Kontrola logu po odstranění infekce Vyřešeno

[854005]

Zdravím, kontroloval jsem PC Eset Online scannerem a našel mi 3 havěti:

Kód: Vybrat vše

B:\záloha\ZModeler_107.rar   pravděpodobně varianta infiltrace Win32/Agent.GBECUDG trojský kůň   smazán - uložen do karantény

C:\CrystalDiskInfo5_0_5-en.exe   Win32/OpenCandy aplikace   vyléčen smazáním - uložen do karantény

C:\Users\854.022\Documents\ZModeler_107.rar   pravděpodobně varianta infiltrace Win32/Agent.GBECUDG trojský kůň   smazán - uložen do karantény

Tyto 3 havěti odstranil do karantény, kterou pak vymazal, takže doufám, že by to mělo být pryč. Přesto ale prosím o kontrolu logů, jestli tam něco nezbylo. Jinak PC šlapal normálně, kromě toho, že zlobí disk, ale tam to bude asi HW problém (viz. viewtopic.php?f=7&t=100350).

Zde jsou logy - HJT

► Zobrazit spoiler

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:51:04, on 13.1.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\mixer.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
G:\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [C-Media Speaker Configuration] E:\Setup.exe /SPEAKER
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

--
End of file - 4113 bytes

MBAM:

► Zobrazit spoiler

Malwarebytes Anti-Malware 1.70.0.1100
http://www.malwarebytes.org

Verze: v2013.01.13.02

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
854.022 :: 854022-BARBORKA [administrátor]

13.1.2013 11:36:45
mbam-log-2013-01-13 (11-36-45).txt

Typ: Kompletní kontrola (B:\|C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM | P2P
Nastavení kontroly zakázáno:
Kontrolované objekty: 359148
Uplynulý čas: 1 hodin, 10 minut, 22 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

MBAM nikdy nenašel nic ani před tím, než jsem skenoval ESETem, možná že jde o falešný poplach? Děkuji.

[Reklama]

[memphisto]

V HJT fixni:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"


Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je oznaèen pro odstranění, stačí restartovat počítač.

[854005]

HJT fixnuto.

TDSSKiller log - část 1:
09:06:49.0011 1492 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
09:06:49.0511 1492 ============================================================
09:06:49.0511 1492 Current date / time: 2013/01/14 09:06:49.0511
09:06:49.0511 1492 SystemInfo:
09:06:49.0511 1492
09:06:49.0511 1492 OS Version: 6.1.7601 ServicePack: 1.0
09:06:49.0511 1492 Product type: Workstation
09:06:49.0511 1492 ComputerName: 854022-BARBORKA
09:06:49.0511 1492 UserName: 854.022
09:06:49.0511 1492 Windows directory: C:\Windows
09:06:49.0511 1492 System windows directory: C:\Windows
09:06:49.0511 1492 Processor architecture: Intel x86
09:06:49.0511 1492 Number of processors: 1
09:06:49.0511 1492 Page size: 0x1000
09:06:49.0511 1492 Boot type: Normal boot
09:06:49.0511 1492 ============================================================
09:06:50.0746 1492 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x2860B, SectorsPerTrack: 0xE, TracksPerCylinder: 0x87, Type 'K0', Flags 0x00000050
09:06:50.0761 1492 Drive \Device\Harddisk1\DR1 - Size: 0xEF000000 (3.73 Gb), SectorSize: 0x200, Cylinders: 0x1E7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
09:06:50.0792 1492 ============================================================
09:06:50.0792 1492 \Device\Harddisk0\DR0:
09:06:50.0792 1492 MBR partitions:
09:06:50.0792 1492 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
09:06:50.0792 1492 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x74FE000
09:06:50.0792 1492 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x7530800, BlocksNum 0x7530000
09:06:50.0792 1492 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0xEA60AA0, BlocksNum 0x3FB83E0
09:06:50.0792 1492 \Device\Harddisk1\DR1:
09:06:50.0792 1492 MBR partitions:
09:06:50.0792 1492 ============================================================
09:06:50.0824 1492 C: <-> \Device\Harddisk0\DR0\Partition2
09:06:50.0871 1492 D: <-> \Device\Harddisk0\DR0\Partition3
09:06:50.0902 1492 B: <-> \Device\Harddisk0\DR0\Partition4
09:06:50.0902 1492 ============================================================
09:06:50.0902 1492 Initialize success
09:06:50.0902 1492 ============================================================
09:06:54.0667 0412 ============================================================
09:06:54.0667 0412 Scan started
09:06:54.0667 0412 Mode: Manual; SigCheck;
09:06:54.0667 0412 ============================================================
09:06:55.0449 0412 ================ Scan system memory ========================
09:06:55.0449 0412 System memory - ok
09:06:55.0464 0412 ================ Scan services =============================
09:06:55.0683 0412 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
09:06:56.0417 0412 1394ohci - ok
09:06:56.0464 0412 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:06:56.0511 0412 ACPI - ok
09:06:56.0527 0412 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
09:06:56.0652 0412 AcpiPmi - ok
09:06:56.0746 0412 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
09:06:56.0777 0412 AdobeARMservice - ok
09:06:56.0839 0412 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
09:06:56.0886 0412 adp94xx - ok
09:06:56.0933 0412 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\drivers\adpahci.sys
09:06:56.0964 0412 adpahci - ok
09:06:57.0027 0412 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
09:06:57.0058 0412 adpu320 - ok
09:06:57.0152 0412 [ CDE1F62FE63631B932ACE2249FB11DA0 ] aeaudio C:\Windows\system32\drivers\aeaudio.sys
09:06:57.0214 0412 aeaudio - ok
09:06:57.0261 0412 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:06:57.0339 0412 AeLookupSvc - ok
09:06:57.0417 0412 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
09:06:57.0496 0412 AFD - ok
09:06:57.0542 0412 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
09:06:57.0574 0412 agp440 - ok
09:06:57.0667 0412 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
09:06:57.0699 0412 aic78xx - ok
09:06:57.0746 0412 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
09:06:57.0808 0412 ALG - ok
09:06:57.0855 0412 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
09:06:57.0902 0412 aliide - ok
09:06:57.0949 0412 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
09:06:57.0980 0412 amdagp - ok
09:06:58.0027 0412 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
09:06:58.0058 0412 amdide - ok
09:06:58.0105 0412 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
09:06:58.0199 0412 AmdK8 - ok
09:06:58.0230 0412 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
09:06:58.0308 0412 AmdPPM - ok
09:06:58.0355 0412 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
09:06:58.0402 0412 amdsata - ok
09:06:58.0433 0412 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
09:06:58.0464 0412 amdsbs - ok
09:06:58.0496 0412 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
09:06:58.0527 0412 amdxata - ok
09:06:58.0574 0412 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
09:06:58.0699 0412 AppID - ok
09:06:58.0746 0412 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:06:58.0839 0412 AppIDSvc - ok
09:06:58.0886 0412 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
09:06:58.0964 0412 Appinfo - ok
09:06:59.0027 0412 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\drivers\arc.sys
09:06:59.0058 0412 arc - ok
09:06:59.0089 0412 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\drivers\arcsas.sys
09:06:59.0121 0412 arcsas - ok
09:06:59.0183 0412 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
09:06:59.0324 0412 aswFsBlk - ok
09:06:59.0371 0412 [ CCAFDA4AB7F3738142B3BA7DA311FFB0 ] aswFW C:\Windows\system32\drivers\aswFW.sys
09:06:59.0511 0412 aswFW - ok
09:06:59.0558 0412 [ E2FEE0486D68BF85355D3EDA1A24FF68 ] aswKbd C:\Windows\system32\drivers\aswKbd.sys
09:06:59.0621 0412 aswKbd - ok
09:06:59.0683 0412 [ 62F9DCEC95F91B8E0203E85D344A7E65 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
09:06:59.0777 0412 aswMonFlt - ok
09:06:59.0808 0412 [ 7B948E3657BEA62E437BC46CA6EF6012 ] aswNdis C:\Windows\system32\DRIVERS\aswNdis.sys
09:06:59.0886 0412 aswNdis - ok
09:06:59.0933 0412 [ DCF8B68A3A6217F87CA7FA95F535B47E ] aswNdis2 C:\Windows\system32\drivers\aswNdis2.sys
09:07:00.0011 0412 aswNdis2 - ok
09:07:00.0058 0412 [ 81F638A2DD94ABBF0B43880AB38D8DBD ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
09:07:00.0152 0412 aswRdr - ok
09:07:00.0199 0412 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
09:07:00.0324 0412 aswSnx - ok
09:07:00.0355 0412 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\Windows\system32\drivers\aswSP.sys
09:07:00.0433 0412 aswSP - ok
09:07:00.0464 0412 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
09:07:00.0542 0412 aswTdi - ok
09:07:00.0574 0412 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:07:00.0699 0412 AsyncMac - ok
09:07:00.0746 0412 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
09:07:00.0777 0412 atapi - ok
09:07:00.0917 0412 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:07:01.0074 0412 AudioEndpointBuilder - ok
09:07:01.0136 0412 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
09:07:01.0277 0412 Audiosrv - ok
09:07:01.0339 0412 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
09:07:01.0449 0412 avast! Antivirus - ok
09:07:01.0496 0412 [ BC0E07A768A0A14C48E3CE1875F2C377 ] avast! Firewall C:\Program Files\AVAST Software\Avast\afwServ.exe
09:07:01.0558 0412 avast! Firewall - ok
09:07:01.0589 0412 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:07:01.0761 0412 AxInstSV - ok
09:07:01.0824 0412 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys
09:07:01.0886 0412 b06bdrv - ok
09:07:01.0933 0412 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
09:07:02.0058 0412 b57nd60x - ok
09:07:02.0121 0412 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
09:07:02.0183 0412 BDESVC - ok
09:07:02.0230 0412 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
09:07:02.0371 0412 Beep - ok
09:07:02.0417 0412 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
09:07:02.0496 0412 BFE - ok
09:07:02.0558 0412 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
09:07:02.0636 0412 BITS - ok
09:07:02.0667 0412 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
09:07:02.0746 0412 blbdrive - ok
09:07:02.0792 0412 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:07:02.0855 0412 bowser - ok
09:07:02.0902 0412 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
09:07:03.0011 0412 BrFiltLo - ok
09:07:03.0042 0412 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
09:07:03.0121 0412 BrFiltUp - ok
09:07:03.0167 0412 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
09:07:03.0230 0412 Browser - ok
09:07:03.0277 0412 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:07:03.0371 0412 Brserid - ok
09:07:03.0386 0412 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:07:03.0464 0412 BrSerWdm - ok
09:07:03.0496 0412 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:07:03.0542 0412 BrUsbMdm - ok
09:07:03.0558 0412 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
09:07:03.0605 0412 BrUsbSer - ok
09:07:03.0621 0412 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
09:07:03.0699 0412 BTHMODEM - ok
09:07:03.0761 0412 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
09:07:03.0871 0412 bthserv - ok
09:07:03.0902 0412 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:07:03.0964 0412 cdfs - ok
09:07:04.0027 0412 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:07:04.0089 0412 cdrom - ok
09:07:04.0121 0412 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
09:07:04.0183 0412 CertPropSvc - ok
09:07:04.0214 0412 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\drivers\circlass.sys
09:07:04.0261 0412 circlass - ok
09:07:04.0292 0412 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
09:07:04.0339 0412 CLFS - ok
09:07:04.0417 0412 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:07:04.0449 0412 clr_optimization_v2.0.50727_32 - ok
09:07:04.0527 0412 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:07:04.0558 0412 clr_optimization_v4.0.30319_32 - ok
09:07:04.0589 0412 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
09:07:04.0636 0412 CmBatt - ok
09:07:04.0683 0412 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:07:04.0714 0412 cmdide - ok
09:07:04.0761 0412 [ 7BE95CEA894B50D48286B03B82C4618E ] cmpci C:\Windows\system32\drivers\cmaudio.sys
09:07:04.0824 0412 cmpci - ok
09:07:04.0871 0412 [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG C:\Windows\system32\Drivers\cng.sys
09:07:04.0933 0412 CNG - ok
09:07:04.0949 0412 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\drivers\compbatt.sys
09:07:05.0011 0412 Compbatt - ok
09:07:05.0058 0412 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
09:07:05.0105 0412 CompositeBus - ok
09:07:05.0136 0412 COMSysApp - ok
09:07:05.0167 0412 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
09:07:05.0199 0412 crcdisk - ok
09:07:05.0246 0412 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:07:05.0292 0412 CryptSvc - ok
09:07:05.0355 0412 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
09:07:05.0433 0412 DcomLaunch - ok
09:07:05.0480 0412 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
09:07:05.0542 0412 defragsvc - ok
09:07:05.0589 0412 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:07:05.0652 0412 DfsC - ok
09:07:05.0699 0412 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
09:07:05.0746 0412 Dhcp - ok
09:07:05.0792 0412 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
09:07:05.0839 0412 discache - ok
09:07:05.0902 0412 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\drivers\disk.sys
09:07:05.0933 0412 Disk - ok
09:07:05.0964 0412 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:07:06.0042 0412 Dnscache - ok
09:07:06.0089 0412 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
09:07:06.0152 0412 dot3svc - ok
09:07:06.0199 0412 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
09:07:06.0261 0412 DPS - ok
09:07:06.0308 0412 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:07:06.0355 0412 drmkaud - ok
09:07:06.0402 0412 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:07:06.0449 0412 DXGKrnl - ok
09:07:06.0496 0412 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
09:07:06.0558 0412 EapHost - ok
09:07:06.0667 0412 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\drivers\evbdx.sys
09:07:06.0777 0412 ebdrv - ok
09:07:06.0808 0412 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
09:07:06.0855 0412 EFS - ok
09:07:06.0933 0412 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:07:06.0980 0412 ehRecvr - ok
09:07:07.0042 0412 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
09:07:07.0074 0412 ehSched - ok
09:07:07.0121 0412 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\drivers\elxstor.sys
09:07:07.0167 0412 elxstor - ok
09:07:07.0199 0412 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:07:07.0230 0412 ErrDev - ok
09:07:07.0308 0412 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
09:07:07.0371 0412 EventSystem - ok
09:07:07.0417 0412 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
09:07:07.0480 0412 exfat - ok
09:07:07.0511 0412 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:07:07.0574 0412 fastfat - ok
09:07:07.0621 0412 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
09:07:07.0683 0412 Fax - ok
09:07:07.0714 0412 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
09:07:07.0746 0412 fdc - ok
09:07:07.0777 0412 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
09:07:07.0855 0412 fdPHost - ok
09:07:07.0902 0412 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
09:07:07.0964 0412 FDResPub - ok
09:07:07.0996 0412 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:07:08.0042 0412 FileInfo - ok
09:07:08.0074 0412 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:07:08.0136 0412 Filetrace - ok
09:07:08.0167 0412 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
09:07:08.0214 0412 flpydisk - ok
09:07:08.0261 0412 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:07:08.0292 0412 FltMgr - ok
09:07:08.0355 0412 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
09:07:08.0417 0412 FontCache - ok
09:07:08.0480 0412 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
09:07:08.0511 0412 FontCache3.0.0.0 - ok
09:07:08.0542 0412 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:07:08.0574 0412 FsDepends - ok
09:07:08.0605 0412 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:07:08.0652 0412 Fs_Rec - ok
09:07:08.0699 0412 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:07:08.0746 0412 fvevol - ok
09:07:08.0792 0412 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
09:07:08.0824 0412 gagp30kx - ok
09:07:08.0871 0412 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
09:07:08.0949 0412 gpsvc - ok
09:07:08.0980 0412 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:07:09.0027 0412 hcw85cir - ok
09:07:09.0058 0412 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
09:07:09.0105 0412 HDAudBus - ok
09:07:09.0136 0412 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
09:07:09.0183 0412 HidBatt - ok
09:07:09.0199 0412 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\drivers\hidbth.sys
09:07:09.0246 0412 HidBth - ok
09:07:09.0292 0412 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\drivers\hidir.sys
09:07:09.0324 0412 HidIr - ok
09:07:09.0355 0412 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
09:07:09.0417 0412 hidserv - ok
09:07:09.0480 0412 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:07:09.0511 0412 HidUsb - ok
09:07:09.0558 0412 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:07:09.0605 0412 hkmsvc - ok
09:07:09.0652 0412 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:07:09.0699 0412 HomeGroupListener - ok
09:07:09.0730 0412 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:07:09.0777 0412 HomeGroupProvider - ok
09:07:09.0808 0412 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
09:07:09.0855 0412 HpSAMD - ok
09:07:09.0902 0412 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:07:09.0964 0412 HTTP - ok
09:07:10.0011 0412 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:07:10.0042 0412 hwpolicy - ok
09:07:10.0089 0412 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
09:07:10.0121 0412 i8042prt - ok
09:07:10.0167 0412 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
09:07:10.0199 0412 iaStorV - ok
09:07:10.0292 0412 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:07:10.0339 0412 idsvc - ok
09:07:10.0371 0412 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\drivers\iirsp.sys
09:07:10.0402 0412 iirsp - ok
09:07:10.0464 0412 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
09:07:10.0527 0412 IKEEXT - ok
09:07:10.0574 0412 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
09:07:10.0605 0412 intelide - ok
09:07:10.0652 0412 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:07:10.0699 0412 intelppm - ok
09:07:10.0730 0412 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:07:10.0792 0412 IPBusEnum - ok
09:07:10.0824 0412 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:07:10.0871 0412 IpFilterDriver - ok
09:07:10.0949 0412 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:07:11.0011 0412 iphlpsvc - ok
09:07:11.0042 0412 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
09:07:11.0089 0412 IPMIDRV - ok
09:07:11.0105 0412 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:07:11.0167 0412 IPNAT - ok
09:07:11.0214 0412 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:07:11.0261 0412 IRENUM - ok
09:07:11.0292 0412 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:07:11.0324 0412 isapnp - ok
09:07:11.0371 0412 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
09:07:11.0417 0412 iScsiPrt - ok
09:07:11.0433 0412 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:07:11.0480 0412 kbdclass - ok
09:07:11.0527 0412 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
09:07:11.0558 0412 kbdhid - ok
09:07:11.0589 0412 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
09:07:11.0636 0412 KeyIso - ok
09:07:11.0667 0412 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:07:11.0699 0412 KSecDD - ok
09:07:11.0761 0412 [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:07:11.0792 0412 KSecPkg - ok
09:07:11.0839 0412 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
09:07:11.0902 0412 KtmRm - ok
09:07:11.0964 0412 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
09:07:12.0058 0412 LanmanServer - ok
09:07:12.0121 0412 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:07:12.0183 0412 LanmanWorkstation - ok
09:07:12.0246 0412 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:07:12.0308 0412 lltdio - ok
09:07:12.0355 0412 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:07:12.0417 0412 lltdsvc - ok
09:07:12.0449 0412 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
09:07:12.0527 0412 lmhosts - ok
09:07:12.0574 0412 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
09:07:12.0605 0412 LSI_FC - ok
09:07:12.0652 0412 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
09:07:12.0683 0412 LSI_SAS - ok
09:07:12.0714 0412 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
09:07:12.0746 0412 LSI_SAS2 - ok
09:07:12.0792 0412 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
09:07:12.0824 0412 LSI_SCSI - ok
09:07:12.0855 0412 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
09:07:12.0917 0412 luafv - ok
09:07:12.0949 0412 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:07:13.0011 0412 Mcx2Svc - ok
09:07:13.0058 0412 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\drivers\megasas.sys
09:07:13.0089 0412 megasas - ok
09:07:13.0136 0412 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
09:07:13.0167 0412 MegaSR - ok
09:07:13.0214 0412 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
09:07:13.0277 0412 MMCSS - ok
09:07:13.0324 0412 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
09:07:13.0371 0412 Modem - ok
09:07:13.0417 0412 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:07:13.0449 0412 monitor - ok
09:07:13.0496 0412 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:07:13.0527 0412 mouclass - ok
09:07:13.0558 0412 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\drivers\mouhid.sys
09:07:13.0605 0412 mouhid - ok
09:07:13.0636 0412 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:07:13.0683 0412 mountmgr - ok
09:07:13.0714 0412 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
09:07:13.0746 0412 mpio - ok
09:07:13.0777 0412 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:07:13.0839 0412 mpsdrv - ok
09:07:13.0886 0412 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
09:07:13.0964 0412 MpsSvc - ok
09:07:13.0996 0412 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:07:14.0058 0412 MRxDAV - ok
09:07:14.0105 0412 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:07:14.0152 0412 mrxsmb - ok
09:07:14.0199 0412 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:07:14.0230 0412 mrxsmb10 - ok
09:07:14.0277 0412 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:07:14.0308 0412 mrxsmb20 - ok
09:07:14.0339 0412 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
09:07:14.0386 0412 msahci - ok
09:07:14.0417 0412 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:07:14.0449 0412 msdsm - ok
09:07:14.0496 0412 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
09:07:14.0542 0412 MSDTC - ok
09:07:14.0589 0412 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:07:14.0652 0412 Msfs - ok
09:07:14.0699 0412 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:07:14.0761 0412 mshidkmdf - ok
09:07:14.0777 0412 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:07:14.0824 0412 msisadrv - ok
09:07:14.0871 0412 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:07:14.0933 0412 MSiSCSI - ok
09:07:14.0949 0412 msiserver - ok
09:07:14.0996 0412 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:07:15.0058 0412 MSKSSRV - ok
09:07:15.0105 0412 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:07:15.0167 0412 MSPCLOCK - ok
09:07:15.0183 0412 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:07:15.0246 0412 MSPQM - ok
09:07:15.0277 0412 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:07:15.0308 0412 MsRPC - ok
09:07:15.0355 0412 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
09:07:15.0386 0412 mssmbios - ok
09:07:15.0402 0412 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:07:15.0464 0412 MSTEE - ok
09:07:15.0496 0412 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
09:07:15.0527 0412 MTConfig - ok
09:07:15.0574 0412 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
09:07:15.0605 0412 Mup - ok
09:07:15.0652 0412 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
09:07:15.0714 0412 napagent - ok
09:07:15.0761 0412 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:07:15.0824 0412 NativeWifiP - ok
09:07:15.0871 0412 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
09:07:15.0917 0412 NDIS - ok
09:07:15.0964 0412 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:07:16.0027 0412 NdisCap - ok
09:07:16.0074 0412 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:07:16.0136 0412 NdisTapi - ok
09:07:16.0167 0412 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:07:16.0230 0412 Ndisuio - ok
09:07:16.0261 0412 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:07:16.0324 0412 NdisWan - ok
09:07:16.0339 0412 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:07:16.0402 0412 NDProxy - ok
09:07:16.0433 0412 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:07:16.0496 0412 NetBIOS - ok
09:07:16.0542 0412 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:07:16.0605 0412 NetBT - ok
09:07:16.0636 0412 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
09:07:16.0667 0412 Netlogon - ok
09:07:16.0730 0412 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
09:07:16.0792 0412 Netman - ok
09:07:16.0824 0412 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
09:07:16.0902 0412 netprofm - ok
09:07:16.0949 0412 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:07:16.0980 0412 NetTcpPortSharing - ok
09:07:17.0042 0412 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
09:07:17.0074 0412 nfrd960 - ok
09:07:17.0105 0412 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
09:07:17.0167 0412 NlaSvc - ok
09:07:17.0199 0412 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:07:17.0261 0412 Npfs - ok
09:07:17.0277 0412 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
09:07:17.0355 0412 nsi - ok
09:07:17.0371 0412 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:07:17.0449 0412 nsiproxy - ok
09:07:17.0527 0412 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:07:17.0589 0412 Ntfs - ok
09:07:17.0621 0412 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
09:07:17.0667 0412 Null - ok
09:07:17.0980 0412 [ 377140A534D013BD661C69F1741DE43C ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:07:18.0277 0412 nvlddmkm - ok
09:07:18.0308 0412 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:07:18.0339 0412 nvraid - ok
09:07:18.0386 0412 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:07:18.0417 0412 nvstor - ok
09:07:18.0480 0412 [ 4ED813EFD77A9B7E57E341CDC1C5CBC4 ] nvsvc C:\Windows\system32\nvvsvc.exe
09:07:18.0527 0412 nvsvc - ok
09:07:18.0558 0412 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:07:18.0589 0412 nv_agp - ok
09:07:18.0636 0412 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
09:07:18.0667 0412 ohci1394 - ok
09:07:18.0746 0412 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:07:18.0777 0412 ose - ok
09:07:18.0933 0412 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:07:19.0105 0412 osppsvc - ok
09:07:19.0152 0412 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:07:19.0199 0412 p2pimsvc - ok
09:07:19.0246 0412 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
09:07:19.0292 0412 p2psvc - ok
09:07:19.0355 0412 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
09:07:19.0386 0412 Parport - ok
09:07:19.0433 0412 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:07:19.0464 0412 partmgr - ok
09:07:19.0511 0412 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
09:07:19.0542 0412 Parvdm - ok
09:07:19.0574 0412 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
09:07:19.0636 0412 PcaSvc - ok
09:07:19.0667 0412 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
09:07:19.0699 0412 pci - ok
09:07:19.0730 0412 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
09:07:19.0761 0412 pciide - ok
09:07:19.0824 0412 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
09:07:19.0855 0412 pcmcia - ok
09:07:19.0886 0412 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
09:07:19.0917 0412 pcw - ok
09:07:19.0964 0412 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:07:20.0058 0412 PEAUTH - ok
09:07:20.0167 0412 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
09:07:20.0261 0412 pla - ok
09:07:20.0324 0412 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:07:20.0371 0412 PlugPlay - ok
09:07:20.0417 0412 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:07:20.0464 0412 PNRPAutoReg - ok
09:07:20.0496 0412 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:07:20.0558 0412 PNRPsvc - ok
09:07:20.0605 0412 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:07:20.0683 0412 PolicyAgent - ok
09:07:20.0746 0412 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
09:07:20.0808 0412 Power - ok
09:07:20.0871 0412 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:07:20.0917 0412 PptpMiniport - ok
09:07:20.0964 0412 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\drivers\processr.sys
09:07:21.0011 0412 Processor - ok
09:07:21.0058 0412 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
09:07:21.0121 0412 ProfSvc - ok
09:07:21.0152 0412 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:07:21.0199 0412 ProtectedStorage - ok
09:07:21.0246 0412 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:07:21.0308 0412 Psched - ok
09:07:21.0371 0412 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
09:07:21.0433 0412 ql2300 - ok
09:07:21.0496 0412 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
09:07:21.0527 0412 ql40xx - ok
09:07:21.0574 0412 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
09:07:21.0636 0412 QWAVE - ok
09:07:21.0652 0412 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:07:21.0699 0412 QWAVEdrv - ok
09:07:21.0746 0412 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:07:21.0792 0412 RasAcd - ok
09:07:21.0839 0412 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
09:07:21.0902 0412 RasAgileVpn - ok
09:07:21.0933 0412 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
09:07:22.0027 0412 RasAuto - ok
09:07:22.0058 0412 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:07:22.0121 0412 Rasl2tp - ok
09:07:22.0183 0412 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
09:07:22.0261 0412 RasMan - ok
09:07:22.0292 0412 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:07:22.0355 0412 RasPppoe - ok
09:07:22.0371 0412 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:07:22.0433 0412 RasSstp - ok
09:07:22.0464 0412 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:07:22.0527 0412 rdbss - ok
09:07:22.0558 0412 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
09:07:22.0605 0412 rdpbus - ok
09:07:22.0636 0412 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:07:22.0683 0412 RDPCDD - ok
09:07:22.0746 0412 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:07:22.0808 0412 RDPENCDD - ok
09:07:22.0855 0412 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
09:07:22.0902 0412 RDPREFMP - ok
09:07:22.0980 0412 [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
09:07:23.0042 0412 RdpVideoMiniport - ok
09:07:23.0089 0412 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:07:23.0136 0412 RDPWD - ok
09:07:23.0199 0412 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:07:23.0230 0412 rdyboost - ok
09:07:23.0277 0412 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
09:07:23.0339 0412 RemoteAccess - ok
09:07:23.0386 0412 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:07:23.0464 0412 RemoteRegistry - ok
09:07:23.0511 0412 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:07:23.0574 0412 RpcEptMapper - ok
09:07:23.0621 0412 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
09:07:23.0667 0412 RpcLocator - ok
09:07:23.0714 0412 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
09:07:23.0792 0412 RpcSs - ok
09:07:23.0839 0412 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:07:23.0902 0412 rspndr - ok
09:07:23.0949 0412 [ 4E20765744BFBC16F6D6E5BD5598786B ] RTL8023xp C:\Windows\system32\DRIVERS\Rtnicxp.sys
09:07:24.0011 0412 RTL8023xp - ok
09:07:24.0042 0412 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
09:07:24.0089 0412 SamSs - ok
09:07:24.0136 0412 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:07:24.0167 0412 sbp2port - ok
09:07:24.0199 0412 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:07:24.0277 0412 SCardSvr - ok
09:07:24.0308 0412 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:07:24.0371 0412 scfilter - ok
09:07:24.0417 0412 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
09:07:24.0480 0412 Schedule - ok
09:07:24.0527 0412 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
09:07:24.0589 0412 SCPolicySvc - ok
09:07:24.0636 0412 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:07:24.0683 0412 SDRSVC - ok
09:07:24.0714 0412 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:07:24.0777 0412 secdrv - ok
09:07:24.0824 0412 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
09:07:24.0886 0412 seclogon - ok
09:07:24.0933 0412 [ 9A4C4A4B191200F12085D188BE70E4E3 ] senfilt C:\Windows\system32\drivers\senfilt.sys
09:07:24.0964 0412 senfilt - ok
09:07:25.0027 0412 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
09:07:25.0089 0412 SENS - ok
09:07:25.0121 0412 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:07:25.0167 0412 SensrSvc - ok
09:07:25.0214 0412 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
09:07:25.0261 0412 Serenum - ok
09:07:25.0308 0412 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
09:07:25.0339 0412 Serial - ok
09:07:25.0386 0412 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\drivers\sermouse.sys
09:07:25.0417 0412 sermouse - ok
09:07:25.0496 0412 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
09:07:25.0574 0412 SessionEnv - ok
09:07:25.0589 0412 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:07:25.0636 0412 sffdisk - ok
09:07:25.0652 0412 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:07:25.0699 0412 sffp_mmc - ok
09:07:25.0730 0412 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:07:25.0777 0412 sffp_sd - ok
09:07:25.0808 0412 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
09:07:25.0855 0412 sfloppy - ok
09:07:25.0902 0412 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:07:25.0964 0412 SharedAccess - ok
09:07:26.0042 0412 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:07:26.0105 0412 ShellHWDetection - ok
09:07:26.0136 0412 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
09:07:26.0167 0412 sisagp - ok
09:07:26.0214 0412 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
09:07:26.0246 0412 SiSRaid2 - ok
09:07:26.0292 0412 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
09:07:26.0324 0412 SiSRaid4 - ok
09:07:26.0355 0412 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:07:26.0417 0412 Smb - ok
09:07:26.0496 0412 [ 014AB093E6452EA88031BB6E22919BB5 ] smwdm C:\Windows\system32\drivers\smwdm.sys
09:07:26.0527 0412 smwdm - ok
09:07:26.0589 0412 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:07:26.0636 0412 SNMPTRAP - ok
09:07:26.0667 0412 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
09:07:26.0699 0412 spldr - ok
09:07:26.0761 0412 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
09:07:26.0808 0412 Spooler - ok
09:07:26.0933 0412 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
09:07:27.0058 0412 sppsvc - ok
09:07:27.0105 0412 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
09:07:27.0167 0412 sppuinotify - ok

[854005]

TDSSKiller log - část 2:
09:07:27.0214 0412 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
09:07:27.0261 0412 srv - ok
09:07:27.0308 0412 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:07:27.0355 0412 srv2 - ok
09:07:27.0402 0412 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:07:27.0433 0412 srvnet - ok
09:07:27.0464 0412 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:07:27.0542 0412 SSDPSRV - ok
09:07:27.0574 0412 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:07:27.0636 0412 SstpSvc - ok
09:07:27.0683 0412 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\drivers\stexstor.sys
09:07:27.0714 0412 stexstor - ok
09:07:27.0777 0412 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
09:07:27.0839 0412 StiSvc - ok
09:07:27.0886 0412 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
09:07:27.0917 0412 swenum - ok
09:07:27.0964 0412 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
09:07:28.0042 0412 swprv - ok
09:07:28.0105 0412 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
09:07:28.0167 0412 SysMain - ok
09:07:28.0214 0412 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:07:28.0277 0412 TabletInputService - ok
09:07:28.0308 0412 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
09:07:28.0371 0412 TapiSrv - ok
09:07:28.0417 0412 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
09:07:28.0496 0412 TBS - ok
09:07:28.0589 0412 [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:07:28.0636 0412 Tcpip - ok
09:07:28.0714 0412 [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:07:28.0777 0412 TCPIP6 - ok
09:07:28.0824 0412 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:07:28.0855 0412 tcpipreg - ok
09:07:28.0917 0412 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:07:28.0949 0412 TDPIPE - ok
09:07:28.0996 0412 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:07:29.0042 0412 TDTCP - ok
09:07:29.0074 0412 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:07:29.0136 0412 tdx - ok
09:07:29.0167 0412 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
09:07:29.0199 0412 TermDD - ok
09:07:29.0261 0412 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
09:07:29.0324 0412 TermService - ok
09:07:29.0371 0412 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
09:07:29.0417 0412 Themes - ok
09:07:29.0464 0412 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
09:07:29.0527 0412 THREADORDER - ok
09:07:29.0574 0412 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
09:07:29.0636 0412 TrkWks - ok
09:07:29.0746 0412 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:07:29.0808 0412 TrustedInstaller - ok
09:07:29.0855 0412 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:07:29.0902 0412 tssecsrv - ok
09:07:29.0949 0412 [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
09:07:30.0011 0412 TsUsbFlt - ok
09:07:30.0058 0412 [ 57C527AF84748B5C2F5178C499C0B81F ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
09:07:30.0105 0412 TsUsbGD - ok
09:07:30.0167 0412 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:07:30.0230 0412 tunnel - ok
09:07:30.0261 0412 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\drivers\uagp35.sys
09:07:30.0292 0412 uagp35 - ok
09:07:30.0324 0412 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:07:30.0402 0412 udfs - ok
09:07:30.0464 0412 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:07:30.0527 0412 UI0Detect - ok
09:07:30.0558 0412 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:07:30.0589 0412 uliagpkx - ok
09:07:30.0636 0412 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
09:07:30.0667 0412 umbus - ok
09:07:30.0714 0412 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\drivers\umpass.sys
09:07:30.0746 0412 UmPass - ok
09:07:30.0808 0412 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
09:07:30.0871 0412 upnphost - ok
09:07:30.0917 0412 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:07:30.0964 0412 usbccgp - ok
09:07:30.0980 0412 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:07:31.0042 0412 usbcir - ok
09:07:31.0089 0412 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
09:07:31.0136 0412 usbehci - ok
09:07:31.0167 0412 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:07:31.0214 0412 usbhub - ok
09:07:31.0246 0412 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:07:31.0292 0412 usbohci - ok
09:07:31.0339 0412 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
09:07:31.0386 0412 usbprint - ok
09:07:31.0433 0412 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
09:07:31.0464 0412 usbscan - ok
09:07:31.0511 0412 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:07:31.0558 0412 USBSTOR - ok
09:07:31.0589 0412 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
09:07:31.0636 0412 usbuhci - ok
09:07:31.0683 0412 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
09:07:31.0746 0412 UxSms - ok
09:07:31.0777 0412 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
09:07:31.0824 0412 VaultSvc - ok
09:07:31.0871 0412 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
09:07:31.0902 0412 vdrvroot - ok
09:07:31.0933 0412 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
09:07:32.0027 0412 vds - ok
09:07:32.0058 0412 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:07:32.0105 0412 vga - ok
09:07:32.0136 0412 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
09:07:32.0199 0412 VgaSave - ok
09:07:32.0246 0412 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
09:07:32.0277 0412 vhdmp - ok
09:07:32.0324 0412 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
09:07:32.0355 0412 viaagp - ok
09:07:32.0402 0412 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
09:07:32.0449 0412 ViaC7 - ok
09:07:32.0480 0412 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
09:07:32.0511 0412 viaide - ok
09:07:32.0542 0412 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:07:32.0574 0412 volmgr - ok
09:07:32.0605 0412 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:07:32.0652 0412 volmgrx - ok
09:07:32.0699 0412 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:07:32.0730 0412 volsnap - ok
09:07:32.0777 0412 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
09:07:32.0808 0412 vsmraid - ok
09:07:32.0886 0412 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
09:07:32.0964 0412 VSS - ok
09:07:33.0011 0412 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
09:07:33.0058 0412 vwifibus - ok
09:07:33.0089 0412 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
09:07:33.0167 0412 W32Time - ok
09:07:33.0214 0412 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
09:07:33.0246 0412 WacomPen - ok
09:07:33.0292 0412 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
09:07:33.0355 0412 WANARP - ok
09:07:33.0371 0412 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:07:33.0433 0412 Wanarpv6 - ok
09:07:33.0511 0412 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
09:07:33.0636 0412 WatAdminSvc - ok
09:07:33.0699 0412 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
09:07:33.0824 0412 wbengine - ok
09:07:33.0871 0412 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:07:33.0964 0412 WbioSrvc - ok
09:07:34.0011 0412 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:07:34.0089 0412 wcncsvc - ok
09:07:34.0136 0412 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:07:34.0183 0412 WcsPlugInService - ok
09:07:34.0214 0412 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\drivers\wd.sys
09:07:34.0246 0412 Wd - ok
09:07:34.0308 0412 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:07:34.0355 0412 Wdf01000 - ok
09:07:34.0386 0412 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:07:34.0433 0412 WdiServiceHost - ok
09:07:34.0464 0412 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:07:34.0527 0412 WdiSystemHost - ok
09:07:34.0558 0412 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
09:07:34.0605 0412 WebClient - ok
09:07:34.0652 0412 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:07:34.0714 0412 Wecsvc - ok
09:07:34.0761 0412 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:07:34.0824 0412 wercplsupport - ok
09:07:34.0871 0412 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
09:07:34.0949 0412 WerSvc - ok
09:07:34.0980 0412 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
09:07:35.0058 0412 WfpLwf - ok
09:07:35.0105 0412 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:07:35.0136 0412 WIMMount - ok
09:07:35.0214 0412 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
09:07:35.0261 0412 WinDefend - ok
09:07:35.0292 0412 WinHttpAutoProxySvc - ok
09:07:35.0355 0412 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:07:35.0433 0412 Winmgmt - ok
09:07:35.0496 0412 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
09:07:35.0589 0412 WinRM - ok
09:07:35.0683 0412 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
09:07:35.0746 0412 Wlansvc - ok
09:07:35.0792 0412 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
09:07:35.0824 0412 WmiAcpi - ok
09:07:35.0886 0412 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:07:35.0917 0412 wmiApSrv - ok
09:07:36.0027 0412 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
09:07:36.0074 0412 WMPNetworkSvc - ok
09:07:36.0105 0412 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:07:36.0152 0412 WPCSvc - ok
09:07:36.0199 0412 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:07:36.0246 0412 WPDBusEnum - ok
09:07:36.0308 0412 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:07:36.0355 0412 ws2ifsl - ok
09:07:36.0386 0412 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
09:07:36.0449 0412 wscsvc - ok
09:07:36.0480 0412 WSearch - ok
09:07:36.0589 0412 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
09:07:36.0667 0412 wuauserv - ok
09:07:36.0714 0412 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:07:36.0746 0412 WudfPf - ok
09:07:36.0808 0412 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:07:36.0855 0412 WUDFRd - ok
09:07:36.0902 0412 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:07:36.0949 0412 wudfsvc - ok
09:07:37.0011 0412 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
09:07:37.0074 0412 WwanSvc - ok
09:07:37.0105 0412 ================ Scan global ===============================
09:07:37.0152 0412 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
09:07:37.0199 0412 [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll
09:07:37.0230 0412 [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll
09:07:37.0292 0412 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
09:07:37.0339 0412 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
09:07:37.0355 0412 [Global] - ok
09:07:37.0371 0412 ================ Scan MBR ==================================
09:07:37.0386 0412 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:07:37.0636 0412 \Device\Harddisk0\DR0 - ok
09:07:37.0652 0412 [ 3415131FE11EC9C12D725521D6F46916 ] \Device\Harddisk1\DR1
09:07:40.0058 0412 \Device\Harddisk1\DR1 - ok
09:07:40.0074 0412 ================ Scan VBR ==================================
09:07:40.0089 0412 [ 267956C1C169FE606075E60B279DDD44 ] \Device\Harddisk0\DR0\Partition1
09:07:40.0089 0412 \Device\Harddisk0\DR0\Partition1 - ok
09:07:40.0121 0412 [ 37BE3D101974E57E78F57B6A678CF8E6 ] \Device\Harddisk0\DR0\Partition2
09:07:40.0121 0412 \Device\Harddisk0\DR0\Partition2 - ok
09:07:40.0152 0412 [ 08C11CF6504C87F0F66DC51F9988867D ] \Device\Harddisk0\DR0\Partition3
09:07:40.0152 0412 \Device\Harddisk0\DR0\Partition3 - ok
09:07:40.0183 0412 [ A08DFF351A7E00C608765856158AB004 ] \Device\Harddisk0\DR0\Partition4
09:07:40.0183 0412 \Device\Harddisk0\DR0\Partition4 - ok
09:07:40.0199 0412 ============================================================
09:07:40.0199 0412 Scan finished
09:07:40.0199 0412 ============================================================
09:07:40.0230 3292 Detected object count: 0
09:07:40.0230 3292 Actual detected object count: 0
09:07:43.0152 1896 Deinitialize success

ComboFix log:
ComboFix 13-01-13.01 - 854.022 14.01.2013 9:16.1.1 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3071.2293 [GMT 1:00]
Spuštěný z: c:\users\854.022\Desktop\ComboFix.exe
AV: avast! Internet Security *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
SP: avast! Internet Security *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-12-14 do 2013-01-14 )))))))))))))))))))))))))))))))
.
.
2013-01-14 08:47 . 2013-01-14 08:47 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-14 08:40 . 2013-01-14 08:40 60872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{62CB46EB-0E62-4CF3-82C7-14237E799233}\offreg.dll
2013-01-13 10:35 . 2013-01-13 10:35 -------- d-----w- c:\users\854.022\AppData\Local\Programs
2013-01-12 21:14 . 2012-11-22 04:45 626688 ----a-w- c:\windows\system32\usp10.dll
2013-01-12 21:14 . 2012-11-23 02:56 2345984 ----a-w- c:\windows\system32\win32k.sys
2013-01-12 21:14 . 2012-11-09 04:43 492032 ----a-w- c:\windows\system32\win32spl.dll
2013-01-12 21:14 . 2012-11-01 04:47 1389568 ----a-w- c:\windows\system32\msxml6.dll
2013-01-12 21:14 . 2012-11-30 04:47 293376 ----a-w- c:\windows\system32\KernelBase.dll
2013-01-12 21:14 . 2012-11-30 04:53 169984 ----a-w- c:\windows\system32\winsrv.dll
2013-01-12 21:14 . 2012-11-30 04:45 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-01-12 21:14 . 2012-11-30 02:55 271360 ----a-w- c:\windows\system32\conhost.exe
2013-01-12 21:12 . 2012-12-07 10:46 43520 ----a-w- c:\windows\system32\csrr.rs
2013-01-12 21:11 . 2012-11-20 04:51 220160 ----a-w- c:\windows\system32\ncrypt.dll
2013-01-12 21:11 . 2012-11-23 02:48 49152 ----a-w- c:\windows\system32\taskhost.exe
2013-01-12 21:10 . 2012-11-08 18:00 6812136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{62CB46EB-0E62-4CF3-82C7-14237E799233}\mpengine.dll
2013-01-07 15:35 . 2013-01-07 15:35 -------- d-----w- c:\program files\CrystalDiskInfo
2013-01-02 15:54 . 2013-01-02 17:17 -------- d-----w- c:\program files\ZModeler
2012-12-22 08:23 . 2012-12-22 08:23 -------- d-----w- c:\programdata\NVIDIA
2012-12-22 08:03 . 2012-12-22 08:03 -------- d-----w- c:\program files\Microsoft Silverlight
2012-12-22 08:01 . 2012-12-22 08:01 -------- d-----w- c:\programdata\NVIDIA Corporation
2012-12-22 08:01 . 2012-12-22 08:02 -------- d-----w- c:\program files\NVIDIA Corporation
2012-12-22 07:57 . 2012-05-04 09:59 514560 ----a-w- c:\windows\system32\qdvd.dll
2012-12-22 07:57 . 2012-08-24 16:57 247808 ----a-w- c:\windows\system32\schannel.dll
2012-12-22 07:57 . 2012-08-24 17:05 136560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-12-22 07:57 . 2012-08-24 17:02 369856 ----a-w- c:\windows\system32\drivers\cng.sys
2012-12-22 07:57 . 2012-08-24 16:56 1039360 ----a-w- c:\windows\system32\lsasrv.dll
2012-12-18 08:40 . 2012-12-18 08:40 -------- d-----w- c:\users\854.022\AppData\Roaming\Malwarebytes
2012-12-18 08:40 . 2012-12-18 08:40 -------- d-----w- c:\programdata\Malwarebytes
2012-12-18 08:40 . 2013-01-13 10:35 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-12-18 08:40 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-14 02:09 . 2012-12-13 08:42 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 01:58 . 2012-12-13 08:42 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 01:57 . 2012-12-13 08:42 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 01:49 . 2012-12-13 08:42 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 01:48 . 2012-12-13 08:42 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 01:44 . 2012-12-13 08:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-11 11:58 . 2012-10-20 06:26 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-11-11 11:58 . 2012-10-20 06:26 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-11-09 04:42 . 2012-12-13 07:10 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-02 05:11 . 2012-12-13 07:11 376832 ----a-w- c:\windows\system32\dpnet.dll
2012-10-30 22:51 . 2012-10-19 19:19 361032 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-10-30 22:51 . 2012-10-19 19:19 199320 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2012-10-30 22:51 . 2012-10-19 19:19 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-10-30 22:51 . 2012-10-19 19:19 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-30 22:51 . 2012-10-19 19:19 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-10-30 22:51 . 2012-10-19 19:19 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-10-30 22:51 . 2012-10-19 19:19 106560 ----a-w- c:\windows\system32\drivers\aswFW.sys
2012-10-30 22:51 . 2012-10-19 19:19 20624 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2012-10-30 22:51 . 2012-10-19 19:18 41224 ----a-w- c:\windows\avastSS.scr
2012-10-30 22:50 . 2012-10-19 19:18 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-10-24 16:48 . 2012-10-24 16:48 160898 ----a-w- c:\windows\Expstudio Audio Editor FREE Uninstaller.exe
2012-10-21 07:40 . 2012-10-21 07:40 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-10-21 07:40 . 2012-10-21 07:40 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-10-21 07:40 . 2012-10-21 07:40 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-10-20 06:48 . 2012-10-20 06:48 86528 ----a-w- c:\windows\system32\iesysprep.dll
2012-10-20 06:48 . 2012-10-20 06:48 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-10-20 06:48 . 2012-10-20 06:48 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-10-20 06:48 . 2012-10-20 06:48 74752 ----a-w- c:\windows\system32\iesetup.dll
2012-10-20 06:48 . 2012-10-20 06:48 63488 ----a-w- c:\windows\system32\tdc.ocx
2012-10-20 06:48 . 2012-10-20 06:48 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-10-20 06:48 . 2012-10-20 06:48 367104 ----a-w- c:\windows\system32\html.iec
2012-10-20 06:48 . 2012-10-20 06:48 35840 ----a-w- c:\windows\system32\imgutil.dll
2012-10-20 06:48 . 2012-10-20 06:48 23552 ----a-w- c:\windows\system32\licmgr10.dll
2012-10-20 06:48 . 2012-10-20 06:48 161792 ----a-w- c:\windows\system32\msls31.dll
2012-10-20 06:48 . 2012-10-20 06:48 152064 ----a-w- c:\windows\system32\wextract.exe
2012-10-20 06:48 . 2012-10-20 06:48 150528 ----a-w- c:\windows\system32\iexpress.exe
2012-10-20 06:48 . 2012-10-20 06:48 11776 ----a-w- c:\windows\system32\mshta.exe
2012-10-20 06:48 . 2012-10-20 06:48 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-10-20 06:48 . 2012-10-20 06:48 101888 ----a-w- c:\windows\system32\admparse.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"C-Media Mixer"="Mixer.exe" [2001-10-22 1216512]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-12-03 07:35 946352 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware]
2012-12-14 15:49 512360 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys [x]
S0 aswNdis2;avast! Firewall Core Firewall Service; [x]
S1 aswFW;avast! TDI Firewall driver; [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - 54563232
*NewlyCreated* - 69840946
*Deregistered* - 54563232
*Deregistered* - 69840946
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
GPSvcGroup REG_MULTI_SZ GPSvc
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.0.1
.
.
------- Asociace souborů -------
.
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-C-Media Speaker Configuration - E:\Setup.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-01-14 09:49:43
ComboFix-quarantined-files.txt 2013-01-14 08:49
.
Před spuštěním: Volných bajtů: 36 862 480 384
Po spuštění: Volných bajtů: 38 137 200 640
.
- - End Of File - - AB46A086DAA10213FB4E65EEDC0213DA

[Žbeky]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

Stáhni si OTC na plochu, spusť jej a klikni na Clean up!

+ Nový log z HJT

Jak se chová PC?

[854005]

CCleaner používám, no když to přeženu, tak každých 10 minut .

Jinak OTC provedeno, akorát ten ComboFix mi nejde odinstalovat - napíšu přesně ComboFix /Uninstall (bez cesty, tak jak to je) a on se začne znova rozbalovat a spouštět...

PC se chová jako předtím, to znamená normálně, vlastně kdybych to neprojížděl ESET Online scannerem, tak nevím, že tam něco je, protože MBAM ani avast! to nedetekují. Ale ono to bylo schované jako odinstalační soubor programu, ten jsem nepoužil nikdy, tak to asi neškodilo. A CrystalDiskInfo proč se hlásí jako OpenCandy nevím...

Tady je nový log z HJT:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:44:33, on 14.1.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\mixer.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\854.022\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

--
End of file - 3419 bytes

[Žbeky]

Ten combofix jen vypadá, že se spouští, ten úvod je stejný

Jestli nejsou problémy, můžeš dát vyřešeno

[854005]

No jo, skutečně se tak tvářilo, ale je to pryč :-). Jinak je to vše, tak děkuji.