HJT Log + MWAW

Fucza · Příspěvekod **Fucza** » 11 srp 2014 16:06

Zdravím.
Manželce jsem koupil Lenovo s Win 8. Dostala zadarmo Norton (hrůz - nejde to ani na 2kliky deaktivovat) a chování ntb je divné (myš) a Norton taky něco našel (trojan a ještě něco), ale myslím, že to nezlikvidoval. Podle návodu v sekci dávám log z HJT a z toho druhého scanneru. Díky za pomoc.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:03:01, on 11. 8. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17126)

Boot mode: Normal

Running processes:
C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\NIS.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
C:\WINDOWS\syswow64\wwahost.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Barbara\Desktop\HijackThis (1).exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\IPS\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\coIEPlg.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
O4 - HKLM\..\Run: [MSStp] C:\windows\inf\msstp.vbe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: (no name) - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\NIS.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: VeriFaceSrv - Unknown owner - C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 9033 bytes

-----------------------------------------------------------------------------------------------------
Objekt "ImIServer IEPlugin Spyware/Adware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscoree.tlb". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\mscoree.tlb". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\System.tlb". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\Microsoft.JScript.tlb". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.JScript.tlb". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.1.4322\System.Drawing.tlb". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.1.4322\System.tlb". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.1.4322\System.Windows.Forms.tlb". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\mscorlib.tlb". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.tlb". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.1.4322\System.EnterpriseServices.tlb". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\System.Drawing.tlb". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\System.Windows.Forms.tlb". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\System.EnterpriseServices.tlb". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\diasymreader.dll". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\iehost.dll". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\mscorrc.dll". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\wminet_utils.dll". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\system.enterpriseservices.dll". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\mscorsec.dll". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\microsoft.jscript.dll". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\microsoft.vsa.vb.codedomprocessor.dll". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\vsavb7rt.dll". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\mscordbi.dll". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\system.configuration.install.dll". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" odkazuje na neplatný objekt "C:\Windows\Microsoft.NET\Framework\v1.0.3705\system.data.dll". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".7-_-go-my-account". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".AngryBirdsSpace_p2gbknwb5d8r2". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".com/fwlink/?LinkID=166930". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".com/fwlink/?LinkID=166937". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".com/go/myaccount". Provedené akce: Ponecháno, neodstraněno!.
Záznam "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" odkazuje na neplatný objekt ".MicrosoftSolitaireCollection_8wekyb3d8bbwe". Provedené akce: Ponecháno, neodstraněno!.

Reklama

Příspěvekod **jaro3** » 11 srp 2014 19:10

Odinstaluj:
Norton Internet Security ( je to jen demo verze)
MVAW

Nainstaluj si free antivir :
Avira
Avast
AVG
vyber si sama

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode)
http://www.bleepingcomputer.com/download/adwcleaner/

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na b] Kopírovat do schránky [/b]a a vlož sem celý log.

- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).

Pokud budou problémy , spusť v nouz. režimu.

Fucza · Příspěvekod **Fucza** » 11 srp 2014 19:48

Zdravím.
Moc díky. MVAW se nezobrazí v seznamu programů v ovládacích panelech. Při instalaci to psalo, že se to instaluje do tempu. Tak nějak nevím, jak to odinstalovat jinak. Smazal jsem to z plochy, v tempu nic nevidím. No, nevím. Je to pryč?

Ten Norton by neměl být jen demo. Je to zaregistrované a "koupené (bonus k nákupu)" na rok. Nevím, je to takblbé, že je lepší přejít třeba na Aviru?

# AdwCleaner v3.304 - Report created 11/08/2014 at 20:00:53
# Updated 08/08/2014 by Xplode
# Operating System : Windows 8.1 (64 bits)
# Username : Barbara - IDEA-PC
# Running from : C:\Users\Barbara\Desktop\AdwCleaner (1).exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17126

-\\ Google Chrome v36.0.1985.125

[ File : C:\Users\Barbara\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [644 octets] - [11/08/2014 20:00:53]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [703 octets] ##########

--------------------------------------------------------------------------------------------------------------------------------------------------------------------

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 11. 8. 2014
Scan Time: 20:09:41
Logfile: loggg.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.08.11.06
Rootkit Database: v2014.08.04.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Barbara

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 289807
Time Elapsed: 9 min, 41 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 1
Trojan.Agent.SCR, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|MSStp, C:\windows\inf\msstp.vbe, , [aca602c31764f145521e4fa449b926da]

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 1
Trojan.Agent.SCR, C:\Windows\Inf\msstp.vbe, , [aca602c31764f145521e4fa449b926da],

Physical Sectors: 0
(No malicious items detected)

(end)

Příspěvekod **jaro3** » 11 srp 2014 22:14

Jestrli je NIS koupené , tak ho ponech , alůe psal si , že ty nákazy nejdou smazat , z toho jsem usuzoval že je demo.

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean“

Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

. spusť znovu MbAM a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.

MWAV zkus něco najít:
https://www.google.cz/search?client=ope ... gws_rd=ssl

Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

Fucza · Příspěvekod **Fucza** » 12 srp 2014 15:04

Zdravím.
Tak Norton to hodil do karantény, ale zdálo se mi, že to není OK a asi není.

Jedu podle tvých pokynů. Ale jsem zatím ve slepé uličce.

Udělal jsem znovu ten AdwCleaner, restart proběhl, ale systém ne a ne najet. Hodilo to Critical_Process_Died, pak najela nějaká diagnostika a hodilo to informaci, že operační systém kvůli nějaké chybě nemohl být zaveden, zda spustit automatickou opravu do doby, kdy to bylo funkční (asi jako bod obnovy). A už asi 5 minut je obrazovka černá pouze s bílým logem "lenovo". A vypadá to, že to tam bude pořád.

Natvrdo jsem to vypnul, po novém zapnutí opět to samé, jen mě to dalo víc možností. Šel jsem do nastavení - akorát jsem se tam zastavil u toho, že mám navštívit Windows Store a nainstalovat znova Windows 8.1. a všechny ostatní programy. Tak to sem zatím neudělal.

Tak automatická oprava nemůže počítač opravit (Soubor protokolu: C:/Windows/System32/Logfiles/Srt/SrtTrail.txt (mají být obrácená lomítka)

Z nabídek je asi jediná možnost, abych se vyhl továrnímu nastavení - částečné obnovení počítače. Jdu to ještě zkusit a když nic budu čekat co poradíte. Něco jsem našel i tady s podobným problémem (http://www.pc-help.cz/viewtopic.php?f=7&t=131285), ale nevím. Díky.

Takže ten "polovičatý" reinstall Windows pomohl. soubory jsou zachované, na ploše stažen Adwarecleaner i HJT. Co mě ale překvapuje, tak místo Nortona je na ploše McAfee.
Nyní raději počkám, jak dál :-)

Díky.

Příspěvekod **jaro3** » 12 srp 2014 15:55

Miliness je profesionál , zadal bych nová téma do jeho sekce.

Do nouz. režimu se nedostaneš?

Fucza · Příspěvekod **Fucza** » 12 srp 2014 16:19

Viz výše. (edit)

Příspěvekod **jaro3** » 12 srp 2014 18:45

pokud to půjde , odinstaluj zase McAfee i Nortona , pokud najdeš.

Pak si vše zopakuj , AdwCleaner , TFC , MbAM.

Fucza · Příspěvekod **Fucza** » 14 srp 2014 12:46

McAfee odinstalováno, Norton tam už není (nelze ho najít), ještě se protiAdwCleaneru bránil ten Windows Defender Smart něco, ale deaktivoval jsem ho. Po AdwCleaner restart proběhl tentokrát OK, PC se tentokrát nezhroutilo. Zde jsou logy:

# AdwCleaner v3.304 - Report created 12/08/2014 at 14:53:17
# Updated 08/08/2014 by Xplode
# Operating System : Windows 8.1 (64 bits)
# Username : Barbara - IDEA-PC
# Running from : C:\Users\Barbara\Desktop\AdwCleaner (1).exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17126

-\\ Google Chrome v36.0.1985.125

[ File : C:\Users\Barbara\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [782 octets] - [11/08/2014 20:00:53]
AdwCleaner[R1].txt - [841 octets] - [12/08/2014 14:52:43]
AdwCleaner[S0].txt - [763 octets] - [12/08/2014 14:53:17]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [822 octets] ##########
# AdwCleaner v3.305 - Report created 14/08/2014 at 12:38:27
# Updated 14/08/2014 by Xplode
# Operating System : Windows 8 (64 bits)
# Username : Barbara - IDEA-PC
# Running from : C:\Users\Barbara\Desktop\adwcleaner_3.305.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16537

*************************

AdwCleaner[R0].txt - [1675 octets] - [11/08/2014 20:00:53]
AdwCleaner[R1].txt - [841 octets] - [12/08/2014 14:52:43]
AdwCleaner[S0].txt - [1658 octets] - [12/08/2014 14:53:17]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1718 octets] ##########

--------------------------------------------------------------------------------------------------------------------------------------------------------------------

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8 x64
Ran by Barbara on źt 14. 08. 2014 at 12:48:13,57
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 14. 08. 2014 at 12:52:46,94
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Malwarebytes Anti-Malware
http://www.malwarebytes.org

Scan Date: 14. 8. 2014
Scan Time: 13:08:31
Logfile: ll.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.08.14.04
Rootkit Database: v2014.08.04.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8
CPU: x64
File System: NTFS
User: Barbara

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 317195
Time Elapsed: 17 min, 53 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
RogueKiller V9.2.6.0 (x64) [Jul 11 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 8 (6.2.9200 ) 64 bits version
Spuštěno v : Normální režim
Uživatel : Barbara [Práva správce]
Mód : Kontrola -- Datum : 08/14/2014 13:43:40

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 12 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 213.46.172.37 213.46.172.36 -> NALEZENO
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 213.46.172.37 213.46.172.36 -> NALEZENO
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{726E2361-FF36-47FA-8DEE-44E852DDD4E0} | DhcpNameServer : 213.46.172.37 213.46.172.36 -> NALEZENO
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{726E2361-FF36-47FA-8DEE-44E852DDD4E0} | DhcpNameServer : 213.46.172.37 213.46.172.36 -> NALEZENO
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-1625381792-3266785749-893686978-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> NALEZENO
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-1625381792-3266785749-893686978-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> NALEZENO
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-1625381792-3266785749-893686978-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> NALEZENO
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-1625381792-3266785749-893686978-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> NALEZENO
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NALEZENO
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NALEZENO
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NALEZENO
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NALEZENO

¤¤¤ naplánované úlohy : 1 ¤¤¤
[Suspicious.Path] \\OFFICE2013ACT -- C:\ProgramData\Microsoft\Windows\OFFICEICON.vbs -> NALEZENO

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 28 (Driver: NAHRÁNO) ¤¤¤
[EAT:Addr] (explorer.exe) CommApi.dll - BatMeterIconAnimationReset : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb904554
[EAT:Addr] (explorer.exe) CommApi.dll - BatMeterIconThemeReset : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb9046ec
[EAT:Addr] (explorer.exe) CommApi.dll - BatMeterOnDeviceChange : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb904134
[EAT:Addr] (explorer.exe) CommApi.dll - CleanupBatteryData : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb901884
[EAT:Addr] (explorer.exe) CommApi.dll - CreateBatteryData : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb902b98
[EAT:Addr] (explorer.exe) CommApi.dll - GetBatMeterIconAnimationState : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb9041f0
[EAT:Addr] (explorer.exe) CommApi.dll - GetBatMeterIconAnimationTimeDelay : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb904370
[EAT:Addr] (explorer.exe) CommApi.dll - GetBatMeterIconAnimationUpdate : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb904494
[EAT:Addr] (explorer.exe) CommApi.dll - GetBatteryCapacityInfo : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb903f18
[EAT:Addr] (explorer.exe) CommApi.dll - GetBatteryDetails : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb905ad0
[EAT:Addr] (explorer.exe) CommApi.dll - GetBatteryImmersiveIcon : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb902060
[EAT:Addr] (explorer.exe) CommApi.dll - GetBatteryInfo : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb905100
[EAT:Addr] (explorer.exe) CommApi.dll - GetBatteryStatusText : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb905190
[EAT:Addr] (explorer.exe) CommApi.dll - GetBatteryWorkingState : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb9019c0
[EAT:Addr] (explorer.exe) CommApi.dll - IsBatteryBad : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb903f0c
[EAT:Addr] (explorer.exe) CommApi.dll - IsBatteryHealthWarningEnabled : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb903f00
[EAT:Addr] (explorer.exe) CommApi.dll - IsBatteryLevelCritical : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb903ec4
[EAT:Addr] (explorer.exe) CommApi.dll - IsBatteryLevelLow : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb903ed8
[EAT:Addr] (explorer.exe) CommApi.dll - IsBatteryLevelReserve : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb903eec
[EAT:Addr] (explorer.exe) CommApi.dll - PowerCapabilities : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb901560
[EAT:Addr] (explorer.exe) CommApi.dll - QueryBatteryData : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb902c44
[EAT:Addr] (explorer.exe) CommApi.dll - SetBatteryHealthWarningState : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb903f00
[EAT:Addr] (explorer.exe) CommApi.dll - SetBatteryLevel : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb9027a0
[EAT:Addr] (explorer.exe) CommApi.dll - SetBatteryWorkingState : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb901048
[EAT:Addr] (explorer.exe) CommApi.dll - SubscribeBatteryUpdateNotification : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb901fb8
[EAT:Addr] (explorer.exe) CommApi.dll - UnsubscribeBatteryUpdateNotification : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb901980
[EAT:Addr] (explorer.exe) CommApi.dll - UpdateBatteryData : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb9050c4
[EAT:Addr] (explorer.exe) CommApi.dll - UpdateBatteryDataAsync : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb901b60

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST500LM000-1EJ162 +++++
--- User ---
[MBR] aa1c1e007b9e16f6e4f37aeb7b31282d
[BSP] a204e14e473ca5e8295dcfeaa3179d05 : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1 | Size: 2097152 MB
User = LL1 ... OK
User = LL2 ... OK

Vypadá to, že tím obnovením systému zmizela i havěť? Jelikož to Norton smazalo (stejně se mi nezamlouval), jaký free AV by si doporučil po dočištění nainstalovat? Čistě nezávazně. Kdysi jsem měl všude Avast, pak zase Aviru. Volné AVG jsem ještě neměl. Na svém ntb mám placený Eset. Vybírám podle uživatelského rozhraní, výkon nevím. Díky.

Příspěvekod **Orcus** » 14 srp 2014 18:45

Avast, Avira, AVG, Comodo. Něco z toho si vyber.

====================================================

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva" a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

====================================================

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Pokud se log nevejde do jedné zprávy, rozděl jej na více částí.

Fucza · Příspěvekod **Fucza** » 14 srp 2014 20:36

Avast, Avira, AVG

V tomto pořadí? :-)

RogueKiller V9.2.6.0 (x64) [Jul 11 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 8 (6.2.9200 ) 64 bits version
Spuštěno v : Normální režim
Uživatel : Barbara [Práva správce]
Mód : Odebrat -- Datum : 08/14/2014 20:33:43

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 12 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 213.46.172.37 213.46.172.36 -> NEVYBRÁNO
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 213.46.172.37 213.46.172.36 -> NEVYBRÁNO
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{726E2361-FF36-47FA-8DEE-44E852DDD4E0} | DhcpNameServer : 213.46.172.37 213.46.172.36 -> NEVYBRÁNO
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{726E2361-FF36-47FA-8DEE-44E852DDD4E0} | DhcpNameServer : 213.46.172.37 213.46.172.36 -> NEVYBRÁNO
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-1625381792-3266785749-893686978-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> NEVYBRÁNO
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-1625381792-3266785749-893686978-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> NEVYBRÁNO
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-1625381792-3266785749-893686978-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> NEVYBRÁNO
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-1625381792-3266785749-893686978-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> NEVYBRÁNO
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NEVYBRÁNO
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NEVYBRÁNO
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NEVYBRÁNO
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NEVYBRÁNO

¤¤¤ naplánované úlohy : 1 ¤¤¤
[Suspicious.Path] \\OFFICE2013ACT -- C:\ProgramData\Microsoft\Windows\OFFICEICON.vbs -> VYMAZÁNO

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 28 (Driver: NAHRÁNO) ¤¤¤
[EAT:Addr] (explorer.exe) CommApi.dll - BatMeterIconAnimationReset : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb904554
[EAT:Addr] (explorer.exe) CommApi.dll - BatMeterIconThemeReset : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb9046ec
[EAT:Addr] (explorer.exe) CommApi.dll - BatMeterOnDeviceChange : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb904134
[EAT:Addr] (explorer.exe) CommApi.dll - CleanupBatteryData : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb901884
[EAT:Addr] (explorer.exe) CommApi.dll - CreateBatteryData : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb902b98
[EAT:Addr] (explorer.exe) CommApi.dll - GetBatMeterIconAnimationState : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb9041f0
[EAT:Addr] (explorer.exe) CommApi.dll - GetBatMeterIconAnimationTimeDelay : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb904370
[EAT:Addr] (explorer.exe) CommApi.dll - GetBatMeterIconAnimationUpdate : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb904494
[EAT:Addr] (explorer.exe) CommApi.dll - GetBatteryCapacityInfo : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb903f18
[EAT:Addr] (explorer.exe) CommApi.dll - GetBatteryDetails : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb905ad0
[EAT:Addr] (explorer.exe) CommApi.dll - GetBatteryImmersiveIcon : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb902060
[EAT:Addr] (explorer.exe) CommApi.dll - GetBatteryInfo : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb905100
[EAT:Addr] (explorer.exe) CommApi.dll - GetBatteryStatusText : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb905190
[EAT:Addr] (explorer.exe) CommApi.dll - GetBatteryWorkingState : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb9019c0
[EAT:Addr] (explorer.exe) CommApi.dll - IsBatteryBad : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb903f0c
[EAT:Addr] (explorer.exe) CommApi.dll - IsBatteryHealthWarningEnabled : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb903f00
[EAT:Addr] (explorer.exe) CommApi.dll - IsBatteryLevelCritical : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb903ec4
[EAT:Addr] (explorer.exe) CommApi.dll - IsBatteryLevelLow : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb903ed8
[EAT:Addr] (explorer.exe) CommApi.dll - IsBatteryLevelReserve : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb903eec
[EAT:Addr] (explorer.exe) CommApi.dll - PowerCapabilities : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb901560
[EAT:Addr] (explorer.exe) CommApi.dll - QueryBatteryData : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb902c44
[EAT:Addr] (explorer.exe) CommApi.dll - SetBatteryHealthWarningState : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb903f00
[EAT:Addr] (explorer.exe) CommApi.dll - SetBatteryLevel : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb9027a0
[EAT:Addr] (explorer.exe) CommApi.dll - SetBatteryWorkingState : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb901048
[EAT:Addr] (explorer.exe) CommApi.dll - SubscribeBatteryUpdateNotification : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb901fb8
[EAT:Addr] (explorer.exe) CommApi.dll - UnsubscribeBatteryUpdateNotification : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb901980
[EAT:Addr] (explorer.exe) CommApi.dll - UpdateBatteryData : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb9050c4
[EAT:Addr] (explorer.exe) CommApi.dll - UpdateBatteryDataAsync : C:\WINDOWS\system32\BatMeter.dll @ 0x7fdfb901b60

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST500LM000-1EJ162 +++++
--- User ---
[MBR] aa1c1e007b9e16f6e4f37aeb7b31282d
[BSP] a204e14e473ca5e8295dcfeaa3179d05 : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1 | Size: 2097152 MB
User = LL1 ... OK
User = LL2 ... OK

============================================
RKreport_SCN_08142014_134340.log - RKreport_SCN_08142014_203137.log

-------------------------------------------------
38:45.0707 0x1530 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
20:38:45.0707 0x1530 UEFI system
20:38:50.0754 0x1530 ============================================================
20:38:50.0754 0x1530 Current date / time: 2014/08/14 20:38:50.0754
20:38:50.0754 0x1530 SystemInfo:
20:38:50.0754 0x1530
20:38:50.0754 0x1530 OS Version: 6.2.9200 ServicePack: 0.0
20:38:50.0754 0x1530 Product type: Workstation
20:38:50.0754 0x1530 ComputerName: IDEA-PC
20:38:50.0754 0x1530 UserName: Barbara
20:38:50.0754 0x1530 Windows directory: C:\WINDOWS
20:38:50.0754 0x1530 System windows directory: C:\WINDOWS
20:38:50.0754 0x1530 Running under WOW64
20:38:50.0754 0x1530 Processor architecture: Intel x64
20:38:50.0754 0x1530 Number of processors: 2
20:38:50.0754 0x1530 Page size: 0x1000
20:38:50.0754 0x1530 Boot type: Normal boot
20:38:50.0754 0x1530 ============================================================
20:38:50.0989 0x1530 KLMD registered as C:\WINDOWS\system32\drivers\01454596.sys
20:38:51.0458 0x1530 System UUID: {046E2582-3381-E4C3-4D33-0179A8831B94}
20:38:52.0489 0x1530 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:38:52.0505 0x1530 ============================================================
20:38:52.0505 0x1530 \Device\Harddisk0\DR0:
20:38:52.0505 0x1530 GPT partitions:
20:38:52.0520 0x1530 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {724AEB45-9235-4ED5-A3A1-1FC405E1ABB5}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x1F4000
20:38:52.0520 0x1530 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {C82EC94A-3C72-4AC4-91EC-B698E24DDC31}, Name: EFI system partition, StartLBA 0x1F4800, BlocksNum 0x82000
20:38:52.0520 0x1530 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {BFBFAFE7-A34F-448A-9A5B-6213EB736C22}, UniqueGUID: {6D5C8549-FFC3-40C2-B6B8-5A9796BF0065}, Name: Basic data partition, StartLBA 0x276800, BlocksNum 0x1F4000
20:38:52.0520 0x1530 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {594AE480-C4CE-4F97-B83E-55BD194B528D}, Name: Microsoft reserved partition, StartLBA 0x46A800, BlocksNum 0x40000
20:38:52.0520 0x1530 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {ED8B073E-04C5-4222-A5E4-D43769DE5E77}, Name: Basic data partition, StartLBA 0x4AA800, BlocksNum 0x350D8000
20:38:52.0520 0x1530 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {8F46B9A5-6A8B-4D0D-B64E-24217C277B75}, Name: , StartLBA 0x35582800, BlocksNum 0xE1000
20:38:52.0520 0x1530 \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {C07C6422-6F68-4580-83F6-2F2DD3C8929F}, Name: Basic data partition, StartLBA 0x35663800, BlocksNum 0x3200000
20:38:52.0520 0x1530 \Device\Harddisk0\DR0\Partition8: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {95A4222F-3026-4742-9EFF-4D7ACF8A53E1}, Name: Basic data partition, StartLBA 0x38863800, BlocksNum 0x1B22800
20:38:52.0520 0x1530 MBR partitions:
20:38:52.0520 0x1530 ============================================================
20:38:52.0536 0x1530 C: <-> \Device\Harddisk0\DR0\Partition5
20:38:52.0567 0x1530 D: <-> \Device\Harddisk0\DR0\Partition7
20:38:52.0567 0x1530 ============================================================
20:38:52.0567 0x1530 Initialize success
20:38:52.0567 0x1530 ============================================================
20:39:03.0380 0x15a8 ============================================================
20:39:03.0380 0x15a8 Scan started
20:39:03.0380 0x15a8 Mode: Manual;
20:39:03.0380 0x15a8 ============================================================
20:39:03.0380 0x15a8 KSN ping started
20:39:05.0724 0x15a8 KSN ping finished: true
20:39:06.0162 0x15a8 ================ Scan system memory ========================
20:39:06.0162 0x15a8 System memory - ok
20:39:06.0162 0x15a8 ================ Scan services =============================
20:39:08.0771 0x15a8 [ E890C46E4754F0DF51BAFCC8D2E07498, E620D03030F3B65442E0A5CB8B59016A6E8DB3BCA52741977B8897B34438E902 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
20:39:08.0787 0x15a8 1394ohci - ok
20:39:08.0818 0x15a8 [ 4F18D4C7EA14F11A7211F60D553C03DB, 09AB6D2D8E9B7B6D6A97708551C0E4B34538947A15EA2A69C11764D7BC0BB7F6 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
20:39:08.0834 0x15a8 3ware - ok
20:39:08.0865 0x15a8 [ 975AABEB243B800C23626D6B652C5A9C, FB02336F26AF10BA2A0D1B97C33CB1D78BB90CA51EF008A613A0274779798FAD ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
20:39:08.0880 0x15a8 ACPI - ok
20:39:08.0912 0x15a8 [ DC968C37822117E576B933F34A2D130C, 4C94E00ADC242296D7CBBFC7346D5F9AE5FE1B0C616ECA3BDE10A7B34FD2040B ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
20:39:08.0912 0x15a8 acpiex - ok
20:39:08.0912 0x15a8 [ 0CA9F7C3A78227C21A0A7854E245CFB2, D54147C9C1EE2F0098B863B0852E027DB89D6FA67F6B7FD54F609D9715A11442 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
20:39:08.0912 0x15a8 acpipagr - ok
20:39:08.0943 0x15a8 [ 8EB8DA03B142D3DD1EB9ED8107A76C43, 24B9B24F9A5BDF3AAD13C4EE0638497D9CA4A100096C6EAE403E0215EA89C439 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
20:39:08.0943 0x15a8 AcpiPmi - ok
20:39:08.0959 0x15a8 [ CBCE725C5D86ABA7D2604E22951AA9B8, DE0440F0E943F057EBCD01DB4B1E12DBC241FBF03C42021306D322AB88FF8F21 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
20:39:08.0959 0x15a8 acpitime - ok
20:39:08.0959 0x15a8 [ 3B42D95D20CD2AACDB0564471AE43ED7, BF49568D7060159F61D5F6DE7ECDECCCD1F920A2881544BA83CF420C822F6653 ] ACPIVPC C:\WINDOWS\System32\drivers\AcpiVpc.sys
20:39:08.0959 0x15a8 ACPIVPC - ok
20:39:08.0990 0x15a8 [ 93C6388592B99925C1D1576E465BC80F, 4C48BE5471DA4788357D71E90DFEA20FE320C7AAE1F4C55AFBE2E46FEA5CF8FB ] adp94xx C:\WINDOWS\system32\drivers\adp94xx.sys
20:39:09.0005 0x15a8 adp94xx - ok
20:39:09.0021 0x15a8 [ D27763E0247292654E7F7D16444C7C72, 0314C713D31E2B34F215B52F804F014D876E6ED92DC656CC3E27920CCD36CF0E ] adpahci C:\WINDOWS\system32\drivers\adpahci.sys
20:39:09.0021 0x15a8 adpahci - ok
20:39:09.0052 0x15a8 [ 67B90070FF48F794AF19F9FCF0080D75, 5D0D352606D58D2CA0814F38EF7B1774C030BE44353DF5910CBFAAF4FDE64ED6 ] adpu320 C:\WINDOWS\system32\drivers\adpu320.sys
20:39:09.0052 0x15a8 adpu320 - ok
20:39:09.0084 0x15a8 [ 974AE60BF5B90E31412D93596C968E5B, 092B59C2B67C4618E7B1800615D1DF7199482F60D0D27BD91763F7F8D7FC883F ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
20:39:09.0084 0x15a8 AeLookupSvc - ok
20:39:09.0115 0x15a8 [ 36D6A3201721558A8AFBCC09C2DA4C2C, 66BBD6F2267A6418625D54F114B87248590E48C182085B3F43AEF585554F4A17 ] AFD C:\WINDOWS\system32\drivers\afd.sys
20:39:09.0130 0x15a8 AFD - ok
20:39:09.0162 0x15a8 [ 01590377A5AB19E792528C628A2A68F9, F3A4B6CA4E8D4436E44E36D7F7EEF3DC861D1EE50D41F4273226C4ED95674B84 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
20:39:09.0177 0x15a8 agp440 - ok
20:39:09.0193 0x15a8 [ D1BE8E6E5B3AF23A4393AF1BF867977A, B3AE97D35A9304198715D76F6C3F0545AA176FDEBA6C2055782558B11DFA14EB ] ALG C:\WINDOWS\System32\alg.exe
20:39:09.0209 0x15a8 ALG - ok
20:39:09.0209 0x15a8 [ 025E8C755BE293E50854D26D1BBE5133, 4373639689306A3D8FE0F862072711BAD5DBAA45E105CD3129586439A90EE070 ] AllUserInstallAgent C:\WINDOWS\system32\AUInstallAgent.dll
20:39:09.0209 0x15a8 AllUserInstallAgent - ok
20:39:09.0240 0x15a8 [ 5A81054B824004B1ECC04F0034A1CDF9, 73A1986A4B346C425157216EBF16CC90EFFC642EDF6109E6364CF0552E3388FD ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
20:39:09.0255 0x15a8 AmdK8 - ok
20:39:09.0271 0x15a8 [ B849D453E644FAB9BC8EF6DC8CA9C4C6, B803CDA478D3385937C44CBB05A0E65ABACEFEBA682975787C44E2904FB89D2D ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
20:39:09.0287 0x15a8 AmdPPM - ok
20:39:09.0318 0x15a8 [ 35A0EB5AECB0FA3C41A2FB514A562304, 737783ABF348288471AC7051D4DC6CB336D686C94EC7B8938DCA74AFE9BECB1C ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
20:39:09.0318 0x15a8 amdsata - ok
20:39:09.0349 0x15a8 [ 00452671904F5EE94B50BF0219C97164, 99F9B86D3DB3E10B014120A63CD43CBAAB22C8E38851090ABE37D89ABD61F7B6 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
20:39:09.0349 0x15a8 amdsbs - ok
20:39:09.0365 0x15a8 [ EA3FFE53E92E59C87E3ECA9BEB20D9B7, DC0B8B798720F5F75F8AFD3383CF69194282AEEE84DCACB97382F4C86E1D3E49 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
20:39:09.0365 0x15a8 amdxata - ok
20:39:09.0396 0x15a8 [ 83B3682CE922FB0F415734B26D9D6233, 9102E8B410BB1AE426770896B6AB584D1F02830337FBB2DEC182F3F19832F35F ] AppID C:\WINDOWS\system32\drivers\appid.sys
20:39:09.0412 0x15a8 AppID - ok
20:39:09.0412 0x15a8 [ CE2BEAD7F31816FF0AC490D048C969F9, 7D24C5A9E8F7C21CC6D8BF2CA29A8B79DDE7EEDE2F37D36B9071ECE1CF61371F ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
20:39:09.0412 0x15a8 AppIDSvc - ok
20:39:09.0443 0x15a8 [ 4F750B7EFCB6520AE01E01D082D7D476, AD2A67D727A1D4DD0BBACC6B4BB432FA9A14D50D8BA292B95A4747CEC9F85728 ] Appinfo C:\WINDOWS\System32\appinfo.dll
20:39:09.0459 0x15a8 Appinfo - ok
20:39:09.0490 0x15a8 [ E933401B392387F4BE34DE8BAF1722A7, 57CC6DE31E2C82D2B12509F0A5EC9EC70DD2EF6A1F31A66ADF62DC6AE0A67323 ] arc C:\WINDOWS\system32\drivers\arc.sys
20:39:09.0490 0x15a8 arc - ok
20:39:09.0521 0x15a8 [ 07CA323EF2E8247A568AB0F3662AD644, 1224B41193F0E9B164732BA5BF707A13427C82C1D8C3EDC2AAE5C5C75454B9F6 ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
20:39:09.0521 0x15a8 arcsas - ok
20:39:09.0537 0x15a8 [ 74DBAEC35366C4EE7670428808715A6A, 3B3A7A81CD8038C4750560B94A9247C4409410780B312BA71EDF2E393DCA7474 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:39:09.0537 0x15a8 AsyncMac - ok
20:39:09.0568 0x15a8 [ A721FF570C2387E383BDDEA9632863C9, 45DD7787F44A2C742560FEB03AB66910C2F0002D95BB02C55EEDE973AA92AD24 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
20:39:09.0568 0x15a8 atapi - ok
20:39:09.0584 0x15a8 [ 1E71A166547A110CD66EA44326DB4552, F66502ACBB50760EB0A676CB2560A539511935F016CBA2747C554F709D3FA1FE ] AthBTPort C:\WINDOWS\system32\DRIVERS\btath_flt.sys
20:39:09.0584 0x15a8 AthBTPort - ok
20:39:09.0771 0x15a8 [ 7395FB31E3D1AA09EC5DBE6CE2FFE1D8, 7CD6D7A32C2C9B96B9320662C8B36C3089627A6699C7709153E30F9A79D9B7FD ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
20:39:09.0787 0x15a8 AtherosSvc - ok
20:39:09.0896 0x15a8 [ 8A869761F8A024DD2EA77E155BFAABFF, D6D6E66945055F280006421D4160A373236DE4B87405C5D628B46B8D162E5117 ] athr C:\WINDOWS\system32\DRIVERS\athw8x.sys
20:39:10.0005 0x15a8 athr - ok
20:39:10.0021 0x15a8 [ BCD7A47EF587DC00DD61D12D9C2D1E44, 95BC9AC8BA8A86DB5C7A6317002BD9872F193B401A0C58DF252DCF3D4A7541E2 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
20:39:10.0037 0x15a8 AudioEndpointBuilder - ok
20:39:10.0068 0x15a8 [ 810F30FF8490ED5ED510621DF10DE320, DC75EB2A98642AC97F6C16810CCF4C71BDECFB2E0B962DA859ABD7182CE59970 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
20:39:10.0099 0x15a8 Audiosrv - ok
20:39:10.0115 0x15a8 [ 89491EF71D5EA011127832C588002853, 05620E4235956D8446FB9604F930738C8AA97E3A74C907E37F7CC08B8EDA0461 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
20:39:10.0115 0x15a8 AxInstSV - ok
20:39:10.0162 0x15a8 [ 87AB5BB072A3F128541D5B815F82FFDD, 186AF33D3DE90638C3E165CAC3DA17295E8A80CDB523F9BE4AF7D38CA6954905 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
20:39:10.0177 0x15a8 b06bdrv - ok
20:39:10.0193 0x15a8 [ 81703BC5D68DEDBB086C2368FBE7B334, CFD4A55C8045C482F8D410514F3211AEFA00097AB395F5A04BFE983ED6254F6B ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
20:39:10.0193 0x15a8 BasicDisplay - ok
20:39:10.0209 0x15a8 [ 5EC68164E14D25675C98BBB5F09E8606, 1D7EDB21C87039FC5F39F46460AD852BC4EC6B179B1C205D189DD3C397343435 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
20:39:10.0209 0x15a8 BasicRender - ok
20:39:10.0240 0x15a8 [ 89143A7BA7850F5C7E61B43BB44B6418, 00BB781DF87D4FF1BAFD318AFE237296B4F5925023BA4486405EC0A384C88D8F ] BDESVC C:\WINDOWS\System32\bdesvc.dll
20:39:10.0255 0x15a8 BDESVC - ok
20:39:10.0302 0x15a8 [ 9E7AEA59776D904607985AFFE7E5E183, C3DB745A9F4DA7CB9628A7913DD52B2444B14FEB9D588FF6558CF52CEB8955EB ] Beep C:\WINDOWS\system32\drivers\Beep.sys
20:39:10.0302 0x15a8 Beep - ok
20:39:10.0334 0x15a8 [ 9E6A544F465C582AB42444A217CF04DC, E436BA0C423C66740965DA5CB03C39C0EE31A6C0CE5D1D20C7D609E5B0AD27A4 ] BFE C:\WINDOWS\System32\bfe.dll
20:39:10.0349 0x15a8 BFE - ok
20:39:10.0537 0x15a8 [ D598C44A7072D3108D8D8102EC5E07F7, D7472E9BAAB7B6E1D30F4E153412E2A16EE5C08DE2BF8BFF4D65089825226FE0 ] BITS C:\WINDOWS\System32\qmgr.dll
20:39:10.0584 0x15a8 BITS - ok
20:39:10.0599 0x15a8 [ B17AC10B47C7FCB44D22A1F06415840E, 990D6F629D93F4F913D218ACE5187A26DCB762BAFB2BB279CCE8CAF2755D85A5 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
20:39:10.0599 0x15a8 bowser - ok
20:39:10.0615 0x15a8 [ 038FA1B55531E7020DB705B42FCCE373, 023E87E3204D64890D6FEA78E762E5BC5BD0A59325EBC264834727779EEEDBC5 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
20:39:10.0615 0x15a8 BrokerInfrastructure - ok
20:39:10.0646 0x15a8 [ 310068BDA80B1D55C36580FD8A873FAF, A75412FF1F483461F526E9A359DCEECA5E683441514464D5ED82D1A9740D583E ] Browser C:\WINDOWS\System32\browser.dll
20:39:10.0646 0x15a8 Browser - ok
20:39:10.0662 0x15a8 [ C8DD6CF775A7587333EBC74D383E2AC9, 9961196EE1E7A4F54CBE2A4C53A9A1B4243E3C2B3D4C4224A7A87B326E63CEDE ] BTATH_A2DP C:\WINDOWS\system32\drivers\btath_a2dp.sys
20:39:10.0677 0x15a8 BTATH_A2DP - ok
20:39:10.0693 0x15a8 [ E54B63E59E66EE813AC974CF499DC55D, E08E180FC2172D7D75E7995F3E36229D63A51B0ED393D994AC608CD77E8D2160 ] btath_avdt C:\WINDOWS\system32\drivers\btath_avdt.sys
20:39:10.0693 0x15a8 btath_avdt - ok
20:39:10.0693 0x15a8 [ C6978F7EBA6F37D626482AC6B9390630, B4BF939AB9962A61DE9518604C20347DC2A6FCDCEB3D8AEF295AF12E6F2CDCF3 ] BTATH_BUS C:\WINDOWS\System32\drivers\btath_bus.sys
20:39:10.0709 0x15a8 BTATH_BUS - ok
20:39:10.0709 0x15a8 [ 4AF7C20F94DAC343C01ED671C82DCB99, 2AABD85D9D76461DE883E0F13F61C391BA81E6198FF88268B319474E25A196C8 ] BTATH_HCRP C:\WINDOWS\System32\drivers\btath_hcrp.sys
20:39:10.0724 0x15a8 BTATH_HCRP - ok
20:39:10.0724 0x15a8 [ 785C38070043BEEE9E9D591DE4067244, 1C8D15B8A9E80A2799E7094C4AE111FEA9FBC6EAA4A61B13EFE59314C9794949 ] BTATH_LWFLT C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys
20:39:10.0724 0x15a8 BTATH_LWFLT - ok
20:39:10.0740 0x15a8 [ A6019537D6125099363F90D0C6D181F9, CA0C46AABBF71E2A29C93A477A06D33E3CACC84978DD9D729BEFB339E50D7055 ] BTATH_RCP C:\WINDOWS\System32\drivers\btath_rcp.sys
20:39:10.0740 0x15a8 BTATH_RCP - ok
20:39:10.0771 0x15a8 [ 524BA2CBC523773795BAC195C6341F9D, 3AE20FA58E0CE60F612797D239E297903B77D4523F0BD9C626DDDFAC38E8AA25 ] BtFilter C:\WINDOWS\system32\DRIVERS\btfilter.sys
20:39:10.0787 0x15a8 BtFilter - ok
20:39:10.0802 0x15a8 [ F17DEEAC7D51D44CF1BFF8DD4F0A2B6D, 2EA75F8D7D3BDDDE19B48D71D09C797BBACD40800BF557F6FD9047CA62FF2B9F ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
20:39:10.0802 0x15a8 BthAvrcpTg - ok
20:39:10.0818 0x15a8 [ A8B20D852B07AE19A13B5D47EC4E4C3B, 86571C9E2BA15BB169CAB2D24C4D0598154C02FD173638CAFC685A7F6B09472D ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys
20:39:10.0818 0x15a8 BthEnum - ok
20:39:10.0818 0x15a8 [ 616EB8748C988AEE98D93DA141C3D3B4, 15A055B0496BDB29CBCF6EEBF112D4BA1C7A2FF39124728830D0FD1FD7A404CB ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
20:39:10.0834 0x15a8 BthHFEnum - ok
20:39:10.0834 0x15a8 [ DCB4EBD928A6FB368BE6CAE522412DE1, 9E1345F29467054689B9F48B5CCB567760D36610A4EA9AF41B829EAD60347269 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
20:39:10.0834 0x15a8 bthhfhid - ok
20:39:10.0865 0x15a8 [ 42201C346F0B8C458E1E9CDE04D68A2C, 6168FD0D10CD06B00B5C79D5D2B5C353AAC22FD99CE8D417DDBA33ED63CFB8BF ] BthLEEnum C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys
20:39:10.0865 0x15a8 BthLEEnum - ok
20:39:10.0880 0x15a8 [ 033916CE8784A848B9A3D686B7F66D97, B4D0514D59646CF6B70D4FA488CF95C38EA38CC5C509329CC8753E897C640AFA ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
20:39:10.0880 0x15a8 BTHMODEM - ok
20:39:10.0896 0x15a8 [ 091BB978E9504D0AD14586929431A957, ACED02B879026A228E35F40847C210BC30A5AFC948FFE922DB21663E4A8DFF1D ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
20:39:10.0896 0x15a8 BthPan - ok
20:39:10.0943 0x15a8 [ 13795CAA34239D97A7211E7F9D96E012, C4F3402B063A7CFCE386D1AE9255975A199164BA9E7DCDB6129725213A0642B1 ] BTHPORT C:\WINDOWS\System32\Drivers\BTHport.sys
20:39:10.0959 0x15a8 BTHPORT - ok
20:39:10.0974 0x15a8 [ A4387C3D271959313E2577DB7BE8BA7A, C71474802102102EBE04DF036EEB2F5FB3380BE288E3842F19F234EFAE977D70 ] bthserv C:\WINDOWS\system32\bthserv.dll
20:39:10.0990 0x15a8 bthserv - ok
20:39:10.0990 0x15a8 [ 1F715957F5236D30B6020A19A4271F6A, C06B637C2C6919E2DE1055AE249AE3EAF7B4890799F22BF5757CC10CEF145043 ] BTHUSB C:\WINDOWS\System32\Drivers\BTHUSB.sys
20:39:10.0990 0x15a8 BTHUSB - ok
20:39:11.0021 0x15a8 [ 990B1BABE6E81FB18E65A87EBEFB1772, 1820D4AC57E1D4B7FB5AA89C277B16910ED73712878D2B43FE542CE16DFE16C3 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
20:39:11.0021 0x15a8 cdfs - ok
20:39:11.0021 0x15a8 [ 339BFF85D788268752DA8C9644B188EE, C2279F1A39AED39865A5027D2FD087F8E82F3ED8C94BA4D922855B98E792AFC5 ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
20:39:11.0037 0x15a8 cdrom - ok
20:39:11.0052 0x15a8 [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
20:39:11.0052 0x15a8 CertPropSvc - ok
20:39:11.0084 0x15a8 [ F64B7D1A37CC1D5F421D5359EEC81E2E, 2B4879DD32B2C20B94847755E22B1BCBE2B567B3989C57A9BA2DD783307EFFDB ] circlass C:\WINDOWS\System32\drivers\circlass.sys
20:39:11.0084 0x15a8 circlass - ok
20:39:11.0115 0x15a8 [ 9905168708DB68849B879B5548F68AB3, B7A495E57B9398704988DC472126CBC5B8D76761A34F51732FBF6CC88E3AB79A ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
20:39:11.0131 0x15a8 CLFS - ok
20:39:11.0162 0x15a8 [ 2DC8538A2260647484A6C921CA837313, 094059DD66B0C50A1CAE288F920107B0B6AD1AA5758284E35B92C131EDEA30EA ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
20:39:11.0162 0x15a8 CmBatt - ok
20:39:11.0193 0x15a8 [ E708BFF0473EC6B271EA46B65B16CA56, 2B4C661F7C5A4395CA4204122A1C3C8AA766B56C3D01CD8BAAFA18F71FC7B591 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
20:39:11.0209 0x15a8 CNG - ok
20:39:11.0256 0x15a8 [ 0E5B1E9E7122EDAAF1F6CE047965CA92, 803E585B92D1E2E5B6BF67BE511E88DC2629A12407C3E30F7AEFB544D390A9B8 ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
20:39:11.0256 0x15a8 CompositeBus - ok
20:39:11.0256 0x15a8 COMSysApp - ok
20:39:11.0271 0x15a8 [ D9CB0782AF819548072AA45B70F8B22D, 04796F39ABB88759A534DE3D0C51F684BF2A8DE1F4028B657CCFDBDD39A6618C ] condrv C:\WINDOWS\system32\drivers\condrv.sys
20:39:11.0271 0x15a8 condrv - ok
20:39:12.0693 0x15a8 [ 3AB8D5A07C09FFBCAB55F2482434A2E0, 7E8EDD8FF76FFD52F614889750DE99DB34215480764BFF1C018126A253221D50 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
20:39:12.0709 0x15a8 cphs - ok
20:39:12.0724 0x15a8 [ AFA426B0E7975CEB21F8B6711EFA8945, E048D22618B1E408888F06862E265E42304BCF74822879E70912BF4C9B5E27C1 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
20:39:12.0724 0x15a8 CryptSvc - ok
20:39:12.0771 0x15a8 [ C4D01BD86D6B207275FC143EEA951D75, D36F7BBE0DB3EAD0C74DE5E6622C89D4568760D8735B6E191AD30990EA8018DC ] dam C:\WINDOWS\system32\drivers\dam.sys
20:39:12.0771 0x15a8 dam - ok
20:39:12.0959 0x15a8 [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
20:39:12.0974 0x15a8 DcomLaunch - ok
20:39:13.0068 0x15a8 [ C8650D1F61149AA546BDBC99172EBBC1, D9592ED1B6F23B6EC76A0B93635B6E38702311B0A6982F0F9DEC37FCDAF1288B ] defragsvc C:\WINDOWS\System32\defragsvc.dll
20:39:13.0099 0x15a8 defragsvc - ok
20:39:13.0146 0x15a8 [ 5EAEF67AE2AF4D2DC664B649DB7B2E16, ADAC7FD6AC12B50F4998C5EB0BD770DD4B80A94C4CC1B9376AD77648E48D012D ] DeviceAssociationService C:\WINDOWS\system32\das.dll
20:39:13.0177 0x15a8 DeviceAssociationService - ok
20:39:13.0209 0x15a8 [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
20:39:13.0209 0x15a8 DeviceInstall - ok
20:39:13.0224 0x15a8 [ 09D9EB9E7898F8E6561473A20CC808B9, 0F511593D36084843E5138AF6D55FE08D77803968AE12A236A02368DB364347E ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
20:39:13.0224 0x15a8 Dfsc - ok
20:39:13.0240 0x15a8 [ 9E0E72222264745ADEB0E5AC680B0ED6, 576AFC8741695396A3B8E9DBDD3703E9D70370437D09D162262E47A140D101B4 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
20:39:13.0240 0x15a8 Dhcp - ok
20:39:13.0271 0x15a8 [ 3C736FAE17BA6F91BA37594AAB139CD0, 34304A194105B19E7ADD80108DC85C3B7AA9E942C84A7EF93C475CE1D9AE4615 ] discache C:\WINDOWS\system32\drivers\discache.sys
20:39:13.0271 0x15a8 discache - ok
20:39:13.0271 0x15a8 [ 560495FF4CA22E1D9B1972FA18F43B6F, 41FFDD4C1097AA857A8177E34F101A1A9C1429A4E8DEC3D395C6135A9E112CD6 ] disk C:\WINDOWS\system32\drivers\disk.sys
20:39:13.0271 0x15a8 disk - ok
20:39:13.0287 0x15a8 [ 82A7C72593793FE1EADA7A305BD1567A, 75F432E4C75AE9EFF553BD860B3B250853BDDA85C17DBD9B7242D74593506A86 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
20:39:13.0287 0x15a8 dmvsc - ok
20:39:13.0334 0x15a8 [ 066B9710B36AB550E01EEFCA52155968, DCA9F3F4856A6866D3F5A2EEE34E96A83F40198DB0B5AC6381A7568DE1F56FAB ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
20:39:13.0349 0x15a8 Dnscache - ok
20:39:13.0412 0x15a8 [ 9949AD2ABA168A618D46C799D6CC898C, DFAC86A0AEE83C9EFE1BEE9EC15C8CAF1D619D55AF3ACC3986057A5AC985D06A ] dot3svc C:\WINDOWS\System32\dot3svc.dll
20:39:13.0428 0x15a8 dot3svc - ok
20:39:13.0459 0x15a8 [ 109FC3F80BF4F4DC5A071058074F13C1, F30736F45BA1811D59E9CB1C172D8D1EA9F5A7D36DCFFBFC9E7E02448C1CF851 ] DPS C:\WINDOWS\system32\dps.dll
20:39:13.0459 0x15a8 DPS - ok
20:39:13.0490 0x15a8 [ 9C7C183F937951AE17C5B8B3259CF3FF, 8ED607139F15D08B4835ACF864421BA4C08C88FE90B9AAF707F5D8514D7731B1 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
20:39:13.0490 0x15a8 drmkaud - ok
20:39:13.0506 0x15a8 [ BF48F32EE248C3D371DA5DC93BBEADA7, C8E9B685A8F2F99140382557F11E362D899E7EC6693ADEFE762F0A3850585C63 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
20:39:13.0506 0x15a8 DsmSvc - ok
20:39:13.0662 0x15a8 [ 6D1B8A9A2C0BD4851D8AF1AB43E67AD9, 3D348D3EFCA9C2AC25C3D0722FB8F64820936DEFD3926888740442972A0A8189 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
20:39:13.0693 0x15a8 DXGKrnl - ok
20:39:13.0756 0x15a8 [ 651FBD69A9713D623D456A240F96179C, 22A1F306B454EF9C84D25EF266F3ED0E1D896B1F5BE60170E79F37F2DBCA59F4 ] e1iexpress C:\WINDOWS\system32\DRIVERS\e1i63x64.sys
20:39:13.0771 0x15a8 e1iexpress - ok
20:39:13.0787 0x15a8 [ 58BA473DD88F5FC1932282BA683AA03E, B8A4407D3006D91BE88F9C5389AC1CACC73BEBF6F66433A1E5EB8E58E8836C12 ] Eaphost C:\WINDOWS\System32\eapsvc.dll
20:39:13.0787 0x15a8 Eaphost - ok
20:39:14.0037 0x15a8 [ 5AB97B3282D7D6114949D1EB5C8598E4, FB9449CC1CDC12C12AA0469BB6ACC770CB011250EDFD86E9600E754610608EFD ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
20:39:14.0131 0x15a8 ebdrv - ok
20:39:14.0162 0x15a8 [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] EFS C:\WINDOWS\System32\lsass.exe
20:39:14.0178 0x15a8 EFS - ok
20:39:14.0193 0x15a8 [ 66D60BD9A4C05616ABECA2A901475098, 8111550DB03FFD72F1822F47B16F075DA92874B64F19342D7CF60B0EE648AFEF ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
20:39:14.0193 0x15a8 EhStorClass - ok
20:39:14.0224 0x15a8 [ A61D0F543024E458C0FE32352E1978E2, BDE6BC140300EAF790F16466C28897CE0BD7D94DCED13FDE20AA4AACA0F6A4FD ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
20:39:14.0224 0x15a8 EhStorTcgDrv - ok
20:39:14.0224 0x15a8 [ D790D058D67582DB9C84C2D33695FE6B, A5763D7F6D191EA4B290B3E92D842AC36FD46DF598472E70B46E45D8CCD2F912 ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
20:39:14.0224 0x15a8 ErrDev - ok
20:39:14.0396 0x15a8 [ F9E01C2D9F8BC049E04CF5DC24A5F638, CB6CCB59C77D4A59DDA846608AABEF1DFEC24C8422712AB8D59E27C13D731D2E ] EventSystem C:\WINDOWS\system32\es.dll
20:39:14.0459 0x15a8 EventSystem - ok
20:39:14.0474 0x15a8 [ 7A4D6FEB8C52B3FE855E4DCDF9107E03, 6B0146A4C9AD32DCDC2DEE8E8C5A29F687665458486449E0D37B151ED63B8ADC ] exfat C:\WINDOWS\system32\drivers\exfat.sys
20:39:14.0490 0x15a8 exfat - ok
20:39:14.0490 0x15a8 [ 60996602A7111FD2D086E803F33E4282, E62A91C90F8542990BEA4E6A5D9DD3D070F4EB23B4C13414C5DA2B0219509749 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
20:39:14.0506 0x15a8 fastfat - ok
20:39:14.0537 0x15a8 [ F0E7F8382ED5E138B0DFA4CB5058BCFE, 6247C7B75F975F5AB080FFB9881EF58A6F360219F7AF2DE871F38E80CAF3B62C ] Fax C:\WINDOWS\system32\fxssvc.exe
20:39:14.0553 0x15a8 Fax - ok
20:39:14.0568 0x15a8 [ 73B2D11DF0B6E03A0CB0323218ACB3E4, BA9256919BAA2E0760F6A658B557FDC389ACE8F9820D1A41FD995FC5613F5AA6 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
20:39:14.0584 0x15a8 fdc - ok
20:39:14.0599 0x15a8 [ 0828E3E7BD77C89149EAD3232BFD38DB, A6A296647A4EDBFF59124E3A9C0AB48759AA1738615ACFA5A454FF6BD3C31BA2 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
20:39:14.0599 0x15a8 fdPHost - ok
20:39:14.0599 0x15a8 [ 872506AAB591E8908DF4461475AF92DF, 772F2D08CB95775E438822B9EA005CBA92ED4071ADAB2C0101156A7D037D4704 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
20:39:14.0615 0x15a8 FDResPub - ok
20:39:14.0631 0x15a8 [ 0588950D93A426F97C7AAADB1A9B0458, ABCB3619BD58CAC438FC032495AE45A7B6FFDD4BD33C1B3D1BC7F9F13FCB727A ] fhsvc C:\WINDOWS\system32\fhsvc.dll
20:39:14.0631 0x15a8 fhsvc - ok
20:39:14.0646 0x15a8 [ 88A9EBACD1058ABB237A6B4E96E7F397, 263D25D33B679EB01D97763701347C31B2F72E28CE2C7EC8013EA77756D98BE1 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
20:39:14.0646 0x15a8 FileInfo - ok
20:39:14.0662 0x15a8 [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02, 1D7BFB00D74A28AC13ECBA1E0036D50EE79266AC02CEDB2632466BF9DD46F211 ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
20:39:14.0662 0x15a8 Filetrace - ok
20:39:14.0678 0x15a8 [ B1D4C168FF7B8579E3745888658FFB1D, 1A5C13E902A0C788A8B995ADD2FBC3303005911C0AA3F3F4497D3016AA0EF583 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
20:39:14.0678 0x15a8 flpydisk - ok
20:39:14.0709 0x15a8 [ B33EC133AE4E6C1881D2302D93D2467D, 77E3A16257EA3698B3FCD947D004144E8D1EEE48EF5C82DF49B1B9B2B3C61DB2 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
20:39:14.0709 0x15a8 FltMgr - ok
20:39:14.0928 0x15a8 [ 0BCDC0FF11B984162B0CF0FF6E9E0146, D44A3CECBA36B7A64854E244FA6B5E65047896BF9983D20B431410FBBA36697A ] FontCache C:\WINDOWS\system32\FntCache.dll
20:39:15.0099 0x15a8 FontCache - ok
20:39:15.0162 0x15a8 [ 0B56259F5611787222A04A8F254E51D4, F77AEC0ACBFAF9154E32223B84B613229DACCD953AEBC3E96C27570F9AB10FD0 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:39:15.0162 0x15a8 FontCache3.0.0.0 - ok
20:39:15.0178 0x15a8 [ A5F7873A39E4E9FAAAE59B7E9E36B705, 32036109F5A50E9F3BEF97C5B28AE8179B3A5E22517868A83CADE4671FF90DEC ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
20:39:15.0178 0x15a8 FsDepends - ok
20:39:15.0193 0x15a8 [ A6DD7D491F587F4BC13FB972977DC8E8, B86F97F17F6F443EC16DEF67CCA4EF78AFE56078D2877838A982FECB19557C87 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:39:15.0193 0x15a8 Fs_Rec - ok
20:39:15.0224 0x15a8 [ FA228F4BB10DC7ED7E7D131C034E2331, 0463B1DB8BB2B5AF95EAD988EA9DEB5483D9E78C07E07BAC1E3CC46C086B3BB0 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
20:39:15.0224 0x15a8 fvevol - ok
20:39:15.0256 0x15a8 [ A969D92973DFA895E7776B4BFE36DBB2, 7528E6983ECC59291A7A386E4E459B19D1593ABDDFFD276E2F01B0EA21693E20 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
20:39:15.0256 0x15a8 FxPPM - ok
20:39:15.0256 0x15a8 [ 52BC441E07A827EBAB70CDC7EAEDB28D, 8DECBD8E12EA52039742599CFBBF0D3B6610B57EF8D9DAEEEA33D202A478D286 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
20:39:15.0256 0x15a8 gagp30kx - ok
20:39:15.0287 0x15a8 [ 721F8EEF5E9747F32670DEFF7FB92541, E0A8EF70753E260C2C7D93D316B5EF9589DB086FDF829BDA2958C6A09CE471A6 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
20:39:15.0287 0x15a8 gencounter - ok
20:39:15.0318 0x15a8 [ CA18ECFCFFDD638ECE80799A9056B238, FEA6778443253CBAA9FF43A980D576A3F449B036151F91495F04CE0C54F02254 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
20:39:15.0318 0x15a8 GPIOClx0101 - ok
20:39:15.0459 0x15a8 [ 5358678C6370F2ADC5291849F6503262, 841633D7A936C3889690C67E189BAD4C6B294C196FFFE5B564FCECDFE46A9E52 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
20:39:15.0521 0x15a8 gpsvc - ok
20:39:15.0553 0x15a8 [ C2504AA983B5D411F7D31402E8B57725, B07370E6BF87546F2557C423F7450CBE90E2A13042DEA2864B6047EFE9F459C5 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
20:39:15.0568 0x15a8 HdAudAddService - ok
20:39:15.0568 0x15a8 [ 7D87B5B6C7188D553E11B59DC7F0B111, FC633DB71E1D72E8AD8F89BBB54324CC6ED17F5594EF55DD0BDB58EE1F601FF5 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
20:39:15.0568 0x15a8 HDAudBus - ok
20:39:15.0584 0x15a8 [ 3F76BBA53D65E85A7F53E7A71082082C, D1E18815BB19CD11007C4A66162C76F55D4FE6B09B34ED45969C7ECC29D394AD ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
20:39:15.0584 0x15a8 HidBatt - ok
20:39:15.0615 0x15a8 [ 085F150D002B7F0153D3C06DDF33A143, 41847FD02608ECFE3A6B4B38CBDE8416B0EF17491868511FD704B0BCC280338E ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
20:39:15.0615 0x15a8 HidBth - ok
20:39:15.0631 0x15a8 [ CC4A07E51D89575CAB6F4EB590D87CD4, DFB4EAF0923EF9FF6C42EDD1EA5E4025F243C9BE2D03D5423FE8A897DC01D657 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
20:39:15.0631 0x15a8 hidi2c - ok
20:39:15.0631 0x15a8 [ DC96F7DACB777CDEAEF9958A50BFDA06, 7CE79F32D5EE65C0178CFF56523825D3EE01095B2CE8C67634A6604A821A9086 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
20:39:15.0646 0x15a8 HidIr - ok
20:39:15.0646 0x15a8 [ FAC37D7B3D6354A5A5E19A45B50B4008, 2962B552A1DA545DFDEF0886582E82596FE8A3A19AAF989B025AFDA84D16D4EC ] hidserv C:\WINDOWS\system32\hidserv.dll
20:39:15.0662 0x15a8 hidserv - ok
20:39:15.0678 0x15a8 [ 012C354B4AB48E9A7A657DF39E3A2073, B15D0089CE509FF1CF73DFE095425C1C99FC3971622DCAAD9CAEB989A12A4FDB ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
20:39:15.0678 0x15a8 HidUsb - ok
20:39:15.0693 0x15a8 [ 43F884B61A24377567CD0FEB35236334, B3BA36B527C8D6D83DE2FBCD8D503B87FD2611BF15B07A7BC138DC8BAE6A50C1 ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
20:39:15.0693 0x15a8 hkmsvc - ok
20:39:15.0756 0x15a8 [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF, E6967F3F465C6E903221BC0FCBAE7D05FD18C0BF110D929335F5935364B3C1BC ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
20:39:15.0787 0x15a8 HomeGroupListener - ok
20:39:15.0865 0x15a8 [ E0D9F6FE18FA7F53ADD29AF719CE2B7E, B965DCC72625188F3B896CB447B7696F22687266EAFC5AA270E2AD53DD9F324D ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
20:39:15.0896 0x15a8 HomeGroupProvider - ok
20:39:15.0912 0x15a8 [ 64DB7A8D97CA53DCCF93D0A1E08342CF, 02CAB7F28D3830C482683425C60044239C6F1562556688A274CA2C237C846E76 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
20:39:15.0912 0x15a8 HpSAMD - ok
20:39:15.0990 0x15a8 [ F4A91D985EB9D1D2717D538F3424603C, 454AD2FF3A7963B9835AEF300F6672F92D0CCF59593BA2CCC83F0EC1446BB659 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
20:39:16.0006 0x15a8 HTTP - ok
20:39:16.0021 0x15a8 [ 2A98301068801700906C06649860FE94, 664394A52326289DCA0828B0041A105653F4FEF3E3DCCC3787AAE0F6FDC73A14 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
20:39:16.0021 0x15a8 hwpolicy - ok
20:39:16.0021 0x15a8 [ DC76901D82097C9E297F20C287CB9A27, 01A412D0D8A65050BE4250A7C4B9F98A4C43FD891827761E0C830369A5F9F09C ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
20:39:16.0021 0x15a8 hyperkbd - ok
20:39:16.0068 0x15a8 [ 716413AB3CA12DE0A7222D28C1C9352C, B82B586BD9DBD70DDA19A02504E8CB00DA53677703AB848B53387601C5BAD3D3 ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
20:39:16.0068 0x15a8 HyperVideo - ok
20:39:16.0068 0x15a8 [ C9E9CBF73AFFBFE3E801EFB516787BA3, 1A850D614BDA6AA4195CC657702BC6242BA51B90131717743182AA160F65E72C ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
20:39:16.0068 0x15a8 i8042prt - ok
20:39:16.0131 0x15a8 [ AE0C5DF7E7DA3E7AC29B64CFA8C4F044, 0486DDD6EC60A9695BC8D030158503E02BB0561EEA4B9F4A7FB19F89B3622C90 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
20:39:16.0146 0x15a8 iaStorA - ok
20:39:16.0271 0x15a8 [ 777788D9B63CCEEEF2DB353BA4EDD454, 36A3099C252F1F18D09A8B03A4F103E5E8AF09C80AB4F08133CCD4D3BB71EE25 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
20:39:16.0271 0x15a8 IAStorDataMgrSvc - ok
20:39:16.0287 0x15a8 [ 5E394EBD26FD68AA9300332C46BEDD62, 56A5DA7CE08C07B519E55D0A46AA9D10B640349808EFE02B3278267B75B5F603 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
20:39:16.0303 0x15a8 iaStorV - ok
20:39:16.0318 0x15a8 [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
20:39:16.0318 0x15a8 ICCS - ok
20:39:16.0553 0x15a8 [ 0245CD3AE14CACF6E2503C42019431D7, 87D2E1ACD3CC0B1C3F713EB5E0C6C510B386EC142AC7554B2043396305626C96 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
20:39:16.0693 0x15a8 igfx - ok
20:39:16.0709 0x15a8 [ 24847A06B84339FEEDE5CABF3D27D320, 7727B1DAD0D4A1D474FBBEFCEBDF36A1F07D1AA300869AE57A24ED91BF84B6B4 ] iirsp C:\WINDOWS\system32\drivers\iirsp.sys
20:39:16.0709 0x15a8 iirsp - ok
20:39:16.0912 0x15a8 [ 531B5A98145DA689741A0AC18F14EA94, BFD6FF79EA87627B2E5D96747518928119B60CFE772AE15F1643F9738DCD4DBB ] IKEEXT C:\WINDOWS\System32\ikeext.dll
20:39:16.0959 0x15a8 IKEEXT - ok
20:39:17.0162 0x15a8 [ 27B6655F7516FE548BC5DB65C7893315, F470D4EA16F3997321849D554F043EB383F6FFB3334301BE7D734BC776964C5F ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
20:39:17.0271 0x15a8 IntcAzAudAddService - ok
20:39:17.0350 0x15a8 [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
20:39:17.0365 0x15a8 IntcDAud - ok
20:39:17.0537 0x15a8 [ C2712BF2D18C0D4214065A170E80C664, 4266F6259D2762D761EA5A478FCCC84E8C9F961FF1169D8A10F4A7BA0D587B4C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
20:39:17.0553 0x15a8 Intel(R) Capability Licensing Service Interface - ok
20:39:17.0568 0x15a8 [ 4F37726CF764CA18A8A84F85EF3A7F24, 6212B23917526E127CE641A11A58DA93651FFE70829C4079FE465DBDC81CF470 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
20:39:17.0568 0x15a8 intelide - ok
20:39:17.0600 0x15a8 [ E15CDF68DD73423F15D4AC404793AF0D, E2D0136AF68D1A73EB3A63C83284B4661222CB0A4AFACCF276CB57CBD4850287 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
20:39:17.0600 0x15a8 intelppm - ok
20:39:17.0615 0x15a8 [ 8FCA66234A0933D796BB780B7953BAB9, 7DD677F5EE09A8D7A75C9E475B5E6B3DCA49D1E846C7D160B839D7029B1C5B6D ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:39:17.0615 0x15a8 IpFilterDriver - ok
20:39:17.0818 0x15a8 [ C217B8D2E58C57A319B16125C3D4B69C, 905BB858E1782BD08FF080A4A604CE662440A15601B178FBD30269C306C04CCF ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
20:39:17.0896 0x15a8 iphlpsvc - ok
20:39:17.0928 0x15a8 [ 6E98A046A12AA113F8898AA5D612BD6E, 28816CC1F03F2BFBF099C087C0BB6949E959F44C888DD2D0528FF7ED5D665ECF ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
20:39:17.0928 0x15a8 IPMIDRV - ok
20:39:17.0943 0x15a8 [ 3969B9C218DD3FAA9F4ED2FFC3651C02, 93447F124CC55FB17055126432194153E1BB8F0FD95A47608494B6834A5F7089 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
20:39:17.0943 0x15a8 IPNAT - ok
20:39:17.0975 0x15a8 [ 25CD7C4BB2863FFC2B0B311F0AEBF77C, 4099BAA2DB4ADB93B878D71E241B7D9EB7E0EE7ED0FE2450CCB9E4718B3726EB ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
20:39:17.0975 0x15a8 IRENUM - ok
20:39:17.0975 0x15a8 [ D940C5BB9DC92E588533C19ABCC3D2C2, D1442854CEDE86F2C187A35851E74C873D34B772C60BC118FA1577F79C03364D ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
20:39:17.0975 0x15a8 isapnp - ok
20:39:18.0006 0x15a8 [ 69C8BF0BC2B0EA10F130F4D3104DC2EF, 8FFF92828C3DC20F0F42C42E58A03B59A4E0187963F728DC618C9595FB2D0239 ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
20:39:18.0006 0x15a8 iScsiPrt - ok
20:39:18.0068 0x15a8 [ 1F95EC569F77B275F07FA9FCFF7F6B59, 13EF3F1434755FF81EEACE014AEFB7BBE730B247068F56C2C7BC8DD4EF9A057F ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
20:39:18.0084 0x15a8 jhi_service - ok
20:39:18.0100 0x15a8 [ 8FBD94B69D6423E20ABCD59D86368B21, 218EF992095E365EC917413749856A64D55D8129D77098E24D670843233377F4 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
20:39:18.0115 0x15a8 kbdclass - ok
20:39:18.0115 0x15a8 [ E88C932ABDF8185A62C8F2FC7B051FB6, 67F9AF58237A11F0BF3D15AA5B32E5CE66B7AA039B999D938F7F6E63DCEA7A6E ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
20:39:18.0115 0x15a8 kbdhid - ok
20:39:18.0131 0x15a8 [ FB6C185092E18011EF49989425C2AA87, 043524409E0A764201DD221C48B7DEEA0D161945EB37D4B88313BAB2299949DF ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
20:39:18.0131 0x15a8 kdnic - ok
20:39:18.0162 0x15a8 [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] KeyIso C:\WINDOWS\system32\lsass.exe
20:39:18.0162 0x15a8 KeyIso - ok
20:39:18.0193 0x15a8 [ DFA480F6DED551464F3A5B959F437800, C07AB6F28A09FCBE11EECAD03B06CEAE1016EC24031FCA0C092639E90FBA84CF ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
20:39:18.0193 0x15a8 KSecDD - ok
20:39:18.0209 0x15a8 [ 127FB0AAD232BAAD2C9BBACD374F4FC5, 3BC56F6B4374062C96149D69ACE053DF81A278F0361599F5A2F3DB1F76F0AD68 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
20:39:18.0209 0x15a8 KSecPkg - ok
20:39:18.0225 0x15a8 [ 81492FEEBF2F26455B00EE8DBAE8A1B0, E33AA2DFB2D3BB30B02CDADA2EC290F86329DA3198327A653F39A843D86390B9 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
20:39:18.0225 0x15a8 ksthunk - ok
20:39:18.0287 0x15a8 [ 5825DBACEDC3812B5CF8D40B997BF210, 1C2997BCC707C1029B21876E093038CE3BBF6E6694B4CCF7EEDD47172ED9A541 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
20:39:18.0303 0x15a8 KtmRm - ok
20:39:18.0428 0x15a8 [ 256EE31588257E8A555DBFAA13F1908E, B6817F632EDEA483E35BF26846DCDD4E95E860620959179B2A5D8AD7EEDDB126 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
20:39:18.0443 0x15a8 LanmanServer - ok
20:39:18.0475 0x15a8 [ 16650912BE5A94B40E0B3B4C39652B56, 908C2C9367AE0AC9AECB5D91514BB33ACD746D99F19C1A8DD6A9550E9CAD9E00 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
20:39:18.0490 0x15a8 LanmanWorkstation - ok
20:39:18.0662 0x15a8 [ 5FC101A94EC8E56AE8730A9918F5AD8C, 5E5D72B57A18A8F8630D26CF143467263C3F3E933BC52AA5B7007365ED79CD80 ] Lenovo System Agent Service C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe
20:39:18.0693 0x15a8 Lenovo System Agent Service - ok
20:39:18.0709 0x15a8 [ BE166935083F9C38EDFDC21B9A7A679B, 89C64DBE58E1B974208AAAA5CC757C599B1439C205C3C48BF16BA054A06DBC94 ] LHDmgr C:\WINDOWS\system32\DRIVERS\LhdX64.sys
20:39:18.0709 0x15a8 LHDmgr - ok
20:39:18.0725 0x15a8 [ CEEFD29FC551F289810B0B9381B321DC, 900F206B487B2190D9363F28AA4BA0CD7DCFE1D005BE05A48AF74B1B81194691 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
20:39:18.0725 0x15a8 lltdio - ok
20:39:18.0772 0x15a8 [ BCF53485E0A94722CDE3C4A93CD8EB8C, D24E1066EB102245A89A5D17D608DB9DF6B71C99F1C77E070B95EFD17D268141 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
20:39:18.0772 0x15a8 lltdsvc - ok
20:39:18.0818 0x15a8 [ 5A2F7F1CBC2E631A497DAD16164E06D2, 35274FC6C386380B01B5E8F467E71A2C4E2FB2AD701554F9B1A9B036B0340142 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
20:39:18.0818 0x15a8 lmhosts - ok
20:39:18.0834 0x15a8 [ B4614E581CEE9E21EC9651A84CDB80F0, 3DB86675F2B7FAE983A3134E8C5C0083479A1D0E1A3B2271A2847881FDC73662 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:39:18.0834 0x15a8 LMS - ok
20:39:18.0865 0x15a8 [ 022CDD12161B063D7852B1075BF3FFF2, E21267243AF2FC208D27E67827B1264A762C99AECEDB7AD2C48A04F421A6B2F0 ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
20:39:18.0865 0x15a8 LSI_SAS - ok
20:39:18.0865 0x15a8 [ 07AD59D669B996F29F91817F0ECFA34F, 026F332F862D142BFFC9D169CCD17A35BFB6B301EEC72AA13E16369B3520919C ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
20:39:18.0881 0x15a8 LSI_SAS2 - ok
20:39:18.0897 0x15a8 [ 216FB796AA4E252ACCE93B1BCB80B5EC, 5B1E49B5F7B9C7A778198D27F8EE500FE35DC32D40B22A3D6ED67560BEB04212 ] LSI_SCSI C:\WINDOWS\system32\drivers\lsi_scsi.sys
20:39:18.0897 0x15a8 LSI_SCSI - ok
20:39:18.0912 0x15a8 [ 5E80530AF37102488EE980B4A92AF99F, 364E18EAD9AC22F8A306B24C6C43E58224F6BE2744EFEAA2484696B8D9880851 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
20:39:18.0912 0x15a8 LSI_SSS - ok
20:39:18.0959 0x15a8 [ A57BA284F5996FFD32DCDBC41A4657DB, 2106B83873A824BC83EF42FAC9DD9A0F741209535A84AE65EA8E786519920043 ] LSM C:\WINDOWS\System32\lsm.dll
20:39:18.0975 0x15a8 LSM - ok
20:39:18.0990 0x15a8 [ 2BDC5D711FA61307CE6190D47C956368, 6BCDC6CBB9783F1ABE8957BDA94AF977DFB2A310BB6D19085EFC8609C97FD180 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
20:39:18.0990 0x15a8 luafv - ok
20:39:19.0022 0x15a8 [ 8A50D5304E6AE48664CF5838EC32F647, C76943FABEE1B5E1B641AA610668CCD4227E2C4B191DD30B79D3AB31A9E8B5BE ] MBAMSwissArmy C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
20:39:19.0022 0x15a8 MBAMSwissArmy - ok
20:39:19.0022 0x15a8 [ 9B0D829C3BE4E7472DB9DD2B79908E3C, ACED5806FFF39E84007B5A3DCB16315329DC53007F46B1BEEDC391CC659F7DD3 ] megasas C:\WINDOWS\system32\drivers\megasas.sys
20:39:19.0022 0x15a8 megasas - ok
20:39:19.0068 0x15a8 [ ECC3F54C7AFC318271C4F0B4606D8DB0, FD1ACB18B8C912C7A57DABCD5460800DD0721A82E09C8D79C47B3392D61CBEA6 ] MegaSR C:\WINDOWS\system32\drivers\MegaSR.sys
20:39:19.0084 0x15a8 MegaSR - ok
20:39:19.0100 0x15a8 [ D71FD7A4FDB01C554AE144037B688DF1, 74D33303DA559A3A2EB809FC0EC3722D24F7F1A37BC7370680CFEB951BE735AF ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
20:39:19.0100 0x15a8 MEIx64 - ok
20:39:19.0115 0x15a8 [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] MMCSS C:\WINDOWS\system32\mmcss.dll
20:39:19.0131 0x15a8 MMCSS - ok
20:39:19.0131 0x15a8 [ 780098AD5DA8A4822E2563984C85EF7B, 29312970774E944B5ED388316CF3D350DCABF721F9695737B0AC56BE878B0446 ] Modem C:\WINDOWS\system32\drivers\modem.sys
20:39:19.0131 0x15a8 Modem - ok
20:39:19.0147 0x15a8 [ EA8EAD3F5B762F889CC7F3966625B48B, B701A42E5E08B7BC6601560446146803182E5DC631AB73E9408F19CB6432F121 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
20:39:19.0147 0x15a8 monitor - ok
20:39:19.0162 0x15a8 [ 618446B98C79776654340CE27C73485E, EFE7169FDD545933B5949DA2D09266971C0C3E6894E7BD8AFE29E41567C72B16 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
20:39:19.0162 0x15a8 mouclass - ok
20:39:19.0162 0x15a8 [ C0ADEBED913295803B579ED288936CBB, 58F71541166D1DA07C18FBD27458D55E3F8AD7291CB7496B3A2F01372A5B0CAE ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
20:39:19.0178 0x15a8 mouhid - ok
20:39:19.0178 0x15a8 [ 89D263DBF08119CE16273991C120D6DD, 9771EDAD266F0E234E71DFB6792F396710E051F2ADCA5CDADEBBD2790D0E6054 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
20:39:19.0178 0x15a8 mountmgr - ok
20:39:19.0193 0x15a8 [ 0D1609DD82C7440F5D5BF21A9D4D5C0C, BCBFF081FAFB822CE29D291FB329FC310D90F0EC0D1BB69CF8CB09ED5A2E84D1 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
20:39:19.0193 0x15a8 mpsdrv - ok
20:39:19.0225 0x15a8 [ 3031573A739DBEE8923851929D0AF423, E9EA6C0D12A896AC745173B1F1A58192B52724AA424718B16B8D05E9AC091741 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
20:39:19.0256 0x15a8 MpsSvc - ok
20:39:19.0272 0x15a8 [ 3D70147F55F1EC84EB9139ED7FFE48BC, 12429C2FDDDA13815F0E18F9009011AA5360955759A23A38175543F480CB92EF ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
20:39:19.0272 0x15a8 MRxDAV - ok
20:39:19.0334 0x15a8 [ 93179D48066918323628CB016D8C94DC, FE110BF7A10EDD1DF7F6B933D373FCA51F37413282EBC4187E7C9B1965186BCC ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:39:19.0350 0x15a8 mrxsmb - ok
20:39:19.0365 0x15a8 [ 06D5F2FA3C61E8EA91648EA8E9F99FD3, C665B7896501D42C73955F4EAF4FA3C6B2C9286957D6023C235AFBF9BFB761C6 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
20:39:19.0365 0x15a8 mrxsmb10 - ok
20:39:19.0381 0x15a8 [ 5C7DD2E5759FFCCD2C7341C1B90F2B26, 9822FA53E6067C0E39B7A3A3F1E88719D5D8B055D86FF894F0475B158289EA45 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
20:39:19.0381 0x15a8 mrxsmb20 - ok
20:39:19.0397 0x15a8 [ 98487487D6B3797CA927E9D7B030AE13, 05840AF0DD2E3CB596DA768DBD0728B52210EC05B55AB5921E697AD8956938DD ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
20:39:19.0412 0x15a8 MsBridge - ok
20:39:19.0443 0x15a8 [ 4A07458EB4F17573BD39F22029A991C1, 74D7A1882EA4D19B8F090C2813489E5D3F759BF4AF2D88AE852EC6510C405B5E ] MSDTC C:\WINDOWS\System32\msdtc.exe
20:39:19.0443 0x15a8 MSDTC - ok
20:39:19.0459 0x15a8 [ 3886F1F2A4D2900ABAA7E4486BEEE6A2, ECCA22985838A914EDC866C491DEB64B9FF5110EFA9BEE541F634AC5EC3081F9 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
20:39:19.0475 0x15a8 Msfs - ok
20:39:19.0475 0x15a8 [ C32A7A39B960A42BA9D4FBE47213CA03, 4DA48587138972DA5E95AEDBBBE73BA8CCADC8172C6654427ABEAC8047B27E95 ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
20:39:19.0475 0x15a8 msgpiowin32 - ok
20:39:19.0490 0x15a8 [ D3857A767B91A061B408CCAB02DA4F40, A4D780772086AD8717EE6DC2B6189F796939FB5E5AA08FD9D1984101998FBECF ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
20:39:19.0490 0x15a8 mshidkmdf - ok
20:39:19.0490 0x15a8 [ 839B48910FB1E887635C48F3EC11A05E, F8CFD99911500CC1B6A90C8E2A1697BD5A6E5776A62A62FE5B342FE204C936B1 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
20:39:19.0490 0x15a8 mshidumdf - ok
20:39:19.0506 0x15a8 [ 55C0DB741E3AB7463242B185B1C2997C, D2E2A5B48A64EA0EC2A6566C08E65A38D11CEA64BCA7B57793BA0D009E4D974A ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
20:39:19.0506 0x15a8 msisadrv - ok
20:39:19.0522 0x15a8 [ 216C6B035A4BA5560E1255BD8E5BB89F, A14E038604B9A5506DB145A4D9F51E2751AC825240D2744924F39C332B5DE00B ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
20:39:19.0522 0x15a8 MSiSCSI - ok
20:39:19.0537 0x15a8 msiserver - ok
20:39:19.0568 0x15a8 [ 509809566E49F4411055864EA8D437CD, 70F37BF9C759E8BCA1C6AC8FB9805950925E1C648ED37E8561A0F7A407DFDC28 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:39:19.0568 0x15a8 MSKSSRV - ok
20:39:19.0584 0x15a8 [ 63145201D6458E4958E572E7D6FC2604, EDD4A8A3BBE94B983554B1117734E66A2647B867269C5F0567C47EDE6F3FACCB ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
20:39:19.0584 0x15a8 MsLldp - ok
20:39:19.0584 0x15a8 [ 99D526E803DB6D7FF290FD98B6204641, 4AFAA3B1186621AEAD19E12D3DBE104DD8FCD5C106F9EC3ADA4AD1BC7093E61F ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:39:19.0584 0x15a8 MSPCLOCK - ok
20:39:19.0600 0x15a8 [ 06FA77C3E2A491ADCD704C5E73006269, 465A7EE5387E6C11398A554F73437278F5BF110356E7F49F315905C1F2459278 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
20:39:19.0600 0x15a8 MSPQM - ok
20:39:19.0740 0x15a8 [ E134EC4DE11CF78CB01432D180710D84, BB111F97AEEFDCA5866B157E9957599CD7A4952B5BCCA0B0BCA9EDFCD17E61FE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
20:39:19.0756 0x15a8 MsRPC - ok
20:39:19.0803 0x15a8 [ B5AECF12F09DEE97C9FCAA5BA016CE1E, F5305C4CE6C93A3A3481BD13BE0C23FE26571E11029ACFFE75FB78913681FCFC ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
20:39:19.0803 0x15a8 mssmbios - ok
20:39:19.0834 0x15a8 [ 72D66A05E0F99F2528F6C6204FD22AA1, B14D433BC5795F1DC4C672302285E665DC012693E75574F60664AAD8874DE562 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
20:39:19.0834 0x15a8 MSTEE - ok
20:39:19.0881 0x15a8 [ 8AAAE399FC255FA105D4158CBA289001, 2F55C02605B4A3406B289FF9D46C76260B9138E3DE96AFAEA0E0522E5A2A746C ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
20:39:19.0881 0x15a8 MTConfig - ok
20:39:19.0912 0x15a8 [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A, 00D33A4AB3E7C5F65F59C63F8E2FD27EF38D5484595F785D5632E9414E29352C ] Mup C:\WINDOWS\system32\Drivers\mup.sys
20:39:19.0912 0x15a8 Mup - ok
20:39:19.0928 0x15a8 [ 3A1E095277BBD406CEA8EA6B76950664, 47838F307A6354E77C19A7B1F3F3E22726EF60403B611F358AD6FFE81D7214E7 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
20:39:19.0928 0x15a8 mvumis - ok
20:39:20.0006 0x15a8 [ 4B18840511D720BA118D3017E8165875, 724458A69269A5AE57E8DAB74FF3C198A79B6F7A9602BF38A70B4A40543ED167 ] napagent C:\WINDOWS\system32\qagentRT.dll
20:39:20.0037 0x15a8 napagent - ok
20:39:20.0131 0x15a8 [ 43D7388A90A4C6EA346A4D6FF0377479, DFDCFA448B49C8A577056070AF516F08CD2E452706A3CF9173195ABA4256F35D ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
20:39:20.0147 0x15a8 NativeWifiP - ok
20:39:20.0162 0x15a8 [ 6A0C3996DA7DAE6D6939676D786EEEC4, 6E8A4C6234FD3040BC889E92016A4D5AC7BCAF5059521E50C733966163A546A0 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
20:39:20.0178 0x15a8 NcaSvc - ok
20:39:20.0194 0x15a8 [ C982FE4CC91DECE2259F494FCEB4030F, 4C285407E6F9FBBA92180F4063AEFB736ED142D802F0151002F0CC20AB7BB4E5 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll

Fucza · Příspěvekod **Fucza** » 14 srp 2014 21:32

pokračování....

20:39:20.0194 0x15a8 NcdAutoSetup - ok
20:39:20.0287 0x15a8 [ 03CFE4108D1DE16D6C59455B5C73319C, 0816BAB06457F7ED53F658E53314A7A1D5A0398151186A47CE11A3017D002161 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
20:39:20.0303 0x15a8 NDIS - ok
20:39:20.0318 0x15a8 [ 39C8A1D9D46F5E83A016BCAB72455284, 80DBED610E0818C2C7122FBC5BC8C15BCE981538AE48DC48F464A86389AF3F68 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
20:39:20.0318 0x15a8 NdisCap - ok
20:39:20.0334 0x15a8 [ 762941932B7E4C588E48A577BA9D6440, 71FA1870E398CB848D8294FEF6C60E0499CAB9A16EC3F487564C41072590E4F3 ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
20:39:20.0334 0x15a8 NdisImPlatform - ok
20:39:20.0350 0x15a8 [ 7A6F8A6D0E01432EBA294EF29CDD0FA7, D902AE15194A9F8A2198914FC76184FE7E2B589747275952A04A52853128FDB8 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:39:20.0350 0x15a8 NdisTapi - ok
20:39:20.0365 0x15a8 [ 79AB68BB3FFF974AD4F41FA559F4EC67, 1745EC6520B48E325C56D98A1F4DB9CE135FE3E097B3D66E6598791132CAD7BD ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:39:20.0365 0x15a8 Ndisuio - ok
20:39:20.0397 0x15a8 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:39:20.0397 0x15a8 NdisWan - ok
20:39:20.0428 0x15a8 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NDISWANLEGACY C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:39:20.0428 0x15a8 NDISWANLEGACY - ok
20:39:20.0475 0x15a8 [ 3730942D7DB2F8BB5F84542B7FF6F650, 89C9D7D7305205BDB304CE6DA7D1A57EDE86A9D77429698802A39D75EB78CAAB ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
20:39:20.0475 0x15a8 NDProxy - ok
20:39:20.0490 0x15a8 [ D3F60A4345FCA9C1BE68AD7D0D6DE770, 214AF09F4B021C2F8655FBC8AC8C801E89CD9115CDE690FAEBDA69D63D660EDD ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
20:39:20.0490 0x15a8 Ndu - ok
20:39:20.0522 0x15a8 [ 7C203A76394F9AE68F69EEE5F9612C4A, 2222654915913BDC9367A2075714906A10CF22C047A7494CD59CB71834ED1B62 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
20:39:20.0522 0x15a8 NetBIOS - ok
20:39:20.0553 0x15a8 [ 7CEC25C682D319D484630B3952C31A11, 025C46B367E0570E9E3F9DF1564C3E47B1524E9E9A180BBDF0E9C684838F5E42 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
20:39:20.0553 0x15a8 NetBT - ok
20:39:20.0569 0x15a8 [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] Netlogon C:\WINDOWS\system32\lsass.exe
20:39:20.0569 0x15a8 Netlogon - ok
20:39:20.0615 0x15a8 [ 89519D29CBEC2121CA65CC29C4D345E0, F3BA7BCAFEC8DD8B29837458D1B2B1DEE748AEAAAE0575FD3AAE65CFC72A04CD ] Netman C:\WINDOWS\System32\netman.dll
20:39:20.0647 0x15a8 Netman - ok
20:39:20.0678 0x15a8 [ 79FA9393C67EBBF92A56923592CF7A7C, A8AB8A6346B97B68810CC632F425085BE9E63ACAED0F119A7BFD03F2DA4AA5F6 ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
20:39:20.0694 0x15a8 netprofm - ok
20:39:20.0772 0x15a8 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:39:20.0772 0x15a8 NetTcpPortSharing - ok
20:39:21.0194 0x15a8 [ 57B9C04D673F236D41FAB03842C8640B, 898DCBBBF94875059CD328B0FC75BE36A4E3DD471C6E28BFAE064BCF84349518 ] NETwNs64 C:\WINDOWS\system32\DRIVERS\NETwNs64.sys
20:39:21.0459 0x15a8 NETwNs64 - ok
20:39:21.0506 0x15a8 [ 12DD2800E4EEA37DC9AE256AD62423B4, 34740469EEA8740CBACD881CB232C9ABB9AB180DE5F45336BC6DBE154259F29B ] nfrd960 C:\WINDOWS\system32\drivers\nfrd960.sys
20:39:21.0506 0x15a8 nfrd960 - ok

20:39:21.0537 0x15a8 [ 80ABCD4C2DE9FD832477303AE0CA3BE5, 98F3958E650CEB1006D92980503E1B176D2CA55D2A6742C1C27CDE829D137DA9 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
20:39:21.0537 0x15a8 NlaSvc - ok
20:39:21.0553 0x15a8 [ 17E19A742FB30C002F8B43575451DBE1, 59D226A4A5B5281C399BE96C694915E38EEAF335D31F346B0C65D8F469D7C9C3 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
20:39:21.0553 0x15a8 Npfs - ok
20:39:21.0569 0x15a8 [ 8ED299C30792544264E558BEA79F0947, 8A03FDA9AADB79ECBCBCDC988B7D8CF0672689C9DF673A2ECFE0D2D88A9C6A6B ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
20:39:21.0569 0x15a8 npsvctrig - ok
20:39:21.0584 0x15a8 [ 832B5FDF0B5577713FD7F2465FCD0ACE, 4A551CDBACED47DD781EC59F8B59A13D66EFD85DCF636BCFCBACFE5972A78E93 ] nsi C:\WINDOWS\system32\nsisvc.dll
20:39:21.0600 0x15a8 nsi - ok
20:39:21.0600 0x15a8 [ 689B3B1E95C70ABF7AFF29F9406EF1E0, 8B62D8AE53E1B3218158FADC0075682AB06D18998CF5DE82C920A9CD91C0652F ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
20:39:21.0600 0x15a8 nsiproxy - ok
20:39:21.0709 0x15a8 [ 76929F4A69E425911A63B407E26C2589, 17896DB6EDEF2637D159432DB61E8B5FA2F4F54B5F50BCD6215827C321ED2C2A ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
20:39:21.0756 0x15a8 Ntfs - ok
20:39:21.0756 0x15a8 [ 4163ADE07DB51843AE31F65B94F5398D, 4349E7EF1EE1E71E1F436BA42F5B58871D82B987D513BA2D6E1CEB8A21BD1B20 ] Null C:\WINDOWS\system32\drivers\Null.sys
20:39:21.0756 0x15a8 Null - ok
20:39:21.0787 0x15a8 [ D6D34118263412D3AAA8348A9572B7F2, 66106A25BC5A4CA7697A23ED67CEDB5C0BF678EA70FD967A405D2DF76F4CA3A4 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
20:39:21.0803 0x15a8 nvraid - ok
20:39:21.0803 0x15a8 [ 27AFC428D1D32ABD04A86763A4EDDEA9, 0920866013A8C8CFEE00E6AECDD41736F5501C49837E2D785998734F087F6B98 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
20:39:21.0803 0x15a8 nvstor - ok
20:39:21.0819 0x15a8 [ 051CFB5107BAAE510419BDC41F8C4036, 9990906F17A3886EF301D2AA6556263B52A1C0554C6BD18331AF44ECECAEE4B5 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
20:39:21.0819 0x15a8 nv_agp - ok
20:39:21.0865 0x15a8 [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
20:39:21.0912 0x15a8 p2pimsvc - ok
20:39:21.0928 0x15a8 [ 4319FD931DCD796435ECB5DB4A04FBA5, 20185B2F359EEC202B37019A4E4F5B914ADCF78B97AF0CBD91EECED2259FC6DE ] p2psvc C:\WINDOWS\system32\p2psvc.dll
20:39:21.0944 0x15a8 p2psvc - ok
20:39:21.0959 0x15a8 [ 4563DAF8C6A740AD7F501E219BD10766, 7A1212DDAE2D66A9C2041262796904E36036CDC4C5B75C2F66B8DF9D89F7C25D ] Parport C:\WINDOWS\System32\drivers\parport.sys
20:39:21.0959 0x15a8 Parport - ok
20:39:21.0975 0x15a8 [ D6ACCF9F2EEEEA711C14EFD976E573F3, 60D2A81832A8D24F91C3EF134440D5026354917F59462BACBCE7A01D84767D91 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
20:39:21.0975 0x15a8 partmgr - ok
20:39:21.0990 0x15a8 [ 4811D9EC53649105A5A8BEA661B0F936, C77907E03D0561500FCFEAFAC323E9679E66297329901A0CA2BD7E919419A8E8 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
20:39:22.0006 0x15a8 PcaSvc - ok
20:39:22.0053 0x15a8 [ 4A003E8F718C1E6A2050CA98CD53E3E2, BCC3BE1EC3FA4967353371D85094D096940A7B5944A6FFCA31E8FBE83D92CC6C ] pci C:\WINDOWS\system32\drivers\pci.sys
20:39:22.0053 0x15a8 pci - ok
20:39:22.0053 0x15a8 [ F9908D274D458220F91E89B54D78D837, 1E89ABFA6B375383E0297CEE5AF66E37F90E16DD21ABA5C91777A86CDF013B4D ] pciide C:\WINDOWS\system32\drivers\pciide.sys
20:39:22.0053 0x15a8 pciide - ok
20:39:22.0084 0x15a8 [ 84D19CB6102627932DCB5DFDF89FE269, 2F9C47E076645B35877D9ACA77968EFFCDA8794D76265CD9A4AAA239C4B33C5F ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
20:39:22.0084 0x15a8 pcmcia - ok
20:39:22.0115 0x15a8 [ CEBBAD5391C2644560C55628A40BFD27, 8AAA6EBD8D89FC91AECCCF1452F53C5650A1A17027FF4E64D224371404CE4C8B ] pcw C:\WINDOWS\system32\drivers\pcw.sys
20:39:22.0115 0x15a8 pcw - ok
20:39:22.0115 0x15a8 [ 0698DEDEAD6A00AD0D468C687D830FBF, B9DCA1A61F2EF80DB26380F390F2E9A17114D33129D61CF465B949B6A7916CAA ] pdc C:\WINDOWS\system32\drivers\pdc.sys
20:39:22.0115 0x15a8 pdc - ok
20:39:22.0162 0x15a8 [ 61FE70659CD43E07F94DA4DC31DEC493, 3739B6670B440173FD81DE3D47B0B90FAF296802AD4F57C05BF5CF191BF16022 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
20:39:22.0178 0x15a8 PEAUTH - ok
20:39:22.0225 0x15a8 [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A, 459CF99D5243C4ACAA38C7B426ADC52F1044C759D06A925D475DF6213AEB85CD ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
20:39:22.0240 0x15a8 PerfHost - ok
20:39:22.0459 0x15a8 [ 6E84BFF58F7643499277F29DFA2F8C8D, 401CCF137F35D9690C7B56B2BFEDB2DB72709EBE38626D787904B67640EF6F14 ] pla C:\WINDOWS\system32\pla.dll
20:39:22.0569 0x15a8 pla - ok
20:39:22.0584 0x15a8 [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
20:39:22.0600 0x15a8 PlugPlay - ok
20:39:22.0600 0x15a8 [ 8E2414E818C26C4A9C70CB2B8567F04F, A16B22AE143BA070C562FBE5DEF32F7E228F50B302B66E46B46C44C0F50A4461 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
20:39:22.0600 0x15a8 PNRPAutoReg - ok
20:39:22.0615 0x15a8 [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
20:39:22.0631 0x15a8 PNRPsvc - ok
20:39:22.0647 0x15a8 [ 0108C8E5176D590F242701EF5A62CC26, 3A72F5D4402663B7445F6B3C55F01E83A619B6192F7D3CC2DE3C57F9F50D5A2D ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
20:39:22.0662 0x15a8 PolicyAgent - ok
20:39:22.0678 0x15a8 [ F1E067F56373F11EA4B785CAE823740A, 69BD30E64DA17595FF29C9C9FF9AD4F2F4BE29B688FBAC9DABB2FA9D13A47FF0 ] Power C:\WINDOWS\system32\umpo.dll
20:39:22.0694 0x15a8 Power - ok
20:39:22.0725 0x15a8 [ 362D47E5B4D67270DE4B8606036F4ADD, 716E229C68D91AEA5B5629F60133D5CBDC0C95ABA54D9DC6264E923CAF4DC6C0 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:39:22.0725 0x15a8 PptpMiniport - ok
20:39:22.0897 0x15a8 [ C2D3B3D0060619D5E03E696BD56FF59F, 155954F16B6F9B51BA16F43F1AE6F977B1EC4DE77862C6F6C722293189BE0DD2 ] PrintNotify C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
20:39:23.0022 0x15a8 PrintNotify - ok
20:39:23.0053 0x15a8 [ DD979EB6A7212F60E4AFBE96EDC7AE6D, BC681D64C5B8F08FD4613D71111853FCD5B05E4BD127D2C6258BAED7627105BE ] Processor C:\WINDOWS\System32\drivers\processr.sys
20:39:23.0053 0x15a8 Processor - ok
20:39:23.0084 0x15a8 [ 429E8502AD2227CF88F8840FC5BD590D, A186DA46C083580ACEDE9C7E3156865034302CD803140EEEC8E1DE16DA4BC99B ] ProfSvc C:\WINDOWS\system32\profsvc.dll
20:39:23.0084 0x15a8 ProfSvc - ok
20:39:23.0100 0x15a8 [ EB8034147D4820CD31BFCB11A2A652DF, B10B5E16B7A05D2DB2D5D1945B6146DE15EEDE2C778772A59F104706B5145E46 ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
20:39:23.0100 0x15a8 Psched - ok
20:39:23.0131 0x15a8 [ 0AFBF333B6F87A2F598EAB379AF100B8, D11F3A4D7E4463B62E2DBDE5FC61425B1FDFB07DD1A19BC001D479CA1F554510 ] QWAVE C:\WINDOWS\system32\qwave.dll
20:39:23.0147 0x15a8 QWAVE - ok
20:39:23.0162 0x15a8 [ 13D47BB0CCA2FC51BD15F8E85C6A078E, EA832A9511007C9E8599C3066E1FA66BE869E8A27886D9A9AC590BD4DFBD1A15 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
20:39:23.0162 0x15a8 QWAVEdrv - ok
20:39:23.0178 0x15a8 [ 873C60F8178100557740A832FCE10B5F, 400EF60CB2C98E2AFE122AF3D01CCE56A1548AF865345EE2194AB74DBCBF4C48 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:39:23.0178 0x15a8 RasAcd - ok
20:39:23.0194 0x15a8 [ 69B93F623B130976243ECA3D84CC99CA, F27617E651EADFAEE479619AAB01CDAA98111BA63E204D5C44A1256732CB0100 ] RasAgileVpn C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
20:39:23.0194 0x15a8 RasAgileVpn - ok
20:39:23.0209 0x15a8 [ 005F6E54C4A2DA4EBF68FB0392CE8BB0, 2F3C90A04964D4D906238BD557D90F7AC05DF86FE9729C4378B39431F54DDAE3 ] RasAuto C:\WINDOWS\System32\rasauto.dll
20:39:23.0209 0x15a8 RasAuto - ok
20:39:23.0241 0x15a8 [ A14D625C5AEE5FFE0F47D1A1D419FAAE, 1229B81C23340AD5B436B1FD227876EB41715CE6BD270BA367F18879D26B8F04 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:39:23.0241 0x15a8 Rasl2tp - ok
20:39:23.0272 0x15a8 [ C923C785A2DE0B396AD6D13ACAFF2DE9, 4F950DA776FBABEC7D546983D6F3018733F61268A4BF95C01D4836AD000BD073 ] RasMan C:\WINDOWS\System32\rasmans.dll
20:39:23.0272 0x15a8 RasMan - ok
20:39:23.0303 0x15a8 [ 00695B9C2DB6111064499C529E90C042, 3CD4DF4D8001C2BBF52EEEB1F0D587209878BEAC339D268892477AD840D490F1 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:39:23.0303 0x15a8 RasPppoe - ok
20:39:23.0319 0x15a8 [ A7F24D8CD1956B0A1FDCB86CC5114DE4, 30489D235362DF62B105378597168B13F4BAC74A8EDDBDA25237E3C017B69FEE ] RasSstp C:\WINDOWS\system32\DRIVERS\rassstp.sys
20:39:23.0319 0x15a8 RasSstp - ok
20:39:23.0397 0x15a8 [ CA03D642ACE58E1BA54E4B383F91CD69, 39BB942603801CF11FBEA28E24F8C8D1EF2AF615D1FABF951683A015D6A6EF37 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:39:23.0412 0x15a8 rdbss - ok
20:39:23.0428 0x15a8 [ CA7DF5EC95D8DE0DD24BE7FF97369F68, 153E6F716CA935DBCACB8FF1BB8DE5F5551CE3D18878225470E45893CA69BDB8 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
20:39:23.0428 0x15a8 rdpbus - ok
20:39:23.0428 0x15a8 [ B2A3AD74FF2E2FFA73AF2567108231B3, DF8CEA6215F75C634D56F6B8AE11ECCEEB5F8CBC091AC3D6D9F7DE214B00A439 ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
20:39:23.0444 0x15a8 RDPDR - ok
20:39:23.0459 0x15a8 [ 57F4787E4602A3FCA719C0A33137C6DA, D03AE59A184EB5D126F8EAB9D36EE406ABB8B9ED834F2D2496DDB1349FF56F89 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
20:39:23.0459 0x15a8 RdpVideoMiniport - ok
20:39:23.0491 0x15a8 [ B3CB0721E81E30419CE7D837EF4EA151, EC9410818661BF77E4A19694E3A3030E1D983B36F49C72E27F92A1424E0729C2 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
20:39:23.0506 0x15a8 RDPWD - ok
20:39:23.0506 0x15a8 [ 62C1F8A0685FE07E998AA296C4F697C4, C636AB2D0F139003A6AD7A12E9DC13EE4485A62F30DA59AF842FF02FE07442EE ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
20:39:23.0522 0x15a8 rdyboost - ok
20:39:23.0522 0x15a8 [ 3663CCF243EE0C04E9F6F91ED1737273, 31D06445996F99A7F6B32004D1BA63A21C61DE125373F860BA9A9DE5278E8293 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
20:39:23.0537 0x15a8 RemoteAccess - ok
20:39:23.0553 0x15a8 [ E80DD61E52EDFFF9DA1ED7260A68855B, 97909F42AE35E28B8F98C01A1D8BAD80A949CDCA0C88FB4ACF0A655DC7C10E45 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
20:39:23.0553 0x15a8 RemoteRegistry - ok
20:39:23.0584 0x15a8 [ CCBFCABDFE2BC22F0645CEAADDB36004, 279EA9075079F91165027CEFD4FBC61A213CA602EE7DE106F7D2D243468706AA ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys
20:39:23.0600 0x15a8 RFCOMM - ok
20:39:23.0600 0x15a8 [ 73F2E030B5C24E4E41401B5F0D59E6FD, FAA8B5E3159684E0836900C6EAF63857B445F7F180169B56D5790F097EDAA38B ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
20:39:23.0616 0x15a8 RpcEptMapper - ok
20:39:23.0616 0x15a8 [ 10B21284B3D964AB3DC45490E57D422E, 12D5E3A7785F21C99C5EAD14A88EB7A86A058E26C091991339356D99D196CC13 ] RpcLocator C:\WINDOWS\system32\locator.exe
20:39:23.0616 0x15a8 RpcLocator - ok
20:39:23.0756 0x15a8 [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] RpcSs C:\WINDOWS\system32\rpcss.dll
20:39:23.0772 0x15a8 RpcSs - ok
20:39:23.0819 0x15a8 [ E04E770DD198B9399640717145E79EBF, 2F9BECB7E4B0A522C6370FD39CFD7DFD3FB5D0A779AECCED2EE855629FA3C952 ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
20:39:23.0819 0x15a8 rspndr - ok
20:39:23.0866 0x15a8 [ E7B780F2E7A124264AA487C13107BDFF, 2AE4E7227F3E28FCEF685AC54771D949845339D7881A7855810A6C33E9B179D7 ] RSUSBVSTOR C:\WINDOWS\System32\Drivers\RtsUVStor.sys
20:39:23.0866 0x15a8 RSUSBVSTOR - ok
20:39:23.0912 0x15a8 [ D278B7C0205249398F434856F5329FC9, 19526BC7D85D1EA63449A94274183EA051AB9F0F32209514041906E691060405 ] RTL8168 C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
20:39:23.0928 0x15a8 RTL8168 - ok
20:39:23.0959 0x15a8 [ 752EC7DCD2F96871A3857EEE6AFE965A, 1D0640966B9147A06ED0E733711773E6B4AB8AC6D962D5B369ECB04170D18AD8 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
20:39:23.0959 0x15a8 s3cap - ok
20:39:23.0975 0x15a8 [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] SamSs C:\WINDOWS\system32\lsass.exe
20:39:23.0975 0x15a8 SamSs - ok
20:39:24.0006 0x15a8 [ 9C7B28CE0D136DB226E24DB3BC817F92, E9DE55D6432ADD08EC75F99F2B5D2BD1F553F4EE55991B1767B1578351EE0BF2 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
20:39:24.0006 0x15a8 sbp2port - ok
20:39:24.0022 0x15a8 [ 14316954FCE79C9DE5A0AFF9D42C83AA, B60FB1FAC0299F9560761411711E86EDFA2F8D27B58230E2E4BB37736FAB2287 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
20:39:24.0022 0x15a8 SCardSvr - ok
20:39:24.0037 0x15a8 [ 5D7733A12756B267FCA021672B26BC9E, 01CE5B5F49914B9E099BD909A66296F3A40644AE47BA1D5EBFFB30CD33C70A4A ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
20:39:24.0037 0x15a8 scfilter - ok
20:39:24.0100 0x15a8 [ ED40ED9A65F3E79A8C43DD50C5FDADBF, 2323BFAB1BC3D661A376650B7AC14C7780C92BA575DA048F3C7611CDB3F7F04A ] Schedule C:\WINDOWS\system32\schedsvc.dll
20:39:24.0147 0x15a8 Schedule - ok
20:39:24.0178 0x15a8 [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
20:39:24.0178 0x15a8 SCPolicySvc - ok
20:39:24.0209 0x15a8 [ 047315E75392CEA447ACC86257824C16, 955F065C026DA807BDA241546A619913DA39112BD8CDBDB82562B2883317CE0B ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
20:39:24.0209 0x15a8 sdbus - ok
20:39:24.0225 0x15a8 [ 92968277ED491E4B3DDA361E3952361E, 71C50853BB2126A34C7CD014EE44D4B8B39F589E2E8E8E8F4C982E07498E3899 ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
20:39:24.0225 0x15a8 SDRSVC - ok
20:39:24.0256 0x15a8 [ BB107AA9980B0DA4E19A3A90C3BD4460, BCB4CF0FFF1FD57302557B68044A88C8EEAAE57C2FEAE8EAD1F410F960298B6D ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
20:39:24.0256 0x15a8 sdstor - ok
20:39:24.0256 0x15a8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
20:39:24.0272 0x15a8 secdrv - ok
20:39:24.0272 0x15a8 [ CD282626738B6BC92B6E7CD0AAE95B63, 1A56567C781786C85C63E24E79186EE5C82D3EB2679061B21BA0571A3A6CB7F5 ] seclogon C:\WINDOWS\system32\seclogon.dll
20:39:24.0287 0x15a8 seclogon - ok
20:39:24.0303 0x15a8 [ 9C51620998F0763039DFA6BF68E475ED, 9E496ADE7CE9A446BE8A2C2FC61B462D966778A94A4C147AABBD25C4821C2BCE ] SENS C:\WINDOWS\System32\sens.dll
20:39:24.0303 0x15a8 SENS - ok
20:39:24.0319 0x15a8 [ 0D50B4B860DAB65241628D04CD33ACAE, 2AA897C3F9ED076AB9244A32745D18489B076F3ED28A35B868C472131C5B5B46 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
20:39:24.0319 0x15a8 SensrSvc - ok
20:39:24.0334 0x15a8 [ 87C46B239A7EEF30FDFDD5E9BD46130C, F36FB5B20AC58FBD31F7E636059D2D865B751E178E51A03B94ABE0BBD1AB1EC9 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
20:39:24.0334 0x15a8 SerCx - ok
20:39:24.0334 0x15a8 [ 7A1F9347C85FD55E39B8A76B3A25C5AD, 03AF3B23285278A38F4CBEAB7FD326A48FA1EC7F8D044C059CE5403C6D225639 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
20:39:24.0334 0x15a8 Serenum - ok
20:39:24.0350 0x15a8 [ F640A0A218BBF857F1D04A15D7D939F6, 948C13886281FE7947E10FB7B34D5CCFE512FB632F1132B6062AC85149F79950 ] Serial C:\WINDOWS\System32\drivers\serial.sys
20:39:24.0350 0x15a8 Serial - ok
20:39:24.0381 0x15a8 [ F1A5F56B2620B862CC28FF96A0A6DAAB, E5367212B2CADF3820D657CFC27CD961547E28DAB950C68E1380CF97FB68F3F4 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
20:39:24.0381 0x15a8 sermouse - ok
20:39:24.0444 0x15a8 [ CB60A60340788C8D6DE2A269D28086AB, 2D8948E59BB9B00E16D20E425F80E7B862957DBAC9A4D1484E5191FAF333B60D ] SessionEnv C:\WINDOWS\system32\sessenv.dll
20:39:24.0459 0x15a8 SessionEnv - ok
20:39:24.0475 0x15a8 [ 7EE65419B29302C795714FF8073969A1, E28D89A5423E3A5062030EB2418E9435DD5D8B9D16570046E782D3FCFDA2E79A ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
20:39:24.0475 0x15a8 sfloppy - ok
20:39:24.0522 0x15a8 [ 090AE16F79C8EAD04E6031F863DA85F3, 3F27BE46DF602B53940414A6E9FEB23B36CFFB8E9A7F41440C3315B8E27D0029 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
20:39:24.0537 0x15a8 SharedAccess - ok
20:39:24.0647 0x15a8 [ A77F3ABE13FCC698511E5DEC7ACEBD5F, 78A43FDA9F770FD8BA107605DB44BC71D8B89D7E75560DA783AA6356C1873C15 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:39:24.0662 0x15a8 ShellHWDetection - ok
20:39:24.0662 0x15a8 [ 2560721D6F16D5B611C36A3A9D28C1B2, 15C30404902654ABA5DB5367FC5BD31343B12A3FC22B4BC5A26B09016447B5ED ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
20:39:24.0662 0x15a8 SiSRaid2 - ok
20:39:24.0694 0x15a8 [ 3AA8FDE1DBF65BB8B88B053529554A0D, 8060D946344D043D336F4735363C23C37C91A6DB3F81E575C267B2EC2BECB0EC ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
20:39:24.0694 0x15a8 SiSRaid4 - ok
20:39:24.0694 0x15a8 [ 99A76D83444026619CA36744F2A468C5, FEAEE7D896AD59E77034E8B66E74E84027BD65E038D9ED944DACA59EBDA5F510 ] SmbDrvI C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
20:39:24.0694 0x15a8 SmbDrvI - ok
20:39:24.0709 0x15a8 [ E660156A4588A84305CB772FD2C0DB21, 9492EB6578D4A689945E1FC2440EFA77D461049CDB2D00A645969A71B7DA68E1 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
20:39:24.0709 0x15a8 SNMPTRAP - ok
20:39:24.0725 0x15a8 [ FD3AF5575B99871BADB94E7699DBCE08, 847A78C1388683984AFA7D00B7C7F8741BC1DFBF4999AAD1E2EFC22D3C316846 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
20:39:24.0725 0x15a8 spaceport - ok
20:39:24.0741 0x15a8 [ 3D8679C8DF52EB26EB7583A4E0A29202, DCD9B69299275857712AB200C014AE820C8A9F7E53C4A335A84518FBE4BB56BB ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
20:39:24.0741 0x15a8 SpbCx - ok
20:39:24.0787 0x15a8 [ 3F215BF2D4D8D6756298B25B579772C2, 744192D1635E5D296BFD399E870B70592202CEAF95C31C2D2B226A868D33A3FD ] Spooler C:\WINDOWS\System32\spoolsv.exe
20:39:24.0803 0x15a8 Spooler - ok
20:39:25.0084 0x15a8 [ EC84D961501054F87A6878EC5D53388F, C69F3542B182BED4260EE1906361B72B9FFDE47FD92A161850E28BC6ED7505CC ] sppsvc C:\WINDOWS\system32\sppsvc.exe
20:39:25.0319 0x15a8 sppsvc - ok
20:39:25.0381 0x15a8 [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6, 61EEB1349489CB85204F1B4E398BE24EDC01FB914120C9DD0487F8EE1EDA055E ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
20:39:25.0397 0x15a8 srv - ok
20:39:25.0444 0x15a8 [ 56218A571ECF8D55E0CDFF8DF2546CF1, 44B34722108EDDC8757A0B7C939A854457BB7EBC92A83C4284DFFAECFC2E3619 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
20:39:25.0459 0x15a8 srv2 - ok
20:39:25.0475 0x15a8 [ 14FC338B80CFF7E04215133B568D15C4, 1F437BE0EC887097F0C3409D4198A20981FC325FDF915532AB85070D337DEF2B ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
20:39:25.0475 0x15a8 srvnet - ok
20:39:25.0491 0x15a8 [ 7A20882D76D4A78240A5AC9F2C2EBA21, ACA05211EE542999A118BBD2CD051038A7DC8C40C4B8971DC6514BA90E90EC61 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
20:39:25.0506 0x15a8 SSDPSRV - ok
20:39:25.0506 0x15a8 [ D233B16999A8E626F6004BD7814C57EC, 5BBFE5DDF1269617ABD1BDBED85A79D99BB52EA29C2BB3A8F4A1827BFAA1A747 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
20:39:25.0522 0x15a8 SstpSvc - ok
20:39:25.0522 0x15a8 [ 4E85355B94CFCB67C135F6521A4895A7, AC4FC65C1E62A54B3834E7FE0A2B1ECC48A2AA563AE5BD508326EE68FFFBBEEE ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
20:39:25.0522 0x15a8 stexstor - ok
20:39:25.0553 0x15a8 [ BAC8A721736AECC55A4F71523AEAB65F, B52E1303B13A961A5FC190829E55B6F28ACA409A6EEF44B358D1D210558FE1D8 ] stisvc C:\WINDOWS\System32\wiaservc.dll
20:39:25.0584 0x15a8 stisvc - ok
20:39:25.0584 0x15a8 [ B240874B2CA0CD02E8CD11E140B14C57, 0FDBEE3DB644175A30065CAF020F375703ADC45A33221788C010F3111707FC25 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
20:39:25.0584 0x15a8 storahci - ok
20:39:25.0600 0x15a8 [ F74DBC95A57B1EE866D3732EB5F79BE2, E4FE9D5CD0A385ACB60D5D5E8D969F26C3A6BC0C08FF0838DBE9CA106229C8DE ] storflt C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
20:39:25.0616 0x15a8 storflt - ok
20:39:25.0616 0x15a8 [ 5337E138B49ED1F44CCBA4073BC35C20, 2B296973215E3865A56C46DC3D27F1460D96BC321558CE7A911B05B0E7BF397F ] StorSvc C:\WINDOWS\system32\storsvc.dll
20:39:25.0616 0x15a8 StorSvc - ok
20:39:25.0631 0x15a8 [ 543CD3CC0E05B8D8815E0D4F040B6F59, 4B57C9534E94A0A67FC82DBD4FAECACA180BEC281FB477550A37C0A04777E09E ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
20:39:25.0631 0x15a8 storvsc - ok
20:39:25.0631 0x15a8 [ 8BC1C1ED6EF9C985A3FAA6A72F41679A, 82CC77030D23013572B4A64A64B6156789F253BF56268B790093CE3D345410A0 ] svsvc C:\WINDOWS\system32\svsvc.dll
20:39:25.0631 0x15a8 svsvc - ok
20:39:25.0647 0x15a8 [ 4AFD66AAE74FFB5986BC240744DC5FC9, 0C9347614E3FD3B4D3B29FA4A5DA23FF6EE4CD9A1FFC378B855B8DE61B2876CF ] swenum C:\WINDOWS\System32\drivers\swenum.sys
20:39:25.0647 0x15a8 swenum - ok
20:39:25.0694 0x15a8 [ 502F9488540051F3E6C39889ECFA76BB, 22ABD681BE4CF8A1F484C6363C1334B1EF7A6C074D837B0121DE1896887B84C6 ] swprv C:\WINDOWS\System32\swprv.dll
20:39:25.0709 0x15a8 swprv - ok
20:39:25.0725 0x15a8 [ DEDF257245AD25EAA727CB8D3CFBE5C3, 44020036185B32B2877EE95F2560DCF2E595B99B024134178B7D5F1A937935DF ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
20:39:25.0741 0x15a8 SynTP - ok
20:39:25.0788 0x15a8 [ A06CB9269D29EE3D0F3F5630ABB660B8, 519A01FC7D9414B26CCBC23E7FB1CEAF1C91CD173B4F4A4025F8316B7460C584 ] SysMain C:\WINDOWS\system32\sysmain.dll
20:39:25.0834 0x15a8 SysMain - ok
20:39:25.0850 0x15a8 [ 6FB88606C4A71E1BFAF97D63A676C673, D72F93A482E989ACA50F9647B7AD699A4656AEAACF377BB2B8CEBB094B748852 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
20:39:25.0866 0x15a8 SystemEventsBroker - ok
20:39:25.0866 0x15a8 [ A6C06C45C44AD06C70AF8899AEC15BDC, AC2CCCDBA6B94BA85A6D41B47343193D175786D4ECF71AE9C7766ADD63A1273F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
20:39:25.0881 0x15a8 TabletInputService - ok
20:39:25.0913 0x15a8 [ 88B7721AB551C4325036B25A34A2BF7B, 2817CC6294542524EC373A674535F913440736BEBE81233CA91D5ECD93620B02 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
20:39:25.0944 0x15a8 TapiSrv - ok
20:39:26.0022 0x15a8 [ D750CE2A52F1B95E654CF2904C88EF1F, 22DC0F464D7E394D919A0B2625E32528130169E91557253529B74AABC6C80C66 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
20:39:26.0084 0x15a8 Tcpip - ok
20:39:26.0163 0x15a8 [ D750CE2A52F1B95E654CF2904C88EF1F, 22DC0F464D7E394D919A0B2625E32528130169E91557253529B74AABC6C80C66 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:39:26.0209 0x15a8 TCPIP6 - ok
20:39:26.0225 0x15a8 [ 8F2A13A5DF99D72FDDE87F502A66F989, 2228C62ACDB4CBBFDD2BE705E604E0B9A8AEA7146F65F2D8B9B2A2FB49ACFAE1 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
20:39:26.0225 0x15a8 tcpipreg - ok
20:39:26.0241 0x15a8 [ 73DC722CE5DF26D7638CE2446F2655C7, 9B8E6F6DEA5E0C2AEAC24A31897D2E73F86EF44F1C25FEF82D2C860353793817 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
20:39:26.0241 0x15a8 tdx - ok
20:39:26.0256 0x15a8 [ F7C8AB5D8AFFAA318D6A21093D139BF4, 0A35052EF7DC8615783A23897358D8C579BE694363615C9563FF629E7B719991 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
20:39:26.0256 0x15a8 terminpt - ok
20:39:26.0319 0x15a8 [ 541EE228D0DEF392F7B2DFD885DD021B, 594D6538FA4DB5EF4D130007D7C29051EC2EDCA39EBB119695B58E9CBB0EB728 ] TermService C:\WINDOWS\System32\termsrv.dll
20:39:26.0350 0x15a8 TermService - ok
20:39:26.0366 0x15a8 [ 519A6F672FFF56B7D8EE8C730CEC8ECD, 2B36F10C0AE16A261DC0887B1050808BA1F0568F3879E4ABC3D370F08C3FADB7 ] Themes C:\WINDOWS\system32\themeservice.dll
20:39:26.0366 0x15a8 Themes - ok
20:39:26.0381 0x15a8 [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] THREADORDER C:\WINDOWS\system32\mmcss.dll
20:39:26.0381 0x15a8 THREADORDER - ok
20:39:26.0381 0x15a8 [ 4515B9E4140F04FB3907692DF89FCA87, F68EC56524BDA877646E987BE7414C1D622BD9FF05A5AEADCA39030FDC2B0115 ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
20:39:26.0397 0x15a8 TimeBroker - ok
20:39:26.0428 0x15a8 [ 6F0BFF80EE2A5BC841286A51F893CBAD, 79C58352002D9E3274170B6933FE3600F7C74E9DDB38C74805C42C53ADD35F28 ] TPM C:\WINDOWS\system32\drivers\tpm.sys
20:39:26.0444 0x15a8 TPM - ok
20:39:26.0459 0x15a8 [ 8C8CF3041B27E7657ADD0EE17F6DBFCA, A6846478B9E7B0A509E5A28C6C7B66ED39F0247F9AFF01E3C3CADC0DBEF3CA00 ] TrkWks C:\WINDOWS\System32\trkwks.dll
20:39:26.0459 0x15a8 TrkWks - ok
20:39:26.0475 0x15a8 [ 8ABBB5CE0C62E0A6D28F32F44B7F865C, 4C78FE2A4A25A758D5191C4EDB2A6FE691FF82E7C16C0F146DC96DAD87D4F64E ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
20:39:26.0475 0x15a8 TrustedInstaller - ok
20:39:26.0491 0x15a8 [ 4E7C5FB10A50435523DE0CAA37DE2BD3, D6206DF61950F2541FB754E57C4D9EF9FA0CC1EDD6F6FA4E45F02B47958493F7 ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
20:39:26.0491 0x15a8 TsUsbFlt - ok
20:39:26.0506 0x15a8 [ 16D684A820872EE54F6370703AC0B513, 795E20484358424CE9FA766937DD99413025A8AF967D03490392E8E02A382D0B ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
20:39:26.0506 0x15a8 TsUsbGD - ok
20:39:26.0522 0x15a8 [ 78C9EE193AC2B4CBDBC48B620314D740, 41523E47D321BFF5778F5E453545B928C0A469C3BBA51578E74D6721D7DF9273 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
20:39:26.0522 0x15a8 tunnel - ok
20:39:26.0522 0x15a8 [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A, AA7DA2207C0236F47859A4791F9D7301E7ADB50A59D831DC859ECC7CA70D3E1D ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
20:39:26.0538 0x15a8 uagp35 - ok
20:39:26.0538 0x15a8 [ 6FD6D03B7752C78712E5CFF29A305026, F09C5188AAFCF4C77B05BA1E604F9912782A9F1371F72F959288EBC2725407ED ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
20:39:26.0538 0x15a8 UASPStor - ok
20:39:26.0569 0x15a8 [ 7C33D8B8A5EA2321B84A1B6653CBD0DB, 3DBD4F8D4F09FB7A16B6EDB838B6E262AA55B68A4D9E4CA30B424ECD6703ED7D ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
20:39:26.0569 0x15a8 UCX01000 - ok
20:39:26.0584 0x15a8 [ DC5A461591C71AF7F19DC048A81E3F88, C6689C70B6CDE5A5707C06ABDC9CABF87CCE549BD23B96969EF3AA177A889320 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
20:39:26.0600 0x15a8 udfs - ok
20:39:26.0600 0x15a8 [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D, 16DE6E0894C356A58AF12BEC2FE9B188F147DD4B16CB2414DE600CE4127F929D ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
20:39:26.0616 0x15a8 UI0Detect - ok
20:39:26.0631 0x15a8 [ 07FEBCDF24FABA0D47B635D85A0FFB7A, 452C04B14681EBCE8B1B25B75A1B7CC978722B7DDE54D624E17841B14ACCF65D ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
20:39:26.0631 0x15a8 uliagpkx - ok
20:39:26.0647 0x15a8 [ 02CEB3FE6152668A7BA420B93B664860, 613F27540FD1EFE2442E326F507DACD5A25691C8481937022B7E1104F3E6E9E2 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
20:39:26.0647 0x15a8 umbus - ok
20:39:26.0663 0x15a8 [ 991EE6B5FC41EAEF99C8AF5B92F2CA09, 30AAD7D18FF5962CEC7180359D148EED5A1BF193DDB2B34508897FC3EBA692C3 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
20:39:26.0663 0x15a8 UmPass - ok
20:39:26.0678 0x15a8 [ 43FEFB040A0CC30F795FBF544169594D, F2A730C0F7C883321C378D4564120A40428D7F8E393F02C8D6A08934795A35C7 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
20:39:26.0678 0x15a8 UmRdpService - ok
20:39:26.0741 0x15a8 [ 15DBB0153EA1B0F66070CA231D51584D, E3C52BBEB36E9AD1D6D7DAF3456DD7C0D5F9495550B12304D2C27DE7D9C0A1B4 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
20:39:26.0756 0x15a8 UNS - ok
20:39:26.0772 0x15a8 [ 14D22C411854AA2560AFC94CD2D5E61F, BB376734733671C02319E6DB1800D41212694446FD65465498C92D4ECBFE7458 ] upnphost C:\WINDOWS\System32\upnphost.dll
20:39:26.0788 0x15a8 upnphost - ok
20:39:26.0803 0x15a8 [ 2AF9F0E16D75B8F783A1ACE74EF51C9B, AADB8991174CCDA3ADE14AF3EFB3A9826EC17A0F989F449FF43010A99D8CAA1F ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
20:39:26.0803 0x15a8 usbccgp - ok
20:39:26.0819 0x15a8 [ B395B62B62F28106218FA6FB17F4C797, 231CA3512B02BBE70E630A6304E899BCB741CE411FB10C2B3DE48E52034F24BB ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
20:39:26.0819 0x15a8 usbcir - ok
20:39:26.0834 0x15a8 [ 52F267AEE8CA5AA5CEB88C6A71EE1E86, 93E2CC1D4A56A3BBDD85020A8F4AD1B9B119953DB83A155C56D667924D5D8A02 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
20:39:26.0834 0x15a8 usbehci - ok
20:39:26.0866 0x15a8 [ ADBF89B8E0BB372FEFE2E4B84E1E20AE, 4B73F96CD6526439983462CC19D092C92B5FBEAFB37DF6E34A1DAEE9985210E0 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
20:39:26.0881 0x15a8 usbhub - ok
20:39:26.0897 0x15a8 [ EA040D4C6C94F315A85F3D0EAA884B37, 7A222CD59117CB2AACF1D9BD2A2A4C1B1AC5EEDCBFDB13B722469BA2D81F4901 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
20:39:26.0913 0x15a8 USBHUB3 - ok
20:39:26.0928 0x15a8 [ 325F6179009B5A7F6118951A5BA422AB, 756CB2893530485E8C3ACFF5A40F4C6EB446E72B2296E8772058E407A5E066DE ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
20:39:26.0928 0x15a8 usbohci - ok
20:39:26.0944 0x15a8 [ BA3ABE0CD1C14B3295BAD0F076B84CAC, 19E0679D44A9BD9DDCC336C7DE784147D6CFC3DE4250D5CA31CE49867D51A414 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
20:39:26.0944 0x15a8 usbprint - ok
20:39:26.0959 0x15a8 [ F77177F6C95B2116EE7AD23B5EF57007, 646E345DE5AFF26B338E17BC9D03D0EDA5608DF77D7685DE7AFF6E4113B9EB87 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
20:39:26.0959 0x15a8 USBSTOR - ok
20:39:26.0975 0x15a8 [ D25EF4A6EC244C5DE85D88A05B7C149D, A08793945D5FDC2CCCB2C621853A69941F1A108DF6CB559F3E8A21A047A8CCB3 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
20:39:26.0975 0x15a8 usbuhci - ok
20:39:26.0991 0x15a8 [ 09799E701B4327097E9F63D3FE221083, CF2B97D5B3D434D8E5547B2A86771C69A6F7F4857CAD70865B50462A04A27A48 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
20:39:26.0991 0x15a8 usbvideo - ok
20:39:27.0006 0x15a8 [ 11C0CF143D246E2F0E9BDBF17A0CC70B, 12BAE68F11A1F244CA76229BD5C0C7B2C8CCCD0B752C1AF18FE00C3C5FAC15CF ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
20:39:27.0022 0x15a8 USBXHCI - ok
20:39:27.0038 0x15a8 [ F702AB6181513303AB0FC8D59E52708B, D46939B9F672269E65C98606A573C849C4AF5A26E4E75D3A8FE56A65B3A6EA08 ] VaultSvc C:\WINDOWS\system32\lsass.exe
20:39:27.0038 0x15a8 VaultSvc - ok
20:39:27.0053 0x15a8 [ BACECBFF9C97F7627A60B0E0F1FE7EE8, DC82F767D066B93A48A090DC7146EBCCDC54B43C6CD9DF29A160E09E3A531DC8 ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
20:39:27.0069 0x15a8 vdrvroot - ok
20:39:27.0084 0x15a8 [ 8A8CDA9E3CF2E0B4C6CC19FBC6FB9A71, 1B75B3BDA612FE1129B461A11A5C5333593E97CB79C8CBFD81E0E6AAD31ECF8B ] vds C:\WINDOWS\System32\vds.exe
20:39:27.0116 0x15a8 vds - ok
20:39:27.0147 0x15a8 [ F7579733F4E8FF9B534C3F7D38F25C2C, 449FED49F2178D2A8000549B180606D050751762F53E600C13CFBEC91601DE87 ] VeriFaceSrv C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
20:39:27.0147 0x15a8 VeriFaceSrv - ok
20:39:27.0178 0x15a8 [ 74FA2D4368DE6F6CE14393EDF1F342BE, C5CE4164B2C3D583A7FB8687ADEADCDB08D36A5AB1965E5FC6949AEED15881C8 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
20:39:27.0178 0x15a8 VerifierExt - ok
20:39:27.0209 0x15a8 [ 500BE6B2E49883720D0AE8BB859ED7A3, 4606B02A3E8123510676E554635EB5ECF9DC5F2B83928710C8563787C52CC102 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
20:39:27.0209 0x15a8 vhdmp - ok
20:39:27.0241 0x15a8 [ F5B4A14B00E89250C50982AC762DDD1D, 581CD97DD42E74A82F06BFB827DFC82618B4A8667ACA7E93C628BB0D056CE8F0 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
20:39:27.0241 0x15a8 viaide - ok
20:39:27.0272 0x15a8 [ 78DB50F7329F6D1311658DABFFFC8BE0, 8CB0C831608033C4BC1D2DA7FAA7D429333A3654E76A989F7AF85BFC5F086BE9 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
20:39:27.0288 0x15a8 vmbus - ok
20:39:27.0288 0x15a8 [ ECFEE2F2BA3932C7880D1A8F67D68F91, 57DCD55A518A9FBDEF72B511C643B1062C3F7BD339F4B0FC19E9D84C615B968D ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
20:39:27.0288 0x15a8 VMBusHID - ok
20:39:27.0303 0x15a8 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
20:39:27.0319 0x15a8 vmicheartbeat - ok
20:39:27.0334 0x15a8 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
20:39:27.0334 0x15a8 vmickvpexchange - ok
20:39:27.0350 0x15a8 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
20:39:27.0350 0x15a8 vmicrdv - ok
20:39:27.0366 0x15a8 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
20:39:27.0381 0x15a8 vmicshutdown - ok
20:39:27.0397 0x15a8 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
20:39:27.0397 0x15a8 vmictimesync - ok
20:39:27.0413 0x15a8 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicvss C:\WINDOWS\System32\ICSvc.dll
20:39:27.0428 0x15a8 vmicvss - ok
20:39:27.0444 0x15a8 [ CB60FAAED8B49B812EBBF77EB87D9B18, ADA7C68D4C4981555ED48981E8B7ACBEEF5C39F902EB98782FC3DFF495FE0C33 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
20:39:27.0444 0x15a8 volmgr - ok
20:39:27.0491 0x15a8 [ A74101DA9809251BCD0E5A26BAE0F824, 15A3A7CC31A13C5882812C344D0937A8A4503D12DB07B9F7F2A8191B739CDBF7 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
20:39:27.0506 0x15a8 volmgrx - ok
20:39:27.0553 0x15a8 [ 2FB3CDFD5EAF4CD9D4AFAF96877D13AE, 26FD9DBCFAEDE0F945D80B11769741A3A837F84461263217A43C458B674566EE ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
20:39:27.0569 0x15a8 volsnap - ok
20:39:27.0584 0x15a8 [ A8DA1C1B52ECEA3726DEBED4FF1B700D, 75C024EC3858DF24FB82FE105BDD1E37900D53EFE9D72F42CDDFFD0742525586 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
20:39:27.0584 0x15a8 vpci - ok
20:39:27.0600 0x15a8 [ 38A60CD9C009C55C6D3B5586F8E6A353, 7F7E2AE39F1A0A5245650911E310E0948BC22A18262A16FA76B44A042D66312D ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
20:39:27.0600 0x15a8 vsmraid - ok
20:39:27.0647 0x15a8 [ D0C69E44BC1E1D4AD290FD84104623D8, 4C86760EA4BD2A64FFD42D89284EC3E5048CB2F0F6F3B80D017B41C0D2456A90 ] VSS C:\WINDOWS\system32\vssvc.exe
20:39:27.0694 0x15a8 VSS - ok
20:39:27.0709 0x15a8 [ A0F6FE0FC2F647C22BBFD6BD4249DBCC, AC2F3C70EDCA0AFBB2606267DFE6D3E8E7B0772140153BAD6B0A9EDE6A1D2F29 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
20:39:27.0725 0x15a8 VSTXRAID - ok
20:39:27.0725 0x15a8 [ 62460A45435A26A334907E3F2EA45611, FEF86E05117CC0AAB8211CA1542776EB620BD4699BD590D91F16621ED35B9824 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
20:39:27.0725 0x15a8 vwifibus - ok
20:39:27.0741 0x15a8 [ 095E943D27025E4D588AF0A72CC2318F, 3CE406A202F93EF8C4BC7317621A672670D734C69166393CA7256D5E5E667041 ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys
20:39:27.0741 0x15a8 vwififlt - ok
20:39:27.0741 0x15a8 [ 73FA1A41A97A5C34ADC03B3577FF1A86, CBA4BC0DA837C163587BBB4BF2AC1549C72440307C984D3CDF8995023718136C ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys
20:39:27.0756 0x15a8 vwifimp - ok
20:39:27.0788 0x15a8 [ F690B6EEAA94576727B24376D7ED3601, A61EE96024C8FC4058481DFB1E7F0AD746565368672FA3B6BA8F9E23D0F47E4C ] W32Time C:\WINDOWS\system32\w32time.dll
20:39:27.0819 0x15a8 W32Time - ok
20:39:27.0819 0x15a8 [ 6B806E893714019969E2B50D7EF6A4D9, 38FE2B01082DC4C2A0C11A292016A727F48C3DF1293DC3A0216B2254A452263F ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
20:39:27.0835 0x15a8 WacomPen - ok
20:39:27.0850 0x15a8 [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:39:27.0850 0x15a8 Wanarp - ok
20:39:27.0850 0x15a8 [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:39:27.0866 0x15a8 Wanarpv6 - ok
20:39:27.0928 0x15a8 [ 42DF22F8C448E7CD219F6D63743505E2, 063F4280C7BD20CE1360436B76A17DFE17FF611F75337A47373D098CC6C263BF ] wbengine C:\WINDOWS\system32\wbengine.exe
20:39:27.0975 0x15a8 wbengine - ok
20:39:28.0022 0x15a8 [ 31D37B2F6069C631EF0557D322924812, 6E18A1060F3C8F4BF220E286C44327866A8F9109E74928AA2D8C2DA9C452038B ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
20:39:28.0038 0x15a8 WbioSrvc - ok
20:39:28.0085 0x15a8 [ D9C1E82651BF19C6FF69CEC6FD400124, 93B96481A5B26F5617B16DD775AF0F8CE9001B30251FFF58D6EF9044D5EE91CD ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
20:39:28.0116 0x15a8 Wcmsvc - ok
20:39:28.0194 0x15a8 [ 5B5FEAB51172F5513C2CF7B39CFA6A01, 4FDAC5168E00D44781C6F5D98ECD4977A12663C5CE6FFDFF9DBC89A28D6212D8 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
20:39:28.0225 0x15a8 wcncsvc - ok
20:39:28.0241 0x15a8 [ E19556D414332E2BEBA1F368229006B4, AB3454EC85D7B6E62D44C4510C1547AE7F736558588E54B0E265F7B3A5810E15 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
20:39:28.0241 0x15a8 WcsPlugInService - ok
20:39:28.0256 0x15a8 [ B3A4D918DAB90505B6BC7B70632913CB, ECC19DCD7902C29D0682C70B9546CF8B82477A32147EE30EB6750D8499605B46 ] Wd C:\WINDOWS\system32\drivers\wd.sys
20:39:28.0256 0x15a8 Wd - ok
20:39:28.0272 0x15a8 [ 6F4B5DDDC3B86091E94BC47347A78AF7, C57697FAE297D832BE4EA4CEAB2F3F7A63682465FB448B6CEAB1A041A7434286 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
20:39:28.0272 0x15a8 WdBoot - ok
20:39:28.0303 0x15a8 [ 2ADC985B85A71BD7D99712EC0C24358B, 22B2BAC79BBA83271AC23EA14E4EB1101F1F570691EBE68A43C0D74D1A3E8D23 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
20:39:28.0319 0x15a8 Wdf01000 - ok
20:39:28.0350 0x15a8 [ 99D404A9A0AFC4734E014EBEBAC13F8F, E8D4B4AFEC89D8AC707314C7086B1A981772FF3D64B5C2120D0809F1BBE9E62B ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
20:39:28.0366 0x15a8 WdFilter - ok
20:39:28.0381 0x15a8 [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
20:39:28.0381 0x15a8 WdiServiceHost - ok
20:39:28.0397 0x15a8 [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
20:39:28.0397 0x15a8 WdiSystemHost - ok
20:39:28.0428 0x15a8 [ F2002DA5E6B78C15B2CD48CFF8F0FBB6, 4281100271761521F75F4D5A3D2E9FF40A9C7D81CEDAFD2EDD95788534090CA6 ] WebClient C:\WINDOWS\System32\webclnt.dll
20:39:28.0444 0x15a8 WebClient - ok
20:39:28.0475 0x15a8 [ 35FD720943D4FCD75C3275BF062FF140, 9D8345E6DE1AE23F93AD0B52D27D1CCFD69EF7EE50654F92CA999BEC4570A773 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
20:39:28.0491 0x15a8 Wecsvc - ok
20:39:28.0506 0x15a8 [ 4D2612E3C462B68F499D840B1133263E, 4DDAEB4480AEC31A8184838588E0D3DFA31CE6D2FA6E906926860C75F52DC7B7 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
20:39:28.0522 0x15a8 wercplsupport - ok
20:39:28.0538 0x15a8 [ 5F70EBFC1F75B487DE79501E3CCBDB54, 2FCA57BF60A43B03BB42FBF22BBFC19AD2266FBBD818494AD114125E6E433321 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
20:39:28.0553 0x15a8 WerSvc - ok
20:39:28.0569 0x15a8 [ FE762D3498719C3A23471BBA62F747B4, 7F9390D5B0133BF1FA66BFC5FD933E17AADEB7845F141948EE4A52AB779A69F8 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
20:39:28.0569 0x15a8 WFPLWFS - ok
20:39:28.0585 0x15a8 [ 60E0C220593DA4F7C289CB909D2DBAE0, 057CA7727F748600CC155043081AB9E3244763CF4913F317D13226A515F6FDB6 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
20:39:28.0585 0x15a8 WiaRpc - ok
20:39:28.0585 0x15a8 [ A3C7624A42A3447EF5EDD1ED37FE4E60, BD8BDF0A571873FA8277878AF7AED11196CFF1B4DF1EA6BA13BD4887D7B63B94 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
20:39:28.0600 0x15a8 WIMMount - ok
20:39:28.0600 0x15a8 WinDefend - ok
20:39:28.0663 0x15a8 [ 7911470B6018059A880469A63B65700A, 4B6131491A028FBCA54AC261112D183EFD42E98160545C8E8DFBDA01C87B3FB5 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
20:39:28.0678 0x15a8 WinHttpAutoProxySvc - ok
20:39:28.0850 0x15a8 [ 3D6B518B71C75C8FA4115A33615C107A, ED7A266013D29D3B1A462464735C3632BEA121D1B32553907AEAA0B00595C3DF ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
20:39:28.0850 0x15a8 Winmgmt - ok
20:39:28.0975 0x15a8 [ 8E212A627F33F6FC3B5F3BB47212F66E, 9BBFE26ABFA14F346FE3711D13D959523EEA23608A33C16F3D750D66CA511911 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
20:39:29.0069 0x15a8 WinRM - ok
20:39:29.0194 0x15a8 [ 6351724B8FA0255C2DBD970297F00B93, A02F274479F9F32E30C75A5BD991B008B3CCB47D380D5870563EF918DAC5730E ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
20:39:29.0272 0x15a8 WlanSvc - ok
20:39:29.0397 0x15a8 [ B330CE47FB74A6BE9A3FFFF4B3F64D9B, B76226808406D8B38DE2D3A8CCE633BB507022C8BAAA6C3DAD34204CC6CE1284 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
20:39:29.0460 0x15a8 wlidsvc - ok
20:39:29.0475 0x15a8 [ E2A596CACFC6504306CDB7B593B90084, DF89CF57249553CE922C841F18B99A213185FA1099C053B9BB8C0F6E5BC3FEC0 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
20:39:29.0475 0x15a8 WmiAcpi - ok
20:39:29.0491 0x15a8 [ D113499052C5E541906B727779F0F959, 05FB51086C0A0CE3812A7E6098C5A454ECCFE8553669CFA715153564F2226DB0 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
20:39:29.0506 0x15a8 wmiApSrv - ok
20:39:29.0506 0x15a8 WMPNetworkSvc - ok
20:39:29.0538 0x15a8 [ C6FF953D5D6F2EAE3B8883474D5076B3, 001CBB7FBC30209C892869258E5ABD3F0932886E156ECB10DCA599F6D32648BE ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
20:39:29.0538 0x15a8 wpcfltr - ok
20:39:29.0553 0x15a8 [ A6ED163169876BFD2437E872FE2F1509, C13E8676800EEEF690F51C4DEA660B36C8734AE2CCAAC48054E10D74B98949B8 ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
20:39:29.0553 0x15a8 WPCSvc - ok
20:39:29.0569 0x15a8 [ 3013658A4D327854BEEC4A08D9655194, C4CF5AA6A47CC55E7037B0BFE20AE0A6442ADDC5DEB89D6861C98C61851FA821 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
20:39:29.0569 0x15a8 WPDBusEnum - ok
20:39:29.0569 0x15a8 [ 0346CAFC181C91C6E2330332EB332ED6, D46F44C339399CAAE13CD71C53A169E95065208E07E5420DE00A4509D6CB056F ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
20:39:29.0569 0x15a8 WpdUpFltr - ok
20:39:29.0600 0x15a8 [ BC8B5CB336E63BB25EAD1CE8EDD34B81, A42759956EDCCC6D0688240AA4F833FB9CA132D42D2D901CDCBB24DCE1788C1D ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
20:39:29.0600 0x15a8 ws2ifsl - ok
20:39:29.0631 0x15a8 [ 012CFE7F0F95266F554EE3B91EE2128A, 866312F6BF7369BE686F1BA9F01311C99E95E268C6E63BE37C841F54F5AA0DB8 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
20:39:29.0631 0x15a8 wscsvc - ok
20:39:29.0647 0x15a8 WSearch - ok
20:39:29.0881 0x15a8 [ C10BFFEE7E0D7A1366E84F251796C51D, E1FD1DF5F5C5934F9A8584D54F35720655AC4F5D4CFD69CD1E063C0BBEC4D33D ] WSService C:\WINDOWS\System32\WSService.dll
20:39:30.0053 0x15a8 WSService - ok
20:39:30.0069 0x15a8 [ 72B4E9DF6456C43C42A1419B09486045, 536BA7377B5BEA7EA46864453933111DB88DB8FB689C68915ACD7261A996E61D ] wsvd C:\WINDOWS\system32\DRIVERS\wsvd.sys
20:39:30.0069 0x15a8 wsvd - ok
20:39:30.0335 0x15a8 [ BE302BABE45EC05995F8DC66E37BBB3D, 5AC4601FD2F064D0901112CE73E0D7FC9F5C3861C2E9B59941B346BFD6D4EF82 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
20:39:30.0460 0x15a8 wuauserv - ok
20:39:30.0475 0x15a8 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
20:39:30.0475 0x15a8 WudfPf - ok
20:39:30.0491 0x15a8 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
20:39:30.0491 0x15a8 WUDFRd - ok
20:39:30.0522 0x15a8 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
20:39:30.0522 0x15a8 wudfsvc - ok
20:39:30.0538 0x15a8 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
20:39:30.0538 0x15a8 WUDFWpdFs - ok
20:39:30.0553 0x15a8 [ F9D8D2E6ECE08B278621D5BF3A7240A6, 99EEEE51EA6CE8909713CA81A2AFA5102774AE9C8554F422F4D9A1D8B0ABDB09 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
20:39:30.0569 0x15a8 WwanSvc - ok
20:39:30.0694 0x15a8 [ 86B8B1F5C1189D68B07666784BE882FE, 0DD8C627F3DDBDB61B1910540C465C0D62C9F8D84C7CBB6C80782DB02D535AF0 ] ZAtheros Bt and Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
20:39:30.0710 0x15a8 ZAtheros Bt and Wlan Coex Agent - ok
20:39:30.0725 0x15a8 ================ Scan global ===============================
20:39:30.0757 0x15a8 [ DDC1AFBF9DDF880CE9BD3896114D8DED, E2406231EA4D2689A5EDFA9BD1A1BC064359D8D23B37F113A18B5EAE3E2D4050 ] C:\WINDOWS\system32\basesrv.dll
20:39:30.0803 0x15a8 [ E9343076AE704D20BB0D01F3AF3EFFEF, FF2CE4146945976F9480690505CECD3C7C719BAF0F633E6192C8272C75EF295D ] C:\WINDOWS\system32\winsrv.dll
20:39:30.0819 0x15a8 [ BD7C6949984D19AAA609896B675E7357, 5B46538B27BC70F5A3805AA63F6AACDC780C7168468FB535F2D35CF26B9DEE06 ] C:\WINDOWS\system32\sxssrv.dll
20:39:30.0835 0x15a8 [ 8F226143046435C75C033B0C52E90FFE, 54FA316485B57D7B8104FE621F5F40DEC35E3D57C3DF46B5F7EACF57445FE7CA ] C:\WINDOWS\system32\services.exe
20:39:30.0850 0x15a8 [ Global ] - ok
20:39:30.0850 0x15a8 ================ Scan MBR ==================================
20:39:30.0866 0x15a8 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
20:39:30.0882 0x15a8 \Device\Harddisk0\DR0 - ok
20:39:30.0882 0x15a8 ================ Scan VBR ==================================
20:39:30.0882 0x15a8 [ 285DAC3EF7F12D3894214155180B78D1 ] \Device\Harddisk0\DR0\Partition1
20:39:30.0897 0x15a8 \Device\Harddisk0\DR0\Partition1 - ok
20:39:30.0913 0x15a8 [ 99330589F9CC1DDD4CA228AC0D22B970 ] \Device\Harddisk0\DR0\Partition2
20:39:30.0928 0x15a8 \Device\Harddisk0\DR0\Partition2 - ok
20:39:30.0928 0x15a8 [ DD5B0290354DF612E5230BDE4E098FAC ] \Device\Harddisk0\DR0\Partition3
20:39:30.0944 0x15a8 \Device\Harddisk0\DR0\Partition3 - ok
20:39:30.0960 0x15a8 [ 768C1C15697F655CB673E3F7C4BEBC5F ] \Device\Harddisk0\DR0\Partition4
20:39:30.0960 0x15a8 \Device\Harddisk0\DR0\Partition4 - ok
20:39:30.0975 0x15a8 [ 26C0CA6C03DBACAAC0ACC427021421B7 ] \Device\Harddisk0\DR0\Partition5
20:39:30.0991 0x15a8 \Device\Harddisk0\DR0\Partition5 - ok
20:39:31.0022 0x15a8 [ 8370F09DD97627F589BDBA9391C42F76 ] \Device\Harddisk0\DR0\Partition6
20:39:31.0038 0x15a8 \Device\Harddisk0\DR0\Partition6 - ok
20:39:31.0038 0x15a8 [ D03AC8605F9673277F83BC56C0133670 ] \Device\Harddisk0\DR0\Partition7
20:39:31.0053 0x15a8 \Device\Harddisk0\DR0\Partition7 - ok
20:39:31.0053 0x15a8 [ B1A61028CAEB10F8D7CAAFB766C1287A ] \Device\Harddisk0\DR0\Partition8
20:39:31.0085 0x15a8 \Device\Harddisk0\DR0\Partition8 - ok
20:39:31.0085 0x15a8 ================ Scan generic autorun ======================
20:39:31.0100 0x15a8 [ 3293EDFFDDD6428AF31277F8CE6E39A2, EA73444CE66447A407166126744FB45C8BCBA102505EF63588AA08AA5BB584B0 ] C:\windows\system32\igfxtray.exe
20:39:31.0100 0x15a8 IgfxTray - ok
20:39:31.0132 0x15a8 [ 25BB22FF0CB62BBD56EB3141FDB6DC57, A8E600A81BB7285F0DAC511FADE5F648424FAF6C8159CF5D2D1C303EFF9E32F7 ] C:\windows\system32\hkcmd.exe
20:39:31.0132 0x15a8 HotKeysCmds - ok
20:39:31.0147 0x15a8 [ DB3C847EAB293E36131DB5E56FCEE95B, 79C863133857870FD16447ABA58D158099018D68653C11765345988D7E33F2E0 ] C:\windows\system32\igfxpers.exe
20:39:31.0163 0x15a8 Persistence - ok
20:39:31.0647 0x15a8 [ 2095566EA1BE46937F3C8DA365C59603, 0288DE4FEE25B661298D7D3DC91A042CD522324B2D566A8AD7A26AB3F3E3F5AA ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
20:39:32.0053 0x15a8 RtHDVCpl - ok
20:39:32.0116 0x15a8 [ 45D629AAF007A0DED6689A7A031D2AC7, DD10DEA927A2CC16EE38765DD1DE45E88288C09923DC14A95C1C6E457D535BCC ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
20:39:32.0147 0x15a8 RtHDVBg_Dolby - ok
20:39:32.0725 0x15a8 [ B0F2C94368921643D3E256C07B93C391, 705E96BBB7D87ECEF333BEC857B6C1FA97AE91D5C3D5102EE1687BC7382DFF92 ] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
20:39:33.0100 0x15a8 Energy Management - ok
20:39:33.0210 0x15a8 [ 7F19FEF6B2172A2A872B3FF350CCD213, 772CC5F9B28602A7C8554AFBD085D9B7BDC26D8039F041D6945426834565C106 ] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
20:39:33.0225 0x15a8 EnergyUtility - ok
20:39:33.0304 0x15a8 [ 7BC5778BF0A2E87D3270DA11ECB5110A, 957FE93DC86DC3B0353787233BF2307EC446B5BA77F096024A7A45704C81A9CD ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
20:39:33.0304 0x15a8 IAStorIcon - ok
20:39:33.0350 0x15a8 [ C2513AEB3F326B8811E2A37C9A7F930B, E3D9C0BB1A31367E7E3E0ED71F04068DF09F57CA293293B24D841331A1F9ADCB ] C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
20:39:33.0366 0x15a8 YouCam Tray - ok
20:39:33.0366 0x15a8 mcui_exe - ok
20:39:33.0475 0x15a8 [ 43E946AAD268FEAFB1E286677E70CB5D, 7798926B3CF11D1CF7DFF9B3D67AD3DC67010A62F3132CAEA273EB299A61B176 ] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
20:39:33.0522 0x15a8 Intel AppUp(SM) center - ok
20:39:33.0522 0x15a8 Waiting for KSN requests completion. In queue: 90
20:39:34.0538 0x15a8 Waiting for KSN requests completion. In queue: 90
20:39:35.0554 0x15a8 Waiting for KSN requests completion. In queue: 90
20:39:36.0710 0x15a8 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.2.223.0 ), 0x61100 ( enabled : updated )
20:39:36.0741 0x15a8 Win FW state via NFP2: enabled
20:39:39.0132 0x15a8 ============================================================
20:39:39.0132 0x15a8 Scan finished
20:39:39.0132 0x15a8 ============================================================
20:39:39.0132 0x14f8 Detected object count: 0
20:39:39.0132 0x14f8 Actual detected object count: 0
20:40:32.0541 0x002c Deinitialize success

HJT Log + MWAW Vyřešeno

HJT Log + MWAW

Re: HJT Log + MWAW

Re: HJT Log + MWAW

Re: HJT Log + MWAW

Re: HJT Log + MWAW

Re: HJT Log + MWAW

Re: HJT Log + MWAW

Re: HJT Log + MWAW

Re: HJT Log + MWAW

Re: HJT Log + MWAW

Re: HJT Log + MWAW

Re: HJT Log + MWAW

Kdo je online