Vir v pc prosím o kontrolu. Vyřešeno

[da.backer]

Zdravím,

vkládám a prosím o kontrolu viz.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:00:08, on 31.8.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Programy\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Programy\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Programy\Mozilla Firefox\firefox.exe
C:\Programy\HJT\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programy\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programy\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "C:\Programy\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Programy\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1110657789-3488068037-277117737-1006\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1110657789-3488068037-277117737-1006\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Programy\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9567 bytes

[Reklama]

[memphisto]

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

[da.backer]

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2013.08.31.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
01 :: 01-PC [administrátor]

31.8.2013 19:35:36
MBAM-log-2013-08-31 (19-41-06).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 243832
Uplynulý čas: 1 minut, 40 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 3
C:\Users\01\AppData\Local\Temp\PIPInstaller_PTV_.exe (PUP.Optional.BundledToolBar.A) -> Nebyla provedena žádná instrukce.
C:\Users\01\Local Settings\Temporary Internet Files\Content.IE5\KV0PRWD9\Offercast2802_PTV_[1].exe (PUP.Optional.BundledToolBar.A) -> Nebyla provedena žádná instrukce.
C:\Windows\inf\ntvdm.inf (Malware.Trace) -> Nebyla provedena žádná instrukce.

(konec)


a

# AdwCleaner v3.001 - Report created 31/08/2013 at 19:43:06
# Updated 24/08/2013 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : 01 - 01-PC
# Running from : C:\Users\01\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : APNMCP

***** [ Files / Folders ] *****

File Found : C:\Users\01\AppData\Roaming\Mozilla\Firefox\Profiles\icb01p6r.default\searchplugins\Askcom.xml
Folder Found : C:\Users\01\AppData\Roaming\Mozilla\Firefox\Profiles\icb01p6r.default\Extensions\toolbar@ask.com
Folder Found C:\Program Files (x86)\AskPartnerNetwork
Folder Found C:\ProgramData\apn
Folder Found C:\ProgramData\AskPartnerNetwork
Folder Found C:\Users\01\AppData\Local\Temp\apn

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AskPartnerNetwork
Key Found : [x64] HKCU\Software\AskPartnerNetwork
Key Found : HKLM\Software\AskPartnerNetwork
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16421


-\\ Mozilla Firefox v23.0.1 (cs)

[ File : C:\Users\01\AppData\Roaming\Mozilla\Firefox\Profiles\icb01p6r.default\prefs.js ]

Line Found : user_pref("browser.search.defaultengine", "Ask.com");
Line Found : user_pref("browser.search.order.1", "Ask.com");
Line Found : user_pref("extensions.BabylonToolbar_i.newTab", true);
Line Found : user_pref("extensions.BabylonToolbar_i.newTabUrl", "about:home");
Line Found : user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"wrc@avast.com\":{\"descriptor\":\"C:\\\\Programy\\\\AVAST Software\\\\Avast\\\\WebRep\\\\FF\",\"mtime\":13778495630[...]
Line Found : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"I[...]
Line Found : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
Line Found : user_pref("extensions.wrc.SearchRules.rambler.ru.style", ".WRCN {display:none} .search-results .title + .WRCN {display:inline !important; background: url(\"IMAGE\") right no-repeat}");

*************************

AdwCleaner[R0].txt - [2341 octets] - [31/08/2013 19:43:06]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [2401 octets] ##########

[memphisto]

V obou nech vše smazat a dodej logy po smazání

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

Stáhni si Junkware Removal Tool

na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

[da.backer]

Děkuji.

RogueKiller V8.6.7 _x64_ [Aug 28 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : 01 [Práva správce]
Mód : Kontrola -- Datum : 08/31/2013 21:30:33
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 7 ¤¤¤
[HJ POL] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ POL] HKLM\[...]\System : EnableLUA (0) -> NALEZENO
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> NALEZENO
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 2 ¤¤¤
[FF][PROXY] icb01p6r.default : user_pref("network.proxy.hxxp", "212.160.138"); -> NALEZENO
[FF][PROXY] icb01p6r.default : user_pref("network.proxy.hxxp_port", 237); -> NALEZENO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ATA SAMSUNG HD103UJ SCSI Disk Device +++++
--- User ---
[MBR] dcb1ecf708f313b136217e60a05a564e
[BSP] 87425aee79057c48a70c8fd6c5c8da41 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 953766 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_08312013_213033.txt >>


a

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.6 (08.30.2013:1)
OS: Windows 7 Professional x64
Ran by 01 on so 31.08.2013 at 21:31:39,75
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APNSetup_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APNSetup_RASMANCS
Successfully deleted: [Registry Key] "hkey_current_user\software\askpartnernetwork"
Successfully deleted: [Registry Key] "hkey_local_machine\software\askpartnernetwork"



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\ProgramData\AskPartnerNetwork"
Successfully deleted: [Folder] "C:\Program Files (x86)\askpartnernetwork"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 31.08.2013 at 21:37:12,33
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[da.backer]

Ještě musím napsat jestli nevadí že ten původní soubor ntvdm.vbe dal avast do truhly. Od té doby se ta hláška neobjevuje.

[jaro3]

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Vymazat-Clean“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

. Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujisti se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Můžeš sem pak vložit nový log z MbAM.

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.

Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "

- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje "Smazání skončeno "
- Klikni na "Zprávy " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.

[da.backer]

# AdwCleaner v3.001 - Report created 01/09/2013 at 14:01:01
# Updated 24/08/2013 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : 01 - 01-PC
# Running from : C:\Users\01\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : APNMCP

***** [ Files / Folders ] *****

Folder Deleted : C:\Users\01\AppData\Local\Temp\apn
Folder Deleted : C:\Users\01\AppData\Roaming\Mozilla\Firefox\Profiles\icb01p6r.default\Extensions\toolbar@ask.com
File Deleted : C:\Users\01\AppData\Roaming\Mozilla\Firefox\Profiles\icb01p6r.default\searchplugins\Askcom.xml

***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16421


-\\ Mozilla Firefox v23.0.1 (cs)

[ File : C:\Users\01\AppData\Roaming\Mozilla\Firefox\Profiles\icb01p6r.default\prefs.js ]

Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Line Deleted : user_pref("browser.search.order.1", "Ask.com");
Line Deleted : user_pref("extensions.BabylonToolbar_i.newTab", true);
Line Deleted : user_pref("extensions.BabylonToolbar_i.newTabUrl", "about:home");
Line Deleted : user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"wrc@avast.com\":{\"descriptor\":\"C:\\\\Programy\\\\AVAST Software\\\\Avast\\\\WebRep\\\\FF\",\"mtime\":13778495630[...]
Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"I[...]
Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
Line Deleted : user_pref("extensions.wrc.SearchRules.rambler.ru.style", ".WRCN {display:none} .search-results .title + .WRCN {display:inline !important; background: url(\"IMAGE\") right no-repeat}");

*************************

AdwCleaner[R0].txt - [2485 octets] - [31/08/2013 19:43:06]
AdwCleaner[R1].txt - [2143 octets] - [01/09/2013 14:00:07]
AdwCleaner[S0].txt - [2094 octets] - [01/09/2013 14:01:01]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2154 octets] ##########


a

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2013.08.31.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
01 :: 01-PC [administrátor]

1.9.2013 14:14:19
mbam-log-2013-09-01 (14-14-19).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 243658
Uplynulý čas: 1 minut, 42 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 3
C:\Users\01\AppData\Local\Temp\PIPInstaller_PTV_.exe (PUP.Optional.BundledToolBar.A) -> Přesun do karantény a smazání se zdařilo.
C:\Users\01\Local Settings\Temporary Internet Files\Content.IE5\KV0PRWD9\Offercast2802_PTV_[1].exe (PUP.Optional.BundledToolBar.A) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\inf\ntvdm.inf (Malware.Trace) -> Přesun do karantény a smazání se zdařilo.

(konec)


a

[da.backer]

14:39:14.0891 4700 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
14:39:15.0047 4700 ============================================================
14:39:15.0047 4700 Current date / time: 2013/09/01 14:39:15.0047
14:39:15.0047 4700 SystemInfo:
14:39:15.0047 4700
14:39:15.0047 4700 OS Version: 6.1.7601 ServicePack: 1.0
14:39:15.0047 4700 Product type: Workstation
14:39:15.0047 4700 ComputerName:
14:39:15.0048 4700 UserName:
14:39:15.0048 4700 Windows directory: C:\Windows
14:39:15.0048 4700 System windows directory: C:\Windows
14:39:15.0048 4700 Running under WOW64
14:39:15.0048 4700 Processor architecture: Intel x64
14:39:15.0048 4700 Number of processors: 4
14:39:15.0048 4700 Page size: 0x1000
14:39:15.0048 4700 Boot type: Normal boot
14:39:15.0048 4700 ============================================================
14:39:16.0521 4700 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0CADE00 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1F8B1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
14:39:16.0533 4700 ============================================================
14:39:16.0533 4700 \Device\Harddisk0\DR0:
14:39:16.0533 4700 MBR partitions:
14:39:16.0533 4700 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
14:39:16.0533 4700 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3000
14:39:16.0533 4700 ============================================================
14:39:16.0563 4700 C: <-> \Device\Harddisk0\DR0\Partition2
14:39:16.0563 4700 ============================================================
14:39:16.0563 4700 Initialize success
14:39:16.0563 4700 ============================================================
14:39:19.0205 1832 ============================================================
14:39:19.0205 1832 Scan started
14:39:19.0205 1832 Mode: Manual;
14:39:19.0205 1832 ============================================================
14:39:20.0205 1832 ================ Scan system memory ========================
14:39:20.0205 1832 System memory - ok
14:39:20.0206 1832 ================ Scan services =============================
14:39:20.0519 1832 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:39:20.0525 1832 1394ohci - ok
14:39:20.0542 1832 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:39:20.0549 1832 ACPI - ok
14:39:20.0554 1832 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:39:20.0555 1832 AcpiPmi - ok
14:39:20.0575 1832 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
14:39:20.0584 1832 adp94xx - ok
14:39:20.0595 1832 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
14:39:20.0602 1832 adpahci - ok
14:39:20.0609 1832 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
14:39:20.0613 1832 adpu320 - ok
14:39:20.0634 1832 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:39:20.0636 1832 AeLookupSvc - ok
14:39:20.0667 1832 [ D5B031C308A409A0A576BFF4CF083D30 ] AFD C:\Windows\system32\drivers\afd.sys
14:39:20.0675 1832 AFD - ok
14:39:20.0681 1832 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
14:39:20.0683 1832 agp440 - ok
14:39:20.0697 1832 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
14:39:20.0699 1832 ALG - ok
14:39:20.0704 1832 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
14:39:20.0706 1832 aliide - ok
14:39:20.0711 1832 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
14:39:20.0712 1832 amdide - ok
14:39:20.0717 1832 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
14:39:20.0719 1832 AmdK8 - ok
14:39:20.0725 1832 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
14:39:20.0727 1832 AmdPPM - ok
14:39:20.0730 1832 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:39:20.0732 1832 amdsata - ok
14:39:20.0746 1832 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
14:39:20.0749 1832 amdsbs - ok
14:39:20.0752 1832 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:39:20.0753 1832 amdxata - ok
14:39:20.0755 1832 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
14:39:20.0757 1832 AppID - ok
14:39:20.0769 1832 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:39:20.0774 1832 AppIDSvc - ok
14:39:20.0797 1832 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
14:39:20.0798 1832 Appinfo - ok
14:39:20.0816 1832 [ 1C726705935E89FD59E652E4F09148D0 ] AppleCharger C:\Windows\system32\DRIVERS\AppleCharger.sys
14:39:20.0816 1832 AppleCharger - ok
14:39:20.0821 1832 [ 95EF7247C50C7241FDAE39A9B3AFF4AE ] AppleChargerSrv C:\Windows\system32\AppleChargerSrv.exe
14:39:20.0824 1832 AppleChargerSrv - ok
14:39:20.0859 1832 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
14:39:20.0864 1832 AppMgmt - ok
14:39:20.0871 1832 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
14:39:20.0874 1832 arc - ok
14:39:20.0880 1832 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
14:39:20.0882 1832 arcsas - ok
14:39:21.0089 1832 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:39:21.0110 1832 aspnet_state - ok
14:39:21.0130 1832 [ 0BAEFD3F648C6E7AB52990DD9565E4E2 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
14:39:21.0131 1832 aswFsBlk - ok
14:39:21.0153 1832 [ FA562F34ED6633C66170B09182B4C049 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
14:39:21.0155 1832 aswMonFlt - ok
14:39:21.0177 1832 [ 64E2BAB4096C13D2342BC4661C967E07 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
14:39:21.0178 1832 aswRdr - ok
14:39:21.0183 1832 [ 5573AA70993A2BB81525B1C704B88763 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
14:39:21.0184 1832 aswRvrt - ok
14:39:21.0218 1832 [ 8C0800CDB501CFC1164B286A0478DC10 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
14:39:21.0230 1832 aswSnx - ok
14:39:21.0252 1832 [ 3815DB16CDA62190F5C0A65118F3D714 ] aswSP C:\Windows\system32\drivers\aswSP.sys
14:39:21.0254 1832 aswSP - ok
14:39:21.0266 1832 [ 29DD8E458A84171202AA4979364C30C0 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
14:39:21.0267 1832 aswTdi - ok
14:39:21.0283 1832 [ 22F521108881DC59837F6FC614E0568F ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
14:39:21.0285 1832 aswVmm - ok
14:39:21.0290 1832 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:39:21.0291 1832 AsyncMac - ok
14:39:21.0294 1832 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
14:39:21.0295 1832 atapi - ok
14:39:21.0315 1832 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:39:21.0325 1832 AudioEndpointBuilder - ok
14:39:21.0336 1832 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:39:21.0342 1832 AudioSrv - ok
14:39:21.0519 1832 [ F431DC5D94F4B2FDBC927655D8A9B10E ] Autodesk Content Service C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
14:39:21.0523 1832 Autodesk Content Service - ok
14:39:21.0593 1832 [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Programy\AVAST Software\Avast\AvastSvc.exe
14:39:21.0594 1832 avast! Antivirus - ok
14:39:21.0609 1832 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:39:21.0613 1832 AxInstSV - ok
14:39:21.0634 1832 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
14:39:21.0642 1832 b06bdrv - ok
14:39:21.0655 1832 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:39:21.0660 1832 b57nd60a - ok
14:39:21.0677 1832 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
14:39:21.0679 1832 BDESVC - ok
14:39:21.0684 1832 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
14:39:21.0684 1832 Beep - ok
14:39:21.0719 1832 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
14:39:21.0730 1832 BFE - ok
14:39:21.0767 1832 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
14:39:21.0784 1832 BITS - ok
14:39:21.0795 1832 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:39:21.0797 1832 blbdrive - ok
14:39:21.0802 1832 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:39:21.0804 1832 bowser - ok
14:39:21.0808 1832 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
14:39:21.0809 1832 BrFiltLo - ok
14:39:21.0814 1832 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
14:39:21.0815 1832 BrFiltUp - ok
14:39:21.0826 1832 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
14:39:21.0830 1832 Browser - ok
14:39:21.0845 1832 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:39:21.0849 1832 Brserid - ok
14:39:21.0852 1832 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:39:21.0853 1832 BrSerWdm - ok
14:39:21.0855 1832 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:39:21.0856 1832 BrUsbMdm - ok
14:39:21.0858 1832 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:39:21.0859 1832 BrUsbSer - ok
14:39:21.0862 1832 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
14:39:21.0863 1832 BTHMODEM - ok
14:39:21.0875 1832 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
14:39:21.0877 1832 bthserv - ok
14:39:21.0881 1832 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:39:21.0882 1832 cdfs - ok
14:39:21.0886 1832 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:39:21.0887 1832 cdrom - ok
14:39:21.0908 1832 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
14:39:21.0910 1832 CertPropSvc - ok
14:39:21.0913 1832 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
14:39:21.0914 1832 circlass - ok
14:39:21.0930 1832 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
14:39:21.0937 1832 CLFS - ok
14:39:22.0015 1832 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:39:22.0019 1832 clr_optimization_v2.0.50727_32 - ok
14:39:22.0081 1832 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:39:22.0085 1832 clr_optimization_v2.0.50727_64 - ok
14:39:22.0244 1832 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:39:22.0249 1832 clr_optimization_v4.0.30319_32 - ok
14:39:22.0256 1832 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:39:22.0278 1832 clr_optimization_v4.0.30319_64 - ok
14:39:22.0282 1832 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
14:39:22.0283 1832 CmBatt - ok
14:39:22.0286 1832 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:39:22.0288 1832 cmdide - ok
14:39:22.0310 1832 [ C4943B6C962E4B82197542447AD599F4 ] CNG C:\Windows\system32\Drivers\cng.sys
14:39:22.0317 1832 CNG - ok
14:39:22.0321 1832 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
14:39:22.0322 1832 Compbatt - ok
14:39:22.0335 1832 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
14:39:22.0336 1832 CompositeBus - ok
14:39:22.0339 1832 COMSysApp - ok
14:39:22.0511 1832 [ E41C4FB1D9971409E17D61F45A228121 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
14:39:22.0519 1832 cphs - ok
14:39:22.0525 1832 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
14:39:22.0527 1832 crcdisk - ok
14:39:22.0552 1832 [ 15597883FBE9B056F276ADA3AD87D9AF ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:39:22.0556 1832 CryptSvc - ok
14:39:22.0586 1832 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
14:39:22.0594 1832 CSC - ok
14:39:22.0611 1832 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
14:39:22.0622 1832 CscService - ok
14:39:22.0645 1832 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:39:22.0657 1832 DcomLaunch - ok
14:39:22.0674 1832 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
14:39:22.0681 1832 defragsvc - ok
14:39:22.0686 1832 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:39:22.0688 1832 DfsC - ok
14:39:22.0714 1832 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
14:39:22.0721 1832 Dhcp - ok
14:39:22.0725 1832 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
14:39:22.0727 1832 discache - ok
14:39:22.0738 1832 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
14:39:22.0739 1832 Disk - ok
14:39:22.0762 1832 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
14:39:22.0764 1832 dmvsc - ok
14:39:22.0784 1832 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:39:22.0789 1832 Dnscache - ok
14:39:22.0810 1832 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
14:39:22.0815 1832 dot3svc - ok
14:39:22.0836 1832 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
14:39:22.0840 1832 DPS - ok
14:39:22.0853 1832 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:39:22.0855 1832 drmkaud - ok
14:39:22.0892 1832 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:39:22.0903 1832 DXGKrnl - ok
14:39:22.0921 1832 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
14:39:22.0924 1832 EapHost - ok
14:39:22.0982 1832 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
14:39:23.0019 1832 ebdrv - ok
14:39:23.0038 1832 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
14:39:23.0041 1832 EFS - ok
14:39:23.0115 1832 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:39:23.0128 1832 ehRecvr - ok
14:39:23.0132 1832 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
14:39:23.0134 1832 ehSched - ok
14:39:23.0204 1832 [ BE2902E13CA69383F449B6BF927844FB ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
14:39:23.0205 1832 ElbyCDIO - ok
14:39:23.0234 1832 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
14:39:23.0245 1832 elxstor - ok
14:39:23.0250 1832 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:39:23.0252 1832 ErrDev - ok
14:39:23.0275 1832 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
14:39:23.0282 1832 EventSystem - ok
14:39:23.0294 1832 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
14:39:23.0298 1832 exfat - ok
14:39:23.0306 1832 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:39:23.0310 1832 fastfat - ok
14:39:23.0337 1832 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
14:39:23.0350 1832 Fax - ok
14:39:23.0354 1832 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
14:39:23.0356 1832 fdc - ok
14:39:23.0365 1832 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
14:39:23.0368 1832 fdPHost - ok
14:39:23.0373 1832 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
14:39:23.0376 1832 FDResPub - ok
14:39:23.0381 1832 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:39:23.0383 1832 FileInfo - ok
14:39:23.0387 1832 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:39:23.0389 1832 Filetrace - ok
14:39:23.0496 1832 [ 64AB6F28047744B9B19C97459C2AB31B ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
14:39:23.0518 1832 FLEXnet Licensing Service 64 - ok
14:39:23.0521 1832 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
14:39:23.0522 1832 flpydisk - ok
14:39:23.0527 1832 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:39:23.0530 1832 FltMgr - ok
14:39:23.0559 1832 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
14:39:23.0571 1832 FontCache - ok
14:39:23.0599 1832 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:39:23.0601 1832 FontCache3.0.0.0 - ok
14:39:23.0603 1832 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:39:23.0605 1832 FsDepends - ok
14:39:23.0607 1832 [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:39:23.0608 1832 Fs_Rec - ok
14:39:23.0616 1832 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:39:23.0620 1832 fvevol - ok
14:39:23.0625 1832 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
14:39:23.0628 1832 gagp30kx - ok
14:39:23.0631 1832 gdrv - ok
14:39:23.0658 1832 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
14:39:23.0672 1832 gpsvc - ok
14:39:23.0678 1832 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:39:23.0680 1832 hcw85cir - ok
14:39:23.0743 1832 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:39:23.0758 1832 HdAudAddService - ok
14:39:23.0801 1832 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
14:39:23.0808 1832 HDAudBus - ok
14:39:23.0834 1832 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
14:39:23.0851 1832 HidBatt - ok
14:39:23.0869 1832 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
14:39:23.0875 1832 HidBth - ok
14:39:23.0945 1832 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
14:39:23.0951 1832 HidIr - ok
14:39:23.0988 1832 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
14:39:23.0991 1832 hidserv - ok
14:39:24.0277 1832 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:39:24.0288 1832 HidUsb - ok
14:39:24.0318 1832 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:39:24.0334 1832 hkmsvc - ok
14:39:24.0370 1832 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:39:24.0377 1832 HomeGroupListener - ok
14:39:25.0051 1832 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:39:25.0057 1832 HomeGroupProvider - ok
14:39:25.0093 1832 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:39:25.0103 1832 HpSAMD - ok
14:39:25.0157 1832 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:39:25.0175 1832 HTTP - ok
14:39:25.0218 1832 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:39:25.0219 1832 hwpolicy - ok
14:39:25.0234 1832 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
14:39:25.0238 1832 i8042prt - ok
14:39:25.0292 1832 [ FA4C48E36F0B24E7E33D3E7E1844B9C9 ] iaStorA C:\Windows\system32\DRIVERS\iaStorA.sys
14:39:25.0301 1832 iaStorA - ok
14:39:25.0371 1832 [ D5854F77CEEAFC5A8405F8ECCBEC09DF ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
14:39:25.0374 1832 IAStorDataMgrSvc - ok
14:39:25.0387 1832 [ 05E24E2CA39C0D2FAADE8FC603345A7D ] iaStorF C:\Windows\system32\DRIVERS\iaStorF.sys
14:39:25.0387 1832 iaStorF - ok
14:39:25.0422 1832 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:39:25.0438 1832 iaStorV - ok
14:39:25.0524 1832 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
14:39:25.0552 1832 IDriverT - ok
14:39:25.0994 1832 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:39:26.0009 1832 idsvc - ok
14:39:26.0104 1832 [ 7209139C75C6765DFA42912B98672F0B ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
14:39:26.0142 1832 igfx - ok
14:39:26.0168 1832 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
14:39:26.0169 1832 iirsp - ok
14:39:26.0202 1832 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
14:39:26.0211 1832 IKEEXT - ok
14:39:26.0280 1832 [ 6CB00AE4D2CEF52995D420656E02C30A ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:39:26.0293 1832 IntcAzAudAddService - ok
14:39:26.0331 1832 [ 0E0B99617ED3FDB6C5F0E2D62709B5DF ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
14:39:26.0333 1832 IntcDAud - ok
14:39:26.0377 1832 [ DDA8E5AD97231AB50B81FED04C28F64C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
14:39:26.0387 1832 Intel(R) Capability Licensing Service Interface - ok
14:39:26.0434 1832 [ 86FE509640D77FB0998FC8B1FF5523C6 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
14:39:26.0450 1832 Intel(R) Capability Licensing Service TCP IP Interface - ok
14:39:26.0457 1832 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
14:39:26.0458 1832 intelide - ok
14:39:26.0461 1832 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:39:26.0462 1832 intelppm - ok
14:39:26.0490 1832 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:39:26.0493 1832 IPBusEnum - ok
14:39:26.0507 1832 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:39:26.0508 1832 IpFilterDriver - ok
14:39:26.0529 1832 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:39:26.0537 1832 iphlpsvc - ok
14:39:26.0541 1832 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:39:26.0543 1832 IPMIDRV - ok
14:39:26.0554 1832 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:39:26.0556 1832 IPNAT - ok
14:39:26.0559 1832 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:39:26.0560 1832 IRENUM - ok
14:39:26.0574 1832 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:39:26.0575 1832 isapnp - ok
14:39:26.0594 1832 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:39:26.0599 1832 iScsiPrt - ok
14:39:26.0623 1832 [ 897B93573F07C9CB1140516DAC44BC7E ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
14:39:26.0623 1832 iusb3hcs - ok
14:39:26.0649 1832 [ 2D15CEDF619796002E8640F73A4BF920 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
14:39:26.0655 1832 iusb3hub - ok
14:39:26.0678 1832 [ F1E93FE111924D0BC853155AADF8048B ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
14:39:26.0685 1832 iusb3xhc - ok
14:39:26.0729 1832 [ BF5D3A2624177C413680DEF19A465AF8 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
14:39:26.0734 1832 jhi_service - ok
14:39:26.0741 1832 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:39:26.0742 1832 kbdclass - ok
14:39:26.0748 1832 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:39:26.0750 1832 kbdhid - ok
14:39:26.0762 1832 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
14:39:26.0764 1832 KeyIso - ok
14:39:26.0786 1832 [ DA1E991A61CFDD755A589E206B97644B ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:39:26.0787 1832 KSecDD - ok
14:39:26.0792 1832 [ 7E33198D956943A4F11A5474C1E9106F ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:39:26.0794 1832 KSecPkg - ok
14:39:26.0796 1832 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:39:26.0797 1832 ksthunk - ok
14:39:26.0820 1832 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
14:39:26.0827 1832 KtmRm - ok
14:39:26.0846 1832 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
14:39:26.0851 1832 LanmanServer - ok
14:39:26.0871 1832 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:39:26.0880 1832 LanmanWorkstation - ok
14:39:26.0899 1832 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:39:26.0900 1832 lltdio - ok
14:39:26.0927 1832 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:39:26.0935 1832 lltdsvc - ok
14:39:26.0938 1832 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:39:26.0940 1832 lmhosts - ok
14:39:26.0971 1832 [ 02A9CBACE666877BBBA4FD66B22F6D4A ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
14:39:26.0974 1832 LMS - ok
14:39:26.0978 1832 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
14:39:26.0980 1832 LSI_FC - ok
14:39:26.0988 1832 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
14:39:26.0989 1832 LSI_SAS - ok
14:39:26.0992 1832 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
14:39:26.0993 1832 LSI_SAS2 - ok
14:39:27.0003 1832 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
14:39:27.0005 1832 LSI_SCSI - ok
14:39:27.0008 1832 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
14:39:27.0009 1832 luafv - ok
14:39:27.0024 1832 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:39:27.0026 1832 Mcx2Svc - ok
14:39:27.0028 1832 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
14:39:27.0029 1832 megasas - ok
14:39:27.0034 1832 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
14:39:27.0037 1832 MegaSR - ok
14:39:27.0066 1832 [ 2BB3EAE2EA641515D4B205CAB29E1624 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
14:39:27.0066 1832 MEIx64 - ok
14:39:27.0198 1832 Microsoft SharePoint Workspace Audit Service - ok
14:39:27.0216 1832 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
14:39:27.0222 1832 MMCSS - ok
14:39:27.0228 1832 [ BFFB0C93D9FB43CA42EF11C9240BFF7F ] Modem C:\Windows\system32\drivers\modem.sys
14:39:27.0231 1832 Modem - ok
14:39:27.0237 1832 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:39:27.0237 1832 monitor - ok
14:39:27.0240 1832 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:39:27.0241 1832 mouclass - ok
14:39:27.0244 1832 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:39:27.0245 1832 mouhid - ok
14:39:27.0255 1832 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:39:27.0256 1832 mountmgr - ok
14:39:27.0306 1832 [ A35576A433F4AEB0D48976A004657CB6 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:39:27.0310 1832 MozillaMaintenance - ok
14:39:27.0334 1832 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
14:39:27.0339 1832 mpio - ok
14:39:27.0345 1832 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:39:27.0348 1832 mpsdrv - ok
14:39:27.0389 1832 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:39:27.0408 1832 MpsSvc - ok
14:39:27.0416 1832 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:39:27.0419 1832 MRxDAV - ok
14:39:27.0424 1832 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:39:27.0427 1832 mrxsmb - ok
14:39:27.0433 1832 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:39:27.0437 1832 mrxsmb10 - ok
14:39:27.0441 1832 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:39:27.0443 1832 mrxsmb20 - ok
14:39:27.0446 1832 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
14:39:27.0447 1832 msahci - ok
14:39:27.0452 1832 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:39:27.0454 1832 msdsm - ok
14:39:27.0464 1832 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
14:39:27.0469 1832 MSDTC - ok
14:39:27.0475 1832 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:39:27.0476 1832 Msfs - ok
14:39:27.0479 1832 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:39:27.0480 1832 mshidkmdf - ok
14:39:27.0483 1832 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:39:27.0483 1832 msisadrv - ok
14:39:27.0505 1832 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:39:27.0509 1832 MSiSCSI - ok
14:39:27.0512 1832 msiserver - ok

[da.backer]

14:39:27.0526 1832 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:39:27.0527 1832 MSKSSRV - ok
14:39:27.0530 1832 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:39:27.0531 1832 MSPCLOCK - ok
14:39:27.0534 1832 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:39:27.0535 1832 MSPQM - ok
14:39:27.0546 1832 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:39:27.0550 1832 MsRPC - ok
14:39:27.0553 1832 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
14:39:27.0554 1832 mssmbios - ok
14:39:27.0556 1832 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:39:27.0557 1832 MSTEE - ok
14:39:27.0559 1832 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
14:39:27.0559 1832 MTConfig - ok
14:39:27.0562 1832 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
14:39:27.0562 1832 Mup - ok
14:39:27.0582 1832 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
14:39:27.0589 1832 napagent - ok
14:39:27.0607 1832 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:39:27.0611 1832 NativeWifiP - ok
14:39:27.0645 1832 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
14:39:27.0658 1832 NDIS - ok
14:39:27.0661 1832 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:39:27.0662 1832 NdisCap - ok
14:39:27.0673 1832 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:39:27.0674 1832 NdisTapi - ok
14:39:27.0677 1832 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:39:27.0678 1832 Ndisuio - ok
14:39:27.0682 1832 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:39:27.0685 1832 NdisWan - ok
14:39:27.0692 1832 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:39:27.0694 1832 NDProxy - ok
14:39:27.0696 1832 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:39:27.0697 1832 NetBIOS - ok
14:39:27.0703 1832 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:39:27.0706 1832 NetBT - ok
14:39:27.0716 1832 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
14:39:27.0718 1832 Netlogon - ok
14:39:27.0734 1832 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
14:39:27.0740 1832 Netman - ok
14:39:27.0905 1832 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:39:27.0910 1832 NetMsmqActivator - ok
14:39:27.0916 1832 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:39:27.0919 1832 NetPipeActivator - ok
14:39:27.0944 1832 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
14:39:27.0954 1832 netprofm - ok
14:39:27.0959 1832 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:39:27.0962 1832 NetTcpActivator - ok
14:39:27.0966 1832 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:39:27.0968 1832 NetTcpPortSharing - ok
14:39:28.0001 1832 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
14:39:28.0010 1832 nfrd960 - ok
14:39:28.0036 1832 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:39:28.0047 1832 NlaSvc - ok
14:39:28.0059 1832 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:39:28.0062 1832 Npfs - ok
14:39:28.0089 1832 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
14:39:28.0095 1832 nsi - ok
14:39:28.0101 1832 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:39:28.0103 1832 nsiproxy - ok
14:39:28.0346 1832 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:39:28.0375 1832 Ntfs - ok
14:39:28.0391 1832 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
14:39:28.0404 1832 Null - ok
14:39:28.0661 1832 [ 805F0C2B9C07E4C0F74D0EF70E9E827A ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
14:39:28.0664 1832 NVHDA - ok
14:39:29.0105 1832 [ 7A711D08F1FD1AB8149B6199F84A0EB7 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:39:29.0147 1832 nvlddmkm - ok
14:39:29.0226 1832 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:39:29.0242 1832 nvraid - ok
14:39:29.0419 1832 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:39:29.0427 1832 nvstor - ok
14:39:29.0500 1832 [ B9F3591981D761A5CA1D24C369764D96 ] nvsvc C:\Windows\system32\nvvsvc.exe
14:39:29.0513 1832 nvsvc - ok
14:39:29.0596 1832 [ 58D0F292AA32BB0D134BAB9F0B90904E ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
14:39:29.0613 1832 nvUpdatusService - ok
14:39:29.0628 1832 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:39:29.0635 1832 nv_agp - ok
14:39:29.0656 1832 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:39:29.0666 1832 ohci1394 - ok
14:39:29.0761 1832 [ 4965B005492CBA7719E82B71E3245495 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:39:29.0778 1832 ose64 - ok
14:39:31.0447 1832 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:39:31.0513 1832 osppsvc - ok
14:39:31.0621 1832 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:39:31.0632 1832 p2pimsvc - ok
14:39:31.0649 1832 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
14:39:31.0655 1832 p2psvc - ok
14:39:31.0943 1832 [ 836266D31F9B7920ED04C4775E401FBC ] PanService C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe
14:39:31.0951 1832 PanService - ok
14:39:31.0973 1832 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:39:31.0978 1832 Parport - ok
14:39:31.0990 1832 [ 871EADAC56B0A4C6512BBE32753CCF79 ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:39:32.0001 1832 partmgr - ok
14:39:32.0016 1832 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:39:32.0019 1832 PcaSvc - ok
14:39:32.0036 1832 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
14:39:32.0068 1832 pci - ok
14:39:32.0105 1832 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
14:39:32.0124 1832 pciide - ok
14:39:32.0216 1832 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
14:39:32.0228 1832 pcmcia - ok
14:39:32.0281 1832 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
14:39:32.0283 1832 pcw - ok
14:39:32.0426 1832 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:39:32.0440 1832 PEAUTH - ok
14:39:32.0497 1832 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
14:39:32.0512 1832 PeerDistSvc - ok
14:39:32.0779 1832 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:39:32.0782 1832 PerfHost - ok
14:39:32.0815 1832 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
14:39:32.0829 1832 pla - ok
14:39:32.0866 1832 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:39:32.0872 1832 PlugPlay - ok
14:39:32.0890 1832 PnkBstrA - ok
14:39:32.0911 1832 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:39:32.0915 1832 PNRPAutoReg - ok
14:39:32.0923 1832 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:39:32.0929 1832 PNRPsvc - ok
14:39:32.0953 1832 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:39:32.0962 1832 PolicyAgent - ok
14:39:32.0969 1832 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
14:39:32.0973 1832 Power - ok
14:39:32.0999 1832 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:39:33.0001 1832 PptpMiniport - ok
14:39:33.0009 1832 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
14:39:33.0011 1832 Processor - ok
14:39:33.0034 1832 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll
14:39:33.0039 1832 ProfSvc - ok
14:39:33.0057 1832 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:39:33.0059 1832 ProtectedStorage - ok
14:39:33.0075 1832 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:39:33.0076 1832 Psched - ok
14:39:33.0114 1832 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
14:39:33.0130 1832 ql2300 - ok
14:39:33.0134 1832 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
14:39:33.0136 1832 ql40xx - ok
14:39:33.0151 1832 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
14:39:33.0156 1832 QWAVE - ok
14:39:33.0159 1832 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:39:33.0160 1832 QWAVEdrv - ok
14:39:33.0163 1832 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:39:33.0164 1832 RasAcd - ok
14:39:33.0202 1832 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:39:33.0203 1832 RasAgileVpn - ok
14:39:33.0212 1832 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
14:39:33.0220 1832 RasAuto - ok
14:39:33.0227 1832 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:39:33.0231 1832 Rasl2tp - ok
14:39:33.0252 1832 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
14:39:33.0260 1832 RasMan - ok
14:39:33.0265 1832 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:39:33.0267 1832 RasPppoe - ok
14:39:33.0271 1832 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:39:33.0272 1832 RasSstp - ok
14:39:33.0289 1832 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:39:33.0294 1832 rdbss - ok
14:39:33.0297 1832 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:39:33.0299 1832 rdpbus - ok
14:39:33.0313 1832 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:39:33.0314 1832 RDPCDD - ok
14:39:33.0344 1832 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
14:39:33.0348 1832 RDPDR - ok
14:39:33.0351 1832 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:39:33.0352 1832 RDPENCDD - ok
14:39:33.0357 1832 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:39:33.0358 1832 RDPREFMP - ok
14:39:33.0364 1832 [ 15B66C206B5CB095BAB980553F38ED23 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:39:33.0367 1832 RDPWD - ok
14:39:33.0384 1832 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:39:33.0387 1832 rdyboost - ok
14:39:33.0408 1832 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:39:33.0412 1832 RemoteAccess - ok
14:39:33.0432 1832 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:39:33.0438 1832 RemoteRegistry - ok
14:39:33.0451 1832 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:39:33.0455 1832 RpcEptMapper - ok
14:39:33.0469 1832 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
14:39:33.0472 1832 RpcLocator - ok
14:39:33.0492 1832 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
14:39:33.0500 1832 RpcSs - ok
14:39:33.0504 1832 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:39:33.0505 1832 rspndr - ok
14:39:33.0541 1832 [ B358C047E081AC70035017BD1D7ED818 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
14:39:33.0552 1832 RTL8167 - ok
14:39:33.0575 1832 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
14:39:33.0577 1832 s3cap - ok
14:39:33.0580 1832 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
14:39:33.0583 1832 SamSs - ok
14:39:33.0595 1832 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:39:33.0597 1832 sbp2port - ok
14:39:33.0617 1832 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:39:33.0622 1832 SCardSvr - ok
14:39:33.0624 1832 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:39:33.0624 1832 scfilter - ok
14:39:33.0648 1832 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
14:39:33.0660 1832 Schedule - ok
14:39:33.0685 1832 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
14:39:33.0686 1832 SCPolicySvc - ok
14:39:33.0713 1832 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:39:33.0726 1832 SDRSVC - ok
14:39:33.0745 1832 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:39:33.0746 1832 secdrv - ok
14:39:33.0772 1832 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
14:39:33.0779 1832 seclogon - ok
14:39:33.0818 1832 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
14:39:33.0825 1832 SENS - ok
14:39:33.0837 1832 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:39:33.0845 1832 SensrSvc - ok
14:39:33.0866 1832 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:39:33.0867 1832 Serenum - ok
14:39:33.0882 1832 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:39:33.0884 1832 Serial - ok
14:39:33.0888 1832 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
14:39:33.0889 1832 sermouse - ok
14:39:33.0903 1832 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
14:39:33.0909 1832 SessionEnv - ok
14:39:33.0912 1832 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:39:33.0913 1832 sffdisk - ok
14:39:33.0917 1832 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:39:33.0918 1832 sffp_mmc - ok
14:39:33.0921 1832 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:39:33.0923 1832 sffp_sd - ok
14:39:33.0926 1832 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
14:39:33.0927 1832 sfloppy - ok
14:39:33.0944 1832 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:39:33.0949 1832 SharedAccess - ok
14:39:33.0960 1832 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:39:33.0966 1832 ShellHWDetection - ok
14:39:33.0968 1832 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
14:39:33.0969 1832 SiSRaid2 - ok
14:39:33.0972 1832 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
14:39:33.0974 1832 SiSRaid4 - ok
14:39:33.0976 1832 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:39:33.0978 1832 Smb - ok
14:39:33.0990 1832 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:39:33.0993 1832 SNMPTRAP - ok
14:39:34.0007 1832 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
14:39:34.0008 1832 spldr - ok
14:39:34.0027 1832 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
14:39:34.0035 1832 Spooler - ok
14:39:34.0071 1832 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
14:39:34.0105 1832 sppsvc - ok
14:39:34.0108 1832 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:39:34.0111 1832 sppuinotify - ok
14:39:34.0123 1832 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
14:39:34.0129 1832 srv - ok
14:39:34.0135 1832 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:39:34.0140 1832 srv2 - ok
14:39:34.0143 1832 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:39:34.0146 1832 srvnet - ok
14:39:34.0173 1832 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:39:34.0177 1832 SSDPSRV - ok
14:39:34.0186 1832 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:39:34.0189 1832 SstpSvc - ok
14:39:34.0313 1832 [ 0887B293199AA2055888FABA989ED0A6 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
14:39:34.0322 1832 Stereo Service - ok
14:39:34.0328 1832 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
14:39:34.0331 1832 stexstor - ok
14:39:34.0393 1832 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
14:39:34.0409 1832 stisvc - ok
14:39:34.0427 1832 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
14:39:34.0428 1832 storflt - ok
14:39:34.0448 1832 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
14:39:34.0459 1832 StorSvc - ok
14:39:34.0468 1832 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
14:39:34.0470 1832 storvsc - ok
14:39:34.0474 1832 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
14:39:34.0475 1832 swenum - ok
14:39:34.0497 1832 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
14:39:34.0508 1832 swprv - ok
14:39:34.0548 1832 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
14:39:34.0579 1832 SysMain - ok
14:39:34.0585 1832 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:39:34.0589 1832 TabletInputService - ok
14:39:34.0601 1832 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
14:39:34.0608 1832 TapiSrv - ok
14:39:34.0616 1832 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
14:39:34.0619 1832 TBS - ok
14:39:34.0666 1832 [ FC62769E7BFF2896035AEED399108162 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:39:34.0687 1832 Tcpip - ok
14:39:34.0710 1832 [ FC62769E7BFF2896035AEED399108162 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:39:34.0718 1832 TCPIP6 - ok
14:39:34.0722 1832 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:39:34.0723 1832 tcpipreg - ok
14:39:34.0726 1832 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:39:34.0727 1832 TDPIPE - ok
14:39:34.0729 1832 [ E4245BDA3190A582D55ED09E137401A9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:39:34.0730 1832 TDTCP - ok
14:39:34.0738 1832 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:39:34.0739 1832 tdx - ok
14:39:34.0742 1832 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
14:39:34.0742 1832 TermDD - ok
14:39:34.0758 1832 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
14:39:34.0767 1832 TermService - ok
14:39:34.0777 1832 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
14:39:34.0779 1832 Themes - ok
14:39:34.0804 1832 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
14:39:34.0806 1832 THREADORDER - ok
14:39:34.0813 1832 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
14:39:34.0816 1832 TrkWks - ok
14:39:34.0842 1832 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:39:34.0845 1832 TrustedInstaller - ok
14:39:34.0848 1832 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:39:34.0849 1832 tssecsrv - ok
14:39:34.0851 1832 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:39:34.0852 1832 TsUsbFlt - ok
14:39:34.0855 1832 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
14:39:34.0856 1832 TsUsbGD - ok
14:39:34.0871 1832 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:39:34.0873 1832 tunnel - ok
14:39:34.0876 1832 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
14:39:34.0877 1832 uagp35 - ok
14:39:34.0895 1832 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:39:34.0899 1832 udfs - ok
14:39:34.0927 1832 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:39:34.0929 1832 UI0Detect - ok
14:39:34.0932 1832 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:39:34.0933 1832 uliagpkx - ok
14:39:34.0948 1832 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:39:34.0949 1832 umbus - ok
14:39:34.0952 1832 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
14:39:34.0953 1832 UmPass - ok
14:39:34.0973 1832 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
14:39:34.0977 1832 UmRdpService - ok
14:39:34.0993 1832 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
14:39:34.0997 1832 upnphost - ok
14:39:35.0007 1832 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:39:35.0009 1832 usbccgp - ok
14:39:35.0022 1832 [ BA1E9E3550F6D578FF68DA2873077C96 ] UsbCharger C:\Windows\system32\DRIVERS\UsbCharger.sys
14:39:35.0022 1832 UsbCharger - ok
14:39:35.0025 1832 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:39:35.0026 1832 usbcir - ok
14:39:35.0029 1832 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:39:35.0030 1832 usbehci - ok
14:39:35.0042 1832 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:39:35.0045 1832 usbhub - ok
14:39:35.0047 1832 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:39:35.0048 1832 usbohci - ok
14:39:35.0050 1832 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
14:39:35.0051 1832 usbprint - ok
14:39:35.0057 1832 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:39:35.0059 1832 USBSTOR - ok
14:39:35.0061 1832 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:39:35.0062 1832 usbuhci - ok
14:39:35.0075 1832 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
14:39:35.0077 1832 UxSms - ok
14:39:35.0088 1832 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
14:39:35.0090 1832 VaultSvc - ok
14:39:35.0140 1832 [ 3EEBF3C348C3DEB4CF6F10F2E6E222CD ] VClone C:\Windows\system32\DRIVERS\VClone.sys
14:39:35.0142 1832 VClone - ok
14:39:35.0148 1832 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:39:35.0150 1832 vdrvroot - ok
14:39:35.0188 1832 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
14:39:35.0205 1832 vds - ok
14:39:35.0212 1832 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:39:35.0214 1832 vga - ok
14:39:35.0218 1832 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
14:39:35.0219 1832 VgaSave - ok
14:39:35.0224 1832 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:39:35.0228 1832 vhdmp - ok
14:39:35.0230 1832 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
14:39:35.0232 1832 viaide - ok
14:39:35.0248 1832 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
14:39:35.0251 1832 vmbus - ok
14:39:35.0264 1832 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
14:39:35.0266 1832 VMBusHID - ok
14:39:35.0270 1832 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:39:35.0271 1832 volmgr - ok
14:39:35.0290 1832 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:39:35.0295 1832 volmgrx - ok
14:39:35.0301 1832 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:39:35.0305 1832 volsnap - ok
14:39:35.0310 1832 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
14:39:35.0313 1832 vsmraid - ok
14:39:35.0348 1832 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
14:39:35.0368 1832 VSS - ok
14:39:35.0370 1832 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
14:39:35.0371 1832 vwifibus - ok
14:39:35.0385 1832 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
14:39:35.0390 1832 W32Time - ok
14:39:35.0393 1832 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
14:39:35.0394 1832 WacomPen - ok
14:39:35.0405 1832 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:39:35.0406 1832 WANARP - ok
14:39:35.0411 1832 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:39:35.0411 1832 Wanarpv6 - ok
14:39:35.0438 1832 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
14:39:35.0454 1832 wbengine - ok
14:39:35.0458 1832 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:39:35.0462 1832 WbioSrvc - ok
14:39:35.0467 1832 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:39:35.0472 1832 wcncsvc - ok
14:39:35.0484 1832 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:39:35.0487 1832 WcsPlugInService - ok
14:39:35.0489 1832 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
14:39:35.0490 1832 Wd - ok
14:39:35.0505 1832 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:39:35.0511 1832 Wdf01000 - ok
14:39:35.0520 1832 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:39:35.0522 1832 WdiServiceHost - ok
14:39:35.0525 1832 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:39:35.0527 1832 WdiSystemHost - ok
14:39:35.0541 1832 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
14:39:35.0545 1832 WebClient - ok
14:39:35.0557 1832 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:39:35.0561 1832 Wecsvc - ok
14:39:35.0567 1832 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:39:35.0570 1832 wercplsupport - ok
14:39:35.0573 1832 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
14:39:35.0576 1832 WerSvc - ok
14:39:35.0578 1832 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:39:35.0579 1832 WfpLwf - ok
14:39:35.0581 1832 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:39:35.0582 1832 WIMMount - ok
14:39:35.0587 1832 WinDefend - ok
14:39:35.0590 1832 WinHttpAutoProxySvc - ok
14:39:35.0677 1832 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:39:35.0687 1832 Winmgmt - ok
14:39:35.0749 1832 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
14:39:35.0776 1832 WinRM - ok
14:39:35.0798 1832 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
14:39:35.0810 1832 Wlansvc - ok
14:39:35.0813 1832 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:39:35.0814 1832 WmiAcpi - ok
14:39:35.0829 1832 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:39:35.0832 1832 wmiApSrv - ok
14:39:35.0845 1832 WMPNetworkSvc - ok
14:39:35.0860 1832 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:39:35.0864 1832 WPCSvc - ok
14:39:35.0867 1832 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:39:35.0871 1832 WPDBusEnum - ok
14:39:35.0874 1832 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:39:35.0875 1832 ws2ifsl - ok
14:39:35.0887 1832 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
14:39:35.0891 1832 wscsvc - ok
14:39:35.0893 1832 WSearch - ok
14:39:35.0949 1832 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
14:39:35.0972 1832 wuauserv - ok
14:39:35.0975 1832 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:39:35.0977 1832 WudfPf - ok
14:39:35.0980 1832 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:39:35.0982 1832 WUDFRd - ok
14:39:35.0998 1832 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:39:36.0002 1832 wudfsvc - ok
14:39:36.0013 1832 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
14:39:36.0017 1832 WwanSvc - ok
14:39:36.0027 1832 ================ Scan global ===============================
14:39:36.0044 1832 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:39:36.0090 1832 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
14:39:36.0121 1832 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
14:39:36.0166 1832 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:39:36.0236 1832 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:39:36.0249 1832 [Global] - ok
14:39:36.0249 1832 ================ Scan MBR ==================================
14:39:36.0268 1832 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:39:37.0123 1832 \Device\Harddisk0\DR0 - ok
14:39:37.0124 1832 ================ Scan VBR ==================================
14:39:37.0139 1832 [ A4AE44647F6265630D74404C455F3B70 ] \Device\Harddisk0\DR0\Partition1
14:39:37.0156 1832 \Device\Harddisk0\DR0\Partition1 - ok
14:39:37.0166 1832 [ E41931D035DC37877CD2A947C9A437AD ] \Device\Harddisk0\DR0\Partition2
14:39:37.0188 1832 \Device\Harddisk0\DR0\Partition2 - ok
14:39:37.0189 1832 ============================================================
14:39:37.0189 1832 Scan finished
14:39:37.0189 1832 ============================================================
14:39:37.0205 2856 Detected object count: 0
14:39:37.0205 2856 Actual detected object count: 0
14:39:47.0805 4840 Deinitialize success

[jaro3]

A RogueKiller po výmazu?

[da.backer]

RogueKiller V8.6.7 _x64_ [Aug 28 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : 01 [Práva správce]
Mód : Odebrat -- Datum : 09/01/2013 14:35:48
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 9 ¤¤¤
[HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ POL] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
[HJ POL] HKLM\[...]\System : EnableLUA (0) -> NAHRAZENO (1)
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> NAHRAZENO (1)
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> NAHRAZENO (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 2 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ATA SAMSUNG HD103UJ SCSI Disk Device +++++
--- User ---
[MBR] dcb1ecf708f313b136217e60a05a564e
[BSP] 87425aee79057c48a70c8fd6c5c8da41 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 953766 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_09012013_143548.txt >>
RKreport[0]_S_08312013_213033.txt;RKreport[0]_S_09012013_143533.txt