Prosím o kontrolu Logu, Děkuji

Zpráva

rarach · #16 Příspěvek od **rarach** » 04 led 2015 17:39

Malwarebytes Anti-Rootkit BETA 1.08.2.1001

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x86

Account is Administrative

Internet Explorer version: 11.0.9600.17501

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.992000 GHz
Memory total: 2137145344, free: 697049088

Downloaded database version: v2015.01.04.09
Downloaded database version: v2014.12.30.01
Downloaded database version: v2014.12.06.01
=======================================
Initializing...
------------ Kernel report ------------
01/04/2015 17:09:00
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\halmacpi.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\DRIVERS\kl1.sys
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\intelide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\klif.sys
\SystemRoot\system32\DRIVERS\klflt.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\vsdatant.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\igdkmd32.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\b57nd60x.sys
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\drivers\smwdm.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\DRIVERS\fdc.sys
\SystemRoot\system32\DRIVERS\parport.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\DRIVERS\flpydisk.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\hidusb.sys
\SystemRoot\system32\drivers\HIDCLASS.SYS
\SystemRoot\system32\drivers\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\parvdm.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\DRIVERS\asyncmac.sys
\SystemRoot\system32\DRIVERS\WinUsb.sys
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\SystemRoot\System32\ATMFD.DLL
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xffffffff8620f030
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP1T0L0-1\
Lower Device Object: 0xffffffff85d4e908
Lower Device Driver Name: \Driver\atapi\
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff8620e9a8
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP2T0L0-2\
Lower Device Object: 0xffffffff85d8c030
Lower Device Driver Name: \Driver\atapi\
<<<2>>>
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xffffffff8620f030, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff8620e0c8, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff8620f030, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff85d4e908, DeviceName: \Device\Ide\IdeDeviceP1T0L0-1\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff8620e9a8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff8620e5e0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff8620e9a8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff85d8c030, DeviceName: \Device\Ide\IdeDeviceP2T0L0-2\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 98EA98EA

Partition information:

Partition 0 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 63 Numsec = 488375937

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 250059350016 bytes
Sector size: 512 bytes

Done!
Drive 1
This is a System drive
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 80

Partition information:

Partition 0 type is Other (0xde)
Partition is NOT ACTIVE.
Partition starts at LBA: 63 Numsec = 80262

Partition 1 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 80325 Numsec = 78043770
Partition file system is NTFS
Partition is bootable

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 40000000000 bytes
Sector size: 512 bytes

Done!
Scan finished
=======================================

Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-1-1-80325-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam...
Removal finished

rarach · #17 Příspěvek od **rarach** » 04 led 2015 18:03

aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2015-01-04 17:53:21
-----------------------------
17:53:21.227 OS Version: Windows 6.1.7601 Service Pack 1
17:53:21.227 Number of processors: 1 586 0x403
17:53:21.231 ComputerName: DANA-PC UserName: Dana
17:53:26.789 Initialize success
17:53:27.013 VM: initialized successfully
17:53:27.015 VM: Intel CPU virtualization not supported
17:53:49.039 The log file has been saved successfully to "C:\Users\Dana\Documents\aswMBR.txt"
17:56:28.202 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2
17:56:28.207 Disk 0 Vendor: SAMSUNG_HD250HJ FH100-06 Size: 238475MB BusType: 3
17:56:28.212 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP1T0L0-1
17:56:28.223 Disk 1 Vendor: SAMSUNG_HD040GJ/P ZG100-34 Size: 38146MB BusType: 3
17:56:28.607 Disk 1 MBR read successfully
17:56:28.613 Disk 1 MBR scan
17:56:28.623 Disk 1 Windows 7 default MBR code
17:56:28.629 Disk 1 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
17:56:28.651 Disk 1 Partition 2 80 (A) 07 HPFS/NTFS NTFS 38107 MB offset 80325
17:56:28.659 Disk 1 default boot code
17:56:28.727 Disk 1 scanning sectors +78124095
17:56:29.236 Disk 1 scanning C:\Windows\system32\drivers
17:57:03.575 Service scanning
17:57:04.670 Service 1394ohci C:\Windows\system32\drivers\1394ohci.sys **LOCKED** 32
17:57:04.710 Service ACPI C:\Windows\system32\drivers\ACPI.sys **LOCKED** 32
17:57:04.797 Service AcpiPmi C:\Windows\system32\drivers\acpipmi.sys **LOCKED** 32
17:57:05.013 Service adp94xx C:\Windows\system32\drivers\adp94xx.sys **LOCKED** 32
17:57:05.092 Service adpahci C:\Windows\system32\drivers\adpahci.sys **LOCKED** 32
17:57:05.140 Service adpu320 C:\Windows\system32\drivers\adpu320.sys **LOCKED** 32
17:57:05.374 Service AFD C:\Windows\system32\drivers\afd.sys **LOCKED** 32
17:57:05.422 Service agp440 C:\Windows\system32\drivers\agp440.sys **LOCKED** 32
17:57:05.505 Service aic78xx C:\Windows\system32\drivers\djsvs.sys **LOCKED** 32
17:57:05.699 Service ALCXWDM C:\Windows\system32\drivers\RTKVAC.SYS **LOCKED** 32
17:57:05.933 Service aliide C:\Windows\system32\drivers\aliide.sys **LOCKED** 32
17:57:05.981 Service amdagp C:\Windows\system32\drivers\amdagp.sys **LOCKED** 32
17:57:06.029 Service amdide C:\Windows\system32\drivers\amdide.sys **LOCKED** 32
17:57:06.087 Service AmdK8 C:\Windows\system32\drivers\amdk8.sys **LOCKED** 32
17:57:06.188 Service AmdPPM C:\Windows\system32\drivers\amdppm.sys **LOCKED** 32
17:57:06.267 Service amdsata C:\Windows\system32\drivers\amdsata.sys **LOCKED** 32
17:57:06.320 Service amdsbs C:\Windows\system32\drivers\amdsbs.sys **LOCKED** 32
17:57:06.394 Service amdxata C:\Windows\system32\drivers\amdxata.sys **LOCKED** 32
17:57:06.484 Service AppID C:\Windows\system32\drivers\appid.sys **LOCKED** 32
17:57:06.666 Service arc C:\Windows\system32\drivers\arc.sys **LOCKED** 32
17:57:06.717 Service arcsas C:\Windows\system32\drivers\arcsas.sys **LOCKED** 32
17:57:06.773 Service AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys **LOCKED** 32
17:57:06.833 Service atapi C:\Windows\system32\drivers\atapi.sys **LOCKED** 32
17:57:07.093 Service b06bdrv C:\Windows\system32\drivers\bxvbdx.sys **LOCKED** 32
17:57:07.151 Service b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys **LOCKED** 32
17:57:07.251 Service Beep C:\Windows\System32\Drivers\Beep.sys **LOCKED** 32
17:57:07.455 Service blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys **LOCKED** 32
17:57:07.571 Service BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys **LOCKED** 32
17:57:07.632 Service BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys **LOCKED** 32
17:57:07.709 Service BridgeMP C:\Windows\system32\DRIVERS\bridge.sys **LOCKED** 32
17:57:07.941 Service Brserid C:\Windows\System32\Drivers\Brserid.sys **LOCKED** 32
17:57:08.011 Service BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys **LOCKED** 32
17:57:08.060 Service BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys **LOCKED** 32
17:57:08.100 Service BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys **LOCKED** 32
17:57:08.183 Service BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys **LOCKED** 32
17:57:08.259 Service BTHMODEM C:\Windows\system32\drivers\bthmodem.sys **LOCKED** 32
17:57:08.342 Service BthPan C:\Windows\system32\DRIVERS\bthpan.sys **LOCKED** 32
17:57:08.421 Service BTHPORT C:\Windows\System32\Drivers\BTHport.sys **LOCKED** 32
17:57:08.607 Service BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys **LOCKED** 32
17:57:08.960 Service cdrom C:\Windows\system32\DRIVERS\cdrom.sys **LOCKED** 32
17:57:09.097 Service circlass C:\Windows\system32\drivers\circlass.sys **LOCKED** 32
17:57:09.170 Service CLFS C:\Windows\System32\CLFS.sys **LOCKED** 32
17:57:10.277 Service CmBatt C:\Windows\system32\drivers\CmBatt.sys **LOCKED** 32
17:57:10.329 Service cmdide C:\Windows\system32\drivers\cmdide.sys **LOCKED** 32
17:57:10.492 Service CNG C:\Windows\System32\Drivers\cng.sys **LOCKED** 32
17:57:10.534 Service Compbatt C:\Windows\system32\drivers\compbatt.sys **LOCKED** 32
17:57:10.591 Service CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys **LOCKED** 32
17:57:10.800 Service crcdisk C:\Windows\system32\drivers\crcdisk.sys **LOCKED** 32
17:57:11.105 Service discache C:\Windows\System32\drivers\discache.sys **LOCKED** 32
17:57:11.185 Service Disk C:\Windows\system32\drivers\disk.sys **LOCKED** 32
17:57:11.453 Service drmkaud C:\Windows\system32\drivers\drmkaud.sys **LOCKED** 32
17:57:11.561 Service DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys **LOCKED** 32
17:57:11.744 Service ebdrv C:\Windows\system32\drivers\evbdx.sys **LOCKED** 32
17:57:12.148 Service elxstor C:\Windows\system32\drivers\elxstor.sys **LOCKED** 32
17:57:12.206 Service ErrDev C:\Windows\system32\drivers\errdev.sys **LOCKED** 32
17:57:12.539 Service fdc C:\Windows\system32\DRIVERS\fdc.sys **LOCKED** 32
17:57:12.671 Service flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys **LOCKED** 32
17:57:13.073 Service fvevol C:\Windows\System32\DRIVERS\fvevol.sys **LOCKED** 32
17:57:13.121 Service gagp30kx C:\Windows\system32\drivers\gagp30kx.sys **LOCKED** 32
17:57:13.248 Service hcw85cir C:\Windows\system32\drivers\hcw85cir.sys **LOCKED** 32
17:57:13.347 Service HDAudBus C:\Windows\system32\drivers\HDAudBus.sys **LOCKED** 32
17:57:13.431 Service HidBatt C:\Windows\system32\drivers\HidBatt.sys **LOCKED** 32
17:57:13.488 Service HidBth C:\Windows\system32\drivers\hidbth.sys **LOCKED** 32
17:57:13.538 Service HidIr C:\Windows\system32\drivers\hidir.sys **LOCKED** 32
17:57:13.725 Service HidUsb C:\Windows\system32\drivers\hidusb.sys **LOCKED** 32
17:57:13.971 Service HpSAMD C:\Windows\system32\drivers\HpSAMD.sys **LOCKED** 32
17:57:14.033 Service HTTP C:\Windows\system32\drivers\HTTP.sys **LOCKED** 32
17:57:14.162 Service hwpolicy C:\Windows\System32\drivers\hwpolicy.sys **LOCKED** 32
17:57:14.221 Service i8042prt C:\Windows\system32\drivers\i8042prt.sys **LOCKED** 32
17:57:14.301 Service iaStorV C:\Windows\system32\drivers\iaStorV.sys **LOCKED** 32
17:57:14.738 Service igfx C:\Windows\system32\DRIVERS\igdkmd32.sys **LOCKED** 32
17:57:14.907 Service iirsp C:\Windows\system32\drivers\iirsp.sys **LOCKED** 32
17:57:15.103 Service intelide C:\Windows\system32\drivers\intelide.sys **LOCKED** 32
17:57:15.153 Service intelppm C:\Windows\system32\DRIVERS\intelppm.sys **LOCKED** 32
17:57:15.263 Service IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys **LOCKED** 32
17:57:15.348 Service IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys **LOCKED** 32
17:57:15.483 Service IPNAT C:\Windows\System32\drivers\ipnat.sys **LOCKED** 32
17:57:15.531 Service IRENUM C:\Windows\system32\drivers\irenum.sys **LOCKED** 32
17:57:15.588 Service isapnp C:\Windows\system32\drivers\isapnp.sys **LOCKED** 32
17:57:15.663 Service iScsiPrt C:\Windows\system32\drivers\msiscsi.sys **LOCKED** 32
17:57:15.721 Service kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys **LOCKED** 32
17:57:15.771 Service kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys **LOCKED** 32
17:57:15.921 Service KL1 C:\Windows\system32\DRIVERS\kl1.sys **LOCKED** 32
17:57:16.072 Service KSecDD C:\Windows\System32\Drivers\ksecdd.sys **LOCKED** 32
17:57:16.199 Service KSecPkg C:\Windows\System32\Drivers\ksecpkg.sys **LOCKED** 32
17:57:16.490 Service lltdio C:\Windows\system32\DRIVERS\lltdio.sys **LOCKED** 32
17:57:16.844 Service LSI_FC C:\Windows\system32\drivers\lsi_fc.sys **LOCKED** 32
17:57:16.912 Service LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys **LOCKED** 32
17:57:16.972 Service LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys **LOCKED** 32
17:57:17.100 Service LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys **LOCKED** 32
17:57:17.279 Service LVcKap C:\Windows\system32\DRIVERS\LVcKap.sys **LOCKED** 32
17:57:17.375 Service LVMVDrv C:\Windows\system32\DRIVERS\LVMVDrv.sys **LOCKED** 32
17:57:17.671 Service megasas C:\Windows\system32\drivers\megasas.sys **LOCKED** 32
17:57:17.723 Service MegaSR C:\Windows\system32\drivers\MegaSR.sys **LOCKED** 32
17:57:17.996 Service Modem C:\Windows\system32\drivers\modem.sys **LOCKED** 32
17:57:18.095 Service monitor C:\Windows\system32\DRIVERS\monitor.sys **LOCKED** 32
17:57:18.158 Service mouclass C:\Windows\system32\DRIVERS\mouclass.sys **LOCKED** 32
17:57:18.208 Service mouhid C:\Windows\system32\DRIVERS\mouhid.sys **LOCKED** 32
17:57:18.258 Service mountmgr C:\Windows\System32\drivers\mountmgr.sys **LOCKED** 32
17:57:18.313 Service mpio C:\Windows\system32\drivers\mpio.sys **LOCKED** 32
17:57:18.364 Service mpsdrv C:\Windows\System32\drivers\mpsdrv.sys **LOCKED** 32
17:57:18.610 Service msahci C:\Windows\system32\drivers\msahci.sys **LOCKED** 32
17:57:18.684 Service msdsm C:\Windows\system32\drivers\msdsm.sys **LOCKED** 32
17:57:18.995 Service mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys **LOCKED** 32
17:57:19.052 Service msisadrv C:\Windows\system32\drivers\msisadrv.sys **LOCKED** 32
17:57:19.226 Service MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys **LOCKED** 32
17:57:19.285 Service MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys **LOCKED** 32
17:57:19.336 Service MSPQM C:\Windows\system32\drivers\MSPQM.sys **LOCKED** 32
17:57:19.385 Service MsRPC C:\Windows\System32\Drivers\MsRPC.sys **LOCKED** 32
17:57:19.446 Service mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys **LOCKED** 32
17:57:19.503 Service MSTEE C:\Windows\system32\drivers\MSTEE.sys **LOCKED** 32
17:57:19.574 Service MTConfig C:\Windows\system32\drivers\MTConfig.sys **LOCKED** 32
17:57:19.769 Service NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys **LOCKED** 32
17:57:19.857 Service NDIS C:\Windows\system32\drivers\ndis.sys **LOCKED** 32
17:57:19.944 Service NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys **LOCKED** 32
17:57:20.006 Service NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys **LOCKED** 32
17:57:20.055 Service Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys **LOCKED** 32
17:57:20.107 Service NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys **LOCKED** 32
17:57:20.156 Service NDProxy C:\Windows\System32\Drivers\NDProxy.sys **LOCKED** 32
17:57:20.237 Service NetBT C:\Windows\System32\DRIVERS\netbt.sys **LOCKED** 32
17:57:20.804 Service nfrd960 C:\Windows\system32\drivers\nfrd960.sys **LOCKED** 32
17:57:21.001 Service nsiproxy C:\Windows\system32\drivers\nsiproxy.sys **LOCKED** 32
17:57:21.170 Service Null C:\Windows\System32\Drivers\Null.sys **LOCKED** 32
17:57:21.239 Service nvraid C:\Windows\system32\drivers\nvraid.sys **LOCKED** 32
17:57:21.333 Service nvstor C:\Windows\system32\drivers\nvstor.sys **LOCKED** 32
17:57:21.426 Service nv_agp C:\Windows\system32\drivers\nv_agp.sys **LOCKED** 32
17:57:21.773 Service ohci1394 C:\Windows\system32\drivers\ohci1394.sys **LOCKED** 32
17:57:22.158 Service Parport C:\Windows\system32\DRIVERS\parport.sys **LOCKED** 32
17:57:22.243 Service partmgr C:\Windows\System32\drivers\partmgr.sys **LOCKED** 32
17:57:22.301 Service Parvdm C:\Windows\system32\DRIVERS\parvdm.sys **LOCKED** 32
17:57:22.362 Service pci C:\Windows\system32\drivers\pci.sys **LOCKED** 32
17:57:22.468 Service pciide C:\Windows\system32\drivers\pciide.sys **LOCKED** 32
17:57:22.549 Service pcmcia C:\Windows\system32\drivers\pcmcia.sys **LOCKED** 32
17:57:22.616 Service pcw C:\Windows\System32\drivers\pcw.sys **LOCKED** 32
17:57:22.724 Service PEAUTH C:\Windows\system32\drivers\peauth.sys **LOCKED** 32
17:57:23.163 Service PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys **LOCKED** 32
17:57:23.282 Service Processor C:\Windows\system32\drivers\processr.sys **LOCKED** 32
17:57:23.533 Service Psched C:\Windows\system32\DRIVERS\pacer.sys **LOCKED** 32
17:57:23.666 Service ql2300 C:\Windows\system32\drivers\ql2300.sys **LOCKED** 32
17:57:23.823 Service ql40xx C:\Windows\system32\drivers\ql40xx.sys **LOCKED** 32
17:57:23.914 Service QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys **LOCKED** 32
17:57:23.985 Service RasAcd C:\Windows\System32\DRIVERS\rasacd.sys **LOCKED** 32
17:57:24.089 Service RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys **LOCKED** 32
17:57:24.185 Service Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys **LOCKED** 32
17:57:24.301 Service RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys **LOCKED** 32
17:57:24.352 Service RasSstp C:\Windows\system32\DRIVERS\rassstp.sys **LOCKED** 32
17:57:24.451 Service rdpbus C:\Windows\system32\drivers\rdpbus.sys **LOCKED** 32
17:57:24.552 Service RDPCDD C:\Windows\System32\DRIVERS\RDPCDD.sys **LOCKED** 32
17:57:24.604 Service RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys **LOCKED** 32
17:57:24.652 Service RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys **LOCKED** 32
17:57:24.771 Service RDPWD C:\Windows\System32\Drivers\RDPWD.sys **LOCKED** 32
17:57:24.877 Service rdyboost C:\Windows\System32\drivers\rdyboost.sys **LOCKED** 32
17:57:25.284 Service RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys **LOCKED** 32
17:57:25.559 Service rspndr C:\Windows\system32\DRIVERS\rspndr.sys **LOCKED** 32
17:57:25.673 Service sbp2port C:\Windows\system32\drivers\sbp2port.sys **LOCKED** 32
17:57:25.746 Service scfilter C:\Windows\System32\DRIVERS\scfilter.sys **LOCKED** 32
17:57:25.995 Service secdrv C:\Windows\System32\Drivers\secdrv.sys **LOCKED** 32
17:57:26.256 Service Serenum C:\Windows\system32\DRIVERS\serenum.sys **LOCKED** 32
17:57:26.316 Service Serial C:\Windows\system32\DRIVERS\serial.sys **LOCKED** 32
17:57:26.368 Service sermouse C:\Windows\system32\drivers\sermouse.sys **LOCKED** 32
17:57:26.435 Service sffdisk C:\Windows\system32\drivers\sffdisk.sys **LOCKED** 32
17:57:26.484 Service sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys **LOCKED** 32
17:57:26.541 Service sffp_sd C:\Windows\system32\drivers\sffp_sd.sys **LOCKED** 32
17:57:26.592 Service sfloppy C:\Windows\system32\drivers\sfloppy.sys **LOCKED** 32
17:57:26.774 Service sisagp C:\Windows\system32\drivers\sisagp.sys **LOCKED** 32
17:57:26.826 Service SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys **LOCKED** 32
17:57:26.896 Service SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys **LOCKED** 32
17:57:27.441 Service Smb C:\Windows\system32\DRIVERS\smb.sys **LOCKED** 32
17:57:27.538 Service smwdm C:\Windows\system32\drivers\smwdm.sys **LOCKED** 32
17:57:27.644 Service spldr C:\Windows\System32\Drivers\spldr.sys **LOCKED** 32
17:57:27.998 Service stexstor C:\Windows\system32\drivers\stexstor.sys **LOCKED** 32
17:57:28.131 Service swenum C:\Windows\system32\DRIVERS\swenum.sys **LOCKED** 32
17:57:28.493 Service Tcpip C:\Windows\System32\drivers\tcpip.sys **LOCKED** 32
17:57:28.550 Service TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys **LOCKED** 32
17:57:28.614 Service tcpipreg C:\Windows\System32\drivers\tcpipreg.sys **LOCKED** 32
17:57:28.688 Service TDPIPE C:\Windows\system32\drivers\tdpipe.sys **LOCKED** 32
17:57:28.770 Service TDTCP C:\Windows\system32\drivers\tdtcp.sys **LOCKED** 32
17:57:28.819 Service tdx C:\Windows\system32\DRIVERS\tdx.sys **LOCKED** 32
17:57:29.722 Service TermDD C:\Windows\system32\DRIVERS\termdd.sys **LOCKED** 32
17:57:30.160 Service tssecsrv C:\Windows\System32\DRIVERS\tssecsrv.sys **LOCKED** 32
17:57:30.272 Service TsUsbFlt C:\Windows\System32\drivers\tsusbflt.sys **LOCKED** 32
17:57:30.330 Service TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys **LOCKED** 32
17:57:30.376 Service tunnel C:\Windows\system32\DRIVERS\tunnel.sys **LOCKED** 32
17:57:30.431 Service uagp35 C:\Windows\system32\drivers\uagp35.sys **LOCKED** 32
17:57:30.579 Service uliagpkx C:\Windows\system32\drivers\uliagpkx.sys **LOCKED** 32
17:57:30.732 Service umbus C:\Windows\system32\DRIVERS\umbus.sys **LOCKED** 32
17:57:30.781 Service UmPass C:\Windows\system32\drivers\umpass.sys **LOCKED** 32
17:57:30.907 Service usbaudio C:\Windows\system32\drivers\usbaudio.sys **LOCKED** 32
17:57:31.007 Service usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys **LOCKED** 32
17:57:31.064 Service usbcir C:\Windows\system32\drivers\usbcir.sys **LOCKED** 32
17:57:31.125 Service usbehci C:\Windows\system32\DRIVERS\usbehci.sys **LOCKED** 32
17:57:31.236 Service usbhub C:\Windows\system32\DRIVERS\usbhub.sys **LOCKED** 32
17:57:31.305 Service usbohci C:\Windows\system32\drivers\usbohci.sys **LOCKED** 32
17:57:31.390 Service usbprint C:\Windows\system32\drivers\usbprint.sys **LOCKED** 32
17:57:31.441 Service usbser C:\Windows\system32\drivers\usbser.sys **LOCKED** 32
17:57:31.514 Service USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS **LOCKED** 32
17:57:31.555 Service usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys **LOCKED** 32
17:57:31.606 Service usbvideo C:\Windows\System32\Drivers\usbvideo.sys **LOCKED** 32
17:57:31.792 Service vdrvroot C:\Windows\system32\drivers\vdrvroot.sys **LOCKED** 32
17:57:31.929 Service vga C:\Windows\system32\DRIVERS\vgapnp.sys **LOCKED** 32
17:57:31.986 Service VgaSave C:\Windows\System32\drivers\vga.sys **LOCKED** 32
17:57:32.046 Service vhdmp C:\Windows\system32\drivers\vhdmp.sys **LOCKED** 32
17:57:32.102 Service viaagp C:\Windows\system32\drivers\viaagp.sys **LOCKED** 32
17:57:32.150 Service ViaC7 C:\Windows\system32\drivers\viac7.sys **LOCKED** 32
17:57:32.199 Service viaide C:\Windows\system32\drivers\viaide.sys **LOCKED** 32
17:57:32.250 Service volmgr C:\Windows\system32\drivers\volmgr.sys **LOCKED** 32
17:57:32.389 Service volmgrx C:\Windows\System32\drivers\volmgrx.sys **LOCKED** 32
17:57:32.581 Service volsnap C:\Windows\system32\drivers\volsnap.sys **LOCKED** 32
17:57:32.723 Service Vsdatant C:\Windows\system32\DRIVERS\vsdatant.sys **LOCKED** 32
17:57:33.273 Service vsmraid C:\Windows\system32\drivers\vsmraid.sys **LOCKED** 32
17:57:33.409 Service vwifibus C:\Windows\System32\drivers\vwifibus.sys **LOCKED** 32
17:57:33.555 Service WacomPen C:\Windows\system32\drivers\wacompen.sys **LOCKED** 32
17:57:33.607 Service WANARP C:\Windows\system32\DRIVERS\wanarp.sys **LOCKED** 32
17:57:33.652 Service Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys **LOCKED** 32
17:57:34.035 Service Wd C:\Windows\system32\drivers\wd.sys **LOCKED** 32
17:57:34.140 Service Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys **LOCKED** 32
17:57:34.331 Service WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys **LOCKED** 32
17:57:34.883 Service WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys **LOCKED** 32
17:57:35.090 Service WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys **LOCKED** 32
17:57:35.644 Service ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys **LOCKED** 32
17:57:35.993 Service WudfPf C:\Windows\system32\drivers\WudfPf.sys **LOCKED** 32
17:57:36.048 Service WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys **LOCKED** 32
17:57:36.950 Modules scanning
17:57:36.972 Disk 1 trace - called modules:
17:57:36.998 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS halmacpi.dll intelide.sys PCIIDEX.SYS atapi.sys dxgkrnl.sys igdkmd32.sys dxgmms1.sys
17:57:37.014 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0x8620f030]
17:57:37.024 3 CLASSPNP.SYS[8999759e] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-1[0x85d72908]
17:57:37.038 Disk 1 statistics 86904/0/0 @ 3,54 MB/s
17:57:37.051 Scan finished successfully
17:58:10.929 Disk 1 MBR has been saved successfully to "C:\Users\Dana\Desktop\MBR.dat"
17:58:11.004 The log file has been saved successfully to "C:\Users\Dana\Desktop\log.txt"

#18 Příspěvek od **Márty84** » 04 led 2015 20:22

rarach píše:Tdss nelze stáhnout...

Stahnete ho zde http://www.stahuj.centrum.cz/utility_a_ ... dsskiller/

rarach · #19 Příspěvek od **rarach** » 04 led 2015 20:58

Tdss bez nálezu, po dokončení nevyskočilo žádné okno

20:45:57.0381 0x0ce8 TDSS rootkit removing tool 3.0.0.16 Nov 1 2013 15:53:38
20:46:05.0349 0x0ce8 ============================================================
20:46:05.0349 0x0ce8 Current date / time: 2015/01/04 20:46:05.0349
20:46:05.0350 0x0ce8 SystemInfo:
20:46:05.0350 0x0ce8
20:46:05.0350 0x0ce8 OS Version: 6.1.7601 ServicePack: 1.0
20:46:05.0350 0x0ce8 Product type: Workstation
20:46:05.0350 0x0ce8 ComputerName: DANA-PC
20:46:05.0351 0x0ce8 UserName: Dana
20:46:05.0351 0x0ce8 Windows directory: C:\Windows
20:46:05.0351 0x0ce8 System windows directory: C:\Windows
20:46:05.0351 0x0ce8 Processor architecture: Intel x86
20:46:05.0351 0x0ce8 Number of processors: 1
20:46:05.0351 0x0ce8 Page size: 0x1000
20:46:05.0351 0x0ce8 Boot type: Normal boot
20:46:05.0351 0x0ce8 ============================================================
20:46:12.0567 0x0ce8 System UUID: {2FFC0AEE-597A-20B6-F5B8-3525BE9B46F4}
20:46:14.0983 0x0ce8 Drive \Device\Harddisk1\DR1 - Size: 0x9502F9000 (37.25 Gb), SectorSize: 0x200, Cylinders: 0x12FF, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:46:18.0935 0x0ce8 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:46:18.0983 0x0ce8 ============================================================
20:46:18.0983 0x0ce8 \Device\Harddisk1\DR1:
20:46:19.0006 0x0ce8 MBR partitions:
20:46:19.0006 0x0ce8 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x4A6DA7A
20:46:19.0006 0x0ce8 \Device\Harddisk0\DR0:
20:46:19.0009 0x0ce8 MBR partitions:
20:46:19.0009 0x0ce8 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C0681
20:46:19.0009 0x0ce8 ============================================================
20:46:19.0045 0x0ce8 C: <-> \Device\Harddisk1\DR1\Partition1
20:46:19.0061 0x0ce8 D: <-> \Device\Harddisk0\DR0\Partition1
20:46:19.0062 0x0ce8 ============================================================
20:46:19.0062 0x0ce8 Initialize success
20:46:19.0062 0x0ce8 ============================================================
20:47:08.0702 0x08b4 ============================================================
20:47:08.0702 0x08b4 Scan started
20:47:08.0702 0x08b4 Mode: Manual; SigCheck; TDLFS;
20:47:08.0702 0x08b4 ============================================================
20:47:08.0702 0x08b4 KSN ping started
20:47:11.0606 0x08b4 KSN ping finished: true
20:47:12.0412 0x08b4 ================ Scan system memory ========================
20:47:12.0412 0x08b4 System memory - ok
20:47:12.0418 0x08b4 ================ Scan services =============================
20:47:12.0693 0x08b4 [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:47:13.0038 0x08b4 1394ohci - ok
20:47:13.0100 0x08b4 [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:47:13.0181 0x08b4 ACPI - ok
20:47:13.0225 0x08b4 [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:47:13.0361 0x08b4 AcpiPmi - ok
20:47:13.0533 0x08b4 [ 749F94C424524285DCDA84D695ABC12F, E5AD194AF5B8B4FDB3976D3E3F9EF942DECFEC4EBAA9881A8EF7707BB781E4AD ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:47:13.0566 0x08b4 AdobeFlashPlayerUpdateSvc - ok
20:47:13.0745 0x08b4 [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:47:13.0798 0x08b4 adp94xx - ok
20:47:13.0918 0x08b4 [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:47:13.0959 0x08b4 adpahci - ok
20:47:13.0993 0x08b4 [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:47:14.0045 0x08b4 adpu320 - ok
20:47:14.0134 0x08b4 [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:47:14.0236 0x08b4 AeLookupSvc - ok
20:47:14.0393 0x08b4 [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD C:\Windows\system32\drivers\afd.sys
20:47:14.0528 0x08b4 AFD - ok
20:47:14.0558 0x08b4 [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\drivers\agp440.sys
20:47:14.0652 0x08b4 agp440 - ok
20:47:14.0719 0x08b4 [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\drivers\djsvs.sys
20:47:14.0781 0x08b4 aic78xx - ok
20:47:15.0137 0x08b4 [ 7997B6F02CBDA0E31FA18CC85871B938, 1960717C0328ADCEDEEF281FB98E1DD899BFFF9FBEC025B732E20D9E9F3A956B ] ALCXWDM C:\Windows\system32\drivers\RTKVAC.SYS
20:47:15.0383 0x08b4 ALCXWDM - ok
20:47:15.0492 0x08b4 [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe
20:47:15.0591 0x08b4 ALG - ok
20:47:15.0651 0x08b4 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\drivers\aliide.sys
20:47:15.0728 0x08b4 aliide - ok
20:47:15.0822 0x08b4 [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
20:47:15.0852 0x08b4 amdagp - ok
20:47:15.0886 0x08b4 [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\drivers\amdide.sys
20:47:16.0003 0x08b4 amdide - ok
20:47:16.0044 0x08b4 [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
20:47:16.0181 0x08b4 AmdK8 - ok
20:47:16.0215 0x08b4 [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
20:47:16.0336 0x08b4 AmdPPM - ok
20:47:16.0454 0x08b4 [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:47:16.0520 0x08b4 amdsata - ok
20:47:16.0589 0x08b4 [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
20:47:16.0633 0x08b4 amdsbs - ok
20:47:16.0666 0x08b4 [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:47:16.0714 0x08b4 amdxata - ok
20:47:16.0769 0x08b4 [ AEA177F783E20150ACE5383EE368DA19, 8FA9EE27AA1F22E8B8FE33A21028CA1E0062BAA95CB132C20D55B98C03B4254F ] AppID C:\Windows\system32\drivers\appid.sys
20:47:16.0959 0x08b4 AppID - ok
20:47:17.0025 0x08b4 [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:47:17.0165 0x08b4 AppIDSvc - ok
20:47:17.0234 0x08b4 [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo C:\Windows\System32\appinfo.dll
20:47:17.0319 0x08b4 Appinfo - ok
20:47:17.0407 0x08b4 [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\drivers\arc.sys
20:47:17.0457 0x08b4 arc - ok
20:47:17.0483 0x08b4 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:47:17.0616 0x08b4 arcsas - ok
20:47:17.0654 0x08b4 [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:47:17.0776 0x08b4 AsyncMac - ok
20:47:17.0807 0x08b4 [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\drivers\atapi.sys
20:47:17.0831 0x08b4 atapi - ok
20:47:17.0929 0x08b4 [ F4157B3CECF19B1C266C83AFF051C97A, 26728B59B6003EB36BC322D189254574E94790CE23637228A669FAD6ED76ECE3 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:47:18.0100 0x08b4 AudioEndpointBuilder - ok
20:47:18.0190 0x08b4 [ F4157B3CECF19B1C266C83AFF051C97A, 26728B59B6003EB36BC322D189254574E94790CE23637228A669FAD6ED76ECE3 ] Audiosrv C:\Windows\System32\Audiosrv.dll
20:47:18.0397 0x08b4 Audiosrv - ok
20:47:18.0521 0x08b4 [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:47:18.0691 0x08b4 AxInstSV - ok
20:47:18.0762 0x08b4 [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys
20:47:18.0854 0x08b4 b06bdrv - ok
20:47:18.0931 0x08b4 [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
20:47:19.0023 0x08b4 b57nd60x - ok
20:47:19.0068 0x08b4 [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll
20:47:19.0154 0x08b4 BDESVC - ok
20:47:19.0184 0x08b4 [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys
20:47:19.0338 0x08b4 Beep - ok
20:47:19.0441 0x08b4 [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\Windows\System32\bfe.dll
20:47:19.0693 0x08b4 BFE - ok
20:47:19.0777 0x08b4 [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\Windows\system32\qmgr.dll
20:47:19.0881 0x08b4 BITS - ok
20:47:19.0918 0x08b4 [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:47:19.0986 0x08b4 blbdrive - ok
20:47:20.0052 0x08b4 [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:47:20.0119 0x08b4 bowser - ok
20:47:20.0161 0x08b4 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
20:47:20.0220 0x08b4 BrFiltLo - ok
20:47:20.0258 0x08b4 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
20:47:20.0408 0x08b4 BrFiltUp - ok
20:47:20.0470 0x08b4 [ 77361D72A04F18809D0EFB6CCEB74D4B, 55E7DB65BB29FF421F138CDFF05E5ECFFC7C8862FAA68F6179A3BA9D6B69AE64 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
20:47:20.0612 0x08b4 BridgeMP - ok
20:47:20.0657 0x08b4 [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser C:\Windows\System32\browser.dll
20:47:20.0923 0x08b4 Browser - ok
20:47:21.0026 0x08b4 [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:47:21.0235 0x08b4 Brserid - ok
20:47:21.0273 0x08b4 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:47:21.0498 0x08b4 BrSerWdm - ok
20:47:21.0531 0x08b4 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:47:21.0671 0x08b4 BrUsbMdm - ok
20:47:21.0691 0x08b4 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:47:21.0729 0x08b4 BrUsbSer - ok
20:47:21.0812 0x08b4 [ 2865A5C8E98C70C605F417908CEBB3A4, B1C5AC228BD7072AF8668C009C6CDC13EE9FCB9481F57524300F37C40BF1E935 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
20:47:21.0959 0x08b4 BthEnum - ok
20:47:21.0988 0x08b4 [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
20:47:22.0084 0x08b4 BTHMODEM - ok
20:47:22.0152 0x08b4 [ AD1872E5829E8A2C3B5B4B641C3EAB0E, 8C2DBCAC08DDB41E2B44E257C55FA2D0272959B308EFF9EAF5FF9AE1E4A0AA39 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
20:47:22.0195 0x08b4 BthPan - ok
20:47:22.0317 0x08b4 [ C2FBF6D271D9A94D839C416BF186EAD9, 492F8344BD2E354C3525E1E535A1BAAAC17A38EE01868B986AC112E33B3B2A66 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
20:47:22.0531 0x08b4 BTHPORT - ok
20:47:22.0602 0x08b4 [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll
20:47:22.0710 0x08b4 bthserv - ok
20:47:22.0766 0x08b4 [ C81E9413A25A439F436B1D4B6A0CF9E9, A4C290163207AED22C70C7F90B28F6FC24892889643D60D915059405AC5A4A72 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
20:47:22.0842 0x08b4 BTHUSB - ok
20:47:22.0983 0x08b4 catchme - ok
20:47:23.0035 0x08b4 [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:47:23.0141 0x08b4 cdfs - ok
20:47:23.0225 0x08b4 [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:47:23.0314 0x08b4 cdrom - ok
20:47:23.0398 0x08b4 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\Windows\System32\certprop.dll
20:47:23.0509 0x08b4 CertPropSvc - ok
20:47:23.0545 0x08b4 [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\drivers\circlass.sys
20:47:23.0606 0x08b4 circlass - ok
20:47:23.0638 0x08b4 [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS C:\Windows\system32\CLFS.sys
20:47:23.0711 0x08b4 CLFS - ok
20:47:23.0919 0x08b4 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:47:24.0248 0x08b4 clr_optimization_v2.0.50727_32 - ok
20:47:24.0422 0x08b4 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:47:24.0534 0x08b4 clr_optimization_v4.0.30319_32 - ok
20:47:24.0572 0x08b4 [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
20:47:24.0715 0x08b4 CmBatt - ok
20:47:24.0759 0x08b4 [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:47:24.0818 0x08b4 cmdide - ok
20:47:24.0956 0x08b4 [ 85449EEBE8F8EBD6481EFBF0F352B4EB, E6FF04970C5A5BFDE7297A86C1C7B9BFE2E0F976A1A1AFB874CEB488DC6151CC ] CNG C:\Windows\system32\Drivers\cng.sys
20:47:25.0028 0x08b4 CNG - ok
20:47:25.0057 0x08b4 [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\drivers\compbatt.sys
20:47:25.0102 0x08b4 Compbatt - ok
20:47:25.0149 0x08b4 [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
20:47:25.0214 0x08b4 CompositeBus - ok
20:47:25.0251 0x08b4 COMSysApp - ok
20:47:25.0291 0x08b4 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
20:47:25.0339 0x08b4 crcdisk - ok
20:47:25.0419 0x08b4 [ 7CA1BECEA5DE2643ADDAD32670E7A4C9, E3AB4CC52A97E3855D7EAB87363F807FDD2162ED8C76A036CD71549ED64E7797 ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:47:25.0505 0x08b4 CryptSvc - ok
20:47:25.0590 0x08b4 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch C:\Windows\system32\rpcss.dll
20:47:25.0768 0x08b4 DcomLaunch - ok
20:47:25.0852 0x08b4 [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll
20:47:25.0973 0x08b4 defragsvc - ok
20:47:26.0021 0x08b4 [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:47:26.0102 0x08b4 DfsC - ok
20:47:26.0186 0x08b4 [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\Windows\system32\dhcpcore.dll
20:47:26.0309 0x08b4 Dhcp - ok
20:47:26.0334 0x08b4 [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys
20:47:26.0417 0x08b4 discache - ok
20:47:26.0533 0x08b4 [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\Windows\system32\drivers\disk.sys
20:47:26.0579 0x08b4 Disk - ok
20:47:26.0650 0x08b4 [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:47:26.0757 0x08b4 Dnscache - ok
20:47:26.0818 0x08b4 [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\Windows\System32\dot3svc.dll
20:47:26.0892 0x08b4 dot3svc - ok
20:47:26.0979 0x08b4 [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\Windows\system32\dps.dll
20:47:27.0131 0x08b4 DPS - ok
20:47:27.0218 0x08b4 [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:47:27.0501 0x08b4 drmkaud - ok
20:47:27.0577 0x08b4 [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:47:27.0742 0x08b4 DXGKrnl - ok
20:47:27.0781 0x08b4 [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll
20:47:28.0068 0x08b4 EapHost - ok
20:47:28.0364 0x08b4 [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\drivers\evbdx.sys
20:47:28.0547 0x08b4 ebdrv - ok
20:47:28.0604 0x08b4 [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] EFS C:\Windows\System32\lsass.exe
20:47:28.0720 0x08b4 EFS - ok
20:47:28.0810 0x08b4 [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:47:29.0017 0x08b4 ehRecvr - ok
20:47:29.0047 0x08b4 [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\Windows\ehome\ehsched.exe
20:47:29.0119 0x08b4 ehSched - ok
20:47:29.0221 0x08b4 [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
20:47:29.0279 0x08b4 elxstor - ok
20:47:29.0345 0x08b4 [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:47:29.0426 0x08b4 ErrDev - ok
20:47:29.0581 0x08b4 [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll
20:47:29.0669 0x08b4 EventSystem - ok
20:47:29.0706 0x08b4 [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys
20:47:29.0766 0x08b4 exfat - ok
20:47:29.0825 0x08b4 [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:47:29.0918 0x08b4 fastfat - ok
20:47:30.0048 0x08b4 [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\Windows\system32\fxssvc.exe
20:47:30.0245 0x08b4 Fax - ok
20:47:30.0277 0x08b4 [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:47:30.0434 0x08b4 fdc - ok
20:47:30.0476 0x08b4 [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll
20:47:30.0719 0x08b4 fdPHost - ok
20:47:30.0746 0x08b4 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll
20:47:30.0848 0x08b4 FDResPub - ok
20:47:30.0870 0x08b4 [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:47:30.0938 0x08b4 FileInfo - ok
20:47:30.0978 0x08b4 [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:47:31.0065 0x08b4 Filetrace - ok
20:47:31.0101 0x08b4 [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:47:31.0157 0x08b4 flpydisk - ok
20:47:31.0215 0x08b4 [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:47:31.0250 0x08b4 FltMgr - ok
20:47:31.0410 0x08b4 [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache C:\Windows\system32\FntCache.dll
20:47:31.0551 0x08b4 FontCache - ok
20:47:31.0674 0x08b4 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:47:31.0724 0x08b4 FontCache3.0.0.0 - ok
20:47:31.0782 0x08b4 [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:47:31.0820 0x08b4 FsDepends - ok
20:47:31.0857 0x08b4 [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:47:31.0940 0x08b4 Fs_Rec - ok
20:47:32.0043 0x08b4 [ 8A73E79089B282100B9393B644CB853B, 844DC5AADFABBD050B967904B796BA06BFD64C9112616EA26229D084F8B3AD41 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:47:32.0212 0x08b4 fvevol - ok
20:47:32.0262 0x08b4 [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:47:32.0326 0x08b4 gagp30kx - ok
20:47:32.0500 0x08b4 [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc C:\Windows\System32\gpsvc.dll
20:47:32.0637 0x08b4 gpsvc - ok
20:47:32.0668 0x08b4 [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:47:32.0790 0x08b4 hcw85cir - ok
20:47:32.0820 0x08b4 [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
20:47:32.0896 0x08b4 HDAudBus - ok
20:47:32.0947 0x08b4 [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
20:47:33.0114 0x08b4 HidBatt - ok
20:47:33.0154 0x08b4 [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\drivers\hidbth.sys
20:47:33.0227 0x08b4 HidBth - ok
20:47:33.0298 0x08b4 [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\drivers\hidir.sys
20:47:33.0485 0x08b4 HidIr - ok
20:47:33.0643 0x08b4 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\System32\hidserv.dll
20:47:33.0929 0x08b4 hidserv - ok
20:47:33.0988 0x08b4 [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
20:47:34.0106 0x08b4 HidUsb - ok
20:47:34.0166 0x08b4 [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\Windows\system32\kmsvc.dll
20:47:34.0277 0x08b4 hkmsvc - ok
20:47:34.0318 0x08b4 [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:47:34.0495 0x08b4 HomeGroupListener - ok
20:47:34.0564 0x08b4 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:47:34.0649 0x08b4 HomeGroupProvider - ok
20:47:34.0696 0x08b4 [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:47:34.0723 0x08b4 HpSAMD - ok
20:47:34.0784 0x08b4 [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:47:34.0933 0x08b4 HTTP - ok
20:47:34.0960 0x08b4 [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:47:35.0013 0x08b4 hwpolicy - ok
20:47:35.0049 0x08b4 [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:47:35.0110 0x08b4 i8042prt - ok
20:47:35.0203 0x08b4 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:47:35.0256 0x08b4 iaStorV - ok
20:47:35.0456 0x08b4 [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:47:35.0604 0x08b4 idsvc - ok
20:47:35.0685 0x08b4 IEEtwCollectorService - ok
20:47:36.0001 0x08b4 [ 9467514EA189475A6E7FDC5D7BDE9D3F, E6F5B99BF6B614832770F9310B06334A8174C7660DDEC7589433640527A14683 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
20:47:36.0286 0x08b4 igfx - ok
20:47:36.0354 0x08b4 [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\drivers\iirsp.sys
20:47:36.0414 0x08b4 iirsp - ok
20:47:36.0502 0x08b4 [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT C:\Windows\System32\ikeext.dll
20:47:36.0680 0x08b4 IKEEXT - ok
20:47:36.0730 0x08b4 [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\drivers\intelide.sys
20:47:36.0828 0x08b4 intelide - ok
20:47:36.0928 0x08b4 [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:47:37.0108 0x08b4 intelppm - ok
20:47:37.0212 0x08b4 [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:47:37.0275 0x08b4 IPBusEnum - ok
20:47:37.0303 0x08b4 [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:47:37.0427 0x08b4 IpFilterDriver - ok
20:47:37.0514 0x08b4 [ 4D65A07B795D6674312F879D09AA7663, 8D72FE0B51A6FF71F85D2602DB3AE91C8749F70869B6789552F047BA81411EDA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:47:37.0668 0x08b4 iphlpsvc - ok
20:47:37.0698 0x08b4 [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:47:37.0786 0x08b4 IPMIDRV - ok
20:47:37.0816 0x08b4 [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:47:37.0898 0x08b4 IPNAT - ok
20:47:37.0946 0x08b4 [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:47:38.0010 0x08b4 IRENUM - ok
20:47:38.0045 0x08b4 [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:47:38.0113 0x08b4 isapnp - ok
20:47:38.0185 0x08b4 [ CB7A9ABB12B8415BCE5D74994C7BA3AE, 464BFF3F5EEE985BE075E23E1813F5CB82A9A0771A92C6D889B13B867BCDF647 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:47:38.0228 0x08b4 iScsiPrt - ok
20:47:38.0303 0x08b4 [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:47:38.0376 0x08b4 kbdclass - ok
20:47:38.0412 0x08b4 [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:47:38.0486 0x08b4 kbdhid - ok
20:47:38.0510 0x08b4 [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] KeyIso C:\Windows\system32\lsass.exe
20:47:38.0560 0x08b4 KeyIso - ok
20:47:38.0714 0x08b4 [ 2AD446E7A867C48099227415DD66FB34, 7A5C80C19B870EC2AAB448949758972AD1AE2FD7C158ECF4E17DE54A5982B58A ] KL1 C:\Windows\system32\DRIVERS\kl1.sys
20:47:38.0779 0x08b4 KL1 - ok
20:47:38.0919 0x08b4 [ CB7B98B51E2DDB6E519EB35DA0E7AFD2, 55C66955192D0D983F9D94C80104D7204103D993D937B140856AF5DB365B4B7D ] KLIF C:\Windows\system32\DRIVERS\klif.sys
20:47:38.0975 0x08b4 KLIF - ok
20:47:39.0038 0x08b4 [ 4120DA10AA42A9996F4575DB9E3E6E6E, 1C6E790772EA327ACB885D731A030408160534997DD56FEE4D6CEE6929873BB8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:47:39.0116 0x08b4 KSecDD - ok
20:47:39.0180 0x08b4 [ 1E1845606C5A4579F7F3D95796CC1ED1, 26A478A0B5417CBC880A7F2D977AAC5FBF40EC4296426B757D6ACCBBC09486CC ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:47:39.0271 0x08b4 KSecPkg - ok
20:47:39.0335 0x08b4 [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll
20:47:39.0590 0x08b4 KtmRm - ok
20:47:39.0650 0x08b4 [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\Windows\System32\srvsvc.dll
20:47:39.0889 0x08b4 LanmanServer - ok
20:47:39.0940 0x08b4 [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:47:40.0088 0x08b4 LanmanWorkstation - ok
20:47:40.0202 0x08b4 [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:47:40.0408 0x08b4 lltdio - ok
20:47:40.0482 0x08b4 [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:47:40.0619 0x08b4 lltdsvc - ok
20:47:40.0667 0x08b4 [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:47:40.0809 0x08b4 lmhosts - ok
20:47:40.0864 0x08b4 [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
20:47:40.0918 0x08b4 LSI_FC - ok
20:47:40.0958 0x08b4 [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:47:41.0007 0x08b4 LSI_SAS - ok
20:47:41.0041 0x08b4 [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
20:47:41.0102 0x08b4 LSI_SAS2 - ok
20:47:41.0142 0x08b4 [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
20:47:41.0183 0x08b4 LSI_SCSI - ok
20:47:41.0209 0x08b4 [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys
20:47:41.0318 0x08b4 luafv - ok
20:47:41.0546 0x08b4 [ B72E763EB92B8DBE45C455BA6E4BABD0, 444E574476A88534B25814572A3E4028967C942A724505003FC87DCC00062B6E ] LVcKap C:\Windows\system32\DRIVERS\LVcKap.sys
20:47:41.0663 0x08b4 LVcKap - ok
20:47:41.0874 0x08b4 [ E8A376ABC340C35318A79B766C2406BB, FC3A618968FAF9C97BD47D58B2BAE1AA6F7E792040F8C7FBECFFDE9B10D4488B ] LVMVDrv C:\Windows\system32\DRIVERS\LVMVDrv.sys
20:47:42.0010 0x08b4 LVMVDrv - ok
20:47:42.0149 0x08b4 [ 454485F37E205C26DC405DF35BA0B0D3, E7D18487D6151B8983BF975A48192A116BBE62CA459ABAA289B49904911E94AF ] LVSrvLauncher C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
20:47:42.0311 0x08b4 LVSrvLauncher - ok
20:47:42.0379 0x08b4 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:47:42.0614 0x08b4 Mcx2Svc - ok
20:47:42.0676 0x08b4 [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\drivers\megasas.sys
20:47:42.0735 0x08b4 megasas - ok
20:47:42.0798 0x08b4 [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
20:47:42.0873 0x08b4 MegaSR - ok
20:47:42.0997 0x08b4 [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
20:47:43.0112 0x08b4 Microsoft Office Groove Audit Service - ok
20:47:43.0159 0x08b4 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll
20:47:43.0407 0x08b4 MMCSS - ok
20:47:43.0473 0x08b4 [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys
20:47:43.0568 0x08b4 Modem - ok
20:47:43.0648 0x08b4 [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:47:43.0723 0x08b4 monitor - ok
20:47:43.0766 0x08b4 [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:47:43.0829 0x08b4 mouclass - ok
20:47:43.0857 0x08b4 [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:47:43.0946 0x08b4 mouhid - ok
20:47:43.0991 0x08b4 [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:47:44.0029 0x08b4 mountmgr - ok
20:47:44.0062 0x08b4 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\Windows\system32\drivers\mpio.sys
20:47:44.0092 0x08b4 mpio - ok
20:47:44.0160 0x08b4 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:47:44.0283 0x08b4 mpsdrv - ok
20:47:44.0381 0x08b4 [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:47:44.0486 0x08b4 MpsSvc - ok
20:47:44.0529 0x08b4 [ CEB46AB7C01C9F825F8CC6BABC18166A, AA98898204FC58878502C170FE6ED8BA681396DDD8BF3689D0C3642DEA87BEF8 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:47:44.0620 0x08b4 MRxDAV - ok
20:47:44.0658 0x08b4 [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:47:44.0794 0x08b4 mrxsmb - ok
20:47:44.0879 0x08b4 [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:47:45.0107 0x08b4 mrxsmb10 - ok
20:47:45.0132 0x08b4 [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:47:45.0202 0x08b4 mrxsmb20 - ok
20:47:45.0260 0x08b4 [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\Windows\system32\drivers\msahci.sys
20:47:45.0296 0x08b4 msahci - ok
20:47:45.0345 0x08b4 [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:47:45.0374 0x08b4 msdsm - ok
20:47:45.0410 0x08b4 [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe
20:47:45.0710 0x08b4 MSDTC - ok
20:47:45.0797 0x08b4 [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:47:46.0129 0x08b4 Msfs - ok
20:47:46.0155 0x08b4 [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:47:46.0262 0x08b4 mshidkmdf - ok
20:47:46.0294 0x08b4 [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:47:46.0360 0x08b4 msisadrv - ok
20:47:46.0448 0x08b4 [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:47:46.0676 0x08b4 MSiSCSI - ok
20:47:46.0698 0x08b4 msiserver - ok
20:47:46.0757 0x08b4 [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:47:46.0878 0x08b4 MSKSSRV - ok
20:47:46.0927 0x08b4 [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:47:47.0006 0x08b4 MSPCLOCK - ok
20:47:47.0038 0x08b4 [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:47:47.0140 0x08b4 MSPQM - ok
20:47:47.0193 0x08b4 [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:47:47.0222 0x08b4 MsRPC - ok
20:47:47.0257 0x08b4 [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
20:47:47.0310 0x08b4 mssmbios - ok
20:47:47.0342 0x08b4 [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:47:47.0421 0x08b4 MSTEE - ok
20:47:47.0466 0x08b4 [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
20:47:47.0623 0x08b4 MTConfig - ok
20:47:47.0665 0x08b4 [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\Windows\system32\Drivers\mup.sys
20:47:47.0722 0x08b4 Mup - ok
20:47:47.0840 0x08b4 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\Windows\system32\qagentRT.dll
20:47:47.0980 0x08b4 napagent - ok
20:47:48.0063 0x08b4 [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:47:48.0262 0x08b4 NativeWifiP - ok
20:47:48.0427 0x08b4 [ E7C54812A2AAF43316EB6930C1FFA108, C8A6FC1957FA29A3B372132FEA9145538BC767044A11D77316D3D1A3EAA60630 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:47:48.0487 0x08b4 NDIS - ok
20:47:48.0522 0x08b4 [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:47:48.0679 0x08b4 NdisCap - ok
20:47:48.0753 0x08b4 [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:47:48.0848 0x08b4 NdisTapi - ok
20:47:48.0877 0x08b4 [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:47:48.0970 0x08b4 Ndisuio - ok
20:47:49.0043 0x08b4 [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:47:49.0125 0x08b4 NdisWan - ok
20:47:49.0162 0x08b4 [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:47:49.0237 0x08b4 NDProxy - ok
20:47:49.0294 0x08b4 [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:47:49.0406 0x08b4 NetBIOS - ok
20:47:49.0444 0x08b4 [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:47:49.0497 0x08b4 NetBT - ok
20:47:49.0550 0x08b4 [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] Netlogon C:\Windows\system32\lsass.exe
20:47:49.0612 0x08b4 Netlogon - ok
20:47:49.0701 0x08b4 [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\Windows\System32\netman.dll
20:47:49.0873 0x08b4 Netman - ok
20:47:49.0967 0x08b4 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\Windows\System32\netprofm.dll
20:47:50.0073 0x08b4 netprofm - ok
20:47:50.0144 0x08b4 [ 005C38BA492291801AA5F71DAE3C1A7B, E43F0CE95D646B41FC681E0B95721598EA74C45975BEEE1C5EFFB0D238253B0E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:47:50.0225 0x08b4 NetTcpPortSharing - ok
20:47:50.0343 0x08b4 [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
20:47:50.0422 0x08b4 nfrd960 - ok
20:47:50.0493 0x08b4 [ 912084381D30D8B89EC4E293053F4710, 99B8CD043DF531D4B9725ED167F63CED220608B2FED3EE8250C217D15762DFD7 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:47:50.0596 0x08b4 NlaSvc - ok
20:47:50.0626 0x08b4 [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:47:50.0714 0x08b4 Npfs - ok
20:47:50.0789 0x08b4 [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\Windows\system32\nsisvc.dll
20:47:50.0874 0x08b4 nsi - ok
20:47:50.0897 0x08b4 [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:47:50.0973 0x08b4 nsiproxy - ok
20:47:51.0080 0x08b4 [ 5E43D2B0EE64123D4880DFA6626DEFDE, 164413A22DE58B19EA2B4120034B46D6BE1F424B80C3421E10BE5C81153D049F ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:47:51.0211 0x08b4 Ntfs - ok
20:47:51.0238 0x08b4 [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\Windows\system32\drivers\Null.sys
20:47:51.0450 0x08b4 Null - ok
20:47:51.0507 0x08b4 [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:47:51.0612 0x08b4 nvraid - ok
20:47:51.0673 0x08b4 [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:47:51.0741 0x08b4 nvstor - ok
20:47:51.0777 0x08b4 [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:47:51.0896 0x08b4 nv_agp - ok
20:47:52.0018 0x08b4 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:47:52.0391 0x08b4 odserv - ok
20:47:52.0423 0x08b4 [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:47:52.0554 0x08b4 ohci1394 - ok
20:47:52.0627 0x08b4 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:47:52.0762 0x08b4 ose - ok
20:47:52.0840 0x08b4 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:47:52.0940 0x08b4 p2pimsvc - ok
20:47:52.0983 0x08b4 [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\Windows\system32\p2psvc.dll
20:47:53.0179 0x08b4 p2psvc - ok
20:47:53.0241 0x08b4 [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:47:53.0315 0x08b4 Parport - ok
20:47:53.0392 0x08b4 [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:47:53.0429 0x08b4 partmgr - ok
20:47:53.0560 0x08b4 [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
20:47:53.0705 0x08b4 Parvdm - ok
20:47:53.0774 0x08b4 [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:47:53.0844 0x08b4 PcaSvc - ok
20:47:53.0870 0x08b4 [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\Windows\system32\drivers\pci.sys
20:47:53.0945 0x08b4 pci - ok
20:47:53.0984 0x08b4 [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\Windows\system32\drivers\pciide.sys
20:47:54.0034 0x08b4 pciide - ok
20:47:54.0093 0x08b4 [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:47:54.0126 0x08b4 pcmcia - ok
20:47:54.0175 0x08b4 [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\Windows\system32\drivers\pcw.sys
20:47:54.0212 0x08b4 pcw - ok
20:47:54.0305 0x08b4 [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:47:54.0437 0x08b4 PEAUTH - ok
20:47:54.0605 0x08b4 [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\Windows\system32\pla.dll
20:47:55.0042 0x08b4 pla - ok
20:47:55.0144 0x08b4 [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:47:55.0244 0x08b4 PlugPlay - ok
20:47:55.0275 0x08b4 [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:47:55.0351 0x08b4 PNRPAutoReg - ok
20:47:55.0394 0x08b4 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:47:55.0525 0x08b4 PNRPsvc - ok
20:47:55.0661 0x08b4 [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:47:55.0767 0x08b4 PolicyAgent - ok
20:47:55.0832 0x08b4 [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\Windows\system32\umpo.dll
20:47:55.0940 0x08b4 Power - ok
20:47:55.0994 0x08b4 [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:47:56.0102 0x08b4 PptpMiniport - ok
20:47:56.0139 0x08b4 [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\Windows\system32\drivers\processr.sys
20:47:56.0375 0x08b4 Processor - ok
20:47:56.0444 0x08b4 [ 43CA4CCC22D52FB58E8988F0198851D0, DF67BD70D9D82677AE61244B4E54677A5008A7F5EB531DF2A7E7D33F1658EA78 ] ProfSvc C:\Windows\system32\profsvc.dll
20:47:56.0557 0x08b4 ProfSvc - ok
20:47:56.0621 0x08b4 [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:47:56.0672 0x08b4 ProtectedStorage - ok
20:47:56.0740 0x08b4 [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:47:56.0838 0x08b4 Psched - ok
20:47:56.0963 0x08b4 [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\Windows\system32\drivers\ql2300.sys
20:47:57.0119 0x08b4 ql2300 - ok
20:47:57.0161 0x08b4 [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
20:47:57.0201 0x08b4 ql40xx - ok
20:47:57.0243 0x08b4 [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\Windows\system32\qwave.dll
20:47:57.0349 0x08b4 QWAVE - ok
20:47:57.0378 0x08b4 [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:47:57.0445 0x08b4 QWAVEdrv - ok
20:47:57.0481 0x08b4 [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:47:57.0663 0x08b4 RasAcd - ok
20:47:57.0738 0x08b4 [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:47:58.0090 0x08b4 RasAgileVpn - ok
20:47:58.0126 0x08b4 [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\Windows\System32\rasauto.dll
20:47:58.0326 0x08b4 RasAuto - ok
20:47:58.0360 0x08b4 [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:47:58.0453 0x08b4 Rasl2tp - ok
20:47:58.0524 0x08b4 [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\Windows\System32\rasmans.dll
20:47:58.0628 0x08b4 RasMan - ok
20:47:58.0660 0x08b4 [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:47:58.0711 0x08b4 RasPppoe - ok
20:47:58.0756 0x08b4 [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:47:58.0841 0x08b4 RasSstp - ok
20:47:58.0888 0x08b4 [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:47:59.0040 0x08b4 rdbss - ok
20:47:59.0105 0x08b4 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
20:47:59.0174 0x08b4 rdpbus - ok
20:47:59.0210 0x08b4 [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:47:59.0318 0x08b4 RDPCDD - ok
20:47:59.0387 0x08b4 [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:47:59.0658 0x08b4 RDPENCDD - ok
20:47:59.0692 0x08b4 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:47:59.0801 0x08b4 RDPREFMP - ok
20:47:59.0858 0x08b4 [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:47:59.0973 0x08b4 RDPWD - ok
20:48:00.0018 0x08b4 [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:48:00.0070 0x08b4 rdyboost - ok
20:48:00.0216 0x08b4 [ 96EFEC24346A8EB1157E80523079ADDC, 7F8FC284029856C754E400B6C954369FFE27763C81D8F4AF4E58BFDD44CBC24A ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
20:48:00.0269 0x08b4 RealNetworks Downloader Resolver Service - ok
20:48:00.0338 0x08b4 [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:48:00.0643 0x08b4 RemoteAccess - ok
20:48:00.0684 0x08b4 [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:48:00.0977 0x08b4 RemoteRegistry - ok
20:48:01.0022 0x08b4 [ CB928D9E6DAF51879DD6BA8D02F01321, DFD263B67DDF98AE09AF6D6986CBC7BE3206BCE8403AAC51BCF9459E78233D12 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
20:48:01.0396 0x08b4 RFCOMM - ok
20:48:01.0458 0x08b4 [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:48:01.0658 0x08b4 RpcEptMapper - ok
20:48:01.0694 0x08b4 [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\Windows\system32\locator.exe
20:48:01.0829 0x08b4 RpcLocator - ok
20:48:02.0007 0x08b4 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs C:\Windows\system32\rpcss.dll
20:48:02.0156 0x08b4 RpcSs - ok
20:48:02.0239 0x08b4 [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:48:02.0322 0x08b4 rspndr - ok
20:48:02.0354 0x08b4 [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] SamSs C:\Windows\system32\lsass.exe
20:48:02.0422 0x08b4 SamSs - ok
20:48:02.0471 0x08b4 [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:48:02.0524 0x08b4 sbp2port - ok
20:48:02.0574 0x08b4 [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:48:02.0702 0x08b4 SCardSvr - ok
20:48:02.0742 0x08b4 [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:48:02.0882 0x08b4 scfilter - ok
20:48:03.0033 0x08b4 [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule C:\Windows\system32\schedsvc.dll
20:48:03.0278 0x08b4 Schedule - ok
20:48:03.0315 0x08b4 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\Windows\System32\certprop.dll
20:48:03.0468 0x08b4 SCPolicySvc - ok
20:48:03.0492 0x08b4 [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:48:03.0610 0x08b4 SDRSVC - ok
20:48:03.0719 0x08b4 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:48:04.0082 0x08b4 secdrv - ok
20:48:04.0138 0x08b4 [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\Windows\system32\seclogon.dll
20:48:04.0321 0x08b4 seclogon - ok
20:48:04.0355 0x08b4 [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\Windows\system32\sens.dll
20:48:04.0506 0x08b4 SENS - ok
20:48:04.0582 0x08b4 [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:48:04.0714 0x08b4 SensrSvc - ok
20:48:04.0766 0x08b4 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:48:04.0798 0x08b4 Serenum - ok
20:48:04.0857 0x08b4 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:48:04.0938 0x08b4 Serial - ok
20:48:04.0968 0x08b4 [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\Windows\system32\drivers\sermouse.sys
20:48:05.0012 0x08b4 sermouse - ok
20:48:05.0089 0x08b4 [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\Windows\system32\sessenv.dll
20:48:05.0226 0x08b4 SessionEnv - ok
20:48:05.0261 0x08b4 [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:48:05.0343 0x08b4 sffdisk - ok
20:48:05.0385 0x08b4 [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:48:05.0521 0x08b4 sffp_mmc - ok
20:48:05.0558 0x08b4 [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:48:05.0635 0x08b4 sffp_sd - ok
20:48:05.0676 0x08b4 [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
20:48:05.0772 0x08b4 sfloppy - ok
20:48:05.0879 0x08b4 [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:48:05.0981 0x08b4 SharedAccess - ok
20:48:06.0061 0x08b4 [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:48:06.0339 0x08b4 ShellHWDetection - ok
20:48:06.0381 0x08b4 [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\Windows\system32\drivers\sisagp.sys
20:48:06.0460 0x08b4 sisagp - ok
20:48:06.0513 0x08b4 [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
20:48:06.0582 0x08b4 SiSRaid2 - ok
20:48:06.0617 0x08b4 [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:48:06.0688 0x08b4 SiSRaid4 - ok
20:48:06.0833 0x08b4 [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
20:48:07.0227 0x08b4 SkypeUpdate - ok
20:48:07.0320 0x08b4 [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:48:07.0427 0x08b4 Smb - ok
20:48:07.0594 0x08b4 [ C80B84E4843B33DA56A806E1A1275BA0, DA0F9F59EEAF1A97A166CCD0D86148774C4EE619CA33C416FCA162B9636673B3 ] smwdm C:\Windows\system32\drivers\smwdm.sys
20:48:07.0639 0x08b4 smwdm - ok
20:48:07.0699 0x08b4 [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:48:07.0822 0x08b4 SNMPTRAP - ok
20:48:07.0890 0x08b4 [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\Windows\system32\drivers\spldr.sys
20:48:07.0942 0x08b4 spldr - ok
20:48:07.0998 0x08b4 [ 866A43013535DC8587C258E43579C764, B2BE846B5167A2ECD1E30C69A81385FCC6EAE6033394D08458A5583D311C4D82 ] Spooler C:\Windows\System32\spoolsv.exe
20:48:08.0135 0x08b4 Spooler - ok
20:48:08.0417 0x08b4 [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc C:\Windows\system32\sppsvc.exe
20:48:08.0610 0x08b4 sppsvc - ok
20:48:08.0686 0x08b4 [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:48:08.0807 0x08b4 sppuinotify - ok
20:48:08.0884 0x08b4 [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv C:\Windows\system32\DRIVERS\srv.sys
20:48:08.0966 0x08b4 srv - ok
20:48:09.0006 0x08b4 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:48:09.0077 0x08b4 srv2 - ok
20:48:09.0138 0x08b4 [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:48:09.0227 0x08b4 srvnet - ok
20:48:09.0305 0x08b4 [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:48:09.0372 0x08b4 SSDPSRV - ok
20:48:09.0431 0x08b4 [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:48:09.0653 0x08b4 SstpSvc - ok
20:48:09.0730 0x08b4 [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\Windows\system32\drivers\stexstor.sys
20:48:09.0795 0x08b4 stexstor - ok
20:48:09.0907 0x08b4 [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc C:\Windows\System32\wiaservc.dll
20:48:10.0130 0x08b4 StiSvc - ok
20:48:10.0173 0x08b4 [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
20:48:10.0297 0x08b4 swenum - ok
20:48:10.0338 0x08b4 [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\Windows\System32\swprv.dll
20:48:10.0494 0x08b4 swprv - ok
20:48:10.0595 0x08b4 [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain C:\Windows\system32\sysmain.dll
20:48:10.0697 0x08b4 SysMain - ok
20:48:10.0750 0x08b4 [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
20:48:10.0823 0x08b4 TabletInputService - ok
20:48:10.0885 0x08b4 [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv C:\Windows\System32\tapisrv.dll
20:48:10.0963 0x08b4 TapiSrv - ok
20:48:11.0007 0x08b4 [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\Windows\System32\tbssvc.dll
20:48:11.0247 0x08b4 TBS - ok
20:48:11.0680 0x08b4 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:48:11.0743 0x08b4 Tcpip - ok
20:48:11.0855 0x08b4 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:48:11.0950 0x08b4 TCPIP6 - ok
20:48:12.0049 0x08b4 [ CCA24162E055C3714CE5A88B100C64ED, 9B7712E793B9478BA7A1EF71EA9CC03CCB9C4004C54EAA911F158958519EDCD9 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:48:12.0157 0x08b4 tcpipreg - ok
20:48:12.0200 0x08b4 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:48:12.0267 0x08b4 TDPIPE - ok
20:48:12.0322 0x08b4 [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:48:12.0411 0x08b4 TDTCP - ok
20:48:12.0457 0x08b4 [ B459575348C20E8121D6039DA063C704, 1B4328A9EA39FF5A57F258E02254D04B73455F1DF7C997C13702A8B2F12D0347 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:48:12.0584 0x08b4 tdx - ok
20:48:13.0516 0x08b4 [ C0C121B537DA3AD87481C0502CACE462, E0FC2AC71B60C796DCD03217A510C47425FB7783713FCCC477130E69715D2B8D ] TeamViewer C:\Program Files\TeamViewer\TeamViewer_Service.exe
20:48:13.0789 0x08b4 TeamViewer - ok
20:48:13.0868 0x08b4 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
20:48:13.0908 0x08b4 TermDD - ok
20:48:13.0994 0x08b4 [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService C:\Windows\System32\termsrv.dll
20:48:14.0093 0x08b4 TermService - ok
20:48:14.0150 0x08b4 [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\Windows\system32\themeservice.dll
20:48:14.0339 0x08b4 Themes - ok
20:48:14.0454 0x08b4 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\Windows\system32\mmcss.dll
20:48:14.0542 0x08b4 THREADORDER - ok
20:48:14.0586 0x08b4 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\Windows\System32\trkwks.dll
20:48:14.0861 0x08b4 TrkWks - ok
20:48:15.0549 0x08b4 [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:48:16.0025 0x08b4 TrustedInstaller - ok
20:48:16.0514 0x08b4 [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:48:16.0551 0x08b4 tssecsrv - ok
20:48:16.0652 0x08b4 [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:48:16.0810 0x08b4 TsUsbFlt - ok
20:48:16.0882 0x08b4 [ 01246F0BAAD7B68EC0F472AA41E33282, 51F975AF029AD015576FFFA3E88F5DBB8B40C7CD30ECDEDE8AFABCB08C954199 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
20:48:16.0945 0x08b4 TsUsbGD - ok
20:48:17.0016 0x08b4 [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:48:17.0099 0x08b4 tunnel - ok
20:48:17.0130 0x08b4 [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:48:17.0184 0x08b4 uagp35 - ok
20:48:17.0231 0x08b4 [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:48:17.0374 0x08b4 udfs - ok
20:48:17.0447 0x08b4 [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:48:17.0664 0x08b4 UI0Detect - ok
20:48:17.0714 0x08b4 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:48:17.0806 0x08b4 uliagpkx - ok
20:48:17.0864 0x08b4 [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:48:17.0983 0x08b4 umbus - ok
20:48:18.0067 0x08b4 [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\Windows\system32\drivers\umpass.sys
20:48:18.0182 0x08b4 UmPass - ok
20:48:18.0281 0x08b4 [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\Windows\System32\upnphost.dll
20:48:18.0364 0x08b4 upnphost - ok
20:48:18.0459 0x08b4 [ A1977C315BF5691DA99235AA4A6907AF, 34B52FBA83F0E1C6B001D0AD1808B00152F731D18AAECC3C53B9918AA89BACEC ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
20:48:18.0534 0x08b4 usbaudio - ok
20:48:18.0604 0x08b4 [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:48:18.0684 0x08b4 usbccgp - ok
20:48:18.0719 0x08b4 [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:48:18.0802 0x08b4 usbcir - ok
20:48:18.0823 0x08b4 [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
20:48:18.0989 0x08b4 usbehci - ok
20:48:19.0133 0x08b4 [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:48:19.0269 0x08b4 usbhub - ok
20:48:19.0336 0x08b4 [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:48:19.0428 0x08b4 usbohci - ok
20:48:19.0496 0x08b4 [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\Windows\system32\drivers\usbprint.sys
20:48:19.0558 0x08b4 usbprint - ok
20:48:19.0713 0x08b4 [ 007C0C8D5B01D82ACEB70431D15083F6, 7EAF68CD3C38D3CD2CDFEE9ECE1DFB38E274F1F9E6F70B73BCE1336E87D5496C ] usbser C:\Windows\system32\drivers\usbser.sys
20:48:19.0779 0x08b4 usbser - ok
20:48:19.0887 0x08b4 [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:48:20.0052 0x08b4 USBSTOR - ok
20:48:20.0112 0x08b4 [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
20:48:20.0181 0x08b4 usbuhci - ok
20:48:20.0258 0x08b4 [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
20:48:20.0325 0x08b4 usbvideo - ok
20:48:20.0403 0x08b4 [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\Windows\System32\uxsms.dll
20:48:20.0523 0x08b4 UxSms - ok
20:48:20.0552 0x08b4 [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] VaultSvc C:\Windows\system32\lsass.exe
20:48:20.0602 0x08b4 VaultSvc - ok
20:48:20.0673 0x08b4 [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:48:20.0829 0x08b4 vdrvroot - ok
20:48:21.0027 0x08b4 [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds C:\Windows\System32\vds.exe
20:48:21.0145 0x08b4 vds - ok
20:48:21.0185 0x08b4 [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:48:21.0267 0x08b4 vga - ok
20:48:21.0346 0x08b4 [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\Windows\System32\drivers\vga.sys
20:48:21.0412 0x08b4 VgaSave - ok
20:48:21.0459 0x08b4 [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:48:21.0491 0x08b4 vhdmp - ok
20:48:21.0543 0x08b4 [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\Windows\system32\drivers\viaagp.sys
20:48:21.0609 0x08b4 viaagp - ok
20:48:21.0709 0x08b4 [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
20:48:21.0810 0x08b4 ViaC7 - ok
20:48:21.0846 0x08b4 [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\Windows\system32\drivers\viaide.sys
20:48:21.0946 0x08b4 viaide - ok
20:48:21.0989 0x08b4 [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:48:22.0037 0x08b4 volmgr - ok
20:48:22.0153 0x08b4 [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:48:22.0275 0x08b4 volmgrx - ok
20:48:22.0308 0x08b4 [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:48:22.0848 0x08b4 volsnap - ok
20:48:22.0962 0x08b4 [ 8AEDAF658E36A863DDAA06A79FADECB0, 918495589C2593885F14257CAC7900B959F719331D5DD218A8DCC38F380B1A53 ] Vsdatant C:\Windows\system32\DRIVERS\vsdatant.sys
20:48:23.0023 0x08b4 Vsdatant - ok
20:48:23.0321 0x08b4 [ 21D22AC9B8B33AF6EEEBDB10D1661C37, 56C7A8E5C3084163342A433FD20DE8E9931C1C293B49C0F9CD9C8F45A56D135B ] vsmon C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
20:48:23.0581 0x08b4 vsmon - ok
20:48:23.0729 0x08b4 [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:48:23.0756 0x08b4 vsmraid - ok
20:48:23.0947 0x08b4 [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS C:\Windows\system32\vssvc.exe
20:48:24.0196 0x08b4 VSS - ok
20:48:24.0229 0x08b4 [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
20:48:24.0329 0x08b4 vwifibus - ok
20:48:24.0402 0x08b4 [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\Windows\system32\w32time.dll
20:48:24.0495 0x08b4 W32Time - ok
20:48:24.0545 0x08b4 [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
20:48:24.0606 0x08b4 WacomPen - ok
20:48:24.0653 0x08b4 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:48:24.0756 0x08b4 WANARP - ok
20:48:24.0848 0x08b4 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:48:25.0020 0x08b4 Wanarpv6 - ok
20:48:25.0363 0x08b4 [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
20:48:25.0927 0x08b4 WatAdminSvc - ok
20:48:26.0078 0x08b4 [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine C:\Windows\system32\wbengine.exe
20:48:26.0186 0x08b4 wbengine - ok
20:48:26.0250 0x08b4 [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:48:26.0373 0x08b4 WbioSrvc - ok
20:48:26.0416 0x08b4 [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:48:26.0514 0x08b4 wcncsvc - ok
20:48:26.0565 0x08b4 [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:48:26.0663 0x08b4 WcsPlugInService - ok
20:48:26.0729 0x08b4 [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\Windows\system32\drivers\wd.sys
20:48:26.0765 0x08b4 Wd - ok
20:48:26.0884 0x08b4 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:48:26.0928 0x08b4 Wdf01000 - ok
20:48:26.0961 0x08b4 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:48:27.0346 0x08b4 WdiServiceHost - ok
20:48:27.0381 0x08b4 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:48:27.0468 0x08b4 WdiSystemHost - ok
20:48:27.0505 0x08b4 [ A9D880F97530D5B8FEE278923349929D, 6A293E2DB9B7C434EA8B4CD4861E11905D46BD60E014AE27B74DC8C4B2DDF834 ] WebClient C:\Windows\System32\webclnt.dll
20:48:27.0628 0x08b4 WebClient - ok
20:48:27.0668 0x08b4 [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:48:27.0741 0x08b4 Wecsvc - ok
20:48:27.0778 0x08b4 [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:48:27.0844 0x08b4 wercplsupport - ok
20:48:27.0927 0x08b4 [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\Windows\System32\WerSvc.dll
20:48:28.0130 0x08b4 WerSvc - ok
20:48:28.0192 0x08b4 [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:48:28.0278 0x08b4 WfpLwf - ok
20:48:28.0350 0x08b4 [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:48:28.0412 0x08b4 WIMMount - ok
20:48:28.0561 0x08b4 [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
20:48:28.0781 0x08b4 WinDefend - ok
20:48:28.0910 0x08b4 WinHttpAutoProxySvc - ok
20:48:29.0032 0x08b4 [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:48:29.0092 0x08b4 Winmgmt - ok
20:48:29.0245 0x08b4 [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM C:\Windows\system32\WsmSvc.dll
20:48:29.0483 0x08b4 WinRM - ok
20:48:29.0634 0x08b4 [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:48:29.0727 0x08b4 WinUsb - ok
20:48:29.0829 0x08b4 [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\Windows\System32\wlansvc.dll
20:48:29.0947 0x08b4 Wlansvc - ok
20:48:29.0987 0x08b4 [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:48:30.0061 0x08b4 WmiAcpi - ok
20:48:30.0118 0x08b4 [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:48:30.0203 0x08b4 wmiApSrv - ok
20:48:30.0630 0x08b4 [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
20:48:30.0961 0x08b4 WMPNetworkSvc - ok
20:48:31.0000 0x08b4 [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:48:31.0249 0x08b4 WPCSvc - ok
20:48:31.0310 0x08b4 [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:48:31.0388 0x08b4 WPDBusEnum - ok
20:48:31.0445 0x08b4 [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:48:31.0522 0x08b4 ws2ifsl - ok
20:48:31.0556 0x08b4 [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\Windows\system32\wscsvc.dll
20:48:31.0674 0x08b4 wscsvc - ok
20:48:31.0696 0x08b4 WSearch - ok
20:48:31.0872 0x08b4 [ D9B0134913E5EF007AF82A418C503322, 7418DD28C8E968674382F8352AAFFC4DE77887E2B71B8844D615F19432B4C55A ] wuauserv C:\Windows\system32\wuaueng.dll
20:48:32.0011 0x08b4 wuauserv - ok
20:48:32.0051 0x08b4 [ E714A1C0354636837E20CCBF00888EE7, 0E31F0DB0AA318E3B0DACD26C0D3B11519B42F2A996AE580BE67FA8B3C42C436 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:48:32.0196 0x08b4 WudfPf - ok
20:48:32.0243 0x08b4 [ 1023EE888C9B47178C5293ED5336AB69, 62221C80C3F719A585266247482A64F7CB2F5EF69AFA8FA07D563CA2B0A37561 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:48:32.0367 0x08b4 WUDFRd - ok
20:48:32.0410 0x08b4 [ 8D1E1E529A2C9E9B6A85B55A345F7629, 64B637CFE2AF58A4F7CE6D8C3D603F8EFD527500F7137E0A37840313C712CA93 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:48:32.0575 0x08b4 wudfsvc - ok
20:48:32.0635 0x08b4 [ FF2D745B560F7C71B31F30F4D49F73D2, B2FBF7E5F58E34AC64FE6CF65800F1F07939279203BDE89375FAC92B884A4F37 ] WwanSvc C:\Windows\System32\wwansvc.dll
20:48:32.0740 0x08b4 WwanSvc - ok
20:48:32.0974 0x08b4 [ CEC8ED565F3663F0B8A862561BF08D79, FDDBEDC79C7061B20AA450BB3D09EDADEDD5F531D8EA100BBF542A63BDFCE593 ] ZAPrivacyService C:\Program Files\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
20:48:33.0002 0x08b4 ZAPrivacyService - ok
20:48:33.0071 0x08b4 ================ Scan global ===============================
20:48:33.0159 0x08b4 [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
20:48:33.0229 0x08b4 [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
20:48:33.0280 0x08b4 [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
20:48:33.0326 0x08b4 [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
20:48:33.0433 0x08b4 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
20:48:33.0445 0x08b4 [ Global ] - ok
20:48:33.0451 0x08b4 ================ Scan MBR ==================================
20:48:33.0475 0x08b4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
20:48:34.0134 0x08b4 \Device\Harddisk1\DR1 - ok
20:48:34.0147 0x08b4 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
20:48:34.0230 0x08b4 \Device\Harddisk0\DR0 - ok
20:48:34.0242 0x08b4 ================ Scan VBR ==================================
20:48:34.0260 0x08b4 [ D3E626A55C7FE601394959CFDE0B0C1F ] \Device\Harddisk1\DR1\Partition1
20:48:34.0263 0x08b4 \Device\Harddisk1\DR1\Partition1 - ok
20:48:34.0280 0x08b4 [ 036F7FDF2BB737338B9D3DEC069DA323 ] \Device\Harddisk0\DR0\Partition1
20:48:34.0282 0x08b4 \Device\Harddisk0\DR0\Partition1 - ok
20:48:34.0299 0x08b4 Waiting for KSN requests completion. In queue: 59
20:48:35.0304 0x08b4 Waiting for KSN requests completion. In queue: 59
20:48:36.0304 0x08b4 Waiting for KSN requests completion. In queue: 59
20:48:37.0378 0x08b4 AV detected via SS2: ZoneAlarm Antivirus, C:\Program Files\CheckPoint\ZoneAlarm\\MultiFix.exe ( 13.3.209.0 ), 0x41000 ( enabled : updated )
20:48:37.0382 0x08b4 FW detected via SS2: ZoneAlarm Firewall, C:\Program Files\CheckPoint\ZoneAlarm\\MultiFix.exe ( 13.3.209.0 ), 0x41010 ( enabled )
20:48:40.0142 0x08b4 ============================================================
20:48:40.0142 0x08b4 Scan finished
20:48:40.0142 0x08b4 ============================================================
20:48:40.0178 0x08f8 Detected object count: 0
20:48:40.0178 0x08f8 Actual detected object count: 0

#20 Příspěvek od **Márty84** » 05 led 2015 09:42

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

KillAll::

File::
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2134114164-228554498-2970152826-1000Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2134114164-228554498-2970152826-1000UA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2134114164-228554498-2970152826-1000Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2134114164-228554498-2970152826-1000UA.job

Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Google Update"=-
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"TkBellExe"=-
"SunJavaUpdateSched"=-

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Driver::
SkypeUpdate

Reboot::

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace

Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

rarach · #21 Příspěvek od **rarach** » 05 led 2015 18:29

ComboFix 15-01-05.01 - Dana 05.01.2015 18:03:03.2.1 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.2038.1337 [GMT 1:00]
Spuštěný z: c:\users\Dana\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Dana\Desktop\CFScript.txt
AV: ZoneAlarm Antivirus *Disabled/Updated* {23B6D20A-C2DE-B3F5-C67D-07ECD854E6A9}
FW: ZoneAlarm Firewall *Disabled* {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: ZoneAlarm Anti-Spyware *Disabled/Updated* {98D733EE-E4E4-BC7B-FCCD-3C9EA3D3AC14}
.
FILE ::
"c:\windows\Tasks\Adobe Flash Player Updater.job"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2134114164-228554498-2970152826-1000Core.job"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2134114164-228554498-2970152826-1000UA.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2134114164-228554498-2970152826-1000Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2134114164-228554498-2970152826-1000UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-12-05 do 2015-01-05 )))))))))))))))))))))))))))))))
.
.
2015-01-05 17:14 . 2012-08-27 23:50 7022536 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FA6AC264-63D4-40E8-BA2F-5F0CE16BEBD7}\mpengine.dll
2015-01-05 17:11 . 2015-01-05 17:11 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-01-05 01:13 . 2015-01-05 01:13 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8EB33283-DF40-4D4A-8E2A-D74D2CA8407C}\offreg.dll
2015-01-04 16:09 . 2015-01-04 16:35 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-01-04 16:08 . 2015-01-04 16:08 119000 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-01-04 16:08 . 2015-01-04 16:08 79576 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-01-04 10:41 . 2014-12-15 03:13 9054624 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8EB33283-DF40-4D4A-8E2A-D74D2CA8407C}\mpengine.dll
2014-12-28 11:36 . 2014-12-28 11:36 -------- d-----w- C:\zoek
2014-12-27 10:26 . 2014-12-27 11:01 -------- d-----w- C:\AdwCleaner
2014-12-27 09:45 . 2014-06-11 09:09 135776 ----a-w- c:\windows\system32\drivers\kl1.sys
2014-12-27 09:45 . 2014-06-11 09:09 74848 ----a-w- c:\windows\system32\drivers\klflt.sys
2014-12-27 09:45 . 2014-12-27 09:45 -------- dc----w- c:\windows\system32\DRVSTORE
2014-12-27 09:40 . 2014-12-27 09:44 -------- d-----w- c:\program files\CheckPoint
2014-12-27 09:40 . 2014-12-27 09:40 -------- d-----w- c:\programdata\CheckPoint
2014-12-27 09:19 . 2014-12-27 09:20 -------- d-----w- C:\rsit
2014-12-27 09:19 . 2014-12-27 09:20 -------- d-----w- c:\program files\trend micro
2014-12-26 14:50 . 2014-12-26 14:50 -------- d-sh--w- c:\users\Dana\AppData\Local\EmieUserList
2014-12-26 14:50 . 2014-12-26 14:50 -------- d-sh--w- c:\users\Dana\AppData\Local\EmieSiteList
2014-12-26 14:50 . 2014-12-26 14:50 -------- d-sh--w- c:\users\Dana\AppData\Local\EmieBrowserModeList
2014-12-18 14:35 . 2014-12-13 03:33 115712 ----a-w- c:\windows\system32\ieUnatt.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-10 15:57 . 2012-05-20 06:17 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-12-10 15:57 . 2011-09-23 19:49 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-11-24 13:04 . 2011-09-23 17:11 229000 ------w- c:\windows\system32\MpSigStub.exe
2014-11-18 13:56 . 2014-11-18 13:56 1202848 ----a-w- c:\windows\system32\FM20.DLL
2014-11-11 02:44 . 2014-11-19 15:45 186880 ----a-w- c:\windows\system32\pku2u.dll
2014-11-11 02:44 . 2014-11-19 15:45 550912 ----a-w- c:\windows\system32\kerberos.dll
2014-10-25 01:32 . 2014-11-12 16:31 67584 ----a-w- c:\windows\system32\packager.dll
2014-10-18 01:33 . 2014-11-12 16:32 571904 ----a-w- c:\windows\system32\oleaut32.dll
2014-10-14 01:56 . 2014-11-12 16:31 136632 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-10-14 01:50 . 2014-11-12 16:31 523776 ----a-w- c:\windows\system32\termsrv.dll
2014-10-14 01:50 . 2014-11-12 16:31 1059840 ----a-w- c:\windows\system32\lsasrv.dll
2014-10-14 01:47 . 2014-11-12 16:31 146432 ----a-w- c:\windows\system32\msaudite.dll
2014-10-14 01:46 . 2014-11-12 16:31 681984 ----a-w- c:\windows\system32\adtschema.dll
2014-10-10 00:45 . 2014-11-12 16:31 2379264 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Center Agent"="c:\program files\Genius Multimedia\HyperMediaCenter\DTVR\Scheduled.exe" [2008-11-07 1520128]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2011-09-23 604704]
"ZoneAlarm"="c:\program files\CheckPoint\ZoneAlarm\zatray.exe" [2014-08-13 137352]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"="start http://www.avg.cz/cz.special-uninstalla ... =10.0.1434" [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Center Agent]
2008-11-07 09:58 1520128 ----a-w- c:\program files\Genius Multimedia\HyperMediaCenter\DTVR\Scheduled.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Family Tree Builder Update]
2011-12-21 15:26 229376 ----a-w- c:\program files\MyHeritage\Bin\FTBCheckUpdates.exe
.
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-11-22 102912]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-09-25 1343400]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-08-14 39056]
S2 ZAPrivacyService;ZoneAlarm Privacy Service;c:\program files\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [2014-08-13 96272]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2015-01-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-20 15:57]
.
2015-01-05 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2134114164-228554498-2970152826-1000Core.job
- c:\users\Dana\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-20 16:10]
.
2015-01-05 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2134114164-228554498-2970152826-1000UA.job
- c:\users\Dana\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-20 16:10]
.
2015-01-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2134114164-228554498-2970152826-1000Core.job
- c:\users\Dana\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-23 19:39]
.
2015-01-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2134114164-228554498-2970152826-1000UA.job
- c:\users\Dana\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-23 19:39]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files\ICQ7.6\ICQ.exe
TCP: DhcpNameServer = 80.188.190.9 78.156.32.2 78.156.49.165
.
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.1.7601 Disk: SAMSUNG_HD040GJ/P rev.ZG100-34 -> Harddisk1\DR1 -> \Device\Ide\IdeDeviceP2T0L0-2
.
device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user != kernel MBR !!!
sectors 78124998 (+255): user != kernel
.
**************************************************************************
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\taskhost.exe
c:\program files\TeamViewer\TeamViewer_Service.exe
c:\windows\system32\conhost.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkový čas: 2015-01-05 18:21:09 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-01-05 17:21
ComboFix2.txt 2014-12-28 14:18
.
Před spuštěním: 6 970 331 136
Po spuštění: 6 805 385 216
.
- - End Of File - - 3485A9B0B3555F8DC7DCA8CD87710E25
413FC2A0C716421B3158746D63736515

#22 Příspěvek od **Márty84** » 06 led 2015 13:06

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

rarach · #23 Příspěvek od **rarach** » 06 led 2015 18:53

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-01-2015
Ran by Dana (administrator) on DANA-PC on 06-01-2015 18:42:18
Running from C:\Users\Dana\Desktop
Loaded Profile: Dana (Available profiles: Dana)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Check Point Software Technologies Ltd.) C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Check Point Software Technologies, Ltd.) C:\Program Files\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(Realtek Semiconductor Corp.) C:\Windows\SOUNDMAN.EXE
(Check Point Software Technologies Ltd.) C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
() C:\Program Files\Genius Multimedia\HyperMediaCenter\DTVR\Scheduled.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Desktop.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(forum.viry.cz) C:\Users\Dana\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SoundMan] => C:\Windows\SOUNDMAN.EXE [604704 2011-09-23] (Realtek Semiconductor Corp.)
HKLM\...\Run: [ZoneAlarm] => C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe [137352 2014-08-13] (Check Point Software Technologies Ltd.)
HKLM\...\RunOnce: [AvgUninstallURL] => cmd.exe /c start http://www.avg.cz/cz.special-uninstalla ... QVBQKzEtRk (the data entry has 215 more characters).
HKU\S-1-5-21-2134114164-228554498-2970152826-1000\...\Run: [Center Agent] => C:\Program Files\Genius Multimedia\HyperMediaCenter\DTVR\Scheduled.exe [1520128 2008-11-07] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2134114164-228554498-2970152826-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-2134114164-228554498-2970152826-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2134114164-228554498-2970152826-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455}
DPF: {D27AAA6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
DPF: {D27BBB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 80.188.190.9 78.156.32.2 78.156.49.165

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKU\S-1-5-21-2134114164-228554498-2970152826-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Dana\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-2134114164-228554498-2970152826-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Dana\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2134114164-228554498-2970152826-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Dana\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-12-05]
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

Chrome:
=======
CHR HomePage: Default -> hxxp://search.babylon.com/?babsrc=HP_ss&mntrId=08720013728571BD&affID=123896&tsp=4975
CHR StartupUrls: Default -> "hxxp://www.searchnu.com/406"
CHR Profile: C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-28]
CHR Extension: (Dokumenty Google) - C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-28]
CHR Extension: (Disk Google) - C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-28]
CHR Extension: (YouTube) - C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-19]
CHR Extension: (Vyhledávání Google) - C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-19]
CHR Extension: (Tabulky Google) - C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-28]
CHR Extension: (RealDownloader) - C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2012-12-22]
CHR Extension: (Twoo Notifications) - C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions\mggafhpkgkfebnjfbiefbbbicikgchlf [2013-10-09]
CHR Extension: (Peněženka Google) - C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-26]
CHR Extension: (Gmail) - C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-19]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR StartMenuInternet: Google Chrome - C:\Users\Dana\AppData\Local\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [105248 2007-03-06] (Labtec Inc.)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
R2 vsmon; C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe [3596752 2014-08-13] (Check Point Software Technologies Ltd.)
R2 ZAPrivacyService; C:\Program Files\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [96272 2014-08-13] (Check Point Software Technologies, Ltd.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ALCXWDM; C:\Windows\System32\drivers\RTKVAC.SYS [4172832 2011-09-23] (Realtek Semiconductor Corp.)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [135776 2014-06-11] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [488032 2014-06-11] (Kaspersky Lab ZAO)
S3 LVcKap; C:\Windows\System32\DRIVERS\LVcKap.sys [1669664 2007-03-06] ()
S3 LVMVDrv; C:\Windows\System32\DRIVERS\LVMVDrv.sys [2261792 2007-03-06] (Labtec Inc.)
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [456088 2014-08-13] (Check Point Software Technologies Ltd.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Dana\AppData\Local\Temp\catchme.sys [X]
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [74848 2014-06-11] (Kaspersky Lab ZAO)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-06 18:42 - 2015-01-06 18:43 - 00011809 _____ () C:\Users\Dana\Desktop\FRST.txt
2015-01-06 18:41 - 2015-01-06 18:42 - 00000000 ____D () C:\FRST
2015-01-06 18:30 - 2015-01-06 18:30 - 01115136 _____ (Farbar) C:\Users\Dana\Desktop\FRST.exe
2015-01-06 18:22 - 2015-01-06 18:23 - 00112640 _____ (forum.viry.cz) C:\Users\Dana\Desktop\FRSTLauncher.exe
2015-01-06 18:18 - 2015-01-06 18:18 - 00112640 _____ (forum.viry.cz) C:\Users\Dana\Downloads\Nepotvrzeno 381144.crdownload
2015-01-05 18:21 - 2015-01-05 18:21 - 00009656 _____ () C:\ComboFix.txt
2015-01-05 17:55 - 2015-01-05 17:54 - 05609498 ____R (Swearware) C:\Users\Dana\Desktop\ComboFix.exe
2015-01-05 17:54 - 2015-01-05 17:54 - 05609498 _____ (Swearware) C:\Users\Dana\Downloads\ComboFix.exe
2015-01-04 17:53 - 2015-01-04 17:53 - 00000533 _____ () C:\Users\Dana\Documents\aswMBR.txt
2015-01-04 17:46 - 2015-01-04 17:46 - 00158496 _____ () C:\Windows\Minidump\010415-38298-01.dmp
2015-01-04 17:46 - 2015-01-04 17:46 - 00000000 ____D () C:\Windows\Minidump
2015-01-04 17:45 - 2015-01-04 17:45 - 207519836 _____ () C:\Windows\MEMORY.DMP
2015-01-04 17:09 - 2015-01-04 17:35 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-01-04 17:08 - 2015-01-04 17:08 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-04 17:08 - 2015-01-04 17:08 - 00079576 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-04 16:55 - 2015-01-04 16:55 - 00000929 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-01-04 16:55 - 2015-01-04 16:55 - 00000917 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk
2014-12-28 15:05 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-12-28 15:05 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-12-28 15:05 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-12-28 15:05 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-12-28 15:05 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-12-28 15:05 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-12-28 15:05 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-12-28 15:05 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-12-28 15:04 - 2015-01-05 18:21 - 00000000 ____D () C:\Qoobox
2014-12-28 15:03 - 2015-01-05 18:11 - 00000000 ____D () C:\Windows\erdnt
2014-12-28 12:55 - 2014-12-28 12:55 - 00262144 _____ () C:\Windows\system32\config\elam
2014-12-28 12:36 - 2014-12-28 12:36 - 00000021 _____ () C:\folders.log
2014-12-28 12:36 - 2014-12-28 12:36 - 00000000 ____D () C:\zoek
2014-12-28 12:01 - 2014-12-28 12:54 - 00007323 _____ () C:\zoek-results.log
2014-12-28 11:58 - 2014-12-28 12:54 - 00003197 _____ () C:\runcheck.txt
2014-12-28 11:58 - 2014-12-28 12:44 - 00000000 ____D () C:\zoek_backup
2014-12-28 11:38 - 2015-01-04 15:16 - 00006169 ____H () C:\Windows\system32\BTImages.dat
2014-12-27 11:26 - 2014-12-27 12:01 - 00000000 ____D () C:\AdwCleaner
2014-12-27 11:18 - 2015-01-05 18:12 - 00158470 _____ () C:\Windows\PFRO.log
2014-12-27 10:45 - 2014-12-27 10:47 - 00431395 _____ () C:\Windows\system32\Drivers\vsconfig.xml
2014-12-27 10:45 - 2014-06-11 10:09 - 00488032 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-12-27 10:45 - 2014-06-11 10:09 - 00135776 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2014-12-27 10:45 - 2014-06-11 10:09 - 00074848 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-12-27 10:44 - 2014-12-27 10:44 - 00000732 _____ () C:\Users\Public\Desktop\ZoneAlarm Security.lnk
2014-12-27 10:44 - 2014-12-27 10:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
2014-12-27 10:40 - 2014-12-27 10:44 - 00000000 ____D () C:\Program Files\CheckPoint
2014-12-27 10:40 - 2014-12-27 10:40 - 00000000 ____D () C:\ProgramData\CheckPoint
2014-12-27 10:40 - 2014-12-27 10:40 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-12-27 10:19 - 2014-12-27 10:20 - 00000000 ____D () C:\rsit
2014-12-27 10:19 - 2014-12-27 10:20 - 00000000 ____D () C:\Program Files\trend micro
2014-12-26 15:50 - 2014-12-26 15:50 - 00000000 __SHD () C:\Users\Dana\AppData\Local\EmieUserList
2014-12-26 15:50 - 2014-12-26 15:50 - 00000000 __SHD () C:\Users\Dana\AppData\Local\EmieSiteList
2014-12-26 15:50 - 2014-12-26 15:50 - 00000000 __SHD () C:\Users\Dana\AppData\Local\EmieBrowserModeList
2014-12-26 13:50 - 2015-01-06 18:35 - 00000560 _____ () C:\Windows\setupact.log
2014-12-26 13:50 - 2015-01-04 17:46 - 00406912 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-26 13:50 - 2014-12-26 13:50 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-18 15:35 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-15 19:39 - 2015-01-05 19:25 - 00108824 _____ () C:\Users\Dana\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-14 20:09 - 2014-12-14 22:11 - 2653165568 _____ () C:\Users\Dana\Documents\Nebezpečná touha krimi.mpg
2014-12-10 17:15 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 17:15 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 17:15 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 17:15 - 2014-11-22 03:20 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 17:15 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 17:15 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 17:15 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-10 17:15 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 17:15 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 17:15 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 17:15 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 17:15 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 17:15 - 2014-11-22 02:55 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-10 17:15 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-10 17:15 - 2014-11-22 02:48 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 17:15 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 17:15 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 17:15 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 17:15 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 17:15 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 17:15 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 17:15 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 17:15 - 2014-11-22 02:23 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 17:15 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 17:15 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-10 17:15 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 17:15 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 17:15 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 17:15 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 17:15 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-06 18:39 - 2011-09-23 17:50 - 01446490 _____ () C:\Windows\WindowsUpdate.log
2015-01-06 18:35 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-06 18:00 - 2012-10-11 16:22 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-06 17:51 - 2011-09-23 19:10 - 00000958 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2134114164-228554498-2970152826-1000UA.job
2015-01-06 17:15 - 2013-01-20 17:10 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2134114164-228554498-2970152826-1000UA.job
2015-01-06 17:15 - 2013-01-20 17:10 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2134114164-228554498-2970152826-1000Core.job
2015-01-06 16:51 - 2011-09-23 19:10 - 00000906 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2134114164-228554498-2970152826-1000Core.job
2015-01-05 20:01 - 2011-10-04 12:26 - 00000000 ____D () C:\Users\Dana\AppData\Roaming\Skype
2015-01-05 19:28 - 2009-07-14 05:34 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-05 19:28 - 2009-07-14 05:34 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-05 18:15 - 2009-07-14 03:04 - 00000215 _____ () C:\Windows\system.ini
2015-01-05 18:12 - 2009-07-14 03:03 - 48758784 _____ () C:\Windows\system32\config\SOFTWARE.bak
2015-01-05 18:12 - 2009-07-14 03:03 - 15728640 _____ () C:\Windows\system32\config\SYSTEM.bak
2015-01-05 18:12 - 2009-07-14 03:03 - 00524288 _____ () C:\Windows\system32\config\DEFAULT.bak
2015-01-05 18:12 - 2009-07-14 03:03 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2015-01-05 18:12 - 2009-07-14 03:03 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2015-01-05 18:06 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-04 18:04 - 2012-09-18 18:51 - 00000000 ____D () C:\Program Files\TeamViewer
2015-01-04 17:46 - 2009-07-14 05:53 - 00032626 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-01-04 16:45 - 2010-11-20 22:01 - 01470298 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-04 11:49 - 2014-10-18 12:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-01-04 11:49 - 2014-03-05 18:32 - 00002521 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-01-04 11:49 - 2011-10-04 12:25 - 00000000 ____D () C:\ProgramData\Skype
2014-12-30 11:25 - 2011-09-24 11:40 - 00000000 ____D () C:\Users\Dana\AppData\Roaming\ICQ
2014-12-28 15:18 - 2009-07-14 03:37 - 00000000 __RHD () C:\Users\Default
2014-12-28 15:18 - 2009-07-14 03:37 - 00000000 ___RD () C:\Users\Public
2014-12-28 11:42 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Globalization
2014-12-28 10:03 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Resources
2014-12-27 15:02 - 2012-09-19 17:50 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-27 12:01 - 2013-08-15 18:11 - 00000000 ____D () C:\Users\Dana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player
2014-12-27 11:18 - 2012-11-27 18:35 - 00000000 ____D () C:\ProgramData\AVG10
2014-12-27 11:16 - 2011-09-23 19:18 - 00000000 ____D () C:\ProgramData\MFAData
2014-12-27 11:06 - 2012-11-27 18:35 - 00000000 ____D () C:\Windows\system32\Drivers\AVG
2014-12-27 10:03 - 2011-10-04 12:26 - 00000000 ___RD () C:\Program Files\Skype
2014-12-11 19:57 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2014-12-10 21:16 - 2012-05-19 07:59 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-10 21:12 - 2013-08-15 20:54 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 21:06 - 2011-09-27 17:06 - 109818608 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-10 16:57 - 2012-05-20 07:17 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-12-10 16:57 - 2011-09-23 20:49 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2134114164-228554498-2970152826-1000Core.job => C:\Users\Dana\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2134114164-228554498-2970152826-1000UA.job => C:\Users\Dana\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2134114164-228554498-2970152826-1000Core.job => C:\Users\Dana\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2134114164-228554498-2970152826-1000UA.job => C:\Users\Dana\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4

==================== Security Center ==================

AV: ZoneAlarm Antivirus (Enabled - Up to date) {23B6D20A-C2DE-B3F5-C67D-07ECD854E6A9}
AS: ZoneAlarm Anti-Spyware (Enabled - Up to date) {98D733EE-E4E4-BC7B-FCCD-3C9EA3D3AC14}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Firewall (Enabled) {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Dana\Desktop" je 6 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Center Agent
C:\Program Files\Genius Multimedia\HyperMediaCenter\DTVR\Scheduled.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Family Tree Builder Update
C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#24 Příspěvek od **Márty84** » 07 led 2015 09:46

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\RunOnce: [AvgUninstallURL] => cmd.exe /c start http://www.avg.cz/cz.special-uninstalla ... VctUTRMWkc"&"inst=NzctMTU1NjMxNTk1Ny1TVDEyRk9JKzEtRERUKzAtRVVMQSsxLVNUMTJGQVBQKzEtRk (the data entry has 215 more characters).

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2134114164-228554498-2970152826-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

CHR HomePage: Default -> hxxp://search.babylon.com/?babsrc=HP_ss ... 6&tsp=4975
CHR StartupUrls: Default -> "hxxp://www.searchnu.com/406"

2014-12-27 11:18 - 2012-11-27 18:35 - 00000000 ____D () C:\ProgramData\AVG10
2014-12-27 11:06 - 2012-11-27 18:35 - 00000000 ____D () C:\Windows\system32\Drivers\AVG

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2134114164-228554498-2970152826-1000Core.job => C:\Users\Dana\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2134114164-228554498-2970152826-1000UA.job => C:\Users\Dana\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2134114164-228554498-2970152826-1000Core.job => C:\Users\Dana\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2134114164-228554498-2970152826-1000UA.job => C:\Users\Dana\AppData\Local\Google\Update\GoogleUpdate.exe

AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4

R2 vToolbarUpdater18.1.9;vToolbarUpdater18.1.9; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [2014-08-12 1820184]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10 267440]

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

rarach · #25 Příspěvek od **rarach** » 15 led 2015 12:13

O víkendu snad už bude log, řeším nadálku...

rarach · #26 Příspěvek od **rarach** » 15 led 2015 17:13

Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\RunOnce: [AvgUninstallURL] => cmd.exe /c start http://www.avg.cz/cz.special-uninstalla ... VctUTRMWkc"&"inst=NzctMTU1NjMxNTk1Ny1TVDEyRk9JKzEtRERUKzAtRVVMQSsxLVNUMTJGQVBQKzEtRk (the data entry has 215 more characters).

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2134114164-228554498-2970152826-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

CHR HomePage: Default -> hxxp://search.babylon.com/?babsrc=HP_ss ... 6&tsp=4975
CHR StartupUrls: Default -> "hxxp://www.searchnu.com/406"

2014-12-27 11:18 - 2012-11-27 18:35 - 00000000 ____D () C:\ProgramData\AVG10
2014-12-27 11:06 - 2012-11-27 18:35 - 00000000 ____D () C:\Windows\system32\Drivers\AVG

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2134114164-228554498-2970152826-1000Core.job => C:\Users\Dana\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2134114164-228554498-2970152826-1000UA.job => C:\Users\Dana\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2134114164-228554498-2970152826-1000Core.job => C:\Users\Dana\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2134114164-228554498-2970152826-1000UA.job => C:\Users\Dana\AppData\Local\Google\Update\GoogleUpdate.exe

AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4

R2 vToolbarUpdater18.1.9;vToolbarUpdater18.1.9; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [2014-08-12 1820184]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10 267440]

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\AvgUninstallURL => value deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-2134114164-228554498-2970152826-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
Chrome HomePage deleted successfully.
Chrome StartupUrls deleted successfully.
C:\ProgramData\AVG10 => Moved successfully.
C:\Windows\system32\Drivers\AVG => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2134114164-228554498-2970152826-1000Core.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2134114164-228554498-2970152826-1000UA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2134114164-228554498-2970152826-1000Core.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2134114164-228554498-2970152826-1000UA.job => Moved successfully.
C:\ProgramData\TEMP => ":0B4227B4" ADS removed successfully.
vToolbarUpdater18.1.9 => Service not found.
SkypeUpdate => Service not found.
AdobeFlashPlayerUpdateSvc => Service deleted successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 320.3 MB temporary data.

The system needed a reboot.

==== End of Fixlog 09:11:13 ====

#27 Příspěvek od **Márty84** » 15 led 2015 18:39

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

Prejmenujte ComboFix na Uninstall a spustte ho. CF by se mel odinstalovat.

vyosek píše: DelFix https://toolslib.net/downloads/finish/2/
Stahnete a spustte

Ponechte zatrzitkou pouze u volby Remote disinfection tools

Kliknete na Run

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.

Pak napiste, jak je na tom pc.

rarach · #28 Příspěvek od **rarach** » 21 led 2015 08:02

Ve startupu už nevidím to co předtím, podle zprávy majitele pc je pc rychlejší než dřív, snad tedy úspěch.
Co tomu bylo?
Děkuji Vám za pomoc!

#29 Příspěvek od **Márty84** » 21 led 2015 10:14

Byly tam brzdy, zbytecnosti a taky nejaka ta havet.

Nemate zac

Mejte se a treba zase nekdy

VIRY.CZ

Prosím o kontrolu Logu, Děkuji

Re: Prosím o kontrolu Logu, Děkuji

Re: Prosím o kontrolu Logu, Děkuji

Re: Prosím o kontrolu Logu, Děkuji

Re: Prosím o kontrolu Logu, Děkuji

Re: Prosím o kontrolu Logu, Děkuji

Re: Prosím o kontrolu Logu, Děkuji

Re: Prosím o kontrolu Logu, Děkuji

Re: Prosím o kontrolu Logu, Děkuji

Re: Prosím o kontrolu Logu, Děkuji

Re: Prosím o kontrolu Logu, Děkuji

Re: Prosím o kontrolu Logu, Děkuji

Re: Prosím o kontrolu Logu, Děkuji

Re: Prosím o kontrolu Logu, Děkuji

Re: Prosím o kontrolu Logu, Děkuji