Po startu se spouští CMD.exe (pokusy o likvidaci selhávají)

[loser]

Ahoj všichni,

můj stav již hraničí se zoufalostí. Noťas se mi neustále odněkud čímsi infikuje. Po staru se na vteřinu spouští černé okno cmd.exe a dějí se nestandarní věci. Nyní mi např. nelze z plochy přes zástupce spouštět aplikace. Když vytvořím nového, chvilku funguje a pak opět nic.

Nejprve jsem měl stejný problém na minulém notebooku s Win 7, dokonce opakovaně, i když jsem zkoušel různé postupy a postupy. V registrech nemám položku ImagePath, která by měla být dle rad smazána. Stejně tak nemám soubor C:\windows\system_32.bat.

Už nevím, co dělat. U minulého notebooku jsem to měl dokonce 3x po sobě i po formátu disku a nové reinstalaci. Prakticky okamžitě! Nevím, odkud se pořád bere, každopádně...

...prosím o pomoc.


edit: smazán log z HJT

[loser]

Ahoj,

moc děkuji za reakci. Udělal jsem vše dle tvé rady viz jednotlivé příspěvky níže.

[loser]

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-02-2014 01
Ran by J R (administrator) on JR on 13-02-2014 23:32:06
Running from C:\Users\J R\Desktop
Windows 8.1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Intel Corporation) C:\WINDOWS\system32\DptfParticipantProcessorService.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Intel Corporation) C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS VivoBook\ASUSWakeupService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer INC.) C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS VivoBook\VivoBook.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Dropbox, Inc.) C:\Users\J R\AppData\Roaming\Dropbox\bin\Dropbox.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\new_chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\new_chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\new_chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\new_chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\new_chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\new_chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\new_chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\new_chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\new_chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\new_chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\new_chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\new_chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\new_chrome.exe
(forum.viry.cz) C:\Users\J R\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13267016 2013-01-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1276488 2013-01-18] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] - C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [766080 2012-10-31] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-10-31] (Qualcomm Atheros Commnucations)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSPRP] - C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2012-11-23] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe [3423104 2012-08-31] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-02-06] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2316643553-1202322727-324119559-1001\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-2316643553-1202322727-324119559-1001\...\Run: [ShowBatteryBar] - C:\Program Files\BatteryBar\ShowBatteryBar.exe [89600 2013-04-11] ()
HKU\S-1-5-21-2316643553-1202322727-324119559-1001\...\Run: [AdobeBridge] - [X]
HKU\S-1-5-21-2316643553-1202322727-324119559-1001\...\MountPoints2: {238ea67f-7c5c-11e3-be81-6c71d99bffa0} - "F:\unlock.exe" autoplay=true
Startup: C:\Users\J R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\J R\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... &pc=ASU2JS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... &pc=ASU2JS
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... &pc=ASU2JS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... &pc=ASU2JS
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.250 212.71.154.4

Chrome:
=======
CHR HomePage: hxxp://www.igoogle.com/
CHR Extension: (Dokumenty Google) - C:\Users\J R\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-05]
CHR Extension: (Disk Google) - C:\Users\J R\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-05]
CHR Extension: (YouTube) - C:\Users\J R\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-05]
CHR Extension: (Vyhledávání Google) - C:\Users\J R\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-05]
CHR Extension: (PanicButton) - C:\Users\J R\AppData\Local\Google\Chrome\User Data\Default\Extensions\faminaibgiklngmfpfbhmokfmnglamcm [2013-12-05]
CHR Extension: (Mail Checker Plus for Google Mail™) - C:\Users\J R\AppData\Local\Google\Chrome\User Data\Default\Extensions\gffjhibehnempbkeheiccaincokdjbfe [2013-12-05]
CHR Extension: (AdBlock) - C:\Users\J R\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-12-05]
CHR Extension: (Speed Dial 2) - C:\Users\J R\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2013-12-05]
CHR Extension: (Gestures for Google Chrome™) - C:\Users\J R\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpkfjicglakibpenojifdiepckckakgk [2013-12-05]
CHR Extension: (Chromium Wheel Smooth Scroller) - C:\Users\J R\AppData\Local\Google\Chrome\User Data\Default\Extensions\khpcanbeojalbkpgpmjpdkjnkfcgfkhb [2013-12-05]
CHR Extension: (Clickable Links) - C:\Users\J R\AppData\Local\Google\Chrome\User Data\Default\Extensions\mblbciejcodpealifnhfjbdlkedplodp [2013-12-05]
CHR Extension: (Kontrola e-mailu Google) - C:\Users\J R\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2013-12-05]
CHR Extension: (Peněženka Google) - C:\Users\J R\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-05]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\J R\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2013-12-05]
CHR Extension: (Gmail) - C:\Users\J R\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-05]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-12-05]

==================== Services (Whitelisted) =================

R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [231040 2012-10-31] (Qualcomm Atheros Commnucations)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-06] (AVAST Software)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [30080 2012-10-01] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [31616 2012-10-01] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 WakeupService; C:\Program Files\ASUS\ASUS VivoBook\ASUSWakeupService.exe [45488 2012-12-20] (ASUSTek Computer Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-10-31] (Atheros)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-02-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-05] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-05] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-02-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-02-06] (AVAST Software)
S3 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [80184 2014-02-06] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-11] ()
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-01-16] (ASUS Corporation)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-10-31] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [107328 2012-10-01] (Intel Corporation)
R3 DptfDevFan; C:\Windows\system32\DRIVERS\DptfDevFan.sys [42816 2012-10-01] (Intel Corporation)
R3 DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [64832 2012-10-01] (Intel Corporation)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [96576 2012-10-01] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [229184 2012-10-01] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [363328 2012-10-01] (Intel Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2013-12-22] (Disc Soft Ltd)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-12-12] (Microsoft Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-12-12] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-12-12] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-13 23:32 - 2014-02-13 23:32 - 00019336 _____ () C:\Users\J R\Desktop\FRST.txt
2014-02-13 23:31 - 2014-02-13 23:32 - 00000000 ____D () C:\FRST
2014-02-13 23:29 - 2014-02-13 23:29 - 00112640 _____ (forum.viry.cz) C:\Users\J R\Desktop\FRSTLauncher.exe
2014-02-13 23:28 - 2014-02-13 23:28 - 00112640 _____ (forum.viry.cz) C:\Users\J R\Desktop\Nepotvrzeno 301107.crdownload
2014-02-13 23:26 - 2014-02-13 23:26 - 02152960 _____ (Farbar) C:\Users\J R\Desktop\FRST64.exe

2014-02-12 12:40 - 2013-12-09 00:55 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2014-02-12 12:38 - 2014-01-07 08:03 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2014-02-12 12:38 - 2014-01-07 06:59 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2014-02-12 12:38 - 2013-12-09 03:57 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-02-12 12:38 - 2013-12-09 02:51 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2014-02-05 11:07 - 2014-02-05 11:07 - 00005175 _____ () C:\WINDOWS\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-05 11:07 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-02-05 11:07 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-02-05 11:07 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-02-05 11:07 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe

2014-01-25 15:57 - 2014-01-25 15:57 - 00231376 _____ (TrueCrypt Foundation) C:\WINDOWS\system32\Drivers\truecrypt.sys
2014-01-25 15:57 - 2014-01-25 15:57 - 00000000 ____D () C:\Program Files\TrueCrypt

2014-01-22 08:52 - 2014-01-22 08:52 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2014-01-22 08:52 - 2014-01-22 08:52 - 00108800 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys

2014-01-15 16:09 - 2013-12-09 01:15 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-01-15 16:09 - 2013-11-27 16:36 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-01-15 16:09 - 2013-11-27 12:41 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2014-01-15 16:09 - 2013-11-27 11:34 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-01-15 16:09 - 2013-11-27 10:54 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-01-15 16:09 - 2013-11-27 09:48 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-15 16:09 - 2013-11-27 09:45 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-01-15 16:09 - 2013-11-27 09:40 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-15 16:09 - 2013-11-27 09:38 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-01-15 16:09 - 2013-11-27 09:17 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-01-15 16:09 - 2013-11-27 09:12 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-01-14 13:18 - 2014-01-14 13:18 - 00000000 ____D () C:\Users\J R\AppData\Local\Western Digital

==================== One Month Modified Files and Folders =======


2014-02-13 23:32 - 2014-02-13 23:31 - 00000000 ____D () C:\FRST
2014-02-13 23:32 - 2013-12-12 13:09 - 01738268 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-13 23:29 - 2014-02-13 23:29 - 00112640 _____ (forum.viry.cz) C:\Users\J R\Desktop\FRSTLauncher.exe
2014-02-13 23:28 - 2014-02-13 23:28 - 00112640 _____ (forum.viry.cz) C:\Users\J R\Desktop\Nepotvrzeno 301107.crdownload
2014-02-13 23:26 - 2014-02-13 23:26 - 02152960 _____ (Farbar) C:\Users\J R\Desktop\FRST64.exe

2014-02-13 23:24 - 2014-01-09 20:59 - 00003938 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{3C7C2A09-7C19-47FE-887B-652C33BC90BA}
2014-02-13 23:21 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-02-13 22:48 - 2013-12-05 21:19 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2316643553-1202322727-324119559-1001
2014-02-13 22:46 - 2013-12-05 19:49 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-02-13 22:42 - 2014-02-13 22:42 - 00007744 _____ () C:\Users\J R\AppData\Local\recently-used.xbel
2014-02-13 22:41 - 2013-12-05 22:16 - 00000952 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2014-02-13 20:41 - 2013-12-05 22:16 - 00000948 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2014-02-13 14:45 - 2014-02-13 14:45 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-02-13 14:22 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness

2014-02-12 20:36 - 2013-12-05 22:16 - 00003924 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-12 20:36 - 2013-12-05 22:16 - 00003688 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

2014-02-12 13:54 - 2013-12-06 12:19 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-12 13:52 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-02-12 13:52 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Camera

2014-02-12 12:19 - 2013-08-22 15:46 - 00303883 _____ () C:\WINDOWS\setupact.log

2014-02-12 11:43 - 2014-02-12 11:43 - 00000000 ____D () C:\Program Files (x86)\Avidemux 2.6
2014-02-12 10:04 - 2012-11-23 14:06 - 00000000 ____D () C:\ProgramData\Adobe
2014-02-12 10:03 - 2014-02-12 10:02 - 00000000 ____D () C:\Program Files\Adobe
2014-02-12 10:03 - 2014-02-12 09:57 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-02-12 10:02 - 2013-12-06 14:01 - 00000000 ____D () C:\Program Files (x86)\Adobe

2014-02-11 09:33 - 2014-02-11 09:33 - 00388608 _____ (Trend Micro Inc.) C:\Users\J R\Desktop\hijackthis.exe

2014-02-10 21:34 - 2014-02-10 21:34 - 00000000 ____D () C:\Program Files (x86)\astrojargon.net

2014-02-10 11:15 - 2013-12-12 13:08 - 01745984 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-02-10 11:15 - 2013-09-30 04:56 - 00747350 _____ () C:\WINDOWS\system32\perfh005.dat
2014-02-10 11:15 - 2013-09-30 04:56 - 00154554 _____ () C:\WINDOWS\system32\perfc005.dat

2014-02-06 13:04 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-02-06 12:31 - 2014-01-11 11:44 - 00080184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
2014-02-06 12:31 - 2013-12-05 23:09 - 01038072 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-02-06 12:31 - 2013-12-05 23:09 - 00421704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-02-06 12:31 - 2013-12-05 23:09 - 00334136 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-02-06 12:31 - 2013-12-05 23:09 - 00078648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-02-06 12:31 - 2013-12-05 23:09 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-02-06 12:31 - 2013-12-05 23:09 - 00003924 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-02-06 00:17 - 2014-02-05 19:24 - 00001998 _____ () C:\Users\J R\Desktop\Chrome.lnk
2014-02-05 15:23 - 2014-02-05 15:23 - 00000110 ____H () C:\Users\J R\Desktop\phpjkkzqo.jpg.uid-zps
2014-02-05 11:46 - 2013-12-05 19:49 - 00003802 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-02-05 11:08 - 2013-12-05 19:45 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-05 11:07 - 2014-02-05 11:07 - 00005175 _____ () C:\WINDOWS\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-05 11:07 - 2013-12-05 19:45 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-05 10:58 - 2013-12-12 12:54 - 00000000 ____D () C:\Users\J R
2014-02-04 16:51 - 2014-02-04 16:51 - 00285400 _____ () C:\WINDOWS\Minidump\020414-19781-01.dmp
2014-02-04 16:51 - 2013-12-25 12:18 - 00000000 ____D () C:\WINDOWS\Minidump
2014-02-04 16:51 - 2013-12-25 12:17 - 444317673 _____ () C:\WINDOWS\MEMORY.DMP
2014-02-04 16:49 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF

2014-01-30 21:47 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-01-30 21:47 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2014-01-29 20:30 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI

2014-01-26 15:08 - 2014-01-26 15:08 - 00000000 ____D () C:\Program Files (x86)\foobar2000

2014-01-25 15:57 - 2014-01-25 15:57 - 00231376 _____ (TrueCrypt Foundation) C:\WINDOWS\system32\Drivers\truecrypt.sys
2014-01-25 15:57 - 2014-01-25 15:57 - 00000000 ____D () C:\Program Files\TrueCrypt

2014-01-25 15:46 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore

2014-01-22 08:52 - 2014-01-22 08:52 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2014-01-22 08:52 - 2014-01-22 08:52 - 00108800 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys

2014-01-15 16:15 - 2013-12-06 13:19 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-01-15 16:14 - 2013-12-06 13:19 - 86054176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-01-14 13:18 - 2014-01-14 13:18 - 00000000 ____D () C:\Users\J R\AppData\Local\Western Digital

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS


Some content of TEMP:
====================
C:\Users\J R\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\J R\AppData\Local\Temp\ShellHook.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================


Available physical RAM: 2084.54 MB
Total physical RAM: 3981.71 MB
Percentage of memory in use: 47%

==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\J R\Desktop" je 5360 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[loser]

Při dvojím pokusu o spuštění gmera, došlo k modré win 8 smrti a restartu.

[loser]

A poslední.

Děkuji za analýzu.

[loser]

Soubory jsem otestoval, u všech mi to napsalo 0/XX.

Níže přikládám log:

15:49:10.0285 3032 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
15:49:10.0285 3032 UEFI system
15:49:14.0069 3032 ============================================================
15:49:14.0069 3032 Current date / time: 2014/02/14 15:49:14.0069
15:49:14.0069 3032 SystemInfo:
15:49:14.0069 3032
15:49:14.0069 3032 OS Version: 6.2.9200 ServicePack: 0.0
15:49:14.0069 3032 Product type: Workstation
15:49:14.0069 3032 ComputerName: JR
15:49:14.0069 3032 UserName: J R
15:49:14.0069 3032 Windows directory: C:\WINDOWS
15:49:14.0069 3032 System windows directory: C:\WINDOWS
15:49:14.0069 3032 Running under WOW64
15:49:14.0069 3032 Processor architecture: Intel x64
15:49:14.0069 3032 Number of processors: 4
15:49:14.0069 3032 Page size: 0x1000
15:49:14.0069 3032 Boot type: Normal boot
15:49:14.0069 3032 ============================================================
15:49:14.0751 3032 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:49:14.0786 3032 ============================================================
15:49:14.0786 3032 \Device\Harddisk0\DR0:
15:49:14.0787 3032 GPT partitions:
15:49:14.0787 3032 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {0A567588-0AA2-4B12-9007-2F5EC24CB9C0}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x96000
15:49:14.0788 3032 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {925318E6-D763-42D8-A2A9-3137E7DD6B2E}, Name: Basic data partition, StartLBA 0x96800, BlocksNum 0x1C2000
15:49:14.0788 3032 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {049AD7DB-EA38-4F9B-ADAB-8560926784FF}, Name: Microsoft reserved partition, StartLBA 0x258800, BlocksNum 0x40000
15:49:14.0788 3032 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {7EC4A428-9D7E-46FD-8D43-07C01413C6C7}, Name: Basic data partition, StartLBA 0x298800, BlocksNum 0x173ED000
15:49:14.0788 3032 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {2C34241A-FA30-4E93-83E2-FA898164E2AD}, Name: , StartLBA 0x17685800, BlocksNum 0xAF000
15:49:14.0788 3032 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {EFC5D252-3E36-40C0-9D1B-CE66E21BC166}, Name: Basic data partition, StartLBA 0x17734800, BlocksNum 0x2044C800
15:49:14.0788 3032 \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {CF5F903A-C49C-497E-A398-AD68D3670015}, Name: Basic data partition, StartLBA 0x37B81000, BlocksNum 0x2805000
15:49:14.0788 3032 MBR partitions:
15:49:14.0788 3032 ============================================================
15:49:14.0821 3032 C: <-> \Device\Harddisk0\DR0\Partition4
15:49:14.0864 3032 D: <-> \Device\Harddisk0\DR0\Partition6
15:49:14.0864 3032 ============================================================
15:49:14.0864 3032 Initialize success
15:49:14.0864 3032 ============================================================
15:49:34.0612 4200 ============================================================
15:49:34.0612 4200 Scan started
15:49:34.0612 4200 Mode: Manual; SigCheck; TDLFS;
15:49:34.0612 4200 ============================================================
15:49:37.0068 4200 ================ Scan system memory ========================
15:49:37.0069 4200 System memory - ok
15:49:37.0070 4200 ================ Scan services =============================
15:49:37.0246 4200 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
15:49:37.0339 4200 1394ohci - ok
15:49:37.0356 4200 [ AD508A1A46EC21B740AB31C28EFDFDB1 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
15:49:37.0369 4200 3ware - ok
15:49:37.0432 4200 [ F11D68E40ED62FDB7C460C445F1EC4E5 ] 602XML Updater C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
15:49:37.0442 4200 602XML Updater - ok
15:49:37.0497 4200 [ 3D30878A269D934100FA5F972E53AF39 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
15:49:37.0533 4200 ACPI - ok
15:49:37.0549 4200 [ AC8279D229398BCF05C3154ADCA86813 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
15:49:37.0561 4200 acpiex - ok
15:49:37.0576 4200 [ A8970D9BF23CD309E0403978A1B58F3F ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
15:49:37.0599 4200 acpipagr - ok
15:49:37.0640 4200 [ 111A89C99C5B4F1A7BCE5F643DD86F65 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
15:49:37.0687 4200 AcpiPmi - ok
15:49:37.0703 4200 [ 5758387D68A20AE7D3245011B07E36E7 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
15:49:37.0731 4200 acpitime - ok
15:49:37.0796 4200 [ B362181ED3771DC03B4141927C80F801 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:49:37.0805 4200 AdobeARMservice - ok
15:49:37.0906 4200 [ C8C6C0D659734FDBF63F6F421A5416BC ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:49:37.0940 4200 AdobeFlashPlayerUpdateSvc - ok
15:49:37.0993 4200 [ 7C1FDF1B48298CBA7CE4BDD4978951AD ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
15:49:38.0033 4200 ADP80XX - ok
15:49:38.0075 4200 [ B19CA8E441D35AA2B1EE51C10B27DA1B ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
15:49:38.0281 4200 AeLookupSvc - ok
15:49:38.0306 4200 [ 239268BAB58EAE9A3FF4E08334C00451 ] AFD C:\WINDOWS\system32\drivers\afd.sys
15:49:38.0351 4200 AFD - ok
15:49:38.0365 4200 [ 7DFAEBA9AD62D20102B576D5CAC45EC8 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
15:49:38.0376 4200 agp440 - ok
15:49:38.0392 4200 [ 8E8E34B7BA059050EED827410D0697A2 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
15:49:38.0439 4200 ahcache - ok
15:49:38.0469 4200 [ 16F6F6B7903B913AB41AB848C8BB5658 ] AiCharger C:\WINDOWS\system32\DRIVERS\AiCharger.sys
15:49:38.0481 4200 AiCharger - ok
15:49:38.0508 4200 [ A91D8E1E433EFB32551BCE69037E1CE7 ] ALG C:\WINDOWS\System32\alg.exe
15:49:38.0567 4200 ALG - ok
15:49:38.0588 4200 [ 7589DE749DB6F71A68489DCE04158729 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
15:49:38.0613 4200 AmdK8 - ok
15:49:38.0638 4200 [ B46D2D89AFF8A9490FA8C98C7A5616E3 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
15:49:38.0666 4200 AmdPPM - ok
15:49:38.0682 4200 [ D2BF2F94A47D332814910FD47C6BBCD2 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
15:49:38.0693 4200 amdsata - ok
15:49:38.0704 4200 [ A8E04943C7BBA7219AA50400272C3C6E ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
15:49:38.0719 4200 amdsbs - ok
15:49:38.0728 4200 [ CEA5F4F27CFC08E3A44D576811B35F50 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
15:49:38.0738 4200 amdxata - ok
15:49:38.0759 4200 [ 582AF0A7617E5FFB1D8AB4E2DD074937 ] AmUStor C:\WINDOWS\system32\drivers\AmUStor.SYS
15:49:38.0768 4200 AmUStor - ok
15:49:38.0798 4200 [ 04951A9A937CBE28A2D3FEEA360B6D1F ] AppID C:\WINDOWS\system32\drivers\appid.sys
15:49:38.0852 4200 AppID - ok
15:49:38.0879 4200 [ C0DC3F58214A227980AEB091CFD2F973 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
15:49:38.0899 4200 AppIDSvc - ok
15:49:38.0920 4200 [ 7E790DE2487CEDB349D1750B9E47F090 ] Appinfo C:\WINDOWS\System32\appinfo.dll
15:49:38.0997 4200 Appinfo - ok
15:49:39.0042 4200 [ 4B964AE0DF433A3BFA7BD24713BC2E9B ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
15:49:39.0103 4200 AppReadiness - ok
15:49:39.0161 4200 [ 0B726D9ED75C787D6FFAF1E3873BCC70 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
15:49:39.0237 4200 AppXSvc - ok
15:49:39.0252 4200 [ 65045784366F7EC5FB4E71BCF923187B ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
15:49:39.0264 4200 arcsas - ok
15:49:39.0336 4200 [ E40AF754F43E3B44E2D6DE829267AD52 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
15:49:39.0363 4200 ASLDRService - ok
15:49:39.0391 4200 [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
15:49:39.0402 4200 ASMMAP64 - ok
15:49:39.0504 4200 [ 6A122B4F0E5293CACFA8A5F2CBA9B356 ] ASUS InstantOn C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
15:49:39.0570 4200 ASUS InstantOn - ok
15:49:39.0639 4200 [ 0ACC3F49015E628590CA4372322EB46B ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
15:49:39.0695 4200 aswMonFlt - ok
15:49:39.0783 4200 [ 679712B7A353EE665B9301592164A172 ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys
15:49:39.0800 4200 aswRdr - ok
15:49:39.0843 4200 [ C04F7B373881009D7994D9BF55D24AB4 ] aswRvrt C:\WINDOWS\system32\drivers\aswRvrt.sys
15:49:39.0868 4200 aswRvrt - ok
15:49:39.0905 4200 [ 43599E630DFC30AD4E6A2B4B269EB1C0 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
15:49:39.0931 4200 aswSnx - ok
15:49:39.0950 4200 [ F22DE5F5BA8ADA0A861441B624B51EB5 ] aswSP C:\Windows\system32\drivers\aswSP.sys
15:49:39.0966 4200 aswSP - ok
15:49:39.0989 4200 [ FD3EA14ADF6216BDF4030DB2EFD43D96 ] aswStm C:\WINDOWS\system32\drivers\aswStm.sys
15:49:39.0999 4200 aswStm - ok
15:49:40.0217 4200 [ 90399625F341AB76BA4B85A5E860EB1F ] aswVmm C:\WINDOWS\system32\drivers\aswVmm.sys
15:49:40.0267 4200 aswVmm - ok
15:49:40.0310 4200 [ 74B14192CF79A72F7536B27CB8814FBD ] atapi C:\WINDOWS\system32\drivers\atapi.sys
15:49:40.0342 4200 atapi - ok
15:49:40.0378 4200 [ 51C6777AD7649F6C3ED389151CFD9DE6 ] AthBTPort C:\WINDOWS\system32\DRIVERS\btath_flt.sys
15:49:40.0400 4200 AthBTPort - ok
15:49:40.0469 4200 [ 565D8842C642BCF6B4F8B84CD7C282F6 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
15:49:40.0496 4200 AtherosSvc - ok
15:49:40.0566 4200 [ 2C7676F892E88FD190F08D98048C7C6C ] athr C:\WINDOWS\system32\DRIVERS\athw8x.sys
15:49:40.0697 4200 athr - ok
15:49:40.0717 4200 [ DBC598E47E7A382E60E2A4745D41FEF9 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
15:49:40.0725 4200 ATKGFNEXSrv - ok
15:49:40.0741 4200 [ 41CEAFFCF3550785E59E3EC9BEE8D97A ] ATKWMIACPIIO C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
15:49:40.0748 4200 ATKWMIACPIIO - ok
15:49:40.0771 4200 [ 3903D1056E778BAEFA310B9B6EA6053E ] ATP C:\WINDOWS\System32\drivers\AsusTP.sys
15:49:40.0780 4200 ATP - ok
15:49:40.0836 4200 [ 4903CBC14742B5AB4DCF7A92F7DEC483 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
15:49:40.0909 4200 AudioEndpointBuilder - ok
15:49:40.0943 4200 [ 86DD7884124D363A63CCE7A11FDEBBED ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
15:49:40.0986 4200 Audiosrv - ok
15:49:41.0060 4200 [ CC42F104172B4A62793083D380867317 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:49:41.0069 4200 avast! Antivirus - ok
15:49:41.0080 4200 [ 96E8CAF20FC4B6C31CAD7816A801EB78 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
15:49:41.0134 4200 AxInstSV - ok
15:49:41.0184 4200 [ A4A73F631FE2AA2826FBE4A399B04DEF ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
15:49:41.0230 4200 b06bdrv - ok
15:49:41.0252 4200 [ 8CC7F7E4AFCBA605921B137ED7992C68 ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
15:49:41.0317 4200 BasicDisplay - ok
15:49:41.0376 4200 [ 2748E116F8621A4DB0D39FCDD7318C01 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
15:49:41.0435 4200 BasicRender - ok
15:49:41.0455 4200 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
15:49:41.0469 4200 bcmfn2 - ok
15:49:41.0500 4200 [ BBE61A40665B83488901E41082A6097D ] BDESVC C:\WINDOWS\System32\bdesvc.dll
15:49:41.0548 4200 BDESVC - ok
15:49:41.0579 4200 [ EC19013E4CF87609534165DF897274D6 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
15:49:41.0634 4200 Beep - ok
15:49:41.0679 4200 [ 6468B696C65775D51A06615830E0E79D ] BFE C:\WINDOWS\System32\bfe.dll
15:49:41.0739 4200 BFE - ok
15:49:41.0786 4200 [ 15225081966C785A9192782401643FD4 ] BITS C:\WINDOWS\System32\qmgr.dll
15:49:41.0889 4200 BITS - ok
15:49:41.0901 4200 [ 6B4FFFDDC618FCF64473CAA86E305697 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
15:49:41.0939 4200 bowser - ok
15:49:41.0965 4200 [ 748141CC03DF40C38F17D3F96BB15C80 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
15:49:42.0014 4200 BrokerInfrastructure - ok
15:49:42.0035 4200 [ D528D6A92D187777691993DD757AF19A ] Browser C:\WINDOWS\System32\browser.dll
15:49:42.0075 4200 Browser - ok
15:49:42.0094 4200 [ 3DD64966A764BCAFF07C9DC064BD410E ] BTATH_HCRP C:\WINDOWS\System32\drivers\btath_hcrp.sys
15:49:42.0110 4200 BTATH_HCRP - ok
15:49:42.0135 4200 [ B68EE0721EAC305AB1C9C989CDF1AEFF ] BTATH_LWFLT C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys
15:49:42.0147 4200 BTATH_LWFLT - ok
15:49:42.0180 4200 [ F0B7281CE5B52BF847ADCA5846DE3CC8 ] BtFilter C:\WINDOWS\system32\DRIVERS\btfilter.sys
15:49:42.0205 4200 BtFilter - ok
15:49:42.0239 4200 [ A8F23D453A424FF4DE04989C4727ECC7 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
15:49:42.0283 4200 BthAvrcpTg - ok
15:49:42.0304 4200 [ 131F1C8573E7BFB41C54FBF5309CCD94 ] BthEnum C:\WINDOWS\system32\DRIVERS\BthEnum.sys
15:49:42.0346 4200 BthEnum - ok
15:49:42.0364 4200 [ 746B9F94214915AECDE4B7FEA5FF9664 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
15:49:42.0397 4200 BthHFEnum - ok
15:49:42.0418 4200 [ 71FE2A48E4C93DDB9798C024880B6C07 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
15:49:42.0463 4200 bthhfhid - ok
15:49:42.0483 4200 [ FCD8BD17B7193CFFF18C332D1A381D7F ] BthLEEnum C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys
15:49:42.0514 4200 BthLEEnum - ok
15:49:42.0534 4200 [ 07E33226AD218A2A162662A05CAFB52F ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
15:49:42.0551 4200 BTHMODEM - ok
15:49:42.0567 4200 [ 3AFE71D80EDF5D4DE0C5731352905669 ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
15:49:42.0595 4200 BthPan - ok
15:49:42.0639 4200 [ 10EDF9E0838BA4578FFFFF274632D454 ] BTHPORT C:\WINDOWS\System32\Drivers\BTHport.sys
15:49:42.0693 4200 BTHPORT - ok
15:49:42.0723 4200 [ E5E48FEED73D463175EAB1542495191C ] bthserv C:\WINDOWS\system32\bthserv.dll
15:49:42.0749 4200 bthserv - ok
15:49:42.0760 4200 [ 0E7FA34B975764C33B5DBC6F8C401627 ] BTHUSB C:\WINDOWS\System32\Drivers\BTHUSB.sys
15:49:42.0786 4200 BTHUSB - ok
15:49:42.0799 4200 [ 2FA6510E33F7DEFEC03658B74101A9B9 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
15:49:42.0820 4200 cdfs - ok
15:49:42.0843 4200 [ C6796EA22B513E3457514D92DCDB1A3D ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
15:49:42.0877 4200 cdrom - ok
15:49:42.0901 4200 [ AB285CE3431FF3D2ACE669245874C1C7 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
15:49:42.0954 4200 CertPropSvc - ok
15:49:42.0988 4200 [ BE9936EDD3267FAAFF94A7835867F00B ] circlass C:\WINDOWS\System32\drivers\circlass.sys
15:49:43.0014 4200 circlass - ok
15:49:43.0122 4200 [ 7F006813C2AFE622C13D7AF94F56CD07 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
15:49:43.0204 4200 CLFS - ok
15:49:43.0234 4200 [ EF6EF85DADC3184A10D8F2F7159973CB ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
15:49:43.0285 4200 CmBatt - ok
15:49:43.0314 4200 [ 825BE21E6395E00698D8A23955A87972 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
15:49:43.0351 4200 CNG - ok
15:49:43.0368 4200 [ 03AAED827C36F35D70900558B8274905 ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
15:49:43.0391 4200 CompositeBus - ok
15:49:43.0395 4200 COMSysApp - ok
15:49:43.0404 4200 [ A1FF7DFBFBE164CF92603C651D304DD2 ] condrv C:\WINDOWS\system32\drivers\condrv.sys
15:49:43.0417 4200 condrv - ok
15:49:43.0489 4200 [ F9693D45B0F1B346CCDEEC1F341AD389 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
15:49:43.0531 4200 cphs - ok
15:49:43.0557 4200 [ 0EFE4B5884A8032617826A4D76F80969 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
15:49:43.0622 4200 CryptSvc - ok
15:49:43.0658 4200 [ 315BA4BC19316D72B2E037534E048B93 ] dam C:\WINDOWS\system32\drivers\dam.sys
15:49:43.0677 4200 dam - ok
15:49:43.0707 4200 [ 3FD5AE42EC87C6F532A931F96BE731DD ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
15:49:43.0768 4200 DcomLaunch - ok
15:49:43.0799 4200 [ F4CCAADC2C78F57E4F16B24C9201CE22 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
15:49:43.0833 4200 defragsvc - ok
15:49:43.0865 4200 [ 0BC71D4D3B5883903C37BF4E13B0F0C5 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
15:49:43.0897 4200 DeviceAssociationService - ok
15:49:43.0935 4200 [ 752A457320A946E03C3AA86C3ACD735E ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
15:49:43.0971 4200 DeviceInstall - ok
15:49:44.0003 4200 [ 5DB26D7E0216D0BF364A81D3829AD7B9 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
15:49:44.0024 4200 Dfsc - ok
15:49:44.0053 4200 [ 73BDD44A6088916964945886F9025409 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
15:49:44.0072 4200 dg_ssudbus - ok
15:49:44.0101 4200 [ 8B107F55FD61654A6C9F1B819AEC5FC4 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
15:49:44.0138 4200 Dhcp - ok
15:49:44.0158 4200 [ 4D40C9B33F738797CF50E77CB7C53E85 ] disk C:\WINDOWS\system32\drivers\disk.sys
15:49:44.0171 4200 disk - ok
15:49:44.0181 4200 [ EB70A894708D1BC176AFD690FF06085F ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
15:49:44.0226 4200 dmvsc - ok
15:49:44.0261 4200 [ 5BAF7714E68F93515A937A3FA8587EF9 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
15:49:44.0370 4200 Dnscache - ok
15:49:44.0406 4200 [ 50288EA079BB520C2B8C8A154202D518 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
15:49:44.0433 4200 dot3svc - ok
15:49:44.0448 4200 [ 281BEE07BA97E3E98D12A822D923D0D8 ] DPS C:\WINDOWS\system32\dps.dll
15:49:44.0466 4200 DPS - ok
15:49:44.0493 4200 [ 89595B15B876EADE5780B4C4B2451AFA ] DptfDevDram C:\WINDOWS\system32\DRIVERS\DptfDevDram.sys
15:49:44.0502 4200 DptfDevDram - ok
15:49:44.0522 4200 [ 6CBC15DEE81DEEF89C1835E7BF87CC87 ] DptfDevFan C:\WINDOWS\system32\DRIVERS\DptfDevFan.sys
15:49:44.0530 4200 DptfDevFan - ok
15:49:44.0551 4200 [ A9371AA3293D6CB2E4B8620A4D302D76 ] DptfDevGen C:\WINDOWS\system32\DRIVERS\DptfDevGen.sys
15:49:44.0559 4200 DptfDevGen - ok
15:49:44.0576 4200 [ CC6B4E7D8C9C6F73D4099C6F514D2CAE ] DptfDevPch C:\WINDOWS\system32\DRIVERS\DptfDevPch.sys
15:49:44.0585 4200 DptfDevPch - ok
15:49:44.0606 4200 [ 150DB10026FA1CF01270885FB62276D8 ] DptfDevProc C:\WINDOWS\system32\DRIVERS\DptfDevProc.sys
15:49:44.0618 4200 DptfDevProc - ok
15:49:44.0638 4200 [ A56B34459B4E6919903F214D555E2E21 ] DptfManager C:\WINDOWS\system32\DRIVERS\DptfManager.sys
15:49:44.0653 4200 DptfManager - ok
15:49:44.0664 4200 [ 2C4C814B2D76B19B581D81A1F9D5CEA1 ] DptfParticipantProcessorService C:\WINDOWS\system32\DptfParticipantProcessorService.exe
15:49:44.0671 4200 DptfParticipantProcessorService - ok
15:49:44.0696 4200 [ 26C3D7C10EA87BA7B6927CD259B3158C ] DptfPolicyConfigTDPService C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe
15:49:44.0704 4200 DptfPolicyConfigTDPService - ok
15:49:44.0736 4200 [ DDC11A202207C0400CBE07315B8FDE5E ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
15:49:44.0747 4200 drmkaud - ok
15:49:44.0767 4200 [ 5B074F14F5DD6418F46EE4CA2DEB7EA8 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
15:49:44.0789 4200 DsmSvc - ok
15:49:44.0816 4200 [ 6A0E850DDCB136AA3D2FB7234382DF12 ] dtsoftbus01 C:\WINDOWS\System32\drivers\dtsoftbus01.sys
15:49:44.0830 4200 dtsoftbus01 - ok
15:49:44.0880 4200 [ A3D1CB64DF885ACE126543E6D7067348 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
15:49:44.0963 4200 DXGKrnl - ok
15:49:44.0988 4200 [ 6073537F250B45E1CB2A02E97F0FE1B2 ] Eaphost C:\WINDOWS\System32\eapsvc.dll
15:49:45.0018 4200 Eaphost - ok
15:49:45.0098 4200 [ 114BCFDF367FF37C3F1B0A96AF542E4D ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
15:49:45.0232 4200 ebdrv - ok
15:49:45.0272 4200 [ F6F209DDB94959BA104FC8FC87C53759 ] EFS C:\WINDOWS\System32\lsass.exe
15:49:45.0284 4200 EFS - ok
15:49:45.0313 4200 [ 43531A5993380CC5113242C29D265FD9 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
15:49:45.0324 4200 EhStorClass - ok
15:49:45.0344 4200 [ 6F8E738A9505A388B1157FDDE7B3101B ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
15:49:45.0356 4200 EhStorTcgDrv - ok
15:49:45.0369 4200 [ DFFFAE1442BA4076E18EED5E406FA0D3 ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
15:49:45.0380 4200 ErrDev - ok
15:49:45.0423 4200 [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3 ] EventSystem C:\WINDOWS\system32\es.dll
15:49:45.0462 4200 EventSystem - ok
15:49:45.0476 4200 [ 7729D294A555C7AEB281ED8E4D0E01E4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
15:49:45.0502 4200 exfat - ok
15:49:45.0534 4200 [ 7C4E0D5900B2A1D11EDD626D6DDB937B ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
15:49:45.0547 4200 fastfat - ok
15:49:45.0584 4200 [ 2BC8532ABF2B3756B78FA1DA54147DDE ] Fax C:\WINDOWS\system32\fxssvc.exe
15:49:45.0623 4200 Fax - ok
15:49:45.0637 4200 [ 5D8402613E778B3BD45E687A8372710B ] fdc C:\WINDOWS\System32\drivers\fdc.sys
15:49:45.0658 4200 fdc - ok
15:49:45.0682 4200 [ DC1A78BCCCB7EE53D6FD3BD615A8E222 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
15:49:45.0699 4200 fdPHost - ok
15:49:45.0713 4200 [ E5AD448F2DC84B1CF387FA7F2A3D1936 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
15:49:45.0731 4200 FDResPub - ok
15:49:45.0747 4200 [ 0046E0BD031213D37123876B0D0FA61C ] fhsvc C:\WINDOWS\system32\fhsvc.dll
15:49:45.0773 4200 fhsvc - ok
15:49:45.0802 4200 [ 957A7A8F5ACCAF23DD9DFF6DAA393CE5 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
15:49:45.0813 4200 FileInfo - ok
15:49:45.0827 4200 [ A1A66C4FDAFD6B0289523232AFB7D8AF ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
15:49:45.0857 4200 Filetrace - ok
15:49:45.0867 4200 [ BE743083CF7063C486A4398E3AEFE59A ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
15:49:45.0887 4200 flpydisk - ok
15:49:45.0910 4200 [ 60D5067FCE6D9433D35E04C01D8538B3 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
15:49:45.0928 4200 FltMgr - ok
15:49:45.0961 4200 [ 183CA7699474FDE235853967D1DA4D9B ] FontCache C:\WINDOWS\system32\FntCache.dll
15:49:46.0188 4200 FontCache - ok
15:49:46.0288 4200 [ 1C52387BF5A127F5F3BFB31288F30D93 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:49:46.0319 4200 FontCache3.0.0.0 - ok
15:49:46.0329 4200 [ 35005534E600E993A90B036E4E599F2B ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
15:49:46.0340 4200 FsDepends - ok
15:49:46.0351 4200 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:49:46.0361 4200 Fs_Rec - ok
15:49:46.0394 4200 [ 83E1F0983B02A6F8EC764D18E24ECF10 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
15:49:46.0416 4200 fvevol - ok
15:49:46.0444 4200 [ 9591D0B9351ED489EAFD9D1CE52A8015 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
15:49:46.0464 4200 FxPPM - ok
15:49:46.0482 4200 [ FC3EF65EE20D39F8749C2218DBA681CA ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
15:49:46.0493 4200 gagp30kx - ok
15:49:46.0512 4200 [ 0BF5CAD281E25F1418E5B8875DC5ADD1 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
15:49:46.0524 4200 gencounter - ok
15:49:46.0536 4200 [ FDA72810CA2F8409D9B31E833C448E34 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
15:49:46.0548 4200 GPIOClx0101 - ok
15:49:46.0583 4200 [ 0BDE0FCF597E9B65600121EF54FF8340 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
15:49:46.0660 4200 gpsvc - ok
15:49:46.0713 4200 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:49:46.0725 4200 gupdate - ok
15:49:46.0740 4200 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:49:46.0747 4200 gupdatem - ok
15:49:46.0811 4200 [ 03909BDBFF0DCACCABF2B2D4ADEE44DC ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
15:49:46.0850 4200 HDAudBus - ok
15:49:46.0861 4200 [ 10A70BC1871CD955D85CD88372724906 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
15:49:46.0873 4200 HidBatt - ok
15:49:46.0882 4200 [ 1EA1B4FABB8CC348E73CA90DBA22E104 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
15:49:46.0901 4200 HidBth - ok
15:49:46.0915 4200 [ C241A8BAFBBFC90176EA0F5240EACC17 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
15:49:46.0928 4200 hidi2c - ok
15:49:46.0956 4200 [ 9BDDEE26255421017E161CCB9D5EDA95 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
15:49:46.0978 4200 HidIr - ok
15:49:46.0996 4200 [ 449A20A674AA3FAA7F0DD4E33EE2DC20 ] hidserv C:\WINDOWS\system32\hidserv.dll
15:49:47.0036 4200 hidserv - ok
15:49:47.0055 4200 [ A9F2301B8D28BB4D887F5AEBB55ACB3A ] HIDSwitch C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys
15:49:47.0078 4200 HIDSwitch - ok
15:49:47.0097 4200 [ F31397220D9687E11EB448649AA6E038 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
15:49:47.0130 4200 HidUsb - ok
15:49:47.0160 4200 [ 7BF3ADCBD021D4F4A84CF40EB49C71B5 ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
15:49:47.0228 4200 hkmsvc - ok
15:49:47.0297 4200 [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
15:49:47.0386 4200 HomeGroupListener - ok
15:49:47.0420 4200 [ BE5F89BAFBD4272D5A0C0A37B97865ED ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
15:49:47.0487 4200 HomeGroupProvider - ok
15:49:47.0515 4200 [ A6AACEA4C785789BDA5912AD1FEDA80D ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
15:49:47.0533 4200 HpSAMD - ok
15:49:47.0562 4200 [ 3502776E366C913D49C0DA928AE3E6CB ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
15:49:47.0609 4200 HTTP - ok
15:49:47.0624 4200 [ 90656C0B3864804B090434EFC582404F ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
15:49:47.0634 4200 hwpolicy - ok
15:49:47.0853 4200 [ 6D6F9E3BF0484967E52F7E846BFF1CA1 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
15:49:47.0890 4200 hyperkbd - ok
15:49:47.0915 4200 [ 907C870F8C31F8DDD6F090857B46AB25 ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
15:49:47.0933 4200 HyperVideo - ok
15:49:48.0043 4200 [ 84CFC5EFA97D0C965EDE1D56F116A541 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
15:49:48.0072 4200 i8042prt - ok
15:49:48.0080 4200 [ 5D90E32E36CE5D4C535D17CE08AEAF05 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
15:49:48.0093 4200 iaLPSSi_GPIO - ok
15:49:48.0113 4200 [ DD05E7E80F52ADE9AEB292819920F32C ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
15:49:48.0129 4200 iaLPSSi_I2C - ok
15:49:48.0260 4200 [ 6C91E425ACE29594BD574DE38AC9B76D ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
15:49:48.0303 4200 iaStorA - ok
15:49:48.0439 4200 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
15:49:48.0471 4200 iaStorAV - ok
15:49:48.0582 4200 [ A2200C3033FA4EF249FC096A7A7D02A2 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
15:49:48.0623 4200 iaStorV - ok
15:49:48.0629 4200 IEEtwCollectorService - ok
15:49:48.0704 4200 [ 16D939A13CFB82DEE0B9DB12E45C7B4E ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
15:49:48.0818 4200 igfx - ok
15:49:48.0860 4200 [ B82255670D270B75D2D2F0F8747D1443 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
15:49:48.0922 4200 IKEEXT - ok
15:49:48.0961 4200 [ DB65573521AB51941F4FA799D0968136 ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
15:49:48.0984 4200 intaud_WaveExtensible - ok
15:49:49.0382 4200 [ 00F30D5313F86F75D950A34DAA756C2F ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
15:49:49.0506 4200 IntcAzAudAddService - ok
15:49:49.0537 4200 [ F5495B38BFB9149925F54F65AB40EFBF ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
15:49:49.0579 4200 IntcDAud - ok
15:49:49.0663 4200 [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
15:49:49.0697 4200 Intel(R) Capability Licensing Service Interface - ok
15:49:49.0746 4200 [ 9656F8E29F6C3161A3E99BCD3A472FF9 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
15:49:49.0770 4200 Intel(R) ME Service - ok
15:49:49.0787 4200 [ 4E448FCFFD00E8D657CD9E48D3E47157 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
15:49:49.0798 4200 intelide - ok
15:49:49.0822 4200 [ 139CFCDCD36B1B1782FD8C0014AC9B0E ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
15:49:49.0832 4200 intelpep - ok
15:49:49.0848 4200 [ 47E74A8E53C7C24DCE38311E1451C1D9 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
15:49:49.0887 4200 intelppm - ok
15:49:49.0911 4200 [ 9DB76D7F9E4E53EFE5DD8C53DE837514 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:49:49.0935 4200 IpFilterDriver - ok
15:49:49.0963 4200 [ DFC4050D58565ADBEE793A8D4AEBDAE6 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
15:49:50.0039 4200 iphlpsvc - ok
15:49:50.0077 4200 [ 9949A3C7590B8C536C05312205079A82 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
15:49:50.0117 4200 IPMIDRV - ok
15:49:50.0143 4200 [ E23D32BAF152FBE35F18C6A2AB8EF271 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
15:49:50.0165 4200 IPNAT - ok
15:49:50.0189 4200 [ AE44C526AB5F8A487D941CEB57B10C97 ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
15:49:50.0242 4200 IRENUM - ok
15:49:50.0269 4200 [ 8AFEEA3955AA43616A60F133B1D25F21 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
15:49:50.0305 4200 isapnp - ok
15:49:50.0323 4200 [ 034D4BD9DC67C64F3A4C8A049B5173BF ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
15:49:50.0345 4200 iScsiPrt - ok
15:49:50.0376 4200 [ 2C04ACF9070282AC9AA837C52CA3C128 ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys
15:49:50.0384 4200 iwdbus - ok
15:49:50.0422 4200 [ 78ABBE558F57144047F10A0F50FE4B2F ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
15:49:50.0432 4200 jhi_service - ok
15:49:50.0441 4200 [ 8BE92376799B6B44D543E8D07CDCF885 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
15:49:50.0452 4200 kbdclass - ok
15:49:50.0468 4200 [ FB6E47E569D4872ABEB506BE03A45FBA ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
15:49:50.0480 4200 kbdhid - ok
15:49:50.0487 4200 [ A8080BEBCDB7A16495CE1205921DCAC5 ] kbfiltr C:\WINDOWS\System32\drivers\kbfiltr.sys
15:49:50.0496 4200 kbfiltr - ok
15:49:50.0504 4200 [ 813871C7D402A05F2E3A7075F9584A05 ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
15:49:50.0541 4200 kdnic - ok
15:49:50.0552 4200 [ F6F209DDB94959BA104FC8FC87C53759 ] KeyIso C:\WINDOWS\system32\lsass.exe
15:49:50.0565 4200 KeyIso - ok
15:49:50.0592 4200 [ ADDECBCC777665BD113BED437E602AB0 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
15:49:50.0604 4200 KSecDD - ok
15:49:50.0622 4200 [ 7296EA420134EAC390798B3232D066A4 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
15:49:50.0637 4200 KSecPkg - ok
15:49:50.0651 4200 [ 11AFB527AA370B1DAFD5C36F35F6D45F ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
15:49:50.0674 4200 ksthunk - ok
15:49:50.0708 4200 [ 32B1A8351160F307A8C66BCB0F94A9C2 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
15:49:50.0736 4200 KtmRm - ok
15:49:50.0750 4200 [ 50AECF8C21AB2A6428A6E1E10549D8E5 ] L1C C:\WINDOWS\system32\DRIVERS\L1C63x64.sys
15:49:50.0760 4200 L1C - ok
15:49:50.0798 4200 [ 27B58E16CF895AC1F1A97C04814C2239 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
15:49:50.0817 4200 LanmanServer - ok
15:49:50.0829 4200 [ D0D9C2ECA4D03A8F06DCD91236B90C98 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
15:49:50.0858 4200 LanmanWorkstation - ok
15:49:50.0933 4200 [ D186AAAE72691136BDE00BBB41F48D12 ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
15:49:50.0957 4200 LBTServ - ok
15:49:50.0978 4200 [ 015BABFCD2E911C505204257DAB5ADC5 ] LEqdUsb C:\WINDOWS\system32\DRIVERS\LEqdUsb.Sys
15:49:50.0987 4200 LEqdUsb - ok
15:49:51.0013 4200 [ EE289BD147FDFF95EF1B9BD65D3B974A ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll
15:49:51.0063 4200 lfsvc - ok
15:49:51.0074 4200 [ 20A23B8863AAA8A23EEB9E2919F529FD ] LHidEqd C:\WINDOWS\system32\DRIVERS\LHidEqd.Sys
15:49:51.0082 4200 LHidEqd - ok
15:49:51.0098 4200 [ 77D5786C6A7765503884E38706C9FD5E ] LHidFilt C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
15:49:51.0107 4200 LHidFilt - ok
15:49:51.0119 4200 [ C09010B3680860131631F53E8FE7BAD8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
15:49:51.0149 4200 lltdio - ok
15:49:51.0171 4200 [ 00E070FC0C673311AFD4B068D1242780 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
15:49:51.0203 4200 lltdsvc - ok
15:49:51.0228 4200 [ D113FAD71A5E67AA94B32A0F8828D265 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
15:49:51.0305 4200 lmhosts - ok
15:49:51.0328 4200 [ F84023FB2E3DEA06103501974A2EDB44 ] LMouFilt C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
15:49:51.0343 4200 LMouFilt - ok
15:49:51.0372 4200 [ 2C24DC448DBE8DB9BE1441B824C57E79 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
15:49:51.0391 4200 LMS - ok
15:49:51.0430 4200 [ C755AE4635457AA2A11F79C0DF857ABC ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
15:49:51.0450 4200 LSI_SAS - ok
15:49:51.0470 4200 [ ADAC09CBE7A2040B7F68B5E5C9A75141 ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
15:49:51.0482 4200 LSI_SAS2 - ok
15:49:51.0499 4200 [ 04D1274BB9BBCCF12BD12374002AA191 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys
15:49:51.0512 4200 LSI_SAS3 - ok
15:49:51.0531 4200 [ 327469EEF3833D0C584B7E88A76AEC0C ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
15:49:51.0543 4200 LSI_SSS - ok
15:49:51.0562 4200 [ B6B69FF200F68888A7FAFDF204D00C91 ] LSM C:\WINDOWS\System32\lsm.dll
15:49:51.0602 4200 LSM - ok
15:49:51.0633 4200 [ 5EF604B0698F4FA962778285E8C5F1F2 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
15:49:51.0650 4200 luafv - ok
15:49:51.0662 4200 [ EB5C03A070F30D64A6DF80E53B22F53F ] megasas C:\WINDOWS\system32\drivers\megasas.sys
15:49:51.0672 4200 megasas - ok
15:49:51.0695 4200 [ F6F13533196DE7A582D422B0241E4363 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
15:49:51.0717 4200 megasr - ok
15:49:51.0750 4200 [ 772A1DEEDFDBC244183B5C805D1B7D85 ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
15:49:51.0759 4200 MEIx64 - ok
15:49:51.0845 4200 [ FAFE367D032ED82E9332B4C741A20216 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
15:49:51.0867 4200 Microsoft Office Groove Audit Service - ok
15:49:51.0895 4200 [ FD788C2D96EA91469A3C1D13E80D7473 ] MMCSS C:\WINDOWS\system32\mmcss.dll
15:49:51.0950 4200 MMCSS - ok
15:49:51.0958 4200 [ 8B38C44F69259987C95135C9627E2378 ] Modem C:\WINDOWS\system32\drivers\modem.sys
15:49:51.0978 4200 Modem - ok
15:49:52.0012 4200 [ 601589000CC90F0DF8DA2CC254A3CCC9 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
15:49:52.0047 4200 monitor - ok
15:49:52.0114 4200 [ CEAC6D40FE887CE8406C2393CF97DE06 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
15:49:52.0161 4200 mouclass - ok
15:49:52.0195 4200 [ 02D98BF804084E9A0D69D1C69B02CCA9 ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
15:49:52.0233 4200 mouhid - ok
15:49:52.0255 4200 [ 515549560D481138E6E21AF7C6998E56 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
15:49:52.0278 4200 mountmgr - ok
15:49:52.0285 4200 [ F170510BE94CF45E3C6274578F6204B2 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
15:49:52.0310 4200 mpsdrv - ok
15:49:52.0344 4200 [ D186C5844393252147BE934F3871DB7A ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
15:49:52.0402 4200 MpsSvc - ok
15:49:52.0414 4200 [ 59DCEC7499095DE5AED741358037AE2D ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
15:49:52.0442 4200 MRxDAV - ok
15:49:52.0494 4200 [ 6129EDB793A4255B1E2FB41773AC9D9A ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:49:52.0526 4200 mrxsmb - ok
15:49:52.0547 4200 [ 295771B092D4F7FCF2B62F80CCD14320 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
15:49:52.0579 4200 mrxsmb10 - ok
15:49:52.0593 4200 [ AAF56E4E84D35411B4E446C445732DFE ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
15:49:52.0615 4200 mrxsmb20 - ok
15:49:52.0628 4200 [ 4E888019078AC363076A5433E89AA4F8 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
15:49:52.0643 4200 MsBridge - ok
15:49:52.0672 4200 [ A082C17D14D0790E27D064EA4B138AE1 ] MSDTC C:\WINDOWS\System32\msdtc.exe
15:49:52.0695 4200 MSDTC - ok
15:49:52.0717 4200 [ D13329FBF8345B28AB30F44CC247DC08 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
15:49:52.0743 4200 Msfs - ok
15:49:52.0752 4200 [ C6B474E46F9E543B875981ED3FFE6ADD ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
15:49:52.0763 4200 msgpiowin32 - ok
15:49:52.0771 4200 [ 65C92EB9D08DB5C69F28C7FFD4E84E31 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
15:49:52.0789 4200 mshidkmdf - ok
15:49:52.0818 4200 [ 52299F086AC2DAFD100DD5DC4A8614BA ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
15:49:52.0840 4200 mshidumdf - ok
15:49:52.0850 4200 [ 36D92AF3343C3A3E57FEF11C449AEA4C ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
15:49:52.0860 4200 msisadrv - ok
15:49:52.0895 4200 [ 810F8A0A0680662BB0CE44D0E2CEF90C ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
15:49:52.0910 4200 MSiSCSI - ok
15:49:52.0914 4200 msiserver - ok
15:49:52.0929 4200 [ A9BBBD2BAE6142253B9195E949AC2E8D ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:49:52.0945 4200 MSKSSRV - ok
15:49:52.0965 4200 [ 375E44168F2DFB91A68B8A3F619C5A7C ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
15:49:52.0992 4200 MsLldp - ok
15:49:53.0008 4200 [ 7B2128EB875DCBC006E6A913211006D6 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:49:53.0019 4200 MSPCLOCK - ok
15:49:53.0047 4200 [ 1E88171579B218115C7A772F8DE04BD8 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
15:49:53.0071 4200 MSPQM - ok
15:49:53.0095 4200 [ BBE2A455053E63BECBF42C2F9B21FAE0 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
15:49:53.0112 4200 MsRPC - ok
15:49:53.0130 4200 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
15:49:53.0141 4200 mssmbios - ok
15:49:53.0155 4200 [ 115019AE01E0EB9C048530D2928AB4A2 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
15:49:53.0176 4200 MSTEE - ok
15:49:53.0192 4200 [ 96D604A35070360F0DD4A7A8AF410B5E ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
15:49:53.0261 4200 MTConfig - ok
15:49:53.0284 4200 [ 619CA29326B82372621DB2C0964D8365 ] Mup C:\WINDOWS\system32\Drivers\mup.sys
15:49:53.0316 4200 Mup - ok
15:49:53.0334 4200 [ B8C35C94DCB2DFEAF03BB42131F2F77F ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
15:49:53.0353 4200 mvumis - ok
15:49:53.0393 4200 [ 41A45D2A75494EABF2806EA051E00376 ] napagent C:\WINDOWS\system32\qagentRT.dll
15:49:53.0442 4200 napagent - ok
15:49:53.0479 4200 [ CF8B989D89D6807B887690F2CF24EFD9 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
15:49:53.0533 4200 NativeWifiP - ok
15:49:53.0561 4200 [ 71E3C0100AA19D11373CCEB2F51A6008 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
15:49:53.0586 4200 NcaSvc - ok
15:49:53.0604 4200 [ 51DF09CAB2CAC64FEE3E371D9028ED01 ] NcbService C:\WINDOWS\System32\ncbservice.dll
15:49:53.0640 4200 NcbService - ok
15:49:53.0660 4200 [ 2586C4C167499210DCBF3ECFD8CCE210 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
15:49:53.0722 4200 NcdAutoSetup - ok
15:49:53.0767 4200 [ AD9086052A5E5153AF43FE74138A4B27 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
15:49:53.0812 4200 NDIS - ok
15:49:53.0827 4200 [ C6BB12BC35D1637CA17AE16D3A4725EB ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
15:49:53.0841 4200 NdisCap - ok
15:49:53.0855 4200 [ 9F1DA20E943BE7AA4ED5F3E1EBA78B37 ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
15:49:53.0885 4200 NdisImPlatform - ok
15:49:53.0912 4200 [ 9423421E735BD5394351E0C47C76BB92 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:49:53.0931 4200 NdisTapi - ok
15:49:53.0946 4200 [ B832B35055BA2B7B4181861FF94D8E59 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:49:53.0964 4200 Ndisuio - ok
15:49:53.0972 4200 [ 1F58E48EF75F34C35D8E93A0DC535CFE ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
15:49:53.0986 4200 NdisVirtualBus - ok
15:49:54.0002 4200 [ DEC29080202D4F9F17F55E18BCFCC41A ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:49:54.0017 4200 NdisWan - ok
15:49:54.0022 4200 [ DEC29080202D4F9F17F55E18BCFCC41A ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:49:54.0037 4200 NdisWanLegacy - ok
15:49:54.0052 4200 [ A5BD69A8812FA79D1A487691DD3FB244 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
15:49:54.0068 4200 NDProxy - ok
15:49:54.0102 4200 [ 5A072F0B90C29C5233D78BE33EF5ED78 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
15:49:54.0133 4200 Ndu - ok
15:49:54.0148 4200 [ A83D67D347A684F10B7D3019C8A6380C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
15:49:54.0175 4200 NetBIOS - ok
15:49:54.0196 4200 [ 0217532E19A748F0E5D569307363D5FD ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
15:49:54.0211 4200 NetBT - ok
15:49:54.0226 4200 [ F6F209DDB94959BA104FC8FC87C53759 ] Netlogon C:\WINDOWS\system32\lsass.exe
15:49:54.0238 4200 Netlogon - ok
15:49:54.0271 4200 [ B7AD851A21FEBA3BA214972627614207 ] Netman C:\WINDOWS\System32\netman.dll
15:49:54.0289 4200 Netman - ok
15:49:54.0319 4200 [ F0F0A372C2EF6358399C4936F91B6131 ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
15:49:54.0351 4200 netprofm - ok
15:49:54.0395 4200 [ 1092B3190E69E0C5ECBCE90F171DE047 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:49:54.0448 4200 NetTcpPortSharing - ok
15:49:54.0480 4200 [ 70414DB660BFBB7BD58FCE8EA4364E1B ] netvsc C:\WINDOWS\system32\DRIVERS\netvsc63.sys
15:49:54.0501 4200 netvsc - ok
15:49:54.0539 4200 [ 3A280F3B3C7A46E29C404ACD46ECBF5E ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
15:49:54.0560 4200 NlaSvc - ok
15:49:54.0581 4200 [ 8F44A2F57C9F1A19AC9C6288C10FB351 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
15:49:54.0604 4200 Npfs - ok
15:49:54.0618 4200 [ CBDB4F0871C88DF930FC0E8588CA67FC ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
15:49:54.0635 4200 npsvctrig - ok
15:49:54.0652 4200 [ 6E2271ED0C3E95B8E29F3752B91B9E84 ] nsi C:\WINDOWS\system32\nsisvc.dll
15:49:54.0666 4200 nsi - ok
15:49:54.0678 4200 [ E490B459978CB87779E84C761D22B827 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
15:49:54.0699 4200 nsiproxy - ok
15:49:54.0766 4200 [ 4412D565C0278C401575E11072C7DCE3 ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
15:49:54.0877 4200 Ntfs - ok
15:49:54.0889 4200 [ EF1B290FC9F0E47CC0B537292BEE5904 ] Null C:\WINDOWS\system32\drivers\Null.sys
15:49:54.0900 4200 Null - ok
15:49:54.0921 4200 [ BC6B5942AFF25EBAF62DE43C3807EDF8 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
15:49:54.0934 4200 nvraid - ok
15:49:54.0955 4200 [ 1F43ABFFAC3D6CA356851D517392966E ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
15:49:54.0967 4200 nvstor - ok
15:49:54.0984 4200 [ 6934A936A7369DFE37B7DBA93F5E5E49 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
15:49:54.0996 4200 nv_agp - ok
15:49:55.0139 4200 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:49:55.0203 4200 odserv - ok
15:49:55.0228 4200 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:49:55.0237 4200 ose - ok
15:49:55.0277 4200 [ 3B510F20806B94E389784ED09DBD2111 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
15:49:55.0326 4200 p2pimsvc - ok
15:49:55.0358 4200 [ 2A57A937BC5B1B2D6AFE6A8C5925F50B ] p2psvc C:\WINDOWS\system32\p2psvc.dll
15:49:55.0404 4200 p2psvc - ok
15:49:55.0431 4200 [ 764B1121867B2D9B31C491668AC72B2B ] Parport C:\WINDOWS\System32\drivers\parport.sys
15:49:55.0456 4200 Parport - ok
15:49:55.0476 4200 [ EF0C1749C9A8CEE9A457473D433CC00F ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
15:49:55.0488 4200 partmgr - ok
15:49:55.0498 4200 [ 9A5309EF92F39346CFD5A4C2C3D1BFAD ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
15:49:55.0538 4200 PcaSvc - ok
15:49:55.0563 4200 [ C0D3F3BC1C84B4BA746D9847314C1164 ] pci C:\WINDOWS\system32\drivers\pci.sys
15:49:55.0593 4200 pci - ok
15:49:55.0608 4200 [ 346E38FCC6859A727DD28AFAD1F0AFF4 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
15:49:55.0619 4200 pciide - ok
15:49:55.0632 4200 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
15:49:55.0646 4200 pcmcia - ok
15:49:55.0660 4200 [ BF28771D1436C88BE1D297D3098B0F7D ] pcw C:\WINDOWS\system32\drivers\pcw.sys
15:49:55.0670 4200 pcw - ok
15:49:55.0690 4200 [ B9D968D8E2B0F9C6301CEB39CFC9B9E4 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
15:49:55.0702 4200 pdc - ok
15:49:55.0762 4200 [ 20372BE109FEE1C37E2D5216680DB9EB ] PDF Architect Helper Service C:\Program Files (x86)\PDF Architect\HelperService.exe
15:49:55.0813 4200 PDF Architect Helper Service - ok
15:49:55.0838 4200 [ B90A279073A815A4AA2C45A09EE004FA ] PDF Architect Service C:\Program Files (x86)\PDF Architect\ConversionService.exe
15:49:55.0859 4200 PDF Architect Service - ok
15:49:55.0902 4200 [ BA50CC0BD19004AAB88BE37338B6FA0D ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
15:49:55.0948 4200 PEAUTH - ok
15:49:56.0008 4200 [ 8E3C640FFF5A963F570233AE99C0FFF3 ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
15:49:56.0029 4200 PerfHost - ok
15:49:56.0088 4200 [ 928061178CD9856CA6B67FFFCE6BA766 ] pla C:\WINDOWS\system32\pla.dll
15:49:56.0142 4200 pla - ok
15:49:56.0173 4200 [ 752A457320A946E03C3AA86C3ACD735E ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
15:49:56.0192 4200 PlugPlay - ok
15:49:56.0215 4200 [ 045EB4F260606A03BE340D09DEAF3BA4 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
15:49:56.0258 4200 PNRPAutoReg - ok
15:49:56.0272 4200 [ 3B510F20806B94E389784ED09DBD2111 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
15:49:56.0288 4200 PNRPsvc - ok
15:49:56.0313 4200 [ C16097D77A232A288D65F299E2E01105 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
15:49:56.0333 4200 PolicyAgent - ok
15:49:56.0354 4200 [ 00E08B30E7F7C13ECE2CDF4F46A77311 ] Power C:\WINDOWS\system32\umpo.dll
15:49:56.0396 4200 Power - ok
15:49:56.0501 4200 [ B7DB57A000D46D4DE75BC0C563E58072 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
15:49:56.0594 4200 PrintNotify - ok
15:49:56.0624 4200 [ ECD373F9571C745894367CC2635EA44F ] Processor C:\WINDOWS\System32\drivers\processr.sys
15:49:56.0646 4200 Processor - ok
15:49:56.0675 4200 [ 8513A1E7AE4B9DC82C4B4F432C648A58 ] ProfSvc C:\WINDOWS\system32\profsvc.dll
15:49:56.0709 4200 ProfSvc - ok
15:49:56.0735 4200 [ 8528BB05E4D4E25945F78B00B2555FB7 ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
15:49:56.0751 4200 Psched - ok
15:49:56.0787 4200 [ AF90BB44C99D6820BE52C9BBAA523283 ] QWAVE C:\WINDOWS\system32\qwave.dll
15:49:56.0807 4200 QWAVE - ok
15:49:56.0825 4200 [ 3FB466684609A4329858CF2EBD62E0FD ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
15:49:56.0854 4200 QWAVEdrv - ok
15:49:56.0885 4200 [ 2C56F0EE27E4EF70CA4B4983D3638905 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:49:56.0914 4200 RasAcd - ok
15:49:56.0942 4200 [ 5F061AC45266841A2860C1858ED863B8 ] RasAuto C:\WINDOWS\System32\rasauto.dll
15:49:56.0963 4200 RasAuto - ok
15:49:56.0986 4200 [ BF3B17016764F20F9D28CF1A8DC210C0 ] RasMan C:\WINDOWS\System32\rasmans.dll
15:49:57.0024 4200 RasMan - ok
15:49:57.0043 4200 [ 5247F308C4103CDC4FE12AE1D235800A ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:49:57.0059 4200 RasPppoe - ok
15:49:57.0083 4200 [ B939A2A0F9D6C6C186721E268EB6FA93 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:49:57.0111 4200 rdbss - ok
15:49:57.0132 4200 [ 6B21EBF892CD8CACB71669B35AB5DE32 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
15:49:57.0154 4200 rdpbus - ok
15:49:57.0166 4200 [ 680C1DAE268B6FB67FA21B389A8B79EF ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
15:49:57.0186 4200 RDPDR - ok
15:49:57.0204 4200 [ 858776908AF838E3790F3261B799CDA6 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
15:49:57.0214 4200 RdpVideoMiniport - ok
15:49:57.0243 4200 [ 847C6A08912C3515807049C93E526D65 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
15:49:57.0258 4200 rdyboost - ok
15:49:57.0279 4200 [ 036746D54347FD2D0385668E2A4064E4 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
15:49:57.0309 4200 ReFS - ok
15:49:57.0334 4200 [ BFFB40FBE6D2C3469F8D06EE5E4934AB ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
15:49:57.0368 4200 RemoteAccess - ok
15:49:57.0398 4200 [ 4DCCABE03D06955ED61BABBD8EF9F30F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
15:49:57.0432 4200 RemoteRegistry - ok
15:49:57.0471 4200 [ 02307C86CB24769306B0DFA0C751952E ] RFCOMM C:\WINDOWS\system32\DRIVERS\rfcomm.sys
15:49:57.0498 4200 RFCOMM - ok
15:49:57.0537 4200 [ D894CBD7DA753C881EE8D5E33B583225 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
15:49:57.0556 4200 RpcEptMapper - ok
15:49:57.0585 4200 [ 5CAE8F47B31D5CFC322B5B898C19E0FE ] RpcLocator C:\WINDOWS\system32\locator.exe
15:49:57.0612 4200 RpcLocator - ok
15:49:57.0643 4200 [ 3FD5AE42EC87C6F532A931F96BE731DD ] RpcSs C:\WINDOWS\system32\rpcss.dll
15:49:57.0662 4200 RpcSs - ok
15:49:57.0680 4200 [ 2D05A5508F4685412F2B89E8C2189ABC ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
15:49:57.0693 4200 rspndr - ok
15:49:57.0713 4200 [ 1A063730F221B2746FF00457AE17E4F0 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
15:49:57.0725 4200 s3cap - ok
15:49:57.0743 4200 [ F6F209DDB94959BA104FC8FC87C53759 ] SamSs C:\WINDOWS\system32\lsass.exe
15:49:57.0755 4200 SamSs - ok
15:49:57.0784 4200 [ C624A1B32211C3166EDB3F4AB02A30B7 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
15:49:57.0797 4200 sbp2port - ok
15:49:57.0823 4200 [ 47C497FA4DDEA908633CAA60CEBE6805 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
15:49:57.0853 4200 SCardSvr - ok
15:49:57.0859 4200 [ E76C4E98302AE39CC6FA5D20FC8B5438 ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
15:49:57.0876 4200 ScDeviceEnum - ok
15:49:57.0889 4200 [ ABD0237B15DBD2B4695F4B7D734A58F7 ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
15:49:57.0904 4200 scfilter - ok
15:49:57.0933 4200 [ 888A30EAB651502352C18745367FD179 ] Schedule C:\WINDOWS\system32\schedsvc.dll
15:49:57.0983 4200 Schedule - ok
15:49:58.0013 4200 [ AB285CE3431FF3D2ACE669245874C1C7 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
15:49:58.0029 4200 SCPolicySvc - ok
15:49:58.0045 4200 [ 2F9A3380B8C0380E5608E29C7AA66899 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
15:49:58.0065 4200 sdbus - ok
15:49:58.0122 4200 [ 4EAF4DCF9DBD9A56952A58F56D61C005 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
15:49:58.0195 4200 sdstor - ok
15:49:58.0212 4200 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
15:49:58.0235 4200 secdrv - ok
15:49:58.0247 4200 [ C49009F897BA4F2F4F31043663AA1485 ] seclogon C:\WINDOWS\system32\seclogon.dll
15:49:58.0273 4200 seclogon - ok
15:49:58.0285 4200 [ A88882E64BDC1D8E8D6E727B71CCCC53 ] SENS C:\WINDOWS\System32\sens.dll
15:49:58.0310 4200 SENS - ok
15:49:58.0326 4200 [ E66A7C8CE7ED22DED6DF1CA479FB4790 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
15:49:58.0362 4200 SensrSvc - ok
15:49:58.0395 4200 [ DB2FF24CE0BDD15FE75870AFE312BA89 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
15:49:58.0406 4200 SerCx - ok
15:49:58.0432 4200 [ 0044B31F93946D5D41982314381FE431 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
15:49:58.0444 4200 SerCx2 - ok
15:49:58.0462 4200 [ 3CD600C089C1251BEEB4CD4CD5164F9E ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
15:49:58.0474 4200 Serenum - ok
15:49:58.0490 4200 [ D864381BC9C725FAB01D94C060660166 ] Serial C:\WINDOWS\System32\drivers\serial.sys
15:49:58.0509 4200 Serial - ok
15:49:58.0527 4200 [ 0BD2B65DCE756FDE95A2E5CCCBF7705D ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
15:49:58.0539 4200 sermouse - ok
15:49:58.0578 4200 [ 441E6FF1F34D7A942946DB42A15FB519 ] SessionEnv C:\WINDOWS\system32\sessenv.dll
15:49:58.0625 4200 SessionEnv - ok
15:49:58.0635 4200 [ 472B7A5AC181C050888DB454663DD764 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
15:49:58.0654 4200 sfloppy - ok
15:49:58.0728 4200 [ F4414F57DF2CECB8FC969AA43A6B0D50 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
15:49:58.0772 4200 SharedAccess - ok
15:49:58.0813 4200 [ 0D190D8B4B20446BE6299AC734DFADF1 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
15:49:58.0852 4200 ShellHWDetection - ok
15:49:58.0865 4200 [ 2F518D13DD6F3053837FE606F1A2EA1F ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
15:49:58.0876 4200 SiSRaid2 - ok
15:49:58.0888 4200 [ 1AC9A200A9C49C4508F04AAFFCA34A3F ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
15:49:58.0900 4200 SiSRaid4 - ok
15:49:58.0919 4200 [ 587ACA15210D1B01FBF272E07A08F91A ] smphost C:\WINDOWS\System32\smphost.dll
15:49:58.0943 4200 smphost - ok
15:49:58.0972 4200 [ 49EEB92DE930B8566EF615D600781DB4 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
15:49:58.0996 4200 SNMPTRAP - ok
15:49:59.0035 4200 [ F6EBE514D13ECE7EDC23440039CDF9AB ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
15:49:59.0057 4200 spaceport - ok
15:49:59.0073 4200 [ F337BE11071818FC3F5DC2940B6BDE34 ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
15:49:59.0084 4200 SpbCx - ok
15:49:59.0114 4200 [ FE0CB40F36D3FCDD3A1B312EF72C38D5 ] Spooler C:\WINDOWS\System32\spoolsv.exe
15:49:59.0148 4200 Spooler - ok
15:49:59.0385 4200 [ E6DEC72A2A23FAA53EB9FEC3C7E29D66 ] sppsvc C:\WINDOWS\system32\sppsvc.exe
15:49:59.0618 4200 sppsvc - ok
15:49:59.0722 4200 [ 2B78788A1485F9B99A578A299DF42C02 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
15:49:59.0781 4200 srv - ok
15:49:59.0823 4200 [ C1AE59C0B0817236EC083A91C396005A ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
15:49:59.0873 4200 srv2 - ok
15:49:59.0887 4200 [ 77195C32175FC63D6054EBA5A066D727 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
15:49:59.0915 4200 srvnet - ok
15:49:59.0957 4200 [ BB9ED3EDD8E85008215A7250D325A72E ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
15:49:59.0981 4200 SSDPSRV - ok
15:50:00.0008 4200 [ 3911418AFDE10EA6823B7799E4815524 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
15:50:00.0038 4200 SstpSvc - ok
15:50:00.0057 4200 [ 5252D7BC56E5E0ED715AEA8FE173A455 ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
15:50:00.0069 4200 ssudmdm - ok
15:50:00.0095 4200 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
15:50:00.0108 4200 stexstor - ok
15:50:00.0138 4200 [ D638904FE86A5FE542A1BA13A9D68E5C ] stisvc C:\WINDOWS\System32\wiaservc.dll
15:50:00.0175 4200 stisvc - ok
15:50:00.0192 4200 [ 0ED2E318ABB68C1A35A8B8038BDB4C90 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
15:50:00.0204 4200 storahci - ok
15:50:00.0221 4200 [ 7A08CEE1535F5A448215634C5EA74E50 ] storflt C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
15:50:00.0232 4200 storflt - ok
15:50:00.0268 4200 [ 6B06E2D11E604BE2B1A406C4CB3B90DE ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
15:50:00.0279 4200 stornvme - ok
15:50:00.0307 4200 [ 3118058E3D07021A55324A943C6D722B ] StorSvc C:\WINDOWS\system32\storsvc.dll
15:50:00.0354 4200 StorSvc - ok
15:50:00.0363 4200 [ 548759755BC73DAD663250239D7E0B9F ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
15:50:00.0392 4200 storvsc - ok
15:50:00.0419 4200 [ D8E1AE075AB3E8AD56F69C44AA978596 ] svsvc C:\WINDOWS\system32\svsvc.dll
15:50:00.0451 4200 svsvc - ok
15:50:00.0469 4200 [ 84E0F5D41C138C5CC975137A2A98F6D3 ] swenum C:\WINDOWS\System32\drivers\swenum.sys
15:50:00.0480 4200 swenum - ok
15:50:00.0601 4200 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
15:50:00.0659 4200 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
15:50:00.0659 4200 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
15:50:00.0693 4200 [ A5DC2E63F5E5D3C0B843307374998479 ] swprv C:\WINDOWS\System32\swprv.dll
15:50:00.0722 4200 swprv - ok
15:50:00.0772 4200 [ E45DA7CBBA34510C8B9473AD7D4FFD0B ] SysMain C:\WINDOWS\system32\sysmain.dll
15:50:00.0876 4200 SysMain - ok
15:50:00.0908 4200 [ 373382005ACB27CB16ED16722FBE946A ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
15:50:00.0934 4200 SystemEventsBroker - ok
15:50:00.0961 4200 [ BA6DD39266A5E15515C8C14DA2DA3E5C ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
15:50:00.0985 4200 TabletInputService - ok
15:50:01.0003 4200 [ B517410F157693043DACA21B19B258A6 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
15:50:01.0022 4200 TapiSrv - ok
15:50:01.0204 4200 [ 6617F44D2432C529B2249A0498B6B40A ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
15:50:01.0296 4200 Tcpip - ok
15:50:01.0327 4200 [ 6617F44D2432C529B2249A0498B6B40A ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:50:01.0378 4200 TCPIP6 - ok
15:50:01.0414 4200 [ 33A7D83EEB15431773A6E186CFAABA21 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
15:50:01.0464 4200 tcpipreg - ok
15:50:01.0503 4200 [ FFF28F9F6823EB1756C60F1649560BBF ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
15:50:01.0543 4200 tdx - ok
15:50:01.0561 4200 [ 232D185D2337F141311D0CF1983E1431 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
15:50:01.0581 4200 terminpt - ok
15:50:01.0613 4200 [ 2C77831737491F4D684D315B95C62883 ] TermService C:\WINDOWS\System32\termsrv.dll
15:50:01.0652 4200 TermService - ok
15:50:01.0672 4200 [ 05FBE1F7C13E87AF7A414CDF288B1F62 ] Themes C:\WINDOWS\system32\themeservice.dll
15:50:01.0693 4200 Themes - ok
15:50:01.0714 4200 [ FD788C2D96EA91469A3C1D13E80D7473 ] THREADORDER C:\WINDOWS\system32\mmcss.dll
15:50:01.0727 4200 THREADORDER - ok
15:50:01.0737 4200 [ 347A3E49CE18402305B8119A6EC7CFEB ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
15:50:01.0769 4200 TimeBroker - ok
15:50:01.0809 4200 [ 82F909359600D3603FE852DB7F135626 ] TPM C:\WINDOWS\system32\drivers\tpm.sys
15:50:01.0839 4200 TPM - ok
15:50:01.0854 4200 [ C97E14BB6A196B0554D6EB67D8818175 ] TrkWks C:\WINDOWS\System32\trkwks.dll
15:50:01.0881 4200 TrkWks - ok
15:50:01.0910 4200 [ 370A6907DDF79532A39319492B1FA38A ] truecrypt C:\WINDOWS\system32\drivers\truecrypt.sys
15:50:01.0924 4200 truecrypt - ok
15:50:01.0972 4200 [ DA56FFA46030E6FEB215E3D5DAA65B11 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
15:50:01.0995 4200 TrustedInstaller - ok
15:50:02.0015 4200 [ BF8F54CA37E9C9D6582C31C5761F8C93 ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
15:50:02.0044 4200 TsUsbFlt - ok
15:50:02.0061 4200 [ E0088068DCE2EE82897027DDB8E05254 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
15:50:02.0087 4200 TsUsbGD - ok
15:50:02.0122 4200 [ C8E0E78B5D284C2FF59BDFFDAF997242 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
15:50:02.0147 4200 tunnel - ok
15:50:02.0180 4200 [ F6EEAD052943B5A3104C1405BB856C54 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
15:50:02.0193 4200 uagp35 - ok
15:50:02.0223 4200 [ FE6067B1FD4E63650C667B33D080565B ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
15:50:02.0249 4200 UASPStor - ok
15:50:02.0301 4200 [ 5D1B430EA11064C56E7C8F84B90DEB6A ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
15:50:02.0315 4200 UCX01000 - ok
15:50:02.0331 4200 [ 1EC649F112896FAE33250F0B97AC5D0B ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
15:50:02.0359 4200 udfs - ok
15:50:02.0370 4200 [ 9578691F297E1B1F519970FE6D47CB21 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
15:50:02.0381 4200 UEFI - ok
15:50:02.0410 4200 [ 320878AFECDBBD61BBE98624A6CAAC08 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
15:50:02.0436 4200 UI0Detect - ok
15:50:02.0446 4200 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
15:50:02.0456 4200 uliagpkx - ok
15:50:02.0471 4200 [ DA34C39A18E60E7C3FA0630566408034 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
15:50:02.0497 4200 umbus - ok
15:50:02.0512 4200 [ AE8294875E5446E359B1E8035D40C05E ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
15:50:02.0529 4200 UmPass - ok
15:50:02.0564 4200 [ E3DDF7D43E05784FAA5E042605EEE528 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
15:50:02.0590 4200 UmRdpService - ok
15:50:02.0682 4200 [ E1A119AD21F5AFE22EB516C549306D3D ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
15:50:02.0704 4200 UNS - ok
15:50:02.0729 4200 [ 4A2FFDAC45F317E17DF642C7160EB633 ] upnphost C:\WINDOWS\System32\upnphost.dll
15:50:02.0767 4200 upnphost - ok
15:50:02.0793 4200 [ 433ECDE01A52691FA7ACA51C10C09B70 ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
15:50:02.0824 4200 usbccgp - ok
15:50:02.0858 4200 [ B3D6457D841A0CAEF4C52D88621715F2 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
15:50:02.0878 4200 usbcir - ok
15:50:02.0908 4200 [ 5477D6E27C7D266EF8C152B9A25ADE5E ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
15:50:02.0920 4200 usbehci - ok
15:50:02.0941 4200 [ DF56C2C04EFA328D7A66B69007130266 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
15:50:02.0962 4200 usbhub - ok
15:50:02.0983 4200 [ C0E33820326199CE3CFD3B9F27F81D99 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
15:50:03.0006 4200 USBHUB3 - ok
15:50:03.0022 4200 [ 3019097FB6C985EF24C058090FF3BDBD ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
15:50:03.0034 4200 usbohci - ok
15:50:03.0045 4200 [ 4D655E3B684BE9B0F7FFD8A2935C348C ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
15:50:03.0067 4200 usbprint - ok
15:50:03.0098 4200 [ F04D164C4168701A4E7835607722E5F1 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
15:50:03.0146 4200 usbscan - ok
15:50:03.0161 4200 [ B1230E9813B5C7E762DF27756AA23917 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
15:50:03.0175 4200 USBSTOR - ok
15:50:03.0188 4200 [ BA4FA655E0FC577DB7436FC963932CE4 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
15:50:03.0201 4200 usbuhci - ok
15:50:03.0221 4200 [ 18F744E8CCEB2670040EBAF7AD77B8C6 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
15:50:03.0246 4200 usbvideo - ok
15:50:03.0276 4200 [ 3B44CB989757428208CCFCC028C13110 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
15:50:03.0316 4200 USBXHCI - ok
15:50:03.0335 4200 [ F6F209DDB94959BA104FC8FC87C53759 ] VaultSvc C:\WINDOWS\system32\lsass.exe
15:50:03.0347 4200 VaultSvc - ok
15:50:03.0356 4200 [ FEB26E3B8345A7E8D62F945C4AE86562 ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
15:50:03.0367 4200 vdrvroot - ok
15:50:03.0405 4200 [ CFBAD6B48EDFAA0828A52646B7C4C08D ] vds C:\WINDOWS\System32\vds.exe
15:50:03.0493 4200 vds - ok
15:50:03.0506 4200 [ A026EDEAA5EECAE0B08E2748B616D4BD ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
15:50:03.0519 4200 VerifierExt - ok
15:50:03.0548 4200 [ 041D3EF364E624DBB2703A64A5AADF89 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
15:50:03.0573 4200 vhdmp - ok
15:50:03.0615 4200 [ 06D38968028E9AB19DE9B618C7B6D199 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
15:50:03.0636 4200 viaide - ok
15:50:03.0651 4200 [ C6305BDFC4F7CE51F72BB072C03D4ACE ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
15:50:03.0675 4200 vmbus - ok
15:50:03.0690 4200 [ DA40BEA0A863CE768C940CA9723BF81F ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
15:50:03.0713 4200 VMBusHID - ok
15:50:03.0752 4200 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
15:50:03.0771 4200 vmicguestinterface - ok
15:50:03.0780 4200 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
15:50:03.0796 4200 vmicheartbeat - ok
15:50:03.0804 4200 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
15:50:03.0820 4200 vmickvpexchange - ok
15:50:03.0828 4200 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
15:50:03.0844 4200 vmicrdv - ok
15:50:03.0852 4200 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
15:50:03.0868 4200 vmicshutdown - ok
15:50:03.0876 4200 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
15:50:03.0892 4200 vmictimesync - ok
15:50:03.0900 4200 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmicvss C:\WINDOWS\System32\ICSvc.dll
15:50:03.0916 4200 vmicvss - ok
15:50:03.0930 4200 [ 55D7D963DE85162F1C49721E502F9744 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
15:50:03.0941 4200 volmgr - ok
15:50:03.0964 4200 [ CCB9E901F7254BF96D28EB1B0E5329B7 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
15:50:03.0982 4200 volmgrx - ok
15:50:04.0002 4200 [ 9F9CE33B50611A1C61A46B8911E0B30B ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
15:50:04.0022 4200 volsnap - ok
15:50:04.0054 4200 [ 01355C98B5C3ED1EC446743CDA848FCE ] vpci C:\WINDOWS\System32\drivers\vpci.sys
15:50:04.0087 4200 vpci - ok
15:50:04.0103 4200 [ 4539F45F9F4C9757A86A56C949421E07 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
15:50:04.0144 4200 vsmraid - ok
15:50:04.0180 4200 [ D51D7EF1EA5ED2BB01E9D07E6E0533BC ] VSS C:\WINDOWS\system32\vssvc.exe
15:50:04.0262 4200 VSS - ok
15:50:04.0294 4200 [ 0849B7260F26FE05EA56DED0672E2F4B ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
15:50:04.0310 4200 VSTXRAID - ok
15:50:04.0324 4200 [ BE970C369E43B509C1EDA2B8FA7CECB0 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
15:50:04.0336 4200 vwifibus - ok
15:50:04.0353 4200 [ 6B26AD573CCDD5209DF4397438B76354 ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys
15:50:04.0379 4200 vwififlt - ok
15:50:04.0392 4200 [ 0B48E0DFB44EE475F4FD8A8EE599AF30 ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys
15:50:04.0406 4200 vwifimp - ok
15:50:04.0434 4200 [ 7599E582CA3A6AAA95A18FFE1172D339 ] W32Time C:\WINDOWS\system32\w32time.dll
15:50:04.0456 4200 W32Time - ok
15:50:04.0474 4200 [ 0910AB9ED404C1434E2D0376C2AD5D8B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
15:50:04.0486 4200 WacomPen - ok
15:50:04.0536 4200 [ ADC5A921A818633D7CA599446AE1A9BF ] WakeupService C:\Program Files\ASUS\ASUS VivoBook\ASUSWakeupService.exe
15:50:04.0547 4200 WakeupService - ok
15:50:04.0595 4200 [ 92BF4B3EBD6F163B94B7A20C65E7B698 ] wbengine C:\WINDOWS\system32\wbengine.exe
15:50:04.0658 4200 wbengine - ok
15:50:04.0689 4200 [ 58F28103889817C93E5B5AFABC87E709 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
15:50:04.0732 4200 WbioSrvc - ok
15:50:04.0749 4200 [ 772365894F14652D376B2E5030179DC9 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
15:50:04.0782 4200 Wcmsvc - ok
15:50:04.0808 4200 [ D2726823DF7E19F213F4805A9D6D145F ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
15:50:04.0852 4200 wcncsvc - ok
15:50:04.0860 4200 [ 846C02A8B48CBD921A3D6AB521AA0DC4 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
15:50:04.0898 4200 WcsPlugInService - ok
15:50:04.0912 4200 [ 694B28DE12AD47031FFB4B052662131A ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
15:50:04.0926 4200 WdBoot - ok
15:50:04.0962 4200 [ CB6C63FF8342B467E2EF76E98D5B934D ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
15:50:04.0986 4200 Wdf01000 - ok
15:50:05.0024 4200 [ 0B99529A3BECC3528D865DDECB62503B ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
15:50:05.0039 4200 WdFilter - ok
15:50:05.0052 4200 [ 40C67D1A4891120874767F6E6604D6C5 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
15:50:05.0081 4200 WdiServiceHost - ok
15:50:05.0084 4200 [ 40C67D1A4891120874767F6E6604D6C5 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
15:50:05.0103 4200 WdiSystemHost - ok
15:50:05.0118 4200 [ 282E7D46310338FF4A6B7680440EB0DA ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
15:50:05.0131 4200 WdNisDrv - ok
15:50:05.0156 4200 WdNisSvc - ok
15:50:05.0187 4200 [ 6588A957873326361AB1CAC4E76F8394 ] WebClient C:\WINDOWS\System32\webclnt.dll
15:50:05.0272 4200 WebClient - ok
15:50:05.0292 4200 [ 3274312F263882B51B964329FAF49734 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
15:50:05.0329 4200 Wecsvc - ok
15:50:05.0345 4200 [ 7CDD84E0023A0C5C230B06A7965EC65E ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
15:50:05.0368 4200 WEPHOSTSVC - ok
15:50:05.0380 4200 [ AA1315B87D9B2E39584165318A59F15D ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
15:50:05.0416 4200 wercplsupport - ok
15:50:05.0432 4200 [ 22B4C24AB921BFF7827FFBCA1F4E1BB3 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
15:50:05.0461 4200 WerSvc - ok
15:50:05.0486 4200 [ 2E3E82D7B1076B90F4E228A8EF17B261 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
15:50:05.0501 4200 WFPLWFS - ok
15:50:05.0511 4200 [ E06AFE2F94BA7CFA2FE4FD2A449E60E2 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
15:50:05.0528 4200 WiaRpc - ok
15:50:05.0552 4200 [ 867BCC69ED9C31C501465EB0E8BA9DFA ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
15:50:05.0563 4200 WIMMount - ok
15:50:05.0566 4200 WinDefend - ok
15:50:05.0618 4200 [ DD079EC8F44DCA3A176B345C6ADEFB66 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
15:50:05.0654 4200 WinHttpAutoProxySvc - ok
15:50:05.0697 4200 [ 9DB490F3E823C5C3C070644B96CB9D59 ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
15:50:05.0727 4200 Winmgmt - ok
15:50:05.0821 4200 [ 690C3FC5C9DBD6B9AEDF8341EC720E41 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
15:50:05.0894 4200 WinRM - ok
15:50:05.0937 4200 [ AC263C2F66405589528995AA41040599 ] WinUsb C:\WINDOWS\system32\DRIVERS\WinUsb.sys
15:50:05.0962 4200 WinUsb - ok
15:50:06.0003 4200 [ 9378B4E7E4E3EAE2F05823CFFF2C6EF4 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
15:50:06.0052 4200 WlanSvc - ok
15:50:06.0084 4200 [ C2838466CCC44FAEF2C3D4C1E5971ECB ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
15:50:06.0163 4200 wlidsvc - ok
15:50:06.0185 4200 [ 2834D9D3B4F554A39C72F00EA3F0E128 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
15:50:06.0197 4200 WmiAcpi - ok
15:50:06.0235 4200 [ 7AFAC828F52D62F304A911EC32F42EEE ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
15:50:06.0250 4200 wmiApSrv - ok
15:50:06.0266 4200 WMPNetworkSvc - ok
15:50:06.0318 4200 [ E178371E493BF17EB90FE71ABA8BE643 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
15:50:06.0442 4200 workfolderssvc - ok
15:50:06.0467 4200 [ E746BCDBA2E02CF6B8D6B26FB167FBE0 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
15:50:06.0478 4200 wpcfltr - ok
15:50:06.0510 4200 [ 4E6A0F60DA7EF050D3D26417CD4D24E9 ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
15:50:06.0550 4200 WPCSvc - ok
15:50:06.0571 4200 [ D27491CFCE452C154CECFA155AD0EBC8 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
15:50:06.0605 4200 WPDBusEnum - ok
15:50:06.0616 4200 [ 9F2904B55F6CECCD1A8D986B5CE2609A ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
15:50:06.0627 4200 WpdUpFltr - ok
15:50:06.0645 4200 [ AE072B0339D0A18E455DC21666CAD572 ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
15:50:06.0665 4200 ws2ifsl - ok
15:50:06.0682 4200 [ 5CFA46C4ACB2FD70572017052378DAE5 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
15:50:06.0700 4200 wscsvc - ok
15:50:06.0704 4200 WSearch - ok
15:50:06.0772 4200 [ D8E3A4701376CCFD0BE542D745FA4809 ] WSService C:\WINDOWS\System32\WSService.dll
15:50:06.0913 4200 WSService - ok
15:50:06.0983 4200 [ 86D0BF4F792053A50D6EE43DFA5837A5 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
15:50:07.0108 4200 wuauserv - ok
15:50:07.0146 4200 [ 2FEAE33E9B2B56104596E1BA444405A9 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
15:50:07.0199 4200 WudfPf - ok
15:50:07.0213 4200 [ 19240C13F526125554B5370566F21A0A ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
15:50:07.0228 4200 WUDFRd - ok
15:50:07.0234 4200 [ 19240C13F526125554B5370566F21A0A ] WUDFSensorLP C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
15:50:07.0247 4200 WUDFSensorLP - ok
15:50:07.0269 4200 [ BB73CBC65AABC4EA0A5C6A1474A0A743 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
15:50:07.0294 4200 wudfsvc - ok
15:50:07.0300 4200 [ 19240C13F526125554B5370566F21A0A ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
15:50:07.0312 4200 WUDFWpdFs - ok
15:50:07.0318 4200 [ 19240C13F526125554B5370566F21A0A ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
15:50:07.0332 4200 WUDFWpdMtp - ok
15:50:07.0352 4200 [ 2FA9794CA36147756F3FDFD6CA29B46F ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
15:50:07.0397 4200 WwanSvc - ok
15:50:07.0453 4200 [ 03CD249A16CF815FFFD347DC61EF9E6D ] ZAtheros Bt and Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
15:50:07.0461 4200 ZAtheros Bt and Wlan Coex Agent ( UnsignedFile.Multi.Generic ) - warning
15:50:07.0461 4200 ZAtheros Bt and Wlan Coex Agent - detected UnsignedFile.Multi.Generic (1)
15:50:07.0472 4200 ================ Scan global ===============================
15:50:07.0510 4200 [ C89780A6F58D113C28A96D85D1261DC5 ] C:\WINDOWS\system32\basesrv.dll
15:50:07.0535 4200 [ 599F1244C60E3D6C28A8DA7FBA7A2C13 ] C:\WINDOWS\system32\winsrv.dll
15:50:07.0554 4200 [ 9C1833ABD62876856836C5AE55C7CE86 ] C:\WINDOWS\system32\sxssrv.dll
15:50:07.0572 4200 [ B4B610BBCB002EC478C6FD80CF915697 ] C:\WINDOWS\system32\services.exe
15:50:07.0579 4200 [Global] - ok
15:50:07.0580 4200 ================ Scan MBR ==================================
15:50:07.0603 4200 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
15:50:07.0781 4200 \Device\Harddisk0\DR0 - ok
15:50:07.0782 4200 ================ Scan VBR ==================================
15:50:07.0788 4200 [ 6BE38F127CC0B84D64A8D644C35959AE ] \Device\Harddisk0\DR0\Partition1
15:50:07.0790 4200 \Device\Harddisk0\DR0\Partition1 - ok
15:50:07.0832 4200 [ 2E7BC0B2FE512391CFCB32C9BD0FA3E2 ] \Device\Harddisk0\DR0\Partition2
15:50:07.0835 4200 \Device\Harddisk0\DR0\Partition2 - ok
15:50:07.0843 4200 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
15:50:07.0844 4200 \Device\Harddisk0\DR0\Partition3 - ok
15:50:07.0854 4200 [ 53DA52539446343DF00C765B995DDAAA ] \Device\Harddisk0\DR0\Partition4
15:50:07.0856 4200 \Device\Harddisk0\DR0\Partition4 - ok
15:50:07.0881 4200 [ 31FA0D4848F189FAE362A162C6017535 ] \Device\Harddisk0\DR0\Partition5
15:50:07.0883 4200 \Device\Harddisk0\DR0\Partition5 - ok
15:50:07.0891 4200 [ 5F09B10B7C546436536E6490486DD7CA ] \Device\Harddisk0\DR0\Partition6
15:50:07.0894 4200 \Device\Harddisk0\DR0\Partition6 - ok
15:50:07.0921 4200 [ 0FD490F3EEB7E5F79EC263A1DCDFD334 ] \Device\Harddisk0\DR0\Partition7
15:50:07.0925 4200 \Device\Harddisk0\DR0\Partition7 - ok
15:50:07.0930 4200 ============================================================
15:50:07.0930 4200 Scan finished
15:50:07.0930 4200 ============================================================
15:50:07.0953 6932 Detected object count: 2
15:50:07.0953 6932 Actual detected object count: 2
15:50:29.0627 6932 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
15:50:29.0627 6932 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:50:29.0628 6932 ZAtheros Bt and Wlan Coex Agent ( UnsignedFile.Multi.Generic ) - skipped by user
15:50:29.0628 6932 ZAtheros Bt and Wlan Coex Agent ( UnsignedFile.Multi.Generic ) - User select action: Skip

[loser]

Nedotkl ses mě, to je legitimní otázka.

a) Win 7 Pro byly legální, Win 8 (resp. nyní 8.1) jsou legální.

b) Softwarem to podle mě nebude, ani flashka (nepoužívám). Původ bude možná velká síť v kanceláři (už tam nepůsobím), kde byl jeden PC infected, resp. pořád možná je.

c) U Win 7 se objevil (možná se pletu, ale myslím, že ne) hned po reinstallu (aniž bych byl ještě připojen k Wi-Fi), či bych něco někam připojil. Nyní u Win 8 bylo vše v pohodě, až za nějakých 14 dní totéž. Na ploše mi nefunguje zástupce k Chrome. Když na něj kliknu, napíše mi to chybu. Vytvořím nový, funguje jednou a pak totéž. Když ho dám do složky, vše šlape.

Podle mě to dělá tenhle "CMD.exe". U Win 7 mi zase mazal soubory.

Nechce se mi dělat reinstall, tak hledám, jak se toho teď zbavit. Když se neobjeví znovu, bylo to pracovní sítí, když jo, tak budu muset pátrat po jiném zdroji.

Děkuji za tvoji snahu.