Prosím o kontrolu logu (preventivní)

[Encore1106]

Ahoj, dostal se mi do ruky bráchův notebook, který si moc nevybírá na co klikne, při instalacích nečte a jede dál dál dál. Zatím jsem z toho odstranil hromadů toolbarů, nějaké evidetně zbytečné programy, doplňky do FF, ale nejsem si jistý, jestli tam něco nezbylo.

Skype viru, co běhal nedávno se asi vyhnul (což se divím)

Trochu jsem měl problém s programem TornTV.com, ohledně něj nic v logu nevidím, už teda není ani v seznamu programu, jenom jeho uninstaller straší pořád v Program Files. Při pokusu "odinstalovat" ho ESET zastaví a smaže mu hromadu souborů, které si instalátor vytvoří v tempu...

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:59:34, on 16.2.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16464)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ExpressFiles\EFUpdater.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\System Control Manager\MGSysCtrl.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\WebcamMax\wcmmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_5_502_149.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_5_502_149.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [WebcamMaxAutoRun] "C:\Program Files\WebcamMax\wcmmon.exe" -a
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Upload to Facebook - C:\Program Files\WebcamMax\share\iecontext.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - C:\Program Files\System Control Manager\MSIService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

--
End of file - 6541 bytes

[Reklama]

[Žbeky]

Fixni:

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
- Pokud používáš Firefox, klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Chrome, nic dalšího nevybírej a dej Empty Selected.
Po vyčištění klikni na Exit k zavření programu.

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(ZATÍM SÁM NIC NEMAŽ!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner

Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

[Encore1106]

Malwarebytes Anti-Malware 1.70.0.1100
http://www.malwarebytes.org

Verze: v2013.02.16.03

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Honza :: HONZA-NTB [administrátor]

16.2.2013 19:02:48
mbam-log-2013-02-16 (19-02-48).txt

Typ: Kompletní kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 384624
Uplynulý čas: 2 hodin, 56 minut, 48 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 1
C:\Users\Honza\Downloads\setup.exe (PUP.Offerware) -> Nebyla provedena žádná instrukce.

(konec)

##################################################################################
##################################################################################
##################################################################################
##################################################################################
##################################################################################

# AdwCleaner v2.112 - Logfile created 02/16/2013 at 22:20:56
# Updated 10/02/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
# User : Honza - HONZA-NTB
# Boot Mode : Normal
# Running from : C:\Users\Honza\Downloads\adwcleaner0.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16464

[OK] Registry is clean.

-\\ Mozilla Firefox v18.0.2 (cs)

File : C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\6i0ijlsi.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [12563 octets] - [16/02/2013 14:34:56]
AdwCleaner[R2].txt - [1069 octets] - [16/02/2013 14:40:42]
AdwCleaner[R3].txt - [940 octets] - [16/02/2013 22:20:56]
AdwCleaner[S1].txt - [12776 octets] - [16/02/2013 14:38:05]

########## EOF - C:\AdwCleaner[R3].txt - [1060 octets] ##########

[memphisto]

- Takže spus znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je oznaèen pro odstranění, stačí restartovat počítač.

[Encore1106]

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Verze: v2013.02.16.03

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Honza :: HONZA-NTB [administrátor]

17.2.2013 17:32:43
mbam-log-2013-02-17 (17-32-43).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 207000
Uplynulý čas: 5 minut, 39 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 1
C:\Users\Honza\Downloads\setup.exe (PUP.Offerware) -> Přesun do karantény a smazání se zdařilo.

(konec)

##################################################################################
##################################################################################
##################################################################################
##################################################################################
##################################################################################

18:09:26.0307 0652 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
18:09:26.0635 0652 ============================================================
18:09:26.0635 0652 Current date / time: 2013/02/17 18:09:26.0635
18:09:26.0635 0652 SystemInfo:
18:09:26.0635 0652
18:09:26.0635 0652 OS Version: 6.1.7601 ServicePack: 1.0
18:09:26.0635 0652 Product type: Workstation
18:09:26.0635 0652 ComputerName: HONZA-NTB
18:09:26.0635 0652 UserName: Honza
18:09:26.0635 0652 Windows directory: C:\Windows
18:09:26.0635 0652 System windows directory: C:\Windows
18:09:26.0635 0652 Processor architecture: Intel x86
18:09:26.0635 0652 Number of processors: 2
18:09:26.0635 0652 Page size: 0x1000
18:09:26.0635 0652 Boot type: Normal boot
18:09:26.0635 0652 ============================================================
18:09:28.0554 0652 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:09:28.0569 0652 ============================================================
18:09:28.0569 0652 \Device\Harddisk0\DR0:
18:09:28.0569 0652 MBR partitions:
18:09:28.0569 0652 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
18:09:28.0569 0652 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x2134F000
18:09:28.0569 0652 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x21381800, BlocksNum 0x19003800
18:09:28.0569 0652 ============================================================
18:09:28.0585 0652 C: <-> \Device\Harddisk0\DR0\Partition2
18:09:28.0616 0652 D: <-> \Device\Harddisk0\DR0\Partition3
18:09:28.0616 0652 ============================================================
18:09:28.0616 0652 Initialize success
18:09:28.0616 0652 ============================================================
18:09:33.0530 1884 ============================================================
18:09:33.0530 1884 Scan started
18:09:33.0530 1884 Mode: Manual;
18:09:33.0530 1884 ============================================================
18:09:34.0747 1884 ================ Scan system memory ========================
18:09:34.0747 1884 System memory - ok
18:09:34.0747 1884 ================ Scan services =============================
18:09:34.0887 1884 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:09:34.0887 1884 1394ohci - ok
18:09:34.0950 1884 [ E6F53D6C0DEA3D375362265E175CA638 ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys
18:09:34.0950 1884 acedrv11 - ok
18:09:34.0981 1884 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:09:34.0981 1884 ACPI - ok
18:09:34.0997 1884 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:09:34.0997 1884 AcpiPmi - ok
18:09:35.0059 1884 [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
18:09:35.0059 1884 AdobeARMservice - ok
18:09:35.0106 1884 [ EC807244904FA170C299AB06D87FBDBE ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:09:35.0106 1884 AdobeFlashPlayerUpdateSvc - ok
18:09:35.0153 1884 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
18:09:35.0184 1884 adp94xx - ok
18:09:35.0215 1884 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\drivers\adpahci.sys
18:09:35.0231 1884 adpahci - ok
18:09:35.0277 1884 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
18:09:35.0277 1884 adpu320 - ok
18:09:35.0309 1884 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:09:35.0309 1884 AeLookupSvc - ok
18:09:35.0340 1884 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
18:09:35.0340 1884 AFD - ok
18:09:35.0418 1884 [ 7E10E3BB9B258AD8A9300F91214D67B9 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
18:09:35.0465 1884 AgereSoftModem - ok
18:09:35.0480 1884 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
18:09:35.0480 1884 agp440 - ok
18:09:35.0527 1884 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
18:09:35.0527 1884 aic78xx - ok
18:09:35.0574 1884 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
18:09:35.0574 1884 ALG - ok
18:09:35.0589 1884 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
18:09:35.0589 1884 aliide - ok
18:09:35.0621 1884 [ B19505648F033393E907E2E419FDE8B3 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
18:09:35.0621 1884 AMD External Events Utility - ok
18:09:35.0652 1884 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
18:09:35.0652 1884 amdagp - ok
18:09:35.0667 1884 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
18:09:35.0667 1884 amdide - ok
18:09:35.0699 1884 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
18:09:35.0699 1884 AmdK8 - ok
18:09:35.0714 1884 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
18:09:35.0714 1884 AmdPPM - ok
18:09:35.0745 1884 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:09:35.0792 1884 amdsata - ok
18:09:35.0839 1884 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
18:09:35.0855 1884 amdsbs - ok
18:09:35.0870 1884 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:09:35.0870 1884 amdxata - ok
18:09:35.0886 1884 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
18:09:35.0886 1884 AppID - ok
18:09:35.0917 1884 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:09:35.0917 1884 AppIDSvc - ok
18:09:35.0933 1884 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
18:09:35.0933 1884 Appinfo - ok
18:09:35.0979 1884 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:09:35.0979 1884 Apple Mobile Device - ok
18:09:36.0011 1884 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
18:09:36.0011 1884 AppMgmt - ok
18:09:36.0057 1884 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\drivers\arc.sys
18:09:36.0057 1884 arc - ok
18:09:36.0073 1884 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\drivers\arcsas.sys
18:09:36.0073 1884 arcsas - ok
18:09:36.0089 1884 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:09:36.0089 1884 AsyncMac - ok
18:09:36.0104 1884 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
18:09:36.0104 1884 atapi - ok
18:09:36.0198 1884 [ 31CB2740BFDBAC1E48E2B7EAD38F0D27 ] athr C:\Windows\system32\DRIVERS\athr.sys
18:09:36.0245 1884 athr - ok
18:09:36.0385 1884 [ 04F09923A393E4E0E8453A8F78361E73 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
18:09:36.0494 1884 atikmdag - ok
18:09:36.0541 1884 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:09:36.0541 1884 AudioEndpointBuilder - ok
18:09:36.0557 1884 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
18:09:36.0572 1884 Audiosrv - ok
18:09:36.0588 1884 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:09:36.0603 1884 AxInstSV - ok
18:09:36.0635 1884 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys
18:09:36.0650 1884 b06bdrv - ok
18:09:36.0681 1884 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
18:09:36.0697 1884 b57nd60x - ok
18:09:36.0744 1884 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
18:09:36.0744 1884 BDESVC - ok
18:09:36.0775 1884 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
18:09:36.0775 1884 Beep - ok
18:09:36.0806 1884 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
18:09:36.0822 1884 BFE - ok
18:09:36.0837 1884 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
18:09:36.0853 1884 BITS - ok
18:09:36.0884 1884 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:09:36.0884 1884 blbdrive - ok
18:09:36.0931 1884 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:09:36.0931 1884 Bonjour Service - ok
18:09:36.0978 1884 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:09:36.0978 1884 bowser - ok
18:09:37.0009 1884 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
18:09:37.0009 1884 BrFiltLo - ok
18:09:37.0040 1884 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
18:09:37.0040 1884 BrFiltUp - ok
18:09:37.0071 1884 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
18:09:37.0071 1884 Browser - ok
18:09:37.0103 1884 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:09:37.0103 1884 Brserid - ok
18:09:37.0118 1884 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:09:37.0118 1884 BrSerWdm - ok
18:09:37.0134 1884 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:09:37.0134 1884 BrUsbMdm - ok
18:09:37.0134 1884 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:09:37.0134 1884 BrUsbSer - ok
18:09:37.0149 1884 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
18:09:37.0149 1884 BTHMODEM - ok
18:09:37.0181 1884 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
18:09:37.0181 1884 bthserv - ok
18:09:37.0227 1884 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:09:37.0227 1884 cdfs - ok
18:09:37.0259 1884 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:09:37.0259 1884 cdrom - ok
18:09:37.0290 1884 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
18:09:37.0305 1884 CertPropSvc - ok
18:09:37.0337 1884 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
18:09:37.0337 1884 circlass - ok
18:09:37.0352 1884 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
18:09:37.0368 1884 CLFS - ok
18:09:37.0430 1884 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:09:37.0430 1884 clr_optimization_v2.0.50727_32 - ok
18:09:37.0493 1884 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:09:37.0493 1884 clr_optimization_v4.0.30319_32 - ok
18:09:37.0539 1884 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:09:37.0539 1884 CmBatt - ok
18:09:37.0555 1884 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:09:37.0555 1884 cmdide - ok
18:09:37.0602 1884 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
18:09:37.0602 1884 CNG - ok
18:09:37.0633 1884 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:09:37.0633 1884 Compbatt - ok
18:09:37.0664 1884 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
18:09:37.0664 1884 CompositeBus - ok
18:09:37.0680 1884 COMSysApp - ok
18:09:37.0695 1884 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
18:09:37.0695 1884 crcdisk - ok
18:09:37.0758 1884 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:09:37.0758 1884 CryptSvc - ok
18:09:37.0773 1884 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
18:09:37.0789 1884 CSC - ok
18:09:37.0836 1884 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
18:09:37.0867 1884 CscService - ok
18:09:37.0898 1884 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
18:09:37.0929 1884 DcomLaunch - ok
18:09:37.0945 1884 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
18:09:37.0961 1884 defragsvc - ok
18:09:37.0992 1884 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:09:37.0992 1884 DfsC - ok
18:09:38.0039 1884 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
18:09:38.0039 1884 Dhcp - ok
18:09:38.0054 1884 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
18:09:38.0054 1884 discache - ok
18:09:38.0085 1884 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\drivers\disk.sys
18:09:38.0085 1884 Disk - ok
18:09:38.0117 1884 [ 2A958EF85DB1B61FFCA65044FA4BCE9E ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
18:09:38.0148 1884 dmvsc - ok
18:09:38.0163 1884 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:09:38.0179 1884 Dnscache - ok
18:09:38.0195 1884 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
18:09:38.0210 1884 dot3svc - ok
18:09:38.0226 1884 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
18:09:38.0226 1884 DPS - ok
18:09:38.0257 1884 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:09:38.0257 1884 drmkaud - ok
18:09:38.0304 1884 [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
18:09:38.0304 1884 dtsoftbus01 - ok
18:09:38.0335 1884 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:09:38.0351 1884 DXGKrnl - ok
18:09:38.0382 1884 [ 8A45015E85A4DCE0086B9973F0FD9A20 ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
18:09:38.0397 1884 eamonm - ok
18:09:38.0413 1884 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
18:09:38.0413 1884 EapHost - ok
18:09:38.0522 1884 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\drivers\evbdx.sys
18:09:38.0600 1884 ebdrv - ok
18:09:38.0631 1884 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
18:09:38.0631 1884 EFS - ok
18:09:38.0663 1884 [ 5412ED24FFFCA64E2F0168399B86C952 ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
18:09:38.0663 1884 ehdrv - ok
18:09:38.0709 1884 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:09:38.0725 1884 ehRecvr - ok
18:09:38.0741 1884 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
18:09:38.0756 1884 ehSched - ok
18:09:38.0803 1884 [ AD4FAADE819E0DA9933BEA7C01D2C763 ] ekrn C:\Program Files\ESET\ESET Smart Security\ekrn.exe
18:09:38.0819 1884 ekrn - ok
18:09:38.0865 1884 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\drivers\elxstor.sys
18:09:38.0881 1884 elxstor - ok
18:09:38.0928 1884 [ F13C945115B8A8C7C4427D5925F88F23 ] enecir C:\Windows\system32\DRIVERS\enecir.sys
18:09:38.0928 1884 enecir - ok
18:09:38.0959 1884 [ 774BABCB1144513DC86992003740B774 ] epfw C:\Windows\system32\DRIVERS\epfw.sys
18:09:38.0959 1884 epfw - ok
18:09:38.0975 1884 [ 2C22CC39309EE06AE870C183BF2A769D ] EpfwLWF C:\Windows\system32\DRIVERS\EpfwLWF.sys
18:09:38.0975 1884 EpfwLWF - ok
18:09:39.0006 1884 [ 2B4E5F01A4E786B422F4D617B51FA7D9 ] epfwwfp C:\Windows\system32\DRIVERS\epfwwfp.sys
18:09:39.0006 1884 epfwwfp - ok
18:09:39.0021 1884 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:09:39.0021 1884 ErrDev - ok
18:09:39.0068 1884 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
18:09:39.0084 1884 EventSystem - ok
18:09:39.0115 1884 [ 7FA352252FE7F5BD7D235A66AA1F69FE ] EvolveVirtualAdapter C:\Windows\system32\DRIVERS\evolve.sys
18:09:39.0115 1884 EvolveVirtualAdapter - ok
18:09:39.0193 1884 [ AC41DDC9AF13C758D3EA5E9D36D78AF1 ] EvoSvc C:\Program Files\Echobit\Evolve\EvoSvc.exe
18:09:39.0240 1884 EvoSvc - ok
18:09:39.0255 1884 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
18:09:39.0271 1884 exfat - ok
18:09:39.0287 1884 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:09:39.0287 1884 fastfat - ok
18:09:39.0333 1884 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
18:09:39.0365 1884 Fax - ok
18:09:39.0396 1884 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\drivers\fdc.sys
18:09:39.0396 1884 fdc - ok
18:09:39.0411 1884 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
18:09:39.0411 1884 fdPHost - ok
18:09:39.0458 1884 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
18:09:39.0458 1884 FDResPub - ok
18:09:39.0474 1884 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:09:39.0474 1884 FileInfo - ok
18:09:39.0489 1884 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:09:39.0489 1884 Filetrace - ok
18:09:39.0521 1884 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
18:09:39.0536 1884 flpydisk - ok
18:09:39.0567 1884 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:09:39.0567 1884 FltMgr - ok
18:09:39.0614 1884 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
18:09:39.0630 1884 FontCache - ok
18:09:39.0661 1884 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:09:39.0661 1884 FontCache3.0.0.0 - ok
18:09:39.0708 1884 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:09:39.0708 1884 FsDepends - ok
18:09:39.0723 1884 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:09:39.0723 1884 Fs_Rec - ok
18:09:39.0755 1884 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:09:39.0755 1884 fvevol - ok
18:09:39.0786 1884 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
18:09:39.0786 1884 gagp30kx - ok
18:09:39.0833 1884 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:09:39.0864 1884 GEARAspiWDM - ok
18:09:39.0911 1884 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
18:09:39.0926 1884 gpsvc - ok
18:09:39.0973 1884 [ 7929A161F9951D173CA9900FE7067391 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
18:09:39.0973 1884 hamachi - ok
18:09:40.0004 1884 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:09:40.0004 1884 hcw85cir - ok
18:09:40.0051 1884 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:09:40.0067 1884 HdAudAddService - ok
18:09:40.0082 1884 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
18:09:40.0098 1884 HDAudBus - ok
18:09:40.0113 1884 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
18:09:40.0129 1884 HidBatt - ok
18:09:40.0129 1884 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\drivers\hidbth.sys
18:09:40.0129 1884 HidBth - ok
18:09:40.0160 1884 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
18:09:40.0160 1884 HidIr - ok
18:09:40.0191 1884 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
18:09:40.0191 1884 hidserv - ok
18:09:40.0223 1884 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:09:40.0223 1884 HidUsb - ok
18:09:40.0254 1884 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:09:40.0254 1884 hkmsvc - ok
18:09:40.0269 1884 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:09:40.0285 1884 HomeGroupListener - ok
18:09:40.0316 1884 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:09:40.0316 1884 HomeGroupProvider - ok
18:09:40.0363 1884 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:09:40.0363 1884 HpSAMD - ok
18:09:40.0394 1884 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:09:40.0394 1884 HTTP - ok
18:09:40.0410 1884 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:09:40.0410 1884 hwpolicy - ok
18:09:40.0457 1884 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
18:09:40.0457 1884 i8042prt - ok
18:09:40.0472 1884 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:09:40.0503 1884 iaStorV - ok
18:09:40.0566 1884 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:09:40.0597 1884 idsvc - ok
18:09:40.0628 1884 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\drivers\iirsp.sys
18:09:40.0628 1884 iirsp - ok
18:09:40.0691 1884 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
18:09:40.0706 1884 IKEEXT - ok
18:09:40.0815 1884 [ 97FA95E4F486F37D60AD3744D86F3D7E ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
18:09:40.0831 1884 IntcAzAudAddService - ok
18:09:40.0862 1884 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
18:09:40.0862 1884 intelide - ok
18:09:40.0893 1884 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:09:40.0893 1884 intelppm - ok
18:09:40.0925 1884 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:09:40.0925 1884 IPBusEnum - ok
18:09:40.0925 1884 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:09:40.0925 1884 IpFilterDriver - ok
18:09:40.0971 1884 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:09:40.0987 1884 iphlpsvc - ok
18:09:41.0018 1884 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:09:41.0018 1884 IPMIDRV - ok
18:09:41.0018 1884 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:09:41.0034 1884 IPNAT - ok
18:09:41.0081 1884 [ 57EDB35EA2FECA88F8B17C0C095C9A56 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:09:41.0112 1884 iPod Service - ok
18:09:41.0143 1884 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:09:41.0143 1884 IRENUM - ok
18:09:41.0174 1884 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:09:41.0174 1884 isapnp - ok
18:09:41.0190 1884 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:09:41.0205 1884 iScsiPrt - ok
18:09:41.0237 1884 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:09:41.0237 1884 kbdclass - ok
18:09:41.0252 1884 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:09:41.0252 1884 kbdhid - ok
18:09:41.0268 1884 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
18:09:41.0283 1884 KeyIso - ok
18:09:41.0299 1884 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:09:41.0299 1884 KSecDD - ok
18:09:41.0330 1884 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:09:41.0330 1884 KSecPkg - ok
18:09:41.0361 1884 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
18:09:41.0377 1884 KtmRm - ok
18:09:41.0424 1884 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
18:09:41.0424 1884 LanmanServer - ok
18:09:41.0455 1884 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:09:41.0471 1884 LanmanWorkstation - ok
18:09:41.0502 1884 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:09:41.0502 1884 lltdio - ok
18:09:41.0549 1884 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:09:41.0549 1884 lltdsvc - ok
18:09:41.0564 1884 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
18:09:41.0580 1884 lmhosts - ok
18:09:41.0611 1884 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
18:09:41.0611 1884 LSI_FC - ok
18:09:41.0658 1884 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
18:09:41.0658 1884 LSI_SAS - ok
18:09:41.0673 1884 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
18:09:41.0673 1884 LSI_SAS2 - ok
18:09:41.0689 1884 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
18:09:41.0689 1884 LSI_SCSI - ok
18:09:41.0720 1884 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
18:09:41.0720 1884 luafv - ok
18:09:41.0767 1884 [ A3E700D78EEC390F1208098CDCA5C6B6 ] MarvinBus C:\Windows\system32\DRIVERS\MarvinBus.sys
18:09:41.0767 1884 MarvinBus - ok
18:09:41.0798 1884 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:09:41.0798 1884 Mcx2Svc - ok
18:09:41.0876 1884 [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
18:09:41.0876 1884 MDM - ok
18:09:41.0907 1884 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\drivers\megasas.sys
18:09:41.0907 1884 megasas - ok
18:09:41.0939 1884 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
18:09:41.0939 1884 MegaSR - ok
18:09:42.0001 1884 [ 71C6748EE8DE938532057EF10B4B7E44 ] Micro Star SCM C:\Program Files\System Control Manager\MSIService.exe
18:09:42.0001 1884 Micro Star SCM - ok
18:09:42.0079 1884 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
18:09:42.0079 1884 Microsoft Office Groove Audit Service - ok
18:09:42.0110 1884 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
18:09:42.0110 1884 MMCSS - ok
18:09:42.0126 1884 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
18:09:42.0126 1884 Modem - ok
18:09:42.0173 1884 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:09:42.0173 1884 monitor - ok
18:09:42.0173 1884 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:09:42.0188 1884 mouclass - ok
18:09:42.0204 1884 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:09:42.0204 1884 mouhid - ok
18:09:42.0219 1884 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:09:42.0219 1884 mountmgr - ok
18:09:42.0266 1884 [ 51A84B690DF519DCF656F780243D953E ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:09:42.0266 1884 MozillaMaintenance - ok
18:09:42.0297 1884 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
18:09:42.0297 1884 mpio - ok
18:09:42.0313 1884 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:09:42.0313 1884 mpsdrv - ok
18:09:42.0360 1884 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:09:42.0375 1884 MpsSvc - ok
18:09:42.0391 1884 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:09:42.0391 1884 MRxDAV - ok
18:09:42.0422 1884 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:09:42.0422 1884 mrxsmb - ok
18:09:42.0438 1884 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:09:42.0438 1884 mrxsmb10 - ok
18:09:42.0453 1884 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:09:42.0453 1884 mrxsmb20 - ok
18:09:42.0485 1884 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
18:09:42.0485 1884 msahci - ok
18:09:42.0500 1884 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:09:42.0500 1884 msdsm - ok
18:09:42.0516 1884 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
18:09:42.0531 1884 MSDTC - ok
18:09:42.0563 1884 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:09:42.0563 1884 Msfs - ok
18:09:42.0578 1884 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:09:42.0578 1884 mshidkmdf - ok
18:09:42.0594 1884 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:09:42.0594 1884 msisadrv - ok
18:09:42.0641 1884 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:09:42.0641 1884 MSiSCSI - ok
18:09:42.0656 1884 msiserver - ok
18:09:42.0687 1884 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:09:42.0703 1884 MSKSSRV - ok
18:09:42.0719 1884 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:09:42.0719 1884 MSPCLOCK - ok
18:09:42.0734 1884 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:09:42.0734 1884 MSPQM - ok
18:09:42.0750 1884 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:09:42.0765 1884 MsRPC - ok
18:09:42.0781 1884 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
18:09:42.0781 1884 mssmbios - ok
18:09:42.0797 1884 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:09:42.0797 1884 MSTEE - ok
18:09:42.0828 1884 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
18:09:42.0828 1884 MTConfig - ok
18:09:42.0843 1884 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
18:09:42.0843 1884 Mup - ok
18:09:42.0875 1884 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
18:09:42.0890 1884 napagent - ok
18:09:42.0937 1884 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:09:42.0937 1884 NativeWifiP - ok
18:09:42.0968 1884 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:09:42.0999 1884 NDIS - ok
18:09:43.0031 1884 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:09:43.0031 1884 NdisCap - ok
18:09:43.0062 1884 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:09:43.0062 1884 NdisTapi - ok
18:09:43.0093 1884 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:09:43.0109 1884 Ndisuio - ok
18:09:43.0124 1884 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:09:43.0124 1884 NdisWan - ok
18:09:43.0140 1884 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:09:43.0140 1884 NDProxy - ok
18:09:43.0155 1884 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:09:43.0171 1884 NetBIOS - ok
18:09:43.0187 1884 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:09:43.0187 1884 NetBT - ok
18:09:43.0202 1884 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
18:09:43.0218 1884 Netlogon - ok
18:09:43.0249 1884 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
18:09:43.0265 1884 Netman - ok
18:09:43.0280 1884 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
18:09:43.0296 1884 netprofm - ok
18:09:43.0311 1884 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:09:43.0327 1884 NetTcpPortSharing - ok
18:09:43.0358 1884 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
18:09:43.0358 1884 nfrd960 - ok
18:09:43.0389 1884 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
18:09:43.0405 1884 NlaSvc - ok
18:09:43.0405 1884 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:09:43.0421 1884 Npfs - ok
18:09:43.0436 1884 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
18:09:43.0452 1884 nsi - ok
18:09:43.0467 1884 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:09:43.0467 1884 nsiproxy - ok
18:09:43.0530 1884 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:09:43.0561 1884 Ntfs - ok
18:09:43.0577 1884 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
18:09:43.0577 1884 Null - ok
18:09:43.0623 1884 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:09:43.0655 1884 nvraid - ok
18:09:43.0686 1884 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:09:43.0748 1884 nvstor - ok
18:09:43.0795 1884 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:09:43.0795 1884 nv_agp - ok
18:09:43.0857 1884 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:09:43.0873 1884 odserv - ok
18:09:43.0889 1884 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:09:43.0889 1884 ohci1394 - ok
18:09:43.0920 1884 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:09:43.0951 1884 ose - ok
18:09:43.0998 1884 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:09:44.0013 1884 p2pimsvc - ok
18:09:44.0029 1884 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
18:09:44.0060 1884 p2psvc - ok
18:09:44.0091 1884 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\drivers\parport.sys
18:09:44.0091 1884 Parport - ok
18:09:44.0123 1884 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:09:44.0123 1884 partmgr - ok
18:09:44.0154 1884 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\drivers\parvdm.sys
18:09:44.0154 1884 Parvdm - ok
18:09:44.0185 1884 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:09:44.0185 1884 PcaSvc - ok
18:09:44.0216 1884 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
18:09:44.0216 1884 pci - ok
18:09:44.0247 1884 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
18:09:44.0247 1884 pciide - ok
18:09:44.0247 1884 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
18:09:44.0263 1884 pcmcia - ok
18:09:44.0279 1884 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
18:09:44.0279 1884 pcw - ok
18:09:44.0325 1884 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:09:44.0341 1884 PEAUTH - ok
18:09:44.0388 1884 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
18:09:44.0419 1884 PeerDistSvc - ok
18:09:44.0497 1884 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
18:09:44.0528 1884 pla - ok
18:09:44.0575 1884 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:09:44.0575 1884 PlugPlay - ok
18:09:44.0591 1884 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:09:44.0606 1884 PNRPAutoReg - ok
18:09:44.0622 1884 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:09:44.0637 1884 PNRPsvc - ok
18:09:44.0653 1884 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:09:44.0669 1884 PolicyAgent - ok
18:09:44.0700 1884 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
18:09:44.0700 1884 Power - ok
18:09:44.0747 1884 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:09:44.0747 1884 PptpMiniport - ok
18:09:44.0762 1884 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\drivers\processr.sys
18:09:44.0762 1884 Processor - ok
18:09:44.0793 1884 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
18:09:44.0809 1884 ProfSvc - ok
18:09:44.0825 1884 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:09:44.0825 1884 ProtectedStorage - ok
18:09:44.0856 1884 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:09:44.0856 1884 Psched - ok
18:09:44.0903 1884 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
18:09:44.0934 1884 ql2300 - ok
18:09:44.0934 1884 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
18:09:44.0949 1884 ql40xx - ok
18:09:44.0965 1884 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
18:09:44.0981 1884 QWAVE - ok
18:09:44.0996 1884 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:09:44.0996 1884 QWAVEdrv - ok
18:09:45.0012 1884 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:09:45.0012 1884 RasAcd - ok
18:09:45.0043 1884 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:09:45.0043 1884 RasAgileVpn - ok
18:09:45.0059 1884 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
18:09:45.0059 1884 RasAuto - ok
18:09:45.0074 1884 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:09:45.0074 1884 Rasl2tp - ok
18:09:45.0121 1884 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
18:09:45.0137 1884 RasMan - ok
18:09:45.0152 1884 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:09:45.0168 1884 RasPppoe - ok
18:09:45.0183 1884 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:09:45.0183 1884 RasSstp - ok
18:09:45.0215 1884 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:09:45.0215 1884 rdbss - ok
18:09:45.0230 1884 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
18:09:45.0230 1884 rdpbus - ok
18:09:45.0246 1884 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:09:45.0246 1884 RDPCDD - ok
18:09:45.0277 1884 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
18:09:45.0277 1884 RDPDR - ok
18:09:45.0308 1884 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:09:45.0308 1884 RDPENCDD - ok
18:09:45.0324 1884 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:09:45.0324 1884 RDPREFMP - ok
18:09:45.0371 1884 [ 68A0387F58E226DEEE23D9715955572A ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:09:45.0371 1884 RdpVideoMiniport - ok
18:09:45.0402 1884 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:09:45.0417 1884 RDPWD - ok
18:09:45.0433 1884 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:09:45.0433 1884 rdyboost - ok
18:09:45.0480 1884 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
18:09:45.0480 1884 RemoteAccess - ok
18:09:45.0511 1884 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:09:45.0527 1884 RemoteRegistry - ok
18:09:45.0542 1884 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:09:45.0558 1884 RpcEptMapper - ok
18:09:45.0573 1884 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
18:09:45.0573 1884 RpcLocator - ok
18:09:45.0589 1884 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
18:09:45.0605 1884 RpcSs - ok
18:09:45.0620 1884 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:09:45.0636 1884 rspndr - ok
18:09:45.0667 1884 [ B87F999E05DD9C0312C83A8752E8E66B ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
18:09:45.0667 1884 RSUSBSTOR - ok
18:09:45.0698 1884 [ D82223BA9DC7ED479B61BE2B521FB6E6 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIV.sys
18:09:45.0698 1884 RTHDMIAzAudService - ok
18:09:45.0729 1884 [ 5283B9A27FF230F2FF70D92451FF409A ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
18:09:45.0745 1884 RTL8167 - ok
18:09:45.0776 1884 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
18:09:45.0776 1884 s3cap - ok
18:09:45.0792 1884 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
18:09:45.0807 1884 SamSs - ok
18:09:45.0823 1884 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:09:45.0823 1884 sbp2port - ok
18:09:45.0854 1884 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:09:45.0854 1884 SCardSvr - ok
18:09:45.0870 1884 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:09:45.0870 1884 scfilter - ok
18:09:45.0917 1884 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
18:09:45.0932 1884 Schedule - ok
18:09:45.0948 1884 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
18:09:45.0948 1884 SCPolicySvc - ok
18:09:45.0948 1884 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:09:45.0963 1884 SDRSVC - ok
18:09:45.0979 1884 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:09:46.0010 1884 secdrv - ok
18:09:46.0026 1884 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
18:09:46.0026 1884 seclogon - ok
18:09:46.0057 1884 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
18:09:46.0057 1884 SENS - ok
18:09:46.0073 1884 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:09:46.0073 1884 SensrSvc - ok
18:09:46.0088 1884 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\drivers\serenum.sys
18:09:46.0088 1884 Serenum - ok
18:09:46.0119 1884 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\drivers\serial.sys
18:09:46.0119 1884 Serial - ok
18:09:46.0119 1884 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\drivers\sermouse.sys
18:09:46.0135 1884 sermouse - ok
18:09:46.0151 1884 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
18:09:46.0166 1884 SessionEnv - ok
18:09:46.0182 1884 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:09:46.0182 1884 sffdisk - ok
18:09:46.0182 1884 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:09:46.0182 1884 sffp_mmc - ok
18:09:46.0197 1884 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:09:46.0197 1884 sffp_sd - ok
18:09:46.0197 1884 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys

[Encore1106]

18:09:46.0197 1884 sfloppy - ok
18:09:46.0229 1884 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:09:46.0244 1884 SharedAccess - ok
18:09:46.0260 1884 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:09:46.0260 1884 ShellHWDetection - ok
18:09:46.0291 1884 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
18:09:46.0291 1884 sisagp - ok
18:09:46.0307 1884 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
18:09:46.0307 1884 SiSRaid2 - ok
18:09:46.0338 1884 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
18:09:46.0338 1884 SiSRaid4 - ok
18:09:46.0400 1884 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
18:09:46.0400 1884 SkypeUpdate - ok
18:09:46.0447 1884 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:09:46.0447 1884 Smb - ok
18:09:46.0478 1884 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:09:46.0478 1884 SNMPTRAP - ok
18:09:46.0509 1884 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
18:09:46.0509 1884 spldr - ok
18:09:46.0556 1884 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
18:09:46.0556 1884 Spooler - ok
18:09:46.0650 1884 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
18:09:46.0728 1884 sppsvc - ok
18:09:46.0743 1884 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:09:46.0743 1884 sppuinotify - ok
18:09:46.0775 1884 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
18:09:46.0775 1884 srv - ok
18:09:46.0806 1884 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:09:46.0806 1884 srv2 - ok
18:09:46.0821 1884 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:09:46.0821 1884 srvnet - ok
18:09:46.0837 1884 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:09:46.0853 1884 SSDPSRV - ok
18:09:46.0868 1884 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:09:46.0868 1884 SstpSvc - ok
18:09:46.0899 1884 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\drivers\stexstor.sys
18:09:46.0899 1884 stexstor - ok
18:09:46.0931 1884 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
18:09:46.0946 1884 StiSvc - ok
18:09:46.0962 1884 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
18:09:46.0962 1884 storflt - ok
18:09:46.0993 1884 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
18:09:46.0993 1884 storvsc - ok
18:09:47.0024 1884 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
18:09:47.0024 1884 swenum - ok
18:09:47.0055 1884 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
18:09:47.0055 1884 swprv - ok
18:09:47.0087 1884 [ F2AD8960812FD111E20E84659EF19D43 ] Synth3dVsc C:\Windows\system32\drivers\synth3dvsc.sys
18:09:47.0087 1884 Synth3dVsc - ok
18:09:47.0133 1884 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
18:09:47.0165 1884 SysMain - ok
18:09:47.0196 1884 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:09:47.0196 1884 TabletInputService - ok
18:09:47.0211 1884 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
18:09:47.0227 1884 TapiSrv - ok
18:09:47.0227 1884 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
18:09:47.0243 1884 TBS - ok
18:09:47.0305 1884 [ 7C0507D2391AF5933600CBCED799F277 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:09:47.0336 1884 Tcpip - ok
18:09:47.0414 1884 [ 7C0507D2391AF5933600CBCED799F277 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:09:47.0430 1884 TCPIP6 - ok
18:09:47.0461 1884 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:09:47.0461 1884 tcpipreg - ok
18:09:47.0492 1884 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:09:47.0492 1884 TDPIPE - ok
18:09:47.0523 1884 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:09:47.0523 1884 TDTCP - ok
18:09:47.0539 1884 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:09:47.0539 1884 tdx - ok
18:09:47.0555 1884 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
18:09:47.0555 1884 TermDD - ok
18:09:47.0570 1884 [ 052306FD76793D5D5AB5D9891FD1ADBB ] terminpt C:\Windows\system32\drivers\terminpt.sys
18:09:47.0570 1884 terminpt - ok
18:09:47.0601 1884 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
18:09:47.0633 1884 TermService - ok
18:09:47.0648 1884 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
18:09:47.0648 1884 Themes - ok
18:09:47.0664 1884 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
18:09:47.0664 1884 THREADORDER - ok
18:09:47.0711 1884 [ CF3AE1FE5D5D55747F1338DE5C07852A ] TOSHIBA Bluetooth Service C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
18:09:47.0711 1884 TOSHIBA Bluetooth Service - ok
18:09:47.0742 1884 [ 90AFA1A4451BBBEE87C9F18A665D8121 ] tosporte C:\Windows\system32\DRIVERS\tosporte.sys
18:09:47.0742 1884 tosporte - ok
18:09:47.0757 1884 [ 51D7F024A66814F8BEE33E4BE394A03E ] tosrfbd C:\Windows\system32\DRIVERS\tosrfbd.sys
18:09:47.0757 1884 tosrfbd - ok
18:09:47.0773 1884 [ 74392BAB3F0D4810DA8436EC79D6955D ] tosrfbnp C:\Windows\system32\Drivers\tosrfbnp.sys
18:09:47.0789 1884 tosrfbnp - ok
18:09:47.0820 1884 [ 1AD9EB1B5ABD0AEEE4084C8153476F1E ] Tosrfcom C:\Windows\system32\Drivers\tosrfcom.sys
18:09:47.0820 1884 Tosrfcom - ok
18:09:47.0835 1884 [ A72A3473180F378CC07D342803FFD580 ] Tosrfhid C:\Windows\system32\DRIVERS\Tosrfhid.sys
18:09:47.0851 1884 Tosrfhid - ok
18:09:47.0867 1884 [ B2A1A6538245FD69578224BBF2FD4677 ] tosrfnds C:\Windows\system32\DRIVERS\tosrfnds.sys
18:09:47.0867 1884 tosrfnds - ok
18:09:47.0882 1884 [ F1CA74CCA8241D8B8A024AECC643C547 ] TosRfSnd C:\Windows\system32\drivers\tosrfsnd.sys
18:09:47.0882 1884 TosRfSnd - ok
18:09:47.0913 1884 [ CAB2AB2916DCB86DF6AE034F319C0238 ] Tosrfusb C:\Windows\system32\DRIVERS\tosrfusb.sys
18:09:47.0913 1884 Tosrfusb - ok
18:09:47.0945 1884 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
18:09:47.0945 1884 TrkWks - ok
18:09:47.0991 1884 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:09:47.0991 1884 TrustedInstaller - ok
18:09:48.0023 1884 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:09:48.0023 1884 tssecsrv - ok
18:09:48.0038 1884 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:09:48.0038 1884 TsUsbFlt - ok
18:09:48.0069 1884 [ 01246F0BAAD7B68EC0F472AA41E33282 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
18:09:48.0069 1884 TsUsbGD - ok
18:09:48.0101 1884 [ 045ACB987C650D8186C6B4A692223860 ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
18:09:48.0116 1884 tsusbhub - ok
18:09:48.0132 1884 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:09:48.0132 1884 tunnel - ok
18:09:48.0147 1884 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\drivers\uagp35.sys
18:09:48.0147 1884 uagp35 - ok
18:09:48.0163 1884 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:09:48.0163 1884 udfs - ok
18:09:48.0194 1884 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:09:48.0210 1884 UI0Detect - ok
18:09:48.0225 1884 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:09:48.0225 1884 uliagpkx - ok
18:09:48.0241 1884 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:09:48.0257 1884 umbus - ok
18:09:48.0288 1884 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\drivers\umpass.sys
18:09:48.0288 1884 UmPass - ok
18:09:48.0335 1884 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
18:09:48.0335 1884 UmRdpService - ok
18:09:48.0366 1884 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
18:09:48.0381 1884 upnphost - ok
18:09:48.0428 1884 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
18:09:48.0428 1884 USBAAPL - ok
18:09:48.0444 1884 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:09:48.0444 1884 usbccgp - ok
18:09:48.0491 1884 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:09:48.0491 1884 usbcir - ok
18:09:48.0522 1884 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:09:48.0522 1884 usbehci - ok
18:09:48.0553 1884 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:09:48.0553 1884 usbhub - ok
18:09:48.0569 1884 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:09:48.0584 1884 usbohci - ok
18:09:48.0600 1884 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\drivers\usbprint.sys
18:09:48.0600 1884 usbprint - ok
18:09:48.0631 1884 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:09:48.0631 1884 USBSTOR - ok
18:09:48.0647 1884 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
18:09:48.0647 1884 usbuhci - ok
18:09:48.0678 1884 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
18:09:48.0678 1884 usbvideo - ok
18:09:48.0709 1884 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
18:09:48.0709 1884 UxSms - ok
18:09:48.0725 1884 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
18:09:48.0725 1884 VaultSvc - ok
18:09:48.0756 1884 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:09:48.0756 1884 vdrvroot - ok
18:09:48.0787 1884 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
18:09:48.0787 1884 vds - ok
18:09:48.0803 1884 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:09:48.0818 1884 vga - ok
18:09:48.0834 1884 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
18:09:48.0834 1884 VgaSave - ok
18:09:48.0834 1884 VGPU - ok
18:09:48.0849 1884 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:09:48.0849 1884 vhdmp - ok
18:09:48.0896 1884 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
18:09:48.0896 1884 viaagp - ok
18:09:48.0896 1884 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
18:09:48.0912 1884 ViaC7 - ok
18:09:48.0912 1884 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
18:09:48.0912 1884 viaide - ok
18:09:48.0959 1884 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
18:09:48.0959 1884 vmbus - ok
18:09:48.0974 1884 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
18:09:48.0974 1884 VMBusHID - ok
18:09:48.0990 1884 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:09:49.0005 1884 volmgr - ok
18:09:49.0005 1884 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:09:49.0021 1884 volmgrx - ok
18:09:49.0037 1884 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:09:49.0037 1884 volsnap - ok
18:09:49.0068 1884 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
18:09:49.0068 1884 vsmraid - ok
18:09:49.0130 1884 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
18:09:49.0161 1884 VSS - ok
18:09:49.0177 1884 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
18:09:49.0177 1884 vwifibus - ok
18:09:49.0208 1884 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
18:09:49.0224 1884 vwififlt - ok
18:09:49.0239 1884 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
18:09:49.0255 1884 W32Time - ok
18:09:49.0271 1884 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
18:09:49.0271 1884 WacomPen - ok
18:09:49.0302 1884 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:09:49.0317 1884 WANARP - ok
18:09:49.0317 1884 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:09:49.0317 1884 Wanarpv6 - ok
18:09:49.0380 1884 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
18:09:49.0442 1884 WatAdminSvc - ok
18:09:49.0489 1884 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
18:09:49.0520 1884 wbengine - ok
18:09:49.0551 1884 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:09:49.0551 1884 WbioSrvc - ok
18:09:49.0614 1884 [ 70FF13D0C853ACEA859737EC8A8D220F ] WCMVCAM C:\Windows\system32\DRIVERS\wcmvcam.sys
18:09:49.0629 1884 WCMVCAM - ok
18:09:49.0645 1884 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:09:49.0676 1884 wcncsvc - ok
18:09:49.0692 1884 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:09:49.0692 1884 WcsPlugInService - ok
18:09:49.0723 1884 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\drivers\wd.sys
18:09:49.0723 1884 Wd - ok
18:09:49.0785 1884 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:09:49.0801 1884 Wdf01000 - ok
18:09:49.0832 1884 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:09:49.0832 1884 WdiServiceHost - ok
18:09:49.0848 1884 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:09:49.0863 1884 WdiSystemHost - ok
18:09:49.0879 1884 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
18:09:49.0895 1884 WebClient - ok
18:09:49.0910 1884 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:09:49.0926 1884 Wecsvc - ok
18:09:49.0941 1884 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:09:49.0941 1884 wercplsupport - ok
18:09:49.0973 1884 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
18:09:49.0973 1884 WerSvc - ok
18:09:50.0019 1884 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:09:50.0019 1884 WfpLwf - ok
18:09:50.0035 1884 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:09:50.0035 1884 WIMMount - ok
18:09:50.0097 1884 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
18:09:50.0113 1884 WinDefend - ok
18:09:50.0129 1884 WinHttpAutoProxySvc - ok
18:09:50.0175 1884 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:09:50.0175 1884 Winmgmt - ok
18:09:50.0222 1884 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
18:09:50.0253 1884 WinRM - ok
18:09:50.0316 1884 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
18:09:50.0316 1884 WinUsb - ok
18:09:50.0347 1884 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
18:09:50.0378 1884 Wlansvc - ok
18:09:50.0394 1884 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
18:09:50.0394 1884 WmiAcpi - ok
18:09:50.0409 1884 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:09:50.0425 1884 wmiApSrv - ok
18:09:50.0487 1884 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
18:09:50.0487 1884 WMPNetworkSvc - ok
18:09:50.0519 1884 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:09:50.0519 1884 WPCSvc - ok
18:09:50.0534 1884 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:09:50.0534 1884 WPDBusEnum - ok
18:09:50.0565 1884 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:09:50.0565 1884 ws2ifsl - ok
18:09:50.0581 1884 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
18:09:50.0581 1884 wscsvc - ok
18:09:50.0597 1884 WSearch - ok
18:09:50.0659 1884 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
18:09:50.0721 1884 wuauserv - ok
18:09:50.0753 1884 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:09:50.0753 1884 WudfPf - ok
18:09:50.0768 1884 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:09:50.0768 1884 WUDFRd - ok
18:09:50.0815 1884 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:09:50.0815 1884 wudfsvc - ok
18:09:50.0846 1884 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
18:09:50.0846 1884 WwanSvc - ok
18:09:50.0909 1884 ================ Scan global ===============================
18:09:50.0940 1884 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
18:09:50.0971 1884 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
18:09:51.0002 1884 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
18:09:51.0033 1884 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
18:09:51.0065 1884 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
18:09:51.0065 1884 [Global] - ok
18:09:51.0065 1884 ================ Scan MBR ==================================
18:09:51.0080 1884 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:09:51.0299 1884 \Device\Harddisk0\DR0 - ok
18:09:51.0299 1884 ================ Scan VBR ==================================
18:09:51.0314 1884 [ B09CB7D81E49BC77760CA91F8810E25F ] \Device\Harddisk0\DR0\Partition1
18:09:51.0314 1884 \Device\Harddisk0\DR0\Partition1 - ok
18:09:51.0330 1884 [ 815A5341D82E462CD821A7BB77AE7FF7 ] \Device\Harddisk0\DR0\Partition2
18:09:51.0330 1884 \Device\Harddisk0\DR0\Partition2 - ok
18:09:51.0361 1884 [ F8E960094945A98AA8078BD3438ACDB9 ] \Device\Harddisk0\DR0\Partition3
18:09:51.0361 1884 \Device\Harddisk0\DR0\Partition3 - ok
18:09:51.0361 1884 ============================================================
18:09:51.0361 1884 Scan finished
18:09:51.0361 1884 ============================================================
18:09:51.0377 1576 Detected object count: 0
18:09:51.0377 1576 Actual detected object count: 0
18:11:02.0088 2380 Deinitialize success


##################################################################################
##################################################################################
##################################################################################
##################################################################################
##################################################################################

ComboFix 13-02-15.01 - Honza 17.02.2013 18:16:24.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.3071.2102 [GMT 1:00]
Spuštěný z: c:\users\Honza\Downloads\ComboFix.exe
AV: ESET Smart Security 5.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 5.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\programdata\continuetosave
c:\programdata\continuetosave\51176fb7eede9.tlb
c:\programdata\continuetosave\settings.ini
c:\windows\IsUn0407.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-17 do 2013-02-17 )))))))))))))))))))))))))))))))
.
.
2013-02-17 17:22 . 2013-02-17 17:22 -------- d-----w- c:\users\Honza\AppData\Local\temp
2013-02-17 17:22 . 2013-02-17 17:22 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-02-16 19:43 . 2013-01-18 11:17 6991832 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{03E4E262-4FAF-45D6-BA13-D3513995EF7D}\mpengine.dll
2013-02-16 13:54 . 2013-02-16 13:54 388096 ----a-r- c:\users\Honza\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-02-16 13:54 . 2013-02-16 13:54 -------- d-----w- c:\program files\Trend Micro
2013-02-16 13:21 . 2013-02-16 13:21 -------- d-----w- c:\users\Honza\AppData\Roaming\Malwarebytes
2013-02-16 13:21 . 2013-02-16 13:21 -------- d-----w- c:\programdata\Malwarebytes
2013-02-16 13:21 . 2013-02-16 13:21 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-02-16 13:21 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-02-16 13:21 . 2013-02-16 13:21 -------- d-----w- c:\users\Honza\AppData\Local\Programs
2013-02-14 08:41 . 2013-02-14 08:41 -------- d-----w- c:\program files\Common Files\Skype
2013-02-14 08:40 . 2013-02-14 08:41 -------- d-----r- c:\program files\Skype
2013-02-13 14:35 . 2013-02-13 14:35 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-02-13 14:35 . 2013-02-13 14:35 -------- d-----w- c:\program files\Java
2013-02-13 12:55 . 2013-01-04 03:00 2347008 ----a-w- c:\windows\system32\win32k.sys
2013-02-13 12:55 . 2013-01-05 05:00 3967848 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-02-13 12:55 . 2013-01-05 05:00 3913064 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-13 12:55 . 2013-01-03 05:05 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-13 12:55 . 2013-01-03 05:04 187752 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-13 12:55 . 2013-01-04 04:50 169984 ----a-w- c:\windows\system32\winsrv.dll
2013-02-11 20:27 . 2013-02-11 20:27 -------- d-----w- c:\program files\KK
2013-02-11 07:20 . 2013-02-11 07:20 -------- d-----w- c:\program files\Bus Driver
2013-02-10 19:25 . 2013-02-10 19:27 -------- d-----w- c:\program files\Punské války
2013-02-10 12:46 . 2013-02-10 12:46 -------- d-----w- c:\program files\Castle Strike
2013-02-10 11:43 . 2013-02-10 11:43 -------- d-----w- c:\users\Honza\AppData\Roaming\dvdcss
2013-02-02 08:22 . 2013-02-02 08:23 -------- d-----w- c:\users\Honza\AppData\Roaming\ExpressFiles
2013-02-02 08:22 . 2013-02-02 08:23 -------- d-----w- c:\program files\ExpressFiles
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-13 14:35 . 2012-09-29 14:24 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-02-13 14:35 . 2012-09-29 14:24 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-02-10 07:14 . 2012-06-07 13:24 74096 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-10 07:14 . 2012-06-07 13:24 697712 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-01-17 00:28 . 2012-06-06 18:49 232336 ------w- c:\windows\system32\MpSigStub.exe
2012-12-26 18:51 . 2012-12-26 18:51 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2012-12-16 14:13 . 2012-12-22 09:27 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-22 09:27 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-07 12:26 . 2013-01-10 17:58 308736 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 12:20 . 2013-01-10 17:58 2576384 ----a-w- c:\windows\system32\gameux.dll
2012-12-07 10:46 . 2013-01-10 17:58 43520 ----a-w- c:\windows\system32\csrr.rs
2012-12-07 10:46 . 2013-01-10 17:58 30720 ----a-w- c:\windows\system32\usk.rs
2012-12-07 10:46 . 2013-01-10 17:58 45568 ----a-w- c:\windows\system32\oflc-nz.rs
2012-12-07 10:46 . 2013-01-10 17:58 44544 ----a-w- c:\windows\system32\pegibbfc.rs
2012-12-07 10:46 . 2013-01-10 17:58 20480 ----a-w- c:\windows\system32\pegi-pt.rs
2012-12-07 10:46 . 2013-01-10 17:58 23552 ----a-w- c:\windows\system32\oflc.rs
2012-12-07 10:46 . 2013-01-10 17:58 20480 ----a-w- c:\windows\system32\pegi-fi.rs
2012-12-07 10:46 . 2013-01-10 17:58 46592 ----a-w- c:\windows\system32\fpb.rs
2012-12-07 10:46 . 2013-01-10 17:58 20480 ----a-w- c:\windows\system32\pegi.rs
2012-12-07 10:46 . 2013-01-10 17:58 21504 ----a-w- c:\windows\system32\grb.rs
2012-12-07 10:46 . 2013-01-10 17:58 40960 ----a-w- c:\windows\system32\cob-au.rs
2012-12-07 10:46 . 2013-01-10 17:58 15360 ----a-w- c:\windows\system32\djctq.rs
2012-12-07 10:46 . 2013-01-10 17:58 55296 ----a-w- c:\windows\system32\cero.rs
2012-12-07 10:46 . 2013-01-10 17:58 51712 ----a-w- c:\windows\system32\esrb.rs
2012-11-30 04:47 . 2013-01-10 17:59 293376 ----a-w- c:\windows\system32\KernelBase.dll
2012-11-30 04:45 . 2013-01-10 17:59 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-30 04:45 . 2013-01-10 17:59 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-30 04:45 . 2013-01-10 17:59 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-11-30 04:45 . 2013-01-10 17:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-11-30 04:45 . 2013-01-10 17:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-11-30 04:45 . 2013-01-10 17:59 4096 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-11-30 04:45 . 2013-01-10 17:59 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-30 04:45 . 2013-01-10 17:59 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-30 04:45 . 2013-01-10 17:59 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-30 04:45 . 2013-01-10 17:59 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-11-30 04:45 . 2013-01-10 17:59 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-11-30 04:45 . 2013-01-10 17:59 3584 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-11-30 04:45 . 2013-01-10 17:59 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-11-30 04:45 . 2013-01-10 17:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-11-30 04:45 . 2013-01-10 17:59 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-11-30 04:45 . 2013-01-10 17:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-11-30 04:45 . 2013-01-10 17:59 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-11-30 04:45 . 2013-01-10 17:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-11-30 04:45 . 2013-01-10 17:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-11-30 04:45 . 2013-01-10 17:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-11-30 04:45 . 2013-01-10 17:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-11-30 04:45 . 2013-01-10 17:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-11-30 04:45 . 2013-01-10 17:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-11-30 04:45 . 2013-01-10 17:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-11-30 02:55 . 2013-01-10 17:59 271360 ----a-w- c:\windows\system32\conhost.exe
2012-11-30 02:38 . 2013-01-10 17:59 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38 . 2013-01-10 17:59 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38 . 2013-01-10 17:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-11-30 02:38 . 2013-01-10 17:59 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-23 02:48 . 2013-01-10 17:58 49152 ----a-w- c:\windows\system32\taskhost.exe
2012-11-22 04:45 . 2013-01-10 17:59 626688 ----a-w- c:\windows\system32\usp10.dll
2012-11-20 04:51 . 2013-01-10 17:58 220160 ----a-w- c:\windows\system32\ncrypt.dll
2013-02-07 18:50 . 2013-02-07 18:50 262552 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WebcamMaxAutoRun"="c:\program files\WebcamMax\wcmmon.exe" [2011-07-17 1038848]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2012-06-06 8120864]
"ITSecMng"="c:\program files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2009-07-22 83336]
"MGSysCtrl"="c:\program files\System Control Manager\MGSysCtrl.exe" [2009-11-06 2244608]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2012-03-07 3117344]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2009-11-5 2717024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-07-28 23:08 1259376 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EvolveClient]
2012-10-27 16:35 2677272 ----a-w- c:\program files\Echobit\Evolve\EvolveClient.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USBToolTip]
2007-02-20 09:07 199752 ----a-w- c:\progra~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" -autorun
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 EvoSvc;Evolve Service;c:\program files\Echobit\Evolve\EvoSvc.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [x]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [x]
S2 Micro Star SCM;Micro Star SCM;c:\program files\System Control Manager\MSIService.exe [x]
S2 WCMVCAM;WebcamMax, WDM Video Capture;c:\windows\system32\DRIVERS\wcmvcam.sys [x]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [x]
S3 EvolveVirtualAdapter;Evolve Virtual Miniport Driver;c:\windows\system32\DRIVERS\evolve.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - 86179916
*Deregistered* - 86179916
.
Obsah adresáře 'Naplánované úlohy'
.
2013-02-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-07 07:14]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Upload to Facebook - c:\program files\WebcamMax\share\iecontext.htm
TCP: DhcpNameServer = 192.168.100.1
FF - ProfilePath - c:\users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\6i0ijlsi.default\
FF - prefs.js: browser.startup.homepage - www.google.com
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{7473B6BD-4691-4744-A82B-7854EB3D70B6} - (no file)
MSConfigStartUp-PSQLLauncher - c:\program files\Protector Suite\launcher.exe
AddRemove-Gothic-Patch 1.07c - c:\windows\IsUn0407.exe
AddRemove-{72BCFF41-70C4-5DE9-23B1-55EFDE12F5FD} - c:\progra~2\INSTAL~1\{D4B71~1\Setup.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1037132348-4039235223-4209008453-1000\Software\SecuROM\License information*]
"datasecu"=hex:63,8f,c4,db,e5,60,a5,c9,99,38,b0,f6,3f,de,77,09,21,d6,5b,ae,a8,
0f,5c,09,d3,cd,59,72,36,f5,c0,ff,6d,d2,3d,a3,49,42,3c,e7,c0,f5,65,c0,7a,4e,\
"rkeysecu"=hex:b2,43,37,92,48,84,a8,e5,a1,c2,54,f4,81,3f,c0,3e
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-02-17 18:24:58
ComboFix-quarantined-files.txt 2013-02-17 17:24
.
Před spuštěním: Volných bajtů: 31 031 394 304
Po spuštění: Volných bajtů: 30 933 626 880
.
- - End Of File - - 9FD1AE389D6986BE7A178A4DA765CCD0

[Žbeky]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::

Folder::
c:\program files\Skype\Updater

Driver::
SkypeUpdate

RegNull::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

Reglock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.


- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu