Poslední dobou se mi hodně zpomalil notebook,při otevírání čehokoliv zamrzá i na několik minut. V podstatě se s ním nedá pracovat, i blbé otevření ovládacích panelů trvá minuty. Na viry jsem ho testoval, projel ccleanrem i defragmentoval disk, nic nepomohlo.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:36:53, on 18.12.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal
Running processes:
C:\Users\TEMP.Danelka-PC.003\AppData\Roaming\Seznam.cz\szninstall.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\USB Camera2\VM332_STI.EXE
C:\Users\TEMP.Danelka-PC.003\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\windows\SysWOW64\RunDll32.exe
C:\Users\TEMP.Danelka-PC.003\AppData\Local\VNT\vntldr.exe
C:\Program Files\Lenovo\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Users\TEMP.Danelka-PC.003\AppData\Roaming\Seznam.cz\sznsetup.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.search.ask.com/?tpid=ATU4&o= ... 05-06&psv=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_m ... 1374080693
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_m ... 1374080693
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll
O2 - BHO: Ask Toolbar BHO - {41545534-0076-A76A-76A7-7A786E7484D7} - (no file)
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O3 - Toolbar: (no name) - {41545534-0076-A76A-76A7-7A786E7484D7} - (no file)
O3 - Toolbar: Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [332BigDog] C:\Program Files (x86)\USB Camera2\VM332_STI.EXE
O4 - HKLM\..\Run: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
O4 - HKLM\..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
O4 - HKLM\..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
O4 - HKLM\..\Run: [VNT] C:\Program Files (x86)\VNT\vntldr.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\TEMP.Danelka-PC.003\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\TEMP.Danelka-PC.003\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: CyberLink Product - 2013/04/25 09:01:19 (CLKMSVC10_3A60B698) - CyberLink - C:\Program Files (x86)\Lenovo\PowerDVD10\NavFilter\kmsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12853 bytes
zpomalení a zamrzání pc Vyřešeno
-
memphisto
- Guru Level 13
- Příspěvky: 21113
- Registrován: září 06
- Bydliště: Zlín - České Budějovice
- Pohlaví:
- Stav:
Offline
Re: zpomalení a zamrzání pc
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Re: zpomalení a zamrzání pc
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Verze: v2013.12.19.01
Windows 7 Service Pack 1 x64 FAT
Internet Explorer 11.0.9600.16476
Danelka :: DANELKA-PC [administrátor]
19.12.2013 1:30:43
MBAM-log-2013-12-19 (01-49-56).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 299615
Uplynulý čas: 18 minut, 28 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 2
HKLM\SOFTWARE\qvo6Software (PUP.Optional.qvo6.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} (PUP.Optional.Qone8) -> Nebyla provedena žádná instrukce.
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 2
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Page_URL (Hijack.StartPage) -> Špatný: (http://www.qvo6.com/?utm_source=b&utm_m ... 1374080693) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Špatný: (http://www.qvo6.com/?utm_source=b&utm_m ... 1374080693) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 6
C:\Users\Danelka\AppData\Roaming\eIntaller\D5C36AD209B34315AA3916905CD7BEDF\eGdpSvc.exe (PUP.Optional.Wsys.A) -> Nebyla provedena žádná instrukce.
C:\Users\Danelka\AppData\Local\Temp\nsj7EC2.tmp\GotClip_Setup.exe (PUP.Adware.Gotclip.ScamLotto) -> Nebyla provedena žádná instrukce.
C:\Users\Danelka\AppData\Local\Temp\nsv48A3.tmp-2\APN_ATU3_.exe (PUP.Optional.Spigot.A) -> Nebyla provedena žádná instrukce.
C:\Users\Danelka\Downloads\aTube_Catcher.exe (PUP.Optional.Spigot.A) -> Nebyla provedena žádná instrukce.
C:\Users\Danelka\Downloads\GotClip_Setup (3).exe (PUP.Optional.Handy.A) -> Nebyla provedena žádná instrukce.
C:\Users\Public\Desktop\MP3 Downloader.lnk (Rogue.Link) -> Nebyla provedena žádná instrukce.
(konec)
www.malwarebytes.org
Verze: v2013.12.19.01
Windows 7 Service Pack 1 x64 FAT
Internet Explorer 11.0.9600.16476
Danelka :: DANELKA-PC [administrátor]
19.12.2013 1:30:43
MBAM-log-2013-12-19 (01-49-56).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 299615
Uplynulý čas: 18 minut, 28 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 2
HKLM\SOFTWARE\qvo6Software (PUP.Optional.qvo6.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} (PUP.Optional.Qone8) -> Nebyla provedena žádná instrukce.
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 2
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Page_URL (Hijack.StartPage) -> Špatný: (http://www.qvo6.com/?utm_source=b&utm_m ... 1374080693) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Špatný: (http://www.qvo6.com/?utm_source=b&utm_m ... 1374080693) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 6
C:\Users\Danelka\AppData\Roaming\eIntaller\D5C36AD209B34315AA3916905CD7BEDF\eGdpSvc.exe (PUP.Optional.Wsys.A) -> Nebyla provedena žádná instrukce.
C:\Users\Danelka\AppData\Local\Temp\nsj7EC2.tmp\GotClip_Setup.exe (PUP.Adware.Gotclip.ScamLotto) -> Nebyla provedena žádná instrukce.
C:\Users\Danelka\AppData\Local\Temp\nsv48A3.tmp-2\APN_ATU3_.exe (PUP.Optional.Spigot.A) -> Nebyla provedena žádná instrukce.
C:\Users\Danelka\Downloads\aTube_Catcher.exe (PUP.Optional.Spigot.A) -> Nebyla provedena žádná instrukce.
C:\Users\Danelka\Downloads\GotClip_Setup (3).exe (PUP.Optional.Handy.A) -> Nebyla provedena žádná instrukce.
C:\Users\Public\Desktop\MP3 Downloader.lnk (Rogue.Link) -> Nebyla provedena žádná instrukce.
(konec)
Re: zpomalení a zamrzání pc
# AdwCleaner v3.015 - Report created 19/12/2013 at 01:54:08
# Updated 10/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Danelka - DANELKA-PC
# Running from : E:\adwcleaner.exe
# Option : Scan
***** [ Services ] *****
Service Found : APNMCP
***** [ Files / Folders ] *****
Folder Found C:\Program Files (x86)\AskPartnerNetwork
Folder Found C:\ProgramData\apn
Folder Found C:\ProgramData\AskPartnerNetwork
Folder Found C:\ProgramData\eSafe
Folder Found C:\Users\TEMPDA~1.003\AppData\Local\Temp\apn
Folder Found C:\Users\TEMPDA~1.003\AppData\Local\Temp\apn
***** [ Shortcuts ] *****
Shortcut Found : C:\Users\Public\Desktop\Google Chrome.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_m ... 1374080693 )
***** [ Registry ] *****
Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.qvo6.com/?utm_source=b&utm_m ... 1374080693
Key Found : HKCU\Software\AskPartnerNetwork
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKCU\Software\AskPartnerNetwork
Key Found : HKLM\Software\AskPartnerNetwork
Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9945959C-AAD8-4312-8B57-2DE11927E770}
Key Found : HKLM\Software\eSafeSecControl
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\Software\PIP
Key Found : HKLM\Software\qvo6Software
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Found : [x64] HKLM\SOFTWARE\AskPartnerNetwork
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Speedchecker Limited
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16428
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.search.ask.com/?tpid=ATU4&o= ... 05-06&psv=
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.qvo6.com/?utm_source=b&utm_m ... 1374080693
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.qvo6.com/?utm_source=b&utm_m ... 1374080693
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.qvo6.com/?utm_source=b&utm_m ... 1374080693
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.qvo6.com/?utm_source=b&utm_m ... 1374080693
-\\ Google Chrome v32.0.1700.41
[ File : C:\Users\TEMP.Danelka-PC.003\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Found : icon_url
Found : search_url
Found : suggest_url
Found : suggest_url
*************************
AdwCleaner[R0].txt - [5307 octets] - [19/12/2013 01:54:08]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [5367 octets] ##########
# Updated 10/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Danelka - DANELKA-PC
# Running from : E:\adwcleaner.exe
# Option : Scan
***** [ Services ] *****
Service Found : APNMCP
***** [ Files / Folders ] *****
Folder Found C:\Program Files (x86)\AskPartnerNetwork
Folder Found C:\ProgramData\apn
Folder Found C:\ProgramData\AskPartnerNetwork
Folder Found C:\ProgramData\eSafe
Folder Found C:\Users\TEMPDA~1.003\AppData\Local\Temp\apn
Folder Found C:\Users\TEMPDA~1.003\AppData\Local\Temp\apn
***** [ Shortcuts ] *****
Shortcut Found : C:\Users\Public\Desktop\Google Chrome.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_m ... 1374080693 )
***** [ Registry ] *****
Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.qvo6.com/?utm_source=b&utm_m ... 1374080693
Key Found : HKCU\Software\AskPartnerNetwork
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKCU\Software\AskPartnerNetwork
Key Found : HKLM\Software\AskPartnerNetwork
Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9945959C-AAD8-4312-8B57-2DE11927E770}
Key Found : HKLM\Software\eSafeSecControl
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\Software\PIP
Key Found : HKLM\Software\qvo6Software
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Found : [x64] HKLM\SOFTWARE\AskPartnerNetwork
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Speedchecker Limited
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16428
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.search.ask.com/?tpid=ATU4&o= ... 05-06&psv=
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.qvo6.com/?utm_source=b&utm_m ... 1374080693
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.qvo6.com/?utm_source=b&utm_m ... 1374080693
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.qvo6.com/?utm_source=b&utm_m ... 1374080693
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.qvo6.com/?utm_source=b&utm_m ... 1374080693
-\\ Google Chrome v32.0.1700.41
[ File : C:\Users\TEMP.Danelka-PC.003\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Found : icon_url
Found : search_url
Found : suggest_url
Found : suggest_url
*************************
AdwCleaner[R0].txt - [5307 octets] - [19/12/2013 01:54:08]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [5367 octets] ##########
-
fredik
- člen Security týmu
-
Master Level 7
- Příspěvky: 4680
- Registrován: červenec 06
- Pohlaví:
- Stav:
Offline
Re: zpomalení a zamrzání pc
Spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujisti se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Můžeš sem pak vložit nový log z MbAM.
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Spusť znovu AdwCleaner jako správce.
Klikni na „ Vymazat-Clean“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Stáhni si RogueKiller
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Spusť program RogueKiller.exe jako správce.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
- Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“ a celý obsah logu sem zkopíruj.
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Stáhni si Junkware Removal Tool
na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujisti se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Můžeš sem pak vložit nový log z MbAM.
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Spusť znovu AdwCleaner jako správce.
Klikni na „ Vymazat-Clean“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Stáhni si RogueKiller
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Spusť program RogueKiller.exe jako správce.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
- Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“ a celý obsah logu sem zkopíruj.
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
Stáhni si Junkware Removal Tool
na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
It may take a while to get a response, because the "HJT Team" are very busy. Please, be patient, these people are volunteers. They will help you out, as soon as possible.
Pokud máte nějaký problém, tak mi neposílejte SZ/PM zprávy s logy a dejte je do fóra. Na tyto SZ není možno odpovědět
Pokud máte nějaký problém, tak mi neposílejte SZ/PM zprávy s logy a dejte je do fóra. Na tyto SZ není možno odpovědět
Re: zpomalení a zamrzání pc
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Verze: v2013.12.19.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Danelka :: DANELKA-PC [administrátor]
19.12.2013 10:39:45
mbam-log-2013-12-19 (10-39-45).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 299878
Uplynulý čas: 51 minut, 28 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 2
HKLM\SOFTWARE\qvo6Software (PUP.Optional.qvo6.A) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} (PUP.Optional.Qone8) -> Přesun do karantény a smazání se zdařilo.
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 2
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Page_URL (Hijack.StartPage) -> Špatný: (http://www.qvo6.com/?utm_source=b&utm_m ... 1374080693) Dobrý: (http://www.google.com) -> Přesun do karantény a opravení se zdařilo.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Špatný: (http://www.qvo6.com/?utm_source=b&utm_m ... 1374080693) Dobrý: (http://www.google.com) -> Přesun do karantény a opravení se zdařilo.
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 6
C:\Users\Danelka\AppData\Roaming\eIntaller\D5C36AD209B34315AA3916905CD7BEDF\eGdpSvc.exe (PUP.Optional.Wsys.A) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Danelka\AppData\Local\Temp\nsj7EC2.tmp\GotClip_Setup.exe (PUP.Adware.Gotclip.ScamLotto) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Danelka\AppData\Local\Temp\nsv48A3.tmp-2\APN_ATU3_.exe (PUP.Optional.Spigot.A) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Danelka\Downloads\aTube_Catcher.exe (PUP.Optional.Spigot.A) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Danelka\Downloads\GotClip_Setup (3).exe (PUP.Optional.Handy.A) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Public\Desktop\MP3 Downloader.lnk (Rogue.Link) -> Přesun do karantény a smazání se zdařilo.
(konec)
Ostatní budu přidávat postupně, ono to hrozně dlouho všechno trvá.
www.malwarebytes.org
Verze: v2013.12.19.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Danelka :: DANELKA-PC [administrátor]
19.12.2013 10:39:45
mbam-log-2013-12-19 (10-39-45).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 299878
Uplynulý čas: 51 minut, 28 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 2
HKLM\SOFTWARE\qvo6Software (PUP.Optional.qvo6.A) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} (PUP.Optional.Qone8) -> Přesun do karantény a smazání se zdařilo.
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 2
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Page_URL (Hijack.StartPage) -> Špatný: (http://www.qvo6.com/?utm_source=b&utm_m ... 1374080693) Dobrý: (http://www.google.com) -> Přesun do karantény a opravení se zdařilo.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Špatný: (http://www.qvo6.com/?utm_source=b&utm_m ... 1374080693) Dobrý: (http://www.google.com) -> Přesun do karantény a opravení se zdařilo.
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 6
C:\Users\Danelka\AppData\Roaming\eIntaller\D5C36AD209B34315AA3916905CD7BEDF\eGdpSvc.exe (PUP.Optional.Wsys.A) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Danelka\AppData\Local\Temp\nsj7EC2.tmp\GotClip_Setup.exe (PUP.Adware.Gotclip.ScamLotto) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Danelka\AppData\Local\Temp\nsv48A3.tmp-2\APN_ATU3_.exe (PUP.Optional.Spigot.A) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Danelka\Downloads\aTube_Catcher.exe (PUP.Optional.Spigot.A) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Danelka\Downloads\GotClip_Setup (3).exe (PUP.Optional.Handy.A) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Public\Desktop\MP3 Downloader.lnk (Rogue.Link) -> Přesun do karantény a smazání se zdařilo.
(konec)
Ostatní budu přidávat postupně, ono to hrozně dlouho všechno trvá.
Re: zpomalení a zamrzání pc
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Verze: v2013.12.19.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Danelka :: DANELKA-PC [administrátor]
19.12.2013 12:01:14
mbam-log-2013-12-19 (12-01-14).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 299782
Uplynulý čas: 38 minut, 19 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)
(konec)
www.malwarebytes.org
Verze: v2013.12.19.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Danelka :: DANELKA-PC [administrátor]
19.12.2013 12:01:14
mbam-log-2013-12-19 (12-01-14).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 299782
Uplynulý čas: 38 minut, 19 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)
(konec)
Re: zpomalení a zamrzání pc
# AdwCleaner v3.015 - Report created 19/12/2013 at 13:04:00
# Updated 10/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Danelka - DANELKA-PC
# Running from : E:\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
Service Deleted : APNMCP
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AskPartnerNetwork
Folder Deleted : C:\ProgramData\eSafe
Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork
Folder Deleted : C:\Users\TEMPDA~1.003\AppData\Local\Temp\apn
***** [ Shortcuts ] *****
Shortcut Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9945959C-AAD8-4312-8B57-2DE11927E770}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Key Deleted : HKCU\Software\AskPartnerNetwork
Key Deleted : HKLM\Software\AskPartnerNetwork
Key Deleted : HKLM\Software\eSafeSecControl
Key Deleted : HKLM\Software\PIP
Key Deleted : [x64] HKLM\SOFTWARE\AskPartnerNetwork
Key Deleted : [x64] HKLM\SOFTWARE\Speedchecker Limited
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16428
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
-\\ Google Chrome v32.0.1700.41
[ File : C:\Users\TEMP.Danelka-PC.003\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted : icon_url
Deleted : search_url
Deleted : suggest_url
*************************
AdwCleaner[R0].txt - [5487 octets] - [19/12/2013 01:54:08]
AdwCleaner[R1].txt - [4996 octets] - [19/12/2013 12:58:48]
AdwCleaner[S0].txt - [4057 octets] - [19/12/2013 13:04:00]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4117 octets] ##########
# Updated 10/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Danelka - DANELKA-PC
# Running from : E:\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
Service Deleted : APNMCP
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AskPartnerNetwork
Folder Deleted : C:\ProgramData\eSafe
Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork
Folder Deleted : C:\Users\TEMPDA~1.003\AppData\Local\Temp\apn
***** [ Shortcuts ] *****
Shortcut Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9945959C-AAD8-4312-8B57-2DE11927E770}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Key Deleted : HKCU\Software\AskPartnerNetwork
Key Deleted : HKLM\Software\AskPartnerNetwork
Key Deleted : HKLM\Software\eSafeSecControl
Key Deleted : HKLM\Software\PIP
Key Deleted : [x64] HKLM\SOFTWARE\AskPartnerNetwork
Key Deleted : [x64] HKLM\SOFTWARE\Speedchecker Limited
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16428
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
-\\ Google Chrome v32.0.1700.41
[ File : C:\Users\TEMP.Danelka-PC.003\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted : icon_url
Deleted : search_url
Deleted : suggest_url
*************************
AdwCleaner[R0].txt - [5487 octets] - [19/12/2013 01:54:08]
AdwCleaner[R1].txt - [4996 octets] - [19/12/2013 12:58:48]
AdwCleaner[S0].txt - [4057 octets] - [19/12/2013 13:04:00]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4117 octets] ##########
Re: zpomalení a zamrzání pc
RogueKiller V8.7.13 _x64_ [Dec 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Danelka [Práva správce]
Mód : Kontrola -- Datum : 12/19/2013 13:52:47
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 4 ¤¤¤
[SUSP PATH][DLL] explorer.exe -- C:\Users\TEMP.Danelka-PC.003\AppData\Roaming\Seznam.cz\bin\24libfoxloader-x64.dll [x] -> ODEBRÁNO
[SUSP PATH] szndesktop.exe -- C:\Users\TEMP.Danelka-PC.003\AppData\Roaming\Seznam.cz\bin\szndesktop.exe [7] -> SMAZÁNO [TermProc]
[SUSP PATH] listicka-x64.exe -- C:\Users\TEMP.Danelka-PC.003\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe [7] -> SMAZÁNO [TermThr]
[SUSP PATH] vntldr.exe -- C:\Users\TEMP.Danelka-PC.003\AppData\Local\VNT\vntldr.exe [7] -> SMAZÁNO [TermProc]
¤¤¤ ¤¤¤ Záznamy Registrů: : 4 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\TEMP.Danelka-PC.003\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> NALEZENO
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\TEMP.Danelka-PC.003\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
¤¤¤ naplánované úlohy : 0 ¤¤¤
¤¤¤ spuštění položky : 0 ¤¤¤
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤
¤¤¤ Externí včelstvo: ¤¤¤
¤¤¤ Nákaza : ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD3200BPVT-24JJ5T0 +++++
--- User ---
[MBR] a15733abdc3f7e97d5c3ceca8db551cb
[BSP] 4ab32cafe5a2b0b9795b6a0e4252175a : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 200 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 411648 | Size: 260243 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 533389312 | Size: 29692 Mo
3 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 594198528 | Size: 15109 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[0]_S_12192013_135247.txt >>
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Danelka [Práva správce]
Mód : Kontrola -- Datum : 12/19/2013 13:52:47
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 4 ¤¤¤
[SUSP PATH][DLL] explorer.exe -- C:\Users\TEMP.Danelka-PC.003\AppData\Roaming\Seznam.cz\bin\24libfoxloader-x64.dll [x] -> ODEBRÁNO
[SUSP PATH] szndesktop.exe -- C:\Users\TEMP.Danelka-PC.003\AppData\Roaming\Seznam.cz\bin\szndesktop.exe [7] -> SMAZÁNO [TermProc]
[SUSP PATH] listicka-x64.exe -- C:\Users\TEMP.Danelka-PC.003\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe [7] -> SMAZÁNO [TermThr]
[SUSP PATH] vntldr.exe -- C:\Users\TEMP.Danelka-PC.003\AppData\Local\VNT\vntldr.exe [7] -> SMAZÁNO [TermProc]
¤¤¤ ¤¤¤ Záznamy Registrů: : 4 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\TEMP.Danelka-PC.003\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> NALEZENO
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\TEMP.Danelka-PC.003\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
¤¤¤ naplánované úlohy : 0 ¤¤¤
¤¤¤ spuštění položky : 0 ¤¤¤
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤
¤¤¤ Externí včelstvo: ¤¤¤
¤¤¤ Nákaza : ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD3200BPVT-24JJ5T0 +++++
--- User ---
[MBR] a15733abdc3f7e97d5c3ceca8db551cb
[BSP] 4ab32cafe5a2b0b9795b6a0e4252175a : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 200 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 411648 | Size: 260243 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 533389312 | Size: 29692 Mo
3 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 594198528 | Size: 15109 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[0]_S_12192013_135247.txt >>
Re: zpomalení a zamrzání pc
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by Danelka on źt 19.12.2013 at 14:08:08,66
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APN_ATU3__RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APN_ATU3__RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{A07A4F66-50D0-4932-8265-BF42611BCB40}
~~~ Files
Successfully deleted: [File] C:\windows\Tasks\rmschedule.job
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 19.12.2013 at 14:59:05,46
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by Danelka on źt 19.12.2013 at 14:08:08,66
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APN_ATU3__RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APN_ATU3__RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{A07A4F66-50D0-4932-8265-BF42611BCB40}
~~~ Files
Successfully deleted: [File] C:\windows\Tasks\rmschedule.job
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 19.12.2013 at 14:59:05,46
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43291
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: zpomalení a zamrzání pc
Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.
Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.
Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: zpomalení a zamrzání pc
19:33:05.0764 0x05a4 TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
19:33:32.0471 0x05a4 ============================================================
19:33:32.0471 0x05a4 Current date / time: 2013/12/20 19:33:32.0471
19:33:32.0471 0x05a4 SystemInfo:
19:33:32.0471 0x05a4
19:33:32.0471 0x05a4 OS Version: 6.1.7601 ServicePack: 1.0
19:33:32.0471 0x05a4 Product type: Workstation
19:33:32.0471 0x05a4 ComputerName: DANELKA-PC
19:33:32.0471 0x05a4 UserName: Danelka
19:33:32.0471 0x05a4 Windows directory: C:\windows
19:33:32.0471 0x05a4 System windows directory: C:\windows
19:33:32.0471 0x05a4 Running under WOW64
19:33:32.0471 0x05a4 Processor architecture: Intel x64
19:33:32.0471 0x05a4 Number of processors: 2
19:33:32.0471 0x05a4 Page size: 0x1000
19:33:32.0471 0x05a4 Boot type: Normal boot
19:33:32.0471 0x05a4 ============================================================
19:34:11.0783 0x05a4 KLMD registered as C:\windows\system32\drivers\70817816.sys
19:34:31.0003 0x05a4 System UUID: {64E982C1-D6A5-A7AB-CB50-143E521F87DC}
19:35:01.0080 0x05a4 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:35:01.0095 0x05a4 Drive \Device\Harddisk1\DR1 - Size: 0x3D800000 (0.96 Gb), SectorSize: 0x200, Cylinders: 0x7D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:35:01.0095 0x05a4 ============================================================
19:35:01.0095 0x05a4 \Device\Harddisk0\DR0:
19:35:01.0189 0x05a4 MBR partitions:
19:35:01.0189 0x05a4 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
19:35:01.0189 0x05a4 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x1FC49800
19:36:53.0681 0x05a4 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1FCAE800, BlocksNum 0x39FD800
19:36:53.0681 0x05a4 \Device\Harddisk1\DR1:
19:36:53.0696 0x05a4 MBR partitions:
19:36:53.0696 0x05a4 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xE, StartLBA 0x20, BlocksNum 0x1EBFE0
19:36:53.0696 0x05a4 ============================================================
19:36:53.0852 0x05a4 C: <-> \Device\Harddisk0\DR0\Partition2
19:36:54.0039 0x05a4 D: <-> \Device\Harddisk0\DR0\Partition3
19:36:54.0039 0x05a4 ============================================================
19:36:54.0039 0x05a4 Initialize success
19:36:54.0039 0x05a4 ============================================================
19:36:59.0312 0x125c ============================================================
19:36:59.0312 0x125c Scan started
19:36:59.0312 0x125c Mode: Manual;
19:36:59.0312 0x125c ============================================================
19:36:59.0312 0x125c KSN ping started
19:37:19.0062 0x125c KSN ping finished: true
19:41:56.0212 0x125c ================ Scan system memory ========================
19:41:56.0212 0x125c System memory - ok
19:41:56.0212 0x125c ================ Scan services =============================
19:44:47.0609 0x125c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
19:44:47.0641 0x125c 1394ohci - ok
19:44:47.0719 0x125c [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\windows\system32\drivers\ACPI.sys
19:44:47.0719 0x125c ACPI - ok
19:44:47.0750 0x125c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
19:44:47.0750 0x125c AcpiPmi - ok
19:44:47.0797 0x125c [ 5BBFF8B826EC38D32C26334E079C7EFC, 673D46409F0225A804B55FFB77E82AF34F8C7A93BEEF92DC3DFAC7EFCC5F09B6 ] ACPIVPC C:\windows\system32\DRIVERS\AcpiVpc.sys
19:44:47.0797 0x125c ACPIVPC - ok
19:44:47.0921 0x125c [ 1BA1AB4141A92EB34DA99F1249CA2D4D, 43ADF35146E61E0DE58D2ACC2994538F6025135ECEB30073BEF05A804BB38107 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:44:47.0921 0x125c AdobeFlashPlayerUpdateSvc - ok
19:44:47.0953 0x125c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
19:44:47.0984 0x125c adp94xx - ok
19:44:47.0999 0x125c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
19:44:48.0015 0x125c adpahci - ok
19:44:48.0031 0x125c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
19:44:48.0031 0x125c adpu320 - ok
19:44:48.0062 0x125c [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
19:44:48.0062 0x125c AeLookupSvc - ok
19:44:48.0109 0x125c [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\windows\system32\drivers\afd.sys
19:44:48.0140 0x125c AFD - ok
19:44:48.0155 0x125c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\windows\system32\drivers\agp440.sys
19:44:48.0155 0x125c agp440 - ok
19:44:48.0171 0x125c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\windows\System32\alg.exe
19:44:48.0171 0x125c ALG - ok
19:44:48.0202 0x125c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\windows\system32\drivers\aliide.sys
19:44:48.0202 0x125c aliide - ok
19:44:48.0249 0x125c ALSysIO - ok
19:44:48.0249 0x125c amdide - ok
19:44:48.0265 0x125c AmdK8 - ok
19:44:48.0265 0x125c AmdPPM - ok
19:44:48.0280 0x125c amdsata - ok
19:44:48.0280 0x125c amdsbs - ok
19:44:48.0296 0x125c amdxata - ok
19:44:48.0296 0x125c AppID - ok
19:44:48.0327 0x125c [ B95B746FD0718624CAB338C22F19D518, 47A22ACCC6FB0AEDAF4A5CF8014BDD569EAD0EFAD399FDB8DE134235E7C9BB10 ] AppIDSvc C:\windows\System32\appidsvc.dll
19:44:48.0499 0x125c Suspicious file ( Forged ): C:\windows\System32\appidsvc.dll. Real md5: B95B746FD0718624CAB338C22F19D518, sha256: 47A22ACCC6FB0AEDAF4A5CF8014BDD569EAD0EFAD399FDB8DE134235E7C9BB10, fake md5: 0BC381A15355A3982216F7172F545DE1, fake sha256: C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725
19:44:48.0499 0x125c AppIDSvc - detected ForgedFile.Multi.Generic ( 1 )
19:44:51.0244 0x125c Detect skipped due to KSN trusted
19:44:51.0244 0x125c AppIDSvc - ok
19:44:51.0291 0x125c [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\windows\System32\appinfo.dll
19:44:51.0291 0x125c Appinfo - ok
19:44:51.0307 0x125c arc - ok
19:44:51.0307 0x125c arcsas - ok
19:44:51.0338 0x125c aswMonFlt - ok
19:44:51.0353 0x125c aswRdr - ok
19:44:51.0353 0x125c aswRvrt - ok
19:44:51.0353 0x125c aswSnx - ok
19:44:51.0369 0x125c aswSP - ok
19:44:51.0369 0x125c aswStm - ok
19:44:51.0369 0x125c aswVmm - ok
19:44:51.0385 0x125c AsyncMac - ok
19:44:51.0416 0x125c atapi - ok
19:44:51.0728 0x125c [ 782D36BAD8DDBF008D02E055DBE70F82, AFB7A4B52C86A9CA48ED46A2CE5415119F1C75912A0E233EF1CAE120DA534CAE ] athr C:\windows\system32\DRIVERS\athrx.sys
19:44:51.0837 0x125c athr - ok
19:44:51.0884 0x125c [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
19:44:51.0931 0x125c AudioEndpointBuilder - ok
19:44:51.0946 0x125c [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\windows\System32\Audiosrv.dll
19:44:51.0962 0x125c AudioSrv - ok
19:44:52.0071 0x125c [ D74884939D53612FD84AC82C59CCFE27, 07BFB34A3748E018C0A674A6253A03FFA522B31AE1942E84B3CC4DDDED9C16A9 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:44:52.0071 0x125c avast! Antivirus - ok
19:44:52.0118 0x125c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\windows\System32\AxInstSV.dll
19:44:52.0118 0x125c AxInstSV - ok
19:44:52.0180 0x125c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
19:44:52.0196 0x125c b06bdrv - ok
19:44:52.0211 0x125c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
19:44:52.0227 0x125c b57nd60a - ok
19:44:52.0445 0x125c [ DC7D035B2EBBDCC54E5EC026AFDEFAEC, 6CADF045B14AAB959C3EDBDFBA41D64757D67D9F0F4AB6BEC61351920725F2A0 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.exe
19:45:25.0471 0x125c Suspicious file ( Forged ): C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.exe. Real md5: DC7D035B2EBBDCC54E5EC026AFDEFAEC, sha256: 6CADF045B14AAB959C3EDBDFBA41D64757D67D9F0F4AB6BEC61351920725F2A0, fake md5: 369C1928C9BBED65C9E347448BD376B0, fake sha256: FFADEEBD2A24EB2C362958FAE467F7B319D9AE1EE9B5724CDB6B70FBE31E6EE8
19:45:25.0471 0x125c BBSvc - detected ForgedFile.Multi.Generic ( 1 )
19:45:28.0372 0x125c BBSvc ( ForgedFile.Multi.Generic ) - warning
19:45:28.0372 0x125c Force sending object to P2P due to detect: C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.exe
19:45:31.0243 0x125c Object send P2P result: true
19:46:17.0091 0x125c [ 54949AFAC5CE6FA2E4D7846D4362BAB3, 1C7025FF250023991BB719C5E03C9F9EB861E08F3B11DFB2AFDC83A81F6A39DD ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.exe
19:46:19.0821 0x125c BBUpdate - ok
19:47:29.0294 0x125c [ 43AD3D3E7674833FCA9A7C4E7180AD54, 81CBF3146853FCCA26C14D23160892BD892269C5BB8B2167837339372BD38DA2 ] BCM43XX C:\windows\system32\DRIVERS\bcmwl664.sys
19:47:29.0396 0x125c BCM43XX - ok
19:47:29.0499 0x125c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\windows\System32\bdesvc.dll
19:47:29.0503 0x125c BDESVC - ok
19:47:29.0565 0x125c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\windows\system32\drivers\Beep.sys
19:47:29.0566 0x125c Beep - ok
19:47:32.0639 0x125c [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\windows\System32\bfe.dll
19:47:32.0683 0x125c BFE - ok
19:47:46.0411 0x125c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\windows\System32\qmgr.dll
19:47:49.0145 0x125c BITS - ok
19:47:54.0613 0x125c blbdrive - ok
19:47:54.0625 0x125c bowser - ok
19:47:54.0660 0x125c BPntDrv - ok
19:47:54.0718 0x125c BrFiltLo - ok
19:47:54.0725 0x125c BrFiltUp - ok
19:47:54.0773 0x125c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\windows\System32\browser.dll
19:47:54.0777 0x125c Browser - ok
19:47:54.0782 0x125c Brserid - ok
19:47:54.0786 0x125c BrSerWdm - ok
19:47:54.0791 0x125c BrUsbMdm - ok
19:47:54.0797 0x125c BrUsbSer - ok
19:47:54.0812 0x125c BthEnum - ok
19:47:54.0818 0x125c BTHMODEM - ok
19:47:54.0822 0x125c BthPan - ok
19:47:54.0833 0x125c BTHPORT - ok
19:47:54.0880 0x125c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\windows\system32\bthserv.dll
19:47:54.0883 0x125c bthserv - ok
19:47:54.0886 0x125c BTHUSB - ok
19:47:54.0972 0x125c [ 7A2CE8C1BF4DAA1F2766E21E9CA11078, 2AF02D206F60F95185894D829D7CC322C4986847153269DE186E11EE2353FBBC ] btwampfl C:\windows\system32\drivers\btwampfl.sys
19:47:54.0981 0x125c btwampfl - ok
19:47:55.0016 0x125c [ A75BF6802A967F5AACECC3C67FEBDF55, 7FD561C3817ABE48121926361ED12943A1EF5C0006689DCE3813697868D763B4 ] btwaudio C:\windows\system32\drivers\btwaudio.sys
19:47:55.0019 0x125c btwaudio - ok
19:47:55.0081 0x125c [ D895DC213EDBDA5FCC53AAD1F1E0E63B, FF3B483752E45911C267367B102EA0901BE13840FDBA083D0B7FF3379C37B898 ] btwavdt C:\windows\system32\DRIVERS\btwavdt.sys
19:47:55.0084 0x125c btwavdt - ok
19:47:55.0416 0x125c [ 692F8648D7686D91E34A65AC698019D8, CC7544513AA089BDB0FCE74156C88CBB4182C96F97785A64ED5D3061B039516E ] btwdins C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
19:47:55.0513 0x125c btwdins - ok
19:47:55.0554 0x125c [ 07096D2BC22CCB6CEA5A532DF0BE8A75, A9B7F2EFFDF1E4EC0A5DC098F0ED2BE44E271844A4F1CBAD2FA1655DE1E03F6E ] btwl2cap C:\windows\system32\DRIVERS\btwl2cap.sys
19:47:55.0556 0x125c btwl2cap - ok
19:47:55.0581 0x125c [ 6D7AA2BDE0135599C5F230D69DB3B420, 5179F57976B3903B5D45C5B383C691BCB26411B5C98296F99C1F79EF863E1E0A ] btwrchid C:\windows\system32\DRIVERS\btwrchid.sys
19:47:55.0582 0x125c btwrchid - ok
19:47:55.0683 0x125c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
19:47:55.0687 0x125c cdfs - ok
19:47:55.0809 0x125c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\windows\system32\drivers\cdrom.sys
19:47:55.0815 0x125c cdrom - ok
19:47:55.0904 0x125c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\windows\System32\certprop.dll
19:47:55.0908 0x125c CertPropSvc - ok
19:47:55.0925 0x125c circlass - ok
19:48:04.0211 0x125c [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\windows\system32\CLFS.sys
19:48:06.0954 0x125c CLFS - ok
19:48:20.0974 0x125c [ 4642B5A3E0D2E61D08163DE95FC5B949, C1A502ED96EB4AF7FE8643AD139A0AAA5492583E6D83A3937443662CDD430FE4 ] CLKMSVC10_3A60B698 C:\Program Files (x86)\Lenovo\PowerDVD10\NavFilter\kmsvc.exe
19:48:20.0983 0x125c CLKMSVC10_3A60B698 - ok
19:48:21.0089 0x125c [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:48:21.0093 0x125c clr_optimization_v2.0.50727_32 - ok
19:48:45.0848 0x125c [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:48:46.0001 0x125c clr_optimization_v2.0.50727_64 - ok
19:48:48.0869 0x125c [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:49:06.0342 0x125c clr_optimization_v4.0.30319_32 - ok
19:49:17.0640 0x125c [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:49:17.0649 0x125c clr_optimization_v4.0.30319_64 - ok
19:49:34.0084 0x125c clwvd - ok
19:49:34.0130 0x125c CmBatt - ok
19:49:34.0162 0x125c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\windows\system32\drivers\cmdide.sys
19:49:34.0177 0x125c cmdide - ok
19:49:34.0177 0x125c CNG - ok
19:49:36.0751 0x125c CnxtHdAudService - ok
19:49:36.0767 0x125c Compbatt - ok
19:49:36.0798 0x125c CompositeBus - ok
19:49:36.0845 0x125c COMSysApp - ok
19:49:36.0860 0x125c crcdisk - ok
19:49:36.0923 0x125c [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\windows\system32\cryptsvc.dll
19:49:36.0923 0x125c CryptSvc - ok
19:49:36.0985 0x125c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\windows\system32\rpcss.dll
19:49:37.0032 0x125c DcomLaunch - ok
19:49:42.0539 0x125c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\windows\System32\defragsvc.dll
19:49:45.0113 0x125c defragsvc - ok
19:49:48.0092 0x125c DfsC - ok
19:50:26.0390 0x125c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\windows\system32\dhcpcore.dll
19:50:29.0120 0x125c Dhcp - ok
19:50:31.0819 0x125c discache - ok
19:50:50.0867 0x125c Disk - ok
19:50:51.0054 0x125c [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\windows\System32\dnsrslvr.dll
19:50:53.0831 0x125c Dnscache - ok
19:50:59.0306 0x125c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\windows\System32\dot3svc.dll
19:51:02.0068 0x125c dot3svc - ok
19:51:15.0687 0x125c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\windows\system32\dps.dll
19:51:15.0702 0x125c DPS - ok
19:52:04.0733 0x125c [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
19:52:04.0749 0x125c drmkaud - ok
19:52:04.0905 0x125c [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
19:52:04.0920 0x125c DXGKrnl - ok
19:52:05.0045 0x125c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\windows\System32\eapsvc.dll
19:52:05.0045 0x125c EapHost - ok
19:52:29.0818 0x125c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
19:52:32.0891 0x125c ebdrv - ok
19:52:43.0733 0x125c [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS C:\windows\System32\lsass.exe
19:52:43.0733 0x125c EFS - ok
19:53:19.0270 0x125c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\windows\ehome\ehRecvr.exe
19:53:22.0047 0x125c ehRecvr - ok
19:53:46.0554 0x125c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\windows\ehome\ehsched.exe
19:53:49.0347 0x125c ehSched - ok
19:55:49.0108 0x125c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
19:55:51.0838 0x125c elxstor - ok
19:55:57.0236 0x125c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\windows\system32\drivers\errdev.sys
19:55:57.0236 0x125c ErrDev - ok
19:56:35.0518 0x125c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\windows\system32\es.dll
19:56:40.0963 0x125c EventSystem - ok
19:56:51.0852 0x125c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\windows\system32\drivers\exfat.sys
19:56:51.0867 0x125c exfat - ok
19:57:00.0057 0x125c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\windows\system32\drivers\fastfat.sys
19:57:00.0073 0x125c fastfat - ok
19:57:49.0228 0x125c [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\windows\system32\fxssvc.exe
19:57:49.0306 0x125c Fax - ok
19:57:49.0338 0x125c [ 3191ACA33088EE2481044FC0DB736442, 9311069BCA14FB7D5FDFFDB29566D045AB55A8657574C8BD864F8ED9527DEAF5 ] fbfmon C:\windows\system32\drivers\fbfmon.sys
19:57:49.0338 0x125c fbfmon - ok
19:57:49.0431 0x125c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\windows\system32\DRIVERS\fdc.sys
19:57:49.0431 0x125c fdc - ok
19:57:49.0509 0x125c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\windows\system32\fdPHost.dll
19:57:49.0509 0x125c fdPHost - ok
19:57:49.0603 0x125c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\windows\system32\fdrespub.dll
19:57:49.0603 0x125c FDResPub - ok
19:57:49.0681 0x125c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\windows\system32\drivers\fileinfo.sys
19:57:49.0712 0x125c FileInfo - ok
19:57:49.0806 0x125c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\windows\system32\drivers\filetrace.sys
19:57:49.0806 0x125c Filetrace - ok
19:57:49.0806 0x125c flpydisk - ok
19:57:49.0852 0x125c FltMgr - ok
19:58:03.0861 0x125c [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\windows\system32\FntCache.dll
19:58:06.0622 0x125c FontCache - ok
19:58:14.0922 0x125c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:58:15.0046 0x125c FontCache3.0.0.0 - ok
19:58:15.0062 0x125c FsDepends - ok
19:58:15.0062 0x125c Fs_Rec - ok
19:58:15.0093 0x125c fvevol - ok
19:58:15.0109 0x125c gagp30kx - ok
19:58:15.0156 0x125c [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\windows\System32\gpsvc.dll
19:58:15.0202 0x125c gpsvc - ok
19:58:21.0068 0x125c [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:58:21.0084 0x125c gupdate - ok
19:58:26.0356 0x125c [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:58:26.0372 0x125c gupdatem - ok
19:58:39.0991 0x125c [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
19:58:40.0006 0x125c gusvc - ok
19:58:40.0006 0x125c hcw85cir - ok
19:58:40.0147 0x125c [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
19:58:42.0908 0x125c HdAudAddService - ok
19:58:48.0368 0x125c HDAudBus - ok
19:58:53.0828 0x125c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
19:58:53.0828 0x125c HidBatt - ok
19:58:56.0574 0x125c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
19:59:04.0717 0x125c HidBth - ok
19:59:04.0920 0x125c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\windows\system32\DRIVERS\hidir.sys
19:59:04.0951 0x125c HidIr - ok
19:59:07.0728 0x125c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\windows\system32\hidserv.dll
19:59:07.0743 0x125c hidserv - ok
19:59:10.0489 0x125c HidUsb - ok
19:59:21.0222 0x125c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\windows\system32\kmsvc.dll
19:59:21.0222 0x125c hkmsvc - ok
19:59:26.0807 0x125c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
19:59:29.0537 0x125c HomeGroupListener - ok
19:59:35.0012 0x125c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
19:59:35.0028 0x125c HomeGroupProvider - ok
19:59:37.0758 0x125c HpSAMD - ok
19:59:37.0758 0x125c HTTP - ok
19:59:37.0758 0x125c hwpolicy - ok
19:59:40.0488 0x125c i8042prt - ok
19:59:40.0488 0x125c iaStor - ok
20:00:07.0289 0x125c [ 8FFF9083252C16FE3960173722605E9E, 6546FDA34B9AF94C5E86E5269BBC2F02F1E78D6D4BE5B5EC01F4B284CC934994 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
20:00:07.0304 0x125c IAStorDataMgrSvc - ok
20:00:10.0034 0x125c iaStorV - ok
20:00:18.0302 0x125c [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:00:26.0555 0x125c idsvc - ok
20:00:42.0966 0x125c IEEtwCollectorService - ok
20:00:42.0982 0x125c igfx - ok
20:00:43.0013 0x125c iirsp - ok
20:00:43.0075 0x125c [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\windows\System32\ikeext.dll
20:00:43.0122 0x125c IKEEXT - ok
20:00:43.0138 0x125c intelide - ok
20:00:54.0042 0x125c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
20:00:54.0042 0x125c intelppm - ok
20:01:02.0029 0x125c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\windows\system32\ipbusenum.dll
20:01:02.0045 0x125c IPBusEnum - ok
20:01:07.0505 0x125c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
20:01:07.0520 0x125c IpFilterDriver - ok
20:01:18.0394 0x125c [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\windows\System32\iphlpsvc.dll
20:01:23.0729 0x125c iphlpsvc - ok
20:01:26.0443 0x125c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
20:01:26.0459 0x125c IPMIDRV - ok
20:01:31.0732 0x125c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\windows\system32\drivers\ipnat.sys
20:01:31.0732 0x125c IPNAT - ok
20:01:42.0449 0x125c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\windows\system32\drivers\irenum.sys
20:01:42.0464 0x125c IRENUM - ok
20:01:42.0464 0x125c isapnp - ok
20:01:42.0464 0x125c iScsiPrt - ok
20:01:56.0177 0x125c k57nd60a - ok
20:01:56.0224 0x125c kbdclass - ok
20:01:56.0255 0x125c kbdhid - ok
20:01:56.0286 0x125c [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso C:\windows\system32\lsass.exe
20:01:56.0286 0x125c KeyIso - ok
20:01:56.0302 0x125c KSecDD - ok
20:01:56.0302 0x125c KSecPkg - ok
20:01:56.0302 0x125c ksthunk - ok
20:02:04.0367 0x125c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\windows\system32\msdtckrm.dll
20:02:09.0858 0x125c KtmRm - ok
20:02:09.0874 0x125c L1C - ok
20:02:18.0095 0x125c [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\windows\system32\srvsvc.dll
20:02:20.0840 0x125c LanmanServer - ok
20:02:21.0012 0x125c [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
20:02:21.0028 0x125c LanmanWorkstation - ok
20:02:23.0773 0x125c LHDmgr - ok
20:02:29.0233 0x125c lltdio - ok
20:02:45.0535 0x125c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\windows\System32\lltdsvc.dll
20:02:45.0645 0x125c lltdsvc - ok
20:02:45.0723 0x125c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\windows\System32\lmhsvc.dll
20:02:45.0723 0x125c lmhosts - ok
20:02:48.0609 0x125c [ 926EBA26A8B49D1597751CED06B50862, 886FC610E379BD77146ADDC376D77437D88B593C7F1C3FEE2B93D934A67310F8 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:02:48.0609 0x125c LMS - ok
20:02:51.0339 0x125c LSI_FC - ok
20:02:51.0354 0x125c LSI_SAS - ok
20:02:54.0069 0x125c LSI_SAS2 - ok
20:02:54.0084 0x125c LSI_SCSI - ok
20:03:10.0371 0x125c luafv - ok
20:03:10.0589 0x125c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
20:03:10.0667 0x125c Mcx2Svc - ok
20:03:13.0428 0x125c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\windows\system32\DRIVERS\megasas.sys
20:03:13.0428 0x125c megasas - ok
20:03:51.0867 0x125c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
20:03:57.0295 0x125c MegaSR - ok
20:04:02.0755 0x125c [ 1C6E73FC46B509EFF9D0086AA37132DF, B4FB5512D75112C553FC22593F6123A7C9B9B7825D40148F604CCEFEB149FD97 ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys
20:04:02.0755 0x125c MEIx64 - ok
20:04:27.0575 0x125c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\windows\system32\mmcss.dll
20:04:27.0575 0x125c MMCSS - ok
20:04:35.0812 0x125c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\windows\system32\drivers\modem.sys
20:04:35.0828 0x125c Modem - ok
20:04:38.0558 0x125c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\windows\system32\DRIVERS\monitor.sys
20:04:38.0558 0x125c monitor - ok
20:04:44.0008 0x125c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\windows\system32\drivers\mouclass.sys
20:04:44.0011 0x125c mouclass - ok
20:05:00.0487 0x125c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
20:05:00.0492 0x125c mouhid - ok
20:05:00.0501 0x125c mountmgr - ok
20:05:00.0509 0x125c mpio - ok
20:05:08.0858 0x125c mpsdrv - ok
20:05:42.0195 0x125c [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\windows\system32\mpssvc.dll
20:05:45.0062 0x125c MpsSvc - ok
20:05:47.0742 0x125c MRxDAV - ok
20:05:47.0749 0x125c mrxsmb - ok
20:05:47.0756 0x125c mrxsmb10 - ok
20:05:47.0762 0x125c mrxsmb20 - ok
20:05:47.0766 0x125c msahci - ok
20:05:47.0771 0x125c msdsm - ok
20:05:59.0104 0x125c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\windows\System32\msdtc.exe
20:06:01.0996 0x125c MSDTC - ok
20:06:02.0014 0x125c Msfs - ok
20:06:02.0019 0x125c mshidkmdf - ok
20:06:02.0025 0x125c msisadrv - ok
20:06:38.0496 0x125c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\windows\system32\iscsiexe.dll
20:07:03.0251 0x125c MSiSCSI - ok
20:07:41.0295 0x125c msiserver - ok
20:07:44.0149 0x125c MSKSSRV - ok
20:07:46.0926 0x125c MSPCLOCK - ok
20:07:46.0942 0x125c MSPQM - ok
20:07:46.0957 0x125c MsRPC - ok
20:07:46.0957 0x125c mssmbios - ok
20:07:49.0656 0x125c MSTEE - ok
20:07:49.0672 0x125c MTConfig - ok
20:07:52.0386 0x125c Mup - ok
20:08:00.0748 0x125c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\windows\system32\qagentRT.dll
20:08:03.0493 0x125c napagent - ok
20:08:09.0250 0x125c NativeWifiP - ok
20:08:09.0250 0x125c NDIS - ok
20:08:11.0980 0x125c NdisCap - ok
20:08:25.0802 0x125c NdisTapi - ok
20:08:34.0896 0x125c Ndisuio - ok
20:08:34.0912 0x125c NdisWan - ok
20:08:34.0912 0x125c NDProxy - ok
20:08:34.0974 0x125c NetBIOS - ok
20:08:34.0990 0x125c NetBT - ok
20:08:35.0052 0x125c [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon C:\windows\system32\lsass.exe
20:08:35.0052 0x125c Netlogon - ok
20:08:35.0193 0x125c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\windows\System32\netman.dll
20:08:35.0224 0x125c Netman - ok
20:08:35.0271 0x125c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\windows\System32\netprofm.dll
20:08:38.0048 0x125c netprofm - ok
20:08:46.0238 0x125c [ 3E5A36127E201DDF663176B66828FAFE, 5A08BA9EFB1A72DF1DD839BA5FA2B8994012BA62A515588FF62333B33B60045B ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:08:46.0238 0x125c NetTcpPortSharing - ok
20:08:48.0952 0x125c netw5v64 - ok
20:08:51.0713 0x125c nfrd960 - ok
20:08:59.0903 0x125c [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\windows\System32\nlasvc.dll
20:08:59.0997 0x125c NlaSvc - ok
20:09:00.0012 0x125c Npfs - ok
20:09:00.0075 0x125c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\windows\system32\nsisvc.dll
20:09:00.0075 0x125c nsi - ok
20:09:00.0075 0x125c nsiproxy - ok
20:09:00.0090 0x125c Ntfs - ok
20:09:00.0090 0x125c Null - ok
20:09:02.0820 0x125c nvraid - ok
20:09:02.0820 0x125c nvstor - ok
20:09:05.0831 0x125c nv_agp - ok
20:09:05.0847 0x125c ohci1394 - ok
20:09:17.0313 0x125c [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:09:17.0375 0x125c ose - ok
20:09:25.0643 0x125c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\windows\system32\pnrpsvc.dll
20:09:25.0721 0x125c p2pimsvc - ok
20:09:25.0815 0x125c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\windows\system32\p2psvc.dll
20:09:25.0846 0x125c p2psvc - ok
20:09:25.0862 0x125c Parport - ok
20:09:25.0862 0x125c partmgr - ok
20:09:25.0893 0x125c [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\windows\System32\pcasvc.dll
20:09:25.0908 0x125c PcaSvc - ok
20:09:25.0908 0x125c pci - ok
20:09:25.0924 0x125c pciide - ok
20:09:25.0924 0x125c pcmcia - ok
20:09:50.0759 0x125c [ 4678535614BD147D1ED6F0830EA0E540, B1EDB117A45FD6C402C06D71A85B7023C43CF3A965F444DFD5CB01F8092A1878 ] PCToolsSSDMonitorSvc C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
20:09:50.0775 0x125c PCToolsSSDMonitorSvc - ok
20:09:50.0775 0x125c pcw - ok
20:09:50.0790 0x125c PEAUTH - ok
20:10:01.0804 0x125c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\windows\SysWow64\perfhost.exe
20:10:01.0804 0x125c PerfHost - ok
20:10:04.0612 0x125c [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\windows\system32\pla.dll
20:10:07.0436 0x125c pla - ok
20:10:15.0751 0x125c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\windows\system32\umpnpmgr.dll
20:10:15.0844 0x125c PlugPlay - ok
20:10:18.0605 0x125c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
20:10:18.0605 0x125c PNRPAutoReg - ok
20:10:40.0367 0x125c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\windows\system32\pnrpsvc.dll
20:10:40.0383 0x125c PNRPsvc - ok
20:11:05.0015 0x125c [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
20:11:05.0109 0x125c PolicyAgent - ok
20:11:07.0886 0x125c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\windows\system32\umpo.dll
20:11:07.0901 0x125c Power - ok
20:11:13.0330 0x125c PptpMiniport - ok
20:11:13.0330 0x125c Processor - ok
20:11:21.0551 0x125c [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\windows\system32\profsvc.dll
20:11:24.0281 0x125c ProfSvc - ok
20:11:27.0027 0x125c [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\windows\system32\lsass.exe
20:11:27.0027 0x125c ProtectedStorage - ok
20:11:29.0757 0x125c Psched - ok
20:11:29.0773 0x125c ql2300 - ok
20:11:29.0773 0x125c ql40xx - ok
20:11:35.0295 0x125c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\windows\system32\qwave.dll
20:11:35.0311 0x125c QWAVE - ok
20:11:35.0311 0x125c QWAVEdrv - ok
20:11:35.0326 0x125c RasAcd - ok
20:11:49.0163 0x125c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
20:11:49.0179 0x125c RasAgileVpn - ok
20:11:54.0717 0x125c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\windows\System32\rasauto.dll
20:11:54.0733 0x125c RasAuto - ok
20:11:54.0795 0x125c Rasl2tp - ok
20:11:57.0619 0x125c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\windows\System32\rasmans.dll
20:12:00.0349 0x125c RasMan - ok
20:12:05.0824 0x125c RasPppoe - ok
20:12:05.0824 0x125c RasSstp - ok
20:12:05.0824 0x125c rdbss - ok
20:12:05.0840 0x125c rdpbus - ok
20:12:05.0856 0x125c RDPCDD - ok
20:12:11.0253 0x125c RDPENCDD - ok
20:12:11.0269 0x125c RDPREFMP - ok
20:12:11.0269 0x125c RDPWD - ok
20:12:19.0443 0x125c rdyboost - ok
20:12:19.0599 0x125c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\windows\System32\mprdim.dll
20:12:19.0599 0x125c RemoteAccess - ok
20:12:33.0327 0x125c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\windows\system32\regsvc.dll
20:12:33.0374 0x125c RemoteRegistry - ok
20:12:44.0310 0x125c RFCOMM - ok
20:13:08.0833 0x125c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
20:13:08.0848 0x125c RpcEptMapper - ok
20:13:19.0737 0x125c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\windows\system32\locator.exe
20:13:19.0737 0x125c RpcLocator - ok
20:13:33.0465 0x125c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\windows\system32\rpcss.dll
20:13:33.0481 0x125c RpcSs - ok
20:13:33.0621 0x125c rspndr - ok
20:13:33.0621 0x125c RSUSBVSTOR - ok
20:13:33.0684 0x125c [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs C:\windows\system32\lsass.exe
20:13:33.0684 0x125c SamSs - ok
20:13:33.0684 0x125c sbp2port - ok
20:13:33.0824 0x125c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\windows\System32\SCardSvr.dll
20:13:33.0840 0x125c SCardSvr - ok
20:13:33.0840 0x125c scfilter - ok
20:14:14.0774 0x125c [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\windows\system32\schedsvc.dll
20:14:17.0598 0x125c Schedule - ok
20:14:25.0788 0x125c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\windows\System32\certprop.dll
20:14:25.0788 0x125c SCPolicySvc - ok
20:15:39.0467 0x125c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\windows\System32\SDRSVC.dll
20:15:39.0467 0x125c SDRSVC - ok
20:15:50.0480 0x125c secdrv - ok
20:15:53.0226 0x125c [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\windows\system32\seclogon.dll
20:15:53.0226 0x125c seclogon - ok
20:15:55.0972 0x125c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\windows\System32\sens.dll
20:15:55.0972 0x125c SENS - ok
20:15:58.0717 0x125c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\windows\system32\sensrsvc.dll
20:15:58.0733 0x125c SensrSvc - ok
20:15:58.0733 0x125c Serenum - ok
20:15:58.0748 0x125c Serial - ok
20:16:06.0954 0x125c sermouse - ok
20:16:26.0080 0x125c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\windows\system32\sessenv.dll
20:16:42.0538 0x125c SessionEnv - ok
20:16:42.0538 0x125c sffdisk - ok
20:16:42.0553 0x125c sffp_mmc - ok
20:16:42.0553 0x125c sffp_sd - ok
20:16:42.0569 0x125c sfloppy - ok
20:16:56.0219 0x125c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\windows\System32\ipnathlp.dll
20:17:07.0154 0x125c SharedAccess - ok
20:17:15.0438 0x125c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll
20:18:04.0625 0x125c ShellHWDetection - ok
20:18:15.0498 0x125c SiSRaid2 - ok
20:18:15.0498 0x125c SiSRaid4 - ok
20:19:43.0139 0x125c [ 9F712B26EE3B0242DE997A42FD302E2C, 12663EB108F158282A965EE70980627C2F2332BA7944D7DE03B78E18BEB87D26 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
20:19:49.0301 0x125c Skype C2C Service - ok
20:20:02.0936 0x125c [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
20:20:02.0951 0x125c SkypeUpdate - ok
20:20:05.0666 0x125c Smb - ok
20:20:13.0949 0x125c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\windows\System32\snmptrap.exe
20:20:13.0965 0x125c SNMPTRAP - ok
20:20:14.0090 0x125c [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan C:\windows\syswow64\speedfan.sys
20:20:14.0105 0x125c speedfan - ok
20:20:14.0105 0x125c spldr - ok
20:20:25.0088 0x125c [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\windows\System32\spoolsv.exe
20:20:25.0181 0x125c Spooler - ok
20:20:39.0112 0x125c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\windows\system32\sppsvc.exe
20:20:39.0190 0x125c sppsvc - ok
20:21:03.0557 0x125c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\windows\system32\sppuinotify.dll
20:21:03.0620 0x125c sppuinotify - ok
20:21:03.0635 0x125c srv - ok
20:21:03.0635 0x125c srv2 - ok
20:21:03.0635 0x125c srvnet - ok
20:21:03.0682 0x125c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
20:21:03.0682 0x125c SSDPSRV - ok
20:21:03.0713 0x125c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\windows\system32\sstpsvc.dll
20:21:03.0713 0x125c SstpSvc - ok
20:21:06.0443 0x125c ss_bbus - ok
20:21:09.0173 0x125c ss_bmdfl - ok
20:21:11.0903 0x125c ss_bmdm - ok
20:21:11.0903 0x125c stexstor - ok
20:21:39.0983 0x125c [ 97AD8CDF092E54B27C3D0C0B2A0F0849, 4A30F68941341FD824B98A7EC68005AB51B989C5B754D9BA18CD74FAD9C8BD9C ] stisvc C:\windows\System32\wiaservc.dll
20:21:40.0046 0x125c Suspicious file ( Forged ): C:\windows\System32\wiaservc.dll. Real md5: 97AD8CDF092E54B27C3D0C0B2A0F0849, sha256: 4A30F68941341FD824B98A7EC68005AB51B989C5B754D9BA18CD74FAD9C8BD9C, fake md5: 8DD52E8E6128F4B2DA92CE27402871C1, fake sha256: 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92
20:21:40.0046 0x125c stisvc - detected ForgedFile.Multi.Generic ( 1 )
20:21:42.0791 0x125c Detect skipped due to KSN trusted
20:21:42.0791 0x125c stisvc - ok
20:21:42.0838 0x125c swenum - ok
20:21:42.0885 0x125c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\windows\System32\swprv.dll
20:21:42.0916 0x125c swprv - ok
20:21:42.0932 0x125c SynTP - ok
20:21:43.0025 0x125c [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\windows\system32\sysmain.dll
20:21:44.0211 0x125c SysMain - ok
20:21:44.0289 0x125c [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll
20:21:44.0305 0x125c TabletInputService - ok
20:21:44.0336 0x125c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\windows\System32\tapisrv.dll
20:21:44.0351 0x125c TapiSrv - ok
20:21:44.0398 0x125c [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\windows\System32\tbssvc.dll
20:21:44.0398 0x125c TBS - ok
20:21:44.0398 0x125c Tcpip - ok
20:21:44.0414 0x125c TCPIP6 - ok
20:21:44.0429 0x125c tcpipreg - ok
20:21:44.0429 0x125c TDPIPE - ok
20:21:44.0445 0x125c TDTCP - ok
20:21:44.0445 0x125c tdx - ok
20:21:44.0445 0x125c TermDD - ok
20:21:44.0507 0x125c [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\windows\System32\termsrv.dll
20:21:44.0539 0x125c TermService - ok
20:21:44.0554 0x125c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\windows\system32\themeservice.dll
20:21:44.0554 0x125c Themes - ok
20:21:44.0570 0x125c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\windows\system32\mmcss.dll
20:21:44.0570 0x125c THREADORDER - ok
20:21:44.0585 0x125c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\windows\System32\trkwks.dll
20:21:44.0601 0x125c TrkWks - ok
20:21:44.0663 0x125c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
20:21:44.0663 0x125c TrustedInstaller - ok
20:21:44.0663 0x125c tssecsrv - ok
20:21:44.0695 0x125c TsUsbFlt - ok
20:21:44.0695 0x125c tunnel - ok
20:21:44.0710 0x125c uagp35 - ok
20:21:44.0710 0x125c udfs - ok
20:21:44.0741 0x125c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\windows\system32\UI0Detect.exe
20:21:44.0741 0x125c UI0Detect - ok
20:21:44.0757 0x125c uijzauxe - ok
20:21:44.0757 0x125c uliagpkx - ok
20:21:44.0788 0x125c umbus - ok
20:21:44.0788 0x125c UmPass - ok
20:21:44.0913 0x125c [ FDF92EC84FECEE834FB10A2A0A19BCDA, F81FCA3BEC10C84335DBAD9D2CDAB98C62252A864F23BDD482F97F86D5FA0B15 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
20:21:45.0007 0x125c UNS - ok
20:21:45.0038 0x125c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\windows\System32\upnphost.dll
20:21:45.0053 0x125c upnphost - ok
20:21:45.0069 0x125c usbccgp - ok
20:21:45.0069 0x125c usbcir - ok
20:21:45.0069 0x125c usbehci - ok
20:21:45.0069 0x125c usbhub - ok
20:21:45.0085 0x125c usbohci - ok
20:21:45.0085 0x125c usbprint - ok
20:21:45.0085 0x125c USBSTOR - ok
20:21:45.0100 0x125c usbuhci - ok
20:21:49.0905 0x125c usbvideo - ok
20:21:55.0349 0x125c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\windows\System32\uxsms.dll
20:21:55.0365 0x125c UxSms - ok
20:21:58.0079 0x125c [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc C:\windows\system32\lsass.exe
20:21:58.0079 0x125c VaultSvc - ok
20:22:00.0809 0x125c vdrvroot - ok
20:22:41.0603 0x125c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\windows\System32\vds.exe
20:22:44.0302 0x125c vds - ok
20:22:47.0048 0x125c vga - ok
20:22:47.0048 0x125c VgaSave - ok
20:22:47.0063 0x125c vhdmp - ok
20:22:47.0079 0x125c viaide - ok
20:22:47.0095 0x125c vm2uvcflt - ok
20:22:49.0793 0x125c vm332avs - ok
20:22:49.0809 0x125c volmgr - ok
20:22:49.0825 0x125c volmgrx - ok
20:22:49.0825 0x125c volsnap - ok
20:22:52.0508 0x125c vsmraid - ok
20:22:58.0154 0x125c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\windows\system32\vssvc.exe
20:22:58.0223 0x125c VSS - ok
20:22:58.0232 0x125c vwifibus - ok
20:22:58.0250 0x125c vwififlt - ok
20:22:58.0264 0x125c vwifimp - ok
20:22:58.0315 0x125c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\windows\system32\w32time.dll
20:22:58.0357 0x125c W32Time - ok
20:22:58.0420 0x125c WacomPen - ok
20:23:03.0758 0x125c WANARP - ok
20:23:09.0227 0x125c Wanarpv6 - ok
20:23:22.0952 0x125c [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
20:23:33.0939 0x125c WatAdminSvc - ok
20:24:07.0305 0x125c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\windows\system32\wbengine.exe
20:24:13.0416 0x125c wbengine - ok
20:24:16.0193 0x125c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\windows\System32\wbiosrvc.dll
20:24:16.0208 0x125c WbioSrvc - ok
20:24:16.0319 0x125c [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\windows\System32\wcncsvc.dll
20:24:16.0352 0x125c wcncsvc - ok
20:24:16.0372 0x125c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
20:24:16.0379 0x125c WcsPlugInService - ok
20:24:16.0384 0x125c Wd - ok
20:24:16.0392 0x125c Wdf01000 - ok
20:24:16.0435 0x125c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\windows\system32\wdi.dll
20:24:16.0442 0x125c WdiServiceHost - ok
20:24:16.0448 0x125c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\windows\system32\wdi.dll
20:24:16.0454 0x125c WdiSystemHost - ok
20:24:16.0509 0x125c [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\windows\System32\webclnt.dll
20:24:16.0519 0x125c WebClient - ok
20:24:22.0014 0x125c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\windows\system32\wecsvc.dll
20:24:24.0861 0x125c Wecsvc - ok
20:24:30.0424 0x125c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\windows\System32\wercplsupport.dll
20:24:30.0433 0x125c wercplsupport - ok
20:24:35.0913 0x125c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\windows\System32\WerSvc.dll
20:24:35.0920 0x125c WerSvc - ok
20:24:38.0654 0x125c WfpLwf - ok
20:24:38.0663 0x125c WIMMount - ok
20:24:41.0467 0x125c WinDefend - ok
20:25:08.0911 0x125c WinHttpAutoProxySvc - ok
20:25:17.0174 0x125c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
20:25:19.0893 0x125c Winmgmt - ok
20:26:23.0071 0x125c [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\windows\system32\WsmSvc.dll
20:26:26.0472 0x125c WinRM - ok
20:26:51.0073 0x125c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\windows\System32\wlansvc.dll
20:26:56.0565 0x125c Wlansvc - ok
20:27:15.0659 0x125c [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:27:21.0135 0x125c wlcrasvc - ok
20:28:53.0908 0x125c [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:28:56.0685 0x125c wlidsvc - ok
20:28:59.0321 0x125c WmiAcpi - ok
20:29:04.0781 0x125c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
20:29:07.0527 0x125c wmiApSrv - ok
20:29:13.0018 0x125c WMPNetworkSvc - ok
20:29:15.0764 0x125c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\windows\System32\wpcsvc.dll
20:29:15.0779 0x125c WPCSvc - ok
20:29:21.0224 0x125c [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
20:29:21.0239 0x125c WPDBusEnum - ok
20:29:21.0239 0x125c ws2ifsl - ok
20:29:23.0985 0x125c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\windows\System32\wscsvc.dll
20:29:24.0001 0x125c wscsvc - ok
20:29:24.0001 0x125c WSearch - ok
20:29:34.0889 0x125c wsvd - ok
20:30:04.0966 0x125c [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\windows\system32\wuaueng.dll
20:30:05.0060 0x125c wuauserv - ok
20:30:05.0060 0x125c WudfPf - ok
20:30:05.0091 0x125c WUDFRd - ok
20:30:05.0122 0x125c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\windows\System32\WUDFSvc.dll
20:30:05.0122 0x125c wudfsvc - ok
20:30:05.0169 0x125c [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc C:\windows\System32\wwansvc.dll
20:30:05.0185 0x125c WwanSvc - ok
20:30:05.0216 0x125c zntport - ok
20:30:05.0294 0x125c ================ Scan global ===============================
20:30:05.0325 0x125c [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\windows\system32\basesrv.dll
20:30:05.0356 0x125c [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll
20:30:05.0387 0x125c [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll
20:30:08.0149 0x125c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll
20:30:19.0115 0x125c [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\windows\system32\services.exe
20:30:21.0861 0x125c [ Global ] - ok
20:30:21.0861 0x125c ================ Scan MBR ==================================
20:30:24.0560 0x125c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:30:54.0933 0x125c \Device\Harddisk0\DR0 - ok
20:30:54.0949 0x125c [ 65E858A8A0293BE11A920B0BC99D695E ] \Device\Harddisk1\DR1
20:30:54.0964 0x125c \Device\Harddisk1\DR1 - ok
20:30:54.0964 0x125c ================ Scan VBR ==================================
20:30:54.0980 0x125c [ A0F96B81A3776E4531A43C64C3E685B9 ] \Device\Harddisk0\DR0\Partition1
20:30:54.0996 0x125c \Device\Harddisk0\DR0\Partition1 - ok
20:30:55.0011 0x125c [ EC65B2960EAF9C171945F5D64217ED67 ] \Device\Harddisk0\DR0\Partition2
20:30:55.0011 0x125c \Device\Harddisk0\DR0\Partition2 - ok
20:31:19.0722 0x125c [ 4610053681E87168A0CEAC51C8154BB9 ] \Device\Harddisk0\DR0\Partition3
20:31:19.0722 0x125c \Device\Harddisk0\DR0\Partition3 - ok
20:31:19.0737 0x125c [ 7C2491382338F71CBE3170D90231B6D2 ] \Device\Harddisk1\DR1\Partition1
20:31:19.0737 0x125c \Device\Harddisk1\DR1\Partition1 - ok
20:31:19.0940 0x125c AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2011.263 ), 0x40000 ( disabled : updated )
20:31:19.0971 0x125c Win FW state via NFP2: disabled
20:31:22.0779 0x125c ============================================================
20:31:22.0779 0x125c Scan finished
20:31:22.0779 0x125c ============================================================
20:31:22.0779 0x080c Detected object count: 1
20:31:22.0779 0x080c Actual detected object count: 1
19:33:32.0471 0x05a4 ============================================================
19:33:32.0471 0x05a4 Current date / time: 2013/12/20 19:33:32.0471
19:33:32.0471 0x05a4 SystemInfo:
19:33:32.0471 0x05a4
19:33:32.0471 0x05a4 OS Version: 6.1.7601 ServicePack: 1.0
19:33:32.0471 0x05a4 Product type: Workstation
19:33:32.0471 0x05a4 ComputerName: DANELKA-PC
19:33:32.0471 0x05a4 UserName: Danelka
19:33:32.0471 0x05a4 Windows directory: C:\windows
19:33:32.0471 0x05a4 System windows directory: C:\windows
19:33:32.0471 0x05a4 Running under WOW64
19:33:32.0471 0x05a4 Processor architecture: Intel x64
19:33:32.0471 0x05a4 Number of processors: 2
19:33:32.0471 0x05a4 Page size: 0x1000
19:33:32.0471 0x05a4 Boot type: Normal boot
19:33:32.0471 0x05a4 ============================================================
19:34:11.0783 0x05a4 KLMD registered as C:\windows\system32\drivers\70817816.sys
19:34:31.0003 0x05a4 System UUID: {64E982C1-D6A5-A7AB-CB50-143E521F87DC}
19:35:01.0080 0x05a4 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:35:01.0095 0x05a4 Drive \Device\Harddisk1\DR1 - Size: 0x3D800000 (0.96 Gb), SectorSize: 0x200, Cylinders: 0x7D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:35:01.0095 0x05a4 ============================================================
19:35:01.0095 0x05a4 \Device\Harddisk0\DR0:
19:35:01.0189 0x05a4 MBR partitions:
19:35:01.0189 0x05a4 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
19:35:01.0189 0x05a4 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x1FC49800
19:36:53.0681 0x05a4 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1FCAE800, BlocksNum 0x39FD800
19:36:53.0681 0x05a4 \Device\Harddisk1\DR1:
19:36:53.0696 0x05a4 MBR partitions:
19:36:53.0696 0x05a4 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xE, StartLBA 0x20, BlocksNum 0x1EBFE0
19:36:53.0696 0x05a4 ============================================================
19:36:53.0852 0x05a4 C: <-> \Device\Harddisk0\DR0\Partition2
19:36:54.0039 0x05a4 D: <-> \Device\Harddisk0\DR0\Partition3
19:36:54.0039 0x05a4 ============================================================
19:36:54.0039 0x05a4 Initialize success
19:36:54.0039 0x05a4 ============================================================
19:36:59.0312 0x125c ============================================================
19:36:59.0312 0x125c Scan started
19:36:59.0312 0x125c Mode: Manual;
19:36:59.0312 0x125c ============================================================
19:36:59.0312 0x125c KSN ping started
19:37:19.0062 0x125c KSN ping finished: true
19:41:56.0212 0x125c ================ Scan system memory ========================
19:41:56.0212 0x125c System memory - ok
19:41:56.0212 0x125c ================ Scan services =============================
19:44:47.0609 0x125c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
19:44:47.0641 0x125c 1394ohci - ok
19:44:47.0719 0x125c [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\windows\system32\drivers\ACPI.sys
19:44:47.0719 0x125c ACPI - ok
19:44:47.0750 0x125c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
19:44:47.0750 0x125c AcpiPmi - ok
19:44:47.0797 0x125c [ 5BBFF8B826EC38D32C26334E079C7EFC, 673D46409F0225A804B55FFB77E82AF34F8C7A93BEEF92DC3DFAC7EFCC5F09B6 ] ACPIVPC C:\windows\system32\DRIVERS\AcpiVpc.sys
19:44:47.0797 0x125c ACPIVPC - ok
19:44:47.0921 0x125c [ 1BA1AB4141A92EB34DA99F1249CA2D4D, 43ADF35146E61E0DE58D2ACC2994538F6025135ECEB30073BEF05A804BB38107 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:44:47.0921 0x125c AdobeFlashPlayerUpdateSvc - ok
19:44:47.0953 0x125c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
19:44:47.0984 0x125c adp94xx - ok
19:44:47.0999 0x125c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
19:44:48.0015 0x125c adpahci - ok
19:44:48.0031 0x125c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
19:44:48.0031 0x125c adpu320 - ok
19:44:48.0062 0x125c [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
19:44:48.0062 0x125c AeLookupSvc - ok
19:44:48.0109 0x125c [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\windows\system32\drivers\afd.sys
19:44:48.0140 0x125c AFD - ok
19:44:48.0155 0x125c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\windows\system32\drivers\agp440.sys
19:44:48.0155 0x125c agp440 - ok
19:44:48.0171 0x125c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\windows\System32\alg.exe
19:44:48.0171 0x125c ALG - ok
19:44:48.0202 0x125c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\windows\system32\drivers\aliide.sys
19:44:48.0202 0x125c aliide - ok
19:44:48.0249 0x125c ALSysIO - ok
19:44:48.0249 0x125c amdide - ok
19:44:48.0265 0x125c AmdK8 - ok
19:44:48.0265 0x125c AmdPPM - ok
19:44:48.0280 0x125c amdsata - ok
19:44:48.0280 0x125c amdsbs - ok
19:44:48.0296 0x125c amdxata - ok
19:44:48.0296 0x125c AppID - ok
19:44:48.0327 0x125c [ B95B746FD0718624CAB338C22F19D518, 47A22ACCC6FB0AEDAF4A5CF8014BDD569EAD0EFAD399FDB8DE134235E7C9BB10 ] AppIDSvc C:\windows\System32\appidsvc.dll
19:44:48.0499 0x125c Suspicious file ( Forged ): C:\windows\System32\appidsvc.dll. Real md5: B95B746FD0718624CAB338C22F19D518, sha256: 47A22ACCC6FB0AEDAF4A5CF8014BDD569EAD0EFAD399FDB8DE134235E7C9BB10, fake md5: 0BC381A15355A3982216F7172F545DE1, fake sha256: C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725
19:44:48.0499 0x125c AppIDSvc - detected ForgedFile.Multi.Generic ( 1 )
19:44:51.0244 0x125c Detect skipped due to KSN trusted
19:44:51.0244 0x125c AppIDSvc - ok
19:44:51.0291 0x125c [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\windows\System32\appinfo.dll
19:44:51.0291 0x125c Appinfo - ok
19:44:51.0307 0x125c arc - ok
19:44:51.0307 0x125c arcsas - ok
19:44:51.0338 0x125c aswMonFlt - ok
19:44:51.0353 0x125c aswRdr - ok
19:44:51.0353 0x125c aswRvrt - ok
19:44:51.0353 0x125c aswSnx - ok
19:44:51.0369 0x125c aswSP - ok
19:44:51.0369 0x125c aswStm - ok
19:44:51.0369 0x125c aswVmm - ok
19:44:51.0385 0x125c AsyncMac - ok
19:44:51.0416 0x125c atapi - ok
19:44:51.0728 0x125c [ 782D36BAD8DDBF008D02E055DBE70F82, AFB7A4B52C86A9CA48ED46A2CE5415119F1C75912A0E233EF1CAE120DA534CAE ] athr C:\windows\system32\DRIVERS\athrx.sys
19:44:51.0837 0x125c athr - ok
19:44:51.0884 0x125c [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
19:44:51.0931 0x125c AudioEndpointBuilder - ok
19:44:51.0946 0x125c [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\windows\System32\Audiosrv.dll
19:44:51.0962 0x125c AudioSrv - ok
19:44:52.0071 0x125c [ D74884939D53612FD84AC82C59CCFE27, 07BFB34A3748E018C0A674A6253A03FFA522B31AE1942E84B3CC4DDDED9C16A9 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:44:52.0071 0x125c avast! Antivirus - ok
19:44:52.0118 0x125c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\windows\System32\AxInstSV.dll
19:44:52.0118 0x125c AxInstSV - ok
19:44:52.0180 0x125c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
19:44:52.0196 0x125c b06bdrv - ok
19:44:52.0211 0x125c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
19:44:52.0227 0x125c b57nd60a - ok
19:44:52.0445 0x125c [ DC7D035B2EBBDCC54E5EC026AFDEFAEC, 6CADF045B14AAB959C3EDBDFBA41D64757D67D9F0F4AB6BEC61351920725F2A0 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.exe
19:45:25.0471 0x125c Suspicious file ( Forged ): C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.exe. Real md5: DC7D035B2EBBDCC54E5EC026AFDEFAEC, sha256: 6CADF045B14AAB959C3EDBDFBA41D64757D67D9F0F4AB6BEC61351920725F2A0, fake md5: 369C1928C9BBED65C9E347448BD376B0, fake sha256: FFADEEBD2A24EB2C362958FAE467F7B319D9AE1EE9B5724CDB6B70FBE31E6EE8
19:45:25.0471 0x125c BBSvc - detected ForgedFile.Multi.Generic ( 1 )
19:45:28.0372 0x125c BBSvc ( ForgedFile.Multi.Generic ) - warning
19:45:28.0372 0x125c Force sending object to P2P due to detect: C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.exe
19:45:31.0243 0x125c Object send P2P result: true
19:46:17.0091 0x125c [ 54949AFAC5CE6FA2E4D7846D4362BAB3, 1C7025FF250023991BB719C5E03C9F9EB861E08F3B11DFB2AFDC83A81F6A39DD ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.exe
19:46:19.0821 0x125c BBUpdate - ok
19:47:29.0294 0x125c [ 43AD3D3E7674833FCA9A7C4E7180AD54, 81CBF3146853FCCA26C14D23160892BD892269C5BB8B2167837339372BD38DA2 ] BCM43XX C:\windows\system32\DRIVERS\bcmwl664.sys
19:47:29.0396 0x125c BCM43XX - ok
19:47:29.0499 0x125c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\windows\System32\bdesvc.dll
19:47:29.0503 0x125c BDESVC - ok
19:47:29.0565 0x125c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\windows\system32\drivers\Beep.sys
19:47:29.0566 0x125c Beep - ok
19:47:32.0639 0x125c [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\windows\System32\bfe.dll
19:47:32.0683 0x125c BFE - ok
19:47:46.0411 0x125c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\windows\System32\qmgr.dll
19:47:49.0145 0x125c BITS - ok
19:47:54.0613 0x125c blbdrive - ok
19:47:54.0625 0x125c bowser - ok
19:47:54.0660 0x125c BPntDrv - ok
19:47:54.0718 0x125c BrFiltLo - ok
19:47:54.0725 0x125c BrFiltUp - ok
19:47:54.0773 0x125c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\windows\System32\browser.dll
19:47:54.0777 0x125c Browser - ok
19:47:54.0782 0x125c Brserid - ok
19:47:54.0786 0x125c BrSerWdm - ok
19:47:54.0791 0x125c BrUsbMdm - ok
19:47:54.0797 0x125c BrUsbSer - ok
19:47:54.0812 0x125c BthEnum - ok
19:47:54.0818 0x125c BTHMODEM - ok
19:47:54.0822 0x125c BthPan - ok
19:47:54.0833 0x125c BTHPORT - ok
19:47:54.0880 0x125c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\windows\system32\bthserv.dll
19:47:54.0883 0x125c bthserv - ok
19:47:54.0886 0x125c BTHUSB - ok
19:47:54.0972 0x125c [ 7A2CE8C1BF4DAA1F2766E21E9CA11078, 2AF02D206F60F95185894D829D7CC322C4986847153269DE186E11EE2353FBBC ] btwampfl C:\windows\system32\drivers\btwampfl.sys
19:47:54.0981 0x125c btwampfl - ok
19:47:55.0016 0x125c [ A75BF6802A967F5AACECC3C67FEBDF55, 7FD561C3817ABE48121926361ED12943A1EF5C0006689DCE3813697868D763B4 ] btwaudio C:\windows\system32\drivers\btwaudio.sys
19:47:55.0019 0x125c btwaudio - ok
19:47:55.0081 0x125c [ D895DC213EDBDA5FCC53AAD1F1E0E63B, FF3B483752E45911C267367B102EA0901BE13840FDBA083D0B7FF3379C37B898 ] btwavdt C:\windows\system32\DRIVERS\btwavdt.sys
19:47:55.0084 0x125c btwavdt - ok
19:47:55.0416 0x125c [ 692F8648D7686D91E34A65AC698019D8, CC7544513AA089BDB0FCE74156C88CBB4182C96F97785A64ED5D3061B039516E ] btwdins C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
19:47:55.0513 0x125c btwdins - ok
19:47:55.0554 0x125c [ 07096D2BC22CCB6CEA5A532DF0BE8A75, A9B7F2EFFDF1E4EC0A5DC098F0ED2BE44E271844A4F1CBAD2FA1655DE1E03F6E ] btwl2cap C:\windows\system32\DRIVERS\btwl2cap.sys
19:47:55.0556 0x125c btwl2cap - ok
19:47:55.0581 0x125c [ 6D7AA2BDE0135599C5F230D69DB3B420, 5179F57976B3903B5D45C5B383C691BCB26411B5C98296F99C1F79EF863E1E0A ] btwrchid C:\windows\system32\DRIVERS\btwrchid.sys
19:47:55.0582 0x125c btwrchid - ok
19:47:55.0683 0x125c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
19:47:55.0687 0x125c cdfs - ok
19:47:55.0809 0x125c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\windows\system32\drivers\cdrom.sys
19:47:55.0815 0x125c cdrom - ok
19:47:55.0904 0x125c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\windows\System32\certprop.dll
19:47:55.0908 0x125c CertPropSvc - ok
19:47:55.0925 0x125c circlass - ok
19:48:04.0211 0x125c [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\windows\system32\CLFS.sys
19:48:06.0954 0x125c CLFS - ok
19:48:20.0974 0x125c [ 4642B5A3E0D2E61D08163DE95FC5B949, C1A502ED96EB4AF7FE8643AD139A0AAA5492583E6D83A3937443662CDD430FE4 ] CLKMSVC10_3A60B698 C:\Program Files (x86)\Lenovo\PowerDVD10\NavFilter\kmsvc.exe
19:48:20.0983 0x125c CLKMSVC10_3A60B698 - ok
19:48:21.0089 0x125c [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:48:21.0093 0x125c clr_optimization_v2.0.50727_32 - ok
19:48:45.0848 0x125c [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:48:46.0001 0x125c clr_optimization_v2.0.50727_64 - ok
19:48:48.0869 0x125c [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:49:06.0342 0x125c clr_optimization_v4.0.30319_32 - ok
19:49:17.0640 0x125c [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:49:17.0649 0x125c clr_optimization_v4.0.30319_64 - ok
19:49:34.0084 0x125c clwvd - ok
19:49:34.0130 0x125c CmBatt - ok
19:49:34.0162 0x125c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\windows\system32\drivers\cmdide.sys
19:49:34.0177 0x125c cmdide - ok
19:49:34.0177 0x125c CNG - ok
19:49:36.0751 0x125c CnxtHdAudService - ok
19:49:36.0767 0x125c Compbatt - ok
19:49:36.0798 0x125c CompositeBus - ok
19:49:36.0845 0x125c COMSysApp - ok
19:49:36.0860 0x125c crcdisk - ok
19:49:36.0923 0x125c [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\windows\system32\cryptsvc.dll
19:49:36.0923 0x125c CryptSvc - ok
19:49:36.0985 0x125c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\windows\system32\rpcss.dll
19:49:37.0032 0x125c DcomLaunch - ok
19:49:42.0539 0x125c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\windows\System32\defragsvc.dll
19:49:45.0113 0x125c defragsvc - ok
19:49:48.0092 0x125c DfsC - ok
19:50:26.0390 0x125c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\windows\system32\dhcpcore.dll
19:50:29.0120 0x125c Dhcp - ok
19:50:31.0819 0x125c discache - ok
19:50:50.0867 0x125c Disk - ok
19:50:51.0054 0x125c [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\windows\System32\dnsrslvr.dll
19:50:53.0831 0x125c Dnscache - ok
19:50:59.0306 0x125c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\windows\System32\dot3svc.dll
19:51:02.0068 0x125c dot3svc - ok
19:51:15.0687 0x125c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\windows\system32\dps.dll
19:51:15.0702 0x125c DPS - ok
19:52:04.0733 0x125c [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
19:52:04.0749 0x125c drmkaud - ok
19:52:04.0905 0x125c [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
19:52:04.0920 0x125c DXGKrnl - ok
19:52:05.0045 0x125c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\windows\System32\eapsvc.dll
19:52:05.0045 0x125c EapHost - ok
19:52:29.0818 0x125c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
19:52:32.0891 0x125c ebdrv - ok
19:52:43.0733 0x125c [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS C:\windows\System32\lsass.exe
19:52:43.0733 0x125c EFS - ok
19:53:19.0270 0x125c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\windows\ehome\ehRecvr.exe
19:53:22.0047 0x125c ehRecvr - ok
19:53:46.0554 0x125c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\windows\ehome\ehsched.exe
19:53:49.0347 0x125c ehSched - ok
19:55:49.0108 0x125c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
19:55:51.0838 0x125c elxstor - ok
19:55:57.0236 0x125c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\windows\system32\drivers\errdev.sys
19:55:57.0236 0x125c ErrDev - ok
19:56:35.0518 0x125c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\windows\system32\es.dll
19:56:40.0963 0x125c EventSystem - ok
19:56:51.0852 0x125c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\windows\system32\drivers\exfat.sys
19:56:51.0867 0x125c exfat - ok
19:57:00.0057 0x125c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\windows\system32\drivers\fastfat.sys
19:57:00.0073 0x125c fastfat - ok
19:57:49.0228 0x125c [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\windows\system32\fxssvc.exe
19:57:49.0306 0x125c Fax - ok
19:57:49.0338 0x125c [ 3191ACA33088EE2481044FC0DB736442, 9311069BCA14FB7D5FDFFDB29566D045AB55A8657574C8BD864F8ED9527DEAF5 ] fbfmon C:\windows\system32\drivers\fbfmon.sys
19:57:49.0338 0x125c fbfmon - ok
19:57:49.0431 0x125c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\windows\system32\DRIVERS\fdc.sys
19:57:49.0431 0x125c fdc - ok
19:57:49.0509 0x125c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\windows\system32\fdPHost.dll
19:57:49.0509 0x125c fdPHost - ok
19:57:49.0603 0x125c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\windows\system32\fdrespub.dll
19:57:49.0603 0x125c FDResPub - ok
19:57:49.0681 0x125c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\windows\system32\drivers\fileinfo.sys
19:57:49.0712 0x125c FileInfo - ok
19:57:49.0806 0x125c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\windows\system32\drivers\filetrace.sys
19:57:49.0806 0x125c Filetrace - ok
19:57:49.0806 0x125c flpydisk - ok
19:57:49.0852 0x125c FltMgr - ok
19:58:03.0861 0x125c [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\windows\system32\FntCache.dll
19:58:06.0622 0x125c FontCache - ok
19:58:14.0922 0x125c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:58:15.0046 0x125c FontCache3.0.0.0 - ok
19:58:15.0062 0x125c FsDepends - ok
19:58:15.0062 0x125c Fs_Rec - ok
19:58:15.0093 0x125c fvevol - ok
19:58:15.0109 0x125c gagp30kx - ok
19:58:15.0156 0x125c [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\windows\System32\gpsvc.dll
19:58:15.0202 0x125c gpsvc - ok
19:58:21.0068 0x125c [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:58:21.0084 0x125c gupdate - ok
19:58:26.0356 0x125c [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:58:26.0372 0x125c gupdatem - ok
19:58:39.0991 0x125c [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
19:58:40.0006 0x125c gusvc - ok
19:58:40.0006 0x125c hcw85cir - ok
19:58:40.0147 0x125c [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
19:58:42.0908 0x125c HdAudAddService - ok
19:58:48.0368 0x125c HDAudBus - ok
19:58:53.0828 0x125c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
19:58:53.0828 0x125c HidBatt - ok
19:58:56.0574 0x125c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
19:59:04.0717 0x125c HidBth - ok
19:59:04.0920 0x125c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\windows\system32\DRIVERS\hidir.sys
19:59:04.0951 0x125c HidIr - ok
19:59:07.0728 0x125c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\windows\system32\hidserv.dll
19:59:07.0743 0x125c hidserv - ok
19:59:10.0489 0x125c HidUsb - ok
19:59:21.0222 0x125c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\windows\system32\kmsvc.dll
19:59:21.0222 0x125c hkmsvc - ok
19:59:26.0807 0x125c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
19:59:29.0537 0x125c HomeGroupListener - ok
19:59:35.0012 0x125c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
19:59:35.0028 0x125c HomeGroupProvider - ok
19:59:37.0758 0x125c HpSAMD - ok
19:59:37.0758 0x125c HTTP - ok
19:59:37.0758 0x125c hwpolicy - ok
19:59:40.0488 0x125c i8042prt - ok
19:59:40.0488 0x125c iaStor - ok
20:00:07.0289 0x125c [ 8FFF9083252C16FE3960173722605E9E, 6546FDA34B9AF94C5E86E5269BBC2F02F1E78D6D4BE5B5EC01F4B284CC934994 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
20:00:07.0304 0x125c IAStorDataMgrSvc - ok
20:00:10.0034 0x125c iaStorV - ok
20:00:18.0302 0x125c [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:00:26.0555 0x125c idsvc - ok
20:00:42.0966 0x125c IEEtwCollectorService - ok
20:00:42.0982 0x125c igfx - ok
20:00:43.0013 0x125c iirsp - ok
20:00:43.0075 0x125c [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\windows\System32\ikeext.dll
20:00:43.0122 0x125c IKEEXT - ok
20:00:43.0138 0x125c intelide - ok
20:00:54.0042 0x125c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
20:00:54.0042 0x125c intelppm - ok
20:01:02.0029 0x125c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\windows\system32\ipbusenum.dll
20:01:02.0045 0x125c IPBusEnum - ok
20:01:07.0505 0x125c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
20:01:07.0520 0x125c IpFilterDriver - ok
20:01:18.0394 0x125c [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\windows\System32\iphlpsvc.dll
20:01:23.0729 0x125c iphlpsvc - ok
20:01:26.0443 0x125c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
20:01:26.0459 0x125c IPMIDRV - ok
20:01:31.0732 0x125c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\windows\system32\drivers\ipnat.sys
20:01:31.0732 0x125c IPNAT - ok
20:01:42.0449 0x125c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\windows\system32\drivers\irenum.sys
20:01:42.0464 0x125c IRENUM - ok
20:01:42.0464 0x125c isapnp - ok
20:01:42.0464 0x125c iScsiPrt - ok
20:01:56.0177 0x125c k57nd60a - ok
20:01:56.0224 0x125c kbdclass - ok
20:01:56.0255 0x125c kbdhid - ok
20:01:56.0286 0x125c [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso C:\windows\system32\lsass.exe
20:01:56.0286 0x125c KeyIso - ok
20:01:56.0302 0x125c KSecDD - ok
20:01:56.0302 0x125c KSecPkg - ok
20:01:56.0302 0x125c ksthunk - ok
20:02:04.0367 0x125c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\windows\system32\msdtckrm.dll
20:02:09.0858 0x125c KtmRm - ok
20:02:09.0874 0x125c L1C - ok
20:02:18.0095 0x125c [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\windows\system32\srvsvc.dll
20:02:20.0840 0x125c LanmanServer - ok
20:02:21.0012 0x125c [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
20:02:21.0028 0x125c LanmanWorkstation - ok
20:02:23.0773 0x125c LHDmgr - ok
20:02:29.0233 0x125c lltdio - ok
20:02:45.0535 0x125c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\windows\System32\lltdsvc.dll
20:02:45.0645 0x125c lltdsvc - ok
20:02:45.0723 0x125c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\windows\System32\lmhsvc.dll
20:02:45.0723 0x125c lmhosts - ok
20:02:48.0609 0x125c [ 926EBA26A8B49D1597751CED06B50862, 886FC610E379BD77146ADDC376D77437D88B593C7F1C3FEE2B93D934A67310F8 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:02:48.0609 0x125c LMS - ok
20:02:51.0339 0x125c LSI_FC - ok
20:02:51.0354 0x125c LSI_SAS - ok
20:02:54.0069 0x125c LSI_SAS2 - ok
20:02:54.0084 0x125c LSI_SCSI - ok
20:03:10.0371 0x125c luafv - ok
20:03:10.0589 0x125c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
20:03:10.0667 0x125c Mcx2Svc - ok
20:03:13.0428 0x125c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\windows\system32\DRIVERS\megasas.sys
20:03:13.0428 0x125c megasas - ok
20:03:51.0867 0x125c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
20:03:57.0295 0x125c MegaSR - ok
20:04:02.0755 0x125c [ 1C6E73FC46B509EFF9D0086AA37132DF, B4FB5512D75112C553FC22593F6123A7C9B9B7825D40148F604CCEFEB149FD97 ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys
20:04:02.0755 0x125c MEIx64 - ok
20:04:27.0575 0x125c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\windows\system32\mmcss.dll
20:04:27.0575 0x125c MMCSS - ok
20:04:35.0812 0x125c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\windows\system32\drivers\modem.sys
20:04:35.0828 0x125c Modem - ok
20:04:38.0558 0x125c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\windows\system32\DRIVERS\monitor.sys
20:04:38.0558 0x125c monitor - ok
20:04:44.0008 0x125c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\windows\system32\drivers\mouclass.sys
20:04:44.0011 0x125c mouclass - ok
20:05:00.0487 0x125c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
20:05:00.0492 0x125c mouhid - ok
20:05:00.0501 0x125c mountmgr - ok
20:05:00.0509 0x125c mpio - ok
20:05:08.0858 0x125c mpsdrv - ok
20:05:42.0195 0x125c [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\windows\system32\mpssvc.dll
20:05:45.0062 0x125c MpsSvc - ok
20:05:47.0742 0x125c MRxDAV - ok
20:05:47.0749 0x125c mrxsmb - ok
20:05:47.0756 0x125c mrxsmb10 - ok
20:05:47.0762 0x125c mrxsmb20 - ok
20:05:47.0766 0x125c msahci - ok
20:05:47.0771 0x125c msdsm - ok
20:05:59.0104 0x125c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\windows\System32\msdtc.exe
20:06:01.0996 0x125c MSDTC - ok
20:06:02.0014 0x125c Msfs - ok
20:06:02.0019 0x125c mshidkmdf - ok
20:06:02.0025 0x125c msisadrv - ok
20:06:38.0496 0x125c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\windows\system32\iscsiexe.dll
20:07:03.0251 0x125c MSiSCSI - ok
20:07:41.0295 0x125c msiserver - ok
20:07:44.0149 0x125c MSKSSRV - ok
20:07:46.0926 0x125c MSPCLOCK - ok
20:07:46.0942 0x125c MSPQM - ok
20:07:46.0957 0x125c MsRPC - ok
20:07:46.0957 0x125c mssmbios - ok
20:07:49.0656 0x125c MSTEE - ok
20:07:49.0672 0x125c MTConfig - ok
20:07:52.0386 0x125c Mup - ok
20:08:00.0748 0x125c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\windows\system32\qagentRT.dll
20:08:03.0493 0x125c napagent - ok
20:08:09.0250 0x125c NativeWifiP - ok
20:08:09.0250 0x125c NDIS - ok
20:08:11.0980 0x125c NdisCap - ok
20:08:25.0802 0x125c NdisTapi - ok
20:08:34.0896 0x125c Ndisuio - ok
20:08:34.0912 0x125c NdisWan - ok
20:08:34.0912 0x125c NDProxy - ok
20:08:34.0974 0x125c NetBIOS - ok
20:08:34.0990 0x125c NetBT - ok
20:08:35.0052 0x125c [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon C:\windows\system32\lsass.exe
20:08:35.0052 0x125c Netlogon - ok
20:08:35.0193 0x125c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\windows\System32\netman.dll
20:08:35.0224 0x125c Netman - ok
20:08:35.0271 0x125c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\windows\System32\netprofm.dll
20:08:38.0048 0x125c netprofm - ok
20:08:46.0238 0x125c [ 3E5A36127E201DDF663176B66828FAFE, 5A08BA9EFB1A72DF1DD839BA5FA2B8994012BA62A515588FF62333B33B60045B ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:08:46.0238 0x125c NetTcpPortSharing - ok
20:08:48.0952 0x125c netw5v64 - ok
20:08:51.0713 0x125c nfrd960 - ok
20:08:59.0903 0x125c [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\windows\System32\nlasvc.dll
20:08:59.0997 0x125c NlaSvc - ok
20:09:00.0012 0x125c Npfs - ok
20:09:00.0075 0x125c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\windows\system32\nsisvc.dll
20:09:00.0075 0x125c nsi - ok
20:09:00.0075 0x125c nsiproxy - ok
20:09:00.0090 0x125c Ntfs - ok
20:09:00.0090 0x125c Null - ok
20:09:02.0820 0x125c nvraid - ok
20:09:02.0820 0x125c nvstor - ok
20:09:05.0831 0x125c nv_agp - ok
20:09:05.0847 0x125c ohci1394 - ok
20:09:17.0313 0x125c [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:09:17.0375 0x125c ose - ok
20:09:25.0643 0x125c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\windows\system32\pnrpsvc.dll
20:09:25.0721 0x125c p2pimsvc - ok
20:09:25.0815 0x125c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\windows\system32\p2psvc.dll
20:09:25.0846 0x125c p2psvc - ok
20:09:25.0862 0x125c Parport - ok
20:09:25.0862 0x125c partmgr - ok
20:09:25.0893 0x125c [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\windows\System32\pcasvc.dll
20:09:25.0908 0x125c PcaSvc - ok
20:09:25.0908 0x125c pci - ok
20:09:25.0924 0x125c pciide - ok
20:09:25.0924 0x125c pcmcia - ok
20:09:50.0759 0x125c [ 4678535614BD147D1ED6F0830EA0E540, B1EDB117A45FD6C402C06D71A85B7023C43CF3A965F444DFD5CB01F8092A1878 ] PCToolsSSDMonitorSvc C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
20:09:50.0775 0x125c PCToolsSSDMonitorSvc - ok
20:09:50.0775 0x125c pcw - ok
20:09:50.0790 0x125c PEAUTH - ok
20:10:01.0804 0x125c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\windows\SysWow64\perfhost.exe
20:10:01.0804 0x125c PerfHost - ok
20:10:04.0612 0x125c [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\windows\system32\pla.dll
20:10:07.0436 0x125c pla - ok
20:10:15.0751 0x125c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\windows\system32\umpnpmgr.dll
20:10:15.0844 0x125c PlugPlay - ok
20:10:18.0605 0x125c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
20:10:18.0605 0x125c PNRPAutoReg - ok
20:10:40.0367 0x125c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\windows\system32\pnrpsvc.dll
20:10:40.0383 0x125c PNRPsvc - ok
20:11:05.0015 0x125c [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
20:11:05.0109 0x125c PolicyAgent - ok
20:11:07.0886 0x125c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\windows\system32\umpo.dll
20:11:07.0901 0x125c Power - ok
20:11:13.0330 0x125c PptpMiniport - ok
20:11:13.0330 0x125c Processor - ok
20:11:21.0551 0x125c [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\windows\system32\profsvc.dll
20:11:24.0281 0x125c ProfSvc - ok
20:11:27.0027 0x125c [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\windows\system32\lsass.exe
20:11:27.0027 0x125c ProtectedStorage - ok
20:11:29.0757 0x125c Psched - ok
20:11:29.0773 0x125c ql2300 - ok
20:11:29.0773 0x125c ql40xx - ok
20:11:35.0295 0x125c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\windows\system32\qwave.dll
20:11:35.0311 0x125c QWAVE - ok
20:11:35.0311 0x125c QWAVEdrv - ok
20:11:35.0326 0x125c RasAcd - ok
20:11:49.0163 0x125c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
20:11:49.0179 0x125c RasAgileVpn - ok
20:11:54.0717 0x125c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\windows\System32\rasauto.dll
20:11:54.0733 0x125c RasAuto - ok
20:11:54.0795 0x125c Rasl2tp - ok
20:11:57.0619 0x125c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\windows\System32\rasmans.dll
20:12:00.0349 0x125c RasMan - ok
20:12:05.0824 0x125c RasPppoe - ok
20:12:05.0824 0x125c RasSstp - ok
20:12:05.0824 0x125c rdbss - ok
20:12:05.0840 0x125c rdpbus - ok
20:12:05.0856 0x125c RDPCDD - ok
20:12:11.0253 0x125c RDPENCDD - ok
20:12:11.0269 0x125c RDPREFMP - ok
20:12:11.0269 0x125c RDPWD - ok
20:12:19.0443 0x125c rdyboost - ok
20:12:19.0599 0x125c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\windows\System32\mprdim.dll
20:12:19.0599 0x125c RemoteAccess - ok
20:12:33.0327 0x125c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\windows\system32\regsvc.dll
20:12:33.0374 0x125c RemoteRegistry - ok
20:12:44.0310 0x125c RFCOMM - ok
20:13:08.0833 0x125c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
20:13:08.0848 0x125c RpcEptMapper - ok
20:13:19.0737 0x125c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\windows\system32\locator.exe
20:13:19.0737 0x125c RpcLocator - ok
20:13:33.0465 0x125c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\windows\system32\rpcss.dll
20:13:33.0481 0x125c RpcSs - ok
20:13:33.0621 0x125c rspndr - ok
20:13:33.0621 0x125c RSUSBVSTOR - ok
20:13:33.0684 0x125c [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs C:\windows\system32\lsass.exe
20:13:33.0684 0x125c SamSs - ok
20:13:33.0684 0x125c sbp2port - ok
20:13:33.0824 0x125c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\windows\System32\SCardSvr.dll
20:13:33.0840 0x125c SCardSvr - ok
20:13:33.0840 0x125c scfilter - ok
20:14:14.0774 0x125c [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\windows\system32\schedsvc.dll
20:14:17.0598 0x125c Schedule - ok
20:14:25.0788 0x125c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\windows\System32\certprop.dll
20:14:25.0788 0x125c SCPolicySvc - ok
20:15:39.0467 0x125c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\windows\System32\SDRSVC.dll
20:15:39.0467 0x125c SDRSVC - ok
20:15:50.0480 0x125c secdrv - ok
20:15:53.0226 0x125c [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\windows\system32\seclogon.dll
20:15:53.0226 0x125c seclogon - ok
20:15:55.0972 0x125c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\windows\System32\sens.dll
20:15:55.0972 0x125c SENS - ok
20:15:58.0717 0x125c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\windows\system32\sensrsvc.dll
20:15:58.0733 0x125c SensrSvc - ok
20:15:58.0733 0x125c Serenum - ok
20:15:58.0748 0x125c Serial - ok
20:16:06.0954 0x125c sermouse - ok
20:16:26.0080 0x125c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\windows\system32\sessenv.dll
20:16:42.0538 0x125c SessionEnv - ok
20:16:42.0538 0x125c sffdisk - ok
20:16:42.0553 0x125c sffp_mmc - ok
20:16:42.0553 0x125c sffp_sd - ok
20:16:42.0569 0x125c sfloppy - ok
20:16:56.0219 0x125c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\windows\System32\ipnathlp.dll
20:17:07.0154 0x125c SharedAccess - ok
20:17:15.0438 0x125c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll
20:18:04.0625 0x125c ShellHWDetection - ok
20:18:15.0498 0x125c SiSRaid2 - ok
20:18:15.0498 0x125c SiSRaid4 - ok
20:19:43.0139 0x125c [ 9F712B26EE3B0242DE997A42FD302E2C, 12663EB108F158282A965EE70980627C2F2332BA7944D7DE03B78E18BEB87D26 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
20:19:49.0301 0x125c Skype C2C Service - ok
20:20:02.0936 0x125c [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
20:20:02.0951 0x125c SkypeUpdate - ok
20:20:05.0666 0x125c Smb - ok
20:20:13.0949 0x125c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\windows\System32\snmptrap.exe
20:20:13.0965 0x125c SNMPTRAP - ok
20:20:14.0090 0x125c [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan C:\windows\syswow64\speedfan.sys
20:20:14.0105 0x125c speedfan - ok
20:20:14.0105 0x125c spldr - ok
20:20:25.0088 0x125c [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\windows\System32\spoolsv.exe
20:20:25.0181 0x125c Spooler - ok
20:20:39.0112 0x125c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\windows\system32\sppsvc.exe
20:20:39.0190 0x125c sppsvc - ok
20:21:03.0557 0x125c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\windows\system32\sppuinotify.dll
20:21:03.0620 0x125c sppuinotify - ok
20:21:03.0635 0x125c srv - ok
20:21:03.0635 0x125c srv2 - ok
20:21:03.0635 0x125c srvnet - ok
20:21:03.0682 0x125c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
20:21:03.0682 0x125c SSDPSRV - ok
20:21:03.0713 0x125c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\windows\system32\sstpsvc.dll
20:21:03.0713 0x125c SstpSvc - ok
20:21:06.0443 0x125c ss_bbus - ok
20:21:09.0173 0x125c ss_bmdfl - ok
20:21:11.0903 0x125c ss_bmdm - ok
20:21:11.0903 0x125c stexstor - ok
20:21:39.0983 0x125c [ 97AD8CDF092E54B27C3D0C0B2A0F0849, 4A30F68941341FD824B98A7EC68005AB51B989C5B754D9BA18CD74FAD9C8BD9C ] stisvc C:\windows\System32\wiaservc.dll
20:21:40.0046 0x125c Suspicious file ( Forged ): C:\windows\System32\wiaservc.dll. Real md5: 97AD8CDF092E54B27C3D0C0B2A0F0849, sha256: 4A30F68941341FD824B98A7EC68005AB51B989C5B754D9BA18CD74FAD9C8BD9C, fake md5: 8DD52E8E6128F4B2DA92CE27402871C1, fake sha256: 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92
20:21:40.0046 0x125c stisvc - detected ForgedFile.Multi.Generic ( 1 )
20:21:42.0791 0x125c Detect skipped due to KSN trusted
20:21:42.0791 0x125c stisvc - ok
20:21:42.0838 0x125c swenum - ok
20:21:42.0885 0x125c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\windows\System32\swprv.dll
20:21:42.0916 0x125c swprv - ok
20:21:42.0932 0x125c SynTP - ok
20:21:43.0025 0x125c [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\windows\system32\sysmain.dll
20:21:44.0211 0x125c SysMain - ok
20:21:44.0289 0x125c [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll
20:21:44.0305 0x125c TabletInputService - ok
20:21:44.0336 0x125c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\windows\System32\tapisrv.dll
20:21:44.0351 0x125c TapiSrv - ok
20:21:44.0398 0x125c [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\windows\System32\tbssvc.dll
20:21:44.0398 0x125c TBS - ok
20:21:44.0398 0x125c Tcpip - ok
20:21:44.0414 0x125c TCPIP6 - ok
20:21:44.0429 0x125c tcpipreg - ok
20:21:44.0429 0x125c TDPIPE - ok
20:21:44.0445 0x125c TDTCP - ok
20:21:44.0445 0x125c tdx - ok
20:21:44.0445 0x125c TermDD - ok
20:21:44.0507 0x125c [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\windows\System32\termsrv.dll
20:21:44.0539 0x125c TermService - ok
20:21:44.0554 0x125c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\windows\system32\themeservice.dll
20:21:44.0554 0x125c Themes - ok
20:21:44.0570 0x125c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\windows\system32\mmcss.dll
20:21:44.0570 0x125c THREADORDER - ok
20:21:44.0585 0x125c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\windows\System32\trkwks.dll
20:21:44.0601 0x125c TrkWks - ok
20:21:44.0663 0x125c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
20:21:44.0663 0x125c TrustedInstaller - ok
20:21:44.0663 0x125c tssecsrv - ok
20:21:44.0695 0x125c TsUsbFlt - ok
20:21:44.0695 0x125c tunnel - ok
20:21:44.0710 0x125c uagp35 - ok
20:21:44.0710 0x125c udfs - ok
20:21:44.0741 0x125c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\windows\system32\UI0Detect.exe
20:21:44.0741 0x125c UI0Detect - ok
20:21:44.0757 0x125c uijzauxe - ok
20:21:44.0757 0x125c uliagpkx - ok
20:21:44.0788 0x125c umbus - ok
20:21:44.0788 0x125c UmPass - ok
20:21:44.0913 0x125c [ FDF92EC84FECEE834FB10A2A0A19BCDA, F81FCA3BEC10C84335DBAD9D2CDAB98C62252A864F23BDD482F97F86D5FA0B15 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
20:21:45.0007 0x125c UNS - ok
20:21:45.0038 0x125c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\windows\System32\upnphost.dll
20:21:45.0053 0x125c upnphost - ok
20:21:45.0069 0x125c usbccgp - ok
20:21:45.0069 0x125c usbcir - ok
20:21:45.0069 0x125c usbehci - ok
20:21:45.0069 0x125c usbhub - ok
20:21:45.0085 0x125c usbohci - ok
20:21:45.0085 0x125c usbprint - ok
20:21:45.0085 0x125c USBSTOR - ok
20:21:45.0100 0x125c usbuhci - ok
20:21:49.0905 0x125c usbvideo - ok
20:21:55.0349 0x125c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\windows\System32\uxsms.dll
20:21:55.0365 0x125c UxSms - ok
20:21:58.0079 0x125c [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc C:\windows\system32\lsass.exe
20:21:58.0079 0x125c VaultSvc - ok
20:22:00.0809 0x125c vdrvroot - ok
20:22:41.0603 0x125c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\windows\System32\vds.exe
20:22:44.0302 0x125c vds - ok
20:22:47.0048 0x125c vga - ok
20:22:47.0048 0x125c VgaSave - ok
20:22:47.0063 0x125c vhdmp - ok
20:22:47.0079 0x125c viaide - ok
20:22:47.0095 0x125c vm2uvcflt - ok
20:22:49.0793 0x125c vm332avs - ok
20:22:49.0809 0x125c volmgr - ok
20:22:49.0825 0x125c volmgrx - ok
20:22:49.0825 0x125c volsnap - ok
20:22:52.0508 0x125c vsmraid - ok
20:22:58.0154 0x125c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\windows\system32\vssvc.exe
20:22:58.0223 0x125c VSS - ok
20:22:58.0232 0x125c vwifibus - ok
20:22:58.0250 0x125c vwififlt - ok
20:22:58.0264 0x125c vwifimp - ok
20:22:58.0315 0x125c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\windows\system32\w32time.dll
20:22:58.0357 0x125c W32Time - ok
20:22:58.0420 0x125c WacomPen - ok
20:23:03.0758 0x125c WANARP - ok
20:23:09.0227 0x125c Wanarpv6 - ok
20:23:22.0952 0x125c [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
20:23:33.0939 0x125c WatAdminSvc - ok
20:24:07.0305 0x125c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\windows\system32\wbengine.exe
20:24:13.0416 0x125c wbengine - ok
20:24:16.0193 0x125c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\windows\System32\wbiosrvc.dll
20:24:16.0208 0x125c WbioSrvc - ok
20:24:16.0319 0x125c [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\windows\System32\wcncsvc.dll
20:24:16.0352 0x125c wcncsvc - ok
20:24:16.0372 0x125c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
20:24:16.0379 0x125c WcsPlugInService - ok
20:24:16.0384 0x125c Wd - ok
20:24:16.0392 0x125c Wdf01000 - ok
20:24:16.0435 0x125c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\windows\system32\wdi.dll
20:24:16.0442 0x125c WdiServiceHost - ok
20:24:16.0448 0x125c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\windows\system32\wdi.dll
20:24:16.0454 0x125c WdiSystemHost - ok
20:24:16.0509 0x125c [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\windows\System32\webclnt.dll
20:24:16.0519 0x125c WebClient - ok
20:24:22.0014 0x125c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\windows\system32\wecsvc.dll
20:24:24.0861 0x125c Wecsvc - ok
20:24:30.0424 0x125c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\windows\System32\wercplsupport.dll
20:24:30.0433 0x125c wercplsupport - ok
20:24:35.0913 0x125c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\windows\System32\WerSvc.dll
20:24:35.0920 0x125c WerSvc - ok
20:24:38.0654 0x125c WfpLwf - ok
20:24:38.0663 0x125c WIMMount - ok
20:24:41.0467 0x125c WinDefend - ok
20:25:08.0911 0x125c WinHttpAutoProxySvc - ok
20:25:17.0174 0x125c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
20:25:19.0893 0x125c Winmgmt - ok
20:26:23.0071 0x125c [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\windows\system32\WsmSvc.dll
20:26:26.0472 0x125c WinRM - ok
20:26:51.0073 0x125c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\windows\System32\wlansvc.dll
20:26:56.0565 0x125c Wlansvc - ok
20:27:15.0659 0x125c [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:27:21.0135 0x125c wlcrasvc - ok
20:28:53.0908 0x125c [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:28:56.0685 0x125c wlidsvc - ok
20:28:59.0321 0x125c WmiAcpi - ok
20:29:04.0781 0x125c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
20:29:07.0527 0x125c wmiApSrv - ok
20:29:13.0018 0x125c WMPNetworkSvc - ok
20:29:15.0764 0x125c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\windows\System32\wpcsvc.dll
20:29:15.0779 0x125c WPCSvc - ok
20:29:21.0224 0x125c [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
20:29:21.0239 0x125c WPDBusEnum - ok
20:29:21.0239 0x125c ws2ifsl - ok
20:29:23.0985 0x125c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\windows\System32\wscsvc.dll
20:29:24.0001 0x125c wscsvc - ok
20:29:24.0001 0x125c WSearch - ok
20:29:34.0889 0x125c wsvd - ok
20:30:04.0966 0x125c [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\windows\system32\wuaueng.dll
20:30:05.0060 0x125c wuauserv - ok
20:30:05.0060 0x125c WudfPf - ok
20:30:05.0091 0x125c WUDFRd - ok
20:30:05.0122 0x125c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\windows\System32\WUDFSvc.dll
20:30:05.0122 0x125c wudfsvc - ok
20:30:05.0169 0x125c [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc C:\windows\System32\wwansvc.dll
20:30:05.0185 0x125c WwanSvc - ok
20:30:05.0216 0x125c zntport - ok
20:30:05.0294 0x125c ================ Scan global ===============================
20:30:05.0325 0x125c [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\windows\system32\basesrv.dll
20:30:05.0356 0x125c [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll
20:30:05.0387 0x125c [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll
20:30:08.0149 0x125c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll
20:30:19.0115 0x125c [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\windows\system32\services.exe
20:30:21.0861 0x125c [ Global ] - ok
20:30:21.0861 0x125c ================ Scan MBR ==================================
20:30:24.0560 0x125c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:30:54.0933 0x125c \Device\Harddisk0\DR0 - ok
20:30:54.0949 0x125c [ 65E858A8A0293BE11A920B0BC99D695E ] \Device\Harddisk1\DR1
20:30:54.0964 0x125c \Device\Harddisk1\DR1 - ok
20:30:54.0964 0x125c ================ Scan VBR ==================================
20:30:54.0980 0x125c [ A0F96B81A3776E4531A43C64C3E685B9 ] \Device\Harddisk0\DR0\Partition1
20:30:54.0996 0x125c \Device\Harddisk0\DR0\Partition1 - ok
20:30:55.0011 0x125c [ EC65B2960EAF9C171945F5D64217ED67 ] \Device\Harddisk0\DR0\Partition2
20:30:55.0011 0x125c \Device\Harddisk0\DR0\Partition2 - ok
20:31:19.0722 0x125c [ 4610053681E87168A0CEAC51C8154BB9 ] \Device\Harddisk0\DR0\Partition3
20:31:19.0722 0x125c \Device\Harddisk0\DR0\Partition3 - ok
20:31:19.0737 0x125c [ 7C2491382338F71CBE3170D90231B6D2 ] \Device\Harddisk1\DR1\Partition1
20:31:19.0737 0x125c \Device\Harddisk1\DR1\Partition1 - ok
20:31:19.0940 0x125c AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2011.263 ), 0x40000 ( disabled : updated )
20:31:19.0971 0x125c Win FW state via NFP2: disabled
20:31:22.0779 0x125c ============================================================
20:31:22.0779 0x125c Scan finished
20:31:22.0779 0x125c ============================================================
20:31:22.0779 0x080c Detected object count: 1
20:31:22.0779 0x080c Actual detected object count: 1
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 89 hostů