Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Počítač hlásí hrozbu

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Počítač hlásí hrozbu

#16 Příspěvek od Márty84 »

Urcite mate ten textovy dokument spravne pojmenovany? Musi se jmenovat CFScript
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
eileen75
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 29 srp 2014 22:36

Re: Počítač hlásí hrozbu

#17 Příspěvek od eileen75 »

Omlouvám se, nepojmenovala jsem ho, už jsem tak učinila. Zde je log:

ComboFix 14-08-29.03 - Lenka Bürgerová 30.08.2014 16:33:33.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2039.1126 [GMT 2:00]
Spuštěný z: C:\ComboFix.exe
Použité ovládací přepínače :: C:\CFScript.txt
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
FILE ::
"c:\documents and settings\All Users\Data aplikací\Microsoft\Crypto\RSA64\CryptoProvider.dll"
"c:\documents and settings\All Users\Data aplikací\Microsoft\Crypto\RSA64\rsa64.dll"
"c:\documents and settings\Lenka Bürgerová\Local Settings\Data aplikací\Obics\jhhlamhwpy.dll"
"c:\documents and settings\Lenka Bürgerová\Local Settings\Data aplikací\Odics\tmp4.exe"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Data aplikací\Microsoft\Crypto\RSA64\CryptoProvider.dll
c:\documents and settings\All Users\Data aplikací\Microsoft\Crypto\RSA64\rsa64.dll
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SKYPEUPDATE
-------\Legacy_SKYPE_C2C_SERVICE
-------\Service_Skype C2C Service
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-07-28 do 2014-08-30 )))))))))))))))))))))))))))))))
.
.
2014-08-30 14:41 . 2014-08-30 14:41 62576 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{972D3EFE-7ED8-4702-B795-E30D0AC2F550}\offreg.dll
2014-08-30 14:41 . 2014-08-30 14:41 39464 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{972D3EFE-7ED8-4702-B795-E30D0AC2F550}\MpKslad120e49.sys
2014-08-30 12:08 . 2014-08-30 12:08 39464 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{972D3EFE-7ED8-4702-B795-E30D0AC2F550}\MpKsl9e72c2a9.sys
2014-08-30 07:17 . 2014-08-30 08:45 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2014-08-29 21:58 . 2010-08-30 06:34 536576 ----a-w- c:\windows\system32\sqlite3.dll
2014-08-29 21:57 . 2014-08-29 22:13 -------- d-----w- C:\AdwCleaner
2014-08-29 21:26 . 2014-08-29 21:26 -------- d-----w- C:\rsit
2014-08-29 21:26 . 2014-08-29 21:26 -------- d-----w- c:\program files\trend micro
2014-08-29 20:51 . 2014-08-21 02:44 8581864 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{972D3EFE-7ED8-4702-B795-E30D0AC2F550}\mpengine.dll
2014-08-29 20:47 . 2014-08-29 20:47 -------- d-----w- c:\documents and settings\Lenka Bürgerová\Local Settings\Data aplikací\Obics
2014-08-29 20:47 . 2014-08-29 20:47 -------- d-----w- c:\documents and settings\Lenka Bürgerová\Local Settings\Data aplikací\Odics
2014-08-28 10:15 . 2014-08-21 02:44 8581864 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-08-05 17:20 . 2014-08-05 17:20 227728 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2014-08-05 17:20 . 2014-08-05 17:20 227728 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-09 10:31 . 2012-04-10 05:40 699056 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-07-09 10:31 . 2011-05-13 06:26 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Počítač hlásí hrozbu

#18 Příspěvek od Márty84 »

Bohuzel log neni cely, takze nevim, jestli probehlo vse jak melo. Ale nevadi, zkusime to jeste jinak.



:arrow: Postupujte podle navodu kolegy
vyosek píše: :arrow: Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe
  • Kliknete na volbu Change parametrs
  • V okne Additional Option zakliknete vsechny moznosti
  • Kliknete na OK
  • Utilite prikazte, at skenuje - klik na Start Scan
  • Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip
  • Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip
  • Pokud mate vsude Skip, kliknete na Continue
  • Na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt bude log - jeho obsah sem vlozte

:arrow: Postupujte podle navodu kolegy
vyosek píše: :arrow: Stahnete Malwarebytes Anti-Rootkit http://www.bleepingcomputer.com/downloa ... i-rootkit/
  • Ulozte nejlepe na Plochu a rozbalte
  • Spustte kliknutim na mbar
  • Nyni postupne kliknete na Next a Update
  • Po dokonceni update (aktualizace) databaze kliknete opet na Next
  • Nechte zaskrtnute vsechny tri moznosti a klinete na Scan cimz spustite prohledavani PC
  • Po dokonceni skenu (cca 5 minutek) zkontrolujte, zda-li je u vsech nalezu (samozrejme pokud budou) zatrzitko
  • Tez zkontrolujte, jetsli je zatrzitko u Create Restore point
  • Nyni kliknete na CleanUp cimz nalezenou infekci odstranime
  • PC bude restartovan
  • Slozka mbar by mela obsahovat log (a zrejme se i sam otevre) mbar-log-rok-mesic-den (hodina-minuta-sekunda).txt, ten mi sem dejte
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
eileen75
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 29 srp 2014 22:36

Re: Počítač hlásí hrozbu

#19 Příspěvek od eileen75 »

Ještě jsem zkusila otevřít ten blok až teď v disku C a zdá se mi delší, než to, co jsem zkopírovala hned po dokončení, třeba to bude stačit.

ComboFix 14-08-29.03 - Lenka Bürgerová 30.08.2014 16:33:33.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2039.1126 [GMT 2:00]
Spuštěný z: C:\ComboFix.exe
Použité ovládací přepínače :: C:\CFScript.txt
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
FILE ::
"c:\documents and settings\All Users\Data aplikací\Microsoft\Crypto\RSA64\CryptoProvider.dll"
"c:\documents and settings\All Users\Data aplikací\Microsoft\Crypto\RSA64\rsa64.dll"
"c:\documents and settings\Lenka Bürgerová\Local Settings\Data aplikací\Obics\jhhlamhwpy.dll"
"c:\documents and settings\Lenka Bürgerová\Local Settings\Data aplikací\Odics\tmp4.exe"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Data aplikací\Microsoft\Crypto\RSA64\CryptoProvider.dll
c:\documents and settings\All Users\Data aplikací\Microsoft\Crypto\RSA64\rsa64.dll
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SKYPEUPDATE
-------\Legacy_SKYPE_C2C_SERVICE
-------\Service_Skype C2C Service
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-07-28 do 2014-08-30 )))))))))))))))))))))))))))))))
.
.
2014-08-30 14:41 . 2014-08-30 14:41 62576 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{972D3EFE-7ED8-4702-B795-E30D0AC2F550}\offreg.dll
2014-08-30 14:41 . 2014-08-30 14:41 39464 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{972D3EFE-7ED8-4702-B795-E30D0AC2F550}\MpKslad120e49.sys
2014-08-30 12:08 . 2014-08-30 12:08 39464 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{972D3EFE-7ED8-4702-B795-E30D0AC2F550}\MpKsl9e72c2a9.sys
2014-08-30 07:17 . 2014-08-30 08:45 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2014-08-29 21:58 . 2010-08-30 06:34 536576 ----a-w- c:\windows\system32\sqlite3.dll
2014-08-29 21:57 . 2014-08-29 22:13 -------- d-----w- C:\AdwCleaner
2014-08-29 21:26 . 2014-08-29 21:26 -------- d-----w- C:\rsit
2014-08-29 21:26 . 2014-08-29 21:26 -------- d-----w- c:\program files\trend micro
2014-08-29 20:51 . 2014-08-21 02:44 8581864 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{972D3EFE-7ED8-4702-B795-E30D0AC2F550}\mpengine.dll
2014-08-29 20:47 . 2014-08-29 20:47 -------- d-----w- c:\documents and settings\Lenka Bürgerová\Local Settings\Data aplikací\Obics
2014-08-29 20:47 . 2014-08-29 20:47 -------- d-----w- c:\documents and settings\Lenka Bürgerová\Local Settings\Data aplikací\Odics
2014-08-28 10:15 . 2014-08-21 02:44 8581864 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-08-05 17:20 . 2014-08-05 17:20 227728 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2014-08-05 17:20 . 2014-08-05 17:20 227728 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-09 10:31 . 2012-04-10 05:40 699056 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-07-09 10:31 . 2011-05-13 06:26 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Vid"="c:\program files\Logitech\Logitech Vid\vid.exe" [2009-07-16 5458704]
"ISUSPM"="c:\documents and settings\All Users\Data aplikací\FLEXnet\Connect\11\ISUSPM.exe" [2009-05-05 222496]
"Hobbyist Software VLC Streamer"="c:\program files\Hobbyist Software\VLC Streamer\VLC Streamer Configuration.exe" [2013-10-23 1608008]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="c:\windows\JM\JMInsIDE.exe" [2006-10-30 36864]
"36X Raid Configurer"="c:\windows\system32\JMRaidSetup.exe" [2007-02-06 1953792]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2009-11-09 180224]
"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-13 59720]
"IndexSearch"="c:\program files\Nuance\PaperPort\IndexSearch.exe" [2010-03-08 46368]
"PaperPort PTD"="c:\program files\Nuance\PaperPort\pptd40nt.exe" [2010-03-08 29984]
"PDFHook"="c:\program files\Nuance\PDF Viewer Plus\pdfpro5hook.exe" [2010-03-05 636192]
"PDF5 Registry Controller"="c:\program files\Nuance\PDF Viewer Plus\RegistryController.exe" [2010-03-05 62752]
"ControlCenter4"="c:\program files\ControlCenter4\BrCcBoot.exe" [2011-04-20 139264]
"BrStsMon00"="c:\program files\Browny02\Brother\BrStMonW.exe" [2010-06-10 2621440]
"RTHDCPL"="RTHDCPL.EXE" [2012-06-06 20065936]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-12-12 143360]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-12-12 172032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-12-12 143360]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-10-01 152392]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-03-11 951576]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Lenka Bürgerová\Nabídka Start\Programy\Po spuštění\
Landi 11.lnk - c:\program files\landi 11\Landi11.exe -tray [2010-10-27 2691072]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe -startup [2010-2-10 67128]
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"Run"= "c:\documents and settings\Lenka Bürgerová\Data aplikací\Microsoft\Windows\IEUpdate\igfxcfg.exe"
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ \0
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"PPort12reminder"="c:\program files\Nuance\PaperPort\Ereg\Ereg.exe" -r "c:\documents and settings\All Users\Data aplikací\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\BitLord\\BitLord.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\Microsoft Games\\Age of Empires III\\age3y.exe"=
"c:\\Program Files\\Microsoft Games\\Age of Empires III\\age3x.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Hobbyist Software\\VLC Streamer\\VLC Streamer Configuration.exe"=
"c:\\Program Files\\Hobbyist Software\\VLC Streamer\\mdnsresponder.exe"=
"c:\\Program Files\\Farming Simulator 2013\\FarmingSimulator2013.exe"=
"c:\\Program Files\\Farming Simulator 2013\\FarmingSimulator2013Game.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Program Files\\Logitech\\Logitech Vid\\Vid.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R1 MpKslad120e49;MpKslad120e49;c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{972D3EFE-7ED8-4702-B795-E30D0AC2F550}\MpKslad120e49.sys [30.8.2014 16:41 39464]
R2 PDFProFiltSrvPP;PDFProFiltSrvPP;c:\program files\Nuance\PaperPort\PDFProFiltSrvPP.exe [9.3.2010 0:40 144672]
R3 BrYNSvc;BrYNSvc;c:\program files\Browny02\BrYNSvc.exe [4.10.2012 20:37 245760]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [8.1.2013 17:27 242240]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [9.2.2010 23:08 47360]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [22.2.2013 14:58 1691480]
S3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [2.6.2011 11:08 11336]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MPKSLAD120E49
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-08-19 16:24 1104200 ----a-w- c:\program files\Google\Chrome\Application\36.0.1985.143\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-08-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-10 10:31]
.
2014-06-02 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 16:57]
.
2014-08-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-11 15:35]
.
2014-08-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-11 15:35]
.
2014-08-30 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job
- c:\program files\Microsoft Security Client\MpCmdRun.exe [2014-03-11 08:13]
.
2014-08-19 c:\windows\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
- c:\windows\system32\xp_eos.exe [2014-03-17 23:28]
.
2014-08-30 c:\windows\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
- c:\windows\system32\xp_eos.exe [2014-03-17 23:28]
.
2014-08-30 c:\windows\Tasks\User_Feed_Synchronization-{81C1A018-D518-49F5-9CBE-C0A994422D38}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 03:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
mStart Page = hxxp://www.superhry.cz/plne-hry
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Otevřít programem PDF Viewer Plus - c:\program files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
TCP: DhcpNameServer = 10.0.0.138
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
Handler: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - c:\program files\CentrumczToolbar\IEToolbar.dll
FF - ProfilePath - c:\documents and settings\Lenka Bürgerová\Data aplikací\Mozilla\Firefox\Profiles\vk00x3m2.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - ExtSQL: !HIDDEN! 1970-05-29 10:11; {EFEB7D4A-2DCE-E877-2064-67B4E7A43A58}; -
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-08-30 16:41
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1757981266-343818398-682003330-1004\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(1224)
c:\windows\TEMP\logishrd\LVPrcInj01.dll
c:\windows\system32\webcheck.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\igfxsrvc.exe
c:\program files\ControlCenter4\BrCtrlCntr.exe
c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe
c:\program files\ControlCenter4\BrCcUxSys.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
c:\program files\Internet Explorer\iexplore.exe
.
**************************************************************************
.
Celkový čas: 2014-08-30 16:46:51 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-08-30 14:46
ComboFix2.txt 2014-08-30 12:16
.
Před spuštěním: Volných bajtů: 42 739 453 952
Po spuštění: Volných bajtů: 42 644 738 048
.
- - End Of File - - A6654EE0EBFF0683935093D61EFF61FF
413FC2A0C716421B3158746D63736515
Nahoru
eileen75
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 29 srp 2014 22:36

Re: Počítač hlásí hrozbu

#20 Příspěvek od eileen75 »

Ještě tedy posílám log z TDSSKillera:

23:54:53.0656 0x0c94 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
23:54:58.0625 0x0c94 ============================================================
23:54:58.0625 0x0c94 Current date / time: 2014/08/30 23:54:58.0625
23:54:58.0625 0x0c94 SystemInfo:
23:54:58.0625 0x0c94
23:54:58.0625 0x0c94 OS Version: 5.1.2600 ServicePack: 3.0
23:54:58.0625 0x0c94 Product type: Workstation
23:54:58.0625 0x0c94 ComputerName: BURGEROVI
23:54:58.0625 0x0c94 UserName: Lenka Bürgerová
23:54:58.0625 0x0c94 Windows directory: C:\WINDOWS
23:54:58.0625 0x0c94 System windows directory: C:\WINDOWS
23:54:58.0625 0x0c94 Processor architecture: Intel x86
23:54:58.0625 0x0c94 Number of processors: 2
23:54:58.0625 0x0c94 Page size: 0x1000
23:54:58.0625 0x0c94 Boot type: Normal boot
23:54:58.0625 0x0c94 ============================================================
23:55:02.0062 0x0c94 KLMD registered as C:\WINDOWS\system32\drivers\18943771.sys
23:55:02.0281 0x0c94 System UUID: {C6862F8A-B264-4EBC-D5C1-50ED4E675FDD}
23:55:03.0000 0x0c94 Drive \Device\Harddisk0\DR0 - Size: 0x4A85C4DE00 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
23:55:03.0015 0x0c94 ============================================================
23:55:03.0015 0x0c94 \Device\Harddisk0\DR0:
23:55:03.0015 0x0c94 MBR partitions:
23:55:03.0015 0x0c94 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x254297C1
23:55:03.0015 0x0c94 ============================================================
23:55:03.0031 0x0c94 C: <-> \Device\Harddisk0\DR0\Partition1
23:55:03.0031 0x0c94 ============================================================
23:55:03.0031 0x0c94 Initialize success
23:55:03.0031 0x0c94 ============================================================
23:56:13.0031 0x0cfc ============================================================
23:56:13.0031 0x0cfc Scan started
23:56:13.0031 0x0cfc Mode: Manual; SigCheck; TDLFS;
23:56:13.0031 0x0cfc ============================================================
23:56:13.0031 0x0cfc KSN ping started
23:56:15.0484 0x0cfc KSN ping finished: true
23:56:16.0171 0x0cfc ================ Scan system memory ========================
23:56:16.0171 0x0cfc System memory - ok
23:56:16.0171 0x0cfc ================ Scan services =============================
23:56:16.0250 0x0cfc Abiosdsk - ok
23:56:16.0250 0x0cfc abp480n5 - ok
23:56:16.0296 0x0cfc [ 4FE34F1F3126B61FCC6B2043AA8112C9, DE370865E47A5D2A4B227EEFFB42384F67F08D622BF936A9C9CEF70CC47F324B ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
23:56:17.0203 0x0cfc ACPI - ok
23:56:17.0281 0x0cfc [ AFDFF022A01F0B11C776F0860C3B282F, 135E5257B62D921B76271014301E9EA1E2383D5DBB04E475DC3A7EFFD2561F56 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
23:56:17.0375 0x0cfc ACPIEC - ok
23:56:17.0453 0x0cfc [ A6B6AB9502B63F43A9A56AE6AFB22078, DD1F0BA3D8F3333F52A71EAE3719A001F6EF844D647FFABF0E4C56C6C764ACA7 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
23:56:17.0484 0x0cfc AdobeFlashPlayerUpdateSvc - ok
23:56:17.0484 0x0cfc adpu160m - ok
23:56:17.0531 0x0cfc [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
23:56:17.0656 0x0cfc aec - ok
23:56:17.0687 0x0cfc [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
23:56:17.0750 0x0cfc AFD - ok
23:56:17.0765 0x0cfc Aha154x - ok
23:56:17.0765 0x0cfc aic78u2 - ok
23:56:17.0781 0x0cfc aic78xx - ok
23:56:17.0812 0x0cfc [ E0A6FA244B8624D78FE5FF6F56A33BAE, 26B828FDB03AE4A4F1DC7A1792F9BAD69CF947897D47F5E567F24F4B6D5CB541 ] Alerter C:\WINDOWS\system32\alrsvc.dll
23:56:17.0906 0x0cfc Alerter - ok
23:56:17.0937 0x0cfc [ 88842DE939A827577BF24243699AC80A, A49C9A6A9941F3A2FBBCFE1F6DB48B632739D00670AC98ECCCBC7FD9E786B21A ] ALG C:\WINDOWS\System32\alg.exe
23:56:18.0046 0x0cfc ALG - ok
23:56:18.0046 0x0cfc AliIde - ok
23:56:18.0140 0x0cfc [ 267FC636801EDC5AB28E14036349E3BE, CFEF5DF5F9BE820283376BB86DB3CF6609C02D316A742E17459A2BFA42E724E0 ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys
23:56:18.0656 0x0cfc Ambfilt - ok
23:56:18.0671 0x0cfc amsint - ok
23:56:18.0750 0x0cfc [ D9632DF732EAE381ABBD7581B6C8DC00, D32E46085CC75B6B40E7977B6958197362436BB15BB960A4AB036E53375391DF ] AnyDVD C:\WINDOWS\system32\Drivers\AnyDVD.sys
23:56:18.0781 0x0cfc AnyDVD - ok
23:56:18.0906 0x0cfc [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:56:18.0921 0x0cfc Apple Mobile Device - ok
23:56:18.0937 0x0cfc AppMgmt - ok
23:56:18.0937 0x0cfc [ B5B8A80875C1DEDEDA8B02765642C32F, AD0C71D73B1B8225351FBF4FFB43001A32B4DAE69504C59970CD2428BB33D4EF ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
23:56:19.0031 0x0cfc Arp1394 - ok
23:56:19.0031 0x0cfc asc - ok
23:56:19.0046 0x0cfc asc3350p - ok
23:56:19.0046 0x0cfc asc3550 - ok
23:56:19.0125 0x0cfc [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
23:56:19.0156 0x0cfc aspnet_state - ok
23:56:19.0171 0x0cfc [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
23:56:19.0265 0x0cfc AsyncMac - ok
23:56:19.0312 0x0cfc [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
23:56:19.0421 0x0cfc atapi - ok
23:56:19.0421 0x0cfc Atdisk - ok
23:56:19.0453 0x0cfc [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
23:56:19.0546 0x0cfc Atmarpc - ok
23:56:19.0609 0x0cfc [ DE31B88962A8645DBA5A37B993E7B0F1, CA93F25A3FD0CE68BB9B8E3AB6B813BF38DE3EDDFC990291B3957FAA59B2B274 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
23:56:19.0703 0x0cfc AudioSrv - ok
23:56:19.0750 0x0cfc [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
23:56:19.0859 0x0cfc audstub - ok
23:56:19.0890 0x0cfc [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
23:56:19.0984 0x0cfc Beep - ok
23:56:20.0093 0x0cfc [ 19395D092FD85DDC2D9C7729CF5A2AC8, 7640F36BA19698EE8A6257BF78A8C57DD9D734BED9CA6BB9B68603BAEA092412 ] BITS C:\WINDOWS\system32\qmgr.dll
23:56:20.0234 0x0cfc BITS - ok
23:56:20.0296 0x0cfc [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:56:20.0312 0x0cfc Bonjour Service - ok
23:56:20.0359 0x0cfc [ 89E739BBA5F636297EA5B5F811189E06, 151B32B12F5DD0D388134DA2471FE9741CF22B9C408DA58FEF8019D3C4EC836B ] Browser C:\WINDOWS\System32\browser.dll
23:56:20.0390 0x0cfc Browser - ok
23:56:20.0437 0x0cfc [ 92A964547B96D697E5E9ED43B4297F5A, 01A84802B68253FF093EAFED5B85DE716BB85EBD080D92D4814B6FB39286CD24 ] BrScnUsb C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys
23:56:20.0484 0x0cfc BrScnUsb - ok
23:56:20.0515 0x0cfc [ EA7E57F87D6FEE5FD6C5F813C04E8CD2, 1EB84F4DEE3034FAFBEA2A3F84EECE036E803872DA94D54E958E9F2F09519E88 ] BrYNSvc C:\Program Files\Browny02\BrYNSvc.exe
23:56:20.0546 0x0cfc BrYNSvc - detected UnsignedFile.Multi.Generic ( 1 )
23:56:23.0062 0x0cfc Detect skipped due to KSN trusted
23:56:23.0062 0x0cfc BrYNSvc - ok
23:56:23.0062 0x0cfc catchme - ok
23:56:23.0125 0x0cfc [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
23:56:23.0218 0x0cfc cbidf2k - ok
23:56:23.0234 0x0cfc [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
23:56:23.0343 0x0cfc CCDECODE - ok
23:56:23.0343 0x0cfc cd20xrnt - ok
23:56:23.0375 0x0cfc [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
23:56:23.0468 0x0cfc Cdaudio - ok
23:56:23.0515 0x0cfc [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
23:56:23.0609 0x0cfc Cdfs - ok
23:56:23.0656 0x0cfc [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
23:56:23.0750 0x0cfc Cdrom - ok
23:56:23.0750 0x0cfc Changer - ok
23:56:23.0765 0x0cfc [ E390DC1D7C461D7D56EC53402F329928, FB37F84E71353CD83FCDDD39C898C6D84C05130C5F1BEF022E3DFDE160398C0E ] CiSvc C:\WINDOWS\system32\cisvc.exe
23:56:23.0875 0x0cfc CiSvc - ok
23:56:23.0890 0x0cfc [ 064507A8DFA8C5C7E2FFDDD3E6F424FA, 1725067BC759484A7185A4F1A44ED3CBE481529D187FE98EF279425B79177EB1 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
23:56:23.0984 0x0cfc ClipSrv - ok
23:56:24.0062 0x0cfc [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:56:24.0078 0x0cfc clr_optimization_v2.0.50727_32 - ok
23:56:24.0125 0x0cfc [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:56:24.0171 0x0cfc clr_optimization_v4.0.30319_32 - ok
23:56:24.0171 0x0cfc CmdIde - ok
23:56:24.0187 0x0cfc COMSysApp - ok
23:56:24.0203 0x0cfc Cpqarray - ok
23:56:24.0234 0x0cfc [ D01F685F8B4598D144B0CCE9FF95D8D5, A68EF814CDBD7291DEF4745FE14D5080041BD3275AB12629C7811506AF2B8E17 ] cpudrv C:\Program Files\SystemRequirementsLab\cpudrv.sys
23:56:24.0265 0x0cfc cpudrv - ok
23:56:24.0312 0x0cfc [ F3AB0933CBD166D271992F411C27CCAF, 50E01F3B058F814BE914FA5050B2D972E8584A467719A5ABCF9D9EBD596A54A7 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
23:56:24.0406 0x0cfc CryptSvc - ok
23:56:24.0421 0x0cfc dac2w2k - ok
23:56:24.0421 0x0cfc dac960nt - ok
23:56:24.0468 0x0cfc [ BE27674D1CBC3214AEC84B4336A38BBF, 3DF5F9A9E97595A61314B2731DF4F3D3C19D1B9D2291624A63B8E1861FFC2D76 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
23:56:24.0515 0x0cfc DcomLaunch - ok
23:56:24.0546 0x0cfc [ 8C9A53E285AC5E6704844D0459EC85BE, 9E86AF4C06CEC007C9B1590B6E056319603E4D79BED0C2471C6F1BC251B380CF ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
23:56:24.0640 0x0cfc Dhcp - ok
23:56:24.0656 0x0cfc [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
23:56:24.0765 0x0cfc Disk - ok
23:56:24.0765 0x0cfc dmadmin - ok
23:56:24.0812 0x0cfc [ DB5FD2BF5B07DC54BFCB3664FF05BD7C, 46074FBBC5E4A40A7B3A45636089DEDD2A619778C7DCD797571C2BB64D775F7E ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
23:56:24.0937 0x0cfc dmboot - ok
23:56:24.0968 0x0cfc [ FFF1720AF51171F32F1EAD5CF71F2810, 2E40D63DC7670C1E88A532DB8923A98ABC8481C351C4D915C2753E10BA77F36D ] dmio C:\WINDOWS\system32\drivers\dmio.sys
23:56:25.0078 0x0cfc dmio - ok
23:56:25.0093 0x0cfc [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
23:56:25.0187 0x0cfc dmload - ok
23:56:25.0203 0x0cfc [ 2BFEFE9E865655A76982F050450B9591, 15C7D093D638770519AA43E7D8897310F32AB1F217027F5750D799494A985C35 ] dmserver C:\WINDOWS\System32\dmserver.dll
23:56:25.0312 0x0cfc dmserver - ok
23:56:25.0343 0x0cfc [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
23:56:25.0437 0x0cfc DMusic - ok
23:56:25.0453 0x0cfc [ DFAA406BF19F4EE806A6F8D4342137F7, EE2C11B3E37565FC009E323607B2F5F148F9219012EDF848CEFC1B273DAA98A9 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
23:56:25.0468 0x0cfc Dnscache - ok
23:56:25.0484 0x0cfc [ 4A3E2BD20157A0946751229E92EB8621, D8C00CC2C18C517F7262EBC3C511C062E5ABA797056AEB22AC5DEB306BA8C526 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
23:56:25.0593 0x0cfc Dot3svc - ok
23:56:25.0593 0x0cfc dpti2o - ok
23:56:25.0625 0x0cfc [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
23:56:25.0718 0x0cfc drmkaud - ok
23:56:25.0765 0x0cfc [ 687AF6BB383885FF6A64071B189A7F3E, 1C751B8DD27F63E88D0223A8434CED7589AC00EC6275938C59D1B954F0354F78 ] dtsoftbus01 C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
23:56:25.0796 0x0cfc dtsoftbus01 - ok
23:56:25.0828 0x0cfc [ 0887D9C2BE8D940778CAD1E3B85F2A41, 2E30DC06D46A5E174B7CAA2D70BDB697015495942572E90425E2EE7AC541BCF4 ] EapHost C:\WINDOWS\System32\eapsvc.dll
23:56:25.0921 0x0cfc EapHost - ok
23:56:25.0937 0x0cfc [ 28CB0B64134AD62C2ACF77DB8501A619, ADA4E42BF5EF58EF1AAD94435441003B1CC1FCAA5D38BFDBE1A3D736DC451D47 ] ElbyCDIO C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
23:56:25.0953 0x0cfc ElbyCDIO - ok
23:56:25.0968 0x0cfc [ A2A4912798F2BE706ABADD3D30800D16, CCCCA389D22525D984DE9B59E4CEBE0EEEF315F725176EB5C4DC1A5B6157234A ] ERSvc C:\WINDOWS\System32\ersvc.dll
23:56:26.0062 0x0cfc ERSvc - ok
23:56:26.0140 0x0cfc [ 9EF697AF07BB8DD82C3B02CA953A95B7, F26033E660B8FF1BDB9E88CDA205CE128C03138AF6BEC05DB3CF2D95C16D86C6 ] Eventlog C:\WINDOWS\system32\services.exe
23:56:26.0171 0x0cfc Eventlog - ok
23:56:26.0203 0x0cfc [ A371F11EF07653591C8DE26AFB13CE7F, 1192EDC8B146F1C27E8CD7E126DDC044F8B368C2E891A90CD81620D48C9550B6 ] EventSystem C:\WINDOWS\system32\es.dll
23:56:26.0234 0x0cfc EventSystem - ok
23:56:26.0281 0x0cfc [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
23:56:26.0375 0x0cfc Fastfat - ok
23:56:26.0421 0x0cfc [ EE9A2B9EA968A792A053C9D1A86BF870, 39798179F2EA42216CBE98F08ADA3675A87BD0C31A66534367B96CB129AF36BA ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
23:56:26.0468 0x0cfc FastUserSwitchingCompatibility - ok
23:56:26.0500 0x0cfc [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
23:56:26.0609 0x0cfc Fdc - ok
23:56:26.0640 0x0cfc [ AC366695A0796560AA37215AD5762AAF, 6ADC7443EA42D77199D4879AF3C33A07914116C69A34B895D8CB8444EE50077F ] Fips C:\WINDOWS\system32\drivers\Fips.sys
23:56:26.0750 0x0cfc Fips - ok
23:56:26.0781 0x0cfc [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
23:56:26.0859 0x0cfc Flpydisk - ok
23:56:26.0890 0x0cfc [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
23:56:26.0984 0x0cfc FltMgr - ok
23:56:27.0062 0x0cfc [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
23:56:27.0078 0x0cfc FontCache3.0.0.0 - ok
23:56:27.0078 0x0cfc [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
23:56:27.0171 0x0cfc Fs_Rec - ok
23:56:27.0187 0x0cfc [ 4E664D8541DB4A66B73A24257E322E1F, 17A2140AFE2B41E579FCCAFB82532853AD90A6EDBCB13DE80741DAE0AD5B4CC9 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
23:56:27.0265 0x0cfc Ftdisk - ok
23:56:27.0312 0x0cfc [ 54789F9BA0D59072CDD4E7C200E122C4, EAA497A97E2097CCEF5F7549E35CC87F652923E31BFDB9B590B54D7D8C72050A ] gdrv C:\WINDOWS\gdrv.sys
23:56:27.0500 0x0cfc gdrv - ok
23:56:27.0546 0x0cfc [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
23:56:27.0562 0x0cfc GEARAspiWDM - ok
23:56:27.0578 0x0cfc [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
23:56:27.0687 0x0cfc Gpc - ok
23:56:27.0765 0x0cfc [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
23:56:27.0781 0x0cfc gupdate - ok
23:56:27.0781 0x0cfc [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
23:56:27.0796 0x0cfc gupdatem - ok
23:56:27.0843 0x0cfc [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
23:56:27.0859 0x0cfc gusvc - ok
23:56:27.0906 0x0cfc [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
23:56:28.0031 0x0cfc HDAudBus - ok
23:56:28.0093 0x0cfc [ FCFE31FB75F8A6295B6B0AF87A626282, 6BA385797DBC73EB29EFE3293B80C21B1B8A1E9B87A462476E73C526C9565E5F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
23:56:28.0203 0x0cfc helpsvc - ok
23:56:28.0218 0x0cfc [ 00E25EE90166B3E1BE6E74AEBF858306, 92C2F020EF14DE3B4F09E2C5DFF3D2F35D8C50F6D0188F9CEEFE3B6075602EFE ] HidServ C:\WINDOWS\System32\hidserv.dll
23:56:28.0312 0x0cfc HidServ - ok
23:56:28.0343 0x0cfc [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
23:56:28.0453 0x0cfc HidUsb - ok
23:56:28.0468 0x0cfc [ 7A6B320928F86BC851530D63C82965D9, 1F628759D31098DFBC05244735B5A62ACD8E45DBC5C9D236260D68EB8F1E28F5 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
23:56:28.0562 0x0cfc hkmsvc - ok
23:56:28.0578 0x0cfc hpn - ok
23:56:28.0609 0x0cfc [ 9F1D80908658EB7F1BF70809E0B51470, 84FD62D34BC63BA41027DD2164B1E4F86BC8783E8A601E9F189627A4B3D54AAA ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
23:56:28.0640 0x0cfc HPZid412 - ok
23:56:28.0656 0x0cfc [ F7E3E9D50F9CD3DE28085A8FDAA0A1C3, 886A5222940A6E14B359B45AA158390468B601FB58949E7F5BEC93B5459AF689 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
23:56:28.0687 0x0cfc HPZipr12 - ok
23:56:28.0703 0x0cfc [ CF1B7951B4EC8D13F3C93B74BB2B461B, 3A1B8A9A9AB0E916288AD6198C377E3A4D278DB3D8DCD4299F0ADC83973F0495 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
23:56:28.0750 0x0cfc HPZius12 - ok
23:56:28.0796 0x0cfc [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
23:56:28.0843 0x0cfc HTTP - ok
23:56:28.0875 0x0cfc [ 58FE2F2DA3BC5573F4A35B3760D3125F, B241ACCE426402EC64DC34C49CECB8CDC0851986D54BFCCED7040D6C43F5787A ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
23:56:28.0968 0x0cfc HTTPFilter - ok
23:56:28.0968 0x0cfc i2omgmt - ok
23:56:28.0984 0x0cfc i2omp - ok
23:56:29.0031 0x0cfc [ C528E27945367191E7BAE364930B6932, 1B95C7B49B4CAE734DC6C9EC22555C5356EEC856B8491C761C777479264CF854 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
23:56:29.0140 0x0cfc i8042prt - ok
23:56:29.0421 0x0cfc [ 66A685B05066683621920BC14A45CFE8, B1DA4E1083E1B60E29607BFEF62653E13A0A9DD5A2ED7074B43BC4185AE64959 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
23:56:29.0734 0x0cfc ialm - ok
23:56:29.0812 0x0cfc [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
23:56:29.0828 0x0cfc IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
23:56:33.0828 0x0cfc Detect skipped due to KSN trusted
23:56:33.0828 0x0cfc IDriverT - ok
23:56:33.0937 0x0cfc [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:56:33.0984 0x0cfc idsvc - ok
23:56:34.0000 0x0cfc [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
23:56:34.0109 0x0cfc Imapi - ok
23:56:34.0156 0x0cfc [ F7B93AAFAD33B2320954C17E26C8D361, 8CFDB11A68B59E195F280BE08B25FA59F1F70833832919B8BECCE17616999934 ] ImapiService C:\WINDOWS\system32\imapi.exe
23:56:34.0265 0x0cfc ImapiService - ok
23:56:34.0281 0x0cfc ini910u - ok
23:56:34.0562 0x0cfc [ 063DD51CBDC37B8668E09148E0A118BC, 5FBBD6C067B4614DF99562B3A46EEBD08588CA71D640BBA0BB9A1DAB6CA34D07 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
23:56:34.0828 0x0cfc IntcAzAudAddService - ok
23:56:34.0843 0x0cfc IntelIde - ok
23:56:34.0875 0x0cfc [ 27B290D632AF2CF3CF40BFDDB7370985, 2C266777B4A96706658B8C9A7B30D15D6E495C815FAE23A0A1FC747E9B5AE363 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
23:56:34.0984 0x0cfc intelppm - ok
23:56:35.0000 0x0cfc [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
23:56:35.0109 0x0cfc Ip6Fw - ok
23:56:35.0140 0x0cfc [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
23:56:35.0218 0x0cfc IpFilterDriver - ok
23:56:35.0234 0x0cfc [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
23:56:35.0328 0x0cfc IpInIp - ok
23:56:35.0328 0x0cfc [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
23:56:35.0421 0x0cfc IpNat - ok
23:56:35.0500 0x0cfc [ 061614179585BE398A73B9B3AF111310, BE715790531CBF3E038C6C2083A0802FA492D1DCAB3ACFE035DF72E3D6A4B83B ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
23:56:35.0531 0x0cfc iPod Service - ok
23:56:35.0578 0x0cfc [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
23:56:35.0671 0x0cfc IPSec - ok
23:56:35.0703 0x0cfc [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
23:56:35.0796 0x0cfc IRENUM - ok
23:56:35.0843 0x0cfc [ CC9F8A2D60AED1A51A3AC34C59B987AE, CBF69817BE3D9A4617390B1A3306074CB8581F21562CD1357D32BC3E542F3CEE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
23:56:35.0937 0x0cfc isapnp - ok
23:56:36.0093 0x0cfc [ 9ECF00E19736054E019C532AED8228FC, F5A64A8269EA3655BBD4850298F335C0BD30535258928ED7CE62A32A3363E60B ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
23:56:36.0109 0x0cfc JavaQuickStarterService - ok
23:56:36.0125 0x0cfc [ C995C0E8B4503FAC38793BB0236AD246, 5147C90053C8DBAFA9A7E4457A03AA2BCF5EC1A7367526FD102D4B542CC357B0 ] JGOGO C:\WINDOWS\system32\DRIVERS\JGOGO.sys
23:56:36.0156 0x0cfc JGOGO - ok
23:56:36.0171 0x0cfc [ F90A4E8657319A652E04C5362926CFEA, 38169807B92FB550385DD5D73AFC4CB92D2F40FA29C803D6E94FD87349EB4CEE ] JRAID C:\WINDOWS\system32\DRIVERS\jraid.sys
23:56:36.0187 0x0cfc JRAID - ok
23:56:36.0234 0x0cfc [ 1B6162FE7F66B1A71A4B70F941C4AA9B, C2EA494BAB0513A6027414FB1E75834F980A77852D0DC8559E8942FC222A075A ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
23:56:36.0343 0x0cfc Kbdclass - ok
23:56:36.0359 0x0cfc [ 86C8F23616C6C6E5B2776901C17B945B, 211B63FC405A2DDB126D204D61E779D66C7211882CC0374521926C633E180B91 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
23:56:36.0468 0x0cfc kbdhid - ok
23:56:36.0500 0x0cfc [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
23:56:36.0593 0x0cfc kmixer - ok
23:56:36.0625 0x0cfc [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
23:56:36.0656 0x0cfc KSecDD - ok
23:56:36.0703 0x0cfc [ 3428E8F86F8ADD36B42FB23542C7B3E4, 9CF643D1A70AF08407ACD5FD6FE4B8777521DDF41B5E63C2E6E1E4CAAC69A403 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
23:56:36.0718 0x0cfc LanmanServer - ok
23:56:36.0781 0x0cfc [ 936C1D110232D23B621CB0196E4F80F0, 2DE3AF93E20F1DC7A6FF31B18054EA4D2350387E4DA91C4B16D451384F0C57E2 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
23:56:36.0828 0x0cfc lanmanworkstation - ok
23:56:36.0828 0x0cfc lbrtfdc - ok
23:56:36.0875 0x0cfc [ 0AB159F536E3E8F7F07113702A07CCA5, 3218C553183E6697C663B6D12790E09756B50505590858DD5AC62411D37CDD7C ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
23:56:36.0984 0x0cfc LmHosts - ok
23:56:37.0000 0x0cfc [ 1A7DB7A00A4B0D8DA24CD691A4547291, 604E29E827841EA06313172D9063FD946CE592BF844CEA8D10173CAA397704F8 ] LVPr2Mon C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
23:56:37.0015 0x0cfc LVPr2Mon - ok
23:56:37.0078 0x0cfc [ 0DDFDCAA92C7F553328DB06BA599BEA9, DB779E38B1CF1CAD69193857043F8ED8BBEB603E97363CD798F6699431D94A41 ] LVPrcSrv C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
23:56:37.0093 0x0cfc LVPrcSrv - ok
23:56:37.0125 0x0cfc [ F7E15F2FE7790733DF86E95A76556389, 8E5246CF8ADCEB614C903EC1D6F594019E4798B1C5A5ED955345C7A95BD5272A ] LVUSBSta C:\WINDOWS\system32\drivers\LVUSBSta.sys
23:56:37.0140 0x0cfc LVUSBSta - ok
23:56:37.0171 0x0cfc [ 221CD1C815B8A6B79389C3F5D1018DE8, 6D0D25D6669C4F9452F74EC72C6138A41D9408E01AF5FD01C08F27BE7BC9C905 ] Messenger C:\WINDOWS\System32\msgsvc.dll
23:56:37.0265 0x0cfc Messenger - ok
23:56:37.0281 0x0cfc [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
23:56:37.0375 0x0cfc mnmdd - ok
23:56:37.0390 0x0cfc [ 9A57D046F88F4B69751B11FD40088A61, 62F65433024CE411F111A88723747B8A83B31076FBAF4CFF40FD02A53D7FF7DF ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
23:56:37.0500 0x0cfc mnmsrvc - ok
23:56:37.0515 0x0cfc [ 44032B0C6D9954D3FD26438330B99EE7, A49749A4C00D50F57170AA5DA9E2DEECC8C524A48B144C8B784894F2C202FBEE ] Modem C:\WINDOWS\system32\drivers\Modem.sys
23:56:37.0593 0x0cfc Modem - ok
23:56:37.0671 0x0cfc [ C7D9F9717916B34C1B00DD4834AF485C, A9512A03E8142C83534189963F90ADA6FA425BD606928C40C3D724177105A658 ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys
23:56:37.0734 0x0cfc Monfilt - ok
23:56:37.0765 0x0cfc [ 4CB582831DBDE63CE43B45D771218374, 6D470B26197C5B388983D9213D48D2CDE934C9591572876DC7790FE4B59E0845 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
23:56:37.0859 0x0cfc Mouclass - ok
23:56:37.0937 0x0cfc [ BB269EBA740737AB749B214D568B6812, ABF41D9B521EBBE674E76981CAD31F8FD05976DE7070266C3956FDB67C83C4C2 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
23:56:38.0046 0x0cfc mouhid - ok
23:56:38.0078 0x0cfc [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
23:56:38.0187 0x0cfc MountMgr - ok
23:56:38.0265 0x0cfc [ 4E9D8041D352A33332FD6F59A3A78B03, D4E6229B07EF9866993EEE4F6223DC7F1FF1108273FE14A3DC74E65C181DE56A ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
23:56:38.0281 0x0cfc MozillaMaintenance - ok
23:56:38.0343 0x0cfc [ 8072A7BB35D92CC621AC2605EEF79BC4, 68F61BE84A5032CEC24F04C90DACA1AE78F3744016389BE2345256B26E44E09A ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys
23:56:38.0359 0x0cfc MpFilter - ok
23:56:38.0375 0x0cfc mraid35x - ok
23:56:38.0390 0x0cfc [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
23:56:38.0500 0x0cfc MRxDAV - ok
23:56:38.0531 0x0cfc [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
23:56:38.0593 0x0cfc MRxSmb - ok
23:56:38.0609 0x0cfc [ 6DB4D1521CABA9A5FFAB54ADE0AE867D, 78D63EE2C0B0852F0771071C099643242EBC9F4DA28847B93BCE9C3CC1091938 ] MSDTC C:\WINDOWS\system32\msdtc.exe
23:56:38.0703 0x0cfc MSDTC - ok
23:56:38.0734 0x0cfc [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
23:56:38.0828 0x0cfc Msfs - ok
23:56:38.0843 0x0cfc MSIServer - ok
23:56:38.0875 0x0cfc [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
23:56:38.0984 0x0cfc MSKSSRV - ok
23:56:39.0031 0x0cfc [ 1EE3643D1AA747222427F63353611AD7, 18465E375485DF4E980121449077D5BA87C25C5FA8D86F40DA3B7BE153306766 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
23:56:39.0046 0x0cfc MsMpSvc - ok
23:56:39.0046 0x0cfc [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
23:56:39.0140 0x0cfc MSPCLOCK - ok
23:56:39.0156 0x0cfc [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
23:56:39.0250 0x0cfc MSPQM - ok
23:56:39.0281 0x0cfc [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
23:56:39.0375 0x0cfc mssmbios - ok
23:56:39.0390 0x0cfc [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
23:56:39.0500 0x0cfc MSTEE - ok
23:56:39.0500 0x0cfc [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
23:56:39.0546 0x0cfc Mup - ok
23:56:39.0578 0x0cfc [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
23:56:39.0671 0x0cfc NABTSFEC - ok
23:56:39.0703 0x0cfc [ 6EA362E9DB03D44F6B996F4D8BE237E9, FE6B4C546D26C4A2832CF4CB280B86B1723E10E46A3C24AF6C9856FCCAE9D1FC ] napagent C:\WINDOWS\System32\qagentrt.dll
23:56:39.0812 0x0cfc napagent - ok
23:56:39.0812 0x0cfc [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
23:56:39.0906 0x0cfc NDIS - ok
23:56:39.0937 0x0cfc [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
23:56:40.0015 0x0cfc NdisIP - ok
23:56:40.0062 0x0cfc [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
23:56:40.0109 0x0cfc NdisTapi - ok
23:56:40.0140 0x0cfc [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
23:56:40.0218 0x0cfc Ndisuio - ok
23:56:40.0234 0x0cfc [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:56:40.0328 0x0cfc NdisWan - ok
23:56:40.0343 0x0cfc [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
23:56:40.0375 0x0cfc NDProxy - ok
23:56:40.0390 0x0cfc [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
23:56:40.0515 0x0cfc NetBIOS - ok
23:56:40.0546 0x0cfc [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
23:56:40.0656 0x0cfc NetBT - ok
23:56:40.0703 0x0cfc [ 933DE774986EC85E48210C44AB431DE6, B8C85085003792B8744D96585CE6F2BC474EEEEC364A100CCBCE08176D91E75C ] NetDDE C:\WINDOWS\system32\netdde.exe
23:56:40.0781 0x0cfc NetDDE - ok
23:56:40.0796 0x0cfc [ 933DE774986EC85E48210C44AB431DE6, B8C85085003792B8744D96585CE6F2BC474EEEEC364A100CCBCE08176D91E75C ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
23:56:40.0890 0x0cfc NetDDEdsdm - ok
23:56:40.0921 0x0cfc [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] Netlogon C:\WINDOWS\system32\lsass.exe
23:56:41.0000 0x0cfc Netlogon - ok
23:56:41.0031 0x0cfc [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40, 588C8BA14A7255FD36A88960CBE34341301773765ECF2A9A0F1760A509A08A5B ] Netman C:\WINDOWS\System32\netman.dll
23:56:41.0125 0x0cfc Netman - ok
23:56:41.0171 0x0cfc [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:56:41.0187 0x0cfc NetTcpPortSharing - ok
23:56:41.0218 0x0cfc [ E9E47CFB2D461FA0FC75B7A74C6383EA, 544136F5BFD4DC23D45E90F12FA48B82FD9EAEA9EAF3E0F5F0BD27E23D672C3E ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
23:56:41.0312 0x0cfc NIC1394 - ok
23:56:41.0375 0x0cfc [ 39EE7C3BFBC64BA87CC8CF67386E814C, B93CCB625CE370D9A49C9374D24C939D7C9FEF81401F4F822C51E12677D77E01 ] Nla C:\WINDOWS\System32\mswsock.dll
23:56:41.0390 0x0cfc Nla - ok
23:56:41.0406 0x0cfc [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
23:56:41.0500 0x0cfc Npfs - ok
23:56:41.0531 0x0cfc [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
23:56:41.0671 0x0cfc Ntfs - ok
23:56:41.0671 0x0cfc [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
23:56:41.0765 0x0cfc NtLmSsp - ok
23:56:41.0781 0x0cfc [ 023DD70573D644F3D9C8B1258A7BFD08, 9A1D3210ED5FD8BEDF92ED577A9B30E37035408A73EB66A8C950B75AB7539B83 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
23:56:41.0906 0x0cfc NtmsSvc - ok
23:56:41.0921 0x0cfc [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
23:56:42.0015 0x0cfc Null - ok
23:56:42.0437 0x0cfc [ CADFF8601B10D406DAAF56C6ACA36502, F12D06B77804CB9AE09E32CBFF1ADF6580422EFA9A623D1960FD8A7B9DB92376 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
23:56:42.0906 0x0cfc nv - ok
23:56:43.0000 0x0cfc [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
23:56:43.0093 0x0cfc NwlnkFlt - ok
23:56:43.0171 0x0cfc [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
23:56:43.0250 0x0cfc NwlnkFwd - ok
23:56:43.0281 0x0cfc [ CA33832DF41AFB202EE7AEB05145922F, 9DD0089C2E13C7F81214C3B5A4A61276292052F9BBFEA7FCD0F6AA27815D5F95 ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
23:56:43.0390 0x0cfc ohci1394 - ok
23:56:43.0453 0x0cfc [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:56:43.0468 0x0cfc ose - ok
23:56:43.0484 0x0cfc [ 46F8DB73B4A53E543F8E371DC7C75BAE, F6C5E7DE4B4AE0ED785DB075BE14EA6A0FC9050C95669B26DEF2B82D7B7D3B2C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
23:56:43.0593 0x0cfc Parport - ok
23:56:43.0593 0x0cfc [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
23:56:43.0687 0x0cfc PartMgr - ok
23:56:43.0734 0x0cfc [ 1FAE19D0457176318BBA4A8795656EBC, 5F3D6CABA203A0485D67F63A6A81151724EE200BE49ED095CFCB1EF29C19D19F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
23:56:43.0828 0x0cfc ParVdm - ok
23:56:43.0843 0x0cfc [ 6CE351D149CB4BEFC702951E471E1730, 758327683BB45F01D5AE550AF21856822B4CF55E17F2A4F452F559088D242B37 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
23:56:43.0953 0x0cfc PCI - ok
23:56:43.0953 0x0cfc PCIDump - ok
23:56:43.0968 0x0cfc [ 2DA4EC85E0EA7A45C6B2A05820492D5A, A8C6BD93D3BC33A5B36EB523997EF9E0783B6E6EAFB6E7F58BCC2629009BDCF9 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
23:56:44.0062 0x0cfc PCIIde - ok
23:56:44.0093 0x0cfc [ 4FC31E6C19A5CE5198B1ABFF94CAE758, A031E21EC1F15DA5E8429269F435337FA961C3C06D535DAFD448C7355F33FD0C ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
23:56:44.0187 0x0cfc Pcmcia - ok
23:56:44.0218 0x0cfc [ 02AAAFB7BA137CE5DDABCDF8090954D9, 3570B912E6D44E9E422BFBD648EA73D0B27CFB1282915197C5B91AE56BE41567 ] pcouffin C:\WINDOWS\system32\Drivers\pcouffin.sys
23:56:44.0250 0x0cfc pcouffin - detected UnsignedFile.Multi.Generic ( 1 )
23:56:46.0734 0x0cfc Detect skipped due to KSN trusted
23:56:46.0734 0x0cfc pcouffin - ok
23:56:46.0750 0x0cfc PDCOMP - ok
23:56:46.0828 0x0cfc [ C1C3BAF078BE5A14384A4BA2D730817D, 6E4D2F73A1CB250B3EE270CCE806A37EB2140E34EAF9F48C45CC12D2A451AA16 ] PDFProFiltSrvPP C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe
23:56:46.0859 0x0cfc PDFProFiltSrvPP - ok
23:56:46.0859 0x0cfc PDFRAME - ok
23:56:46.0875 0x0cfc PDRELI - ok
23:56:46.0875 0x0cfc PDRFRAME - ok
23:56:46.0890 0x0cfc perc2 - ok
23:56:46.0890 0x0cfc perc2hib - ok
23:56:46.0953 0x0cfc [ D2D2FA02B722336960EEAE0AE7107891, 540281F30827787A94466EAE675208D5989D28B389153E1C7F18972B56233AB8 ] PID_0928 C:\WINDOWS\system32\DRIVERS\LV561AV.SYS
23:56:46.0984 0x0cfc PID_0928 - ok
23:56:47.0000 0x0cfc [ 9EF697AF07BB8DD82C3B02CA953A95B7, F26033E660B8FF1BDB9E88CDA205CE128C03138AF6BEC05DB3CF2D95C16D86C6 ] PlugPlay C:\WINDOWS\system32\services.exe
23:56:47.0046 0x0cfc PlugPlay - ok
23:56:47.0062 0x0cfc [ A1DD33D16F277CE34124EE52AB2C0F14, DB5215409D0B6C378567A6399C0170226CB1E2FE74D96B16C97A761D487C613F ] PnkBstrA C:\WINDOWS\system32\PnkBstrA.exe
23:56:47.0078 0x0cfc PnkBstrA - ok
23:56:47.0078 0x0cfc [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
23:56:47.0171 0x0cfc PolicyAgent - ok
23:56:47.0203 0x0cfc [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
23:56:47.0281 0x0cfc PptpMiniport - ok
23:56:47.0296 0x0cfc [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
23:56:47.0375 0x0cfc ProtectedStorage - ok
23:56:47.0390 0x0cfc [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
23:56:47.0468 0x0cfc PSched - ok
23:56:47.0484 0x0cfc [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
23:56:47.0562 0x0cfc Ptilink - ok
23:56:47.0578 0x0cfc ql1080 - ok
23:56:47.0578 0x0cfc Ql10wnt - ok
23:56:47.0578 0x0cfc ql12160 - ok
23:56:47.0593 0x0cfc ql1240 - ok
23:56:47.0593 0x0cfc ql1280 - ok
23:56:47.0625 0x0cfc [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
23:56:47.0703 0x0cfc RasAcd - ok
23:56:47.0734 0x0cfc [ 2B5E44EA009F2F374B980E1E9A70635D, 62D8FDB80C8ACBA2C42C12760B785587C43BEDFE015EC5C41B25F2BB735EFEB0 ] RasAuto C:\WINDOWS\System32\rasauto.dll
23:56:47.0828 0x0cfc RasAuto - ok
23:56:47.0828 0x0cfc [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
23:56:47.0921 0x0cfc Rasl2tp - ok
23:56:47.0953 0x0cfc [ D57554C664B64604BD1EE13EA2C07E77, B090C05B91EA602BFF9A5E89AB1A0FFDE869611961FF749DA8B3F4D00F04E756 ] RasMan C:\WINDOWS\System32\rasmans.dll
23:56:48.0046 0x0cfc RasMan - ok
23:56:48.0046 0x0cfc [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
23:56:48.0140 0x0cfc RasPppoe - ok
23:56:48.0140 0x0cfc [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
23:56:48.0234 0x0cfc Raspti - ok
23:56:48.0265 0x0cfc [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
23:56:48.0375 0x0cfc Rdbss - ok
23:56:48.0390 0x0cfc [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
23:56:48.0484 0x0cfc RDPCDD - ok
23:56:48.0531 0x0cfc [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
23:56:48.0593 0x0cfc RDPWD - ok
23:56:48.0640 0x0cfc [ C0D9D9711CB74EE9BC66353D8CBDAB0E, F1AF9A26910707E76BF213D8DE5C902B0088D8A29EBDFF72DE6A4D867E298CC8 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
23:56:48.0734 0x0cfc RDSessMgr - ok
23:56:48.0765 0x0cfc [ 611BFD220305BE3A85AE876EA47D4AA5, FDF87878EB3886649025E5A12F1C3FC9072D66CCD3217944710085C1F8A4512E ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
23:56:48.0843 0x0cfc redbook - ok
23:56:48.0890 0x0cfc [ 127C26B5371651043450E52542099ABA, 98AADAD8D5211CB894AA7C59B6299861B1F44B6D8F46AB5837E7D2F5B615B14A ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
23:56:48.0984 0x0cfc RemoteAccess - ok
23:56:49.0015 0x0cfc [ 718B3BDC0BC3C2F7D065A53D26202AF9, 9E58243628F1E1396AB82A80D046FF50803A230EE07B007E0CA5D744C77B091A ] RpcLocator C:\WINDOWS\system32\locator.exe
23:56:49.0109 0x0cfc RpcLocator - ok
23:56:49.0187 0x0cfc [ BE27674D1CBC3214AEC84B4336A38BBF, 3DF5F9A9E97595A61314B2731DF4F3D3C19D1B9D2291624A63B8E1861FFC2D76 ] RpcSs C:\WINDOWS\System32\rpcss.dll
23:56:49.0218 0x0cfc RpcSs - ok
23:56:49.0234 0x0cfc [ 09AB2E71E58B078038E3BFDBA7FFC984, 8CA277DEEF6376B0F48C6BA5DBBC3E8AF2245983BA9AF6AB83D1A920D35FAF93 ] RSVP C:\WINDOWS\system32\rsvp.exe
23:56:49.0343 0x0cfc RSVP - ok
23:56:49.0359 0x0cfc [ 098DE621085D7F922871A99B0EC7DDD6, 95725678F2DE64ACF342BEC08C052D3F6FD91A70A6B051BC79581B06D49D2965 ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
23:56:49.0406 0x0cfc RTLE8023xp - ok
23:56:49.0421 0x0cfc [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] SamSs C:\WINDOWS\system32\lsass.exe
23:56:49.0500 0x0cfc SamSs - ok
23:56:49.0515 0x0cfc [ 410046E401EB11E1E6749E9DEEA41D4A, 9507268ACD24EF51E994DC418E8EB3E10DEDE61EE892226A22A5DA7662397E25 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
23:56:49.0609 0x0cfc SCardSvr - ok
23:56:49.0656 0x0cfc [ 16B1ABE7F3E35F21DAC57592B6C5D464, AE4251F1B6EB260F5F1EEBC0220F31649C569A18C06FF79B021AA2F2AD68E1F0 ] SCDEmu C:\WINDOWS\system32\drivers\SCDEmu.sys
23:56:49.0656 0x0cfc SCDEmu - detected UnsignedFile.Multi.Generic ( 1 )
23:56:52.0125 0x0cfc Detect skipped due to KSN trusted
23:56:52.0125 0x0cfc SCDEmu - ok
23:56:52.0203 0x0cfc [ 3FF232A7731621B8902D81D42418C93C, 2030C9A843D9555170179883BD4CC1E978D5FC5EC0D7FCA56518224E428BE421 ] Schedule C:\WINDOWS\system32\schedsvc.dll
23:56:52.0312 0x0cfc Schedule - ok
23:56:52.0343 0x0cfc [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
23:56:52.0453 0x0cfc Secdrv - ok
23:56:52.0484 0x0cfc [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6, 82EEB2345AC19050FAB202DE76C2CDD93E753F5AB67789A86A1726D3040C02E5 ] seclogon C:\WINDOWS\System32\seclogon.dll
23:56:52.0593 0x0cfc seclogon - ok
23:56:52.0625 0x0cfc [ A530B75C10C23C9AB28FDB6CE719E21F, 14568DF6457758E2F534A46A8E6245C364895C3993BEF2B5A889B98DBB201A27 ] SENS C:\WINDOWS\system32\sens.dll
23:56:52.0734 0x0cfc SENS - ok
23:56:52.0734 0x0cfc [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
23:56:52.0828 0x0cfc serenum - ok
23:56:52.0843 0x0cfc [ B842729337C9B921615C40D3C1A1AF96, 503670A56423B996C6ED6AE95F07FB88910767C4A2041A4BE9070C57A016E7FA ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
23:56:52.0921 0x0cfc Serial - ok
23:56:53.0000 0x0cfc [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
23:56:53.0078 0x0cfc Sfloppy - ok
23:56:53.0109 0x0cfc [ F58FACA9621D2DB01BD0927D9A0A208E, 239C87E09261BC9D1DBE99DABCFC4787D42289E8769563A5EFB323BE6F177C9A ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
23:56:53.0218 0x0cfc SharedAccess - ok
23:56:53.0234 0x0cfc [ EE9A2B9EA968A792A053C9D1A86BF870, 39798179F2EA42216CBE98F08ADA3675A87BD0C31A66534367B96CB129AF36BA ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
23:56:53.0250 0x0cfc ShellHWDetection - ok
23:56:53.0250 0x0cfc Simbad - ok
23:56:53.0296 0x0cfc [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
23:56:53.0390 0x0cfc SLIP - ok
23:56:53.0406 0x0cfc Sparrow - ok
23:56:53.0437 0x0cfc [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
23:56:53.0515 0x0cfc splitter - ok
23:56:53.0562 0x0cfc [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
23:56:53.0593 0x0cfc Spooler - ok
23:56:53.0656 0x0cfc [ 68103A2B441BBF3908EBB587F0704D6C, 0EE921D3D3D88AD0380923429E82B58078F53D7A9D53458AA33FEDF376EF1212 ] sptd C:\WINDOWS\System32\Drivers\sptd.sys
23:56:53.0671 0x0cfc sptd - ok
23:56:53.0703 0x0cfc [ 94610C8653635E4459316A0050D55CE7, D148D33B3D2B0757060531C526F2161504A8D7C4E5957D092C7EBDB007271339 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
23:56:53.0781 0x0cfc sr - ok
23:56:53.0828 0x0cfc [ 35B91147124F64AC8081A2EDB9EA4DEE, 1609D19156DAC6EE3C2D2350B062966B64D9CDC289E9B8FEB6D244AAEBE90BBF ] srservice C:\WINDOWS\system32\srsvc.dll
23:56:53.0921 0x0cfc srservice - ok
23:56:53.0953 0x0cfc [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
23:56:54.0000 0x0cfc Srv - ok
23:56:54.0062 0x0cfc [ BECD5271DC4E3B7C3D035F790FCBC1E5, D63B9DB81332553C963EC5057D241CE2287AF652387333C1FD79AF8C9B5F2BA7 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
23:56:54.0156 0x0cfc SSDPSRV - ok
23:56:54.0218 0x0cfc [ C1CDD9275F6A115BB0AE1D55D8D27BA6, CD0511FD7F6AD832CBEB931C605AB3AD217631C57399CB8033248D27619541E4 ] stisvc C:\WINDOWS\system32\wiaservc.dll
23:56:54.0343 0x0cfc stisvc - ok
23:56:54.0359 0x0cfc [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
23:56:54.0453 0x0cfc streamip - ok
23:56:54.0484 0x0cfc [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
23:56:54.0562 0x0cfc swenum - ok
23:56:54.0578 0x0cfc [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
23:56:54.0671 0x0cfc swmidi - ok
23:56:54.0671 0x0cfc SwPrv - ok
23:56:54.0687 0x0cfc symc810 - ok
23:56:54.0687 0x0cfc symc8xx - ok
23:56:54.0687 0x0cfc sym_hi - ok
23:56:54.0703 0x0cfc sym_u3 - ok
23:56:54.0703 0x0cfc [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
23:56:54.0812 0x0cfc sysaudio - ok
23:56:54.0828 0x0cfc [ CE06F01B88ACE199A1BF460CAC29C110, 3CD89E5B8E53203287D889C107E4795225742DB6C6ACA2DC0611BD9728382A27 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
23:56:54.0921 0x0cfc SysmonLog - ok
23:56:54.0968 0x0cfc [ C2546CD7A398476F9DF5614B2AE160E8, 11C8435BA983553E9C0806494E9B3C7080515C0375B0604F029D89B50726161A ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
23:56:55.0078 0x0cfc TapiSrv - ok
23:56:55.0140 0x0cfc [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
23:56:55.0187 0x0cfc Tcpip - ok
23:56:55.0203 0x0cfc [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
23:56:55.0296 0x0cfc TDPIPE - ok
23:56:55.0312 0x0cfc [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
23:56:55.0421 0x0cfc TDTCP - ok
23:56:55.0421 0x0cfc [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
23:56:55.0515 0x0cfc TermDD - ok
23:56:55.0562 0x0cfc [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E, 3D2B1D899061448EAD993CDE97D1EF50DD64728E9F44D80FEAE591198A937653 ] TermService C:\WINDOWS\System32\termsrv.dll
23:56:55.0656 0x0cfc TermService - ok
23:56:55.0703 0x0cfc [ EE9A2B9EA968A792A053C9D1A86BF870, 39798179F2EA42216CBE98F08ADA3675A87BD0C31A66534367B96CB129AF36BA ] Themes C:\WINDOWS\System32\shsvcs.dll
23:56:55.0718 0x0cfc Themes - ok
23:56:55.0718 0x0cfc TosIde - ok
23:56:55.0750 0x0cfc [ 38853304CCB938D30E0C4CDE8D2C2A8A, 966E7BCC9F63A1A7777F8A12E51C2A91EC688CE96109943ADC4CB4EB58DC34A6 ] TrkWks C:\WINDOWS\system32\trkwks.dll
23:56:55.0843 0x0cfc TrkWks - ok
23:56:55.0859 0x0cfc [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
23:56:55.0968 0x0cfc Udfs - ok
23:56:55.0968 0x0cfc ultra - ok
23:56:56.0015 0x0cfc [ AB0A7CA90D9E3D6A193905DC1715DED0, CA764A2B92E727E3398134CD50D5622B4EC387436A3644063DA1D114CE63BD64 ] UMWdf C:\WINDOWS\system32\wdfmgr.exe
23:56:56.0046 0x0cfc UMWdf - ok
23:56:56.0078 0x0cfc [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
23:56:56.0187 0x0cfc Update - ok
23:56:56.0218 0x0cfc [ 651BD90DCEE5B7BDC74A2EB7C9266F9E, AF7662BCA0819F82CE5EE0863E47149CC127DE664CB3DC6359B63FBD71DB54F8 ] upnphost C:\WINDOWS\System32\upnphost.dll
23:56:56.0312 0x0cfc upnphost - ok
23:56:56.0328 0x0cfc [ 20A0F6A11959E92908717D09E87D670D, 3DD6C99AB0F70FAA43DF470B30078B8A51B8AF735CD5C50DBB195FEA70F4C36E ] UPS C:\WINDOWS\System32\ups.exe
23:56:56.0421 0x0cfc UPS - ok
23:56:56.0484 0x0cfc [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
23:56:56.0515 0x0cfc USBAAPL - ok
23:56:56.0562 0x0cfc [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
23:56:56.0593 0x0cfc usbccgp - ok
23:56:56.0640 0x0cfc [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
23:56:56.0671 0x0cfc usbehci - ok
23:56:56.0750 0x0cfc [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
23:56:56.0843 0x0cfc usbhub - ok
23:56:56.0875 0x0cfc [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
23:56:56.0984 0x0cfc usbprint - ok
23:56:57.0046 0x0cfc [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
23:56:57.0125 0x0cfc usbscan - ok
23:56:57.0187 0x0cfc [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
23:56:57.0328 0x0cfc USBSTOR - ok
23:56:57.0375 0x0cfc [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
23:56:57.0500 0x0cfc usbuhci - ok
23:56:57.0531 0x0cfc [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
23:56:57.0656 0x0cfc VgaSave - ok
23:56:57.0671 0x0cfc ViaIde - ok
23:56:57.0703 0x0cfc [ 28A4B296B47782173C346E376CB374D1, FE799FE4A41752A2B47027EA88214BF3E39B317302939F4A2D0F2A4EFAAC2F13 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
23:56:57.0828 0x0cfc VolSnap - ok
23:56:57.0984 0x0cfc [ D6BA1A63D9E00933F1CD2A885573AFB2, 36311A060635CEC1DBB6D8A746B8A4D007706EAE97D51A5E12F9958AB16BE486 ] VSS C:\WINDOWS\System32\vssvc.exe
23:56:58.0125 0x0cfc VSS - ok
23:56:58.0218 0x0cfc [ FA4E1CDBA256787F2149F4AAD07BC91F, 1B5FC5248335D70094D04501AA2C30F54782B58FF8D573BE8E784A21529C7CAF ] W32Time C:\WINDOWS\system32\w32time.dll
23:56:58.0359 0x0cfc W32Time - ok
23:56:58.0375 0x0cfc [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
23:56:58.0484 0x0cfc Wanarp - ok
23:56:58.0500 0x0cfc WDICA - ok
23:56:58.0546 0x0cfc [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
23:56:58.0640 0x0cfc wdmaud - ok
23:56:58.0671 0x0cfc [ 47AE51048A82DFA1CD6B51D369F7E169, 742F2162B8BDE00D83715093EA9743338964597ED22648B9F4F139D7278235A4 ] WebClient C:\WINDOWS\System32\webclnt.dll
23:56:58.0812 0x0cfc WebClient - ok
23:56:58.0890 0x0cfc [ E488332126E3B1182D2B8A0C35408EC6, F9F60911DF0A539753B2BEF6FAD2D0AED1BC1C3F43509F79D9AF2F810CDE5D9B ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
23:56:58.0968 0x0cfc winmgmt - ok
23:56:59.0062 0x0cfc [ 4D34CEDD74BDBF2B6A935EAE3BF80543, 217D4B405C2F7F429D2633ABC75B35BC4B1271EF4B7D779048CF82C2575A54FC ] WinRM C:\WINDOWS\system32\WsmSvc.dll
23:56:59.0156 0x0cfc WinRM - ok
23:56:59.0203 0x0cfc [ 140EF97B64F560FD78643CAE2CDAD838, 1DEA8005220A3EFEC6E32A7DE4386026CCC1E5328E2FDCB82B1FB335905D1962 ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
23:56:59.0218 0x0cfc WmdmPmSN - ok
23:56:59.0265 0x0cfc [ 23F6F03272F7E5679F1F050AED5ACEE6, 87EBE773F3E8FFE2F1E1DB435BB0E8852031AA88112EB791085AD3DA918B49CC ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
23:56:59.0375 0x0cfc WmiApSrv - ok
23:56:59.0390 0x0cfc [ 1385E5AA9C9821790D33A9563B8D2DD0, 35248DA1BBB6E88D6C7706B81A48F7EA4E4F2673228D69E622525D478B8E7220 ] WpdUsb C:\WINDOWS\system32\Drivers\wpdusb.sys
23:56:59.0406 0x0cfc WpdUsb - ok
23:56:59.0515 0x0cfc [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
23:56:59.0562 0x0cfc WPFFontCache_v0400 - ok
23:56:59.0609 0x0cfc [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
23:56:59.0687 0x0cfc WS2IFSL - ok
23:56:59.0734 0x0cfc [ 4C86D5FAF78194995AF9CC1075F65DD3, D3B23BB0971E0DBC0A51720067489C224323B603178E91149BF56F779DE352F0 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
23:56:59.0843 0x0cfc wscsvc - ok
23:56:59.0875 0x0cfc [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
23:56:59.0968 0x0cfc WSTCODEC - ok
23:57:00.0000 0x0cfc [ C1364564800EE9784192145324A23308, 5345BAE00364233594C9CF99CE2CC485E65B5D4FFBB81C86B2950EDA2427584C ] wuauserv C:\WINDOWS\system32\wuauserv.dll
23:57:00.0093 0x0cfc wuauserv - ok
23:57:00.0140 0x0cfc [ A27D4BA7264C0BF52F32D10405BEA1D4, 5F28607CCAB15FB601BEB35FF0B1A5CD27C678C6D1CA724E842C33EED4579B8C ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
23:57:00.0265 0x0cfc WZCSVC - ok
23:57:00.0296 0x0cfc [ EAA4BB9EDB3FB10CF8979FE65E63658F, B80EB477100FD3E26513360E09DB6EBF0C8D8B0618F1F4BF1F387ABA6DEC9B64 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
23:57:00.0390 0x0cfc xmlprov - ok
23:57:00.0437 0x0cfc [ A5D4EAE27E68625296D685A786897491, 6344B8F4C8C1AE1543D7F342A87C97BB8FEDFA0B60744907C036BF14E7635198 ] yukonwxp C:\WINDOWS\system32\DRIVERS\yk51x86.sys
23:57:00.0484 0x0cfc yukonwxp - ok
23:57:00.0484 0x0cfc ================ Scan global ===============================
23:57:00.0531 0x0cfc [ F36278E42C8C5DF03CE17DAC8231C91C, D012A3C8F394DF4F0BF5D5A4C10E73BBF427762B7D3DB6CF5FAB96536E082B7A ] C:\WINDOWS\system32\basesrv.dll
23:57:00.0578 0x0cfc [ 4C0AA4ABC4E21672B55D8A700AF2B2A6, FAC6B8E2698D0EB12A0ACE62EA398AD05AB6AC5C39740A1E8BDAAF0BFDD5B4A3 ] C:\WINDOWS\system32\winsrv.dll
23:57:00.0609 0x0cfc [ 4C0AA4ABC4E21672B55D8A700AF2B2A6, FAC6B8E2698D0EB12A0ACE62EA398AD05AB6AC5C39740A1E8BDAAF0BFDD5B4A3 ] C:\WINDOWS\system32\winsrv.dll
23:57:00.0640 0x0cfc [ 9EF697AF07BB8DD82C3B02CA953A95B7, F26033E660B8FF1BDB9E88CDA205CE128C03138AF6BEC05DB3CF2D95C16D86C6 ] C:\WINDOWS\system32\services.exe
23:57:00.0640 0x0cfc [ Global ] - ok
23:57:00.0640 0x0cfc ================ Scan MBR ==================================
23:57:00.0656 0x0cfc [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
23:57:00.0906 0x0cfc \Device\Harddisk0\DR0 - ok
23:57:00.0906 0x0cfc ================ Scan VBR ==================================
23:57:00.0921 0x0cfc [ CFA289256880C0FD376F236300E652FD ] \Device\Harddisk0\DR0\Partition1
23:57:00.0921 0x0cfc \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )
23:57:00.0921 0x0cfc \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
23:57:03.0359 0x0cfc ================ Scan generic autorun ======================
23:57:03.0375 0x0cfc [ 47BBA427E91CBB98E41A17B38644987C, A65BF90C1B6D4C6222745888CCE917A73CB39477BB392E6CA31DDF5833C15D52 ] C:\WINDOWS\JM\JMInsIDE.exe
23:57:03.0390 0x0cfc JMB36X IDE Setup - detected UnsignedFile.Multi.Generic ( 1 )
23:57:05.0859 0x0cfc Detect skipped due to KSN trusted
23:57:05.0859 0x0cfc JMB36X IDE Setup - ok
23:57:06.0015 0x0cfc [ CAD6EA2838950506E156B286C2F1ACBE, F78863A16EC01911700DEEC4FE842EDD133578FBFD1DF8521200DF2E52FFEB51 ] C:\WINDOWS\system32\JMRaidSetup.exe
23:57:06.0125 0x0cfc 36X Raid Configurer - detected UnsignedFile.Multi.Generic ( 1 )
23:57:08.0578 0x0cfc Detect skipped due to KSN trusted
23:57:08.0578 0x0cfc 36X Raid Configurer - ok
23:57:08.0656 0x0cfc [ BF91B68606862A32CAB13C24A24DD9A9, B3B4047463416E12B21BA61502BC3A4EFD35DFF9ADBCD46802231D23155B7A8A ] C:\Program Files\PowerISO\PWRISOVM.EXE
23:57:08.0671 0x0cfc PWRISOVM.EXE - detected UnsignedFile.Multi.Generic ( 1 )
23:57:11.0125 0x0cfc Detect skipped due to KSN trusted
23:57:11.0125 0x0cfc PWRISOVM.EXE - ok
23:57:11.0296 0x0cfc [ 2589FFE360BED8F824CBC6171CB5B874, 4C532EE4707F9B4314AF7FC88C86B48AFCDE03A2097919F9801BE47EB5CC61EB ] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
23:57:11.0406 0x0cfc LogitechQuickCamRibbon - ok
23:57:11.0484 0x0cfc [ 61E4289E91E88C90478D7F4BEB10DCF7, 1D0F4034E0111CF5758F470C15A22A0A28EB8269CB5BF07222C9C0FB07A15C55 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
23:57:11.0500 0x0cfc APSDaemon - ok
23:57:11.0531 0x0cfc [ 07C4EBD3107799774FA3103956CD1C40, BB798DE0F18D2A28B18467D958B68C23DBA0A802512C36E708D9EBD9352492F6 ] C:\Program Files\Nuance\PaperPort\IndexSearch.exe
23:57:11.0546 0x0cfc IndexSearch - ok
23:57:11.0562 0x0cfc [ E5F1D2C7D51C816437BBE2306828BC4B, BBBEB3294EF02F3E4C73A3A2FAE83C261A095602D86E1FF272C6FDFCE0C05E1B ] C:\Program Files\Nuance\PaperPort\pptd40nt.exe
23:57:11.0578 0x0cfc PaperPort PTD - ok
23:57:11.0625 0x0cfc [ 9F0ACAA725CF5A391AF7E2067AE45746, CA7F3C2C9D4DCB135ECBFFEB3448D272552B5DB720E0A526B4AC07B1F5E8BC9E ] C:\Program Files\Nuance\PDF Viewer Plus\pdfpro5hook.exe
23:57:11.0656 0x0cfc PDFHook - ok
23:57:11.0671 0x0cfc [ 154420A93E4F676AA33A055A116255D9, DF76577C22EBB439DF2B72D1B6B7A465F067CCEC886FC7A7FB337865DA1DB914 ] C:\Program Files\Nuance\PDF Viewer Plus\RegistryController.exe
23:57:11.0687 0x0cfc PDF5 Registry Controller - ok
23:57:11.0734 0x0cfc [ 016B31B67ACDF4AEB325FAC166684E5D, 3C22DF4E55554EB16EA2CA5927285C35E2A6C3DE22ACDDCD68492EAFAD4B0A9F ] C:\Program Files\ControlCenter4\BrCcBoot.exe
23:57:11.0750 0x0cfc ControlCenter4 - detected UnsignedFile.Multi.Generic ( 1 )
23:57:14.0203 0x0cfc Detect skipped due to KSN trusted
23:57:14.0203 0x0cfc ControlCenter4 - ok
23:57:14.0375 0x0cfc [ 7F42FFCD6FF7CA558C2D95DADCD5EFA9, CD9E71A718AD3FF465950A7D3937884154F021A296C301BE2FECD0AE69F04713 ] C:\Program Files\Browny02\Brother\BrStMonW.exe
23:57:14.0484 0x0cfc BrStsMon00 - detected UnsignedFile.Multi.Generic ( 1 )
23:57:16.0968 0x0cfc Detect skipped due to KSN trusted
23:57:16.0968 0x0cfc BrStsMon00 - ok
23:57:17.0812 0x0cfc [ 8C31C7B29061F27A850654F292BCB9DD, D8077C6EFC180F63BA634E2673769D8D0D482ABFC6EC33BA4000BA5E0078ADA5 ] C:\WINDOWS\RTHDCPL.EXE
23:57:18.0937 0x0cfc RTHDCPL - ok
23:57:19.0046 0x0cfc [ B427B61409493138D39A48EFC5767283, FAF62B36DE80DBE30224DAF2E48E46763BE41FC754E8D32717C7C63D11BDA294 ] C:\WINDOWS\system32\igfxtray.exe
23:57:19.0078 0x0cfc IgfxTray - ok
23:57:19.0078 0x0cfc [ 25B9D53B861552EC83B80A565AC07A47, A68B5E4ED51FEFBCAFE2C4C590CA046EC4EA2242611DB1FB55829FFA35E4E619 ] C:\WINDOWS\system32\hkcmd.exe
23:57:19.0109 0x0cfc HotKeysCmds - ok
23:57:19.0109 0x0cfc [ E24AAF17E339759C296AC67EA56ED97B, 452168EF3F0BBF1AA01DF01699D10C757E873D7511E832A039CF1A67CBD820D3 ] C:\WINDOWS\system32\igfxpers.exe
23:57:19.0140 0x0cfc Persistence - ok
23:57:19.0203 0x0cfc [ 9F96F98409B89C5806F4380867DD48E0, A6A0FC6B013549BB28FD834FCE6AC0DB685AA5B42162F5AD090819B7D212CAA6 ] C:\Program Files\iTunes\iTunesHelper.exe
23:57:19.0218 0x0cfc iTunesHelper - ok
23:57:19.0296 0x0cfc [ 882B5B999A71F56D5DF294D93AE1E7D1, 690B93C4A3E476595808EBDBE5CF620FC4A86D41FCD66023DE0DA7972F8941E4 ] c:\Program Files\Microsoft Security Client\msseces.exe
23:57:19.0343 0x0cfc MSC - ok
23:57:19.0750 0x0cfc [ E1473471169EC64C57B49F9C984DFB1A, 3E05B4AD77F5CE13B01B7E1FD460F9779FF9E7C9E6DEBD5225EC840D96D12AA1 ] C:\Program Files\Logitech\Logitech Vid\vid.exe
23:57:20.0187 0x0cfc Logitech Vid - ok
23:57:20.0343 0x0cfc [ 6BF7676296D5359AFC135A5397000053, D31B9BCB856D6EFDEA27E4D4D341FF939BCBF0E8C97786B447C2074B3C68298E ] C:\Documents and Settings\All Users\Data aplikací\FLEXnet\Connect\11\ISUSPM.exe
23:57:20.0359 0x0cfc ISUSPM - ok
23:57:20.0484 0x0cfc [ BA40465A7A95395BAF8830A79A3BAAD2, 6DFDAAE3D7AA52C69EE2642AD57491FAD3124AF514EFE1E2E2E723F6B2490660 ] C:\Program Files\Hobbyist Software\VLC Streamer\VLC Streamer Configuration.exe
23:57:20.0562 0x0cfc Hobbyist Software VLC Streamer - ok
23:57:20.0562 0x0cfc Waiting for KSN requests completion. In queue: 9
23:57:21.0562 0x0cfc Waiting for KSN requests completion. In queue: 9
23:57:22.0562 0x0cfc Waiting for KSN requests completion. In queue: 9
23:57:23.0625 0x0cfc AV detected via SS1: Microsoft Security Essentials, 4.5.0216.0, enabled, updated
23:57:23.0640 0x0cfc Win FW state via NFM: enabled
23:57:26.0046 0x0cfc ============================================================
23:57:26.0046 0x0cfc Scan finished
23:57:26.0046 0x0cfc ============================================================
23:57:26.0062 0x02b4 Detected object count: 1
23:57:26.0062 0x02b4 Actual detected object count: 1
23:59:01.0984 0x02b4 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - skipped by user
23:59:01.0984 0x02b4 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Skip
23:59:32.0078 0x0ed4 Deinitialize success
Nahoru
eileen75
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 29 srp 2014 22:36

Re: Počítač hlásí hrozbu

#21 Příspěvek od eileen75 »

A ještě tedy mbar log:

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1012

(c) Malwarebytes Corporation 2011-2012

OS version: 5.1.2600 Windows XP Service Pack 3 x86

Account is Administrative

Internet Explorer version: 8.0.6001.18702

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.010000 GHz
Memory total: 2138443776, free: 1200246784

Downloaded database version: v2014.08.30.07
Downloaded database version: v2014.08.21.01
Initializing...
======================
------------ Kernel report ------------
08/31/2014 00:02:49
------------ Loaded modules -----------
\WINDOWS\system32\ntkrnlpa.exe
\WINDOWS\system32\hal.dll
\WINDOWS\system32\KDCOM.DLL
\WINDOWS\system32\BOOTVID.dll
sptd.sys
ACPI.sys
\WINDOWS\system32\DRIVERS\WMILIB.SYS
pci.sys
isapnp.sys
pciide.sys
\WINDOWS\system32\DRIVERS\PCIIDEX.SYS
MountMgr.sys
ftdisk.sys
PartMgr.sys
VolSnap.sys
atapi.sys
jraid.sys
\WINDOWS\system32\DRIVERS\SCSIPORT.SYS
disk.sys
\WINDOWS\system32\DRIVERS\CLASSPNP.SYS
fltmgr.sys
sr.sys
MpFilter.sys
KSecDD.sys
Ntfs.sys
NDIS.sys
ohci1394.sys
\WINDOWS\system32\DRIVERS\1394BUS.SYS
Mup.sys
JGOGO.sys
\WINDOWS\system32\ntkrnlpa.exe
\SystemRoot\system32\DRIVERS\nic1394.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\igxpmp32.sys
\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\yk51x86.sys
\SystemRoot\system32\DRIVERS\imapi.sys
\SystemRoot\System32\Drivers\AnyDVD.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\redbook.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\fdc.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\parport.sys
\SystemRoot\System32\Drivers\a58jmp97.SYS
\SystemRoot\system32\DRIVERS\audstub.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\psched.sys
\SystemRoot\system32\DRIVERS\msgpc.sys
\SystemRoot\system32\DRIVERS\ptilink.sys
\SystemRoot\system32\DRIVERS\raspti.sys
\SystemRoot\System32\Drivers\pcouffin.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\update.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\system32\DRIVERS\dtsoftbus01.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\drivers\RtkHDAud.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\DRIVERS\flpydisk.sys
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\Drivers\mnmdd.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\rasacd.sys
\SystemRoot\system32\DRIVERS\ipsec.sys
\SystemRoot\system32\DRIVERS\tcpip.sys
\SystemRoot\system32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\ipnat.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\System32\drivers\ws2ifsl.sys
\SystemRoot\System32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\arp1394.sys
\SystemRoot\System32\Drivers\SCDEmu.SYS
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\System32\Drivers\Fips.SYS
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\System32\Drivers\ElbyCDIO.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\System32\Drivers\Cdfs.SYS
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_WMILIB.SYS
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\watchdog.sys
\SystemRoot\System32\drivers\dxg.sys
\SystemRoot\System32\drivers\dxgthk.sys
\SystemRoot\System32\igxpgd32.dll
\SystemRoot\System32\igxprd32.dll
\SystemRoot\System32\igxpdv32.DLL
\SystemRoot\System32\igxpdx32.DLL
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\drivers\wdmaud.sys
\SystemRoot\system32\drivers\sysaudio.sys
\SystemRoot\System32\Drivers\ParVdm.SYS
\SystemRoot\system32\DRIVERS\srv.sys
\SystemRoot\System32\Drivers\Fastfat.SYS
\SystemRoot\system32\DRIVERS\LVPr2Mon.sys
\SystemRoot\System32\Drivers\HTTP.sys
\SystemRoot\system32\drivers\LVUSBSta.sys
\SystemRoot\system32\DRIVERS\usbscan.sys
\SystemRoot\system32\drivers\kmixer.sys
\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
\??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
\WINDOWS\system32\ntdll.dll
\Program Files\DAEMON Tools Lite\Engine.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff8a4fbab8
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP2T0L0-5\
Lower Device Object: 0xffffffff8a4c1940
Lower Device Driver Name: \Driver\atapi\
IRP handler 0 of \Driver\atapi is hooked
IRP handler 2 of \Driver\atapi is hooked
IRP handler 14 of \Driver\atapi is hooked
IRP handler 15 of \Driver\atapi is hooked
IRP handler 22 of \Driver\atapi is hooked
IRP handler 23 of \Driver\atapi is hooked
IRP handler 27 of \Driver\atapi is hooked
Unhooking enabled.
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff8a4fbab8
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP2T0L0-5\
Lower Device Object: 0xffffffff8a4c1940
Lower Device Driver Name: \Driver\atapi\
Driver name found: atapi
Initialization returned 0x0
Load Function returned 0x0
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff8a4fbab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff8a4bee08, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff8a4fbab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff8a552510, DeviceName: \Device\0000006c\, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff8a4c1940, DeviceName: \Device\Ide\IdeDeviceP2T0L0-5\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0xffffffffe3e2ae10, 0xffffffff8a4fbab8, 0xffffffff89639040
Lower DeviceData: 0xffffffffe513c768, 0xffffffff8a4c1940, 0xffffffff89602620
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 36ED36EC

Partition information:

Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 63 Numsec = 625121217
Partition file system is NTFS
Partition is bootable

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 320071851520 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-62-625120335-625140335)...
Sectors 625120335 - 625120590 --> [Forged physical sectors]
Done!
Infected: C:\Documents and Settings\All Users\Data aplikací\InstallMate\{72292B8C-EB30-4C3D-AED6-A312A9CA097A}\Custom.dll --> [Adware.Agent]
Infected: C:\Documents and Settings\Lenka Bürgerová\Local Settings\Data aplikací\Odics\tmp4.exe --> [Spyware.Zbot.ED]
Scan finished
Creating System Restore point...
Cleaning up...
Removal scheduling successful. System shutdown needed.
System shutdown occurred
=======================================


Removal queue found; removal started
Removing C:\Documents and Settings\All Users\Data aplikací\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\Documents and Settings\All Users\Data aplikací\Malwarebytes' Anti-Malware (portable)\VBR-0-0-63-i.mbam...
Removing C:\Documents and Settings\All Users\Data aplikací\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removing C:\Documents and Settings\All Users\Data aplikací\Malwarebytes' Anti-Malware (portable)\LBA-0-625120335-u.mbam...
Removing C:\Documents and Settings\All Users\Data aplikací\Malwarebytes' Anti-Malware (portable)\LBA-0-625120335-k.mbam...
Removal finished
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1012

(c) Malwarebytes Corporation 2011-2012

OS version: 5.1.2600 Windows XP Service Pack 3 x86

Account is Administrative

Internet Explorer version: 8.0.6001.18702

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.010000 GHz
Memory total: 2138443776, free: 1293983744
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Počítač hlásí hrozbu

#22 Příspěvek od vyosek »

Zdravim :)

:arrow: Omlouvam se kolegovi za vstup - zadost uzivatelky

:arrow: Spustte znovu TDSSKiller ale u polozky \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) nechte volbu co tam bude, zrejme Cure, at nam to poleci
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
eileen75
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 29 srp 2014 22:36

Re: Počítač hlásí hrozbu

#23 Příspěvek od eileen75 »

Děkuji, jen upozorním, že jsem nemusela nic měnit, bylo všude SKip.
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Počítač hlásí hrozbu

#24 Příspěvek od vyosek »

Poprosim tedy o novy sken TDSSKillerem a log pak sem :)
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
eileen75
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 29 srp 2014 22:36

Re: Počítač hlásí hrozbu

#25 Příspěvek od eileen75 »

A mám tam dát Cure, nebo nechat?
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Počítač hlásí hrozbu

#26 Příspěvek od vyosek »

U polozky Rootkit.Boot.Cidox.b dejte Cure, ostatni Skip
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
eileen75
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 29 srp 2014 22:36

Re: Počítač hlásí hrozbu

#27 Příspěvek od eileen75 »

Projela jsem to, dala jsem Cure, které tam bylo doporučené a restartovala jsem, pak se mi program ukázal znova, projela jsem ještě jednou a neukázalo mi to nic, zde je ten log po restartu:

16:29:06.0296 0x0e48 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
16:29:12.0078 0x0e48 ============================================================
16:29:12.0078 0x0e48 Current date / time: 2014/08/31 16:29:12.0078
16:29:12.0078 0x0e48 SystemInfo:
16:29:12.0078 0x0e48
16:29:12.0078 0x0e48 OS Version: 5.1.2600 ServicePack: 3.0
16:29:12.0078 0x0e48 Product type: Workstation
16:29:12.0078 0x0e48 ComputerName: BURGEROVI
16:29:12.0078 0x0e48 UserName: Lenka Bürgerová
16:29:12.0078 0x0e48 Windows directory: C:\WINDOWS
16:29:12.0078 0x0e48 System windows directory: C:\WINDOWS
16:29:12.0078 0x0e48 Processor architecture: Intel x86
16:29:12.0078 0x0e48 Number of processors: 2
16:29:12.0078 0x0e48 Page size: 0x1000
16:29:12.0078 0x0e48 Boot type: Normal boot
16:29:12.0078 0x0e48 ============================================================
16:29:15.0390 0x0e48 KLMD registered as C:\WINDOWS\system32\drivers\34326734.sys
16:29:15.0656 0x0e48 System UUID: {C6862F8A-B264-4EBC-D5C1-50ED4E675FDD}
16:29:16.0484 0x0e48 Drive \Device\Harddisk0\DR0 - Size: 0x4A85C4DE00 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
16:29:16.0484 0x0e48 ============================================================
16:29:16.0484 0x0e48 \Device\Harddisk0\DR0:
16:29:16.0484 0x0e48 MBR partitions:
16:29:16.0484 0x0e48 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x254297C1
16:29:16.0484 0x0e48 ============================================================
16:29:16.0515 0x0e48 C: <-> \Device\Harddisk0\DR0\Partition1
16:29:16.0515 0x0e48 ============================================================
16:29:16.0515 0x0e48 Initialize success
16:29:16.0515 0x0e48 ============================================================
16:29:44.0765 0x0c24 ============================================================
16:29:44.0765 0x0c24 Scan started
16:29:44.0765 0x0c24 Mode: Manual;
16:29:44.0765 0x0c24 ============================================================
16:29:44.0765 0x0c24 KSN ping started
16:29:47.0203 0x0c24 KSN ping finished: true
16:29:48.0125 0x0c24 ================ Scan system memory ========================
16:29:48.0125 0x0c24 System memory - ok
16:29:48.0125 0x0c24 ================ Scan services =============================
16:29:48.0203 0x0c24 Abiosdsk - ok
16:29:48.0203 0x0c24 abp480n5 - ok
16:29:48.0234 0x0c24 [ 4FE34F1F3126B61FCC6B2043AA8112C9, DE370865E47A5D2A4B227EEFFB42384F67F08D622BF936A9C9CEF70CC47F324B ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
16:29:48.0234 0x0c24 ACPI - ok
16:29:48.0375 0x0c24 [ AFDFF022A01F0B11C776F0860C3B282F, 135E5257B62D921B76271014301E9EA1E2383D5DBB04E475DC3A7EFFD2561F56 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
16:29:48.0375 0x0c24 ACPIEC - ok
16:29:48.0453 0x0c24 [ A6B6AB9502B63F43A9A56AE6AFB22078, DD1F0BA3D8F3333F52A71EAE3719A001F6EF844D647FFABF0E4C56C6C764ACA7 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:29:48.0453 0x0c24 AdobeFlashPlayerUpdateSvc - ok
16:29:48.0468 0x0c24 adpu160m - ok
16:29:48.0515 0x0c24 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
16:29:48.0515 0x0c24 aec - ok
16:29:48.0578 0x0c24 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
16:29:48.0578 0x0c24 AFD - ok
16:29:48.0578 0x0c24 Aha154x - ok
16:29:48.0593 0x0c24 aic78u2 - ok
16:29:48.0593 0x0c24 aic78xx - ok
16:29:48.0625 0x0c24 [ E0A6FA244B8624D78FE5FF6F56A33BAE, 26B828FDB03AE4A4F1DC7A1792F9BAD69CF947897D47F5E567F24F4B6D5CB541 ] Alerter C:\WINDOWS\system32\alrsvc.dll
16:29:48.0625 0x0c24 Alerter - ok
16:29:48.0656 0x0c24 [ 88842DE939A827577BF24243699AC80A, A49C9A6A9941F3A2FBBCFE1F6DB48B632739D00670AC98ECCCBC7FD9E786B21A ] ALG C:\WINDOWS\System32\alg.exe
16:29:48.0656 0x0c24 ALG - ok
16:29:48.0671 0x0c24 AliIde - ok
16:29:48.0765 0x0c24 [ 267FC636801EDC5AB28E14036349E3BE, CFEF5DF5F9BE820283376BB86DB3CF6609C02D316A742E17459A2BFA42E724E0 ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys
16:29:48.0812 0x0c24 Ambfilt - ok
16:29:48.0812 0x0c24 amsint - ok
16:29:48.0843 0x0c24 [ D9632DF732EAE381ABBD7581B6C8DC00, D32E46085CC75B6B40E7977B6958197362436BB15BB960A4AB036E53375391DF ] AnyDVD C:\WINDOWS\system32\Drivers\AnyDVD.sys
16:29:48.0843 0x0c24 AnyDVD - ok
16:29:48.0953 0x0c24 [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:29:48.0953 0x0c24 Apple Mobile Device - ok
16:29:48.0953 0x0c24 AppMgmt - ok
16:29:48.0968 0x0c24 [ B5B8A80875C1DEDEDA8B02765642C32F, AD0C71D73B1B8225351FBF4FFB43001A32B4DAE69504C59970CD2428BB33D4EF ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
16:29:48.0968 0x0c24 Arp1394 - ok
16:29:48.0968 0x0c24 asc - ok
16:29:48.0984 0x0c24 asc3350p - ok
16:29:48.0984 0x0c24 asc3550 - ok
16:29:49.0062 0x0c24 [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
16:29:49.0078 0x0c24 aspnet_state - ok
16:29:49.0093 0x0c24 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
16:29:49.0093 0x0c24 AsyncMac - ok
16:29:49.0140 0x0c24 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
16:29:49.0140 0x0c24 atapi - ok
16:29:49.0156 0x0c24 Atdisk - ok
16:29:49.0171 0x0c24 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
16:29:49.0171 0x0c24 Atmarpc - ok
16:29:49.0218 0x0c24 [ DE31B88962A8645DBA5A37B993E7B0F1, CA93F25A3FD0CE68BB9B8E3AB6B813BF38DE3EDDFC990291B3957FAA59B2B274 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
16:29:49.0218 0x0c24 AudioSrv - ok
16:29:49.0265 0x0c24 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
16:29:49.0265 0x0c24 audstub - ok
16:29:49.0296 0x0c24 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
16:29:49.0296 0x0c24 Beep - ok
16:29:49.0359 0x0c24 [ 19395D092FD85DDC2D9C7729CF5A2AC8, 7640F36BA19698EE8A6257BF78A8C57DD9D734BED9CA6BB9B68603BAEA092412 ] BITS C:\WINDOWS\system32\qmgr.dll
16:29:49.0375 0x0c24 BITS - ok
16:29:49.0437 0x0c24 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:29:49.0453 0x0c24 Bonjour Service - ok
16:29:49.0484 0x0c24 [ 89E739BBA5F636297EA5B5F811189E06, 151B32B12F5DD0D388134DA2471FE9741CF22B9C408DA58FEF8019D3C4EC836B ] Browser C:\WINDOWS\System32\browser.dll
16:29:49.0500 0x0c24 Browser - ok
16:29:49.0531 0x0c24 [ 92A964547B96D697E5E9ED43B4297F5A, 01A84802B68253FF093EAFED5B85DE716BB85EBD080D92D4814B6FB39286CD24 ] BrScnUsb C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys
16:29:49.0546 0x0c24 BrScnUsb - ok
16:29:49.0593 0x0c24 [ EA7E57F87D6FEE5FD6C5F813C04E8CD2, 1EB84F4DEE3034FAFBEA2A3F84EECE036E803872DA94D54E958E9F2F09519E88 ] BrYNSvc C:\Program Files\Browny02\BrYNSvc.exe
16:29:49.0609 0x0c24 BrYNSvc - ok
16:29:49.0609 0x0c24 catchme - ok
16:29:49.0640 0x0c24 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
16:29:49.0640 0x0c24 cbidf2k - ok
16:29:49.0656 0x0c24 [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
16:29:49.0656 0x0c24 CCDECODE - ok
16:29:49.0671 0x0c24 cd20xrnt - ok
16:29:49.0687 0x0c24 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
16:29:49.0687 0x0c24 Cdaudio - ok
16:29:49.0703 0x0c24 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
16:29:49.0703 0x0c24 Cdfs - ok
16:29:49.0718 0x0c24 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
16:29:49.0718 0x0c24 Cdrom - ok
16:29:49.0718 0x0c24 Changer - ok
16:29:49.0750 0x0c24 [ E390DC1D7C461D7D56EC53402F329928, FB37F84E71353CD83FCDDD39C898C6D84C05130C5F1BEF022E3DFDE160398C0E ] CiSvc C:\WINDOWS\system32\cisvc.exe
16:29:49.0750 0x0c24 CiSvc - ok
16:29:49.0750 0x0c24 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA, 1725067BC759484A7185A4F1A44ED3CBE481529D187FE98EF279425B79177EB1 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
16:29:49.0750 0x0c24 ClipSrv - ok
16:29:49.0843 0x0c24 [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:29:49.0843 0x0c24 clr_optimization_v2.0.50727_32 - ok
16:29:49.0890 0x0c24 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:29:49.0921 0x0c24 clr_optimization_v4.0.30319_32 - ok
16:29:49.0921 0x0c24 CmdIde - ok
16:29:49.0937 0x0c24 COMSysApp - ok
16:29:49.0953 0x0c24 Cpqarray - ok
16:29:49.0968 0x0c24 [ D01F685F8B4598D144B0CCE9FF95D8D5, A68EF814CDBD7291DEF4745FE14D5080041BD3275AB12629C7811506AF2B8E17 ] cpudrv C:\Program Files\SystemRequirementsLab\cpudrv.sys
16:29:49.0984 0x0c24 cpudrv - ok
16:29:50.0000 0x0c24 [ F3AB0933CBD166D271992F411C27CCAF, 50E01F3B058F814BE914FA5050B2D972E8584A467719A5ABCF9D9EBD596A54A7 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
16:29:50.0000 0x0c24 CryptSvc - ok
16:29:50.0015 0x0c24 dac2w2k - ok
16:29:50.0015 0x0c24 dac960nt - ok
16:29:50.0078 0x0c24 [ BE27674D1CBC3214AEC84B4336A38BBF, 3DF5F9A9E97595A61314B2731DF4F3D3C19D1B9D2291624A63B8E1861FFC2D76 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
16:29:50.0093 0x0c24 DcomLaunch - ok
16:29:50.0109 0x0c24 [ 8C9A53E285AC5E6704844D0459EC85BE, 9E86AF4C06CEC007C9B1590B6E056319603E4D79BED0C2471C6F1BC251B380CF ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
16:29:50.0109 0x0c24 Dhcp - ok
16:29:50.0125 0x0c24 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
16:29:50.0125 0x0c24 Disk - ok
16:29:50.0125 0x0c24 dmadmin - ok
16:29:50.0187 0x0c24 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C, 46074FBBC5E4A40A7B3A45636089DEDD2A619778C7DCD797571C2BB64D775F7E ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
16:29:50.0203 0x0c24 dmboot - ok
16:29:50.0218 0x0c24 [ FFF1720AF51171F32F1EAD5CF71F2810, 2E40D63DC7670C1E88A532DB8923A98ABC8481C351C4D915C2753E10BA77F36D ] dmio C:\WINDOWS\system32\drivers\dmio.sys
16:29:50.0234 0x0c24 dmio - ok
16:29:50.0250 0x0c24 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
16:29:50.0250 0x0c24 dmload - ok
16:29:50.0265 0x0c24 [ 2BFEFE9E865655A76982F050450B9591, 15C7D093D638770519AA43E7D8897310F32AB1F217027F5750D799494A985C35 ] dmserver C:\WINDOWS\System32\dmserver.dll
16:29:50.0265 0x0c24 dmserver - ok
16:29:50.0296 0x0c24 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
16:29:50.0296 0x0c24 DMusic - ok
16:29:50.0328 0x0c24 [ DFAA406BF19F4EE806A6F8D4342137F7, EE2C11B3E37565FC009E323607B2F5F148F9219012EDF848CEFC1B273DAA98A9 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
16:29:50.0328 0x0c24 Dnscache - ok
16:29:50.0343 0x0c24 [ 4A3E2BD20157A0946751229E92EB8621, D8C00CC2C18C517F7262EBC3C511C062E5ABA797056AEB22AC5DEB306BA8C526 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
16:29:50.0343 0x0c24 Dot3svc - ok
16:29:50.0359 0x0c24 dpti2o - ok
16:29:50.0375 0x0c24 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
16:29:50.0375 0x0c24 drmkaud - ok
16:29:50.0437 0x0c24 [ 687AF6BB383885FF6A64071B189A7F3E, 1C751B8DD27F63E88D0223A8434CED7589AC00EC6275938C59D1B954F0354F78 ] dtsoftbus01 C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
16:29:50.0437 0x0c24 dtsoftbus01 - ok
16:29:50.0468 0x0c24 [ 0887D9C2BE8D940778CAD1E3B85F2A41, 2E30DC06D46A5E174B7CAA2D70BDB697015495942572E90425E2EE7AC541BCF4 ] EapHost C:\WINDOWS\System32\eapsvc.dll
16:29:50.0468 0x0c24 EapHost - ok
16:29:50.0500 0x0c24 [ 28CB0B64134AD62C2ACF77DB8501A619, ADA4E42BF5EF58EF1AAD94435441003B1CC1FCAA5D38BFDBE1A3D736DC451D47 ] ElbyCDIO C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
16:29:50.0500 0x0c24 ElbyCDIO - ok
16:29:50.0500 0x0c24 [ A2A4912798F2BE706ABADD3D30800D16, CCCCA389D22525D984DE9B59E4CEBE0EEEF315F725176EB5C4DC1A5B6157234A ] ERSvc C:\WINDOWS\System32\ersvc.dll
16:29:50.0500 0x0c24 ERSvc - ok
16:29:50.0515 0x0c24 [ 9EF697AF07BB8DD82C3B02CA953A95B7, F26033E660B8FF1BDB9E88CDA205CE128C03138AF6BEC05DB3CF2D95C16D86C6 ] Eventlog C:\WINDOWS\system32\services.exe
16:29:50.0531 0x0c24 Eventlog - ok
16:29:50.0578 0x0c24 [ A371F11EF07653591C8DE26AFB13CE7F, 1192EDC8B146F1C27E8CD7E126DDC044F8B368C2E891A90CD81620D48C9550B6 ] EventSystem C:\WINDOWS\system32\es.dll
16:29:50.0593 0x0c24 EventSystem - ok
16:29:50.0625 0x0c24 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
16:29:50.0640 0x0c24 Fastfat - ok
16:29:50.0671 0x0c24 [ EE9A2B9EA968A792A053C9D1A86BF870, 39798179F2EA42216CBE98F08ADA3675A87BD0C31A66534367B96CB129AF36BA ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
16:29:50.0687 0x0c24 FastUserSwitchingCompatibility - ok
16:29:50.0718 0x0c24 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
16:29:50.0718 0x0c24 Fdc - ok
16:29:50.0765 0x0c24 [ AC366695A0796560AA37215AD5762AAF, 6ADC7443EA42D77199D4879AF3C33A07914116C69A34B895D8CB8444EE50077F ] Fips C:\WINDOWS\system32\drivers\Fips.sys
16:29:50.0765 0x0c24 Fips - ok
16:29:50.0781 0x0c24 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
16:29:50.0781 0x0c24 Flpydisk - ok
16:29:50.0843 0x0c24 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
16:29:50.0843 0x0c24 FltMgr - ok
16:29:50.0906 0x0c24 [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
16:29:50.0906 0x0c24 FontCache3.0.0.0 - ok
16:29:50.0921 0x0c24 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:29:50.0921 0x0c24 Fs_Rec - ok
16:29:50.0921 0x0c24 [ 4E664D8541DB4A66B73A24257E322E1F, 17A2140AFE2B41E579FCCAFB82532853AD90A6EDBCB13DE80741DAE0AD5B4CC9 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
16:29:50.0921 0x0c24 Ftdisk - ok
16:29:50.0953 0x0c24 [ 54789F9BA0D59072CDD4E7C200E122C4, EAA497A97E2097CCEF5F7549E35CC87F652923E31BFDB9B590B54D7D8C72050A ] gdrv C:\WINDOWS\gdrv.sys
16:29:50.0984 0x0c24 gdrv - ok
16:29:51.0031 0x0c24 [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
16:29:51.0031 0x0c24 GEARAspiWDM - ok
16:29:51.0046 0x0c24 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
16:29:51.0046 0x0c24 Gpc - ok
16:29:51.0125 0x0c24 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
16:29:51.0140 0x0c24 gupdate - ok
16:29:51.0140 0x0c24 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
16:29:51.0140 0x0c24 gupdatem - ok
16:29:51.0187 0x0c24 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
16:29:51.0187 0x0c24 gusvc - ok
16:29:51.0234 0x0c24 [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
16:29:51.0234 0x0c24 HDAudBus - ok
16:29:51.0281 0x0c24 [ FCFE31FB75F8A6295B6B0AF87A626282, 6BA385797DBC73EB29EFE3293B80C21B1B8A1E9B87A462476E73C526C9565E5F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
16:29:51.0281 0x0c24 helpsvc - ok
16:29:51.0328 0x0c24 [ 00E25EE90166B3E1BE6E74AEBF858306, 92C2F020EF14DE3B4F09E2C5DFF3D2F35D8C50F6D0188F9CEEFE3B6075602EFE ] HidServ C:\WINDOWS\System32\hidserv.dll
16:29:51.0328 0x0c24 HidServ - ok
16:29:51.0343 0x0c24 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
16:29:51.0343 0x0c24 HidUsb - ok
16:29:51.0375 0x0c24 [ 7A6B320928F86BC851530D63C82965D9, 1F628759D31098DFBC05244735B5A62ACD8E45DBC5C9D236260D68EB8F1E28F5 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
16:29:51.0375 0x0c24 hkmsvc - ok
16:29:51.0375 0x0c24 hpn - ok
16:29:51.0406 0x0c24 [ 9F1D80908658EB7F1BF70809E0B51470, 84FD62D34BC63BA41027DD2164B1E4F86BC8783E8A601E9F189627A4B3D54AAA ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
16:29:51.0406 0x0c24 HPZid412 - ok
16:29:51.0421 0x0c24 [ F7E3E9D50F9CD3DE28085A8FDAA0A1C3, 886A5222940A6E14B359B45AA158390468B601FB58949E7F5BEC93B5459AF689 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
16:29:51.0437 0x0c24 HPZipr12 - ok
16:29:51.0453 0x0c24 [ CF1B7951B4EC8D13F3C93B74BB2B461B, 3A1B8A9A9AB0E916288AD6198C377E3A4D278DB3D8DCD4299F0ADC83973F0495 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
16:29:51.0453 0x0c24 HPZius12 - ok
16:29:51.0500 0x0c24 [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
16:29:51.0515 0x0c24 HTTP - ok
16:29:51.0562 0x0c24 [ 58FE2F2DA3BC5573F4A35B3760D3125F, B241ACCE426402EC64DC34C49CECB8CDC0851986D54BFCCED7040D6C43F5787A ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
16:29:51.0562 0x0c24 HTTPFilter - ok
16:29:51.0562 0x0c24 i2omgmt - ok
16:29:51.0562 0x0c24 i2omp - ok
16:29:51.0625 0x0c24 [ C528E27945367191E7BAE364930B6932, 1B95C7B49B4CAE734DC6C9EC22555C5356EEC856B8491C761C777479264CF854 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
16:29:51.0625 0x0c24 i8042prt - ok
16:29:51.0906 0x0c24 [ 66A685B05066683621920BC14A45CFE8, B1DA4E1083E1B60E29607BFEF62653E13A0A9DD5A2ED7074B43BC4185AE64959 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
16:29:52.0078 0x0c24 ialm - ok
16:29:52.0171 0x0c24 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
16:29:52.0171 0x0c24 IDriverT - ok
16:29:52.0250 0x0c24 [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:29:52.0281 0x0c24 idsvc - ok
16:29:52.0296 0x0c24 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
16:29:52.0296 0x0c24 Imapi - ok
16:29:52.0328 0x0c24 [ F7B93AAFAD33B2320954C17E26C8D361, 8CFDB11A68B59E195F280BE08B25FA59F1F70833832919B8BECCE17616999934 ] ImapiService C:\WINDOWS\system32\imapi.exe
16:29:52.0343 0x0c24 ImapiService - ok
16:29:52.0343 0x0c24 ini910u - ok
16:29:52.0640 0x0c24 [ 063DD51CBDC37B8668E09148E0A118BC, 5FBBD6C067B4614DF99562B3A46EEBD08588CA71D640BBA0BB9A1DAB6CA34D07 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
16:29:52.0812 0x0c24 IntcAzAudAddService - ok
16:29:52.0828 0x0c24 IntelIde - ok
16:29:52.0890 0x0c24 [ 27B290D632AF2CF3CF40BFDDB7370985, 2C266777B4A96706658B8C9A7B30D15D6E495C815FAE23A0A1FC747E9B5AE363 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
16:29:52.0890 0x0c24 intelppm - ok
16:29:52.0906 0x0c24 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
16:29:52.0906 0x0c24 Ip6Fw - ok
16:29:52.0937 0x0c24 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:29:52.0937 0x0c24 IpFilterDriver - ok
16:29:52.0953 0x0c24 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
16:29:52.0953 0x0c24 IpInIp - ok
16:29:52.0968 0x0c24 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
16:29:52.0968 0x0c24 IpNat - ok
16:29:53.0015 0x0c24 [ 061614179585BE398A73B9B3AF111310, BE715790531CBF3E038C6C2083A0802FA492D1DCAB3ACFE035DF72E3D6A4B83B ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:29:53.0031 0x0c24 iPod Service - ok
16:29:53.0062 0x0c24 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
16:29:53.0062 0x0c24 IPSec - ok
16:29:53.0078 0x0c24 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
16:29:53.0078 0x0c24 IRENUM - ok
16:29:53.0109 0x0c24 [ CC9F8A2D60AED1A51A3AC34C59B987AE, CBF69817BE3D9A4617390B1A3306074CB8581F21562CD1357D32BC3E542F3CEE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
16:29:53.0109 0x0c24 isapnp - ok
16:29:53.0234 0x0c24 [ 9ECF00E19736054E019C532AED8228FC, F5A64A8269EA3655BBD4850298F335C0BD30535258928ED7CE62A32A3363E60B ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
16:29:53.0234 0x0c24 JavaQuickStarterService - ok
16:29:53.0265 0x0c24 [ C995C0E8B4503FAC38793BB0236AD246, 5147C90053C8DBAFA9A7E4457A03AA2BCF5EC1A7367526FD102D4B542CC357B0 ] JGOGO C:\WINDOWS\system32\DRIVERS\JGOGO.sys
16:29:53.0265 0x0c24 JGOGO - ok
16:29:53.0265 0x0c24 [ F90A4E8657319A652E04C5362926CFEA, 38169807B92FB550385DD5D73AFC4CB92D2F40FA29C803D6E94FD87349EB4CEE ] JRAID C:\WINDOWS\system32\DRIVERS\jraid.sys
16:29:53.0281 0x0c24 JRAID - ok
16:29:53.0312 0x0c24 [ 1B6162FE7F66B1A71A4B70F941C4AA9B, C2EA494BAB0513A6027414FB1E75834F980A77852D0DC8559E8942FC222A075A ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
16:29:53.0312 0x0c24 Kbdclass - ok
16:29:53.0312 0x0c24 [ 86C8F23616C6C6E5B2776901C17B945B, 211B63FC405A2DDB126D204D61E779D66C7211882CC0374521926C633E180B91 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
16:29:53.0312 0x0c24 kbdhid - ok
16:29:53.0328 0x0c24 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
16:29:53.0343 0x0c24 kmixer - ok
16:29:53.0359 0x0c24 [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
16:29:53.0359 0x0c24 KSecDD - ok
16:29:53.0390 0x0c24 [ 3428E8F86F8ADD36B42FB23542C7B3E4, 9CF643D1A70AF08407ACD5FD6FE4B8777521DDF41B5E63C2E6E1E4CAAC69A403 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
16:29:53.0390 0x0c24 LanmanServer - ok
16:29:53.0453 0x0c24 [ 936C1D110232D23B621CB0196E4F80F0, 2DE3AF93E20F1DC7A6FF31B18054EA4D2350387E4DA91C4B16D451384F0C57E2 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
16:29:53.0453 0x0c24 lanmanworkstation - ok
16:29:53.0453 0x0c24 lbrtfdc - ok
16:29:53.0484 0x0c24 [ 0AB159F536E3E8F7F07113702A07CCA5, 3218C553183E6697C663B6D12790E09756B50505590858DD5AC62411D37CDD7C ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
16:29:53.0484 0x0c24 LmHosts - ok
16:29:53.0531 0x0c24 [ 1A7DB7A00A4B0D8DA24CD691A4547291, 604E29E827841EA06313172D9063FD946CE592BF844CEA8D10173CAA397704F8 ] LVPr2Mon C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
16:29:53.0531 0x0c24 LVPr2Mon - ok
16:29:53.0718 0x0c24 [ 0DDFDCAA92C7F553328DB06BA599BEA9, DB779E38B1CF1CAD69193857043F8ED8BBEB603E97363CD798F6699431D94A41 ] LVPrcSrv C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
16:29:53.0734 0x0c24 LVPrcSrv - ok
16:29:53.0765 0x0c24 [ F7E15F2FE7790733DF86E95A76556389, 8E5246CF8ADCEB614C903EC1D6F594019E4798B1C5A5ED955345C7A95BD5272A ] LVUSBSta C:\WINDOWS\system32\drivers\LVUSBSta.sys
16:29:53.0781 0x0c24 LVUSBSta - ok
16:29:53.0796 0x0c24 [ 221CD1C815B8A6B79389C3F5D1018DE8, 6D0D25D6669C4F9452F74EC72C6138A41D9408E01AF5FD01C08F27BE7BC9C905 ] Messenger C:\WINDOWS\System32\msgsvc.dll
16:29:53.0796 0x0c24 Messenger - ok
16:29:53.0812 0x0c24 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
16:29:53.0828 0x0c24 mnmdd - ok
16:29:53.0859 0x0c24 [ 9A57D046F88F4B69751B11FD40088A61, 62F65433024CE411F111A88723747B8A83B31076FBAF4CFF40FD02A53D7FF7DF ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
16:29:53.0859 0x0c24 mnmsrvc - ok
16:29:53.0875 0x0c24 [ 44032B0C6D9954D3FD26438330B99EE7, A49749A4C00D50F57170AA5DA9E2DEECC8C524A48B144C8B784894F2C202FBEE ] Modem C:\WINDOWS\system32\drivers\Modem.sys
16:29:53.0875 0x0c24 Modem - ok
16:29:53.0953 0x0c24 [ C7D9F9717916B34C1B00DD4834AF485C, A9512A03E8142C83534189963F90ADA6FA425BD606928C40C3D724177105A658 ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys
16:29:54.0000 0x0c24 Monfilt - ok
16:29:54.0000 0x0c24 [ 4CB582831DBDE63CE43B45D771218374, 6D470B26197C5B388983D9213D48D2CDE934C9591572876DC7790FE4B59E0845 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
16:29:54.0000 0x0c24 Mouclass - ok
16:29:54.0046 0x0c24 [ BB269EBA740737AB749B214D568B6812, ABF41D9B521EBBE674E76981CAD31F8FD05976DE7070266C3956FDB67C83C4C2 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
16:29:54.0046 0x0c24 mouhid - ok
16:29:54.0046 0x0c24 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
16:29:54.0062 0x0c24 MountMgr - ok
16:29:54.0109 0x0c24 [ 4E9D8041D352A33332FD6F59A3A78B03, D4E6229B07EF9866993EEE4F6223DC7F1FF1108273FE14A3DC74E65C181DE56A ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
16:29:54.0109 0x0c24 MozillaMaintenance - ok
16:29:54.0156 0x0c24 [ 8072A7BB35D92CC621AC2605EEF79BC4, 68F61BE84A5032CEC24F04C90DACA1AE78F3744016389BE2345256B26E44E09A ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys
16:29:54.0171 0x0c24 MpFilter - ok
16:29:54.0171 0x0c24 mraid35x - ok
16:29:54.0203 0x0c24 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
16:29:54.0218 0x0c24 MRxDAV - ok
16:29:54.0234 0x0c24 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:29:54.0250 0x0c24 MRxSmb - ok
16:29:54.0265 0x0c24 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D, 78D63EE2C0B0852F0771071C099643242EBC9F4DA28847B93BCE9C3CC1091938 ] MSDTC C:\WINDOWS\system32\msdtc.exe
16:29:54.0265 0x0c24 MSDTC - ok
16:29:54.0296 0x0c24 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
16:29:54.0296 0x0c24 Msfs - ok
16:29:54.0296 0x0c24 MSIServer - ok
16:29:54.0359 0x0c24 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
16:29:54.0359 0x0c24 MSKSSRV - ok
16:29:54.0406 0x0c24 [ 1EE3643D1AA747222427F63353611AD7, 18465E375485DF4E980121449077D5BA87C25C5FA8D86F40DA3B7BE153306766 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
16:29:54.0406 0x0c24 MsMpSvc - ok
16:29:54.0406 0x0c24 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:29:54.0406 0x0c24 MSPCLOCK - ok
16:29:54.0437 0x0c24 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
16:29:54.0437 0x0c24 MSPQM - ok
16:29:54.0468 0x0c24 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
16:29:54.0484 0x0c24 mssmbios - ok
16:29:54.0515 0x0c24 [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
16:29:54.0515 0x0c24 MSTEE - ok
16:29:54.0531 0x0c24 [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
16:29:54.0531 0x0c24 Mup - ok
16:29:54.0546 0x0c24 [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
16:29:54.0546 0x0c24 NABTSFEC - ok
16:29:54.0578 0x0c24 [ 6EA362E9DB03D44F6B996F4D8BE237E9, FE6B4C546D26C4A2832CF4CB280B86B1723E10E46A3C24AF6C9856FCCAE9D1FC ] napagent C:\WINDOWS\System32\qagentrt.dll
16:29:54.0593 0x0c24 napagent - ok
16:29:54.0609 0x0c24 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
16:29:54.0609 0x0c24 NDIS - ok
16:29:54.0625 0x0c24 [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
16:29:54.0625 0x0c24 NdisIP - ok
16:29:54.0656 0x0c24 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:29:54.0656 0x0c24 NdisTapi - ok
16:29:54.0671 0x0c24 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:29:54.0671 0x0c24 Ndisuio - ok
16:29:54.0687 0x0c24 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:29:54.0687 0x0c24 NdisWan - ok
16:29:54.0703 0x0c24 [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
16:29:54.0703 0x0c24 NDProxy - ok
16:29:54.0718 0x0c24 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
16:29:54.0718 0x0c24 NetBIOS - ok
16:29:54.0750 0x0c24 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
16:29:54.0750 0x0c24 NetBT - ok
16:29:54.0750 0x0c24 [ 933DE774986EC85E48210C44AB431DE6, B8C85085003792B8744D96585CE6F2BC474EEEEC364A100CCBCE08176D91E75C ] NetDDE C:\WINDOWS\system32\netdde.exe
16:29:54.0765 0x0c24 NetDDE - ok
16:29:54.0765 0x0c24 [ 933DE774986EC85E48210C44AB431DE6, B8C85085003792B8744D96585CE6F2BC474EEEEC364A100CCBCE08176D91E75C ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
16:29:54.0765 0x0c24 NetDDEdsdm - ok
16:29:54.0781 0x0c24 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] Netlogon C:\WINDOWS\system32\lsass.exe
16:29:54.0781 0x0c24 Netlogon - ok
16:29:54.0812 0x0c24 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40, 588C8BA14A7255FD36A88960CBE34341301773765ECF2A9A0F1760A509A08A5B ] Netman C:\WINDOWS\System32\netman.dll
16:29:54.0812 0x0c24 Netman - ok
16:29:54.0859 0x0c24 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
16:29:54.0875 0x0c24 NetTcpPortSharing - ok
16:29:54.0890 0x0c24 [ E9E47CFB2D461FA0FC75B7A74C6383EA, 544136F5BFD4DC23D45E90F12FA48B82FD9EAEA9EAF3E0F5F0BD27E23D672C3E ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
16:29:54.0890 0x0c24 NIC1394 - ok
16:29:54.0937 0x0c24 [ 39EE7C3BFBC64BA87CC8CF67386E814C, B93CCB625CE370D9A49C9374D24C939D7C9FEF81401F4F822C51E12677D77E01 ] Nla C:\WINDOWS\System32\mswsock.dll
16:29:54.0937 0x0c24 Nla - ok
16:29:54.0953 0x0c24 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
16:29:54.0953 0x0c24 Npfs - ok
16:29:54.0984 0x0c24 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
16:29:55.0000 0x0c24 Ntfs - ok
16:29:55.0015 0x0c24 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
16:29:55.0015 0x0c24 NtLmSsp - ok
16:29:55.0062 0x0c24 [ 023DD70573D644F3D9C8B1258A7BFD08, 9A1D3210ED5FD8BEDF92ED577A9B30E37035408A73EB66A8C950B75AB7539B83 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
16:29:55.0078 0x0c24 NtmsSvc - ok
16:29:55.0140 0x0c24 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
16:29:55.0140 0x0c24 Null - ok
16:29:55.0781 0x0c24 [ CADFF8601B10D406DAAF56C6ACA36502, F12D06B77804CB9AE09E32CBFF1ADF6580422EFA9A623D1960FD8A7B9DB92376 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
16:29:56.0125 0x0c24 nv - ok
16:29:56.0203 0x0c24 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
16:29:56.0203 0x0c24 NwlnkFlt - ok
16:29:56.0218 0x0c24 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
16:29:56.0218 0x0c24 NwlnkFwd - ok
16:29:56.0250 0x0c24 [ CA33832DF41AFB202EE7AEB05145922F, 9DD0089C2E13C7F81214C3B5A4A61276292052F9BBFEA7FCD0F6AA27815D5F95 ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
16:29:56.0250 0x0c24 ohci1394 - ok
16:29:56.0296 0x0c24 [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:29:56.0312 0x0c24 ose - ok
16:29:56.0328 0x0c24 [ 46F8DB73B4A53E543F8E371DC7C75BAE, F6C5E7DE4B4AE0ED785DB075BE14EA6A0FC9050C95669B26DEF2B82D7B7D3B2C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
16:29:56.0343 0x0c24 Parport - ok
16:29:56.0343 0x0c24 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
16:29:56.0343 0x0c24 PartMgr - ok
16:29:56.0390 0x0c24 [ 1FAE19D0457176318BBA4A8795656EBC, 5F3D6CABA203A0485D67F63A6A81151724EE200BE49ED095CFCB1EF29C19D19F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
16:29:56.0390 0x0c24 ParVdm - ok
16:29:56.0406 0x0c24 [ 6CE351D149CB4BEFC702951E471E1730, 758327683BB45F01D5AE550AF21856822B4CF55E17F2A4F452F559088D242B37 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
16:29:56.0406 0x0c24 PCI - ok
16:29:56.0421 0x0c24 PCIDump - ok
16:29:56.0421 0x0c24 [ 2DA4EC85E0EA7A45C6B2A05820492D5A, A8C6BD93D3BC33A5B36EB523997EF9E0783B6E6EAFB6E7F58BCC2629009BDCF9 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
16:29:56.0437 0x0c24 PCIIde - ok
16:29:56.0453 0x0c24 [ 4FC31E6C19A5CE5198B1ABFF94CAE758, A031E21EC1F15DA5E8429269F435337FA961C3C06D535DAFD448C7355F33FD0C ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
16:29:56.0453 0x0c24 Pcmcia - ok
16:29:56.0500 0x0c24 [ 02AAAFB7BA137CE5DDABCDF8090954D9, 3570B912E6D44E9E422BFBD648EA73D0B27CFB1282915197C5B91AE56BE41567 ] pcouffin C:\WINDOWS\system32\Drivers\pcouffin.sys
16:29:56.0500 0x0c24 pcouffin - ok
16:29:56.0515 0x0c24 PDCOMP - ok
16:29:56.0609 0x0c24 [ C1C3BAF078BE5A14384A4BA2D730817D, 6E4D2F73A1CB250B3EE270CCE806A37EB2140E34EAF9F48C45CC12D2A451AA16 ] PDFProFiltSrvPP C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe
16:29:56.0640 0x0c24 PDFProFiltSrvPP - ok
16:29:56.0640 0x0c24 PDFRAME - ok
16:29:56.0656 0x0c24 PDRELI - ok
16:29:56.0656 0x0c24 PDRFRAME - ok
16:29:56.0656 0x0c24 perc2 - ok
16:29:56.0671 0x0c24 perc2hib - ok
16:29:56.0734 0x0c24 [ D2D2FA02B722336960EEAE0AE7107891, 540281F30827787A94466EAE675208D5989D28B389153E1C7F18972B56233AB8 ] PID_0928 C:\WINDOWS\system32\DRIVERS\LV561AV.SYS
16:29:56.0750 0x0c24 PID_0928 - ok
16:29:56.0781 0x0c24 [ 9EF697AF07BB8DD82C3B02CA953A95B7, F26033E660B8FF1BDB9E88CDA205CE128C03138AF6BEC05DB3CF2D95C16D86C6 ] PlugPlay C:\WINDOWS\system32\services.exe
16:29:56.0781 0x0c24 PlugPlay - ok
16:29:56.0812 0x0c24 [ A1DD33D16F277CE34124EE52AB2C0F14, DB5215409D0B6C378567A6399C0170226CB1E2FE74D96B16C97A761D487C613F ] PnkBstrA C:\WINDOWS\system32\PnkBstrA.exe
16:29:56.0812 0x0c24 PnkBstrA - ok
16:29:56.0828 0x0c24 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
16:29:56.0828 0x0c24 PolicyAgent - ok
16:29:56.0859 0x0c24 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
16:29:56.0859 0x0c24 PptpMiniport - ok
16:29:56.0859 0x0c24 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
16:29:56.0859 0x0c24 ProtectedStorage - ok
16:29:56.0875 0x0c24 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
16:29:56.0875 0x0c24 PSched - ok
16:29:56.0890 0x0c24 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
16:29:56.0890 0x0c24 Ptilink - ok
16:29:56.0906 0x0c24 ql1080 - ok
16:29:56.0921 0x0c24 Ql10wnt - ok
16:29:56.0937 0x0c24 ql12160 - ok
16:29:56.0953 0x0c24 ql1240 - ok
16:29:56.0953 0x0c24 ql1280 - ok
16:29:56.0984 0x0c24 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:29:56.0984 0x0c24 RasAcd - ok
16:29:57.0015 0x0c24 [ 2B5E44EA009F2F374B980E1E9A70635D, 62D8FDB80C8ACBA2C42C12760B785587C43BEDFE015EC5C41B25F2BB735EFEB0 ] RasAuto C:\WINDOWS\System32\rasauto.dll
16:29:57.0015 0x0c24 RasAuto - ok
16:29:57.0031 0x0c24 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
16:29:57.0031 0x0c24 Rasl2tp - ok
16:29:57.0062 0x0c24 [ D57554C664B64604BD1EE13EA2C07E77, B090C05B91EA602BFF9A5E89AB1A0FFDE869611961FF749DA8B3F4D00F04E756 ] RasMan C:\WINDOWS\System32\rasmans.dll
16:29:57.0078 0x0c24 RasMan - ok
16:29:57.0078 0x0c24 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:29:57.0078 0x0c24 RasPppoe - ok
16:29:57.0093 0x0c24 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
16:29:57.0093 0x0c24 Raspti - ok
16:29:57.0125 0x0c24 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:29:57.0125 0x0c24 Rdbss - ok
16:29:57.0125 0x0c24 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
16:29:57.0125 0x0c24 RDPCDD - ok
16:29:57.0187 0x0c24 [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
16:29:57.0187 0x0c24 RDPWD - ok
16:29:57.0234 0x0c24 [ C0D9D9711CB74EE9BC66353D8CBDAB0E, F1AF9A26910707E76BF213D8DE5C902B0088D8A29EBDFF72DE6A4D867E298CC8 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
16:29:57.0250 0x0c24 RDSessMgr - ok
16:29:57.0296 0x0c24 [ 611BFD220305BE3A85AE876EA47D4AA5, FDF87878EB3886649025E5A12F1C3FC9072D66CCD3217944710085C1F8A4512E ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
16:29:57.0296 0x0c24 redbook - ok
16:29:57.0328 0x0c24 [ 127C26B5371651043450E52542099ABA, 98AADAD8D5211CB894AA7C59B6299861B1F44B6D8F46AB5837E7D2F5B615B14A ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
16:29:57.0328 0x0c24 RemoteAccess - ok
16:29:57.0343 0x0c24 [ 718B3BDC0BC3C2F7D065A53D26202AF9, 9E58243628F1E1396AB82A80D046FF50803A230EE07B007E0CA5D744C77B091A ] RpcLocator C:\WINDOWS\system32\locator.exe
16:29:57.0343 0x0c24 RpcLocator - ok
16:29:57.0375 0x0c24 [ BE27674D1CBC3214AEC84B4336A38BBF, 3DF5F9A9E97595A61314B2731DF4F3D3C19D1B9D2291624A63B8E1861FFC2D76 ] RpcSs C:\WINDOWS\System32\rpcss.dll
16:29:57.0390 0x0c24 RpcSs - ok
16:29:57.0421 0x0c24 [ 09AB2E71E58B078038E3BFDBA7FFC984, 8CA277DEEF6376B0F48C6BA5DBBC3E8AF2245983BA9AF6AB83D1A920D35FAF93 ] RSVP C:\WINDOWS\system32\rsvp.exe
16:29:57.0421 0x0c24 RSVP - ok
16:29:57.0453 0x0c24 [ 098DE621085D7F922871A99B0EC7DDD6, 95725678F2DE64ACF342BEC08C052D3F6FD91A70A6B051BC79581B06D49D2965 ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
16:29:57.0453 0x0c24 RTLE8023xp - ok
16:29:57.0468 0x0c24 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] SamSs C:\WINDOWS\system32\lsass.exe
16:29:57.0468 0x0c24 SamSs - ok
16:29:57.0484 0x0c24 [ 410046E401EB11E1E6749E9DEEA41D4A, 9507268ACD24EF51E994DC418E8EB3E10DEDE61EE892226A22A5DA7662397E25 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
16:29:57.0484 0x0c24 SCardSvr - ok
16:29:57.0515 0x0c24 [ 16B1ABE7F3E35F21DAC57592B6C5D464, AE4251F1B6EB260F5F1EEBC0220F31649C569A18C06FF79B021AA2F2AD68E1F0 ] SCDEmu C:\WINDOWS\system32\drivers\SCDEmu.sys
16:29:57.0515 0x0c24 SCDEmu - ok
16:29:57.0578 0x0c24 [ 3FF232A7731621B8902D81D42418C93C, 2030C9A843D9555170179883BD4CC1E978D5FC5EC0D7FCA56518224E428BE421 ] Schedule C:\WINDOWS\system32\schedsvc.dll
16:29:57.0578 0x0c24 Schedule - ok
16:29:57.0609 0x0c24 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
16:29:57.0609 0x0c24 Secdrv - ok
16:29:57.0656 0x0c24 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6, 82EEB2345AC19050FAB202DE76C2CDD93E753F5AB67789A86A1726D3040C02E5 ] seclogon C:\WINDOWS\System32\seclogon.dll
16:29:57.0656 0x0c24 seclogon - ok
16:29:57.0671 0x0c24 [ A530B75C10C23C9AB28FDB6CE719E21F, 14568DF6457758E2F534A46A8E6245C364895C3993BEF2B5A889B98DBB201A27 ] SENS C:\WINDOWS\system32\sens.dll
16:29:57.0671 0x0c24 SENS - ok
16:29:57.0671 0x0c24 [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
16:29:57.0687 0x0c24 serenum - ok
16:29:57.0687 0x0c24 [ B842729337C9B921615C40D3C1A1AF96, 503670A56423B996C6ED6AE95F07FB88910767C4A2041A4BE9070C57A016E7FA ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
16:29:57.0687 0x0c24 Serial - ok
16:29:57.0718 0x0c24 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
16:29:57.0718 0x0c24 Sfloppy - ok
16:29:57.0734 0x0c24 [ F58FACA9621D2DB01BD0927D9A0A208E, 239C87E09261BC9D1DBE99DABCFC4787D42289E8769563A5EFB323BE6F177C9A ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
16:29:57.0750 0x0c24 SharedAccess - ok
16:29:57.0765 0x0c24 [ EE9A2B9EA968A792A053C9D1A86BF870, 39798179F2EA42216CBE98F08ADA3675A87BD0C31A66534367B96CB129AF36BA ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
16:29:57.0765 0x0c24 ShellHWDetection - ok
16:29:57.0781 0x0c24 Simbad - ok
16:29:57.0812 0x0c24 [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
16:29:57.0812 0x0c24 SLIP - ok
16:29:57.0828 0x0c24 Sparrow - ok
16:29:57.0859 0x0c24 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
16:29:57.0859 0x0c24 splitter - ok
16:29:57.0906 0x0c24 [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
16:29:57.0921 0x0c24 Spooler - ok
16:29:57.0968 0x0c24 [ 68103A2B441BBF3908EBB587F0704D6C, 0EE921D3D3D88AD0380923429E82B58078F53D7A9D53458AA33FEDF376EF1212 ] sptd C:\WINDOWS\System32\Drivers\sptd.sys
16:29:57.0984 0x0c24 sptd - ok
16:29:58.0000 0x0c24 [ 94610C8653635E4459316A0050D55CE7, D148D33B3D2B0757060531C526F2161504A8D7C4E5957D092C7EBDB007271339 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
16:29:58.0000 0x0c24 sr - ok
16:29:58.0015 0x0c24 [ 35B91147124F64AC8081A2EDB9EA4DEE, 1609D19156DAC6EE3C2D2350B062966B64D9CDC289E9B8FEB6D244AAEBE90BBF ] srservice C:\WINDOWS\system32\srsvc.dll
16:29:58.0031 0x0c24 srservice - ok
16:29:58.0046 0x0c24 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
16:29:58.0062 0x0c24 Srv - ok
16:29:58.0078 0x0c24 [ BECD5271DC4E3B7C3D035F790FCBC1E5, D63B9DB81332553C963EC5057D241CE2287AF652387333C1FD79AF8C9B5F2BA7 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
16:29:58.0078 0x0c24 SSDPSRV - ok
16:29:58.0125 0x0c24 [ C1CDD9275F6A115BB0AE1D55D8D27BA6, CD0511FD7F6AD832CBEB931C605AB3AD217631C57399CB8033248D27619541E4 ] stisvc C:\WINDOWS\system32\wiaservc.dll
16:29:58.0140 0x0c24 stisvc - ok
16:29:58.0171 0x0c24 [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
16:29:58.0171 0x0c24 streamip - ok
16:29:58.0187 0x0c24 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
16:29:58.0187 0x0c24 swenum - ok
16:29:58.0203 0x0c24 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
16:29:58.0203 0x0c24 swmidi - ok
16:29:58.0203 0x0c24 SwPrv - ok
16:29:58.0218 0x0c24 symc810 - ok
16:29:58.0234 0x0c24 symc8xx - ok
16:29:58.0234 0x0c24 sym_hi - ok
16:29:58.0250 0x0c24 sym_u3 - ok
16:29:58.0250 0x0c24 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
16:29:58.0250 0x0c24 sysaudio - ok
16:29:58.0281 0x0c24 [ CE06F01B88ACE199A1BF460CAC29C110, 3CD89E5B8E53203287D889C107E4795225742DB6C6ACA2DC0611BD9728382A27 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
16:29:58.0281 0x0c24 SysmonLog - ok
16:29:58.0312 0x0c24 [ C2546CD7A398476F9DF5614B2AE160E8, 11C8435BA983553E9C0806494E9B3C7080515C0375B0604F029D89B50726161A ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
16:29:58.0328 0x0c24 TapiSrv - ok
16:29:58.0390 0x0c24 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
16:29:58.0390 0x0c24 Tcpip - ok
16:29:58.0421 0x0c24 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
16:29:58.0421 0x0c24 TDPIPE - ok
16:29:58.0437 0x0c24 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
16:29:58.0437 0x0c24 TDTCP - ok
16:29:58.0453 0x0c24 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
16:29:58.0453 0x0c24 TermDD - ok
16:29:58.0484 0x0c24 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E, 3D2B1D899061448EAD993CDE97D1EF50DD64728E9F44D80FEAE591198A937653 ] TermService C:\WINDOWS\System32\termsrv.dll
16:29:58.0500 0x0c24 TermService - ok
16:29:58.0515 0x0c24 [ EE9A2B9EA968A792A053C9D1A86BF870, 39798179F2EA42216CBE98F08ADA3675A87BD0C31A66534367B96CB129AF36BA ] Themes C:\WINDOWS\System32\shsvcs.dll
16:29:58.0531 0x0c24 Themes - ok
16:29:58.0531 0x0c24 TosIde - ok
16:29:58.0562 0x0c24 [ 38853304CCB938D30E0C4CDE8D2C2A8A, 966E7BCC9F63A1A7777F8A12E51C2A91EC688CE96109943ADC4CB4EB58DC34A6 ] TrkWks C:\WINDOWS\system32\trkwks.dll
16:29:58.0562 0x0c24 TrkWks - ok
16:29:58.0593 0x0c24 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
16:29:58.0593 0x0c24 Udfs - ok
16:29:58.0609 0x0c24 ultra - ok
16:29:58.0656 0x0c24 [ AB0A7CA90D9E3D6A193905DC1715DED0, CA764A2B92E727E3398134CD50D5622B4EC387436A3644063DA1D114CE63BD64 ] UMWdf C:\WINDOWS\system32\wdfmgr.exe
16:29:58.0656 0x0c24 UMWdf - ok
16:29:58.0687 0x0c24 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
16:29:58.0703 0x0c24 Update - ok
16:29:58.0734 0x0c24 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E, AF7662BCA0819F82CE5EE0863E47149CC127DE664CB3DC6359B63FBD71DB54F8 ] upnphost C:\WINDOWS\System32\upnphost.dll
16:29:58.0734 0x0c24 upnphost - ok
16:29:58.0750 0x0c24 [ 20A0F6A11959E92908717D09E87D670D, 3DD6C99AB0F70FAA43DF470B30078B8A51B8AF735CD5C50DBB195FEA70F4C36E ] UPS C:\WINDOWS\System32\ups.exe
16:29:58.0750 0x0c24 UPS - ok
16:29:58.0781 0x0c24 [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
16:29:58.0796 0x0c24 USBAAPL - ok
16:29:58.0828 0x0c24 [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
16:29:58.0828 0x0c24 usbccgp - ok
16:29:58.0875 0x0c24 [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
16:29:58.0875 0x0c24 usbehci - ok
16:29:58.0921 0x0c24 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
16:29:58.0937 0x0c24 usbhub - ok
16:29:58.0953 0x0c24 [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
16:29:58.0953 0x0c24 usbprint - ok
16:29:59.0000 0x0c24 [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
16:29:59.0000 0x0c24 usbscan - ok
16:29:59.0046 0x0c24 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
16:29:59.0046 0x0c24 USBSTOR - ok
16:29:59.0093 0x0c24 [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
16:29:59.0156 0x0c24 usbuhci - ok
16:29:59.0187 0x0c24 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
16:29:59.0187 0x0c24 VgaSave - ok
16:29:59.0203 0x0c24 ViaIde - ok
16:29:59.0250 0x0c24 [ 28A4B296B47782173C346E376CB374D1, FE799FE4A41752A2B47027EA88214BF3E39B317302939F4A2D0F2A4EFAAC2F13 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
16:29:59.0250 0x0c24 VolSnap - ok
16:29:59.0265 0x0c24 [ D6BA1A63D9E00933F1CD2A885573AFB2, 36311A060635CEC1DBB6D8A746B8A4D007706EAE97D51A5E12F9958AB16BE486 ] VSS C:\WINDOWS\System32\vssvc.exe
16:29:59.0265 0x0c24 VSS - ok
16:29:59.0312 0x0c24 [ FA4E1CDBA256787F2149F4AAD07BC91F, 1B5FC5248335D70094D04501AA2C30F54782B58FF8D573BE8E784A21529C7CAF ] W32Time C:\WINDOWS\system32\w32time.dll
16:29:59.0328 0x0c24 W32Time - ok
16:29:59.0343 0x0c24 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:29:59.0343 0x0c24 Wanarp - ok
16:29:59.0359 0x0c24 WDICA - ok
16:29:59.0390 0x0c24 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
16:29:59.0406 0x0c24 wdmaud - ok
16:29:59.0421 0x0c24 [ 47AE51048A82DFA1CD6B51D369F7E169, 742F2162B8BDE00D83715093EA9743338964597ED22648B9F4F139D7278235A4 ] WebClient C:\WINDOWS\System32\webclnt.dll
16:29:59.0437 0x0c24 WebClient - ok
16:29:59.0515 0x0c24 [ E488332126E3B1182D2B8A0C35408EC6, F9F60911DF0A539753B2BEF6FAD2D0AED1BC1C3F43509F79D9AF2F810CDE5D9B ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
16:29:59.0515 0x0c24 winmgmt - ok
16:29:59.0593 0x0c24 [ 4D34CEDD74BDBF2B6A935EAE3BF80543, 217D4B405C2F7F429D2633ABC75B35BC4B1271EF4B7D779048CF82C2575A54FC ] WinRM C:\WINDOWS\system32\WsmSvc.dll
16:29:59.0625 0x0c24 WinRM - ok
16:29:59.0671 0x0c24 [ 140EF97B64F560FD78643CAE2CDAD838, 1DEA8005220A3EFEC6E32A7DE4386026CCC1E5328E2FDCB82B1FB335905D1962 ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
16:29:59.0671 0x0c24 WmdmPmSN - ok
16:29:59.0718 0x0c24 [ 23F6F03272F7E5679F1F050AED5ACEE6, 87EBE773F3E8FFE2F1E1DB435BB0E8852031AA88112EB791085AD3DA918B49CC ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
16:29:59.0718 0x0c24 WmiApSrv - ok
16:29:59.0750 0x0c24 [ 1385E5AA9C9821790D33A9563B8D2DD0, 35248DA1BBB6E88D6C7706B81A48F7EA4E4F2673228D69E622525D478B8E7220 ] WpdUsb C:\WINDOWS\system32\Drivers\wpdusb.sys
16:29:59.0750 0x0c24 WpdUsb - ok
16:29:59.0859 0x0c24 [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
16:29:59.0875 0x0c24 WPFFontCache_v0400 - ok
16:29:59.0906 0x0c24 [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
16:29:59.0906 0x0c24 WS2IFSL - ok
16:29:59.0937 0x0c24 [ 4C86D5FAF78194995AF9CC1075F65DD3, D3B23BB0971E0DBC0A51720067489C224323B603178E91149BF56F779DE352F0 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
16:29:59.0937 0x0c24 wscsvc - ok
16:29:59.0984 0x0c24 [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
16:29:59.0984 0x0c24 WSTCODEC - ok
16:30:00.0000 0x0c24 [ C1364564800EE9784192145324A23308, 5345BAE00364233594C9CF99CE2CC485E65B5D4FFBB81C86B2950EDA2427584C ] wuauserv C:\WINDOWS\system32\wuauserv.dll
16:30:00.0015 0x0c24 wuauserv - ok
16:30:00.0046 0x0c24 [ A27D4BA7264C0BF52F32D10405BEA1D4, 5F28607CCAB15FB601BEB35FF0B1A5CD27C678C6D1CA724E842C33EED4579B8C ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
16:30:00.0062 0x0c24 WZCSVC - ok
16:30:00.0093 0x0c24 [ EAA4BB9EDB3FB10CF8979FE65E63658F, B80EB477100FD3E26513360E09DB6EBF0C8D8B0618F1F4BF1F387ABA6DEC9B64 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
16:30:00.0109 0x0c24 xmlprov - ok
16:30:00.0156 0x0c24 [ A5D4EAE27E68625296D685A786897491, 6344B8F4C8C1AE1543D7F342A87C97BB8FEDFA0B60744907C036BF14E7635198 ] yukonwxp C:\WINDOWS\system32\DRIVERS\yk51x86.sys
16:30:00.0156 0x0c24 yukonwxp - ok
16:30:00.0171 0x0c24 ================ Scan global ===============================
16:30:00.0218 0x0c24 [ F36278E42C8C5DF03CE17DAC8231C91C, D012A3C8F394DF4F0BF5D5A4C10E73BBF427762B7D3DB6CF5FAB96536E082B7A ] C:\WINDOWS\system32\basesrv.dll
16:30:00.0250 0x0c24 [ 4C0AA4ABC4E21672B55D8A700AF2B2A6, FAC6B8E2698D0EB12A0ACE62EA398AD05AB6AC5C39740A1E8BDAAF0BFDD5B4A3 ] C:\WINDOWS\system32\winsrv.dll
16:30:00.0281 0x0c24 [ 4C0AA4ABC4E21672B55D8A700AF2B2A6, FAC6B8E2698D0EB12A0ACE62EA398AD05AB6AC5C39740A1E8BDAAF0BFDD5B4A3 ] C:\WINDOWS\system32\winsrv.dll
16:30:00.0312 0x0c24 [ 9EF697AF07BB8DD82C3B02CA953A95B7, F26033E660B8FF1BDB9E88CDA205CE128C03138AF6BEC05DB3CF2D95C16D86C6 ] C:\WINDOWS\system32\services.exe
16:30:00.0312 0x0c24 [ Global ] - ok
16:30:00.0312 0x0c24 ================ Scan MBR ==================================
16:30:00.0328 0x0c24 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
16:30:00.0515 0x0c24 \Device\Harddisk0\DR0 - ok
16:30:00.0515 0x0c24 ================ Scan VBR ==================================
16:30:00.0531 0x0c24 [ CFA289256880C0FD376F236300E652FD ] \Device\Harddisk0\DR0\Partition1
16:30:00.0531 0x0c24 \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )
16:30:00.0531 0x0c24 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
16:30:02.0968 0x0c24 ================ Scan generic autorun ======================
16:30:03.0031 0x0c24 [ 47BBA427E91CBB98E41A17B38644987C, A65BF90C1B6D4C6222745888CCE917A73CB39477BB392E6CA31DDF5833C15D52 ] C:\WINDOWS\JM\JMInsIDE.exe
16:30:03.0046 0x0c24 JMB36X IDE Setup - ok
16:30:03.0156 0x0c24 [ CAD6EA2838950506E156B286C2F1ACBE, F78863A16EC01911700DEEC4FE842EDD133578FBFD1DF8521200DF2E52FFEB51 ] C:\WINDOWS\system32\JMRaidSetup.exe
16:30:03.0203 0x0c24 36X Raid Configurer - ok
16:30:03.0250 0x0c24 [ BF91B68606862A32CAB13C24A24DD9A9, B3B4047463416E12B21BA61502BC3A4EFD35DFF9ADBCD46802231D23155B7A8A ] C:\Program Files\PowerISO\PWRISOVM.EXE
16:30:03.0250 0x0c24 PWRISOVM.EXE - ok
16:30:03.0390 0x0c24 [ 2589FFE360BED8F824CBC6171CB5B874, 4C532EE4707F9B4314AF7FC88C86B48AFCDE03A2097919F9801BE47EB5CC61EB ] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
16:30:03.0468 0x0c24 LogitechQuickCamRibbon - ok
16:30:03.0531 0x0c24 [ 61E4289E91E88C90478D7F4BEB10DCF7, 1D0F4034E0111CF5758F470C15A22A0A28EB8269CB5BF07222C9C0FB07A15C55 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
16:30:03.0531 0x0c24 APSDaemon - ok
16:30:03.0562 0x0c24 [ 07C4EBD3107799774FA3103956CD1C40, BB798DE0F18D2A28B18467D958B68C23DBA0A802512C36E708D9EBD9352492F6 ] C:\Program Files\Nuance\PaperPort\IndexSearch.exe
16:30:03.0562 0x0c24 IndexSearch - ok
16:30:03.0593 0x0c24 [ E5F1D2C7D51C816437BBE2306828BC4B, BBBEB3294EF02F3E4C73A3A2FAE83C261A095602D86E1FF272C6FDFCE0C05E1B ] C:\Program Files\Nuance\PaperPort\pptd40nt.exe
16:30:03.0593 0x0c24 PaperPort PTD - ok
16:30:03.0656 0x0c24 [ 9F0ACAA725CF5A391AF7E2067AE45746, CA7F3C2C9D4DCB135ECBFFEB3448D272552B5DB720E0A526B4AC07B1F5E8BC9E ] C:\Program Files\Nuance\PDF Viewer Plus\pdfpro5hook.exe
16:30:03.0671 0x0c24 PDFHook - ok
16:30:03.0687 0x0c24 [ 154420A93E4F676AA33A055A116255D9, DF76577C22EBB439DF2B72D1B6B7A465F067CCEC886FC7A7FB337865DA1DB914 ] C:\Program Files\Nuance\PDF Viewer Plus\RegistryController.exe
16:30:03.0687 0x0c24 PDF5 Registry Controller - ok
16:30:03.0734 0x0c24 [ 016B31B67ACDF4AEB325FAC166684E5D, 3C22DF4E55554EB16EA2CA5927285C35E2A6C3DE22ACDDCD68492EAFAD4B0A9F ] C:\Program Files\ControlCenter4\BrCcBoot.exe
16:30:03.0750 0x0c24 ControlCenter4 - ok
16:30:03.0890 0x0c24 [ 7F42FFCD6FF7CA558C2D95DADCD5EFA9, CD9E71A718AD3FF465950A7D3937884154F021A296C301BE2FECD0AE69F04713 ] C:\Program Files\Browny02\Brother\BrStMonW.exe
16:30:03.0968 0x0c24 BrStsMon00 - ok
16:30:04.0859 0x0c24 [ 8C31C7B29061F27A850654F292BCB9DD, D8077C6EFC180F63BA634E2673769D8D0D482ABFC6EC33BA4000BA5E0078ADA5 ] C:\WINDOWS\RTHDCPL.EXE
16:30:05.0671 0x0c24 RTHDCPL - ok
16:30:05.0750 0x0c24 [ B427B61409493138D39A48EFC5767283, FAF62B36DE80DBE30224DAF2E48E46763BE41FC754E8D32717C7C63D11BDA294 ] C:\WINDOWS\system32\igfxtray.exe
16:30:05.0750 0x0c24 IgfxTray - ok
16:30:05.0796 0x0c24 [ 25B9D53B861552EC83B80A565AC07A47, A68B5E4ED51FEFBCAFE2C4C590CA046EC4EA2242611DB1FB55829FFA35E4E619 ] C:\WINDOWS\system32\hkcmd.exe
16:30:05.0796 0x0c24 HotKeysCmds - ok
16:30:05.0812 0x0c24 [ E24AAF17E339759C296AC67EA56ED97B, 452168EF3F0BBF1AA01DF01699D10C757E873D7511E832A039CF1A67CBD820D3 ] C:\WINDOWS\system32\igfxpers.exe
16:30:05.0812 0x0c24 Persistence - ok
16:30:05.0875 0x0c24 [ 9F96F98409B89C5806F4380867DD48E0, A6A0FC6B013549BB28FD834FCE6AC0DB685AA5B42162F5AD090819B7D212CAA6 ] C:\Program Files\iTunes\iTunesHelper.exe
16:30:05.0875 0x0c24 iTunesHelper - ok
16:30:05.0937 0x0c24 [ 882B5B999A71F56D5DF294D93AE1E7D1, 690B93C4A3E476595808EBDBE5CF620FC4A86D41FCD66023DE0DA7972F8941E4 ] c:\Program Files\Microsoft Security Client\msseces.exe
16:30:05.0968 0x0c24 MSC - ok
16:30:06.0234 0x0c24 [ E1473471169EC64C57B49F9C984DFB1A, 3E05B4AD77F5CE13B01B7E1FD460F9779FF9E7C9E6DEBD5225EC840D96D12AA1 ] C:\Program Files\Logitech\Logitech Vid\vid.exe
16:30:06.0375 0x0c24 Logitech Vid - ok
16:30:06.0484 0x0c24 [ 6BF7676296D5359AFC135A5397000053, D31B9BCB856D6EFDEA27E4D4D341FF939BCBF0E8C97786B447C2074B3C68298E ] C:\Documents and Settings\All Users\Data aplikací\FLEXnet\Connect\11\ISUSPM.exe
16:30:06.0484 0x0c24 ISUSPM - ok
16:30:06.0578 0x0c24 [ BA40465A7A95395BAF8830A79A3BAAD2, 6DFDAAE3D7AA52C69EE2642AD57491FAD3124AF514EFE1E2E2E723F6B2490660 ] C:\Program Files\Hobbyist Software\VLC Streamer\VLC Streamer Configuration.exe
16:30:06.0625 0x0c24 Hobbyist Software VLC Streamer - ok
16:30:06.0625 0x0c24 Waiting for KSN requests completion. In queue: 20
16:30:07.0625 0x0c24 Waiting for KSN requests completion. In queue: 20
16:30:08.0625 0x0c24 Waiting for KSN requests completion. In queue: 20
16:30:09.0687 0x0c24 AV detected via SS1: Microsoft Security Essentials, 4.5.0216.0, enabled, updated
16:30:09.0703 0x0c24 Win FW state via NFM: enabled
16:30:12.0109 0x0c24 ============================================================
16:30:12.0109 0x0c24 Scan finished
16:30:12.0109 0x0c24 ============================================================
16:30:12.0125 0x0cb0 Detected object count: 1
16:30:12.0125 0x0cb0 Actual detected object count: 1
16:30:24.0171 0x0cb0 \Device\Harddisk0\DR0\Partition1 - copied to quarantine
16:30:24.0984 0x0cb0 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - will be cured on reboot
16:30:25.0000 0x0cb0 \Device\Harddisk0\DR0\Partition1 - ok
16:30:25.0000 0x0cb0 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Cure
16:30:26.0546 0x0cb0 KLMD registered as C:\WINDOWS\system32\drivers\94593846.sys
16:30:54.0375 0x0b64 Deinitialize success
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Počítač hlásí hrozbu

#28 Příspěvek od vyosek »

Jeste pocitac hlasi nejakou hrozbu??
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
eileen75
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 29 srp 2014 22:36

Re: Počítač hlásí hrozbu

#29 Příspěvek od eileen75 »

Mně Microsoft Security Essentials po restartu stále hlásí Virus:Dos/Rovnix.Gen!A vložen do karantény. Tak já nevím, také tam je v tom rámečku spousta vyčistěných, ale v karanténě také Trojan:Win32/Miuref.F. Tak já nevím.
Nahoru
eileen75
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 29 srp 2014 22:36

Re: Počítač hlásí hrozbu

#30 Příspěvek od eileen75 »

A ještě nějaké Exploit:Java a nějaká čísla, to je tam nejdéle.
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“