iexplore v procesech ale není nic vidět

Zpráva

#16 Příspěvek od **vyosek** » 12 říj 2014 16:50

Trvate na antiviru AVG - u nas neni moc obliben - vysoka zatez systemu, slabsi detekce

vipernj · #17 Příspěvek od **vipernj** » 13 říj 2014 14:36

Netrvam, free licence. Mohu nainstalovat nod32, nazor?

#18 Příspěvek od **vyosek** » 13 říj 2014 20:39

NOD32 je placeny, pokud si chcete licenci radne zakoupit, proc ne. Z bezplatnych variant doporucuji Avast Free.

Provedte tedy vymenu a pak dejte novy log z FRST

vipernj · #19 Příspěvek od **vipernj** » 31 říj 2014 16:46

Tak jo konečně jsem se k tomu dostal tady to je ... jinak avast mi pořad haže hlašky že zablokoval nebezpečnou stranku.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-10-2014 01
Ran by wwwwww (administrator) on WWWWWW-PC on 31-10-2014 16:21:14
Running from C:\Users\wwwwww\Desktop
Loaded Profile: wwwwww (Available profiles: wwwwww & fbwuser)
Platform: Windows 7 Professional (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdcBase.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(http://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Google Inc.) C:\Users\wwwwww\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\wwwwww\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\wwwwww\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\wwwwww\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\wwwwww\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\wwwwww\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\wwwwww\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\wwwwww\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\wwwwww\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\wwwwww\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Users\wwwwww\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\wwwwww\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdcBase.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [3019376 2011-02-22] (VIA)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5223016 2014-10-27] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Startup: C:\Users\wwwwww\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Thunderbird.lnk
ShortcutTarget: Mozilla Thunderbird.lnk -> D:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\wwwwww\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\wwwwww\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\wwwwww\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\wwwwww\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\wwwwww\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\wwwwww\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\wwwwww\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: localhost:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mysearchresults.com/?c=3513&t=01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKLM-x32 - Default Value = {FE69C007-C452-4d3e-86D2-1730DF8BC871}
URLSearchHook: HKCU - Default Value = {FE69C007-C452-4d3e-86D2-1730DF8BC871}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {4AE2DD70-9BBD-4b7b-B081-442E65671A10} URL = http://www.google.com/cse?cx=partner-pu ... earchTerms}
SearchScopes: HKCU - {4AE2DD70-9BBD-4b7b-B081-442E65671A10} URL = http://www.google.com/cse?cx=partner-pu ... earchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: No Name -> {B7154C4D-87C0-4A2C-AB64-DA132BAC2EE6} -> No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\wwwwww\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\wwwwww\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin -> C:\Users\wwwwww\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\wwwwww\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppluginrichmediaplayer.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\wwwwww\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\wwwwww\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\wwwwww\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-10-27]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

Chrome:
=======
CHR Profile: C:\Users\wwwwww\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (DownloadAll) - C:\Users\wwwwww\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajffocjdcmpgjmdfdfkdfdbkjafbkcke [2014-01-29]
CHR Extension: (James White) - C:\Users\wwwwww\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm [2014-01-29]
CHR Extension: (Avast Online Security) - C:\Users\wwwwww\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-10-27]
CHR Extension: (Peněženka Google) - C:\Users\wwwwww\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-01]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-27]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-27] (AVAST Software)
S4 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [345984 2014-07-12] ()
S4 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [File not signed]
S4 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2012-09-04] (Creative Labs) [File not signed]
S4 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2012-09-04] (Creative Labs) [File not signed]
S4 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2009-02-23] (Creative Technology Ltd) [File not signed]
R2 DokanMounter; C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe [14848 2011-01-10] () [File not signed]
S4 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [117760 2012-11-21] (Dassault Systèmes) [File not signed]
S4 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2012-12-22] (Macrovision Europe Ltd.) [File not signed]
S4 HideMyIpSRV; C:\Program Files (x86)\Hide My IP 6\HideMyIpSRV.exe [3849216 2014-05-07] (Hide My IP) [File not signed]
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)
S4 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [625816 2012-06-22] (Pandora.TV)
S4 Sound Blaster X-Fi MB Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe [79360 2012-09-04] (Creative Labs) [File not signed]
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1146304 2014-05-13] (Crawler.com)
S4 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S4 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [821720 2012-11-25] (Mister Group)
S4 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-02-17] (VIA Technologies, Inc.)
S4 wxpSvc; C:\Program Files (x86)\wLite\wService.exe [3465728 2009-09-22] (Moonware Studios) [File not signed]
S4 MySQL; "C:\Program Files (x86)\MySQL\MySQL Server 5.5\bin\mysqld" --defaults-file="C:\Program Files (x86)\MySQL\MySQL Server 5.5\my.ini" MySQL

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-10-27] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [82768 2014-10-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-10-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-10-27] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1049920 2014-10-27] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-10-27] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-10-27] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-10-27] ()
R2 Dokan; C:\Windows\system32\drivers\dokan.sys [120408 2011-01-10] (Windows (R) Win 7 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-09-07] (DT Soft Ltd)
S3 EagleX64; No ImagePath
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [46792 2013-06-21] (AnchorFree Inc.)
S3 Huawei; No ImagePath
S3 hwdatacard; No ImagePath
S3 hwusbdev; No ImagePath
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2012-12-19] (Duplex Secure Ltd.)
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2014-10-05] (Windows (R) Win 7 DDK provider)
S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.)
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
U3 a9ep7zg3; C:\Windows\System32\Drivers\a9ep7zg3.sys [0 ] (Advanced Micro Devices)
U3 afqkoce4; C:\Windows\System32\Drivers\afqkoce4.sys [0 ] (Advanced Micro Devices)
S3 Cardex; \??\C:\Windows\SysWOW64\drivers\TBPANELX64.SYS [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-31 16:21 - 2014-10-31 16:22 - 00022786 _____ () C:\Users\wwwwww\Desktop\FRST.txt
2014-10-31 16:16 - 2014-10-31 16:16 - 00000000 ____D () C:\Users\wwwwww\Desktop\FRST-OlderVersion
2014-10-27 22:13 - 2014-10-31 16:20 - 00003832 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1379859480
2014-10-27 22:03 - 2014-10-27 22:02 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-10-27 22:02 - 2014-10-27 22:02 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-10-27 22:02 - 2014-10-27 22:02 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-10-27 22:02 - 2014-10-27 22:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-27 22:01 - 2014-10-27 22:01 - 00002098 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2014-10-27 22:01 - 2014-10-27 22:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-10-27 22:01 - 2014-10-27 22:00 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-10-27 22:01 - 2014-10-27 22:00 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-10-27 22:01 - 2014-10-27 22:00 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-10-27 22:01 - 2014-10-27 22:00 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-10-27 21:59 - 2014-10-27 21:59 - 00001066 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-10-27 21:59 - 2014-10-27 21:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-10-27 21:51 - 2014-10-27 21:51 - 00000000 ____D () C:\Users\wwwwww\AppData\Roaming\AVAST Software
2014-10-27 21:47 - 2014-10-29 20:43 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-10-27 21:47 - 2014-10-27 21:47 - 01049920 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-10-27 21:47 - 2014-10-27 21:47 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-10-27 21:47 - 2014-10-27 21:47 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-10-27 21:47 - 2014-10-27 21:47 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-10-27 21:47 - 2014-10-27 21:47 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-10-27 21:47 - 2014-10-27 21:47 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-10-27 21:47 - 2014-10-27 21:47 - 00082768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-10-27 21:47 - 2014-10-27 21:47 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-10-27 21:47 - 2014-10-27 21:47 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-10-27 21:47 - 2014-10-27 21:47 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-10-27 21:47 - 2014-10-27 21:47 - 00001964 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-10-27 21:47 - 2014-10-27 21:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-10-27 21:44 - 2014-10-27 21:44 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-10-27 21:44 - 2014-10-27 21:44 - 00000000 ____D () C:\Program Files\AVAST Software
2014-10-27 21:43 - 2014-10-27 21:43 - 04862664 _____ (AVAST Software) C:\Users\wwwwww\Downloads\avast_free_antivirus_setup_online.exe
2014-10-26 21:50 - 2014-10-26 22:03 - 730714112 _____ () C:\Users\wwwwww\Downloads\Lemra-Lina-cz.avi
2014-10-26 21:39 - 2014-10-26 21:39 - 00083710 _____ () C:\Users\wwwwww\Downloads\D5CC.tmp
2014-10-26 21:03 - 2014-10-26 21:22 - 1026817972 _____ () C:\Users\wwwwww\Downloads\Cheech-and-Chongs---Up-in-smoke-CZ-titulky-(Natally26).avi
2014-10-25 22:18 - 2014-10-25 22:38 - 1106035060 _____ () C:\Users\wwwwww\Downloads\bruno.2009.cz.dabing.avi
2014-10-24 22:51 - 2014-10-24 22:58 - 364824576 _____ () C:\Users\wwwwww\Downloads\Upíří-deníky-(The-Vampire-diaries)-6x04-CZ-titulky.avi
2014-10-23 23:49 - 2014-10-24 00:28 - 992791930 _____ () C:\Users\wwwwww\Downloads\Voda-pro-slony-CZ-2011.avi
2014-10-23 23:48 - 2014-10-24 00:26 - 775979146 _____ () C:\Users\wwwwww\Downloads\A-co-když-je-to-pravda-CZ-dabing-super-kvalita.avi
2014-10-23 23:48 - 2014-10-24 00:20 - 485658876 _____ () C:\Users\wwwwww\Downloads\láska-nebeská-cz-dab-hugh-grant-'03'.avi
2014-10-22 00:27 - 2014-10-22 00:39 - 672841734 _____ () C:\Users\wwwwww\Downloads\Borat---Nakoukání-do-amerycké-kultůry-na-obědnávku-slavnoj-kazašskoj-národu-(2006).avi
2014-10-18 23:18 - 2014-10-18 23:24 - 364838912 _____ () C:\Users\wwwwww\Downloads\Upíří-deníky-(The-Vampire-diaries)-6x03-CZ-titulky.avi
2014-10-12 15:36 - 2014-10-12 15:36 - 00000222 _____ () C:\Users\wwwwww\Desktop\Space Engineers.url
2014-10-12 15:21 - 2014-10-12 15:21 - 00001698 _____ () C:\Users\wwwwww\Downloads\SpaceEngineers-Dedicated.cfg
2014-10-11 22:29 - 2014-10-11 22:36 - 367558796 _____ () C:\Users\wwwwww\Downloads\The-Vampire-Diaries-6x02-CZ-titulky.avi
2014-10-06 20:43 - 2014-10-06 21:55 - 1130187619 _____ () C:\Users\wwwwww\Downloads\hubena-osmnactka.mp4
2014-10-05 19:42 - 2014-10-05 19:43 - 00043670 _____ () C:\Users\wwwwww\Desktop\Addition.txt
2014-10-05 19:40 - 2014-10-31 16:21 - 00000000 ____D () C:\FRST
2014-10-05 19:39 - 2014-10-31 16:16 - 02113536 _____ (Farbar) C:\Users\wwwwww\Desktop\FRST64.exe
2014-10-05 18:45 - 2014-10-05 18:45 - 00024055 _____ () C:\ComboFix.txt
2014-10-05 12:48 - 2014-10-05 12:48 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2014-10-05 12:47 - 2014-10-05 13:01 - 00000000 ____D () C:\ProgramData\Spyware Terminator
2014-10-05 12:47 - 2014-10-05 12:48 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
2014-10-05 12:47 - 2014-10-05 12:47 - 00001038 _____ () C:\Users\Public\Desktop\Spyware Terminator 2012.lnk
2014-10-05 12:47 - 2014-10-05 12:47 - 00000000 ____D () C:\Users\wwwwww\AppData\Roaming\Spyware Terminator
2014-10-05 12:47 - 2014-10-05 12:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2012
2014-10-05 12:46 - 2014-10-05 12:46 - 01070648 _____ (Crawler, LLC ) C:\Users\wwwwww\Downloads\SpywareTerminatorSetup.exe
2014-10-05 12:36 - 2014-10-05 12:43 - 364820480 _____ () C:\Users\wwwwww\Downloads\Upíří-deníky-(The-Vampire-diaries)-6x01-CZ-titulky.avi
2014-10-05 12:30 - 2014-10-05 12:30 - 00001423 _____ () C:\Users\wwwwww\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-05 12:30 - 2014-10-05 12:30 - 00001389 _____ () C:\Users\wwwwww\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-10-04 23:24 - 2014-10-04 23:25 - 00000000 ____D () C:\4C1E.tmp
2014-10-04 20:25 - 2014-10-04 20:25 - 00000000 ____D () C:\Program Files\Microsoft Games
2014-10-04 13:27 - 2014-10-04 13:28 - 00000000 ____D () C:\271B.tmp
2014-10-04 09:51 - 2014-10-04 09:52 - 00000000 ____D () C:\5BAB.tmp
2014-10-04 08:44 - 2014-10-04 23:25 - 00000362 _____ () C:\runcheck.txt
2014-10-04 08:44 - 2014-10-04 08:45 - 00000000 ____D () C:\C242.tmp
2014-10-04 08:44 - 2014-10-04 08:44 - 00000000 ____D () C:\zoek_backup
2014-10-03 21:59 - 2014-10-03 22:12 - 00000000 ____D () C:\AdwCleaner
2014-10-03 21:57 - 2014-10-03 21:57 - 01375089 _____ () C:\Users\wwwwww\Desktop\adwcleaner_3.311.exe
2014-10-02 23:02 - 2014-10-02 23:02 - 00000000 ____D () C:\Users\wwwwww\AppData\Local\Macromedia
2014-10-02 22:21 - 2014-10-05 19:37 - 00000000 ____D () C:\Windows\erdnt
2014-10-02 19:50 - 2014-10-02 19:50 - 137973066 _____ () C:\Users\wwwwww\Desktop\Salamandra---Imperatus-(2014).rar

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-31 16:20 - 2013-09-22 15:18 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-10-31 16:20 - 2009-07-14 05:45 - 00014448 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-31 16:20 - 2009-07-14 05:45 - 00014448 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-31 16:16 - 2012-09-05 00:45 - 01117746 _____ () C:\Windows\WindowsUpdate.log
2014-10-31 16:11 - 2009-07-14 05:51 - 00131950 _____ () C:\Windows\setupact.log
2014-10-31 16:10 - 2012-09-05 13:28 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-31 16:10 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-29 21:54 - 2012-09-06 21:53 - 00000000 ____D () C:\Users\wwwwww\AppData\Roaming\TS3Client
2014-10-29 20:47 - 2009-07-14 16:18 - 00666922 _____ () C:\Windows\system32\perfh005.dat
2014-10-29 20:47 - 2009-07-14 16:18 - 00140100 _____ () C:\Windows\system32\perfc005.dat
2014-10-29 20:47 - 2009-07-14 06:13 - 01578746 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-29 20:42 - 2013-10-09 23:27 - 00000000 ____D () C:\Users\wwwwww\AppData\Local\TSVNCache
2014-10-29 20:40 - 2012-12-29 19:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-29 20:40 - 2012-09-07 09:00 - 00000000 ____D () C:\Program Files (x86)\WinRAR
2014-10-29 20:40 - 2012-09-04 19:04 - 00657848 _____ () C:\Windows\PFRO.log
2014-10-27 22:04 - 2014-08-20 23:39 - 00000000 ____D () C:\Users\wwwwww\AppData\Local\Adobe
2014-10-27 22:04 - 2012-09-05 00:59 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-10-27 22:02 - 2013-08-14 21:14 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-27 22:01 - 2012-12-29 19:54 - 00002086 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2014-10-27 21:58 - 2012-09-07 09:00 - 00000000 ____D () C:\Users\wwwwww\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-10-27 21:58 - 2012-09-07 09:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-10-26 22:55 - 2014-04-28 12:54 - 00000000 ____D () C:\Users\wwwwww\Desktop\meme
2014-10-26 22:17 - 2013-10-24 19:50 - 00000000 ____D () C:\Users\wwwwww\Desktop\kača
2014-10-16 17:52 - 2014-09-26 09:02 - 00000000 ____D () C:\ProgramData\MFAData
2014-10-14 11:42 - 2013-10-24 20:27 - 00000000 ____D () C:\Users\wwwwww\AppData\Local\CrashDumps
2014-10-13 18:23 - 2012-09-06 12:08 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-10-12 18:13 - 2013-12-05 13:49 - 00000000 ____D () C:\Users\wwwwww\Desktop\PMSC
2014-10-12 15:24 - 2012-12-29 19:51 - 00000400 _____ () C:\Users\wwwwww\Desktop\hes.txt
2014-10-12 13:08 - 2014-07-20 16:50 - 00000000 ____D () C:\Users\wwwwww\AppData\Roaming\SpaceEngineers
2014-10-12 13:07 - 2012-09-05 13:25 - 00169214 _____ () C:\Windows\DirectX.log
2014-10-06 01:23 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-10-05 19:56 - 2012-12-17 06:40 - 00000000 ____D () C:\Users\wwwwww\AppData\Roaming\Skype
2014-10-05 18:36 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-10-05 18:32 - 2009-07-14 03:34 - 70385664 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-10-05 18:32 - 2009-07-14 03:34 - 29622272 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-10-05 18:32 - 2009-07-14 03:34 - 04980736 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-10-05 18:32 - 2009-07-14 03:34 - 00065536 _____ () C:\Windows\system32\config\SAM.bak
2014-10-05 18:32 - 2009-07-14 03:34 - 00028672 _____ () C:\Windows\system32\config\SECURITY.bak
2014-10-03 22:06 - 2012-09-07 22:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-02 23:02 - 2014-09-16 14:59 - 00000000 ____D () C:\Windows\WindowsMobile
2014-10-02 23:01 - 2014-05-02 13:44 - 00000000 ____D () C:\Users\wwwwww\Downloads\faithful32pack
2014-10-02 22:06 - 2014-01-12 11:56 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-10-01 21:35 - 2013-03-30 12:26 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy

Some content of TEMP:
====================
C:\Users\wwwwww\AppData\Local\Temp\SkypeSetup.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-10-25 23:37

==================== End Of Log ============================

#20 Příspěvek od **vyosek** » 01 lis 2014 17:07

Odinstalujte Spyware Terminator, kolidoval by s Avastem

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
CloseProcesses:

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

ProxyServer: localhost:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mysearchresults.com/?c=3513&t=01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKLM-x32 - Default Value = {FE69C007-C452-4d3e-86D2-1730DF8BC871}
URLSearchHook: HKCU - Default Value = {FE69C007-C452-4d3e-86D2-1730DF8BC871}
SearchScopes: HKCU - DefaultScope {4AE2DD70-9BBD-4b7b-B081-442E65671A10} URL = http://www.google.com/cse?cx=partner-pu ... 6579318&q={searchTerms}
SearchScopes: HKCU - {4AE2DD70-9BBD-4b7b-B081-442E65671A10} URL = http://www.google.com/cse?cx=partner-pu ... 6579318&q={searchTerms}

BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation))BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: No Name -> {B7154C4D-87C0-4A2C-AB64-DA132BAC2EE6} -> No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

S3 EagleX64; No ImagePath
S3 Huawei; No ImagePath
S3 hwdatacard; No ImagePath
S3 hwusbdev; No ImagePath
U3 a9ep7zg3; C:\Windows\System32\Drivers\a9ep7zg3.sys [0 ] (Advanced Micro Devices)
U3 afqkoce4; C:\Windows\System32\Drivers\afqkoce4.sys [0 ] (Advanced Micro Devices)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

2014-10-31 16:21 - 2014-10-31 16:22 - 00022786 _____ () C:\Users\wwwwww\Desktop\FRST.txt
2014-10-31 16:16 - 2014-10-31 16:16 - 00000000 ____D () C:\Users\wwwwww\Desktop\FRST-OlderVersion
2014-10-27 21:43 - 2014-10-27 21:43 - 04862664 _____ (AVAST Software) C:\Users\wwwwww\Downloads\avast_free_antivirus_setup_online.exe
2014-10-05 19:42 - 2014-10-05 19:43 - 00043670 _____ () C:\Users\wwwwww\Desktop\Addition.txt
2014-10-05 12:47 - 2014-10-05 13:01 - 00000000 ____D () C:\ProgramData\Spyware Terminator
2014-10-05 12:47 - 2014-10-05 12:48 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
2014-10-05 12:47 - 2014-10-05 12:47 - 00001038 _____ () C:\Users\Public\Desktop\Spyware Terminator 2012.lnk
2014-10-05 12:47 - 2014-10-05 12:47 - 00000000 ____D () C:\Users\wwwwww\AppData\Roaming\Spyware Terminator
2014-10-05 12:47 - 2014-10-05 12:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2012
2014-10-05 12:46 - 2014-10-05 12:46 - 01070648 _____ (Crawler, LLC ) C:\Users\wwwwww\Downloads\SpywareTerminatorSetup.exe
2014-10-04 23:24 - 2014-10-04 23:25 - 00000000 ____D () C:\4C1E.tmp
2014-10-04 13:27 - 2014-10-04 13:28 - 00000000 ____D () C:\271B.tmp
2014-10-04 09:51 - 2014-10-04 09:52 - 00000000 ____D () C:\5BAB.tmp
2014-10-04 08:44 - 2014-10-04 23:25 - 00000362 _____ () C:\runcheck.txt
2014-10-04 08:44 - 2014-10-04 08:45 - 00000000 ____D () C:\C242.tmp
2014-10-04 08:44 - 2014-10-04 08:44 - 00000000 ____D () C:\zoek_backup
2014-10-03 21:59 - 2014-10-03 22:12 - 00000000 ____D () C:\AdwCleaner
2014-10-03 21:57 - 2014-10-03 21:57 - 01375089 _____ () C:\Users\wwwwww\Desktop\adwcleaner_3.311.exe
2014-10-02 22:21 - 2014-10-05 19:37 - 00000000 ____D () C:\Windows\erdnt

Hosts:
EmptyTemp:
Reboot:
End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

vipernj · #21 Příspěvek od **vipernj** » 01 lis 2014 20:30

Tady to je (problém přetrvává)

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-11-2014
Ran by wwwwww at 2014-11-01 20:18:08 Run:1
Running from C:\Users\wwwwww\Desktop
Loaded Profile: wwwwww (Available profiles: wwwwww & fbwuser)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

ProxyServer: localhost:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mysearchresults.com/?c=3513&t=01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKLM-x32 - Default Value = {FE69C007-C452-4d3e-86D2-1730DF8BC871}
URLSearchHook: HKCU - Default Value = {FE69C007-C452-4d3e-86D2-1730DF8BC871}
SearchScopes: HKCU - DefaultScope {4AE2DD70-9BBD-4b7b-B081-442E65671A10} URL = http://www.google.com/cse?cx=partner-pu ... 6579318&q={searchTerms}
SearchScopes: HKCU - {4AE2DD70-9BBD-4b7b-B081-442E65671A10} URL = http://www.google.com/cse?cx=partner-pu ... 6579318&q={searchTerms}

BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation))BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: No Name -> {B7154C4D-87C0-4A2C-AB64-DA132BAC2EE6} -> No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

S3 EagleX64; No ImagePath
S3 Huawei; No ImagePath
S3 hwdatacard; No ImagePath
S3 hwusbdev; No ImagePath
U3 a9ep7zg3; C:\Windows\System32\Drivers\a9ep7zg3.sys [0 ] (Advanced Micro Devices)
U3 afqkoce4; C:\Windows\System32\Drivers\afqkoce4.sys [0 ] (Advanced Micro Devices)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

2014-10-31 16:21 - 2014-10-31 16:22 - 00022786 _____ () C:\Users\wwwwww\Desktop\FRST.txt
2014-10-31 16:16 - 2014-10-31 16:16 - 00000000 ____D () C:\Users\wwwwww\Desktop\FRST-OlderVersion
2014-10-27 21:43 - 2014-10-27 21:43 - 04862664 _____ (AVAST Software) C:\Users\wwwwww\Downloads\avast_free_antivirus_setup_online.exe
2014-10-05 19:42 - 2014-10-05 19:43 - 00043670 _____ () C:\Users\wwwwww\Desktop\Addition.txt
2014-10-05 12:47 - 2014-10-05 13:01 - 00000000 ____D () C:\ProgramData\Spyware Terminator
2014-10-05 12:47 - 2014-10-05 12:48 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
2014-10-05 12:47 - 2014-10-05 12:47 - 00001038 _____ () C:\Users\Public\Desktop\Spyware Terminator 2012.lnk
2014-10-05 12:47 - 2014-10-05 12:47 - 00000000 ____D () C:\Users\wwwwww\AppData\Roaming\Spyware Terminator
2014-10-05 12:47 - 2014-10-05 12:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2012
2014-10-05 12:46 - 2014-10-05 12:46 - 01070648 _____ (Crawler, LLC ) C:\Users\wwwwww\Downloads\SpywareTerminatorSetup.exe
2014-10-04 23:24 - 2014-10-04 23:25 - 00000000 ____D () C:\4C1E.tmp
2014-10-04 13:27 - 2014-10-04 13:28 - 00000000 ____D () C:\271B.tmp
2014-10-04 09:51 - 2014-10-04 09:52 - 00000000 ____D () C:\5BAB.tmp
2014-10-04 08:44 - 2014-10-04 23:25 - 00000362 _____ () C:\runcheck.txt
2014-10-04 08:44 - 2014-10-04 08:45 - 00000000 ____D () C:\C242.tmp
2014-10-04 08:44 - 2014-10-04 08:44 - 00000000 ____D () C:\zoek_backup
2014-10-03 21:59 - 2014-10-03 22:12 - 00000000 ____D () C:\AdwCleaner
2014-10-03 21:57 - 2014-10-03 21:57 - 01375089 _____ () C:\Users\wwwwww\Desktop\adwcleaner_3.311.exe
2014-10-02 22:21 - 2014-10-05 19:37 - 00000000 ____D () C:\Windows\erdnt

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Value not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\ => value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\ => value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4AE2DD70-9BBD-4b7b-B081-442E65671A10}" => Key deleted successfully.
"HKCR\CLSID\{4AE2DD70-9BBD-4b7b-B081-442E65671A10}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
"HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B7154C4D-87C0-4A2C-AB64-DA132BAC2EE6}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{B7154C4D-87C0-4A2C-AB64-DA132BAC2EE6}" => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value deleted successfully.
"HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => Key not found.
HKLM\Software\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com => value deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com => value deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl" => Key deleted successfully.
C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx => Moved successfully.
EagleX64 => Service deleted successfully.
Huawei => Service deleted successfully.
hwdatacard => Service deleted successfully.
hwusbdev => Service deleted successfully.
a9ep7zg3 => Service not found.
afqkoce4 => Service not found.
catchme => Service deleted successfully.
C:\Users\wwwwww\Desktop\FRST.txt => Moved successfully.
C:\Users\wwwwww\Desktop\FRST-OlderVersion => Moved successfully.
C:\Users\wwwwww\Downloads\avast_free_antivirus_setup_online.exe => Moved successfully.
C:\Users\wwwwww\Desktop\Addition.txt => Moved successfully.
"C:\ProgramData\Spyware Terminator" => File/Directory not found.
"C:\Program Files (x86)\Spyware Terminator" => File/Directory not found.
"C:\Users\Public\Desktop\Spyware Terminator 2012.lnk" => File/Directory not found.
"C:\Users\wwwwww\AppData\Roaming\Spyware Terminator" => File/Directory not found.
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2012" => File/Directory not found.
C:\Users\wwwwww\Downloads\SpywareTerminatorSetup.exe => Moved successfully.
C:\4C1E.tmp => Moved successfully.
C:\271B.tmp => Moved successfully.
C:\5BAB.tmp => Moved successfully.
C:\runcheck.txt => Moved successfully.
C:\C242.tmp => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\wwwwww\Desktop\adwcleaner_3.311.exe => Moved successfully.
C:\Windows\erdnt => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 297.3 MB temporary data.

The system needed a reboot.

==== End of Fixlog ====

#22 Příspěvek od **vyosek** » 02 lis 2014 08:25

Odinstalujte Chrome

Pak dle tohoto smazte profil https://support.google.com/chrome/answer/142059?hl=cs - neprejmenovavejte, smazte

Nainstalujte Chrome a napiste stav

vipernj · #23 Příspěvek od **vipernj** » 02 lis 2014 09:43

Proveden reinstal a smazaní. Problem přetrvává víc než kdy dříve.

#24 Příspěvek od **vyosek** » 02 lis 2014 09:47

Stahnete si TDSSKiller http://media.kaspersky.com/utilities/Vi ... killer.exe

Po spusteni odsouhlaste licencni podminky (klik na Accept)
Kliknete na volbu Change parametrs
V okne Additional Option zakliknete vsechny moznosti
Kliknete na OK
Utilite prikazte, at skenuje - klik na Start Scan
Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip
Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip
Pokud mate vsude Skip, kliknete na Continue
Na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt bude log - jeho obsah sem vlozte

Stahnete Malwarebytes Anti-Rootkit http://www.bleepingcomputer.com/downloa ... i-rootkit/

Ulozte nejlepe na Plochu a rozbalte
Spustte kliknutim na mbar
Nyni postupne kliknete na Next a Update
Po dokonceni update (aktualizace) databaze kliknete opet na Next
Nechte zaskrtnute vsechny tri moznosti a klinete na Scan cimz spustite prohledavani PC
Po dokonceni skenu (cca 5 minutek) zkontrolujte, zda-li je u vsech nalezu (samozrejme pokud budou) zatrzitko
Tez zkontrolujte, jetsli je zatrzitko u Create Restore point
Nyni kliknete na CleanUp cimz nalezenou infekci odstranime
PC bude restartovan
Slozka mbar by mela obsahovat log (a zrejme se i sam otevre) mbar-log-rok-mesic-den (hodina-minuta-sekunda).txt, ten mi sem dejte

vipernj · #25 Příspěvek od **vipernj** » 02 lis 2014 10:04

tady je první jdu na druhý
09:55:31.0015 0x0e80 TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
09:55:31.0390 0x0e80 ============================================================
09:55:31.0390 0x0e80 Current date / time: 2014/11/02 09:55:31.0390
09:55:31.0390 0x0e80 SystemInfo:
09:55:31.0390 0x0e80
09:55:31.0390 0x0e80 OS Version: 6.1.7600 ServicePack: 0.0
09:55:31.0390 0x0e80 Product type: Workstation
09:55:31.0390 0x0e80 ComputerName: WWWWWW-PC
09:55:31.0390 0x0e80 UserName: wwwwww
09:55:31.0390 0x0e80 Windows directory: C:\Windows
09:55:31.0390 0x0e80 System windows directory: C:\Windows
09:55:31.0390 0x0e80 Running under WOW64
09:55:31.0390 0x0e80 Processor architecture: Intel x64
09:55:31.0390 0x0e80 Number of processors: 2
09:55:31.0390 0x0e80 Page size: 0x1000
09:55:31.0390 0x0e80 Boot type: Normal boot
09:55:31.0390 0x0e80 ============================================================
09:55:31.0390 0x0e80 BG loaded
09:55:37.0484 0x0e80 System UUID: {645BB46D-D1DA-6F5B-741E-15588A27B9E4}
09:55:39.0078 0x0e80 Drive \Device\Harddisk2\DR2 - Size: 0x25433D6000 ( 149.05 Gb ), SectorSize: 0x200, Cylinders: 0x50C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
09:55:39.0093 0x0e80 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 ( 74.53 Gb ), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:55:39.0140 0x0e80 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:55:39.0218 0x0e80 ============================================================
09:55:39.0218 0x0e80 \Device\Harddisk2\DR2:
09:55:39.0218 0x0e80 MBR partitions:
09:55:39.0218 0x0e80 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x9857B11
09:55:39.0218 0x0e80 \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x9857B8F, BlocksNum 0x91BD071
09:55:39.0218 0x0e80 \Device\Harddisk0\DR0:
09:55:39.0250 0x0e80 MBR partitions:
09:55:39.0250 0x0e80 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
09:55:39.0250 0x0e80 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x94DC800
09:55:39.0250 0x0e80 \Device\Harddisk1\DR1:
09:55:39.0250 0x0e80 MBR partitions:
09:55:39.0250 0x0e80 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A384800
09:55:39.0250 0x0e80 ============================================================
09:55:39.0453 0x0e80 C: <-> \Device\Harddisk0\DR0\Partition2
09:55:39.0468 0x0e80 D: <-> \Device\Harddisk1\DR1\Partition1
09:55:39.0484 0x0e80 E: <-> \Device\Harddisk2\DR2\Partition1
09:55:39.0515 0x0e80 F: <-> \Device\Harddisk2\DR2\Partition2
09:55:39.0515 0x0e80 ============================================================
09:55:39.0515 0x0e80 Initialize success
09:55:39.0515 0x0e80 ============================================================
09:55:53.0875 0x0f2c ============================================================
09:55:53.0875 0x0f2c Scan started
09:55:53.0875 0x0f2c Mode: Manual; SigCheck; TDLFS;
09:55:53.0875 0x0f2c ============================================================
09:55:53.0875 0x0f2c KSN ping started
09:55:56.0578 0x0f2c KSN ping finished: true
09:56:54.0234 0x0f2c ================ Scan system memory ========================
09:56:54.0234 0x0f2c System memory - ok
09:56:54.0250 0x0f2c ================ Scan services =============================
09:56:55.0359 0x0f2c [ 1B00662092F9F9568B995902F0CC40D5, D345014CF146FA57B2682C189D5E7F27D4C78F321F2723D912D623E777C2BB70 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
09:56:55.0578 0x0f2c 1394ohci - ok
09:56:55.0765 0x0f2c [ 6F11E88748CDEFD2F76AA215F97DDFE5, BD0B3561EDCDE5EFD89372793CFD09DF879709BF469542F4A049705CBA9FD060 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
09:56:55.0843 0x0f2c ACPI - ok
09:56:55.0875 0x0f2c [ 63B05A0420CE4BF0E4AF6DCC7CADA254, 56BCC219D6B886FD42B7D335B4A7BBA3C9BC148220CBD99F8583FB505DAE63BF ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
09:56:56.0031 0x0f2c AcpiPmi - ok
09:56:56.0250 0x0f2c [ B1EA9681502EE57F87DB71D726288A5B, D17BD2CFAE72E92C77D183331D5CBA0FEA893BF54875920870E271940F40A8BB ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:56:56.0343 0x0f2c AdobeARMservice - ok
09:56:56.0625 0x0f2c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
09:56:56.0796 0x0f2c adp94xx - ok
09:56:57.0046 0x0f2c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
09:56:57.0171 0x0f2c adpahci - ok
09:56:57.0375 0x0f2c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
09:56:57.0500 0x0f2c adpu320 - ok
09:56:57.0578 0x0f2c [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:56:57.0812 0x0f2c AeLookupSvc - ok
09:56:58.0500 0x0f2c [ DB9D6C6B2CD95A9CA414D045B627422E, A4A0B2ACBFE311C20EF9F06A49DBE02CE90433C2364B292F6E8F78F6C274DF88 ] AFD C:\Windows\system32\drivers\afd.sys
09:56:58.0625 0x0f2c AFD - ok
09:56:58.0734 0x0f2c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
09:56:58.0812 0x0f2c agp440 - ok
09:56:58.0937 0x0f2c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
09:56:59.0031 0x0f2c ALG - ok
09:56:59.0140 0x0f2c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
09:56:59.0234 0x0f2c aliide - ok
09:56:59.0265 0x0f2c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
09:56:59.0343 0x0f2c amdide - ok
09:56:59.0421 0x0f2c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
09:56:59.0593 0x0f2c AmdK8 - ok
09:56:59.0625 0x0f2c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
09:56:59.0734 0x0f2c AmdPPM - ok
09:56:59.0796 0x0f2c [ 7A4B413614C055935567CF88A9734D38, A3BB7CDF3EE0EEF67F89263E81145E73C7142EF5F0AF265375C2ECCE74F932C4 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
09:56:59.0859 0x0f2c amdsata - ok
09:56:59.0906 0x0f2c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
09:56:59.0968 0x0f2c amdsbs - ok
09:57:00.0015 0x0f2c [ B4AD0CACBAB298671DD6F6EF7E20679D, FB566C892D0A3DC0A523AE20F35011996958D670937DD5C1A1FCCD36AAC714D7 ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
09:57:00.0046 0x0f2c amdxata - ok
09:57:00.0078 0x0f2c [ 42FD751B27FA0E9C69BB39F39E409594, DE349CAA570957868CA1CB0BE0FAF551CD4D44FD53EBC4391B9C1C7B9CF295D2 ] AppID C:\Windows\system32\drivers\appid.sys
09:57:00.0187 0x0f2c AppID - ok
09:57:00.0281 0x0f2c [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:57:00.0437 0x0f2c AppIDSvc - ok
09:57:00.0468 0x0f2c [ D065BE66822847B7F127D1F90158376E, 20F911F390FF23C2C42361A449C4344DB59F1DC21EDD1E7EBC4E80914DEF7824 ] Appinfo C:\Windows\System32\appinfo.dll
09:57:00.0531 0x0f2c Appinfo - ok
09:57:00.0734 0x0f2c [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
09:57:00.0859 0x0f2c AppMgmt - ok
09:57:00.0890 0x0f2c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
09:57:00.0937 0x0f2c arc - ok
09:57:00.0968 0x0f2c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
09:57:01.0031 0x0f2c arcsas - ok
09:57:02.0031 0x0f2c [ 108FB6DDB69E537A2EA53F425363FAE5, B12A9F5338D39805E08A44A335FF7AA77F2266F535A2F5C8412CC746C75E5B1D ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:57:02.0562 0x0f2c aspnet_state - ok
09:57:02.0812 0x0f2c [ 001CFE1AE7A6377D70F654305ED10458, 02319F42082DD01715521BB01C63D93A783890F5EEF4F97E34401D6BF2537075 ] aswHwid C:\Windows\system32\drivers\aswHwid.sys
09:57:02.0859 0x0f2c aswHwid - ok
09:57:03.0062 0x0f2c [ CDE120D6279DD61B341CB871C48E5374, D9A5845F405D14268D5DCD54F88DB87FC4071042D65ED08F0F1687740F3E2657 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
09:57:03.0093 0x0f2c aswMonFlt - ok
09:57:03.0546 0x0f2c [ 6669541A3566F5B2F64A87ACC9B8821F, DD99968B1D78B55A6A19C8D494B7FB39ADF5175BD223B01E4C833AE10BBD019A ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys
09:57:03.0578 0x0f2c aswRdr - ok
09:57:03.0890 0x0f2c [ 60FED5EA7F14315C319E7FFB3679CC24, 19774A9C0DB86ED99434A194C9138682982EEFEA43CE33AB38985445C72B4C03 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
09:57:03.0968 0x0f2c aswRvrt - ok
09:57:04.0734 0x0f2c [ 56098BE0C735ED563C466CD835937993, D160FF497CF24B8302D4DDE8C91C9D298B4173B7250015D7E765D7E3FCB4E538 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
09:57:04.0828 0x0f2c aswSnx - ok
09:57:05.0218 0x0f2c [ 6FC940A01C53BC874F531349E991F2BC, C7D84127217D556D7722B0EBC38057C8DFA173265A6E1DBF89CA47379F061ED7 ] aswSP C:\Windows\system32\drivers\aswSP.sys
09:57:05.0281 0x0f2c aswSP - ok
09:57:05.0609 0x0f2c [ 7250DFE069F4CB68F736A12F51AC083E, 7422A030786F777E914E1D6C10BC9B94B03B4AA2A8F888FE948004B91C60CD07 ] aswStm C:\Windows\system32\drivers\aswStm.sys
09:57:05.0703 0x0f2c aswStm - ok
09:57:06.0531 0x0f2c [ 5EA98C99B780EE215401658BE5E217CA, A778F2E2414BD0C9C572BEAC1DD0A805ED1827A25D6208D650AEBCCEED4D6994 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
09:57:06.0671 0x0f2c aswVmm - ok
09:57:06.0843 0x0f2c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:57:07.0062 0x0f2c AsyncMac - ok
09:57:07.0171 0x0f2c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\DRIVERS\atapi.sys
09:57:07.0203 0x0f2c atapi - ok
09:57:07.0594 0x0f2c [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:57:07.0704 0x0f2c AudioEndpointBuilder - ok
09:57:08.0063 0x0f2c [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioSrv C:\Windows\System32\Audiosrv.dll
09:57:08.0172 0x0f2c AudioSrv - ok
09:57:09.0172 0x0f2c [ 5CE4F1E7D1BF789919DC7F2E7603C638, 604D4D824B9FE183B82637D212D7804DC88D6475383C1E6EE4269CAAD82E7C13 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
09:57:09.0204 0x0f2c avast! Antivirus - ok
09:57:09.0844 0x0f2c [ 7692F4B242E45870873CAF4CB85CF769, 9D28627FD73F62134792528A9D2F2FCCBB0FDD7E45D8D7D816B9FC3C07AE4CA2 ] AxAutoMntSrv C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
09:57:10.0110 0x0f2c AxAutoMntSrv - ok
09:57:10.0188 0x0f2c [ B20B5FA5CA050E9926E4D1DB81501B32, 91B9038349BA07E32DE809E6798167EE44087809EB1174B84EC16580040F1BE0 ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:57:10.0375 0x0f2c AxInstSV - ok
09:57:10.0579 0x0f2c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
09:57:10.0750 0x0f2c b06bdrv - ok
09:57:11.0000 0x0f2c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
09:57:11.0219 0x0f2c b57nd60a - ok
09:57:11.0375 0x0f2c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
09:57:11.0469 0x0f2c BDESVC - ok
09:57:11.0657 0x0f2c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
09:57:11.0844 0x0f2c Beep - ok
09:57:12.0422 0x0f2c [ 663C6E7F53A4F797EA5C946F2D1D834B, C60C7696056FF400A46FDDE82DAAB47767473E2D48D4F8FD85DAF7B706996713 ] BEService C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
09:57:12.0704 0x0f2c BEService - ok
09:57:13.0016 0x0f2c [ 4992C609A6315671463E30F6512BC022, 3020034556EAC25CD90F41D3BFFDD0BB2C3D1C5BAC4359F4B71B84A9FC404495 ] BFE C:\Windows\System32\bfe.dll
09:57:13.0266 0x0f2c BFE - ok
09:57:13.0813 0x0f2c [ 7F0C323FE3DA28AA4AA1BDA3F575707F, 7FF09CBC16A9E5F357A76FF79A3F0DD047957D474031F51A6BB4916C7911F005 ] BITS C:\Windows\System32\qmgr.dll
09:57:14.0157 0x0f2c BITS - ok
09:57:14.0516 0x0f2c Scan was interrupted by user!
09:57:14.0516 0x0f2c Waiting for KSN requests completion. In queue: 20
09:57:15.0516 0x0f2c Waiting for KSN requests completion. In queue: 20
09:57:16.0516 0x0f2c Waiting for KSN requests completion. In queue: 20
09:57:18.0235 0x0f2c AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.0.2206.692 ), 0x41000 ( enabled : updated )
09:57:19.0634 0x0f2c Win FW state via NFP2: enabled
09:57:22.0336 0x0f2c ============================================================
09:57:22.0336 0x0f2c Scan finished
09:57:22.0336 0x0f2c ============================================================
09:57:22.0344 0x0f24 Detected object count: 0
09:57:22.0344 0x0f24 Actual detected object count: 0
09:57:42.0612 0x0ec0 ============================================================
09:57:42.0612 0x0ec0 Scan started
09:57:42.0612 0x0ec0 Mode: Manual; SigCheck; TDLFS;
09:57:42.0612 0x0ec0 ============================================================
09:57:42.0612 0x0ec0 KSN ping started
09:57:45.0377 0x0ec0 KSN ping finished: true
09:58:07.0331 0x0ec0 ================ Scan system memory ========================
09:58:07.0331 0x0ec0 System memory - ok
09:58:07.0331 0x0ec0 ================ Scan services =============================
09:58:08.0018 0x0ec0 [ 1B00662092F9F9568B995902F0CC40D5, D345014CF146FA57B2682C189D5E7F27D4C78F321F2723D912D623E777C2BB70 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
09:58:08.0096 0x0ec0 1394ohci - ok
09:58:08.0159 0x0ec0 [ 6F11E88748CDEFD2F76AA215F97DDFE5, BD0B3561EDCDE5EFD89372793CFD09DF879709BF469542F4A049705CBA9FD060 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
09:58:08.0221 0x0ec0 ACPI - ok
09:58:08.0252 0x0ec0 [ 63B05A0420CE4BF0E4AF6DCC7CADA254, 56BCC219D6B886FD42B7D335B4A7BBA3C9BC148220CBD99F8583FB505DAE63BF ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
09:58:08.0315 0x0ec0 AcpiPmi - ok
09:58:08.0581 0x0ec0 [ B1EA9681502EE57F87DB71D726288A5B, D17BD2CFAE72E92C77D183331D5CBA0FEA893BF54875920870E271940F40A8BB ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:58:08.0627 0x0ec0 AdobeARMservice - ok
09:58:08.0831 0x0ec0 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
09:58:08.0893 0x0ec0 adp94xx - ok
09:58:08.0940 0x0ec0 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
09:58:09.0018 0x0ec0 adpahci - ok
09:58:09.0096 0x0ec0 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
09:58:09.0143 0x0ec0 adpu320 - ok
09:58:09.0206 0x0ec0 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:58:09.0299 0x0ec0 AeLookupSvc - ok
09:58:09.0534 0x0ec0 [ DB9D6C6B2CD95A9CA414D045B627422E, A4A0B2ACBFE311C20EF9F06A49DBE02CE90433C2364B292F6E8F78F6C274DF88 ] AFD C:\Windows\system32\drivers\afd.sys
09:58:09.0612 0x0ec0 AFD - ok
09:58:09.0674 0x0ec0 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
09:58:09.0706 0x0ec0 agp440 - ok
09:58:09.0752 0x0ec0 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
09:58:09.0799 0x0ec0 ALG - ok
09:58:09.0831 0x0ec0 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
09:58:09.0862 0x0ec0 aliide - ok
09:58:09.0877 0x0ec0 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
09:58:09.0909 0x0ec0 amdide - ok
09:58:09.0956 0x0ec0 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
09:58:10.0002 0x0ec0 AmdK8 - ok
09:58:10.0034 0x0ec0 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
09:58:10.0081 0x0ec0 AmdPPM - ok
09:58:10.0112 0x0ec0 [ 7A4B413614C055935567CF88A9734D38, A3BB7CDF3EE0EEF67F89263E81145E73C7142EF5F0AF265375C2ECCE74F932C4 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
09:58:10.0143 0x0ec0 amdsata - ok
09:58:10.0206 0x0ec0 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
09:58:10.0252 0x0ec0 amdsbs - ok
09:58:10.0268 0x0ec0 [ B4AD0CACBAB298671DD6F6EF7E20679D, FB566C892D0A3DC0A523AE20F35011996958D670937DD5C1A1FCCD36AAC714D7 ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
09:58:10.0299 0x0ec0 amdxata - ok
09:58:10.0315 0x0ec0 [ 42FD751B27FA0E9C69BB39F39E409594, DE349CAA570957868CA1CB0BE0FAF551CD4D44FD53EBC4391B9C1C7B9CF295D2 ] AppID C:\Windows\system32\drivers\appid.sys
09:58:10.0362 0x0ec0 AppID - ok
09:58:10.0424 0x0ec0 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:58:10.0487 0x0ec0 AppIDSvc - ok
09:58:10.0518 0x0ec0 [ D065BE66822847B7F127D1F90158376E, 20F911F390FF23C2C42361A449C4344DB59F1DC21EDD1E7EBC4E80914DEF7824 ] Appinfo C:\Windows\System32\appinfo.dll
09:58:10.0581 0x0ec0 Appinfo - ok
09:58:10.0643 0x0ec0 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
09:58:10.0706 0x0ec0 AppMgmt - ok
09:58:10.0737 0x0ec0 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
09:58:10.0768 0x0ec0 arc - ok
09:58:10.0799 0x0ec0 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
09:58:10.0831 0x0ec0 arcsas - ok
09:58:11.0237 0x0ec0 [ 108FB6DDB69E537A2EA53F425363FAE5, B12A9F5338D39805E08A44A335FF7AA77F2266F535A2F5C8412CC746C75E5B1D ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:58:11.0284 0x0ec0 aspnet_state - ok
09:58:11.0315 0x0ec0 [ 001CFE1AE7A6377D70F654305ED10458, 02319F42082DD01715521BB01C63D93A783890F5EEF4F97E34401D6BF2537075 ] aswHwid C:\Windows\system32\drivers\aswHwid.sys
09:58:11.0346 0x0ec0 aswHwid - ok
09:58:11.0393 0x0ec0 [ CDE120D6279DD61B341CB871C48E5374, D9A5845F405D14268D5DCD54F88DB87FC4071042D65ED08F0F1687740F3E2657 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
09:58:11.0456 0x0ec0 aswMonFlt - ok
09:58:11.0487 0x0ec0 [ 6669541A3566F5B2F64A87ACC9B8821F, DD99968B1D78B55A6A19C8D494B7FB39ADF5175BD223B01E4C833AE10BBD019A ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys
09:58:11.0534 0x0ec0 aswRdr - ok
09:58:11.0565 0x0ec0 [ 60FED5EA7F14315C319E7FFB3679CC24, 19774A9C0DB86ED99434A194C9138682982EEFEA43CE33AB38985445C72B4C03 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
09:58:11.0596 0x0ec0 aswRvrt - ok
09:58:11.0706 0x0ec0 [ 56098BE0C735ED563C466CD835937993, D160FF497CF24B8302D4DDE8C91C9D298B4173B7250015D7E765D7E3FCB4E538 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
09:58:11.0815 0x0ec0 aswSnx - ok
09:58:12.0081 0x0ec0 [ 6FC940A01C53BC874F531349E991F2BC, C7D84127217D556D7722B0EBC38057C8DFA173265A6E1DBF89CA47379F061ED7 ] aswSP C:\Windows\system32\drivers\aswSP.sys
09:58:12.0143 0x0ec0 aswSP - ok
09:58:12.0174 0x0ec0 [ 7250DFE069F4CB68F736A12F51AC083E, 7422A030786F777E914E1D6C10BC9B94B03B4AA2A8F888FE948004B91C60CD07 ] aswStm C:\Windows\system32\drivers\aswStm.sys
09:58:12.0221 0x0ec0 aswStm - ok
09:58:12.0252 0x0ec0 [ 5EA98C99B780EE215401658BE5E217CA, A778F2E2414BD0C9C572BEAC1DD0A805ED1827A25D6208D650AEBCCEED4D6994 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
09:58:12.0299 0x0ec0 aswVmm - ok
09:58:12.0331 0x0ec0 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:58:12.0409 0x0ec0 AsyncMac - ok
09:58:12.0424 0x0ec0 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\DRIVERS\atapi.sys
09:58:12.0456 0x0ec0 atapi - ok
09:58:12.0581 0x0ec0 [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:58:12.0690 0x0ec0 AudioEndpointBuilder - ok
09:58:12.0799 0x0ec0 [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioSrv C:\Windows\System32\Audiosrv.dll
09:58:12.0909 0x0ec0 AudioSrv - ok
09:58:13.0143 0x0ec0 [ 5CE4F1E7D1BF789919DC7F2E7603C638, 604D4D824B9FE183B82637D212D7804DC88D6475383C1E6EE4269CAAD82E7C13 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
09:58:13.0174 0x0ec0 avast! Antivirus - ok
09:58:13.0268 0x0ec0 [ 7692F4B242E45870873CAF4CB85CF769, 9D28627FD73F62134792528A9D2F2FCCBB0FDD7E45D8D7D816B9FC3C07AE4CA2 ] AxAutoMntSrv C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
09:58:13.0315 0x0ec0 AxAutoMntSrv - ok
09:58:13.0377 0x0ec0 [ B20B5FA5CA050E9926E4D1DB81501B32, 91B9038349BA07E32DE809E6798167EE44087809EB1174B84EC16580040F1BE0 ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:58:13.0424 0x0ec0 AxInstSV - ok
09:58:13.0565 0x0ec0 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
09:58:13.0627 0x0ec0 b06bdrv - ok
09:58:13.0706 0x0ec0 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
09:58:13.0768 0x0ec0 b57nd60a - ok
09:58:13.0799 0x0ec0 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
09:58:13.0831 0x0ec0 BDESVC - ok
09:58:13.0846 0x0ec0 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
09:58:13.0924 0x0ec0 Beep - ok
09:58:13.0971 0x0ec0 [ 663C6E7F53A4F797EA5C946F2D1D834B, C60C7696056FF400A46FDDE82DAAB47767473E2D48D4F8FD85DAF7B706996713 ] BEService C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
09:58:14.0018 0x0ec0 BEService - ok
09:58:14.0065 0x0ec0 [ 4992C609A6315671463E30F6512BC022, 3020034556EAC25CD90F41D3BFFDD0BB2C3D1C5BAC4359F4B71B84A9FC404495 ] BFE C:\Windows\System32\bfe.dll
09:58:14.0190 0x0ec0 BFE - ok
09:58:14.0252 0x0ec0 [ 7F0C323FE3DA28AA4AA1BDA3F575707F, 7FF09CBC16A9E5F357A76FF79A3F0DD047957D474031F51A6BB4916C7911F005 ] BITS C:\Windows\System32\qmgr.dll
09:58:14.0377 0x0ec0 BITS - ok
09:58:14.0393 0x0ec0 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
09:58:14.0456 0x0ec0 blbdrive - ok
09:58:14.0565 0x0ec0 [ 73686FE0B2E0469F89FD2075BE724704, 4BC5BBA7ACB5BDA77251B82B9CF16C6A9EBBCC29760860A0F37ABDDF9288143F ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
09:58:14.0643 0x0ec0 Bonjour Service - detected UnsignedFile.Multi.Generic ( 1 )
09:58:17.0409 0x0ec0 Detect skipped due to KSN trusted
09:58:17.0409 0x0ec0 Bonjour Service - ok
09:58:17.0456 0x0ec0 [ 19D20159708E152267E53B66677A4995, 6401FA5C3EFF26BED075FEC68F868CD8D0598FDB45EA9381810615F7252F7A9A ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:58:17.0534 0x0ec0 bowser - ok
09:58:17.0565 0x0ec0 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:58:17.0612 0x0ec0 BrFiltLo - ok
09:58:17.0627 0x0ec0 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:58:17.0674 0x0ec0 BrFiltUp - ok
09:58:17.0706 0x0ec0 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
09:58:17.0799 0x0ec0 BridgeMP - ok
09:58:17.0846 0x0ec0 [ 6B054C67AAA87843504E8E3C09102009, 284AA58625FBDBFECB851A35407331B40BAEC141F2DCEDB9F15733BAB22F5C81 ] Browser C:\Windows\System32\browser.dll
09:58:17.0909 0x0ec0 Browser - ok
09:58:17.0940 0x0ec0 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:58:18.0206 0x0ec0 Brserid - ok
09:58:18.0221 0x0ec0 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:58:18.0284 0x0ec0 BrSerWdm - ok
09:58:18.0299 0x0ec0 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:58:18.0377 0x0ec0 BrUsbMdm - ok
09:58:18.0409 0x0ec0 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
09:58:18.0440 0x0ec0 BrUsbSer - ok
09:58:18.0456 0x0ec0 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
09:58:18.0518 0x0ec0 BTHMODEM - ok
09:58:18.0549 0x0ec0 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
09:58:18.0643 0x0ec0 bthserv - ok
09:58:18.0737 0x0ec0 Cardex - ok
09:58:18.0768 0x0ec0 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:58:18.0862 0x0ec0 cdfs - ok
09:58:18.0909 0x0ec0 [ 83D2D75E1EFB81B3450C18131443F7DB, F2C686C980D818E797818E75B808E1E0B51B2045840A4BFC32D860B7DB4DFA22 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:58:18.0987 0x0ec0 cdrom - ok
09:58:19.0018 0x0ec0 [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] CertPropSvc C:\Windows\System32\certprop.dll
09:58:19.0112 0x0ec0 CertPropSvc - ok
09:58:19.0143 0x0ec0 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
09:58:19.0190 0x0ec0 circlass - ok
09:58:19.0237 0x0ec0 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
09:58:19.0299 0x0ec0 CLFS - ok
09:58:19.0346 0x0ec0 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:58:19.0377 0x0ec0 clr_optimization_v2.0.50727_32 - ok
09:58:19.0440 0x0ec0 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:58:19.0471 0x0ec0 clr_optimization_v2.0.50727_64 - ok
09:58:19.0565 0x0ec0 [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:58:19.0737 0x0ec0 clr_optimization_v4.0.30319_32 - ok
09:58:19.0799 0x0ec0 [ 86329C35FF23CFEF0FB6C0023BA06BCE, D915CE7AD564F97A1C3B047D5248B7EF67ADDC59687FBC90F1776C21DAA0D3FD ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:58:19.0846 0x0ec0 clr_optimization_v4.0.30319_64 - ok
09:58:19.0862 0x0ec0 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
09:58:19.0924 0x0ec0 CmBatt - ok
09:58:19.0956 0x0ec0 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
09:58:19.0987 0x0ec0 cmdide - ok
09:58:20.0049 0x0ec0 [ CA7720B73446FDDEC5C69519C1174C98, F24796765587CC1D653A04783B1659564F42E600DA3AFA3DED724592B291D033 ] CNG C:\Windows\system32\Drivers\cng.sys
09:58:20.0127 0x0ec0 CNG - ok
09:58:20.0143 0x0ec0 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
09:58:20.0174 0x0ec0 Compbatt - ok
09:58:20.0206 0x0ec0 [ F26B3A86F6FA87CA360B879581AB4123, 723904362614FE47F6CC0EA0656BA1B47EA32D73BAFB61688A5E5CAE4340B1BF ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
09:58:20.0268 0x0ec0 CompositeBus - ok
09:58:20.0299 0x0ec0 COMSysApp - ok
09:58:20.0315 0x0ec0 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
09:58:20.0346 0x0ec0 crcdisk - ok
09:58:20.0440 0x0ec0 [ C8BD651E13895B93ED9EC5B4F1DF42BC, D86D6BF0BA3C09B49B3A52C86A7F3B3856A27F79EDD86A8FFA469D9A5F196E8D ] Creative ALchemy AL6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
09:58:20.0487 0x0ec0 Creative ALchemy AL6 Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
09:58:23.0268 0x0ec0 Detect skipped due to KSN trusted
09:58:23.0268 0x0ec0 Creative ALchemy AL6 Licensing Service - ok
09:58:23.0284 0x0ec0 [ C0EAD9F8AB83D41FF07303C75589C2B8, C89CAC39BCD2FA2DCC56D7EE84FF66127BCECCAE400E119FE41BF4C4D769504B ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
09:58:23.0315 0x0ec0 Creative Audio Engine Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
09:58:26.0096 0x0ec0 Detect skipped due to KSN trusted
09:58:26.0096 0x0ec0 Creative Audio Engine Licensing Service - ok
09:58:26.0143 0x0ec0 [ BAF19B633933A9FB4883D27D66C39E9A, 2D8ABB5161736CCCADA67B3E6A8D70B0B5E1E3FE6084561891F394DA191B3439 ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:58:26.0206 0x0ec0 CryptSvc - ok
09:58:26.0268 0x0ec0 [ 4A6173C2279B498CD8F57CAE504564CB, FF3CD404FD91EDE38C21780362CE892BFBBC2526B146BEBD139C7413EB29A216 ] CSC C:\Windows\system32\drivers\csc.sys
09:58:26.0346 0x0ec0 CSC - ok
09:58:26.0393 0x0ec0 [ 873FBF927C06E5CEE04DEC617502F8FD, 8B452ED5D003337E66634EEC3D5C9FBA4D05FF5AE776239F3B769FAA505E729C ] CscService C:\Windows\System32\cscsvc.dll
09:58:26.0502 0x0ec0 CscService - ok
09:58:26.0581 0x0ec0 [ 07BA6D17E66879018B30B6C3F976EBED, 1759CE25519358A47E1B1FA02A415DB5D3F6B511AD3820D0AE8A1533B5DC83CD ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
09:58:26.0659 0x0ec0 CTAudSvcService - detected UnsignedFile.Multi.Generic ( 1 )
09:58:29.0440 0x0ec0 Detect skipped due to KSN trusted
09:58:29.0440 0x0ec0 CTAudSvcService - ok
09:58:29.0502 0x0ec0 [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:58:29.0627 0x0ec0 DcomLaunch - ok
09:58:29.0674 0x0ec0 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
09:58:29.0784 0x0ec0 defragsvc - ok
09:58:29.0846 0x0ec0 [ 9C253CE7311CA60FC11C774692A13208, 23507138576DB75AA8B7415140F7B5D8A90CB2661796223870461C721A36AEBF ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:58:29.0909 0x0ec0 DfsC - ok
09:58:29.0956 0x0ec0 [ CE3B9562D997F69B330D181A8875960F, 6FEE6622859198C5C13545867EF7CFE8EDC991360E976F792313DAA9C82CC5C8 ] Dhcp C:\Windows\system32\dhcpcore.dll
09:58:30.0034 0x0ec0 Dhcp - ok
09:58:30.0096 0x0ec0 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
09:58:30.0190 0x0ec0 discache - ok
09:58:30.0206 0x0ec0 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
09:58:30.0252 0x0ec0 Disk - ok
09:58:30.0315 0x0ec0 [ 85CF424C74A1D5EC33533E1DBFF9920A, 882D5FA0D5EC053D76A0C46A6047A621D607651693CF94E5506219EECCC8D079 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:58:30.0377 0x0ec0 Dnscache - ok
09:58:30.0456 0x0ec0 [ FA122BC1451B1B35B7814FBE1ACF1924, 4E27B5E6201EC8B02EC578E4D16E8D34AC178081781E70FEA94D9D0A9B4C24D0 ] Dokan C:\Windows\system32\drivers\dokan.sys
09:58:30.0502 0x0ec0 Dokan - ok
09:58:30.0581 0x0ec0 [ 8C856E531A1170F53AC6844E89CD0B5F, 64202D7CEF356A1BADE59A8D1F005483B69655D13BCA008110D667855DC6EE89 ] DokanMounter C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
09:58:30.0612 0x0ec0 DokanMounter - detected UnsignedFile.Multi.Generic ( 1 )
09:58:33.0393 0x0ec0 Detect skipped due to KSN trusted
09:58:33.0393 0x0ec0 DokanMounter - ok
09:58:33.0424 0x0ec0 [ 14452ACDB09B70964C8C21BF80A13ACB, DA0AAAC04626EFF4256D7095FF1DDA1F1B17676E26990C418BDF5090476F2AB4 ] dot3svc C:\Windows\System32\dot3svc.dll
09:58:33.0518 0x0ec0 dot3svc - ok
09:58:33.0549 0x0ec0 [ 8C2BA6BEA949EE6E68385F5692BAFB94, 1047F473DCE0FB56BEA5C1B7929752C1FBAB5983C8202ABB4EEA48FCD60A353A ] DPS C:\Windows\system32\dps.dll
09:58:33.0643 0x0ec0 DPS - ok
09:58:33.0799 0x0ec0 [ 8C9F91F76535A3231C38CC66A9BD5D4E, A808B17277D96B5A6CD704F4282A152A3C5055B81FC3F7B8E2885028350AC767 ] DraftSight API Service C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
09:58:33.0831 0x0ec0 DraftSight API Service - detected UnsignedFile.Multi.Generic ( 1 )
09:58:36.0612 0x0ec0 Detect skipped due to KSN trusted
09:58:36.0612 0x0ec0 DraftSight API Service - ok
09:58:36.0643 0x0ec0 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:58:36.0706 0x0ec0 drmkaud - ok
09:58:36.0768 0x0ec0 [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
09:58:36.0831 0x0ec0 dtsoftbus01 - ok
09:58:36.0909 0x0ec0 [ 1633B9ABF52784A1331476397A48CBEF, 697780697C4C55FCCF5FB65C93FB37B3F5A43BF0C59FDBB9EF822D0E993E47BD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:58:36.0987 0x0ec0 DXGKrnl - ok
09:58:37.0034 0x0ec0 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
09:58:37.0112 0x0ec0 EapHost - ok
09:58:37.0299 0x0ec0 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
09:58:37.0581 0x0ec0 ebdrv - ok
09:58:37.0612 0x0ec0 [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] EFS C:\Windows\System32\lsass.exe
09:58:37.0659 0x0ec0 EFS - ok
09:58:37.0768 0x0ec0 [ B91D81B3B54A54CCAFC03733DBC2E29E, B08CFD3136F678CF902722B32CA55C4983EEE5AEBDCEE036BEB746914742141C ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:58:37.0877 0x0ec0 ehRecvr - ok
09:58:37.0909 0x0ec0 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
09:58:37.0956 0x0ec0 ehSched - ok
09:58:38.0002 0x0ec0 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
09:58:38.0112 0x0ec0 elxstor - ok
09:58:38.0127 0x0ec0 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
09:58:38.0174 0x0ec0 ErrDev - ok
09:58:38.0237 0x0ec0 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
09:58:38.0346 0x0ec0 EventSystem - ok
09:58:38.0393 0x0ec0 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
09:58:38.0487 0x0ec0 exfat - ok
09:58:38.0534 0x0ec0 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:58:38.0627 0x0ec0 fastfat - ok
09:58:38.0674 0x0ec0 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
09:58:38.0721 0x0ec0 fdc - ok
09:58:38.0737 0x0ec0 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
09:58:38.0831 0x0ec0 fdPHost - ok
09:58:38.0862 0x0ec0 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
09:58:38.0940 0x0ec0 FDResPub - ok
09:58:38.0956 0x0ec0 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:58:39.0002 0x0ec0 FileInfo - ok
09:58:39.0018 0x0ec0 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:58:39.0112 0x0ec0 Filetrace - ok
09:58:39.0206 0x0ec0 [ 227846995AFEEFA70D328BF5334A86A5, B8EF22DE552B44E7DC352742C775BB6B4992B653AF4B66B231A60182CE7A7201 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
09:58:39.0299 0x0ec0 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
09:58:42.0112 0x0ec0 Detect skipped due to KSN trusted
09:58:42.0112 0x0ec0 FLEXnet Licensing Service - ok
09:58:42.0127 0x0ec0 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
09:58:42.0174 0x0ec0 flpydisk - ok
09:58:42.0237 0x0ec0 [ F7866AF72ABBAF84B1FA5AA195378C59, 9D522044FE9C18FB3EC327E675737C01F2A8231DDE900421D3A431596946A7F8 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:58:42.0284 0x0ec0 FltMgr - ok
09:58:42.0377 0x0ec0 [ BC00505CFDA789ED3BE95D2FF38C4875, 9CB98AFF8A9740CFB53BDFB3DD40A76EB79C160CF2DF03E5EEFF6F2109216FEB ] FontCache C:\Windows\system32\FntCache.dll
09:58:42.0502 0x0ec0 FontCache - ok
09:58:42.0549 0x0ec0 [ 8D89E3131C27FDD6932189CB785E1B7A, AC7DA4C5E6D2E41D1A1DE146E46F034FAF0FB11AD801F070F2D5CD08166E9EB7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:58:42.0581 0x0ec0 FontCache3.0.0.0 - ok
09:58:42.0596 0x0ec0 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:58:42.0643 0x0ec0 FsDepends - ok
09:58:42.0690 0x0ec0 [ D3E3F93D67821A2DB2B3D9FAC2DC2064, 727FAA7E15A20ED3A37668D294ABDE6EAF1C87C34EE283C99EE3303E85001404 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:58:42.0721 0x0ec0 Fs_Rec - ok
09:58:42.0752 0x0ec0 [ B8B2A6E1558F8F5DE5CE431C5B2C7B09, 24A9F04A0622681A4E4B6BCC47C45016787C6036EAD828920812D9FAD49A71E3 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:58:42.0815 0x0ec0 fvevol - ok
09:58:42.0831 0x0ec0 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
09:58:42.0862 0x0ec0 gagp30kx - ok
09:58:42.0924 0x0ec0 [ FE5AB4525BC2EC68B9119A6E5D40128B, 088DE37982CEE78A0C1181389A3BFF1E352DF504074B3E8F3EA244DB271BF216 ] gpsvc C:\Windows\System32\gpsvc.dll
09:58:43.0049 0x0ec0 gpsvc - ok
09:58:43.0127 0x0ec0 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:58:43.0159 0x0ec0 gupdate - ok
09:58:43.0174 0x0ec0 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:58:43.0206 0x0ec0 gupdatem - ok
09:58:43.0221 0x0ec0 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:58:43.0268 0x0ec0 hcw85cir - ok
09:58:43.0315 0x0ec0 [ 6410F6F415B2A5A9037224C41DA8BF12, 5B8452BC49FDA2215281D27B22FA9BE46B0460F51C4DC70E58B687CFB541F3A5 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:58:43.0393 0x0ec0 HdAudAddService - ok
09:58:43.0440 0x0ec0 [ 0A49913402747A0B67DE940FB42CBDBB, 61A45DBDCEB4A2D5C3C28F6BC8C5ADC51D0240A7553DF44BCC4355FC06F72B83 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
09:58:43.0502 0x0ec0 HDAudBus - ok
09:58:43.0518 0x0ec0 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
09:58:43.0565 0x0ec0 HidBatt - ok
09:58:43.0596 0x0ec0 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
09:58:43.0674 0x0ec0 HidBth - ok
09:58:43.0940 0x0ec0 [ 01EA8D78EEC55C34C4601F7D3353616C, B3C22A3058D41B59D50597CF731F3D1A16FD3780AF56851D770985BEDFE192B5 ] HideMyIpSRV C:\Program Files (x86)\Hide My IP 6\HideMyIpSRV.exe
09:58:44.0284 0x0ec0 HideMyIpSRV - detected UnsignedFile.Multi.Generic ( 1 )
09:58:47.0049 0x0ec0 Detect skipped due to KSN trusted
09:58:47.0049 0x0ec0 HideMyIpSRV - ok
09:58:47.0065 0x0ec0 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
09:58:47.0127 0x0ec0 HidIr - ok
09:58:47.0159 0x0ec0 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
09:58:47.0252 0x0ec0 hidserv - ok
09:58:47.0268 0x0ec0 [ B3BF6B5B50006DEF50B66306D99FCF6F, D39A1DEBE7C464922919826D15199ED25E263BF58633593DD412D78F98921417 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:58:47.0331 0x0ec0 HidUsb - ok
09:58:47.0377 0x0ec0 [ EFA58EDE58DD74388FFD04CB32681518, 76D81F9BC1A4D85A779B79DEC23B79F1568AA236CD49247414093CDC1FCC150F ] hkmsvc C:\Windows\system32\kmsvc.dll
09:58:47.0456 0x0ec0 hkmsvc - ok
09:58:47.0502 0x0ec0 [ 046B2673767CA626E2CFB7FDF735E9E8, 9C932DCC5DE9B1919AB38C01D76AD7BBAF491DE6D158662407974748BC0B4C6C ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:58:47.0581 0x0ec0 HomeGroupListener - ok
09:58:47.0627 0x0ec0 [ 06A7422224D9865A5613710A089987DF, EF604B4B6918D3FDC8E90ED9004E6E7340E0F399C214C65CCE3A7C8C576FA1C0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:58:47.0690 0x0ec0 HomeGroupProvider - ok
09:58:47.0721 0x0ec0 [ 0886D440058F203EBA0E1825E4355914, BC49C4CEFE324A08C864A4BF4FEA9A70151FAB7CC30BDC28344F3FFD2F500070 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
09:58:47.0752 0x0ec0 HpSAMD - ok
09:58:47.0799 0x0ec0 [ 26B05FFD8FB5E70EB501A610E3425341, 4A5C76AF7B5027B378FF13D21729A5B66B648BEF215DAA976981D9032667A3CE ] HssDRV6 C:\Windows\system32\DRIVERS\hssdrv6.sys
09:58:47.0831 0x0ec0 HssDRV6 - ok
09:58:47.0909 0x0ec0 [ CEE049CAC4EFA7F4E1E4AD014414A5D4, 433AE2D845850F1D7A48275BBD87B3F0E7DD48F2282C727C4B777ECD92CC331D ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:58:48.0034 0x0ec0 HTTP - ok
09:58:48.0049 0x0ec0 [ F17766A19145F111856378DF337A5D79, FC1633FB865A5324EBCBE5F97D297B899FABBDD965D862C2EFC743CD36F47E62 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:58:48.0096 0x0ec0 hwpolicy - ok
09:58:48.0112 0x0ec0 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
09:58:48.0159 0x0ec0 i8042prt - ok
09:58:48.0190 0x0ec0 [ D83EFB6FD45DF9D55E9A1AFC63640D50, 0494F8F7CB3ED11FD8D0B838CB71271AF7A3CBFCB7F2CB043A9392B5106A3C7B ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
09:58:48.0268 0x0ec0 iaStorV - ok
09:58:48.0377 0x0ec0 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
09:58:48.0440 0x0ec0 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
09:58:51.0206 0x0ec0 Detect skipped due to KSN trusted
09:58:51.0206 0x0ec0 IDriverT - ok
09:58:51.0284 0x0ec0 [ 2F2BE70D3E02B6FA877921AB9516D43C, E04255EE4BD95FC1539EB1EB9F702B039F65993D31A4531DA487274543EF5226 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:58:51.0377 0x0ec0 idsvc - ok
09:58:51.0737 0x0ec0 [ 2D18C9E1F23970DE32D78D3B1CDDA0A7, 4AC6425F6D1921ED7975A0450D536B2675964574E40D86099410423E72D70D88 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
09:58:52.0346 0x0ec0 igfx - ok
09:58:52.0393 0x0ec0 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
09:58:52.0440 0x0ec0 iirsp - ok
09:58:52.0487 0x0ec0 [ C5B4683680DF085B57BC53E5EF34861F, 9C06517DFCB3ED7BB1166F7EB6CCC8713E6B68283C75420C0EDC182094AA1B8F ] IKEEXT C:\Windows\System32\ikeext.dll
09:58:52.0627 0x0ec0 IKEEXT - ok
09:58:52.0659 0x0ec0 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
09:58:52.0690 0x0ec0 intelide - ok
09:58:52.0706 0x0ec0 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:58:52.0768 0x0ec0 intelppm - ok
09:58:52.0784 0x0ec0 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:58:52.0877 0x0ec0 IPBusEnum - ok
09:58:52.0893 0x0ec0 [ 722DD294DF62483CECAAE6E094B4D695, 41ABB42EF969EA8A84B546908EBBDC2411D964DE101CE6DD3D7ECF109085E0C0 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:58:52.0971 0x0ec0 IpFilterDriver - ok
09:58:53.0034 0x0ec0 [ F8E058D17363EC580E4B7232778B6CB5, 02352919F349C57930A0B032FBDC45327FB473D310DE7AC721F4694FDE7D21FB ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:58:53.0159 0x0ec0 iphlpsvc - ok
09:58:53.0159 0x0ec0 [ E2B4A4494DB7CB9B89B55CA268C337C5, C59BC4AA03D10647641EC7533F78BC7E2EA6FC48B8B2CF1A49B5148EF40A90FB ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
09:58:53.0206 0x0ec0 IPMIDRV - ok
09:58:53.0252 0x0ec0 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:58:53.0346 0x0ec0 IPNAT - ok
09:58:53.0362 0x0ec0 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:58:53.0409 0x0ec0 IRENUM - ok
09:58:53.0424 0x0ec0 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
09:58:53.0456 0x0ec0 isapnp - ok
09:58:53.0502 0x0ec0 [ FA4D2557DE56D45B0A346F93564BE6E1, 2827EC3582FF59FFD55BBD4A4F0DDFFEAD4F2537FA043B3A69904FE920B1619C ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
09:58:53.0534 0x0ec0 iScsiPrt - ok
09:58:53.0565 0x0ec0 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:58:53.0596 0x0ec0 kbdclass - ok
09:58:53.0612 0x0ec0 [ 6DEF98F8541E1B5DCEB2C822A11F7323, F6EE4A7A6A7A1F243D32CA9241CA4816C92EB7BF2AADDD09234968C2CAAE6C0D ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
09:58:53.0659 0x0ec0 kbdhid - ok
09:58:53.0690 0x0ec0 [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] KeyIso C:\Windows\system32\lsass.exe
09:58:53.0737 0x0ec0 KeyIso - ok
09:58:53.0784 0x0ec0 [ 4F4B5FDE429416877DE7143044582EB5, A28FFEA078DBD91F3CC28088810EEEB727107B3F0F48370B44D87DC8F8C55B99 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:58:53.0831 0x0ec0 KSecDD - ok
09:58:53.0862 0x0ec0 [ 6F40465A44ECDC1731BEFAFEC5BDD03C, 317334D414D0AF73CB4D9CA11EA80C641E786760B8800F2795D0CB38378DBB80 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:58:53.0909 0x0ec0 KSecPkg - ok
09:58:53.0924 0x0ec0 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
09:58:54.0018 0x0ec0 ksthunk - ok
09:58:54.0065 0x0ec0 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
09:58:54.0174 0x0ec0 KtmRm - ok
09:58:54.0252 0x0ec0 [ A4A9CA24E54E81C6C3E469EAEB4B3F42, FB6B72BF973EC2EE2D81AAAF47B030C0A5E7E7B079DAB257C52FEFC3F222CDC8 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
09:58:54.0284 0x0ec0 L1C - ok
09:58:54.0331 0x0ec0 [ 81F1D04D4D0E433099365127375FD501, C2A81B5A482C974E8108806486EC28CB2D81400D42639682FE7B7A9BDF14BA9B ] LanmanServer C:\Windows\System32\srvsvc.dll
09:58:54.0409 0x0ec0 LanmanServer - ok
09:58:54.0456 0x0ec0 [ 27026EAC8818E8A6C00A1CAD2F11D29A, A12858CCB3B2419D66C667A46B106DA7A7BA97FFFA9634BFAE95DDF193C430D5 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:58:54.0534 0x0ec0 LanmanWorkstation - ok
09:58:54.0549 0x0ec0 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:58:54.0643 0x0ec0 lltdio - ok
09:58:54.0690 0x0ec0 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:58:54.0784 0x0ec0 lltdsvc - ok
09:58:54.0799 0x0ec0 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:58:54.0862 0x0ec0 lmhosts - ok
09:58:54.0893 0x0ec0 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
09:58:54.0956 0x0ec0 LSI_FC - ok
09:58:55.0034 0x0ec0 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
09:58:55.0081 0x0ec0 LSI_SAS - ok
09:58:55.0096 0x0ec0 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:58:55.0143 0x0ec0 LSI_SAS2 - ok
09:58:55.0174 0x0ec0 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:58:55.0221 0x0ec0 LSI_SCSI - ok
09:58:55.0268 0x0ec0 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
09:58:55.0346 0x0ec0 luafv - ok
09:58:55.0440 0x0ec0 [ 024DA28053D57E9E32BEE52600576BBB, 8EC636DAB90A835DEBA2EC6176F4547EEF557415FF77C6378EF423569702731E ] MarvinBus C:\Windows\system32\DRIVERS\MarvinBus64.sys
09:58:55.0502 0x0ec0 MarvinBus - ok
09:58:55.0534 0x0ec0 [ F84C8F1000BC11E3B7B23CBD3BAFF111, BB4C4FFE3F6C9E5C16C06F6F666F177B94E1CF878397BCC0BDAF6EB3341AAED8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:58:55.0596 0x0ec0 Mcx2Svc - ok
09:58:55.0627 0x0ec0 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
09:58:55.0659 0x0ec0 megasas - ok
09:58:55.0690 0x0ec0 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
09:58:55.0752 0x0ec0 MegaSR - ok
09:58:55.0784 0x0ec0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
09:58:55.0862 0x0ec0 MMCSS - ok
09:58:55.0877 0x0ec0 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
09:58:55.0971 0x0ec0 Modem - ok
09:58:56.0002 0x0ec0 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:58:56.0065 0x0ec0 monitor - ok
09:58:56.0081 0x0ec0 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:58:56.0112 0x0ec0 mouclass - ok
09:58:56.0127 0x0ec0 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:58:56.0174 0x0ec0 mouhid - ok
09:58:56.0190 0x0ec0 [ 791AF66C4D0E7C90A3646066386FB571, BF67643099494AEADDDC85E4D97AFF1017806A1DF554F9BE6C864FFECC9EAF42 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:58:56.0221 0x0ec0 mountmgr - ok
09:58:56.0315 0x0ec0 [ 10A5A4421AFE28A9567CA192FEBE54AC, AE547A469364D118CD81AE1E37907F6AC04B9B49B5D01EE76647BB0957D8A6E8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:58:56.0346 0x0ec0 MozillaMaintenance - ok
09:58:56.0362 0x0ec0 [ 609D1D87649ECC19796F4D76D4C15CEA, 5369F4C83FBAE9C4CFB9ACD36F07479E3F3FD784D79B82AE8D95B818B9F9CE00 ] mpio C:\Windows\system32\DRIVERS\mpio.sys
09:58:56.0409 0x0ec0 mpio - ok
09:58:56.0424 0x0ec0 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:58:56.0502 0x0ec0 mpsdrv - ok
09:58:56.0549 0x0ec0 [ AECAB449567D1846DAD63ECE49E893E3, 7A67A16A3E04574B7CAD097632ABA9B361BBEFDD6B36B7B8E3A1996EC529C2DC ] MpsSvc C:\Windows\system32\mpssvc.dll
09:58:56.0690 0x0ec0 MpsSvc - ok
09:58:56.0721 0x0ec0 [ 30524261BB51D96D6FCBAC20C810183C, 19598A9CD0EAAE4ACBF1069E721AB2853452F33FCFB3B5113F023A88A90BF42D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:58:56.0799 0x0ec0 MRxDAV - ok
09:58:56.0862 0x0ec0 [ 040D62A9D8AD28922632137ACDD984F2, D9457BDA88C2E3AA4E716C0657B77A4A3E212328CDABD5C18279B6440E1C1594 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:58:56.0909 0x0ec0 mrxsmb - ok
09:58:56.0987 0x0ec0 [ F0067552F8F9B33D7C59403AB808A3CB, 698B63528E1943BB4253BF7578DC128AA824C71BD04FF0521277E68B20656C02 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:58:57.0049 0x0ec0 mrxsmb10 - ok
09:58:57.0081 0x0ec0 [ 3C142D31DE9F2F193218A53FE2632051, 026B3A932A95D5160B64E470FC414F3D388D429317D5EAEA2D476F715C4CAE75 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:58:57.0143 0x0ec0 mrxsmb20 - ok
09:58:57.0174 0x0ec0 [ 5C37497276E3B3A5488B23A326A754B7, 9982FCDAFB963868EB93A4DEF811A3167488EB5246BAC3F4AE960506FDF63967 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
09:58:57.0221 0x0ec0 msahci - ok
09:58:57.0237 0x0ec0 [ 8D27B597229AED79430FB9DB3BCBFBD0, 3D58E08B47E8AE419D405BF263929DFA6F2F5F0C2D79FD8D6F2CED6452F6F248 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
09:58:57.0284 0x0ec0 msdsm - ok
09:58:57.0299 0x0ec0 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
09:58:57.0362 0x0ec0 MSDTC - ok
09:58:57.0409 0x0ec0 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:58:57.0471 0x0ec0 Msfs - ok
09:58:57.0502 0x0ec0 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:58:57.0581 0x0ec0 mshidkmdf - ok
09:58:57.0596 0x0ec0 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
09:58:57.0643 0x0ec0 msisadrv - ok
09:58:57.0674 0x0ec0 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:58:57.0768 0x0ec0 MSiSCSI - ok
09:58:57.0768 0x0ec0 msiserver - ok
09:58:57.0799 0x0ec0 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:58:57.0877 0x0ec0 MSKSSRV - ok
09:58:57.0909 0x0ec0 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:58:58.0002 0x0ec0 MSPCLOCK - ok
09:58:58.0034 0x0ec0 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:58:58.0127 0x0ec0 MSPQM - ok
09:58:58.0159 0x0ec0 [ 89CB141AA8616D8C6A4610FA26C60964, 76E72F6A0348EDC58A8E6F88C7F024B8B077670400BD5A833811DAFCF9F517CC ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:58:58.0206 0x0ec0 MsRPC - ok
09:58:58.0237 0x0ec0 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
09:58:58.0268 0x0ec0 mssmbios - ok
09:58:58.0284 0x0ec0 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:58:58.0377 0x0ec0 MSTEE - ok
09:58:58.0393 0x0ec0 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
09:58:58.0440 0x0ec0 MTConfig - ok
09:58:58.0471 0x0ec0 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
09:58:58.0502 0x0ec0 Mup - ok
09:58:58.0549 0x0ec0 [ 4987E079A4530FA737A128BE54B63B12, 27E51CC7D4D90DC4397575491DE7EFE15808709F097E2828E46AA73C771A47A4 ] napagent C:\Windows\system32\qagentRT.dll
09:58:58.0659 0x0ec0 napagent - ok
09:58:58.0706 0x0ec0 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:58:58.0784 0x0ec0 NativeWifiP - ok
09:58:58.0909 0x0ec0 [ 9D1CCE440552500DED3A62F9D779CDB4, C6B3B1C891A8BA3F91CC1EC21919C4F80F4C9CAF88971AB6CA11F09820601EBD ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
09:58:59.0002 0x0ec0 NAUpdate - ok
09:58:59.0065 0x0ec0 [ CAD515DBD07D082BB317D9928CE8962C, 7AFA6D6154AC68F9FCC37B7B3324F7A170AE91035805026445F24F6EB4FB7F2E ] NDIS C:\Windows\system32\drivers\ndis.sys
09:58:59.0143 0x0ec0 NDIS - ok
09:58:59.0174 0x0ec0 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:58:59.0252 0x0ec0 NdisCap - ok
09:58:59.0284 0x0ec0 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:58:59.0377 0x0ec0 NdisTapi - ok
09:58:59.0393 0x0ec0 [ F105BA1E22BF1F2EE8F005D4305E4BEC, 723DA09E13D0F50634D9F114590B837D16F7B36AA0DA2AB8F8C2D9991624EA8F ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:58:59.0487 0x0ec0 Ndisuio - ok
09:58:59.0502 0x0ec0 [ 557DFAB9CA1FCB036AC77564C010DAD3, 8A21B342AFE5B498FB62EDDC81A3ADA9570677B7A382666090E0ABB1F85FEF29 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:58:59.0596 0x0ec0 NdisWan - ok
09:58:59.0627 0x0ec0 [ 659B74FB74B86228D6338D643CD3E3CF, 83D741B7A2A204A661A80C226212749F514800060D05E217FA6DC14D62F38F80 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:58:59.0721 0x0ec0 NDProxy - ok
09:58:59.0768 0x0ec0 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:58:59.0831 0x0ec0 NetBIOS - ok
09:58:59.0924 0x0ec0 [ 9162B273A44AB9DCE5B44362731D062A, 5A1BA6DBFEBB2618DC9D4CC55FA071C170A5D22FFB24CE62DD5B3210D8B45F39 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:59:00.0002 0x0ec0 NetBT - ok
09:59:00.0034 0x0ec0 [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] Netlogon C:\Windows\system32\lsass.exe
09:59:00.0065 0x0ec0 Netlogon - ok
09:59:00.0112 0x0ec0 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
09:59:00.0221 0x0ec0 Netman - ok
09:59:00.0331 0x0ec0 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:59:00.0440 0x0ec0 NetMsmqActivator - ok
09:59:00.0502 0x0ec0 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:59:00.0549 0x0ec0 NetPipeActivator - ok
09:59:00.0612 0x0ec0 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
09:59:00.0721 0x0ec0 netprofm - ok
09:59:00.0752 0x0ec0 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:59:00.0799 0x0ec0 NetTcpActivator - ok
09:59:00.0815 0x0ec0 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:59:00.0862 0x0ec0 NetTcpPortSharing - ok
09:59:00.0893 0x0ec0 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
09:59:00.0924 0x0ec0 nfrd960 - ok
09:59:00.0956 0x0ec0 [ D9A0CE66046D6EFA0C61BAA885CBA0A8, 06C3331C7F3EE0E0B95E8302CB80315E965587C4D6231785B8ACF3FAE4731FAF ] NlaSvc C:\Windows\System32\nlasvc.dll
09:59:01.0065 0x0ec0 NlaSvc - ok
09:59:01.0096 0x0ec0 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:59:01.0190 0x0ec0 Npfs - ok
09:59:01.0221 0x0ec0 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
09:59:01.0331 0x0ec0 nsi - ok
09:59:01.0393 0x0ec0 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:59:01.0471 0x0ec0 nsiproxy - ok
09:59:01.0674 0x0ec0 [ 356698A13C4630D5B31C37378D469196, BF5704AADE5C3DA370501747F12ED6E9C3349E342CCF89005AAE132B570BB42B ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:59:01.0893 0x0ec0 Ntfs - ok
09:59:01.0940 0x0ec0 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
09:59:02.0018 0x0ec0 Null - ok
09:59:02.0127 0x0ec0 [ E366A5681C50785D4ED04FCFD65C3415, 7FF7B4B8F09E773401AE879897E60BF494B57B9ACEE990204A4C98A3FB183A33 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
09:59:02.0174 0x0ec0 NVHDA - ok
09:59:02.0909 0x0ec0 [ 0AC797F70F2F3E5B69A34FF2F63496F3, 80A811F8234BA00779BA76AAF41E830FB6CED03667E6E8F430C14DEBF2E45DD9 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:59:03.0549 0x0ec0 nvlddmkm - ok
09:59:03.0752 0x0ec0 [ 048C6FACA905A7DF0A86D3CC31D7E6AE, 7222B301DBBDFF15B038E13FEA076759D8AC392F5145ECD60A640BDA6CFABE8C ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
09:59:03.0877 0x0ec0 NvNetworkService - ok
09:59:03.0909 0x0ec0 [ 3E38712941E9BB4DDBEE00AFFE3FED3D, 03F27CC0EF0A86D0B2DAAB6F72838CB2AB57FE5D40074828D5B7F118CD5CBEE7 ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
09:59:03.0956 0x0ec0 nvraid - ok
09:59:03.0987 0x0ec0 [ 477DC4D6DEB99BE37084C9AC6D013DA1, E58C4D621CAAB1C68FB4A056576F48BC87913A5EBF0B511EFFB8F38C7D3E516E ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
09:59:04.0034 0x0ec0 nvstor - ok
09:59:04.0143 0x0ec0 [ 3ABCD8F8853FEB12B961E9A48FC12133, 58255D53E810EE0D89FA2F1DC9D6208BF44F3C0FDE74A9264FB740024F1EDD44 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
09:59:04.0174 0x0ec0 NvStreamKms - ok
09:59:04.0206 0x0ec0 NvStreamSvc - ok
09:59:04.0299 0x0ec0 [ C135A25E8CF21EB631AB041ABB1F73EA, D0A3DC0411E888D0934B7579EEB980FA7824E3F22F70819A33411D8B8BC9EE42 ] nvsvc C:\Windows\system32\nvvsvc.exe
09:59:04.0377 0x0ec0 nvsvc - ok
09:59:04.0440 0x0ec0 [ 75034A4D7C02327D150B617571D4196A, 8E7DAFEC4307E883D52BD0B5F0732E26E019C953770B52ACBBAD3074A66393CB ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
09:59:04.0471 0x0ec0 nvvad_WaveExtensible - ok
09:59:04.0487 0x0ec0 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
09:59:04.0534 0x0ec0 nv_agp - ok
09:59:04.0549 0x0ec0 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
09:59:04.0612 0x0ec0 ohci1394 - ok
09:59:04.0659 0x0ec0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:59:04.0737 0x0ec0 p2pimsvc - ok
09:59:04.0799 0x0ec0 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
09:59:04.0862 0x0ec0 p2psvc - ok
09:59:05.0049 0x0ec0 [ 01907300EB52206B06FACB9608F369A9, 8BFDF9884F619ABE47A479460E675B7D84F8A51539791A01C763C1E53AEBD1CF ] PanService C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
09:59:05.0221 0x0ec0 PanService - ok
09:59:05.0252 0x0ec0 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
09:59:05.0299 0x0ec0 Parport - ok
09:59:05.0331 0x0ec0 [ 90061B1ACFE8CCAA5345750FFE08D8B8, 76309683FFDF380AF9C6E1D9A52E46B011A0BF1026D747181D01F3312B7541C7 ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:59:05.0362 0x0ec0 partmgr - ok
09:59:05.0393 0x0ec0 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
09:59:05.0471 0x0ec0 PcaSvc - ok
09:59:05.0518 0x0ec0 [ F36F6504009F2FB0DFD1B17A116AD74B, 33A4C217F7DC5E5B7E1B6CF335327C8FE6CC5D6D048D420252965574CAD83918 ] pci C:\Windows\system32\DRIVERS\pci.sys
09:59:05.0549 0x0ec0 pci - ok
09:59:05.0581 0x0ec0 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\DRIVERS\pciide.sys
09:59:05.0612 0x0ec0 pciide - ok
09:59:05.0627 0x0ec0 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
09:59:05.0674 0x0ec0 pcmcia - ok
09:59:05.0690 0x0ec0 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
09:59:05.0737 0x0ec0 pcw - ok
09:59:05.0784 0x0ec0 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:59:05.0909 0x0ec0 PEAUTH - ok
09:59:06.0018 0x0ec0 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
09:59:06.0127 0x0ec0 PeerDistSvc - ok
09:59:06.0206 0x0ec0 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
09:59:06.0268 0x0ec0 PerfHost - ok
09:59:06.0362 0x0ec0 [ 557E9A86F65F0DE18C9B6751DFE9D3F1, 630EE5A80335929517A22D130C75CBCE882B92978372A6F36C30B9D353C7BB07 ] pla C:\Windows\system32\pla.dll
09:59:06.0534 0x0ec0 pla - ok
09:59:06.0596 0x0ec0 [ 98B1721B8718164293B9701B98C52D77, 27F5F00D4AA394D4D8D0A0062EDC3F944B603E07CAAEDC5CC959BA1E8C208C2A ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:59:06.0674 0x0ec0 PlugPlay - ok
09:59:06.0690 0x0ec0 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:59:06.0752 0x0ec0 PNRPAutoReg - ok
09:59:06.0784 0x0ec0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:59:06.0846 0x0ec0 PNRPsvc - ok
09:59:06.0893 0x0ec0 [ 166EB40D1F5B47E615DE3D0FFFE5F243, E32BCCA0D25CD631C221986EBE9F6C54BF2F12DE1672D69CCC4E22AD07D0525A ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:59:07.0002 0x0ec0 PolicyAgent - ok
09:59:07.0049 0x0ec0 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
09:59:07.0143 0x0ec0 Power - ok
09:59:07.0174 0x0ec0 [ 27CC19E81BA5E3403C48302127BDA717, C580FC552DDF9C163FC325B38B05C06FFD696495E4C01514BCD6346CFE4F0B40 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:59:07.0268 0x0ec0 PptpMiniport - ok
09:59:07.0284 0x0ec0 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
09:59:07.0346 0x0ec0 Processor - ok
09:59:07.0393 0x0ec0 [ F381975E1F4346DE875CB07339CE8D3A, 867BFC2E9A08E026289794019B8DE651A8604D06DD6A9BF166C29AFC24B6D26E ] ProfSvc C:\Windows\system32\profsvc.dll
09:59:07.0487 0x0ec0 ProfSvc - ok
09:59:07.0518 0x0ec0 [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:59:07.0565 0x0ec0 ProtectedStorage - ok
09:59:07.0596 0x0ec0 [ EE992183BD8EAEFD9973F352E587A299, 6B28930FAA0A54FAADDAF2231553D7F5D45C7227454C6D49A86DFC9EF6BC9043 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:59:07.0674 0x0ec0 Psched - ok
09:59:07.0768 0x0ec0 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
09:59:07.0909 0x0ec0 ql2300 - ok
09:59:07.0956 0x0ec0 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
09:59:07.0987 0x0ec0 ql40xx - ok
09:59:08.0034 0x0ec0 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
09:59:08.0096 0x0ec0 QWAVE - ok
09:59:08.0127 0x0ec0 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:59:08.0190 0x0ec0 QWAVEdrv - ok
09:59:08.0268 0x0ec0 [ A55E7D0D873B2C97585B3B5926AC6ADE, 3BE3895DA7F0888E85B1941525878BA0846A8F215AD39ED8138BB39615468E32 ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
09:59:08.0299 0x0ec0 RapiMgr - ok
09:59:08.0315 0x0ec0 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:59:08.0409 0x0ec0 RasAcd - ok
09:59:08.0424 0x0ec0 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
09:59:08.0502 0x0ec0 RasAgileVpn - ok
09:59:08.0534 0x0ec0 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
09:59:08.0627 0x0ec0 RasAuto - ok
09:59:08.0659 0x0ec0 [ 87A6E852A22991580D6D39ADC4790463, 0F757C6E5B57DFC239CE1BEC88EF16C07E7F1A40D629A9A6DF3CB6B88FB9E642 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:59:08.0752 0x0ec0 Rasl2tp - ok
09:59:08.0784 0x0ec0 [ 47394ED3D16D053F5906EFE5AB51CC83, FE5D1249788DB6D85C55769251B0AED738D3BBA04DF57124E03397D3C0599286 ] RasMan C:\Windows\System32\rasmans.dll
09:59:08.0893 0x0ec0 RasMan - ok
09:59:08.0924 0x0ec0 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:59:09.0002 0x0ec0 RasPppoe - ok
09:59:09.0034 0x0ec0 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:59:09.0112 0x0ec0 RasSstp - ok
09:59:09.0159 0x0ec0 [ 3BAC8142102C15D59A87757C1D41DCE5, C0C2C6887EA5A439E69221196348382ACE3E1942C9C6E0A970E153890F71724C ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:59:09.0268 0x0ec0 rdbss - ok
09:59:09.0284 0x0ec0 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
09:59:09.0331 0x0ec0 rdpbus - ok
09:59:09.0346 0x0ec0 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:59:09.0409 0x0ec0 RDPCDD - ok
09:59:09.0456 0x0ec0 [ 9706B84DBABFC4B4CA46C5A82B14DFA3, AFDC07C257BCB768861483A1842FFB647523946B16DA2812EFAE4FD3252BA303 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
09:59:09.0518 0x0ec0 RDPDR - ok
09:59:09.0534 0x0ec0 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:59:09.0612 0x0ec0 RDPENCDD - ok
09:59:09.0612 0x0ec0 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
09:59:09.0706 0x0ec0 RDPREFMP - ok
09:59:09.0752 0x0ec0 [ 447DE7E3DEA39D422C1504F245B668B1, C54D90D2F9405E011E490D3C2F0F64488B87B969C95E367C076BBFCFD8654909 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:59:09.0815 0x0ec0 RDPWD - ok
09:59:09.0846 0x0ec0 [ 634B9A2181D98F15941236886164EC8B, 15C55F05FD3CD751F619F18E2ADF91552AE82146501CD031402277F496A5B7D8 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:59:09.0893 0x0ec0 rdyboost - ok
09:59:09.0924 0x0ec0 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:59:10.0034 0x0ec0 RemoteAccess - ok
09:59:10.0065 0x0ec0 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:59:10.0174 0x0ec0 RemoteRegistry - ok
09:59:10.0190 0x0ec0 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:59:10.0284 0x0ec0 RpcEptMapper - ok
09:59:10.0315 0x0ec0 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
09:59:10.0377 0x0ec0 RpcLocator - ok
09:59:10.0424 0x0ec0 [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] RpcSs C:\Windows\system32\rpcss.dll
09:59:10.0534 0x0ec0 RpcSs - ok
09:59:10.0565 0x0ec0 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:59:10.0659 0x0ec0 rspndr - ok
09:59:10.0674 0x0ec0 [ 88AF6E02AB19DF7FD07ECDF9C91E9AF6, C890DCCC875F957CAAD4655EBFF384E3C5998040CA2BA360E92C96A647D1C399 ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys
09:59:10.0737 0x0ec0 s3cap - ok
09:59:10.0752 0x0ec0 [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] SamSs C:\Windows\system32\lsass.exe
09:59:10.0799 0x0ec0 SamSs - ok
09:59:10.0815 0x0ec0 [ E3BBB89983DAF5622C1D50CF49F28227, 49370DC142D577D657BF5755AA9B8625C35D3DDAF1F9466B4888507FB8E6FF07 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
09:59:10.0862 0x0ec0 sbp2port - ok
09:59:10.0893 0x0ec0 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:59:11.0002 0x0ec0 SCardSvr - ok
09:59:11.0034 0x0ec0 [ C94DA20C7E3BA1DCA269BC8460D98387, E1A5629728A79233B62BA87B4354BC3A332A853CC36A60E77B34923F4BCA8A61 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:59:11.0112 0x0ec0 scfilter - ok
09:59:11.0190 0x0ec0 [ 624D0F5FF99428BB90A5B8A4123E918E, 90A43E6F09B56CB86A3E3851F8E5ABB74905AEB70296F4B87BEDBC3027E65E86 ] Schedule C:\Windows\system32\schedsvc.dll
09:59:11.0315 0x0ec0 Schedule - ok
09:59:11.0346 0x0ec0 [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] SCPolicySvc C:\Windows\System32\certprop.dll
09:59:11.0424 0x0ec0 SCPolicySvc - ok
09:59:11.0456 0x0ec0 [ 765A27C3279CE11D14CB9E4F5869FCA5, B6C2EFFBA938828FEF7FE992A4C88B3154D053763C38762DCE13252FE9571FA1 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:59:11.0518 0x0ec0 SDRSVC - ok
09:59:11.0581 0x0ec0 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:59:11.0659 0x0ec0 secdrv - ok
09:59:11.0659 0x0ec0 [ 463B386EBC70F98DA5DFF85F7E654346, 8E27B18B04AF587719D1DAE75A042DB998E06CAE112BD68626EF046036D2DCDC ] seclogon C:\Windows\system32\seclogon.dll
09:59:11.0752 0x0ec0 seclogon - ok
09:59:11.0768 0x0ec0 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
09:59:11.0877 0x0ec0 SENS - ok
09:59:11.0893 0x0ec0 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:59:11.0956 0x0ec0 SensrSvc - ok
09:59:11.0971 0x0ec0 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
09:59:12.0018 0x0ec0 Serenum - ok
09:59:12.0049 0x0ec0 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
09:59:12.0096 0x0ec0 Serial - ok
09:59:12.0112 0x0ec0 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
09:59:12.0174 0x0ec0 sermouse - ok
09:59:12.0221 0x0ec0 [ C3BC61CE47FF6F4E88AB8A3B429A36AF, 6CA53AD0CB7215BAE3467EC1FD490E3A18504BD6CD4F0FABF9BD37516AB9DFE0 ] SessionEnv C:\Windows\system32\sessenv.dll
09:59:12.0299 0x0ec0 SessionEnv - ok
09:59:12.0331 0x0ec0 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
09:59:12.0409 0x0ec0 sffdisk - ok
09:59:12.0424 0x0ec0 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
09:59:12.0502 0x0ec0 sffp_mmc - ok
09:59:12.0534 0x0ec0 [ 5588B8C6193EB1522490C122EB94DFFA, 53AE3597D3305F2839130A2F3567F1690564B922035503EB418B9DE1586AEA43 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
09:59:12.0581 0x0ec0 sffp_sd - ok
09:59:12.0612 0x0ec0 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
09:59:12.0643 0x0ec0 sfloppy - ok
09:59:12.0706 0x0ec0 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:59:12.0815 0x0ec0 SharedAccess - ok
09:59:12.0862 0x0ec0 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF, 1C1D17301A4D37DBF906955CCABD2A3FDA47AFB24CBA978CF851123762249848 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:59:12.0956 0x0ec0 ShellHWDetection - ok
09:59:12.0987 0x0ec0 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:59:13.0018 0x0ec0 SiSRaid2 - ok
09:59:13.0034 0x0ec0 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
09:59:13.0081 0x0ec0 SiSRaid4 - ok
09:59:13.0096 0x0ec0 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:59:13.0174 0x0ec0 Smb - ok
09:59:13.0237 0x0ec0 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:59:13.0284 0x0ec0 SNMPTRAP - ok
09:59:13.0346 0x0ec0 [ FFC5F7ED77AA59AA0A6B70F3D7A22A93, F0EF3A1A8C74CDD9EE0EF585F0489385573D764DE75E14FA8ADFEA05112935DA ] Sound Blaster X-Fi MB Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
09:59:13.0377 0x0ec0 Sound Blaster X-Fi MB Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
09:59:16.0159 0x0ec0 Detect skipped due to KSN trusted
09:59:16.0159 0x0ec0 Sound Blaster X-Fi MB Licensing Service - ok
09:59:16.0206 0x0ec0 [ 12583AF6CBE0050651EAF2723B3AD7B3, 965D4F981B54669A96C5AB02D09BF0A9850D13862425B8981F1A9271350F28BB ] speedfan C:\Windows\syswow64\speedfan.sys
09:59:16.0252 0x0ec0 speedfan - ok
09:59:16.0268 0x0ec0 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
09:59:16.0299 0x0ec0 spldr - ok
09:59:16.0362 0x0ec0 [ F8E1FA03CB70D54A9892AC88B91D1E7B, 55EECAAD4C7EC0868BE937F4ADDA026AFDFCC614E94DE4B3248BFF2BE7FF13E8 ] Spooler C:\Windows\System32\spoolsv.exe
09:59:16.0456 0x0ec0 Spooler - ok
09:59:16.0643 0x0ec0 [ 913D843498553A1BC8F8DBAD6358E49F, F8B931FDABF669D642CBDCD2FF31E07F8A5E2D5F72E11D4A8FF219CCFB5825E9 ] sppsvc C:\Windows\system32\sppsvc.exe
09:59:16.0862 0x0ec0 sppsvc - ok
09:59:16.0893 0x0ec0 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
09:59:16.0987 0x0ec0 sppuinotify - ok
09:59:17.0065 0x0ec0 [ D6AB7C13FCDD2E4CAC35244D2C172D9A, 64A66368F5336B7A5879D083C2FE57DFD384410ADCC18004F327A4004A4F4300 ] sptd C:\Windows\System32\Drivers\sptd.sys
09:59:17.0143 0x0ec0 sptd - ok
09:59:17.0206 0x0ec0 [ 2408C0366D96BCDF63E8F1C78E4A29C5, 66F646890695B5D80536E88B1566C8765D89CFE25954ED650F6D773EFF045016 ] srv

vipernj · #26 Příspěvek od **vipernj** » 02 lis 2014 10:05

málo místa

C:\Windows\system32\DRIVERS\srv.sys
09:59:17.0284 0x0ec0 srv - ok
09:59:17.0331 0x0ec0 [ 76548F7B818881B47D8D1AE1BE9C11F8, 8F1356B07A6A55746FC71B6DB0322128941AE890850196F2B19BC01E6FC9B41C ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:59:17.0393 0x0ec0 srv2 - ok
09:59:17.0409 0x0ec0 [ 0AF6E19D39C70844C5CAA8FB0183C36E, 4494EEFDEA7198888D32E74727E5BC0AC628FFA70B1FE7EB59DBEEDC1A95D0DD ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:59:17.0471 0x0ec0 srvnet - ok
09:59:17.0502 0x0ec0 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:59:17.0612 0x0ec0 SSDPSRV - ok
09:59:17.0627 0x0ec0 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:59:17.0721 0x0ec0 SstpSvc - ok
09:59:17.0784 0x0ec0 StarOpen - ok
09:59:17.0893 0x0ec0 [ E5C796B621F6FBA8616511063D7F0FFE, 447FA64F552D4B04AD029E01485B4438A70D9B9B98EB49A883D5B17ED4C1D52F ] StarWindServiceAE C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
09:59:17.0956 0x0ec0 StarWindServiceAE - detected UnsignedFile.Multi.Generic ( 1 )
09:59:20.0737 0x0ec0 Detect skipped due to KSN trusted
09:59:20.0737 0x0ec0 StarWindServiceAE - ok
09:59:20.0799 0x0ec0 [ 792C6BB1F02C528095EC349DAAF4C880, 8BB32B0AD7048B4667ACF2D11F63E37D63DFB508AC515FFE825AECADA0F8FD7A ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
09:59:20.0862 0x0ec0 Steam Client Service - ok
09:59:20.0940 0x0ec0 [ 718D79F2E7EC3AFFD3661DA81F93BBEA, BA2A4E58E5EE06392EE6F4C2E738DC807EC5A8B9F6DD4B7935FE27CBC648E390 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
09:59:21.0002 0x0ec0 Stereo Service - ok
09:59:21.0034 0x0ec0 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
09:59:21.0065 0x0ec0 stexstor - ok
09:59:21.0127 0x0ec0 [ 52D0E33B681BD0F33FDC08812FEE4F7D, BBEBC0773402F6697D2F14F63E5E4FDC2180466E7FDBD306E408535B10160249 ] stisvc C:\Windows\System32\wiaservc.dll
09:59:21.0206 0x0ec0 stisvc - ok
09:59:21.0237 0x0ec0 [ FFD7A6F15B14234B5B0E5D49E7961895, 9553BDB65D021DA621BDFF1C180B9F4C6355FC748BAE854CE114D4B3EFF307B7 ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
09:59:21.0268 0x0ec0 storflt - ok
09:59:21.0299 0x0ec0 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
09:59:21.0362 0x0ec0 StorSvc - ok
09:59:21.0377 0x0ec0 [ 8FCCBEFC5C440B3C23454656E551B09A, 392A38D0B18B7FD08ACBE3E56ADCB235FA49BDB99F81E0820434D57332FA8FF7 ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys
09:59:21.0424 0x0ec0 storvsc - ok
09:59:21.0440 0x0ec0 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
09:59:21.0471 0x0ec0 swenum - ok
09:59:21.0596 0x0ec0 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
09:59:21.0674 0x0ec0 SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
09:59:24.0440 0x0ec0 Detect skipped due to KSN trusted
09:59:24.0440 0x0ec0 SwitchBoard - ok
09:59:24.0487 0x0ec0 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
09:59:24.0596 0x0ec0 swprv - ok
09:59:24.0706 0x0ec0 [ 3C1284516A62078FB68F768DE4F1A7BE, 67ECD462335EF88773E4BAEAB230A68EC92A25F8CD8F115873F669205AE6A1A9 ] SysMain C:\Windows\system32\sysmain.dll
09:59:24.0862 0x0ec0 SysMain - ok
09:59:25.0034 0x0ec0 [ 196E20CE11EDB0EA3EDA491FCD3C943B, DDE0CA36C1E2C15621CAB6CCD84EB3F415F800B62629C213016B0C2FB04E7035 ] SystemExplorerHelpService C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
09:59:25.0127 0x0ec0 SystemExplorerHelpService - ok
09:59:25.0159 0x0ec0 [ 238935C3CF2854886DC7CBB2A0E2CC66, BBF7A70BF218A544CC1A6FB81F75EAD29D418794162936BE197D6D61FE0DB1C4 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:59:25.0221 0x0ec0 TabletInputService - ok
09:59:25.0284 0x0ec0 [ 3A7CABF7DE8F1325BE8F46685469AEC3, 03B2FDEA5E10B9584EFC4ED22D6C2529322FBEF0DFEC60FE12FCE5C4A2E42F9C ] taphss6 C:\Windows\system32\DRIVERS\taphss6.sys
09:59:25.0315 0x0ec0 taphss6 - ok
09:59:25.0346 0x0ec0 [ 884264AC597B690C5707C89723BB8E7B, 9BF209A4128019421F7EC4AFF71103C5F411DB6CFB32AAC1633E789AD7A30708 ] TapiSrv C:\Windows\System32\tapisrv.dll
09:59:25.0456 0x0ec0 TapiSrv - ok
09:59:25.0471 0x0ec0 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
09:59:25.0549 0x0ec0 TBS - ok
09:59:25.0674 0x0ec0 [ 624C5B3AA4C99B3184BB922D9ECE3FF0, DF9527CBA335A51513FBFFD95DAF3FA79A19F2B417C533EE384D397FB1E0889E ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:59:25.0862 0x0ec0 Tcpip - ok
09:59:25.0971 0x0ec0 [ 624C5B3AA4C99B3184BB922D9ECE3FF0, DF9527CBA335A51513FBFFD95DAF3FA79A19F2B417C533EE384D397FB1E0889E ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:59:26.0112 0x0ec0 TCPIP6 - ok
09:59:26.0159 0x0ec0 [ 76D078AF6F587B162D50210F761EB9ED, 3813171036B4036306CADC29F877ADAE44B241DDF65B3699C352B7CDA9EC68C9 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:59:26.0221 0x0ec0 tcpipreg - ok
09:59:26.0237 0x0ec0 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:59:26.0299 0x0ec0 TDPIPE - ok
09:59:26.0331 0x0ec0 [ 7518F7BCFD4B308ABC9192BACAF6C970, CF08E547EF4059DA3F5A2FCBA98939E84092BB6E0E37F9BBCD1E4D9EBB8A58BB ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:59:26.0377 0x0ec0 TDTCP - ok
09:59:26.0409 0x0ec0 [ 079125C4B17B01FCAEEBCE0BCB290C0F, B2DF1F2317EF5DCF0A89327332E9F2770ED604005B3138C095FF01AA63B91437 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:59:26.0502 0x0ec0 tdx - ok
09:59:26.0815 0x0ec0 [ DF4A7E1E2BA788E28747F1EF49692ED6, 3417C0C713AB086E31CA20D6DCE923FF224093CFF2BAA6F29DCCBD2BEE5EEED6 ] TeamViewer9 C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
09:59:27.0190 0x0ec0 TeamViewer9 - ok
09:59:27.0221 0x0ec0 [ C448651339196C0E869A355171875522, C12441CF21D7D47804952B968689D78E3BA0323A90C4C811B54A6B2E6260BAD4 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
09:59:27.0252 0x0ec0 TermDD - ok
09:59:27.0315 0x0ec0 [ 0F05EC2887BFE197AD82A13287D2F404, 78C8A8FE9B1101430CA79875DA34413C35B6D7A5EE1932E454C50731335437A6 ] TermService C:\Windows\System32\termsrv.dll
09:59:27.0440 0x0ec0 TermService - ok
09:59:27.0471 0x0ec0 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
09:59:27.0549 0x0ec0 Themes - ok
09:59:27.0581 0x0ec0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
09:59:27.0659 0x0ec0 THREADORDER - ok
09:59:27.0674 0x0ec0 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
09:59:27.0768 0x0ec0 TrkWks - ok
09:59:27.0831 0x0ec0 [ 840F7FB849F5887A49BA18C13B2DA920, A59C40A090E03C0136A865FC54508BA938E7B467C8198BC009FE263E6C275781 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:59:27.0893 0x0ec0 TrustedInstaller - ok
09:59:27.0924 0x0ec0 [ 61B96C26131E37B24E93327A0BD1FB95, 7C551B6FD0447258BC3FDED72D8D41A0E8B731562170C264295592D45F85D9FF ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:59:28.0002 0x0ec0 tssecsrv - ok
09:59:28.0018 0x0ec0 [ 3836171A2CDF3AF8EF10856DB9835A70, 74CD0A21B4E5B47E8D762CC28282CA8D512D424EC591D90099B9F8D034AA2FC2 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:59:28.0127 0x0ec0 tunnel - ok
09:59:28.0159 0x0ec0 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
09:59:28.0190 0x0ec0 uagp35 - ok
09:59:28.0252 0x0ec0 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB, DBAEA010F11A5EFD961B1841308EA3F220A9FFB01F364BA9B8F72200DA2BBCD8 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:59:28.0346 0x0ec0 udfs - ok
09:59:28.0393 0x0ec0 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:59:28.0424 0x0ec0 UI0Detect - ok
09:59:28.0440 0x0ec0 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
09:59:28.0487 0x0ec0 uliagpkx - ok
09:59:28.0502 0x0ec0 [ EAB6C35E62B1B0DB0D1B48B671D3A117, E65034BF757AE4D21F69D7A91A7990E326A29A0CE9F871FD704B5E6CCC821FF0 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
09:59:28.0565 0x0ec0 umbus - ok
09:59:28.0596 0x0ec0 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
09:59:28.0627 0x0ec0 UmPass - ok
09:59:28.0659 0x0ec0 [ AF0AC98EE5077EB844413EB54287FDE3, 1586326510DE94E2735EFAD94A68D06DB5B7347B68055A9EA8B95E19D91A2E69 ] UmRdpService C:\Windows\System32\umrdp.dll
09:59:28.0721 0x0ec0 UmRdpService - ok
09:59:28.0768 0x0ec0 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
09:59:28.0877 0x0ec0 upnphost - ok
09:59:28.0956 0x0ec0 [ 77B01BC848298223A95D4EC23E1785A1, 7D0FBBA746588401400226BB966507EE34EEBB2F4F16607601E3D7383CAD34E2 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
09:59:29.0018 0x0ec0 usbaudio - ok
09:59:29.0049 0x0ec0 [ B26AFB54A534D634523C4FB66765B026, A219C9AE32D040BEA4DD69C2C826B1C52BACE26BEBFEE799BD56DFD442C5E0D8 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:59:29.0112 0x0ec0 usbccgp - ok
09:59:29.0127 0x0ec0 [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
09:59:29.0190 0x0ec0 usbcir - ok
09:59:29.0190 0x0ec0 [ 2EA4AFF7BE7EB4632E3AA8595B0803B5, CBECE7CEC0EFA4B283C63E9B6A270D595F5F3D006306DA5E5121BBFDCAB16376 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
09:59:29.0237 0x0ec0 usbehci - ok
09:59:29.0299 0x0ec0 [ 4C9042B8DF86C1E8E6240C218B99B39B, D286633311C047B9C4FB1AA89D7B02B9F943FDDCE473255DC8E14DD07CC9B292 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:59:29.0346 0x0ec0 usbhub - ok
09:59:29.0362 0x0ec0 [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
09:59:29.0409 0x0ec0 usbohci - ok
09:59:29.0440 0x0ec0 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
09:59:29.0487 0x0ec0 usbprint - ok
09:59:29.0534 0x0ec0 [ AAA2513C8AED8B54B189FD0C6B1634C0, 02FEE0B756AA559C29477A19861AC16D5A3152DC3C897C7D466423438B6A5E42 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
09:59:29.0581 0x0ec0 usbscan - ok
09:59:29.0596 0x0ec0 [ 080D3820DA6C046BE82FC8B45A893E83, EF4829A2D5B8D47AA7E06093EC85244042ED1CCFF43CC80DC44EF018B434197A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:59:29.0643 0x0ec0 USBSTOR - ok
09:59:29.0659 0x0ec0 [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
09:59:29.0690 0x0ec0 usbuhci - ok
09:59:29.0752 0x0ec0 [ D501E12614B00A3252073101D6A1A74B, DFA3A83978125B3CE45C71DD9069E8A7938366D0F4B4B2401CDD07251253FA8C ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
09:59:29.0815 0x0ec0 usbvideo - ok
09:59:29.0893 0x0ec0 [ 70D05EE263568A742D14E1876DF80532, D49D7B60EE30F2398B8B532F4A4C3F17535485F2BDB9B14AB600E2A4E3F12A6B ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
09:59:29.0956 0x0ec0 usb_rndisx - ok
09:59:29.0971 0x0ec0 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
09:59:30.0065 0x0ec0 UxSms - ok
09:59:30.0096 0x0ec0 [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] VaultSvc C:\Windows\system32\lsass.exe
09:59:30.0127 0x0ec0 VaultSvc - ok
09:59:30.0159 0x0ec0 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
09:59:30.0190 0x0ec0 vdrvroot - ok
09:59:30.0237 0x0ec0 [ 44D73E0BBC1D3C8981304BA15135C2F2, 2849387BBCFB0189AF5604D2F7A631BD5D6BBB2CA73AF6E870069AF382A74DED ] vds C:\Windows\System32\vds.exe
09:59:30.0331 0x0ec0 vds - ok
09:59:30.0362 0x0ec0 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:59:30.0409 0x0ec0 vga - ok
09:59:30.0424 0x0ec0 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
09:59:30.0502 0x0ec0 VgaSave - ok
09:59:30.0534 0x0ec0 [ C82E748660F62A242B2DFAC1442F22A4, 24AD6CAA918C5AB6F461D88825885C8637C224001AAD7A80BDC240368CDB0B7E ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
09:59:30.0596 0x0ec0 vhdmp - ok
09:59:30.0721 0x0ec0 [ D928C90CC759499E916B8FB5B8F32DDC, 18019A85C3C4A8762DA542A1BDBD8BD19F296505D3C4A419FB8BC6060A1B697B ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
09:59:30.0862 0x0ec0 VIAHdAudAddService - ok
09:59:30.0893 0x0ec0 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
09:59:30.0940 0x0ec0 viaide - ok
09:59:30.0956 0x0ec0 [ 224153C26FABE55CD6D751BFDF94FD3B, 33785CACBC5C8C153FA61B1A43F165AD84037846AB07332E3E1EF0E39D52898F ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
09:59:30.0987 0x0ec0 VIAKaraokeService - ok
09:59:31.0018 0x0ec0 [ 1501699D7EDA984ABC4155A7DA5738D1, 448DFEFF565F1467F387E4EC9782DDD48B8FFDDF6B1EA46A790C2782C20BD952 ] vmbus C:\Windows\system32\DRIVERS\vmbus.sys
09:59:31.0081 0x0ec0 vmbus - ok
09:59:31.0112 0x0ec0 [ AE10C35761889E65A6F7176937C5592C, 9DC27647B6149C9B2523799F85B18122CCE749264624FE2E5FE843FE00642BBE ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys
09:59:31.0174 0x0ec0 VMBusHID - ok
09:59:31.0221 0x0ec0 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3, 91F2B935E1E88C5542650F7D679A75D0562F4A5812179D1EC146D4B6351361E2 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
09:59:31.0252 0x0ec0 volmgr - ok
09:59:31.0315 0x0ec0 [ 99B0CBB569CA79ACAED8C91461D765FB, 5BE394A39A941DE2AA1212E66B7068F90D423FA816238657CB9B2DA8BBE69B9B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:59:31.0362 0x0ec0 volmgrx - ok
09:59:31.0424 0x0ec0 [ 9E425AC5C9A5A973273D169F43B4F5E1, 64C9A9D4A39865E56F01B4FDE1B56034C4B2A2AEF2ABE15EC1C37911C59595B0 ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:59:31.0487 0x0ec0 volsnap - ok
09:59:31.0518 0x0ec0 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
09:59:31.0565 0x0ec0 vsmraid - ok
09:59:31.0674 0x0ec0 [ 787898BF9FB6D7BD87A36E2D95C899BA, A6C0C7402B1A198E7B3D6D7D283FCB5815AC429DA68FC9B54C67707F3233CCB5 ] VSS C:\Windows\system32\vssvc.exe
09:59:31.0846 0x0ec0 VSS - ok
09:59:31.0862 0x0ec0 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
09:59:31.0909 0x0ec0 vwifibus - ok
09:59:31.0956 0x0ec0 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
09:59:32.0049 0x0ec0 W32Time - ok
09:59:32.0081 0x0ec0 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
09:59:32.0143 0x0ec0 WacomPen - ok
09:59:32.0159 0x0ec0 [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
09:59:32.0252 0x0ec0 WANARP - ok
09:59:32.0284 0x0ec0 [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:59:32.0362 0x0ec0 Wanarpv6 - ok
09:59:32.0456 0x0ec0 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
09:59:32.0612 0x0ec0 WatAdminSvc - ok
09:59:32.0737 0x0ec0 [ 5AB1BB85BD8B5089CC5D64200DEDAE68, 28777D4F3CD07C8E3465B6DA0FCA994E0B93071A3A0D4D1D64C1DF633DD1C64F ] wbengine C:\Windows\system32\wbengine.exe
09:59:32.0862 0x0ec0 wbengine - ok
09:59:32.0909 0x0ec0 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:59:32.0956 0x0ec0 WbioSrvc - ok
09:59:33.0065 0x0ec0 [ 8BDA6DB43AA54E8BB5E0794541DDC209, 8753C507BE77B019A3403AF5252434A01DB9F9332E58AC3783ABCE3D21AD9DD4 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
09:59:33.0112 0x0ec0 WcesComm - ok
09:59:33.0143 0x0ec0 [ 8321C2CA3B62B61B293CDA3451984468, 856A079C2CCC75D633EA23E410D7F3ECDF368EAAAFF634CB82DDA545FD3A2F9C ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:59:33.0221 0x0ec0 wcncsvc - ok
09:59:33.0268 0x0ec0 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:59:33.0331 0x0ec0 WcsPlugInService - ok
09:59:33.0424 0x0ec0 [ 147C60622CB53E901EFD8BB6D44A4C46, 453E9DDBE17C9C54C60BD160BBA045B39914A70B6DF7B6C530D68333944C43FB ] WCUService_STC_IE C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe
09:59:33.0534 0x0ec0 WCUService_STC_IE - ok
09:59:33.0565 0x0ec0 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
09:59:33.0596 0x0ec0 Wd - ok
09:59:33.0659 0x0ec0 [ 441BD2D7B4F98134C3A4F9FA570FD250, FF20815273014C5A27C2B75E2C70FE674809293627056199F502DFDF4CECFCA1 ] Wdf01000
C:\Windows\system32\drivers\Wdf01000.sys
09:59:33.0737 0x0ec0 Wdf01000 - ok
09:59:33.0784 0x0ec0 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:59:33.0862 0x0ec0 WdiServiceHost - ok
09:59:33.0877 0x0ec0 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:59:33.0940 0x0ec0 WdiSystemHost - ok
09:59:34.0065 0x0ec0 [ 8A438CBB8C032A0C798B0C642FFBE572, 3200B9B6A7B87C1C47295FA416C99DE1FBB2DBBA3DA78D5CC88C26DCC4189D45 ] WebClient C:\Windows\System32\webclnt.dll
09:59:34.0127 0x0ec0 WebClient - ok
09:59:34.0159 0x0ec0 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:59:34.0252 0x0ec0 Wecsvc - ok
09:59:34.0299 0x0ec0 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:59:34.0377 0x0ec0 wercplsupport - ok
09:59:34.0393 0x0ec0 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
09:59:34.0487 0x0ec0 WerSvc - ok
09:59:34.0534 0x0ec0 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
09:59:34.0596 0x0ec0 WfpLwf - ok
09:59:34.0627 0x0ec0 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:59:34.0659 0x0ec0 WIMMount - ok
09:59:34.0674 0x0ec0 WinDefend - ok
09:59:34.0690 0x0ec0 WinHttpAutoProxySvc - ok
09:59:34.0768 0x0ec0 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:59:34.0862 0x0ec0 Winmgmt - ok
09:59:34.0971 0x0ec0 [ 0C0195C48B6B8582FA6F6373032118DA, 11BD2C9F9E2397C9A16E0990E4ED2CF0679498FE0FD418A3DFDAC60B5C160EE5 ] WinRing0_1_2_0 C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys
09:59:35.0034 0x0ec0 WinRing0_1_2_0 - ok
09:59:35.0143 0x0ec0 [ 41FBB751936B387F9179E7F03A74FE29, 7A73D887BEC19DFC485ED42B4E6ABEBF824555139B81EA30731A00773E707464 ] WinRM C:\Windows\system32\WsmSvc.dll
09:59:35.0331 0x0ec0 WinRM - ok
09:59:35.0393 0x0ec0 [ 817EAFF5D38674EDD7713B9DFB8E9791, F6E0BFC503BA7395F92989C11B454D1F1E58E29302BA203801449A2C5236E84D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
09:59:35.0456 0x0ec0 WinUsb - ok
09:59:35.0518 0x0ec0 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
09:59:35.0643 0x0ec0 Wlansvc - ok
09:59:35.0690 0x0ec0 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
09:59:35.0721 0x0ec0 WmiAcpi - ok
09:59:35.0752 0x0ec0 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:59:35.0831 0x0ec0 wmiApSrv - ok
09:59:35.0862 0x0ec0 WMPNetworkSvc - ok
09:59:35.0893 0x0ec0 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:59:35.0940 0x0ec0 WPCSvc - ok
09:59:35.0956 0x0ec0 [ 2E57DDF2880A7E52E76F41C7E96D327B, D24E19B6091C197D77D71BC044CE2E5A57BE0A2F00D1BB0732E380A398230E63 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:59:36.0018 0x0ec0 WPDBusEnum - ok
09:59:36.0049 0x0ec0 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:59:36.0143 0x0ec0 ws2ifsl - ok
09:59:36.0190 0x0ec0 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
09:59:36.0252 0x0ec0 wscsvc - ok
09:59:36.0268 0x0ec0 WSearch - ok
09:59:36.0424 0x0ec0 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
09:59:36.0612 0x0ec0 wuauserv - ok
09:59:36.0643 0x0ec0 [ 7CADC74271DD6461C452C271B30BD378, D58C2094C36FC665C03A6A269EED80DC71F330C3DCF40A27A3C8F56AB7A96861 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:59:36.0737 0x0ec0 WudfPf - ok
09:59:36.0768 0x0ec0 [ 3B197AF0FFF08AA66B6B2241CA538D64, BC94E5EFF38B9C6A37717B2A6CA56679781A4872A0C4298056E074033571BE79 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:59:36.0846 0x0ec0 WUDFRd - ok
09:59:36.0877 0x0ec0 [ B551D6637AA0E132C18AC6E504F7B79B, FA6495533A14E01ABB0F6689AB7503B1B439D3ADA7457DFCB7D81714A9817327 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:59:36.0971 0x0ec0 wudfsvc - ok
09:59:37.0002 0x0ec0 [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll
09:59:37.0081 0x0ec0 WwanSvc - ok
09:59:37.0127 0x0ec0 wxpSvc - ok
09:59:37.0159 0x0ec0 ================ Scan global ===============================
09:59:37.0190 0x0ec0 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
09:59:37.0252 0x0ec0 [ 4343295C52C8B1ADD906F1A37B940AA1, 2A4030176F794F8371F7D3A7943C4E5DEF11246B9B21A43DBC8C3A410E971441 ] C:\Windows\system32\winsrv.dll
09:59:37.0268 0x0ec0 [ 4343295C52C8B1ADD906F1A37B940AA1, 2A4030176F794F8371F7D3A7943C4E5DEF11246B9B21A43DBC8C3A410E971441 ] C:\Windows\system32\winsrv.dll
09:59:37.0299 0x0ec0 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
09:59:37.0331 0x0ec0 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
09:59:37.0346 0x0ec0 [ Global ] - ok
09:59:37.0346 0x0ec0 ================ Scan MBR ==================================
09:59:37.0362 0x0ec0 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR2
09:59:37.0674 0x0ec0 \Device\Harddisk2\DR2 - ok
09:59:37.0690 0x0ec0 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:59:38.0284 0x0ec0 \Device\Harddisk0\DR0 - ok
09:59:38.0315 0x0ec0 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
09:59:38.0393 0x0ec0 \Device\Harddisk1\DR1 - ok
09:59:38.0393 0x0ec0 ================ Scan VBR ==================================
09:59:38.0393 0x0ec0 [ B1D5D2C45819C2C94FE864687CCB7EF1 ] \Device\Harddisk2\DR2\Partition1
09:59:38.0409 0x0ec0 \Device\Harddisk2\DR2\Partition1 - ok
09:59:38.0409 0x0ec0 [ 06748D59E3A476CD726EF793447AF172 ] \Device\Harddisk2\DR2\Partition2
09:59:38.0424 0x0ec0 \Device\Harddisk2\DR2\Partition2 - ok
09:59:38.0440 0x0ec0 [ 81AF0E485C7FEC54505F4178F99887E5 ] \Device\Harddisk0\DR0\Partition1
09:59:38.0440 0x0ec0 \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )
09:59:38.0440 0x0ec0 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
09:59:41.0159 0x0ec0 [ 28DF9997F4121FA02F2AB563448EA396 ] \Device\Harddisk0\DR0\Partition2
09:59:41.0174 0x0ec0 \Device\Harddisk0\DR0\Partition2 - ok
09:59:41.0174 0x0ec0 [ 77F7CEF3C96BDE452DA85AC7B6DAE6B4 ] \Device\Harddisk1\DR1\Partition1
09:59:41.0206 0x0ec0 \Device\Harddisk1\DR1\Partition1 - ok
09:59:41.0206 0x0ec0 ================ Scan generic autorun ======================
09:59:41.0237 0x0ec0 [ A736189E2E6DBC80DC47E71359FCA97A, 418E1CAF72E1FDB4908B8F71D0D805A1723B1F20B9B8A3AA86ED947B0EF87452 ] C:\Windows\system32\igfxtray.exe
09:59:41.0268 0x0ec0 IgfxTray - ok
09:59:41.0299 0x0ec0 [ 6409DF4A84CAB87A93E5D635868F7EEC, 3693713301D215E098F2B1080A4D4297E5A7AA1AB43E3594A9A137B8D28E3148 ] C:\Windows\system32\hkcmd.exe
09:59:41.0346 0x0ec0 HotKeysCmds - ok
09:59:41.0377 0x0ec0 [ 6AD0FB6392C9A3E0E7DAECED05ACBC47, A465D237A345D1B34C607D95405820DFD81BA518CC8BB53D195C0A894A979246 ] C:\Windows\system32\igfxpers.exe
09:59:41.0440 0x0ec0 Persistence - ok
09:59:41.0596 0x0ec0 [ 436A83E5555A8449B9BFBE1AAB314654, DE956310B2EF80B43399E63E309E659018879942EBBA5063B9A366C2314E8158 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
09:59:41.0752 0x0ec0 NvBackend - ok
09:59:41.0784 0x0ec0 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
09:59:41.0846 0x0ec0 ShadowPlay - ok
09:59:42.0034 0x0ec0 [ FF9FD27F60849A4FE852FB8E183EA1A0, 758FD257BD7DF171501085EAE94C161800CE334627176F30171041E368791A74 ] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
09:59:42.0206 0x0ec0 HDAudDeck - ok
09:59:42.0596 0x0ec0 [ C2D60F6277707014C1C670A4D27F36E8, 9F02C675BCE2BA500E8C1A4EA60BD553C1257836F5868126037E35772E9F251F ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
09:59:42.0909 0x0ec0 AvastUI.exe - ok
09:59:43.0377 0x0ec0 [ DEB55C327597E42FA14E41F5858F3263, 199300A8E1B0000A82D04CDA2D32C482945AFFE47A037AAA58F89E3EDF059684 ] C:\Program Files\CCleaner\CCleaner64.exe
09:59:43.0721 0x0ec0 CCleaner Monitoring - ok
09:59:43.0815 0x0ec0 [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
09:59:43.0971 0x0ec0 Sidebar - ok
09:59:44.0002 0x0ec0 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
09:59:44.0112 0x0ec0 mctadmin - ok
09:59:44.0174 0x0ec0 [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
09:59:44.0284 0x0ec0 Sidebar - ok
09:59:44.0299 0x0ec0 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
09:59:44.0346 0x0ec0 mctadmin - ok
09:59:44.0346 0x0ec0 Waiting for KSN requests completion. In queue: 12
09:59:45.0346 0x0ec0 Waiting for KSN requests completion. In queue: 12
09:59:46.0346 0x0ec0 Waiting for KSN requests completion. In queue: 12
09:59:47.0346 0x0ec0 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.0.2206.692 ), 0x41000 ( enabled : updated )
09:59:47.0362 0x0ec0 Win FW state via NFP2: enabled
09:59:50.0081 0x0ec0 ============================================================
09:59:50.0081 0x0ec0 Scan finished
09:59:50.0081 0x0ec0 ============================================================
09:59:50.0081 0x0574 Detected object count: 1
09:59:50.0081 0x0574 Actual detected object count: 1
10:00:22.0799 0x0574 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - skipped by user
10:00:22.0799 0x0574 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Skip

vipernj · #27 Příspěvek od **vipernj** » 02 lis 2014 10:41

mbar

Malwarebytes Anti-Rootkit BETA 1.07.0.1012
www.malwarebytes.org

Database version: v2014.11.02.03

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
wwwwww :: WWWWWW-PC [administrator]

2.11.2014 10:10:45
mbar-log-2014-11-02 (10-10-45).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Kernel memory modifications detected. Deep Anti-Rootkit Scan engaged.
Objects scanned: 429046
Time elapsed: 15 minute(s), 19 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 1
Physical Sector #1 on Drive #0 (Forged physical sector) -> Replace on reboot. [40d68b2df5d15e973c9f317d81862dca]

(end)

vipernj · #28 Příspěvek od **vipernj** » 02 lis 2014 10:50

Lepší, ale avast stále hlásí blokace nebezpečných stránek nebo souborů(příloha-příklad). Ale procesů ubylo.

#29 Příspěvek od **vyosek** » 02 lis 2014 14:34

Udelejte znovu TDSSKiller, pokud tam bude nalez Rootkit.Boot.Cidox.b tak u nej dejte volbu Cure, log pak sem

Vypnete stity antiviru a spustte ComboFix

vipernj · #30 Příspěvek od **vipernj** » 02 lis 2014 17:42

17:39:24.0937 0x00c8 TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
17:39:25.0046 0x00c8 ============================================================
17:39:25.0046 0x00c8 Current date / time: 2014/11/02 17:39:25.0046
17:39:25.0046 0x00c8 SystemInfo:
17:39:25.0046 0x00c8
17:39:25.0046 0x00c8 OS Version: 6.1.7600 ServicePack: 0.0
17:39:25.0046 0x00c8 Product type: Workstation
17:39:25.0046 0x00c8 ComputerName: WWWWWW-PC
17:39:25.0046 0x00c8 UserName: wwwwww
17:39:25.0046 0x00c8 Windows directory: C:\Windows
17:39:25.0046 0x00c8 System windows directory: C:\Windows
17:39:25.0046 0x00c8 Running under WOW64
17:39:25.0046 0x00c8 Processor architecture: Intel x64
17:39:25.0046 0x00c8 Number of processors: 2
17:39:25.0046 0x00c8 Page size: 0x1000
17:39:25.0046 0x00c8 Boot type: Normal boot
17:39:25.0046 0x00c8 ============================================================
17:39:25.0046 0x00c8 BG loaded
17:39:26.0484 0x00c8 System UUID: {645BB46D-D1DA-6F5B-741E-15588A27B9E4}
17:39:28.0531 0x00c8 Drive \Device\Harddisk2\DR2 - Size: 0x25433D6000 ( 149.05 Gb ), SectorSize: 0x200, Cylinders: 0x50C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
17:39:28.0578 0x00c8 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 ( 74.53 Gb ), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:39:28.0609 0x00c8 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:39:28.0781 0x00c8 ============================================================
17:39:28.0781 0x00c8 \Device\Harddisk2\DR2:
17:39:28.0781 0x00c8 MBR partitions:
17:39:28.0781 0x00c8 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x9857B11
17:39:28.0812 0x00c8 \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x9857B8F, BlocksNum 0x91BD071
17:39:28.0812 0x00c8 \Device\Harddisk0\DR0:
17:39:28.0859 0x00c8 MBR partitions:
17:39:28.0859 0x00c8 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:39:28.0859 0x00c8 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x94DC800
17:39:28.0859 0x00c8 \Device\Harddisk1\DR1:
17:39:28.0859 0x00c8 MBR partitions:
17:39:28.0859 0x00c8 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A384800
17:39:28.0859 0x00c8 ============================================================
17:39:29.0203 0x00c8 C: <-> \Device\Harddisk0\DR0\Partition2
17:39:29.0218 0x00c8 D: <-> \Device\Harddisk1\DR1\Partition1
17:39:29.0234 0x00c8 E: <-> \Device\Harddisk2\DR2\Partition1
17:39:29.0250 0x00c8 F: <-> \Device\Harddisk2\DR2\Partition2
17:39:29.0250 0x00c8 ============================================================
17:39:29.0250 0x00c8 Initialize success
17:39:29.0250 0x00c8 ============================================================
17:39:45.0250 0x0f88 Deinitialize success

A pouštím combofix.

VIRY.CZ

iexplore v procesech ale není nic vidět

Re: iexplore v procesech ale není nic vidět

Re: iexplore v procesech ale není nic vidět

Re: iexplore v procesech ale není nic vidět

Re: iexplore v procesech ale není nic vidět

Re: iexplore v procesech ale není nic vidět

Re: iexplore v procesech ale není nic vidět

Re: iexplore v procesech ale není nic vidět

Re: iexplore v procesech ale není nic vidět

Re: iexplore v procesech ale není nic vidět

Re: iexplore v procesech ale není nic vidět

Re: iexplore v procesech ale není nic vidět

Re: iexplore v procesech ale není nic vidět

Re: iexplore v procesech ale není nic vidět

Re: iexplore v procesech ale není nic vidět

Re: iexplore v procesech ale není nic vidět