Mám v PC virus, prosím o pomoc Vyřešeno

[frai]

Zdravím, vyskočila mi tabulka, že PC byl zablokován policií a mám zaplatit 3000 , jsem teď přihlášen z druhého účtu v nouzovém režimu, můžete mi prosím pomoci odstranit vir? Tady je log Z hjt

Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 21:04:05, on 29.1.2013
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Safe mode with network support

Running processes:
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\TrendMicro\HiJackThis\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5t5851r265
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... 5t5851r265
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
F2 - REG:system.ini: Shell=C:\PROGRA~3\dsgsdgdsgdsgw.bat
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [TkBellExe] "c:\program files (x86)\real\realplayer\update\realsched.exe" -osboot
O4 - HKCU\..\RunOnce: [avg_spchecker] "C:\Program Files (x86)\AVG\AVG9\Notification\SPChecker1.exe" /start
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\Alwil Software\Avast5\afwServ.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10928 bytes

[Reklama]

[memphisto]

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

[frai]

Malwarebytes Anti-Malware 1.70.0.1100
http://www.malwarebytes.org

Database version: v2013.01.26.09

Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)
Internet Explorer 8.0.7601.17514
jiný uživatel :: 0038A [limited]

29.1.2013 21:49:35
MBAM-log-2013-01-29 (21-53-54).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 214091
Time elapsed: 4 minute(s), 3 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 1
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon|Shell (Exploit.Drop.GSA) -> Bad: (C:\PROGRA~3\dsgsdgdsgdsgw.bat) Good: () -> No action taken.

Folders Detected: 0
(No malicious items detected)

Files Detected: 4
C:\Users\Pavel.Pavel-PC\wgsdgsdgdsgsd.exe (Exploit.Drop.GS) -> No action taken.
C:\ProgramData\dsgsdgdsgdsgw.bat (Exploit.Drop.GSA) -> No action taken.
C:\ProgramData\dsgsdgdsgdsgw.pad (Exploit.Drop.GSA) -> No action taken.
C:\ProgramData\dsgsdgdsgdsgw.reg (Exploit.Drop.GSA) -> No action taken.

(end)

[frai]

ten Adw mi bohužel nejde spustit, klikám na to a nic..plochu nemám

[jaro3]

. Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujisti se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Můžeš sem pak vložit nový log z MbAM.

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[frai]

pořád to tam je, už jsem dával 1x odstranit:
Malwarebytes Anti-Malware 1.70.0.1100
http://www.malwarebytes.org

Database version: v2013.01.26.09

Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)
Internet Explorer 8.0.7601.17514
jiný uživatel :: 0038A [limited]

30.1.2013 9:11:38
MBAM-log-2013-01-30 (09-18-30).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 213852
Time elapsed: 4 minute(s), 55 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 1
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon|Shell (Exploit.Drop.GSA) -> Bad: (C:\PROGRA~3\dsgsdgdsgdsgw.bat) Good: () -> No action taken.

Folders Detected: 0
(No malicious items detected)

Files Detected: 4
C:\Users\Pavel.Pavel-PC\wgsdgsdgdsgsd.exe (Exploit.Drop.GS) -> No action taken.
C:\ProgramData\dsgsdgdsgdsgw.bat (Exploit.Drop.GSA) -> No action taken.
C:\ProgramData\dsgsdgdsgdsgw.pad (Exploit.Drop.GSA) -> No action taken.
C:\ProgramData\dsgsdgdsgdsgw.reg (Exploit.Drop.GSA) -> No action taken.

(end)


ten Killer mi nejde spustit v nouzáku, klikám na to a nic.. a ten combo fix- error

[jaro3]

. Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujisti se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Můžeš sem pak vložit nový log z MbAM.

neudělal si to.

Postupuješ správně? TDSSKiller , nejprve deaktivovat antivir a firewall.
Combofix , zkoušel si v nouz. režimu?

[frai]

Tak jsem zkusil obnovení systému v nouzovém režimu a dostal jsem se na svůj admin účet v normálním režimu...jdu znovu zkusit ten Mbam, Killer a Combo..antivir mám vyplý

[jaro3]

Fajn , Combofix zatím nestáhneš , mají tam bug..ale ostatní udělej.

[frai]

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Verze: v2013.01.30.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Pavel :: 0038A [administrátor]

30.1.2013 9:54:19
mbam-log-2013-01-30 (09-54-19).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 286836
Uplynulý čas: 6 minut, 9 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 1
C:\ProgramData\dsgsdgdsgdsgw.pad (Exploit.Drop.GSA) -> Přesun do karantény a smazání se zdařilo.

(konec)

ten Tsdkiller mi nejde extrahovat, spustit..prostě nic, zkoušel jsem to vícekrát

[jaro3]

Pravýnm klikni na soubor a vyber:
Extract to (název souboru).

[frai]

20:14:57.0713 10088 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
20:14:57.0962 10088 ============================================================
20:14:57.0962 10088 Current date / time: 2013/01/30 20:14:57.0962
20:14:57.0962 10088 SystemInfo:
20:14:57.0962 10088
20:14:57.0962 10088 OS Version: 6.1.7601 ServicePack: 1.0
20:14:57.0962 10088 Product type: Workstation
20:14:57.0963 10088 ComputerName: 0038A
20:14:57.0965 10088 UserName: Pavel
20:14:57.0965 10088 Windows directory: C:\Windows
20:14:57.0965 10088 System windows directory: C:\Windows
20:14:57.0965 10088 Running under WOW64
20:14:57.0965 10088 Processor architecture: Intel x64
20:14:57.0965 10088 Number of processors: 2
20:14:57.0965 10088 Page size: 0x1000
20:14:57.0965 10088 Boot type: Normal boot
20:14:57.0965 10088 ============================================================
20:15:00.0221 10088 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:15:00.0249 10088 Drive \Device\Harddisk1\DR1 - Size: 0x78800000 (1.88 Gb), SectorSize: 0x200, Cylinders: 0xF5, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:15:00.0253 10088 ============================================================
20:15:00.0253 10088 \Device\Harddisk0\DR0:
20:15:00.0253 10088 MBR partitions:
20:15:00.0253 10088 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1770800, BlocksNum 0x32000
20:15:00.0253 10088 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x17A2800, BlocksNum 0x38BE3030
20:15:00.0253 10088 \Device\Harddisk1\DR1:
20:15:00.0255 10088 MBR partitions:
20:15:00.0255 10088 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x6, StartLBA 0xE3, BlocksNum 0x3C3F1D
20:15:00.0255 10088 ============================================================
20:15:00.0285 10088 C: <-> \Device\Harddisk0\DR0\Partition2
20:15:00.0285 10088 ============================================================
20:15:00.0285 10088 Initialize success
20:15:00.0285 10088 ============================================================
20:15:07.0239 10152 ============================================================
20:15:07.0239 10152 Scan started
20:15:07.0239 10152 Mode: Manual;
20:15:07.0239 10152 ============================================================
20:15:10.0100 10152 ================ Scan system memory ========================
20:15:10.0100 10152 System memory - ok
20:15:10.0101 10152 ================ Scan services =============================
20:15:10.0277 10152 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:15:10.0283 10152 1394ohci - ok
20:15:10.0327 10152 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:15:10.0333 10152 ACPI - ok
20:15:10.0349 10152 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:15:10.0351 10152 AcpiPmi - ok
20:15:10.0385 10152 [ 2F0683FD2DF1D92E891CACA14B45A8C1 ] adfs C:\Windows\system32\drivers\adfs.sys
20:15:10.0388 10152 adfs - ok
20:15:10.0423 10152 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
20:15:10.0444 10152 adp94xx - ok
20:15:10.0464 10152 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
20:15:10.0470 10152 adpahci - ok
20:15:10.0496 10152 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
20:15:10.0500 10152 adpu320 - ok
20:15:10.0547 10152 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:15:10.0549 10152 AeLookupSvc - ok
20:15:10.0583 10152 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
20:15:10.0601 10152 AFD - ok
20:15:10.0636 10152 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:15:10.0638 10152 agp440 - ok
20:15:10.0684 10152 [ BC569A6C209D94F6643EE35710AEC1F6 ] aksdf C:\Windows\system32\DRIVERS\aksdf.sys
20:15:10.0686 10152 aksdf - ok
20:15:10.0702 10152 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
20:15:10.0705 10152 ALG - ok
20:15:10.0719 10152 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
20:15:10.0721 10152 aliide - ok
20:15:10.0758 10152 [ B4143CB1DD16AE73C6177C72F33450A6 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
20:15:10.0763 10152 AMD External Events Utility - ok
20:15:10.0786 10152 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
20:15:10.0788 10152 amdide - ok
20:15:10.0817 10152 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
20:15:10.0820 10152 AmdK8 - ok
20:15:11.0011 10152 [ D1D06810BF7E21F5763EB06CB7E7262B ] amdkmdag C:\Windows\system32\DRIVERS\atipmdag.sys
20:15:11.0164 10152 amdkmdag - ok
20:15:11.0210 10152 [ 6BA71D6616B56816E57394D77DD1BB6F ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
20:15:11.0215 10152 amdkmdap - ok
20:15:11.0239 10152 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
20:15:11.0267 10152 AmdPPM - ok
20:15:11.0350 10152 [ CC3021D064EB6D3C2F949530E2B0BA47 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
20:15:11.0352 10152 amdsata - ok
20:15:11.0381 10152 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
20:15:11.0494 10152 amdsbs - ok
20:15:11.0559 10152 [ FFC5A0F6263574EF0D5467496B721F77 ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
20:15:11.0561 10152 amdxata - ok
20:15:11.0596 10152 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
20:15:11.0598 10152 AppID - ok
20:15:11.0629 10152 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:15:11.0632 10152 AppIDSvc - ok
20:15:11.0660 10152 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
20:15:11.0663 10152 Appinfo - ok
20:15:11.0682 10152 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
20:15:11.0685 10152 arc - ok
20:15:11.0708 10152 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
20:15:11.0711 10152 arcsas - ok
20:15:11.0762 10152 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
20:15:11.0764 10152 aswFsBlk - ok
20:15:11.0862 10152 [ 9FFC732E12FF53E05FE9E02C8C00CE87 ] aswFW C:\Windows\system32\drivers\aswFW.sys
20:15:11.0866 10152 aswFW - ok
20:15:11.0946 10152 [ 6B91E6D483AADB3FC4E13E2355200611 ] aswKbd C:\Windows\system32\drivers\aswKbd.sys
20:15:11.0948 10152 aswKbd - ok
20:15:12.0025 10152 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
20:15:12.0027 10152 aswMonFlt - ok
20:15:12.0083 10152 [ 518B8D447A1975AB46DA093A2E743256 ] aswNdis C:\Windows\system32\DRIVERS\aswNdis.sys
20:15:12.0085 10152 aswNdis - ok
20:15:12.0141 10152 [ 5A832BBB1B563B6B3FDA46239B630037 ] aswNdis2 C:\Windows\system32\drivers\aswNdis2.sys
20:15:12.0147 10152 aswNdis2 - ok
20:15:12.0205 10152 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
20:15:12.0207 10152 aswRdr - ok
20:15:12.0282 10152 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
20:15:12.0305 10152 aswSnx - ok
20:15:12.0337 10152 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys
20:15:12.0344 10152 aswSP - ok
20:15:12.0402 10152 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
20:15:12.0404 10152 aswTdi - ok
20:15:12.0436 10152 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:15:12.0439 10152 AsyncMac - ok
20:15:12.0470 10152 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
20:15:12.0472 10152 atapi - ok
20:15:12.0526 10152 [ 0ACC06FCF46F64ED4F11E57EE461C1F4 ] athr C:\Windows\system32\DRIVERS\athrx.sys
20:15:12.0561 10152 athr - ok
20:15:12.0594 10152 [ 38467FF83C2B4265D51F418812A91E3C ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
20:15:12.0598 10152 AtiHdmiService - ok
20:15:12.0767 10152 [ D1D06810BF7E21F5763EB06CB7E7262B ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
20:15:12.0910 10152 atikmdag - ok
20:15:12.0948 10152 [ 7C5D273E29DCC5505469B299C6F29163 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
20:15:12.0950 10152 AtiPcie - ok
20:15:12.0986 10152 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:15:13.0011 10152 AudioEndpointBuilder - ok
20:15:13.0027 10152 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:15:13.0033 10152 AudioSrv - ok
20:15:13.0117 10152 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
20:15:13.0118 10152 avast! Antivirus - ok
20:15:13.0181 10152 [ BC0E07A768A0A14C48E3CE1875F2C377 ] avast! Firewall C:\Program Files\Alwil Software\Avast5\afwServ.exe
20:15:13.0183 10152 avast! Firewall - ok
20:15:13.0206 10152 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:15:13.0210 10152 AxInstSV - ok
20:15:13.0245 10152 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
20:15:13.0253 10152 b06bdrv - ok
20:15:13.0277 10152 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:15:13.0283 10152 b57nd60a - ok
20:15:13.0406 10152 [ A2494901E7226B356B8C1005C45F1C5F ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
20:15:13.0411 10152 BBSvc - ok
20:15:13.0456 10152 [ 63B1CBBAE4790B5BAC98F01BF9449722 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
20:15:13.0461 10152 BBUpdate - ok
20:15:13.0508 10152 [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
20:15:13.0541 10152 BCM43XX - ok
20:15:13.0571 10152 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
20:15:13.0574 10152 BDESVC - ok
20:15:13.0590 10152 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
20:15:13.0592 10152 Beep - ok
20:15:13.0641 10152 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
20:15:13.0663 10152 BFE - ok
20:15:13.0695 10152 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
20:15:13.0719 10152 BITS - ok
20:15:13.0752 10152 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:15:13.0754 10152 blbdrive - ok
20:15:13.0786 10152 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:15:13.0790 10152 bowser - ok
20:15:13.0805 10152 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:15:13.0807 10152 BrFiltLo - ok
20:15:13.0823 10152 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:15:13.0825 10152 BrFiltUp - ok
20:15:13.0887 10152 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
20:15:13.0890 10152 BridgeMP - ok
20:15:13.0917 10152 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
20:15:13.0920 10152 Browser - ok
20:15:13.0944 10152 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:15:13.0950 10152 Brserid - ok
20:15:13.0968 10152 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:15:13.0970 10152 BrSerWdm - ok
20:15:13.0984 10152 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:15:13.0986 10152 BrUsbMdm - ok
20:15:13.0994 10152 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:15:13.0997 10152 BrUsbSer - ok
20:15:14.0016 10152 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
20:15:14.0021 10152 BTHMODEM - ok
20:15:14.0057 10152 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
20:15:14.0061 10152 bthserv - ok
20:15:14.0101 10152 [ D1787E11C6A0078DDEAF8CF3EE2AB293 ] CAXHWAZL C:\Windows\system32\DRIVERS\CAXHWAZL.sys
20:15:14.0119 10152 CAXHWAZL - ok
20:15:14.0137 10152 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:15:14.0140 10152 cdfs - ok
20:15:14.0169 10152 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:15:14.0172 10152 cdrom - ok
20:15:14.0203 10152 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
20:15:14.0206 10152 CertPropSvc - ok
20:15:14.0236 10152 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
20:15:14.0239 10152 circlass - ok
20:15:14.0298 10152 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
20:15:14.0305 10152 CLFS - ok
20:15:14.0368 10152 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:15:14.0371 10152 clr_optimization_v2.0.50727_32 - ok
20:15:14.0413 10152 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:15:14.0425 10152 clr_optimization_v2.0.50727_64 - ok
20:15:14.0474 10152 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:15:14.0477 10152 clr_optimization_v4.0.30319_32 - ok
20:15:14.0517 10152 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:15:14.0545 10152 clr_optimization_v4.0.30319_64 - ok
20:15:14.0575 10152 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:15:14.0577 10152 CmBatt - ok
20:15:14.0598 10152 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:15:14.0600 10152 cmdide - ok
20:15:14.0635 10152 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
20:15:14.0653 10152 CNG - ok
20:15:14.0674 10152 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:15:14.0676 10152 Compbatt - ok
20:15:14.0703 10152 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:15:14.0705 10152 CompositeBus - ok
20:15:14.0713 10152 COMSysApp - ok
20:15:14.0752 10152 [ C9C25778EFE890BAA4087E32937016A0 ] cpuz132 C:\Windows\system32\drivers\cpuz132_x64.sys
20:15:14.0754 10152 cpuz132 - ok
20:15:14.0776 10152 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
20:15:14.0779 10152 crcdisk - ok
20:15:14.0805 10152 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:15:14.0810 10152 CryptSvc - ok
20:15:14.0854 10152 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:15:14.0878 10152 DcomLaunch - ok
20:15:14.0929 10152 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
20:15:14.0935 10152 defragsvc - ok
20:15:14.0959 10152 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:15:14.0962 10152 DfsC - ok
20:15:14.0982 10152 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
20:15:14.0990 10152 Dhcp - ok
20:15:15.0017 10152 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
20:15:15.0019 10152 discache - ok
20:15:15.0032 10152 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
20:15:15.0034 10152 Disk - ok
20:15:15.0118 10152 DKbFltr - ok
20:15:15.0158 10152 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:15:15.0163 10152 Dnscache - ok
20:15:15.0200 10152 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
20:15:15.0206 10152 dot3svc - ok
20:15:15.0224 10152 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
20:15:15.0228 10152 DPS - ok
20:15:15.0233 10152 DritekPortIO - ok
20:15:15.0272 10152 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:15:15.0274 10152 drmkaud - ok
20:15:15.0314 10152 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:15:15.0349 10152 DXGKrnl - ok
20:15:15.0406 10152 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
20:15:15.0410 10152 EapHost - ok
20:15:15.0498 10152 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
20:15:15.0582 10152 ebdrv - ok
20:15:15.0615 10152 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
20:15:15.0619 10152 EFS - ok
20:15:15.0673 10152 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:15:15.0696 10152 ehRecvr - ok
20:15:15.0732 10152 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
20:15:15.0735 10152 ehSched - ok
20:15:15.0769 10152 [ 702D5606CF2199E0EDEA6F0E0D27CD10 ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
20:15:15.0771 10152 ElbyCDIO - ok
20:15:15.0820 10152 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
20:15:15.0841 10152 elxstor - ok
20:15:15.0947 10152 [ 7C35C6865957289D9EFE6CC73F4AB2E1 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
20:15:15.0972 10152 ePowerSvc - ok
20:15:16.0010 10152 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:15:16.0012 10152 ErrDev - ok
20:15:16.0080 10152 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
20:15:16.0100 10152 EventSystem - ok
20:15:16.0156 10152 [ 53913561A7089C9A4649CE4E42F6101B ] ewusbnet C:\Windows\system32\DRIVERS\ewusbnet.sys
20:15:16.0162 10152 ewusbnet - ok
20:15:16.0188 10152 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
20:15:16.0192 10152 exfat - ok
20:15:16.0223 10152 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:15:16.0228 10152 fastfat - ok
20:15:16.0270 10152 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
20:15:16.0293 10152 Fax - ok
20:15:16.0344 10152 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:15:16.0346 10152 fdc - ok
20:15:16.0376 10152 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
20:15:16.0379 10152 fdPHost - ok
20:15:16.0386 10152 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
20:15:16.0391 10152 FDResPub - ok
20:15:16.0417 10152 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:15:16.0422 10152 FileInfo - ok
20:15:16.0437 10152 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:15:16.0440 10152 Filetrace - ok
20:15:16.0550 10152 [ 167D24A045499EBEF438F231976158DF ] FirebirdServerMAGIXInstance C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe
20:15:16.0603 10152 FirebirdServerMAGIXInstance - ok
20:15:16.0688 10152 [ 1F63900E2EB00101B9ACA2B7A870704E ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
20:15:16.0694 10152 FLEXnet Licensing Service - ok
20:15:16.0757 10152 [ A4297244D4F817278A6AE45B1899CA9C ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
20:15:16.0791 10152 FLEXnet Licensing Service 64 - ok
20:15:16.0808 10152 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:15:16.0810 10152 flpydisk - ok
20:15:16.0848 10152 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:15:16.0854 10152 FltMgr - ok
20:15:16.0912 10152 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
20:15:16.0947 10152 FontCache - ok
20:15:17.0003 10152 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:15:17.0005 10152 FontCache3.0.0.0 - ok
20:15:17.0025 10152 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:15:17.0027 10152 FsDepends - ok
20:15:17.0056 10152 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:15:17.0059 10152 Fs_Rec - ok
20:15:17.0089 10152 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:15:17.0094 10152 fvevol - ok
20:15:17.0112 10152 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
20:15:17.0115 10152 gagp30kx - ok
20:15:17.0150 10152 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
20:15:17.0173 10152 gpsvc - ok
20:15:17.0251 10152 [ 816FD5A6F3C2F3D600900096632FC60E ] Greg_Service C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
20:15:17.0286 10152 Greg_Service - ok
20:15:17.0330 10152 [ F8F0851D336C3B88DBD7232B6348E09A ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
20:15:17.0332 10152 hamachi - ok
20:15:17.0412 10152 [ D8BF3C594BD17A37960362E6C6739B90 ] Hardlock C:\Windows\system32\drivers\hardlock.sys
20:15:17.0417 10152 Hardlock - ok
20:15:17.0454 10152 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:15:17.0457 10152 hcw85cir - ok
20:15:17.0527 10152 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:15:17.0534 10152 HdAudAddService - ok
20:15:17.0578 10152 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
20:15:17.0582 10152 HDAudBus - ok
20:15:17.0602 10152 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
20:15:17.0605 10152 HidBatt - ok
20:15:17.0628 10152 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
20:15:17.0635 10152 HidBth - ok
20:15:17.0666 10152 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
20:15:17.0672 10152 HidIr - ok
20:15:17.0695 10152 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
20:15:17.0699 10152 hidserv - ok
20:15:17.0721 10152 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
20:15:17.0724 10152 HidUsb - ok
20:15:17.0747 10152 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:15:17.0753 10152 hkmsvc - ok
20:15:17.0787 10152 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:15:17.0795 10152 HomeGroupListener - ok
20:15:17.0836 10152 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:15:17.0856 10152 HomeGroupProvider - ok
20:15:17.0882 10152 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:15:17.0885 10152 HpSAMD - ok
20:15:17.0926 10152 [ 447256D1C026654C5CD3CC17E7B20631 ] HsfXAudioService C:\Windows\SysWOW64\XAudio64.dll
20:15:17.0947 10152 HsfXAudioService - ok
20:15:18.0015 10152 [ 26C5D00321937E49B6BC91029947D094 ] HSF_DPV C:\Windows\system32\DRIVERS\CAX_DPV.sys
20:15:18.0051 10152 HSF_DPV - ok
20:15:18.0090 10152 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:15:18.0114 10152 HTTP - ok
20:15:18.0173 10152 [ D96A290F699081AE737390C0FE329D7C ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
20:15:18.0177 10152 hwdatacard - ok
20:15:18.0202 10152 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:15:18.0204 10152 hwpolicy - ok
20:15:18.0234 10152 [ E0C7255498640FC64B19AAE17FD6F965 ] hwusbfake C:\Windows\system32\DRIVERS\ewusbfake.sys
20:15:18.0237 10152 hwusbfake - ok
20:15:18.0267 10152 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:15:18.0270 10152 i8042prt - ok
20:15:18.0351 10152 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:15:18.0359 10152 iaStorV - ok
20:15:18.0428 10152 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
20:15:18.0431 10152 IDriverT - ok
20:15:18.0482 10152 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:15:18.0506 10152 idsvc - ok
20:15:18.0684 10152 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
20:15:18.0823 10152 igfx - ok
20:15:18.0850 10152 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
20:15:18.0853 10152 iirsp - ok
20:15:18.0898 10152 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
20:15:18.0921 10152 IKEEXT - ok
20:15:19.0005 10152 [ 9AA6A93852E36FE76C3F7FC2904F3B01 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:15:19.0052 10152 IntcAzAudAddService - ok
20:15:19.0072 10152 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
20:15:19.0074 10152 intelide - ok
20:15:19.0104 10152 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:15:19.0107 10152 intelppm - ok
20:15:19.0149 10152 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:15:19.0154 10152 IPBusEnum - ok
20:15:19.0188 10152 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:15:19.0191 10152 IpFilterDriver - ok
20:15:19.0232 10152 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:15:19.0252 10152 iphlpsvc - ok
20:15:19.0281 10152 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:15:19.0284 10152 IPMIDRV - ok
20:15:19.0306 10152 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:15:19.0309 10152 IPNAT - ok
20:15:19.0333 10152 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:15:19.0335 10152 IRENUM - ok
20:15:19.0351 10152 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:15:19.0354 10152 isapnp - ok
20:15:19.0378 10152 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:15:19.0383 10152 iScsiPrt - ok
20:15:19.0421 10152 [ 249EE2D26CB1530F3BEDE0AC8B9E3099 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
20:15:19.0427 10152 k57nd60a - ok
20:15:19.0450 10152 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
20:15:19.0452 10152 kbdclass - ok
20:15:19.0490 10152 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
20:15:19.0493 10152 kbdhid - ok
20:15:19.0515 10152 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
20:15:19.0518 10152 KeyIso - ok
20:15:19.0540 10152 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:15:19.0543 10152 KSecDD - ok
20:15:19.0588 10152 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:15:19.0592 10152 KSecPkg - ok
20:15:19.0629 10152 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:15:19.0632 10152 ksthunk - ok
20:15:19.0686 10152 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
20:15:19.0696 10152 KtmRm - ok
20:15:19.0716 10152 [ 2AC603C3188C704CFCE353659AA7AD71 ] L1E C:\Windows\system32\DRIVERS\L1E62x64.sys
20:15:19.0719 10152 L1E - ok
20:15:19.0759 10152 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
20:15:19.0779 10152 LanmanServer - ok
20:15:19.0812 10152 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:15:19.0820 10152 LanmanWorkstation - ok
20:15:19.0871 10152 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:15:19.0874 10152 lltdio - ok
20:15:19.0912 10152 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:15:19.0920 10152 lltdsvc - ok
20:15:19.0940 10152 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:15:19.0944 10152 lmhosts - ok
20:15:19.0975 10152 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
20:15:19.0978 10152 LSI_FC - ok
20:15:19.0993 10152 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
20:15:19.0996 10152 LSI_SAS - ok
20:15:20.0019 10152 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:15:20.0021 10152 LSI_SAS2 - ok
20:15:20.0047 10152 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:15:20.0051 10152 LSI_SCSI - ok
20:15:20.0071 10152 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
20:15:20.0074 10152 luafv - ok
20:15:20.0104 10152 [ 024DA28053D57E9E32BEE52600576BBB ] MarvinBus C:\Windows\system32\DRIVERS\MarvinBus64.sys
20:15:20.0110 10152 MarvinBus - ok
20:15:20.0142 10152 [ 79D51E7F5926E8CE1B3EBECEBAE28CFF ] mcdbus C:\Windows\system32\DRIVERS\mcdbus.sys
20:15:20.0148 10152 mcdbus - ok
20:15:20.0260 10152 [ 2DBD66025339C2540EFECFFBB5EB2380 ] McNASvc c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe
20:15:20.0318 10152 McNASvc - ok
20:15:20.0350 10152 [ 447FA93BB3E0AD783B1AD39B60C843E8 ] McProxy c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe
20:15:20.0356 10152 McProxy - ok
20:15:20.0396 10152 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:15:20.0401 10152 Mcx2Svc - ok
20:15:20.0436 10152 [ E4F44EC214B3E381E1FC844A02926666 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
20:15:20.0439 10152 mdmxsdk - ok
20:15:20.0469 10152 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
20:15:20.0472 10152 megasas - ok
20:15:20.0510 10152 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
20:15:20.0516 10152 MegaSR - ok
20:15:20.0575 10152 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
20:15:20.0577 10152 Microsoft Office Groove Audit Service - ok
20:15:20.0604 10152 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
20:15:20.0608 10152 MMCSS - ok
20:15:20.0627 10152 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
20:15:20.0631 10152 Modem - ok
20:15:20.0650 10152 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:15:20.0653 10152 monitor - ok
20:15:20.0680 10152 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
20:15:20.0683 10152 mouclass - ok
20:15:20.0707 10152 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:15:20.0710 10152 mouhid - ok
20:15:20.0734 10152 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:15:20.0737 10152 mountmgr - ok
20:15:20.0767 10152 [ AE2E68527013EB4F761ECCC630F7F1A3 ] MPFP C:\Windows\system32\Drivers\Mpfp.sys
20:15:20.0771 10152 MPFP - ok
20:15:20.0807 10152 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
20:15:20.0811 10152 mpio - ok
20:15:20.0836 10152 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:15:20.0839 10152 mpsdrv - ok
20:15:20.0895 10152 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:15:20.0919 10152 MpsSvc - ok
20:15:20.0964 10152 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:15:20.0969 10152 MRxDAV - ok
20:15:21.0005 10152 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:15:21.0009 10152 mrxsmb - ok
20:15:21.0041 10152 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:15:21.0047 10152 mrxsmb10 - ok
20:15:21.0062 10152 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:15:21.0066 10152 mrxsmb20 - ok
20:15:21.0100 10152 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
20:15:21.0103 10152 msahci - ok
20:15:21.0133 10152 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:15:21.0137 10152 msdsm - ok
20:15:21.0162 10152 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
20:15:21.0171 10152 MSDTC - ok
20:15:21.0228 10152 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:15:21.0231 10152 Msfs - ok
20:15:21.0255 10152 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:15:21.0257 10152 mshidkmdf - ok
20:15:21.0272 10152 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:15:21.0274 10152 msisadrv - ok
20:15:21.0310 10152 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:15:21.0315 10152 MSiSCSI - ok
20:15:21.0327 10152 msiserver - ok
20:15:21.0342 10152 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:15:21.0344 10152 MSKSSRV - ok
20:15:21.0365 10152 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:15:21.0370 10152 MSPCLOCK - ok
20:15:21.0389 10152 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:15:21.0391 10152 MSPQM - ok
20:15:21.0425 10152 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:15:21.0432 10152 MsRPC - ok
20:15:21.0453 10152 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:15:21.0456 10152 mssmbios - ok
20:15:21.0537 10152 MSSQL$ECSQLEXPRESS - ok
20:15:21.0579 10152 [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
20:15:21.0581 10152 MSSQLServerADHelper - ok
20:15:21.0649 10152 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:15:21.0651 10152 MSTEE - ok
20:15:21.0704 10152 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
20:15:21.0773 10152 MTConfig - ok