HJT+WhoCrashed log - pády systému, firefoxu Vyřešeno

[Clorky]

edit: Tak WhoCrashed prověřeno uživatelem adavyp, systém padal kvůli něčemu, co způsoboval antivir s RAMkami.
Každopádně bych prosil o kontrolu HJT, popř. Combofixu apod.
PC je stařešina, a potřebuje trochu udržovat. Sic slouží především jen k internetu, ale stejně.


Zdravím, u druhého PC stále padá systém a i firefox.
Tady je HJT:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:58:53, on 2.2.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Safe mode with network support

Running processes:
C:\Windows\Explorer.EXE
C:\Windows\System32\WerFault.exe
C:\Windows\system32\ctfmon.exe
C:\Users\Bozka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bozka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bozka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bozka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bozka\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Bozka\Documents\Downloads\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BigDog303] C:\Windows\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... ab_nvd.cab
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - https://sslvpn.cez.cz/dlmanager/version ... .2.6.0.cab
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.co ... 1.66.0.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://sslvpn.cez.cz/dana-cached/sc/Ju ... Client.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Performance Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\Windows\system32\nvsvc32.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 8431 bytes

[Reklama]

[Žbeky]

Fixni:

Kód: Vybrat vše

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... ab_nvd.cab
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - https://sslvpn.cez.cz/dlmanager/version ... .2.6.0.cab
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.co ... 1.66.0.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://sslvpn.cez.cz/dana-cached/sc/Ju ... Client.cab

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
- Pokud používáš Firefox, klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Chrome, nic dalšího nevybírej a dej Empty Selected.
Po vyčištění klikni na Exit k zavření programu.

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(ZATÍM SÁM NIC NEMAŽ!).
Vlož sem pak obsah toho logu.

[Clorky]

Vše hotovo. Díky.

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Verze: v2013.02.03.02

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Bozka :: P266 [administrátor]

3.2.2013 10:01:08
mbam-log-2013-02-03 (10-01-08).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 194305
Uplynulý čas: 11 minut, 43 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

[Orcus]

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

====================================================

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je označen pro odstranění, stačí restartovat počítač.

Pokud budou problémy , spusť v nouz. režimu.

[Clorky]

Po restartování nešla zapnout žádná aplikace. Psalo to něco ohledně registru.
Jsem tedy v Safe Modu.

13:46:54.0634 3568 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
13:46:55.0717 3568 ============================================================
13:46:55.0717 3568 Current date / time: 2013/02/03 13:46:55.0717
13:46:55.0717 3568 SystemInfo:
13:46:55.0717 3568
13:46:55.0717 3568 OS Version: 6.1.7601 ServicePack: 1.0
13:46:55.0717 3568 Product type: Workstation
13:46:55.0717 3568 ComputerName: P266
13:46:55.0718 3568 UserName: Bozka
13:46:55.0718 3568 Windows directory: C:\Windows
13:46:55.0718 3568 System windows directory: C:\Windows
13:46:55.0718 3568 Processor architecture: Intel x86
13:46:55.0718 3568 Number of processors: 1
13:46:55.0718 3568 Page size: 0x1000
13:46:55.0718 3568 Boot type: Normal boot
13:46:55.0718 3568 ============================================================
13:47:09.0572 3568 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:47:09.0594 3568 Drive \Device\Harddisk1\DR1 - Size: 0x9516AE000 (37.27 Gb), SectorSize: 0x200, Cylinders: 0x1301, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:47:09.0657 3568 ============================================================
13:47:09.0657 3568 \Device\Harddisk0\DR0:
13:47:09.0657 3568 MBR partitions:
13:47:09.0657 3568 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
13:47:09.0657 3568 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x6176000
13:47:09.0657 3568 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x61A8800, BlocksNum 0xC870800
13:47:09.0657 3568 \Device\Harddisk1\DR1:
13:47:09.0660 3568 MBR partitions:
13:47:09.0660 3568 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x4A8A000
13:47:09.0660 3568 ============================================================
13:47:09.0708 3568 C: <-> \Device\Harddisk0\DR0\Partition2
13:47:09.0771 3568 D: <-> \Device\Harddisk0\DR0\Partition3
13:47:09.0812 3568 Z: <-> \Device\Harddisk1\DR1\Partition1
13:47:09.0812 3568 ============================================================
13:47:09.0813 3568 Initialize success
13:47:09.0813 3568 ============================================================
13:47:12.0276 1068 ============================================================
13:47:12.0276 1068 Scan started
13:47:12.0276 1068 Mode: Manual;
13:47:12.0276 1068 ============================================================
13:47:13.0491 1068 ================ Scan system memory ========================
13:47:13.0491 1068 System memory - ok
13:47:13.0499 1068 ================ Scan services =============================
13:47:14.0018 1068 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
13:47:14.0036 1068 1394ohci - ok
13:47:14.0101 1068 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
13:47:14.0119 1068 ACPI - ok
13:47:14.0171 1068 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
13:47:14.0174 1068 AcpiPmi - ok
13:47:14.0296 1068 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:47:14.0312 1068 AdobeFlashPlayerUpdateSvc - ok
13:47:14.0408 1068 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
13:47:14.0431 1068 adp94xx - ok
13:47:14.0472 1068 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
13:47:14.0491 1068 adpahci - ok
13:47:14.0557 1068 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
13:47:14.0574 1068 adpu320 - ok
13:47:14.0620 1068 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:47:14.0636 1068 AeLookupSvc - ok
13:47:14.0703 1068 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
13:47:14.0720 1068 AFD - ok
13:47:14.0775 1068 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
13:47:14.0790 1068 agp440 - ok
13:47:14.0849 1068 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
13:47:14.0853 1068 aic78xx - ok
13:47:15.0151 1068 [ 7997B6F02CBDA0E31FA18CC85871B938 ] ALCXWDM C:\Windows\system32\drivers\RTKVAC.SYS
13:47:15.0311 1068 ALCXWDM - ok
13:47:15.0370 1068 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
13:47:15.0373 1068 ALG - ok
13:47:15.0420 1068 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
13:47:15.0423 1068 aliide - ok
13:47:15.0472 1068 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
13:47:15.0475 1068 amdagp - ok
13:47:15.0512 1068 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
13:47:15.0527 1068 amdide - ok
13:47:15.0581 1068 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
13:47:15.0585 1068 AmdK8 - ok
13:47:15.0607 1068 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
13:47:15.0611 1068 AmdPPM - ok
13:47:15.0670 1068 [ E7F4D42D8076EC60E21715CD11743A0D ] amdsata C:\Windows\system32\drivers\amdsata.sys
13:47:15.0682 1068 amdsata - ok
13:47:15.0726 1068 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
13:47:15.0761 1068 amdsbs - ok
13:47:15.0791 1068 [ 146459D2B08BFDCBFA856D9947043C81 ] amdxata C:\Windows\system32\drivers\amdxata.sys
13:47:15.0794 1068 amdxata - ok
13:47:15.0851 1068 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
13:47:15.0855 1068 AppID - ok
13:47:15.0909 1068 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:47:15.0912 1068 AppIDSvc - ok
13:47:15.0984 1068 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
13:47:15.0999 1068 Appinfo - ok
13:47:16.0064 1068 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
13:47:16.0071 1068 AppMgmt - ok
13:47:16.0115 1068 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
13:47:16.0119 1068 arc - ok
13:47:16.0153 1068 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
13:47:16.0157 1068 arcsas - ok
13:47:16.0205 1068 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
13:47:16.0208 1068 aswFsBlk - ok
13:47:16.0285 1068 [ 62F9DCEC95F91B8E0203E85D344A7E65 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
13:47:16.0288 1068 aswMonFlt - ok
13:47:16.0316 1068 [ 81F638A2DD94ABBF0B43880AB38D8DBD ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
13:47:16.0320 1068 aswRdr - ok
13:47:16.0393 1068 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
13:47:16.0436 1068 aswSnx - ok
13:47:16.0486 1068 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\Windows\system32\drivers\aswSP.sys
13:47:16.0504 1068 aswSP - ok
13:47:16.0541 1068 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
13:47:16.0545 1068 aswTdi - ok
13:47:16.0589 1068 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:47:16.0591 1068 AsyncMac - ok
13:47:16.0646 1068 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
13:47:16.0648 1068 atapi - ok
13:47:16.0738 1068 [ 86ACB6A60C50E99EB8E68710D5A12654 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
13:47:16.0781 1068 Ati External Event Utility - ok
13:47:17.0119 1068 [ 7DB96C2801A78513BDC133C25D07929E ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
13:47:17.0294 1068 atikmdag - ok
13:47:17.0358 1068 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:47:17.0401 1068 AudioEndpointBuilder - ok
13:47:17.0454 1068 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
13:47:17.0463 1068 Audiosrv - ok
13:47:17.0580 1068 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
13:47:17.0582 1068 avast! Antivirus - ok
13:47:17.0640 1068 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:47:17.0646 1068 AxInstSV - ok
13:47:17.0713 1068 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
13:47:17.0732 1068 b06bdrv - ok
13:47:17.0785 1068 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
13:47:17.0803 1068 b57nd60x - ok
13:47:17.0927 1068 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.exe
13:47:17.0936 1068 BBSvc - ok
13:47:17.0969 1068 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.exe
13:47:17.0986 1068 BBUpdate - ok
13:47:18.0041 1068 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
13:47:18.0046 1068 BDESVC - ok
13:47:18.0084 1068 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
13:47:18.0087 1068 Beep - ok
13:47:18.0150 1068 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
13:47:18.0168 1068 BFE - ok
13:47:18.0226 1068 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\system32\qmgr.dll
13:47:18.0255 1068 BITS - ok
13:47:18.0302 1068 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
13:47:18.0304 1068 blbdrive - ok
13:47:18.0343 1068 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:47:18.0346 1068 bowser - ok
13:47:18.0374 1068 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:47:18.0380 1068 BrFiltLo - ok
13:47:18.0411 1068 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:47:18.0414 1068 BrFiltUp - ok
13:47:18.0458 1068 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
13:47:18.0462 1068 BridgeMP - ok
13:47:18.0511 1068 [ 6E11F33D14D020F58D5E02E4D67DFA19 ] Browser C:\Windows\System32\browser.dll
13:47:18.0516 1068 Browser - ok
13:47:18.0568 1068 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
13:47:18.0586 1068 Brserid - ok
13:47:18.0628 1068 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
13:47:18.0632 1068 BrSerWdm - ok
13:47:18.0662 1068 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
13:47:18.0665 1068 BrUsbMdm - ok
13:47:18.0686 1068 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
13:47:18.0689 1068 BrUsbSer - ok
13:47:18.0718 1068 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
13:47:18.0721 1068 BTHMODEM - ok
13:47:18.0793 1068 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
13:47:18.0798 1068 bthserv - ok
13:47:18.0896 1068 catchme - ok
13:47:18.0942 1068 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:47:18.0946 1068 cdfs - ok
13:47:19.0012 1068 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\drivers\cdrom.sys
13:47:19.0019 1068 cdrom - ok
13:47:19.0075 1068 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
13:47:19.0079 1068 CertPropSvc - ok
13:47:19.0120 1068 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
13:47:19.0124 1068 circlass - ok
13:47:19.0168 1068 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
13:47:19.0184 1068 CLFS - ok
13:47:19.0264 1068 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:47:19.0280 1068 clr_optimization_v2.0.50727_32 - ok
13:47:19.0315 1068 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
13:47:19.0318 1068 CmBatt - ok
13:47:19.0350 1068 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:47:19.0353 1068 cmdide - ok
13:47:19.0403 1068 [ 6427525D76F61D0C519B008D3680E8E7 ] CNG C:\Windows\system32\Drivers\cng.sys
13:47:19.0421 1068 CNG - ok
13:47:19.0459 1068 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
13:47:19.0462 1068 Compbatt - ok
13:47:19.0511 1068 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
13:47:19.0513 1068 CompositeBus - ok
13:47:19.0552 1068 COMSysApp - ok
13:47:19.0640 1068 [ D01F685F8B4598D144B0CCE9FF95D8D5 ] cpudrv C:\Program Files\SystemRequirementsLab\cpudrv.sys
13:47:19.0644 1068 cpudrv - ok
13:47:19.0678 1068 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
13:47:19.0680 1068 crcdisk - ok
13:47:19.0760 1068 [ A585BEBF7D054BD9618EDA0922D5484A ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:47:19.0766 1068 CryptSvc - ok
13:47:19.0822 1068 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
13:47:19.0840 1068 CSC - ok
13:47:19.0900 1068 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
13:47:19.0918 1068 CscService - ok
13:47:20.0003 1068 [ 4E08A98DBA0B1249C2EB4B191978A9A4 ] ctxusbm C:\Windows\system32\DRIVERS\ctxusbm.sys
13:47:20.0007 1068 ctxusbm - ok
13:47:20.0071 1068 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
13:47:20.0098 1068 DcomLaunch - ok
13:47:20.0149 1068 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
13:47:20.0167 1068 defragsvc - ok
13:47:20.0227 1068 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:47:20.0231 1068 DfsC - ok
13:47:20.0294 1068 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
13:47:20.0311 1068 Dhcp - ok
13:47:20.0349 1068 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
13:47:20.0377 1068 discache - ok
13:47:20.0467 1068 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
13:47:20.0470 1068 Disk - ok
13:47:20.0523 1068 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:47:20.0530 1068 Dnscache - ok
13:47:20.0578 1068 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
13:47:20.0595 1068 dot3svc - ok
13:47:20.0654 1068 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
13:47:20.0660 1068 DPS - ok
13:47:20.0701 1068 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:47:20.0704 1068 drmkaud - ok
13:47:20.0771 1068 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:47:20.0808 1068 DXGKrnl - ok
13:47:20.0849 1068 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
13:47:20.0855 1068 EapHost - ok
13:47:21.0006 1068 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
13:47:21.0103 1068 ebdrv - ok
13:47:21.0148 1068 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
13:47:21.0154 1068 EFS - ok
13:47:21.0233 1068 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:47:21.0251 1068 ehRecvr - ok
13:47:21.0295 1068 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
13:47:21.0300 1068 ehSched - ok
13:47:21.0356 1068 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
13:47:21.0375 1068 elxstor - ok
13:47:21.0406 1068 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:47:21.0409 1068 ErrDev - ok
13:47:21.0491 1068 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
13:47:21.0509 1068 EventSystem - ok
13:47:21.0546 1068 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
13:47:21.0554 1068 exfat - ok
13:47:21.0591 1068 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:47:21.0599 1068 fastfat - ok
13:47:21.0660 1068 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
13:47:21.0686 1068 Fax - ok
13:47:21.0733 1068 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
13:47:21.0736 1068 fdc - ok
13:47:21.0776 1068 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
13:47:21.0791 1068 fdPHost - ok
13:47:21.0816 1068 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
13:47:21.0822 1068 FDResPub - ok
13:47:21.0854 1068 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:47:21.0858 1068 FileInfo - ok
13:47:21.0886 1068 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:47:21.0889 1068 Filetrace - ok
13:47:21.0918 1068 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
13:47:21.0921 1068 flpydisk - ok
13:47:21.0978 1068 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:47:21.0991 1068 FltMgr - ok
13:47:22.0078 1068 [ FA6C66E4364D7DA57AADE5DCC03BB999 ] FontCache C:\Windows\system32\FntCache.dll
13:47:22.0112 1068 FontCache - ok
13:47:22.0195 1068 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
13:47:22.0200 1068 FontCache3.0.0.0 - ok
13:47:22.0239 1068 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:47:22.0243 1068 FsDepends - ok
13:47:22.0272 1068 [ A574B4360E438977038AAE4BF60D79A2 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:47:22.0275 1068 Fs_Rec - ok
13:47:22.0334 1068 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:47:22.0350 1068 fvevol - ok
13:47:22.0404 1068 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
13:47:22.0408 1068 gagp30kx - ok
13:47:22.0468 1068 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
13:47:22.0494 1068 gpsvc - ok
13:47:22.0547 1068 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
13:47:22.0553 1068 gupdate - ok
13:47:22.0590 1068 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
13:47:22.0593 1068 gupdatem - ok
13:47:22.0631 1068 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
13:47:22.0635 1068 hcw85cir - ok
13:47:22.0669 1068 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
13:47:22.0675 1068 HDAudBus - ok
13:47:22.0705 1068 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
13:47:22.0709 1068 HidBatt - ok
13:47:22.0738 1068 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
13:47:22.0742 1068 HidBth - ok
13:47:22.0785 1068 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
13:47:22.0793 1068 HidIr - ok
13:47:22.0834 1068 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\System32\hidserv.dll
13:47:22.0840 1068 hidserv - ok
13:47:22.0888 1068 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:47:22.0892 1068 HidUsb - ok
13:47:22.0933 1068 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
13:47:22.0940 1068 hkmsvc - ok
13:47:22.0985 1068 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:47:23.0003 1068 HomeGroupListener - ok
13:47:23.0051 1068 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:47:23.0067 1068 HomeGroupProvider - ok
13:47:23.0124 1068 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
13:47:23.0128 1068 HpSAMD - ok
13:47:23.0179 1068 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:47:23.0198 1068 HTTP - ok
13:47:23.0235 1068 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:47:23.0238 1068 hwpolicy - ok
13:47:23.0297 1068 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
13:47:23.0301 1068 i8042prt - ok
13:47:23.0360 1068 [ A3CAE5D281DB4CFF7CFF8233507EE5AD ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
13:47:23.0378 1068 iaStorV - ok
13:47:23.0454 1068 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:47:23.0490 1068 idsvc - ok
13:47:23.0571 1068 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
13:47:23.0574 1068 iirsp - ok
13:47:23.0640 1068 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
13:47:23.0675 1068 IKEEXT - ok
13:47:23.0723 1068 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
13:47:23.0727 1068 intelide - ok
13:47:23.0788 1068 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:47:23.0791 1068 intelppm - ok
13:47:23.0846 1068 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:47:23.0853 1068 IPBusEnum - ok
13:47:23.0886 1068 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:47:23.0889 1068 IpFilterDriver - ok
13:47:23.0956 1068 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:47:23.0984 1068 iphlpsvc - ok
13:47:24.0022 1068 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
13:47:24.0027 1068 IPMIDRV - ok
13:47:24.0073 1068 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:47:24.0078 1068 IPNAT - ok
13:47:24.0120 1068 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:47:24.0123 1068 IRENUM - ok
13:47:24.0152 1068 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:47:24.0156 1068 isapnp - ok
13:47:24.0211 1068 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
13:47:24.0229 1068 iScsiPrt - ok
13:47:24.0277 1068 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:47:24.0281 1068 kbdclass - ok
13:47:24.0343 1068 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
13:47:24.0346 1068 kbdhid - ok
13:47:24.0378 1068 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
13:47:24.0383 1068 KeyIso - ok
13:47:24.0431 1068 [ F4647BB23DB9038A7536CF6B68F4207F ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:47:24.0435 1068 KSecDD - ok
13:47:24.0468 1068 [ E73CAE53BBB72BA26918492C6B4C229D ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:47:24.0472 1068 KSecPkg - ok
13:47:24.0522 1068 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
13:47:24.0540 1068 KtmRm - ok
13:47:24.0607 1068 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\System32\srvsvc.dll
13:47:24.0624 1068 LanmanServer - ok
13:47:24.0665 1068 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:47:24.0677 1068 LanmanWorkstation - ok
13:47:24.0748 1068 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:47:24.0752 1068 lltdio - ok
13:47:24.0793 1068 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:47:24.0810 1068 lltdsvc - ok
13:47:24.0846 1068 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
13:47:24.0852 1068 lmhosts - ok
13:47:24.0922 1068 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
13:47:24.0927 1068 LSI_FC - ok
13:47:24.0958 1068 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
13:47:24.0962 1068 LSI_SAS - ok
13:47:24.0997 1068 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:47:25.0001 1068 LSI_SAS2 - ok
13:47:25.0034 1068 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:47:25.0039 1068 LSI_SCSI - ok
13:47:25.0077 1068 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
13:47:25.0081 1068 luafv - ok
13:47:25.0138 1068 [ 763A50CE71F03DF16FE3C74A9531F85F ] m4301a C:\Windows\system32\DRIVERS\m4301A.sys
13:47:25.0143 1068 m4301a - ok
13:47:25.0189 1068 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:47:25.0197 1068 Mcx2Svc - ok
13:47:25.0238 1068 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
13:47:25.0241 1068 megasas - ok
13:47:25.0284 1068 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
13:47:25.0302 1068 MegaSR - ok
13:47:25.0392 1068 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
13:47:25.0397 1068 Microsoft Office Groove Audit Service - ok
13:47:25.0437 1068 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
13:47:25.0444 1068 MMCSS - ok
13:47:25.0477 1068 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
13:47:25.0481 1068 Modem - ok
13:47:25.0536 1068 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:47:25.0538 1068 monitor - ok
13:47:25.0591 1068 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:47:25.0594 1068 mouclass - ok
13:47:25.0629 1068 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:47:25.0633 1068 mouhid - ok
13:47:25.0682 1068 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
13:47:25.0686 1068 mountmgr - ok
13:47:25.0763 1068 [ 9C3758018DED02F4AE53CCA1C5F084A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
13:47:25.0768 1068 MozillaMaintenance - ok
13:47:25.0804 1068 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
13:47:25.0810 1068 mpio - ok
13:47:25.0849 1068 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:47:25.0853 1068 mpsdrv - ok
13:47:25.0919 1068 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
13:47:25.0945 1068 MpsSvc - ok
13:47:25.0991 1068 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:47:25.0996 1068 MRxDAV - ok
13:47:26.0039 1068 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:47:26.0045 1068 mrxsmb - ok
13:47:26.0079 1068 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:47:26.0097 1068 mrxsmb10 - ok
13:47:26.0126 1068 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:47:26.0131 1068 mrxsmb20 - ok
13:47:26.0178 1068 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
13:47:26.0181 1068 msahci - ok
13:47:26.0222 1068 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:47:26.0227 1068 msdsm - ok
13:47:26.0261 1068 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
13:47:26.0270 1068 MSDTC - ok
13:47:26.0327 1068 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:47:26.0330 1068 Msfs - ok
13:47:26.0359 1068 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
13:47:26.0362 1068 mshidkmdf - ok
13:47:26.0387 1068 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:47:26.0391 1068 msisadrv - ok
13:47:26.0440 1068 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:47:26.0448 1068 MSiSCSI - ok
13:47:26.0470 1068 msiserver - ok
13:47:26.0517 1068 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:47:26.0520 1068 MSKSSRV - ok
13:47:26.0569 1068 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:47:26.0572 1068 MSPCLOCK - ok
13:47:26.0602 1068 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:47:26.0605 1068 MSPQM - ok
13:47:26.0640 1068 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:47:26.0649 1068 MsRPC - ok
13:47:26.0698 1068 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
13:47:26.0701 1068 mssmbios - ok
13:47:26.0747 1068 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:47:26.0753 1068 MSTEE - ok
13:47:26.0805 1068 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
13:47:26.0808 1068 MTConfig - ok
13:47:26.0838 1068 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
13:47:26.0842 1068 Mup - ok
13:47:26.0890 1068 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
13:47:26.0916 1068 napagent - ok
13:47:26.0984 1068 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:47:27.0002 1068 NativeWifiP - ok
13:47:27.0065 1068 [ E7C54812A2AAF43316EB6930C1FFA108 ] NDIS C:\Windows\system32\drivers\ndis.sys
13:47:27.0093 1068 NDIS - ok
13:47:27.0153 1068 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
13:47:27.0156 1068 NdisCap - ok
13:47:27.0201 1068 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:47:27.0204 1068 NdisTapi - ok
13:47:27.0252 1068 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:47:27.0256 1068 Ndisuio - ok
13:47:27.0300 1068 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:47:27.0305 1068 NdisWan - ok
13:47:27.0351 1068 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:47:27.0356 1068 NDProxy - ok
13:47:27.0429 1068 [ 21795B5EE8F96D094ED4E6B87AD31895 ] NEOFLTR_700_17289 C:\Windows\system32\Drivers\NEOFLTR_700_17289.SYS
13:47:27.0434 1068 NEOFLTR_700_17289 - ok
13:47:27.0495 1068 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:47:27.0499 1068 NetBIOS - ok
13:47:27.0546 1068 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
13:47:27.0563 1068 NetBT - ok
13:47:27.0591 1068 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
13:47:27.0597 1068 Netlogon - ok
13:47:27.0701 1068 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
13:47:27.0726 1068 Netman - ok
13:47:27.0774 1068 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
13:47:27.0803 1068 netprofm - ok
13:47:27.0841 1068 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:47:27.0846 1068 NetTcpPortSharing - ok
13:47:27.0901 1068 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
13:47:27.0905 1068 nfrd960 - ok
13:47:27.0958 1068 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
13:47:27.0975 1068 NlaSvc - ok
13:47:28.0003 1068 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:47:28.0006 1068 Npfs - ok
13:47:28.0046 1068 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
13:47:28.0053 1068 nsi - ok
13:47:28.0098 1068 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:47:28.0101 1068 nsiproxy - ok
13:47:28.0201 1068 [ 33C3093D09017CFE2E219F2472BFF6EB ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:47:28.0261 1068 Ntfs - ok
13:47:28.0331 1068 nTuneService - ok
13:47:28.0388 1068 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
13:47:28.0403 1068 Null - ok
13:47:28.0738 1068 [ A28AB3B7E33467C65EE5858DA5CB166D ] nv C:\Windows\system32\DRIVERS\nv4_mini.sys
13:47:28.0857 1068 nv - ok
13:47:28.0913 1068 [ A2189FC364062AA336E3FC934E46E147 ] NVR0Dev C:\Windows\nvoclock.sys
13:47:28.0916 1068 NVR0Dev - ok
13:47:28.0953 1068 [ AF2EEC9580C1D32FB7EAF105D9784061 ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:47:28.0965 1068 nvraid - ok
13:47:29.0004 1068 [ 9283C58EBAA2618F93482EB5DABCEC82 ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:47:29.0020 1068 nvstor - ok
13:47:29.0066 1068 [ 43B0A0774EA90BF699D267C45D2702F9 ] NVSvc C:\Windows\system32\nvsvc32.exe
13:47:29.0085 1068 NVSvc - ok
13:47:29.0117 1068 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:47:29.0132 1068 nv_agp - ok
13:47:29.0311 1068 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:47:29.0345 1068 odserv - ok
13:47:29.0378 1068 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
13:47:29.0390 1068 ohci1394 - ok
13:47:29.0462 1068 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:47:29.0471 1068 ose - ok
13:47:29.0530 1068 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
13:47:29.0548 1068 p2pimsvc - ok
13:47:29.0663 1068 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
13:47:29.0678 1068 p2psvc - ok
13:47:29.0726 1068 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
13:47:29.0731 1068 Parport - ok
13:47:29.0776 1068 [ BF8F6AF06DA75B336F07E23AEF97D93B ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:47:29.0781 1068 partmgr - ok
13:47:29.0811 1068 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
13:47:29.0815 1068 Parvdm - ok
13:47:29.0860 1068 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
13:47:29.0878 1068 PcaSvc - ok
13:47:29.0924 1068 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
13:47:29.0932 1068 pci - ok
13:47:29.0973 1068 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
13:47:29.0976 1068 pciide - ok
13:47:30.0028 1068 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
13:47:30.0045 1068 pcmcia - ok
13:47:30.0079 1068 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
13:47:30.0083 1068 pcw - ok
13:47:30.0134 1068 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:47:30.0169 1068 PEAUTH - ok
13:47:30.0243 1068 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
13:47:30.0277 1068 PeerDistSvc - ok
13:47:30.0406 1068 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
13:47:30.0474 1068 pla - ok
13:47:30.0526 1068 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:47:30.0552 1068 PlugPlay - ok
13:47:30.0583 1068 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
13:47:30.0592 1068 PNRPAutoReg - ok
13:47:30.0629 1068 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
13:47:30.0639 1068 PNRPsvc - ok
13:47:30.0696 1068 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:47:30.0714 1068 PolicyAgent - ok
13:47:30.0771 1068 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
13:47:30.0784 1068 Power - ok
13:47:30.0842 1068 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:47:30.0845 1068 PptpMiniport - ok
13:47:30.0881 1068 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
13:47:30.0886 1068 Processor - ok
13:47:30.0946 1068 [ 43CA4CCC22D52FB58E8988F0198851D0 ] ProfSvc C:\Windows\system32\profsvc.dll
13:47:30.0964 1068 ProfSvc - ok
13:47:31.0004 1068 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:47:31.0009 1068 ProtectedStorage - ok
13:47:31.0054 1068 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
13:47:31.0059 1068 Psched - ok
13:47:31.0130 1068 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
13:47:31.0174 1068 ql2300 - ok
13:47:31.0225 1068 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
13:47:31.0231 1068 ql40xx - ok
13:47:31.0287 1068 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
13:47:31.0304 1068 QWAVE - ok
13:47:31.0337 1068 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:47:31.0340 1068 QWAVEdrv - ok
13:47:31.0366 1068 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:47:31.0369 1068 RasAcd - ok
13:47:31.0419 1068 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
13:47:31.0422 1068 RasAgileVpn - ok
13:47:31.0465 1068 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
13:47:31.0475 1068 RasAuto - ok
13:47:31.0518 1068 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:47:31.0523 1068 Rasl2tp - ok
13:47:31.0584 1068 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
13:47:31.0601 1068 RasMan - ok
13:47:31.0640 1068 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:47:31.0645 1068 RasPppoe - ok
13:47:31.0689 1068 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:47:31.0693 1068 RasSstp - ok
13:47:31.0744 1068 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:47:31.0761 1068 rdbss - ok
13:47:31.0802 1068 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
13:47:31.0804 1068 rdpbus - ok
13:47:31.0846 1068 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:47:31.0849 1068 RDPCDD - ok
13:47:31.0904 1068 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
13:47:31.0910 1068 RDPDR - ok
13:47:31.0947 1068 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:47:31.0950 1068 RDPENCDD - ok
13:47:31.0991 1068 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
13:47:31.0997 1068 RDPREFMP - ok
13:47:32.0087 1068 [ 68A0387F58E226DEEE23D9715955572A ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
13:47:32.0090 1068 RdpVideoMiniport - ok
13:47:32.0139 1068 [ 288B06960D78428FF89E811632684E20 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:47:32.0157 1068 RDPWD - ok
13:47:32.0217 1068 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
13:47:32.0234 1068 rdyboost - ok
13:47:32.0279 1068 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
13:47:32.0287 1068 RemoteAccess - ok
13:47:32.0332 1068 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:47:32.0343 1068 RemoteRegistry - ok
13:47:32.0388 1068 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
13:47:32.0397 1068 RpcEptMapper - ok
13:47:32.0443 1068 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
13:47:32.0449 1068 RpcLocator - ok
13:47:32.0490 1068 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
13:47:32.0503 1068 RpcSs - ok
13:47:32.0554 1068 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:47:32.0558 1068 rspndr - ok
13:47:32.0613 1068 [ A3592E61F11A898B9D3BB1DC10134E1C ] RT61 C:\Windows\system32\DRIVERS\RT61.sys
13:47:32.0632 1068 RT61 - ok
13:47:32.0699 1068 [ E70DAB50DC67D4037A612384D649313F ] rt61x86 C:\Windows\system32\DRIVERS\netr61.sys
13:47:32.0717 1068 rt61x86 - ok
13:47:32.0761 1068 [ 166911EADA13CD34DD8F8C667707BE94 ] RTL8023xp C:\Windows\system32\DRIVERS\Rtnicxp.sys
13:47:32.0764 1068 RTL8023xp - ok
13:47:32.0812 1068 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
13:47:32.0815 1068 s3cap - ok
13:47:32.0843 1068 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
13:47:32.0848 1068 SamSs - ok
13:47:32.0888 1068 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:47:32.0893 1068 sbp2port - ok
13:47:32.0936 1068 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:47:32.0947 1068 SCardSvr - ok
13:47:32.0986 1068 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
13:47:32.0989 1068 scfilter - ok
13:47:33.0061 1068 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
13:47:33.0097 1068 Schedule - ok
13:47:33.0132 1068 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
13:47:33.0136 1068 SCPolicySvc - ok
13:47:33.0182 1068 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:47:33.0193 1068 SDRSVC - ok
13:47:33.0241 1068 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:47:33.0244 1068 secdrv - ok
13:47:33.0286 1068 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
13:47:33.0295 1068 seclogon - ok
13:47:33.0334 1068 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\system32\sens.dll
13:47:33.0344 1068 SENS - ok
13:47:33.0387 1068 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
13:47:33.0397 1068 SensrSvc - ok
13:47:33.0430 1068 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
13:47:33.0433 1068 Serenum - ok
13:47:33.0482 1068 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
13:47:33.0491 1068 Serial - ok
13:47:33.0532 1068 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
13:47:33.0536 1068 sermouse - ok
13:47:33.0616 1068 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
13:47:33.0627 1068 SessionEnv - ok
13:47:33.0676 1068 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:47:33.0679 1068 sffdisk - ok
13:47:33.0707 1068 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:47:33.0711 1068 sffp_mmc - ok
13:47:33.0738 1068 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:47:33.0741 1068 sffp_sd - ok
13:47:33.0783 1068 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
13:47:33.0797 1068 sfloppy - ok
13:47:33.0863 1068 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:47:33.0876 1068 SharedAccess - ok
13:47:33.0932 1068 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:47:33.0959 1068 ShellHWDetection - ok
13:47:33.0989 1068 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
13:47:33.0993 1068 sisagp - ok
13:47:34.0047 1068 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:47:34.0051 1068 SiSRaid2 - ok
13:47:34.0084 1068 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
13:47:34.0089 1068 SiSRaid4 - ok
13:47:34.0316 1068 [ 183F04C6742902F33039913A96F5B574 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
13:47:34.0422 1068 Skype C2C Service - ok
13:47:34.0517 1068 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
13:47:34.0526 1068 SkypeUpdate - ok
13:47:34.0571 1068 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:47:34.0576 1068 Smb - ok
13:47:34.0644 1068 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:47:34.0653 1068 SNMPTRAP - ok
13:47:34.0694 1068 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
13:47:34.0697 1068 spldr - ok
13:47:34.0751 1068 [ 866A43013535DC8587C258E43579C764 ] Spooler C:\Windows\System32\spoolsv.exe
13:47:34.0777 1068 Spooler - ok
13:47:34.0920 1068 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
13:47:35.0021 1068 sppsvc - ok
13:47:35.0070 1068 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
13:47:35.0080 1068 sppuinotify - ok
13:47:35.0127 1068 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
13:47:35.0144 1068 srv - ok
13:47:35.0186 1068 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:47:35.0204 1068 srv2 - ok
13:47:35.0233 1068 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:47:35.0238 1068 srvnet - ok
13:47:35.0284 1068 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:47:35.0302 1068 SSDPSRV - ok
13:47:35.0329 1068 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:47:35.0340 1068 SstpSvc - ok
13:47:35.0383 1068 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
13:47:35.0386 1068 stexstor - ok
13:47:35.0450 1068 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
13:47:35.0476 1068 StiSvc - ok
13:47:35.0513 1068 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
13:47:35.0517 1068 storflt - ok
13:47:35.0578 1068 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
13:47:35.0582 1068 storvsc - ok
13:47:35.0616 1068 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
13:47:35.0619 1068 swenum - ok
13:47:35.0672 1068 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
13:47:35.0698 1068 swprv - ok
13:47:35.0731 1068 Synth3dVsc - ok
13:47:35.0805 1068 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
13:47:35.0861 1068 SysMain - ok
13:47:35.0901 1068 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:47:35.0912 1068 TabletInputService - ok
13:47:35.0974 1068 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
13:47:35.0998 1068 TapiSrv - ok
13:47:36.0037 1068 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
13:47:36.0049 1068 TBS - ok
13:47:36.0129 1068 [ 65D10B191C59C5501A1263FC33F6894B ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:47:36.0173 1068 Tcpip - ok
13:47:36.0261 1068 [ 65D10B191C59C5501A1263FC33F6894B ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
13:47:36.0278 1068 TCPIP6 - ok
13:47:36.0332 1068 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:47:36.0336 1068 tcpipreg - ok
13:47:36.0394 1068 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:47:36.0397 1068 TDPIPE - ok
13:47:36.0428 1068 [ 2C10395BAA4847F83042813C515CC289 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:47:36.0432 1068 TDTCP - ok
13:47:36.0479 1068 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:47:36.0485 1068 tdx - ok
13:47:36.0511 1068 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
13:47:36.0514 1068 TermDD - ok
13:47:36.0576 1068 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
13:47:36.0602 1068 TermService - ok
13:47:36.0644 1068 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
13:47:36.0654 1068 Themes - ok
13:47:36.0682 1068 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
13:47:36.0689 1068 THREADORDER - ok
13:47:36.0737 1068 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
13:47:36.0748 1068 TrkWks - ok
13:47:36.0821 1068 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:47:36.0830 1068 TrustedInstaller - ok
13:47:36.0880 1068 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:47:36.0885 1068 tssecsrv - ok
13:47:36.0947 1068 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
13:47:36.0952 1068 TsUsbFlt - ok
13:47:36.0980 1068 tsusbhub - ok
13:47:37.0035 1068 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:47:37.0040 1068 tunnel - ok
13:47:37.0082 1068 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
13:47:37.0086 1068 uagp35 - ok
13:47:37.0133 1068 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:47:37.0150 1068 udfs - ok
13:47:37.0216 1068 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:47:37.0225 1068 UI0Detect - ok
13:47:37.0277 1068 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:47:37.0281 1068 uliagpkx - ok
13:47:37.0333 1068 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
13:47:37.0337 1068 umbus - ok
13:47:37.0390 1068 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
13:47:37.0394 1068 UmPass - ok
13:47:37.0451 1068 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
13:47:37.0468 1068 UmRdpService - ok
13:47:37.0515 1068 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
13:47:37.0549 1068 upnphost - ok
13:47:37.0599 1068 [ 7E72E7D7E0757D59481D530FD2B0BFAE ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:47:37.0604 1068 usbccgp - ok
13:47:37.0651 1068 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:47:37.0656 1068 usbcir - ok
13:47:37.0706 1068 [ 1C333BFD60F2FED2C7AD5DAF533CB742 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
13:47:37.0710 1068 usbehci - ok
13:47:37.0754 1068 [ 9D22AAD9AC6A07C691A1113E5F860868 ] usbhub C:\Windows\system32\drivers\usbhub.sys
13:47:37.0771 1068 usbhub - ok
13:47:37.0803 1068 [ A6FB7957EA7AFB1165991E54CE934B74 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
13:47:37.0806 1068 usbohci - ok
13:47:37.0835 1068 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
13:47:37.0839 1068 usbprint - ok
13:47:37.0887 1068 [ BF63EBFC6979FEFB2BC03DF7989A0C1A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:47:37.0892 1068 USBSTOR - ok
13:47:37.0940 1068 [ 78780C3EBCE17405B1CCD07A3A8A7D72 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
13:47:37.0944 1068 usbuhci - ok
13:47:37.0983 1068 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
13:47:37.0994 1068 UxSms - ok
13:47:38.0020 1068 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
13:47:38.0026 1068 VaultSvc - ok
13:47:38.0080 1068 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
13:47:38.0084 1068 vdrvroot - ok
13:47:38.0136 1068 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
13:47:38.0163 1068 vds - ok
13:47:38.0218 1068 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:47:38.0220 1068 vga - ok

[Clorky]

pokrač. TDSS:

13:47:38.0257 1068 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
13:47:38.0261 1068 VgaSave - ok
13:47:38.0303 1068 VGPU - ok
13:47:38.0349 1068 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
13:47:38.0367 1068 vhdmp - ok
13:47:38.0413 1068 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
13:47:38.0418 1068 viaagp - ok
13:47:38.0463 1068 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
13:47:38.0468 1068 ViaC7 - ok
13:47:38.0512 1068 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
13:47:38.0515 1068 viaide - ok
13:47:38.0561 1068 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
13:47:38.0570 1068 vmbus - ok
13:47:38.0604 1068 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
13:47:38.0607 1068 VMBusHID - ok
13:47:38.0642 1068 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:47:38.0646 1068 volmgr - ok
13:47:38.0698 1068 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:47:38.0716 1068 volmgrx - ok
13:47:38.0750 1068 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:47:38.0768 1068 volsnap - ok
13:47:38.0827 1068 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
13:47:38.0836 1068 vsmraid - ok
13:47:38.0914 1068 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
13:47:38.0960 1068 VSS - ok
13:47:38.0994 1068 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
13:47:38.0998 1068 vwifibus - ok
13:47:39.0040 1068 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
13:47:39.0044 1068 vwififlt - ok
13:47:39.0098 1068 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
13:47:39.0130 1068 W32Time - ok
13:47:39.0178 1068 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
13:47:39.0182 1068 WacomPen - ok
13:47:39.0220 1068 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
13:47:39.0225 1068 WANARP - ok
13:47:39.0246 1068 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:47:39.0249 1068 Wanarpv6 - ok
13:47:39.0335 1068 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
13:47:39.0398 1068 wbengine - ok
13:47:39.0472 1068 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
13:47:39.0487 1068 WbioSrvc - ok
13:47:39.0536 1068 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:47:39.0571 1068 wcncsvc - ok
13:47:39.0665 1068 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:47:39.0708 1068 WcsPlugInService - ok
13:47:39.0801 1068 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
13:47:39.0804 1068 Wd - ok
13:47:39.0848 1068 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:47:39.0867 1068 Wdf01000 - ok
13:47:39.0896 1068 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:47:39.0908 1068 WdiServiceHost - ok
13:47:39.0929 1068 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:47:39.0940 1068 WdiSystemHost - ok
13:47:39.0991 1068 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
13:47:40.0009 1068 WebClient - ok
13:47:40.0055 1068 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:47:40.0073 1068 Wecsvc - ok
13:47:40.0121 1068 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:47:40.0132 1068 wercplsupport - ok
13:47:40.0172 1068 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
13:47:40.0182 1068 WerSvc - ok
13:47:40.0236 1068 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
13:47:40.0240 1068 WfpLwf - ok
13:47:40.0269 1068 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
13:47:40.0273 1068 WIMMount - ok
13:47:40.0350 1068 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
13:47:40.0376 1068 WinDefend - ok
13:47:40.0408 1068 WinHttpAutoProxySvc - ok
13:47:40.0476 1068 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:47:40.0494 1068 Winmgmt - ok
13:47:40.0576 1068 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
13:47:40.0620 1068 WinRM - ok
13:47:40.0702 1068 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
13:47:40.0707 1068 WinUsb - ok
13:47:40.0787 1068 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
13:47:40.0828 1068 Wlansvc - ok
13:47:40.0877 1068 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
13:47:40.0880 1068 WmiAcpi - ok
13:47:40.0941 1068 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:47:40.0947 1068 wmiApSrv - ok
13:47:41.0042 1068 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
13:47:41.0080 1068 WMPNetworkSvc - ok
13:47:41.0120 1068 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:47:41.0132 1068 WPCSvc - ok
13:47:41.0171 1068 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:47:41.0183 1068 WPDBusEnum - ok
13:47:41.0225 1068 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:47:41.0229 1068 ws2ifsl - ok
13:47:41.0267 1068 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\system32\wscsvc.dll
13:47:41.0280 1068 wscsvc - ok
13:47:41.0303 1068 WSearch - ok
13:47:41.0420 1068 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
13:47:41.0488 1068 wuauserv - ok
13:47:41.0528 1068 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:47:41.0534 1068 WudfPf - ok
13:47:41.0616 1068 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:47:41.0623 1068 WUDFRd - ok
13:47:41.0693 1068 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:47:41.0706 1068 wudfsvc - ok
13:47:41.0756 1068 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
13:47:41.0773 1068 WwanSvc - ok
13:47:41.0841 1068 [ B53430A93FEF17B08AC3A9F245B9720F ] ZSMC303 C:\Windows\system32\Drivers\usbVM303.sys
13:47:41.0859 1068 ZSMC303 - ok
13:47:41.0968 1068 ================ Scan global ===============================
13:47:42.0011 1068 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
13:47:42.0063 1068 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
13:47:42.0098 1068 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
13:47:42.0142 1068 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
13:47:42.0189 1068 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
13:47:42.0207 1068 [Global] - ok
13:47:42.0215 1068 ================ Scan MBR ==================================
13:47:42.0234 1068 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:47:42.0396 1068 \Device\Harddisk0\DR0 - ok
13:47:42.0433 1068 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk1\DR1
13:47:42.0448 1068 \Device\Harddisk1\DR1 - ok
13:47:42.0457 1068 ================ Scan VBR ==================================
13:47:42.0474 1068 [ 0A27CD7E624A5B4E0E54C57BC727287C ] \Device\Harddisk0\DR0\Partition1
13:47:42.0476 1068 \Device\Harddisk0\DR0\Partition1 - ok
13:47:42.0497 1068 [ 6815237B9CF1DB64CFB6EF775D57294E ] \Device\Harddisk0\DR0\Partition2
13:47:42.0499 1068 \Device\Harddisk0\DR0\Partition2 - ok
13:47:42.0527 1068 [ 1CD1A6A4287E9203AFB91E5BBEF64746 ] \Device\Harddisk0\DR0\Partition3
13:47:42.0529 1068 \Device\Harddisk0\DR0\Partition3 - ok
13:47:42.0558 1068 [ 4EC8051D3E9149052D8CAD07BDFDFA2B ] \Device\Harddisk1\DR1\Partition1
13:47:42.0560 1068 \Device\Harddisk1\DR1\Partition1 - ok
13:47:42.0568 1068 ============================================================
13:47:42.0568 1068 Scan finished
13:47:42.0568 1068 ============================================================
13:47:42.0593 3128 Detected object count: 0
13:47:42.0593 3128 Actual detected object count: 0
13:47:55.0237 3112 Deinitialize success

CF:

ComboFix 13-02-02.05 - Bozka 03.02.2013 13:53:12.2.1 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1033.18.1280.625 [GMT 1:00]
Spuštěný z: c:\users\Bozka\Documents\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-03 do 2013-02-03 )))))))))))))))))))))))))))))))
.
.
2013-02-03 13:05 . 2013-02-03 13:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-02-03 10:19 . 2013-02-03 10:19 -------- d-----w- c:\users\Bozka\AppData\Local\Adobe
2013-02-03 08:54 . 2013-02-03 08:54 -------- d-----w- c:\users\Bozka\AppData\Local\Programs
2013-02-02 17:35 . 2013-02-02 17:35 -------- d-----w- c:\program files\Google
2013-02-02 17:35 . 2012-10-30 22:51 361032 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-02-02 17:35 . 2012-10-30 22:51 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-02-02 17:35 . 2012-10-30 22:51 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-02-02 17:35 . 2012-10-15 16:59 44784 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-02-02 17:35 . 2012-10-30 22:51 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-02-02 17:35 . 2012-10-30 22:51 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-02-02 17:34 . 2012-10-30 22:51 41224 ----a-w- c:\windows\avastSS.scr
2013-02-02 17:34 . 2012-10-30 22:50 227648 ----a-w- c:\windows\system32\aswBoot.exe
2013-02-02 15:40 . 2013-02-02 15:40 -------- d-----w- c:\program files\CPUID
2013-02-02 15:39 . 2013-02-02 15:39 -------- d-----w- c:\users\Bozka\AppData\Local\Apps
2013-02-02 15:39 . 2013-02-02 15:40 -------- d-----w- c:\users\Bozka\AppData\Local\Deployment
2013-02-02 15:34 . 2013-02-02 15:36 -------- d-----w- c:\users\Bozka\AppData\Roaming\HD Tune Pro
2013-02-02 15:34 . 2013-02-02 15:34 -------- d-----w- c:\program files\HD Tune Pro
2013-02-02 13:59 . 2013-02-02 13:59 -------- d-----w- c:\program files\WhoCrashed
2013-01-27 10:05 . 2013-01-27 10:05 -------- d-----w- c:\program files\Common Files\Skype
2013-01-16 05:51 . 2010-07-08 04:14 5732688 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6D48401C-AF49-4865-8EA0-7B087FD122DD}\mpengine.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-09 13:57 . 2012-04-17 12:39 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-01-09 13:57 . 2012-02-11 15:28 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-14 15:49 . 2012-12-01 09:52 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-19 18:32 . 2013-01-19 18:32 262552 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2010-11-20 . 8626F0C30D4E3564FFDD25C90F4426F1 . 811520 . . [6.1.7601.17514] . . c:\windows\System32\user32.dll
[7] 2010-11-20 . F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 . 811520 . . [6.1.7601.17514] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
[7] 2009-07-14 . 34B7E222E81FAFA885F0C5F2CFA56861 . 811520 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-01-08 18705664]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-02-24 5537792]
"nwiz"="nwiz.exe" [2005-02-24 1495040]
"SoundMan"="SOUNDMAN.EXE" [2009-04-14 604704]
"NvMediaCenter"="NvMCTray.dll" [2005-02-24 86016]
"ConnectionCenter"="c:\program files\Citrix\ICA Client\concentr.exe" [2011-08-11 358336]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-03 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"BigDog303"="c:\windows\VM303_STI.EXE" [2006-01-24 61440]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-01-08 11:59 18705664 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
R2 BBSvc;BingBar Service;c:\program files\Microsoft\BingBar\7.1.391.0\BBSvc.exe [x]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [x]
R3 m4301a;Linksys Wireless-B USB Network Adapter v4.0 Driver;c:\windows\system32\DRIVERS\m4301A.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [x]
S1 NEOFLTR_700_17289;Juniper Networks TDI Filter Driver (NEOFLTR_700_17289);c:\windows\system32\Drivers\NEOFLTR_700_17289.SYS [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S3 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\7.1.391.0\SeaPort.exe [x]
S3 rt61x86;RT61 Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr61.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - 34993190
*NewlyCreated* - 58358895
*NewlyCreated* - MBAMSWISSARMY
*Deregistered* - 34993190
*Deregistered* - 58358895
*Deregistered* - MBAMSwissArmy
.
Obsah adresáře 'Naplánované úlohy'
.
2013-02-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-17 13:57]
.
2013-02-02 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-02-02 22:50]
.
2010-03-10 c:\windows\Tasks\CreateChoiceProcessTask.job
- c:\windows\System32\browserchoice.exe [2010-03-07 07:10]
.
2013-02-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-02 17:35]
.
2013-02-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-02 17:35]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Bozka\AppData\Roaming\Mozilla\Firefox\Profiles\gj02x8yg.default-1359744713219\
FF - ExtSQL: 2013-02-02 18:35; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-02-03 14:09:37
ComboFix-quarantined-files.txt 2013-02-03 13:09
ComboFix2.txt 2012-12-01 10:40
.
Před spuštěním: Volných bajtů: 22 332 706 816
Po spuštění: Volných bajtů: 22 296 084 480
.
- - End Of File - - 55AFBA308B1E95B2B0D4431154D09BD1

[Žbeky]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::

Folder::
c:\program files\Skype\Updater
c:\program files\Google\Update

File::
c:\windows\Tasks\CreateChoiceProcessTask.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Driver::
SkypeUpdate

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.


- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

[Clorky]

V normálním režimu STÁLE nejde nic zapnout, píše to něco o registrech a jejich označení pro smazání.

CF:
ComboFix 13-02-03.02 - Bozka 03.02.2013 18:36:46.3.1 - x86 NETWORK
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1033.18.1280.803 [GMT 1:00]
Spuštěný z: c:\users\Bozka\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\users\Bozka\Downloads\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\Tasks\CreateChoiceProcessTask.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Google\Update
c:\program files\Google\Update\1.3.21.123\GoogleCrashHandler.exe
c:\program files\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
c:\program files\Google\Update\1.3.21.123\GoogleUpdate.exe
c:\program files\Google\Update\1.3.21.123\GoogleUpdateBroker.exe
c:\program files\Google\Update\1.3.21.123\GoogleUpdateHelper.msi
c:\program files\Google\Update\1.3.21.123\GoogleUpdateOnDemand.exe
c:\program files\Google\Update\1.3.21.123\GoogleUpdateSetup.exe
c:\program files\Google\Update\1.3.21.123\goopdate.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_am.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ar.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_bg.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_bn.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ca.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_cs.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_da.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_de.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_el.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_en-GB.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_en.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_es-419.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_es.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_et.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_fa.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_fi.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_fil.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_fr.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_gu.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_hi.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_hr.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_hu.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_id.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_is.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_it.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_iw.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ja.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_kn.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ko.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_lt.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_lv.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ml.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_mr.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ms.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_nl.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_no.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_pl.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_pt-BR.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_pt-PT.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ro.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ru.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_sk.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_sl.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_sr.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_sv.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_sw.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ta.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_te.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_th.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_tr.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_uk.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ur.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_vi.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_zh-CN.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_zh-TW.dll
c:\program files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
c:\program files\Google\Update\1.3.21.123\psmachine.dll
c:\program files\Google\Update\1.3.21.123\psuser.dll
c:\program files\Google\Update\Download\{3C122445-AECE-4309-90B7-85A6AEF42AC0}\0.0.0.0\gsync.msi
c:\program files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.123\GoogleUpdateSetup.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\Skype\Updater
c:\program files\Skype\Updater\Updater.dll
c:\program files\Skype\Updater\Updater.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-03 do 2013-02-03 )))))))))))))))))))))))))))))))
.
.
2013-02-03 17:45 . 2013-02-03 17:52 -------- d-----w- c:\users\Bozka\AppData\Local\temp
2013-02-03 17:45 . 2013-02-03 17:45 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-02-03 17:45 . 2013-02-03 17:45 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-02-03 10:19 . 2013-02-03 10:19 -------- d-----w- c:\users\Bozka\AppData\Local\Adobe
2013-02-03 08:54 . 2013-02-03 08:54 -------- d-----w- c:\users\Bozka\AppData\Local\Programs
2013-02-02 17:35 . 2013-02-03 17:44 -------- d-----w- c:\program files\Google
2013-02-02 17:35 . 2012-10-30 22:51 361032 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-02-02 17:35 . 2012-10-30 22:51 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-02-02 17:35 . 2012-10-30 22:51 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-02-02 17:35 . 2012-10-15 16:59 44784 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-02-02 17:35 . 2012-10-30 22:51 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-02-02 17:35 . 2012-10-30 22:51 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-02-02 17:34 . 2012-10-30 22:51 41224 ----a-w- c:\windows\avastSS.scr
2013-02-02 17:34 . 2012-10-30 22:50 227648 ----a-w- c:\windows\system32\aswBoot.exe
2013-02-02 15:40 . 2013-02-02 15:40 -------- d-----w- c:\program files\CPUID
2013-02-02 15:39 . 2013-02-02 15:39 -------- d-----w- c:\users\Bozka\AppData\Local\Apps
2013-02-02 15:39 . 2013-02-02 15:40 -------- d-----w- c:\users\Bozka\AppData\Local\Deployment
2013-02-02 15:34 . 2013-02-02 15:36 -------- d-----w- c:\users\Bozka\AppData\Roaming\HD Tune Pro
2013-02-02 15:34 . 2013-02-02 15:34 -------- d-----w- c:\program files\HD Tune Pro
2013-02-02 13:59 . 2013-02-02 13:59 -------- d-----w- c:\program files\WhoCrashed
2013-01-27 10:05 . 2013-01-27 10:05 -------- d-----w- c:\program files\Common Files\Skype
2013-01-16 05:51 . 2010-07-08 04:14 5732688 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6D48401C-AF49-4865-8EA0-7B087FD122DD}\mpengine.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-09 13:57 . 2012-04-17 12:39 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-01-09 13:57 . 2012-02-11 15:28 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-14 15:49 . 2012-12-01 09:52 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-19 18:32 . 2013-01-19 18:32 262552 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-01-08 18705664]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-02-24 5537792]
"nwiz"="nwiz.exe" [2005-02-24 1495040]
"SoundMan"="SOUNDMAN.EXE" [2009-04-14 604704]
"NvMediaCenter"="NvMCTray.dll" [2005-02-24 86016]
"ConnectionCenter"="c:\program files\Citrix\ICA Client\concentr.exe" [2011-08-11 358336]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-03 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"BigDog303"="c:\windows\VM303_STI.EXE" [2006-01-24 61440]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-01-08 11:59 18705664 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
R3 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\7.1.391.0\SeaPort.exe [x]
R3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [x]
R3 m4301a;Linksys Wireless-B USB Network Adapter v4.0 Driver;c:\windows\system32\DRIVERS\m4301A.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [x]
S1 NEOFLTR_700_17289;Juniper Networks TDI Filter Driver (NEOFLTR_700_17289);c:\windows\system32\Drivers\NEOFLTR_700_17289.SYS [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 BBSvc;BingBar Service;c:\program files\Microsoft\BingBar\7.1.391.0\BBSvc.exe [x]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
S3 rt61x86;RT61 Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr61.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-02-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-17 13:57]
.
2013-02-02 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-02-02 22:50]
.
2010-03-10 c:\windows\Tasks\CreateChoiceProcessTask.job
- c:\windows\System32\browserchoice.exe [2010-03-07 07:10]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Bozka\AppData\Roaming\Mozilla\Firefox\Profiles\gj02x8yg.default-1359744713219\
FF - ExtSQL: 2013-02-02 18:35; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\taskhost.exe
c:\program files\NVIDIA Corporation\nTune\nTuneService.exe
c:\windows\system32\conhost.exe
c:\windows\SOUNDMAN.EXE
c:\windows\System32\rundll32.exe
c:\program files\Citrix\ICA Client\Receiver\Receiver.exe
c:\program files\Citrix\ICA Client\wfcrun32.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\Common Files\Java\Java Update\jucheck.exe
c:\windows\system32\scrnsave.scr
c:\windows\system32\rundll32.exe
c:\windows\system32\vssvc.exe
c:\windows\system32\taskhost.exe
.
**************************************************************************
.
Celkový čas: 2013-02-03 19:02:00 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-02-03 18:01
ComboFix2.txt 2013-02-03 13:09
ComboFix3.txt 2012-12-01 10:40
.
Před spuštěním: Volných bajtů: 22 206 234 624
Po spuštění: Volných bajtů: 22 034 731 008
.
- - End Of File - - C127C901A54ABEFBF3376BE651E8BD97

[memphisto]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
Driver::
BBUpdate
cpudrv
BBSvc

Folder::
c:\program files\Microsoft\BingBar
c:\program files\SystemRequirementsLab

File::
c:\windows\Tasks\CreateChoiceProcessTask.job


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upus.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

[Clorky]

Operace se dokončila, avšak nebyl vytvořen log.
PC v běžném režimu stále padá.

[memphisto]

Na disku C není? Kde máš ten log z WhoCrashed, co píšeš v nadpisu...

[Clorky]

Tam byl dle adavypa problém s antivirem, narušoval nějak paměť - asi byl dlouho neaktualizován, tak jsem stáhl poslední free Avast.
Jestli je třeba, mohu ho tady znova dát.