Win 32: Rootkit-gen

Zpráva

morar · #1 Příspěvek od **morar** » 16 čer 2014 11:59

Dobrý den,
chci vád poprosit o pomoc s odstraněním havěti. Avast našel sp_rsdrv2.sys, umístění C:\WINDOWS\system 32\drivers a identifikoval jako Win32: Rootkit-gen.
Dále se namůžu zbavit z prohlížeče a z PC - home.sweetim.com/?barid=&src=97&crg=3.1010000.10005&st=23&st=23, pořád se mi to vrací jako domovská stránka ve firefoxu.

Předem děkuji za pomoc.

Přikládám log z RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Standa at 2014-06-16 12:43:09
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 1 GB (2%) free of 76 GB
Total RAM: 1982 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:43:19, on 16.6.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dmwu.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\Program Files\Spyware Terminator\st_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\jmdp\stij.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\S3trayp.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Standa\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Standa.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000. ... 1617D6ED91}
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - (no file)
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O3 - Toolbar: (no name) - {99079a25-328f-4bd4-be04-00955acaa0a7} - (no file)
O3 - Toolbar: (no name) - !{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [S3Trayp] S3trayp.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
O23 - Service: IBUpdaterService - Unknown owner - C:\WINDOWS\system32\dmwu.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files\Spyware Terminator\st_rsser.exe

--
End of file - 7345 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\avast! Emergency Update.job - C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Standa\Data aplikací\Mozilla\Firefox\Profiles\bpdrek2o.default

prefs.js - "browser.startup.homepage" - "http://home.sweetim.com/?barid=&src=10& ... t=23&st=23"
prefs.js - "keyword.URL" - "http://search.sweetim.com/search.asp?sr ... 3&st=23&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\Alwil Software\Avast5\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.214 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

C:\Program Files\Mozilla Firefox\plugins\
np32dsw.dll
ShockwavePlugin.class

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2014-04-27 436600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09 4502400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{99079a25-328f-4bd4-be04-00955acaa0a7}
!{EEE6C35B-6118-11DC-9C72-001320C79847}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"VTTimer"=C:\WINDOWS\system32\VTTimer.exe [2006-09-21 53248]
"S3Trayp"=C:\WINDOWS\system32\S3trayp.exe [2006-10-10 176128]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2010-03-17 19520544]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2007-05-14 644696]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-04-03 1603152]
"SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472]
"OpwareSE4"=C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [2007-02-04 79400]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2014-06-12 3890208]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2012-07-13 17418928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Spyware Terminator\SpywareTerminator.exe"="C:\Program Files\Spyware Terminator\SpywareTerminator.exe:*:Enabled:Spyware Terminator 2012"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Spyware Terminator 2012"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\WINDOWS\system32\msiexec.exe"="C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup"
"C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe"="C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe:*:Enabled:SweetPacksUpdateManager"
"C:\WINDOWS\system32\dmwu.exe"="C:\WINDOWS\system32\dmwu.exe:*:Enabled:dmwu"
"C:\WINDOWS\system32\ARFC\wrtc.exe"="C:\WINDOWS\system32\ARFC\wrtc.exe:*:Enabled:wrtc"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.l3fhg"=mp3fhg.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll

======List of files/folders created in the last 1 month======

2014-06-16 12:41:56 ----D---- C:\rsit
2014-06-16 12:41:56 ----D---- C:\Program Files\trend micro
2014-06-12 23:05:40 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-06-12 22:12:53 ----D---- C:\d2737d8ee9d8224e26fbd3
2014-06-12 20:45:39 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2014-06-12 18:57:03 ----D---- C:\WINDOWS\system32\MRT
2014-06-12 18:55:33 ----A---- C:\WINDOWS\system32\MRT.exe

======List of files/folders modified in the last 1 month======

2014-06-16 12:42:14 ----D---- C:\WINDOWS\Prefetch
2014-06-16 12:41:56 ----RD---- C:\Program Files
2014-06-16 12:23:48 ----D---- C:\WINDOWS\Temp
2014-06-16 12:23:48 ----D---- C:\WINDOWS
2014-06-16 12:15:57 ----D---- C:\Documents and Settings\Standa\Data aplikací\Skype
2014-06-13 17:15:07 ----N---- C:\WINDOWS\SchedLgU.Txt
2014-06-12 23:06:08 ----D---- C:\Documents and Settings\Standa\Data aplikací\Mozilla
2014-06-12 23:05:34 ----D---- C:\Program Files\Mozilla Firefox
2014-06-12 22:53:00 ----D---- C:\WINDOWS\system32
2014-06-12 22:12:51 ----HD---- C:\Config.Msi
2014-06-12 22:12:51 ----D---- C:\Program Files\SweetIM
2014-06-12 22:12:50 ----SHD---- C:\WINDOWS\Installer
2014-06-12 22:12:42 ----RSHDC---- C:\WINDOWS\system32\dllcache
2014-06-12 21:48:51 ----D---- C:\WINDOWS\system32\config
2014-06-12 21:48:31 ----D---- C:\WINDOWS\system32\wbem
2014-06-12 21:48:31 ----D---- C:\WINDOWS\Registration
2014-06-12 20:52:53 ----D---- C:\WINDOWS\system32\CatRoot2
2014-06-12 20:52:44 ----D---- C:\WINDOWS\system32\Restore
2014-06-12 20:47:41 ----SD---- C:\WINDOWS\Tasks
2014-06-12 20:44:06 ----HD---- C:\WINDOWS\inf
2014-06-12 20:27:24 ----D---- C:\WINDOWS\Debug
2014-06-12 18:59:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2014-04-27 49944]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2014-04-27 180632]
R0 gagp30kx;Filtr Microsoft Generic AGPv3.0 pro procesorovou platformu K8; C:\WINDOWS\system32\DRIVERS\gagp30kx.sys [2008-04-14 46464]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-05-07 691696]
R0 videX32;videX32; C:\WINDOWS\system32\DRIVERS\videX32.sys [2006-10-17 9216]
R0 xfilt;VIA SATA IDE Hot-plug Driver; C:\WINDOWS\system32\DRIVERS\xfilt.sys [2006-10-18 17920]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2014-05-15 54832]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2014-05-15 777488]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2014-05-15 411680]
R1 aswTdi;aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [2014-04-27 57672]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 SbFw;SbFw; C:\WINDOWS\system32\drivers\SbFw.sys [2008-10-31 270888]
R1 sbhips;Sunbelt HIPS Driver; C:\WINDOWS\system32\drivers\sbhips.sys [2008-06-21 66600]
R1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2014-04-27 24184]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2014-04-27 67824]
R3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-03-17 5878304]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 S3GIGP;S3GIGP; C:\WINDOWS\system32\DRIVERS\S3gIGPm.sys [2006-11-10 634880]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\WINDOWS\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 aeem7yow;aeem7yow; C:\WINDOWS\system32\drivers\aeem7yow.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-10-28 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-10-28 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-10-28 21568]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM); C:\WINDOWS\system32\DRIVERS\s1039bus.sys [2010-03-15 98672]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s1039mdfl.sys [2010-03-15 14960]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s1039mdm.sys [2010-03-15 124016]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s1039mgmt.sys [2010-03-15 117872]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS); C:\WINDOWS\system32\DRIVERS\s1039nd5.sys [2010-03-15 25456]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s1039obex.sys [2010-03-15 113904]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM); C:\WINDOWS\system32\DRIVERS\s1039unic.sys [2010-03-15 123504]
S3 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-11-12 7168]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2014-04-27 50344]
R2 IBUpdaterService;IBUpdaterService; C:\WINDOWS\system32\dmwu.exe [2014-04-07 1863984]
R2 NMSAccess;NMSAccess; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2010-03-04 71096]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2005-03-14 69632]
R2 SbPF.Launcher;SbPF.Launcher; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-10-31 95528]
R2 Skype C2C Service;Skype C2C Service; C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-09 3275136]
R2 SPF4;Sunbelt Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-10-31 1365288]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files\Spyware Terminator\st_rsser.exe [2012-09-07 587472]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-01-01 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14 257712]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-01-01 136176]
S3 HP Port Resolver;HP Port Resolver; C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE [2005-05-20 81920]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-06 119408]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 16 čer 2014 12:04

Zdravim

Uvolnete volne misto na disku, system se dusi

Odinstalujte Spyware Terminator

Stahnete aswMBR http://public.avast.com/%7Egmerek/aswMBR.exe a ulozte jej na plochu.

Utilitu spustte a prikazte ji, at skenuje - klik na Scan
Kliknutim na Save log ulozte log aswMBR na plochu
Obsah logu aswMBR mi sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

morar · #3 Příspěvek od **morar** » 16 čer 2014 12:30

Obsah logu aswMBR
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2014-06-16 13:23:12
-----------------------------
13:23:12.921 OS Version: Windows 5.1.2600 Service Pack 3
13:23:12.921 Number of processors: 1 586 0x5F02
13:23:12.921 ComputerName: KAKADU-6BB3DFF7 UserName: Standa
13:23:13.281 Initialize success
13:23:16.468 AVAST engine defs: 14061600
13:23:28.640 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
13:23:28.640 Disk 0 Vendor: ST380811AS 3.AAE Size: 76319MB BusType: 3
13:23:28.718 Disk 0 MBR read successfully
13:23:28.718 Disk 0 MBR scan
13:23:28.718 Disk 0 Windows XP default MBR code
13:23:28.718 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 76308 MB offset 63
13:23:28.734 Disk 0 scanning sectors +156280320
13:23:28.812 Disk 0 scanning C:\WINDOWS\system32\drivers
13:23:37.125 Service scanning
13:23:47.140 Service sptd C:\WINDOWS\System32\Drivers\sptd.sys **LOCKED** 32
13:23:49.718 Modules scanning
13:23:55.000 Disk 0 trace - called modules:
13:23:55.031 ntkrnlpa.exe CLASSPNP.SYS disk.sys xfilt.sys ACPI.sys hal.dll atapi.sys spvf.sys >>UNKNOWN [0x89d84938]<<
13:23:55.031 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x89d08ab8]
13:23:55.031 3 CLASSPNP.SYS[ba0e8fd7] -> nt!IofCallDriver -> [0x89de04b0]
13:23:55.031 5 xfilt.sys[ba0f9046] -> nt!IofCallDriver -> \Device\0000006b[0x89dcf1a8]
13:23:55.046 7 ACPI.sys[b9e74620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x89ccc940]
13:23:55.593 AVAST engine scan C:\WINDOWS
13:24:01.687 AVAST engine scan C:\WINDOWS\system32
13:25:49.578 AVAST engine scan C:\WINDOWS\system32\drivers
13:26:00.437 AVAST engine scan C:\Documents and Settings\Standa
13:28:04.968 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Standa\Plocha\MBR.dat"
13:28:04.968 The log file has been saved successfully to "C:\Documents and Settings\Standa\Plocha\aswMBR.txt"

A jdu na ten druhý scan

Omlouvám se scan ještě nedoběhl.
Dám sem až bude celý.

morar · #4 Příspěvek od **morar** » 16 čer 2014 12:41

Dávám log z aswMBR. snad už je to celé, ale zdá se že scan už dojel.

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2014-06-16 13:23:12
-----------------------------
13:23:12.921 OS Version: Windows 5.1.2600 Service Pack 3
13:23:12.921 Number of processors: 1 586 0x5F02
13:23:12.921 ComputerName: KAKADU-6BB3DFF7 UserName: Standa
13:23:13.281 Initialize success
13:23:16.468 AVAST engine defs: 14061600
13:23:28.640 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
13:23:28.640 Disk 0 Vendor: ST380811AS 3.AAE Size: 76319MB BusType: 3
13:23:28.718 Disk 0 MBR read successfully
13:23:28.718 Disk 0 MBR scan
13:23:28.718 Disk 0 Windows XP default MBR code
13:23:28.718 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 76308 MB offset 63
13:23:28.734 Disk 0 scanning sectors +156280320
13:23:28.812 Disk 0 scanning C:\WINDOWS\system32\drivers
13:23:37.125 Service scanning
13:23:47.140 Service sptd C:\WINDOWS\System32\Drivers\sptd.sys **LOCKED** 32
13:23:49.718 Modules scanning
13:23:55.000 Disk 0 trace - called modules:
13:23:55.031 ntkrnlpa.exe CLASSPNP.SYS disk.sys xfilt.sys ACPI.sys hal.dll atapi.sys spvf.sys >>UNKNOWN [0x89d84938]<<
13:23:55.031 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x89d08ab8]
13:23:55.031 3 CLASSPNP.SYS[ba0e8fd7] -> nt!IofCallDriver -> [0x89de04b0]
13:23:55.031 5 xfilt.sys[ba0f9046] -> nt!IofCallDriver -> \Device\0000006b[0x89dcf1a8]
13:23:55.046 7 ACPI.sys[b9e74620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x89ccc940]
13:23:55.593 AVAST engine scan C:\WINDOWS
13:24:01.687 AVAST engine scan C:\WINDOWS\system32
13:25:49.578 AVAST engine scan C:\WINDOWS\system32\drivers
13:26:00.437 AVAST engine scan C:\Documents and Settings\Standa
13:28:04.968 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Standa\Plocha\MBR.dat"
13:28:04.968 The log file has been saved successfully to "C:\Documents and Settings\Standa\Plocha\aswMBR.txt"
13:39:08.765 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Standa\Plocha\MBR.dat"
13:39:08.765 The log file has been saved successfully to "C:\Documents and Settings\Standa\Plocha\aswMBR.txt"
13:40:59.828 AVAST engine scan C:\Documents and Settings\All Users
13:42:37.453 Scan finished successfully
13:42:54.484 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Standa\Plocha\MBR.dat"
13:42:54.500 The log file has been saved successfully to "C:\Documents and Settings\Standa\Plocha\aswMBR.txt"
13:43:49.156 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Standa\Plocha\MBR.dat"
13:43:49.156 The log file has been saved successfully to "C:\Documents and Settings\Standa\Plocha\aswMBR.txt"

morar · #5 Příspěvek od **morar** » 16 čer 2014 12:54

Tady je scan z AdwCleaner

# AdwCleaner v3.212 - Report created 16/06/2014 at 13:48:13
# Updated 05/06/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Standa - KAKADU-6BB3DFF7
# Running from : C:\Documents and Settings\Standa\Plocha\adwcleaner_3.212.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : IBUpdaterService

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\iLivid
Folder Deleted : C:\Program Files\SweetIM
Folder Deleted : C:\WINDOWS\system32\ARFC
Folder Deleted : C:\WINDOWS\system32\jmdp
Folder Deleted : C:\WINDOWS\system32\WNLT
Folder Deleted : C:\Documents and Settings\Standa\Local Settings\Data aplikací\Ilivid Player
Folder Deleted : C:\Documents and Settings\Standa\AppData\LocalLow\DataMngr
Folder Deleted : C:\Documents and Settings\Standa\Data aplikací\searchquband
[!] Folder Deleted : C:\Documents and Settings\Standa\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
File Deleted : C:\WINDOWS\system32\dmwu.exe
File Deleted : C:\WINDOWS\system32\ImhxxpComm.dll
File Deleted : C:\DOCUME~1\Standa\LOCALS~1\Temp\searchqutoolbar-manifest.xml
File Deleted : C:\Documents and Settings\Standa\AppData\LocalLow\SkwConfig.bin

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Deleted : HKLM\SOFTWARE\Classes\ilivid
Key Deleted : HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{99079A25-328F-4BD4-BE04-00955ACAA0A7}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\WINDOWS\system32\ARFC\wrtc.exe]
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\dt soft\daemon tools toolbar
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\SweetIM
Key Deleted : HKCU\Software\WNLT
Key Deleted : HKLM\Software\ilivid
Key Deleted : HKLM\Software\SweetIM
Key Deleted : HKLM\Software\WNLT
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WNLT
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ilivid
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WNLT

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v30.0 (cs)

[ File : C:\Documents and Settings\Standa\Data aplikací\Mozilla\Firefox\Profiles\bpdrek2o.default\prefs.js ]

Line Deleted : user_pref("browser.newtab.url", "hxxp://home.sweetim.com/?barid=&src=97&crg=3.1010000.10005&st=23&st=23");

-\\ Google Chrome v35.0.1916.153

[ File : C:\Documents and Settings\Standa\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]

Deleted [Homepage] : hxxp://home.sweetim.com/?barid=&src=10&crg=3.1010000.10005&st=23&st=23
Deleted [Extension] : ogccgbmabaphcakpiclgcnmcnimhokcj

*************************

AdwCleaner[R0].txt - [5946 octets] - [16/06/2014 13:46:24]
AdwCleaner[S0].txt - [5902 octets] - [16/06/2014 13:48:13]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5962 octets] ##########

#6 Příspěvek od **vyosek** » 16 čer 2014 15:04

Nasledujici soubory otestujte na VirusTotalu https://www.virustotal.com/cs/

C:\Documents and Settings\Standa\Plocha\MBR.dat
Kliknete na Choose file
Soubor nehledejte, jen vlozte cestu souboru, ktery chci otestovat
Kliknete na Scan It
Pokud na Vas vyskoci obrazovka jako je nize, tak kliknete na ReAnalyse
Vysledek analyzy sem vlozte (jako odkaz)

Stahnete si TDSSKiller http://media.kaspersky.com/utilities/Vi ... killer.exe

Po spusteni odsouhlaste licencni podminky (klik na Accept)
Kliknete na volbu Change parametrs
V okne Additional Option zakliknete vsechny moznosti
Kliknete na OK
Utilite prikazte, at skenuje - klik na Start Scan
Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip
Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip
Pokud mate vsude Skip, kliknete na Continue
Na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt bude log - jeho obsah sem vlozte

morar · #7 Příspěvek od **morar** » 17 čer 2014 15:37

odkaz na analýzu z virustotal
https://www.virustotal.com/cs/file/f25e ... 403015630/

morar · #8 Příspěvek od **morar** » 17 čer 2014 15:50

Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip -

žádné okno se po dokončení skenu neobjevilo.

Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip - nebylo jak
Pokud mate vsude Skip, kliknete na Continue - nebylo jak

Log z TDSSKiller

16:38:02.0953 0x0fec TDSS rootkit removing tool 3.0.0.39 Jun 5 2014 20:35:54
16:38:13.0609 0x0fec ============================================================
16:38:13.0609 0x0fec Current date / time: 2014/06/17 16:38:13.0609
16:38:13.0609 0x0fec SystemInfo:
16:38:13.0609 0x0fec
16:38:13.0609 0x0fec OS Version: 5.1.2600 ServicePack: 3.0
16:38:13.0609 0x0fec Product type: Workstation
16:38:13.0609 0x0fec ComputerName: KAKADU-6BB3DFF7
16:38:13.0609 0x0fec UserName: Standa
16:38:13.0609 0x0fec Windows directory: C:\WINDOWS
16:38:13.0609 0x0fec System windows directory: C:\WINDOWS
16:38:13.0609 0x0fec Processor architecture: Intel x86
16:38:13.0609 0x0fec Number of processors: 1
16:38:13.0609 0x0fec Page size: 0x1000
16:38:13.0609 0x0fec Boot type: Normal boot
16:38:13.0609 0x0fec ============================================================
16:38:14.0953 0x0fec KLMD registered as C:\WINDOWS\system32\drivers\45563934.sys
16:38:15.0171 0x0fec System UUID: {AA5CC67A-C750-E8AE-4532-5F67173AC68A}
16:38:16.0312 0x0fec Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 ( 74.53 Gb ), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
16:38:16.0328 0x0fec ============================================================
16:38:16.0328 0x0fec \Device\Harddisk0\DR0:
16:38:16.0328 0x0fec MBR partitions:
16:38:16.0328 0x0fec \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950A5C1
16:38:16.0328 0x0fec ============================================================
16:38:16.0343 0x0fec C: <-> \Device\Harddisk0\DR0\Partition1
16:38:16.0343 0x0fec ============================================================
16:38:16.0343 0x0fec Initialize success
16:38:16.0343 0x0fec ============================================================
16:39:05.0562 0x08a4 ============================================================
16:39:05.0562 0x08a4 Scan started
16:39:05.0562 0x08a4 Mode: Manual; SigCheck; TDLFS;
16:39:05.0562 0x08a4 ============================================================
16:39:05.0562 0x08a4 KSN ping started
16:39:08.0218 0x08a4 KSN ping finished: true
16:39:08.0640 0x08a4 ================ Scan system memory ========================
16:39:08.0640 0x08a4 System memory - ok
16:39:08.0640 0x08a4 ================ Scan services =============================
16:39:08.0750 0x08a4 Abiosdsk - ok
16:39:08.0750 0x08a4 abp480n5 - ok
16:39:08.0796 0x08a4 [ 4FE34F1F3126B61FCC6B2043AA8112C9, DE370865E47A5D2A4B227EEFFB42384F67F08D622BF936A9C9CEF70CC47F324B ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
16:39:09.0828 0x08a4 ACPI - ok
16:39:09.0875 0x08a4 [ AFDFF022A01F0B11C776F0860C3B282F, 135E5257B62D921B76271014301E9EA1E2383D5DBB04E475DC3A7EFFD2561F56 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
16:39:10.0046 0x08a4 ACPIEC - ok
16:39:10.0109 0x08a4 [ 09E7C37DF4A911C8A9AA8BF88ACD10AA, E881E0BBDCED58F28E0BA8DC27372EDFFFF2C57EE31CD13A032FDC9F7C831B5A ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:39:10.0156 0x08a4 AdobeFlashPlayerUpdateSvc - ok
16:39:10.0156 0x08a4 adpu160m - ok
16:39:10.0203 0x08a4 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
16:39:10.0406 0x08a4 aec - ok
16:39:10.0437 0x08a4 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
16:39:10.0468 0x08a4 AFD - ok
16:39:10.0484 0x08a4 Aha154x - ok
16:39:10.0500 0x08a4 aic78u2 - ok
16:39:10.0500 0x08a4 aic78xx - ok
16:39:10.0531 0x08a4 [ E0A6FA244B8624D78FE5FF6F56A33BAE, 26B828FDB03AE4A4F1DC7A1792F9BAD69CF947897D47F5E567F24F4B6D5CB541 ] Alerter C:\WINDOWS\system32\alrsvc.dll
16:39:10.0687 0x08a4 Alerter - ok
16:39:10.0718 0x08a4 [ 88842DE939A827577BF24243699AC80A, A49C9A6A9941F3A2FBBCFE1F6DB48B632739D00670AC98ECCCBC7FD9E786B21A ] ALG C:\WINDOWS\System32\alg.exe
16:39:10.0796 0x08a4 ALG - ok
16:39:10.0812 0x08a4 AliIde - ok
16:39:10.0921 0x08a4 [ 267FC636801EDC5AB28E14036349E3BE, CFEF5DF5F9BE820283376BB86DB3CF6609C02D316A742E17459A2BFA42E724E0 ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys
16:39:11.0109 0x08a4 Ambfilt - ok
16:39:11.0125 0x08a4 amsint - ok
16:39:11.0156 0x08a4 [ 6B8E7A90E576D4FE308F97C69060A171, 6CE49BC78715737D78E05DECAC23E26A5672ACD2CF3D10154FEA9D47B318D47C ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
16:39:11.0265 0x08a4 AppMgmt - ok
16:39:11.0281 0x08a4 asc - ok
16:39:11.0281 0x08a4 asc3350p - ok
16:39:11.0296 0x08a4 asc3550 - ok
16:39:11.0375 0x08a4 [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
16:39:11.0406 0x08a4 aspnet_state - ok
16:39:11.0437 0x08a4 [ 4D6C6E0505A8E5A0656DCB223497D37C, 7F9457AF4B6E4FC6C4F77BD39DB5EB5520C44D22974B9781EA0F984D6830637C ] aswHwid C:\WINDOWS\system32\drivers\aswHwid.sys
16:39:11.0453 0x08a4 aswHwid - ok
16:39:11.0500 0x08a4 [ 1A2CC93BBD77C2D95A7567938D7D7239, DD082ACA011DA63CC1A69BAD8C42B9DA3A9975194D87B5584A39C91ED92341E3 ] aswMonFlt C:\WINDOWS\system32\drivers\aswMonFlt.sys
16:39:11.0515 0x08a4 aswMonFlt - ok
16:39:11.0546 0x08a4 [ FFB1BDC9CAF255019D678DB5BEDAF0F0, 5FBCD3F2AFFB25EB717B913E709EFBEEAC6520B910B8AC11BF830A5B7E33F797 ] aswRdr C:\WINDOWS\system32\drivers\aswRdr.sys
16:39:11.0578 0x08a4 aswRdr - ok
16:39:11.0593 0x08a4 [ 24B3BDA01DB3A704E33A5266C7B52DAF, FB2555504570E8FD6AA251BE9D05EDC2B73596EF830384130556EC64E518FE65 ] aswRvrt C:\WINDOWS\system32\drivers\aswRvrt.sys
16:39:11.0625 0x08a4 aswRvrt - ok
16:39:11.0687 0x08a4 [ D13182758BAC9B4996D592E7684C9267, 8CDF8F3962659A6F3AE77AD9A4982E2D754E0DE3610BE26985444A4DCCDF181A ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
16:39:11.0734 0x08a4 aswSnx - ok
16:39:11.0765 0x08a4 [ D1A68A33B082FA1C7087CE54A7923D90, 9B776122078044A1336D0E7C5F3F016BC7196571DBF379F804AF70C49D642714 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
16:39:11.0812 0x08a4 aswSP - ok
16:39:11.0843 0x08a4 [ AF01CD260A9EF60B09029C9F5EF99040, C74A94598DC8DBD3AB13E43A60ED12698A121332446867FC3B75745626E0B7CB ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
16:39:11.0875 0x08a4 aswTdi - ok
16:39:11.0890 0x08a4 [ B2D7EE52633CA8831DDAFCA81C2D46C3, 017C6C376520380F29AF465F1464C3652D421C4B873B7AC2647498F356032361 ] aswVmm C:\WINDOWS\system32\drivers\aswVmm.sys
16:39:11.0937 0x08a4 aswVmm - ok
16:39:11.0968 0x08a4 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
16:39:12.0125 0x08a4 AsyncMac - ok
16:39:12.0171 0x08a4 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
16:39:12.0328 0x08a4 atapi - ok
16:39:12.0343 0x08a4 Atdisk - ok
16:39:12.0375 0x08a4 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
16:39:12.0546 0x08a4 Atmarpc - ok
16:39:12.0593 0x08a4 [ DE31B88962A8645DBA5A37B993E7B0F1, CA93F25A3FD0CE68BB9B8E3AB6B813BF38DE3EDDFC990291B3957FAA59B2B274 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
16:39:12.0765 0x08a4 AudioSrv - ok
16:39:12.0796 0x08a4 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
16:39:12.0984 0x08a4 audstub - ok
16:39:13.0062 0x08a4 [ 37D17AE2936867F88EB3C4CBCBC6B8A1, E1F4D288CE1E5482A5594C8F9EEDE1E8134466F5E0C7DA32D88985497CD8588B ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
16:39:13.0078 0x08a4 avast! Antivirus - ok
16:39:13.0125 0x08a4 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
16:39:13.0281 0x08a4 Beep - ok
16:39:13.0328 0x08a4 [ 19395D092FD85DDC2D9C7729CF5A2AC8, 7640F36BA19698EE8A6257BF78A8C57DD9D734BED9CA6BB9B68603BAEA092412 ] BITS C:\WINDOWS\system32\qmgr.dll
16:39:13.0593 0x08a4 BITS - ok
16:39:13.0640 0x08a4 [ 89E739BBA5F636297EA5B5F811189E06, 151B32B12F5DD0D388134DA2471FE9741CF22B9C408DA58FEF8019D3C4EC836B ] Browser C:\WINDOWS\System32\browser.dll
16:39:13.0656 0x08a4 Browser - ok
16:39:13.0703 0x08a4 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
16:39:13.0890 0x08a4 cbidf2k - ok
16:39:13.0890 0x08a4 cd20xrnt - ok
16:39:13.0921 0x08a4 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
16:39:14.0093 0x08a4 Cdaudio - ok
16:39:14.0125 0x08a4 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
16:39:14.0296 0x08a4 Cdfs - ok
16:39:14.0343 0x08a4 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
16:39:14.0531 0x08a4 Cdrom - ok
16:39:14.0531 0x08a4 Changer - ok
16:39:14.0562 0x08a4 [ E390DC1D7C461D7D56EC53402F329928, FB37F84E71353CD83FCDDD39C898C6D84C05130C5F1BEF022E3DFDE160398C0E ] CiSvc C:\WINDOWS\system32\cisvc.exe
16:39:14.0718 0x08a4 CiSvc - ok
16:39:14.0718 0x08a4 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA, 1725067BC759484A7185A4F1A44ED3CBE481529D187FE98EF279425B79177EB1 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
16:39:14.0921 0x08a4 ClipSrv - ok
16:39:14.0953 0x08a4 [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:39:15.0015 0x08a4 clr_optimization_v2.0.50727_32 - ok
16:39:15.0015 0x08a4 CmdIde - ok
16:39:15.0031 0x08a4 COMSysApp - ok
16:39:15.0046 0x08a4 Cpqarray - ok
16:39:15.0078 0x08a4 [ F3AB0933CBD166D271992F411C27CCAF, 50E01F3B058F814BE914FA5050B2D972E8584A467719A5ABCF9D9EBD596A54A7 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
16:39:15.0250 0x08a4 CryptSvc - ok
16:39:15.0265 0x08a4 dac2w2k - ok
16:39:15.0265 0x08a4 dac960nt - ok
16:39:15.0312 0x08a4 [ BE27674D1CBC3214AEC84B4336A38BBF, 3DF5F9A9E97595A61314B2731DF4F3D3C19D1B9D2291624A63B8E1861FFC2D76 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
16:39:15.0406 0x08a4 DcomLaunch - ok
16:39:15.0453 0x08a4 [ 8C9A53E285AC5E6704844D0459EC85BE, 9E86AF4C06CEC007C9B1590B6E056319603E4D79BED0C2471C6F1BC251B380CF ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
16:39:15.0640 0x08a4 Dhcp - ok
16:39:15.0656 0x08a4 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
16:39:15.0875 0x08a4 Disk - ok
16:39:15.0875 0x08a4 dmadmin - ok
16:39:15.0937 0x08a4 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C, 46074FBBC5E4A40A7B3A45636089DEDD2A619778C7DCD797571C2BB64D775F7E ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
16:39:16.0203 0x08a4 dmboot - ok
16:39:16.0234 0x08a4 [ FFF1720AF51171F32F1EAD5CF71F2810, 2E40D63DC7670C1E88A532DB8923A98ABC8481C351C4D915C2753E10BA77F36D ] dmio C:\WINDOWS\system32\drivers\dmio.sys
16:39:16.0453 0x08a4 dmio - ok
16:39:16.0484 0x08a4 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
16:39:16.0656 0x08a4 dmload - ok
16:39:16.0671 0x08a4 [ 2BFEFE9E865655A76982F050450B9591, 15C7D093D638770519AA43E7D8897310F32AB1F217027F5750D799494A985C35 ] dmserver C:\WINDOWS\System32\dmserver.dll
16:39:16.0875 0x08a4 dmserver - ok
16:39:16.0921 0x08a4 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
16:39:17.0218 0x08a4 DMusic - ok
16:39:17.0250 0x08a4 [ DFAA406BF19F4EE806A6F8D4342137F7, EE2C11B3E37565FC009E323607B2F5F148F9219012EDF848CEFC1B273DAA98A9 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
16:39:17.0265 0x08a4 Dnscache - ok
16:39:17.0312 0x08a4 [ 4A3E2BD20157A0946751229E92EB8621, D8C00CC2C18C517F7262EBC3C511C062E5ABA797056AEB22AC5DEB306BA8C526 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
16:39:17.0500 0x08a4 Dot3svc - ok
16:39:17.0515 0x08a4 dpti2o - ok
16:39:17.0531 0x08a4 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
16:39:17.0703 0x08a4 drmkaud - ok
16:39:17.0734 0x08a4 [ 0887D9C2BE8D940778CAD1E3B85F2A41, 2E30DC06D46A5E174B7CAA2D70BDB697015495942572E90425E2EE7AC541BCF4 ] EapHost C:\WINDOWS\System32\eapsvc.dll
16:39:17.0937 0x08a4 EapHost - ok
16:39:17.0984 0x08a4 [ A2A4912798F2BE706ABADD3D30800D16, CCCCA389D22525D984DE9B59E4CEBE0EEEF315F725176EB5C4DC1A5B6157234A ] ERSvc C:\WINDOWS\System32\ersvc.dll
16:39:18.0156 0x08a4 ERSvc - ok
16:39:18.0203 0x08a4 [ 9EF697AF07BB8DD82C3B02CA953A95B7, F26033E660B8FF1BDB9E88CDA205CE128C03138AF6BEC05DB3CF2D95C16D86C6 ] Eventlog C:\WINDOWS\system32\services.exe
16:39:18.0234 0x08a4 Eventlog - ok
16:39:18.0265 0x08a4 [ A371F11EF07653591C8DE26AFB13CE7F, 1192EDC8B146F1C27E8CD7E126DDC044F8B368C2E891A90CD81620D48C9550B6 ] EventSystem C:\WINDOWS\system32\es.dll
16:39:18.0328 0x08a4 EventSystem - ok
16:39:18.0375 0x08a4 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
16:39:18.0546 0x08a4 Fastfat - ok
16:39:18.0578 0x08a4 [ EE9A2B9EA968A792A053C9D1A86BF870, 39798179F2EA42216CBE98F08ADA3675A87BD0C31A66534367B96CB129AF36BA ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
16:39:18.0625 0x08a4 FastUserSwitchingCompatibility - ok
16:39:18.0656 0x08a4 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
16:39:18.0828 0x08a4 Fdc - ok
16:39:18.0859 0x08a4 [ E9648254056BCE81A85380C0C3647DC4, AE58F498BD1C33360FE3BB9EA22C13EA562206B68E7946B587CB5A6DF94586A1 ] FETNDIS C:\WINDOWS\system32\DRIVERS\fetnd5.sys
16:39:19.0015 0x08a4 FETNDIS - ok
16:39:19.0046 0x08a4 [ AC366695A0796560AA37215AD5762AAF, 6ADC7443EA42D77199D4879AF3C33A07914116C69A34B895D8CB8444EE50077F ] Fips C:\WINDOWS\system32\drivers\Fips.sys
16:39:19.0203 0x08a4 Fips - ok
16:39:19.0250 0x08a4 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
16:39:19.0390 0x08a4 Flpydisk - ok
16:39:19.0437 0x08a4 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
16:39:19.0609 0x08a4 FltMgr - ok
16:39:19.0671 0x08a4 [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
16:39:19.0703 0x08a4 FontCache3.0.0.0 - ok
16:39:19.0718 0x08a4 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:39:19.0875 0x08a4 Fs_Rec - ok
16:39:19.0921 0x08a4 [ 4E664D8541DB4A66B73A24257E322E1F, 17A2140AFE2B41E579FCCAFB82532853AD90A6EDBCB13DE80741DAE0AD5B4CC9 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
16:39:20.0093 0x08a4 Ftdisk - ok
16:39:20.0109 0x08a4 [ 3A74C423CF6BCCA6982715878F450A3B, A98D6D377B48D05BE3927F6E93D0DE7741E115C43125C0E0DE6EEFE023DE73BC ] gagp30kx C:\WINDOWS\system32\DRIVERS\gagp30kx.sys
16:39:20.0281 0x08a4 gagp30kx - ok
16:39:20.0312 0x08a4 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
16:39:20.0468 0x08a4 Gpc - ok
16:39:20.0546 0x08a4 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
16:39:20.0578 0x08a4 gupdate - ok
16:39:20.0609 0x08a4 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
16:39:20.0625 0x08a4 gupdatem - ok
16:39:20.0671 0x08a4 [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
16:39:20.0828 0x08a4 HDAudBus - ok
16:39:20.0890 0x08a4 [ FCFE31FB75F8A6295B6B0AF87A626282, 6BA385797DBC73EB29EFE3293B80C21B1B8A1E9B87A462476E73C526C9565E5F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
16:39:21.0062 0x08a4 helpsvc - ok
16:39:21.0062 0x08a4 [ 00E25EE90166B3E1BE6E74AEBF858306, 92C2F020EF14DE3B4F09E2C5DFF3D2F35D8C50F6D0188F9CEEFE3B6075602EFE ] HidServ C:\WINDOWS\System32\hidserv.dll
16:39:21.0234 0x08a4 HidServ - ok
16:39:21.0265 0x08a4 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
16:39:21.0406 0x08a4 hidusb - ok
16:39:21.0453 0x08a4 [ 7A6B320928F86BC851530D63C82965D9, 1F628759D31098DFBC05244735B5A62ACD8E45DBC5C9D236260D68EB8F1E28F5 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
16:39:21.0625 0x08a4 hkmsvc - ok
16:39:21.0703 0x08a4 [ C5F00D15AA15CB7F55A027FF75E44BB7, A266FA9B4333CE35C74BD0F9920CC475545F9A597300F3738F7FE4AB7475321E ] HP Port Resolver C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
16:39:21.0765 0x08a4 HP Port Resolver - ok
16:39:21.0781 0x08a4 hpn - ok
16:39:21.0812 0x08a4 [ 30CA91E657CEDE2F95359D6EF186F650, 6BBAFBE50E7819695A79586A086A9952B737E174BA2C63C1F180D97EC4AABA4B ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
16:39:21.0843 0x08a4 HPZid412 - ok
16:39:21.0875 0x08a4 [ EFD31AFA752AA7C7BBB57BCBE2B01C78, AC671CEE9F8DD9FE6C51069212AEB1736BB914361D4185D1E87068D244BF2B7A ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
16:39:21.0906 0x08a4 HPZipr12 - ok
16:39:21.0953 0x08a4 [ 7AC43C38CA8FD7ED0B0A4466F753E06E, B4D44B366170D247E0145B9435CC678BEE2A2A42CFF7B485E077B3B582557B5A ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
16:39:21.0984 0x08a4 HPZius12 - ok
16:39:22.0031 0x08a4 [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
16:39:22.0062 0x08a4 HTTP - ok
16:39:22.0125 0x08a4 [ 58FE2F2DA3BC5573F4A35B3760D3125F, B241ACCE426402EC64DC34C49CECB8CDC0851986D54BFCCED7040D6C43F5787A ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
16:39:22.0296 0x08a4 HTTPFilter - ok
16:39:22.0312 0x08a4 i2omgmt - ok
16:39:22.0312 0x08a4 i2omp - ok
16:39:22.0328 0x08a4 [ C528E27945367191E7BAE364930B6932, 1B95C7B49B4CAE734DC6C9EC22555C5356EEC856B8491C761C777479264CF854 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
16:39:22.0484 0x08a4 i8042prt - ok
16:39:22.0578 0x08a4 [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:39:22.0671 0x08a4 idsvc - ok
16:39:22.0687 0x08a4 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
16:39:22.0843 0x08a4 Imapi - ok
16:39:22.0890 0x08a4 [ F7B93AAFAD33B2320954C17E26C8D361, 8CFDB11A68B59E195F280BE08B25FA59F1F70833832919B8BECCE17616999934 ] ImapiService C:\WINDOWS\system32\imapi.exe
16:39:23.0062 0x08a4 ImapiService - ok
16:39:23.0078 0x08a4 ini910u - ok
16:39:23.0375 0x08a4 [ C472FC1D265346E9500095F88A0345F9, 7BA3701EA9F59391ED9959C8576E710C1258CEFE7CC9EA1B3E985BE28B921888 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
16:39:23.0718 0x08a4 IntcAzAudAddService - ok
16:39:23.0734 0x08a4 IntelIde - ok
16:39:23.0796 0x08a4 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
16:39:23.0953 0x08a4 Ip6Fw - ok
16:39:24.0000 0x08a4 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:39:24.0140 0x08a4 IpFilterDriver - ok
16:39:24.0171 0x08a4 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
16:39:24.0359 0x08a4 IpInIp - ok
16:39:24.0390 0x08a4 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
16:39:24.0593 0x08a4 IpNat - ok
16:39:24.0625 0x08a4 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
16:39:24.0781 0x08a4 IPSec - ok
16:39:24.0828 0x08a4 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
16:39:24.0906 0x08a4 IRENUM - ok
16:39:24.0953 0x08a4 [ CC9F8A2D60AED1A51A3AC34C59B987AE, CBF69817BE3D9A4617390B1A3306074CB8581F21562CD1357D32BC3E542F3CEE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
16:39:25.0078 0x08a4 isapnp - ok
16:39:25.0125 0x08a4 [ 1B6162FE7F66B1A71A4B70F941C4AA9B, C2EA494BAB0513A6027414FB1E75834F980A77852D0DC8559E8942FC222A075A ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
16:39:25.0265 0x08a4 Kbdclass - ok
16:39:25.0296 0x08a4 [ 86C8F23616C6C6E5B2776901C17B945B, 211B63FC405A2DDB126D204D61E779D66C7211882CC0374521926C633E180B91 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
16:39:25.0421 0x08a4 kbdhid - ok
16:39:25.0453 0x08a4 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
16:39:25.0609 0x08a4 kmixer - ok
16:39:25.0640 0x08a4 [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
16:39:25.0687 0x08a4 KSecDD - ok
16:39:25.0718 0x08a4 [ 3428E8F86F8ADD36B42FB23542C7B3E4, 9CF643D1A70AF08407ACD5FD6FE4B8777521DDF41B5E63C2E6E1E4CAAC69A403 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
16:39:25.0750 0x08a4 LanmanServer - ok
16:39:25.0781 0x08a4 [ 936C1D110232D23B621CB0196E4F80F0, 2DE3AF93E20F1DC7A6FF31B18054EA4D2350387E4DA91C4B16D451384F0C57E2 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
16:39:25.0843 0x08a4 lanmanworkstation - ok
16:39:25.0843 0x08a4 lbrtfdc - ok
16:39:25.0890 0x08a4 [ 0AB159F536E3E8F7F07113702A07CCA5, 3218C553183E6697C663B6D12790E09756B50505590858DD5AC62411D37CDD7C ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
16:39:26.0046 0x08a4 LmHosts - ok
16:39:26.0078 0x08a4 [ 221CD1C815B8A6B79389C3F5D1018DE8, 6D0D25D6669C4F9452F74EC72C6138A41D9408E01AF5FD01C08F27BE7BC9C905 ] Messenger C:\WINDOWS\System32\msgsvc.dll
16:39:26.0234 0x08a4 Messenger - ok
16:39:26.0265 0x08a4 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
16:39:26.0390 0x08a4 mnmdd - ok
16:39:26.0515 0x08a4 [ 9A57D046F88F4B69751B11FD40088A61, 62F65433024CE411F111A88723747B8A83B31076FBAF4CFF40FD02A53D7FF7DF ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
16:39:26.0656 0x08a4 mnmsrvc - ok
16:39:26.0703 0x08a4 [ 44032B0C6D9954D3FD26438330B99EE7, A49749A4C00D50F57170AA5DA9E2DEECC8C524A48B144C8B784894F2C202FBEE ] Modem C:\WINDOWS\system32\drivers\Modem.sys
16:39:26.0828 0x08a4 Modem - ok
16:39:26.0921 0x08a4 [ C7D9F9717916B34C1B00DD4834AF485C, A9512A03E8142C83534189963F90ADA6FA425BD606928C40C3D724177105A658 ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys
16:39:27.0046 0x08a4 Monfilt - ok
16:39:27.0078 0x08a4 [ 4CB582831DBDE63CE43B45D771218374, 6D470B26197C5B388983D9213D48D2CDE934C9591572876DC7790FE4B59E0845 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
16:39:27.0218 0x08a4 Mouclass - ok
16:39:27.0234 0x08a4 [ BB269EBA740737AB749B214D568B6812, ABF41D9B521EBBE674E76981CAD31F8FD05976DE7070266C3956FDB67C83C4C2 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
16:39:27.0390 0x08a4 mouhid - ok
16:39:27.0421 0x08a4 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
16:39:27.0578 0x08a4 MountMgr - ok
16:39:27.0625 0x08a4 [ 26EA1DAD601EE3ACAC301D66F07BA219, C9594BB15D53D4AC2156CCCD2DB65B2C20620F1F60DA85F48D1586FC10028096 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
16:39:27.0640 0x08a4 MozillaMaintenance - ok
16:39:27.0656 0x08a4 mraid35x - ok
16:39:27.0687 0x08a4 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
16:39:27.0843 0x08a4 MRxDAV - ok
16:39:27.0906 0x08a4 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:39:27.0953 0x08a4 MRxSmb - ok
16:39:28.0000 0x08a4 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D, 78D63EE2C0B0852F0771071C099643242EBC9F4DA28847B93BCE9C3CC1091938 ] MSDTC C:\WINDOWS\system32\msdtc.exe
16:39:28.0140 0x08a4 MSDTC - ok
16:39:28.0171 0x08a4 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
16:39:28.0296 0x08a4 Msfs - ok
16:39:28.0312 0x08a4 MSIServer - ok
16:39:28.0343 0x08a4 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
16:39:28.0484 0x08a4 MSKSSRV - ok
16:39:28.0484 0x08a4 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:39:28.0640 0x08a4 MSPCLOCK - ok
16:39:28.0656 0x08a4 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
16:39:28.0796 0x08a4 MSPQM - ok
16:39:28.0828 0x08a4 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
16:39:28.0968 0x08a4 mssmbios - ok
16:39:29.0031 0x08a4 [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
16:39:29.0062 0x08a4 Mup - ok
16:39:29.0109 0x08a4 [ 6EA362E9DB03D44F6B996F4D8BE237E9, FE6B4C546D26C4A2832CF4CB280B86B1723E10E46A3C24AF6C9856FCCAE9D1FC ] napagent C:\WINDOWS\System32\qagentrt.dll
16:39:29.0265 0x08a4 napagent - ok
16:39:29.0281 0x08a4 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
16:39:29.0453 0x08a4 NDIS - ok
16:39:29.0468 0x08a4 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:39:29.0500 0x08a4 NdisTapi - ok
16:39:29.0531 0x08a4 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:39:29.0671 0x08a4 Ndisuio - ok
16:39:29.0703 0x08a4 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:39:29.0859 0x08a4 NdisWan - ok
16:39:29.0890 0x08a4 [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
16:39:29.0921 0x08a4 NDProxy - ok
16:39:29.0968 0x08a4 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
16:39:30.0109 0x08a4 NetBIOS - ok
16:39:30.0125 0x08a4 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
16:39:30.0281 0x08a4 NetBT - ok
16:39:30.0328 0x08a4 [ 933DE774986EC85E48210C44AB431DE6, B8C85085003792B8744D96585CE6F2BC474EEEEC364A100CCBCE08176D91E75C ] NetDDE C:\WINDOWS\system32\netdde.exe
16:39:30.0484 0x08a4 NetDDE - ok
16:39:30.0500 0x08a4 [ 933DE774986EC85E48210C44AB431DE6, B8C85085003792B8744D96585CE6F2BC474EEEEC364A100CCBCE08176D91E75C ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
16:39:30.0687 0x08a4 NetDDEdsdm - ok
16:39:30.0718 0x08a4 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] Netlogon C:\WINDOWS\system32\lsass.exe
16:39:30.0906 0x08a4 Netlogon - ok
16:39:30.0953 0x08a4 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40, 588C8BA14A7255FD36A88960CBE34341301773765ECF2A9A0F1760A509A08A5B ] Netman C:\WINDOWS\System32\netman.dll
16:39:31.0093 0x08a4 Netman - ok
16:39:31.0156 0x08a4 [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:39:31.0187 0x08a4 NetTcpPortSharing - ok
16:39:31.0234 0x08a4 [ 39EE7C3BFBC64BA87CC8CF67386E814C, B93CCB625CE370D9A49C9374D24C939D7C9FEF81401F4F822C51E12677D77E01 ] Nla C:\WINDOWS\System32\mswsock.dll
16:39:31.0281 0x08a4 Nla - ok
16:39:31.0343 0x08a4 [ 7AEA4DF1CA68FD45DD4BBE1F0243CE7F, 4CCE820F455512C41E4F98109FA6F048907DD3452D5A00D5F885C77F93C9C105 ] NMSAccess C:\Program Files\CDBurnerXP\NMSAccessU.exe
16:39:31.0359 0x08a4 NMSAccess - ok
16:39:31.0375 0x08a4 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
16:39:31.0531 0x08a4 Npfs - ok
16:39:31.0593 0x08a4 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
16:39:31.0750 0x08a4 Ntfs - ok
16:39:31.0781 0x08a4 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
16:39:31.0921 0x08a4 NtLmSsp - ok
16:39:31.0968 0x08a4 [ 023DD70573D644F3D9C8B1258A7BFD08, 9A1D3210ED5FD8BEDF92ED577A9B30E37035408A73EB66A8C950B75AB7539B83 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
16:39:32.0156 0x08a4 NtmsSvc - ok
16:39:32.0171 0x08a4 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
16:39:32.0312 0x08a4 Null - ok
16:39:32.0343 0x08a4 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
16:39:32.0484 0x08a4 NwlnkFlt - ok
16:39:32.0500 0x08a4 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
16:39:32.0640 0x08a4 NwlnkFwd - ok
16:39:32.0656 0x08a4 [ 46F8DB73B4A53E543F8E371DC7C75BAE, F6C5E7DE4B4AE0ED785DB075BE14EA6A0FC9050C95669B26DEF2B82D7B7D3B2C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
16:39:32.0812 0x08a4 Parport - ok
16:39:32.0828 0x08a4 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
16:39:32.0953 0x08a4 PartMgr - ok
16:39:32.0984 0x08a4 [ 1FAE19D0457176318BBA4A8795656EBC, 5F3D6CABA203A0485D67F63A6A81151724EE200BE49ED095CFCB1EF29C19D19F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
16:39:33.0125 0x08a4 ParVdm - ok
16:39:33.0156 0x08a4 [ 6CE351D149CB4BEFC702951E471E1730, 758327683BB45F01D5AE550AF21856822B4CF55E17F2A4F452F559088D242B37 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
16:39:33.0312 0x08a4 PCI - ok
16:39:33.0312 0x08a4 PCIDump - ok
16:39:33.0328 0x08a4 [ 2DA4EC85E0EA7A45C6B2A05820492D5A, A8C6BD93D3BC33A5B36EB523997EF9E0783B6E6EAFB6E7F58BCC2629009BDCF9 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
16:39:33.0468 0x08a4 PCIIde - ok
16:39:33.0515 0x08a4 [ 4FC31E6C19A5CE5198B1ABFF94CAE758, A031E21EC1F15DA5E8429269F435337FA961C3C06D535DAFD448C7355F33FD0C ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
16:39:33.0640 0x08a4 Pcmcia - ok
16:39:33.0656 0x08a4 PDCOMP - ok
16:39:33.0671 0x08a4 PDFRAME - ok
16:39:33.0671 0x08a4 PDRELI - ok
16:39:33.0687 0x08a4 PDRFRAME - ok
16:39:33.0687 0x08a4 perc2 - ok
16:39:33.0703 0x08a4 perc2hib - ok
16:39:33.0734 0x08a4 [ 9EF697AF07BB8DD82C3B02CA953A95B7, F26033E660B8FF1BDB9E88CDA205CE128C03138AF6BEC05DB3CF2D95C16D86C6 ] PlugPlay C:\WINDOWS\system32\services.exe
16:39:33.0781 0x08a4 PlugPlay - ok
16:39:33.0812 0x08a4 [ A38B3CE68E7F126190CDE4AA3FDF050F, 12D8F8FC8229BE7B76EF6B62670DDA36187BB3A69FB58FFAFAD75460B15CC76E ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
16:39:33.0890 0x08a4 Pml Driver HPZ12 - ok
16:39:33.0937 0x08a4 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
16:39:34.0078 0x08a4 PolicyAgent - ok
16:39:34.0078 0x08a4 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
16:39:34.0234 0x08a4 PptpMiniport - ok
16:39:34.0281 0x08a4 [ 7EB15DCE4EC3A0220BD796A15C18186E, E06C572F3FE4F3377D8AF74E8EF15478E71B4C61F944E48E8C35534BEF086110 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
16:39:34.0406 0x08a4 Processor - ok
16:39:34.0421 0x08a4 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
16:39:34.0562 0x08a4 ProtectedStorage - ok
16:39:34.0578 0x08a4 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
16:39:34.0718 0x08a4 PSched - ok
16:39:34.0734 0x08a4 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
16:39:34.0890 0x08a4 Ptilink - ok
16:39:34.0890 0x08a4 ql1080 - ok
16:39:34.0906 0x08a4 Ql10wnt - ok
16:39:34.0906 0x08a4 ql12160 - ok
16:39:34.0921 0x08a4 ql1240 - ok
16:39:34.0921 0x08a4 ql1280 - ok
16:39:34.0953 0x08a4 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:39:35.0093 0x08a4 RasAcd - ok
16:39:35.0125 0x08a4 [ 2B5E44EA009F2F374B980E1E9A70635D, 62D8FDB80C8ACBA2C42C12760B785587C43BEDFE015EC5C41B25F2BB735EFEB0 ] RasAuto C:\WINDOWS\System32\rasauto.dll
16:39:35.0296 0x08a4 RasAuto - ok
16:39:35.0312 0x08a4 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
16:39:35.0453 0x08a4 Rasl2tp - ok
16:39:35.0468 0x08a4 [ D57554C664B64604BD1EE13EA2C07E77, B090C05B91EA602BFF9A5E89AB1A0FFDE869611961FF749DA8B3F4D00F04E756 ] RasMan C:\WINDOWS\System32\rasmans.dll
16:39:35.0625 0x08a4 RasMan - ok
16:39:35.0656 0x08a4 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:39:35.0781 0x08a4 RasPppoe - ok
16:39:35.0796 0x08a4 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
16:39:35.0953 0x08a4 Raspti - ok
16:39:35.0984 0x08a4 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:39:36.0140 0x08a4 Rdbss - ok
16:39:36.0156 0x08a4 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
16:39:36.0281 0x08a4 RDPCDD - ok
16:39:36.0328 0x08a4 [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
16:39:36.0484 0x08a4 rdpdr - ok
16:39:36.0515 0x08a4 [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
16:39:36.0546 0x08a4 RDPWD - ok
16:39:36.0593 0x08a4 [ C0D9D9711CB74EE9BC66353D8CBDAB0E, F1AF9A26910707E76BF213D8DE5C902B0088D8A29EBDFF72DE6A4D867E298CC8 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
16:39:36.0765 0x08a4 RDSessMgr - ok
16:39:36.0781 0x08a4 [ 611BFD220305BE3A85AE876EA47D4AA5, FDF87878EB3886649025E5A12F1C3FC9072D66CCD3217944710085C1F8A4512E ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
16:39:36.0921 0x08a4 redbook - ok
16:39:36.0953 0x08a4 [ 127C26B5371651043450E52542099ABA, 98AADAD8D5211CB894AA7C59B6299861B1F44B6D8F46AB5837E7D2F5B615B14A ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
16:39:37.0109 0x08a4 RemoteAccess - ok
16:39:37.0140 0x08a4 [ 8F31505484A190D5B22274708799F4EC, 170FF8193C95CEE73B9342B6FB7D83DF4E80B2CCBB27DF41F4AB5F2FB9AF60E1 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
16:39:37.0281 0x08a4 RemoteRegistry - ok
16:39:37.0328 0x08a4 [ 718B3BDC0BC3C2F7D065A53D26202AF9, 9E58243628F1E1396AB82A80D046FF50803A230EE07B007E0CA5D744C77B091A ] RpcLocator C:\WINDOWS\system32\locator.exe
16:39:37.0468 0x08a4 RpcLocator - ok
16:39:37.0515 0x08a4 [ BE27674D1CBC3214AEC84B4336A38BBF, 3DF5F9A9E97595A61314B2731DF4F3D3C19D1B9D2291624A63B8E1861FFC2D76 ] RpcSs C:\WINDOWS\system32\rpcss.dll
16:39:37.0562 0x08a4 RpcSs - ok
16:39:37.0609 0x08a4 [ 09AB2E71E58B078038E3BFDBA7FFC984, 8CA277DEEF6376B0F48C6BA5DBBC3E8AF2245983BA9AF6AB83D1A920D35FAF93 ] RSVP C:\WINDOWS\system32\rsvp.exe
16:39:37.0750 0x08a4 RSVP - ok
16:39:37.0796 0x08a4 [ D0EEDC88876B20D42157CDCCA3E647F3, 37DA1053D5DCE42B5A0DF143318BE2BFF196FCA7D65E57B65663501AEF6223D2 ] s1039bus C:\WINDOWS\system32\DRIVERS\s1039bus.sys
16:39:37.0812 0x08a4 s1039bus - ok
16:39:37.0843 0x08a4 [ 7B35091A7BB597C86262C589B0B57D06, 03EABFF404DCB597CD58405D8496B33C129370DD3041BEAF83AF0820CB157C79 ] s1039mdfl C:\WINDOWS\system32\DRIVERS\s1039mdfl.sys
16:39:37.0875 0x08a4 s1039mdfl - ok
16:39:37.0906 0x08a4 [ 4CB1AB13C9813CBF3E4C6406F8043EC2, E147955B9F377A0343D0E649FBA5990ED176D5A21ECA03986F08C0E155FC65A1 ] s1039mdm C:\WINDOWS\system32\DRIVERS\s1039mdm.sys
16:39:37.0937 0x08a4 s1039mdm - ok
16:39:37.0984 0x08a4 [ 2649CA09585A7531126DCC116AD1F88C, 4136543EAF8D4150B36EBC1AEEE37D0142C2CEF8AE1651B74442E472351B92BE ] s1039mgmt C:\WINDOWS\system32\DRIVERS\s1039mgmt.sys
16:39:38.0000 0x08a4 s1039mgmt - ok
16:39:38.0046 0x08a4 [ 6D3F549EFD6DAEDD7D12F3DE2175053F, 1B9066D8255AA6A05E62EDC4A34FAB69F2649AC389CDC30AFADA4139482843E2 ] s1039nd5 C:\WINDOWS\system32\DRIVERS\s1039nd5.sys
16:39:38.0062 0x08a4 s1039nd5 - ok
16:39:38.0093 0x08a4 [ 305E3E3ACA0037AF2E2C1B50A383C91B, 2DF07DDA4F1B59A2413DC844CC355C2789F98A2D228845E23ECDC6783DF1C67E ] s1039obex C:\WINDOWS\system32\DRIVERS\s1039obex.sys
16:39:38.0109 0x08a4 s1039obex - ok
16:39:38.0140 0x08a4 [ 7DD02A58277C84C043442561589914F4, DC7FD909B3121188CF04C6045707D64DB70FCF07AD2B6B0D5BF9805BB5798BBC ] s1039unic C:\WINDOWS\system32\DRIVERS\s1039unic.sys
16:39:38.0171 0x08a4 s1039unic - ok
16:39:38.0234 0x08a4 [ 5E9378F9893EDE2DB887EA0281FFDFF5, 8C6C019B3BF5309E8007EDB2E20338CC2DD8A619166C8071002CF5262914566E ] S3GIGP C:\WINDOWS\system32\DRIVERS\S3gIGPm.sys
16:39:38.0312 0x08a4 S3GIGP - ok
16:39:38.0328 0x08a4 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] SamSs C:\WINDOWS\system32\lsass.exe
16:39:38.0453 0x08a4 SamSs - ok
16:39:38.0500 0x08a4 [ 419883201CA9AD697CCFB8FC46DD6F78, 477428D8ABFF751016F5077A3FB4C8A25CDA4EBA7CAD8E33C36D5439A995D7F1 ] SbFw C:\WINDOWS\system32\drivers\SbFw.sys
16:39:38.0531 0x08a4 SbFw - ok
16:39:38.0546 0x08a4 [ F01B8409A11C319E3C5B9DD418676D2C, E068A631CE1DDC0BE18D8B692E2E5D9846EE531C88ED86B5CA417C1F9E45097F ] SBFWIMCL C:\WINDOWS\system32\DRIVERS\sbfwim.sys
16:39:38.0562 0x08a4 SBFWIMCL - ok
16:39:38.0578 0x08a4 [ 31CA701F26EA66468AD3C3C6498755CE, 100F71E5DCCDCCAB7251432659419C254994DBCB398CD83559071A0CA5442D70 ] sbhips C:\WINDOWS\system32\drivers\sbhips.sys
16:39:38.0593 0x08a4 sbhips - ok
16:39:38.0609 0x08a4 [ 56C92289535834AA26144B4368932DCB, 47AE8A766662A39004F5AFAD6693B10C60B2B2FDA79C48FC977E97B47B26DA20 ] SbPF.Launcher C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
16:39:38.0640 0x08a4 SbPF.Launcher - ok
16:39:38.0671 0x08a4 [ 410046E401EB11E1E6749E9DEEA41D4A, 9507268ACD24EF51E994DC418E8EB3E10DEDE61EE892226A22A5DA7662397E25 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
16:39:38.0828 0x08a4 SCardSvr - ok
16:39:38.0859 0x08a4 [ 3FF232A7731621B8902D81D42418C93C, 2030C9A843D9555170179883BD4CC1E978D5FC5EC0D7FCA56518224E428BE421 ] Schedule C:\WINDOWS\system32\schedsvc.dll
16:39:39.0031 0x08a4 Schedule - ok
16:39:39.0078 0x08a4 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
16:39:39.0156 0x08a4 Secdrv - ok
16:39:39.0203 0x08a4 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6, 82EEB2345AC19050FAB202DE76C2CDD93E753F5AB67789A86A1726D3040C02E5 ] seclogon C:\WINDOWS\System32\seclogon.dll
16:39:39.0359 0x08a4 seclogon - ok
16:39:39.0375 0x08a4 [ A530B75C10C23C9AB28FDB6CE719E21F, 14568DF6457758E2F534A46A8E6245C364895C3993BEF2B5A889B98DBB201A27 ] SENS C:\WINDOWS\system32\sens.dll
16:39:39.0515 0x08a4 SENS - ok
16:39:39.0531 0x08a4 [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
16:39:39.0656 0x08a4 serenum - ok
16:39:39.0687 0x08a4 [ B842729337C9B921615C40D3C1A1AF96, 503670A56423B996C6ED6AE95F07FB88910767C4A2041A4BE9070C57A016E7FA ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
16:39:39.0828 0x08a4 Serial - ok
16:39:39.0843 0x08a4 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
16:39:39.0984 0x08a4 Sfloppy - ok
16:39:40.0031 0x08a4 [ F58FACA9621D2DB01BD0927D9A0A208E, 239C87E09261BC9D1DBE99DABCFC4787D42289E8769563A5EFB323BE6F177C9A ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
16:39:40.0187 0x08a4 SharedAccess - ok
16:39:40.0203 0x08a4 [ EE9A2B9EA968A792A053C9D1A86BF870, 39798179F2EA42216CBE98F08ADA3675A87BD0C31A66534367B96CB129AF36BA ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
16:39:40.0250 0x08a4 ShellHWDetection - ok
16:39:40.0265 0x08a4 Simbad - ok
16:39:40.0531 0x08a4 [ 9F712B26EE3B0242DE997A42FD302E2C, 12663EB108F158282A965EE70980627C2F2332BA7944D7DE03B78E18BEB87D26 ] Skype C2C Service C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
16:39:40.0828 0x08a4 Skype C2C Service - ok
16:39:40.0906 0x08a4 [ F07AF60B152221472FBDB2FECEC4896D, A18FDCE8462A48429E249C44F0E49F844F2E3A4B5215349DE104F34D935EF983 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
16:39:40.0937 0x08a4 SkypeUpdate - ok
16:39:40.0937 0x08a4 Sparrow - ok
16:39:41.0031 0x08a4 [ B3C9D712962DB83C280D0C4AAC8963A8, 520ED76058442A5DE35DBDD03FE48948AB073A71AFDC1ED71A6E2927C085784B ] SPF4 C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
16:39:41.0109 0x08a4 SPF4 - ok
16:39:41.0156 0x08a4 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
16:39:41.0296 0x08a4 splitter - ok
16:39:41.0328 0x08a4 [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
16:39:41.0375 0x08a4 Spooler - ok
16:39:41.0437 0x08a4 [ CDDDEC541BC3C96F91ECB48759673505, B030FFA02832317AC5626BF1BF8A4A95A5992C9A6E81BC1C002D5F4D667C27FB ] sptd C:\WINDOWS\system32\Drivers\sptd.sys
16:39:41.0437 0x08a4 Suspicious file ( NoAccess ): C:\WINDOWS\system32\Drivers\sptd.sys. md5: CDDDEC541BC3C96F91ECB48759673505, sha256: B030FFA02832317AC5626BF1BF8A4A95A5992C9A6E81BC1C002D5F4D667C27FB
16:39:41.0437 0x08a4 sptd - detected LockedFile.Multi.Generic ( 1 )
16:39:44.0109 0x08a4 Detect skipped due to KSN trusted
16:39:44.0109 0x08a4 sptd - ok
16:39:44.0140 0x08a4 [ 94610C8653635E4459316A0050D55CE7, D148D33B3D2B0757060531C526F2161504A8D7C4E5957D092C7EBDB007271339 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
16:39:44.0234 0x08a4 sr - ok
16:39:44.0265 0x08a4 [ 35B91147124F64AC8081A2EDB9EA4DEE, 1609D19156DAC6EE3C2D2350B062966B64D9CDC289E9B8FEB6D244AAEBE90BBF ] srservice C:\WINDOWS\system32\srsvc.dll
16:39:44.0375 0x08a4 srservice - ok
16:39:44.0421 0x08a4 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
16:39:44.0500 0x08a4 Srv - ok
16:39:44.0531 0x08a4 [ BECD5271DC4E3B7C3D035F790FCBC1E5, D63B9DB81332553C963EC5057D241CE2287AF652387333C1FD79AF8C9B5F2BA7 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
16:39:44.0625 0x08a4 SSDPSRV - ok
16:39:44.0656 0x08a4 [ F92254B0BCFCD10CAAC7BCCC7CB7F467, A44B569F658BED53502C9155947759EE67FABEE306DA2A9ABE87141F99B251A3 ] StarOpen C:\WINDOWS\system32\drivers\StarOpen.sys
16:39:44.0671 0x08a4 StarOpen - detected UnsignedFile.Multi.Generic ( 1 )
16:39:47.0078 0x08a4 Detect skipped due to KSN trusted
16:39:47.0078 0x08a4 StarOpen - ok
16:39:47.0140 0x08a4 [ C1CDD9275F6A115BB0AE1D55D8D27BA6, CD0511FD7F6AD832CBEB931C605AB3AD217631C57399CB8033248D27619541E4 ] stisvc C:\WINDOWS\system32\wiaservc.dll
16:39:47.0312 0x08a4 stisvc - ok
16:39:47.0343 0x08a4 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
16:39:47.0484 0x08a4 swenum - ok
16:39:47.0500 0x08a4 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
16:39:47.0640 0x08a4 swmidi - ok
16:39:47.0640 0x08a4 SwPrv - ok
16:39:47.0656 0x08a4 symc810 - ok
16:39:47.0671 0x08a4 symc8xx - ok
16:39:47.0671 0x08a4 sym_hi - ok
16:39:47.0687 0x08a4 sym_u3 - ok
16:39:47.0703 0x08a4 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
16:39:47.0843 0x08a4 sysaudio - ok
16:39:47.0890 0x08a4 [ CE06F01B88ACE199A1BF460CAC29C110, 3CD89E5B8E53203287D889C107E4795225742DB6C6ACA2DC0611BD9728382A27 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
16:39:48.0046 0x08a4 SysmonLog - ok
16:39:48.0078 0x08a4 [ C2546CD7A398476F9DF5614B2AE160E8, 11C8435BA983553E9C0806494E9B3C7080515C0375B0604F029D89B50726161A ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
16:39:48.0250 0x08a4 TapiSrv - ok
16:39:48.0281 0x08a4 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
16:39:48.0328 0x08a4 Tcpip - ok
16:39:48.0375 0x08a4 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
16:39:48.0515 0x08a4 TDPIPE - ok
16:39:48.0546 0x08a4 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
16:39:48.0671 0x08a4 TDTCP - ok
16:39:48.0687 0x08a4 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
16:39:48.0828 0x08a4 TermDD - ok
16:39:48.0875 0x08a4 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E, 3D2B1D899061448EAD993CDE97D1EF50DD64728E9F44D80FEAE591198A937653 ] TermService C:\WINDOWS\System32\termsrv.dll
16:39:49.0062 0x08a4 TermService - ok
16:39:49.0093 0x08a4 [ EE9A2B9EA968A792A053C9D1A86BF870, 39798179F2EA42216CBE98F08ADA3675A87BD0C31A66534367B96CB129AF36BA ] Themes C:\WINDOWS\System32\shsvcs.dll
16:39:49.0125 0x08a4 Themes - ok
16:39:49.0156 0x08a4 [ CD0CC7B167D78043A41C98D4921EFB54, 31AAB5D6D6BA52EBDDE1B5DEB8F9B4D9597FFBA4485F959C846F635060CCB5C0 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
16:39:49.0265 0x08a4 TlntSvr - ok
16:39:49.0265 0x08a4 TosIde - ok
16:39:49.0296 0x08a4 [ 38853304CCB938D30E0C4CDE8D2C2A8A, 966E7BCC9F63A1A7777F8A12E51C2A91EC688CE96109943ADC4CB4EB58DC34A6 ] TrkWks C:\WINDOWS\system32\trkwks.dll
16:39:49.0453 0x08a4 TrkWks - ok
16:39:49.0484 0x08a4 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
16:39:49.0640 0x08a4 Udfs - ok
16:39:49.0640 0x08a4 ultra - ok
16:39:49.0703 0x08a4 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
16:39:49.0859 0x08a4 Update - ok
16:39:49.0890 0x08a4 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E, AF7662BCA0819F82CE5EE0863E47149CC127DE664CB3DC6359B63FBD71DB54F8 ] upnphost C:\WINDOWS\System32\upnphost.dll
16:39:49.0984 0x08a4 upnphost - ok
16:39:50.0000 0x08a4 [ 20A0F6A11959E92908717D09E87D670D, 3DD6C99AB0F70FAA43DF470B30078B8A51B8AF735CD5C50DBB195FEA70F4C36E ] UPS C:\WINDOWS\System32\ups.exe
16:39:50.0156 0x08a4 UPS - ok
16:39:50.0187 0x08a4 [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
16:39:50.0203 0x08a4 usbccgp - ok
16:39:50.0234 0x08a4 [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
16:39:50.0265 0x08a4 usbehci - ok
16:39:50.0281 0x08a4 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
16:39:50.0421 0x08a4 usbhub - ok
16:39:50.0468 0x08a4 [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
16:39:50.0609 0x08a4 usbprint - ok
16:39:50.0640 0x08a4 [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
16:39:50.0671 0x08a4 usbscan - ok
16:39:50.0703 0x08a4 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
16:39:50.0843 0x08a4 USBSTOR - ok
16:39:50.0890 0x08a4 [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
16:39:51.0046 0x08a4 usbuhci - ok
16:39:51.0062 0x08a4 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
16:39:51.0203 0x08a4 VgaSave - ok
16:39:51.0218 0x08a4 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E, FC7FFD53FCC0F81587EFF26A43C141D25C43DBC68311520CE2BCDD739CA58CA9 ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
16:39:51.0359 0x08a4 ViaIde - ok
16:39:51.0375 0x08a4 [ F95C0FCFBCBDA6D8F202D2DF4052F88D, 976FC7EE44C588648D373B900647D861C3F8D4394A9BE9CCD6277678D950D23E ] videX32 C:\WINDOWS\system32\DRIVERS\videX32.sys
16:39:51.0406 0x08a4 videX32 - ok
16:39:51.0437 0x08a4 [ 28A4B296B47782173C346E376CB374D1, FE799FE4A41752A2B47027EA88214BF3E39B317302939F4A2D0F2A4EFAAC2F13 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
16:39:51.0562 0x08a4 VolSnap - ok
16:39:51.0609 0x08a4 [ D6BA1A63D9E00933F1CD2A885573AFB2, 36311A060635CEC1DBB6D8A746B8A4D007706EAE97D51A5E12F9958AB16BE486 ] VSS C:\WINDOWS\System32\vssvc.exe
16:39:51.0734 0x08a4 VSS - ok
16:39:51.0781 0x08a4 [ FA4E1CDBA256787F2149F4AAD07BC91F, 1B5FC5248335D70094D04501AA2C30F54782B58FF8D573BE8E784A21529C7CAF ] W32Time C:\WINDOWS\system32\w32time.dll
16:39:51.0937 0x08a4 W32Time - ok
16:39:51.0968 0x08a4 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:39:52.0109 0x08a4 Wanarp - ok
16:39:52.0109 0x08a4 WDICA - ok
16:39:52.0156 0x08a4 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
16:39:52.0296 0x08a4 wdmaud - ok
16:39:52.0312 0x08a4 [ 47AE51048A82DFA1CD6B51D369F7E169, 742F2162B8BDE00D83715093EA9743338964597ED22648B9F4F139D7278235A4 ] WebClient C:\WINDOWS\System32\webclnt.dll
16:39:52.0453 0x08a4 WebClient - ok
16:39:52.0531 0x08a4 [ E488332126E3B1182D2B8A0C35408EC6, F9F60911DF0A539753B2BEF6FAD2D0AED1BC1C3F43509F79D9AF2F810CDE5D9B ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
16:39:52.0687 0x08a4 winmgmt - ok
16:39:52.0734 0x08a4 [ 6199B2AE3F9DB9CB6DB230471A1DC601, E66C788C3E46AAC2ABB76F6E55E912EB28CF3D4C3D74FE6E85A6FABB7F22A5C9 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
16:39:52.0875 0x08a4 WmdmPmSN - ok
16:39:52.0937 0x08a4 [ 0171CFF34BBA8C5977F18C48D8AEF8C6, 0E3E04220157CCFB92F8D029805EB56D101C2A3AB3375354537FA9B5B3CAA0AD ] Wmi C:\WINDOWS\System32\advapi32.dll
16:39:53.0000 0x08a4 Wmi - ok
16:39:53.0062 0x08a4 [ 23F6F03272F7E5679F1F050AED5ACEE6, 87EBE773F3E8FFE2F1E1DB435BB0E8852031AA88112EB791085AD3DA918B49CC ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
16:39:53.0203 0x08a4 WmiApSrv - ok
16:39:53.0250 0x08a4 [ 4C86D5FAF78194995AF9CC1075F65DD3, D3B23BB0971E0DBC0A51720067489C224323B603178E91149BF56F779DE352F0 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
16:39:53.0406 0x08a4 wscsvc - ok
16:39:53.0437 0x08a4 [ C1364564800EE9784192145324A23308, 5345BAE00364233594C9CF99CE2CC485E65B5D4FFBB81C86B2950EDA2427584C ] wuauserv C:\WINDOWS\system32\wuauserv.dll
16:39:53.0593 0x08a4 wuauserv - ok
16:39:53.0656 0x08a4 [ A27D4BA7264C0BF52F32D10405BEA1D4, 5F28607CCAB15FB601BEB35FF0B1A5CD27C678C6D1CA724E842C33EED4579B8C ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
16:39:53.0843 0x08a4 WZCSVC - ok
16:39:53.0875 0x08a4 [ BEC604CDC548A528EBD3D7AA1DD46A89, 4FE57CB4E18D36EED615AD23138F80FA2E4BD10A1C699DC938CD15C06851409E ] xfilt C:\WINDOWS\system32\DRIVERS\xfilt.sys
16:39:53.0921 0x08a4 xfilt - ok
16:39:53.0968 0x08a4 [ EAA4BB9EDB3FB10CF8979FE65E63658F, B80EB477100FD3E26513360E09DB6EBF0C8D8B0618F1F4BF1F387ABA6DEC9B64 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
16:39:54.0140 0x08a4 xmlprov - ok
16:39:54.0140 0x08a4 ================ Scan global ===============================
16:39:54.0171 0x08a4 [ F36278E42C8C5DF03CE17DAC8231C91C, D012A3C8F394DF4F0BF5D5A4C10E73BBF427762B7D3DB6CF5FAB96536E082B7A ] C:\WINDOWS\system32\basesrv.dll
16:39:54.0218 0x08a4 [ 4C0AA4ABC4E21672B55D8A700AF2B2A6, FAC6B8E2698D0EB12A0ACE62EA398AD05AB6AC5C39740A1E8BDAAF0BFDD5B4A3 ] C:\WINDOWS\system32\winsrv.dll
16:39:54.0265 0x08a4 [ 4C0AA4ABC4E21672B55D8A700AF2B2A6, FAC6B8E2698D0EB12A0ACE62EA398AD05AB6AC5C39740A1E8BDAAF0BFDD5B4A3 ] C:\WINDOWS\system32\winsrv.dll
16:39:54.0296 0x08a4 [ 9EF697AF07BB8DD82C3B02CA953A95B7, F26033E660B8FF1BDB9E88CDA205CE128C03138AF6BEC05DB3CF2D95C16D86C6 ] C:\WINDOWS\system32\services.exe
16:39:54.0312 0x08a4 [ Global ] - ok
16:39:54.0312 0x08a4 ================ Scan MBR ==================================
16:39:54.0328 0x08a4 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
16:39:54.0531 0x08a4 \Device\Harddisk0\DR0 - ok
16:39:54.0531 0x08a4 ================ Scan VBR ==================================
16:39:54.0546 0x08a4 [ 933C4D4862529334C95EB8DE88F61BE6 ] \Device\Harddisk0\DR0\Partition1
16:39:54.0546 0x08a4 \Device\Harddisk0\DR0\Partition1 - ok
16:39:54.0546 0x08a4 ================ Scan generic autorun ======================
16:39:54.0609 0x08a4 [ AB973644B5CD45173915715782BBA273, D1E64F5E759F656CB23E18FB3137055551D581F33BE9414C1FFC9A9699F30C56 ] C:\WINDOWS\system32\VTTimer.exe
16:39:54.0640 0x08a4 VTTimer - ok
16:39:54.0671 0x08a4 [ EEE8C0A6D63252BD6EF829C9B06BFCC5, EC16E8003538DB6686481D9A30299B125B1CF51358A38EF1669A127F4EEE8BC6 ] C:\WINDOWS\system32\S3trayp.exe
16:39:54.0718 0x08a4 S3Trayp - ok
16:39:55.0625 0x08a4 [ D8E53BEFD52A3CC726F7738EA676AF06, 9197A56A11EDF96F6AB12299B415295A5EEC6A91281D725E9905B6D8B1F552A8 ] C:\WINDOWS\RTHDCPL.EXE
16:39:56.0968 0x08a4 RTHDCPL - ok
16:39:57.0093 0x08a4 [ FEDB6110D3E0A7EFE6996F93CD8C48E7, 719F6B648AE9841B03C8FB9FC9D0CB1233FDD3030FBD3C420C3E8CEB59A12214 ] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe
16:39:57.0140 0x08a4 CanonSolutionMenu - ok
16:39:57.0234 0x08a4 [ 2F0F0E6AA6F5874E13E792996077138B, 9D12D4D61139436E3BFDC74577195A1D2C62B8D2C30034093197452287E22C15 ] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
16:39:57.0328 0x08a4 CanonMyPrinter - ok
16:39:57.0390 0x08a4 [ 846965AE55A2662B1576C0F392DD1D6E, 0ADE383991FDC5A49DD15A27CB52CF75ABF518F0335E92003C0FF75DB417BBDC ] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe
16:39:57.0406 0x08a4 SSBkgdUpdate - ok
16:39:57.0453 0x08a4 [ F8D427DAE2984A4968E2D1CB53634784, 02DDE830F40C48321C0AB384D2505F3AD1AD84FAF17AB411A2FE7DE3409DC0E5 ] C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
16:39:57.0468 0x08a4 OpwareSE4 - ok
16:39:57.0671 0x08a4 [ 5CA0EB9538C6ACEBDC3593FC53527B9D, 35AC60899254C7414FF42BCDA4165FB58F6369BD5EDCAC24EBB1B5A095664CAC ] C:\Program Files\Alwil Software\Avast5\AvastUI.exe
16:39:57.0921 0x08a4 AvastUI.exe - ok
16:39:57.0968 0x08a4 [ A756B8F0F7BAFBA6DFE39F7D169F2519, 5338DE8FCA5182A919AAADFA5D130BB93069E3675B834D96CFF68C32433B3BDE ] C:\WINDOWS\system32\CTFMON.EXE
16:39:58.0109 0x08a4 CTFMON.EXE - ok
16:39:58.0109 0x08a4 [ A756B8F0F7BAFBA6DFE39F7D169F2519, 5338DE8FCA5182A919AAADFA5D130BB93069E3675B834D96CFF68C32433B3BDE ] C:\WINDOWS\system32\CTFMON.EXE
16:39:58.0250 0x08a4 CTFMON.EXE - ok
16:39:58.0250 0x08a4 [ A756B8F0F7BAFBA6DFE39F7D169F2519, 5338DE8FCA5182A919AAADFA5D130BB93069E3675B834D96CFF68C32433B3BDE ] C:\WINDOWS\system32\CTFMON.EXE
16:39:58.0390 0x08a4 CTFMON.EXE - ok
16:39:58.0390 0x08a4 [ A756B8F0F7BAFBA6DFE39F7D169F2519, 5338DE8FCA5182A919AAADFA5D130BB93069E3675B834D96CFF68C32433B3BDE ] C:\WINDOWS\system32\ctfmon.exe
16:39:58.0531 0x08a4 CTFMON.EXE - ok
16:39:58.0593 0x08a4 [ 7DFCCC67990B6DE7F30F553A4E4612A4, 9FF98D6FD2539CEFC9F42103A7F72388BED6EE590400559B92BC7430228DA36A ] C:\Program Files\RocketDock\RocketDock.exe
16:39:58.0625 0x08a4 RocketDock - detected UnsignedFile.Multi.Generic ( 1 )
16:40:00.0984 0x08a4 Detect skipped due to KSN trusted
16:40:00.0984 0x08a4 RocketDock - ok
16:40:01.0796 0x08a4 [ CBEC06E32D0AC9C3D0A9199EDC1FB959, 9D7F9A372096EAE6B401653207ADDC08EC275065250EEFA235F580FB45D73E19 ] C:\Program Files\Skype\Phone\Skype.exe
16:40:02.0812 0x08a4 Skype - ok
16:40:02.0859 0x08a4 Waiting for KSN requests completion. In queue: 59
16:40:03.0859 0x08a4 Waiting for KSN requests completion. In queue: 59
16:40:04.0859 0x08a4 Waiting for KSN requests completion. In queue: 59
16:40:05.0859 0x08a4 Waiting for KSN requests completion. In queue: 59
16:40:06.0859 0x08a4 Waiting for KSN requests completion. In queue: 58
16:40:07.0859 0x08a4 Waiting for KSN requests completion. In queue: 58
16:40:08.0890 0x08a4 AV detected via SS1: avast! Antivirus, 5.0.150996962, enabled, updated
16:40:08.0906 0x08a4 FW detected via SS1: Sunbelt Personal Firewall, 4.6.1861 T, disabled
16:40:08.0906 0x08a4 Win FW state via NFM: disabled
16:40:11.0296 0x08a4 ============================================================
16:40:11.0296 0x08a4 Scan finished
16:40:11.0296 0x08a4 ============================================================
16:40:11.0296 0x05b4 Detected object count: 0
16:40:11.0296 0x05b4 Actual detected object count: 0
16:41:27.0984 0x01cc ============================================================
16:41:27.0984 0x01cc Scan started
16:41:27.0984 0x01cc Mode: Manual; SigCheck; TDLFS;
16:41:27.0984 0x01cc ============================================================
16:41:27.0984 0x01cc KSN ping started
16:41:30.0906 0x01cc KSN ping finished: true
16:41:31.0265 0x01cc ================ Scan system memory ========================
16:41:31.0265 0x01cc System memory - ok
16:41:31.0281 0x01cc ================ Scan services =============================
16:41:31.0421 0x01cc Abiosdsk - ok
16:41:31.0437 0x01cc abp480n5 - ok
16:41:31.0468 0x01cc [ 4FE34F1F3126B61FCC6B2043AA8112C9, DE370865E47A5D2A4B227EEFFB42384F67F08D622BF936A9C9CEF70CC47F324B ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
16:41:31.0750 0x01cc ACPI - ok
16:41:31.0812 0x01cc [ AFDFF022A01F0B11C776F0860C3B282F, 135E5257B62D921B76271014301E9EA1E2383D5DBB04E475DC3A7EFFD2561F56 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
16:41:31.0953 0x01cc ACPIEC - ok
16:41:32.0015 0x01cc [ 09E7C37DF4A911C8A9AA8BF88ACD10AA, E881E0BBDCED58F28E0BA8DC27372EDFFFF2C57EE31CD13A032FDC9F7C831B5A ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:41:32.0046 0x01cc AdobeFlashPlayerUpdateSvc - ok
16:41:32.0046 0x01cc adpu160m - ok
16:41:32.0093 0x01cc [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
16:41:32.0250 0x01cc aec - ok
16:41:32.0281 0x01cc [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
16:41:32.0328 0x01cc AFD - ok
16:41:32.0343 0x01cc Aha154x - ok
16:41:32.0343 0x01cc aic78u2 - ok
16:41:32.0359 0x01cc aic78xx - ok
16:41:32.0390 0x01cc [ E0A6FA244B8624D78FE5FF6F56A33BAE, 26B828FDB03AE4A4F1DC7A1792F9BAD69CF947897D47F5E567F24F4B6D5CB541 ] Alerter C:\WINDOWS\system32\alrsvc.dll
16:41:32.0531 0x01cc Alerter - ok
16:41:32.0546 0x01cc [ 88842DE939A827577BF24243699AC80A, A49C9A6A9941F3A2FBBCFE1F6DB48B632739D00670AC98ECCCBC7FD9E786B21A ] ALG C:\WINDOWS\System32\alg.exe
16:41:32.0640 0x01cc ALG - ok
16:41:32.0640 0x01cc AliIde - ok
16:41:32.0750 0x01cc [ 267FC636801EDC5AB28E14036349E3BE, CFEF5DF5F9BE820283376BB86DB3CF6609C02D316A742E17459A2BFA42E724E0 ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys
16:41:32.0859 0x01cc Ambfilt - ok
16:41:32.0875 0x01cc amsint - ok
16:41:32.0921 0x01cc [ 6B8E7A90E576D4FE308F97C69060A171, 6CE49BC78715737D78E05DECAC23E26A5672ACD2CF3D10154FEA9D47B318D47C ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
16:41:33.0031 0x01cc AppMgmt - ok
16:41:33.0031 0x01cc asc - ok
16:41:33.0046 0x01cc asc3350p - ok
16:41:33.0046 0x01cc asc3550 - ok
16:41:33.0140 0x01cc [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
16:41:33.0171 0x01cc aspnet_state - ok
16:41:33.0203 0x01cc [ 4D6C6E0505A8E5A0656DCB223497D37C, 7F9457AF4B6E4FC6C4F77BD39DB5EB5520C44D22974B9781EA0F984D6830637C ] aswHwid C:\WINDOWS\system32\drivers\aswHwid.sys
16:41:33.0234 0x01cc aswHwid - ok
16:41:33.0265 0x01cc [ 1A2CC93BBD77C2D95A7567938D7D7239, DD082ACA011DA63CC1A69BAD8C42B9DA3A9975194D87B5584A39C91ED92341E3 ] aswMonFlt C:\WINDOWS\system32\drivers\aswMonFlt.sys
16:41:33.0281 0x01cc aswMonFlt - ok
16:41:33.0328 0x01cc [ FFB1BDC9CAF255019D678DB5BEDAF0F0, 5FBCD3F2AFFB25EB717B913E709EFBEEAC6520B910B8AC11BF830A5B7E33F797 ] aswRdr C:\WINDOWS\system32\drivers\aswRdr.sys
16:41:33.0343 0x01cc aswRdr - ok
16:41:33.0359 0x01cc [ 24B3BDA01DB3A704E33A5266C7B52DAF, FB2555504570E8FD6AA251BE9D05EDC2B73596EF830384130556EC64E518FE65 ] aswRvrt C:\WINDOWS\system32\drivers\aswRvrt.sys
16:41:33.0390 0x01cc aswRvrt - ok
16:41:33.0453 0x01cc [ D13182758BAC9B4996D592E7684C9267, 8CDF8F3962659A6F3AE77AD9A4982E2D754E0DE3610BE26985444A4DCCDF181A ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
16:41:33.0515 0x01cc aswSnx - ok
16:41:33.0546 0x01cc [ D1A68A33B082FA1C7087CE54A7923D90, 9B776122078044A1336D0E7C5F3F016BC7196571DBF379F804AF70C49D642714 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
16:41:33.0593 0x01cc aswSP - ok
16:41:33.0625 0x01cc [ AF01CD260A9EF60B09029C9F5EF99040, C74A94598DC8DBD3AB13E43A60ED12698A121332446867FC3B75745626E0B7CB ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
16:41:33.0656 0x01cc aswTdi - ok
16:41:33.0671 0x01cc [ B2D7EE52633CA8831DDAFCA81C2D46C3, 017C6C376520380F29AF465F1464C3652D421C4B873B7AC2647498F356032361 ] aswVmm C:\WINDOWS\system32\drivers\aswVmm.sys
16:41:33.0703 0x01cc aswVmm - ok
16:41:33.0734 0x01cc [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
16:41:33.0875 0x01cc AsyncMac - ok
16:41:33.0921 0x01cc [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
16:41:34.0062 0x01cc atapi - ok
16:41:34.0062 0x01cc Atdisk - ok
16:41:34.0109 0x01cc [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
16:41:34.0250 0x01cc Atmarpc - ok
16:41:34.0281 0x01cc [ DE31B88962A8645DBA5A37B993E7B0F1, CA93F25A3FD0CE68BB9B8E3AB6B813BF38DE3EDDFC990291B3957FAA59B2B274 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
16:41:34.0406 0x01cc AudioSrv - ok
16:41:34.0453 0x01cc [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
16:41:34.0593 0x01cc audstub - ok
16:41:34.0656 0x01cc [ 37D17AE2936867F88EB3C4CBCBC6B8A1, E1F4D288CE1E5482A5594C8F9EEDE1E8134466F5E0C7DA32D88985497CD8588B ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
16:41:34.0671 0x01cc avast! Antivirus - ok
16:41:34.0718 0x01cc [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
16:41:34.0859 0x01cc Beep - ok
16:41:34.0937 0x01cc [ 19395D092FD85DDC2D9C7729CF5A2AC8, 7640F36BA19698EE8A6257BF78A8C57DD9D734BED9CA6BB9B68603BAEA092412 ] BITS C:\WINDOWS\system32\qmgr.dll
16:41:35.0125 0x01cc BITS - ok
16:41:35.0156 0x01cc [ 89E739BBA5F636297EA5B5F811189E06, 151B32B12F5DD0D388134DA2471FE9741CF22B9C408DA58FEF8019D3C4EC836B ] Browser C:\WINDOWS\System32\browser.dll
16:41:35.0187 0x01cc Browser - ok
16:41:35.0218 0x01cc [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
16:41:35.0359 0x01cc cbidf2k - ok
16:41:35.0375 0x01cc cd20xrnt - ok
16:41:35.0406 0x01cc [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
16:41:35.0531 0x01cc Cdaudio - ok
16:41:35.0562 0x01cc [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
16:41:35.0703 0x01cc Cdfs - ok
16:41:35.0750 0x01cc [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
16:41:35.0890 0x01cc Cdrom - ok
16:41:35.0906 0x01cc Changer - ok
16:41:35.0921 0x01cc [ E390DC1D7C461D7D56EC53402F329928, FB37F84E71353CD83FCDDD39C898C6D84C05130C5F1BEF022E3DFDE160398C0E ] CiSvc C:\WINDOWS\system32\cisvc.exe
16:41:36.0062 0x01cc CiSvc - ok
16:41:36.0078 0x01cc [ 064507A8DFA8C5C7E2FFDDD3E6F424FA, 1725067BC759484A7185A4F1A44ED3CBE481529D187FE98EF279425B79177EB1 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
16:41:36.0234 0x01cc ClipSrv - ok
16:41:36.0265 0x01cc [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:41:36.0281 0x01cc clr_optimization_v2.0.50727_32 - ok
16:41:36.0296 0x01cc CmdIde - ok
16:41:36.0296 0x01cc COMSysApp - ok
16:41:36.0312 0x01cc Cpqarray - ok
16:41:36.0359 0x01cc [ F3AB0933CBD166D271992F411C27CCAF, 50E01F3B058F814BE914FA5050B2D972E8584A467719A5ABCF9D9EBD596A54A7 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
16:41:36.0500 0x01cc CryptSvc - ok
16:41:36.0515 0x01cc dac2w2k - ok
16:41:36.0515 0x01cc dac960nt - ok
16:41:36.0578 0x01cc [ BE27674D1CBC3214AEC84B4336A38BBF, 3DF5F9A9E97595A61314B2731DF4F3D3C19D1B9D2291624A63B8E1861FFC2D76 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
16:41:36.0640 0x01cc DcomLaunch - ok
16:41:36.0687 0x01cc [ 8C9A53E285AC5E6704844D0459EC85BE, 9E86AF4C06CEC007C9B1590B6E056319603E4D79BED0C2471C6F1BC251B380CF ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
16:41:36.0828 0x01cc Dhcp - ok
16:41:36.0843 0x01cc [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
16:41:37.0000 0x01cc Disk - ok
16:41:37.0015 0x01cc dmadmin - ok
16:41:37.0078 0x01cc [ DB5FD2BF5B07DC54BFCB3664FF05BD7C, 46074FBBC5E4A40A7B3A45636089DEDD2A619778C7DCD797571C2BB64D775F7E ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
16:41:37.0250 0x01cc dmboot - ok
16:41:37.0296 0x01cc [ FFF1720AF51171F32F1EAD5CF71F2810, 2E40D63DC7670C1E88A532DB8923A98ABC8481C351C4D915C2753E10BA77F36D ] dmio C:\WINDOWS\system32\drivers\dmio.sys
16:41:37.0453 0x01cc dmio - ok
16:41:37.0484 0x01cc [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
16:41:37.0609 0x01cc dmload - ok
16:41:37.0640 0x01cc [ 2BFEFE9E865655A76982F050450B9591, 15C7D093D638770519AA43E7D8897310F32AB1F217027F5750D799494A985C35 ] dmserver C:\WINDOWS\System32\dmserver.dll
16:41:37.0765 0x01cc dmserver - ok
16:41:37.0812 0x01cc [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
16:41:37.0953 0x01cc DMusic - ok
16:41:37.0984 0x01cc [ DFAA406BF19F4EE806A6F8D4342137F7, EE2C11B3E37565FC009E323607B2F5F148F9219012EDF848CEFC1B273DAA98A9 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
16:41:38.0015 0x01cc Dnscache - ok
16:41:38.0062 0x01cc [ 4A3E2BD20157A0946751229E92EB8621, D8C00CC2C18C517F7262EBC3C511C062E5ABA797056AEB22AC5DEB306BA8C526 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
16:41:38.0218 0x01cc Dot3svc - ok
16:41:38.0234 0x01cc dpti2o - ok
16:41:38.0250 0x01cc [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
16:41:38.0375 0x01cc drmkaud - ok
16:41:38.0421 0x01cc [ 0887D9C2BE8D940778CAD1E3B85F2A41, 2E30DC06D46A5E174B7CAA2D70BDB697015495942572E90425E2EE7AC541BCF4 ] EapHost C:\WINDOWS\System32\eapsvc.dll
16:41:38.0546 0x01cc EapHost - ok
16:41:38.0578 0x01cc [ A2A4912798F2BE706ABADD3D30800D16, CCCCA389D22525D984DE9B59E4CEBE0EEEF315F725176EB5C4DC1A5B6157234A ] ERSvc C:\WINDOWS\System32\ersvc.dll
16:41:38.0734 0x01cc ERSvc - ok
16:41:38.0781 0x01cc [ 9EF697AF07BB8DD82C3B02CA953A95B7, F26033E660B8FF1BDB9E88CDA205CE128C03138AF6BEC05DB3CF2D95C16D86C6 ] Eventlog C:\WINDOWS\system32\services.exe
16:41:38.0812 0x01cc Eventlog - ok
16:41:38.0859 0x01cc [ A371F11EF07653591C8DE26AFB13CE7F, 1192EDC8B146F1C27E8CD7E126DDC044F8B368C2E891A90CD81620D48C9550B6 ] EventSystem C:\WINDOWS\system32\es.dll
16:41:38.0906 0x01cc EventSystem - ok
16:41:38.0953 0x01cc [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
16:41:39.0109 0x01cc Fastfat - ok
16:41:39.0140 0x01cc [ EE9A2B9EA968A792A053C9D1A86BF870, 39798179F2EA42216CBE98F08ADA3675A87BD0C31A66534367B96CB129AF36BA ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
16:41:39.0187 0x01cc FastUserSwitchingCompatibility - ok
16:41:39.0203 0x01cc [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
16:41:39.0343 0x01cc Fdc - ok
16:41:39.0375 0x01cc [ E9648254056BCE81A85380C0C3647DC4, AE58F498BD1C33360FE3BB9EA22C13EA562206B68E7946B587CB5A6DF94586A1 ] FETNDIS C:\WINDOWS\system32\DRIVERS\fetnd5.sys
16:41:39.0500 0x01cc FETNDIS - ok
16:41:39.0531 0x01cc [ AC366695A0796560AA37215AD5762AAF, 6ADC7443EA42D77199D4879AF3C33A07914116C69A34B895D8CB8444EE50077F ] Fips C:\WINDOWS\system32\drivers\Fips.sys
16:41:39.0671 0x01cc Fips - ok
16:41:39.0718 0x01cc [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
16:41:39.0843 0x01cc Flpydisk - ok
16:41:39.0875 0x01cc [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
16:41:40.0015 0x01cc FltMgr - ok
16:41:40.0078 0x01cc [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
16:41:40.0093 0x01cc FontCache3.0.0.0 - ok
16:41:40.0109 0x01cc [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:41:40.0250 0x01cc Fs_Rec - ok
16:41:40.0281 0x01cc [ 4E664D8541DB4A66B73A24257E322E1F, 17A2140AFE2B41E579FCCAFB82532853AD90A6EDBCB13DE80741DAE0AD5B4CC9 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
16:41:40.0406 0x01cc Ftdisk - ok
16:41:40.0437 0x01cc [ 3A74C423CF6BCCA6982715878F450A3B, A98D6D377B48D05BE3927F6E93D0DE7741E115C43125C0E0DE6EEFE023DE73BC ] gagp30kx C:\WINDOWS\system32\DRIVERS\gagp30kx.sys
16:41:40.0578 0x01cc gagp30kx - ok
16:41:40.0609 0x01cc [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
16:41:40.0765 0x01cc Gpc - ok
16:41:40.0828 0x01cc [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
16:41:40.0859 0x01cc gupdate - ok
16:41:40.0890 0x01cc [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
16:41:40.0906 0x01cc gupdatem - ok
16:41:40.0968 0x01cc [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
16:41:41.0125 0x01cc HDAudBus - ok
16:41:41.0171 0x01cc [ FCFE31FB75F8A6295B6B0AF87A626282, 6BA385797DBC73EB29EFE3293B80C21B1B8A1E9B87A462476E73C526C9565E5F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
16:41:41.0312 0x01cc helpsvc - ok
16:41:41.0328 0x01cc [ 00E25EE90166B3E1BE6E74AEBF858306, 92C2F020EF14DE3B4F09E2C5DFF3D2F35D8C50F6D0188F9CEEFE3B6075602EFE ] HidServ C:\WINDOWS\System32\hidserv.dll
16:41:41.0468 0x01cc HidServ - ok
16:41:41.0500 0x01cc [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
16:41:41.0625 0x01cc hidusb - ok
16:41:41.0671 0x01cc [ 7A6B320928F86BC851530D63C82965D9, 1F628759D31098DFBC05244735B5A62ACD8E45DBC5C9D236260D68EB8F1E28F5 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
16:41:41.0828 0x01cc hkmsvc - ok
16:41:41.0906 0x01cc [ C5F00D15AA15CB7F55A027FF75E44BB7, A266FA9B4333CE35C74BD0F9920CC475545F9A597300F3738F7FE4AB7475321E ] HP Port Resolver C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
16:41:41.0984 0x01cc HP Port Resolver - ok
16:41:41.0984 0x01cc hpn - ok
16:41:42.0015 0x01cc [ 30CA91E657CEDE2F95359D6EF186F650, 6BBAFBE50E7819695A79586A086A9952B737E174BA2C63C1F180D97EC4AABA4B ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
16:41:42.0046 0x01cc HPZid412 - ok
16:41:42.0093 0x01cc [ EFD31AFA752AA7C7BBB57BCBE2B01C78, AC671CEE9F8DD9FE6C51069212AEB1736BB914361D4185D1E87068D244BF2B7A ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
16:41:42.0125 0x01cc HPZipr12 - ok
16:41:42.0140 0x01cc [ 7AC43C38CA8FD7ED0B0A4466F753E06E, B4D44B366170D247E0145B9435CC678BEE2A2A42CFF7B485E077B3B582557B5A ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
16:41:42.0187 0x01cc HPZius12 - ok
16:41:42.0234 0x01cc [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
16:41:42.0281 0x01cc HTTP - ok
16:41:42.0328 0x01cc [ 58FE2F2DA3BC5573F4A35B3760D3125F, B241ACCE426402EC64DC34C49CECB8CDC0851986D54BFCCED7040D6C43F5787A ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
16:41:42.0500 0x01cc HTTPFilter - ok
16:41:42.0500 0x01cc i2omgmt - ok
16:41:42.0500 0x01cc i2omp - ok
16:41:42.0515 0x01cc [ C528E27945367191E7BAE364930B6932, 1B95C7B49B4CAE734DC6C9EC22555C5356EEC856B8491C761C777479264CF854 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
16:41:42.0671 0x01cc i8042prt - ok
16:41:42.0765 0x01cc [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:41:42.0828 0x01cc idsvc - ok
16:41:42.0843 0x01cc [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
16:41:42.0984 0x01cc Imapi - ok
16:41:43.0031 0x01cc [ F7B93AAFAD33B2320954C17E26C8D361, 8CFDB11A68B59E195F280BE08B25FA59F1F70833832919B8BECCE17616999934 ] ImapiService C:\WINDOWS\system32\imapi.exe
16:41:43.0187 0x01cc ImapiService - ok
16:41:43.0203 0x01cc ini910u - ok
16:41:43.0484 0x01cc [ C472FC1D265346E9500095F88A0345F9, 7BA3701EA9F59391ED9959C8576E710C1258CEFE7CC9EA1B3E985BE28B921888 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
16:41:43.0828 0x01cc IntcAzAudAddService - ok
16:41:43.0843 0x01cc IntelIde - ok
16:41:43.0890 0x01cc [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
16:41:44.0046 0x01cc Ip6Fw - ok
16:41:44.0093 0x01cc [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:41:44.0218 0x01cc IpFilterDriver - ok
16:41:44.0250 0x01cc [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
16:41:44.0390 0x01cc IpInIp - ok
16:41:44.0421 0x01cc [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
16:41:44.0562 0x01cc IpNat - ok
16:41:44.0593 0x01cc [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
16:41:44.0750 0x01cc IPSec - ok
16:41:44.0796 0x01cc [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
16:41:44.0890 0x01cc IRENUM - ok
16:41:44.0921 0x01cc [ CC9F8A2D60AED1A51A3AC34C59B987AE, CBF69817BE3D9A4617390B1A3306074CB8581F21562CD1357D32BC3E542F3CEE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
16:41:45.0062 0x01cc isapnp - ok
16:41:45.0093 0x01cc [ 1B6162FE7F66B1A71A4B70F941C4AA9B, C2EA494BAB0513A6027414FB1E75834F980A77852D0DC8559E8942FC222A075A ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
16:41:45.0234 0x01cc Kbdclass - ok
16:41:45.0265 0x01cc [ 86C8F23616C6C6E5B2776901C17B945B, 211B63FC405A2DDB126D204D61E779D66C7211882CC0374521926C633E180B91 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
16:41:45.0406 0x01cc kbdhid - ok
16:41:45.0421 0x01cc [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
16:41:45.0578 0x01cc kmixer - ok
16:41:45.0609 0x01cc [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
16:41:45.0656 0x01cc KSecDD - ok
16:41:45.0687 0x01cc [ 3428E8F86F8ADD36B42FB23542C7B3E4, 9CF643D1A70AF08407ACD5FD6FE4B8777521DDF41B5E63C2E6E1E4CAAC69A403 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
16:41:45.0718 0x01cc LanmanServer - ok
16:41:45.0750 0x01cc [ 936C1D110232D23B621CB0196E4F80F0, 2DE3AF93E20F1DC7A6FF31B18054EA4D2350387E4DA91C4B16D451384F0C57E2 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
16:41:45.0796 0x01cc lanmanworkstation - ok
16:41:45.0796 0x01cc lbrtfdc - ok
16:41:45.0843 0x01cc [ 0AB159F536E3E8F7F07113702A07CCA5, 3218C553183E6697C663B6D12790E09756B50505590858DD5AC62411D37CDD7C ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
16:41:46.0015 0x01cc LmHosts - ok
16:41:46.0031 0x01cc [ 221CD1C815B8A6B79389C3F5D1018DE8, 6D0D25D6669C4F9452F74EC72C6138A41D9408E01AF5FD01C08F27BE7BC9C905 ] Messenger C:\WINDOWS\System32\msgsvc.dll
16:41:46.0187 0x01cc Messenger - ok
16:41:46.0234 0x01cc [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
16:41:46.0359 0x01cc mnmdd - ok
16:41:46.0390 0x01cc [ 9A57D046F88F4B69751B11FD40088A61, 62F65433024CE411F111A88723747B8A83B31076FBAF4CFF40FD02A53D7FF7DF ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
16:41:46.0546 0x01cc mnmsrvc - ok
16:41:46.0578 0x01cc [ 44032B0C6D9954D3FD26438330B99EE7, A49749A4C00D50F57170AA5DA9E2DEECC8C524A48B144C8B784894F2C202FBEE ] Modem C:\WINDOWS\system32\drivers\Modem.sys
16:41:46.0718 0x01cc Modem - ok
16:41:46.0796 0x01cc [ C7D9F9717916B34C1B00DD4834AF485C, A9512A03E8142C83534189963F90ADA6FA425BD606928C40C3D724177105A658 ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys
16:41:46.0890 0x01cc Monfilt - ok
16:41:46.0921 0x01cc [ 4CB582831DBDE63CE43B45D771218374, 6D470B26197C5B388983D9213D48D2CDE934C9591572876DC7790FE4B59E0845 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
16:41:47.0062 0x01cc Mouclass - ok
16:41:47.0078 0x01cc [ BB269EBA740737AB749B214D568B6812, ABF41D9B521EBBE674E76981CAD31F8FD05976DE7070266C3956FDB67C83C4C2 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
16:41:47.0218 0x01cc mouhid - ok
16:41:47.0265 0x01cc [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
16:41:47.0406 0x01cc MountMgr - ok
16:41:47.0453 0x01cc [ 26EA1DAD601EE3ACAC301D66F07BA219, C9594BB15D53D4AC2156CCCD2DB65B2C20620F1F60DA85F48D1586FC10028096 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
16:41:47.0468 0x01cc MozillaMaintenance - ok
16:41:47.0484 0x01cc mraid35x - ok
16:41:47.0515 0x01cc [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
16:41:47.0671 0x01cc MRxDAV - ok
16:41:47.0703 0x01cc [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:41:47.0765 0x01cc MRxSmb - ok
16:41:47.0812 0x01cc [ 6DB4D1521CABA9A5FFAB54ADE0AE867D, 78D63EE2C0B0852F0771071C099643242EBC9F4DA28847B93BCE9C3CC1091938 ] MSDTC C:\WINDOWS\system32\msdtc.exe
16:41:47.0953 0x01cc MSDTC - ok
16:41:47.0984 0x01cc [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
16:41:48.0125 0x01cc Msfs - ok
16:41:48.0140 0x01cc MSIServer - ok
16:41:48.0171 0x01cc [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
16:41:48.0328 0x01cc MSKSSRV - ok
16:41:48.0343 0x01cc [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:41:48.0484 0x01cc MSPCLOCK - ok
16:41:48.0500 0x01cc [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
16:41:48.0640 0x01cc MSPQM - ok
16:41:48.0687 0x01cc [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
16:41:48.0812 0x01cc mssmbios - ok
16:41:48.0843 0x01cc [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
16:41:48.0890 0x01cc Mup - ok
16:41:48.0937 0x01cc [ 6EA362E9DB03D44F6B996F4D8BE237E9, FE6B4C546D26C4A2832CF4CB280B86B1723E10E46A3C24AF6C9856FCCAE9D1FC ] napagent C:\WINDOWS\System32\qagentrt.dll
16:41:49.0093 0x01cc napagent - ok
16:41:49.0109 0x01cc [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
16:41:49.0265 0x01cc NDIS - ok
16:41:49.0312 0x01cc [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:41:49.0328 0x01cc NdisTapi - ok
16:41:49.0359 0x01cc [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:41:49.0515 0x01cc Ndisuio - ok
16:41:49.0531 0x01cc [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:41:49.0671 0x01cc NdisWan - ok
16:41:49.0703 0x01cc [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
16:41:49.0734 0x01cc NDProxy - ok
16:41:49.0781 0x01cc [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
16:41:49.0921 0x01cc NetBIOS - ok
16:41:49.0937 0x01cc [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
16:41:50.0093 0x01cc NetBT - ok
16:41:50.0125 0x01cc [ 933DE774986EC85E48210C44AB431DE6, B8C85085003792B8744D96585CE6F2BC474EEEEC364A100CCBCE08176D91E75C ] NetDDE C:\WINDOWS\system32\netdde.exe
16:41:50.0281 0x01cc NetDDE - ok
16:41:50.0296 0x01cc [ 933DE774986EC85E48210C44AB431DE6, B8C85085003792B8744D96585CE6F2BC474EEEEC364A100CCBCE08176D91E75C ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
16:41:50.0437 0x01cc NetDDEdsdm - ok
16:41:50.0468 0x01cc [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] Netlogon C:\WINDOWS\system32\lsass.exe
16:41:50.0625 0x01cc Netlogon - ok
16:41:50.0671 0x01cc [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40, 588C8BA14A7255FD36A88960CBE34341301773765ECF2A9A0F1760A509A08A5B ] Netman C:\WINDOWS\System32\netman.dll
16:41:50.0812 0x01cc Netman - ok
16:41:50.0890 0x01cc [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:41:50.0906 0x01cc NetTcpPortSharing - ok
16:41:50.0953 0x01cc [ 39EE7C3BFBC64BA87CC8CF67386E814C, B93CCB625CE370D9A49C9374D24C939D7C9FEF81401F4F822C51E12677D77E01 ] Nla C:\WINDOWS\System32\mswsock.dll
16:41:51.0000 0x01cc Nla - ok
16:41:51.0062 0x01cc [ 7AEA4DF1CA68FD45DD4BBE1F0243CE7F, 4CCE820F455512C41E4F98109FA6F048907DD3452D5A00D5F885C77F93C9C105 ] NMSAccess C:\Program Files\CDBurnerXP\NMSAccessU.exe
16:41:51.0078 0x01cc NMSAccess - ok
16:41:51.0093 0x01cc [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
16:41:51.0234 0x01cc Npfs - ok
16:41:51.0281 0x01cc [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
16:41:51.0453 0x01cc Ntfs - ok
16:41:51.0468 0x01cc [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
16:41:51.0593 0x01cc NtLmSsp - ok
16:41:51.0640 0x01cc [ 023DD70573D644F3D9C8B1258A7BFD08, 9A1D3210ED5FD8BEDF92ED577A9B30E37035408A73EB66A8C950B75AB7539B83 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
16:41:51.0828 0x01cc NtmsSvc - ok
16:41:51.0859 0x01cc [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
16:41:51.0984 0x01cc Null - ok
16:41:52.0031 0x01cc [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
16:41:52.0171 0x01cc NwlnkFlt - ok
16:41:52.0187 0x01cc [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
16:41:52.0312 0x01cc NwlnkFwd - ok
16:41:52.0328 0x01cc [ 46F8DB73B4A53E543F8E371DC7C75BAE, F6C5E7DE4B4AE0ED785DB075BE14EA6A0FC9050C95669B26DEF2B82D7B7D3B2C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
16:41:52.0468 0x01cc Parport - ok
16:41:52.0484 0x01cc [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
16:41:52.0625 0x01cc PartMgr - ok
16:41:52.0656 0x01cc [ 1FAE19D0457176318BBA4A8795656EBC, 5F3D6CABA203A0485D67F63A6A81151724EE200BE49ED095CFCB1EF29C19D19F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
16:41:52.0796 0x01cc ParVdm - ok
16:41:52.0843 0x01cc [ 6CE351D149CB4BEFC702951E471E1730, 758327683BB45F01D5AE550AF21856822B4CF55E17F2A4F452F559088D242B37 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
16:41:52.0984 0x01cc PCI - ok
16:41:52.0984 0x01cc PCIDump - ok
16:41:53.0000 0x01cc [ 2DA4EC85E0EA7A45C6B2A05820492D5A, A8C6BD93D3BC33A5B36EB523997EF9E0783B6E6EAFB6E7F58BCC2629009BDCF9 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
16:41:53.0140 0x01cc PCIIde - ok
16:41:53.0187 0x01cc [ 4FC31E6C19A5CE5198B1ABFF94CAE758, A031E21EC1F15DA5E8429269F435337FA961C3C06D535DAFD448C7355F33FD0C ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
16:41:53.0312 0x01cc Pcmcia - ok
16:41:53.0328 0x01cc PDCOMP - ok
16:41:53.0328 0x01cc PDFRAME - ok
16:41:53.0343 0x01cc PDRELI - ok
16:41:53.0359 0x01cc PDRFRAME - ok
16:41:53.0375 0x01cc perc2 - ok
16:41:53.0375 0x01cc perc2hib - ok
16:41:53.0421 0x01cc [ 9EF697AF07BB8DD82C3B02CA953A95B7, F26033E660B8FF1BDB9E88CDA205CE128C03138AF6BEC05DB3CF2D95C16D86C6 ] PlugPlay C:\WINDOWS\system32\services.exe
16:41:53.0453 0x01cc PlugPlay - ok
16:41:53.0484 0x01cc [ A38B3CE68E7F126190CDE4AA3FDF050F, 12D8F8FC8229BE7B76EF6B62670DDA36187BB3A69FB58FFAFAD75460B15CC76E ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
16:41:53.0562 0x01cc Pml Driver HPZ12 - ok
16:41:53.0578 0x01cc [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
16:41:53.0703 0x01cc PolicyAgent - ok
16:41:53.0718 0x01cc [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
16:41:53.0859 0x01cc PptpMiniport - ok
16:41:53.0906 0x01cc [ 7EB15DCE4EC3A0220BD796A15C18186E, E06C572F3FE4F3377D8AF74E8EF15478E71B4C61F944E48E8C35534BEF086110 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
16:41:54.0031 0x01cc Processor - ok
16:41:54.0046 0x01cc [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
16:41:54.0187 0x01cc ProtectedStorage - ok
16:41:54.0203 0x01cc [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
16:41:54.0343 0x01cc PSched - ok
16:41:54.0359 0x01cc [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
16:41:54.0484 0x01cc Ptilink - ok
16:41:54.0500 0x01cc ql1080 - ok
16:41:54.0500 0x01cc Ql10wnt - ok
16:41:54.0515 0x01cc ql12160 - ok
16:41:54.0515 0x01cc ql1240 - ok
16:41:54.0531 0x01cc ql1280 - ok
16:41:54.0546 0x01cc [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:41:54.0687 0x01cc RasAcd - ok
16:41:54.0718 0x01cc [ 2B5E44EA009F2F374B980E1E9A70635D, 62D8FDB80C8ACBA2C42C12760B785587C43BEDFE015EC5C41B25F2BB735EFEB0 ] RasAuto C:\WINDOWS\System32\rasauto.dll
16:41:54.0875 0x01cc RasAuto - ok
16:41:54.0921 0x01cc [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
16:41:55.0046 0x01cc Rasl2tp - ok
16:41:55.0078 0x01cc [ D57554C664B64604BD1EE13EA2C07E77, B090C05B91EA602BFF9A5E89AB1A0FFDE869611961FF749DA8B3F4D00F04E756 ] RasMan C:\WINDOWS\System32\rasmans.dll
16:41:55.0234 0x01cc RasMan - ok
16:41:55.0250 0x01cc [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:41:55.0375 0x01cc RasPppoe - ok
16:41:55.0390 0x01cc [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
16:41:55.0531 0x01cc Raspti - ok
16:41:55.0562 0x01cc [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:41:55.0703 0x01cc Rdbss - ok
16:41:55.0718 0x01cc [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

morar · #9 Příspěvek od **morar** » 17 čer 2014 15:50

16:41:55.0859 0x01cc RDPCDD - ok
16:41:55.0921 0x01cc [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
16:41:56.0093 0x01cc rdpdr - ok
16:41:56.0140 0x01cc [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
16:41:56.0171 0x01cc RDPWD - ok
16:41:56.0218 0x01cc [ C0D9D9711CB74EE9BC66353D8CBDAB0E, F1AF9A26910707E76BF213D8DE5C902B0088D8A29EBDFF72DE6A4D867E298CC8 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
16:41:56.0375 0x01cc RDSessMgr - ok
16:41:56.0406 0x01cc [ 611BFD220305BE3A85AE876EA47D4AA5, FDF87878EB3886649025E5A12F1C3FC9072D66CCD3217944710085C1F8A4512E ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
16:41:56.0531 0x01cc redbook - ok
16:41:56.0578 0x01cc [ 127C26B5371651043450E52542099ABA, 98AADAD8D5211CB894AA7C59B6299861B1F44B6D8F46AB5837E7D2F5B615B14A ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
16:41:56.0734 0x01cc RemoteAccess - ok
16:41:56.0765 0x01cc [ 8F31505484A190D5B22274708799F4EC, 170FF8193C95CEE73B9342B6FB7D83DF4E80B2CCBB27DF41F4AB5F2FB9AF60E1 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
16:41:56.0906 0x01cc RemoteRegistry - ok
16:41:56.0937 0x01cc [ 718B3BDC0BC3C2F7D065A53D26202AF9, 9E58243628F1E1396AB82A80D046FF50803A230EE07B007E0CA5D744C77B091A ] RpcLocator C:\WINDOWS\system32\locator.exe
16:41:57.0109 0x01cc RpcLocator - ok
16:41:57.0140 0x01cc [ BE27674D1CBC3214AEC84B4336A38BBF, 3DF5F9A9E97595A61314B2731DF4F3D3C19D1B9D2291624A63B8E1861FFC2D76 ] RpcSs C:\WINDOWS\system32\rpcss.dll
16:41:57.0187 0x01cc RpcSs - ok
16:41:57.0218 0x01cc [ 09AB2E71E58B078038E3BFDBA7FFC984, 8CA277DEEF6376B0F48C6BA5DBBC3E8AF2245983BA9AF6AB83D1A920D35FAF93 ] RSVP C:\WINDOWS\system32\rsvp.exe
16:41:57.0375 0x01cc RSVP - ok
16:41:57.0421 0x01cc [ D0EEDC88876B20D42157CDCCA3E647F3, 37DA1053D5DCE42B5A0DF143318BE2BFF196FCA7D65E57B65663501AEF6223D2 ] s1039bus C:\WINDOWS\system32\DRIVERS\s1039bus.sys
16:41:57.0437 0x01cc s1039bus - ok
16:41:57.0468 0x01cc [ 7B35091A7BB597C86262C589B0B57D06, 03EABFF404DCB597CD58405D8496B33C129370DD3041BEAF83AF0820CB157C79 ] s1039mdfl C:\WINDOWS\system32\DRIVERS\s1039mdfl.sys
16:41:57.0484 0x01cc s1039mdfl - ok
16:41:57.0515 0x01cc [ 4CB1AB13C9813CBF3E4C6406F8043EC2, E147955B9F377A0343D0E649FBA5990ED176D5A21ECA03986F08C0E155FC65A1 ] s1039mdm C:\WINDOWS\system32\DRIVERS\s1039mdm.sys
16:41:57.0531 0x01cc s1039mdm - ok
16:41:57.0562 0x01cc [ 2649CA09585A7531126DCC116AD1F88C, 4136543EAF8D4150B36EBC1AEEE37D0142C2CEF8AE1651B74442E472351B92BE ] s1039mgmt C:\WINDOWS\system32\DRIVERS\s1039mgmt.sys
16:41:57.0593 0x01cc s1039mgmt - ok
16:41:57.0625 0x01cc [ 6D3F549EFD6DAEDD7D12F3DE2175053F, 1B9066D8255AA6A05E62EDC4A34FAB69F2649AC389CDC30AFADA4139482843E2 ] s1039nd5 C:\WINDOWS\system32\DRIVERS\s1039nd5.sys
16:41:57.0656 0x01cc s1039nd5 - ok
16:41:57.0671 0x01cc [ 305E3E3ACA0037AF2E2C1B50A383C91B, 2DF07DDA4F1B59A2413DC844CC355C2789F98A2D228845E23ECDC6783DF1C67E ] s1039obex C:\WINDOWS\system32\DRIVERS\s1039obex.sys
16:41:57.0687 0x01cc s1039obex - ok
16:41:57.0718 0x01cc [ 7DD02A58277C84C043442561589914F4, DC7FD909B3121188CF04C6045707D64DB70FCF07AD2B6B0D5BF9805BB5798BBC ] s1039unic C:\WINDOWS\system32\DRIVERS\s1039unic.sys
16:41:57.0734 0x01cc s1039unic - ok
16:41:57.0812 0x01cc [ 5E9378F9893EDE2DB887EA0281FFDFF5, 8C6C019B3BF5309E8007EDB2E20338CC2DD8A619166C8071002CF5262914566E ] S3GIGP C:\WINDOWS\system32\DRIVERS\S3gIGPm.sys
16:41:57.0890 0x01cc S3GIGP - ok
16:41:57.0906 0x01cc [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] SamSs C:\WINDOWS\system32\lsass.exe
16:41:58.0046 0x01cc SamSs - ok
16:41:58.0093 0x01cc [ 419883201CA9AD697CCFB8FC46DD6F78, 477428D8ABFF751016F5077A3FB4C8A25CDA4EBA7CAD8E33C36D5439A995D7F1 ] SbFw C:\WINDOWS\system32\drivers\SbFw.sys
16:41:58.0109 0x01cc SbFw - ok
16:41:58.0125 0x01cc [ F01B8409A11C319E3C5B9DD418676D2C, E068A631CE1DDC0BE18D8B692E2E5D9846EE531C88ED86B5CA417C1F9E45097F ] SBFWIMCL C:\WINDOWS\system32\DRIVERS\sbfwim.sys
16:41:58.0140 0x01cc SBFWIMCL - ok
16:41:58.0171 0x01cc [ 31CA701F26EA66468AD3C3C6498755CE, 100F71E5DCCDCCAB7251432659419C254994DBCB398CD83559071A0CA5442D70 ] sbhips C:\WINDOWS\system32\drivers\sbhips.sys
16:41:58.0187 0x01cc sbhips - ok
16:41:58.0203 0x01cc [ 56C92289535834AA26144B4368932DCB, 47AE8A766662A39004F5AFAD6693B10C60B2B2FDA79C48FC977E97B47B26DA20 ] SbPF.Launcher C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
16:41:58.0234 0x01cc SbPF.Launcher - ok
16:41:58.0265 0x01cc [ 410046E401EB11E1E6749E9DEEA41D4A, 9507268ACD24EF51E994DC418E8EB3E10DEDE61EE892226A22A5DA7662397E25 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
16:41:58.0421 0x01cc SCardSvr - ok
16:41:58.0468 0x01cc [ 3FF232A7731621B8902D81D42418C93C, 2030C9A843D9555170179883BD4CC1E978D5FC5EC0D7FCA56518224E428BE421 ] Schedule C:\WINDOWS\system32\schedsvc.dll
16:41:58.0625 0x01cc Schedule - ok
16:41:58.0656 0x01cc [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
16:41:58.0734 0x01cc Secdrv - ok
16:41:58.0765 0x01cc [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6, 82EEB2345AC19050FAB202DE76C2CDD93E753F5AB67789A86A1726D3040C02E5 ] seclogon C:\WINDOWS\System32\seclogon.dll
16:41:58.0906 0x01cc seclogon - ok
16:41:58.0921 0x01cc [ A530B75C10C23C9AB28FDB6CE719E21F, 14568DF6457758E2F534A46A8E6245C364895C3993BEF2B5A889B98DBB201A27 ] SENS C:\WINDOWS\system32\sens.dll
16:41:59.0062 0x01cc SENS - ok
16:41:59.0093 0x01cc [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
16:41:59.0218 0x01cc serenum - ok
16:41:59.0234 0x01cc [ B842729337C9B921615C40D3C1A1AF96, 503670A56423B996C6ED6AE95F07FB88910767C4A2041A4BE9070C57A016E7FA ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
16:41:59.0390 0x01cc Serial - ok
16:41:59.0421 0x01cc [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
16:41:59.0562 0x01cc Sfloppy - ok
16:41:59.0593 0x01cc [ F58FACA9621D2DB01BD0927D9A0A208E, 239C87E09261BC9D1DBE99DABCFC4787D42289E8769563A5EFB323BE6F177C9A ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
16:41:59.0750 0x01cc SharedAccess - ok
16:41:59.0796 0x01cc [ EE9A2B9EA968A792A053C9D1A86BF870, 39798179F2EA42216CBE98F08ADA3675A87BD0C31A66534367B96CB129AF36BA ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
16:41:59.0828 0x01cc ShellHWDetection - ok
16:41:59.0843 0x01cc Simbad - ok
16:42:00.0093 0x01cc [ 9F712B26EE3B0242DE997A42FD302E2C, 12663EB108F158282A965EE70980627C2F2332BA7944D7DE03B78E18BEB87D26 ] Skype C2C Service C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
16:42:00.0296 0x01cc Skype C2C Service - ok
16:42:00.0359 0x01cc [ F07AF60B152221472FBDB2FECEC4896D, A18FDCE8462A48429E249C44F0E49F844F2E3A4B5215349DE104F34D935EF983 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
16:42:00.0390 0x01cc SkypeUpdate - ok
16:42:00.0390 0x01cc Sparrow - ok
16:42:00.0484 0x01cc [ B3C9D712962DB83C280D0C4AAC8963A8, 520ED76058442A5DE35DBDD03FE48948AB073A71AFDC1ED71A6E2927C085784B ] SPF4 C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
16:42:00.0578 0x01cc SPF4 - ok
16:42:00.0625 0x01cc [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
16:42:00.0765 0x01cc splitter - ok
16:42:00.0796 0x01cc [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
16:42:00.0828 0x01cc Spooler - ok
16:42:00.0890 0x01cc [ CDDDEC541BC3C96F91ECB48759673505, B030FFA02832317AC5626BF1BF8A4A95A5992C9A6E81BC1C002D5F4D667C27FB ] sptd C:\WINDOWS\system32\Drivers\sptd.sys
16:42:00.0906 0x01cc Suspicious file ( NoAccess ): C:\WINDOWS\system32\Drivers\sptd.sys. md5: CDDDEC541BC3C96F91ECB48759673505, sha256: B030FFA02832317AC5626BF1BF8A4A95A5992C9A6E81BC1C002D5F4D667C27FB
16:42:00.0906 0x01cc sptd - detected LockedFile.Multi.Generic ( 1 )
16:42:00.0906 0x01cc Detect skipped due to KSN trusted
16:42:00.0906 0x01cc sptd - ok
16:42:00.0953 0x01cc [ 94610C8653635E4459316A0050D55CE7, D148D33B3D2B0757060531C526F2161504A8D7C4E5957D092C7EBDB007271339 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
16:42:01.0046 0x01cc sr - ok
16:42:01.0078 0x01cc [ 35B91147124F64AC8081A2EDB9EA4DEE, 1609D19156DAC6EE3C2D2350B062966B64D9CDC289E9B8FEB6D244AAEBE90BBF ] srservice C:\WINDOWS\system32\srsvc.dll
16:42:01.0187 0x01cc srservice - ok
16:42:01.0234 0x01cc [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
16:42:01.0281 0x01cc Srv - ok
16:42:01.0312 0x01cc [ BECD5271DC4E3B7C3D035F790FCBC1E5, D63B9DB81332553C963EC5057D241CE2287AF652387333C1FD79AF8C9B5F2BA7 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
16:42:01.0406 0x01cc SSDPSRV - ok
16:42:01.0437 0x01cc [ F92254B0BCFCD10CAAC7BCCC7CB7F467, A44B569F658BED53502C9155947759EE67FABEE306DA2A9ABE87141F99B251A3 ] StarOpen C:\WINDOWS\system32\drivers\StarOpen.sys
16:42:01.0453 0x01cc StarOpen - detected UnsignedFile.Multi.Generic ( 1 )
16:42:01.0453 0x01cc Detect skipped due to KSN trusted
16:42:01.0453 0x01cc StarOpen - ok
16:42:01.0500 0x01cc [ C1CDD9275F6A115BB0AE1D55D8D27BA6, CD0511FD7F6AD832CBEB931C605AB3AD217631C57399CB8033248D27619541E4 ] stisvc C:\WINDOWS\system32\wiaservc.dll
16:42:01.0671 0x01cc stisvc - ok
16:42:01.0921 0x01cc [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
16:42:02.0046 0x01cc swenum - ok
16:42:02.0078 0x01cc [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
16:42:02.0203 0x01cc swmidi - ok
16:42:02.0218 0x01cc SwPrv - ok
16:42:02.0218 0x01cc symc810 - ok
16:42:02.0234 0x01cc symc8xx - ok
16:42:02.0234 0x01cc sym_hi - ok
16:42:02.0250 0x01cc sym_u3 - ok
16:42:02.0265 0x01cc [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
16:42:02.0421 0x01cc sysaudio - ok
16:42:02.0453 0x01cc [ CE06F01B88ACE199A1BF460CAC29C110, 3CD89E5B8E53203287D889C107E4795225742DB6C6ACA2DC0611BD9728382A27 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
16:42:02.0593 0x01cc SysmonLog - ok
16:42:02.0640 0x01cc [ C2546CD7A398476F9DF5614B2AE160E8, 11C8435BA983553E9C0806494E9B3C7080515C0375B0604F029D89B50726161A ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
16:42:02.0796 0x01cc TapiSrv - ok
16:42:02.0843 0x01cc [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
16:42:02.0890 0x01cc Tcpip - ok
16:42:02.0953 0x01cc [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
16:42:03.0109 0x01cc TDPIPE - ok
16:42:03.0234 0x01cc [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
16:42:03.0375 0x01cc TDTCP - ok
16:42:03.0406 0x01cc [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
16:42:03.0546 0x01cc TermDD - ok
16:42:03.0593 0x01cc [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E, 3D2B1D899061448EAD993CDE97D1EF50DD64728E9F44D80FEAE591198A937653 ] TermService C:\WINDOWS\System32\termsrv.dll
16:42:03.0750 0x01cc TermService - ok
16:42:03.0781 0x01cc [ EE9A2B9EA968A792A053C9D1A86BF870, 39798179F2EA42216CBE98F08ADA3675A87BD0C31A66534367B96CB129AF36BA ] Themes C:\WINDOWS\System32\shsvcs.dll
16:42:03.0812 0x01cc Themes - ok
16:42:03.0843 0x01cc [ CD0CC7B167D78043A41C98D4921EFB54, 31AAB5D6D6BA52EBDDE1B5DEB8F9B4D9597FFBA4485F959C846F635060CCB5C0 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
16:42:03.0953 0x01cc TlntSvr - ok
16:42:03.0953 0x01cc TosIde - ok
16:42:03.0984 0x01cc [ 38853304CCB938D30E0C4CDE8D2C2A8A, 966E7BCC9F63A1A7777F8A12E51C2A91EC688CE96109943ADC4CB4EB58DC34A6 ] TrkWks C:\WINDOWS\system32\trkwks.dll
16:42:04.0125 0x01cc TrkWks - ok
16:42:04.0187 0x01cc [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
16:42:04.0328 0x01cc Udfs - ok
16:42:04.0343 0x01cc ultra - ok
16:42:04.0390 0x01cc [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
16:42:04.0531 0x01cc Update - ok
16:42:04.0578 0x01cc [ 651BD90DCEE5B7BDC74A2EB7C9266F9E, AF7662BCA0819F82CE5EE0863E47149CC127DE664CB3DC6359B63FBD71DB54F8 ] upnphost C:\WINDOWS\System32\upnphost.dll
16:42:04.0671 0x01cc upnphost - ok
16:42:04.0687 0x01cc [ 20A0F6A11959E92908717D09E87D670D, 3DD6C99AB0F70FAA43DF470B30078B8A51B8AF735CD5C50DBB195FEA70F4C36E ] UPS C:\WINDOWS\System32\ups.exe
16:42:04.0843 0x01cc UPS - ok
16:42:04.0875 0x01cc [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
16:42:04.0890 0x01cc usbccgp - ok
16:42:04.0921 0x01cc [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
16:42:04.0937 0x01cc usbehci - ok
16:42:04.0968 0x01cc [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
16:42:05.0109 0x01cc usbhub - ok
16:42:05.0140 0x01cc [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
16:42:05.0281 0x01cc usbprint - ok
16:42:05.0312 0x01cc [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
16:42:05.0328 0x01cc usbscan - ok
16:42:05.0375 0x01cc [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
16:42:05.0531 0x01cc USBSTOR - ok
16:42:05.0562 0x01cc [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
16:42:05.0718 0x01cc usbuhci - ok
16:42:05.0734 0x01cc [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
16:42:05.0890 0x01cc VgaSave - ok
16:42:05.0921 0x01cc [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E, FC7FFD53FCC0F81587EFF26A43C141D25C43DBC68311520CE2BCDD739CA58CA9 ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
16:42:06.0062 0x01cc ViaIde - ok
16:42:06.0078 0x01cc [ F95C0FCFBCBDA6D8F202D2DF4052F88D, 976FC7EE44C588648D373B900647D861C3F8D4394A9BE9CCD6277678D950D23E ] videX32 C:\WINDOWS\system32\DRIVERS\videX32.sys
16:42:06.0125 0x01cc videX32 - ok
16:42:06.0140 0x01cc [ 28A4B296B47782173C346E376CB374D1, FE799FE4A41752A2B47027EA88214BF3E39B317302939F4A2D0F2A4EFAAC2F13 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
16:42:06.0265 0x01cc VolSnap - ok
16:42:06.0312 0x01cc [ D6BA1A63D9E00933F1CD2A885573AFB2, 36311A060635CEC1DBB6D8A746B8A4D007706EAE97D51A5E12F9958AB16BE486 ] VSS C:\WINDOWS\System32\vssvc.exe
16:42:06.0421 0x01cc VSS - ok
16:42:06.0468 0x01cc [ FA4E1CDBA256787F2149F4AAD07BC91F, 1B5FC5248335D70094D04501AA2C30F54782B58FF8D573BE8E784A21529C7CAF ] W32Time C:\WINDOWS\system32\w32time.dll
16:42:06.0625 0x01cc W32Time - ok
16:42:06.0656 0x01cc [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:42:06.0781 0x01cc Wanarp - ok
16:42:06.0796 0x01cc WDICA - ok
16:42:06.0828 0x01cc [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
16:42:06.0968 0x01cc wdmaud - ok
16:42:07.0000 0x01cc [ 47AE51048A82DFA1CD6B51D369F7E169, 742F2162B8BDE00D83715093EA9743338964597ED22648B9F4F139D7278235A4 ] WebClient C:\WINDOWS\System32\webclnt.dll
16:42:07.0140 0x01cc WebClient - ok
16:42:07.0203 0x01cc [ E488332126E3B1182D2B8A0C35408EC6, F9F60911DF0A539753B2BEF6FAD2D0AED1BC1C3F43509F79D9AF2F810CDE5D9B ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
16:42:07.0359 0x01cc winmgmt - ok
16:42:07.0406 0x01cc [ 6199B2AE3F9DB9CB6DB230471A1DC601, E66C788C3E46AAC2ABB76F6E55E912EB28CF3D4C3D74FE6E85A6FABB7F22A5C9 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
16:42:07.0546 0x01cc WmdmPmSN - ok
16:42:07.0593 0x01cc [ 0171CFF34BBA8C5977F18C48D8AEF8C6, 0E3E04220157CCFB92F8D029805EB56D101C2A3AB3375354537FA9B5B3CAA0AD ] Wmi C:\WINDOWS\System32\advapi32.dll
16:42:07.0656 0x01cc Wmi - ok
16:42:07.0703 0x01cc [ 23F6F03272F7E5679F1F050AED5ACEE6, 87EBE773F3E8FFE2F1E1DB435BB0E8852031AA88112EB791085AD3DA918B49CC ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
16:42:07.0843 0x01cc WmiApSrv - ok
16:42:07.0906 0x01cc [ 4C86D5FAF78194995AF9CC1075F65DD3, D3B23BB0971E0DBC0A51720067489C224323B603178E91149BF56F779DE352F0 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
16:42:08.0046 0x01cc wscsvc - ok
16:42:08.0078 0x01cc [ C1364564800EE9784192145324A23308, 5345BAE00364233594C9CF99CE2CC485E65B5D4FFBB81C86B2950EDA2427584C ] wuauserv C:\WINDOWS\system32\wuauserv.dll
16:42:08.0234 0x01cc wuauserv - ok
16:42:08.0296 0x01cc [ A27D4BA7264C0BF52F32D10405BEA1D4, 5F28607CCAB15FB601BEB35FF0B1A5CD27C678C6D1CA724E842C33EED4579B8C ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
16:42:08.0500 0x01cc WZCSVC - ok
16:42:08.0546 0x01cc [ BEC604CDC548A528EBD3D7AA1DD46A89, 4FE57CB4E18D36EED615AD23138F80FA2E4BD10A1C699DC938CD15C06851409E ] xfilt C:\WINDOWS\system32\DRIVERS\xfilt.sys
16:42:08.0578 0x01cc xfilt - ok
16:42:08.0625 0x01cc [ EAA4BB9EDB3FB10CF8979FE65E63658F, B80EB477100FD3E26513360E09DB6EBF0C8D8B0618F1F4BF1F387ABA6DEC9B64 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
16:42:08.0765 0x01cc xmlprov - ok
16:42:08.0781 0x01cc ================ Scan global ===============================
16:42:08.0812 0x01cc [ F36278E42C8C5DF03CE17DAC8231C91C, D012A3C8F394DF4F0BF5D5A4C10E73BBF427762B7D3DB6CF5FAB96536E082B7A ] C:\WINDOWS\system32\basesrv.dll
16:42:08.0859 0x01cc [ 4C0AA4ABC4E21672B55D8A700AF2B2A6, FAC6B8E2698D0EB12A0ACE62EA398AD05AB6AC5C39740A1E8BDAAF0BFDD5B4A3 ] C:\WINDOWS\system32\winsrv.dll
16:42:08.0906 0x01cc [ 4C0AA4ABC4E21672B55D8A700AF2B2A6, FAC6B8E2698D0EB12A0ACE62EA398AD05AB6AC5C39740A1E8BDAAF0BFDD5B4A3 ] C:\WINDOWS\system32\winsrv.dll
16:42:08.0937 0x01cc [ 9EF697AF07BB8DD82C3B02CA953A95B7, F26033E660B8FF1BDB9E88CDA205CE128C03138AF6BEC05DB3CF2D95C16D86C6 ] C:\WINDOWS\system32\services.exe
16:42:08.0953 0x01cc [ Global ] - ok
16:42:08.0953 0x01cc ================ Scan MBR ==================================
16:42:08.0968 0x01cc [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
16:42:09.0218 0x01cc \Device\Harddisk0\DR0 - ok
16:42:09.0218 0x01cc ================ Scan VBR ==================================
16:42:09.0218 0x01cc [ 933C4D4862529334C95EB8DE88F61BE6 ] \Device\Harddisk0\DR0\Partition1
16:42:09.0218 0x01cc \Device\Harddisk0\DR0\Partition1 - ok
16:42:09.0218 0x01cc ================ Scan generic autorun ======================
16:42:09.0250 0x01cc [ AB973644B5CD45173915715782BBA273, D1E64F5E759F656CB23E18FB3137055551D581F33BE9414C1FFC9A9699F30C56 ] C:\WINDOWS\system32\VTTimer.exe
16:42:09.0296 0x01cc VTTimer - ok
16:42:09.0328 0x01cc [ EEE8C0A6D63252BD6EF829C9B06BFCC5, EC16E8003538DB6686481D9A30299B125B1CF51358A38EF1669A127F4EEE8BC6 ] C:\WINDOWS\system32\S3trayp.exe
16:42:09.0375 0x01cc S3Trayp - ok
16:42:10.0265 0x01cc [ D8E53BEFD52A3CC726F7738EA676AF06, 9197A56A11EDF96F6AB12299B415295A5EEC6A91281D725E9905B6D8B1F552A8 ] C:\WINDOWS\RTHDCPL.EXE
16:42:11.0312 0x01cc RTHDCPL - ok
16:42:11.0453 0x01cc [ FEDB6110D3E0A7EFE6996F93CD8C48E7, 719F6B648AE9841B03C8FB9FC9D0CB1233FDD3030FBD3C420C3E8CEB59A12214 ] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe
16:42:11.0500 0x01cc CanonSolutionMenu - ok
16:42:11.0609 0x01cc [ 2F0F0E6AA6F5874E13E792996077138B, 9D12D4D61139436E3BFDC74577195A1D2C62B8D2C30034093197452287E22C15 ] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
16:42:11.0703 0x01cc CanonMyPrinter - ok
16:42:11.0750 0x01cc [ 846965AE55A2662B1576C0F392DD1D6E, 0ADE383991FDC5A49DD15A27CB52CF75ABF518F0335E92003C0FF75DB417BBDC ] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe
16:42:11.0765 0x01cc SSBkgdUpdate - ok
16:42:11.0812 0x01cc [ F8D427DAE2984A4968E2D1CB53634784, 02DDE830F40C48321C0AB384D2505F3AD1AD84FAF17AB411A2FE7DE3409DC0E5 ] C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
16:42:11.0828 0x01cc OpwareSE4 - ok
16:42:12.0031 0x01cc [ 5CA0EB9538C6ACEBDC3593FC53527B9D, 35AC60899254C7414FF42BCDA4165FB58F6369BD5EDCAC24EBB1B5A095664CAC ] C:\Program Files\Alwil Software\Avast5\AvastUI.exe
16:42:12.0265 0x01cc AvastUI.exe - ok
16:42:12.0328 0x01cc [ A756B8F0F7BAFBA6DFE39F7D169F2519, 5338DE8FCA5182A919AAADFA5D130BB93069E3675B834D96CFF68C32433B3BDE ] C:\WINDOWS\system32\CTFMON.EXE
16:42:12.0468 0x01cc CTFMON.EXE - ok
16:42:12.0468 0x01cc [ A756B8F0F7BAFBA6DFE39F7D169F2519, 5338DE8FCA5182A919AAADFA5D130BB93069E3675B834D96CFF68C32433B3BDE ] C:\WINDOWS\system32\CTFMON.EXE
16:42:12.0593 0x01cc CTFMON.EXE - ok
16:42:12.0609 0x01cc [ A756B8F0F7BAFBA6DFE39F7D169F2519, 5338DE8FCA5182A919AAADFA5D130BB93069E3675B834D96CFF68C32433B3BDE ] C:\WINDOWS\system32\CTFMON.EXE
16:42:12.0750 0x01cc CTFMON.EXE - ok
16:42:12.0750 0x01cc [ A756B8F0F7BAFBA6DFE39F7D169F2519, 5338DE8FCA5182A919AAADFA5D130BB93069E3675B834D96CFF68C32433B3BDE ] C:\WINDOWS\system32\ctfmon.exe
16:42:12.0890 0x01cc CTFMON.EXE - ok
16:42:12.0968 0x01cc [ 7DFCCC67990B6DE7F30F553A4E4612A4, 9FF98D6FD2539CEFC9F42103A7F72388BED6EE590400559B92BC7430228DA36A ] C:\Program Files\RocketDock\RocketDock.exe
16:42:13.0015 0x01cc RocketDock - detected UnsignedFile.Multi.Generic ( 1 )
16:42:13.0015 0x01cc Detect skipped due to KSN trusted
16:42:13.0015 0x01cc RocketDock - ok
16:42:13.0828 0x01cc [ CBEC06E32D0AC9C3D0A9199EDC1FB959, 9D7F9A372096EAE6B401653207ADDC08EC275065250EEFA235F580FB45D73E19 ] C:\Program Files\Skype\Phone\Skype.exe
16:42:14.0859 0x01cc Skype - ok
16:42:14.0921 0x01cc AV detected via SS1: avast! Antivirus, 5.0.150996962, enabled, updated
16:42:14.0921 0x01cc FW detected via SS1: Sunbelt Personal Firewall, 4.6.1861 T, disabled
16:42:14.0921 0x01cc Win FW state via NFM: disabled
16:42:17.0312 0x01cc ============================================================
16:42:17.0312 0x01cc Scan finished
16:42:17.0312 0x01cc ============================================================
16:42:17.0312 0x07a0 Detected object count: 0
16:42:17.0312 0x07a0 Actual detected object count: 0

#10 Příspěvek od **vyosek** » 17 čer 2014 16:14

Avast stale neco hlasi??

morar · #11 Příspěvek od **morar** » 17 čer 2014 16:33

Avast nic nehlásí.

#12 Příspěvek od **vyosek** » 17 čer 2014 16:34

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

morar · #13 Příspěvek od **morar** » 17 čer 2014 17:43

Děkuji za vstřícnost a rychlou pomoc.
PC je podstatně rychlejší.

#14 Příspěvek od **vyosek** » 17 čer 2014 17:47

Nemate zac, rad jsem pomohl

Zase nekdy Obrázek

A na zaklade Pravidla o zamykani temat

VIRY.CZ

Win 32: Rootkit-gen

Win 32: Rootkit-gen

Re: Win 32: Rootkit-gen

Re: Win 32: Rootkit-gen

Re: Win 32: Rootkit-gen

Re: Win 32: Rootkit-gen

Re: Win 32: Rootkit-gen

Re: Win 32: Rootkit-gen

Re: Win 32: Rootkit-gen

Re: Win 32: Rootkit-gen

Re: Win 32: Rootkit-gen

Re: Win 32: Rootkit-gen

Re: Win 32: Rootkit-gen

Re: Win 32: Rootkit-gen

Re: Win 32: Rootkit-gen