF ] C:\Windows\system32\winsrv.dll
20:08:15.0067 0x08b8 [ 3FB74FF230B5D240A57AE1C4A3D0459D, 7A4036CAC3BAAEC719E4152F2CAA9D9B69DACBDC7502147D7160D04AE70BC8DF ] C:\Windows\system32\winsrv.dll
20:08:15.0098 0x08b8 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
20:08:15.0114 0x08b8 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
20:08:15.0129 0x08b8 [ Global ] - ok
20:08:15.0129 0x08b8 ================ Scan MBR ==================================
20:08:15.0129 0x08b8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:08:15.0582 0x08b8 \Device\Harddisk0\DR0 - ok
20:08:15.0582 0x08b8 ================ Scan VBR ==================================
20:08:15.0582 0x08b8 [ DACFB9BE70C82CC38504AEE91CF5FCB3 ] \Device\Harddisk0\DR0\Partition1
20:08:15.0597 0x08b8 \Device\Harddisk0\DR0\Partition1 - ok
20:08:15.0597 0x08b8 [ 1608754217B00C3B1FA86AEA1325D2B1 ] \Device\Harddisk0\DR0\Partition2
20:08:15.0597 0x08b8 \Device\Harddisk0\DR0\Partition2 - ok
20:08:15.0597 0x08b8 [ 2BB3A96FA43E037938AF76EC7445E166 ] \Device\Harddisk0\DR0\Partition3
20:08:15.0597 0x08b8 \Device\Harddisk0\DR0\Partition3 - ok
20:08:15.0597 0x08b8 Waiting for KSN requests completion. In queue: 75
20:08:16.0611 0x08b8 Waiting for KSN requests completion. In queue: 75
20:08:17.0625 0x08b8 Waiting for KSN requests completion. In queue: 75
20:08:18.0733 0x08b8 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2013.292 ), 0x41000 ( enabled : updated )
20:08:18.0764 0x08b8 Win FW state via NFP2: enabled
20:08:21.0541 0x08b8 ============================================================
20:08:21.0541 0x08b8 Scan finished
20:08:21.0541 0x08b8 ============================================================
20:08:21.0541 0x09cc Detected object count: 0
20:08:21.0541 0x09cc Actual detected object count: 0
20:08:46.0989 0x0cf0 Deinitialize success
Naposledy upravil(a) michael_corleone dne 14 kvě 2014 20:20, celkem upraveno 1 x.


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 119 hostů