Virtual Girl

Zpráva

jaGmann · #1 Příspěvek od **jaGmann** » 24 dub 2012 09:44

Zdravim.
Prosim odborniky o pomoc. Na notebooku se zacaly na plose objevovat tancici slecny u tyce (mezi nami nevypadaji spatne), ale pritelkyni se to moc nelibi

Oteviraji se okna s podobnou tematikou apod.
Muzete mi pomoci s odstranenim? Predpokladam, ze obycejne odinstalovani to nevyresi

Pri pokusu o spusteni RSIT vyskoci okno AutoIt Error - Unable to open script file.
Proto jsem udelal scan v RougeKiller:
RogueKiller V7.3.3 [04/22/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Operační systém: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v: Normální režim
Uživatel: Roll [Práva správce]
Mód: Kontrola -- Datum: 04/24/2012 10:41:51

¤¤¤ Škodlivé procesy: 2 ¤¤¤
[SUSP PATH] vghd.exe -- C:\Users\Roll\AppData\Local\vghd\bin\vghd.exe -> KILLED [TermProc]
[SUSP PATH] Virtuagirl_Downloader.exe -- C:\Users\Roll\AppData\Local\vghd\bin\VirtuaGirl_Downloader.exe -> KILLED [TermProc]

¤¤¤ Záznamy Registrů: 3 ¤¤¤
[SUSP PATH] DesktopVideoPlayer.lnk @Roll : C:\Users\Roll\AppData\Local\vghd\bin\vghd.exe -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač: [NENAHRÁNO] ¤¤¤

¤¤¤ Nákaza : Root.MBR ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS547564A9E384 SATA Disk Device +++++
--- User ---
[MBR] 06a349d406d6e1d04953a5c117f1dc73
[BSP] 9f912026af708c2c03c95d69c3f1db81 : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 300 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 616448 | Size: 589062 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1207015424 | Size: 15994 Mo
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 1239771136 | Size: 5115 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] 40f8a4324fbe43100e25ccecaf7437f8
[BSP] 9f912026af708c2c03c95d69c3f1db81 : Windows 7 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 300 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 616448 | Size: 61440 Mo
2 - [ACTIVE] FAT16 (0x06) [VISIBLE] Offset (sectors): 167999488 | Size: 1001 Mo
3 - [XXXXXX] FAT16 (0x06) [VISIBLE] Offset (sectors): 171999232 | Size: 2000 Mo

+++++ PhysicalDrive1: Sony Storage Media USB Device +++++
--- User ---
[MBR] 660bef5e3756325f25414a59a143c11c
[BSP] f1ba199fd79381c0b89fc4703e66c8ed : Windows XP MBR Code
Partition table:
0 - [ACTIVE] FAT16-LBA (0x0e) [VISIBLE] Offset (sectors): 63 | Size: 979 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[1].txt >>
RKreport[1].txt

#2 Příspěvek od **vyosek** » 24 dub 2012 09:48

Zdravim a pekny den preji

Mate tam toho docela dost a docela solidni mrchy

Spustte znovu RogueKiller

Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
Zvolte moznost Prohledat a pote Smazat a nasledne Zprava - otevre se log, ten sem vlozte
Pak kliknete na Oprava Host a Zprava - otevre se log, ten sem vlozte

Poprosim o log z DDS

Stahnete DDS odsud http://download.bleepingcomputer.com/sUBs/Beta/dds.exe a ulozte na plochu
Spustte a kliknete na Start
Po chvili vyskoci log, ten rad uvidim

Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe

Kliknete na volbu Change parametrs
V obou oknech (Objects to scan i Additional Option) zakliknete vsechny moznosti - ve vsech ctvereccich musi mit fajecka
Kliknete na OK
Utilite prikazte, at skenuje - klik na Start Scan
Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip
Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip
Pokud mate vsude Skip, kliknete na Continue
Na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt bude log - jeho obsah sem vlozte

jaGmann · #3 Příspěvek od **jaGmann** » 24 dub 2012 10:04

He, jsem si myslel, ze to nebude jen tak

RogueKiller V7.3.3 [04/22/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Operační systém: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v: Normální režim
Uživatel: Roll [Práva správce]
Mód: Odebrat -- Datum: 04/24/2012 10:55:50

¤¤¤ Škodlivé procesy: 2 ¤¤¤
[SUSP PATH] vghd.exe -- C:\Users\Roll\AppData\Local\vghd\bin\vghd.exe -> KILLED [TermProc]
[SUSP PATH] Virtuagirl_Downloader.exe -- C:\Users\Roll\AppData\Local\vghd\bin\VirtuaGirl_Downloader.exe -> KILLED [TermProc]

¤¤¤ Záznamy Registrů: 3 ¤¤¤
[SUSP PATH] DesktopVideoPlayer.lnk @Roll : C:\Users\Roll\AppData\Local\vghd\bin\vghd.exe -> DELETED
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač: [NENAHRÁNO] ¤¤¤

¤¤¤ Nákaza : Root.MBR ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS547564A9E384 SATA Disk Device +++++
--- User ---
[MBR] 06a349d406d6e1d04953a5c117f1dc73
[BSP] 9f912026af708c2c03c95d69c3f1db81 : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 300 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 616448 | Size: 589062 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1207015424 | Size: 15994 Mo
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 1239771136 | Size: 5115 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] 40f8a4324fbe43100e25ccecaf7437f8
[BSP] 9f912026af708c2c03c95d69c3f1db81 : Windows 7 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 300 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 616448 | Size: 61440 Mo
2 - [ACTIVE] FAT16 (0x06) [VISIBLE] Offset (sectors): 167999488 | Size: 1001 Mo
3 - [XXXXXX] FAT16 (0x06) [VISIBLE] Offset (sectors): 171999232 | Size: 2000 Mo

+++++ PhysicalDrive1: Sony Storage Media USB Device +++++
--- User ---
[MBR] 660bef5e3756325f25414a59a143c11c
[BSP] f1ba199fd79381c0b89fc4703e66c8ed : Windows XP MBR Code
Partition table:
0 - [ACTIVE] FAT16-LBA (0x0e) [VISIBLE] Offset (sectors): 63 | Size: 979 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt

RogueKiller V7.3.3 [04/22/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Operační systém: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v: Normální režim
Uživatel: Roll [Práva správce]
Mód: Oprava HOSTS -- Datum: 04/24/2012 10:56:30

¤¤¤ Škodlivé procesy: 2 ¤¤¤
[SUSP PATH] vghd.exe -- C:\Users\Roll\AppData\Local\vghd\bin\vghd.exe -> KILLED [TermProc]
[SUSP PATH] Virtuagirl_Downloader.exe -- C:\Users\Roll\AppData\Local\vghd\bin\VirtuaGirl_Downloader.exe -> KILLED [TermProc]

¤¤¤ Ovladač: [NENAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤

¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost

Dokončeno : << RKreport[4].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt

jaGmann · #4 Příspěvek od **jaGmann** » 24 dub 2012 10:04

DDS (Ver_2011-09-30.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16421
Run by Roll at 10:57:28 on 2012-04-24
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3552.1830 [GMT 2:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
C:\windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\Hpservice.exe
C:\windows\system32\vcsFPService.exe
C:\windows\system32\atieclxx.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe
C:\windows\system32\conhost.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\taskeng.exe
c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
C:\Program Files (x86)\PDF Complete\pdfsvc.exe
C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtlService.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\windows\system32\wbem\unsecapp.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtWlan.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\servicing\TrustedInstaller.exe
C:\windows\system32\spool\DRIVERS\x64\3\HP1005MC.EXE
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files (x86)\SiteRanker\SiteRankTray.exe
C:\Program Files (x86)\PCPowerSpeed\PCPowerTray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\windows\system32\sppsvc.exe
C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exe
C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
C:\windows\system32\taskeng.exe
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
c:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\DllHost.exe
C:\windows\system32\conhost.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.seznam.cz/
uSearch Bar = hxxp://toolbar.inbox.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=%tb_id&%language
uDefault_Page_URL = hxxp://www.bing.com?pc=CMNTDF
mStart Page = hxxp://www.bing.com?pc=CMNTDF
mDefault_Page_URL = hxxp://www.bing.com?pc=CMNTDF
uURLSearchHooks: UrlSearchHook Class: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
uURLSearchHooks: Inbox Toolbar: {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll
mWinlogon: Userinit = userinit.exe
BHO: <No Name>: {11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5} - C:\Program Files (x86)\SiteRanker\SiteRank.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: File Sanitizer for HP ProtectTools: {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
BHO: AppGraffiti: {6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} - C:\Program Files (x86)\AppGraffiti\AppGraffiti.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Inbox Toolbar: {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll
BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: &Inbox Toolbar: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: &Inbox Toolbar: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
mRun: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start
mRun: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [DTRun] c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe
mRun: [HPConnectionManager] c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
mRun: [HPQuickWebProxy] "c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
mRun: [SiteRanker] "C:\Program Files (x86)\SiteRanker\SiteRankTray.exe"
mRun: [PCPowerSpeed] "C:\Program Files (x86)\PCPowerSpeed\PCPowerTray.exe" /startup
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: Interfaces\{04F68194-5469-4862-95E5-AC3149336E33} : DHCPNameServer = 10.0.0.138
TCP: Interfaces\{3FD50749-7749-405D-8F4B-C071F81EECFF} : DHCPNameServer = 192.168.2.1
Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: DeviceNP - DeviceNP.dll
SSODL: WebCheck - <orphaned>
LSA: Notification Packages = EpePcNp64 DPPassFilter scecli
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg pku2u livessp
x64-mStart Page = hxxp://www.bing.com?pc=CMNTDF
x64-mDefault_Page_URL = hxxp://www.bing.com?pc=CMNTDF
x64-mWinlogon: Userinit = C:\windows\System32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [HPPowerAssistant] C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe /hidden
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
x64-Run: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [MfeEpePcMonitor] "C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe"
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\windows\System32\drivers\amd_sata.sys [2011-4-15 79488]
R0 amd_xata;amd_xata;C:\windows\System32\drivers\amd_xata.sys [2011-4-15 40064]
R0 MfeEpePc;MfeEpePc;C:\windows\System32\drivers\MfeEpePc.sys [2011-5-24 158280]
R1 MpFilter;Microsoft Malware Protection Driver;C:\windows\System32\drivers\MpFilter.sys [2011-4-18 189440]
R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\System32\drivers\vwififlt.sys [2009-7-14 59904]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-9-8 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2011-5-25 204288]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-5-10 146592]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2011-5-10 80032]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 HP Power Assistant Service;HP Power Assistant Service;C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2011-3-18 132152]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]
R2 HPDayStarterService;HP DayStarter Service;C:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [2011-3-23 133688]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-5-22 103992]
R2 HPFSService;File Sanitizer for HP ProtectTools;C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2011-5-9 320512]
R2 hpHotkeyMonitor;hpHotkeyMonitor;C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2011-5-14 317496]
R2 hpsrv;HP Service;C:\windows\System32\hpservice.exe [2011-5-13 30520]
R2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent;C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [2011-5-24 1318912]
R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-6-28 1128952]
R2 PdiService;Portrait Displays SDK Service;C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-6-28 113264]
R2 RtlISMServ;RtlISMServ;C:\Program Files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtlService.exe [2011-5-30 40960]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 uArcCapture;ArcCapture;C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe [2011-9-8 502464]
R2 vcsFPService;Validity VCS Fingerprint Service;C:\windows\System32\vcsFPService.exe [2011-3-24 3161904]
R3 amdhub30;AMD USB 3.0 Hub Driver;C:\windows\System32\drivers\amdhub30.sys [2011-3-18 87168]
R3 amdkmdag;amdkmdag;C:\windows\System32\drivers\atikmdag.sys [2011-5-25 9263104]
R3 amdkmdap;amdkmdap;C:\windows\System32\drivers\atikmpag.sys [2011-5-25 300544]
R3 amdxhc;AMD USB 3.0 Host Controller Driver;C:\windows\System32\drivers\amdxhc.sys [2011-3-18 188544]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;C:\windows\System32\drivers\ArcSoftVCapture.sys [2011-9-8 32192]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\windows\System32\drivers\AtihdW76.sys [2010-11-17 115216]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\windows\System32\drivers\btath_bus.sys [2011-5-10 29344]
R3 hpCMSrv;HP Connection Manager 4 Service;C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-5-23 1098296]
R3 JMCR;JMCR;C:\windows\System32\drivers\jmcr.sys [2011-3-8 174680]
R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\windows\System32\drivers\MpNWMon.sys [2011-4-18 40832]
R3 NisDrv;Microsoft Network Inspection System;C:\windows\System32\drivers\NisDrvWFP.sys [2011-4-27 84864]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
R3 Sftfs;Sftfs;C:\windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
R3 Sftplay;Sftplay;C:\windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
R3 Sftredir;Sftredir;C:\windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
R3 Sftvol;Sftvol;C:\windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\windows\System32\drivers\vwifimp.sys [2009-7-14 17920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 XobniService;XobniService;C:\Program Files (x86)\Xobni\XobniService.exe [2011-3-7 62184]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-11 253088]
S3 AthBTPort;Atheros Virtual Bluetooth Class;C:\windows\System32\drivers\btath_flt.sys [2011-5-10 36000]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\windows\System32\drivers\btath_a2dp.sys [2011-5-10 298656]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\windows\System32\drivers\btath_hcrp.sys [2011-5-10 201376]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\windows\System32\drivers\btath_lwflt.sys [2011-5-10 55456]
S3 BTATH_RCP;Bluetooth AVRCP Device;C:\windows\System32\drivers\btath_rcp.sys [2011-5-10 154272]
S3 BtFilter;BtFilter;C:\windows\System32\drivers\btfilter.sys [2011-5-10 281760]
S3 DAMDrv;DAMDrv;C:\windows\System32\drivers\DAMDrv64.sys [2011-5-10 64312]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;C:\Windows\SysWOW64\flcdlock.exe [2011-5-10 464440]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista;C:\windows\System32\drivers\netr28x.sys [2009-6-10 620544]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WatAdminSvc;Služba Technologie aktivace Windows;C:\windows\System32\Wat\WatAdminSvc.exe [2011-10-11 1255736]
.
=============== File Associations ===============
.
ShellExec: DigitalTheatre.exe: open="c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTStart.exe" "%1"
.
=============== Created Last 30 ================
.
2012-04-23 15:05:27 8917360 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8A73C127-5F32-4EC2-BC1B-52F40259594A}\mpengine.dll
2012-04-14 08:39:04 8766112 ----a-w- C:\windows\SysWow64\FlashPlayerInstaller.exe
2012-04-13 16:03:37 5559152 ----a-w- C:\windows\System32\ntoskrnl.exe
2012-04-13 16:03:36 3968368 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
2012-04-13 16:03:35 3913072 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
2012-04-13 16:00:33 81408 ----a-w- C:\windows\System32\imagehlp.dll
2012-04-13 16:00:33 23408 ----a-w- C:\windows\System32\drivers\fs_rec.sys
2012-04-13 16:00:33 172544 ----a-w- C:\windows\SysWow64\wintrust.dll
2012-04-13 16:00:33 159232 ----a-w- C:\windows\SysWow64\imagehlp.dll
2012-04-13 16:00:32 5120 ----a-w- C:\windows\SysWow64\wmi.dll
2012-04-13 16:00:32 5120 ----a-w- C:\windows\System32\wmi.dll
2012-04-13 16:00:32 220672 ----a-w- C:\windows\System32\wintrust.dll
2012-04-11 12:39:49 -------- d-----w- C:\Users\Roll\AppData\Local\{C5F61BB0-3F47-4B12-A617-7DE892D1B5CE}
2012-04-11 05:51:06 418464 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2012-04-08 08:44:37 -------- d-----w- C:\Users\Roll\AppData\Local\vghd
.
==================== Find3M ====================
.
2012-04-14 08:39:46 70304 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-04-10 13:02:30 472808 ----a-w- C:\windows\SysWow64\deployJava1.dll
2012-02-28 06:56:48 2311168 ----a-w- C:\windows\System32\jscript9.dll
2012-02-28 06:49:56 1390080 ----a-w- C:\windows\System32\wininet.dll
2012-02-28 06:48:57 1493504 ----a-w- C:\windows\System32\inetcpl.cpl
2012-02-28 06:42:55 2382848 ----a-w- C:\windows\System32\mshtml.tlb
2012-02-28 01:18:55 1799168 ----a-w- C:\windows\SysWow64\jscript9.dll
2012-02-28 01:11:21 1427456 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2012-02-28 01:11:07 1127424 ----a-w- C:\windows\SysWow64\wininet.dll
2012-02-28 01:03:16 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb
2012-02-17 06:38:26 1031680 ----a-w- C:\windows\System32\rdpcore.dll
2012-02-17 05:34:22 826880 ----a-w- C:\windows\SysWow64\rdpcore.dll
2012-02-17 04:58:24 210944 ----a-w- C:\windows\System32\drivers\rdpwd.sys
2012-02-17 04:57:32 23552 ----a-w- C:\windows\System32\drivers\tdtcp.sys
2012-02-10 06:36:07 1544192 ----a-w- C:\windows\System32\DWrite.dll
2012-02-10 05:38:43 1077248 ----a-w- C:\windows\SysWow64\DWrite.dll
2012-02-03 04:34:34 3145728 ----a-w- C:\windows\System32\win32k.sys
2012-01-31 12:44:20 279656 ------w- C:\windows\System32\MpSigStub.exe
.
============= FINISH: 10:58:42,28 ===============

jaGmann · #5 Příspěvek od **jaGmann** » 24 dub 2012 10:05

10:59:46.0390 4748 TDSS rootkit removing tool 2.7.32.0 Apr 23 2012 19:12:34
10:59:46.0421 4748 ============================================================
10:59:46.0421 4748 Current date / time: 2012/04/24 10:59:46.0421
10:59:46.0421 4748 SystemInfo:
10:59:46.0421 4748
10:59:46.0421 4748 OS Version: 6.1.7601 ServicePack: 1.0
10:59:46.0421 4748 Product type: Workstation
10:59:46.0421 4748 ComputerName: ROLL-HP
10:59:46.0421 4748 UserName: Roll
10:59:46.0421 4748 Windows directory: C:\windows
10:59:46.0421 4748 System windows directory: C:\windows
10:59:46.0421 4748 Running under WOW64
10:59:46.0421 4748 Processor architecture: Intel x64
10:59:46.0421 4748 Number of processors: 4
10:59:46.0421 4748 Page size: 0x1000
10:59:46.0421 4748 Boot type: Normal boot
10:59:46.0421 4748 ============================================================
10:59:49.0323 4748 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:59:49.0338 4748 Drive \Device\Harddisk1\DR1 - Size: 0x3D340000 (0.96 Gb), SectorSize: 0x200, Cylinders: 0x7C, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:59:49.0354 4748 ============================================================
10:59:49.0354 4748 \Device\Harddisk0\DR0:
10:59:49.0354 4748 MBR partitions:
10:59:49.0354 4748 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x96000
10:59:49.0354 4748 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x96800, BlocksNum 0x47E83000
10:59:49.0354 4748 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x47F19800, BlocksNum 0x1F3D000
10:59:49.0354 4748 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x49E56800, BlocksNum 0x9FD800
10:59:49.0354 4748 \Device\Harddisk1\DR1:
10:59:49.0354 4748 MBR partitions:
10:59:49.0354 4748 \Device\Harddisk1\DR1\Partition0: MBR, Type 0xE, StartLBA 0x3F, BlocksNum 0x1E99C1
10:59:49.0354 4748 ============================================================
10:59:49.0370 4748 C: <-> \Device\Harddisk0\DR0\Partition1
10:59:49.0416 4748 E: <-> \Device\Harddisk0\DR0\Partition2
10:59:49.0432 4748 F: <-> \Device\Harddisk0\DR0\Partition3
10:59:49.0432 4748 ============================================================
10:59:49.0432 4748 Initialize success
10:59:49.0432 4748 ============================================================
11:00:13.0472 3284 ============================================================
11:00:13.0472 3284 Scan started
11:00:13.0472 3284 Mode: Manual; SigCheck; TDLFS;
11:00:13.0472 3284 ============================================================
11:00:14.0298 3284 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
11:00:14.0486 3284 1394ohci - ok
11:00:14.0532 3284 Accelerometer (5c368f4b04ed2a923e6afca2d37baff5) C:\windows\system32\DRIVERS\Accelerometer.sys
11:00:14.0657 3284 Accelerometer - ok
11:00:14.0766 3284 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
11:00:14.0891 3284 ACDaemon - ok
11:00:14.0954 3284 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
11:00:15.0047 3284 ACPI - ok
11:00:15.0078 3284 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
11:00:15.0172 3284 AcpiPmi - ok
11:00:15.0266 3284 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:00:15.0359 3284 AdobeARMservice - ok
11:00:15.0562 3284 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:00:15.0796 3284 AdobeFlashPlayerUpdateSvc - ok
11:00:15.0905 3284 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\drivers\adp94xx.sys
11:00:15.0983 3284 adp94xx - ok
11:00:16.0061 3284 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\drivers\adpahci.sys
11:00:16.0124 3284 adpahci - ok
11:00:16.0170 3284 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\drivers\adpu320.sys
11:00:16.0233 3284 adpu320 - ok
11:00:16.0264 3284 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
11:00:16.0514 3284 AeLookupSvc - ok
11:00:16.0607 3284 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Program Files\IDT\WDM\AESTSr64.exe
11:00:16.0810 3284 AESTFilters - ok
11:00:16.0919 3284 Afc (6ccd1135320109d6b219f1a6e04ad9f6) C:\windows\syswow64\drivers\Afc.sys
11:00:16.0982 3284 Afc - ok
11:00:17.0091 3284 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys
11:00:17.0200 3284 AFD - ok
11:00:17.0247 3284 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
11:00:17.0309 3284 agp440 - ok
11:00:17.0356 3284 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
11:00:17.0465 3284 ALG - ok
11:00:17.0512 3284 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
11:00:17.0559 3284 aliide - ok
11:00:17.0621 3284 AMD External Events Utility (833d43cfbac21365d36cf797377457d9) C:\windows\system32\atiesrxx.exe
11:00:17.0855 3284 AMD External Events Utility - ok
11:00:17.0918 3284 amdhub30 (30bfeee0dffd5bd79d29157cf080deed) C:\windows\system32\DRIVERS\amdhub30.sys
11:00:17.0980 3284 amdhub30 - ok
11:00:18.0011 3284 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
11:00:18.0058 3284 amdide - ok
11:00:18.0089 3284 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\drivers\amdk8.sys
11:00:18.0167 3284 AmdK8 - ok
11:00:19.0244 3284 amdkmdag (fad670b417adccd9c99bc3aa3d754958) C:\windows\system32\DRIVERS\atikmdag.sys
11:00:19.0696 3284 amdkmdag - ok
11:00:19.0899 3284 amdkmdap (f0b63dead17f760dbc85ccd7bf978c05) C:\windows\system32\DRIVERS\atikmpag.sys
11:00:19.0977 3284 amdkmdap - ok
11:00:20.0055 3284 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\drivers\amdppm.sys
11:00:20.0117 3284 AmdPPM - ok
11:00:20.0180 3284 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
11:00:20.0226 3284 amdsata - ok
11:00:20.0273 3284 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\drivers\amdsbs.sys
11:00:20.0336 3284 amdsbs - ok
11:00:20.0382 3284 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
11:00:20.0445 3284 amdxata - ok
11:00:20.0492 3284 amdxhc (321533578132c811ec834a1b741c994c) C:\windows\system32\DRIVERS\amdxhc.sys
11:00:20.0554 3284 amdxhc - ok
11:00:20.0601 3284 amd_sata (f9d46b6b322708bd5afcc8767ebdc901) C:\windows\system32\drivers\amd_sata.sys
11:00:20.0663 3284 amd_sata - ok
11:00:20.0679 3284 amd_xata (329cc9c7e20deebcd4cd10816193ef14) C:\windows\system32\drivers\amd_xata.sys
11:00:20.0726 3284 amd_xata - ok
11:00:20.0772 3284 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
11:00:21.0006 3284 AppID - ok
11:00:21.0038 3284 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
11:00:21.0209 3284 AppIDSvc - ok
11:00:21.0272 3284 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll
11:00:21.0428 3284 Appinfo - ok
11:00:21.0490 3284 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\drivers\arc.sys
11:00:21.0537 3284 arc - ok
11:00:21.0568 3284 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\drivers\arcsas.sys
11:00:21.0662 3284 arcsas - ok
11:00:21.0693 3284 ARCVCAM (357635f16d28558c50870f4ef8aa4712) C:\windows\system32\DRIVERS\ArcSoftVCapture.sys
11:00:21.0771 3284 ARCVCAM - ok
11:00:21.0927 3284 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:00:21.0974 3284 aspnet_state - ok
11:00:22.0020 3284 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
11:00:22.0145 3284 AsyncMac - ok
11:00:22.0192 3284 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
11:00:22.0239 3284 atapi - ok
11:00:22.0270 3284 AthBTPort (cbe61b4494165f458bd87e37181ee934) C:\windows\system32\DRIVERS\btath_flt.sys
11:00:22.0332 3284 AthBTPort - ok
11:00:22.0426 3284 Atheros Bt&Wlan Coex Agent (650f111d5cda64c10ae4b9d1ba9d4fff) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
11:00:22.0520 3284 Atheros Bt&Wlan Coex Agent - ok
11:00:22.0566 3284 AtherosSvc (7df4fc861d1ab4977195936025b1b940) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
11:00:22.0644 3284 AtherosSvc - ok
11:00:22.0988 3284 athr (5493ed5d300afc7a9a0a87fca08e5381) C:\windows\system32\DRIVERS\athrx.sys
11:00:23.0159 3284 athr - ok
11:00:23.0378 3284 AtiHDAudioService (4bf5bca6e2608cd8a00bc4a6673a9f47) C:\windows\system32\drivers\AtihdW76.sys
11:00:23.0440 3284 AtiHDAudioService - ok
11:00:23.0565 3284 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
11:00:23.0736 3284 AudioEndpointBuilder - ok
11:00:23.0768 3284 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
11:00:23.0924 3284 AudioSrv - ok
11:00:23.0970 3284 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll
11:00:24.0142 3284 AxInstSV - ok
11:00:24.0251 3284 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\drivers\bxvbda.sys
11:00:24.0329 3284 b06bdrv - ok
11:00:24.0392 3284 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
11:00:24.0470 3284 b57nd60a - ok
11:00:24.0532 3284 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
11:00:24.0641 3284 BDESVC - ok
11:00:24.0672 3284 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
11:00:24.0797 3284 Beep - ok
11:00:24.0922 3284 BFE (82974d6a2fd19445cc5171fc378668a4) C:\windows\System32\bfe.dll
11:00:25.0094 3284 BFE - ok
11:00:25.0218 3284 BITS (1ea7969e3271cbc59e1730697dc74682) C:\windows\System32\qmgr.dll
11:00:25.0390 3284 BITS - ok
11:00:25.0452 3284 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\drivers\blbdrive.sys
11:00:25.0530 3284 blbdrive - ok
11:00:25.0562 3284 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
11:00:25.0640 3284 bowser - ok
11:00:25.0686 3284 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\drivers\BrFiltLo.sys
11:00:25.0749 3284 BrFiltLo - ok
11:00:25.0764 3284 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\drivers\BrFiltUp.sys
11:00:25.0811 3284 BrFiltUp - ok
11:00:25.0874 3284 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll
11:00:26.0030 3284 Browser - ok
11:00:26.0108 3284 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
11:00:26.0186 3284 Brserid - ok
11:00:26.0232 3284 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
11:00:26.0295 3284 BrSerWdm - ok
11:00:26.0326 3284 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
11:00:26.0404 3284 BrUsbMdm - ok
11:00:26.0451 3284 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
11:00:26.0513 3284 BrUsbSer - ok
11:00:26.0576 3284 BTATH_A2DP (fe70889a85c57a9268101b2db0474509) C:\windows\system32\drivers\btath_a2dp.sys
11:00:26.0669 3284 BTATH_A2DP - ok
11:00:26.0716 3284 BTATH_BUS (a9df22429e8d69ed849b0bbbe16bd327) C:\windows\system32\DRIVERS\btath_bus.sys
11:00:26.0763 3284 BTATH_BUS - ok
11:00:26.0841 3284 BTATH_HCRP (c864ff85ee16d61c2bdd5ef76824625f) C:\windows\system32\DRIVERS\btath_hcrp.sys
11:00:26.0903 3284 BTATH_HCRP - ok
11:00:26.0919 3284 BTATH_LWFLT (0dea505efb5d771826d177ef8b8a208f) C:\windows\system32\DRIVERS\btath_lwflt.sys
11:00:26.0966 3284 BTATH_LWFLT - ok
11:00:27.0028 3284 BTATH_RCP (724c8088c96efe7a3e63fec21d4681c0) C:\windows\system32\DRIVERS\btath_rcp.sys
11:00:27.0075 3284 BTATH_RCP - ok
11:00:27.0184 3284 BtFilter (433ed82856eb245577544da94d0c0565) C:\windows\system32\DRIVERS\btfilter.sys
11:00:27.0231 3284 BtFilter - ok
11:00:27.0309 3284 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\windows\system32\drivers\BthEnum.sys
11:00:27.0402 3284 BthEnum - ok
11:00:27.0449 3284 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\drivers\bthmodem.sys
11:00:27.0527 3284 BTHMODEM - ok
11:00:27.0574 3284 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\windows\system32\DRIVERS\bthpan.sys
11:00:27.0652 3284 BthPan - ok
11:00:27.0761 3284 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\windows\System32\Drivers\BTHport.sys
11:00:27.0855 3284 BTHPORT - ok
11:00:27.0902 3284 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
11:00:28.0058 3284 bthserv - ok
11:00:28.0104 3284 BTHUSB (f188b7394d81010767b6df3178519a37) C:\windows\System32\Drivers\BTHUSB.sys
11:00:28.0167 3284 BTHUSB - ok
11:00:28.0214 3284 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
11:00:28.0354 3284 cdfs - ok
11:00:28.0416 3284 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\drivers\cdrom.sys
11:00:28.0494 3284 cdrom - ok
11:00:28.0572 3284 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
11:00:28.0728 3284 CertPropSvc - ok
11:00:28.0775 3284 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\drivers\circlass.sys
11:00:28.0838 3284 circlass - ok
11:00:28.0916 3284 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
11:00:28.0994 3284 CLFS - ok
11:00:29.0072 3284 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:00:29.0165 3284 clr_optimization_v2.0.50727_32 - ok
11:00:29.0243 3284 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:00:29.0306 3284 clr_optimization_v2.0.50727_64 - ok
11:00:29.0399 3284 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:00:29.0462 3284 clr_optimization_v4.0.30319_32 - ok
11:00:29.0540 3284 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:00:29.0602 3284 clr_optimization_v4.0.30319_64 - ok
11:00:29.0649 3284 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\drivers\CmBatt.sys
11:00:29.0711 3284 CmBatt - ok
11:00:29.0727 3284 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
11:00:29.0774 3284 cmdide - ok
11:00:29.0852 3284 CNG (c4943b6c962e4b82197542447ad599f4) C:\windows\system32\Drivers\cng.sys
11:00:29.0976 3284 CNG - ok
11:00:30.0039 3284 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\drivers\compbatt.sys
11:00:30.0086 3284 Compbatt - ok
11:00:30.0132 3284 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\drivers\CompositeBus.sys
11:00:30.0226 3284 CompositeBus - ok
11:00:30.0242 3284 COMSysApp - ok
11:00:30.0273 3284 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\drivers\crcdisk.sys
11:00:30.0320 3284 crcdisk - ok
11:00:30.0398 3284 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\windows\system32\cryptsvc.dll
11:00:30.0569 3284 CryptSvc - ok
11:00:30.0772 3284 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
11:00:31.0068 3284 cvhsvc - ok
11:00:31.0115 3284 DAMDrv (b9aac23bcc9326e5e50d937fecb7dcb5) C:\windows\system32\DRIVERS\DAMDrv64.sys
11:00:31.0178 3284 DAMDrv - ok
11:00:31.0287 3284 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
11:00:31.0458 3284 DcomLaunch - ok
11:00:31.0536 3284 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
11:00:31.0692 3284 defragsvc - ok
11:00:31.0739 3284 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
11:00:31.0864 3284 DfsC - ok
11:00:31.0942 3284 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll
11:00:32.0098 3284 Dhcp - ok
11:00:32.0145 3284 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
11:00:32.0270 3284 discache - ok
11:00:32.0332 3284 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\drivers\disk.sys
11:00:32.0379 3284 Disk - ok
11:00:32.0441 3284 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll
11:00:32.0550 3284 Dnscache - ok
11:00:32.0613 3284 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll
11:00:32.0769 3284 dot3svc - ok
11:00:32.0909 3284 DpHost (6affdbfb153c9079be33047a692676e2) c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
11:00:33.0221 3284 DpHost - ok
11:00:33.0268 3284 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll
11:00:33.0408 3284 DPS - ok
11:00:33.0455 3284 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
11:00:33.0518 3284 drmkaud - ok
11:00:33.0658 3284 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
11:00:33.0752 3284 DXGKrnl - ok
11:00:33.0798 3284 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
11:00:33.0954 3284 EapHost - ok
11:00:34.0360 3284 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\drivers\evbda.sys
11:00:34.0547 3284 ebdrv - ok
11:00:34.0734 3284 EFS (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe
11:00:34.0797 3284 EFS - ok
11:00:34.0922 3284 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe
11:00:35.0062 3284 ehRecvr - ok
11:00:35.0093 3284 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
11:00:35.0218 3284 ehSched - ok
11:00:35.0343 3284 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\drivers\elxstor.sys
11:00:35.0421 3284 elxstor - ok
11:00:35.0436 3284 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
11:00:35.0499 3284 ErrDev - ok
11:00:35.0608 3284 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
11:00:35.0780 3284 EventSystem - ok
11:00:35.0826 3284 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
11:00:35.0967 3284 exfat - ok
11:00:36.0014 3284 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
11:00:36.0154 3284 fastfat - ok
11:00:36.0263 3284 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe
11:00:36.0482 3284 Fax - ok
11:00:36.0528 3284 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\drivers\fdc.sys
11:00:36.0591 3284 fdc - ok
11:00:36.0606 3284 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
11:00:36.0762 3284 fdPHost - ok
11:00:36.0778 3284 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
11:00:36.0918 3284 FDResPub - ok
11:00:36.0981 3284 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
11:00:37.0043 3284 FileInfo - ok
11:00:37.0059 3284 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
11:00:37.0199 3284 Filetrace - ok
11:00:37.0371 3284 FLCDLOCK (551034d58aaafe0ebb087cd4c7767eb8) c:\Windows\SysWOW64\flcdlock.exe
11:00:37.0605 3284 FLCDLOCK - ok
11:00:37.0652 3284 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\drivers\flpydisk.sys
11:00:37.0714 3284 flpydisk - ok
11:00:37.0792 3284 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
11:00:37.0870 3284 FltMgr - ok
11:00:38.0026 3284 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll
11:00:38.0151 3284 FontCache - ok
11:00:38.0229 3284 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:00:38.0291 3284 FontCache3.0.0.0 - ok
11:00:38.0338 3284 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
11:00:38.0385 3284 FsDepends - ok
11:00:38.0432 3284 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\windows\system32\drivers\Fs_Rec.sys
11:00:38.0478 3284 Fs_Rec - ok
11:00:38.0525 3284 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
11:00:38.0588 3284 fvevol - ok
11:00:38.0634 3284 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\drivers\gagp30kx.sys
11:00:38.0681 3284 gagp30kx - ok
11:00:38.0790 3284 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
11:00:38.0931 3284 GamesAppService - ok
11:00:39.0056 3284 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll
11:00:39.0227 3284 gpsvc - ok
11:00:39.0274 3284 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
11:00:39.0336 3284 hcw85cir - ok
11:00:39.0414 3284 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
11:00:39.0492 3284 HdAudAddService - ok
11:00:39.0555 3284 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\drivers\HDAudBus.sys
11:00:39.0633 3284 HDAudBus - ok
11:00:39.0664 3284 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\drivers\HidBatt.sys
11:00:39.0742 3284 HidBatt - ok
11:00:39.0789 3284 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\drivers\hidbth.sys
11:00:39.0867 3284 HidBth - ok
11:00:39.0898 3284 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\drivers\hidir.sys
11:00:39.0960 3284 HidIr - ok
11:00:39.0976 3284 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll
11:00:40.0132 3284 hidserv - ok
11:00:40.0179 3284 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys
11:00:40.0241 3284 HidUsb - ok
11:00:40.0272 3284 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll
11:00:40.0444 3284 hkmsvc - ok
11:00:40.0506 3284 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll
11:00:40.0616 3284 HomeGroupListener - ok
11:00:40.0678 3284 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll
11:00:40.0787 3284 HomeGroupProvider - ok
11:00:40.0881 3284 HP Power Assistant Service (6dd70fb3092fd3ea7fa4ca26a1fe049d) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
11:00:40.0959 3284 HP Power Assistant Service - ok
11:00:41.0099 3284 HP Support Assistant Service (13bb1114451c63bfb41ba7daa4d70a29) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
11:00:41.0162 3284 HP Support Assistant Service - ok
11:00:41.0333 3284 hpCMSrv (c5d2f308e1c12a5c328ef549696dbc05) c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
11:00:41.0552 3284 hpCMSrv - ok
11:00:41.0645 3284 HPDayStarterService (b4670ac88c5eac55528709e26f9e38d6) c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
11:00:41.0848 3284 HPDayStarterService - ok
11:00:41.0926 3284 HPDrvMntSvc.exe (c958976c7daaf47084a33ebbc6e28b84) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
11:00:42.0035 3284 HPDrvMntSvc.exe - ok
11:00:42.0207 3284 hpdskflt (4e0bec0f78096ffd6d3314b497fc49d3) C:\windows\system32\DRIVERS\hpdskflt.sys
11:00:42.0254 3284 hpdskflt - ok
11:00:42.0347 3284 HPFSService (f521a4d9f0d1618b9119eabc7e580370) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
11:00:44.0375 3284 HPFSService ( UnsignedFile.Multi.Generic ) - warning
11:00:44.0375 3284 HPFSService - detected UnsignedFile.Multi.Generic (1)
11:00:44.0438 3284 hpHotkeyMonitor (9dcfddecc54fc813e7c0c8edf6e99e1c) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
11:00:44.0640 3284 hpHotkeyMonitor - ok
11:00:44.0672 3284 HpqKbFiltr (b98ee5d4535a685634b90f7e04de0df7) C:\windows\system32\drivers\HpqKbFiltr.sys
11:00:44.0734 3284 HpqKbFiltr - ok
11:00:44.0859 3284 hpqwmiex (09fbd4c4db2fd84b9ab1c5bfdcc95559) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
11:00:45.0186 3284 hpqwmiex - ok
11:00:45.0233 3284 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
11:00:45.0280 3284 HpSAMD - ok
11:00:45.0311 3284 hpsrv (fc7c13b5a9e9be23b7ae72bbc7fdb278) C:\windows\system32\Hpservice.exe
11:00:45.0420 3284 hpsrv - ok
11:00:45.0530 3284 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
11:00:45.0686 3284 HTTP - ok
11:00:45.0717 3284 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
11:00:45.0764 3284 hwpolicy - ok
11:00:45.0810 3284 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys
11:00:45.0857 3284 i8042prt - ok
11:00:45.0951 3284 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
11:00:46.0029 3284 iaStorV - ok
11:00:46.0122 3284 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
11:00:46.0216 3284 IDriverT ( UnsignedFile.Multi.Generic ) - warning
11:00:46.0216 3284 IDriverT - detected UnsignedFile.Multi.Generic (1)
11:00:46.0388 3284 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:00:46.0497 3284 idsvc - ok
11:00:47.0324 3284 igfx (a87261ef1546325b559374f5689cf5bc) C:\windows\system32\DRIVERS\igdkmd64.sys
11:00:47.0807 3284 igfx - ok
11:00:47.0963 3284 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\drivers\iirsp.sys
11:00:48.0010 3284 iirsp - ok
11:00:48.0135 3284 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll
11:00:48.0306 3284 IKEEXT - ok
11:00:48.0338 3284 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
11:00:48.0384 3284 intelide - ok
11:00:48.0416 3284 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\drivers\intelppm.sys
11:00:48.0494 3284 intelppm - ok
11:00:48.0525 3284 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
11:00:48.0681 3284 IPBusEnum - ok
11:00:48.0728 3284 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
11:00:48.0837 3284 IpFilterDriver - ok
11:00:48.0946 3284 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\windows\System32\iphlpsvc.dll
11:00:49.0118 3284 iphlpsvc - ok
11:00:49.0164 3284 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
11:00:49.0227 3284 IPMIDRV - ok
11:00:49.0274 3284 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
11:00:49.0398 3284 IPNAT - ok
11:00:49.0430 3284 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
11:00:49.0508 3284 IRENUM - ok
11:00:49.0539 3284 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
11:00:49.0586 3284 isapnp - ok
11:00:49.0648 3284 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
11:00:49.0710 3284 iScsiPrt - ok
11:00:49.0773 3284 JMCR (665554f9f795446181c70349afa1b0a4) C:\windows\system32\DRIVERS\jmcr.sys
11:00:49.0835 3284 JMCR - ok
11:00:49.0882 3284 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\drivers\kbdclass.sys
11:00:49.0929 3284 kbdclass - ok
11:00:49.0944 3284 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\drivers\kbdhid.sys
11:00:50.0007 3284 kbdhid - ok
11:00:50.0054 3284 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
11:00:50.0116 3284 KeyIso - ok
11:00:50.0147 3284 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\windows\system32\Drivers\ksecdd.sys
11:00:50.0210 3284 KSecDD - ok
11:00:50.0257 3284 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\windows\system32\Drivers\ksecpkg.sys
11:00:50.0319 3284 KSecPkg - ok
11:00:50.0350 3284 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
11:00:50.0475 3284 ksthunk - ok
11:00:50.0553 3284 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
11:00:50.0725 3284 KtmRm - ok
11:00:50.0803 3284 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\system32\srvsvc.dll
11:00:50.0974 3284 LanmanServer - ok
11:00:51.0037 3284 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll
11:00:51.0177 3284 LanmanWorkstation - ok
11:00:51.0224 3284 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
11:00:51.0333 3284 lltdio - ok
11:00:51.0395 3284 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
11:00:51.0567 3284 lltdsvc - ok
11:00:51.0598 3284 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
11:00:51.0754 3284 lmhosts - ok
11:00:51.0817 3284 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\drivers\lsi_fc.sys
11:00:51.0863 3284 LSI_FC - ok
11:00:51.0910 3284 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\drivers\lsi_sas.sys
11:00:51.0957 3284 LSI_SAS - ok
11:00:52.0004 3284 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\drivers\lsi_sas2.sys
11:00:52.0051 3284 LSI_SAS2 - ok
11:00:52.0097 3284 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\drivers\lsi_scsi.sys
11:00:52.0144 3284 LSI_SCSI - ok
11:00:52.0191 3284 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
11:00:52.0331 3284 luafv - ok
11:00:52.0643 3284 McAfee Endpoint Encryption Agent (4557dd306dc008c4b74101540aefda2a) C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
11:00:53.0033 3284 McAfee Endpoint Encryption Agent ( UnsignedFile.Multi.Generic ) - warning
11:00:53.0033 3284 McAfee Endpoint Encryption Agent - detected UnsignedFile.Multi.Generic (1)
11:00:53.0221 3284 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll
11:00:53.0330 3284 Mcx2Svc - ok
11:00:53.0361 3284 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\drivers\megasas.sys
11:00:53.0423 3284 megasas - ok
11:00:53.0501 3284 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\drivers\MegaSR.sys
11:00:53.0579 3284 MegaSR - ok
11:00:53.0642 3284 MfeEpePc (937d9d334d51780e575c8b70d63b99ce) C:\windows\system32\drivers\MfeEpePc.sys
11:00:53.0720 3284 MfeEpePc - ok
11:00:53.0751 3284 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
11:00:53.0907 3284 MMCSS - ok
11:00:53.0954 3284 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
11:00:54.0063 3284 Modem - ok
11:00:54.0125 3284 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
11:00:54.0219 3284 monitor - ok
11:00:54.0266 3284 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
11:00:54.0313 3284 mouclass - ok
11:00:54.0359 3284 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
11:00:54.0422 3284 mouhid - ok
11:00:54.0469 3284 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
11:00:54.0515 3284 mountmgr - ok
11:00:54.0578 3284 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\windows\system32\DRIVERS\MpFilter.sys
11:00:54.0656 3284 MpFilter - ok
11:00:54.0703 3284 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
11:00:54.0749 3284 mpio - ok
11:00:54.0781 3284 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\windows\system32\DRIVERS\MpNWMon.sys
11:00:54.0827 3284 MpNWMon - ok
11:00:54.0859 3284 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
11:00:54.0968 3284 mpsdrv - ok
11:00:55.0108 3284 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\windows\system32\mpssvc.dll
11:00:55.0280 3284 MpsSvc - ok
11:00:55.0327 3284 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
11:00:55.0405 3284 MRxDAV - ok
11:00:55.0451 3284 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
11:00:55.0545 3284 mrxsmb - ok
11:00:55.0607 3284 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
11:00:55.0670 3284 mrxsmb10 - ok
11:00:55.0717 3284 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
11:00:55.0795 3284 mrxsmb20 - ok
11:00:55.0841 3284 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
11:00:55.0888 3284 msahci - ok
11:00:55.0919 3284 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
11:00:55.0982 3284 msdsm - ok
11:00:56.0029 3284 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
11:00:56.0122 3284 MSDTC - ok
11:00:56.0169 3284 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
11:00:56.0278 3284 Msfs - ok
11:00:56.0294 3284 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
11:00:56.0403 3284 mshidkmdf - ok
11:00:56.0434 3284 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
11:00:56.0497 3284 msisadrv - ok
11:00:56.0559 3284 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
11:00:56.0731 3284 MSiSCSI - ok
11:00:56.0731 3284 msiserver - ok
11:00:56.0777 3284 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
11:00:56.0902 3284 MSKSSRV - ok
11:00:56.0965 3284 MsMpSvc (157e9e498206a3366baa7e4697bdd947) c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
11:00:57.0011 3284 MsMpSvc - ok
11:00:57.0043 3284 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
11:00:57.0152 3284 MSPCLOCK - ok
11:00:57.0167 3284 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
11:00:57.0277 3284 MSPQM - ok
11:00:57.0355 3284 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
11:00:57.0433 3284 MsRPC - ok
11:00:57.0464 3284 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\drivers\mssmbios.sys
11:00:57.0511 3284 mssmbios - ok
11:00:57.0557 3284 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
11:00:57.0667 3284 MSTEE - ok
11:00:57.0698 3284 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\drivers\MTConfig.sys
11:00:57.0760 3284 MTConfig - ok
11:00:57.0807 3284 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
11:00:57.0854 3284 Mup - ok
11:00:57.0932 3284 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll
11:00:58.0103 3284 napagent - ok
11:00:58.0181 3284 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
11:00:58.0275 3284 NativeWifiP - ok
11:00:58.0415 3284 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys
11:00:58.0540 3284 NDIS - ok
11:00:58.0571 3284 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
11:00:58.0681 3284 NdisCap - ok
11:00:58.0727 3284 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
11:00:58.0837 3284 NdisTapi - ok
11:00:58.0852 3284 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
11:00:58.0961 3284 Ndisuio - ok
11:00:59.0008 3284 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
11:00:59.0133 3284 NdisWan - ok
11:00:59.0149 3284 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
11:00:59.0258 3284 NDProxy - ok
11:00:59.0305 3284 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
11:00:59.0414 3284 NetBIOS - ok
11:00:59.0476 3284 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
11:00:59.0617 3284 NetBT - ok
11:00:59.0663 3284 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
11:00:59.0726 3284 Netlogon - ok
11:00:59.0819 3284 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
11:00:59.0975 3284 Netman - ok
11:01:00.0116 3284 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:01:00.0194 3284 NetMsmqActivator - ok
11:01:00.0209 3284 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:01:00.0272 3284 NetPipeActivator - ok
11:01:00.0350 3284 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
11:01:00.0506 3284 netprofm - ok
11:01:00.0662 3284 netr28x (b72bb9496a126fcfc7fc5945ded9b411) C:\windows\system32\DRIVERS\netr28x.sys
11:01:00.0755 3284 netr28x - ok
11:01:00.0896 3284 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:01:00.0958 3284 NetTcpActivator - ok
11:01:00.0974 3284 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:01:01.0036 3284 NetTcpPortSharing - ok
11:01:01.0083 3284 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\drivers\nfrd960.sys
11:01:01.0130 3284 nfrd960 - ok
11:01:01.0177 3284 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\windows\system32\DRIVERS\NisDrvWFP.sys
11:01:01.0223 3284 NisDrv - ok
11:01:01.0333 3284 NisSrv (566ddd5d82520da01d75f81428ac4c38) c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
11:01:01.0442 3284 NisSrv - ok
11:01:01.0520 3284 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll
11:01:01.0676 3284 NlaSvc - ok
11:01:01.0723 3284 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
11:01:01.0832 3284 Npfs - ok
11:01:01.0847 3284 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
11:01:01.0988 3284 nsi - ok
11:01:02.0019 3284 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
11:01:02.0128 3284 nsiproxy - ok
11:01:02.0362 3284 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
11:01:02.0503 3284 Ntfs - ok
11:01:02.0659 3284 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
11:01:02.0783 3284 Null - ok
11:01:02.0846 3284 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
11:01:02.0908 3284 nvraid - ok
11:01:02.0939 3284 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
11:01:03.0002 3284 nvstor - ok
11:01:03.0064 3284 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
11:01:03.0127 3284 nv_agp - ok
11:01:03.0158 3284 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
11:01:03.0220 3284 ohci1394 - ok
11:01:03.0329 3284 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:01:03.0454 3284 ose - ok
11:01:04.0125 3284 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:01:04.0811 3284 osppsvc - ok
11:01:04.0999 3284 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
11:01:05.0123 3284 p2pimsvc - ok
11:01:05.0201 3284 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
11:01:05.0311 3284 p2psvc - ok
11:01:05.0373 3284 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\drivers\parport.sys
11:01:05.0435 3284 Parport - ok
11:01:05.0467 3284 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\windows\system32\drivers\partmgr.sys
11:01:05.0513 3284 partmgr - ok
11:01:05.0576 3284 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
11:01:05.0685 3284 PcaSvc - ok
11:01:05.0732 3284 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
11:01:05.0794 3284 pci - ok
11:01:05.0825 3284 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
11:01:05.0872 3284 pciide - ok
11:01:05.0919 3284 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\drivers\pcmcia.sys
11:01:05.0981 3284 pcmcia - ok
11:01:06.0013 3284 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
11:01:06.0075 3284 pcw - ok
11:01:06.0122 3284 pdfcDispatcher - ok
11:01:06.0200 3284 PdiService (4a8cc4d25525f456069887d5e8c53225) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
11:01:06.0434 3284 PdiService - ok
11:01:06.0512 3284 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
11:01:06.0652 3284 PEAUTH - ok
11:01:06.0761 3284 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
11:01:06.0855 3284 PerfHost - ok
11:01:07.0073 3284 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll
11:01:07.0276 3284 pla - ok
11:01:07.0370 3284 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll
11:01:07.0479 3284 PlugPlay - ok
11:01:07.0510 3284 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
11:01:07.0604 3284 PNRPAutoReg - ok
11:01:07.0682 3284 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
11:01:07.0775 3284 PNRPsvc - ok
11:01:07.0869 3284 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll
11:01:08.0025 3284 PolicyAgent - ok
11:01:08.0087 3284 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
11:01:08.0243 3284 Power - ok
11:01:08.0321 3284 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
11:01:08.0446 3284 PptpMiniport - ok
11:01:08.0477 3284 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\drivers\processr.sys
11:01:08.0540 3284 Processor - ok
11:01:08.0602 3284 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\windows\system32\profsvc.dll
11:01:08.0758 3284 ProfSvc - ok
11:01:08.0789 3284 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
11:01:08.0867 3284 ProtectedStorage - ok
11:01:08.0914 3284 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
11:01:09.0023 3284 Psched - ok
11:01:09.0226 3284 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\drivers\ql2300.sys
11:01:09.0335 3284 ql2300 - ok
11:01:09.0507 3284 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\drivers\ql40xx.sys
11:01:09.0554 3284 ql40xx - ok
11:01:09.0616 3284 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
11:01:09.0725 3284 QWAVE - ok
11:01:09.0772 3284 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
11:01:09.0850 3284 QWAVEdrv - ok
11:01:09.0866 3284 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
11:01:09.0991 3284 RasAcd - ok
11:01:10.0022 3284 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
11:01:10.0131 3284 RasAgileVpn - ok
11:01:10.0162 3284 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
11:01:10.0318 3284 RasAuto - ok
11:01:10.0365 3284 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
11:01:10.0474 3284 Rasl2tp - ok
11:01:10.0552 3284 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll
11:01:10.0708 3284 RasMan - ok
11:01:10.0771 3284 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
11:01:10.0880 3284 RasPppoe - ok
11:01:10.0911 3284 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
11:01:11.0036 3284 RasSstp - ok
11:01:11.0098 3284 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
11:01:11.0239 3284 rdbss - ok
11:01:11.0270 3284 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\drivers\rdpbus.sys
11:01:11.0332 3284 rdpbus - ok
11:01:11.0379 3284 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
11:01:11.0488 3284 RDPCDD - ok
11:01:11.0535 3284 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
11:01:11.0644 3284 RDPENCDD - ok
11:01:11.0691 3284 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
11:01:11.0785 3284 RDPREFMP - ok
11:01:11.0847 3284 RDPWD (6d76e6433574b058adcb0c50df834492) C:\windows\system32\drivers\RDPWD.sys
11:01:11.0909 3284 RDPWD - ok
11:01:11.0972 3284 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
11:01:12.0034 3284 rdyboost - ok
11:01:12.0081 3284 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
11:01:12.0237 3284 RemoteAccess - ok
11:01:12.0284 3284 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
11:01:12.0440 3284 RemoteRegistry - ok
11:01:12.0487 3284 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\windows\system32\DRIVERS\rfcomm.sys
11:01:12.0565 3284 RFCOMM - ok
11:01:12.0596 3284 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
11:01:12.0752 3284 RpcEptMapper - ok
11:01:12.0783 3284 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
11:01:12.0861 3284 RpcLocator - ok
11:01:12.0955 3284 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
11:01:13.0111 3284 RpcSs - ok
11:01:13.0157 3284 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
11:01:13.0267 3284 rspndr - ok
11:01:13.0376 3284 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\windows\system32\DRIVERS\Rt64win7.sys
11:01:13.0454 3284 RTL8167 - ok
11:01:13.0594 3284 RtlISMServ (f8cdadce6cbcdaf8c7e8bcce4d31dbb6) C:\Program Files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtlService.exe
11:01:13.0813 3284 RtlISMServ ( UnsignedFile.Multi.Generic ) - warning
11:01:13.0813 3284 RtlISMServ - detected UnsignedFile.Multi.Generic (1)
11:01:13.0859 3284 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
11:01:13.0922 3284 SamSs - ok
11:01:13.0969 3284 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
11:01:14.0015 3284 sbp2port - ok
11:01:14.0062 3284 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
11:01:14.0234 3284 SCardSvr - ok
11:01:14.0265 3284 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
11:01:14.0390 3284 scfilter - ok
11:01:14.0530 3284 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll
11:01:14.0733 3284 Schedule - ok
11:01:14.0780 3284 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
11:01:14.0920 3284 SCPolicySvc - ok
11:01:14.0951 3284 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\windows\system32\DRIVERS\sdbus.sys
11:01:15.0029 3284 sdbus - ok
11:01:15.0076 3284 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll
11:01:15.0170 3284 SDRSVC - ok
11:01:15.0217 3284 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
11:01:15.0341 3284 secdrv - ok
11:01:15.0373 3284 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll
11:01:15.0529 3284 seclogon - ok
11:01:15.0560 3284 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll
11:01:15.0716 3284 SENS - ok
11:01:15.0763 3284 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
11:01:15.0856 3284 SensrSvc - ok
11:01:15.0903 3284 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\drivers\serenum.sys
11:01:15.0965 3284 Serenum - ok
11:01:16.0028 3284 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\drivers\serial.sys
11:01:16.0090 3284 Serial - ok
11:01:16.0121 3284 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\drivers\sermouse.sys
11:01:16.0184 3284 sermouse - ok
11:01:16.0246 3284 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll
11:01:16.0402 3284 SessionEnv - ok
11:01:16.0433 3284 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
11:01:16.0496 3284 sffdisk - ok
11:01:16.0511 3284 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
11:01:16.0589 3284 sffp_mmc - ok
11:01:16.0605 3284 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
11:01:16.0683 3284 sffp_sd - ok
11:01:16.0699 3284 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\drivers\sfloppy.sys
11:01:16.0761 3284 sfloppy - ok
11:01:16.0886 3284 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\windows\system32\DRIVERS\Sftfslh.sys
11:01:16.0979 3284 Sftfs - ok
11:01:17.0120 3284 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
11:01:17.0557 3284 sftlist - ok
11:01:17.0635 3284 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\windows\system32\DRIVERS\Sftplaylh.sys
11:01:17.0697 3284 Sftplay - ok
11:01:17.0713 3284 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\windows\system32\DRIVERS\Sftredirlh.sys
11:01:17.0759 3284 Sftredir - ok
11:01:17.0775 3284 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\windows\system32\DRIVERS\Sftvollh.sys
11:01:17.0822 3284 Sftvol - ok
11:01:17.0869 3284 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
11:01:18.0274 3284 sftvsa - ok
11:01:18.0352 3284 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll
11:01:18.0508 3284 SharedAccess - ok
11:01:18.0586 3284 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll
11:01:18.0742 3284 ShellHWDetection - ok
11:01:18.0805 3284 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\drivers\SiSRaid2.sys
11:01:18.0851 3284 SiSRaid2 - ok
11:01:18.0867 3284 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\drivers\sisraid4.sys
11:01:18.0929 3284 SiSRaid4 - ok
11:01:18.0976 3284 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
11:01:19.0101 3284 Smb - ok
11:01:19.0163 3284 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
11:01:19.0273 3284 SNMPTRAP - ok
11:01:19.0538 3284 SNP2UVC (f3adbc7ebea83f35f3ae4de3226765f2) C:\windows\system32\DRIVERS\snp2uvc.sys
11:01:19.0663 3284 SNP2UVC - ok
11:01:19.0819 3284 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
11:01:19.0865 3284 spldr - ok
11:01:19.0959 3284 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe
11:01:20.0240 3284 Spooler - ok
11:01:20.0677 3284 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe
11:01:20.0957 3284 sppsvc - ok
11:01:21.0129 3284 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
11:01:21.0269 3284 sppuinotify - ok
11:01:21.0379 3284 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
11:01:21.0472 3284 srv - ok
11:01:21.0535 3284 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
11:01:21.0628 3284 srv2 - ok
11:01:21.0675 3284 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
11:01:21.0737 3284 srvnet - ok
11:01:21.0815 3284 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
11:01:21.0971 3284 SSDPSRV - ok
11:01:22.0003 3284 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
11:01:22.0143 3284 SstpSvc - ok
11:01:22.0283 3284 STacSV (8cd99b716b3a01174316a72734299155) C:\Program Files\IDT\WDM\STacSV64.exe
11:01:22.0502 3284 STacSV - ok
11:01:22.0533 3284 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\drivers\stexstor.sys
11:01:22.0580 3284 stexstor - ok
11:01:22.0689 3284 STHDA (ec12bca6ca70cecd5d2ed214374eb006) C:\windows\system32\DRIVERS\stwrt64.sys
11:01:22.0767 3284 STHDA - ok
11:01:22.0892 3284 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll
11:01:23.0017 3284 stisvc - ok
11:01:23.0048 3284 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\drivers\swenum.sys
11:01:23.0126 3284 swenum - ok
11:01:23.0219 3284 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
11:01:23.0375 3284 swprv - ok
11:01:23.0578 3284 SynTP (1bfdd504f8c2e76b74e86ccf11283368) C:\windows\system32\DRIVERS\SynTP.sys
11:01:23.0719 3284 SynTP - ok
11:01:24.0046 3284 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll
11:01:24.0218 3284 SysMain - ok
11:01:24.0374 3284 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll
11:01:24.0499 3284 TabletInputService - ok
11:01:24.0545 3284 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll
11:01:24.0717 3284 TapiSrv - ok
11:01:24.0748 3284 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
11:01:24.0889 3284 TBS - ok
11:01:25.0169 3284 Tcpip (fc62769e7bff2896035aeed399108162) C:\windows\system32\drivers\tcpip.sys
11:01:25.0341 3284 Tcpip - ok
11:01:25.0731 3284 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\windows\system32\DRIVERS\tcpip.sys
11:01:25.0887 3284 TCPIP6 - ok
11:01:26.0059 3284 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
11:01:26.0183 3284 tcpipreg - ok
11:01:26.0199 3284 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
11:01:26.0261 3284 TDPIPE - ok
11:01:26.0308 3284 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys
11:01:26.0355 3284 TDTCP - ok
11:01:26.0386 3284 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
11:01:26.0527 3284 tdx - ok
11:01:26.0589 3284 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\drivers\termdd.sys
11:01:26.0636 3284 TermDD - ok
11:01:26.0745 3284 TermService (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll
11:01:26.0932 3284 TermService - ok
11:01:26.0963 3284 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
11:01:27.0073 3284 Themes - ok
11:01:27.0119 3284 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
11:01:27.0244 3284 THREADORDER - ok
11:01:27.0291 3284 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
11:01:27.0447 3284 TrkWks - ok
11:01:27.0509 3284 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe
11:01:27.0665 3284 TrustedInstaller - ok
11:01:27.0712 3284 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
11:01:27.0821 3284 tssecsrv - ok
11:01:27.0868 3284 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
11:01:27.0915 3284 TsUsbFlt - ok
11:01:27.0962 3284 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\windows\system32\drivers\TsUsbGD.sys
11:01:28.0024 3284 TsUsbGD - ok
11:01:28.0087 3284 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
11:01:28.0227 3284 tunnel - ok
11:01:28.0289 3284 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\drivers\uagp35.sys
11:01:28.0352 3284 uagp35 - ok
11:01:28.0570 3284 uArcCapture (d5994ab5c2b2d72d6320a7004d52617c) C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
11:01:28.0820 3284 uArcCapture - ok
11:01:28.0898 3284 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
11:01:29.0023 3284 udfs - ok
11:01:29.0085 3284 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
11:01:29.0179 3284 UI0Detect - ok
11:01:29.0210 3284 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
11:01:29.0257 3284 uliagpkx - ok
11:01:29.0303 3284 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\DRIVERS\umbus.sys
11:01:29.0366 3284 umbus - ok
11:01:29.0413 3284 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\drivers\umpass.sys
11:01:29.0459 3284 UmPass - ok
11:01:29.0537 3284 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
11:01:29.0693 3284 upnphost - ok
11:01:29.0740 3284 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys
11:01:29.0787 3284 usbccgp - ok
11:01:29.0834 3284 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
11:01:29.0912 3284 usbcir - ok
11:01:29.0943 3284 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\DRIVERS\usbehci.sys
11:01:30.0021 3284 usbehci - ok
11:01:30.0115 3284 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
11:01:30.0177 3284 usbhub - ok
11:01:30.0208 3284 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\DRIVERS\usbohci.sys
11:01:30.0255 3284 usbohci - ok
11:01:30.0302 3284 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
11:01:30.0364 3284 usbprint - ok
11:01:30.0411 3284 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\windows\system32\DRIVERS\usbscan.sys
11:01:30.0473 3284 usbscan - ok
11:01:30.0536 3284 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS
11:01:30.0583 3284 USBSTOR - ok
11:01:30.0598 3284 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\drivers\usbuhci.sys
11:01:30.0645 3284 usbuhci - ok
11:01:30.0707 3284 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\system32\Drivers\usbvideo.sys
11:01:30.0785 3284 usbvideo - ok
11:01:30.0817 3284 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
11:01:31.0004 3284 UxSms - ok
11:01:31.0051 3284 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
11:01:31.0113 3284 VaultSvc - ok
11:01:31.0503 3284 vcsFPService (48e21e9aab80a25e3920daa75a00caa1) C:\windows\system32\vcsFPService.exe
11:01:32.0111 3284 vcsFPService - ok
11:01:32.0267 3284 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
11:01:32.0314 3284 vdrvroot - ok
11:01:32.0408 3284 vds (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe
11:01:32.0564 3284 vds - ok
11:01:32.0595 3284 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
11:01:32.0657 3284 vga - ok
11:01:32.0689 3284 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
11:01:32.0798 3284 VgaSave - ok
11:01:32.0860 3284 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
11:01:32.0938 3284 vhdmp - ok
11:01:32.0954 3284 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
11:01:33.0001 3284 viaide - ok
11:01:33.0016 3284 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
11:01:33.0079 3284 volmgr - ok
11:01:33.0157 3284 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
11:01:33.0219 3284 volmgrx - ok
11:01:33.0281 3284 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
11:01:33.0359 3284 volsnap - ok
11:01:33.0406 3284 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\drivers\vsmraid.sys
11:01:33.0469 3284 vsmraid - ok
11:01:33.0687 3284 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe
11:01:33.0890 3284 VSS - ok
11:01:34.0061 3284 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
11:01:34.0124 3284 vwifibus - ok
11:01:34.0171 3284 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
11:01:34.0249 3284 vwififlt - ok
11:01:34.0280 3284 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\windows\system32\DRIVERS\vwifimp.sys
11:01:34.0342 3284 vwifimp - ok
11:01:34.0420 3284 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
11:01:34.0576 3284 W32Time - ok
11:01:34.0623 3284 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\drivers\wacompen.sys
11:01:34.0685 3284 WacomPen - ok
11:01:34.0732 3284 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
11:01:34.0857 3284 WANARP - ok
11:01:34.0873 3284 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
11:01:34.0982 3284 Wanarpv6 - ok
11:01:35.0169 3284 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe
11:01:35.0918 3284 WatAdminSvc - ok
11:01:36.0121 3284 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe
11:01:36.0370 3284 wbengine - ok
11:01:36.0542 3284 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
11:01:36.0651 3284 WbioSrvc - ok
11:01:36.0698 3284 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll
11:01:36.0823 3284 wcncsvc - ok
11:01:36.0869 3284 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
11:01:36.0963 3284 WcsPlugInService - ok
11:01:37.0010 3284 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\drivers\wd.sys
11:01:37.0057 3284 Wd - ok
11:01:37.0166 3284 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
11:01:37.0244 3284 Wdf01000 - ok
11:01:37.0275 3284 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
11:01:37.0384 3284 WdiServiceHost - ok
11:01:37.0400 3284 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
11:01:37.0493 3284 WdiSystemHost - ok
11:01:37.0556 3284 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll
11:01:37.0665 3284 WebClient - ok
11:01:37.0727 3284 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
11:01:37.0899 3284 Wecsvc - ok
11:01:37.0930 3284 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
11:01:38.0086 3284 wercplsupport - ok
11:01:38.0133 3284 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
11:01:38.0289 3284 WerSvc - ok
11:01:38.0351 3284 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
11:01:38.0461 3284 WfpLwf - ok
11:01:38.0476 3284 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
11:01:38.0523 3284 WIMMount - ok
11:01:38.0570 3284 WinDefend - ok
11:01:38.0601 3284 WinHttpAutoProxySvc - ok
11:01:38.0695 3284 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
11:01:38.0851 3284 Winmgmt - ok
11:01:39.0100 3284 WinRM (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll
11:01:39.0319 3284 WinRM - ok
11:01:39.0568 3284 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
11:01:39.0724 3284 Wlansvc - ok
11:01:40.0052 3284 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:01:40.0411 3284 wlidsvc - ok
11:01:40.0567 3284 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\drivers\wmiacpi.sys
11:01:40.0613 3284 WmiAcpi - ok
11:01:40.0707 3284 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
11:01:40.0801 3284 wmiApSrv - ok
11:01:40.0847 3284 WMPNetworkSvc - ok
11:01:40.0879 3284 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
11:01:40.0972 3284 WPCSvc - ok
11:01:41.0035 3284 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll
11:01:41.0128 3284 WPDBusEnum - ok
11:01:41.0159 3284 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
11:01:41.0269 3284 ws2ifsl - ok
11:01:41.0300 3284 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\windows\System32\wscsvc.dll
11:01:41.0409 3284 wscsvc - ok
11:01:41.0425 3284 WSearch - ok
11:01:41.0690 3284 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\windows\system32\wuaueng.dll
11:01:41.0939 3284 wuauserv - ok
11:01:42.0127 3284 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
11:01:42.0267 3284 WudfPf - ok
11:01:42.0314 3284 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys
11:01:42.0439 3284 WUDFRd - ok
11:01:42.0485 3284 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\windows\System32\WUDFSvc.dll
11:01:42.0626 3284 wudfsvc - ok
11:01:42.0688 3284 WwanSvc (ce8cf9de9cbfdaa318bd04d8be3fcada) C:\windows\System32\wwansvc.dll
11:01:42.0813 3284 WwanSvc - ok
11:01:42.0891 3284 XobniService (a35820791f940822c31908f58f91d973) C:\Program Files (x86)\Xobni\XobniService.exe
11:01:42.0985 3284 XobniService - ok
11:01:43.0031 3284 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
11:01:43.0187 3284 \Device\Harddisk0\DR0 - ok
11:01:43.0203 3284 MBR (0x1B8) (739b36f7a373fc81121d831231b6d311) \Device\Harddisk1\DR1
11:02:07.0024 3284 \Device\Harddisk1\DR1 - ok
11:02:07.0055 3284 Boot (0x1200) (2a1d3bc27c08e536a4f135dfc44862f7) \Device\Harddisk0\DR0\Partition0
11:02:07.0055 3284 \Device\Harddisk0\DR0\Partition0 - ok
11:02:07.0071 3284 Boot (0x1200) (98b480f5e649af65cbaa2fff32e19726) \Device\Harddisk0\DR0\Partition1
11:02:07.0071 3284 \Device\Harddisk0\DR0\Partition1 - ok
11:02:07.0102 3284 Boot (0x1200) (d44b4cf2bf786edc6f063f84ea18e4ec) \Device\Harddisk0\DR0\Partition2
11:02:07.0102 3284 \Device\Harddisk0\DR0\Partition2 - ok
11:02:07.0118 3284 Boot (0x1200) (5637bcb9b4f56eaa85168f034b5d18c2) \Device\Harddisk0\DR0\Partition3
11:02:07.0118 3284 \Device\Harddisk0\DR0\Partition3 - ok
11:02:07.0133 3284 Boot (0x1200) (faa0b9af23ff86fd24f8ebac3849f09f) \Device\Harddisk1\DR1\Partition0
11:02:07.0133 3284 \Device\Harddisk1\DR1\Partition0 - ok
11:02:07.0133 3284 ============================================================
11:02:07.0133 3284 Scan finished
11:02:07.0133 3284 ============================================================
11:02:07.0165 4852 Detected object count: 4
11:02:07.0165 4852 Actual detected object count: 4
11:02:43.0388 4852 HPFSService ( UnsignedFile.Multi.Generic ) - skipped by user
11:02:43.0388 4852 HPFSService ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:02:43.0388 4852 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
11:02:43.0388 4852 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:02:43.0403 4852 McAfee Endpoint Encryption Agent ( UnsignedFile.Multi.Generic ) - skipped by user
11:02:43.0403 4852 McAfee Endpoint Encryption Agent ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:02:43.0403 4852 RtlISMServ ( UnsignedFile.Multi.Generic ) - skipped by user
11:02:43.0403 4852 RtlISMServ ( UnsignedFile.Multi.Generic ) - User select action: Skip

#6 Příspěvek od **vyosek** » 24 dub 2012 12:53

Stahnete MBRScan http://eric71.geekstogo.com/tools/MbrScan.exe

Ulozte nejlepe na plochu
Pokud pouzivate Win Vista ci W7, kliknete na MBRScan pravym a dejte Run As Administrator ci Spustit jako spravce
Kliknete na Report
Po chvilce se objevi log do souboru MBRScan.txt, ten sem vlozte

jaGmann · #7 Příspěvek od **jaGmann** » 24 dub 2012 13:01

Kód: Vybrat vše

MBRScan v1.1.1

OS             : Windows 7 Service Pack 1 (64 bit)
PROCESSOR      : AMD64 Family 18 Model 1 Stepping 0, AuthenticAMD
BOOT           : Normal Boot
DATE           : 2012/04/24 (ISO 8601) at 13:59:09
________________________________________________________________________________

DISK           : Device\Harddisk0\DR0 __Hitachi HTS547564A9E384 (JEDO)
BUS_TYPE       : (0x0B)  S-ATA
USE_PIO        : YES
MAX_TRANSFER   : 1024 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________

DISK           : Device\Harddisk1\DR2 __Sony Storage Media (0100)
BUS_TYPE       : (0x07)  USB
USE_PIO        : NO
MAX_TRANSFER   : 64 Kb
ALIGNMENT_MASK : byte aligned
________________________________________________________________________________

Device\Harddisk0\DR0	596.2 Go  [Fixed] ==> 7 MBR Code... ==> PARTITION TABLE FAKED !!

MBR_MD5   : 40F8A4324FBE43100E25CCECAF7437F8
MBR_SHA1  : EA65D4A9D1B5E00D662ABEA7D8FBA6F499FB3A44

Device\Harddisk0\Partition1	300.0 Mo  	0x07 NTFS / HPFS __ BOOTABLE __
Device\Harddisk0\Partition2	575.3 Go  	0x07 NTFS / HPFS
Device\Harddisk0\Partition3	15.62 Go  	0x07 NTFS / HPFS
Device\Harddisk0\Partition4	5.00 Go  	0x0C FAT32 [LBA] 
________________________________________________________________________________

Device\Harddisk1\DR2	979.3 Mo  [Removable] ==> Unknown MBR Code

MBR_MD5   : 660BEF5E3756325F25414A59A143C11C
MBR_SHA1  : 4731AEB30FD20D13E805E7BBB7619F76566495DC

Device\Harddisk1\Partition1	979.2 Mo  	0x0E FAT16 [LBA]  __ BOOTABLE __
________________________________________________________________________________

############################### Additional scan ################################

DRIVER  : C:\windows\system32\hal.dll => Invisible on the disk
ADDRESS : 0x031E9000
SIZE    : 292.0 Ko

DRIVER  : C:\windows\system32\kdcom.dll => Invisible on the disk
ADDRESS : 0x00BCD000
SIZE    : 40.0 Ko

DRIVER  : C:\windows\system32\mcupdate_AuthenticAMD.dll => Invisible on the disk
ADDRESS : 0x00C6A000
SIZE    : 52.0 Ko

DRIVER  : C:\windows\system32\CLFS.SYS => Invisible on the disk
ADDRESS : 0x00C8B000
SIZE    : 376.0 Ko

DRIVER  : C:\windows\system32\CI.dll => Invisible on the disk
ADDRESS : 0x00CE9000
SIZE    : 768.0 Ko

DRIVER  : C:\windows\system32\drivers\Wdf01000.sys => Invisible on the disk
ADDRESS : 0x00E71000
SIZE    : 656.0 Ko

DRIVER  : C:\windows\system32\drivers\WDFLDR.SYS => Invisible on the disk
ADDRESS : 0x00F15000
SIZE    : 60.0 Ko

DRIVER  : C:\windows\system32\drivers\ACPI.sys => Invisible on the disk
ADDRESS : 0x00F24000
SIZE    : 348.0 Ko

DRIVER  : C:\windows\system32\drivers\WMILIB.SYS => Invisible on the disk
ADDRESS : 0x00F7B000
SIZE    : 36.0 Ko

DRIVER  : C:\windows\system32\drivers\msisadrv.sys => Invisible on the disk
ADDRESS : 0x00F84000
SIZE    : 40.0 Ko

DRIVER  : C:\windows\system32\drivers\pci.sys => Invisible on the disk
ADDRESS : 0x00F8E000
SIZE    : 204.0 Ko

DRIVER  : C:\windows\system32\drivers\vdrvroot.sys => Invisible on the disk
ADDRESS : 0x00FC1000
SIZE    : 52.0 Ko

DRIVER  : C:\windows\System32\drivers\partmgr.sys => Invisible on the disk
ADDRESS : 0x00FCE000
SIZE    : 84.0 Ko

DRIVER  : C:\windows\system32\drivers\compbatt.sys => Invisible on the disk
ADDRESS : 0x00FE3000
SIZE    : 36.0 Ko

DRIVER  : C:\windows\system32\drivers\BATTC.SYS => Invisible on the disk
ADDRESS : 0x00FEC000
SIZE    : 48.0 Ko

DRIVER  : C:\windows\system32\drivers\volmgr.sys => Invisible on the disk
ADDRESS : 0x00E00000
SIZE    : 84.0 Ko

DRIVER  : C:\windows\System32\drivers\volmgrx.sys => Invisible on the disk
ADDRESS : 0x00E15000
SIZE    : 368.0 Ko

DRIVER  : C:\windows\System32\drivers\mountmgr.sys => Invisible on the disk
ADDRESS : 0x00DA9000
SIZE    : 104.0 Ko

DRIVER  : C:\windows\system32\drivers\atapi.sys => Invisible on the disk
ADDRESS : 0x00DC3000
SIZE    : 36.0 Ko

DRIVER  : C:\windows\system32\drivers\ataport.SYS => Invisible on the disk
ADDRESS : 0x00DCC000
SIZE    : 168.0 Ko

DRIVER  : C:\windows\system32\drivers\amd_sata.sys => Invisible on the disk
ADDRESS : 0x00C00000
SIZE    : 92.0 Ko

DRIVER  : C:\windows\system32\drivers\storport.sys => Invisible on the disk
ADDRESS : 0x0105A000
SIZE    : 396.0 Ko

DRIVER  : C:\windows\system32\drivers\amd_xata.sys => Invisible on the disk
ADDRESS : 0x010BD000
SIZE    : 56.0 Ko

DRIVER  : C:\windows\system32\drivers\amdsata.sys => Invisible on the disk
ADDRESS : 0x010CB000
SIZE    : 120.0 Ko

DRIVER  : C:\windows\system32\drivers\amdxata.sys => Invisible on the disk
ADDRESS : 0x010E9000
SIZE    : 44.0 Ko

DRIVER  : C:\windows\system32\drivers\fltmgr.sys => Invisible on the disk
ADDRESS : 0x010F4000
SIZE    : 304.0 Ko

DRIVER  : C:\windows\system32\drivers\fileinfo.sys => Invisible on the disk
ADDRESS : 0x01140000
SIZE    : 80.0 Ko

DRIVER  : C:\windows\System32\Drivers\Ntfs.sys => Invisible on the disk
ADDRESS : 0x01224000
SIZE    : 1.64 Mo

DRIVER  : C:\windows\System32\Drivers\msrpc.sys => Invisible on the disk
ADDRESS : 0x01154000
SIZE    : 376.0 Ko

DRIVER  : C:\windows\System32\Drivers\ksecdd.sys => Invisible on the disk
ADDRESS : 0x013C7000
SIZE    : 108.0 Ko

DRIVER  : C:\windows\System32\Drivers\cng.sys => Invisible on the disk
ADDRESS : 0x01469000
SIZE    : 456.0 Ko

DRIVER  : C:\windows\System32\drivers\pcw.sys => Invisible on the disk
ADDRESS : 0x014DB000
SIZE    : 68.0 Ko

DRIVER  : C:\windows\System32\Drivers\Fs_Rec.sys => Invisible on the disk
ADDRESS : 0x014EC000
SIZE    : 40.0 Ko

DRIVER  : C:\windows\system32\drivers\ndis.sys => Invisible on the disk
ADDRESS : 0x014F6000
SIZE    : 972.0 Ko

DRIVER  : C:\windows\system32\drivers\NETIO.SYS => Invisible on the disk
ADDRESS : 0x01400000
SIZE    : 384.0 Ko

DRIVER  : C:\windows\System32\Drivers\ksecpkg.sys => Invisible on the disk
ADDRESS : 0x011B2000
SIZE    : 172.0 Ko

DRIVER  : C:\windows\System32\drivers\tcpip.sys => Invisible on the disk
ADDRESS : 0x01610000
SIZE    : 2.02 Mo

DRIVER  : C:\windows\System32\drivers\fwpkclnt.sys => Invisible on the disk
ADDRESS : 0x01814000
SIZE    : 296.0 Ko

DRIVER  : C:\windows\system32\drivers\volsnap.sys => Invisible on the disk
ADDRESS : 0x0185E000
SIZE    : 304.0 Ko

DRIVER  : C:\windows\System32\Drivers\spldr.sys => Invisible on the disk
ADDRESS : 0x018AA000
SIZE    : 32.0 Ko

DRIVER  : C:\windows\System32\drivers\rdyboost.sys => Invisible on the disk
ADDRESS : 0x018B2000
SIZE    : 232.0 Ko

DRIVER  : C:\windows\System32\Drivers\mup.sys => Invisible on the disk
ADDRESS : 0x018EC000
SIZE    : 72.0 Ko

DRIVER  : C:\windows\System32\Drivers\MfeEpePc.sys => Invisible on the disk
ADDRESS : 0x018FE000
SIZE    : 148.0 Ko

DRIVER  : C:\windows\System32\drivers\hwpolicy.sys => Invisible on the disk
ADDRESS : 0x01923000
SIZE    : 36.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\hpdskflt.sys => Invisible on the disk
ADDRESS : 0x0192C000
SIZE    : 40.0 Ko

DRIVER  : C:\windows\System32\DRIVERS\fvevol.sys => Invisible on the disk
ADDRESS : 0x01936000
SIZE    : 232.0 Ko

DRIVER  : C:\windows\system32\drivers\disk.sys => Invisible on the disk
ADDRESS : 0x01970000
SIZE    : 88.0 Ko

DRIVER  : C:\windows\system32\drivers\CLASSPNP.SYS => Invisible on the disk
ADDRESS : 0x01986000
SIZE    : 192.0 Ko

DRIVER  : C:\windows\system32\drivers\cdrom.sys => Invisible on the disk
ADDRESS : 0x01000000
SIZE    : 168.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\MpFilter.sys => Invisible on the disk
ADDRESS : 0x00C17000
SIZE    : 196.0 Ko

DRIVER  : C:\windows\System32\Drivers\Null.SYS => Invisible on the disk
ADDRESS : 0x01600000
SIZE    : 36.0 Ko

DRIVER  : C:\windows\System32\Drivers\Beep.SYS => Invisible on the disk
ADDRESS : 0x01609000
SIZE    : 28.0 Ko

DRIVER  : C:\windows\System32\drivers\vga.sys => Invisible on the disk
ADDRESS : 0x015E9000
SIZE    : 56.0 Ko

DRIVER  : C:\windows\System32\drivers\VIDEOPRT.SYS => Invisible on the disk
ADDRESS : 0x0102A000
SIZE    : 148.0 Ko

DRIVER  : C:\windows\System32\drivers\watchdog.sys => Invisible on the disk
ADDRESS : 0x013E2000
SIZE    : 64.0 Ko

DRIVER  : C:\windows\System32\DRIVERS\RDPCDD.sys => Invisible on the disk
ADDRESS : 0x015F7000
SIZE    : 36.0 Ko

DRIVER  : C:\windows\system32\drivers\rdpencdd.sys => Invisible on the disk
ADDRESS : 0x01460000
SIZE    : 36.0 Ko

DRIVER  : C:\windows\system32\drivers\rdprefmp.sys => Invisible on the disk
ADDRESS : 0x013F2000
SIZE    : 36.0 Ko

DRIVER  : C:\windows\System32\Drivers\Msfs.SYS => Invisible on the disk
ADDRESS : 0x01200000
SIZE    : 44.0 Ko

DRIVER  : C:\windows\System32\Drivers\Npfs.SYS => Invisible on the disk
ADDRESS : 0x0120B000
SIZE    : 68.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\tdx.sys => Invisible on the disk
ADDRESS : 0x011DD000
SIZE    : 136.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\TDI.SYS => Invisible on the disk
ADDRESS : 0x00C48000
SIZE    : 52.0 Ko

DRIVER  : C:\windows\system32\drivers\afd.sys => Invisible on the disk
ADDRESS : 0x03E87000
SIZE    : 548.0 Ko

DRIVER  : C:\windows\System32\DRIVERS\netbt.sys => Invisible on the disk
ADDRESS : 0x03F10000
SIZE    : 276.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\wfplwf.sys => Invisible on the disk
ADDRESS : 0x03F55000
SIZE    : 36.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\pacer.sys => Invisible on the disk
ADDRESS : 0x03F5E000
SIZE    : 152.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\vwififlt.sys => Invisible on the disk
ADDRESS : 0x03F84000
SIZE    : 88.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\netbios.sys => Invisible on the disk
ADDRESS : 0x03F9A000
SIZE    : 60.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\wanarp.sys => Invisible on the disk
ADDRESS : 0x03FA9000
SIZE    : 108.0 Ko

DRIVER  : C:\windows\system32\drivers\termdd.sys => Invisible on the disk
ADDRESS : 0x03FC4000
SIZE    : 80.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\rdbss.sys => Invisible on the disk
ADDRESS : 0x03E00000
SIZE    : 324.0 Ko

DRIVER  : C:\windows\system32\drivers\nsiproxy.sys => Invisible on the disk
ADDRESS : 0x03E51000
SIZE    : 48.0 Ko

DRIVER  : C:\windows\system32\drivers\mssmbios.sys => Invisible on the disk
ADDRESS : 0x03E5D000
SIZE    : 44.0 Ko

DRIVER  : C:\windows\System32\drivers\discache.sys => Invisible on the disk
ADDRESS : 0x03E68000
SIZE    : 60.0 Ko

DRIVER  : C:\windows\System32\Drivers\dfsc.sys => Invisible on the disk
ADDRESS : 0x03FD8000
SIZE    : 120.0 Ko

DRIVER  : C:\windows\system32\drivers\blbdrive.sys => Invisible on the disk
ADDRESS : 0x00C55000
SIZE    : 68.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\tunnel.sys => Invisible on the disk
ADDRESS : 0x040A5000
SIZE    : 152.0 Ko

DRIVER  : C:\windows\system32\drivers\amdppm.sys => Invisible on the disk
ADDRESS : 0x040CB000
SIZE    : 84.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\atikmpag.sys => Invisible on the disk
ADDRESS : 0x040E0000
SIZE    : 316.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\atikmdag.sys => Invisible on the disk
ADDRESS : 0x048BE000
SIZE    : 9.16 Mo

DRIVER  : C:\windows\System32\Drivers\fastfat.SYS => Invisible on the disk
ADDRESS : 0x04800000
SIZE    : 216.0 Ko

DRIVER  : C:\windows\System32\drivers\dxgkrnl.sys => Invisible on the disk
ADDRESS : 0x052EB000
SIZE    : 976.0 Ko

DRIVER  : C:\windows\System32\drivers\dxgmms1.sys => Invisible on the disk
ADDRESS : 0x05200000
SIZE    : 280.0 Ko

DRIVER  : C:\windows\system32\drivers\HDAudBus.sys => Invisible on the disk
ADDRESS : 0x05246000
SIZE    : 144.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\Rt64win7.sys => Invisible on the disk
ADDRESS : 0x04836000
SIZE    : 532.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\jmcr.sys => Invisible on the disk
ADDRESS : 0x0526A000
SIZE    : 184.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\SCSIPORT.SYS => Invisible on the disk
ADDRESS : 0x05298000
SIZE    : 188.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\athrx.sys => Invisible on the disk
ADDRESS : 0x0567B000
SIZE    : 2.63 Mo

DRIVER  : C:\windows\system32\DRIVERS\vwifibus.sys => Invisible on the disk
ADDRESS : 0x0591B000
SIZE    : 52.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\amdxhc.sys => Invisible on the disk
ADDRESS : 0x05928000
SIZE    : 196.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\USBD.SYS => Invisible on the disk
ADDRESS : 0x05959000
SIZE    : 8.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\usbohci.sys => Invisible on the disk
ADDRESS : 0x05964000
SIZE    : 44.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\USBPORT.SYS => Invisible on the disk
ADDRESS : 0x0596F000
SIZE    : 344.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\usbehci.sys => Invisible on the disk
ADDRESS : 0x059C5000
SIZE    : 68.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\i8042prt.sys => Invisible on the disk
ADDRESS : 0x059D6000
SIZE    : 120.0 Ko

DRIVER  : C:\windows\system32\drivers\HpqKbFiltr.sys => Invisible on the disk
ADDRESS : 0x059F4000
SIZE    : 48.0 Ko

DRIVER  : C:\windows\system32\drivers\kbdclass.sys => Invisible on the disk
ADDRESS : 0x05600000
SIZE    : 60.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\SynTP.sys => Invisible on the disk
ADDRESS : 0x05A17000
SIZE    : 1.40 Mo

DRIVER  : C:\windows\system32\DRIVERS\mouclass.sys => Invisible on the disk
ADDRESS : 0x05B7E000
SIZE    : 60.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\Accelerometer.sys => Invisible on the disk
ADDRESS : 0x05B8D000
SIZE    : 52.0 Ko

DRIVER  : C:\windows\system32\drivers\CmBatt.sys => Invisible on the disk
ADDRESS : 0x05B9A000
SIZE    : 20.0 Ko

DRIVER  : C:\windows\system32\drivers\wmiacpi.sys => Invisible on the disk
ADDRESS : 0x05B9F000
SIZE    : 36.0 Ko

DRIVER  : C:\windows\system32\drivers\CompositeBus.sys => Invisible on the disk
ADDRESS : 0x05BA8000
SIZE    : 64.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\ArcSoftVCapture.sys => Invisible on the disk
ADDRESS : 0x05BB8000
SIZE    : 28.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\ks.sys => Invisible on the disk
ADDRESS : 0x0560F000
SIZE    : 268.0 Ko

DRIVER  : C:\windows\system32\drivers\ksthunk.sys => Invisible on the disk
ADDRESS : 0x05BBF000
SIZE    : 24.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\AgileVpn.sys => Invisible on the disk
ADDRESS : 0x05BD6000
SIZE    : 88.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\rasl2tp.sys => Invisible on the disk
ADDRESS : 0x05652000
SIZE    : 144.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\ndistapi.sys => Invisible on the disk
ADDRESS : 0x05BEC000
SIZE    : 48.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\ndiswan.sys => Invisible on the disk
ADDRESS : 0x0412F000
SIZE    : 188.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\raspppoe.sys => Invisible on the disk
ADDRESS : 0x052C7000
SIZE    : 108.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\raspptp.sys => Invisible on the disk
ADDRESS : 0x053DF000
SIZE    : 132.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\rassstp.sys => Invisible on the disk
ADDRESS : 0x051E6000
SIZE    : 104.0 Ko

DRIVER  : C:\windows\system32\drivers\swenum.sys => Invisible on the disk
ADDRESS : 0x05BF8000
SIZE    : 8.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\btath_bus.sys => Invisible on the disk
ADDRESS : 0x05A00000
SIZE    : 44.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\umbus.sys => Invisible on the disk
ADDRESS : 0x0415E000
SIZE    : 72.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\amdhub30.sys => Invisible on the disk
ADDRESS : 0x04170000
SIZE    : 100.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\usbhub.sys => Invisible on the disk
ADDRESS : 0x04189000
SIZE    : 360.0 Ko

DRIVER  : C:\windows\system32\drivers\AtihdW76.sys => Invisible on the disk
ADDRESS : 0x04000000
SIZE    : 128.0 Ko

DRIVER  : C:\windows\system32\drivers\portcls.sys => Invisible on the disk
ADDRESS : 0x04020000
SIZE    : 244.0 Ko

DRIVER  : C:\windows\system32\drivers\drmk.sys => Invisible on the disk
ADDRESS : 0x0405D000
SIZE    : 136.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\stwrt64.sys => Invisible on the disk
ADDRESS : 0x06E04000
SIZE    : 528.0 Ko

DRIVER  : C:\windows\System32\Drivers\NDProxy.SYS => Invisible on the disk
ADDRESS : 0x06E88000
SIZE    : 84.0 Ko

DRIVER  : C:\windows\System32\win32k.sys => Invisible on the disk
ADDRESS : 0x000A0000
SIZE    : 3.08 Mo

DRIVER  : C:\windows\System32\drivers\Dxapi.sys => Invisible on the disk
ADDRESS : 0x06E9D000
SIZE    : 48.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\usbccgp.sys => Invisible on the disk
ADDRESS : 0x06F96000
SIZE    : 116.0 Ko

DRIVER  : C:\windows\System32\Drivers\crashdmp.sys => Invisible on the disk
ADDRESS : 0x06FB3000
SIZE    : 56.0 Ko

DRIVER  : C:\windows\System32\Drivers\dump_diskdump.sys => Invisible on the disk
ADDRESS : 0x06FC1000
SIZE    : 40.0 Ko

DRIVER  : C:\windows\System32\Drivers\dump_amd_sata.sys => Invisible on the disk
ADDRESS : 0x06FCB000
SIZE    : 92.0 Ko

DRIVER  : C:\windows\System32\Drivers\dump_MfeEpeHb.sys => Invisible on the disk
ADDRESS : 0x06FE2000
SIZE    : 8.0 Ko

DRIVER  : C:\windows\System32\Drivers\dump_dumpfve.sys => Invisible on the disk
ADDRESS : 0x06FE4000
SIZE    : 76.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\snp2uvc.sys => Invisible on the disk
ADDRESS : 0x04619000
SIZE    : 1.74 Mo

DRIVER  : C:\windows\system32\DRIVERS\STREAM.SYS => Invisible on the disk
ADDRESS : 0x047D6000
SIZE    : 68.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\sncduvc.SYS => Invisible on the disk
ADDRESS : 0x047E7000
SIZE    : 36.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\monitor.sys => Invisible on the disk
ADDRESS : 0x047F0000
SIZE    : 56.0 Ko

DRIVER  : C:\windows\System32\TSDDD.dll => Invisible on the disk
ADDRESS : 0x00480000
SIZE    : 40.0 Ko

DRIVER  : C:\windows\System32\cdd.dll => Invisible on the disk
ADDRESS : 0x00750000
SIZE    : 156.0 Ko

DRIVER  : C:\windows\system32\drivers\luafv.sys => Invisible on the disk
ADDRESS : 0x06EA9000
SIZE    : 140.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\Sftvollh.sys => Invisible on the disk
ADDRESS : 0x04600000
SIZE    : 44.0 Ko

DRIVER  : C:\windows\system32\drivers\WudfPf.sys => Invisible on the disk
ADDRESS : 0x06ECC000
SIZE    : 132.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\lltdio.sys => Invisible on the disk
ADDRESS : 0x06EED000
SIZE    : 84.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\nwifi.sys => Invisible on the disk
ADDRESS : 0x06F02000
SIZE    : 332.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\ndisuio.sys => Invisible on the disk
ADDRESS : 0x06F55000
SIZE    : 76.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\rspndr.sys => Invisible on the disk
ADDRESS : 0x06F68000
SIZE    : 96.0 Ko

DRIVER  : C:\windows\system32\drivers\HTTP.sys => Invisible on the disk
ADDRESS : 0x07E44000
SIZE    : 804.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\vwifimp.sys => Invisible on the disk
ADDRESS : 0x07F0D000
SIZE    : 40.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\bowser.sys => Invisible on the disk
ADDRESS : 0x07F17000
SIZE    : 120.0 Ko

DRIVER  : C:\windows\System32\drivers\mpsdrv.sys => Invisible on the disk
ADDRESS : 0x07F35000
SIZE    : 96.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\mrxsmb.sys => Invisible on the disk
ADDRESS : 0x07F4D000
SIZE    : 180.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\mrxsmb10.sys => Invisible on the disk
ADDRESS : 0x07F7A000
SIZE    : 312.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\mrxsmb20.sys => Invisible on the disk
ADDRESS : 0x07FC8000
SIZE    : 144.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\MpNWMon.sys => Invisible on the disk
ADDRESS : 0x07FEC000
SIZE    : 64.0 Ko

DRIVER  : C:\windows\system32\drivers\peauth.sys => Invisible on the disk
ADDRESS : 0x0A462000
SIZE    : 664.0 Ko

DRIVER  : C:\windows\System32\Drivers\secdrv.SYS => Invisible on the disk
ADDRESS : 0x0A508000
SIZE    : 44.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\Sftfslh.sys => Invisible on the disk
ADDRESS : 0x0A513000
SIZE    : 772.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\Sftplaylh.sys => Invisible on the disk
ADDRESS : 0x0A400000
SIZE    : 308.0 Ko

DRIVER  : C:\windows\System32\DRIVERS\srvnet.sys => Invisible on the disk
ADDRESS : 0x07E00000
SIZE    : 196.0 Ko

DRIVER  : C:\windows\System32\drivers\tcpipreg.sys => Invisible on the disk
ADDRESS : 0x0A44D000
SIZE    : 72.0 Ko

DRIVER  : C:\windows\System32\DRIVERS\srv2.sys => Invisible on the disk
ADDRESS : 0x0AEA1000
SIZE    : 420.0 Ko

DRIVER  : C:\windows\System32\DRIVERS\srv.sys => Invisible on the disk
ADDRESS : 0x0AF0A000
SIZE    : 608.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\Sftredirlh.sys => Invisible on the disk
ADDRESS : 0x0AFA2000
SIZE    : 44.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\NisDrvWFP.sys => Invisible on the disk
ADDRESS : 0x0AFAD000
SIZE    : 96.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\USBSTOR.SYS => Invisible on the disk
ADDRESS : 0x0AFC5000
SIZE    : 108.0 Ko

DRIVER  : C:\windows\system32\DRIVERS\WUDFRd.sys => Invisible on the disk
ADDRESS : 0x0AE00000
SIZE    : 196.0 Ko

DRIVER  : C:\windows\System32\smss.exe => Invisible on the disk
ADDRESS : 0x48230000
SIZE    : 128.0 Ko

BCD EmsSettings {0CE4991B-E6B3-4B16-B23C-5E0D9250E5D9} => BcdLibraryBoolean_EmsEnabled (16000020)

SystemStartOptions :  NOEXECUTE=OPTIN

________________________________________________________________________________

_____FAKED   \Device\Harddisk0\DR0  

0x00000000   33 C0 8E D0 BC 00 7C 8E C0 8E D8 BE 00 7C BF 00   3À.Ð¼.|.À.Ø¾.|¿.
0x00000010   06 B9 00 02 FC F3 A4 50 68 1C 06 CB FB B9 04 00   .¹..üó¤Ph..Ëû¹..
0x00000020   BD BE 07 80 7E 00 00 7C 0B 0F 85 0E 01 83 C5 10   ½¾..~..|......Å.
0x00000030   E2 F1 CD 18 88 56 00 55 C6 46 11 05 C6 46 10 00   âñÍ..V.UÆF..ÆF..
0x00000040   B4 41 BB AA 55 CD 13 5D 72 0F 81 FB 55 AA 75 09   ´A»ªUÍ.]r..ûUªu.
0x00000050   F7 C1 01 00 74 03 FE 46 10 66 60 80 7E 10 00 74   ÷Á..t.þF.f`.~..t
0x00000060   26 66 68 00 00 00 00 66 FF 76 08 68 00 00 68 00   &fh....f.v.h..h.
0x00000070   7C 68 01 00 68 10 00 B4 42 8A 56 00 8B F4 CD 13   |h..h..´B.V..ôÍ.
0x00000080   9F 83 C4 10 9E EB 14 B8 01 02 BB 00 7C 8A 56 00   ..Ä..ë.¸..».|.V.
0x00000090   8A 76 01 8A 4E 02 8A 6E 03 CD 13 66 61 73 1C FE   .v..N..n.Í.fas.þ
0x000000A0   4E 11 75 0C 80 7E 00 80 0F 84 8A 00 B2 80 EB 84   N.u..~......².ë.
0x000000B0   55 32 E4 8A 56 00 CD 13 5D EB 9E 81 3E FE 7D 55   U2ä.V.Í.]ë..>þ}U
0x000000C0   AA 75 6E FF 76 00 E8 8D 00 75 17 FA B0 D1 E6 64   ªun.v.è..u.ú°Ñæd
0x000000D0   E8 83 00 B0 DF E6 60 E8 7C 00 B0 FF E6 64 E8 75   è..°ßæ`è|.°.ædèu
0x000000E0   00 FB B8 00 BB CD 1A 66 23 C0 75 3B 66 81 FB 54   .û¸.»Í.f#Àu;f.ûT
0x000000F0   43 50 41 75 32 81 F9 02 01 72 2C 66 68 07 BB 00   CPAu2.ù..r,fh.».
0x00000100   00 66 68 00 02 00 00 66 68 08 00 00 00 66 53 66   .fh....fh....fSf
0x00000110   53 66 55 66 68 00 00 00 00 66 68 00 7C 00 00 66   SfUfh....fh.|..f
0x00000120   61 68 00 00 07 CD 1A 5A 32 F6 EA 00 7C 00 00 CD   ah...Í.Z2öê.|..Í
0x00000130   18 A0 B7 07 EB 08 A0 B6 07 EB 03 A0 B5 07 32 E4   ..·.ë..¶.ë..µ.2ä
0x00000140   05 00 07 8B F0 AC 3C 00 74 09 BB 07 00 B4 0E CD   ....ð¬<.t.»..´.Í
0x00000150   10 EB F2 F4 EB FD 2B C9 E4 64 EB 00 24 02 E0 F8   .ëòôëý+Éädë.$.àø
0x00000160   24 02 C3 49 6E 76 61 6C 69 64 20 70 61 72 74 69   $.ÃInvalid parti
0x00000170   74 69 6F 6E 20 74 61 62 6C 65 00 45 72 72 6F 72   tion table.Error
0x00000180   20 6C 6F 61 64 69 6E 67 20 6F 70 65 72 61 74 69    loading operati
0x00000190   6E 67 20 73 79 73 74 65 6D 00 4D 69 73 73 69 6E   ng system.Missin
0x000001A0   67 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74   g operating syst
0x000001B0   65 6D 00 00 00 63 7B 9A 25 0A F8 54 00 00 00 20   em...c{.%.øT... 
0x000001C0   21 00 07 5E 38 26 00 08 00 00 00 60 09 00 00 5E   !..^8&.....`...^
0x000001D0   39 26 07 FE FF FF 00 68 09 00 00 00 80 07 80 FE   9&.þ...h.......þ
0x000001E0   FF FF 06 FE FF FF 00 78 03 0A 00 48 1F 00 00 FE   ...þ...x...H...þ
0x000001F0   FF FF 06 FE FF FF 00 80 40 0A 00 80 3E 00 55 AA   ...þ....@...>.Uª

__ORIGINAL   \Device\Harddisk0\DR0  

0x00000000   33 C0 8E D0 BC 00 7C 8E C0 8E D8 BE 00 7C BF 00   3À.Ð¼.|.À.Ø¾.|¿.
0x00000010   06 B9 00 02 FC F3 A4 50 68 1C 06 CB FB B9 04 00   .¹..üó¤Ph..Ëû¹..
0x00000020   BD BE 07 80 7E 00 00 7C 0B 0F 85 0E 01 83 C5 10   ½¾..~..|......Å.
0x00000030   E2 F1 CD 18 88 56 00 55 C6 46 11 05 C6 46 10 00   âñÍ..V.UÆF..ÆF..
0x00000040   B4 41 BB AA 55 CD 13 5D 72 0F 81 FB 55 AA 75 09   ´A»ªUÍ.]r..ûUªu.
0x00000050   F7 C1 01 00 74 03 FE 46 10 66 60 80 7E 10 00 74   ÷Á..t.þF.f`.~..t
0x00000060   26 66 68 00 00 00 00 66 FF 76 08 68 00 00 68 00   &fh....f.v.h..h.
0x00000070   7C 68 01 00 68 10 00 B4 42 8A 56 00 8B F4 CD 13   |h..h..´B.V..ôÍ.
0x00000080   9F 83 C4 10 9E EB 14 B8 01 02 BB 00 7C 8A 56 00   ..Ä..ë.¸..».|.V.
0x00000090   8A 76 01 8A 4E 02 8A 6E 03 CD 13 66 61 73 1C FE   .v..N..n.Í.fas.þ
0x000000A0   4E 11 75 0C 80 7E 00 80 0F 84 8A 00 B2 80 EB 84   N.u..~......².ë.
0x000000B0   55 32 E4 8A 56 00 CD 13 5D EB 9E 81 3E FE 7D 55   U2ä.V.Í.]ë..>þ}U
0x000000C0   AA 75 6E FF 76 00 E8 8D 00 75 17 FA B0 D1 E6 64   ªun.v.è..u.ú°Ñæd
0x000000D0   E8 83 00 B0 DF E6 60 E8 7C 00 B0 FF E6 64 E8 75   è..°ßæ`è|.°.ædèu
0x000000E0   00 FB B8 00 BB CD 1A 66 23 C0 75 3B 66 81 FB 54   .û¸.»Í.f#Àu;f.ûT
0x000000F0   43 50 41 75 32 81 F9 02 01 72 2C 66 68 07 BB 00   CPAu2.ù..r,fh.».
0x00000100   00 66 68 00 02 00 00 66 68 08 00 00 00 66 53 66   .fh....fh....fSf
0x00000110   53 66 55 66 68 00 00 00 00 66 68 00 7C 00 00 66   SfUfh....fh.|..f
0x00000120   61 68 00 00 07 CD 1A 5A 32 F6 EA 00 7C 00 00 CD   ah...Í.Z2öê.|..Í
0x00000130   18 A0 B7 07 EB 08 A0 B6 07 EB 03 A0 B5 07 32 E4   ..·.ë..¶.ë..µ.2ä
0x00000140   05 00 07 8B F0 AC 3C 00 74 09 BB 07 00 B4 0E CD   ....ð¬<.t.»..´.Í
0x00000150   10 EB F2 F4 EB FD 2B C9 E4 64 EB 00 24 02 E0 F8   .ëòôëý+Éädë.$.àø
0x00000160   24 02 C3 49 6E 76 61 6C 69 64 20 70 61 72 74 69   $.ÃInvalid parti
0x00000170   74 69 6F 6E 20 74 61 62 6C 65 00 45 72 72 6F 72   tion table.Error
0x00000180   20 6C 6F 61 64 69 6E 67 20 6F 70 65 72 61 74 69    loading operati
0x00000190   6E 67 20 73 79 73 74 65 6D 00 4D 69 73 73 69 6E   ng system.Missin
0x000001A0   67 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74   g operating syst
0x000001B0   65 6D 00 00 00 63 7B 9A 25 0A F8 54 00 00 80 20   em...c{.%.øT... 
0x000001C0   21 00 07 5E 38 26 00 08 00 00 00 60 09 00 00 5E   !..^8&.....`...^
0x000001D0   39 26 07 FE FF FF 00 68 09 00 00 30 E8 47 00 FE   9&.þ...h...0èG.þ
0x000001E0   FF FF 07 FE FF FF 00 98 F1 47 00 D0 F3 01 00 FE   ...þ....ñG.Ðó..þ
0x000001F0   FF FF 0C FE FF FF 00 68 E5 49 00 D8 9F 00 55 AA   ...þ...håI.Ø..Uª

_______MBR   \Device\Harddisk1\DR2  

0x00000000   33 C0 8E D0 BC 00 7C FB 50 07 50 1F FC BE 1B 7C   3À.Ð¼.|ûP.P.ü¾.|
0x00000010   BF 1B 06 50 57 B9 E5 01 F3 A4 CB BD BE 07 B1 04   ¿..PW¹å.ó¤Ë½¾.±.
0x00000020   38 6E 00 7C 09 75 13 83 C5 10 E2 F4 CD 18 8B F5   8n.|.u..Å.âôÍ..õ
0x00000030   83 C6 10 49 74 19 38 2C 74 F6 A0 B5 07 B4 07 8B   .Æ.It.8,tö.µ.´..
0x00000040   F0 AC 3C 00 74 FC BB 07 00 B4 0E CD 10 EB F2 88   ð¬<.tü»..´.Í.ëò.
0x00000050   4E 10 E8 46 00 73 2A FE 46 10 80 7E 04 0B 74 0B   N.èF.s*þF..~..t.
0x00000060   80 7E 04 0C 74 05 A0 B6 07 75 D2 80 46 02 06 83   .~..t..¶.uÒ.F...
0x00000070   46 08 06 83 56 0A 00 E8 21 00 73 05 A0 B6 07 EB   F...V..è!.s..¶.ë
0x00000080   BC 81 3E FE 7D 55 AA 74 0B 80 7E 10 00 74 C8 A0   ¼.>þ}Uªt..~..tÈ.
0x00000090   B7 07 EB A9 8B FC 1E 57 8B F5 CB BF 05 00 8A 56   ·.ë©.ü.W.õË¿...V
0x000000A0   00 B4 08 CD 13 72 23 8A C1 24 3F 98 8A DE 8A FC   .´.Í.r#.Á$?..Þ.ü
0x000000B0   43 F7 E3 8B D1 86 D6 B1 06 D2 EE 42 F7 E2 39 56   C÷ã.Ñ.Ö±.ÒîB÷â9V
0x000000C0   0A 77 23 72 05 39 46 08 73 1C EB 1A 90 BB 00 7C   .w#r.9F.s.ë..».|
0x000000D0   8B 4E 02 8B 56 00 CD 13 73 51 4F 74 4E 32 E4 8A   .N..V.Í.sQOtN2ä.
0x000000E0   56 00 CD 13 EB E4 8A 56 00 60 BB AA 55 B4 41 CD   V.Í.ëä.V.`»ªU´AÍ
0x000000F0   13 72 36 81 FB 55 AA 75 30 F6 C1 01 74 2B 61 60   .r6.ûUªu0öÁ.t+a`
0x00000100   6A 00 6A 00 FF 76 0A FF 76 08 6A 00 68 00 7C 6A   j.j..v..v.j.h.|j
0x00000110   01 6A 10 B4 42 8B F4 CD 13 61 61 73 0E 4F 74 0B   .j.´B.ôÍ.aas.Ot.
0x00000120   32 E4 8A 56 00 CD 13 EB D6 61 F9 C3 49 6E 76 61   2ä.V.Í.ëÖaùÃInva
0x00000130   6C 69 64 20 70 61 72 74 69 74 69 6F 6E 20 74 61   lid partition ta
0x00000140   62 6C 65 00 45 72 72 6F 72 20 6C 6F 61 64 69 6E   ble.Error loadin
0x00000150   67 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74   g operating syst
0x00000160   65 6D 00 4D 69 73 73 69 6E 67 20 6F 70 65 72 61   em.Missing opera
0x00000170   74 69 6E 67 20 73 79 73 74 65 6D 00 00 00 00 00   ting system.....
0x00000180   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000190   00 00 00 0冪䢺ᕏ ᣱ刐ڦ박�쨃嬍鈍뼡ఴꆓ▐锸깃콲讋輡놻䖗﵀顿쒑⎓ೠ䛞亷ꥼ詞딭垭䯱ꊯ뿟떜鄣迦뚽ꍬ뭤㽟⧟߱焗嫿彼迣뮝ﺇ溿홿暠繄㐐嚅ᗅ隷ퟬப縔Ｄ㇡屳䞑擅�甬궷℁䷨㾅늙ⅲ讍詟讘踬爷⿷쾋裔퓂㣕圑᣽᷸钿ᖻ妩ꄿꢤ襴୺䅏撘ߵ㯪俍Ế鎞⺙봖퀸๷餧꞉靘뽑୊�瓈辫䯩➈ᄼ⋣墴ꞎ鱗慦玒䐯룤ἡξ酘◎狋瑩᱇䁳堠읢균㛸肽⼁낕玣ຣɋ⁎螥딪䥐䢆墮磮䋲⃝㪗쨈⑺ᥬ�偅睡﵊ᬠ뾔醌嘬枿犋詖㯥턴鈇삦漆ꩳꝤ⭻㍲讁꣰㍉碦뙬뽒畒挭⿵癆뫔㍱뼉넯⿙ᑁ夞׊ⷾ�䑦봢龭寫释ᅪ껶ꄭ︃漫铊佹॥랓䇑轛갱⑩腜涙짍Ꚇˎ쬿9ⰾ掟삩�性眭劭䈿�옾ꋁꤵ낌욁쯬�제㒔웡誫즵�埸슘▃얞⫡ﺄ﬐㿐齥Ὶ䍺ٍ㯿뼯֬ఋ隀鿘︧諰䆢ﬄ꫟㔘襝פֿ资틻毺캋裏⋶！꣭痬☪瘵퀱＼錧뫯︢嵮磊枼ӷ뭦ふꚓ謫䈧庬ꑐ迿蚐ἳ๒⻽㎌莖웁陔㋙ࣨ⎻⎛⥪傀�㟙堜ඳ╜俋䠨冺㉓ᚺ㝯勄ތ뿦␸㠈蹌﫜䋕腋꾫娸窏뱋�쿒�軵폃큌䘍Ȇ⃭笄꾳⵫ⶌ�摆嘎餭䵔扶뙯鴠簮ꚸሥ緁䧡饮䜳尅쌡勀栐޸ᔗ是촃洱ѥঝ溷⟲䗣䶍⁠�쏹鎈疟뿼à胞빿혎俲柧ꊌʢ〤肝龲덲ᵻΰ곡꯼苳喦绍쯲駭࣪뼴蚺쩂ธ畮੝ໞ鰲뾮乴뾮缿杼鈽⽙幦�뼂忖笓鋾ូ痼ءⰞ쯃⺑ঞ븀Ꭷ綂䣗ဖ錋ￂ䎺䠯䏖揖዗㗪ﬓ炮ံꏟ墛䇮암穐疨纟吀‼ങ쉅ꄍᶱ㩷㳱戙寳㮶⋰㽝ﺢ늯ޅ槐퓞밈産␞噿鮝蠷ྀ硔ф丷ꡅ뛢삄ᡯࢡㆆ

#8 Příspěvek od **vyosek** » 24 dub 2012 13:04

Stahnete aswMBR http://public.avast.com/%7Egmerek/aswMBR.exe a ulozte jej na plochu.

Utilitu spustte a prikazte ji, at skenuje - klik na Scan
Kliknutim na Save log ulozte log aswMBR na plochu
Obsah logu aswMBR mi sem vlozte

jaGmann · #9 Příspěvek od **jaGmann** » 24 dub 2012 13:55

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-04-24 14:08:11
-----------------------------
14:08:11.458 OS Version: Windows x64 6.1.7601 Service Pack 1
14:08:11.458 Number of processors: 4 586 0x100
14:08:11.458 ComputerName: ROLL-HP UserName: Roll
14:08:13.361 Initialize success
14:11:05.805 AVAST engine defs: 12042400
14:11:24.167 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000006f
14:11:24.167 Disk 0 Vendor: Hitachi_ JEDO Size: 610480MB BusType: 11
14:11:24.214 Disk 0 MBR read successfully
14:11:24.214 Disk 0 MBR scan
14:11:24.229 Disk 0 Windows 7 default MBR code
14:11:24.229 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 300 MB offset 2048
14:11:24.338 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 589062 MB offset 616448
14:11:24.448 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 15994 MB offset 1207015424
14:11:24.557 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 5115 MB offset 1239771136
14:11:24.947 Disk 0 scanning C:\windows\system32\drivers
14:11:47.364 Service scanning
14:12:50.528 Modules scanning
14:12:50.544 Disk 0 trace - called modules:
14:12:50.591 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys amd_xata.sys ACPI.sys storport.sys hal.dll amd_sata.sys
14:12:50.606 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005074060]
14:12:50.606 3 CLASSPNP.SYS[fffff8800198743f] -> nt!IofCallDriver -> [0xfffffa8004f0cb10]
14:12:50.622 5 hpdskflt.sys[fffff8800192e189] -> nt!IofCallDriver -> [0xfffffa8003fcdac0]
14:12:50.638 7 amd_xata.sys[fffff880010bea1d] -> nt!IofCallDriver -> [0xfffffa8004a2b530]
14:12:50.653 9 ACPI.sys[fffff88000f2f7a1] -> nt!IofCallDriver -> \Device\0000006f[0xfffffa8004a2c060]
14:12:52.603 AVAST engine scan C:\windows
14:12:57.798 AVAST engine scan C:\windows\system32
14:21:02.132 AVAST engine scan C:\windows\system32\drivers
14:21:29.713 AVAST engine scan C:\Users\Roll
14:49:50.802 AVAST engine scan C:\ProgramData
14:52:14.089 Scan finished successfully
14:54:39.122 Disk 0 MBR has been saved successfully to "C:\Users\Roll\Desktop\MBR.dat"
14:54:39.153 The log file has been saved successfully to "C:\Users\Roll\Desktop\aswMBR.txt"
14:54:49.024 Disk 0 MBR has been saved successfully to "D:\MBR.dat"
14:54:49.352 The log file has been saved successfully to "D:\aswMBR.txt"

#10 Příspěvek od **vyosek** » 24 dub 2012 13:58

Dam konzultaci s kolegou - 2 utility ukazuji havet, 2 nikoli

Kliknete na Start a pote Spustit, pripadne pouzijte klavesou zkratku Win+R

Vyskoci na Vas okenko, do ktereho zkopirujte text nize
Kód: Vybrat vše
```
compmgmt.msc
```
Kliknete na OK
Otevre se spravce disku, screen z nej bych rad videl - navod na screen http://www.viry.cz/forum/viewtopic.php?f=11&t=14114

jaGmann · #11 Příspěvek od **jaGmann** » 24 dub 2012 14:22

#12 Příspěvek od **vyosek** » 24 dub 2012 14:34

Jelikoz je tam asi pekna mrcha, ktera dokaze vysledky zkreslovat, bude treba udelat bootovaci flash disk s nastroji a udelat testy na tzv. "mrtvem systemu"...

Neni to lehke ani nejak extra tezke, dame se do toho?

Mate nejake nenakazene PC

jaGmann · #13 Příspěvek od **jaGmann** » 24 dub 2012 14:41

juuuu

jdeme do toho, niceho se nebojim

ciste PC mam, z toho s Vami komunikuji...

#14 Příspěvek od **vyosek** » 24 dub 2012 14:43

Fajn, navod je od kolegy Naughtyho, nedam jej do citace at se to da cist

Dělej na nenakaženém pc!

Nejdříve stáhni soubory:

http://wintoflash.com/download/version-0-7-0043/ftp-1/
http://oldtimer.geekstogo.com/OTLPENet.exe

Předpříprava instalačních souborů
----------------------------------

1.

Za pomocí winrar/7-zip rozbal OTLPENet do libovolné složky, jenž bude obsahovat tři soubory:

ImgBurn.exe
ImgBurn.ini
OTLPE_New_Net.iso <-- Opět rozbal, ale tentokrát na plochu, tak aby byla složka OTLPE_New_Std, v ní budou už složky/soubory programu

2.

Rozbal "Novicorp WinToFlash 0.7.0043 beta.zip" vedle složky OTLPE_New_Std, tak aby existovala jen jedna složka "WinToFlash" obsahující samotné soubory/složky programu.

Příprava bootovací flash (klúče)
----------------------------------

Vlož prázdnou flash (min. požadavek kapacity 512MB) do usb. Spusť WinToFlash.exe, objeví se otravný průvodce.
- klik na next
- odoznač "I agree to send statistical information", klik na next
- klik next, bude se připojovat na net, pokud není fyzicky odpojeno nebo zablokováno firewallem nejde zrušit (akceptuj prosím nešvar programu)
- klik na next
- klik na záložku "Rozšířený režim"
- zvol úlohu: "Transfer WinPe XP/2000 na USB disk!
- klik na "Běžet"
- nastav cesty pro
a) PE soubor zdrojová cesta: (vyber složku OTLPE_New_Std)
b) Usb disk: (cesta k prázdné flash)

- ostatní nasatvení neměn.
- klik na "Běžet"
- po proběhnutí kopírování souborů (cca 20 minut) na flashdisk, pak program ukonči.
- utilita nastavila bootování jako USB-HDD s FAT32

Jestli se povede, tak z nej nabootujte a napiste ci se povedlo

jaGmann · #15 Příspěvek od **jaGmann** » 24 dub 2012 15:46

nabootovano!
- jen jsem musel v biosu zmenit rezim radice z AHCI na IDE -

VIRY.CZ

Virtual Girl

Virtual Girl

Re: Virtual Girl

Re: Virtual Girl

Re: Virtual Girl

Re: Virtual Girl

Re: Virtual Girl

Re: Virtual Girl

Re: Virtual Girl

Re: Virtual Girl

Re: Virtual Girl

Re: Virtual Girl

Re: Virtual Girl

Re: Virtual Girl

Re: Virtual Girl

Re: Virtual Girl