Notebook plný Rootkitu

[Empiik]

Ahoj po nainstalovaní antivirusu se mi oběvil hrozně moc rootkitu prosí tedy o kontrolu logu


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:41:32, on 11. 11. 2013
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.16384)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Roman\Desktop\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [RadioController] "C:\Program Files (x86)\RadioController\RfBtnHelper.exe" Start_Run
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - Startup: GamezUnited.lnk = Roman\Desktop\MT2\GamezUnited.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Broadcom Card Reader Service (BrcmCardReader) - Broadcom Corp. - C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Nero Update (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) - Dritek System INC. - C:\Windows\RfBtnSvc64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe

--
End of file - 10000 bytes

[Reklama]

[memphisto]

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

[Empiik]

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.04.04.07

Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16384
Roman :: EMPIIK [administrátor]

Ochrana: Povolena

11. 11. 2013 16:51:50
mbam-log-2013-11-11 (16-51-50).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 213788
Uplynulý čas: 8 minut, 14 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

[Empiik]

a ten AdwCLeaner mi antivirus zablokoval za něco .. a ted mi už nejde stahnout

[Empiik]

# AdwCleaner v3.012 - Report created 11/11/2013 at 17:23:10
# Updated 11/11/2013 by Xplode
# Operating System : Windows 8.1 (64 bits)
# Username : Roman - EMPIIK
# Running from : C:\Users\Roman\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Found C:\Program Files (x86)\Conduit
Folder Found C:\ProgramData\boost_interprocess
Folder Found C:\Users\Roman\AppData\LocalLow\Conduit

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\smartbar
Key Found : HKCU\Software\BI
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKCU\Software\BI
Key Found : [x64] HKCU\Software\Conduit
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\Software\Conduit

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16384


-\\ Mozilla Firefox v25.0 (cs)

[ File : C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\c5r8i9aw.default\prefs.js ]


-\\ Google Chrome v30.0.1599.101

[ File : C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1481 octets] - [11/11/2013 17:23:10]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1541 octets] ##########

[jaro3]

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Vymazat-Clean“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.


Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

[Empiik]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 8.1 x64
Ran by Roman on Łt 12. 11. 2013 at 21:16:37,27
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\bi
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\conduit



~~~ Files



~~~ Folders

Failed to delete: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\Users\Roman\appdata\locallow\conduit"
Failed to delete: [Folder] "C:\Program Files (x86)\conduit"
Failed to delete: [Folder] "C:\WINDOWS\syswow64\ai_recyclebin"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Łt 12. 11. 2013 at 21:22:13,71
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[Empiik]

RogueKiller V8.7.7 _x64_ [Nov 11 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 8 (6.2.9200 ) 64 bits version
Spuštěno v : Normální režim
Uživatel : Roman [Práva správce]
Mód : Kontrola -- Datum : 11/12/2013 21:25:44
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 2 ¤¤¤
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 1 ¤¤¤
[Roman][SUSP PATH] GamezUnited.lnk : C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GamezUnited.lnk @C:\Users\Roman\Desktop\MT2\GamezUnited.exe [-][x] -> NALEZENO

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST500LT012-9WS142 +++++
--- User ---
[MBR] c16a891b73a645aea036af97337b4754
[BSP] ce5965b05366c8a6208e1ef7c7cae9d0 : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097152 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) Verbatim STORE N GO USB Device +++++
--- User ---
[MBR] d96ee4290b677595c989ed4a723b265b
[BSP] 7f2e0fd634dfaf2bda86b5d5ae5814ba : Windows XP MBR Code
Partition table:
0 - [ACTIVE] FAT32 (0x0b) [VISIBLE] Offset (sectors): 63 | Size: 3822 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[0]_S_11122013_212544.txt >>

[Empiik]

a proč u toho AdwCleaner mám dát Clean když to nic nenašlo?

[jaro3]

Folder Found C:\Program Files (x86)\Conduit
Folder Found C:\ProgramData\boost_interprocess
Folder Found C:\Users\Roman\AppData\LocalLow\Conduit

***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\smartbar
Key Found : HKCU\Software\BI
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKCU\Software\BI
Key Found : [x64] HKCU\Software\Conduit
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\Software\Conduit

A tohle je co?


Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.

[Empiik]

RogueKiller V8.7.7 _x64_ [Nov 11 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 8 (6.2.9200 ) 64 bits version
Spuštěno v : Normální režim
Uživatel : Roman [Práva správce]
Mód : Odebrat -- Datum : 11/13/2013 15:35:59
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 2 ¤¤¤
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 1 ¤¤¤
[Roman][SUSP PATH] GamezUnited.lnk : C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GamezUnited.lnk @C:\Users\Roman\Desktop\MT2\GamezUnited.exe [-][x] -> VYMAZÁNO

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST500LT012-9WS142 +++++
--- User ---
[MBR] c16a891b73a645aea036af97337b4754
[BSP] ce5965b05366c8a6208e1ef7c7cae9d0 : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097152 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) Verbatim STORE N GO USB Device +++++
--- User ---
[MBR] d96ee4290b677595c989ed4a723b265b
[BSP] 7f2e0fd634dfaf2bda86b5d5ae5814ba : Windows XP MBR Code
Partition table:
0 - [ACTIVE] FAT32 (0x0b) [VISIBLE] Offset (sectors): 63 | Size: 3822 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[0]_D_11132013_153559.txt >>
RKreport[0]_S_11132013_153554.txt

[Empiik]

15:29:43.0897 4028 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
15:29:43.0897 4028 UEFI system
15:29:47.0554 4028 ============================================================
15:29:47.0554 4028 Current date / time: 2013/11/13 15:29:47.0554
15:29:47.0554 4028 SystemInfo:
15:29:47.0554 4028
15:29:47.0554 4028 OS Version: 6.2.9200 ServicePack: 0.0
15:29:47.0554 4028 Product type: Workstation
15:29:47.0554 4028 ComputerName: EMPIIK
15:29:47.0554 4028 UserName: Roman
15:29:47.0554 4028 Windows directory: C:\WINDOWS
15:29:47.0554 4028 System windows directory: C:\WINDOWS
15:29:47.0554 4028 Running under WOW64
15:29:47.0554 4028 Processor architecture: Intel x64
15:29:47.0554 4028 Number of processors: 2
15:29:47.0554 4028 Page size: 0x1000
15:29:47.0554 4028 Boot type: Normal boot
15:29:47.0554 4028 ============================================================
15:29:48.0241 4028 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:29:48.0257 4028 Drive \Device\Harddisk1\DR1 - Size: 0xEEF00000 (3.73 Gb), SectorSize: 0x200, Cylinders: 0x1E7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:29:48.0257 4028 ============================================================
15:29:48.0257 4028 \Device\Harddisk0\DR0:
15:29:48.0257 4028 GPT partitions:
15:29:48.0257 4028 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {D5493A41-1580-4FF2-9479-3D5AD4307AE3}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xC7800
15:29:48.0257 4028 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {9ADE21A8-3CDD-11E3-B3C5-85E7E137ED08}, Name: , StartLBA 0xC8800, BlocksNum 0x96000
15:29:48.0257 4028 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {9ADE21A9-3CDD-11E3-B3C5-85E7E137ED08}, Name: , StartLBA 0x15E800, BlocksNum 0x40000
15:29:48.0257 4028 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {C13E1718-5733-48D2-A4D0-B5B4A6989995}, Name: , StartLBA 0x19E800, BlocksNum 0x3A1E7000
15:29:48.0257 4028 MBR partitions:
15:29:48.0257 4028 \Device\Harddisk1\DR1:
15:29:48.0257 4028 MBR partitions:
15:29:48.0257 4028 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0x7777C1
15:29:48.0257 4028 ============================================================
15:29:48.0319 4028 C: <-> \Device\Harddisk0\DR0\Partition4
15:29:48.0350 4028 E: <-> \Device\Harddisk0\DR0\Partition3
15:29:48.0366 4028 G: <-> \Device\Harddisk0\DR0\Partition1
15:29:48.0366 4028 ============================================================
15:29:48.0366 4028 Initialize success
15:29:48.0366 4028 ============================================================
15:29:52.0476 3244 ============================================================
15:29:52.0491 3244 Scan started
15:29:52.0491 3244 Mode: Manual;
15:29:52.0491 3244 ============================================================
15:29:54.0648 3244 ================ Scan system memory ========================
15:29:54.0648 3244 System memory - ok
15:29:54.0648 3244 ================ Scan services =============================
15:29:54.0757 3244 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
15:29:54.0773 3244 1394ohci - ok
15:29:54.0788 3244 [ AD508A1A46EC21B740AB31C28EFDFDB1 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
15:29:54.0804 3244 3ware - ok
15:29:54.0835 3244 [ E19D921EBBD1A2CA4C48D7B5F1685B30 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
15:29:54.0851 3244 ACPI - ok
15:29:54.0851 3244 [ AC8279D229398BCF05C3154ADCA86813 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
15:29:54.0866 3244 acpiex - ok
15:29:54.0866 3244 [ A8970D9BF23CD309E0403978A1B58F3F ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
15:29:54.0882 3244 acpipagr - ok
15:29:54.0898 3244 [ 111A89C99C5B4F1A7BCE5F643DD86F65 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
15:29:54.0913 3244 AcpiPmi - ok
15:29:54.0913 3244 [ 5758387D68A20AE7D3245011B07E36E7 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
15:29:54.0913 3244 acpitime - ok
15:29:55.0007 3244 [ A283108E14F3970432C21AF4C0CB1BCE ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:29:55.0007 3244 AdobeFlashPlayerUpdateSvc - ok
15:29:55.0038 3244 [ 7C1FDF1B48298CBA7CE4BDD4978951AD ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
15:29:55.0054 3244 ADP80XX - ok
15:29:55.0085 3244 [ B19CA8E441D35AA2B1EE51C10B27DA1B ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
15:29:55.0085 3244 AeLookupSvc - ok
15:29:55.0116 3244 [ 239268BAB58EAE9A3FF4E08334C00451 ] AFD C:\WINDOWS\system32\drivers\afd.sys
15:29:55.0116 3244 AFD - ok
15:29:55.0132 3244 [ 7DFAEBA9AD62D20102B576D5CAC45EC8 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
15:29:55.0148 3244 agp440 - ok
15:29:55.0163 3244 [ 8E8E34B7BA059050EED827410D0697A2 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
15:29:55.0179 3244 ahcache - ok
15:29:55.0195 3244 [ A91D8E1E433EFB32551BCE69037E1CE7 ] ALG C:\WINDOWS\System32\alg.exe
15:29:55.0210 3244 ALG - ok
15:29:55.0226 3244 [ 7589DE749DB6F71A68489DCE04158729 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
15:29:55.0226 3244 AmdK8 - ok
15:29:55.0241 3244 [ B46D2D89AFF8A9490FA8C98C7A5616E3 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
15:29:55.0241 3244 AmdPPM - ok
15:29:55.0273 3244 [ D2BF2F94A47D332814910FD47C6BBCD2 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
15:29:55.0273 3244 amdsata - ok
15:29:55.0288 3244 [ A8E04943C7BBA7219AA50400272C3C6E ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
15:29:55.0304 3244 amdsbs - ok
15:29:55.0320 3244 [ CEA5F4F27CFC08E3A44D576811B35F50 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
15:29:55.0320 3244 amdxata - ok
15:29:55.0335 3244 [ 04951A9A937CBE28A2D3FEEA360B6D1F ] AppID C:\WINDOWS\system32\drivers\appid.sys
15:29:55.0335 3244 AppID - ok
15:29:55.0351 3244 [ C0DC3F58214A227980AEB091CFD2F973 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
15:29:55.0351 3244 AppIDSvc - ok
15:29:55.0366 3244 [ 7E790DE2487CEDB349D1750B9E47F090 ] Appinfo C:\WINDOWS\System32\appinfo.dll
15:29:55.0366 3244 Appinfo - ok
15:29:55.0398 3244 [ EF0EE63BE56D2CAC3FA07850770326F1 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
15:29:55.0398 3244 AppReadiness - ok
15:29:55.0445 3244 [ AF361C58D23BB967C7B4DF6BDDD57744 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
15:29:55.0476 3244 AppXSvc - ok
15:29:55.0491 3244 [ 65045784366F7EC5FB4E71BCF923187B ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
15:29:55.0491 3244 arcsas - ok
15:29:55.0538 3244 [ 1EC6777695564CA7EB3ADB36C78322E5 ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
15:29:55.0538 3244 aswFsBlk - ok
15:29:55.0570 3244 [ FAF7B0B0C44A2FBD6FBC54E3E0F38545 ] aswMonFlt C:\WINDOWS\system32\drivers\aswMonFlt.sys
15:29:55.0570 3244 aswMonFlt - ok
15:29:55.0632 3244 [ 679712B7A353EE665B9301592164A172 ] aswRdr C:\WINDOWS\system32\drivers\aswRdr2.sys
15:29:55.0632 3244 aswRdr - ok
15:29:55.0663 3244 [ C04F7B373881009D7994D9BF55D24AB4 ] aswRvrt C:\WINDOWS\system32\drivers\aswRvrt.sys
15:29:55.0663 3244 aswRvrt - ok
15:29:55.0710 3244 [ 3E07C93A2CB67840E4CD56C00959A402 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
15:29:55.0741 3244 aswSnx - ok
15:29:55.0804 3244 [ 79ADA401A6E2054F110E7FBDFAC71942 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
15:29:55.0804 3244 aswSP - ok
15:29:55.0835 3244 [ 59787B95DD9CA44CB139D96863438587 ] aswVmm C:\WINDOWS\system32\drivers\aswVmm.sys
15:29:55.0835 3244 aswVmm - ok
15:29:55.0867 3244 [ 3DB7721F06BC2FEDB25029EA23AB27DA ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:29:55.0867 3244 AsyncMac - ok
15:29:55.0898 3244 [ 74B14192CF79A72F7536B27CB8814FBD ] atapi C:\WINDOWS\system32\drivers\atapi.sys
15:29:55.0898 3244 atapi - ok
15:29:56.0007 3244 [ 2C7676F892E88FD190F08D98048C7C6C ] athr C:\WINDOWS\system32\DRIVERS\athw8x.sys
15:29:56.0085 3244 athr - ok
15:29:56.0117 3244 [ 4903CBC14742B5AB4DCF7A92F7DEC483 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
15:29:56.0117 3244 AudioEndpointBuilder - ok
15:29:56.0148 3244 [ 86DD7884124D363A63CCE7A11FDEBBED ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
15:29:56.0163 3244 Audiosrv - ok
15:29:56.0226 3244 [ 7A189530FD0CFD415DBE41123F8A6A59 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:29:56.0242 3244 avast! Antivirus - ok
15:29:56.0257 3244 [ 96E8CAF20FC4B6C31CAD7816A801EB78 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
15:29:56.0273 3244 AxInstSV - ok
15:29:56.0320 3244 [ A4A73F631FE2AA2826FBE4A399B04DEF ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
15:29:56.0335 3244 b06bdrv - ok
15:29:56.0367 3244 [ 0630C8915B747E88E825CE7F73B66A5D ] b57xdbd C:\WINDOWS\System32\drivers\b57xdbd.sys
15:29:56.0382 3244 b57xdbd - ok
15:29:56.0398 3244 [ CA8457E528E13B38F8DC3B86B6BA4C6B ] b57xdmp C:\WINDOWS\System32\drivers\b57xdmp.sys
15:29:56.0398 3244 b57xdmp - ok
15:29:56.0413 3244 [ 8CC7F7E4AFCBA605921B137ED7992C68 ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
15:29:56.0413 3244 BasicDisplay - ok
15:29:56.0429 3244 [ 2748E116F8621A4DB0D39FCDD7318C01 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
15:29:56.0429 3244 BasicRender - ok
15:29:56.0460 3244 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
15:29:56.0460 3244 bcmfn2 - ok
15:29:56.0492 3244 [ BBE61A40665B83488901E41082A6097D ] BDESVC C:\WINDOWS\System32\bdesvc.dll
15:29:56.0507 3244 BDESVC - ok
15:29:56.0523 3244 [ EC19013E4CF87609534165DF897274D6 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
15:29:56.0523 3244 Beep - ok
15:29:56.0570 3244 [ 619D2B906EEA740AB0223BA4AB9507C4 ] BFE C:\WINDOWS\System32\bfe.dll
15:29:56.0585 3244 BFE - ok
15:29:56.0617 3244 [ 15225081966C785A9192782401643FD4 ] BITS C:\WINDOWS\System32\qmgr.dll
15:29:56.0695 3244 BITS - ok
15:29:56.0726 3244 [ 6B4FFFDDC618FCF64473CAA86E305697 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
15:29:56.0726 3244 bowser - ok
15:29:56.0757 3244 [ 5C6ADD0111E1C6601B5911F7ACF85BB8 ] BrcmCardReader C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
15:29:56.0773 3244 BrcmCardReader - ok
15:29:56.0804 3244 [ 748141CC03DF40C38F17D3F96BB15C80 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
15:29:56.0820 3244 BrokerInfrastructure - ok
15:29:56.0835 3244 [ D528D6A92D187777691993DD757AF19A ] Browser C:\WINDOWS\System32\browser.dll
15:29:56.0835 3244 Browser - ok
15:29:56.0867 3244 [ 0E9B28782D0E5DE7C25207432B791B33 ] bScsiMSa C:\WINDOWS\System32\drivers\bScsiMSa.sys
15:29:56.0867 3244 bScsiMSa - ok
15:29:56.0882 3244 [ 8F62F985BDD2F333A3EE34D54894363D ] bScsiSDa C:\WINDOWS\System32\drivers\bScsiSDa.sys
15:29:56.0898 3244 bScsiSDa - ok
15:29:56.0929 3244 [ A8F23D453A424FF4DE04989C4727ECC7 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
15:29:56.0929 3244 BthAvrcpTg - ok
15:29:56.0945 3244 [ 746B9F94214915AECDE4B7FEA5FF9664 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
15:29:56.0960 3244 BthHFEnum - ok
15:29:56.0976 3244 [ 71FE2A48E4C93DDB9798C024880B6C07 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
15:29:56.0976 3244 bthhfhid - ok
15:29:56.0992 3244 [ 07E33226AD218A2A162662A05CAFB52F ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
15:29:57.0007 3244 BTHMODEM - ok
15:29:57.0038 3244 [ E5E48FEED73D463175EAB1542495191C ] bthserv C:\WINDOWS\system32\bthserv.dll
15:29:57.0038 3244 bthserv - ok
15:29:57.0070 3244 [ E41F70406C34F1CB667B4B27D81AD162 ] ccSet_NARA C:\WINDOWS\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys
15:29:57.0070 3244 ccSet_NARA - ok
15:29:57.0101 3244 [ 2FA6510E33F7DEFEC03658B74101A9B9 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
15:29:57.0101 3244 cdfs - ok
15:29:57.0117 3244 [ C6796EA22B513E3457514D92DCDB1A3D ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
15:29:57.0117 3244 cdrom - ok
15:29:57.0148 3244 [ AB285CE3431FF3D2ACE669245874C1C7 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
15:29:57.0148 3244 CertPropSvc - ok
15:29:57.0163 3244 [ BE9936EDD3267FAAFF94A7835867F00B ] circlass C:\WINDOWS\System32\drivers\circlass.sys
15:29:57.0179 3244 circlass - ok
15:29:57.0210 3244 [ 7F006813C2AFE622C13D7AF94F56CD07 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
15:29:57.0210 3244 CLFS - ok
15:29:57.0242 3244 [ EF6EF85DADC3184A10D8F2F7159973CB ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
15:29:57.0242 3244 CmBatt - ok
15:29:57.0257 3244 [ 825BE21E6395E00698D8A23955A87972 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
15:29:57.0257 3244 CNG - ok
15:29:57.0273 3244 [ 03AAED827C36F35D70900558B8274905 ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
15:29:57.0288 3244 CompositeBus - ok
15:29:57.0288 3244 COMSysApp - ok
15:29:57.0320 3244 [ A1FF7DFBFBE164CF92603C651D304DD2 ] condrv C:\WINDOWS\system32\drivers\condrv.sys
15:29:57.0320 3244 condrv - ok
15:29:57.0413 3244 [ 61D0FDF2D2269F13D44C23EF951AD36C ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
15:29:57.0523 3244 cphs - ok
15:29:57.0570 3244 [ 0EFE4B5884A8032617826A4D76F80969 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
15:29:57.0570 3244 CryptSvc - ok
15:29:57.0585 3244 [ 315BA4BC19316D72B2E037534E048B93 ] dam C:\WINDOWS\system32\drivers\dam.sys
15:29:57.0585 3244 dam - ok
15:29:57.0648 3244 [ 3FD5AE42EC87C6F532A931F96BE731DD ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
15:29:57.0663 3244 DcomLaunch - ok
15:29:57.0679 3244 [ F4CCAADC2C78F57E4F16B24C9201CE22 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
15:29:57.0679 3244 defragsvc - ok
15:29:57.0726 3244 [ 0BC71D4D3B5883903C37BF4E13B0F0C5 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
15:29:57.0726 3244 DeviceAssociationService - ok
15:29:57.0788 3244 [ D06DB4200F9444B2386E6C0E68CD574A ] DeviceFastLaneService C:\Program Files\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneSvc.exe
15:29:57.0820 3244 DeviceFastLaneService - ok
15:29:57.0835 3244 [ 752A457320A946E03C3AA86C3ACD735E ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
15:29:57.0851 3244 DeviceInstall - ok
15:29:57.0882 3244 [ 5DB26D7E0216D0BF364A81D3829AD7B9 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
15:29:57.0882 3244 Dfsc - ok
15:29:57.0913 3244 [ 8B107F55FD61654A6C9F1B819AEC5FC4 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
15:29:57.0913 3244 Dhcp - ok
15:29:57.0929 3244 [ 4D40C9B33F738797CF50E77CB7C53E85 ] disk C:\WINDOWS\system32\drivers\disk.sys
15:29:57.0945 3244 disk - ok
15:29:57.0960 3244 [ EB70A894708D1BC176AFD690FF06085F ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
15:29:57.0960 3244 dmvsc - ok
15:29:57.0992 3244 [ FBD2D7F491F3EBC5C54C5C4DB2564953 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
15:29:58.0007 3244 Dnscache - ok
15:29:58.0023 3244 [ 50288EA079BB520C2B8C8A154202D518 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
15:29:58.0023 3244 dot3svc - ok
15:29:58.0039 3244 [ 281BEE07BA97E3E98D12A822D923D0D8 ] DPS C:\WINDOWS\system32\dps.dll
15:29:58.0039 3244 DPS - ok
15:29:58.0054 3244 [ DDC11A202207C0400CBE07315B8FDE5E ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
15:29:58.0070 3244 drmkaud - ok
15:29:58.0132 3244 [ D2BCDD6BBFCD068090C109854FCEE079 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
15:29:58.0148 3244 DsiWMIService - ok
15:29:58.0195 3244 [ 5B074F14F5DD6418F46EE4CA2DEB7EA8 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
15:29:58.0210 3244 DsmSvc - ok
15:29:58.0257 3244 [ AEAB1924098DB538784C1D2B268FF0C9 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
15:29:58.0304 3244 DXGKrnl - ok
15:29:58.0335 3244 [ 6073537F250B45E1CB2A02E97F0FE1B2 ] Eaphost C:\WINDOWS\System32\eapsvc.dll
15:29:58.0335 3244 Eaphost - ok
15:29:58.0429 3244 [ 114BCFDF367FF37C3F1B0A96AF542E4D ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
15:29:58.0492 3244 ebdrv - ok
15:29:58.0523 3244 [ F6F209DDB94959BA104FC8FC87C53759 ] EFS C:\WINDOWS\System32\lsass.exe
15:29:58.0523 3244 EFS - ok
15:29:58.0539 3244 [ 43531A5993380CC5113242C29D265FD9 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
15:29:58.0539 3244 EhStorClass - ok
15:29:58.0570 3244 [ 6F8E738A9505A388B1157FDDE7B3101B ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
15:29:58.0570 3244 EhStorTcgDrv - ok
15:29:58.0617 3244 [ 5C5552BF36C443746A9808EB632B3947 ] ePowerSvc C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
15:29:58.0632 3244 ePowerSvc - ok
15:29:58.0664 3244 [ DFFFAE1442BA4076E18EED5E406FA0D3 ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
15:29:58.0664 3244 ErrDev - ok
15:29:58.0695 3244 [ BBEFD1442896352FBACEC3319959B278 ] ETD C:\WINDOWS\system32\DRIVERS\ETD.sys
15:29:58.0710 3244 ETD - ok
15:29:58.0757 3244 [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3 ] EventSystem C:\WINDOWS\system32\es.dll
15:29:58.0757 3244 EventSystem - ok
15:29:58.0789 3244 [ 7729D294A555C7AEB281ED8E4D0E01E4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
15:29:58.0789 3244 exfat - ok
15:29:58.0804 3244 [ 7C4E0D5900B2A1D11EDD626D6DDB937B ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
15:29:58.0820 3244 fastfat - ok
15:29:58.0851 3244 [ 2BC8532ABF2B3756B78FA1DA54147DDE ] Fax C:\WINDOWS\system32\fxssvc.exe
15:29:58.0867 3244 Fax - ok
15:29:58.0882 3244 [ 5D8402613E778B3BD45E687A8372710B ] fdc C:\WINDOWS\System32\drivers\fdc.sys
15:29:58.0882 3244 fdc - ok
15:29:58.0914 3244 [ DC1A78BCCCB7EE53D6FD3BD615A8E222 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
15:29:58.0914 3244 fdPHost - ok
15:29:58.0929 3244 [ E5AD448F2DC84B1CF387FA7F2A3D1936 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
15:29:58.0945 3244 FDResPub - ok
15:29:58.0960 3244 [ 0046E0BD031213D37123876B0D0FA61C ] fhsvc C:\WINDOWS\system32\fhsvc.dll
15:29:58.0960 3244 fhsvc - ok
15:29:58.0976 3244 [ 957A7A8F5ACCAF23DD9DFF6DAA393CE5 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
15:29:58.0992 3244 FileInfo - ok
15:29:59.0007 3244 [ A1A66C4FDAFD6B0289523232AFB7D8AF ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
15:29:59.0007 3244 Filetrace - ok
15:29:59.0023 3244 [ BE743083CF7063C486A4398E3AEFE59A ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
15:29:59.0039 3244 flpydisk - ok
15:29:59.0054 3244 [ 60D5067FCE6D9433D35E04C01D8538B3 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
15:29:59.0054 3244 FltMgr - ok
15:29:59.0101 3244 [ 183CA7699474FDE235853967D1DA4D9B ] FontCache C:\WINDOWS\system32\FntCache.dll
15:29:59.0148 3244 FontCache - ok
15:29:59.0242 3244 [ 1C52387BF5A127F5F3BFB31288F30D93 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:29:59.0242 3244 FontCache3.0.0.0 - ok
15:29:59.0257 3244 [ 35005534E600E993A90B036E4E599F2B ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
15:29:59.0257 3244 FsDepends - ok
15:29:59.0289 3244 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:29:59.0289 3244 Fs_Rec - ok
15:29:59.0320 3244 [ 83E1F0983B02A6F8EC764D18E24ECF10 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
15:29:59.0335 3244 fvevol - ok
15:29:59.0367 3244 [ 9591D0B9351ED489EAFD9D1CE52A8015 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
15:29:59.0382 3244 FxPPM - ok
15:29:59.0382 3244 [ FC3EF65EE20D39F8749C2218DBA681CA ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
15:29:59.0398 3244 gagp30kx - ok
15:29:59.0414 3244 [ 0BF5CAD281E25F1418E5B8875DC5ADD1 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
15:29:59.0445 3244 gencounter - ok
15:29:59.0460 3244 [ FDA72810CA2F8409D9B31E833C448E34 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
15:29:59.0460 3244 GPIOClx0101 - ok
15:29:59.0507 3244 [ 0BDE0FCF597E9B65600121EF54FF8340 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
15:29:59.0554 3244 gpsvc - ok
15:29:59.0664 3244 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:29:59.0679 3244 gupdate - ok
15:29:59.0679 3244 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:29:59.0679 3244 gupdatem - ok
15:29:59.0710 3244 [ E12F4898F46ACA0D0AB0CC6483E94377 ] Hamachi C:\WINDOWS\system32\DRIVERS\Hamdrv.sys
15:29:59.0710 3244 Hamachi - ok
15:29:59.0742 3244 [ 03909BDBFF0DCACCABF2B2D4ADEE44DC ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
15:29:59.0742 3244 HDAudBus - ok
15:29:59.0757 3244 [ 10A70BC1871CD955D85CD88372724906 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
15:29:59.0773 3244 HidBatt - ok
15:29:59.0789 3244 [ 1EA1B4FABB8CC348E73CA90DBA22E104 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
15:29:59.0804 3244 HidBth - ok
15:29:59.0820 3244 [ C241A8BAFBBFC90176EA0F5240EACC17 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
15:29:59.0835 3244 hidi2c - ok
15:29:59.0867 3244 [ 9BDDEE26255421017E161CCB9D5EDA95 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
15:29:59.0867 3244 HidIr - ok
15:29:59.0898 3244 [ 449A20A674AA3FAA7F0DD4E33EE2DC20 ] hidserv C:\WINDOWS\system32\hidserv.dll
15:29:59.0898 3244 hidserv - ok
15:29:59.0914 3244 [ F31397220D9687E11EB448649AA6E038 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
15:29:59.0929 3244 HidUsb - ok
15:29:59.0960 3244 [ 7BF3ADCBD021D4F4A84CF40EB49C71B5 ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
15:29:59.0960 3244 hkmsvc - ok
15:29:59.0976 3244 [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
15:29:59.0992 3244 HomeGroupListener - ok
15:30:00.0054 3244 [ BE5F89BAFBD4272D5A0C0A37B97865ED ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
15:30:00.0070 3244 HomeGroupProvider - ok
15:30:00.0101 3244 [ A6AACEA4C785789BDA5912AD1FEDA80D ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
15:30:00.0101 3244 HpSAMD - ok
15:30:00.0148 3244 [ 3502776E366C913D49C0DA928AE3E6CB ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
15:30:00.0148 3244 HTTP - ok
15:30:00.0179 3244 [ 90656C0B3864804B090434EFC582404F ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
15:30:00.0179 3244 hwpolicy - ok
15:30:00.0195 3244 [ 6D6F9E3BF0484967E52F7E846BFF1CA1 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
15:30:00.0210 3244 hyperkbd - ok
15:30:00.0226 3244 [ 907C870F8C31F8DDD6F090857B46AB25 ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
15:30:00.0226 3244 HyperVideo - ok
15:30:00.0242 3244 [ 84CFC5EFA97D0C965EDE1D56F116A541 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
15:30:00.0257 3244 i8042prt - ok
15:30:00.0273 3244 [ 5D90E32E36CE5D4C535D17CE08AEAF05 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
15:30:00.0273 3244 iaLPSSi_GPIO - ok
15:30:00.0289 3244 [ DD05E7E80F52ADE9AEB292819920F32C ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
15:30:00.0289 3244 iaLPSSi_I2C - ok
15:30:00.0320 3244 [ 6C024B3AE192D72B216166802AF345DD ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
15:30:00.0320 3244 iaStorA - ok
15:30:00.0351 3244 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
15:30:00.0367 3244 iaStorAV - ok
15:30:00.0398 3244 [ A2200C3033FA4EF249FC096A7A7D02A2 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
15:30:00.0398 3244 iaStorV - ok
15:30:00.0460 3244 [ 83FF82FE209E7997067B375DAD6CF23D ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
15:30:00.0476 3244 ICCS - ok
15:30:00.0476 3244 IEEtwCollectorService - ok
15:30:00.0585 3244 [ 690E1FCE66B5F0DB3A00B30E9CC2D617 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
15:30:00.0695 3244 igfx - ok
15:30:00.0726 3244 [ CE6E075B75E313EDF7F32ECD69DD8EA1 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
15:30:00.0773 3244 IKEEXT - ok
15:30:00.0882 3244 [ 9CC645EB9697AA4F2D5A39835C80A0A2 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
15:30:00.0992 3244 IntcAzAudAddService - ok
15:30:01.0023 3244 [ F5495B38BFB9149925F54F65AB40EFBF ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
15:30:01.0039 3244 IntcDAud - ok
15:30:01.0086 3244 [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
15:30:01.0101 3244 Intel(R) Capability Licensing Service Interface - ok
15:30:01.0117 3244 [ 4E448FCFFD00E8D657CD9E48D3E47157 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
15:30:01.0117 3244 intelide - ok
15:30:01.0148 3244 [ A2B6215E54075A936E5B424ABCD1323E ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
15:30:01.0148 3244 intelpep - ok
15:30:01.0164 3244 [ 47E74A8E53C7C24DCE38311E1451C1D9 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
15:30:01.0179 3244 intelppm - ok
15:30:01.0195 3244 [ 9DB76D7F9E4E53EFE5DD8C53DE837514 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:30:01.0195 3244 IpFilterDriver - ok
15:30:01.0242 3244 [ 201EDF3C5E674BF1FE44D28CC6A76EA2 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
15:30:01.0257 3244 iphlpsvc - ok
15:30:01.0273 3244 [ 9949A3C7590B8C536C05312205079A82 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
15:30:01.0289 3244 IPMIDRV - ok
15:30:01.0320 3244 [ E23D32BAF152FBE35F18C6A2AB8EF271 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
15:30:01.0336 3244 IPNAT - ok
15:30:01.0351 3244 [ AE44C526AB5F8A487D941CEB57B10C97 ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
15:30:01.0351 3244 IRENUM - ok
15:30:01.0367 3244 [ 8AFEEA3955AA43616A60F133B1D25F21 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
15:30:01.0367 3244 isapnp - ok
15:30:01.0382 3244 [ 034D4BD9DC67C64F3A4C8A049B5173BF ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
15:30:01.0398 3244 iScsiPrt - ok
15:30:01.0445 3244 [ 3C4002D339491AF73D663FFC7F6E5ECB ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
15:30:01.0445 3244 jhi_service - ok
15:30:01.0476 3244 [ 45369E037410609D769852A1CE46A184 ] k57nd60a C:\WINDOWS\system32\DRIVERS\k57nd60a.sys
15:30:01.0492 3244 k57nd60a - ok
15:30:01.0523 3244 [ 8BE92376799B6B44D543E8D07CDCF885 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
15:30:01.0523 3244 kbdclass - ok
15:30:01.0539 3244 [ FB6E47E569D4872ABEB506BE03A45FBA ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
15:30:01.0539 3244 kbdhid - ok
15:30:01.0554 3244 [ 813871C7D402A05F2E3A7075F9584A05 ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
15:30:01.0554 3244 kdnic - ok
15:30:01.0570 3244 [ F6F209DDB94959BA104FC8FC87C53759 ] KeyIso C:\WINDOWS\system32\lsass.exe
15:30:01.0570 3244 KeyIso - ok
15:30:01.0601 3244 [ ADDECBCC777665BD113BED437E602AB0 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
15:30:01.0601 3244 KSecDD - ok
15:30:01.0632 3244 [ 7296EA420134EAC390798B3232D066A4 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
15:30:01.0632 3244 KSecPkg - ok
15:30:01.0648 3244 [ 11AFB527AA370B1DAFD5C36F35F6D45F ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
15:30:01.0648 3244 ksthunk - ok
15:30:01.0695 3244 [ 32B1A8351160F307A8C66BCB0F94A9C2 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
15:30:01.0711 3244 KtmRm - ok
15:30:01.0742 3244 [ 27B58E16CF895AC1F1A97C04814C2239 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
15:30:01.0757 3244 LanmanServer - ok
15:30:01.0773 3244 [ D0D9C2ECA4D03A8F06DCD91236B90C98 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
15:30:01.0789 3244 LanmanWorkstation - ok
15:30:01.0804 3244 [ EE289BD147FDFF95EF1B9BD65D3B974A ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll
15:30:01.0820 3244 lfsvc - ok
15:30:01.0836 3244 [ C09010B3680860131631F53E8FE7BAD8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
15:30:01.0851 3244 lltdio - ok
15:30:01.0898 3244 [ 00E070FC0C673311AFD4B068D1242780 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
15:30:01.0914 3244 lltdsvc - ok
15:30:01.0929 3244 [ D113FAD71A5E67AA94B32A0F8828D265 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
15:30:01.0945 3244 lmhosts - ok
15:30:01.0976 3244 [ 4269D44BB47A6DA5D80B11F4C8536458 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
15:30:01.0976 3244 LMS - ok
15:30:02.0007 3244 [ C755AE4635457AA2A11F79C0DF857ABC ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
15:30:02.0023 3244 LSI_SAS - ok
15:30:02.0039 3244 [ ADAC09CBE7A2040B7F68B5E5C9A75141 ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
15:30:02.0039 3244 LSI_SAS2 - ok
15:30:02.0054 3244 [ 04D1274BB9BBCCF12BD12374002AA191 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys
15:30:02.0054 3244 LSI_SAS3 - ok
15:30:02.0070 3244 [ 327469EEF3833D0C584B7E88A76AEC0C ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
15:30:02.0070 3244 LSI_SSS - ok
15:30:02.0101 3244 [ B6B69FF200F68888A7FAFDF204D00C91 ] LSM C:\WINDOWS\System32\lsm.dll
15:30:02.0117 3244 LSM - ok
15:30:02.0132 3244 [ 5EF604B0698F4FA962778285E8C5F1F2 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
15:30:02.0148 3244 luafv - ok
15:30:02.0164 3244 [ EB5C03A070F30D64A6DF80E53B22F53F ] megasas C:\WINDOWS\system32\drivers\megasas.sys
15:30:02.0164 3244 megasas - ok
15:30:02.0195 3244 [ F6F13533196DE7A582D422B0241E4363 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
15:30:02.0211 3244 megasr - ok
15:30:02.0242 3244 [ 772A1DEEDFDBC244183B5C805D1B7D85 ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
15:30:02.0242 3244 MEIx64 - ok
15:30:02.0257 3244 [ FD788C2D96EA91469A3C1D13E80D7473 ] MMCSS C:\WINDOWS\system32\mmcss.dll
15:30:02.0273 3244 MMCSS - ok
15:30:02.0304 3244 [ 8B38C44F69259987C95135C9627E2378 ] Modem C:\WINDOWS\system32\drivers\modem.sys
15:30:02.0304 3244 Modem - ok
15:30:02.0320 3244 [ 601589000CC90F0DF8DA2CC254A3CCC9 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
15:30:02.0320 3244 monitor - ok
15:30:02.0351 3244 [ CEAC6D40FE887CE8406C2393CF97DE06 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
15:30:02.0351 3244 mouclass - ok
15:30:02.0367 3244 [ 02D98BF804084E9A0D69D1C69B02CCA9 ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
15:30:02.0367 3244 mouhid - ok
15:30:02.0382 3244 [ 515549560D481138E6E21AF7C6998E56 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
15:30:02.0382 3244 mountmgr - ok
15:30:02.0445 3244 [ 5D494509432897338AFC19DB78A76DCB ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:30:02.0476 3244 MozillaMaintenance - ok
15:30:02.0492 3244 [ F170510BE94CF45E3C6274578F6204B2 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
15:30:02.0492 3244 mpsdrv - ok
15:30:02.0523 3244 [ D186C5844393252147BE934F3871DB7A ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
15:30:02.0539 3244 MpsSvc - ok
15:30:02.0586 3244 [ 59DCEC7499095DE5AED741358037AE2D ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
15:30:02.0586 3244 MRxDAV - ok
15:30:02.0617 3244 [ 6129EDB793A4255B1E2FB41773AC9D9A ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:30:02.0617 3244 mrxsmb - ok
15:30:02.0648 3244 [ 295771B092D4F7FCF2B62F80CCD14320 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
15:30:02.0648 3244 mrxsmb10 - ok
15:30:02.0664 3244 [ AAF56E4E84D35411B4E446C445732DFE ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
15:30:02.0679 3244 mrxsmb20 - ok
15:30:02.0695 3244 [ 4E888019078AC363076A5433E89AA4F8 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
15:30:02.0695 3244 MsBridge - ok
15:30:02.0726 3244 [ A082C17D14D0790E27D064EA4B138AE1 ] MSDTC C:\WINDOWS\System32\msdtc.exe
15:30:02.0742 3244 MSDTC - ok
15:30:02.0757 3244 [ D13329FBF8345B28AB30F44CC247DC08 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
15:30:02.0757 3244 Msfs - ok
15:30:02.0773 3244 [ C6B474E46F9E543B875981ED3FFE6ADD ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
15:30:02.0789 3244 msgpiowin32 - ok
15:30:02.0804 3244 [ 65C92EB9D08DB5C69F28C7FFD4E84E31 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
15:30:02.0804 3244 mshidkmdf - ok
15:30:02.0820 3244 [ 52299F086AC2DAFD100DD5DC4A8614BA ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
15:30:02.0820 3244 mshidumdf - ok
15:30:02.0851 3244 [ 36D92AF3343C3A3E57FEF11C449AEA4C ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
15:30:02.0851 3244 msisadrv - ok
15:30:02.0882 3244 [ 810F8A0A0680662BB0CE44D0E2CEF90C ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
15:30:02.0882 3244 MSiSCSI - ok
15:30:02.0898 3244 msiserver - ok
15:30:02.0898 3244 [ A9BBBD2BAE6142253B9195E949AC2E8D ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:30:02.0914 3244 MSKSSRV - ok
15:30:02.0929 3244 [ 375E44168F2DFB91A68B8A3F619C5A7C ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
15:30:02.0929 3244 MsLldp - ok
15:30:02.0961 3244 [ 7B2128EB875DCBC006E6A913211006D6 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:30:02.0961 3244 MSPCLOCK - ok
15:30:02.0976 3244 [ 1E88171579B218115C7A772F8DE04BD8 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
15:30:02.0992 3244 MSPQM - ok
15:30:03.0008 3244 [ BBE2A455053E63BECBF42C2F9B21FAE0 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
15:30:03.0023 3244 MsRPC - ok
15:30:03.0023 3244 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
15:30:03.0039 3244 mssmbios - ok
15:30:03.0039 3244 [ 115019AE01E0EB9C048530D2928AB4A2 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
15:30:03.0054 3244 MSTEE - ok
15:30:03.0070 3244 [ 96D604A35070360F0DD4A7A8AF410B5E ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
15:30:03.0070 3244 MTConfig - ok
15:30:03.0086 3244 [ 619CA29326B82372621DB2C0964D8365 ] Mup C:\WINDOWS\system32\Drivers\mup.sys
15:30:03.0086 3244 Mup - ok
15:30:03.0101 3244 [ B8C35C94DCB2DFEAF03BB42131F2F77F ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
15:30:03.0101 3244 mvumis - ok
15:30:03.0133 3244 [ 41A45D2A75494EABF2806EA051E00376 ] napagent C:\WINDOWS\system32\qagentRT.dll
15:30:03.0148 3244 napagent - ok
15:30:03.0179 3244 [ CF8B989D89D6807B887690F2CF24EFD9 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
15:30:03.0179 3244 NativeWifiP - ok
15:30:03.0242 3244 [ 934BB0D23A25C8C136570800A5A149B6 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
15:30:03.0242 3244 NAUpdate - ok
15:30:03.0273 3244 [ 71E3C0100AA19D11373CCEB2F51A6008 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
15:30:03.0273 3244 NcaSvc - ok
15:30:03.0289 3244 [ 51DF09CAB2CAC64FEE3E371D9028ED01 ] NcbService C:\WINDOWS\System32\ncbservice.dll
15:30:03.0304 3244 NcbService - ok
15:30:03.0304 3244 [ 2586C4C167499210DCBF3ECFD8CCE210 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
15:30:03.0320 3244 NcdAutoSetup - ok
15:30:03.0351 3244 [ AD9086052A5E5153AF43FE74138A4B27 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
15:30:03.0383 3244 NDIS - ok
15:30:03.0398 3244 [ C6BB12BC35D1637CA17AE16D3A4725EB ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
15:30:03.0414 3244 NdisCap - ok
15:30:03.0414 3244 [ 9F1DA20E943BE7AA4ED5F3E1EBA78B37 ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
15:30:03.0414 3244 NdisImPlatform - ok
15:30:03.0445 3244 [ 9423421E735BD5394351E0C47C76BB92 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:30:03.0445 3244 NdisTapi - ok
15:30:03.0461 3244 [ B832B35055BA2B7B4181861FF94D8E59 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:30:03.0461 3244 Ndisuio - ok
15:30:03.0476 3244 [ 1F58E48EF75F34C35D8E93A0DC535CFE ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
15:30:03.0492 3244 NdisVirtualBus - ok
15:30:03.0523 3244 [ DEC29080202D4F9F17F55E18BCFCC41A ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:30:03.0523 3244 NdisWan - ok
15:30:03.0539 3244 [ DEC29080202D4F9F17F55E18BCFCC41A ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:30:03.0539 3244 NdisWanLegacy - ok
15:30:03.0570 3244 [ A5BD69A8812FA79D1A487691DD3FB244 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
15:30:03.0570 3244 NDProxy - ok
15:30:03.0601 3244 [ 5A072F0B90C29C5233D78BE33EF5ED78 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
15:30:03.0601 3244 Ndu - ok
15:30:03.0617 3244 [ A83D67D347A684F10B7D3019C8A6380C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
15:30:03.0617 3244 NetBIOS - ok
15:30:03.0633 3244 [ 0217532E19A748F0E5D569307363D5FD ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
15:30:03.0648 3244 NetBT - ok
15:30:03.0664 3244 [ F6F209DDB94959BA104FC8FC87C53759 ] Netlogon C:\WINDOWS\system32\lsass.exe
15:30:03.0664 3244 Netlogon - ok
15:30:03.0695 3244 [ B7AD851A21FEBA3BA214972627614207 ] Netman C:\WINDOWS\System32\netman.dll
15:30:03.0711 3244 Netman - ok
15:30:03.0726 3244 [ F0F0A372C2EF6358399C4936F91B6131 ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
15:30:03.0742 3244 netprofm - ok
15:30:03.0804 3244 [ 1092B3190E69E0C5ECBCE90F171DE047 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:30:03.0851 3244 NetTcpPortSharing - ok
15:30:03.0883 3244 [ 70414DB660BFBB7BD58FCE8EA4364E1B ] netvsc C:\WINDOWS\system32\DRIVERS\netvsc63.sys
15:30:03.0883 3244 netvsc - ok
15:30:03.0929 3244 [ 3A280F3B3C7A46E29C404ACD46ECBF5E ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
15:30:03.0945 3244 NlaSvc - ok
15:30:03.0961 3244 [ 8F44A2F57C9F1A19AC9C6288C10FB351 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
15:30:03.0976 3244 Npfs - ok
15:30:03.0992 3244 [ CBDB4F0871C88DF930FC0E8588CA67FC ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
15:30:04.0008 3244 npsvctrig - ok
15:30:04.0023 3244 [ 6E2271ED0C3E95B8E29F3752B91B9E84 ] nsi C:\WINDOWS\system32\nsisvc.dll
15:30:04.0023 3244 nsi - ok
15:30:04.0054 3244 [ E490B459978CB87779E84C761D22B827 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
15:30:04.0054 3244 nsiproxy - ok
15:30:04.0117 3244 [ 4412D565C0278C401575E11072C7DCE3 ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
15:30:04.0179 3244 Ntfs - ok
15:30:04.0195 3244 [ EF1B290FC9F0E47CC0B537292BEE5904 ] Null C:\WINDOWS\system32\drivers\Null.sys
15:30:04.0195 3244 Null - ok
15:30:04.0211 3244 [ BC6B5942AFF25EBAF62DE43C3807EDF8 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
15:30:04.0211 3244 nvraid - ok
15:30:04.0242 3244 [ 1F43ABFFAC3D6CA356851D517392966E ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
15:30:04.0242 3244 nvstor - ok
15:30:04.0258 3244 [ 6934A936A7369DFE37B7DBA93F5E5E49 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
15:30:04.0273 3244 nv_agp - ok
15:30:04.0304 3244 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:30:04.0320 3244 ose - ok
15:30:04.0476 3244 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:30:04.0570 3244 osppsvc - ok
15:30:04.0601 3244 [ 3B510F20806B94E389784ED09DBD2111 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
15:30:04.0617 3244 p2pimsvc - ok
15:30:04.0648 3244 [ 2A57A937BC5B1B2D6AFE6A8C5925F50B ] p2psvc C:\WINDOWS\system32\p2psvc.dll
15:30:04.0648 3244 p2psvc - ok
15:30:04.0679 3244 [ 764B1121867B2D9B31C491668AC72B2B ] Parport C:\WINDOWS\System32\drivers\parport.sys
15:30:04.0679 3244 Parport - ok
15:30:04.0695 3244 [ EF0C1749C9A8CEE9A457473D433CC00F ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
15:30:04.0711 3244 partmgr - ok
15:30:04.0711 3244 [ 9A5309EF92F39346CFD5A4C2C3D1BFAD ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
15:30:04.0726 3244 PcaSvc - ok
15:30:04.0758 3244 [ C0D3F3BC1C84B4BA746D9847314C1164 ] pci C:\WINDOWS\system32\drivers\pci.sys
15:30:04.0758 3244 pci - ok
15:30:04.0789 3244 [ 346E38FCC6859A727DD28AFAD1F0AFF4 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
15:30:04.0789 3244 pciide - ok
15:30:04.0804 3244 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
15:30:04.0820 3244 pcmcia - ok
15:30:04.0836 3244 [ BF28771D1436C88BE1D297D3098B0F7D ] pcw C:\WINDOWS\system32\drivers\pcw.sys
15:30:04.0836 3244 pcw - ok
15:30:04.0851 3244 [ E170103E68329E9154A5EC383CD253ED ] pdc C:\WINDOWS\system32\drivers\pdc.sys
15:30:04.0851 3244 pdc - ok
15:30:04.0883 3244 [ BA50CC0BD19004AAB88BE37338B6FA0D ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
15:30:04.0898 3244 PEAUTH - ok
15:30:05.0148 3244 [ 8E3C640FFF5A963F570233AE99C0FFF3 ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
15:30:05.0211 3244 PerfHost - ok
15:30:05.0273 3244 [ 928061178CD9856CA6B67FFFCE6BA766 ] pla C:\WINDOWS\system32\pla.dll
15:30:05.0320 3244 pla - ok
15:30:05.0336 3244 [ 752A457320A946E03C3AA86C3ACD735E ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
15:30:05.0336 3244 PlugPlay - ok
15:30:05.0351 3244 [ 045EB4F260606A03BE340D09DEAF3BA4 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
15:30:05.0367 3244 PNRPAutoReg - ok
15:30:05.0367 3244 [ 3B510F20806B94E389784ED09DBD2111 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
15:30:05.0383 3244 PNRPsvc - ok
15:30:05.0398 3244 [ C16097D77A232A288D65F299E2E01105 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
15:30:05.0414 3244 PolicyAgent - ok
15:30:05.0430 3244 [ 00E08B30E7F7C13ECE2CDF4F46A77311 ] Power C:\WINDOWS\system32\umpo.dll
15:30:05.0430 3244 Power - ok
15:30:05.0476 3244 [ E075CC071022BD4E9BE7C024717C0E0A ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:30:05.0476 3244 PptpMiniport - ok
15:30:05.0539 3244 [ B7DB57A000D46D4DE75BC0C563E58072 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
15:30:05.0633 3244 PrintNotify - ok
15:30:05.0664 3244 [ ECD373F9571C745894367CC2635EA44F ] Processor C:\WINDOWS\System32\drivers\processr.sys
15:30:05.0680 3244 Processor - ok
15:30:05.0711 3244 [ 9E5A3A3B702ECB9E88AA07731F0E65EB ] ProfSvc C:\WINDOWS\system32\profsvc.dll
15:30:05.0726 3244 ProfSvc - ok
15:30:05.0758 3244 [ 138DBAE80F390B22297ACD861BDA996E ] Ps2Kb2Hid C:\WINDOWS\System32\drivers\aPs2Kb2Hid.sys
15:30:05.0758 3244 Ps2Kb2Hid - ok
15:30:05.0773 3244 [ 8528BB05E4D4E25945F78B00B2555FB7 ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
15:30:05.0789 3244 Psched - ok
15:30:05.0805 3244 [ AF90BB44C99D6820BE52C9BBAA523283 ] QWAVE C:\WINDOWS\system32\qwave.dll
15:30:05.0820 3244 QWAVE - ok
15:30:05.0820 3244 [ 3FB466684609A4329858CF2EBD62E0FD ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
15:30:05.0836 3244 QWAVEdrv - ok
15:30:05.0851 3244 [ 2C56F0EE27E4EF70CA4B4983D3638905 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:30:05.0851 3244 RasAcd - ok
15:30:05.0898 3244 [ 55FE43112F61836D0581D615C72AA113 ] RasAgileVpn C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
15:30:05.0914 3244 RasAgileVpn - ok
15:30:05.0945 3244 [ 5F061AC45266841A2860C1858ED863B8 ] RasAuto C:\WINDOWS\System32\rasauto.dll
15:30:05.0945 3244 RasAuto - ok
15:30:05.0961 3244 [ BBB6272B7F46C4640A8CDB8A70C3450F ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:30:05.0976 3244 Rasl2tp - ok
15:30:06.0008 3244 [ BF3B17016764F20F9D28CF1A8DC210C0 ] RasMan C:\WINDOWS\System32\rasmans.dll
15:30:06.0008 3244 RasMan - ok
15:30:06.0023 3244 [ 5247F308C4103CDC4FE12AE1D235800A ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:30:06.0039 3244 RasPppoe - ok
15:30:06.0070 3244 [ 2B0F1677CDD08967005F34488559BC6F ] RasSstp C:\WINDOWS\system32\DRIVERS\rassstp.sys
15:30:06.0070 3244 RasSstp - ok
15:30:06.0117 3244 [ B939A2A0F9D6C6C186721E268EB6FA93 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:30:06.0117 3244 rdbss - ok
15:30:06.0133 3244 [ 6B21EBF892CD8CACB71669B35AB5DE32 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
15:30:06.0133 3244 rdpbus - ok
15:30:06.0148 3244 [ 680C1DAE268B6FB67FA21B389A8B79EF ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
15:30:06.0164 3244 RDPDR - ok
15:30:06.0180 3244 [ 858776908AF838E3790F3261B799CDA6 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
15:30:06.0180 3244 RdpVideoMiniport - ok
15:30:06.0211 3244 [ 06250FF7F8E5F98DAA6F2D6251B1694E ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
15:30:06.0211 3244 rdyboost - ok
15:30:06.0242 3244 [ 036746D54347FD2D0385668E2A4064E4 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
15:30:06.0258 3244 ReFS - ok
15:30:06.0289 3244 [ BFFB40FBE6D2C3469F8D06EE5E4934AB ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
15:30:06.0305 3244 RemoteAccess - ok
15:30:06.0336 3244 [ 4DCCABE03D06955ED61BABBD8EF9F30F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
15:30:06.0336 3244 RemoteRegistry - ok
15:30:06.0351 3244 [ F61333867216EDE1A09A7C55FEDCB6A8 ] RfButtonDriverService C:\Windows\RfBtnSvc64.exe
15:30:06.0351 3244 RfButtonDriverService - ok
15:30:06.0367 3244 [ D894CBD7DA753C881EE8D5E33B583225 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
15:30:06.0383 3244 RpcEptMapper - ok
15:30:06.0414 3244 [ 5CAE8F47B31D5CFC322B5B898C19E0FE ] RpcLocator C:\WINDOWS\system32\locator.exe
15:30:06.0414 3244 RpcLocator - ok
15:30:06.0430 3244 [ 3FD5AE42EC87C6F532A931F96BE731DD ] RpcSs C:\WINDOWS\system32\rpcss.dll
15:30:06.0445 3244 RpcSs - ok
15:30:06.0461 3244 [ 2D05A5508F4685412F2B89E8C2189ABC ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
15:30:06.0476 3244 rspndr - ok
15:30:06.0492 3244 [ 1A063730F221B2746FF00457AE17E4F0 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
15:30:06.0492 3244 s3cap - ok
15:30:06.0539 3244 [ F6F209DDB94959BA104FC8FC87C53759 ] SamSs C:\WINDOWS\system32\lsass.exe
15:30:06.0539 3244 SamSs - ok
15:30:06.0570 3244 [ C624A1B32211C3166EDB3F4AB02A30B7 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
15:30:06.0586 3244 sbp2port - ok
15:30:06.0601 3244 [ 47C497FA4DDEA908633CAA60CEBE6805 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
15:30:06.0601 3244 SCardSvr - ok
15:30:06.0633 3244 [ E76C4E98302AE39CC6FA5D20FC8B5438 ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
15:30:06.0633 3244 ScDeviceEnum - ok
15:30:06.0648 3244 [ ABD0237B15DBD2B4695F4B7D734A58F7 ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
15:30:06.0648 3244 scfilter - ok
15:30:06.0680 3244 [ 888A30EAB651502352C18745367FD179 ] Schedule C:\WINDOWS\system32\schedsvc.dll
15:30:06.0726 3244 Schedule - ok
15:30:06.0758 3244 [ AB285CE3431FF3D2ACE669245874C1C7 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
15:30:06.0758 3244 SCPolicySvc - ok
15:30:06.0773 3244 [ 2F9A3380B8C0380E5608E29C7AA66899 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
15:30:06.0773 3244 sdbus - ok
15:30:06.0805 3244 [ 4EAF4DCF9DBD9A56952A58F56D61C005 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
15:30:06.0805 3244 sdstor - ok
15:30:06.0820 3244 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
15:30:06.0836 3244 secdrv - ok
15:30:06.0836 3244 [ C49009F897BA4F2F4F31043663AA1485 ] seclogon C:\WINDOWS\system32\seclogon.dll
15:30:06.0851 3244 seclogon - ok
15:30:06.0867 3244 [ A88882E64BDC1D8E8D6E727B71CCCC53 ] SENS C:\WINDOWS\System32\sens.dll
15:30:06.0867 3244 SENS - ok
15:30:06.0898 3244 [ E66A7C8CE7ED22DED6DF1CA479FB4790 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
15:30:06.0898 3244 SensrSvc - ok
15:30:06.0930 3244 [ DB2FF24CE0BDD15FE75870AFE312BA89 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
15:30:06.0930 3244 SerCx - ok
15:30:06.0945 3244 [ 53BDBF04ECAF943CBF6359E3BCB2445E ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
15:30:06.0945 3244 SerCx2 - ok
15:30:06.0961 3244 [ 3CD600C089C1251BEEB4CD4CD5164F9E ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
15:30:06.0976 3244 Serenum - ok
15:30:06.0992 3244 [ D864381BC9C725FAB01D94C060660166 ] Serial C:\WINDOWS\System32\drivers\serial.sys
15:30:06.0992 3244 Serial - ok
15:30:07.0008 3244 [ 0BD2B65DCE756FDE95A2E5CCCBF7705D ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
15:30:07.0008 3244 sermouse - ok
15:30:07.0039 3244 [ 441E6FF1F34D7A942946DB42A15FB519 ] SessionEnv C:\WINDOWS\system32\sessenv.dll
15:30:07.0055 3244 SessionEnv - ok
15:30:07.0055 3244 [ 472B7A5AC181C050888DB454663DD764 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
15:30:07.0055 3244 sfloppy - ok
15:30:07.0086 3244 [ 08A08EC17F1874802A8BC6D083BF1C55 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
15:30:07.0101 3244 SharedAccess - ok
15:30:07.0133 3244 [ 0D190D8B4B20446BE6299AC734DFADF1 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
15:30:07.0148 3244 ShellHWDetection - ok
15:30:07.0164 3244 [ 2F518D13DD6F3053837FE606F1A2EA1F ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
15:30:07.0164 3244 SiSRaid2 - ok
15:30:07.0180 3244 [ 1AC9A200A9C49C4508F04AAFFCA34A3F ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
15:30:07.0180 3244 SiSRaid4 - ok
15:30:07.0242 3244 [ F5BBEDF602C310B00036EB2DBF4348A5 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
15:30:07.0242 3244 SkypeUpdate - ok
15:30:07.0273 3244 [ 587ACA15210D1B01FBF272E07A08F91A ] smphost C:\WINDOWS\System32\smphost.dll
15:30:07.0289 3244 smphost - ok
15:30:07.0305 3244 [ 49EEB92DE930B8566EF615D600781DB4 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
15:30:07.0320 3244 SNMPTRAP - ok
15:30:07.0351 3244 [ 2150AAB8CD16876AE6DBDDDCC9ED740C ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
15:30:07.0367 3244 spaceport - ok
15:30:07.0383 3244 [ F337BE11071818FC3F5DC2940B6BDE34 ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
15:30:07.0383 3244 SpbCx - ok
15:30:07.0398 3244 [ FE0CB40F36D3FCDD3A1B312EF72C38D5 ] Spooler C:\WINDOWS\System32\spoolsv.exe
15:30:07.0414 3244 Spooler - ok
15:30:07.0539 3244 [ E6DEC72A2A23FAA53EB9FEC3C7E29D66 ] sppsvc C:\WINDOWS\system32\sppsvc.exe
15:30:07.0680 3244 sppsvc - ok
15:30:07.0711 3244 [ CD7534BA5BA92086B1BC10ADF880FC49 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
15:30:07.0726 3244 srv - ok
15:30:07.0742 3244 [ C1AE59C0B0817236EC083A91C396005A ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
15:30:07.0758 3244 srv2 - ok
15:30:07.0773 3244 [ 77195C32175FC63D6054EBA5A066D727 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
15:30:07.0789 3244 srvnet - ok
15:30:07.0805 3244 [ BB9ED3EDD8E85008215A7250D325A72E ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
15:30:07.0820 3244 SSDPSRV - ok
15:30:07.0852 3244 [ 3911418AFDE10EA6823B7799E4815524 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
15:30:07.0852 3244 SstpSvc - ok
15:30:07.0883 3244 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
15:30:07.0898 3244 stexstor - ok
15:30:07.0945 3244 [ D638904FE86A5FE542A1BA13A9D68E5C ] stisvc C:\WINDOWS\System32\wiaservc.dll
15:30:07.0945 3244 stisvc - ok
15:30:07.0977 3244 [ 0ED2E318ABB68C1A35A8B8038BDB4C90 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
15:30:07.0977 3244 storahci - ok
15:30:07.0992 3244 [ 7A08CEE1535F5A448215634C5EA74E50 ] storflt C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
15:30:07.0992 3244 storflt - ok
15:30:08.0008 3244 [ D57AEE34C7C0DD1DC8B6B54B7A89649C ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
15:30:08.0008 3244 stornvme - ok
15:30:08.0039 3244 [ 3118058E3D07021A55324A943C6D722B ] StorSvc C:\WINDOWS\system32\storsvc.dll
15:30:08.0055 3244 StorSvc - ok
15:30:08.0055 3244 [ 548759755BC73DAD663250239D7E0B9F ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
15:30:08.0055 3244 storvsc - ok
15:30:08.0086 3244 [ D8E1AE075AB3E8AD56F69C44AA978596 ] svsvc C:\WINDOWS\system32\svsvc.dll
15:30:08.0102 3244 svsvc - ok
15:30:08.0117 3244 [ 84E0F5D41C138C5CC975137A2A98F6D3 ] swenum C:\WINDOWS\System32\drivers\swenum.sys
15:30:08.0117 3244 swenum - ok
15:30:08.0148 3244 [ A5DC2E63F5E5D3C0B843307374998479 ] swprv C:\WINDOWS\System32\swprv.dll
15:30:08.0164 3244 swprv - ok
15:30:08.0195 3244 [ E45DA7CBBA34510C8B9473AD7D4FFD0B ] SysMain C:\WINDOWS\system32\sysmain.dll
15:30:08.0227 3244 SysMain - ok
15:30:08.0258 3244 [ 373382005ACB27CB16ED16722FBE946A ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
15:30:08.0273 3244 SystemEventsBroker - ok
15:30:08.0289 3244 [ BA6DD39266A5E15515C8C14DA2DA3E5C ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
15:30:08.0289 3244 TabletInputService - ok
15:30:08.0305 3244 [ B517410F157693043DACA21B19B258A6 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
15:30:08.0320 3244 TapiSrv - ok