VIRY.CZ

no vloz sem log,report.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Sorky at 2012-09-27 15:03:09
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 12 GB (3%) free of 477 GB
Total RAM: 3072 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:58:37, on 27.9.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Winamp\winampa.exe
C:\Users\Public\Conduit\ConduitHelper\ConduitHelper.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Users\Sorky\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Users\Sorky\AppData\Roaming\Realtek Semiconductor\Realtek HD Audio Manager\1.0.0.653\RAVCpl64.exe
C:\Users\Sorky\AppData\Local\Akamai\netsession_win.exe
C:\Users\Sorky\AppData\Local\Temp\jusched.exe
C:\Users\Sorky\AppData\Local\Temp\hamachi-2-ui.exe
C:\Users\Sorky\AppData\Local\Temp\Clownfish.exe
C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe
C:\Users\Sorky\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sorky\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sorky\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sorky\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sorky\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Sorky\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\Sorky\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.97\deploy\LoLLauncher.exe
C:\Users\Sorky\AppData\Local\Temp\PMB.exe
C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.204\deploy\LolClient.exe
C:\Users\Sorky\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sorky\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sorky\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Sorky\Desktop\RSIT.exe
C:\Program Files\trend micro\Sorky.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/#utm_source=icq&u ... um=centrum
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1:9421;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTor.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: uTorrentBar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTor.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTor.dll
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [ConduitHelper] "C:\Users\Public\Conduit\ConduitHelper\ConduitHelper.exe"
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Clownfish] "C:\Program Files\Clownfish\Clownfish.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Sorky\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ClubCooee] "C:\Users\Sorky\AppData\Local\ClubCooee\Program\cooee.exe" -rsw -autostart
O4 - HKCU\..\Run: [NCsoft Launcher] C:\Program Files\NCsoft\Launcher\NCLauncher.exe /Minimized
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [EvolveClient] "C:\Program Files\Echobit\Evolve\EvolveClient.exe" -autorun
O4 - HKCU\..\Run: [igfxtray Module] C:\Windows\igfxtray.exe
O4 - HKCU\..\Run: [RAVCpl64.exe] C:\Users\Sorky\AppData\Roaming\Realtek Semiconductor\Realtek HD Audio Manager\1.0.0.653\RAVCpl64.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
O4 - HKCU\..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: GamersFirst LIVE!.lnk = C:\Program Files\GamersFirst\LIVE!\Live.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\Sorky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - http://www.battlefieldheroes.com/static ... .127.0.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Unknown owner - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Evolve Service (EvoSvc) - Echobit LLC - C:\Program Files\Echobit\Evolve\EvoSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Folding@home-CPU-[1] - Unknown owner - C:\Folding@HomeCPU\1\Fah.exe
O23 - Service: Folding@home-CPU-[2] - Unknown owner - C:\Folding@HomeCPU\2\Fah.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files\Hi-Rez Studios\HiPatchService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: MBAMService - Unknown owner - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files\OpenVPN\bin\openvpnserv.exe
O23 - Service: Hitman: Blood Money Drivers Auto Removal (pr2apfeb) (pr2apfeb) - Cenega Czech - C:\Windows\system32\pr2apfeb.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files\Tunngle\TnglCtrl.exe

--
End of file - 11325 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-09-26 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-08-13 4120256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
uTorrentBar Toolbar - C:\Program Files\uTorrentBar\prxtbuTor.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-09-26 157672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2011-04-21 1000768]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-11-21 1054520]
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - uTorrentBar Toolbar - C:\Program Files\uTorrentBar\prxtbuTor.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 243776]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2011-07-11 74752]
"ConduitHelper"=C:\Users\Public\Conduit\ConduitHelper\ConduitHelper.exe [2011-08-31 274216]
"amd_dc_opt"=C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2012-01-13 497224]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2012-08-29 2032552]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 289200]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2012-07-18 348664]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"Clownfish"=C:\Program Files\Clownfish\Clownfish.exe [2011-12-23 1034240]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]
"Akamai NetSession Interface"=C:\Users\Sorky\AppData\Local\Akamai\netsession_win.exe [2012-08-10 4440896]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2009-07-14 8704]
"PlayNC Launcher"= []
"NCsoft Launcher"=C:\Program Files\NCsoft\Launcher\NCLauncher.exe [2012-03-18 30512]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2012-07-13 17418928]
"EvolveClient"=C:\Program Files\Echobit\Evolve\EvolveClient.exe [2012-07-21 2503192]
"Steam"=C:\Program Files\Steam\Steam.exe [2011-09-25 1278800]
"Speech Recognition"=C:\Windows\Speech\Common\sapisvr.exe [2009-07-14 51712]
"KPeerNexonEU"=C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe [2012-06-23 474624]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
GamersFirst LIVE!.lnk - C:\Program Files\GamersFirst\LIVE!\Live.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\51932742.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\51932742.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=2
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HideSCAHealth"=1
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"msacm.lhacm"=lhacm.acm
"VIDC.FPS1"=frapsvid.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"VIDC.VP80"=vp8vfw.dll
"vidc.mjpg"=bdmjpeg.dll
"vidc.mpeg"=bdmpegv.dll
"msacm.bdmpeg"=bdmpega.acm
"VIDC.WMV3"=wmv9vcm.dll
"msacm.vorbis"=vorbis.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.reg - open - "regedit.exe" "%1"

======List of files/folders created in the last 1 month======

2012-09-26 21:35:48 ----A---- C:\TDSSKiller.2.8.10.0_26.09.2012_21.35.48_log.txt
2012-09-26 21:32:05 ----D---- C:\TDSSKiller_Quarantine
2012-09-26 21:31:20 ----A---- C:\TDSSKiller.2.8.10.0_26.09.2012_21.31.20_log.txt
2012-09-26 14:52:05 ----D---- C:\rsit
2012-09-26 14:52:05 ----D---- C:\Program Files\trend micro
2012-09-26 14:31:26 ----A---- C:\Windows\system32\qdvd.dll
2012-09-26 14:17:19 ----HD---- C:\ProgramData\Common Files
2012-09-26 14:17:19 ----D---- C:\ProgramData\MFAData
2012-09-26 13:11:16 ----D---- C:\Program Files\Microsoft Virtual PC
2012-09-26 11:58:12 ----D---- C:\Users\Sorky\AppData\Roaming\Avira
2012-09-26 11:56:04 ----A---- C:\Windows\system32\drivers\ssmdrv.sys
2012-09-26 11:56:03 ----D---- C:\ProgramData\Avira
2012-09-26 11:56:03 ----A---- C:\Windows\system32\drivers\avkmgr.sys
2012-09-26 11:56:03 ----A---- C:\Windows\system32\drivers\avipbb.sys
2012-09-26 11:56:03 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2012-09-26 11:29:09 ----D---- C:\Users\Sorky\AppData\Roaming\.minecraft
2012-09-26 09:52:28 ----D---- C:\Program Files\MagicScore Music Software
2012-09-26 09:44:53 ----D---- C:\Program Files\Common Files\Java
2012-09-26 09:44:44 ----A---- C:\Windows\system32\javaws.exe
2012-09-26 09:44:32 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2012-09-26 08:38:49 ----D---- C:\Riot Games
2012-09-25 19:32:13 ----D---- C:\Users\Sorky\AppData\Roaming\.Nitrous
2012-09-25 15:37:32 ----D---- C:\Program Files\SystemRequirementsLab
2012-09-25 15:37:23 ----D---- C:\Users\Sorky\AppData\Roaming\SystemRequirementsLab
2012-09-25 11:14:21 ----D---- C:\Program Files\Tony Hawks Pro Skater HD
2012-09-24 17:20:01 ----D---- C:\Users\Sorky\AppData\Roaming\Need for Speed World
2012-09-24 16:44:58 ----D---- C:\ProgramData\Electronic Arts
2012-09-11 15:46:33 ----D---- C:\Program Files\I Am Alive
2012-09-07 19:39:00 ----D---- C:\Program Files\Guild Wars 2
2012-08-28 17:32:54 ----D---- C:\Program Files\call of duty 4

======List of files/folders modified in the last 1 month======

2012-09-27 15:02:56 ----D---- C:\ProgramData\PMB Files
2012-09-27 15:01:26 ----D---- C:\Users\Sorky\AppData\Roaming\Skype
2012-09-27 13:03:22 ----D---- C:\Windows\system32\drivers
2012-09-27 12:51:16 ----SHD---- C:\System Volume Information
2012-09-27 12:02:48 ----D---- C:\Windows\winsxs
2012-09-27 12:02:34 ----D---- C:\Windows\system32\catroot
2012-09-27 12:00:24 ----D---- C:\Windows\system32\catroot2
2012-09-27 11:59:11 ----D---- C:\Windows\system32\config
2012-09-27 09:29:37 ----D---- C:\Windows\Temp
2012-09-27 09:27:45 ----D---- C:\Users\Sorky\AppData\Roaming\ClubCooee
2012-09-27 09:26:49 ----D---- C:\Program Files\Common Files\Akamai
2012-09-26 21:34:32 ----DC---- C:\Windows\$NtUninstallKB13183$
2012-09-26 21:34:32 ----D---- C:\Windows\System32
2012-09-26 19:18:23 ----ASH---- C:\Windows\system32\dds_log_ad13.cmd
2012-09-26 14:52:05 ----RD---- C:\Program Files
2012-09-26 14:17:19 ----HD---- C:\ProgramData
2012-09-26 14:14:02 ----SHD---- C:\Windows\Installer
2012-09-26 13:14:55 ----D---- C:\Windows\inf
2012-09-26 13:14:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-09-26 13:12:48 ----SD---- C:\Users\Sorky\AppData\Roaming\Microsoft
2012-09-26 13:12:23 ----D---- C:\Windows\system32\DriverStore
2012-09-26 10:19:49 ----D---- C:\Users\Sorky\AppData\Roaming\Opera
2012-09-26 10:00:23 ----D---- C:\Users\Sorky\AppData\Roaming\Synthesia
2012-09-26 09:52:28 ----RSD---- C:\Windows\Fonts
2012-09-26 09:44:53 ----D---- C:\Program Files\Common Files
2012-09-26 09:44:23 ----A---- C:\Windows\system32\javaw.exe
2012-09-26 09:44:23 ----A---- C:\Windows\system32\java.exe
2012-09-26 09:44:22 ----A---- C:\Windows\system32\npDeployJava1.dll
2012-09-26 09:44:22 ----A---- C:\Windows\system32\deployJava1.dll
2012-09-26 09:44:20 ----D---- C:\Program Files\Java
2012-09-26 09:39:38 ----D---- C:\Windows\system32\Tasks
2012-09-26 08:38:48 ----HD---- C:\Program Files\InstallShield Installation Information
2012-09-25 11:14:13 ----D---- C:\Windows
2012-09-24 21:10:07 ----D---- C:\ProgramData\Skype
2012-09-24 21:08:42 ----D---- C:\Windows\Prefetch
2012-09-24 16:44:58 ----D---- C:\Program Files\Electronic Arts
2012-09-12 20:56:29 ----D---- C:\Users\Sorky\AppData\Roaming\uTorrent
2012-09-12 20:04:42 ----D---- C:\Program Files\uTorrent
2012-09-11 15:58:09 ----RSD---- C:\Windows\assembly
2012-09-04 21:40:10 ----D---- C:\Program Files\Diablo III
2012-08-30 20:43:38 ----D---- C:\Program Files\LogMeIn Hamachi
2012-08-28 17:38:44 ----A---- C:\Windows\game.ini
2012-08-28 16:20:48 ----D---- C:\ProgramData\Tunngle

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 pe3apfeb;Hitman: Blood Money Environment Driver (pe3apfeb); C:\Windows\system32\drivers\pe3apfeb.sys [2007-11-26 65160]
R0 ps7apfeb;Hitman: Blood Money Synchronization Driver (ps7apfeb); C:\Windows\system32\drivers\ps7apfeb.sys [2007-11-26 68752]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2012-07-18 137928]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2012-07-18 36000]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-09-25 232512]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
R1 vmm;Virtual Machine Monitor; \??\C:\Windows\system32\Drivers\vmm.sys [2007-02-18 232816]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2011-07-12 281760]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2012-07-18 83392]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2011-07-12 25888]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-04-20 7772160]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-04-20 243712]
R3 AmdLLD;AMD Low Level Device Driver; C:\Windows\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2011-12-10 20464]
R3 NVNET;NVIDIA nForce 10/100 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6232.sys [2010-08-12 298216]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
R3 SCREAMINGBDRIVER;Screaming Bee Audio; C:\Windows\system32\drivers\ScreamingBAudio.sys [2010-07-01 34896]
R3 skyrm;skyrm; C:\Windows\system32\DRIVERS\skyrm.sys [2010-04-29 2432]
R3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2011-07-01 26624]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 27136]
R3 teamviewervpn;TeamViewer VPN Adapter; C:\Windows\system32\DRIVERS\teamviewervpn.sys [2011-03-30 25088]
R3 VPCNetS2;Virtual Machine Network Services Driver; C:\Windows\system32\DRIVERS\VMNetSrv.sys [2007-01-29 59280]
R3 XENfiltv;XENfiltv; C:\Windows\system32\drivers\XENfiltv.sys [2009-07-31 17920]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-07-20 30312]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-04-20 7772160]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena Classic\safedrv.sys []
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-14 347264]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-07-20 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-07-20 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-07-20 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-07-20 114280]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 15872]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
S3 XDva391;XDva391; \??\C:\Windows\system32\XDva391.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Akamai;Akamai NetSession Interface; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-04-20 176128]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2012-07-18 86224]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [2010-05-20 286720]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2012-08-29 1385896]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; C:\Program Files\Hi-Rez Studios\HiPatchService.exe [2012-07-12 8704]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-11-21 247608]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-08-13 3064000]
R2 TeamViewer7;TeamViewer 7; C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe [2012-07-16 2673064]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 AntiVirService;Avira Realtime Protection; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2012-07-18 110032]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 DCamUSBGrandTek;Safety Settings Service; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 Folding@home-CPU-[1];Folding@home-CPU-[1]; C:\Folding@HomeCPU\1\Fah.exe [2011-07-12 423936]
S2 Folding@home-CPU-[2];Folding@home-CPU-[2]; C:\Folding@HomeCPU\2\Fah.exe [2011-07-12 423936]
S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
S2 PowerManager;Power Manager; C:\Windows\svchost.exe [2001-08-24 36352]
S2 pr2apfeb;Hitman: Blood Money Drivers Auto Removal (pr2apfeb); C:\Windows\system32\pr2apfeb.exe [2007-11-26 411016]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-03 197296]
S2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-09-20 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-09-20 81408]
S3 EvoSvc;Evolve Service; C:\Program Files\Echobit\Evolve\EvoSvc.exe [2012-07-21 1511448]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-11-10 655624]
S3 OpenVPNService;OpenVPN Service; C:\Program Files\OpenVPN\bin\openvpnserv.exe [2011-07-01 14848]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2009-07-16 316664]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 TunngleService;TunngleService; C:\Program Files\Tunngle\TnglCtrl.exe [2012-07-19 738152]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-06-18 1343400]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------
snad je to to spravne

ok,
Vloz sem aj obsah log z TDSSKILLER, pretoze navod si precital ale log si sem nepolozil, mas to na,

Správa je k dispozícii vo vašom koreňovom adresári (zvyčajne C:\ zložka) vo forme "TDSSKiller. _log.txt".

ten log tam nemam mam tam jen toto snad je to ono Logfile of random's system information tool 1.09 (written by random/random)
Run by Sorky at 2012-09-27 15:03:09
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 12 GB (3%) free of 477 GB
Total RAM: 3072 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:58:37, on 27.9.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Winamp\winampa.exe
C:\Users\Public\Conduit\ConduitHelper\ConduitHelper.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Users\Sorky\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Users\Sorky\AppData\Roaming\Realtek Semiconductor\Realtek HD Audio Manager\1.0.0.653\RAVCpl64.exe
C:\Users\Sorky\AppData\Local\Akamai\netsession_win.exe
C:\Users\Sorky\AppData\Local\Temp\jusched.exe
C:\Users\Sorky\AppData\Local\Temp\hamachi-2-ui.exe
C:\Users\Sorky\AppData\Local\Temp\Clownfish.exe
C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe
C:\Users\Sorky\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sorky\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sorky\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sorky\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sorky\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Sorky\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\Sorky\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.97\deploy\LoLLauncher.exe
C:\Users\Sorky\AppData\Local\Temp\PMB.exe
C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.204\deploy\LolClient.exe
C:\Users\Sorky\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sorky\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Sorky\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Sorky\Desktop\RSIT.exe
C:\Program Files\trend micro\Sorky.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/#utm_source=icq&u ... um=centrum
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1:9421;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTor.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: uTorrentBar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTor.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTor.dll
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [ConduitHelper] "C:\Users\Public\Conduit\ConduitHelper\ConduitHelper.exe"
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Clownfish] "C:\Program Files\Clownfish\Clownfish.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Sorky\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ClubCooee] "C:\Users\Sorky\AppData\Local\ClubCooee\Program\cooee.exe" -rsw -autostart
O4 - HKCU\..\Run: [NCsoft Launcher] C:\Program Files\NCsoft\Launcher\NCLauncher.exe /Minimized
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [EvolveClient] "C:\Program Files\Echobit\Evolve\EvolveClient.exe" -autorun
O4 - HKCU\..\Run: [igfxtray Module] C:\Windows\igfxtray.exe
O4 - HKCU\..\Run: [RAVCpl64.exe] C:\Users\Sorky\AppData\Roaming\Realtek Semiconductor\Realtek HD Audio Manager\1.0.0.653\RAVCpl64.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
O4 - HKCU\..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: GamersFirst LIVE!.lnk = C:\Program Files\GamersFirst\LIVE!\Live.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\Sorky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - http://www.battlefieldheroes.com/static ... .127.0.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Unknown owner - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Evolve Service (EvoSvc) - Echobit LLC - C:\Program Files\Echobit\Evolve\EvoSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Folding@home-CPU-[1] - Unknown owner - C:\Folding@HomeCPU\1\Fah.exe
O23 - Service: Folding@home-CPU-[2] - Unknown owner - C:\Folding@HomeCPU\2\Fah.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files\Hi-Rez Studios\HiPatchService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: MBAMService - Unknown owner - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files\OpenVPN\bin\openvpnserv.exe
O23 - Service: Hitman: Blood Money Drivers Auto Removal (pr2apfeb) (pr2apfeb) - Cenega Czech - C:\Windows\system32\pr2apfeb.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files\Tunngle\TnglCtrl.exe

--
End of file - 11325 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-09-26 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-08-13 4120256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
uTorrentBar Toolbar - C:\Program Files\uTorrentBar\prxtbuTor.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-09-26 157672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2011-04-21 1000768]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-11-21 1054520]
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - uTorrentBar Toolbar - C:\Program Files\uTorrentBar\prxtbuTor.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 243776]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2011-07-11 74752]
"ConduitHelper"=C:\Users\Public\Conduit\ConduitHelper\ConduitHelper.exe [2011-08-31 274216]
"amd_dc_opt"=C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2012-01-13 497224]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2012-08-29 2032552]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 289200]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2012-07-18 348664]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"Clownfish"=C:\Program Files\Clownfish\Clownfish.exe [2011-12-23 1034240]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]
"Akamai NetSession Interface"=C:\Users\Sorky\AppData\Local\Akamai\netsession_win.exe [2012-08-10 4440896]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2009-07-14 8704]
"PlayNC Launcher"= []
"NCsoft Launcher"=C:\Program Files\NCsoft\Launcher\NCLauncher.exe [2012-03-18 30512]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2012-07-13 17418928]
"EvolveClient"=C:\Program Files\Echobit\Evolve\EvolveClient.exe [2012-07-21 2503192]
"Steam"=C:\Program Files\Steam\Steam.exe [2011-09-25 1278800]
"Speech Recognition"=C:\Windows\Speech\Common\sapisvr.exe [2009-07-14 51712]
"KPeerNexonEU"=C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe [2012-06-23 474624]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
GamersFirst LIVE!.lnk - C:\Program Files\GamersFirst\LIVE!\Live.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\51932742.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\51932742.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=2
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HideSCAHealth"=1
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"msacm.lhacm"=lhacm.acm
"VIDC.FPS1"=frapsvid.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"VIDC.VP80"=vp8vfw.dll
"vidc.mjpg"=bdmjpeg.dll
"vidc.mpeg"=bdmpegv.dll
"msacm.bdmpeg"=bdmpega.acm
"VIDC.WMV3"=wmv9vcm.dll
"msacm.vorbis"=vorbis.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.reg - open - "regedit.exe" "%1"

======List of files/folders created in the last 1 month======

2012-09-26 21:35:48 ----A---- C:\TDSSKiller.2.8.10.0_26.09.2012_21.35.48_log.txt
2012-09-26 21:32:05 ----D---- C:\TDSSKiller_Quarantine
2012-09-26 21:31:20 ----A---- C:\TDSSKiller.2.8.10.0_26.09.2012_21.31.20_log.txt
2012-09-26 14:52:05 ----D---- C:\rsit
2012-09-26 14:52:05 ----D---- C:\Program Files\trend micro
2012-09-26 14:31:26 ----A---- C:\Windows\system32\qdvd.dll
2012-09-26 14:17:19 ----HD---- C:\ProgramData\Common Files
2012-09-26 14:17:19 ----D---- C:\ProgramData\MFAData
2012-09-26 13:11:16 ----D---- C:\Program Files\Microsoft Virtual PC
2012-09-26 11:58:12 ----D---- C:\Users\Sorky\AppData\Roaming\Avira
2012-09-26 11:56:04 ----A---- C:\Windows\system32\drivers\ssmdrv.sys
2012-09-26 11:56:03 ----D---- C:\ProgramData\Avira
2012-09-26 11:56:03 ----A---- C:\Windows\system32\drivers\avkmgr.sys
2012-09-26 11:56:03 ----A---- C:\Windows\system32\drivers\avipbb.sys
2012-09-26 11:56:03 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2012-09-26 11:29:09 ----D---- C:\Users\Sorky\AppData\Roaming\.minecraft
2012-09-26 09:52:28 ----D---- C:\Program Files\MagicScore Music Software
2012-09-26 09:44:53 ----D---- C:\Program Files\Common Files\Java
2012-09-26 09:44:44 ----A---- C:\Windows\system32\javaws.exe
2012-09-26 09:44:32 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2012-09-26 08:38:49 ----D---- C:\Riot Games
2012-09-25 19:32:13 ----D---- C:\Users\Sorky\AppData\Roaming\.Nitrous
2012-09-25 15:37:32 ----D---- C:\Program Files\SystemRequirementsLab
2012-09-25 15:37:23 ----D---- C:\Users\Sorky\AppData\Roaming\SystemRequirementsLab
2012-09-25 11:14:21 ----D---- C:\Program Files\Tony Hawks Pro Skater HD
2012-09-24 17:20:01 ----D---- C:\Users\Sorky\AppData\Roaming\Need for Speed World
2012-09-24 16:44:58 ----D---- C:\ProgramData\Electronic Arts
2012-09-11 15:46:33 ----D---- C:\Program Files\I Am Alive
2012-09-07 19:39:00 ----D---- C:\Program Files\Guild Wars 2
2012-08-28 17:32:54 ----D---- C:\Program Files\call of duty 4

======List of files/folders modified in the last 1 month======

2012-09-27 15:02:56 ----D---- C:\ProgramData\PMB Files
2012-09-27 15:01:26 ----D---- C:\Users\Sorky\AppData\Roaming\Skype
2012-09-27 13:03:22 ----D---- C:\Windows\system32\drivers
2012-09-27 12:51:16 ----SHD---- C:\System Volume Information
2012-09-27 12:02:48 ----D---- C:\Windows\winsxs
2012-09-27 12:02:34 ----D---- C:\Windows\system32\catroot
2012-09-27 12:00:24 ----D---- C:\Windows\system32\catroot2
2012-09-27 11:59:11 ----D---- C:\Windows\system32\config
2012-09-27 09:29:37 ----D---- C:\Windows\Temp
2012-09-27 09:27:45 ----D---- C:\Users\Sorky\AppData\Roaming\ClubCooee
2012-09-27 09:26:49 ----D---- C:\Program Files\Common Files\Akamai
2012-09-26 21:34:32 ----DC---- C:\Windows\$NtUninstallKB13183$
2012-09-26 21:34:32 ----D---- C:\Windows\System32
2012-09-26 19:18:23 ----ASH---- C:\Windows\system32\dds_log_ad13.cmd
2012-09-26 14:52:05 ----RD---- C:\Program Files
2012-09-26 14:17:19 ----HD---- C:\ProgramData
2012-09-26 14:14:02 ----SHD---- C:\Windows\Installer
2012-09-26 13:14:55 ----D---- C:\Windows\inf
2012-09-26 13:14:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-09-26 13:12:48 ----SD---- C:\Users\Sorky\AppData\Roaming\Microsoft
2012-09-26 13:12:23 ----D---- C:\Windows\system32\DriverStore
2012-09-26 10:19:49 ----D---- C:\Users\Sorky\AppData\Roaming\Opera
2012-09-26 10:00:23 ----D---- C:\Users\Sorky\AppData\Roaming\Synthesia
2012-09-26 09:52:28 ----RSD---- C:\Windows\Fonts
2012-09-26 09:44:53 ----D---- C:\Program Files\Common Files
2012-09-26 09:44:23 ----A---- C:\Windows\system32\javaw.exe
2012-09-26 09:44:23 ----A---- C:\Windows\system32\java.exe
2012-09-26 09:44:22 ----A---- C:\Windows\system32\npDeployJava1.dll
2012-09-26 09:44:22 ----A---- C:\Windows\system32\deployJava1.dll
2012-09-26 09:44:20 ----D---- C:\Program Files\Java
2012-09-26 09:39:38 ----D---- C:\Windows\system32\Tasks
2012-09-26 08:38:48 ----HD---- C:\Program Files\InstallShield Installation Information
2012-09-25 11:14:13 ----D---- C:\Windows
2012-09-24 21:10:07 ----D---- C:\ProgramData\Skype
2012-09-24 21:08:42 ----D---- C:\Windows\Prefetch
2012-09-24 16:44:58 ----D---- C:\Program Files\Electronic Arts
2012-09-12 20:56:29 ----D---- C:\Users\Sorky\AppData\Roaming\uTorrent
2012-09-12 20:04:42 ----D---- C:\Program Files\uTorrent
2012-09-11 15:58:09 ----RSD---- C:\Windows\assembly
2012-09-04 21:40:10 ----D---- C:\Program Files\Diablo III
2012-08-30 20:43:38 ----D---- C:\Program Files\LogMeIn Hamachi
2012-08-28 17:38:44 ----A---- C:\Windows\game.ini
2012-08-28 16:20:48 ----D---- C:\ProgramData\Tunngle

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 pe3apfeb;Hitman: Blood Money Environment Driver (pe3apfeb); C:\Windows\system32\drivers\pe3apfeb.sys [2007-11-26 65160]
R0 ps7apfeb;Hitman: Blood Money Synchronization Driver (ps7apfeb); C:\Windows\system32\drivers\ps7apfeb.sys [2007-11-26 68752]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2012-07-18 137928]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2012-07-18 36000]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-09-25 232512]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
R1 vmm;Virtual Machine Monitor; \??\C:\Windows\system32\Drivers\vmm.sys [2007-02-18 232816]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2011-07-12 281760]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2012-07-18 83392]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2011-07-12 25888]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-04-20 7772160]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-04-20 243712]
R3 AmdLLD;AMD Low Level Device Driver; C:\Windows\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2011-12-10 20464]
R3 NVNET;NVIDIA nForce 10/100 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6232.sys [2010-08-12 298216]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
R3 SCREAMINGBDRIVER;Screaming Bee Audio; C:\Windows\system32\drivers\ScreamingBAudio.sys [2010-07-01 34896]
R3 skyrm;skyrm; C:\Windows\system32\DRIVERS\skyrm.sys [2010-04-29 2432]
R3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2011-07-01 26624]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 27136]
R3 teamviewervpn;TeamViewer VPN Adapter; C:\Windows\system32\DRIVERS\teamviewervpn.sys [2011-03-30 25088]
R3 VPCNetS2;Virtual Machine Network Services Driver; C:\Windows\system32\DRIVERS\VMNetSrv.sys [2007-01-29 59280]
R3 XENfiltv;XENfiltv; C:\Windows\system32\drivers\XENfiltv.sys [2009-07-31 17920]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-07-20 30312]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-04-20 7772160]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena Classic\safedrv.sys []
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-14 347264]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-07-20 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-07-20 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-07-20 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-07-20 114280]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 15872]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
S3 XDva391;XDva391; \??\C:\Windows\system32\XDva391.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Akamai;Akamai NetSession Interface; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-04-20 176128]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2012-07-18 86224]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [2010-05-20 286720]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2012-08-29 1385896]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; C:\Program Files\Hi-Rez Studios\HiPatchService.exe [2012-07-12 8704]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-11-21 247608]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-08-13 3064000]
R2 TeamViewer7;TeamViewer 7; C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe [2012-07-16 2673064]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 AntiVirService;Avira Realtime Protection; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2012-07-18 110032]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 DCamUSBGrandTek;Safety Settings Service; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 Folding@home-CPU-[1];Folding@home-CPU-[1]; C:\Folding@HomeCPU\1\Fah.exe [2011-07-12 423936]
S2 Folding@home-CPU-[2];Folding@home-CPU-[2]; C:\Folding@HomeCPU\2\Fah.exe [2011-07-12 423936]
S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
S2 PowerManager;Power Manager; C:\Windows\svchost.exe [2001-08-24 36352]
S2 pr2apfeb;Hitman: Blood Money Drivers Auto Removal (pr2apfeb); C:\Windows\system32\pr2apfeb.exe [2007-11-26 411016]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-03 197296]
S2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-09-20 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-09-20 81408]
S3 EvoSvc;Evolve Service; C:\Program Files\Echobit\Evolve\EvoSvc.exe [2012-07-21 1511448]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-11-10 655624]
S3 OpenVPNService;OpenVPN Service; C:\Program Files\OpenVPN\bin\openvpnserv.exe [2011-07-01 14848]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2009-07-16 316664]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 TunngleService;TunngleService; C:\Program Files\Tunngle\TnglCtrl.exe [2012-07-19 738152]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-06-18 1343400]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

jedu na chatu takze ted to nemuzu resit dik ..

log z tdsskiller mas na C:\textovy document.

2012-09-26 21:35:48 ----A---- C:\TDSSKiller.2.8.10.0_26.09.2012_21.35.48_log.txt
2012-09-26 21:32:05 ----D---- C:\TDSSKiller_Quarantine
2012-09-26 21:31:20 ----A---- C:\TDSSKiller.2.8.10.0_26.09.2012_21.31.20_log.txt

Dokonca si spustil vcera vecer, ked uz si spal, takze vloz sem oba dva logy.txt

21:35:48.0593 3296 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
21:35:48.0827 3296 ============================================================
21:35:48.0827 3296 Current date / time: 2012/09/26 21:35:48.0827
21:35:48.0827 3296 SystemInfo:
21:35:48.0827 3296
21:35:48.0827 3296 OS Version: 6.1.7601 ServicePack: 1.0
21:35:48.0827 3296 Product type: Workstation
21:35:48.0827 3296 ComputerName: SORKY-PC
21:35:48.0827 3296 UserName: Sorky
21:35:48.0827 3296 Windows directory: C:\Windows
21:35:48.0827 3296 System windows directory: C:\Windows
21:35:48.0827 3296 Processor architecture: Intel x86
21:35:48.0827 3296 Number of processors: 2
21:35:48.0827 3296 Page size: 0x1000
21:35:48.0827 3296 Boot type: Normal boot
21:35:48.0827 3296 ============================================================
21:35:49.0888 3296 BG loaded
21:35:50.0371 3296 Drive \Device\Harddisk0\DR0 - Size: 0x7470AFDE00 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xFC59, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050
21:35:50.0402 3296 ============================================================
21:35:50.0402 3296 \Device\Harddisk0\DR0:
21:35:50.0418 3296 MBR partitions:
21:35:50.0418 3296 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A352000
21:35:50.0418 3296 ============================================================
21:35:50.0605 3296 C: <-> \Device\Harddisk0\DR0\Partition1
21:35:50.0605 3296 ============================================================
21:35:50.0605 3296 Initialize success
21:35:50.0605 3296 ============================================================
21:36:16.0224 3428 ============================================================
21:36:16.0224 3428 Scan started
21:36:16.0224 3428 Mode: Manual;
21:36:16.0224 3428 ============================================================
21:36:21.0243 3428 ================ Scan system memory ========================
21:36:21.0243 3428 System memory - ok
21:36:21.0244 3428 ================ Scan services =============================
21:36:25.0462 3428 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
21:36:25.0524 3428 1394ohci - ok
21:36:28.0059 3428 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:36:28.0080 3428 ACPI - ok
21:36:28.0138 3428 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:36:28.0149 3428 AcpiPmi - ok
21:36:28.0321 3428 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
21:36:28.0380 3428 adp94xx - ok
21:36:28.0468 3428 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\drivers\adpahci.sys
21:36:28.0478 3428 adpahci - ok
21:36:28.0628 3428 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
21:36:28.0650 3428 adpu320 - ok
21:36:28.0744 3428 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:36:28.0745 3428 AeLookupSvc - ok
21:36:28.0971 3428 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
21:36:28.0975 3428 AFD - ok
21:36:29.0075 3428 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
21:36:29.0131 3428 agp440 - ok
21:36:29.0222 3428 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
21:36:29.0224 3428 aic78xx - ok
21:36:31.0080 3428 [ 0923671CF87CD511E46D4668B53F5E76 ] Akamai c:\program files\common files\akamai/netsession_win_5891ae0.dll
21:36:31.0081 3428 Suspicious file (Hidden): c:\program files\common files\akamai/netsession_win_5891ae0.dll. md5: 0923671CF87CD511E46D4668B53F5E76
21:36:31.0091 3428 Akamai ( HiddenFile.Multi.Generic ) - warning
21:36:31.0091 3428 Akamai - detected HiddenFile.Multi.Generic (1)
21:36:31.0397 3428 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
21:36:31.0415 3428 ALG - ok
21:36:31.0494 3428 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
21:36:31.0539 3428 aliide - ok
21:36:31.0812 3428 [ 71AFA563FF023685E2E2CB8A6C448F3E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:36:31.0813 3428 AMD External Events Utility - ok
21:36:31.0891 3428 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
21:36:31.0919 3428 amdagp - ok
21:36:31.0993 3428 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
21:36:32.0009 3428 amdide - ok
21:36:32.0046 3428 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
21:36:32.0194 3428 AmdK8 - ok
21:36:35.0249 3428 [ F89643A2CA001B1162061E306F8BF267 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
21:36:35.0299 3428 amdkmdag - ok
21:36:35.0501 3428 [ FB68E1B9CEC598F0F69503F3AEBB45DD ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
21:36:35.0504 3428 amdkmdap - ok
21:36:35.0893 3428 [ AD8FA28D8ED0D0A689A0559085CE0F18 ] AmdLLD C:\Windows\system32\DRIVERS\AmdLLD.sys
21:36:35.0894 3428 AmdLLD - ok
21:36:36.0487 3428 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
21:36:36.0488 3428 AmdPPM - ok
21:36:36.0607 3428 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:36:36.0623 3428 amdsata - ok
21:36:36.0739 3428 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
21:36:36.0801 3428 amdsbs - ok
21:36:36.0920 3428 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:36:36.0964 3428 amdxata - ok
21:36:37.0098 3428 [ DD8D9C597AF7CD2F6B70A3D6A4A1ACEA ] androidusb C:\Windows\system32\Drivers\ssadadb.sys
21:36:37.0130 3428 androidusb - ok
21:36:37.0719 3428 [ 0A1CC583E8147004E4AD4625D7FBF88C ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
21:36:37.0721 3428 AntiVirSchedulerService - ok
21:36:37.0917 3428 [ C9A36EF935ACED86AEDF93E97E606911 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
21:36:37.0917 3428 Suspicious file (NoAccess): C:\Program Files\Avira\AntiVir Desktop\avguard.exe. md5: C9A36EF935ACED86AEDF93E97E606911
21:36:37.0918 3428 AntiVirService ( LockedFile.Multi.Generic ) - warning
21:36:37.0918 3428 AntiVirService - detected LockedFile.Multi.Generic (1)
21:36:38.0030 3428 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
21:36:38.0059 3428 AppID - ok
21:36:38.0118 3428 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:36:38.0129 3428 AppIDSvc - ok
21:36:38.0209 3428 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
21:36:38.0210 3428 Appinfo - ok
21:36:38.0290 3428 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
21:36:38.0307 3428 AppMgmt - ok
21:36:38.0406 3428 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\drivers\arc.sys
21:36:38.0437 3428 arc - ok
21:36:38.0465 3428 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\drivers\arcsas.sys
21:36:38.0486 3428 arcsas - ok
21:36:38.0949 3428 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
21:36:39.0143 3428 aspnet_state - ok
21:36:39.0219 3428 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:36:39.0277 3428 AsyncMac - ok
21:36:39.0342 3428 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
21:36:39.0363 3428 atapi - ok
21:36:40.0463 3428 [ F89643A2CA001B1162061E306F8BF267 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
21:36:40.0507 3428 atikmdag - ok
21:36:40.0735 3428 [ F0D933B42CD0594048E4D5200AE9E417 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
21:36:40.0738 3428 atksgt - ok
21:36:40.0927 3428 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:36:40.0932 3428 AudioEndpointBuilder - ok
21:36:40.0991 3428 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
21:36:40.0995 3428 Audiosrv - ok
21:36:41.0196 3428 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
21:36:41.0197 3428 avgntflt - ok
21:36:41.0595 3428 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
21:36:41.0597 3428 avipbb - ok
21:36:41.0830 3428 [ 53E56450DA16A1A7F0D002F511113F67 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
21:36:41.0831 3428 avkmgr - ok
21:36:41.0979 3428 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:36:42.0132 3428 AxInstSV - ok
21:36:42.0279 3428 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys
21:36:42.0397 3428 b06bdrv - ok
21:36:42.0714 3428 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
21:36:42.0781 3428 b57nd60x - ok
21:36:42.0938 3428 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
21:36:42.0952 3428 BDESVC - ok
21:36:43.0083 3428 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
21:36:43.0084 3428 Beep - ok
21:36:43.0518 3428 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
21:36:43.0523 3428 BFE - ok
21:36:43.0936 3428 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
21:36:43.0944 3428 BITS - ok
21:36:44.0580 3428 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:36:44.0581 3428 blbdrive - ok
21:36:44.0695 3428 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:36:44.0696 3428 bowser - ok
21:36:44.0991 3428 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
21:36:45.0224 3428 BrFiltLo - ok
21:36:45.0334 3428 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
21:36:45.0655 3428 BrFiltUp - ok
21:36:46.0323 3428 [ 6E11F33D14D020F58D5E02E4D67DFA19 ] Browser C:\Windows\System32\browser.dll
21:36:46.0325 3428 Browser - ok
21:36:47.0808 3428 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:36:47.0902 3428 Brserid - ok
21:36:47.0929 3428 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:36:47.0944 3428 BrSerWdm - ok
21:36:48.0028 3428 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:36:48.0218 3428 BrUsbMdm - ok
21:36:48.0278 3428 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:36:48.0343 3428 BrUsbSer - ok
21:36:48.0404 3428 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
21:36:48.0476 3428 BTHMODEM - ok
21:36:48.0590 3428 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
21:36:48.0620 3428 bthserv - ok
21:36:48.0809 3428 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:36:48.0838 3428 cdfs - ok
21:36:49.0075 3428 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:36:49.0076 3428 cdrom - ok
21:36:49.0263 3428 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
21:36:49.0265 3428 CertPropSvc - ok
21:36:49.0472 3428 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\drivers\circlass.sys
21:36:49.0584 3428 circlass - ok
21:36:49.0834 3428 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
21:36:49.0843 3428 CLFS - ok
21:36:51.0405 3428 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:36:51.0822 3428 clr_optimization_v2.0.50727_32 - ok
21:36:52.0734 3428 [ 1603F02FAC0C16DCF0EFA1A0DB93BBF0 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:36:53.0949 3428 clr_optimization_v4.0.30319_32 - ok
21:36:54.0148 3428 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
21:36:54.0244 3428 CmBatt - ok
21:36:54.0345 3428 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:36:54.0460 3428 cmdide - ok
21:36:54.0765 3428 [ 6427525D76F61D0C519B008D3680E8E7 ] CNG C:\Windows\system32\Drivers\cng.sys
21:36:54.0875 3428 CNG - ok
21:36:54.0974 3428 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\drivers\compbatt.sys
21:36:55.0086 3428 Compbatt - ok
21:36:55.0305 3428 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
21:36:55.0306 3428 CompositeBus - ok
21:36:55.0362 3428 COMSysApp - ok
21:36:55.0462 3428 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
21:36:55.0502 3428 crcdisk - ok
21:36:56.0102 3428 [ C8BD651E13895B93ED9EC5B4F1DF42BC ] Creative ALchemy AL6 Licensing Service C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
21:36:56.0172 3428 Creative ALchemy AL6 Licensing Service - ok
21:36:56.0982 3428 [ F4286774DA4C5D578F7631A89624C398 ] Creative Audio Engine Licensing Service C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
21:36:57.0172 3428 Creative Audio Engine Licensing Service - ok
21:36:57.0532 3428 [ A585BEBF7D054BD9618EDA0922D5484A ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:36:57.0532 3428 CryptSvc - ok
21:36:57.0782 3428 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
21:36:57.0792 3428 CSC - ok
21:36:58.0022 3428 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
21:36:58.0062 3428 CscService - ok
21:36:58.0942 3428 [ 11FDC34537C19E5AADF7DC5621CD38FE ] CTAudSvcService C:\Program Files\Creative\Shared Files\CTAudSvc.exe
21:36:58.0942 3428 CTAudSvcService - ok
21:36:59.0674 3428 DCamUSBGrandTek - ok
21:36:59.0944 3428 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
21:36:59.0954 3428 DcomLaunch - ok
21:37:00.0244 3428 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
21:37:00.0294 3428 defragsvc - ok
21:37:00.0424 3428 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:37:00.0424 3428 DfsC - ok
21:37:00.0654 3428 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
21:37:00.0654 3428 Dhcp - ok
21:37:00.0784 3428 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
21:37:00.0784 3428 discache - ok
21:37:00.0914 3428 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\drivers\disk.sys
21:37:01.0004 3428 Disk - ok
21:37:01.0164 3428 [ 2A958EF85DB1B61FFCA65044FA4BCE9E ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
21:37:01.0304 3428 dmvsc - ok
21:37:01.0494 3428 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:37:01.0494 3428 Dnscache - ok
21:37:01.0654 3428 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
21:37:01.0654 3428 dot3svc - ok
21:37:01.0754 3428 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
21:37:01.0764 3428 DPS - ok
21:37:01.0901 3428 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:37:01.0976 3428 drmkaud - ok
21:37:02.0166 3428 [ C0C7CECCB6C85994C2BC92D58E52D3F2 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
21:37:02.0166 3428 dtsoftbus01 - ok
21:37:02.0596 3428 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:37:02.0596 3428 DXGKrnl - ok
21:37:03.0586 3428 EagleXNt - ok
21:37:03.0696 3428 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
21:37:03.0776 3428 EapHost - ok
21:37:05.0766 3428 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\drivers\evbdx.sys
21:37:05.0956 3428 ebdrv - ok
21:37:06.0116 3428 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
21:37:06.0116 3428 EFS - ok
21:37:07.0026 3428 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:37:07.0196 3428 ehRecvr - ok
21:37:07.0336 3428 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
21:37:07.0366 3428 ehSched - ok
21:37:07.0686 3428 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\drivers\elxstor.sys
21:37:07.0746 3428 elxstor - ok
21:37:07.0786 3428 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:37:07.0816 3428 ErrDev - ok
21:37:08.0116 3428 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
21:37:08.0116 3428 EventSystem - ok
21:37:09.0198 3428 [ 4416CEF0C4E872F02D4D4D67AE42C9C4 ] EvoSvc C:\Program Files\Echobit\Evolve\EvoSvc.exe
21:37:09.0411 3428 EvoSvc - ok
21:37:09.0563 3428 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
21:37:09.0793 3428 exfat - ok
21:37:09.0923 3428 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:37:09.0980 3428 fastfat - ok
21:37:10.0278 3428 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
21:37:10.0314 3428 Fax - ok
21:37:10.0808 3428 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
21:37:10.0809 3428 fdc - ok
21:37:10.0943 3428 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
21:37:10.0945 3428 fdPHost - ok
21:37:11.0081 3428 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
21:37:11.0104 3428 FDResPub - ok
21:37:11.0157 3428 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:37:11.0225 3428 FileInfo - ok
21:37:11.0241 3428 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:37:11.0250 3428 Filetrace - ok
21:37:12.0298 3428 [ BD79E85E099412039485864506116123 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
21:37:12.0507 3428 FLEXnet Licensing Service - ok
21:37:12.0640 3428 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
21:37:12.0641 3428 flpydisk - ok
21:37:12.0775 3428 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:37:12.0777 3428 FltMgr - ok
21:37:13.0087 3428 Folding@home-CPU-[1] - ok
21:37:13.0354 3428 Folding@home-CPU-[2] - ok
21:37:13.0880 3428 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
21:37:13.0887 3428 FontCache - ok
21:37:14.0207 3428 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:37:14.0577 3428 FontCache3.0.0.0 - ok
21:37:14.0717 3428 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:37:14.0747 3428 FsDepends - ok
21:37:14.0787 3428 [ A574B4360E438977038AAE4BF60D79A2 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:37:14.0797 3428 Fs_Rec - ok
21:37:15.0237 3428 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:37:15.0357 3428 fvevol - ok
21:37:15.0677 3428 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
21:37:15.0817 3428 gagp30kx - ok
21:37:16.0667 3428 GGSAFERDriver - ok
21:37:17.0127 3428 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
21:37:17.0127 3428 gpsvc - ok
21:37:17.0237 3428 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
21:37:17.0237 3428 hamachi - ok
21:37:18.0439 3428 [ DA1B48FDE74125128D0D846A3701D344 ] Hamachi2Svc C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
21:37:18.0449 3428 Hamachi2Svc - ok
21:37:18.0629 3428 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:37:18.0669 3428 hcw85cir - ok
21:37:19.0019 3428 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:37:19.0029 3428 HdAudAddService - ok
21:37:19.0079 3428 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
21:37:19.0079 3428 HDAudBus - ok
21:37:19.0179 3428 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
21:37:19.0239 3428 HidBatt - ok
21:37:19.0309 3428 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\drivers\hidbth.sys
21:37:19.0319 3428 HidBth - ok
21:37:19.0559 3428 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\drivers\hidir.sys
21:37:19.0569 3428 HidIr - ok
21:37:19.0659 3428 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
21:37:19.0669 3428 hidserv - ok
21:37:19.0859 3428 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:37:19.0859 3428 HidUsb - ok
21:37:20.0231 3428 [ 8D1F00F4254C3EF428B715484940427C ] HiPatchService C:\Program Files\Hi-Rez Studios\HiPatchService.exe
21:37:20.0231 3428 HiPatchService - ok
21:37:20.0456 3428 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:37:20.0623 3428 hkmsvc - ok
21:37:20.0823 3428 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:37:20.0833 3428 HomeGroupListener - ok
21:37:21.0033 3428 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:37:21.0033 3428 HomeGroupProvider - ok
21:37:21.0205 3428 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:37:21.0245 3428 HpSAMD - ok
21:37:21.0385 3428 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:37:21.0385 3428 HTTP - ok
21:37:21.0475 3428 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:37:21.0505 3428 hwpolicy - ok
21:37:21.0625 3428 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
21:37:21.0645 3428 i8042prt - ok
21:37:21.0945 3428 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:37:22.0175 3428 iaStorV - ok
21:37:23.0075 3428 [ 2D5AF95580F49E5E1FFEEFC977EA7B78 ] ICQ Service C:\Program Files\ICQ6Toolbar\ICQ Service.exe
21:37:23.0075 3428 ICQ Service - ok
21:37:23.0875 3428 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:37:24.0325 3428 idsvc - ok
21:37:24.0595 3428 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\drivers\iirsp.sys
21:37:25.0545 3428 iirsp - ok
21:37:26.0365 3428 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
21:37:26.0585 3428 IKEEXT - ok
21:37:26.0645 3428 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
21:37:26.0685 3428 intelide - ok
21:37:26.0855 3428 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\drivers\intelppm.sys
21:37:26.0915 3428 intelppm - ok
21:37:27.0015 3428 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:37:27.0095 3428 IPBusEnum - ok
21:37:27.0165 3428 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:37:27.0235 3428 IpFilterDriver - ok
21:37:27.0845 3428 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:37:27.0855 3428 iphlpsvc - ok
21:37:27.0975 3428 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:37:27.0985 3428 IPMIDRV - ok
21:37:28.0025 3428 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:37:28.0035 3428 IPNAT - ok
21:37:28.0115 3428 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:37:28.0145 3428 IRENUM - ok
21:37:28.0225 3428 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:37:28.0295 3428 isapnp - ok
21:37:28.0555 3428 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:37:28.0595 3428 iScsiPrt - ok
21:37:28.0885 3428 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:37:28.0885 3428 kbdclass - ok
21:37:28.0925 3428 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:37:28.0925 3428 kbdhid - ok
21:37:28.0995 3428 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
21:37:28.0995 3428 KeyIso - ok
21:37:29.0055 3428 [ F4647BB23DB9038A7536CF6B68F4207F ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:37:29.0105 3428 KSecDD - ok
21:37:29.0235 3428 [ E73CAE53BBB72BA26918492C6B4C229D ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:37:29.0295 3428 KSecPkg - ok
21:37:29.0475 3428 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
21:37:29.0585 3428 KtmRm - ok
21:37:29.0795 3428 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
21:37:29.0805 3428 LanmanServer - ok
21:37:29.0935 3428 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:37:29.0945 3428 LanmanWorkstation - ok
21:37:30.0175 3428 [ F8A7212D0864EF5E9185FB95E6623F4D ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
21:37:30.0175 3428 lirsgt - ok
21:37:30.0355 3428 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:37:30.0355 3428 lltdio - ok
21:37:30.0555 3428 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:37:30.0615 3428 lltdsvc - ok
21:37:30.0655 3428 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
21:37:30.0665 3428 lmhosts - ok
21:37:30.0745 3428 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
21:37:30.0755 3428 LSI_FC - ok
21:37:30.0925 3428 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
21:37:30.0985 3428 LSI_SAS - ok
21:37:31.0095 3428 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
21:37:31.0095 3428 LSI_SAS2 - ok
21:37:31.0125 3428 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
21:37:31.0135 3428 LSI_SCSI - ok
21:37:31.0165 3428 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
21:37:31.0165 3428 luafv - ok
21:37:31.0437 3428 [ B7CA8CC3F978201856B6AB82F40953C3 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
21:37:35.0199 3428 MBAMProtector - ok
21:37:35.0799 3428 [ 056B19651BD7B7CE5F89A3AC46DBDC08 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
21:37:35.0809 3428 Suspicious file (NoAccess): C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe. md5: 056B19651BD7B7CE5F89A3AC46DBDC08
21:37:35.0809 3428 MBAMService ( LockedFile.Multi.Generic ) - warning
21:37:35.0809 3428 MBAMService - detected LockedFile.Multi.Generic (1)
21:37:35.0859 3428 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:37:35.0859 3428 Mcx2Svc - ok
21:37:35.0899 3428 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\drivers\megasas.sys
21:37:35.0919 3428 megasas - ok
21:37:35.0979 3428 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
21:37:36.0009 3428 MegaSR - ok
21:37:36.0089 3428 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
21:37:36.0089 3428 MMCSS - ok
21:37:36.0119 3428 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
21:37:36.0159 3428 Modem - ok
21:37:36.0249 3428 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:37:36.0249 3428 monitor - ok
21:37:36.0359 3428 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:37:36.0359 3428 mouclass - ok
21:37:36.0439 3428 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:37:36.0439 3428 mouhid - ok
21:37:36.0449 3428 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:37:36.0459 3428 mountmgr - ok
21:37:36.0609 3428 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
21:37:36.0619 3428 mpio - ok
21:37:36.0679 3428 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:37:36.0679 3428 mpsdrv - ok
21:37:36.0849 3428 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:37:36.0859 3428 MpsSvc - ok
21:37:36.0889 3428 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:37:36.0899 3428 MRxDAV - ok
21:37:36.0959 3428 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:37:36.0959 3428 mrxsmb - ok
21:37:37.0119 3428 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:37:37.0119 3428 mrxsmb10 - ok
21:37:37.0179 3428 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:37:37.0179 3428 mrxsmb20 - ok
21:37:37.0219 3428 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
21:37:37.0239 3428 msahci - ok
21:37:37.0269 3428 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:37:37.0269 3428 msdsm - ok
21:37:37.0319 3428 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
21:37:37.0359 3428 MSDTC - ok
21:37:37.0541 3428 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:37:37.0551 3428 Msfs - ok
21:37:37.0571 3428 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:37:37.0601 3428 mshidkmdf - ok
21:37:37.0631 3428 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:37:37.0691 3428 msisadrv - ok
21:37:37.0841 3428 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:37:37.0881 3428 MSiSCSI - ok
21:37:37.0891 3428 msiserver - ok
21:37:37.0961 3428 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:37:37.0961 3428 MSKSSRV - ok
21:37:38.0021 3428 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:37:38.0021 3428 MSPCLOCK - ok
21:37:38.0141 3428 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:37:38.0161 3428 MSPQM - ok
21:37:38.0211 3428 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:37:38.0241 3428 MsRPC - ok
21:37:38.0351 3428 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
21:37:38.0351 3428 mssmbios - ok
21:37:38.0501 3428 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:37:38.0511 3428 MSTEE - ok
21:37:38.0631 3428 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
21:37:38.0631 3428 MTConfig - ok
21:37:38.0681 3428 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
21:37:38.0691 3428 Mup - ok
21:37:38.0791 3428 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
21:37:38.0801 3428 napagent - ok
21:37:38.0991 3428 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:37:39.0071 3428 NativeWifiP - ok
21:37:39.0321 3428 [ E7C54812A2AAF43316EB6930C1FFA108 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:37:39.0381 3428 NDIS - ok
21:37:39.0501 3428 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:37:39.0511 3428 NdisCap - ok
21:37:39.0561 3428 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:37:39.0561 3428 NdisTapi - ok
21:37:39.0661 3428 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:37:39.0681 3428 Ndisuio - ok
21:37:39.0691 3428 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:37:39.0701 3428 NdisWan - ok
21:37:39.0831 3428 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:37:39.0831 3428 NDProxy - ok
21:37:39.0921 3428 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:37:39.0921 3428 NetBIOS - ok
21:37:40.0061 3428 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:37:40.0061 3428 NetBT - ok
21:37:40.0091 3428 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
21:37:40.0101 3428 Netlogon - ok
21:37:40.0561 3428 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
21:37:40.0561 3428 Netman - ok
21:37:40.0731 3428 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:37:40.0771 3428 NetMsmqActivator - ok
21:37:40.0881 3428 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:37:40.0881 3428 NetPipeActivator - ok
21:37:40.0971 3428 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
21:37:40.0981 3428 netprofm - ok
21:37:40.0991 3428 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:37:40.0991 3428 NetTcpActivator - ok
21:37:41.0023 3428 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:37:41.0024 3428 NetTcpPortSharing - ok
21:37:41.0193 3428 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
21:37:41.0203 3428 nfrd960 - ok
21:37:41.0283 3428 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:37:41.0293 3428 NlaSvc - ok
21:37:41.0333 3428 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:37:41.0333 3428 Npfs - ok
21:37:41.0553 3428 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
21:37:41.0553 3428 nsi - ok
21:37:41.0693 3428 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:37:41.0693 3428 nsiproxy - ok
21:37:41.0983 3428 [ 81189C3D7763838E55C397759D49007A ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:37:42.0023 3428 Ntfs - ok
21:37:42.0093 3428 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
21:37:42.0093 3428 Null - ok
21:37:42.0213 3428 [ B5E37E31C053BC9950455A257526514B ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x32.sys
21:37:42.0243 3428 NVENETFD - ok
21:37:42.0343 3428 [ 1DE923088878B495CD4219E47BA34EB8 ] NVNET C:\Windows\system32\DRIVERS\nvmf6232.sys
21:37:42.0353 3428 NVNET - ok
21:37:42.0443 3428 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:37:42.0453 3428 nvraid - ok
21:37:42.0513 3428 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:37:42.0513 3428 nvstor - ok
21:37:42.0603 3428 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:37:42.0633 3428 nv_agp - ok
21:37:42.0683 3428 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:37:42.0703 3428 ohci1394 - ok
21:37:42.0953 3428 [ D29D5E61A5722630BB58940D1E4E231A ] OpenVPNService C:\Program Files\OpenVPN\bin\openvpnserv.exe
21:37:42.0993 3428 OpenVPNService - ok
21:37:43.0093 3428 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:37:43.0113 3428 p2pimsvc - ok
21:37:43.0233 3428 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
21:37:43.0253 3428 p2psvc - ok
21:37:43.0303 3428 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
21:37:43.0303 3428 Parport - ok
21:37:43.0333 3428 [ BF8F6AF06DA75B336F07E23AEF97D93B ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:37:43.0373 3428 partmgr - ok
21:37:43.0393 3428 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
21:37:43.0393 3428 Parvdm - ok
21:37:43.0493 3428 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:37:43.0513 3428 PcaSvc - ok
21:37:43.0573 3428 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
21:37:43.0583 3428 pci - ok
21:37:43.0603 3428 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
21:37:43.0613 3428 pciide - ok
21:37:43.0643 3428 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
21:37:43.0673 3428 pcmcia - ok
21:37:43.0683 3428 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
21:37:43.0683 3428 pcw - ok
21:37:43.0773 3428 [ E80C2056214C33E06B7BB39FD2C7D4AB ] pe3apfeb C:\Windows\system32\drivers\pe3apfeb.sys
21:37:43.0783 3428 pe3apfeb - ok
21:37:44.0053 3428 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:37:44.0063 3428 PEAUTH - ok
21:37:44.0333 3428 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
21:37:44.0403 3428 PeerDistSvc - ok
21:37:44.0683 3428 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
21:37:44.0733 3428 pla - ok
21:37:44.0793 3428 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:37:44.0803 3428 PlugPlay - ok
21:37:44.0873 3428 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:37:44.0893 3428 PNRPAutoReg - ok
21:37:44.0943 3428 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:37:44.0943 3428 PNRPsvc - ok
21:37:44.0983 3428 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:37:44.0993 3428 PolicyAgent - ok
21:37:45.0313 3428 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
21:37:45.0313 3428 Power - ok
21:37:45.0463 3428 [ 9E3C13B6556D5636B745D3E466D47467 ] PowerManager C:\Windows\svchost.exe
21:37:45.0473 3428 PowerManager - ok
21:37:45.0523 3428 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:37:45.0533 3428 PptpMiniport - ok
21:37:45.0573 3428 pr2apfeb - ok
21:37:45.0593 3428 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\drivers\processr.sys
21:37:45.0623 3428 Processor - ok
21:37:45.0663 3428 [ 43CA4CCC22D52FB58E8988F0198851D0 ] ProfSvc C:\Windows\system32\profsvc.dll
21:37:45.0673 3428 ProfSvc - ok
21:37:45.0713 3428 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:37:45.0713 3428 ProtectedStorage - ok
21:37:45.0733 3428 [ 782C2618294F03380BAAE918B334E504 ] ps7apfeb C:\Windows\system32\drivers\ps7apfeb.sys
21:37:45.0753 3428 ps7apfeb - ok
21:37:45.0843 3428 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:37:45.0843 3428 Psched - ok
21:37:45.0943 3428 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
21:37:45.0993 3428 ql2300 - ok
21:37:46.0073 3428 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
21:37:46.0083 3428 ql40xx - ok
21:37:46.0113 3428 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
21:37:46.0123 3428 QWAVE - ok
21:37:46.0153 3428 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:37:46.0163 3428 QWAVEdrv - ok
21:37:46.0183 3428 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:37:46.0203 3428 RasAcd - ok
21:37:46.0313 3428 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:37:46.0313 3428 RasAgileVpn - ok
21:37:46.0363 3428 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
21:37:46.0403 3428 RasAuto - ok
21:37:46.0453 3428 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:37:46.0453 3428 Rasl2tp - ok
21:37:46.0533 3428 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
21:37:46.0563 3428 RasMan - ok
21:37:46.0613 3428 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:37:46.0613 3428 RasPppoe - ok
21:37:46.0683 3428 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:37:46.0683 3428 RasSstp - ok
21:37:46.0743 3428 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:37:46.0743 3428 rdbss - ok
21:37:46.0763 3428 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
21:37:46.0763 3428 rdpbus - ok
21:37:46.0803 3428 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:37:46.0803 3428 RDPCDD - ok
21:37:46.0873 3428 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
21:37:46.0883 3428 RDPDR - ok
21:37:46.0933 3428 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:37:46.0933 3428 RDPENCDD - ok
21:37:46.0993 3428 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:37:46.0993 3428 RDPREFMP - ok
21:37:47.0013 3428 [ 288B06960D78428FF89E811632684E20 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:37:47.0013 3428 RDPWD - ok
21:37:47.0053 3428 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:37:47.0053 3428 rdyboost - ok
21:37:47.0113 3428 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
21:37:47.0143 3428 RemoteAccess - ok
21:37:47.0203 3428 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:37:47.0213 3428 RemoteRegistry - ok
21:37:47.0283 3428 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:37:47.0283 3428 RpcEptMapper - ok
21:37:47.0313 3428 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
21:37:47.0323 3428 RpcLocator - ok
21:37:47.0383 3428 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
21:37:47.0393 3428 RpcSs - ok
21:37:47.0433 3428 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:37:47.0433 3428 rspndr - ok
21:37:47.0473 3428 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
21:37:47.0513 3428 s3cap - ok
21:37:47.0543 3428 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
21:37:47.0553 3428 SamSs - ok
21:37:47.0613 3428 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:37:47.0623 3428 sbp2port - ok
21:37:47.0693 3428 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:37:47.0713 3428 SCardSvr - ok
21:37:47.0763 3428 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:37:47.0763 3428 scfilter - ok
21:37:47.0883 3428 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
21:37:47.0893 3428 Schedule - ok
21:37:47.0913 3428 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
21:37:47.0913 3428 SCPolicySvc - ok
21:37:48.0025 3428 [ A689D522EEDF89401E1DA2FE883AA7EC ] SCREAMINGBDRIVER C:\Windows\system32\drivers\ScreamingBAudio.sys
21:37:48.0025 3428 SCREAMINGBDRIVER - ok
21:37:48.0085 3428 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:37:48.0095 3428 SDRSVC - ok
21:37:48.0165 3428 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:37:48.0165 3428 secdrv - ok
21:37:48.0205 3428 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
21:37:48.0225 3428 seclogon - ok
21:37:48.0245 3428 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
21:37:48.0245 3428 SENS - ok
21:37:48.0285 3428 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:37:48.0295 3428 SensrSvc - ok
21:37:48.0335 3428 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
21:37:48.0335 3428 Serenum - ok
21:37:48.0375 3428 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
21:37:48.0375 3428 Serial - ok
21:37:48.0435 3428 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\drivers\sermouse.sys
21:37:48.0455 3428 sermouse - ok
21:37:48.0515 3428 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
21:37:48.0515 3428 SessionEnv - ok
21:37:48.0565 3428 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:37:48.0595 3428 sffdisk - ok
21:37:48.0655 3428 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:37:48.0665 3428 sffp_mmc - ok
21:37:48.0765 3428 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:37:48.0795 3428 sffp_sd - ok
21:37:48.0835 3428 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
21:37:48.0835 3428 sfloppy - ok
21:37:48.0985 3428 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:37:48.0995 3428 SharedAccess - ok
21:37:49.0105 3428 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:37:49.0105 3428 ShellHWDetection - ok
21:37:49.0155 3428 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
21:37:49.0155 3428 sisagp - ok
21:37:49.0235 3428 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
21:37:49.0255 3428 SiSRaid2 - ok
21:37:49.0315 3428 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
21:37:49.0375 3428 SiSRaid4 - ok
21:37:50.0319 3428 [ 753D254205E0A62100A050BD8B458D06 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
21:37:50.0339 3428 Skype C2C Service - ok
21:37:50.0621 3428 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
21:37:50.0621 3428 SkypeUpdate - ok
21:37:50.0861 3428 [ 9BE51ECE8BA86FAAD487C694FE0F00CA ] skyrm C:\Windows\system32\DRIVERS\skyrm.sys
21:37:50.0861 3428 skyrm - ok
21:37:50.0911 3428 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:37:50.0941 3428 Smb - ok
21:37:51.0081 3428 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:37:51.0081 3428 SNMPTRAP - ok
21:37:51.0121 3428 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
21:37:51.0151 3428 spldr - ok
21:37:51.0261 3428 [ 866A43013535DC8587C258E43579C764 ] Spooler C:\Windows\System32\spoolsv.exe
21:37:51.0261 3428 Spooler - ok
21:37:51.0981 3428 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
21:37:52.0041 3428 sppsvc - ok
21:37:52.0141 3428 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:37:52.0161 3428 sppuinotify - ok
21:37:52.0271 3428 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
21:37:52.0301 3428 srv - ok
21:37:52.0371 3428 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:37:52.0371 3428 srv2 - ok
21:37:52.0451 3428 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:37:52.0451 3428 srvnet - ok
21:37:52.0501 3428 [ 64E44ACD8C238FCBBB78F0BA4BDC4B05 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
21:37:52.0531 3428 ssadbus - ok
21:37:52.0591 3428 [ BB2C84A15C765DA89FD832B0E73F26CE ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
21:37:52.0611 3428 ssadmdfl - ok
21:37:52.0711 3428 [ 6D0D132DDC6F43EDA00DCED6D8B1CA31 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
21:37:52.0781 3428 ssadmdm - ok
21:37:52.0851 3428 [ 1A5A397BC459F346AB56492B61EF79F6 ] ssadserd C:\Windows\system32\DRIVERS\ssadserd.sys
21:37:52.0921 3428 ssadserd - ok
21:37:53.0001 3428 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:37:53.0011 3428 SSDPSRV - ok
21:37:53.0151 3428 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
21:37:53.0151 3428 ssmdrv - ok
21:37:53.0221 3428 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:37:53.0231 3428 SstpSvc - ok
21:37:53.0451 3428 Steam Client Service - ok
21:37:53.0491 3428 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\drivers\stexstor.sys
21:37:53.0511 3428 stexstor - ok
21:37:53.0651 3428 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
21:37:53.0661 3428 StiSvc - ok
21:37:53.0761 3428 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
21:37:53.0781 3428 storflt - ok
21:37:53.0871 3428 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll
21:37:53.0881 3428 StorSvc - ok
21:37:53.0991 3428 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
21:37:54.0011 3428 storvsc - ok
21:37:54.0061 3428 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
21:37:54.0061 3428 swenum - ok
21:37:54.0131 3428 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
21:37:54.0141 3428 swprv - ok
21:37:54.0301 3428 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
21:37:54.0331 3428 SysMain - ok
21:37:54.0371 3428 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:37:54.0371 3428 TabletInputService - ok
21:37:54.0491 3428 [ 98A1E6BC9F766B0B0A5BF00AF847EF20 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
21:37:54.0501 3428 tap0901 - ok
21:37:54.0591 3428 [ B7AEE68D2E867CBF69B649B18FCEDBBB ] tap0901t C:\Windows\system32\DRIVERS\tap0901t.sys
21:37:54.0591 3428 tap0901t - ok
21:37:54.0661 3428 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
21:37:54.0661 3428 TapiSrv - ok
21:37:54.0721 3428 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
21:37:54.0721 3428 TBS - ok
21:37:54.0911 3428 [ 65D10B191C59C5501A1263FC33F6894B ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:37:54.0961 3428 Tcpip - ok
21:37:55.0081 3428 [ 65D10B191C59C5501A1263FC33F6894B ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:37:55.0091 3428 TCPIP6 - ok
21:37:55.0141 3428 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:37:55.0141 3428 tcpipreg - ok
21:37:55.0171 3428 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:37:55.0191 3428 TDPIPE - ok
21:37:55.0211 3428 [ 2C10395BAA4847F83042813C515CC289 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:37:55.0221 3428 TDTCP - ok
21:37:55.0231 3428 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:37:55.0231 3428 tdx - ok
21:37:56.0191 3428 [ 2BBB318EA9F34FDC508CEA4AAB98D770 ] TeamViewer7 C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
21:37:56.0241 3428 TeamViewer7 - ok
21:37:56.0303 3428 [ 9101FFFCFCCD1A30E870A5B8A9091B10 ] teamviewervpn C:\Windows\system32\DRIVERS\teamviewervpn.sys
21:37:56.0323 3428 teamviewervpn - ok
21:37:56.0353 3428 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
21:37:56.0363 3428 TermDD - ok
21:37:56.0653 3428 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
21:37:56.0673 3428 TermService - ok
21:37:56.0703 3428 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
21:37:56.0703 3428 Themes - ok
21:37:56.0733 3428 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
21:37:56.0733 3428 THREADORDER - ok
21:37:56.0803 3428 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
21:37:56.0813 3428 TrkWks - ok
21:37:56.0983 3428 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:37:57.0013 3428 TrustedInstaller - ok
21:37:57.0063 3428 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:37:57.0063 3428 tssecsrv - ok
21:37:57.0133 3428 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:37:57.0133 3428 TsUsbFlt - ok
21:37:57.0193 3428 [ 01246F0BAAD7B68EC0F472AA41E33282 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
21:37:57.0233 3428 TsUsbGD - ok
21:37:57.0283 3428 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:37:57.0283 3428 tunnel - ok
21:37:57.0793 3428 [ 3DB1CE045A552161EF7252988752C65F ] TunngleService C:\Program Files\Tunngle\TnglCtrl.exe
21:37:57.0833 3428 TunngleService - ok
21:37:57.0893 3428 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\drivers\uagp35.sys
21:37:57.0903 3428 uagp35 - ok
21:37:57.0963 3428 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:37:57.0973 3428 udfs - ok
21:37:58.0023 3428 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:37:58.0033 3428 UI0Detect - ok
21:37:58.0063 3428 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:37:58.0073 3428 uliagpkx - ok
21:37:58.0143 3428 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
21:37:58.0143 3428 umbus - ok
21:37:58.0223 3428 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
21:37:58.0233 3428 UmPass - ok
21:37:58.0283 3428 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
21:37:58.0283 3428 UmRdpService - ok
21:37:58.0413 3428 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
21:37:58.0443 3428 upnphost - ok
21:37:58.0553 3428 [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
21:37:58.0553 3428 usbaudio - ok
21:37:58.0583 3428 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:37:58.0583 3428 usbccgp - ok
21:37:58.0653 3428 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:37:58.0673 3428 usbcir - ok
21:37:58.0723 3428 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
21:37:58.0733 3428 usbehci - ok
21:37:58.0833 3428 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:37:58.0833 3428 usbhub - ok
21:37:58.0863 3428 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
21:37:58.0863 3428 usbohci - ok
21:37:58.0903 3428 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\drivers\usbprint.sys
21:37:58.0923 3428 usbprint - ok
21:37:58.0963 3428 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:37:58.0973 3428 USBSTOR - ok
21:37:58.0993 3428 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
21:37:59.0013 3428 usbuhci - ok
21:37:59.0133 3428 [ D82F43D15FDAA666856C0190CB73E7C9 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
21:37:59.0163 3428 usb_rndisx - ok
21:37:59.0213 3428 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
21:37:59.0213 3428 UxSms - ok
21:37:59.0223 3428 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
21:37:59.0233 3428 VaultSvc - ok
21:37:59.0263 3428 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:37:59.0273 3428 vdrvroot - ok
21:37:59.0383 3428 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
21:37:59.0403 3428 vds - ok
21:37:59.0463 3428 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:37:59.0493 3428 vga - ok
21:37:59.0503 3428 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
21:37:59.0513 3428 VgaSave - ok
21:37:59.0533 3428 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:37:59.0533 3428 vhdmp - ok
21:37:59.0593 3428 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
21:37:59.0623 3428 viaagp - ok
21:37:59.0643 3428 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
21:37:59.0663 3428 ViaC7 - ok
21:37:59.0713 3428 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
21:37:59.0733 3428 viaide - ok
21:37:59.0783 3428 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
21:37:59.0823 3428 vmbus - ok
21:37:59.0883 3428 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
21:37:59.0883 3428 VMBusHID - ok
21:38:00.0003 3428 [ 590C7A3A1133E51A7E1CEF67366E75AF ] vmm C:\Windows\system32\Drivers\vmm.sys
21:38:00.0013 3428 vmm - ok
21:38:00.0093 3428 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:38:00.0113 3428 volmgr - ok
21:38:00.0173 3428 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:38:00.0183 3428 volmgrx - ok
21:38:00.0303 3428 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:38:00.0313 3428 volsnap - ok
21:38:00.0473 3428 [ F96A678DEBDCCB0B4BB7F38CB2580589 ] VPCNetS2 C:\Windows\system32\DRIVERS\VMNetSrv.sys
21:38:00.0483 3428 VPCNetS2 - ok
21:38:00.0573 3428 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
21:38:00.0583 3428 vsmraid - ok
21:38:00.0925 3428 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
21:38:00.0975 3428 VSS - ok
21:38:01.0005 3428 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
21:38:01.0025 3428 vwifibus - ok
21:38:01.0115 3428 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
21:38:01.0155 3428 W32Time - ok
21:38:01.0185 3428 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
21:38:01.0215 3428 WacomPen - ok
21:38:01.0245 3428 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:38:01.0255 3428 WANARP - ok
21:38:01.0295 3428 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:38:01.0295 3428 Wanarpv6 - ok
21:38:01.0535 3428 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
21:38:01.0605 3428 WatAdminSvc - ok
21:38:01.0775 3428 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
21:38:01.0825 3428 wbengine - ok
21:38:01.0865 3428 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:38:01.0885 3428 WbioSrvc - ok
21:38:01.0965 3428 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:38:01.0985 3428 wcncsvc - ok
21:38:02.0025 3428 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:38:02.0035 3428 WcsPlugInService - ok
21:38:02.0085 3428 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\drivers\wd.sys
21:38:02.0115 3428 Wd - ok
21:38:02.0255 3428 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:38:02.0309 3428 Wdf01000 - ok
21:38:02.0337 3428 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:38:02.0337 3428 WdiServiceHost - ok
21:38:02.0347 3428 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:38:02.0347 3428 WdiSystemHost - ok
21:38:02.0407 3428 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
21:38:02.0427 3428 WebClient - ok
21:38:02.0537 3428 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:38:02.0547 3428 Wecsvc - ok
21:38:02.0577 3428 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:38:02.0597 3428 wercplsupport - ok
21:38:02.0657 3428 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
21:38:02.0657 3428 WerSvc - ok
21:38:02.0797 3428 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:38:02.0807 3428 WfpLwf - ok
21:38:02.0847 3428 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:38:02.0877 3428 WIMMount - ok
21:38:02.0927 3428 WinHttpAutoProxySvc - ok
21:38:03.0197 3428 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:38:03.0197 3428 Winmgmt - ok
21:38:03.0417 3428 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
21:38:03.0437 3428 WinRM - ok
21:38:03.0547 3428 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
21:38:03.0587 3428 WinUsb - ok
21:38:03.0677 3428 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
21:38:03.0737 3428 Wlansvc - ok
21:38:04.0277 3428 [ F86029E8FB554E951A591B570B2EEE82 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:38:04.0337 3428 wlidsvc - ok
21:38:04.0369 3428 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
21:38:04.0385 3428 WmiAcpi - ok
21:38:04.0449 3428 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:38:04.0459 3428 wmiApSrv - ok
21:38:04.0829 3428 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
21:38:04.0839 3428 WMPNetworkSvc - ok
21:38:04.0879 3428 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:38:04.0919 3428 WPCSvc - ok
21:38:04.0969 3428 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:38:04.0969 3428 WPDBusEnum - ok
21:38:05.0039 3428 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:38:05.0069 3428 ws2ifsl - ok
21:38:05.0069 3428 WSearch - ok
21:38:05.0889 3428 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
21:38:05.0899 3428 wuauserv - ok
21:38:06.0021 3428 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:38:06.0021 3428 WudfPf - ok
21:38:06.0151 3428 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:38:06.0151 3428 WUDFRd - ok
21:38:06.0361 3428 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:38:06.0371 3428 wudfsvc - ok
21:38:06.0521 3428 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
21:38:06.0551 3428 WwanSvc - ok
21:38:06.0741 3428 XDva391 - ok
21:38:06.0811 3428 [ ABC8BBEA8F643E200508C3A2A8E475A9 ] XENfiltv C:\Windows\system32\drivers\XENfiltv.sys
21:38:06.0821 3428 XENfiltv - ok
21:38:06.0951 3428 ================ Scan global ===============================
21:38:07.0041 3428 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
21:38:07.0131 3428 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
21:38:07.0211 3428 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
21:38:07.0271 3428 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
21:38:07.0461 3428 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
21:38:07.0471 3428 [Global] - ok
21:38:07.0471 3428 ================ Scan MBR ==================================
21:38:07.0521 3428 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:38:12.0435 3428 \Device\Harddisk0\DR0 - ok
21:38:12.0435 3428 ================ Scan VBR ==================================
21:38:12.0465 3428 [ 1386D2B72BA265039A338906719DC0A5 ] \Device\Harddisk0\DR0\Partition1
21:38:12.0515 3428 \Device\Harddisk0\DR0\Partition1 - ok
21:38:12.0515 3428 ============================================================
21:38:12.0515 3428 Scan finished
21:38:12.0515 3428 ============================================================
21:38:12.0535 0508 Detected object count: 3
21:38:12.0535 0508 Actual detected object count: 3
21:38:33.0427 0508 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
21:38:33.0427 0508 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
21:38:33.0427 0508 AntiVirService ( LockedFile.Multi.Generic ) - skipped by user
21:38:33.0427 0508 AntiVirService ( LockedFile.Multi.Generic ) - User select action: Skip
21:38:33.0427 0508 MBAMService ( LockedFile.Multi.Generic ) - skipped by user
21:38:33.0427 0508 MBAMService ( LockedFile.Multi.Generic ) - User select action: Skip
21:38:36.0777 3244 Deinitialize success

21:35:48.0593 3296 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
21:35:48.0827 3296 ============================================================
21:35:48.0827 3296 Current date / time: 2012/09/26 21:35:48.0827
21:35:48.0827 3296 SystemInfo:
21:35:48.0827 3296
21:35:48.0827 3296 OS Version: 6.1.7601 ServicePack: 1.0
21:35:48.0827 3296 Product type: Workstation
21:35:48.0827 3296 ComputerName: SORKY-PC
21:35:48.0827 3296 UserName: Sorky
21:35:48.0827 3296 Windows directory: C:\Windows
21:35:48.0827 3296 System windows directory: C:\Windows
21:35:48.0827 3296 Processor architecture: Intel x86
21:35:48.0827 3296 Number of processors: 2
21:35:48.0827 3296 Page size: 0x1000
21:35:48.0827 3296 Boot type: Normal boot
21:35:48.0827 3296 ============================================================
21:35:49.0888 3296 BG loaded
21:35:50.0371 3296 Drive \Device\Harddisk0\DR0 - Size: 0x7470AFDE00 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xFC59, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050
21:35:50.0402 3296 ============================================================
21:35:50.0402 3296 \Device\Harddisk0\DR0:
21:35:50.0418 3296 MBR partitions:
21:35:50.0418 3296 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A352000
21:35:50.0418 3296 ============================================================
21:35:50.0605 3296 C: <-> \Device\Harddisk0\DR0\Partition1
21:35:50.0605 3296 ============================================================
21:35:50.0605 3296 Initialize success
21:35:50.0605 3296 ============================================================
21:36:16.0224 3428 ============================================================
21:36:16.0224 3428 Scan started
21:36:16.0224 3428 Mode: Manual;
21:36:16.0224 3428 ============================================================
21:36:21.0243 3428 ================ Scan system memory ========================
21:36:21.0243 3428 System memory - ok
21:36:21.0244 3428 ================ Scan services =============================
21:36:25.0462 3428 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
21:36:25.0524 3428 1394ohci - ok
21:36:28.0059 3428 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:36:28.0080 3428 ACPI - ok
21:36:28.0138 3428 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:36:28.0149 3428 AcpiPmi - ok
21:36:28.0321 3428 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
21:36:28.0380 3428 adp94xx - ok
21:36:28.0468 3428 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\drivers\adpahci.sys
21:36:28.0478 3428 adpahci - ok
21:36:28.0628 3428 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
21:36:28.0650 3428 adpu320 - ok
21:36:28.0744 3428 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:36:28.0745 3428 AeLookupSvc - ok
21:36:28.0971 3428 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
21:36:28.0975 3428 AFD - ok
21:36:29.0075 3428 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
21:36:29.0131 3428 agp440 - ok
21:36:29.0222 3428 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
21:36:29.0224 3428 aic78xx - ok
21:36:31.0080 3428 [ 0923671CF87CD511E46D4668B53F5E76 ] Akamai c:\program files\common files\akamai/netsession_win_5891ae0.dll
21:36:31.0081 3428 Suspicious file (Hidden): c:\program files\common files\akamai/netsession_win_5891ae0.dll. md5: 0923671CF87CD511E46D4668B53F5E76
21:36:31.0091 3428 Akamai ( HiddenFile.Multi.Generic ) - warning
21:36:31.0091 3428 Akamai - detected HiddenFile.Multi.Generic (1)
21:36:31.0397 3428 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
21:36:31.0415 3428 ALG - ok
21:36:31.0494 3428 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
21:36:31.0539 3428 aliide - ok
21:36:31.0812 3428 [ 71AFA563FF023685E2E2CB8A6C448F3E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:36:31.0813 3428 AMD External Events Utility - ok
21:36:31.0891 3428 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
21:36:31.0919 3428 amdagp - ok
21:36:31.0993 3428 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
21:36:32.0009 3428 amdide - ok
21:36:32.0046 3428 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
21:36:32.0194 3428 AmdK8 - ok
21:36:35.0249 3428 [ F89643A2CA001B1162061E306F8BF267 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
21:36:35.0299 3428 amdkmdag - ok
21:36:35.0501 3428 [ FB68E1B9CEC598F0F69503F3AEBB45DD ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
21:36:35.0504 3428 amdkmdap - ok
21:36:35.0893 3428 [ AD8FA28D8ED0D0A689A0559085CE0F18 ] AmdLLD C:\Windows\system32\DRIVERS\AmdLLD.sys
21:36:35.0894 3428 AmdLLD - ok
21:36:36.0487 3428 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
21:36:36.0488 3428 AmdPPM - ok
21:36:36.0607 3428 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:36:36.0623 3428 amdsata - ok
21:36:36.0739 3428 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
21:36:36.0801 3428 amdsbs - ok
21:36:36.0920 3428 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:36:36.0964 3428 amdxata - ok
21:36:37.0098 3428 [ DD8D9C597AF7CD2F6B70A3D6A4A1ACEA ] androidusb C:\Windows\system32\Drivers\ssadadb.sys
21:36:37.0130 3428 androidusb - ok
21:36:37.0719 3428 [ 0A1CC583E8147004E4AD4625D7FBF88C ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
21:36:37.0721 3428 AntiVirSchedulerService - ok
21:36:37.0917 3428 [ C9A36EF935ACED86AEDF93E97E606911 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
21:36:37.0917 3428 Suspicious file (NoAccess): C:\Program Files\Avira\AntiVir Desktop\avguard.exe. md5: C9A36EF935ACED86AEDF93E97E606911
21:36:37.0918 3428 AntiVirService ( LockedFile.Multi.Generic ) - warning
21:36:37.0918 3428 AntiVirService - detected LockedFile.Multi.Generic (1)
21:36:38.0030 3428 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
21:36:38.0059 3428 AppID - ok
21:36:38.0118 3428 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:36:38.0129 3428 AppIDSvc - ok
21:36:38.0209 3428 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
21:36:38.0210 3428 Appinfo - ok
21:36:38.0290 3428 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
21:36:38.0307 3428 AppMgmt - ok
21:36:38.0406 3428 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\drivers\arc.sys
21:36:38.0437 3428 arc - ok
21:36:38.0465 3428 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\drivers\arcsas.sys
21:36:38.0486 3428 arcsas - ok
21:36:38.0949 3428 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
21:36:39.0143 3428 aspnet_state - ok
21:36:39.0219 3428 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:36:39.0277 3428 AsyncMac - ok
21:36:39.0342 3428 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
21:36:39.0363 3428 atapi - ok
21:36:40.0463 3428 [ F89643A2CA001B1162061E306F8BF267 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
21:36:40.0507 3428 atikmdag - ok
21:36:40.0735 3428 [ F0D933B42CD0594048E4D5200AE9E417 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
21:36:40.0738 3428 atksgt - ok
21:36:40.0927 3428 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:36:40.0932 3428 AudioEndpointBuilder - ok
21:36:40.0991 3428 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
21:36:40.0995 3428 Audiosrv - ok
21:36:41.0196 3428 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
21:36:41.0197 3428 avgntflt - ok
21:36:41.0595 3428 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
21:36:41.0597 3428 avipbb - ok
21:36:41.0830 3428 [ 53E56450DA16A1A7F0D002F511113F67 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
21:36:41.0831 3428 avkmgr - ok
21:36:41.0979 3428 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:36:42.0132 3428 AxInstSV - ok
21:36:42.0279 3428 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys
21:36:42.0397 3428 b06bdrv - ok
21:36:42.0714 3428 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
21:36:42.0781 3428 b57nd60x - ok
21:36:42.0938 3428 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
21:36:42.0952 3428 BDESVC - ok
21:36:43.0083 3428 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
21:36:43.0084 3428 Beep - ok
21:36:43.0518 3428 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
21:36:43.0523 3428 BFE - ok
21:36:43.0936 3428 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
21:36:43.0944 3428 BITS - ok
21:36:44.0580 3428 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:36:44.0581 3428 blbdrive - ok
21:36:44.0695 3428 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:36:44.0696 3428 bowser - ok
21:36:44.0991 3428 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
21:36:45.0224 3428 BrFiltLo - ok
21:36:45.0334 3428 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
21:36:45.0655 3428 BrFiltUp - ok
21:36:46.0323 3428 [ 6E11F33D14D020F58D5E02E4D67DFA19 ] Browser C:\Windows\System32\browser.dll
21:36:46.0325 3428 Browser - ok
21:36:47.0808 3428 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:36:47.0902 3428 Brserid - ok
21:36:47.0929 3428 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:36:47.0944 3428 BrSerWdm - ok
21:36:48.0028 3428 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:36:48.0218 3428 BrUsbMdm - ok
21:36:48.0278 3428 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:36:48.0343 3428 BrUsbSer - ok
21:36:48.0404 3428 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
21:36:48.0476 3428 BTHMODEM - ok
21:36:48.0590 3428 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
21:36:48.0620 3428 bthserv - ok
21:36:48.0809 3428 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:36:48.0838 3428 cdfs - ok
21:36:49.0075 3428 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:36:49.0076 3428 cdrom - ok
21:36:49.0263 3428 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
21:36:49.0265 3428 CertPropSvc - ok
21:36:49.0472 3428 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\drivers\circlass.sys
21:36:49.0584 3428 circlass - ok
21:36:49.0834 3428 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
21:36:49.0843 3428 CLFS - ok
21:36:51.0405 3428 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:36:51.0822 3428 clr_optimization_v2.0.50727_32 - ok
21:36:52.0734 3428 [ 1603F02FAC0C16DCF0EFA1A0DB93BBF0 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:36:53.0949 3428 clr_optimization_v4.0.30319_32 - ok
21:36:54.0148 3428 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
21:36:54.0244 3428 CmBatt - ok
21:36:54.0345 3428 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:36:54.0460 3428 cmdide - ok
21:36:54.0765 3428 [ 6427525D76F61D0C519B008D3680E8E7 ] CNG C:\Windows\system32\Drivers\cng.sys
21:36:54.0875 3428 CNG - ok
21:36:54.0974 3428 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\drivers\compbatt.sys
21:36:55.0086 3428 Compbatt - ok
21:36:55.0305 3428 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
21:36:55.0306 3428 CompositeBus - ok
21:36:55.0362 3428 COMSysApp - ok
21:36:55.0462 3428 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
21:36:55.0502 3428 crcdisk - ok
21:36:56.0102 3428 [ C8BD651E13895B93ED9EC5B4F1DF42BC ] Creative ALchemy AL6 Licensing Service C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
21:36:56.0172 3428 Creative ALchemy AL6 Licensing Service - ok
21:36:56.0982 3428 [ F4286774DA4C5D578F7631A89624C398 ] Creative Audio Engine Licensing Service C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
21:36:57.0172 3428 Creative Audio Engine Licensing Service - ok
21:36:57.0532 3428 [ A585BEBF7D054BD9618EDA0922D5484A ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:36:57.0532 3428 CryptSvc - ok
21:36:57.0782 3428 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
21:36:57.0792 3428 CSC - ok
21:36:58.0022 3428 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
21:36:58.0062 3428 CscService - ok
21:36:58.0942 3428 [ 11FDC34537C19E5AADF7DC5621CD38FE ] CTAudSvcService C:\Program Files\Creative\Shared Files\CTAudSvc.exe
21:36:58.0942 3428 CTAudSvcService - ok
21:36:59.0674 3428 DCamUSBGrandTek - ok
21:36:59.0944 3428 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
21:36:59.0954 3428 DcomLaunch - ok
21:37:00.0244 3428 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
21:37:00.0294 3428 defragsvc - ok
21:37:00.0424 3428 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:37:00.0424 3428 DfsC - ok
21:37:00.0654 3428 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
21:37:00.0654 3428 Dhcp - ok
21:37:00.0784 3428 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
21:37:00.0784 3428 discache - ok
21:37:00.0914 3428 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\drivers\disk.sys
21:37:01.0004 3428 Disk - ok
21:37:01.0164 3428 [ 2A958EF85DB1B61FFCA65044FA4BCE9E ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
21:37:01.0304 3428 dmvsc - ok
21:37:01.0494 3428 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:37:01.0494 3428 Dnscache - ok
21:37:01.0654 3428 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
21:37:01.0654 3428 dot3svc - ok
21:37:01.0754 3428 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
21:37:01.0764 3428 DPS - ok
21:37:01.0901 3428 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:37:01.0976 3428 drmkaud - ok
21:37:02.0166 3428 [ C0C7CECCB6C85994C2BC92D58E52D3F2 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
21:37:02.0166 3428 dtsoftbus01 - ok
21:37:02.0596 3428 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:37:02.0596 3428 DXGKrnl - ok
21:37:03.0586 3428 EagleXNt - ok
21:37:03.0696 3428 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
21:37:03.0776 3428 EapHost - ok
21:37:05.0766 3428 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\drivers\evbdx.sys
21:37:05.0956 3428 ebdrv - ok
21:37:06.0116 3428 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
21:37:06.0116 3428 EFS - ok
21:37:07.0026 3428 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:37:07.0196 3428 ehRecvr - ok
21:37:07.0336 3428 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
21:37:07.0366 3428 ehSched - ok
21:37:07.0686 3428 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\drivers\elxstor.sys
21:37:07.0746 3428 elxstor - ok
21:37:07.0786 3428 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:37:07.0816 3428 ErrDev - ok
21:37:08.0116 3428 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
21:37:08.0116 3428 EventSystem - ok
21:37:09.0198 3428 [ 4416CEF0C4E872F02D4D4D67AE42C9C4 ] EvoSvc C:\Program Files\Echobit\Evolve\EvoSvc.exe
21:37:09.0411 3428 EvoSvc - ok
21:37:09.0563 3428 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
21:37:09.0793 3428 exfat - ok
21:37:09.0923 3428 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:37:09.0980 3428 fastfat - ok
21:37:10.0278 3428 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
21:37:10.0314 3428 Fax - ok
21:37:10.0808 3428 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
21:37:10.0809 3428 fdc - ok
21:37:10.0943 3428 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
21:37:10.0945 3428 fdPHost - ok
21:37:11.0081 3428 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
21:37:11.0104 3428 FDResPub - ok
21:37:11.0157 3428 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:37:11.0225 3428 FileInfo - ok
21:37:11.0241 3428 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:37:11.0250 3428 Filetrace - ok
21:37:12.0298 3428 [ BD79E85E099412039485864506116123 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
21:37:12.0507 3428 FLEXnet Licensing Service - ok
21:37:12.0640 3428 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
21:37:12.0641 3428 flpydisk - ok
21:37:12.0775 3428 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:37:12.0777 3428 FltMgr - ok
21:37:13.0087 3428 Folding@home-CPU-[1] - ok
21:37:13.0354 3428 Folding@home-CPU-[2] - ok
21:37:13.0880 3428 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
21:37:13.0887 3428 FontCache - ok
21:37:14.0207 3428 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:37:14.0577 3428 FontCache3.0.0.0 - ok
21:37:14.0717 3428 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:37:14.0747 3428 FsDepends - ok
21:37:14.0787 3428 [ A574B4360E438977038AAE4BF60D79A2 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:37:14.0797 3428 Fs_Rec - ok
21:37:15.0237 3428 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:37:15.0357 3428 fvevol - ok
21:37:15.0677 3428 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
21:37:15.0817 3428 gagp30kx - ok
21:37:16.0667 3428 GGSAFERDriver - ok
21:37:17.0127 3428 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
21:37:17.0127 3428 gpsvc - ok
21:37:17.0237 3428 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
21:37:17.0237 3428 hamachi - ok
21:37:18.0439 3428 [ DA1B48FDE74125128D0D846A3701D344 ] Hamachi2Svc C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
21:37:18.0449 3428 Hamachi2Svc - ok
21:37:18.0629 3428 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:37:18.0669 3428 hcw85cir - ok
21:37:19.0019 3428 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:37:19.0029 3428 HdAudAddService - ok
21:37:19.0079 3428 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
21:37:19.0079 3428 HDAudBus - ok
21:37:19.0179 3428 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
21:37:19.0239 3428 HidBatt - ok
21:37:19.0309 3428 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\drivers\hidbth.sys
21:37:19.0319 3428 HidBth - ok
21:37:19.0559 3428 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\drivers\hidir.sys
21:37:19.0569 3428 HidIr - ok
21:37:19.0659 3428 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
21:37:19.0669 3428 hidserv - ok
21:37:19.0859 3428 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:37:19.0859 3428 HidUsb - ok
21:37:20.0231 3428 [ 8D1F00F4254C3EF428B715484940427C ] HiPatchService C:\Program Files\Hi-Rez Studios\HiPatchService.exe
21:37:20.0231 3428 HiPatchService - ok
21:37:20.0456 3428 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:37:20.0623 3428 hkmsvc - ok
21:37:20.0823 3428 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:37:20.0833 3428 HomeGroupListener - ok
21:37:21.0033 3428 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:37:21.0033 3428 HomeGroupProvider - ok
21:37:21.0205 3428 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:37:21.0245 3428 HpSAMD - ok
21:37:21.0385 3428 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:37:21.0385 3428 HTTP - ok
21:37:21.0475 3428 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:37:21.0505 3428 hwpolicy - ok
21:37:21.0625 3428 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
21:37:21.0645 3428 i8042prt - ok
21:37:21.0945 3428 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:37:22.0175 3428 iaStorV - ok
21:37:23.0075 3428 [ 2D5AF95580F49E5E1FFEEFC977EA7B78 ] ICQ Service C:\Program Files\ICQ6Toolbar\ICQ Service.exe
21:37:23.0075 3428 ICQ Service - ok
21:37:23.0875 3428 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:37:24.0325 3428 idsvc - ok
21:37:24.0595 3428 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\drivers\iirsp.sys
21:37:25.0545 3428 iirsp - ok
21:37:26.0365 3428 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
21:37:26.0585 3428 IKEEXT - ok
21:37:26.0645 3428 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
21:37:26.0685 3428 intelide - ok
21:37:26.0855 3428 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\drivers\intelppm.sys
21:37:26.0915 3428 intelppm - ok
21:37:27.0015 3428 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:37:27.0095 3428 IPBusEnum - ok
21:37:27.0165 3428 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:37:27.0235 3428 IpFilterDriver - ok
21:37:27.0845 3428 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:37:27.0855 3428 iphlpsvc - ok
21:37:27.0975 3428 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:37:27.0985 3428 IPMIDRV - ok
21:37:28.0025 3428 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:37:28.0035 3428 IPNAT - ok
21:37:28.0115 3428 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:37:28.0145 3428 IRENUM - ok
21:37:28.0225 3428 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:37:28.0295 3428 isapnp - ok
21:37:28.0555 3428 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:37:28.0595 3428 iScsiPrt - ok
21:37:28.0885 3428 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:37:28.0885 3428 kbdclass - ok
21:37:28.0925 3428 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:37:28.0925 3428 kbdhid - ok
21:37:28.0995 3428 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
21:37:28.0995 3428 KeyIso - ok
21:37:29.0055 3428 [ F4647BB23DB9038A7536CF6B68F4207F ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:37:29.0105 3428 KSecDD - ok
21:37:29.0235 3428 [ E73CAE53BBB72BA26918492C6B4C229D ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:37:29.0295 3428 KSecPkg - ok
21:37:29.0475 3428 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
21:37:29.0585 3428 KtmRm - ok
21:37:29.0795 3428 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
21:37:29.0805 3428 LanmanServer - ok
21:37:29.0935 3428 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:37:29.0945 3428 LanmanWorkstation - ok
21:37:30.0175 3428 [ F8A7212D0864EF5E9185FB95E6623F4D ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
21:37:30.0175 3428 lirsgt - ok
21:37:30.0355 3428 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:37:30.0355 3428 lltdio - ok
21:37:30.0555 3428 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:37:30.0615 3428 lltdsvc - ok
21:37:30.0655 3428 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
21:37:30.0665 3428 lmhosts - ok
21:37:30.0745 3428 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
21:37:30.0755 3428 LSI_FC - ok
21:37:30.0925 3428 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
21:37:30.0985 3428 LSI_SAS - ok
21:37:31.0095 3428 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
21:37:31.0095 3428 LSI_SAS2 - ok
21:37:31.0125 3428 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
21:37:31.0135 3428 LSI_SCSI - ok
21:37:31.0165 3428 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
21:37:31.0165 3428 luafv - ok
21:37:31.0437 3428 [ B7CA8CC3F978201856B6AB82F40953C3 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
21:37:35.0199 3428 MBAMProtector - ok
21:37:35.0799 3428 [ 056B19651BD7B7CE5F89A3AC46DBDC08 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
21:37:35.0809 3428 Suspicious file (NoAccess): C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe. md5: 056B19651BD7B7CE5F89A3AC46DBDC08
21:37:35.0809 3428 MBAMService ( LockedFile.Multi.Generic ) - warning
21:37:35.0809 3428 MBAMService - detected LockedFile.Multi.Generic (1)
21:37:35.0859 3428 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:37:35.0859 3428 Mcx2Svc - ok
21:37:35.0899 3428 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\drivers\megasas.sys
21:37:35.0919 3428 megasas - ok
21:37:35.0979 3428 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
21:37:36.0009 3428 MegaSR - ok
21:37:36.0089 3428 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
21:37:36.0089 3428 MMCSS - ok
21:37:36.0119 3428 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
21:37:36.0159 3428 Modem - ok
21:37:36.0249 3428 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:37:36.0249 3428 monitor - ok
21:37:36.0359 3428 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:37:36.0359 3428 mouclass - ok
21:37:36.0439 3428 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:37:36.0439 3428 mouhid - ok
21:37:36.0449 3428 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:37:36.0459 3428 mountmgr - ok
21:37:36.0609 3428 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
21:37:36.0619 3428 mpio - ok
21:37:36.0679 3428 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:37:36.0679 3428 mpsdrv - ok
21:37:36.0849 3428 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:37:36.0859 3428 MpsSvc - ok
21:37:36.0889 3428 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:37:36.0899 3428 MRxDAV - ok
21:37:36.0959 3428 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:37:36.0959 3428 mrxsmb - ok
21:37:37.0119 3428 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:37:37.0119 3428 mrxsmb10 - ok
21:37:37.0179 3428 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:37:37.0179 3428 mrxsmb20 - ok
21:37:37.0219 3428 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
21:37:37.0239 3428 msahci - ok
21:37:37.0269 3428 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:37:37.0269 3428 msdsm - ok
21:37:37.0319 3428 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
21:37:37.0359 3428 MSDTC - ok
21:37:37.0541 3428 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:37:37.0551 3428 Msfs - ok
21:37:37.0571 3428 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:37:37.0601 3428 mshidkmdf - ok
21:37:37.0631 3428 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:37:37.0691 3428 msisadrv - ok
21:37:37.0841 3428 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:37:37.0881 3428 MSiSCSI - ok
21:37:37.0891 3428 msiserver - ok
21:37:37.0961 3428 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:37:37.0961 3428 MSKSSRV - ok
21:37:38.0021 3428 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:37:38.0021 3428 MSPCLOCK - ok
21:37:38.0141 3428 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:37:38.0161 3428 MSPQM - ok
21:37:38.0211 3428 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:37:38.0241 3428 MsRPC - ok
21:37:38.0351 3428 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
21:37:38.0351 3428 mssmbios - ok
21:37:38.0501 3428 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:37:38.0511 3428 MSTEE - ok
21:37:38.0631 3428 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
21:37:38.0631 3428 MTConfig - ok
21:37:38.0681 3428 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
21:37:38.0691 3428 Mup - ok
21:37:38.0791 3428 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
21:37:38.0801 3428 napagent - ok
21:37:38.0991 3428 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:37:39.0071 3428 NativeWifiP - ok
21:37:39.0321 3428 [ E7C54812A2AAF43316EB6930C1FFA108 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:37:39.0381 3428 NDIS - ok
21:37:39.0501 3428 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:37:39.0511 3428 NdisCap - ok
21:37:39.0561 3428 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:37:39.0561 3428 NdisTapi - ok
21:37:39.0661 3428 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:37:39.0681 3428 Ndisuio - ok
21:37:39.0691 3428 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:37:39.0701 3428 NdisWan - ok
21:37:39.0831 3428 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:37:39.0831 3428 NDProxy - ok
21:37:39.0921 3428 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:37:39.0921 3428 NetBIOS - ok
21:37:40.0061 3428 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:37:40.0061 3428 NetBT - ok
21:37:40.0091 3428 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
21:37:40.0101 3428 Netlogon - ok
21:37:40.0561 3428 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
21:37:40.0561 3428 Netman - ok
21:37:40.0731 3428 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:37:40.0771 3428 NetMsmqActivator - ok
21:37:40.0881 3428 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:37:40.0881 3428 NetPipeActivator - ok
21:37:40.0971 3428 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
21:37:40.0981 3428 netprofm - ok
21:37:40.0991 3428 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:37:40.0991 3428 NetTcpActivator - ok
21:37:41.0023 3428 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:37:41.0024 3428 NetTcpPortSharing - ok
21:37:41.0193 3428 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
21:37:41.0203 3428 nfrd960 - ok
21:37:41.0283 3428 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:37:41.0293 3428 NlaSvc - ok
21:37:41.0333 3428 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:37:41.0333 3428 Npfs - ok
21:37:41.0553 3428 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
21:37:41.0553 3428 nsi - ok
21:37:41.0693 3428 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:37:41.0693 3428 nsiproxy - ok
21:37:41.0983 3428 [ 81189C3D7763838E55C397759D49007A ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:37:42.0023 3428 Ntfs - ok
21:37:42.0093 3428 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
21:37:42.0093 3428 Null - ok
21:37:42.0213 3428 [ B5E37E31C053BC9950455A257526514B ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x32.sys
21:37:42.0243 3428 NVENETFD - ok
21:37:42.0343 3428 [ 1DE923088878B495CD4219E47BA34EB8 ] NVNET C:\Windows\system32\DRIVERS\nvmf6232.sys
21:37:42.0353 3428 NVNET - ok
21:37:42.0443 3428 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:37:42.0453 3428 nvraid - ok
21:37:42.0513 3428 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:37:42.0513 3428 nvstor - ok
21:37:42.0603 3428 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:37:42.0633 3428 nv_agp - ok
21:37:42.0683 3428 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:37:42.0703 3428 ohci1394 - ok
21:37:42.0953 3428 [ D29D5E61A5722630BB58940D1E4E231A ] OpenVPNService C:\Program Files\OpenVPN\bin\openvpnserv.exe
21:37:42.0993 3428 OpenVPNService - ok
21:37:43.0093 3428 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:37:43.0113 3428 p2pimsvc - ok
21:37:43.0233 3428 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
21:37:43.0253 3428 p2psvc - ok
21:37:43.0303 3428 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
21:37:43.0303 3428 Parport - ok
21:37:43.0333 3428 [ BF8F6AF06DA75B336F07E23AEF97D93B ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:37:43.0373 3428 partmgr - ok
21:37:43.0393 3428 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
21:37:43.0393 3428 Parvdm - ok
21:37:43.0493 3428 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:37:43.0513 3428 PcaSvc - ok
21:37:43.0573 3428 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
21:37:43.0583 3428 pci - ok
21:37:43.0603 3428 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
21:37:43.0613 3428 pciide - ok
21:37:43.0643 3428 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
21:37:43.0673 3428 pcmcia - ok
21:37:43.0683 3428 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
21:37:43.0683 3428 pcw - ok
21:37:43.0773 3428 [ E80C2056214C33E06B7BB39FD2C7D4AB ] pe3apfeb C:\Windows\system32\drivers\pe3apfeb.sys
21:37:43.0783 3428 pe3apfeb - ok
21:37:44.0053 3428 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:37:44.0063 3428 PEAUTH - ok
21:37:44.0333 3428 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
21:37:44.0403 3428 PeerDistSvc - ok
21:37:44.0683 3428 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
21:37:44.0733 3428 pla - ok
21:37:44.0793 3428 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:37:44.0803 3428 PlugPlay - ok
21:37:44.0873 3428 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:37:44.0893 3428 PNRPAutoReg - ok
21:37:44.0943 3428 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:37:44.0943 3428 PNRPsvc - ok
21:37:44.0983 3428 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:37:44.0993 3428 PolicyAgent - ok
21:37:45.0313 3428 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
21:37:45.0313 3428 Power - ok
21:37:45.0463 3428 [ 9E3C13B6556D5636B745D3E466D47467 ] PowerManager C:\Windows\svchost.exe
21:37:45.0473 3428 PowerManager - ok
21:37:45.0523 3428 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:37:45.0533 3428 PptpMiniport - ok
21:37:45.0573 3428 pr2apfeb - ok
21:37:45.0593 3428 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\drivers\processr.sys
21:37:45.0623 3428 Processor - ok
21:37:45.0663 3428 [ 43CA4CCC22D52FB58E8988F0198851D0 ] ProfSvc C:\Windows\system32\profsvc.dll
21:37:45.0673 3428 ProfSvc - ok
21:37:45.0713 3428 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:37:45.0713 3428 ProtectedStorage - ok
21:37:45.0733 3428 [ 782C2618294F03380BAAE918B334E504 ] ps7apfeb C:\Windows\system32\drivers\ps7apfeb.sys
21:37:45.0753 3428 ps7apfeb - ok
21:37:45.0843 3428 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:37:45.0843 3428 Psched - ok
21:37:45.0943 3428 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
21:37:45.0993 3428 ql2300 - ok
21:37:46.0073 3428 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
21:37:46.0083 3428 ql40xx - ok
21:37:46.0113 3428 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
21:37:46.0123 3428 QWAVE - ok
21:37:46.0153 3428 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:37:46.0163 3428 QWAVEdrv - ok
21:37:46.0183 3428 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:37:46.0203 3428 RasAcd - ok
21:37:46.0313 3428 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:37:46.0313 3428 RasAgileVpn - ok
21:37:46.0363 3428 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
21:37:46.0403 3428 RasAuto - ok
21:37:46.0453 3428 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:37:46.0453 3428 Rasl2tp - ok
21:37:46.0533 3428 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
21:37:46.0563 3428 RasMan - ok
21:37:46.0613 3428 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:37:46.0613 3428 RasPppoe - ok
21:37:46.0683 3428 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:37:46.0683 3428 RasSstp - ok
21:37:46.0743 3428 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:37:46.0743 3428 rdbss - ok
21:37:46.0763 3428 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
21:37:46.0763 3428 rdpbus - ok
21:37:46.0803 3428 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:37:46.0803 3428 RDPCDD - ok
21:37:46.0873 3428 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
21:37:46.0883 3428 RDPDR - ok
21:37:46.0933 3428 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:37:46.0933 3428 RDPENCDD - ok
21:37:46.0993 3428 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:37:46.0993 3428 RDPREFMP - ok
21:37:47.0013 3428 [ 288B06960D78428FF89E811632684E20 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:37:47.0013 3428 RDPWD - ok
21:37:47.0053 3428 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:37:47.0053 3428 rdyboost - ok
21:37:47.0113 3428 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
21:37:47.0143 3428 RemoteAccess - ok
21:37:47.0203 3428 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:37:47.0213 3428 RemoteRegistry - ok
21:37:47.0283 3428 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:37:47.0283 3428 RpcEptMapper - ok
21:37:47.0313 3428 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
21:37:47.0323 3428 RpcLocator - ok
21:37:47.0383 3428 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
21:37:47.0393 3428 RpcSs - ok
21:37:47.0433 3428 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:37:47.0433 3428 rspndr - ok
21:37:47.0473 3428 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
21:37:47.0513 3428 s3cap - ok
21:37:47.0543 3428 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
21:37:47.0553 3428 SamSs - ok
21:37:47.0613 3428 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:37:47.0623 3428 sbp2port - ok
21:37:47.0693 3428 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:37:47.0713 3428 SCardSvr - ok
21:37:47.0763 3428 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:37:47.0763 3428 scfilter - ok
21:37:47.0883 3428 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
21:37:47.0893 3428 Schedule - ok
21:37:47.0913 3428 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
21:37:47.0913 3428 SCPolicySvc - ok
21:37:48.0025 3428 [ A689D522EEDF89401E1DA2FE883AA7EC ] SCREAMINGBDRIVER C:\Windows\system32\drivers\ScreamingBAudio.sys
21:37:48.0025 3428 SCREAMINGBDRIVER - ok
21:37:48.0085 3428 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:37:48.0095 3428 SDRSVC - ok
21:37:48.0165 3428 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:37:48.0165 3428 secdrv - ok
21:37:48.0205 3428 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
21:37:48.0225 3428 seclogon - ok
21:37:48.0245 3428 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
21:37:48.0245 3428 SENS - ok
21:37:48.0285 3428 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:37:48.0295 3428 SensrSvc - ok
21:37:48.0335 3428 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
21:37:48.0335 3428 Serenum - ok
21:37:48.0375 3428 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
21:37:48.0375 3428 Serial - ok
21:37:48.0435 3428 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\drivers\sermouse.sys
21:37:48.0455 3428 sermouse - ok
21:37:48.0515 3428 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
21:37:48.0515 3428 SessionEnv - ok
21:37:48.0565 3428 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:37:48.0595 3428 sffdisk - ok
21:37:48.0655 3428 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:37:48.0665 3428 sffp_mmc - ok
21:37:48.0765 3428 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:37:48.0795 3428 sffp_sd - ok
21:37:48.0835 3428 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
21:37:48.0835 3428 sfloppy - ok
21:37:48.0985 3428 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:37:48.0995 3428 SharedAccess - ok
21:37:49.0105 3428 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:37:49.0105 3428 ShellHWDetection - ok
21:37:49.0155 3428 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
21:37:49.0155 3428 sisagp - ok
21:37:49.0235 3428 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
21:37:49.0255 3428 SiSRaid2 - ok
21:37:49.0315 3428 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
21:37:49.0375 3428 SiSRaid4 - ok
21:37:50.0319 3428 [ 753D254205E0A62100A050BD8B458D06 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
21:37:50.0339 3428 Skype C2C Service - ok
21:37:50.0621 3428 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
21:37:50.0621 3428 SkypeUpdate - ok
21:37:50.0861 3428 [ 9BE51ECE8BA86FAAD487C694FE0F00CA ] skyrm C:\Windows\system32\DRIVERS\skyrm.sys
21:37:50.0861 3428 skyrm - ok
21:37:50.0911 3428 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:37:50.0941 3428 Smb - ok
21:37:51.0081 3428 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:37:51.0081 3428 SNMPTRAP - ok
21:37:51.0121 3428 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
21:37:51.0151 3428 spldr - ok
21:37:51.0261 3428 [ 866A43013535DC8587C258E43579C764 ] Spooler C:\Windows\System32\spoolsv.exe
21:37:51.0261 3428 Spooler - ok
21:37:51.0981 3428 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
21:37:52.0041 3428 sppsvc - ok
21:37:52.0141 3428 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:37:52.0161 3428 sppuinotify - ok
21:37:52.0271 3428 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
21:37:52.0301 3428 srv - ok
21:37:52.0371 3428 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:37:52.0371 3428 srv2 - ok
21:37:52.0451 3428 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:37:52.0451 3428 srvnet - ok
21:37:52.0501 3428 [ 64E44ACD8C238FCBBB78F0BA4BDC4B05 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
21:37:52.0531 3428 ssadbus - ok
21:37:52.0591 3428 [ BB2C84A15C765DA89FD832B0E73F26CE ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
21:37:52.0611 3428 ssadmdfl - ok
21:37:52.0711 3428 [ 6D0D132DDC6F43EDA00DCED6D8B1CA31 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
21:37:52.0781 3428 ssadmdm - ok
21:37:52.0851 3428 [ 1A5A397BC459F346AB56492B61EF79F6 ] ssadserd C:\Windows\system32\DRIVERS\ssadserd.sys
21:37:52.0921 3428 ssadserd - ok
21:37:53.0001 3428 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:37:53.0011 3428 SSDPSRV - ok
21:37:53.0151 3428 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
21:37:53.0151 3428 ssmdrv - ok
21:37:53.0221 3428 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:37:53.0231 3428 SstpSvc - ok
21:37:53.0451 3428 Steam Client Service - ok
21:37:53.0491 3428 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\drivers\stexstor.sys
21:37:53.0511 3428 stexstor - ok
21:37:53.0651 3428 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
21:37:53.0661 3428 StiSvc - ok
21:37:53.0761 3428 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
21:37:53.0781 3428 storflt - ok
21:37:53.0871 3428 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll
21:37:53.0881 3428 StorSvc - ok
21:37:53.0991 3428 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
21:37:54.0011 3428 storvsc - ok
21:37:54.0061 3428 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
21:37:54.0061 3428 swenum - ok
21:37:54.0131 3428 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
21:37:54.0141 3428 swprv - ok
21:37:54.0301 3428 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
21:37:54.0331 3428 SysMain - ok
21:37:54.0371 3428 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:37:54.0371 3428 TabletInputService - ok
21:37:54.0491 3428 [ 98A1E6BC9F766B0B0A5BF00AF847EF20 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
21:37:54.0501 3428 tap0901 - ok
21:37:54.0591 3428 [ B7AEE68D2E867CBF69B649B18FCEDBBB ] tap0901t C:\Windows\system32\DRIVERS\tap0901t.sys
21:37:54.0591 3428 tap0901t - ok
21:37:54.0661 3428 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
21:37:54.0661 3428 TapiSrv - ok
21:37:54.0721 3428 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
21:37:54.0721 3428 TBS - ok
21:37:54.0911 3428 [ 65D10B191C59C5501A1263FC33F6894B ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:37:54.0961 3428 Tcpip - ok
21:37:55.0081 3428 [ 65D10B191C59C5501A1263FC33F6894B ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:37:55.0091 3428 TCPIP6 - ok
21:37:55.0141 3428 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:37:55.0141 3428 tcpipreg - ok
21:37:55.0171 3428 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:37:55.0191 3428 TDPIPE - ok
21:37:55.0211 3428 [ 2C10395BAA4847F83042813C515CC289 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:37:55.0221 3428 TDTCP - ok
21:37:55.0231 3428 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:37:55.0231 3428 tdx - ok
21:37:56.0191 3428 [ 2BBB318EA9F34FDC508CEA4AAB98D770 ] TeamViewer7 C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
21:37:56.0241 3428 TeamViewer7 - ok
21:37:56.0303 3428 [ 9101FFFCFCCD1A30E870A5B8A9091B10 ] teamviewervpn C:\Windows\system32\DRIVERS\teamviewervpn.sys
21:37:56.0323 3428 teamviewervpn - ok
21:37:56.0353 3428 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
21:37:56.0363 3428 TermDD - ok
21:37:56.0653 3428 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
21:37:56.0673 3428 TermService - ok
21:37:56.0703 3428 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
21:37:56.0703 3428 Themes - ok
21:37:56.0733 3428 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
21:37:56.0733 3428 THREADORDER - ok
21:37:56.0803 3428 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
21:37:56.0813 3428 TrkWks - ok
21:37:56.0983 3428 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:37:57.0013 3428 TrustedInstaller - ok
21:37:57.0063 3428 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:37:57.0063 3428 tssecsrv - ok
21:37:57.0133 3428 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:37:57.0133 3428 TsUsbFlt - ok
21:37:57.0193 3428 [ 01246F0BAAD7B68EC0F472AA41E33282 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
21:37:57.0233 3428 TsUsbGD - ok
21:37:57.0283 3428 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:37:57.0283 3428 tunnel - ok
21:37:57.0793 3428 [ 3DB1CE045A552161EF7252988752C65F ] TunngleService C:\Program Files\Tunngle\TnglCtrl.exe
21:37:57.0833 3428 TunngleService - ok
21:37:57.0893 3428 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\drivers\uagp35.sys
21:37:57.0903 3428 uagp35 - ok
21:37:57.0963 3428 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:37:57.0973 3428 udfs - ok
21:37:58.0023 3428 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:37:58.0033 3428 UI0Detect - ok
21:37:58.0063 3428 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:37:58.0073 3428 uliagpkx - ok
21:37:58.0143 3428 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
21:37:58.0143 3428 umbus - ok
21:37:58.0223 3428 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
21:37:58.0233 3428 UmPass - ok
21:37:58.0283 3428 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
21:37:58.0283 3428 UmRdpService - ok
21:37:58.0413 3428 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
21:37:58.0443 3428 upnphost - ok
21:37:58.0553 3428 [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
21:37:58.0553 3428 usbaudio - ok
21:37:58.0583 3428 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:37:58.0583 3428 usbccgp - ok
21:37:58.0653 3428 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:37:58.0673 3428 usbcir - ok
21:37:58.0723 3428 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
21:37:58.0733 3428 usbehci - ok
21:37:58.0833 3428 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:37:58.0833 3428 usbhub - ok
21:37:58.0863 3428 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
21:37:58.0863 3428 usbohci - ok
21:37:58.0903 3428 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\drivers\usbprint.sys
21:37:58.0923 3428 usbprint - ok
21:37:58.0963 3428 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:37:58.0973 3428 USBSTOR - ok
21:37:58.0993 3428 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
21:37:59.0013 3428 usbuhci - ok
21:37:59.0133 3428 [ D82F43D15FDAA666856C0190CB73E7C9 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
21:37:59.0163 3428 usb_rndisx - ok
21:37:59.0213 3428 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
21:37:59.0213 3428 UxSms - ok
21:37:59.0223 3428 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
21:37:59.0233 3428 VaultSvc - ok
21:37:59.0263 3428 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:37:59.0273 3428 vdrvroot - ok
21:37:59.0383 3428 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
21:37:59.0403 3428 vds - ok
21:37:59.0463 3428 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:37:59.0493 3428 vga - ok
21:37:59.0503 3428 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
21:37:59.0513 3428 VgaSave - ok
21:37:59.0533 3428 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:37:59.0533 3428 vhdmp - ok
21:37:59.0593 3428 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
21:37:59.0623 3428 viaagp - ok
21:37:59.0643 3428 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
21:37:59.0663 3428 ViaC7 - ok
21:37:59.0713 3428 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
21:37:59.0733 3428 viaide - ok
21:37:59.0783 3428 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
21:37:59.0823 3428 vmbus - ok
21:37:59.0883 3428 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
21:37:59.0883 3428 VMBusHID - ok
21:38:00.0003 3428 [ 590C7A3A1133E51A7E1CEF67366E75AF ] vmm C:\Windows\system32\Drivers\vmm.sys
21:38:00.0013 3428 vmm - ok
21:38:00.0093 3428 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:38:00.0113 3428 volmgr - ok
21:38:00.0173 3428 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:38:00.0183 3428 volmgrx - ok
21:38:00.0303 3428 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:38:00.0313 3428 volsnap - ok
21:38:00.0473 3428 [ F96A678DEBDCCB0B4BB7F38CB2580589 ] VPCNetS2 C:\Windows\system32\DRIVERS\VMNetSrv.sys
21:38:00.0483 3428 VPCNetS2 - ok
21:38:00.0573 3428 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
21:38:00.0583 3428 vsmraid - ok
21:38:00.0925 3428 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
21:38:00.0975 3428 VSS - ok
21:38:01.0005 3428 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
21:38:01.0025 3428 vwifibus - ok
21:38:01.0115 3428 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
21:38:01.0155 3428 W32Time - ok
21:38:01.0185 3428 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
21:38:01.0215 3428 WacomPen - ok
21:38:01.0245 3428 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:38:01.0255 3428 WANARP - ok
21:38:01.0295 3428 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:38:01.0295 3428 Wanarpv6 - ok
21:38:01.0535 3428 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
21:38:01.0605 3428 WatAdminSvc - ok
21:38:01.0775 3428 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
21:38:01.0825 3428 wbengine - ok
21:38:01.0865 3428 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:38:01.0885 3428 WbioSrvc - ok
21:38:01.0965 3428 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:38:01.0985 3428 wcncsvc - ok
21:38:02.0025 3428 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:38:02.0035 3428 WcsPlugInService - ok
21:38:02.0085 3428 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\drivers\wd.sys
21:38:02.0115 3428 Wd - ok
21:38:02.0255 3428 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:38:02.0309 3428 Wdf01000 - ok
21:38:02.0337 3428 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:38:02.0337 3428 WdiServiceHost - ok
21:38:02.0347 3428 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:38:02.0347 3428 WdiSystemHost - ok
21:38:02.0407 3428 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
21:38:02.0427 3428 WebClient - ok
21:38:02.0537 3428 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:38:02.0547 3428 Wecsvc - ok
21:38:02.0577 3428 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:38:02.0597 3428 wercplsupport - ok
21:38:02.0657 3428 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
21:38:02.0657 3428 WerSvc - ok
21:38:02.0797 3428 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:38:02.0807 3428 WfpLwf - ok
21:38:02.0847 3428 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:38:02.0877 3428 WIMMount - ok
21:38:02.0927 3428 WinHttpAutoProxySvc - ok
21:38:03.0197 3428 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:38:03.0197 3428 Winmgmt - ok
21:38:03.0417 3428 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
21:38:03.0437 3428 WinRM - ok
21:38:03.0547 3428 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
21:38:03.0587 3428 WinUsb - ok
21:38:03.0677 3428 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
21:38:03.0737 3428 Wlansvc - ok
21:38:04.0277 3428 [ F86029E8FB554E951A591B570B2EEE82 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:38:04.0337 3428 wlidsvc - ok
21:38:04.0369 3428 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
21:38:04.0385 3428 WmiAcpi - ok
21:38:04.0449 3428 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:38:04.0459 3428 wmiApSrv - ok
21:38:04.0829 3428 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
21:38:04.0839 3428 WMPNetworkSvc - ok
21:38:04.0879 3428 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:38:04.0919 3428 WPCSvc - ok
21:38:04.0969 3428 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:38:04.0969 3428 WPDBusEnum - ok
21:38:05.0039 3428 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:38:05.0069 3428 ws2ifsl - ok
21:38:05.0069 3428 WSearch - ok
21:38:05.0889 3428 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
21:38:05.0899 3428 wuauserv - ok
21:38:06.0021 3428 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:38:06.0021 3428 WudfPf - ok
21:38:06.0151 3428 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:38:06.0151 3428 WUDFRd - ok
21:38:06.0361 3428 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:38:06.0371 3428 wudfsvc - ok
21:38:06.0521 3428 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
21:38:06.0551 3428 WwanSvc - ok
21:38:06.0741 3428 XDva391 - ok
21:38:06.0811 3428 [ ABC8BBEA8F643E200508C3A2A8E475A9 ] XENfiltv C:\Windows\system32\drivers\XENfiltv.sys
21:38:06.0821 3428 XENfiltv - ok
21:38:06.0951 3428 ================ Scan global ===============================
21:38:07.0041 3428 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
21:38:07.0131 3428 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
21:38:07.0211 3428 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
21:38:07.0271 3428 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
21:38:07.0461 3428 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
21:38:07.0471 3428 [Global] - ok
21:38:07.0471 3428 ================ Scan MBR ==================================
21:38:07.0521 3428 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:38:12.0435 3428 \Device\Harddisk0\DR0 - ok
21:38:12.0435 3428 ================ Scan VBR ==================================
21:38:12.0465 3428 [ 1386D2B72BA265039A338906719DC0A5 ] \Device\Harddisk0\DR0\Partition1
21:38:12.0515 3428 \Device\Harddisk0\DR0\Partition1 - ok
21:38:12.0515 3428 ============================================================
21:38:12.0515 3428 Scan finished
21:38:12.0515 3428 ============================================================
21:38:12.0535 0508 Detected object count: 3
21:38:12.0535 0508 Actual detected object count: 3
21:38:33.0427 0508 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
21:38:33.0427 0508 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
21:38:33.0427 0508 AntiVirService ( LockedFile.Multi.Generic ) - skipped by user
21:38:33.0427 0508 AntiVirService ( LockedFile.Multi.Generic ) - User select action: Skip
21:38:33.0427 0508 MBAMService ( LockedFile.Multi.Generic ) - skipped by user
21:38:33.0427 0508 MBAMService ( LockedFile.Multi.Generic ) - User select action: Skip
21:38:36.0777 3244 Deinitialize success

21:35:48.0593 3296 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
21:35:48.0827 3296 ============================================================
21:35:48.0827 3296 Current date / time: 2012/09/26 21:35:48.0827
21:35:48.0827 3296 SystemInfo:
21:35:48.0827 3296
21:35:48.0827 3296 OS Version: 6.1.7601 ServicePack: 1.0
21:35:48.0827 3296 Product type: Workstation
21:35:48.0827 3296 ComputerName: SORKY-PC
21:35:48.0827 3296 UserName: Sorky
21:35:48.0827 3296 Windows directory: C:\Windows
21:35:48.0827 3296 System windows directory: C:\Windows
21:35:48.0827 3296 Processor architecture: Intel x86
21:35:48.0827 3296 Number of processors: 2
21:35:48.0827 3296 Page size: 0x1000
21:35:48.0827 3296 Boot type: Normal boot
21:35:48.0827 3296 ============================================================
21:35:49.0888 3296 BG loaded
21:35:50.0371 3296 Drive \Device\Harddisk0\DR0 - Size: 0x7470AFDE00 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xFC59, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050
21:35:50.0402 3296 ============================================================
21:35:50.0402 3296 \Device\Harddisk0\DR0:
21:35:50.0418 3296 MBR partitions:
21:35:50.0418 3296 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A352000
21:35:50.0418 3296 ============================================================
21:35:50.0605 3296 C: <-> \Device\Harddisk0\DR0\Partition1
21:35:50.0605 3296 ============================================================
21:35:50.0605 3296 Initialize success
21:35:50.0605 3296 ============================================================
21:36:16.0224 3428 ============================================================
21:36:16.0224 3428 Scan started
21:36:16.0224 3428 Mode: Manual;
21:36:16.0224 3428 ============================================================
21:36:21.0243 3428 ================ Scan system memory ========================
21:36:21.0243 3428 System memory - ok
21:36:21.0244 3428 ================ Scan services =============================
21:36:25.0462 3428 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
21:36:25.0524 3428 1394ohci - ok
21:36:28.0059 3428 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:36:28.0080 3428 ACPI - ok
21:36:28.0138 3428 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:36:28.0149 3428 AcpiPmi - ok
21:36:28.0321 3428 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
21:36:28.0380 3428 adp94xx - ok
21:36:28.0468 3428 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\drivers\adpahci.sys
21:36:28.0478 3428 adpahci - ok
21:36:28.0628 3428 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
21:36:28.0650 3428 adpu320 - ok
21:36:28.0744 3428 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:36:28.0745 3428 AeLookupSvc - ok
21:36:28.0971 3428 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
21:36:28.0975 3428 AFD - ok
21:36:29.0075 3428 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
21:36:29.0131 3428 agp440 - ok
21:36:29.0222 3428 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
21:36:29.0224 3428 aic78xx - ok
21:36:31.0080 3428 [ 0923671CF87CD511E46D4668B53F5E76 ] Akamai c:\program files\common files\akamai/netsession_win_5891ae0.dll
21:36:31.0081 3428 Suspicious file (Hidden): c:\program files\common files\akamai/netsession_win_5891ae0.dll. md5: 0923671CF87CD511E46D4668B53F5E76
21:36:31.0091 3428 Akamai ( HiddenFile.Multi.Generic ) - warning
21:36:31.0091 3428 Akamai - detected HiddenFile.Multi.Generic (1)
21:36:31.0397 3428 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
21:36:31.0415 3428 ALG - ok
21:36:31.0494 3428 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
21:36:31.0539 3428 aliide - ok
21:36:31.0812 3428 [ 71AFA563FF023685E2E2CB8A6C448F3E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:36:31.0813 3428 AMD External Events Utility - ok
21:36:31.0891 3428 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
21:36:31.0919 3428 amdagp - ok
21:36:31.0993 3428 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
21:36:32.0009 3428 amdide - ok
21:36:32.0046 3428 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
21:36:32.0194 3428 AmdK8 - ok
21:36:35.0249 3428 [ F89643A2CA001B1162061E306F8BF267 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
21:36:35.0299 3428 amdkmdag - ok
21:36:35.0501 3428 [ FB68E1B9CEC598F0F69503F3AEBB45DD ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
21:36:35.0504 3428 amdkmdap - ok
21:36:35.0893 3428 [ AD8FA28D8ED0D0A689A0559085CE0F18 ] AmdLLD C:\Windows\system32\DRIVERS\AmdLLD.sys
21:36:35.0894 3428 AmdLLD - ok
21:36:36.0487 3428 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
21:36:36.0488 3428 AmdPPM - ok
21:36:36.0607 3428 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:36:36.0623 3428 amdsata - ok
21:36:36.0739 3428 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
21:36:36.0801 3428 amdsbs - ok
21:36:36.0920 3428 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:36:36.0964 3428 amdxata - ok
21:36:37.0098 3428 [ DD8D9C597AF7CD2F6B70A3D6A4A1ACEA ] androidusb C:\Windows\system32\Drivers\ssadadb.sys
21:36:37.0130 3428 androidusb - ok
21:36:37.0719 3428 [ 0A1CC583E8147004E4AD4625D7FBF88C ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
21:36:37.0721 3428 AntiVirSchedulerService - ok
21:36:37.0917 3428 [ C9A36EF935ACED86AEDF93E97E606911 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
21:36:37.0917 3428 Suspicious file (NoAccess): C:\Program Files\Avira\AntiVir Desktop\avguard.exe. md5: C9A36EF935ACED86AEDF93E97E606911
21:36:37.0918 3428 AntiVirService ( LockedFile.Multi.Generic ) - warning
21:36:37.0918 3428 AntiVirService - detected LockedFile.Multi.Generic (1)
21:36:38.0030 3428 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
21:36:38.0059 3428 AppID - ok
21:36:38.0118 3428 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:36:38.0129 3428 AppIDSvc - ok
21:36:38.0209 3428 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
21:36:38.0210 3428 Appinfo - ok
21:36:38.0290 3428 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
21:36:38.0307 3428 AppMgmt - ok
21:36:38.0406 3428 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\drivers\arc.sys
21:36:38.0437 3428 arc - ok
21:36:38.0465 3428 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\drivers\arcsas.sys
21:36:38.0486 3428 arcsas - ok
21:36:38.0949 3428 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
21:36:39.0143 3428 aspnet_state - ok
21:36:39.0219 3428 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:36:39.0277 3428 AsyncMac - ok
21:36:39.0342 3428 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
21:36:39.0363 3428 atapi - ok
21:36:40.0463 3428 [ F89643A2CA001B1162061E306F8BF267 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
21:36:40.0507 3428 atikmdag - ok
21:36:40.0735 3428 [ F0D933B42CD0594048E4D5200AE9E417 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
21:36:40.0738 3428 atksgt - ok
21:36:40.0927 3428 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:36:40.0932 3428 AudioEndpointBuilder - ok
21:36:40.0991 3428 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
21:36:40.0995 3428 Audiosrv - ok
21:36:41.0196 3428 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
21:36:41.0197 3428 avgntflt - ok
21:36:41.0595 3428 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
21:36:41.0597 3428 avipbb - ok
21:36:41.0830 3428 [ 53E56450DA16A1A7F0D002F511113F67 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
21:36:41.0831 3428 avkmgr - ok
21:36:41.0979 3428 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:36:42.0132 3428 AxInstSV - ok
21:36:42.0279 3428 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys
21:36:42.0397 3428 b06bdrv - ok
21:36:42.0714 3428 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
21:36:42.0781 3428 b57nd60x - ok
21:36:42.0938 3428 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
21:36:42.0952 3428 BDESVC - ok
21:36:43.0083 3428 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
21:36:43.0084 3428 Beep - ok
21:36:43.0518 3428 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
21:36:43.0523 3428 BFE - ok
21:36:43.0936 3428 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
21:36:43.0944 3428 BITS - ok
21:36:44.0580 3428 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:36:44.0581 3428 blbdrive - ok
21:36:44.0695 3428 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:36:44.0696 3428 bowser - ok
21:36:44.0991 3428 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
21:36:45.0224 3428 BrFiltLo - ok
21:36:45.0334 3428 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
21:36:45.0655 3428 BrFiltUp - ok
21:36:46.0323 3428 [ 6E11F33D14D020F58D5E02E4D67DFA19 ] Browser C:\Windows\System32\browser.dll
21:36:46.0325 3428 Browser - ok
21:36:47.0808 3428 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:36:47.0902 3428 Brserid - ok
21:36:47.0929 3428 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:36:47.0944 3428 BrSerWdm - ok
21:36:48.0028 3428 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:36:48.0218 3428 BrUsbMdm - ok
21:36:48.0278 3428 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:36:48.0343 3428 BrUsbSer - ok
21:36:48.0404 3428 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
21:36:48.0476 3428 BTHMODEM - ok
21:36:48.0590 3428 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
21:36:48.0620 3428 bthserv - ok
21:36:48.0809 3428 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:36:48.0838 3428 cdfs - ok
21:36:49.0075 3428 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:36:49.0076 3428 cdrom - ok
21:36:49.0263 3428 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
21:36:49.0265 3428 CertPropSvc - ok
21:36:49.0472 3428 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\drivers\circlass.sys
21:36:49.0584 3428 circlass - ok
21:36:49.0834 3428 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
21:36:49.0843 3428 CLFS - ok
21:36:51.0405 3428 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:36:51.0822 3428 clr_optimization_v2.0.50727_32 - ok
21:36:52.0734 3428 [ 1603F02FAC0C16DCF0EFA1A0DB93BBF0 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:36:53.0949 3428 clr_optimization_v4.0.30319_32 - ok
21:36:54.0148 3428 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
21:36:54.0244 3428 CmBatt - ok
21:36:54.0345 3428 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:36:54.0460 3428 cmdide - ok
21:36:54.0765 3428 [ 6427525D76F61D0C519B008D3680E8E7 ] CNG C:\Windows\system32\Drivers\cng.sys
21:36:54.0875 3428 CNG - ok
21:36:54.0974 3428 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\drivers\compbatt.sys
21:36:55.0086 3428 Compbatt - ok
21:36:55.0305 3428 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
21:36:55.0306 3428 CompositeBus - ok
21:36:55.0362 3428 COMSysApp - ok
21:36:55.0462 3428 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
21:36:55.0502 3428 crcdisk - ok
21:36:56.0102 3428 [ C8BD651E13895B93ED9EC5B4F1DF42BC ] Creative ALchemy AL6 Licensing Service C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
21:36:56.0172 3428 Creative ALchemy AL6 Licensing Service - ok
21:36:56.0982 3428 [ F4286774DA4C5D578F7631A89624C398 ] Creative Audio Engine Licensing Service C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
21:36:57.0172 3428 Creative Audio Engine Licensing Service - ok
21:36:57.0532 3428 [ A585BEBF7D054BD9618EDA0922D5484A ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:36:57.0532 3428 CryptSvc - ok
21:36:57.0782 3428 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
21:36:57.0792 3428 CSC - ok
21:36:58.0022 3428 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
21:36:58.0062 3428 CscService - ok
21:36:58.0942 3428 [ 11FDC34537C19E5AADF7DC5621CD38FE ] CTAudSvcService C:\Program Files\Creative\Shared Files\CTAudSvc.exe
21:36:58.0942 3428 CTAudSvcService - ok
21:36:59.0674 3428 DCamUSBGrandTek - ok
21:36:59.0944 3428 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
21:36:59.0954 3428 DcomLaunch - ok
21:37:00.0244 3428 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
21:37:00.0294 3428 defragsvc - ok
21:37:00.0424 3428 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:37:00.0424 3428 DfsC - ok
21:37:00.0654 3428 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
21:37:00.0654 3428 Dhcp - ok
21:37:00.0784 3428 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
21:37:00.0784 3428 discache - ok
21:37:00.0914 3428 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\drivers\disk.sys
21:37:01.0004 3428 Disk - ok
21:37:01.0164 3428 [ 2A958EF85DB1B61FFCA65044FA4BCE9E ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
21:37:01.0304 3428 dmvsc - ok
21:37:01.0494 3428 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:37:01.0494 3428 Dnscache - ok
21:37:01.0654 3428 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
21:37:01.0654 3428 dot3svc - ok
21:37:01.0754 3428 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
21:37:01.0764 3428 DPS - ok
21:37:01.0901 3428 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:37:01.0976 3428 drmkaud - ok
21:37:02.0166 3428 [ C0C7CECCB6C85994C2BC92D58E52D3F2 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
21:37:02.0166 3428 dtsoftbus01 - ok
21:37:02.0596 3428 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:37:02.0596 3428 DXGKrnl - ok
21:37:03.0586 3428 EagleXNt - ok
21:37:03.0696 3428 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
21:37:03.0776 3428 EapHost - ok
21:37:05.0766 3428 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\drivers\evbdx.sys
21:37:05.0956 3428 ebdrv - ok
21:37:06.0116 3428 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
21:37:06.0116 3428 EFS - ok
21:37:07.0026 3428 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:37:07.0196 3428 ehRecvr - ok
21:37:07.0336 3428 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
21:37:07.0366 3428 ehSched - ok
21:37:07.0686 3428 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\drivers\elxstor.sys
21:37:07.0746 3428 elxstor - ok
21:37:07.0786 3428 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:37:07.0816 3428 ErrDev - ok
21:37:08.0116 3428 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
21:37:08.0116 3428 EventSystem - ok
21:37:09.0198 3428 [ 4416CEF0C4E872F02D4D4D67AE42C9C4 ] EvoSvc C:\Program Files\Echobit\Evolve\EvoSvc.exe
21:37:09.0411 3428 EvoSvc - ok
21:37:09.0563 3428 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
21:37:09.0793 3428 exfat - ok
21:37:09.0923 3428 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:37:09.0980 3428 fastfat - ok
21:37:10.0278 3428 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
21:37:10.0314 3428 Fax - ok
21:37:10.0808 3428 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
21:37:10.0809 3428 fdc - ok
21:37:10.0943 3428 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
21:37:10.0945 3428 fdPHost - ok
21:37:11.0081 3428 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
21:37:11.0104 3428 FDResPub - ok
21:37:11.0157 3428 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:37:11.0225 3428 FileInfo - ok
21:37:11.0241 3428 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:37:11.0250 3428 Filetrace - ok
21:37:12.0298 3428 [ BD79E85E099412039485864506116123 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
21:37:12.0507 3428 FLEXnet Licensing Service - ok
21:37:12.0640 3428 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
21:37:12.0641 3428 flpydisk - ok
21:37:12.0775 3428 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:37:12.0777 3428 FltMgr - ok
21:37:13.0087 3428 Folding@home-CPU-[1] - ok
21:37:13.0354 3428 Folding@home-CPU-[2] - ok
21:37:13.0880 3428 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
21:37:13.0887 3428 FontCache - ok
21:37:14.0207 3428 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:37:14.0577 3428 FontCache3.0.0.0 - ok
21:37:14.0717 3428 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:37:14.0747 3428 FsDepends - ok
21:37:14.0787 3428 [ A574B4360E438977038AAE4BF60D79A2 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:37:14.0797 3428 Fs_Rec - ok
21:37:15.0237 3428 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:37:15.0357 3428 fvevol - ok
21:37:15.0677 3428 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
21:37:15.0817 3428 gagp30kx - ok
21:37:16.0667 3428 GGSAFERDriver - ok
21:37:17.0127 3428 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
21:37:17.0127 3428 gpsvc - ok
21:37:17.0237 3428 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
21:37:17.0237 3428 hamachi - ok
21:37:18.0439 3428 [ DA1B48FDE74125128D0D846A3701D344 ] Hamachi2Svc C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
21:37:18.0449 3428 Hamachi2Svc - ok
21:37:18.0629 3428 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:37:18.0669 3428 hcw85cir - ok
21:37:19.0019 3428 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:37:19.0029 3428 HdAudAddService - ok
21:37:19.0079 3428 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
21:37:19.0079 3428 HDAudBus - ok
21:37:19.0179 3428 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
21:37:19.0239 3428 HidBatt - ok
21:37:19.0309 3428 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\drivers\hidbth.sys
21:37:19.0319 3428 HidBth - ok
21:37:19.0559 3428 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\drivers\hidir.sys
21:37:19.0569 3428 HidIr - ok
21:37:19.0659 3428 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
21:37:19.0669 3428 hidserv - ok
21:37:19.0859 3428 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:37:19.0859 3428 HidUsb - ok
21:37:20.0231 3428 [ 8D1F00F4254C3EF428B715484940427C ] HiPatchService C:\Program Files\Hi-Rez Studios\HiPatchService.exe
21:37:20.0231 3428 HiPatchService - ok
21:37:20.0456 3428 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:37:20.0623 3428 hkmsvc - ok
21:37:20.0823 3428 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:37:20.0833 3428 HomeGroupListener - ok
21:37:21.0033 3428 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:37:21.0033 3428 HomeGroupProvider - ok
21:37:21.0205 3428 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:37:21.0245 3428 HpSAMD - ok
21:37:21.0385 3428 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:37:21.0385 3428 HTTP - ok
21:37:21.0475 3428 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:37:21.0505 3428 hwpolicy - ok
21:37:21.0625 3428 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
21:37:21.0645 3428 i8042prt - ok
21:37:21.0945 3428 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:37:22.0175 3428 iaStorV - ok
21:37:23.0075 3428 [ 2D5AF95580F49E5E1FFEEFC977EA7B78 ] ICQ Service C:\Program Files\ICQ6Toolbar\ICQ Service.exe
21:37:23.0075 3428 ICQ Service - ok
21:37:23.0875 3428 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:37:24.0325 3428 idsvc - ok
21:37:24.0595 3428 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\drivers\iirsp.sys
21:37:25.0545 3428 iirsp - ok
21:37:26.0365 3428 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
21:37:26.0585 3428 IKEEXT - ok
21:37:26.0645 3428 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
21:37:26.0685 3428 intelide - ok
21:37:26.0855 3428 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\drivers\intelppm.sys
21:37:26.0915 3428 intelppm - ok
21:37:27.0015 3428 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:37:27.0095 3428 IPBusEnum - ok
21:37:27.0165 3428 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:37:27.0235 3428 IpFilterDriver - ok
21:37:27.0845 3428 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:37:27.0855 3428 iphlpsvc - ok
21:37:27.0975 3428 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:37:27.0985 3428 IPMIDRV - ok
21:37:28.0025 3428 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:37:28.0035 3428 IPNAT - ok
21:37:28.0115 3428 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:37:28.0145 3428 IRENUM - ok
21:37:28.0225 3428 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:37:28.0295 3428 isapnp - ok
21:37:28.0555 3428 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:37:28.0595 3428 iScsiPrt - ok
21:37:28.0885 3428 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:37:28.0885 3428 kbdclass - ok
21:37:28.0925 3428 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:37:28.0925 3428 kbdhid - ok
21:37:28.0995 3428 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
21:37:28.0995 3428 KeyIso - ok
21:37:29.0055 3428 [ F4647BB23DB9038A7536CF6B68F4207F ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:37:29.0105 3428 KSecDD - ok
21:37:29.0235 3428 [ E73CAE53BBB72BA26918492C6B4C229D ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:37:29.0295 3428 KSecPkg - ok
21:37:29.0475 3428 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
21:37:29.0585 3428 KtmRm - ok
21:37:29.0795 3428 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
21:37:29.0805 3428 LanmanServer - ok
21:37:29.0935 3428 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:37:29.0945 3428 LanmanWorkstation - ok
21:37:30.0175 3428 [ F8A7212D0864EF5E9185FB95E6623F4D ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
21:37:30.0175 3428 lirsgt - ok
21:37:30.0355 3428 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:37:30.0355 3428 lltdio - ok
21:37:30.0555 3428 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:37:30.0615 3428 lltdsvc - ok
21:37:30.0655 3428 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
21:37:30.0665 3428 lmhosts - ok
21:37:30.0745 3428 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
21:37:30.0755 3428 LSI_FC - ok
21:37:30.0925 3428 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
21:37:30.0985 3428 LSI_SAS - ok
21:37:31.0095 3428 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
21:37:31.0095 3428 LSI_SAS2 - ok
21:37:31.0125 3428 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
21:37:31.0135 3428 LSI_SCSI - ok
21:37:31.0165 3428 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
21:37:31.0165 3428 luafv - ok
21:37:31.0437 3428 [ B7CA8CC3F978201856B6AB82F40953C3 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
21:37:35.0199 3428 MBAMProtector - ok
21:37:35.0799 3428 [ 056B19651BD7B7CE5F89A3AC46DBDC08 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
21:37:35.0809 3428 Suspicious file (NoAccess): C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe. md5: 056B19651BD7B7CE5F89A3AC46DBDC08
21:37:35.0809 3428 MBAMService ( LockedFile.Multi.Generic ) - warning
21:37:35.0809 3428 MBAMService - detected LockedFile.Multi.Generic (1)
21:37:35.0859 3428 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:37:35.0859 3428 Mcx2Svc - ok
21:37:35.0899 3428 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\drivers\megasas.sys
21:37:35.0919 3428 megasas - ok
21:37:35.0979 3428 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
21:37:36.0009 3428 MegaSR - ok
21:37:36.0089 3428 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
21:37:36.0089 3428 MMCSS - ok
21:37:36.0119 3428 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
21:37:36.0159 3428 Modem - ok
21:37:36.0249 3428 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:37:36.0249 3428 monitor - ok
21:37:36.0359 3428 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:37:36.0359 3428 mouclass - ok
21:37:36.0439 3428 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:37:36.0439 3428 mouhid - ok
21:37:36.0449 3428 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:37:36.0459 3428 mountmgr - ok
21:37:36.0609 3428 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
21:37:36.0619 3428 mpio - ok
21:37:36.0679 3428 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:37:36.0679 3428 mpsdrv - ok
21:37:36.0849 3428 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:37:36.0859 3428 MpsSvc - ok
21:37:36.0889 3428 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:37:36.0899 3428 MRxDAV - ok
21:37:36.0959 3428 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:37:36.0959 3428 mrxsmb - ok
21:37:37.0119 3428 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:37:37.0119 3428 mrxsmb10 - ok
21:37:37.0179 3428 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:37:37.0179 3428 mrxsmb20 - ok
21:37:37.0219 3428 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
21:37:37.0239 3428 msahci - ok
21:37:37.0269 3428 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:37:37.0269 3428 msdsm - ok
21:37:37.0319 3428 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
21:37:37.0359 3428 MSDTC - ok
21:37:37.0541 3428 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:37:37.0551 3428 Msfs - ok
21:37:37.0571 3428 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:37:37.0601 3428 mshidkmdf - ok
21:37:37.0631 3428 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:37:37.0691 3428 msisadrv - ok
21:37:37.0841 3428 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:37:37.0881 3428 MSiSCSI - ok
21:37:37.0891 3428 msiserver - ok
21:37:37.0961 3428 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:37:37.0961 3428 MSKSSRV - ok
21:37:38.0021 3428 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:37:38.0021 3428 MSPCLOCK - ok
21:37:38.0141 3428 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:37:38.0161 3428 MSPQM - ok
21:37:38.0211 3428 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:37:38.0241 3428 MsRPC - ok
21:37:38.0351 3428 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
21:37:38.0351 3428 mssmbios - ok
21:37:38.0501 3428 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:37:38.0511 3428 MSTEE - ok
21:37:38.0631 3428 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
21:37:38.0631 3428 MTConfig - ok
21:37:38.0681 3428 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
21:37:38.0691 3428 Mup - ok
21:37:38.0791 3428 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
21:37:38.0801 3428 napagent - ok
21:37:38.0991 3428 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:37:39.0071 3428 NativeWifiP - ok
21:37:39.0321 3428 [ E7C54812A2AAF43316EB6930C1FFA108 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:37:39.0381 3428 NDIS - ok
21:37:39.0501 3428 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:37:39.0511 3428 NdisCap - ok
21:37:39.0561 3428 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:37:39.0561 3428 NdisTapi - ok
21:37:39.0661 3428 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:37:39.0681 3428 Ndisuio - ok
21:37:39.0691 3428 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:37:39.0701 3428 NdisWan - ok
21:37:39.0831 3428 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:37:39.0831 3428 NDProxy - ok
21:37:39.0921 3428 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:37:39.0921 3428 NetBIOS - ok
21:37:40.0061 3428 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:37:40.0061 3428 NetBT - ok
21:37:40.0091 3428 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
21:37:40.0101 3428 Netlogon - ok
21:37:40.0561 3428 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
21:37:40.0561 3428 Netman - ok
21:37:40.0731 3428 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:37:40.0771 3428 NetMsmqActivator - ok
21:37:40.0881 3428 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:37:40.0881 3428 NetPipeActivator - ok
21:37:40.0971 3428 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
21:37:40.0981 3428 netprofm - ok
21:37:40.0991 3428 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:37:40.0991 3428 NetTcpActivator - ok
21:37:41.0023 3428 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:37:41.0024 3428 NetTcpPortSharing - ok
21:37:41.0193 3428 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
21:37:41.0203 3428 nfrd960 - ok
21:37:41.0283 3428 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:37:41.0293 3428 NlaSvc - ok
21:37:41.0333 3428 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:37:41.0333 3428 Npfs - ok
21:37:41.0553 3428 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
21:37:41.0553 3428 nsi - ok
21:37:41.0693 3428 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:37:41.0693 3428 nsiproxy - ok
21:37:41.0983 3428 [ 81189C3D7763838E55C397759D49007A ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:37:42.0023 3428 Ntfs - ok
21:37:42.0093 3428 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
21:37:42.0093 3428 Null - ok
21:37:42.0213 3428 [ B5E37E31C053BC9950455A257526514B ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x32.sys
21:37:42.0243 3428 NVENETFD - ok
21:37:42.0343 3428 [ 1DE923088878B495CD4219E47BA34EB8 ] NVNET C:\Windows\system32\DRIVERS\nvmf6232.sys
21:37:42.0353 3428 NVNET - ok
21:37:42.0443 3428 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:37:42.0453 3428 nvraid - ok
21:37:42.0513 3428 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:37:42.0513 3428 nvstor - ok
21:37:42.0603 3428 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:37:42.0633 3428 nv_agp - ok
21:37:42.0683 3428 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:37:42.0703 3428 ohci1394 - ok
21:37:42.0953 3428 [ D29D5E61A5722630BB58940D1E4E231A ] OpenVPNService C:\Program Files\OpenVPN\bin\openvpnserv.exe
21:37:42.0993 3428 OpenVPNService - ok
21:37:43.0093 3428 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:37:43.0113 3428 p2pimsvc - ok
21:37:43.0233 3428 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
21:37:43.0253 3428 p2psvc - ok
21:37:43.0303 3428 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
21:37:43.0303 3428 Parport - ok
21:37:43.0333 3428 [ BF8F6AF06DA75B336F07E23AEF97D93B ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:37:43.0373 3428 partmgr - ok
21:37:43.0393 3428 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
21:37:43.0393 3428 Parvdm - ok
21:37:43.0493 3428 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:37:43.0513 3428 PcaSvc - ok
21:37:43.0573 3428 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
21:37:43.0583 3428 pci - ok
21:37:43.0603 3428 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
21:37:43.0613 3428 pciide - ok
21:37:43.0643 3428 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
21:37:43.0673 3428 pcmcia - ok
21:37:43.0683 3428 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
21:37:43.0683 3428 pcw - ok
21:37:43.0773 3428 [ E80C2056214C33E06B7BB39FD2C7D4AB ] pe3apfeb C:\Windows\system32\drivers\pe3apfeb.sys
21:37:43.0783 3428 pe3apfeb - ok
21:37:44.0053 3428 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:37:44.0063 3428 PEAUTH - ok
21:37:44.0333 3428 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
21:37:44.0403 3428 PeerDistSvc - ok
21:37:44.0683 3428 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
21:37:44.0733 3428 pla - ok
21:37:44.0793 3428 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:37:44.0803 3428 PlugPlay - ok
21:37:44.0873 3428 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:37:44.0893 3428 PNRPAutoReg - ok
21:37:44.0943 3428 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:37:44.0943 3428 PNRPsvc - ok
21:37:44.0983 3428 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:37:44.0993 3428 PolicyAgent - ok
21:37:45.0313 3428 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
21:37:45.0313 3428 Power - ok
21:37:45.0463 3428 [ 9E3C13B6556D5636B745D3E466D47467 ] PowerManager C:\Windows\svchost.exe
21:37:45.0473 3428 PowerManager - ok
21:37:45.0523 3428 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:37:45.0533 3428 PptpMiniport - ok
21:37:45.0573 3428 pr2apfeb - ok
21:37:45.0593 3428 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\drivers\processr.sys
21:37:45.0623 3428 Processor - ok
21:37:45.0663 3428 [ 43CA4CCC22D52FB58E8988F0198851D0 ] ProfSvc C:\Windows\system32\profsvc.dll
21:37:45.0673 3428 ProfSvc - ok
21:37:45.0713 3428 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:37:45.0713 3428 ProtectedStorage - ok
21:37:45.0733 3428 [ 782C2618294F03380BAAE918B334E504 ] ps7apfeb C:\Windows\system32\drivers\ps7apfeb.sys
21:37:45.0753 3428 ps7apfeb - ok
21:37:45.0843 3428 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:37:45.0843 3428 Psched - ok
21:37:45.0943 3428 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
21:37:45.0993 3428 ql2300 - ok
21:37:46.0073 3428 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
21:37:46.0083 3428 ql40xx - ok
21:37:46.0113 3428 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
21:37:46.0123 3428 QWAVE - ok
21:37:46.0153 3428 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:37:46.0163 3428 QWAVEdrv - ok
21:37:46.0183 3428 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:37:46.0203 3428 RasAcd - ok
21:37:46.0313 3428 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:37:46.0313 3428 RasAgileVpn - ok
21:37:46.0363 3428 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
21:37:46.0403 3428 RasAuto - ok
21:37:46.0453 3428 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:37:46.0453 3428 Rasl2tp - ok
21:37:46.0533 3428 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
21:37:46.0563 3428 RasMan - ok
21:37:46.0613 3428 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:37:46.0613 3428 RasPppoe - ok
21:37:46.0683 3428 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:37:46.0683 3428 RasSstp - ok
21:37:46.0743 3428 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:37:46.0743 3428 rdbss - ok
21:37:46.0763 3428 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
21:37:46.0763 3428 rdpbus - ok
21:37:46.0803 3428 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:37:46.0803 3428 RDPCDD - ok
21:37:46.0873 3428 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
21:37:46.0883 3428 RDPDR - ok
21:37:46.0933 3428 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:37:46.0933 3428 RDPENCDD - ok
21:37:46.0993 3428 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:37:46.0993 3428 RDPREFMP - ok
21:37:47.0013 3428 [ 288B06960D78428FF89E811632684E20 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:37:47.0013 3428 RDPWD - ok
21:37:47.0053 3428 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:37:47.0053 3428 rdyboost - ok
21:37:47.0113 3428 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
21:37:47.0143 3428 RemoteAccess - ok
21:37:47.0203 3428 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:37:47.0213 3428 RemoteRegistry - ok
21:37:47.0283 3428 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:37:47.0283 3428 RpcEptMapper - ok
21:37:47.0313 3428 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
21:37:47.0323 3428 RpcLocator - ok
21:37:47.0383 3428 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
21:37:47.0393 3428 RpcSs - ok
21:37:47.0433 3428 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:37:47.0433 3428 rspndr - ok
21:37:47.0473 3428 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
21:37:47.0513 3428 s3cap - ok
21:37:47.0543 3428 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
21:37:47.0553 3428 SamSs - ok
21:37:47.0613 3428 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:37:47.0623 3428 sbp2port - ok
21:37:47.0693 3428 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:37:47.0713 3428 SCardSvr - ok
21:37:47.0763 3428 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:37:47.0763 3428 scfilter - ok
21:37:47.0883 3428 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
21:37:47.0893 3428 Schedule - ok
21:37:47.0913 3428 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
21:37:47.0913 3428 SCPolicySvc - ok
21:37:48.0025 3428 [ A689D522EEDF89401E1DA2FE883AA7EC ] SCREAMINGBDRIVER C:\Windows\system32\drivers\ScreamingBAudio.sys
21:37:48.0025 3428 SCREAMINGBDRIVER - ok
21:37:48.0085 3428 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:37:48.0095 3428 SDRSVC - ok
21:37:48.0165 3428 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:37:48.0165 3428 secdrv - ok
21:37:48.0205 3428 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
21:37:48.0225 3428 seclogon - ok
21:37:48.0245 3428 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
21:37:48.0245 3428 SENS - ok
21:37:48.0285 3428 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:37:48.0295 3428 SensrSvc - ok
21:37:48.0335 3428 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
21:37:48.0335 3428 Serenum - ok
21:37:48.0375 3428 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
21:37:48.0375 3428 Serial - ok
21:37:48.0435 3428 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\drivers\sermouse.sys
21:37:48.0455 3428 sermouse - ok
21:37:48.0515 3428 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
21:37:48.0515 3428 SessionEnv - ok
21:37:48.0565 3428 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:37:48.0595 3428 sffdisk - ok
21:37:48.0655 3428 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:37:48.0665 3428 sffp_mmc - ok
21:37:48.0765 3428 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:37:48.0795 3428 sffp_sd - ok
21:37:48.0835 3428 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
21:37:48.0835 3428 sfloppy - ok
21:37:48.0985 3428 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:37:48.0995 3428 SharedAccess - ok
21:37:49.0105 3428 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:37:49.0105 3428 ShellHWDetection - ok
21:37:49.0155 3428 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
21:37:49.0155 3428 sisagp - ok
21:37:49.0235 3428 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
21:37:49.0255 3428 SiSRaid2 - ok
21:37:49.0315 3428 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
21:37:49.0375 3428 SiSRaid4 - ok
21:37:50.0319 3428 [ 753D254205E0A62100A050BD8B458D06 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
21:37:50.0339 3428 Skype C2C Service - ok
21:37:50.0621 3428 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
21:37:50.0621 3428 SkypeUpdate - ok
21:37:50.0861 3428 [ 9BE51ECE8BA86FAAD487C694FE0F00CA ] skyrm C:\Windows\system32\DRIVERS\skyrm.sys
21:37:50.0861 3428 skyrm - ok
21:37:50.0911 3428 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:37:50.0941 3428 Smb - ok
21:37:51.0081 3428 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:37:51.0081 3428 SNMPTRAP - ok
21:37:51.0121 3428 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
21:37:51.0151 3428 spldr - ok
21:37:51.0261 3428 [ 866A43013535DC8587C258E43579C764 ] Spooler C:\Windows\System32\spoolsv.exe
21:37:51.0261 3428 Spooler - ok
21:37:51.0981 3428 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
21:37:52.0041 3428 sppsvc - ok
21:37:52.0141 3428 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:37:52.0161 3428 sppuinotify - ok
21:37:52.0271 3428 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
21:37:52.0301 3428 srv - ok
21:37:52.0371 3428 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:37:52.0371 3428 srv2 - ok
21:37:52.0451 3428 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:37:52.0451 3428 srvnet - ok
21:37:52.0501 3428 [ 64E44ACD8C238FCBBB78F0BA4BDC4B05 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
21:37:52.0531 3428 ssadbus - ok
21:37:52.0591 3428 [ BB2C84A15C765DA89FD832B0E73F26CE ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
21:37:52.0611 3428 ssadmdfl - ok
21:37:52.0711 3428 [ 6D0D132DDC6F43EDA00DCED6D8B1CA31 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
21:37:52.0781 3428 ssadmdm - ok
21:37:52.0851 3428 [ 1A5A397BC459F346AB56492B61EF79F6 ] ssadserd C:\Windows\system32\DRIVERS\ssadserd.sys
21:37:52.0921 3428 ssadserd - ok
21:37:53.0001 3428 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:37:53.0011 3428 SSDPSRV - ok
21:37:53.0151 3428 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
21:37:53.0151 3428 ssmdrv - ok
21:37:53.0221 3428 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:37:53.0231 3428 SstpSvc - ok
21:37:53.0451 3428 Steam Client Service - ok
21:37:53.0491 3428 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\drivers\stexstor.sys
21:37:53.0511 3428 stexstor - ok
21:37:53.0651 3428 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
21:37:53.0661 3428 StiSvc - ok
21:37:53.0761 3428 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
21:37:53.0781 3428 storflt - ok
21:37:53.0871 3428 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll
21:37:53.0881 3428 StorSvc - ok
21:37:53.0991 3428 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
21:37:54.0011 3428 storvsc - ok
21:37:54.0061 3428 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
21:37:54.0061 3428 swenum - ok
21:37:54.0131 3428 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
21:37:54.0141 3428 swprv - ok
21:37:54.0301 3428 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
21:37:54.0331 3428 SysMain - ok
21:37:54.0371 3428 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:37:54.0371 3428 TabletInputService - ok
21:37:54.0491 3428 [ 98A1E6BC9F766B0B0A5BF00AF847EF20 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
21:37:54.0501 3428 tap0901 - ok
21:37:54.0591 3428 [ B7AEE68D2E867CBF69B649B18FCEDBBB ] tap0901t C:\Windows\system32\DRIVERS\tap0901t.sys
21:37:54.0591 3428 tap0901t - ok
21:37:54.0661 3428 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
21:37:54.0661 3428 TapiSrv - ok
21:37:54.0721 3428 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
21:37:54.0721 3428 TBS - ok
21:37:54.0911 3428 [ 65D10B191C59C5501A1263FC33F6894B ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:37:54.0961 3428 Tcpip - ok
21:37:55.0081 3428 [ 65D10B191C59C5501A1263FC33F6894B ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:37:55.0091 3428 TCPIP6 - ok
21:37:55.0141 3428 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:37:55.0141 3428 tcpipreg - ok
21:37:55.0171 3428 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:37:55.0191 3428 TDPIPE - ok
21:37:55.0211 3428 [ 2C10395BAA4847F83042813C515CC289 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:37:55.0221 3428 TDTCP - ok
21:37:55.0231 3428 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:37:55.0231 3428 tdx - ok
21:37:56.0191 3428 [ 2BBB318EA9F34FDC508CEA4AAB98D770 ] TeamViewer7 C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
21:37:56.0241 3428 TeamViewer7 - ok
21:37:56.0303 3428 [ 9101FFFCFCCD1A30E870A5B8A9091B10 ] teamviewervpn C:\Windows\system32\DRIVERS\teamviewervpn.sys
21:37:56.0323 3428 teamviewervpn - ok
21:37:56.0353 3428 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
21:37:56.0363 3428 TermDD - ok
21:37:56.0653 3428 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
21:37:56.0673 3428 TermService - ok
21:37:56.0703 3428 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
21:37:56.0703 3428 Themes - ok
21:37:56.0733 3428 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
21:37:56.0733 3428 THREADORDER - ok
21:37:56.0803 3428 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
21:37:56.0813 3428 TrkWks - ok
21:37:56.0983 3428 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:37:57.0013 3428 TrustedInstaller - ok
21:37:57.0063 3428 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:37:57.0063 3428 tssecsrv - ok
21:37:57.0133 3428 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:37:57.0133 3428 TsUsbFlt - ok
21:37:57.0193 3428 [ 01246F0BAAD7B68EC0F472AA41E33282 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
21:37:57.0233 3428 TsUsbGD - ok
21:37:57.0283 3428 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:37:57.0283 3428 tunnel - ok
21:37:57.0793 3428 [ 3DB1CE045A552161EF7252988752C65F ] TunngleService C:\Program Files\Tunngle\TnglCtrl.exe
21:37:57.0833 3428 TunngleService - ok
21:37:57.0893 3428 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\drivers\uagp35.sys
21:37:57.0903 3428 uagp35 - ok
21:37:57.0963 3428 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:37:57.0973 3428 udfs - ok
21:37:58.0023 3428 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:37:58.0033 3428 UI0Detect - ok
21:37:58.0063 3428 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:37:58.0073 3428 uliagpkx - ok
21:37:58.0143 3428 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
21:37:58.0143 3428 umbus - ok
21:37:58.0223 3428 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
21:37:58.0233 3428 UmPass - ok
21:37:58.0283 3428 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
21:37:58.0283 3428 UmRdpService - ok
21:37:58.0413 3428 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
21:37:58.0443 3428 upnphost - ok
21:37:58.0553 3428 [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
21:37:58.0553 3428 usbaudio - ok
21:37:58.0583 3428 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:37:58.0583 3428 usbccgp - ok
21:37:58.0653 3428 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:37:58.0673 3428 usbcir - ok
21:37:58.0723 3428 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
21:37:58.0733 3428 usbehci - ok
21:37:58.0833 3428 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:37:58.0833 3428 usbhub - ok
21:37:58.0863 3428 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
21:37:58.0863 3428 usbohci - ok
21:37:58.0903 3428 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\drivers\usbprint.sys
21:37:58.0923 3428 usbprint - ok
21:37:58.0963 3428 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:37:58.0973 3428 USBSTOR - ok
21:37:58.0993 3428 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
21:37:59.0013 3428 usbuhci - ok
21:37:59.0133 3428 [ D82F43D15FDAA666856C0190CB73E7C9 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
21:37:59.0163 3428 usb_rndisx - ok
21:37:59.0213 3428 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
21:37:59.0213 3428 UxSms - ok
21:37:59.0223 3428 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
21:37:59.0233 3428 VaultSvc - ok
21:37:59.0263 3428 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:37:59.0273 3428 vdrvroot - ok
21:37:59.0383 3428 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
21:37:59.0403 3428 vds - ok
21:37:59.0463 3428 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:37:59.0493 3428 vga - ok
21:37:59.0503 3428 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
21:37:59.0513 3428 VgaSave - ok
21:37:59.0533 3428 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:37:59.0533 3428 vhdmp - ok
21:37:59.0593 3428 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
21:37:59.0623 3428 viaagp - ok
21:37:59.0643 3428 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
21:37:59.0663 3428 ViaC7 - ok
21:37:59.0713 3428 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
21:37:59.0733 3428 viaide - ok
21:37:59.0783 3428 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
21:37:59.0823 3428 vmbus - ok
21:37:59.0883 3428 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
21:37:59.0883 3428 VMBusHID - ok
21:38:00.0003 3428 [ 590C7A3A1133E51A7E1CEF67366E75AF ] vmm C:\Windows\system32\Drivers\vmm.sys
21:38:00.0013 3428 vmm - ok
21:38:00.0093 3428 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:38:00.0113 3428 volmgr - ok
21:38:00.0173 3428 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:38:00.0183 3428 volmgrx - ok
21:38:00.0303 3428 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:38:00.0313 3428 volsnap - ok
21:38:00.0473 3428 [ F96A678DEBDCCB0B4BB7F38CB2580589 ] VPCNetS2 C:\Windows\system32\DRIVERS\VMNetSrv.sys
21:38:00.0483 3428 VPCNetS2 - ok
21:38:00.0573 3428 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
21:38:00.0583 3428 vsmraid - ok
21:38:00.0925 3428 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
21:38:00.0975 3428 VSS - ok
21:38:01.0005 3428 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
21:38:01.0025 3428 vwifibus - ok
21:38:01.0115 3428 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
21:38:01.0155 3428 W32Time - ok
21:38:01.0185 3428 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
21:38:01.0215 3428 WacomPen - ok
21:38:01.0245 3428 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:38:01.0255 3428 WANARP - ok
21:38:01.0295 3428 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:38:01.0295 3428 Wanarpv6 - ok
21:38:01.0535 3428 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
21:38:01.0605 3428 WatAdminSvc - ok
21:38:01.0775 3428 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
21:38:01.0825 3428 wbengine - ok
21:38:01.0865 3428 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:38:01.0885 3428 WbioSrvc - ok
21:38:01.0965 3428 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:38:01.0985 3428 wcncsvc - ok
21:38:02.0025 3428 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:38:02.0035 3428 WcsPlugInService - ok
21:38:02.0085 3428 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\drivers\wd.sys
21:38:02.0115 3428 Wd - ok
21:38:02.0255 3428 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:38:02.0309 3428 Wdf01000 - ok
21:38:02.0337 3428 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:38:02.0337 3428 WdiServiceHost - ok
21:38:02.0347 3428 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:38:02.0347 3428 WdiSystemHost - ok
21:38:02.0407 3428 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
21:38:02.0427 3428 WebClient - ok
21:38:02.0537 3428 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:38:02.0547 3428 Wecsvc - ok
21:38:02.0577 3428 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:38:02.0597 3428 wercplsupport - ok
21:38:02.0657 3428 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
21:38:02.0657 3428 WerSvc - ok
21:38:02.0797 3428 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:38:02.0807 3428 WfpLwf - ok
21:38:02.0847 3428 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:38:02.0877 3428 WIMMount - ok
21:38:02.0927 3428 WinHttpAutoProxySvc - ok
21:38:03.0197 3428 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:38:03.0197 3428 Winmgmt - ok
21:38:03.0417 3428 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
21:38:03.0437 3428 WinRM - ok
21:38:03.0547 3428 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
21:38:03.0587 3428 WinUsb - ok
21:38:03.0677 3428 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
21:38:03.0737 3428 Wlansvc - ok
21:38:04.0277 3428 [ F86029E8FB554E951A591B570B2EEE82 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:38:04.0337 3428 wlidsvc - ok
21:38:04.0369 3428 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
21:38:04.0385 3428 WmiAcpi - ok
21:38:04.0449 3428 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:38:04.0459 3428 wmiApSrv - ok
21:38:04.0829 3428 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
21:38:04.0839 3428 WMPNetworkSvc - ok
21:38:04.0879 3428 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:38:04.0919 3428 WPCSvc - ok
21:38:04.0969 3428 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:38:04.0969 3428 WPDBusEnum - ok
21:38:05.0039 3428 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:38:05.0069 3428 ws2ifsl - ok
21:38:05.0069 3428 WSearch - ok
21:38:05.0889 3428 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
21:38:05.0899 3428 wuauserv - ok
21:38:06.0021 3428 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:38:06.0021 3428 WudfPf - ok
21:38:06.0151 3428 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:38:06.0151 3428 WUDFRd - ok
21:38:06.0361 3428 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:38:06.0371 3428 wudfsvc - ok
21:38:06.0521 3428 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
21:38:06.0551 3428 WwanSvc - ok
21:38:06.0741 3428 XDva391 - ok
21:38:06.0811 3428 [ ABC8BBEA8F643E200508C3A2A8E475A9 ] XENfiltv C:\Windows\system32\drivers\XENfiltv.sys
21:38:06.0821 3428 XENfiltv - ok
21:38:06.0951 3428 ================ Scan global ===============================
21:38:07.0041 3428 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
21:38:07.0131 3428 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
21:38:07.0211 3428 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\Windows\system32\winsrv.dll
21:38:07.0271 3428 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
21:38:07.0461 3428 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
21:38:07.0471 3428 [Global] - ok
21:38:07.0471 3428 ================ Scan MBR ==================================
21:38:07.0521 3428 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:38:12.0435 3428 \Device\Harddisk0\DR0 - ok
21:38:12.0435 3428 ================ Scan VBR ==================================
21:38:12.0465 3428 [ 1386D2B72BA265039A338906719DC0A5 ] \Device\Harddisk0\DR0\Partition1
21:38:12.0515 3428 \Device\Harddisk0\DR0\Partition1 - ok
21:38:12.0515 3428 ============================================================
21:38:12.0515 3428 Scan finished
21:38:12.0515 3428 ============================================================
21:38:12.0535 0508 Detected object count: 3
21:38:12.0535 0508 Actual detected object count: 3
21:38:33.0427 0508 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
21:38:33.0427 0508 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
21:38:33.0427 0508 AntiVirService ( LockedFile.Multi.Generic ) - skipped by user
21:38:33.0427 0508 AntiVirService ( LockedFile.Multi.Generic ) - User select action: Skip
21:38:33.0427 0508 MBAMService ( LockedFile.Multi.Generic ) - skipped by user
21:38:33.0427 0508 MBAMService ( LockedFile.Multi.Generic ) - User select action: Skip
21:38:36.0777 3244 Deinitialize success

1:Stiahni SecurityCheck
Ulož ho na plochu.
Dvakrát kliknite SecurityCheck.exe a postupujte podľa pokynov na obrazovke .
po skonceni skenu Notepad sa automaticky otvorí s názvom checkup.txt,obsah vloz sem.

2:Stiahnite si AdwCleaner
Ulož ho na plochu.

Zatvorte všetky otvorené programy a internetové prehliadače.
Dvakrát kliknite na AdwCleaner.exe na spustenie nástroja.
Klikni na Delete.
Potvrďte zakaždým s Ok.
Počítač sa automaticky reštartuje.
Textový súbor sa otvorí po reštarte.
Ak nie nájsť logfile na C: \ AdwCleaner [S1] txt .
Obsah vloz sem.

3: Stiahni RogueKiller . RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

Zatvor vsetky programy
Ak pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dajte Run As Administrator ci Spustiť ako správca
Pockaj na dokončení PreScan
Vyber polozku Prehľadať (scan)
Pockas kym prebehne (scan)
Potom klikni na ""Zmazať"" - vykoná zmazanie nálezov.
Po dokončení klikni na Správa (Report) - otvorí sa log, ten sem vloz
Detailný postup http://forum.viry.cz/viewtopic.php?f=24 ... 1#p1097961

Results of screen317's Security Check version 0.99.51
Windows 7 Service Pack 1 x86 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
Windows Firewall Enabled!
WMI entry may not exist for antivirus; attempting automatic update.
Avira successfully updated!
`````````Anti-malware/Other Utilities Check:`````````
Out of date HijackThis installed!
Malwarebytes Anti-Malware verze 1.60.1.1000
HijackThis 2.0.2
JavaFX 2.1.1
Java(TM) 6 Update 26
Java 7 Update 7
Adobe Flash Player 10 Flash Player out of Date!
Adobe Flash Player 11.1.102.55
Google Chrome 12.0.742.91
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 4%
````````````````````End of Log``````````````````````

Preco nepokracujes podla navodu??

sorry zapomnel jsem odpovedet uz to jde ..... tam ty blbosti mi pomohli na to abych spustil antivir ... pak jsem poslal viry do .. pá a je to ! diky za pomoc !

ok, nemas zaco.