Totálně zahumusené pc

[Márty84]

S ovladacem grafiky samozrejme problem byt muze. Muzete ho zkusit preinstalovat, pripadne aktualizovat. Ale dokud neni pc vycisteny, muze vsechno souviset s haveti.


Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

[Kachnacicek]

ComboFix 14-12-04.01 - Evža 06.12.2014 13:38:14.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4078.2400 [GMT 1:00]
Spuštěný z: c:\users\Ev×a\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\msdownld.tmp
c:\windows\PFRO.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-11-06 do 2014-12-06 )))))))))))))))))))))))))))))))
.
.
2014-12-06 12:51 . 2014-12-06 12:51 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
2014-12-06 12:51 . 2014-12-06 12:51 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-12-05 23:00 . 2014-12-05 23:00 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{ED8CCB48-F9E9-4AC7-BC55-C59B20EACEEC}\offreg.dll
2014-12-05 23:00 . 2014-12-05 23:00 -------- d-----w- c:\programdata\iolo
2014-12-05 23:00 . 2014-12-05 23:00 -------- d-----w- c:\users\Evža\AppData\Roaming\iolo
2014-12-05 16:38 . 2014-11-17 01:08 11632448 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{ED8CCB48-F9E9-4AC7-BC55-C59B20EACEEC}\mpengine.dll
2014-12-04 19:21 . 2014-12-04 19:21 -------- d-----w- c:\programdata\Malwarebytes
2014-12-04 16:53 . 2014-12-04 16:23 24064 ----a-w- c:\windows\zoek-delete.exe
2014-12-04 16:53 . 2014-12-06 12:51 -------- d-----w- c:\users\Evža\AppData\Local\Temp
2014-12-04 16:53 . 2014-12-04 16:53 -------- d-----w- c:\users\Ev×a
2014-12-04 16:23 . 2014-12-04 16:48 -------- d-----w- C:\zoek_backup
2014-12-04 16:12 . 2014-12-04 16:12 -------- d-----w- c:\windows\ERUNT
2014-12-03 18:50 . 2014-12-03 18:55 -------- d-----w- C:\AdwCleaner
2014-12-03 17:52 . 2014-12-06 11:56 -------- d-----w- c:\program files\trend micro
2014-12-03 17:52 . 2014-12-03 17:53 -------- d-----w- C:\rsit
2014-11-26 17:00 . 2014-11-26 17:00 -------- d-----w- c:\users\Evža\AppData\Local\Opera Software
2014-11-26 16:59 . 2014-11-26 17:19 -------- d-----w- c:\program files (x86)\Opera
2014-11-26 15:50 . 2014-11-26 15:50 -------- d-----w- c:\users\Evža\AppData\Roaming\AVAST Software
2014-11-26 15:48 . 2014-11-26 15:47 116728 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-11-26 15:48 . 2014-11-26 15:47 267632 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-11-26 15:48 . 2014-11-26 15:47 83280 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-11-26 15:48 . 2014-11-26 15:47 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-11-26 15:48 . 2014-11-26 15:47 436624 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-11-26 15:48 . 2014-11-26 15:47 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-11-26 15:48 . 2014-11-26 15:47 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-11-26 15:48 . 2014-11-26 15:48 1050432 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-11-26 15:47 . 2014-11-26 15:47 364512 ----a-w- c:\windows\system32\aswBoot.exe
2014-11-26 15:47 . 2014-11-26 15:47 43152 ----a-w- c:\windows\avastSS.scr
2014-11-26 15:46 . 2014-11-26 15:46 -------- d-----w- c:\program files\AVAST Software
2014-11-26 15:44 . 2014-11-26 15:44 -------- d-----w- c:\users\Evža\AppData\Local\IsolatedStorage
2014-11-26 15:44 . 2014-11-26 15:46 -------- d-----w- c:\programdata\AVAST Software
2014-11-26 15:43 . 2014-11-26 15:45 -------- d-----w- c:\users\Evža\AppData\Local\Yandex
2014-11-26 15:43 . 2014-11-26 15:45 -------- d-----w- c:\program files (x86)\Yandex
2014-11-26 15:43 . 2014-11-26 15:43 -------- d-----w- c:\users\Evža\AppData\Roaming\Opera Software
2014-11-26 15:42 . 2014-11-26 15:42 -------- d-----w- c:\users\Evža\AppData\Local\Chromium
2014-11-26 15:42 . 2014-12-03 17:48 -------- d-----w- c:\users\Evža\AppData\Roaming\Yandex
2014-11-26 15:41 . 2014-11-26 15:41 -------- d-----w- c:\users\Evža\AppData\Roaming\ImperiaOnline
2014-11-23 11:54 . 2014-11-23 11:55 -------- d-----w- c:\users\Evža\AppData\Roaming\Maxthon3
2014-11-23 11:54 . 2014-11-23 11:54 -------- d-----w- c:\program files (x86)\Maxthon
2014-11-20 19:20 . 2014-11-21 17:05 -------- d-----w- c:\program files (x86)\Bratr a sestra - smrti navzdory
2014-11-19 11:06 . 2014-11-11 03:08 241152 ----a-w- c:\windows\system32\pku2u.dll
2014-11-19 11:06 . 2014-11-11 03:08 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-11-19 11:06 . 2014-11-11 02:44 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
2014-11-19 11:06 . 2014-11-11 02:44 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-11-13 11:31 . 2014-11-13 11:31 -------- d-sh--w- c:\users\Evža\AppData\Local\EmieBrowserModeList
2014-11-12 12:27 . 2014-11-05 17:56 304640 ----a-w- c:\windows\system32\generaltel.dll
2014-11-12 12:27 . 2014-11-05 17:56 228864 ----a-w- c:\windows\system32\aepdu.dll
2014-11-12 12:27 . 2014-11-05 17:52 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-11-12 12:25 . 2014-08-21 06:43 1882624 ----a-w- c:\windows\system32\msxml3.dll
2014-11-12 12:24 . 2014-10-25 01:57 77824 ----a-w- c:\windows\system32\packager.dll
2014-11-12 12:24 . 2014-10-25 01:32 67584 ----a-w- c:\windows\SysWow64\packager.dll
2014-11-12 12:24 . 2014-10-18 02:05 861696 ----a-w- c:\windows\system32\oleaut32.dll
2014-11-12 12:24 . 2014-10-18 01:33 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2014-11-12 12:24 . 2014-10-14 02:13 3241984 ----a-w- c:\windows\system32\msi.dll
2014-11-12 12:24 . 2014-10-14 01:50 2363904 ----a-w- c:\windows\SysWow64\msi.dll
2014-11-12 12:24 . 2014-10-10 00:57 3198976 ----a-w- c:\windows\system32\win32k.sys
2014-11-07 18:48 . 2014-11-07 18:48 -------- d-----w- c:\program files (x86)\Vojensky ujezd Ralsko - Cihajici sovet
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-04 18:17 . 2014-05-29 17:05 215128 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-12-04 18:17 . 2014-05-29 16:42 215128 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-11-26 15:46 . 2012-04-15 10:44 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-11-26 15:46 . 2012-01-19 10:09 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-11-24 13:04 . 2010-11-21 03:27 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-11-15 19:31 . 2014-04-30 18:42 13792 ----a-w- c:\windows\system32\drivers\semav6thermal64ro.sys
2014-11-12 19:08 . 2012-01-26 04:29 103374192 ----a-w- c:\windows\system32\MRT.exe
2014-09-25 02:08 . 2014-10-01 11:17 371712 ----a-w- c:\windows\system32\qdvd.dll
2014-09-25 01:40 . 2014-10-01 11:17 519680 ----a-w- c:\windows\SysWow64\qdvd.dll
2014-09-19 09:23 . 2014-11-12 12:25 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2014-09-09 22:11 . 2014-09-24 09:22 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-09 21:47 . 2014-09-24 09:22 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2014-11-18 1940160]
"cz.seznam.software.autoupdate"="c:\users\Evža\AppData\Roaming\Seznam.cz\szninstall.exe" [2013-05-16 1062472]
"cz.seznam.software.szndesktop"="c:\users\Evža\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" [2013-04-12 92664]
"PhilipsSongbirdLauncher"="c:\program files (x86)\Philips\Philips Songbird\extensions\philips-autoplay@philips.com\application\PhilipsSongbirdLauncher.exe" [2014-04-11 346624]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-09-13 283160]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2011-02-15 2757312]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-11-26 648032]
"Guard.Mail.ru.gui"="c:\program files (x86)\Guard-ICQ\GuardICQ.exe" [2012-02-15 1564368]
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" [2013-03-21 1061960]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-11-26 5226600]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 ESRV_SVC;Energy Server Service;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe --AUTO_START --start --address 127.0.0.1;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe --AUTO_START --start --address 127.0.0.1 [x]
R2 Guard.Mail.ru;Guard.Mail.ru;c:\program files (x86)\Guard-ICQ\GuardICQ.exe;c:\program files (x86)\Guard-ICQ\GuardICQ.exe [x]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\System32\Drivers\AthDfu.sys;c:\windows\SYSNATIVE\Drivers\AthDfu.sys [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1y60x64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 McComponentHostServiceSony;McAfee Security Scan Component Host Service for Sony;c:\program files (x86)\Sony\MSS\3.8.130\McCHSvc.exe;c:\program files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [x]
R3 semav6thermal64ro;semav6thermal64ro;c:\windows\system32\drivers\semav6thermal64ro.sys;c:\windows\SYSNATIVE\drivers\semav6thermal64ro.sys [x]
R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [x]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bbus.sys [x]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdfl.sys [x]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bmdm.sys [x]
R3 ss_bserd;SAMSUNG USB Mobile Logging Driver;c:\windows\system32\DRIVERS\ss_bserd.sys;c:\windows\SYSNATIVE\DRIVERS\ss_bserd.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssudserd.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 usbrndis6;Adaptér USB RNDIS6;c:\windows\system32\DRIVERS\usb80236.sys;c:\windows\SYSNATIVE\DRIVERS\usb80236.sys [x]
R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [x]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [x]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe;c:\program files\Sony\VAIO Smart Network\VSNService.exe [x]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\drivers\btath_bus.sys;c:\windows\SYSNATIVE\drivers\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\drivers\btath_hcrp.sys;c:\windows\SYSNATIVE\drivers\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\drivers\btath_rcp.sys;c:\windows\SYSNATIVE\drivers\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys;c:\windows\SYSNATIVE\drivers\SFEP.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 USER_ESRV_SVC;User Energy Server Service;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe [x]
S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe;c:\program files\Sony\VAIO Care\VCService.exe [x]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update\vuagent.exe;c:\program files\Sony\VAIO Update\vuagent.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-11-25 23:48 1087304 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.71\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-12-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-15 15:46]
.
2014-12-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-16 16:36]
.
2014-12-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-16 16:36]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-11-26 15:47 860984 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2011-03-29 518784]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-04-29 790688]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-04-29 657568]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
mSearchAssistant =
TCP: DhcpNameServer = 62.240.163.170 62.204.224.2
FF - ProfilePath - c:\users\Evža\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default\
FF - prefs.js: Keyword.Enabled - true
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?btnG=Google+Search&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnG=Google+Search&q=
FF - prefs.js: network.proxy.type - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-AppGraffiti - c:\progra~2\APPGRA~1\AppGraffiti.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
WebBrowser-{4724C5D8-DFA7-417A-A2F5-1EABFEE9B4AC} - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\uninstaller.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_bc2.exe
AddRemove-VDC_is1 - c:\program files (x86)\Video Download Converter\unins000.exe
AddRemove-{1B9604EE-B104-45C8-8551-5F63BA631E23} - c:\programdata\{FA77A43D-F6ED-4924-87B5-517C061388C6}\WeatherBugSetup.exe
AddRemove-{Cesta za dobrodruzstvim - Nadesel cas}_is1 - c:\program files (x86)\Cesta za dobrodruzstvim - Nadesel cas\unins000.exe
AddRemove-{Princ z Persie a hamizny kalif}_is1 - c:\program files (x86)\Princ z Persie a hamizny kalif\unins000.exe
AddRemove-{Proklety hrbitov - Krkavci kletba}_is1 - c:\program files (x86)\Proklety hrbitov - Krkavci kletba\unins000.exe
AddRemove-{Proroctvi ztraceneho kralovstvi}_is1 - c:\program files (x86)\Proroctvi ztraceneho kralovstvi\unins000.exe
AddRemove-{Serif Standa 2 - Pripad ztracene veci}_is1 - c:\program files (x86)\Serif Standa 2 - Pripad ztracene veci\unins000.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_239_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_239_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_239_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_239_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_239.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_239.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_239.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_239.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-12-06 13:54:58
ComboFix-quarantined-files.txt 2014-12-06 12:54
.
Před spuštěním: Volných bajtů: 339 759 476 736
Po spuštění: Volných bajtů: 339 354 636 288
.
- - End Of File - - 0BD532C14FEC6EA439F33C4BCE39B8B8

[Márty84]

Tak moment!

Tohle je log z jineho pc a to konkretne http://forum.viry.cz/viewtopic.php?f=13 ... 5#p1363743

To si ze mne delate prdel? Nebo me zkousite, jestli si toho vsimnu? Jak to tedy je?

[Kachnacicek]

Ne, jen dělám dvě věci najednou a udělal jsem chybu. Omlouvám se.

Zde je správný log. Ještě jednou pardon.

ComboFix 14-12-04.01 - Pavel 06.12.2014 13:38:56.2.2 - x64 MINIMAL
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.3830.2604 [GMT 1:00]
Spuštěný z: c:\users\Pavel\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
SP: Microsoft Security Essentials *Disabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\82BAE3BFA1.sys
c:\programdata\ntuser.pol
C:\Thumbs.db
c:\users\Pavel\AppData\Local\Microsoft\Windows\Temporary Internet Files\{B81CF6DA-7F32-4A7F-B265-AFAB10F153CF}.xps
c:\windows\msdownld.tmp
c:\windows\PFRO.log
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NETHFDRV
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-11-06 do 2014-12-06 )))))))))))))))))))))))))))))))
.
.
2014-12-06 12:47 . 2014-12-06 12:47 -------- d-----w- c:\users\strnad\AppData\Local\temp
2014-12-05 23:34 . 2014-12-05 23:12 24064 ----a-w- c:\windows\zoek-delete.exe
2014-12-05 23:34 . 2014-12-06 12:47 -------- d-----w- c:\users\Pavel\AppData\Local\Temp
2014-12-05 23:24 . 2014-09-17 15:11 1188440 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E9835AB0-504A-41F1-9276-E2B3C4890B9D}\gapaengine.dll
2014-12-05 23:23 . 2014-11-02 04:20 11632448 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{188AD368-7BBF-4327-B6B2-CD8187FB8D20}\mpengine.dll
2014-12-05 22:48 . 2014-12-05 23:32 -------- d-----w- C:\zoek_backup
2014-12-03 20:52 . 2014-11-02 04:20 11632448 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-12-03 20:30 . 2014-12-05 20:32 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-12-03 20:30 . 2014-12-03 20:30 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-12-03 20:30 . 2014-12-03 20:30 -------- d-----w- c:\programdata\Malwarebytes
2014-12-03 20:30 . 2014-11-21 05:14 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-12-03 20:30 . 2014-11-21 05:14 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-12-03 20:30 . 2014-11-21 05:14 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-12-03 20:20 . 2014-12-03 20:24 -------- d-----w- C:\AdwCleaner
2014-12-03 17:10 . 2014-12-03 17:11 -------- d-----w- C:\rsit
2014-12-03 17:10 . 2014-12-03 17:11 -------- d-----w- c:\program files\trend micro
2014-11-28 22:19 . 2014-11-11 03:08 241152 ----a-w- c:\windows\system32\pku2u.dll
2014-11-28 22:19 . 2014-11-11 03:08 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-11-28 22:19 . 2014-11-11 02:44 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-11-26 19:32 . 2014-11-11 02:44 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
2014-11-20 15:52 . 2014-11-20 15:52 -------- d-sh--w- c:\users\Pavel\AppData\Local\EmieBrowserModeList
2014-11-15 15:55 . 2014-10-14 02:13 683520 ----a-w- c:\windows\system32\termsrv.dll
2014-11-15 15:55 . 2014-10-14 02:16 155064 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-11-15 15:55 . 2014-10-14 02:07 681984 ----a-w- c:\windows\system32\adtschema.dll
2014-11-15 15:55 . 2014-10-14 01:46 681984 ----a-w- c:\windows\SysWow64\adtschema.dll
2014-11-15 15:55 . 2014-10-14 02:12 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-11-15 15:55 . 2014-10-14 02:09 146432 ----a-w- c:\windows\system32\msaudite.dll
2014-11-15 15:55 . 2014-10-14 01:50 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-11-15 15:55 . 2014-10-14 01:49 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-11-15 15:55 . 2014-10-14 01:47 146432 ----a-w- c:\windows\SysWow64\msaudite.dll
2014-11-12 14:45 . 2014-10-18 02:05 861696 ----a-w- c:\windows\system32\oleaut32.dll
2014-11-12 14:44 . 2014-10-25 01:57 77824 ----a-w- c:\windows\system32\packager.dll
2014-11-12 14:44 . 2014-10-25 01:32 67584 ----a-w- c:\windows\SysWow64\packager.dll
2014-11-12 14:44 . 2014-10-10 00:57 3198976 ----a-w- c:\windows\system32\win32k.sys
2014-11-12 14:44 . 2014-10-14 02:13 3241984 ----a-w- c:\windows\system32\msi.dll
2014-11-12 14:44 . 2014-10-14 01:50 2363904 ----a-w- c:\windows\SysWow64\msi.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-28 16:08 . 2012-11-24 11:46 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-11-28 16:08 . 2011-11-23 13:10 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-11-13 09:47 . 2012-09-25 19:33 103374192 ----a-w- c:\windows\system32\MRT.exe
2014-10-30 11:25 . 2011-11-22 07:22 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-09-25 02:08 . 2014-10-02 14:24 371712 ----a-w- c:\windows\system32\qdvd.dll
2014-09-25 01:40 . 2014-10-02 14:24 519680 ----a-w- c:\windows\SysWow64\qdvd.dll
2014-09-19 09:23 . 2014-11-12 14:45 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2014-09-17 15:11 . 2012-09-12 15:14 1188440 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-09-09 22:11 . 2014-09-26 12:18 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-09 21:47 . 2014-09-26 12:18 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-01-02 14:11 222832 ----a-w- c:\users\Pavel\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-01-02 14:11 222832 ----a-w- c:\users\Pavel\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-01-02 14:11 222832 ----a-w- c:\users\Pavel\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2010-01-22 2363392]
"EADM"="c:\program files (x86)\Origin\Origin.exe" [2014-05-07 3588952]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
"cz.seznam.software.autoupdate"="c:\users\Pavel\AppData\Roaming\Seznam.cz\szninstall.exe" [2013-05-16 1062472]
"cz.seznam.software.szndesktop"="c:\users\Pavel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" [2013-04-12 92664]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" [2010-03-01 256056]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-08-05 98304]
"4StoryPrePatch"="c:\program files (x86)\Gameforge4D\4Story_CZ\PrePatch.exe" [2013-02-19 327680]
"Guard.Mail.ru.gui"="c:\program files (x86)\Guard-ICQ\GuardICQ.exe" [2013-04-04 1564368]
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" [2013-05-16 1062472]
"WebcamMaxMoniter"="c:\program files (x86)\WebcamMax\wcmmon.exe" [2007-08-01 450048]
"File Sanitizer"="c:\program files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2010-05-06 11268096]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2009-12-07 19:36 75320 ----a-w- c:\windows\System32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 bmxldjpk;bmxldjpk;c:\windows\system32\drivers\bmxldjpk.sys;c:\windows\SYSNATIVE\drivers\bmxldjpk.sys [x]
R1 boikopbv;boikopbv;c:\windows\system32\drivers\boikopbv.sys;c:\windows\SYSNATIVE\drivers\boikopbv.sys [x]
R1 dldwfesj;dldwfesj;c:\windows\system32\drivers\dldwfesj.sys;c:\windows\SYSNATIVE\drivers\dldwfesj.sys [x]
R1 ihssonll;ihssonll;c:\windows\system32\drivers\ihssonll.sys;c:\windows\SYSNATIVE\drivers\ihssonll.sys [x]
R1 jpjlbqfr;jpjlbqfr;c:\windows\system32\drivers\jpjlbqfr.sys;c:\windows\SYSNATIVE\drivers\jpjlbqfr.sys [x]
R1 RsvLock;RsvLock; [x]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64.exe;c:\windows\SYSNATIVE\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64.exe [x]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Guard.Mail.ru;Guard.Mail.ru;c:\program files (x86)\Guard-ICQ\GuardICQ.exe;c:\program files (x86)\Guard-ICQ\GuardICQ.exe [x]
R2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [x]
R2 HP ProtectTools Service;HP ProtectTools Service;c:\program files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe;c:\program files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [x]
R2 HPDayStarterService;HP DayStarter Service;c:\program files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe;c:\program files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe [x]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
R2 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [x]
R2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [x]
R2 hpHotkeyMonitor;HP Hotkey Monitor;c:\program files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe;c:\program files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [x]
R2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
R2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 uArcCapture;ArcCapture;c:\windows\system\uArcCapture.exe;c:\windows\system\uArcCapture.exe [x]
R2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DRIVERS\ArcSoftVCapture.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftVCapture.sys [x]
R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe [x]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv64.sys;c:\windows\SYSNATIVE\DRIVERS\DAMDrv64.sys [x]
R3 DEBridge;DEBridge;c:\program files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe;c:\program files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\SysWOW64\flcdlock.exe;c:\windows\SysWOW64\flcdlock.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 rtsuvc;HP Webcam [2 MP Fixed];c:\windows\system32\DRIVERS\rtsuvc.sys;c:\windows\SYSNATIVE\DRIVERS\rtsuvc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 SafeBoot;SafeBoot; [x]
S0 SbAlg;SbAlg; [x]
S0 SbFsLock;SbFsLock; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-01-22 19:06 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-11-26 19:27 1087304 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.71\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-12-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-04 16:08]
.
2014-12-04 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3435964710-805018482-336169385-1001Core.job
- c:\users\Pavel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-11-29 19:22]
.
2014-12-04 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3435964710-805018482-336169385-1001UA.job
- c:\users\Pavel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-11-29 19:22]
.
2014-12-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-30 09:14]
.
2014-12-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-30 09:14]
.
2014-12-04 c:\windows\Tasks\HPCeeScheduleForPavel.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 03:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-01-02 14:11 261744 ----a-w- c:\users\Pavel\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-01-02 14:11 261744 ----a-w- c:\users\Pavel\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-01-02 14:11 261744 ----a-w- c:\users\Pavel\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"="c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" [2010-08-23 1691192]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-01-27 8192]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-01-29 487424]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-08-22 1331288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"="c:\program files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" [2014-10-21 21720]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files (x86)\ICQ7.7\ICQ.exe
TCP: DhcpNameServer = 62.240.163.170 62.204.224.2
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-10 - (no file)
Wow6432Node-HKCU-Run-EA Core - c:\program files (x86)\Electronic Arts\EADM\Core.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-10 - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} - c:\program files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_239_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_239_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_239_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_239_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_239.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_239.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_239.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_239.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-12-06 14:35:20 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-12-06 13:35
.
Před spuštěním: Volných bajtů: 127 901 040 640
Po spuštění: Volných bajtů: 127 491 080 192
.
- - End Of File - - A3F9A4559D90607D423500B26403EFFF
A36C5E4F47E84449FF07ED3517B43A31

[Márty84]

A proc to delate pod jinym uctem?

[Márty84]

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

KillAll::

Rootkit::
c:\windows\system32\drivers\bmxldjpk.sys
c:\windows\system32\drivers\boikopbv.sys
c:\windows\system32\drivers\dldwfesj.sys
c:\windows\system32\drivers\ihssonll.sys
c:\windows\system32\drivers\jpjlbqfr.sys

File::
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3435964710-805018482-336169385-1001Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3435964710-805018482-336169385-1001UA.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\HPCeeScheduleForPavel.job

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=-
"EADM"=-
"DAEMON Tools Lite"=-
"cz.seznam.software.autoupdate"=-
"cz.seznam.software.szndesktop"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Guard.Mail.ru.gui"=-
"seznam-listicka-distribuce"=-

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

Driver::
bmxldjpk
boikopbv
dldwfesj
ihssonll
jpjlbqfr
BBSvc
Guard.Mail.ru
SkypeUpdate
BBUpdate

Reboot::

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

[Kachnacicek]

Někde jsem tu kdysi četl, že může být pouze jeden aktivní topic na uživatele, ono to je jinak?

Tady je log, děkuji moc za pomoc!

ComboFix 14-12-04.01 - Pavel 07.12.2014 10:54:26.3.2 - x64 NETWORK
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.3830.2880 [GMT 1:00]
Spuštěný z: c:\users\Pavel\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Pavel\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
SP: Microsoft Security Essentials *Disabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\Tasks\Adobe Flash Player Updater.job"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3435964710-805018482-336169385-1001Core.job"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3435964710-805018482-336169385-1001UA.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\HPCeeScheduleForPavel.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3435964710-805018482-336169385-1001Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3435964710-805018482-336169385-1001UA.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\HPCeeScheduleForPavel.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_BBSvc
-------\Service_BBUpdate
-------\Service_bmxldjpk
-------\Service_boikopbv
-------\Service_dldwfesj
-------\Service_Guard.Mail.ru
-------\Service_ihssonll
-------\Service_jpjlbqfr
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-11-07 do 2014-12-07 )))))))))))))))))))))))))))))))
.
.
2014-12-07 10:01 . 2014-12-07 10:01 -------- d-----w- c:\users\strnad\AppData\Local\temp
2014-12-07 10:01 . 2014-12-07 10:01 -------- d-----w- c:\users\stasa\AppData\Local\temp
2014-12-05 23:34 . 2014-12-05 23:12 24064 ----a-w- c:\windows\zoek-delete.exe
2014-12-05 23:34 . 2014-12-07 10:04 -------- d-----w- c:\users\Pavel\AppData\Local\Temp
2014-12-05 23:24 . 2014-09-17 15:11 1188440 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E9835AB0-504A-41F1-9276-E2B3C4890B9D}\gapaengine.dll
2014-12-05 23:23 . 2014-11-02 04:20 11632448 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{188AD368-7BBF-4327-B6B2-CD8187FB8D20}\mpengine.dll
2014-12-05 22:48 . 2014-12-05 23:32 -------- d-----w- C:\zoek_backup
2014-12-03 20:52 . 2014-11-02 04:20 11632448 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-12-03 20:30 . 2014-12-05 20:32 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-12-03 20:30 . 2014-12-03 20:30 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-12-03 20:30 . 2014-12-03 20:30 -------- d-----w- c:\programdata\Malwarebytes
2014-12-03 20:30 . 2014-11-21 05:14 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-12-03 20:30 . 2014-11-21 05:14 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-12-03 20:30 . 2014-11-21 05:14 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-12-03 20:20 . 2014-12-03 20:24 -------- d-----w- C:\AdwCleaner
2014-12-03 17:10 . 2014-12-03 17:11 -------- d-----w- C:\rsit
2014-12-03 17:10 . 2014-12-03 17:11 -------- d-----w- c:\program files\trend micro
2014-11-28 22:19 . 2014-11-11 03:08 241152 ----a-w- c:\windows\system32\pku2u.dll
2014-11-28 22:19 . 2014-11-11 03:08 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-11-28 22:19 . 2014-11-11 02:44 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-11-26 19:32 . 2014-11-11 02:44 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
2014-11-20 15:52 . 2014-11-20 15:52 -------- d-sh--w- c:\users\Pavel\AppData\Local\EmieBrowserModeList
2014-11-15 15:55 . 2014-10-14 02:13 683520 ----a-w- c:\windows\system32\termsrv.dll
2014-11-15 15:55 . 2014-10-14 02:16 155064 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-11-15 15:55 . 2014-10-14 02:07 681984 ----a-w- c:\windows\system32\adtschema.dll
2014-11-15 15:55 . 2014-10-14 01:46 681984 ----a-w- c:\windows\SysWow64\adtschema.dll
2014-11-15 15:55 . 2014-10-14 02:12 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-11-15 15:55 . 2014-10-14 02:09 146432 ----a-w- c:\windows\system32\msaudite.dll
2014-11-15 15:55 . 2014-10-14 01:50 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-11-15 15:55 . 2014-10-14 01:49 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-11-15 15:55 . 2014-10-14 01:47 146432 ----a-w- c:\windows\SysWow64\msaudite.dll
2014-11-12 14:45 . 2014-10-18 02:05 861696 ----a-w- c:\windows\system32\oleaut32.dll
2014-11-12 14:44 . 2014-10-25 01:57 77824 ----a-w- c:\windows\system32\packager.dll
2014-11-12 14:44 . 2014-10-25 01:32 67584 ----a-w- c:\windows\SysWow64\packager.dll
2014-11-12 14:44 . 2014-10-10 00:57 3198976 ----a-w- c:\windows\system32\win32k.sys
2014-11-12 14:44 . 2014-10-14 02:13 3241984 ----a-w- c:\windows\system32\msi.dll
2014-11-12 14:44 . 2014-10-14 01:50 2363904 ----a-w- c:\windows\SysWow64\msi.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-28 16:08 . 2012-11-24 11:46 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-11-28 16:08 . 2011-11-23 13:10 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-11-13 09:47 . 2012-09-25 19:33 103374192 ----a-w- c:\windows\system32\MRT.exe
2014-10-30 11:25 . 2011-11-22 07:22 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-09-25 02:08 . 2014-10-02 14:24 371712 ----a-w- c:\windows\system32\qdvd.dll
2014-09-25 01:40 . 2014-10-02 14:24 519680 ----a-w- c:\windows\SysWow64\qdvd.dll
2014-09-19 09:23 . 2014-11-12 14:45 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2014-09-17 15:11 . 2012-09-12 15:14 1188440 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-09-09 22:11 . 2014-09-26 12:18 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-09 21:47 . 2014-09-26 12:18 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-01-02 14:11 222832 ----a-w- c:\users\Pavel\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-01-02 14:11 222832 ----a-w- c:\users\Pavel\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-01-02 14:11 222832 ----a-w- c:\users\Pavel\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" [2010-03-01 256056]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-08-05 98304]
"4StoryPrePatch"="c:\program files (x86)\Gameforge4D\4Story_CZ\PrePatch.exe" [2013-02-19 327680]
"WebcamMaxMoniter"="c:\program files (x86)\WebcamMax\wcmmon.exe" [2007-08-01 450048]
"File Sanitizer"="c:\program files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2010-05-06 11268096]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2009-12-07 19:36 75320 ----a-w- c:\windows\System32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 RsvLock;RsvLock; [x]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64.exe;c:\windows\SYSNATIVE\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64.exe [x]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [x]
R2 HP ProtectTools Service;HP ProtectTools Service;c:\program files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe;c:\program files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [x]
R2 HPDayStarterService;HP DayStarter Service;c:\program files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe;c:\program files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe [x]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
R2 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [x]
R2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [x]
R2 hpHotkeyMonitor;HP Hotkey Monitor;c:\program files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe;c:\program files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [x]
R2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
R2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
R2 uArcCapture;ArcCapture;c:\windows\system\uArcCapture.exe;c:\windows\system\uArcCapture.exe [x]
R2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DRIVERS\ArcSoftVCapture.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftVCapture.sys [x]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv64.sys;c:\windows\SYSNATIVE\DRIVERS\DAMDrv64.sys [x]
R3 DEBridge;DEBridge;c:\program files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe;c:\program files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\SysWOW64\flcdlock.exe;c:\windows\SysWOW64\flcdlock.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 rtsuvc;HP Webcam [2 MP Fixed];c:\windows\system32\DRIVERS\rtsuvc.sys;c:\windows\SYSNATIVE\DRIVERS\rtsuvc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 SafeBoot;SafeBoot; [x]
S0 SbAlg;SbAlg; [x]
S0 SbFsLock;SbFsLock; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-01-22 19:06 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-11-26 19:27 1087304 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.71\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-01-02 14:11 261744 ----a-w- c:\users\Pavel\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-01-02 14:11 261744 ----a-w- c:\users\Pavel\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-01-02 14:11 261744 ----a-w- c:\users\Pavel\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"="c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" [2010-08-23 1691192]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-01-27 8192]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-01-29 487424]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-08-22 1331288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"="c:\program files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" [2014-10-21 21720]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files (x86)\ICQ7.7\ICQ.exe
TCP: DhcpNameServer = 62.240.163.170 62.204.224.2
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-10 - (no file)
AddRemove-{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} - c:\program files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_239_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_239_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2014-12-07 11:09:50 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-12-07 10:09
ComboFix2.txt 2014-12-06 13:35
.
Před spuštěním: Volných bajtů: 127 598 227 456
Po spuštění: Volných bajtů: 127 498 936 320
.
- - End Of File - - 61D945B993EF7E45B884175A40760F2F
A36C5E4F47E84449FF07ED3517B43A31

[Márty84]

Někde jsem tu kdysi četl, že může být pouze jeden aktivní topic na uživatele, ono to je jinak?

Je to uplne jinak!

Pravidla fora http://forum.viry.cz/viewtopic.php?f=12&t=5601 bod 10

10. Registrováni můžete být pouze jednou (pod jedním nickem). Duplicitní a vícenásobná registrace není přípustná a bude nekompromisně mazána. .....

To co jste cetl, bylo nejspis pravidlo, ze na jeden pc muze byt zalozeno pouze jedno tema (bod 4). Na dalsi pc nove tema atd., ale rozhodne vse pod jednim uctem!
Cili jeden se musi zrusit, vyberte si ktery (pripadne pokud jich mate jeste vic, tak vsechny krom jednoho).



Dejte log podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100

[funkymusic]

Poprosím Vás tedy o zrušení účtu Kachnacicek. Děkuji za objasnění.


Zde je první log:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-12-2014 01
Ran by Pavel (administrator) on PAVELS-HP on 07-12-2014 14:41:53
Running from C:\Users\Pavel\Desktop
Loaded Profile: Pavel (Available profiles: Pavel)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(forum.viry.cz) C:\Users\Pavel\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [1691192 2010-08-23] (Hewlett-Packard Company)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2174760 2010-06-04] (Synaptics Incorporated)
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-01-27] (Hewlett-Packard)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-01-29] (IDT, Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [256056 2010-03-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-08-05] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [4StoryPrePatch] => C:\Program Files (x86)\Gameforge4D\4Story_CZ\PrePatch.exe [327680 2013-02-19] (Zemi Interactive Inc.)
HKLM-x32\...\Run: [WebcamMaxMoniter] => C:\Program Files (x86)\WebcamMax\wcmmon.exe [450048 2007-08-01] ()
HKLM-x32\...\Run: [File Sanitizer] => c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [11268096 2010-05-06] (Hewlett-Packard)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-10-21] (Hewlett-Packard)
Winlogon\Notify\DeviceNP-x32: DeviceNP.dll [X]
Lsa: [Notification Packages] DPPassFilter scecli

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3435964710-805018482-336169385-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-3435964710-805018482-336169385-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
URLSearchHook: HKU\S-1-5-21-3435964710-805018482-336169385-1001 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM -> DefaultScope {A3761D7B-8901-4081-A19A-49094CC84480} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {A3761D7B-8901-4081-A19A-49094CC84480} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {A3761D7B-8901-4081-A19A-49094CC84480} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {A3761D7B-8901-4081-A19A-49094CC84480} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKU\S-1-5-21-3435964710-805018482-336169385-1001 -> DefaultScope {A3761D7B-8901-4081-A19A-49094CC84480} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKU\S-1-5-21-3435964710-805018482-336169385-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3435964710-805018482-336169385-1001 -> {27E5F2BB-7308-46B7-B726-EBA870CDF2A9} URL = http://www.novinky.cz/hledej?w={searchT ... arch_13906
SearchScopes: HKU\S-1-5-21-3435964710-805018482-336169385-1001 -> {2DD3A5ED-9F28-4615-85EA-A6B94BF37E79} URL = http://encyklopedie.seznam.cz/search?q= ... arch_13906
SearchScopes: HKU\S-1-5-21-3435964710-805018482-336169385-1001 -> {421AACB1-6577-4847-B204-95A15F6C827E} URL = http://search.seznam.cz/?q={searchTerms ... arch_13906
SearchScopes: HKU\S-1-5-21-3435964710-805018482-336169385-1001 -> {63788942-3DD8-4313-BAF2-3F5C223EA2A6} URL = http://search.seznam.cz/?q={searchTerms ... chmodule_2
SearchScopes: HKU\S-1-5-21-3435964710-805018482-336169385-1001 -> {7980C0ED-8DC2-4353-B128-4A6FEA7B2B81} URL = http://www.mapy.cz/?query={searchTerms} ... arch_13906
SearchScopes: HKU\S-1-5-21-3435964710-805018482-336169385-1001 -> {87B5B7B0-6AF1-4C52-8716-3CB5A027F518} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13906
SearchScopes: HKU\S-1-5-21-3435964710-805018482-336169385-1001 -> {8EA7A4F3-0F4E-4EF3-8059-9ED285FA8FAF} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13906
SearchScopes: HKU\S-1-5-21-3435964710-805018482-336169385-1001 -> {A3761D7B-8901-4081-A19A-49094CC84480} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKU\S-1-5-21-3435964710-805018482-336169385-1001 -> {BEB537AD-8BC5-4E35-B509-6534B3D9DEC8} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13906
SearchScopes: HKU\S-1-5-21-3435964710-805018482-336169385-1001 -> {D9B595D4-BF07-4D76-96E3-264D01FEBCB9} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_13906
SearchScopes: HKU\S-1-5-21-3435964710-805018482-336169385-1001 -> {EB6D7220-C2DA-4CD0-AEB9-58B0581CA2FD} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13906
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: HP ProtectTools Security Manager Extension -> {395610AE-C624-4f58-B89E-23733EA00F9A} -> c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
BHO-x32: HP ProtectTools Security Manager Extension -> {395610AE-C624-4f58-B89E-23733EA00F9A} -> c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 62.240.163.170 62.204.224.2

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin-x32: @gentek.com/thinclient -> C:\IGG\twclient_us\npthinclient.dll (Generic Network)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3435964710-805018482-336169385-1001: @eximion.com/KalydoPlayer -> C:\Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\bin2\npkalydo.dll (Eximion B.V.)
FF Plugin HKU\S-1-5-21-3435964710-805018482-336169385-1001: @g2.com/iggweb3dupdater -> C:\Users\Pavel\AppData\Roaming\IGG\Web3D\1.0.0.38\NPIGGWeb3DUpdater.dll (IGG)
FF Plugin HKU\S-1-5-21-3435964710-805018482-336169385-1001: @g2.com/joyconnectshell -> C:\Users\Pavel\AppData\Roaming\IGG\Web3D\1.0.0.38\NPJoyConnectShell.dll (IGG)
FF Plugin HKU\S-1-5-21-3435964710-805018482-336169385-1001: @gentek.com/thinclient -> C:\IGG\twclient_us\npthinclient.dll (Generic Network)
FF Plugin HKU\S-1-5-21-3435964710-805018482-336169385-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Pavel\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-3435964710-805018482-336169385-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Pavel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2010-12-10]

Chrome:
=======
CHR Profile: C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-06]
CHR Extension: (Dokumenty Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-24]
CHR Extension: (Disk Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-24]
CHR Extension: (YouTube) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-04-01]
CHR Extension: (Vyhledávání Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-04-01]
CHR Extension: (Tabulky Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-06]
CHR Extension: (Peněženka Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-02]
CHR Extension: (Gmail) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-04-01]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 AESTFilters; C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation)
S3 DEBridge; c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe [704512 2010-01-26] (McAfee, Inc.) [File not signed]
S2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [462088 2010-01-22] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [362040 2009-12-07] (Hewlett-Packard Ltd)
S2 HP ProtectTools Service; c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [36864 2010-01-12] (Hewlett-Packard Development Company, L.P) [File not signed]
S2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
S2 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe [90112 2010-05-10] (Hewlett-Packard Company) [File not signed]
S2 HpFkCryptService; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [281192 2010-01-26] (McAfee, Inc.)
S2 HPFSService; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [298496 2010-05-06] (Hewlett-Packard) [File not signed]
S2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [264248 2010-03-01] (Hewlett-Packard Company)
S2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-01-22] (Hewlett-Packard Company) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
S2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [635416 2010-01-12] (PDF Complete Inc)
S2 STacSV; C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\STacSV64.exe [244736 2010-01-29] (IDT, Inc.)
S2 uArcCapture; C:\windows\system\uArcCapture.exe [506472 2009-12-04] (ArcSoft, Inc.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ARCVCAM; C:\Windows\System32\DRIVERS\ArcSoftVCapture.sys [32640 2009-12-04] (ArcSoft, Inc.)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [40760 2009-10-21] (Hewlett-Packard Development Company L.P.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-04-27] (DT Soft Ltd)
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S1 RsvLock; C:\Windows\System32\Drivers\RsvLock.sys [58184 2010-01-26] (McAfee, Inc.)
S1 RsvLock; C:\Windows\SysWow64\Drivers\RsvLock.sys [40088 2010-01-26] (McAfee, Inc.)
S3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [8200296 2010-12-29] (Realtek Semiconductor Corp.)
R0 SafeBoot; C:\Windows\System32\Drivers\SafeBoot.sys [56648 2010-01-26] (McAfee, Inc.)
R0 SafeBoot; C:\Windows\SysWow64\Drivers\SafeBoot.sys [110520 2010-01-26] (McAfee, Inc.)
R0 SbAlg; C:\Windows\System32\Drivers\SbAlg.sys [60160 2009-06-04] (McAfee, Inc.)
R0 SbAlg; C:\Windows\SysWow64\Drivers\SbAlg.sys [51800 2010-01-26] (McAfee, Inc.)
R0 SbFsLock; C:\Windows\System32\Drivers\SbFsLock.sys [15688 2010-01-26] (McAfee, Inc.)
R0 SbFsLock; C:\Windows\SysWow64\Drivers\SbFsLock.sys [13256 2010-01-26] (McAfee, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\windows\system32\drivers\EagleX64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-07 14:41 - 2014-12-07 14:43 - 00018958 _____ () C:\Users\Pavel\Desktop\FRST.txt
2014-12-07 14:41 - 2014-12-07 14:41 - 00000000 ____D () C:\FRST
2014-12-07 14:40 - 2014-12-07 14:40 - 00112640 _____ (forum.viry.cz) C:\Users\Pavel\Desktop\FRSTLauncher.exe
2014-12-07 14:38 - 2014-12-07 14:38 - 02119680 _____ (Farbar) C:\Users\Pavel\Desktop\FRST64.exe
2014-12-07 11:09 - 2014-12-07 11:09 - 00019309 _____ () C:\ComboFix.txt
2014-12-07 11:03 - 2014-12-07 11:03 - 00000546 _____ () C:\windows\PFRO.log
2014-12-06 13:04 - 2014-12-07 11:09 - 00000000 ____D () C:\Qoobox
2014-12-06 13:04 - 2014-12-07 11:01 - 00000000 ____D () C:\windows\erdnt
2014-12-06 13:04 - 2011-06-26 07:45 - 00256000 _____ () C:\windows\PEV.exe
2014-12-06 13:04 - 2010-11-07 18:20 - 00208896 _____ () C:\windows\MBR.exe
2014-12-06 13:04 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2014-12-06 13:04 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2014-12-06 13:04 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2014-12-06 13:04 - 2000-08-31 01:00 - 00098816 _____ () C:\windows\sed.exe
2014-12-06 13:04 - 2000-08-31 01:00 - 00080412 _____ () C:\windows\grep.exe
2014-12-06 13:04 - 2000-08-31 01:00 - 00068096 _____ () C:\windows\zip.exe
2014-12-06 13:01 - 2014-12-06 13:01 - 05600479 ____R (Swearware) C:\Users\Pavel\Desktop\ComboFix.exe
2014-12-06 00:34 - 2014-12-06 00:12 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-12-06 00:19 - 2014-12-06 00:39 - 00012635 _____ () C:\zoek-results.log
2014-12-05 23:48 - 2014-12-06 00:32 - 00000000 ____D () C:\zoek_backup
2014-12-05 23:48 - 2014-12-05 23:41 - 01295360 _____ () C:\Users\Pavel\Desktop\zoek.exe
2014-12-03 21:30 - 2014-12-05 21:32 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-03 21:30 - 2014-12-03 21:30 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-03 21:30 - 2014-12-03 21:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-03 21:30 - 2014-12-03 21:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-03 21:30 - 2014-12-03 21:30 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-03 21:30 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-12-03 21:30 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-12-03 21:30 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-12-03 21:20 - 2014-12-03 21:24 - 00000000 ____D () C:\AdwCleaner
2014-12-03 21:20 - 2014-12-03 19:47 - 02154496 _____ () C:\Users\Pavel\Desktop\adwcleaner_4.103.exe
2014-12-03 18:10 - 2014-12-03 18:11 - 00000000 ____D () C:\rsit
2014-12-03 18:10 - 2014-12-03 18:11 - 00000000 ____D () C:\Program Files\trend micro
2014-12-03 18:09 - 2014-12-03 18:09 - 01222144 _____ () C:\Users\Pavel\Desktop\RSITx64.exe
2014-11-28 23:19 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-11-28 23:19 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\windows\system32\pku2u.dll
2014-11-28 23:19 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-11-26 20:32 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\windows\SysWOW64\pku2u.dll
2014-11-22 10:46 - 2014-11-22 11:21 - 366950400 _____ () C:\Users\Pavel\Downloads\The-Vampire-Diaries-S06E08-(Upíří-deníky-6x08)---CZ-titulky.avi
2014-11-22 10:33 - 2014-11-22 10:45 - 185470722 _____ () C:\Users\Pavel\Downloads\Upíří-deníky-(The-Vampire-diaries)-6x08-CZ-titulky.avi
2014-11-20 16:52 - 2014-11-20 16:52 - 00000000 __SHD () C:\Users\Pavel\AppData\Local\EmieBrowserModeList
2014-11-15 16:55 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2014-11-15 16:55 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-11-15 16:55 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-11-15 16:55 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2014-11-15 16:55 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2014-11-15 16:55 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2014-11-15 16:55 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-11-15 16:55 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2014-11-15 16:55 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2014-11-12 15:46 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-11-12 15:46 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-11-12 15:46 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-11-12 15:46 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-11-12 15:46 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-11-12 15:46 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-11-12 15:46 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-11-12 15:46 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-11-12 15:46 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-11-12 15:46 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-11-12 15:46 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-11-12 15:46 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-11-12 15:46 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-11-12 15:46 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-11-12 15:46 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-11-12 15:46 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-11-12 15:46 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-11-12 15:46 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-11-12 15:46 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-11-12 15:46 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-11-12 15:46 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-11-12 15:46 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-11-12 15:46 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-11-12 15:46 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-11-12 15:46 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-11-12 15:46 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 15:46 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-11-12 15:46 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-11-12 15:46 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-11-12 15:46 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-11-12 15:46 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-11-12 15:46 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-11-12 15:46 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-11-12 15:46 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-11-12 15:46 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-11-12 15:46 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-11-12 15:46 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 15:46 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-11-12 15:46 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-11-12 15:46 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-11-12 15:46 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-11-12 15:46 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-11-12 15:46 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-11-12 15:46 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-11-12 15:46 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-11-12 15:46 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-11-12 15:46 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-11-12 15:46 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-11-12 15:46 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-11-12 15:46 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-11-12 15:46 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-11-12 15:46 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-11-12 15:46 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-11-12 15:46 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-11-12 15:46 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-11-12 15:46 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-11-12 15:45 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2014-11-12 15:45 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2014-11-12 15:45 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2014-11-12 15:45 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2014-11-12 15:45 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2014-11-12 15:45 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2014-11-12 15:45 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2014-11-12 15:45 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2014-11-12 15:45 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2014-11-12 15:45 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2014-11-12 15:45 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-11-12 15:45 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-11-12 15:45 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2014-11-12 15:45 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-11-12 15:45 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-11-12 15:45 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-11-12 15:45 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2014-11-12 15:45 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-11-12 15:45 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2014-11-12 15:45 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2014-11-12 15:45 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-11-12 15:45 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-11-12 15:45 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-11-12 15:45 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-11-12 15:45 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-11-12 15:45 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2014-11-12 15:45 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\windows\system32\IMJP10K.DLL
2014-11-12 15:45 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\windows\SysWOW64\IMJP10K.DLL
2014-11-12 15:44 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2014-11-12 15:44 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2014-11-12 15:44 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-11-12 15:44 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-11-12 15:44 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-07 14:40 - 2012-11-13 19:58 - 00000000 ___RD () C:\Users\Pavel\Desktop\Barborka
2014-12-07 14:40 - 2010-12-10 14:27 - 00680016 _____ () C:\windows\system32\perfh005.dat
2014-12-07 14:40 - 2010-12-10 14:27 - 00146852 _____ () C:\windows\system32\perfc005.dat
2014-12-07 14:40 - 2009-07-14 06:13 - 01617818 _____ () C:\windows\system32\PerfStringBackup.INI
2014-12-07 11:04 - 2009-07-14 03:34 - 00000215 _____ () C:\windows\system.ini
2014-12-07 11:02 - 2009-07-14 03:34 - 84242432 _____ () C:\windows\system32\config\software.bak
2014-12-07 11:02 - 2009-07-14 03:34 - 17039360 _____ () C:\windows\system32\config\system.bak
2014-12-07 11:02 - 2009-07-14 03:34 - 00311296 _____ () C:\windows\system32\config\default.bak
2014-12-07 11:02 - 2009-07-14 03:34 - 00065536 _____ () C:\windows\system32\config\sam.bak
2014-12-07 11:02 - 2009-07-14 03:34 - 00028672 _____ () C:\windows\system32\config\security.bak
2014-12-06 13:02 - 2013-12-18 18:36 - 00000000 ____D () C:\Users\Pavel\AppData\Roaming\Seznam.cz
2014-12-06 13:01 - 2009-07-14 05:45 - 00020944 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-06 13:01 - 2009-07-14 05:45 - 00020944 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-06 12:57 - 2011-07-06 08:11 - 02001419 _____ () C:\windows\WindowsUpdate.log
2014-12-06 12:54 - 2011-11-23 14:42 - 00056260 _____ () C:\windows\setupact.log
2014-12-06 12:54 - 2010-12-10 14:32 - 00000000 ____D () C:\ProgramData\HPQLOG
2014-12-06 12:54 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-12-06 00:32 - 2014-03-29 15:51 - 00000000 ___RD () C:\Users\Pavel\Desktop\Savoir
2014-12-06 00:32 - 2011-11-16 17:38 - 00000000 ____D () C:\Users\Pavel
2014-12-06 00:32 - 2009-07-14 04:20 - 00000000 ___HD () C:\windows\system32\GroupPolicy
2014-12-06 00:32 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\SysWOW64\GroupPolicy
2014-12-05 23:40 - 2014-03-12 17:23 - 00000000 ____D () C:\Program Files (x86)\GotClip
2014-12-05 23:40 - 2014-03-12 17:22 - 00000000 ____D () C:\Program Files (x86)\PCData
2014-12-05 23:40 - 2014-03-12 17:22 - 00000000 ____D () C:\Program Files (x86)\DoubleOptMedia
2014-12-05 23:40 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\SchCache
2014-12-04 21:10 - 2011-11-17 02:09 - 00000000 ____D () C:\windows\rescache
2014-12-04 19:35 - 2014-05-31 14:58 - 00003186 _____ () C:\windows\System32\Tasks\HPCeeScheduleForPavel
2014-12-03 18:07 - 2012-10-24 14:58 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-11-29 13:35 - 2014-08-23 12:22 - 00000000 _____ () C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-11-29 13:35 - 2014-05-24 12:17 - 00000052 _____ () C:\windows\SysWOW64\DOErrors.log
2014-11-28 17:08 - 2014-10-04 14:13 - 00003852 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-11-28 17:08 - 2012-11-24 12:46 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-11-28 17:08 - 2011-11-23 14:10 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-28 17:04 - 2014-10-05 10:53 - 00000000 ____D () C:\Users\Pavel\Downloads\Gameforge Live
2014-11-28 16:14 - 2012-03-22 12:40 - 00000000 ____D () C:\Users\strnad
2014-11-28 16:14 - 2011-11-23 14:09 - 00000000 ____D () C:\windows\system32\Macromed
2014-11-28 16:14 - 2011-11-22 13:45 - 00000000 ____D () C:\Users\stasa
2014-11-28 16:14 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\registration
2014-11-26 20:32 - 2014-05-24 19:06 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-11-25 22:25 - 2014-06-29 18:09 - 00000000 ____D () C:\Users\Pavel\Desktop\Knihy
2014-11-23 12:38 - 2014-03-29 16:02 - 00000000 ___RD () C:\Users\Pavel\Desktop\Jeux
2014-11-23 11:30 - 2012-10-24 14:59 - 00000000 ____D () C:\ProgramData\Origin
2014-11-22 10:12 - 2014-03-29 16:05 - 00000000 ___RD () C:\Users\Pavel\Desktop\Autres
2014-11-22 10:12 - 2014-03-29 15:51 - 00000000 ___RD () C:\Users\Pavel\Desktop\Fonte
2014-11-22 10:12 - 2013-04-27 21:36 - 00000000 ___RD () C:\Users\Pavel\Desktop\Spore-CZ-plná-verze!!
2014-11-22 10:12 - 2012-10-24 14:29 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-11-22 10:12 - 2010-12-10 14:26 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-21 10:52 - 2013-12-31 21:22 - 00000000 ____D () C:\Users\Pavel\Downloads\Vampire-Diaries---05---The_Return_-_Nightfall---Audio-book
2014-11-21 10:52 - 2013-03-30 13:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-11-21 10:51 - 2014-04-15 19:03 - 00000000 ____D () C:\Users\Pavel\Downloads\freepiano_2.2.164-bit
2014-11-21 10:50 - 2013-02-18 11:36 - 00000000 ____D () C:\Program Files (x86)\Games
2014-11-20 16:55 - 2013-11-23 20:06 - 00000000 ____D () C:\gencache
2014-11-16 13:22 - 2013-03-30 13:50 - 00003948 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-16 13:22 - 2013-03-30 13:50 - 00003696 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-15 22:29 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\AppCompat
2014-11-15 22:29 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-11-13 16:41 - 2011-11-16 17:46 - 00140592 _____ () C:\Users\Pavel\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-13 15:29 - 2011-11-23 14:42 - 00484248 _____ () C:\windows\system32\FNTCACHE.DAT
2014-11-13 10:59 - 2011-11-22 08:31 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-13 10:53 - 2013-08-20 21:27 - 00000000 ____D () C:\windows\system32\MRT
2014-11-13 10:47 - 2012-09-25 20:33 - 103374192 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-05 00:03




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:280.8 GB) (Free:118.75 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:0.01 GB) FAT32

Available physical RAM: 2866.04 MB
Total physical RAM: 3830.43 MB
Percentage of memory in use: 25%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 350A316E)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=280.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2 GB) - (Type=0C)

==================== Scheduled Tasks (whitelisted) ==================


==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\TEMP:8DD36B71
AlternateDataStreams: C:\Users\Pavel\Desktop\adwcleaner_4.103.exe:xdg.origin.url
AlternateDataStreams: C:\Users\Pavel\Desktop\adwcleaner_4.103.exe:xdg.referrer.url

==================== Security Center ==================

AV: Microsoft Security Essentials (Disabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Disabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Pavel\Desktop" je 4564 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[funkymusic]

Addition log:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-12-2014 01
Ran by Pavel at 2014-12-07 14:43:38
Running from C:\Users\Pavel\Desktop
Boot Mode: Safe Mode (with Networking)
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Disabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Disabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4Story (HKU\S-1-5-21-3435964710-805018482-336169385-1001\...\Kalydo App 4Story) (Version: 4.02.02.12 - )
4Story CZ 4.1.98 (HKLM-x32\...\4Story_CZ_is1) (Version: - )
4story_cycle (HKU\S-1-5-21-3435964710-805018482-336169385-1001\...\Kalydo App 4story_cycle) (Version: 4.01.00.35 - )
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.0.112 - Adobe Systems, Inc.)
AION Free-to-Play (HKLM-x32\...\{82E73E8D-E1E7-45A4-A311-6D31492AA913}_is1) (Version: - Gameforge)
ArcSoft TotalMedia (HKLM-x32\...\ArcSoft TotalMedia) (Version: 1.0.23.26 - ArcSoft)
ArcSoft TotalMedia (x32 Version: 1.0.43.25 - ArcSoft) Hidden
ArcSoft Webcam Sharing Manager (HKLM-x32\...\{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}) (Version: 1.0.0.26 - ArcSoft)
ATI Catalyst Install Manager (HKLM\...\{560932B5-8702-7FB8-01AE-265EA44FAEEB}) (Version: 3.0.778.0 - ATI Technologies, Inc.)
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Broadcom 2070 Bluetooth 3.0 (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.5600 - Broadcom Corporation)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.350.6 - Broadcom Corporation)
ccc-core-static (x32 Version: 2010.0805.358.5180 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.10 - Piriform)
Corel Home Office - CS Templates (x32 Version: 5.6 - 公司名称) Hidden
Corel Home Office - CT Templates (x32 Version: 5.6 - 您的公司名稱) Hidden
Corel Home Office - IPM (x32 Version: 5.6 - Corel Corporation) Hidden
Corel Home Office - JP Templates (x32 Version: 5.6 - 会社名) Hidden
Corel Home Office - KR Templates (x32 Version: 5.6 - 회사명) Hidden
Corel Home Office - Launcher (x32 Version: 5.6 - Corel Corporation) Hidden
Corel Home Office - Templates RU (x32 Version: 5.6 - Название организации) Hidden
Corel Home Office - Templates1 (x32 Version: 5.6 - Your Company Name) Hidden
Corel Home Office (HKLM-x32\...\_{36C95AD3-D330-4BAA-884A-9F3EFD15A5EA}) (Version: 5.0.85.588 - Corel Corporation)
Corel Home Office (x32 Version: 5.6 - Corel Corporation) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Device Access Manager for HP ProtectTools (HKLM\...\{55B52830-024A-443E-AF61-61E1E71AFA1B}) (Version: 5.0.1.6 - Hewlett-Packard)
DoubleOptMedia (HKLM-x32\...\DoubleOptMedia11.041.44) (Version: 11.041.44 - M/s Tech AnB)
Drive Encryption for HP ProtectTools (HKLM-x32\...\Drive Encryption) (Version: 5.0.5.0 - Hewlett-Packard)
Drive Encryption for HP ProtectTools (Version: 5.0.5.2 - Hewlett-Packard) Hidden
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
Face Recognition for HP ProtectTools (HKLM\...\{E793990C-90BE-4B69-AC29-BF5E8FD4ED54}) (Version: 2.02.4007 - Hewlett-Packard)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
File Sanitizer For HP ProtectTools (HKLM-x32\...\{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}) (Version: 5.0.1.4 - Hewlett-Packard)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Gameforge Live 2.0.5 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.5 - Gameforge)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Guard.ICQ (HKLM-x32\...\Guard.Mail.ru) (Version: - Mail.ru) <==== ATTENTION
HellSpy Klient verze 0.8.0 (HKLM-x32\...\{553E24F0-09FD-4BCB-9CF0-4FC0F6DB95D1}_is1) (Version: 0.8.0 - HellSpy.com)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{299625B9-6C69-462C-9CEA-8E06D878B1C5}) (Version: 4.0.5.1 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{D21160A2-8B5F-409C-99C8-03582F5324B7}) (Version: 1.7.0.0 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{D9989A13-B173-4048-B8A5-93C204DCB1B3}) (Version: 1.1.6.1 - Hewlett-Packard Company)
HP HotKey Support (HKLM\...\{4BBA5224-C5B1-4B8C-AAA4-68DA6654B9C1}) (Version: 3.5.15.1 - Hewlett-Packard Company)
HP Power Assistant (HKLM\...\{C823942A-A0B4-4412-B935-6A2DC7CC1B4D}) (Version: 1.0.11.0 - Hewlett-Packard Company)
HP Power Data (HKLM\...\{1C292266-E054-4090-84D5-869649E4F9C7}) (Version: 1.0.35.187 - Hewlett-Packard Company)
HP ProtectTools Security Manager (HKLM\...\HPProtectTools) (Version: 5.04.669 - Hewlett-Packard)
HP QuickLook (HKLM\...\{3B392D0A-F3F6-41EA-8DDB-D657ABA70168}) (Version: 3.3.1.2 - Hewlett-Packard Company)
HP QuickWeb (HKLM-x32\...\{7861911B-4270-498A-8F7A-FCF0570F486B}) (Version: 1.0.1.59 - DeviceVM, Inc.)
HP Setup (HKLM-x32\...\{E7C34ED4-BBB6-4C57-9FBD-B29CA5878051}) (Version: 8.5.4371.3505 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{2DA697D7-FED3-4DE2-A174-92A2A12F9688}) (Version: 3.0.5.0 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{80A6DF3F-FB3D-48CB-BF1B-686E3D08C8F6}) (Version: 4.0.32.1 - Hewlett-Packard Company)
HP Software Setup (HKLM-x32\...\{04801E42-B1A6-4C52-9F3D-CADB5A050433}) (Version: 7.0.1.6 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Webcam Driver (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.1.7600.0084 - Realtek Semiconductor Corp.)
HP Wireless Assistant (HKLM\...\{E6BC696E-5E96-4C1B-9371-379AF3A46B6B}) (Version: 4.0.4.2 - Hewlett-Packard)
ICQ7.7 (HKLM-x32\...\{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}) (Version: 7.7 - ICQ)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6268.0 - IDT)
IGG Web3D Player version 1.0.0.38 (HKU\S-1-5-21-3435964710-805018482-336169385-1001\...\IGG Web3D Player_is1) (Version: 1.0.0.38 - IGG, Inc.)
Janes Hotel Mania 1.00 (HKLM-x32\...\Janes Hotel Mania 1.00) (Version: - )
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Kalydo Player 6.00.00 (HKU\S-1-5-21-3435964710-805018482-336169385-1001\...\KalydoPlayer) (Version: 6.00.00 - Eximion B.V.)
LightScribe System Software (HKLM-x32\...\{FA8BFB25-BF48-4F8B-8859-B30810745190}) (Version: 1.18.11.1 - LightScribe)
Malwarebytes Anti-Malware verze 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Metin2 (HKLM-x32\...\Metin2_is1) (Version: - Gameforge 4D GmbH)
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0405-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Standard 2010 (HKLM-x32\...\Office14.STANDARD) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-3435964710-805018482-336169385-1001\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.1.15.109 - Electronic Arts, Inc.)
Ovladače videa společnosti Pinnacle (HKLM\...\{5EB90C06-964F-4195-B83E-BD7E55C88415}) (Version: 12.00.0017 - Pinnacle Systems)
PC Data App (HKLM-x32\...\PCData App) (Version: - ) <==== ATTENTION
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 3.5.116 - PDF Complete, Inc)
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Pinnacle Instant DVD Recorder (HKLM-x32\...\{C1212AE3-DBB9-4365-8473-F8ABC7B06BBB}) (Version: 2.5.0.090 - Pinnacle Systems)
Pinnacle Studio 12 (HKLM-x32\...\{D041EB9E-890A-4098-8F94-51DA194AC72A}) (Version: 12.0.0.6163 - Pinnacle Systems)
Pre-Boot Security for HP ProtectTools (Version: 5.0.7.1 - Hewlett-Packard) Hidden
Privacy Manager for HP ProtectTools (HKLM\...\{04255D34-6C6D-4F63-A218-EE8FD2D13AF0}) (Version: 5.10.784 - Hewlett-Packard)
Razer Game Booster (HKLM-x32\...\{88F0F4FF-B514-4E32-9C17-CAF96D60EAFC}) (Version: 3.5.6.0 - Razer USA Ltd.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 1.12.0011 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30113 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Seznam Software (HKU\S-1-5-21-3435964710-805018482-336169385-1001\...\SeznamInstall) (Version: - Seznam.cz)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
SymSilent (HKLM-x32\...\SymSilent) (Version: - Symantec Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.17.2 - Synaptics Incorporated)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
The Sims™ 3 Cestovní horečka (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
The Sims™ 3 Do Budoucnosti (HKLM-x32\...\{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}) (Version: 21.0.150 - Electronic Arts)
The Sims™ 3 Domácí mazlíčci (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
The Sims™ 3 Obludárium (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
The Sims™ 3 Povolání snů (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
The Sims™ 3 Roční období (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
The Sims™ 3 Tropický ráj (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
The Sims™ 3 Po setmění (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
Theft Recovery (HKLM-x32\...\InstallShield_{33C9F24B-1D92-4632-A915-81E3BB1D5D6B}) (Version: 5.1.0.19 - Hewlett-Packard)
Theft Recovery (x32 Version: 5.1.0.19 - Hewlett-Packard) Hidden
Unity Web Player (HKU\S-1-5-21-3435964710-805018482-336169385-1001\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Validity Fingerprint Driver (HKLM\...\{DD966CEF-5EA9-4BA2-B210-490FEBC27EA7}) (Version: 4.0.15.0 - Validity Sensors, Inc.)
WebcamMax (HKLM-x32\...\WebcamMax) (Version: 4.0.6.0. - )
Windows 7 Default Setting (HKLM-x32\...\{5BF8E079-D6E2-4323-B794-75152371122A}) (Version: 1.0.1.6 - Hewlett-Packard Company)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
WinZip 14.5 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}) (Version: 14.5.9095 - WinZip Computing, S.L. )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3435964710-805018482-336169385-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Pavel\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3435964710-805018482-336169385-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Pavel\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3435964710-805018482-336169385-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Pavel\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3435964710-805018482-336169385-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Pavel\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3435964710-805018482-336169385-1001_Classes\CLSID\{F7D4B6AD-AB5F-4fe8-9469-3A4697E41129}\InprocServer32 -> C:\Users\Pavel\AppData\Roaming\Kalydo\KalydoPlayer\bin2\kalydoplayer64.dll (Eximion B.V.)
CustomCLSID: HKU\S-1-5-21-3435964710-805018482-336169385-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Pavel\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

22-11-2014 19:20:40 Windows Update
23-11-2014 18:00:24 Windows Zálohování
23-11-2014 21:06:16 Windows Update
26-11-2014 19:37:44 Windows Update
27-11-2014 10:51:00 Windows Update
27-11-2014 12:58:10 Windows Update
27-11-2014 13:23:44 Windows Update
27-11-2014 20:32:29 Windows Update
28-11-2014 13:14:31 Windows Update
28-11-2014 16:22:04 Windows Update
28-11-2014 22:18:53 Windows Update
01-12-2014 13:21:40 Windows Zálohování
03-12-2014 20:49:26 Windows Update
05-12-2014 23:19:24 zoek.exe restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-12-07 11:04 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {01153FE2-1950-442E-80CE-2E6CE0EE907B} - System32\Tasks\{67E3CB4E-E669-4A97-BE23-E4410566E596} => C:\Program Files (x86)\GameforgeLive\GameforgeLive.exe [2014-08-07] ()
Task: {03A9B3D4-5A3D-4BBB-B1C8-C30F5A4938F2} - System32\Tasks\{E03D5CAF-26B1-49C0-A1E8-357FB607DDD8} => C:\Hry\Moorhuhn 1\Moorhuhn.exe [1999-12-31] (Witan Entertainment BV)
Task: {21E4D13C-E313-41F9-8CB4-0661F2115D0B} - System32\Tasks\{752775D1-41B5-401F-8082-1C5E698DE74A} => Chrome.exe http://ui.skype.com/ui/0/6.0.59.126/cs/ ... age=tsBing
Task: {24E9D273-DC6C-459E-965D-7F4FF96A0AFB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {2569ABAC-FFE0-4D02-ACE0-60E644849D29} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-09-07] ()
Task: {2BDA88FF-10E8-4C98-A09C-FE99432BBF6A} - System32\Tasks\{16188225-C0E6-4BF2-B689-AB5FCF772FE1} => C:\Hry\Moorhuhn 1\Moorhuhn.exe [1999-12-31] (Witan Entertainment BV)
Task: {317926EA-017F-4F2E-BD97-560E9AFC486D} - System32\Tasks\{45681651-FE59-4023-A525-67609669E1AE} => Chrome.exe http://ui.skype.com/ui/0/6.5.59.158/cs/ ... rogressBar
Task: {4664AFEE-99F5-4791-BC43-F3A3F8528080} - System32\Tasks\{05438E17-99C1-476D-9702-FA15BE75CC64} => C:\Program Files (x86)\TopCD\Warlords BC III\Battlecry III.exe [2006-05-21] (Infinite Interactive)
Task: {4B968D78-B0D3-43DF-8C73-3E905BC0C5C7} - System32\Tasks\{9894C2AE-A00C-484E-87E9-0C84C61F474D} => C:\Program Files (x86)\TopCD\Warlords BC III\Battlecry III.exe [2006-05-21] (Infinite Interactive)
Task: {58D06DDF-B285-47CE-B218-DE6A0CBD582B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-25] (Google Inc.)
Task: {5F332EC2-F201-4319-BEFC-EC73C65A5ACD} - System32\Tasks\{FBCE5D01-5086-4514-AEC4-6B627C1BA261} => C:\Program Files (x86)\TopCD\Warlords BC III\Battlecry III.exe [2006-05-21] (Infinite Interactive)
Task: {6565070F-15E2-4661-83E4-1028AA17F7D2} - System32\Tasks\{0E62312B-128E-409E-980E-63BA621BDAED} => C:\Program Files (x86)\TopCD\Warlords BC III\Battlecry III.exe [2006-05-21] (Infinite Interactive)
Task: {67F0C294-DA5C-4DF6-B0A7-5040FF5AECD9} - System32\Tasks\{86D9D213-0090-4D0E-8E9F-17B314816E27} => C:\Program Files (x86)\TopCD\Warlords BC III\Battlecry III.exe [2006-05-21] (Infinite Interactive)
Task: {68922137-F0CF-4518-AF2C-FA275A1AFDF4} - System32\Tasks\{7514824E-4FD0-408D-AAAC-FD07E454EB47} => C:\Program Files (x86)\TopCD\Warlords BC III\Battlecry III.exe [2006-05-21] (Infinite Interactive)
Task: {68F230EC-6900-495D-81BE-65C29CEA738A} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION
Task: {773E2D51-0300-4FC9-8B8E-47EA6A212C68} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-25] (Google Inc.)
Task: {7DF46B09-49FD-4720-AA06-E0BA35461F43} - System32\Tasks\{FF62F640-F1A8-4E5E-96B1-85B2751E2787} => C:\Program Files (x86)\TopCD\Warlords BC III\Battlecry III.exe [2006-05-21] (Infinite Interactive)
Task: {80345802-CD8A-45F1-B5E9-A7C1801D89F5} - System32\Tasks\{720090A1-3871-4307-963F-5BC658D062C6} => Iexplore.exe http://ui.skype.com/ui/0/6.0.0.120/cs/a ... e=tsPlugin
Task: {81B66BFC-588A-4741-A8FF-EF9D32B9C270} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION
Task: {83A6C0D8-08D6-416A-B3DA-9804F15382EE} - System32\Tasks\{6DBB9431-090C-4499-A4E3-9FE5154488CA} => C:\Program Files (x86)\TopCD\Warlords BC III\Battlecry III.exe [2006-05-21] (Infinite Interactive)
Task: {860ED1E7-5CB5-4B81-8C5D-C6CF4F176BAA} - System32\Tasks\{8BA416EB-ED09-46E4-8DC9-5DF4F41BED6E} => D:\Moorhuhn 1\Moorhuhn.exe
Task: {A856005F-79E2-47C5-A631-E4F5A89578E4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {AB7FA1F8-FD3C-4E8A-8E3C-4FB7AE1265F2} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3435964710-805018482-336169385-1001
Task: {AD7E4E39-B3F4-441B-AA89-EA0D5497FE77} - System32\Tasks\{D1F9EF14-2F46-4548-92AC-F40DE3D15E60} => C:\Program Files (x86)\TopCD\Warlords BC III\Battlecry III.exe [2006-05-21] (Infinite Interactive)
Task: {B15986F1-FB60-411A-8E41-31C203AE8415} - System32\Tasks\{E8B32E49-CC27-4482-9DAC-ADBF4F0791A9} => D:\Moorhuhn 1\Moorhuhn.exe
Task: {B1753013-32A6-4A91-BB6F-184A7B4BDB6C} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-28] (Adobe Systems Incorporated)
Task: {B35D2C1B-E729-4F8D-BBD0-2F432D150E86} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3435964710-805018482-336169385-1001Core => C:\Users\Pavel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-11-29] (Facebook Inc.)
Task: {B9D575A5-FACA-48B5-8966-86F1D3D562C5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis Install => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {CAE99D68-9D70-49E7-A88B-0A3ED1D83F58} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {D057C19D-9C23-4BBE-B6D8-D758BB9B10E3} - System32\Tasks\{299079B8-CDCE-488D-9E24-C1B0E6AC042D} => C:\Program Files (x86)\TopCD\Warlords BC III\Battlecry III.exe [2006-05-21] (Infinite Interactive)
Task: {D115DABB-A758-4AC3-9984-675059A70729} - System32\Tasks\{F00EC3C0-064B-4899-B232-C0F7F01FA2DC} => C:\Hry\Moorhuhn 1\Moorhuhn.exe [1999-12-31] (Witan Entertainment BV)
Task: {D9B31BCE-20D2-4792-8E82-D7EF8BB292AD} - System32\Tasks\{3153FE25-8C0C-4012-AB76-03CFC6B26015} => C:\Hry\Moorhuhn 1\Moorhuhn.exe [1999-12-31] (Witan Entertainment BV)
Task: {DD90898A-1243-4EC2-8834-0B4580CE59BB} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3435964710-805018482-336169385-1001UA => C:\Users\Pavel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-11-29] (Facebook Inc.)
Task: {DE82E983-172F-4FCA-93EA-445660BD641A} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {E057E1AD-E33B-473A-BF31-E3B7E5E25C50} - System32\Tasks\HPCeeScheduleForPavel => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {ECEF2A6A-8ACE-419E-BDFC-237301752377} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2014-10-21] (Microsoft)

==================== Loaded Modules (whitelisted) =============

2013-01-10 13:31 - 2009-12-12 15:12 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2012-11-13 21:53 - 2012-11-13 21:53 - 00139024 _____ () C:\Program Files (x86)\Razer\Razer Game Booster\GBV3ContextMenu.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:8DD36B71
AlternateDataStreams: C:\Users\Pavel\Desktop\adwcleaner_4.103.exe:xdg.origin.url
AlternateDataStreams: C:\Users\Pavel\Desktop\adwcleaner_4.103.exe:xdg.referrer.url

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

A (S-1-5-21-3435964710-805018482-336169385-1002 - Administrator - Enabled)
Administrator (S-1-5-21-3435964710-805018482-336169385-500 - Administrator - Disabled)
Guest (S-1-5-21-3435964710-805018482-336169385-501 - Limited - Disabled)
Pavel (S-1-5-21-3435964710-805018482-336169385-1001 - Administrator - Enabled) => C:\Users\Pavel

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptér tunelového režimu Microsoft Teredo
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/07/2014 10:51:23 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\windows\system32\wbem\wmiprvse.exe; Popis = ComboFix created restore point; Chyba = 0x8007043c).

Error: (12/07/2014 10:51:23 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007043c, Tuto službu nelze spustit v nouzovém režimu.
.


Operace:
Vytvoření instance serveru VSS

Error: (12/07/2014 10:51:23 AM) (Source: VSS) (EventID: 18) (User: )
Description: Chyba služby Stínová kopie svazku: Server COM s identifikátorem CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} a názvem IVssCoordinatorEx2 nelze spustit v nouzovém režimu.
Službu Stínová kopie svazku nelze spustit v nouzovém režimu. [0x8007043c, Tuto službu nelze spustit v nouzovém režimu.
]


Operace:
Vytvoření instance serveru VSS

Error: (12/06/2014 01:37:54 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\windows\system32\wbem\wmiprvse.exe; Popis = ComboFix created restore point; Chyba = 0x8007043c).

Error: (12/06/2014 01:37:54 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007043c, Tuto službu nelze spustit v nouzovém režimu.
.


Operace:
Vytvoření instance serveru VSS

Error: (12/06/2014 01:37:54 PM) (Source: VSS) (EventID: 18) (User: )
Description: Chyba služby Stínová kopie svazku: Server COM s identifikátorem CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} a názvem IVssCoordinatorEx2 nelze spustit v nouzovém režimu.
Službu Stínová kopie svazku nelze spustit v nouzovém režimu. [0x8007043c, Tuto službu nelze spustit v nouzovém režimu.
]


Operace:
Vytvoření instance serveru VSS

Error: (12/05/2014 00:16:38 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Generování kontextu aktivace pro assemblyIdentity1 se nezdařilo. Chyba v souboru manifestu nebo zásady assemblyIdentity2 na řádku assemblyIdentity3.
Hodnota 1, 2, 0, 17 atributu version v prvku assemblyIdentity je neplatná.

Error: (12/04/2014 09:05:36 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Generování kontextu aktivace pro assemblyIdentity1 se nezdařilo. Chyba v souboru manifestu nebo zásady assemblyIdentity2 na řádku assemblyIdentity3.
Hodnota 1, 2, 0, 17 atributu version v prvku assemblyIdentity je neplatná.

Error: (12/01/2014 02:32:08 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Zálohování nebylo úspěšné. Chyba: Na této jednotce není dostatek místa k uložení zálohy. Uvolněte místo odstraněním straších záloh a nepotřebných dat nebo změňte nastavení zálohování. (0x81000005).

Error: (11/28/2014 05:01:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Origin.exe verze 9.4.7.2799 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: a14

Čas spuštění: 01d00b2442ee556a

Čas ukončení: 9

Cesta k aplikaci: C:\Program Files (x86)\Origin\Origin.exe

ID hlášení: 9b1dff3e-7717-11e4-bb52-cc52afa2cbff


System errors:
=============
Error: (12/07/2014 02:36:51 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Zprostředkovatel domácích skupin závisí na službě Hostitel poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující chyby:
%%1068

Error: (12/07/2014 02:36:51 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Prohledávání počítačů závisí na službě Server, která neuspěla při spuštění v důsledku následující chyby:
%%1068

Error: (12/07/2014 02:36:51 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Prohledávání počítačů závisí na službě Server, která neuspěla při spuštění v důsledku následující chyby:
%%1068

Error: (12/07/2014 02:36:51 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Prohledávání počítačů závisí na službě Server, která neuspěla při spuštění v důsledku následující chyby:
%%1068

Error: (12/07/2014 02:36:51 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Prohledávání počítačů závisí na službě Server, která neuspěla při spuštění v důsledku následující chyby:
%%1068

Error: (12/07/2014 02:36:51 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (12/07/2014 02:36:50 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (12/07/2014 02:36:45 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (12/07/2014 02:36:42 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN se nepodařilo spustit.

Cesta k modulu: C:\windows\System32\bcmihvsrv64.dll
Kód chyby: 21

Error: (12/07/2014 02:36:37 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}


Microsoft Office Sessions:
=========================
Error: (12/07/2014 10:51:23 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\windows\system32\wbem\wmiprvse.exeComboFix created restore point0x8007043c

Error: (12/07/2014 10:51:23 AM) (Source: VSS) (EventID: 8193) (User: )
Description: CoCreateInstance0x8007043c, Tuto službu nelze spustit v nouzovém režimu.


Operace:
Vytvoření instance serveru VSS

Error: (12/07/2014 10:51:23 AM) (Source: VSS) (EventID: 18) (User: )
Description: {e579ab5f-1cc4-44b4-bed9-de0991ff0623}IVssCoordinatorEx20x8007043c, Tuto službu nelze spustit v nouzovém režimu.


Operace:
Vytvoření instance serveru VSS

Error: (12/06/2014 01:37:54 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\windows\system32\wbem\wmiprvse.exeComboFix created restore point0x8007043c

Error: (12/06/2014 01:37:54 PM) (Source: VSS) (EventID: 8193) (User: )
Description: CoCreateInstance0x8007043c, Tuto službu nelze spustit v nouzovém režimu.


Operace:
Vytvoření instance serveru VSS

Error: (12/06/2014 01:37:54 PM) (Source: VSS) (EventID: 18) (User: )
Description: {e579ab5f-1cc4-44b4-bed9-de0991ff0623}IVssCoordinatorEx20x8007043c, Tuto službu nelze spustit v nouzovém režimu.


Operace:
Vytvoření instance serveru VSS

Error: (12/05/2014 00:16:38 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversion1, 2, 0, 17c:\Program Files (x86)\Arcsoft\TotalMedia Suite\TotalMedia Studio MV\CaptureModule.exe.Manifestc:\Program Files (x86)\Arcsoft\TotalMedia Suite\TotalMedia Studio MV\CaptureModule.exe.Manifest3

Error: (12/04/2014 09:05:36 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversion1, 2, 0, 17c:\Program Files (x86)\Arcsoft\TotalMedia Suite\TotalMedia Studio MV\CaptureModule.exe.Manifestc:\Program Files (x86)\Arcsoft\TotalMedia Suite\TotalMedia Studio MV\CaptureModule.exe.Manifest3

Error: (12/01/2014 02:32:08 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Na této jednotce není dostatek místa k uložení zálohy. Uvolněte místo odstraněním straších záloh a nepotřebných dat nebo změňte nastavení zálohování. (0x81000005)

Error: (11/28/2014 05:01:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Origin.exe9.4.7.2799a1401d00b2442ee556a9C:\Program Files (x86)\Origin\Origin.exe9b1dff3e-7717-11e4-bb52-cc52afa2cbff


CodeIntegrity Errors:
===================================
Date: 2014-12-07 11:01:19.032
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-12-07 11:01:18.689
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-12-07 11:01:18.346
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-12-07 11:01:18.003
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-12-07 10:54:09.283
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-12-07 10:54:08.924
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-12-07 10:54:08.581
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-12-07 10:54:08.237
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-12-06 13:47:21.789
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-12-06 13:47:21.415
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: AMD Phenom(tm) II P650 Dual-Core Processor
Percentage of memory in use: 25%
Total physical RAM: 3830.43 MB
Available physical RAM: 2866.04 MB
Total Pagefile: 7659.04 MB
Available Pagefile: 6710.86 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:280.8 GB) (Free:118.75 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:0.01 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 350A316E)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=280.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2 GB) - (Type=0C)

==================== End Of Log ============================

[Márty84]

Ucet bude zrusen


I zde zmensete velikost plochy.


Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3435964710-805018482-336169385-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
URLSearchHook: HKU\S-1-5-21-3435964710-805018482-336169385-1001 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKLM -> DefaultScope {A3761D7B-8901-4081-A19A-49094CC84480} URL = http://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {A3761D7B-8901-4081-A19A-49094CC84480} URL = http://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {A3761D7B-8901-4081-A19A-49094CC84480} URL = http://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {A3761D7B-8901-4081-A19A-49094CC84480} URL = http://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3435964710-805018482-336169385-1001 -> DefaultScope {A3761D7B-8901-4081-A19A-49094CC84480} URL = http://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3435964710-805018482-336169385-1001 -> {A3761D7B-8901-4081-A19A-49094CC84480} URL = http://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)

AlternateDataStreams: C:\ProgramData\TEMP:8DD36B71
AlternateDataStreams: C:\Users\Pavel\Desktop\adwcleaner_4.103.exe:xdg.origin.url
AlternateDataStreams: C:\Users\Pavel\Desktop\adwcleaner_4.103.exe:xdg.referrer.url

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

[funkymusic]

Log je zde, plochu pročistím, jestli se nám povede systém naučit bootovat do normálního režimu, zatím, jak jste si asi všiml, jsem pořád v nouzovém režimu se sítí.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-12-2014 01
Ran by Pavel at 2014-12-07 15:20:45 Run:1
Running from C:\Users\Pavel\Desktop
Loaded Profile: Pavel (Available profiles: Pavel)
Boot Mode: Safe Mode (with Networking)
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3435964710-805018482-336169385-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
URLSearchHook: HKU\S-1-5-21-3435964710-805018482-336169385-1001 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKLM -> DefaultScope {A3761D7B-8901-4081-A19A-49094CC84480} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM -> {A3761D7B-8901-4081-A19A-49094CC84480} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {A3761D7B-8901-4081-A19A-49094CC84480} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM-x32 -> {A3761D7B-8901-4081-A19A-49094CC84480} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKU\S-1-5-21-3435964710-805018482-336169385-1001 -> DefaultScope {A3761D7B-8901-4081-A19A-49094CC84480} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKU\S-1-5-21-3435964710-805018482-336169385-1001 -> {A3761D7B-8901-4081-A19A-49094CC84480} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)

AlternateDataStreams: C:\ProgramData\TEMP:8DD36B71
AlternateDataStreams: C:\Users\Pavel\Desktop\adwcleaner_4.103.exe:xdg.origin.url
AlternateDataStreams: C:\Users\Pavel\Desktop\adwcleaner_4.103.exe:xdg.referrer.url

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-3435964710-805018482-336169385-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\S-1-5-21-3435964710-805018482-336169385-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\ => value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A3761D7B-8901-4081-A19A-49094CC84480}" => Key deleted successfully.
"HKCR\CLSID\{A3761D7B-8901-4081-A19A-49094CC84480}" => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{A3761D7B-8901-4081-A19A-49094CC84480}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{A3761D7B-8901-4081-A19A-49094CC84480}" => Key not found.
HKU\S-1-5-21-3435964710-805018482-336169385-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-3435964710-805018482-336169385-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A3761D7B-8901-4081-A19A-49094CC84480}" => Key deleted successfully.
"HKCR\CLSID\{A3761D7B-8901-4081-A19A-49094CC84480}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}" => Key deleted successfully.
"HKCR\CLSID\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}" => Key deleted successfully.
"HKCR\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key deleted successfully.
"HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value deleted successfully.
"HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{eec0f710-38b5-4aba-99bf-ec87564a4e13} => value deleted successfully.
"HKCR\CLSID\{eec0f710-38b5-4aba-99bf-ec87564a4e13}" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value deleted successfully.
"HKCR\Wow6432Node\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{eec0f710-38b5-4aba-99bf-ec87564a4e13} => value deleted successfully.
"HKCR\Wow6432Node\CLSID\{eec0f710-38b5-4aba-99bf-ec87564a4e13}" => Key deleted successfully.
C:\ProgramData\TEMP => ":8DD36B71" ADS removed successfully.
C:\Users\Pavel\Desktop\adwcleaner_4.103.exe => ":xdg.origin.url" ADS removed successfully.
C:\Users\Pavel\Desktop\adwcleaner_4.103.exe => ":xdg.referrer.url" ADS removed successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 55 MB temporary data.


The system needed a reboot.

==== End of Fixlog ====

[Márty84]

Nouzaku jsem si vsiml, ale nevsiml jsem si, ze byste psal, ze normalnu rezim nefunguje


Postupujte podle navodu kolegy

Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe

• Kliknete na volbu Change parametrs
• V okne Additional Option zakliknete vsechny moznosti
• Kliknete na OK
• Utilite prikazte, at skenuje - klik na Start Scan
• Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip
• Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip
• Pokud mate vsude Skip, kliknete na Continue
• Na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt bude log - jeho obsah sem vlozte

Postupujte podle navodu kolegy

Stahnete Malwarebytes Anti-Rootkit http://www.bleepingcomputer.com/downloa ... i-rootkit/

• Ulozte nejlepe na Plochu a rozbalte
• Spustte kliknutim na mbar
• Nyni postupne kliknete na Next a Update
• Po dokonceni update (aktualizace) databaze kliknete opet na Next
• Nechte zaskrtnute vsechny tri moznosti a klinete na Scan cimz spustite prohledavani PC
• Po dokonceni skenu (cca 5 minutek) zkontrolujte, zda-li je u vsech nalezu (samozrejme pokud budou) zatrzitko
• Tez zkontrolujte, jetsli je zatrzitko u Create Restore point
• Nyni kliknete na CleanUp cimz nalezenou infekci odstranime
• PC bude restartovan
• Slozka mbar by mela obsahovat log (a zrejme se i sam otevre) mbar-log-rok-mesic-den (hodina-minuta-sekunda).txt, ten mi sem dejte

[funkymusic]

Takhle: Když jsem PC převzal tak normální režim téměř nefungoval - Povedlo se do něj vlézt jednou z 5 případů a i tak to rvalo třeba 10 minut. Nyní se do normální režimu dostanu pokaždé a ve výrazně kratším čase, ale i tak si myslím, že by to šlo zjistit - uvidíme až bude pc čistý, pak se uvidí.

Zde je log z prvního programu - nic nenašel:

16:57:58.0029 0x1778 TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
16:58:07.0368 0x1778 ============================================================
16:58:07.0368 0x1778 Current date / time: 2014/12/07 16:58:07.0368
16:58:07.0368 0x1778 SystemInfo:
16:58:07.0368 0x1778
16:58:07.0368 0x1778 OS Version: 6.1.7601 ServicePack: 1.0
16:58:07.0368 0x1778 Product type: Workstation
16:58:07.0368 0x1778 ComputerName: PAVELS-HP
16:58:07.0368 0x1778 UserName: Pavel
16:58:07.0368 0x1778 Windows directory: C:\windows
16:58:07.0368 0x1778 System windows directory: C:\windows
16:58:07.0368 0x1778 Running under WOW64
16:58:07.0368 0x1778 Processor architecture: Intel x64
16:58:07.0368 0x1778 Number of processors: 2
16:58:07.0368 0x1778 Page size: 0x1000
16:58:07.0368 0x1778 Boot type: Normal boot
16:58:07.0368 0x1778 ============================================================
16:58:15.0787 0x1778 KLMD registered as C:\windows\system32\drivers\55493951.sys
16:58:16.0070 0x1778 System UUID: {92654C11-5E34-A345-0241-541F75D762A6}
16:58:16.0576 0x1778 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:58:16.0576 0x1778 ============================================================
16:58:16.0576 0x1778 \Device\Harddisk0\DR0:
16:58:16.0576 0x1778 MBR partitions:
16:58:16.0576 0x1778 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x96000
16:58:16.0576 0x1778 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x96800, BlocksNum 0x2319A000
16:58:16.0576 0x1778 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x23230800, BlocksNum 0x1E00000
16:58:16.0576 0x1778 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x25030800, BlocksNum 0x3FDAB0
16:58:16.0576 0x1778 ============================================================
16:58:16.0622 0x1778 C: <-> \Device\Harddisk0\DR0\Partition2
16:58:16.0638 0x1778 F: <-> \Device\Harddisk0\DR0\Partition4
16:58:16.0638 0x1778 ============================================================
16:58:16.0638 0x1778 Initialize success
16:58:16.0638 0x1778 ============================================================
16:58:39.0801 0x0760 ============================================================
16:58:39.0801 0x0760 Scan started
16:58:39.0801 0x0760 Mode: Manual; SigCheck; TDLFS;
16:58:39.0801 0x0760 ============================================================
16:58:39.0801 0x0760 KSN ping started
16:58:42.0250 0x0760 KSN ping finished: true
16:58:43.0246 0x0760 ================ Scan system memory ========================
16:58:43.0246 0x0760 System memory - ok
16:58:43.0246 0x0760 ================ Scan services =============================
16:58:43.0705 0x0760 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
16:58:43.0802 0x0760 1394ohci - ok
16:58:43.0849 0x0760 [ 5C368F4B04ED2A923E6AFCA2D37BAFF5, C3CC58D636B18DF77C4C4B384AD1DE78418716A0606E564DBC63782D5EA02905 ] Accelerometer C:\windows\system32\DRIVERS\Accelerometer.sys
16:58:43.0873 0x0760 Accelerometer - ok
16:58:43.0989 0x0760 [ ADC420616C501B45D26C0FD3EF1E54E4, 29FC41D40A35AC5476E2A673CE5B12684E0CFA12A1AEBEEBE5883FBA5CA68B67 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
16:58:44.0015 0x0760 ACDaemon - ok
16:58:44.0069 0x0760 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\windows\system32\drivers\ACPI.sys
16:58:44.0088 0x0760 ACPI - ok
16:58:44.0134 0x0760 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
16:58:44.0197 0x0760 AcpiPmi - ok
16:58:44.0525 0x0760 [ F79623288F2A357AB20288B5DC4F452A, AA6F70A4C12E390E08074D6FD0EA0D1856D8274DA833E56A8811BF820A2D41D4 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:58:44.0541 0x0760 AdobeFlashPlayerUpdateSvc - ok
16:58:44.0600 0x0760 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
16:58:44.0649 0x0760 adp94xx - ok
16:58:44.0686 0x0760 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
16:58:44.0702 0x0760 adpahci - ok
16:58:44.0733 0x0760 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
16:58:44.0748 0x0760 adpu320 - ok
16:58:44.0780 0x0760 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
16:58:44.0943 0x0760 AeLookupSvc - ok
16:58:45.0180 0x0760 [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64.exe
16:58:45.0251 0x0760 AESTFilters - ok
16:58:45.0286 0x0760 [ 6CCD1135320109D6B219F1A6E04AD9F6, B97D4DF46DF0EFC106BD3E248C70809F3F47DF3FD1CA039A0A3923E1FA05A969 ] Afc C:\windows\syswow64\drivers\Afc.sys
16:58:45.0318 0x0760 Afc - ok
16:58:45.0388 0x0760 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\windows\system32\drivers\afd.sys
16:58:45.0467 0x0760 AFD - ok
16:58:45.0514 0x0760 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\windows\system32\drivers\agp440.sys
16:58:45.0525 0x0760 agp440 - ok
16:58:45.0549 0x0760 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\windows\System32\alg.exe
16:58:45.0601 0x0760 ALG - ok
16:58:45.0648 0x0760 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\windows\system32\drivers\aliide.sys
16:58:45.0673 0x0760 aliide - ok
16:58:45.0690 0x0760 [ 5A06AB7AB4D389DFE3C109599DF0BB65, 317AA0BD3319C67339EE7E7B15E2C176E9E85480C84728571D8F1690F8A0844B ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
16:58:45.0752 0x0760 AMD External Events Utility - ok
16:58:45.0783 0x0760 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\windows\system32\drivers\amdide.sys
16:58:45.0783 0x0760 amdide - ok
16:58:45.0823 0x0760 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
16:58:45.0901 0x0760 AmdK8 - ok
16:58:46.0198 0x0760 [ 650DDCCD6657E20737433CB774521B81, 0D38128D1C71070CB697130C9186610D41D2912CD472AEFACA9E641DF0FC1DDF ] amdkmdag C:\windows\system32\DRIVERS\atikmdag.sys
16:58:46.0562 0x0760 amdkmdag - ok
16:58:46.0640 0x0760 [ F51B013C55B30DBE3AD59A7FE197C5BA, 3BED69D56FC6AB7A294FB8C322E0E9F454BA91E8FB6CDC2C36DD7F9FEBEAB95F ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
16:58:46.0677 0x0760 amdkmdap - ok
16:58:46.0711 0x0760 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
16:58:46.0734 0x0760 AmdPPM - ok
16:58:46.0781 0x0760 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\windows\system32\drivers\amdsata.sys
16:58:46.0828 0x0760 amdsata - ok
16:58:46.0869 0x0760 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
16:58:46.0885 0x0760 amdsbs - ok
16:58:46.0900 0x0760 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\windows\system32\drivers\amdxata.sys
16:58:46.0916 0x0760 amdxata - ok
16:58:46.0963 0x0760 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\windows\system32\drivers\appid.sys
16:58:47.0113 0x0760 AppID - ok
16:58:47.0129 0x0760 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\windows\System32\appidsvc.dll
16:58:47.0176 0x0760 AppIDSvc - ok
16:58:47.0254 0x0760 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\windows\System32\appinfo.dll
16:58:47.0324 0x0760 Appinfo - ok
16:58:47.0378 0x0760 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\windows\System32\appmgmts.dll
16:58:47.0434 0x0760 AppMgmt - ok
16:58:47.0467 0x0760 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\windows\system32\DRIVERS\arc.sys
16:58:47.0488 0x0760 arc - ok
16:58:47.0519 0x0760 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
16:58:47.0535 0x0760 arcsas - ok
16:58:47.0566 0x0760 [ CE2168C926927BA926301BAF172BC693, FC3DFCD5390DD3E80211E09177C762B7F8B2565A9A663D764AED8C6B4EAAA3C9 ] ARCVCAM C:\windows\system32\DRIVERS\ArcSoftVCapture.sys
16:58:47.0566 0x0760 ARCVCAM - ok
16:58:47.0792 0x0760 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:58:47.0839 0x0760 aspnet_state - ok
16:58:47.0870 0x0760 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
16:58:47.0952 0x0760 AsyncMac - ok
16:58:47.0999 0x0760 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\windows\system32\drivers\atapi.sys
16:58:48.0030 0x0760 atapi - ok
16:58:48.0061 0x0760 [ 2D648572BA9A610952FCAFBA1E119C2D, 4CD7E7D3C878DEF8CC18A925EAB1E0E8E8893BE99DA1E1F78FE9AD12EF1C48BC ] AtiHdmiService C:\windows\system32\drivers\AtiHdmi.sys
16:58:48.0077 0x0760 AtiHdmiService - ok
16:58:48.0108 0x0760 [ E82E61F46D1336447F4DEFF8C074F13E, 9FC152B33F1D9F5684B687743E943AA26AC17A1093F4C31A43C7012E70BC302E ] AtiPcie C:\windows\system32\DRIVERS\AtiPcie64.sys
16:58:48.0108 0x0760 AtiPcie - ok
16:58:48.0201 0x0760 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
16:58:48.0269 0x0760 AudioEndpointBuilder - ok
16:58:48.0300 0x0760 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\windows\System32\Audiosrv.dll
16:58:48.0332 0x0760 AudioSrv - ok
16:58:48.0394 0x0760 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\windows\System32\AxInstSV.dll
16:58:48.0484 0x0760 AxInstSV - ok
16:58:48.0519 0x0760 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
16:58:48.0588 0x0760 b06bdrv - ok
16:58:48.0635 0x0760 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
16:58:48.0681 0x0760 b57nd60a - ok
16:58:48.0995 0x0760 [ 6C95DD14CFD30B0617B91DC6A0B1A1FB, C666B659085BDFAF95F3010059A2AD15D10046A1FE026C271A12BC8029A2E6EA ] BCM43XX C:\windows\system32\DRIVERS\bcmwl664.sys
16:58:49.0069 0x0760 BCM43XX - ok
16:58:49.0136 0x0760 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\windows\System32\bdesvc.dll
16:58:49.0200 0x0760 BDESVC - ok
16:58:49.0232 0x0760 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\windows\system32\drivers\Beep.sys
16:58:49.0325 0x0760 Beep - ok
16:58:49.0432 0x0760 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\windows\System32\bfe.dll
16:58:49.0485 0x0760 BFE - ok
16:58:49.0547 0x0760 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\windows\system32\qmgr.dll
16:58:49.0625 0x0760 BITS - ok
16:58:49.0661 0x0760 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
16:58:49.0685 0x0760 blbdrive - ok
16:58:49.0739 0x0760 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\windows\system32\DRIVERS\bowser.sys
16:58:49.0786 0x0760 bowser - ok
16:58:49.0817 0x0760 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
16:58:49.0879 0x0760 BrFiltLo - ok
16:58:49.0895 0x0760 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
16:58:49.0942 0x0760 BrFiltUp - ok
16:58:50.0001 0x0760 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
16:58:50.0065 0x0760 BridgeMP - ok
16:58:50.0085 0x0760 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\windows\System32\browser.dll
16:58:50.0132 0x0760 Browser - ok
16:58:50.0164 0x0760 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\windows\System32\Drivers\Brserid.sys
16:58:50.0249 0x0760 Brserid - ok
16:58:50.0274 0x0760 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
16:58:50.0314 0x0760 BrSerWdm - ok
16:58:50.0351 0x0760 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
16:58:50.0386 0x0760 BrUsbMdm - ok
16:58:50.0402 0x0760 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
16:58:50.0433 0x0760 BrUsbSer - ok
16:58:50.0472 0x0760 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
16:58:50.0503 0x0760 BthEnum - ok
16:58:50.0535 0x0760 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
16:58:50.0550 0x0760 BTHMODEM - ok
16:58:50.0581 0x0760 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
16:58:50.0620 0x0760 BthPan - ok
16:58:50.0730 0x0760 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
16:58:50.0792 0x0760 BTHPORT - ok
16:58:50.0823 0x0760 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\windows\system32\bthserv.dll
16:58:50.0886 0x0760 bthserv - ok
16:58:50.0901 0x0760 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
16:58:50.0933 0x0760 BTHUSB - ok
16:58:50.0983 0x0760 [ 59E3510784548C6939C1B3B985C232E3, 7284A4A880307A88C431DE8BA9195C2B256C8598757958B02DB6A80EBB57698E ] btwampfl C:\windows\system32\drivers\btwampfl.sys
16:58:50.0998 0x0760 btwampfl - ok
16:58:51.0045 0x0760 [ 1872074ED0A3FB22E3F1E3197B984BFA, 112F289BFE63B46D1E007E3C6761B5C5C8F499B6638CE896DF528FDDBBC1EA12 ] btwaudio C:\windows\system32\drivers\btwaudio.sys
16:58:51.0061 0x0760 btwaudio - ok
16:58:51.0092 0x0760 [ 691CF076C33AB1C3A5B2FD5450300733, C2C943D42B0A135BD255FA8985A00D36B0DD91546291E2D819FACE7C0B08287D ] btwavdt C:\windows\system32\DRIVERS\btwavdt.sys
16:58:51.0092 0x0760 btwavdt - ok
16:58:51.0298 0x0760 [ 8BA6E93A182126781952A7895EC1E4B2, C11F7187278BA72016D2168E653D6C904E0DFB5B173E4DFBF7D86AD73631D5A6 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
16:58:51.0361 0x0760 btwdins - ok
16:58:51.0376 0x0760 [ 07096D2BC22CCB6CEA5A532DF0BE8A75, A9B7F2EFFDF1E4EC0A5DC098F0ED2BE44E271844A4F1CBAD2FA1655DE1E03F6E ] btwl2cap C:\windows\system32\DRIVERS\btwl2cap.sys
16:58:51.0392 0x0760 btwl2cap - ok
16:58:51.0423 0x0760 [ C9273B20DEC8CE38DBCE5D29DE63C907, 71D67A1A2EDA81351E8D8129824565E2ECA0CFA4DC844CE12F90AB7906ABA737 ] btwrchid C:\windows\system32\DRIVERS\btwrchid.sys
16:58:51.0423 0x0760 btwrchid - ok
16:58:51.0423 0x0760 catchme - ok
16:58:51.0454 0x0760 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
16:58:51.0516 0x0760 cdfs - ok
16:58:51.0566 0x0760 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
16:58:51.0628 0x0760 cdrom - ok
16:58:51.0685 0x0760 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\windows\System32\certprop.dll
16:58:51.0747 0x0760 CertPropSvc - ok
16:58:51.0778 0x0760 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\windows\system32\DRIVERS\circlass.sys
16:58:51.0794 0x0760 circlass - ok
16:58:51.0851 0x0760 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\windows\system32\CLFS.sys
16:58:51.0898 0x0760 CLFS - ok
16:58:51.0991 0x0760 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:58:52.0038 0x0760 clr_optimization_v2.0.50727_32 - ok
16:58:52.0069 0x0760 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:58:52.0100 0x0760 clr_optimization_v2.0.50727_64 - ok
16:58:52.0216 0x0760 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:58:52.0266 0x0760 clr_optimization_v4.0.30319_32 - ok
16:58:52.0286 0x0760 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:58:52.0317 0x0760 clr_optimization_v4.0.30319_64 - ok
16:58:52.0333 0x0760 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
16:58:52.0380 0x0760 CmBatt - ok
16:58:52.0411 0x0760 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\windows\system32\drivers\cmdide.sys
16:58:52.0420 0x0760 cmdide - ok
16:58:52.0514 0x0760 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\windows\system32\Drivers\cng.sys
16:58:52.0576 0x0760 CNG - ok
16:58:52.0592 0x0760 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
16:58:52.0607 0x0760 Compbatt - ok
16:58:52.0638 0x0760 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
16:58:52.0670 0x0760 CompositeBus - ok
16:58:52.0685 0x0760 COMSysApp - ok
16:58:52.0716 0x0760 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
16:58:52.0736 0x0760 crcdisk - ok
16:58:52.0768 0x0760 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\windows\system32\cryptsvc.dll
16:58:52.0814 0x0760 CryptSvc - ok
16:58:52.0892 0x0760 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\windows\system32\drivers\csc.sys
16:58:52.0986 0x0760 CSC - ok
16:58:53.0036 0x0760 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\windows\System32\cscsvc.dll
16:58:53.0070 0x0760 CscService - ok
16:58:53.0102 0x0760 [ A8BA4DA23AC20BDA23CA15234D42A3FA, 951C59CD83F7D931EFE68CC950602834187E2225B11261C92F9E0DC0A6F5F544 ] DAMDrv C:\windows\system32\DRIVERS\DAMDrv64.sys
16:58:53.0133 0x0760 DAMDrv - ok
16:58:53.0195 0x0760 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\windows\system32\rpcss.dll
16:58:53.0279 0x0760 DcomLaunch - ok
16:58:53.0388 0x0760 [ F40D764E9A9CA1FC981BE2E1F4063B39, 41A1E52A8035EBB3F1B15F119A331FD35B5FD7E1EFCC43FF64A619B40A1285E8 ] DEBridge c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe
16:58:53.0423 0x0760 DEBridge - detected UnsignedFile.Multi.Generic ( 1 )
16:58:55.0845 0x0760 Detect skipped due to KSN trusted
16:58:55.0845 0x0760 DEBridge - ok
16:58:55.0892 0x0760 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\windows\System32\defragsvc.dll
16:58:55.0970 0x0760 defragsvc - ok
16:58:56.0001 0x0760 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\windows\system32\Drivers\dfsc.sys
16:58:56.0052 0x0760 DfsC - ok
16:58:56.0130 0x0760 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\windows\system32\dhcpcore.dll
16:58:56.0224 0x0760 Dhcp - ok
16:58:56.0239 0x0760 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\windows\system32\drivers\discache.sys
16:58:56.0313 0x0760 discache - ok
16:58:56.0351 0x0760 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\windows\system32\DRIVERS\disk.sys
16:58:56.0351 0x0760 Disk - ok
16:58:56.0382 0x0760 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\windows\System32\dnsrslvr.dll
16:58:56.0429 0x0760 Dnscache - ok
16:58:56.0485 0x0760 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\windows\System32\dot3svc.dll
16:58:56.0563 0x0760 dot3svc - ok
16:58:56.0635 0x0760 [ 413D757FB6B447B892F2299AC42B7838, D5CF215FED5C271C7ABF78475558593BB227E1731BC37421FB6D7F09A6139A5A ] DpHost c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
16:58:56.0682 0x0760 DpHost - ok
16:58:56.0744 0x0760 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\windows\system32\dps.dll
16:58:56.0822 0x0760 DPS - ok
16:58:56.0853 0x0760 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
16:58:56.0900 0x0760 drmkaud - ok
16:58:56.0984 0x0760 [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01 C:\windows\system32\DRIVERS\dtsoftbus01.sys
16:58:57.0016 0x0760 dtsoftbus01 - ok
16:58:57.0133 0x0760 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
16:58:57.0164 0x0760 DXGKrnl - ok
16:58:57.0195 0x0760 EagleX64 - ok
16:58:57.0234 0x0760 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\windows\System32\eapsvc.dll
16:58:57.0281 0x0760 EapHost - ok
16:58:57.0484 0x0760 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
16:58:57.0708 0x0760 ebdrv - ok
16:58:57.0786 0x0760 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\windows\System32\lsass.exe
16:58:57.0866 0x0760 EFS - ok
16:58:57.0929 0x0760 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\windows\ehome\ehRecvr.exe
16:58:58.0007 0x0760 ehRecvr - ok
16:58:58.0038 0x0760 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\windows\ehome\ehsched.exe
16:58:58.0095 0x0760 ehSched - ok
16:58:58.0150 0x0760 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
16:58:58.0185 0x0760 elxstor - ok
16:58:58.0216 0x0760 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\windows\system32\drivers\errdev.sys
16:58:58.0247 0x0760 ErrDev - ok
16:58:58.0318 0x0760 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\windows\system32\es.dll
16:58:58.0384 0x0760 EventSystem - ok
16:58:58.0413 0x0760 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\windows\system32\drivers\exfat.sys
16:58:58.0454 0x0760 exfat - ok
16:58:58.0501 0x0760 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\windows\system32\drivers\fastfat.sys
16:58:58.0579 0x0760 fastfat - ok
16:58:58.0672 0x0760 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\windows\system32\fxssvc.exe
16:58:58.0786 0x0760 Fax - ok
16:58:58.0786 0x0760 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\windows\system32\DRIVERS\fdc.sys
16:58:58.0817 0x0760 fdc - ok
16:58:58.0895 0x0760 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\windows\system32\fdPHost.dll
16:58:58.0983 0x0760 fdPHost - ok
16:58:59.0001 0x0760 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\windows\system32\fdrespub.dll
16:58:59.0041 0x0760 FDResPub - ok
16:58:59.0062 0x0760 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\windows\system32\drivers\fileinfo.sys
16:58:59.0073 0x0760 FileInfo - ok
16:58:59.0073 0x0760 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\windows\system32\drivers\filetrace.sys
16:58:59.0167 0x0760 Filetrace - ok
16:58:59.0541 0x0760 [ 614B050875190FFE7ABBAF0CBB4FBBBA, CB7FEDE44B7BE276C86E63B3BF2E83D21986DE85500FA298F569B3C7AE051BEF ] FLCDLOCK c:\Windows\SysWOW64\flcdlock.exe
16:58:59.0574 0x0760 FLCDLOCK - ok
16:58:59.0600 0x0760 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
16:58:59.0619 0x0760 flpydisk - ok
16:58:59.0667 0x0760 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
16:58:59.0694 0x0760 FltMgr - ok
16:58:59.0756 0x0760 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\windows\system32\FntCache.dll
16:58:59.0832 0x0760 FontCache - ok
16:58:59.0886 0x0760 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:58:59.0902 0x0760 FontCache3.0.0.0 - ok
16:58:59.0970 0x0760 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\windows\system32\drivers\FsDepends.sys
16:59:00.0016 0x0760 FsDepends - ok
16:59:00.0067 0x0760 [ B3EB502D2C3F47C47415F85387DFAEF1, 5240D4281BB9FBFBFEB98522D12F0C006BE063C084C2E6E23DACB6606CDC25AE ] fssfltr C:\windows\system32\DRIVERS\fssfltr.sys
16:59:00.0084 0x0760 fssfltr - ok
16:59:00.0500 0x0760 [ B6AB40819ECEC4BA07266EC0EBBC85A7, 71D385043720B622305FD64BD1187C6FFD7191C30794F95629CF6BFDC0A25BA2 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
16:59:00.0582 0x0760 fsssvc - ok
16:59:00.0707 0x0760 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
16:59:00.0738 0x0760 Fs_Rec - ok
16:59:00.0835 0x0760 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
16:59:00.0882 0x0760 fvevol - ok
16:59:00.0929 0x0760 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
16:59:00.0960 0x0760 gagp30kx - ok
16:59:01.0038 0x0760 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\windows\System32\gpsvc.dll
16:59:01.0119 0x0760 gpsvc - ok
16:59:01.0363 0x0760 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:59:01.0411 0x0760 gupdate - ok
16:59:01.0499 0x0760 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:59:01.0530 0x0760 gupdatem - ok
16:59:01.0639 0x0760 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
16:59:01.0671 0x0760 gusvc - ok
16:59:01.0750 0x0760 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
16:59:01.0816 0x0760 hcw85cir - ok
16:59:01.0887 0x0760 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
16:59:01.0949 0x0760 HdAudAddService - ok
16:59:01.0965 0x0760 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
16:59:01.0996 0x0760 HDAudBus - ok
16:59:02.0019 0x0760 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
16:59:02.0051 0x0760 HidBatt - ok
16:59:02.0082 0x0760 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
16:59:02.0113 0x0760 HidBth - ok
16:59:02.0144 0x0760 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\windows\system32\DRIVERS\hidir.sys
16:59:02.0191 0x0760 HidIr - ok
16:59:02.0222 0x0760 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\windows\System32\hidserv.dll
16:59:02.0269 0x0760 hidserv - ok
16:59:02.0331 0x0760 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\windows\system32\drivers\hidusb.sys
16:59:02.0355 0x0760 HidUsb - ok
16:59:02.0379 0x0760 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\windows\system32\kmsvc.dll
16:59:02.0441 0x0760 hkmsvc - ok
16:59:02.0488 0x0760 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
16:59:02.0566 0x0760 HomeGroupListener - ok
16:59:02.0652 0x0760 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
16:59:02.0715 0x0760 HomeGroupProvider - ok
16:59:02.0808 0x0760 [ 74E65F650FAF75550C96CDFF302DEB28, 6736F9A1967136D9891E3D35F78F1FF956759B87E4C486A375067A70B03FD495 ] HP Power Assistant Service C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
16:59:02.0824 0x0760 HP Power Assistant Service - ok
16:59:02.0916 0x0760 [ 2666CFC4A063D75FE3D87BC334D7ECF5, 163A0E44A95D9F707649FA2992807FEADB3030622C768B0A353F9CCB9A0048B9 ] HP ProtectTools Service c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
16:59:02.0966 0x0760 HP ProtectTools Service - detected UnsignedFile.Multi.Generic ( 1 )
16:59:05.0444 0x0760 Detect skipped due to KSN trusted
16:59:05.0444 0x0760 HP ProtectTools Service - ok
16:59:05.0522 0x0760 [ 2A8B93A01621E100A578E83C768AFA2C, 6637D260AF180D1F200D219796FCE6D524FC6BF57C0CEEF9E1B3616E85865AD1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
16:59:05.0553 0x0760 HP Support Assistant Service - detected UnsignedFile.Multi.Generic ( 1 )
16:59:07.0998 0x0760 Detect skipped due to KSN trusted
16:59:07.0998 0x0760 HP Support Assistant Service - ok
16:59:08.0049 0x0760 [ 9ABD12FCE4A62905731C286BB1D66789, 2D1A5B991EE5BDBAF5501B0BA0CE75B2468B2179B179AF0769A8F1542FCD926B ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
16:59:08.0078 0x0760 HP Wireless Assistant Service - ok
16:59:08.0226 0x0760 [ 94C74D758E0F7B1D962DA452B4D28C91, F7E8F0C4895C50E25C4E6073BE008099D8BC9F1AA1298C53EC2561B00D8EC2B9 ] HPDayStarterService c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe
16:59:08.0268 0x0760 HPDayStarterService - detected UnsignedFile.Multi.Generic ( 1 )
16:59:10.0719 0x0760 Detect skipped due to KSN trusted
16:59:10.0719 0x0760 HPDayStarterService - ok
16:59:10.0797 0x0760 [ 33761EBD9A26DE33BC83DD2DAFEC4513, F1A397D6B72F998A64B8BBAA292C13E8354D2C1BE14B7C46840A512AA3BE1770 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
16:59:10.0828 0x0760 HPDrvMntSvc.exe - ok
16:59:10.0867 0x0760 [ 4E0BEC0F78096FFD6D3314B497FC49D3, 15B545815D0C80102963FFF13B6643CC9A74717137C1CBA45345B18912E72DB6 ] hpdskflt C:\windows\system32\DRIVERS\hpdskflt.sys
16:59:10.0884 0x0760 hpdskflt - ok
16:59:10.0915 0x0760 [ E27B4A34CAA5DA0E872477F4F71C50E2, 375500814F8AFAAC34716411B0FCB03A9E12A90DA163747610F41CF567AB2EE2 ] HpFkCryptService c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
16:59:10.0946 0x0760 HpFkCryptService - ok
16:59:11.0024 0x0760 [ E123B122D5217F724B1D2641010C9D3C, CCF5D52B0519C09E7EAEF1C7AF9FE954FF8A5A7F95DB24E0F988A24FFCED1C94 ] HPFSService C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
16:59:11.0056 0x0760 HPFSService - detected UnsignedFile.Multi.Generic ( 1 )
16:59:13.0516 0x0760 Detect skipped due to KSN trusted
16:59:13.0516 0x0760 HPFSService - ok
16:59:13.0594 0x0760 [ 4D94F4D7782657E79EB1352570B563DB, 5563BF93070EEA43BB15E2FE05C80374129B04B6F773502C21AA3D51BF61ECF5 ] hpHotkeyMonitor C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
16:59:13.0610 0x0760 hpHotkeyMonitor - ok
16:59:13.0625 0x0760 [ B98EE5D4535A685634B90F7E04DE0DF7, E37D26EF83B70E84742498D2F53037F83BE13F0E01484D85A20C872F1F02ADDA ] HpqKbFiltr C:\windows\system32\DRIVERS\HpqKbFiltr.sys
16:59:13.0641 0x0760 HpqKbFiltr - ok
16:59:13.0708 0x0760 [ D2946D9F020AE76E9CEF9B4A6DF838C0, C29CE594879385DA12B8EAA90B258905827B613839CCD820DE49215B68676995 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
16:59:13.0740 0x0760 hpqwmiex - ok
16:59:13.0816 0x0760 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
16:59:13.0816 0x0760 HpSAMD - ok
16:59:13.0863 0x0760 [ FC7C13B5A9E9BE23B7AE72BBC7FDB278, E85A7BF1CFE52BA7D663A1ED48A4F8874EFBDDF48979138F7E3E24817705B6A1 ] hpsrv C:\windows\system32\Hpservice.exe
16:59:13.0878 0x0760 hpsrv - ok
16:59:13.0941 0x0760 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\windows\system32\drivers\HTTP.sys
16:59:14.0028 0x0760 HTTP - ok
16:59:14.0065 0x0760 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
16:59:14.0079 0x0760 hwpolicy - ok
16:59:14.0116 0x0760 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\windows\system32\drivers\i8042prt.sys
16:59:14.0147 0x0760 i8042prt - ok
16:59:14.0218 0x0760 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
16:59:14.0249 0x0760 iaStorV - ok
16:59:14.0325 0x0760 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:59:14.0356 0x0760 idsvc - ok
16:59:14.0397 0x0760 IEEtwCollectorService - ok
16:59:14.0406 0x0760 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
16:59:14.0422 0x0760 iirsp - ok
16:59:14.0488 0x0760 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\windows\System32\ikeext.dll
16:59:14.0520 0x0760 IKEEXT - ok
16:59:14.0566 0x0760 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\windows\system32\drivers\intelide.sys
16:59:14.0566 0x0760 intelide - ok
16:59:14.0616 0x0760 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
16:59:14.0638 0x0760 intelppm - ok
16:59:14.0716 0x0760 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\windows\system32\ipbusenum.dll
16:59:14.0809 0x0760 IPBusEnum - ok
16:59:14.0856 0x0760 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
16:59:14.0887 0x0760 IpFilterDriver - ok
16:59:14.0951 0x0760 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\windows\System32\iphlpsvc.dll
16:59:14.0998 0x0760 iphlpsvc - ok
16:59:15.0029 0x0760 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
16:59:15.0107 0x0760 IPMIDRV - ok
16:59:15.0138 0x0760 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\windows\system32\drivers\ipnat.sys
16:59:15.0228 0x0760 IPNAT - ok
16:59:15.0251 0x0760 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\windows\system32\drivers\irenum.sys
16:59:15.0329 0x0760 IRENUM - ok
16:59:15.0376 0x0760 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\windows\system32\drivers\isapnp.sys
16:59:15.0423 0x0760 isapnp - ok
16:59:15.0454 0x0760 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
16:59:15.0500 0x0760 iScsiPrt - ok
16:59:15.0518 0x0760 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
16:59:15.0534 0x0760 kbdclass - ok
16:59:15.0612 0x0760 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
16:59:15.0659 0x0760 kbdhid - ok
16:59:15.0668 0x0760 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\windows\system32\lsass.exe
16:59:15.0683 0x0760 KeyIso - ok
16:59:15.0715 0x0760 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
16:59:15.0761 0x0760 KSecDD - ok
16:59:15.0813 0x0760 [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
16:59:15.0834 0x0760 KSecPkg - ok
16:59:15.0881 0x0760 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\windows\system32\drivers\ksthunk.sys
16:59:15.0959 0x0760 ksthunk - ok
16:59:15.0990 0x0760 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\windows\system32\msdtckrm.dll
16:59:16.0052 0x0760 KtmRm - ok
16:59:16.0149 0x0760 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\windows\System32\srvsvc.dll
16:59:16.0200 0x0760 LanmanServer - ok
16:59:16.0231 0x0760 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
16:59:16.0279 0x0760 LanmanWorkstation - ok
16:59:16.0327 0x0760 [ 3503F257B3203F824B1567238EBE17E2, A6F7B0D3C213DC17B266199FAC7F242529A1C030244A819BDBDB892BF2969FD3 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
16:59:16.0343 0x0760 LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
16:59:19.0247 0x0760 Detect skipped due to KSN trusted
16:59:19.0247 0x0760 LightScribeService - ok
16:59:19.0302 0x0760 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
16:59:19.0396 0x0760 lltdio - ok
16:59:19.0440 0x0760 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\windows\System32\lltdsvc.dll
16:59:19.0498 0x0760 lltdsvc - ok
16:59:19.0513 0x0760 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\windows\System32\lmhsvc.dll
16:59:19.0560 0x0760 lmhosts - ok
16:59:19.0607 0x0760 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
16:59:19.0638 0x0760 LSI_FC - ok
16:59:19.0669 0x0760 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
16:59:19.0700 0x0760 LSI_SAS - ok
16:59:19.0716 0x0760 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
16:59:19.0733 0x0760 LSI_SAS2 - ok
16:59:19.0752 0x0760 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
16:59:19.0754 0x0760 LSI_SCSI - ok
16:59:19.0785 0x0760 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\windows\system32\drivers\luafv.sys
16:59:19.0863 0x0760 luafv - ok
16:59:19.0910 0x0760 [ 024DA28053D57E9E32BEE52600576BBB, 8EC636DAB90A835DEBA2EC6176F4547EEF557415FF77C6378EF423569702731E ] MarvinBus C:\windows\system32\DRIVERS\MarvinBus64.sys
16:59:19.0956 0x0760 MarvinBus - ok
16:59:20.0003 0x0760 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
16:59:20.0073 0x0760 Mcx2Svc - ok
16:59:20.0104 0x0760 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\windows\system32\DRIVERS\megasas.sys
16:59:20.0135 0x0760 megasas - ok
16:59:20.0182 0x0760 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
16:59:20.0229 0x0760 MegaSR - ok
16:59:20.0260 0x0760 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\windows\system32\mmcss.dll
16:59:20.0299 0x0760 MMCSS - ok
16:59:20.0335 0x0760 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\windows\system32\drivers\modem.sys
16:59:20.0372 0x0760 Modem - ok
16:59:20.0403 0x0760 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\windows\system32\DRIVERS\monitor.sys
16:59:20.0434 0x0760 monitor - ok
16:59:20.0450 0x0760 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
16:59:20.0473 0x0760 mouclass - ok
16:59:20.0485 0x0760 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
16:59:20.0517 0x0760 mouhid - ok
16:59:20.0563 0x0760 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\windows\system32\drivers\mountmgr.sys
16:59:20.0610 0x0760 mountmgr - ok
16:59:20.0698 0x0760 [ 6439D1E559D08BD8A1465A8943357053, 0E300508C22D12FBA3BE566B722F574CBE1B4A1A305356B92B8EA8B86267071B ] MpFilter C:\windows\system32\DRIVERS\MpFilter.sys
16:59:20.0744 0x0760 MpFilter - ok
16:59:20.0791 0x0760 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\windows\system32\drivers\mpio.sys
16:59:20.0807 0x0760 mpio - ok
16:59:20.0854 0x0760 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
16:59:20.0919 0x0760 mpsdrv - ok
16:59:21.0003 0x0760 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\windows\system32\mpssvc.dll
16:59:21.0080 0x0760 MpsSvc - ok
16:59:21.0117 0x0760 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
16:59:21.0164 0x0760 MRxDAV - ok
16:59:21.0218 0x0760 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
16:59:21.0250 0x0760 mrxsmb - ok
16:59:21.0281 0x0760 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
16:59:21.0312 0x0760 mrxsmb10 - ok
16:59:21.0343 0x0760 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
16:59:21.0343 0x0760 mrxsmb20 - ok
16:59:21.0406 0x0760 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\windows\system32\drivers\msahci.sys
16:59:21.0437 0x0760 msahci - ok
16:59:21.0484 0x0760 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\windows\system32\drivers\msdsm.sys
16:59:21.0519 0x0760 msdsm - ok
16:59:21.0535 0x0760 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\windows\System32\msdtc.exe
16:59:21.0566 0x0760 MSDTC - ok
16:59:21.0597 0x0760 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\windows\system32\drivers\Msfs.sys
16:59:21.0660 0x0760 Msfs - ok
16:59:21.0675 0x0760 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
16:59:21.0706 0x0760 mshidkmdf - ok
16:59:21.0784 0x0760 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
16:59:21.0819 0x0760 msisadrv - ok
16:59:21.0851 0x0760 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\windows\system32\iscsiexe.dll
16:59:21.0914 0x0760 MSiSCSI - ok
16:59:21.0914 0x0760 msiserver - ok
16:59:21.0960 0x0760 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
16:59:22.0038 0x0760 MSKSSRV - ok
16:59:22.0119 0x0760 [ F0D5494D8B177C37E16966262F5D0F68, DD63427DFFD9DD2BEC8336F6AD1BEFE347012331631DC5FEC65E83B1EACDBC67 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
16:59:22.0150 0x0760 MsMpSvc - ok
16:59:22.0201 0x0760 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
16:59:22.0285 0x0760 MSPCLOCK - ok
16:59:22.0301 0x0760 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\windows\system32\drivers\MSPQM.sys
16:59:22.0365 0x0760 MSPQM - ok
16:59:22.0402 0x0760 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
16:59:22.0429 0x0760 MsRPC - ok
16:59:22.0468 0x0760 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
16:59:22.0468 0x0760 mssmbios - ok
16:59:22.0499 0x0760 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\windows\system32\drivers\MSTEE.sys
16:59:22.0530 0x0760 MSTEE - ok
16:59:22.0546 0x0760 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
16:59:22.0624 0x0760 MTConfig - ok
16:59:22.0639 0x0760 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\windows\system32\Drivers\mup.sys
16:59:22.0672 0x0760 Mup - ok
16:59:22.0734 0x0760 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\windows\system32\qagentRT.dll
16:59:22.0820 0x0760 napagent - ok
16:59:22.0883 0x0760 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
16:59:22.0929 0x0760 NativeWifiP - ok
16:59:23.0000 0x0760 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\windows\system32\drivers\ndis.sys
16:59:23.0041 0x0760 NDIS - ok
16:59:23.0068 0x0760 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
16:59:23.0115 0x0760 NdisCap - ok
16:59:23.0131 0x0760 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
16:59:23.0178 0x0760 NdisTapi - ok
16:59:23.0240 0x0760 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
16:59:23.0312 0x0760 Ndisuio - ok
16:59:23.0367 0x0760 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
16:59:23.0434 0x0760 NdisWan - ok
16:59:23.0481 0x0760 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
16:59:23.0559 0x0760 NDProxy - ok
16:59:23.0600 0x0760 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
16:59:23.0649 0x0760 NetBIOS - ok
16:59:23.0713 0x0760 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
16:59:23.0784 0x0760 NetBT - ok
16:59:23.0831 0x0760 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\windows\system32\lsass.exe
16:59:23.0847 0x0760 Netlogon - ok
16:59:23.0870 0x0760 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\windows\System32\netman.dll
16:59:23.0939 0x0760 Netman - ok
16:59:24.0046 0x0760 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:59:24.0109 0x0760 NetMsmqActivator - ok
16:59:24.0125 0x0760 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:59:24.0140 0x0760 NetPipeActivator - ok
16:59:24.0187 0x0760 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\windows\System32\netprofm.dll
16:59:24.0248 0x0760 netprofm - ok
16:59:24.0326 0x0760 [ B72BB9496A126FCFC7FC5945DED9B411, FA5CC4E93761FB2B59B9B34C699B1486560BDB39280AB1125DE42DB7C4BE303A ] netr28x C:\windows\system32\DRIVERS\netr28x.sys
16:59:24.0373 0x0760 netr28x - ok
16:59:24.0435 0x0760 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:59:24.0467 0x0760 NetTcpActivator - ok
16:59:24.0482 0x0760 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:59:24.0498 0x0760 NetTcpPortSharing - ok
16:59:24.0550 0x0760 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
16:59:24.0566 0x0760 nfrd960 - ok
16:59:24.0644 0x0760 [ F9EEFFC65C68A45001D1349E652B8B6F, E5F223129416083A12A85D48C65B2C8D1BF1124110399938E144308C89F9241D ] NisDrv C:\windows\system32\DRIVERS\NisDrvWFP.sys
16:59:24.0659 0x0760 NisDrv - ok
16:59:24.0675 0x0760 [ 9690F420A99364C1E5C439914B0DE25C, 6C6E0B27C4255001FE5F1EAD911DE1A8BF922C405B0C8031A6BD253CEB1D02A6 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
16:59:24.0706 0x0760 NisSrv - ok
16:59:24.0834 0x0760 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\windows\System32\nlasvc.dll
16:59:24.0943 0x0760 NlaSvc - ok
16:59:24.0975 0x0760 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\windows\system32\drivers\Npfs.sys
16:59:25.0021 0x0760 Npfs - ok
16:59:25.0053 0x0760 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\windows\system32\nsisvc.dll
16:59:25.0112 0x0760 nsi - ok
16:59:25.0134 0x0760 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
16:59:25.0181 0x0760 nsiproxy - ok
16:59:25.0496 0x0760 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
16:59:25.0605 0x0760 Ntfs - ok
16:59:25.0621 0x0760 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\windows\system32\drivers\Null.sys
16:59:25.0668 0x0760 Null - ok
16:59:25.0699 0x0760 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\windows\system32\drivers\nvraid.sys
16:59:25.0720 0x0760 nvraid - ok
16:59:25.0741 0x0760 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\windows\system32\drivers\nvstor.sys
16:59:25.0755 0x0760 nvstor - ok
16:59:25.0815 0x0760 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\windows\system32\drivers\nv_agp.sys
16:59:25.0846 0x0760 nv_agp - ok
16:59:25.0901 0x0760 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
16:59:25.0950 0x0760 ohci1394 - ok
16:59:25.0997 0x0760 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:59:26.0028 0x0760 ose - ok
16:59:26.0443 0x0760 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:59:26.0681 0x0760 osppsvc - ok
16:59:26.0728 0x0760 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\windows\system32\pnrpsvc.dll
16:59:26.0790 0x0760 p2pimsvc - ok
16:59:26.0821 0x0760 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\windows\system32\p2psvc.dll
16:59:26.0852 0x0760 p2psvc - ok
16:59:26.0904 0x0760 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\windows\system32\DRIVERS\parport.sys
16:59:26.0918 0x0760 Parport - ok
16:59:26.0935 0x0760 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\windows\system32\drivers\partmgr.sys
16:59:26.0950 0x0760 partmgr - ok
16:59:26.0970 0x0760 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\windows\System32\pcasvc.dll
16:59:26.0991 0x0760 PcaSvc - ok
16:59:27.0023 0x0760 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\windows\system32\drivers\pci.sys
16:59:27.0039 0x0760 pci - ok
16:59:27.0084 0x0760 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\windows\system32\drivers\pciide.sys
16:59:27.0084 0x0760 pciide - ok
16:59:27.0131 0x0760 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
16:59:27.0146 0x0760 pcmcia - ok
16:59:27.0170 0x0760 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\windows\system32\drivers\pcw.sys
16:59:27.0170 0x0760 pcw - ok
16:59:27.0185 0x0760 pdfcDispatcher - ok
16:59:27.0229 0x0760 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\windows\system32\drivers\peauth.sys
16:59:27.0299 0x0760 PEAUTH - ok
16:59:27.0361 0x0760 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\windows\system32\peerdistsvc.dll
16:59:27.0439 0x0760 PeerDistSvc - ok
16:59:27.0534 0x0760 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\windows\SysWow64\perfhost.exe
16:59:27.0585 0x0760 PerfHost - ok
16:59:27.0710 0x0760 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\windows\system32\pla.dll
16:59:27.0816 0x0760 pla - ok
16:59:27.0868 0x0760 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\windows\system32\umpnpmgr.dll
16:59:27.0915 0x0760 PlugPlay - ok
16:59:27.0931 0x0760 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
16:59:27.0962 0x0760 PNRPAutoReg - ok
16:59:27.0993 0x0760 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\windows\system32\pnrpsvc.dll
16:59:28.0024 0x0760 PNRPsvc - ok
16:59:28.0102 0x0760 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
16:59:28.0184 0x0760 PolicyAgent - ok
16:59:28.0215 0x0760 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\windows\system32\umpo.dll
16:59:28.0293 0x0760 Power - ok
16:59:28.0340 0x0760 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
16:59:28.0418 0x0760 PptpMiniport - ok
16:59:28.0449 0x0760 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\windows\system32\DRIVERS\processr.sys
16:59:28.0499 0x0760 Processor - ok
16:59:28.0531 0x0760 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\windows\system32\profsvc.dll
16:59:28.0570 0x0760 ProfSvc - ok
16:59:28.0601 0x0760 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\windows\system32\lsass.exe
16:59:28.0617 0x0760 ProtectedStorage - ok
16:59:28.0681 0x0760 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\windows\system32\DRIVERS\pacer.sys
16:59:28.0734 0x0760 Psched - ok
16:59:28.0776 0x0760 [ A6A7AD767BF5141665F5C675F671B3E1, 11D43F732C3B82679E53516F83E675B60B0EFEDE3F4EE3C42AC752AD8D5155AF ] PSI_SVC_2 c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
16:59:28.0788 0x0760 PSI_SVC_2 - ok
16:59:28.0852 0x0760 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
16:59:28.0901 0x0760 ql2300 - ok
16:59:28.0932 0x0760 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
16:59:28.0963 0x0760 ql40xx - ok
16:59:28.0994 0x0760 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\windows\system32\qwave.dll
16:59:29.0018 0x0760 QWAVE - ok
16:59:29.0034 0x0760 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
16:59:29.0049 0x0760 QWAVEdrv - ok
16:59:29.0065 0x0760 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
16:59:29.0112 0x0760 RasAcd - ok
16:59:29.0143 0x0760 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
16:59:29.0174 0x0760 RasAgileVpn - ok
16:59:29.0205 0x0760 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\windows\System32\rasauto.dll
16:59:29.0299 0x0760 RasAuto - ok
16:59:29.0334 0x0760 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
16:59:29.0381 0x0760 Rasl2tp - ok
16:59:29.0444 0x0760 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\windows\System32\rasmans.dll
16:59:29.0490 0x0760 RasMan - ok
16:59:29.0522 0x0760 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
16:59:29.0615 0x0760 RasPppoe - ok
16:59:29.0639 0x0760 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
16:59:29.0682 0x0760 RasSstp - ok
16:59:29.0729 0x0760 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
16:59:29.0807 0x0760 rdbss - ok
16:59:29.0838 0x0760 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
16:59:29.0874 0x0760 rdpbus - ok
16:59:29.0907 0x0760 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
16:59:29.0949 0x0760 RDPCDD - ok
16:59:29.0996 0x0760 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\windows\system32\drivers\rdpdr.sys
16:59:30.0069 0x0760 RDPDR - ok
16:59:30.0084 0x0760 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
16:59:30.0131 0x0760 RDPENCDD - ok
16:59:30.0131 0x0760 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
16:59:30.0162 0x0760 RDPREFMP - ok
16:59:30.0217 0x0760 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\windows\system32\drivers\RDPWD.sys
16:59:30.0267 0x0760 RDPWD - ok
16:59:30.0329 0x0760 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\windows\system32\drivers\rdyboost.sys
16:59:30.0360 0x0760 rdyboost - ok
16:59:30.0376 0x0760 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\windows\System32\mprdim.dll
16:59:30.0423 0x0760 RemoteAccess - ok
16:59:30.0454 0x0760 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\windows\system32\regsvc.dll
16:59:30.0516 0x0760 RemoteRegistry - ok
16:59:30.0559 0x0760 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
16:59:30.0585 0x0760 RFCOMM - ok
16:59:30.0601 0x0760 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
16:59:30.0647 0x0760 RpcEptMapper - ok
16:59:30.0675 0x0760 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\windows\system32\locator.exe
16:59:30.0700 0x0760 RpcLocator - ok
16:59:30.0778 0x0760 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\windows\system32\rpcss.dll
16:59:30.0829 0x0760 RpcSs - ok
16:59:30.0850 0x0760 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
16:59:30.0881 0x0760 rspndr - ok
16:59:30.0912 0x0760 [ 3CEEE53BBF8BA284FF44585CEC0162FE, 5725A47BE8B7A9116983895FCB82CB2808B7B9C57BC285F3DFD7352E72DBC1FE ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
16:59:30.0928 0x0760 RSUSBSTOR - ok
16:59:30.0944 0x0760 [ AC2BF5EE4EB57685B6ECB066AB0B0EF6, EA1440E574BF79FBC19E315F552EE91A8D963DBB216ECA972AD44E7818BC1691 ] RsvLock C:\windows\system32\drivers\RsvLock.sys
16:59:30.0959 0x0760 RsvLock - ok
16:59:30.0990 0x0760 [ FD978B2BF8A9B2390DCBEF435E9C1F9F, 52CFFE354006CCF087D3651D9D2AF201FD8A8FE8FB7D9CAAC8A527E91838ACE6 ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
16:59:31.0006 0x0760 RTL8167 - ok
16:59:31.0337 0x0760 [ A45A1D896ACE7CE1FA7166C7482D71E6, 24F8E778B5936BFC77D9374DFE0EB8B6AE22DF5B438F4EE367096CE36E205E34 ] rtsuvc C:\windows\system32\DRIVERS\rtsuvc.sys
16:59:31.0560 0x0760 rtsuvc - ok
16:59:31.0638 0x0760 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\windows\system32\drivers\vms3cap.sys
16:59:31.0709 0x0760 s3cap - ok
16:59:31.0717 0x0760 [ 17D9FB7665247C4094E707BD68044EC3, 222464E62965961555ABD1D83F66B64211F4189DE55002AA050916D5414D9D8B ] SafeBoot C:\windows\system32\drivers\SafeBoot.sys
16:59:31.0717 0x0760 Suspicious file ( NoAccess ): C:\windows\system32\drivers\SafeBoot.sys. md5: 17D9FB7665247C4094E707BD68044EC3, sha256: 222464E62965961555ABD1D83F66B64211F4189DE55002AA050916D5414D9D8B
16:59:31.0717 0x0760 SafeBoot - detected LockedFile.Multi.Generic ( 1 )
16:59:34.0134 0x0760 Detect skipped due to KSN trusted
16:59:34.0134 0x0760 SafeBoot - ok
16:59:34.0150 0x0760 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\windows\system32\lsass.exe
16:59:34.0166 0x0760 SamSs - ok
16:59:34.0197 0x0760 [ FD8714A36C4646DE22DDC7E36F6D09EF, DA91F0360B7869897D1BC9F24A3473D429B3C6E4605CBD675CDC96F30661C7C5 ] SbAlg C:\windows\system32\drivers\SbAlg.sys
16:59:34.0197 0x0760 SbAlg - ok
16:59:34.0228 0x0760 [ 3DFF91CD782C299806690AD37EE14C73, 8A10EBE4854E9DA720C02B3E64BA83E6559E42D697AB5713F9AC07BBE291D5AD ] SbFsLock C:\windows\system32\drivers\SbFsLock.sys
16:59:34.0244 0x0760 SbFsLock - ok
16:59:34.0275 0x0760 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\windows\system32\drivers\sbp2port.sys
16:59:34.0290 0x0760 sbp2port - ok
16:59:34.0322 0x0760 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\windows\System32\SCardSvr.dll
16:59:34.0368 0x0760 SCardSvr - ok
16:59:34.0400 0x0760 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
16:59:34.0450 0x0760 scfilter - ok
16:59:34.0528 0x0760 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\windows\system32\schedsvc.dll
16:59:34.0606 0x0760 Schedule - ok
16:59:34.0653 0x0760 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\windows\System32\certprop.dll
16:59:34.0701 0x0760 SCPolicySvc - ok
16:59:34.0748 0x0760 [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\windows\system32\drivers\sdbus.sys
16:59:34.0780 0x0760 sdbus - ok
16:59:34.0811 0x0760 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\windows\System32\SDRSVC.dll
16:59:34.0868 0x0760 SDRSVC - ok
16:59:34.0883 0x0760 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\windows\system32\drivers\secdrv.sys
16:59:34.0930 0x0760 secdrv - ok
16:59:34.0977 0x0760 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\windows\system32\seclogon.dll
16:59:35.0048 0x0760 seclogon - ok
16:59:35.0079 0x0760 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\windows\system32\sens.dll
16:59:35.0111 0x0760 SENS - ok
16:59:35.0126 0x0760 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\windows\system32\sensrsvc.dll
16:59:35.0157 0x0760 SensrSvc - ok
16:59:35.0173 0x0760 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\windows\system32\DRIVERS\serenum.sys
16:59:35.0204 0x0760 Serenum - ok
16:59:35.0220 0x0760 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\windows\system32\DRIVERS\serial.sys
16:59:35.0251 0x0760 Serial - ok
16:59:35.0282 0x0760 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
16:59:35.0316 0x0760 sermouse - ok
16:59:35.0359 0x0760 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\windows\system32\sessenv.dll
16:59:35.0400 0x0760 SessionEnv - ok
16:59:35.0431 0x0760 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\windows\system32\drivers\sffdisk.sys
16:59:35.0470 0x0760 sffdisk - ok
16:59:35.0486 0x0760 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
16:59:35.0517 0x0760 sffp_mmc - ok
16:59:35.0532 0x0760 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
16:59:35.0548 0x0760 sffp_sd - ok
16:59:35.0564 0x0760 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
16:59:35.0595 0x0760 sfloppy - ok
16:59:35.0634 0x0760 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\windows\System32\ipnathlp.dll
16:59:35.0681 0x0760 SharedAccess - ok
16:59:35.0743 0x0760 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll
16:59:35.0790 0x0760 ShellHWDetection - ok
16:59:35.0837 0x0760 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
16:59:35.0868 0x0760 SiSRaid2 - ok
16:59:35.0884 0x0760 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
16:59:35.0899 0x0760 SiSRaid4 - ok
16:59:35.0934 0x0760 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\windows\system32\DRIVERS\smb.sys
16:59:35.0981 0x0760 Smb - ok
16:59:36.0027 0x0760 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\windows\System32\snmptrap.exe
16:59:36.0043 0x0760 SNMPTRAP - ok
16:59:36.0059 0x0760 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\windows\system32\drivers\spldr.sys
16:59:36.0074 0x0760 spldr - ok
16:59:36.0137 0x0760 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\windows\System32\spoolsv.exe
16:59:36.0215 0x0760 Spooler - ok
16:59:36.0375 0x0760 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\windows\system32\sppsvc.exe
16:59:36.0549 0x0760 sppsvc - ok
16:59:36.0584 0x0760 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\windows\system32\sppuinotify.dll
16:59:36.0631 0x0760 sppuinotify - ok
16:59:36.0702 0x0760 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\windows\system32\DRIVERS\srv.sys
16:59:36.0748 0x0760 srv - ok
16:59:36.0784 0x0760 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
16:59:36.0817 0x0760 srv2 - ok
16:59:36.0848 0x0760 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
16:59:36.0885 0x0760 srvnet - ok
16:59:36.0932 0x0760 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
16:59:37.0010 0x0760 SSDPSRV - ok
16:59:37.0025 0x0760 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\windows\system32\sstpsvc.dll
16:59:37.0081 0x0760 SstpSvc - ok
16:59:37.0182 0x0760 [ D632AA8F172287C7391FB95889D1C05A, 447FDA22506F275D5FE604FC9603269AD8D05110A6CB44ABEA6911E896E3BDA8 ] STacSV C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\STacSV64.exe
16:59:37.0215 0x0760 STacSV - ok
16:59:37.0262 0x0760 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
16:59:37.0262 0x0760 stexstor - ok
16:59:37.0309 0x0760 [ C962F5C90BDBEFB6446B5B252C70FE33, 276351A2C60D60271AADC98DF115F3BEFAC21BA79873EC3AC5B68B1794B28879 ] STHDA C:\windows\system32\DRIVERS\stwrt64.sys
16:59:37.0340 0x0760 STHDA - ok
16:59:37.0417 0x0760 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\windows\System32\wiaservc.dll
16:59:37.0469 0x0760 stisvc - ok
16:59:37.0499 0x0760 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\windows\system32\drivers\vmstorfl.sys
16:59:37.0515 0x0760 storflt - ok
16:59:37.0531 0x0760 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\windows\system32\storsvc.dll
16:59:37.0593 0x0760 StorSvc - ok
16:59:37.0640 0x0760 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\windows\system32\drivers\storvsc.sys
16:59:37.0677 0x0760 storvsc - ok
16:59:37.0715 0x0760 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\windows\system32\drivers\swenum.sys
16:59:37.0717 0x0760 swenum - ok
16:59:37.0777 0x0760 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\windows\System32\swprv.dll
16:59:37.0846 0x0760 swprv - ok
16:59:37.0974 0x0760 [ D268D2A0DB2A2BBE963E688D0B039267, DBEF7A1E1E015825E4C2BD80FE3D468E8A6840A44027381CDD4B96605D2FC12A ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
16:59:38.0017 0x0760 SynTP - ok
16:59:38.0099 0x0760 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\windows\system32\sysmain.dll
16:59:38.0201 0x0760 SysMain - ok
16:59:38.0232 0x0760 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll
16:59:38.0276 0x0760 TabletInputService - ok
16:59:38.0306 0x0760 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\windows\System32\tapisrv.dll
16:59:38.0333 0x0760 TapiSrv - ok
16:59:38.0372 0x0760 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\windows\System32\tbssvc.dll
16:59:38.0415 0x0760 TBS - ok
16:59:38.0501 0x0760 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\windows\system32\drivers\tcpip.sys
16:59:38.0564 0x0760 Tcpip - ok
16:59:38.0634 0x0760 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
16:59:38.0681 0x0760 TCPIP6 - ok
16:59:38.0728 0x0760 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
16:59:38.0759 0x0760 tcpipreg - ok
16:59:38.0790 0x0760 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
16:59:38.0821 0x0760 TDPIPE - ok
16:59:38.0853 0x0760 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
16:59:38.0868 0x0760 TDTCP - ok
16:59:38.0899 0x0760 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\windows\system32\DRIVERS\tdx.sys
16:59:38.0950 0x0760 tdx - ok
16:59:38.0981 0x0760 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\windows\system32\drivers\termdd.sys
16:59:38.0996 0x0760 TermDD - ok
16:59:39.0043 0x0760 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\windows\System32\termsrv.dll
16:59:39.0121 0x0760 TermService - ok
16:59:39.0168 0x0760 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\windows\system32\themeservice.dll
16:59:39.0199 0x0760 Themes - ok
16:59:39.0229 0x0760 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\windows\system32\mmcss.dll
16:59:39.0265 0x0760 THREADORDER - ok
16:59:39.0296 0x0760 [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM C:\windows\system32\drivers\tpm.sys
16:59:39.0312 0x0760 TPM - ok
16:59:39.0327 0x0760 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\windows\System32\trkwks.dll
16:59:39.0374 0x0760 TrkWks - ok
16:59:39.0437 0x0760 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
16:59:39.0517 0x0760 TrustedInstaller - ok
16:59:39.0548 0x0760 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
16:59:39.0564 0x0760 tssecsrv - ok
16:59:39.0642 0x0760 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
16:59:39.0698 0x0760 TsUsbFlt - ok
16:59:39.0761 0x0760 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
16:59:39.0824 0x0760 tunnel - ok
16:59:39.0839 0x0760 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
16:59:39.0855 0x0760 uagp35 - ok
16:59:39.0902 0x0760 [ 9EEA84226ED2A028BC3FDFDDE03FE95C, 5DF9428D0B2078CD0C391B0721117C989D680E78A2B8D54DAA9662B1894F772A ] uArcCapture C:\windows\system\uArcCapture.exe
16:59:39.0917 0x0760 uArcCapture - ok
16:59:39.0964 0x0760 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\windows\system32\DRIVERS\udfs.sys
16:59:40.0026 0x0760 udfs - ok
16:59:40.0073 0x0760 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\windows\system32\UI0Detect.exe
16:59:40.0120 0x0760 UI0Detect - ok
16:59:40.0181 0x0760 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
16:59:40.0200 0x0760 uliagpkx - ok
16:59:40.0247 0x0760 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\windows\system32\drivers\umbus.sys
16:59:40.0269 0x0760 umbus - ok
16:59:40.0287 0x0760 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass

[funkymusic]

C:\windows\system32\DRIVERS\umpass.sys
16:59:40.0334 0x0760 UmPass - ok
16:59:40.0396 0x0760 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\windows\System32\umrdp.dll
16:59:40.0435 0x0760 UmRdpService - ok
16:59:40.0482 0x0760 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\windows\System32\upnphost.dll
16:59:40.0529 0x0760 upnphost - ok
16:59:40.0560 0x0760 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
16:59:40.0622 0x0760 usbccgp - ok
16:59:40.0669 0x0760 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\windows\system32\drivers\usbcir.sys
16:59:40.0723 0x0760 usbcir - ok
16:59:40.0750 0x0760 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
16:59:40.0765 0x0760 usbehci - ok
16:59:40.0796 0x0760 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
16:59:40.0828 0x0760 usbhub - ok
16:59:40.0828 0x0760 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\windows\system32\DRIVERS\usbohci.sys
16:59:40.0859 0x0760 usbohci - ok
16:59:40.0890 0x0760 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
16:59:40.0906 0x0760 usbprint - ok
16:59:40.0937 0x0760 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
16:59:40.0984 0x0760 USBSTOR - ok
16:59:40.0999 0x0760 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\windows\system32\drivers\usbuhci.sys
16:59:41.0049 0x0760 usbuhci - ok
16:59:41.0096 0x0760 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
16:59:41.0143 0x0760 usbvideo - ok
16:59:41.0159 0x0760 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\windows\System32\uxsms.dll
16:59:41.0205 0x0760 UxSms - ok
16:59:41.0221 0x0760 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\windows\system32\lsass.exe
16:59:41.0237 0x0760 VaultSvc - ok
16:59:41.0335 0x0760 [ BBE2B5036D2FF45458C747FB2513591D, 22A2E672E9EF5F39BB9E75D54B6AD83E6C63C5126E3C4D7BD02777F3DE39F505 ] vcsFPService C:\windows\system32\vcsFPService.exe
16:59:41.0403 0x0760 vcsFPService - ok
16:59:41.0419 0x0760 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
16:59:41.0434 0x0760 vdrvroot - ok
16:59:41.0531 0x0760 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\windows\System32\vds.exe
16:59:41.0586 0x0760 vds - ok
16:59:41.0602 0x0760 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
16:59:41.0629 0x0760 vga - ok
16:59:41.0644 0x0760 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\windows\System32\drivers\vga.sys
16:59:41.0683 0x0760 VgaSave - ok
16:59:41.0714 0x0760 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\windows\system32\drivers\vhdmp.sys
16:59:41.0745 0x0760 vhdmp - ok
16:59:41.0792 0x0760 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\windows\system32\drivers\viaide.sys
16:59:41.0808 0x0760 viaide - ok
16:59:41.0839 0x0760 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\windows\system32\drivers\vmbus.sys
16:59:41.0872 0x0760 vmbus - ok
16:59:41.0889 0x0760 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\windows\system32\drivers\VMBusHID.sys
16:59:41.0913 0x0760 VMBusHID - ok
16:59:41.0934 0x0760 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\windows\system32\drivers\volmgr.sys
16:59:41.0934 0x0760 volmgr - ok
16:59:41.0984 0x0760 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\windows\system32\drivers\volmgrx.sys
16:59:42.0015 0x0760 volmgrx - ok
16:59:42.0062 0x0760 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\windows\system32\drivers\volsnap.sys
16:59:42.0078 0x0760 volsnap - ok
16:59:42.0124 0x0760 [ B4A73CA4EF9A02B9738CEA9AD5FE5917, B6A8086189FE2F1C3FE5B3F484FBA3DB2E5E1836F3154D30090F136C27D16166 ] vpcbus C:\windows\system32\DRIVERS\vpchbus.sys
16:59:42.0140 0x0760 vpcbus - ok
16:59:42.0189 0x0760 [ E675FB2B48C54F09895482E2253B289C, 68BBFBF2356C849722E429CA753CC309A3CCE8CF00EBDBBD2695ECD292324DF2 ] vpcnfltr C:\windows\system32\DRIVERS\vpcnfltr.sys
16:59:42.0207 0x0760 vpcnfltr - ok
16:59:42.0217 0x0760 [ 5FB42082B0D19A0268705F1DD343DF20, 62F8EEE6A507CE6A8BD638020118D71B78332F79BA82654AB702AE46B04767D9 ] vpcusb C:\windows\system32\DRIVERS\vpcusb.sys
16:59:42.0248 0x0760 vpcusb - ok
16:59:42.0284 0x0760 [ 207B6539799CC1C112661A9B620DD233, 6B915CC7F77C867516D94865D7BF2E5C815402EF0A4488C3EB2FEF7CFA6C98F6 ] vpcvmm C:\windows\system32\drivers\vpcvmm.sys
16:59:42.0300 0x0760 vpcvmm - ok
16:59:42.0331 0x0760 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
16:59:42.0346 0x0760 vsmraid - ok
16:59:42.0471 0x0760 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\windows\system32\vssvc.exe
16:59:42.0558 0x0760 VSS - ok
16:59:42.0582 0x0760 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
16:59:42.0598 0x0760 vwifibus - ok
16:59:42.0629 0x0760 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
16:59:42.0645 0x0760 vwififlt - ok
16:59:42.0676 0x0760 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\windows\system32\w32time.dll
16:59:42.0738 0x0760 W32Time - ok
16:59:42.0754 0x0760 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
16:59:42.0792 0x0760 WacomPen - ok
16:59:42.0849 0x0760 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
16:59:42.0931 0x0760 WANARP - ok
16:59:42.0931 0x0760 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
16:59:42.0970 0x0760 Wanarpv6 - ok
16:59:43.0110 0x0760 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
16:59:43.0148 0x0760 WatAdminSvc - ok
16:59:43.0268 0x0760 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\windows\system32\wbengine.exe
16:59:43.0332 0x0760 wbengine - ok
16:59:43.0363 0x0760 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\windows\System32\wbiosrvc.dll
16:59:43.0395 0x0760 WbioSrvc - ok
16:59:43.0449 0x0760 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\windows\System32\wcncsvc.dll
16:59:43.0481 0x0760 wcncsvc - ok
16:59:43.0512 0x0760 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
16:59:43.0559 0x0760 WcsPlugInService - ok
16:59:43.0574 0x0760 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\windows\system32\DRIVERS\wd.sys
16:59:43.0590 0x0760 Wd - ok
16:59:43.0637 0x0760 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
16:59:43.0668 0x0760 Wdf01000 - ok
16:59:43.0699 0x0760 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\windows\system32\wdi.dll
16:59:43.0766 0x0760 WdiServiceHost - ok
16:59:43.0766 0x0760 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\windows\system32\wdi.dll
16:59:43.0797 0x0760 WdiSystemHost - ok
16:59:43.0813 0x0760 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\windows\System32\webclnt.dll
16:59:43.0844 0x0760 WebClient - ok
16:59:43.0875 0x0760 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\windows\system32\wecsvc.dll
16:59:43.0937 0x0760 Wecsvc - ok
16:59:43.0953 0x0760 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\windows\System32\wercplsupport.dll
16:59:44.0000 0x0760 wercplsupport - ok
16:59:44.0034 0x0760 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\windows\System32\WerSvc.dll
16:59:44.0097 0x0760 WerSvc - ok
16:59:44.0128 0x0760 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
16:59:44.0175 0x0760 WfpLwf - ok
16:59:44.0190 0x0760 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\windows\system32\drivers\wimmount.sys
16:59:44.0206 0x0760 WIMMount - ok
16:59:44.0222 0x0760 WinDefend - ok
16:59:44.0253 0x0760 WinHttpAutoProxySvc - ok
16:59:44.0311 0x0760 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
16:59:44.0356 0x0760 Winmgmt - ok
16:59:44.0449 0x0760 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\windows\system32\WsmSvc.dll
16:59:44.0563 0x0760 WinRM - ok
16:59:44.0633 0x0760 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUSB C:\windows\system32\DRIVERS\WinUSB.sys
16:59:44.0664 0x0760 WinUSB - ok
16:59:44.0727 0x0760 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\windows\System32\wlansvc.dll
16:59:44.0805 0x0760 Wlansvc - ok
16:59:44.0983 0x0760 [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:59:45.0067 0x0760 wlidsvc - ok
16:59:45.0100 0x0760 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
16:59:45.0147 0x0760 WmiAcpi - ok
16:59:45.0178 0x0760 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
16:59:45.0216 0x0760 wmiApSrv - ok
16:59:45.0233 0x0760 WMPNetworkSvc - ok
16:59:45.0248 0x0760 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\windows\System32\wpcsvc.dll
16:59:45.0264 0x0760 WPCSvc - ok
16:59:45.0311 0x0760 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
16:59:45.0326 0x0760 WPDBusEnum - ok
16:59:45.0342 0x0760 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
16:59:45.0373 0x0760 ws2ifsl - ok
16:59:45.0389 0x0760 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\windows\system32\wscsvc.dll
16:59:45.0420 0x0760 wscsvc - ok
16:59:45.0435 0x0760 WSearch - ok
16:59:45.0567 0x0760 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\windows\system32\wuaueng.dll
16:59:45.0645 0x0760 wuauserv - ok
16:59:45.0691 0x0760 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
16:59:45.0754 0x0760 WudfPf - ok
16:59:45.0785 0x0760 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
16:59:45.0825 0x0760 WUDFRd - ok
16:59:45.0865 0x0760 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\windows\System32\WUDFSvc.dll
16:59:45.0897 0x0760 wudfsvc - ok
16:59:45.0959 0x0760 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\windows\System32\wwansvc.dll
16:59:45.0990 0x0760 WwanSvc - ok
16:59:46.0006 0x0760 ================ Scan global ===============================
16:59:46.0021 0x0760 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\windows\system32\basesrv.dll
16:59:46.0053 0x0760 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll
16:59:46.0081 0x0760 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll
16:59:46.0108 0x0760 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll
16:59:46.0117 0x0760 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\windows\system32\services.exe
16:59:46.0133 0x0760 [ Global ] - ok
16:59:46.0133 0x0760 ================ Scan MBR ==================================
16:59:46.0133 0x0760 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:59:46.0576 0x0760 \Device\Harddisk0\DR0 - ok
16:59:46.0576 0x0760 ================ Scan VBR ==================================
16:59:46.0592 0x0760 [ F5E74CCF869E5DEFAD276AA0E8298B33 ] \Device\Harddisk0\DR0\Partition1
16:59:46.0592 0x0760 \Device\Harddisk0\DR0\Partition1 - ok
16:59:46.0607 0x0760 [ A2F8BD8ED8187459837363F45F2721FB ] \Device\Harddisk0\DR0\Partition2
16:59:46.0607 0x0760 \Device\Harddisk0\DR0\Partition2 - ok
16:59:46.0638 0x0760 [ 82D5C19929074F18E9EAE0E8F2DE85C1 ] \Device\Harddisk0\DR0\Partition3
16:59:46.0654 0x0760 \Device\Harddisk0\DR0\Partition3 - ok
16:59:46.0674 0x0760 [ EC0FA710367B4D7AA2DF0BC410C88683 ] \Device\Harddisk0\DR0\Partition4
16:59:46.0676 0x0760 \Device\Harddisk0\DR0\Partition4 - ok
16:59:46.0677 0x0760 ================ Scan generic autorun ======================
16:59:46.0793 0x0760 [ 808E1ADD586431907571CFACFADE50D2, 4A10464C669EF47DC91024D88DDDA29BB9733FD9C6A8043576637036E01D41AC ] C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
16:59:46.0826 0x0760 HPPowerAssistant - ok
16:59:46.0841 0x0760 SynTPEnh - ok
16:59:46.0857 0x0760 [ A0ABBAD8CE99CBF8467D697073B38E87, C71F58580D93F0B78BDA735DA6201A6F1BDA36CC9F72D15B4E6DD62D6C3A43D0 ] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe
16:59:46.0872 0x0760 HPWirelessAssistant - detected UnsignedFile.Multi.Generic ( 1 )
16:59:49.0589 0x0760 Detect skipped due to KSN trusted
16:59:49.0589 0x0760 HPWirelessAssistant - ok
16:59:49.0721 0x0760 [ 85C311AA035A6EC9261C103D9DFA03EC, 11E7B4EBCEDB2B49AC551055B9DBECAF12340F4713E83245195E378EA0523B2C ] C:\Program Files\IDT\WDM\sttray64.exe
16:59:49.0764 0x0760 SysTrayApp - ok
16:59:49.0866 0x0760 [ A6AAD37CDCAE75CB62D039E3A4D8F5E3, 4FF763B0D129175BA1B1E794BA313E6C63F7A89D377C786BF5E730AF2A1D95D1 ] c:\Program Files\Microsoft Security Client\msseces.exe
16:59:49.0914 0x0760 MSC - ok
16:59:50.0064 0x0760 [ DD79A6B15C2F28DE98DF4852AAF6B13B, 0F7E9023E0BA4B40E2DE9A9FA34E85FEAF72B93049AAB3E1D73AD046BB113E05 ] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe
16:59:50.0095 0x0760 NCPluginUpdater - ok
16:59:50.0142 0x0760 [ 1135BDA26ABCC3033A930D7D473F394E, 6D86BF467EEC6E1C17871FFFAE9FC6C651379F384F73BF028F12B7B7E6F44934 ] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
16:59:50.0157 0x0760 QLBController - ok
16:59:50.0204 0x0760 [ 8FBE8BDDC2DF1FD5EEDD482DC3BCDEF5, B50EA509663165656C421E789DF0B3E5FF857EB66DA814983A75331976A3DB37 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
16:59:50.0235 0x0760 StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
16:59:52.0689 0x0760 Detect skipped due to KSN trusted
16:59:52.0689 0x0760 StartCCC - ok
16:59:52.0799 0x0760 [ A503D486FCE9119E28D368198CF8F146, 149922B52AB977E7CCBFCAB963B21967DBCA1133519B68CF09B15BC13B927080 ] C:\Program Files (x86)\Gameforge4D\4Story_CZ\PrePatch.exe
16:59:52.0830 0x0760 4StoryPrePatch - detected UnsignedFile.Multi.Generic ( 1 )
16:59:55.0258 0x0760 Detect skipped due to KSN trusted
16:59:55.0258 0x0760 4StoryPrePatch - ok
16:59:55.0352 0x0760 [ 71C6C44922EF7077254BC6648FD69D75, 208C7917D505C9113DF32A44FE24EA0CC8BBEF021BDCD84421FB008AD26820DA ] C:\Program Files (x86)\WebcamMax\wcmmon.exe
16:59:55.0399 0x0760 WebcamMaxMoniter - detected UnsignedFile.Multi.Generic ( 1 )
16:59:57.0895 0x0760 Detect skipped due to KSN trusted
16:59:57.0895 0x0760 WebcamMaxMoniter - ok
16:59:58.0319 0x0760 [ D2C487A7B8055F35844135D909D7894C, D0F74D95318BA308EB49461FA3F968DC7278A383FFA76A07D967812A394EB2AA ] c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
16:59:58.0825 0x0760 File Sanitizer - detected UnsignedFile.Multi.Generic ( 1 )
17:00:01.0245 0x0760 Detect skipped due to KSN trusted
17:00:01.0245 0x0760 File Sanitizer - ok
17:00:01.0323 0x0760 [ B22CB67919EBAD88B0E8BB9CDA446010, 2F744FEAC48EDE7D6B6D2727F7DDFA80B26D9E3B0009741B00992B19AD85E128 ] C:\Windows\System32\StikyNot.exe
17:00:01.0405 0x0760 RESTART_STICKY_NOTES - ok
17:00:01.0509 0x0760 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
17:00:01.0587 0x0760 Sidebar - ok
17:00:01.0699 0x0760 [ BDF37B36AC60A7D97161A103B14CEE65, 38DEC2F59AC7C22AD5ADC48076C38A9AC92D3AE4F2EEFBBA408FFDC7A4E1E54A ] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
17:00:01.0783 0x0760 LightScribe Control Panel - detected UnsignedFile.Multi.Generic ( 1 )
17:00:04.0244 0x0760 Detect skipped due to KSN trusted
17:00:04.0244 0x0760 LightScribe Control Panel - ok
17:00:04.0260 0x0760 Waiting for KSN requests completion. In queue: 2
17:00:05.0267 0x0760 Waiting for KSN requests completion. In queue: 2
17:00:06.0282 0x0760 Waiting for KSN requests completion. In queue: 2
17:00:07.0314 0x0760 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.6.305.0 ), 0x60000 ( disabled : updated )
17:00:07.0361 0x0760 Win FW state via NFP2: enabled
17:00:09.0767 0x0760 ============================================================
17:00:09.0767 0x0760 Scan finished
17:00:09.0767 0x0760 ============================================================
17:00:09.0783 0x0ba4 Detected object count: 0
17:00:09.0783 0x0ba4 Actual detected object count: 0
17:00:38.0171 0x169c ============================================================
17:00:38.0171 0x169c Scan started
17:00:38.0171 0x169c Mode: Manual; SigCheck; TDLFS;
17:00:38.0171 0x169c ============================================================
17:00:38.0171 0x169c KSN ping started
17:00:40.0512 0x169c KSN ping finished: true
17:00:41.0425 0x169c ================ Scan system memory ========================
17:00:41.0425 0x169c System memory - ok
17:00:41.0425 0x169c ================ Scan services =============================
17:00:41.0581 0x169c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
17:00:41.0630 0x169c 1394ohci - ok
17:00:41.0662 0x169c [ 5C368F4B04ED2A923E6AFCA2D37BAFF5, C3CC58D636B18DF77C4C4B384AD1DE78418716A0606E564DBC63782D5EA02905 ] Accelerometer C:\windows\system32\DRIVERS\Accelerometer.sys
17:00:41.0662 0x169c Accelerometer - ok
17:00:41.0772 0x169c [ ADC420616C501B45D26C0FD3EF1E54E4, 29FC41D40A35AC5476E2A673CE5B12684E0CFA12A1AEBEEBE5883FBA5CA68B67 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
17:00:41.0803 0x169c ACDaemon - ok
17:00:41.0868 0x169c [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\windows\system32\drivers\ACPI.sys
17:00:41.0890 0x169c ACPI - ok
17:00:41.0915 0x169c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
17:00:41.0946 0x169c AcpiPmi - ok
17:00:42.0092 0x169c [ F79623288F2A357AB20288B5DC4F452A, AA6F70A4C12E390E08074D6FD0EA0D1856D8274DA833E56A8811BF820A2D41D4 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:00:42.0106 0x169c AdobeFlashPlayerUpdateSvc - ok
17:00:42.0137 0x169c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
17:00:42.0169 0x169c adp94xx - ok
17:00:42.0200 0x169c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
17:00:42.0229 0x169c adpahci - ok
17:00:42.0231 0x169c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
17:00:42.0247 0x169c adpu320 - ok
17:00:42.0278 0x169c [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
17:00:42.0309 0x169c AeLookupSvc - ok
17:00:42.0403 0x169c [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64.exe
17:00:42.0434 0x169c AESTFilters - ok
17:00:42.0481 0x169c [ 6CCD1135320109D6B219F1A6E04AD9F6, B97D4DF46DF0EFC106BD3E248C70809F3F47DF3FD1CA039A0A3923E1FA05A969 ] Afc C:\windows\syswow64\drivers\Afc.sys
17:00:42.0497 0x169c Afc - ok
17:00:42.0564 0x169c [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\windows\system32\drivers\afd.sys
17:00:42.0589 0x169c AFD - ok
17:00:42.0636 0x169c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\windows\system32\drivers\agp440.sys
17:00:42.0636 0x169c agp440 - ok
17:00:42.0673 0x169c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\windows\System32\alg.exe
17:00:42.0686 0x169c ALG - ok
17:00:42.0717 0x169c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\windows\system32\drivers\aliide.sys
17:00:42.0717 0x169c aliide - ok
17:00:42.0749 0x169c [ 5A06AB7AB4D389DFE3C109599DF0BB65, 317AA0BD3319C67339EE7E7B15E2C176E9E85480C84728571D8F1690F8A0844B ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
17:00:42.0764 0x169c AMD External Events Utility - ok
17:00:42.0780 0x169c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\windows\system32\drivers\amdide.sys
17:00:42.0780 0x169c amdide - ok
17:00:42.0813 0x169c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
17:00:42.0825 0x169c AmdK8 - ok
17:00:43.0082 0x169c [ 650DDCCD6657E20737433CB774521B81, 0D38128D1C71070CB697130C9186610D41D2912CD472AEFACA9E641DF0FC1DDF ] amdkmdag C:\windows\system32\DRIVERS\atikmdag.sys
17:00:43.0287 0x169c amdkmdag - ok
17:00:43.0334 0x169c [ F51B013C55B30DBE3AD59A7FE197C5BA, 3BED69D56FC6AB7A294FB8C322E0E9F454BA91E8FB6CDC2C36DD7F9FEBEAB95F ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
17:00:43.0365 0x169c amdkmdap - ok
17:00:43.0380 0x169c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
17:00:43.0396 0x169c AmdPPM - ok
17:00:43.0432 0x169c [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\windows\system32\drivers\amdsata.sys
17:00:43.0447 0x169c amdsata - ok
17:00:43.0478 0x169c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
17:00:43.0494 0x169c amdsbs - ok
17:00:43.0510 0x169c [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\windows\system32\drivers\amdxata.sys
17:00:43.0525 0x169c amdxata - ok
17:00:43.0556 0x169c [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\windows\system32\drivers\appid.sys
17:00:43.0588 0x169c AppID - ok
17:00:43.0619 0x169c [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\windows\System32\appidsvc.dll
17:00:43.0650 0x169c AppIDSvc - ok
17:00:43.0698 0x169c [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\windows\System32\appinfo.dll
17:00:43.0712 0x169c Appinfo - ok
17:00:43.0736 0x169c [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\windows\System32\appmgmts.dll
17:00:43.0752 0x169c AppMgmt - ok
17:00:43.0789 0x169c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\windows\system32\DRIVERS\arc.sys
17:00:43.0802 0x169c arc - ok
17:00:43.0813 0x169c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
17:00:43.0825 0x169c arcsas - ok
17:00:43.0857 0x169c [ CE2168C926927BA926301BAF172BC693, FC3DFCD5390DD3E80211E09177C762B7F8B2565A9A663D764AED8C6B4EAAA3C9 ] ARCVCAM C:\windows\system32\DRIVERS\ArcSoftVCapture.sys
17:00:43.0872 0x169c ARCVCAM - ok
17:00:43.0947 0x169c [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:00:43.0972 0x169c aspnet_state - ok
17:00:43.0999 0x169c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
17:00:44.0030 0x169c AsyncMac - ok
17:00:44.0075 0x169c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\windows\system32\drivers\atapi.sys
17:00:44.0081 0x169c atapi - ok
17:00:44.0112 0x169c [ 2D648572BA9A610952FCAFBA1E119C2D, 4CD7E7D3C878DEF8CC18A925EAB1E0E8E8893BE99DA1E1F78FE9AD12EF1C48BC ] AtiHdmiService C:\windows\system32\drivers\AtiHdmi.sys
17:00:44.0128 0x169c AtiHdmiService - ok
17:00:44.0144 0x169c [ E82E61F46D1336447F4DEFF8C074F13E, 9FC152B33F1D9F5684B687743E943AA26AC17A1093F4C31A43C7012E70BC302E ] AtiPcie C:\windows\system32\DRIVERS\AtiPcie64.sys
17:00:44.0159 0x169c AtiPcie - ok
17:00:44.0206 0x169c [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
17:00:44.0237 0x169c AudioEndpointBuilder - ok
17:00:44.0253 0x169c [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\windows\System32\Audiosrv.dll
17:00:44.0305 0x169c AudioSrv - ok
17:00:44.0342 0x169c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\windows\System32\AxInstSV.dll
17:00:44.0365 0x169c AxInstSV - ok
17:00:44.0390 0x169c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
17:00:44.0421 0x169c b06bdrv - ok
17:00:44.0452 0x169c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
17:00:44.0468 0x169c b57nd60a - ok
17:00:44.0597 0x169c [ 6C95DD14CFD30B0617B91DC6A0B1A1FB, C666B659085BDFAF95F3010059A2AD15D10046A1FE026C271A12BC8029A2E6EA ] BCM43XX C:\windows\system32\DRIVERS\bcmwl664.sys
17:00:44.0728 0x169c BCM43XX - ok
17:00:44.0759 0x169c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\windows\System32\bdesvc.dll
17:00:44.0775 0x169c BDESVC - ok
17:00:44.0790 0x169c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\windows\system32\drivers\Beep.sys
17:00:44.0821 0x169c Beep - ok
17:00:44.0895 0x169c [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\windows\System32\bfe.dll
17:00:44.0916 0x169c BFE - ok
17:00:44.0989 0x169c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\windows\system32\qmgr.dll
17:00:45.0029 0x169c BITS - ok
17:00:45.0060 0x169c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
17:00:45.0060 0x169c blbdrive - ok
17:00:45.0113 0x169c [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\windows\system32\DRIVERS\bowser.sys
17:00:45.0145 0x169c bowser - ok
17:00:45.0174 0x169c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
17:00:45.0190 0x169c BrFiltLo - ok
17:00:45.0198 0x169c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
17:00:45.0211 0x169c BrFiltUp - ok
17:00:45.0232 0x169c [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
17:00:45.0270 0x169c BridgeMP - ok
17:00:45.0297 0x169c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\windows\System32\browser.dll
17:00:45.0312 0x169c Browser - ok
17:00:45.0343 0x169c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\windows\System32\Drivers\Brserid.sys
17:00:45.0365 0x169c Brserid - ok
17:00:45.0367 0x169c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
17:00:45.0383 0x169c BrSerWdm - ok
17:00:45.0414 0x169c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
17:00:45.0429 0x169c BrUsbMdm - ok
17:00:45.0445 0x169c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
17:00:45.0445 0x169c BrUsbSer - ok
17:00:45.0473 0x169c [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
17:00:45.0486 0x169c BthEnum - ok
17:00:45.0494 0x169c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
17:00:45.0509 0x169c BTHMODEM - ok
17:00:45.0531 0x169c [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
17:00:45.0547 0x169c BthPan - ok
17:00:45.0597 0x169c [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
17:00:45.0613 0x169c BTHPORT - ok
17:00:45.0644 0x169c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\windows\system32\bthserv.dll
17:00:45.0683 0x169c bthserv - ok
17:00:45.0683 0x169c [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
17:00:45.0699 0x169c BTHUSB - ok
17:00:45.0730 0x169c [ 59E3510784548C6939C1B3B985C232E3, 7284A4A880307A88C431DE8BA9195C2B256C8598757958B02DB6A80EBB57698E ] btwampfl C:\windows\system32\drivers\btwampfl.sys
17:00:45.0745 0x169c btwampfl - ok
17:00:45.0761 0x169c [ 1872074ED0A3FB22E3F1E3197B984BFA, 112F289BFE63B46D1E007E3C6761B5C5C8F499B6638CE896DF528FDDBBC1EA12 ] btwaudio C:\windows\system32\drivers\btwaudio.sys
17:00:45.0777 0x169c btwaudio - ok
17:00:45.0792 0x169c [ 691CF076C33AB1C3A5B2FD5450300733, C2C943D42B0A135BD255FA8985A00D36B0DD91546291E2D819FACE7C0B08287D ] btwavdt C:\windows\system32\DRIVERS\btwavdt.sys
17:00:45.0792 0x169c btwavdt - ok
17:00:45.0863 0x169c [ 8BA6E93A182126781952A7895EC1E4B2, C11F7187278BA72016D2168E653D6C904E0DFB5B173E4DFBF7D86AD73631D5A6 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
17:00:45.0894 0x169c btwdins - ok
17:00:45.0909 0x169c [ 07096D2BC22CCB6CEA5A532DF0BE8A75, A9B7F2EFFDF1E4EC0A5DC098F0ED2BE44E271844A4F1CBAD2FA1655DE1E03F6E ] btwl2cap C:\windows\system32\DRIVERS\btwl2cap.sys
17:00:45.0909 0x169c btwl2cap - ok
17:00:45.0925 0x169c [ C9273B20DEC8CE38DBCE5D29DE63C907, 71D67A1A2EDA81351E8D8129824565E2ECA0CFA4DC844CE12F90AB7906ABA737 ] btwrchid C:\windows\system32\DRIVERS\btwrchid.sys
17:00:45.0925 0x169c btwrchid - ok
17:00:45.0925 0x169c catchme - ok
17:00:45.0956 0x169c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
17:00:45.0987 0x169c cdfs - ok
17:00:46.0034 0x169c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
17:00:46.0050 0x169c cdrom - ok
17:00:46.0081 0x169c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\windows\System32\certprop.dll
17:00:46.0122 0x169c CertPropSvc - ok
17:00:46.0147 0x169c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\windows\system32\DRIVERS\circlass.sys
17:00:46.0162 0x169c circlass - ok
17:00:46.0194 0x169c [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\windows\system32\CLFS.sys
17:00:46.0209 0x169c CLFS - ok
17:00:46.0272 0x169c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:00:46.0303 0x169c clr_optimization_v2.0.50727_32 - ok
17:00:46.0350 0x169c [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:00:46.0365 0x169c clr_optimization_v2.0.50727_64 - ok
17:00:46.0447 0x169c [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:00:46.0493 0x169c clr_optimization_v4.0.30319_32 - ok
17:00:46.0509 0x169c [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:00:46.0525 0x169c clr_optimization_v4.0.30319_64 - ok
17:00:46.0540 0x169c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
17:00:46.0556 0x169c CmBatt - ok
17:00:46.0587 0x169c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\windows\system32\drivers\cmdide.sys
17:00:46.0603 0x169c cmdide - ok
17:00:46.0696 0x169c [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\windows\system32\Drivers\cng.sys
17:00:46.0714 0x169c CNG - ok
17:00:46.0730 0x169c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
17:00:46.0745 0x169c Compbatt - ok
17:00:46.0776 0x169c [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
17:00:46.0823 0x169c CompositeBus - ok
17:00:46.0823 0x169c COMSysApp - ok
17:00:46.0839 0x169c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
17:00:46.0839 0x169c crcdisk - ok
17:00:46.0897 0x169c [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\windows\system32\cryptsvc.dll
17:00:46.0897 0x169c CryptSvc - ok
17:00:46.0943 0x169c [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\windows\system32\drivers\csc.sys
17:00:46.0975 0x169c CSC - ok
17:00:47.0014 0x169c [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\windows\System32\cscsvc.dll
17:00:47.0045 0x169c CscService - ok
17:00:47.0061 0x169c [ A8BA4DA23AC20BDA23CA15234D42A3FA, 951C59CD83F7D931EFE68CC950602834187E2225B11261C92F9E0DC0A6F5F544 ] DAMDrv C:\windows\system32\DRIVERS\DAMDrv64.sys
17:00:47.0076 0x169c DAMDrv - ok
17:00:47.0154 0x169c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\windows\system32\rpcss.dll
17:00:47.0217 0x169c DcomLaunch - ok
17:00:47.0295 0x169c [ F40D764E9A9CA1FC981BE2E1F4063B39, 41A1E52A8035EBB3F1B15F119A331FD35B5FD7E1EFCC43FF64A619B40A1285E8 ] DEBridge c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe
17:00:47.0336 0x169c DEBridge - detected UnsignedFile.Multi.Generic ( 1 )
17:00:47.0336 0x169c Detect skipped due to KSN trusted
17:00:47.0336 0x169c DEBridge - ok
17:00:47.0358 0x169c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\windows\System32\defragsvc.dll
17:00:47.0396 0x169c defragsvc - ok
17:00:47.0427 0x169c [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\windows\system32\Drivers\dfsc.sys
17:00:47.0484 0x169c DfsC - ok
17:00:47.0531 0x169c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\windows\system32\dhcpcore.dll
17:00:47.0547 0x169c Dhcp - ok
17:00:47.0563 0x169c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\windows\system32\drivers\discache.sys
17:00:47.0594 0x169c discache - ok
17:00:47.0619 0x169c [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\windows\system32\DRIVERS\disk.sys
17:00:47.0635 0x169c Disk - ok
17:00:47.0651 0x169c [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\windows\System32\dnsrslvr.dll
17:00:47.0666 0x169c Dnscache - ok
17:00:47.0713 0x169c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\windows\System32\dot3svc.dll
17:00:47.0760 0x169c dot3svc - ok
17:00:47.0838 0x169c [ 413D757FB6B447B892F2299AC42B7838, D5CF215FED5C271C7ABF78475558593BB227E1731BC37421FB6D7F09A6139A5A ] DpHost c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
17:00:47.0853 0x169c DpHost - ok
17:00:47.0900 0x169c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\windows\system32\dps.dll
17:00:47.0931 0x169c DPS - ok
17:00:47.0946 0x169c [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
17:00:47.0962 0x169c drmkaud - ok
17:00:48.0009 0x169c [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01 C:\windows\system32\DRIVERS\dtsoftbus01.sys
17:00:48.0024 0x169c dtsoftbus01 - ok
17:00:48.0087 0x169c [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
17:00:48.0118 0x169c DXGKrnl - ok
17:00:48.0134 0x169c EagleX64 - ok
17:00:48.0134 0x169c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\windows\System32\eapsvc.dll
17:00:48.0180 0x169c EapHost - ok
17:00:48.0341 0x169c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
17:00:48.0434 0x169c ebdrv - ok
17:00:48.0502 0x169c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\windows\System32\lsass.exe
17:00:48.0514 0x169c EFS - ok
17:00:48.0565 0x169c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\windows\ehome\ehRecvr.exe
17:00:48.0581 0x169c ehRecvr - ok
17:00:48.0613 0x169c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\windows\ehome\ehsched.exe
17:00:48.0628 0x169c ehSched - ok
17:00:48.0667 0x169c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
17:00:48.0699 0x169c elxstor - ok
17:00:48.0730 0x169c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\windows\system32\drivers\errdev.sys
17:00:48.0745 0x169c ErrDev - ok
17:00:48.0789 0x169c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\windows\system32\es.dll
17:00:48.0830 0x169c EventSystem - ok
17:00:48.0845 0x169c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\windows\system32\drivers\exfat.sys
17:00:48.0881 0x169c exfat - ok
17:00:48.0896 0x169c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\windows\system32\drivers\fastfat.sys
17:00:48.0943 0x169c fastfat - ok
17:00:49.0006 0x169c [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\windows\system32\fxssvc.exe
17:00:49.0037 0x169c Fax - ok
17:00:49.0052 0x169c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\windows\system32\DRIVERS\fdc.sys
17:00:49.0077 0x169c fdc - ok
17:00:49.0101 0x169c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\windows\system32\fdPHost.dll
17:00:49.0132 0x169c fdPHost - ok
17:00:49.0132 0x169c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\windows\system32\fdrespub.dll
17:00:49.0174 0x169c FDResPub - ok
17:00:49.0197 0x169c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\windows\system32\drivers\fileinfo.sys
17:00:49.0213 0x169c FileInfo - ok
17:00:49.0213 0x169c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\windows\system32\drivers\filetrace.sys
17:00:49.0244 0x169c Filetrace - ok
17:00:49.0353 0x169c [ 614B050875190FFE7ABBAF0CBB4FBBBA, CB7FEDE44B7BE276C86E63B3BF2E83D21986DE85500FA298F569B3C7AE051BEF ] FLCDLOCK c:\Windows\SysWOW64\flcdlock.exe
17:00:49.0390 0x169c FLCDLOCK - ok
17:00:49.0414 0x169c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
17:00:49.0414 0x169c flpydisk - ok
17:00:49.0466 0x169c [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
17:00:49.0482 0x169c FltMgr - ok
17:00:49.0575 0x169c [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\windows\system32\FntCache.dll
17:00:49.0606 0x169c FontCache - ok
17:00:49.0675 0x169c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:00:49.0699 0x169c FontCache3.0.0.0 - ok
17:00:49.0742 0x169c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\windows\system32\drivers\FsDepends.sys
17:00:49.0755 0x169c FsDepends - ok
17:00:49.0779 0x169c [ B3EB502D2C3F47C47415F85387DFAEF1, 5240D4281BB9FBFBFEB98522D12F0C006BE063C084C2E6E23DACB6606CDC25AE ] fssfltr C:\windows\system32\DRIVERS\fssfltr.sys
17:00:49.0795 0x169c fssfltr - ok
17:00:49.0982 0x169c [ B6AB40819ECEC4BA07266EC0EBBC85A7, 71D385043720B622305FD64BD1187C6FFD7191C30794F95629CF6BFDC0A25BA2 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
17:00:50.0038 0x169c fsssvc - ok
17:00:50.0069 0x169c [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
17:00:50.0079 0x169c Fs_Rec - ok
17:00:50.0128 0x169c [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
17:00:50.0159 0x169c fvevol - ok
17:00:50.0188 0x169c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
17:00:50.0198 0x169c gagp30kx - ok
17:00:50.0275 0x169c [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\windows\System32\gpsvc.dll
17:00:50.0330 0x169c gpsvc - ok
17:00:50.0413 0x169c [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:00:50.0429 0x169c gupdate - ok
17:00:50.0445 0x169c [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:00:50.0461 0x169c gupdatem - ok
17:00:50.0497 0x169c [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
17:00:50.0512 0x169c gusvc - ok
17:00:50.0528 0x169c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
17:00:50.0544 0x169c hcw85cir - ok
17:00:50.0590 0x169c [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
17:00:50.0614 0x169c HdAudAddService - ok
17:00:50.0630 0x169c [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
17:00:50.0645 0x169c HDAudBus - ok
17:00:50.0661 0x169c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
17:00:50.0676 0x169c HidBatt - ok
17:00:50.0708 0x169c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
17:00:50.0723 0x169c HidBth - ok
17:00:50.0739 0x169c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\windows\system32\DRIVERS\hidir.sys
17:00:50.0754 0x169c HidIr - ok
17:00:50.0770 0x169c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\windows\System32\hidserv.dll
17:00:50.0801 0x169c hidserv - ok
17:00:50.0817 0x169c [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\windows\system32\drivers\hidusb.sys
17:00:50.0832 0x169c HidUsb - ok
17:00:50.0864 0x169c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\windows\system32\kmsvc.dll
17:00:50.0895 0x169c hkmsvc - ok
17:00:50.0947 0x169c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
17:00:50.0963 0x169c HomeGroupListener - ok
17:00:51.0009 0x169c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
17:00:51.0025 0x169c HomeGroupProvider - ok
17:00:51.0056 0x169c [ 74E65F650FAF75550C96CDFF302DEB28, 6736F9A1967136D9891E3D35F78F1FF956759B87E4C486A375067A70B03FD495 ] HP Power Assistant Service C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
17:00:51.0056 0x169c HP Power Assistant Service - ok
17:00:51.0119 0x169c [ 2666CFC4A063D75FE3D87BC334D7ECF5, 163A0E44A95D9F707649FA2992807FEADB3030622C768B0A353F9CCB9A0048B9 ] HP ProtectTools Service c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
17:00:51.0150 0x169c HP ProtectTools Service - detected UnsignedFile.Multi.Generic ( 1 )
17:00:51.0150 0x169c Detect skipped due to KSN trusted
17:00:51.0150 0x169c HP ProtectTools Service - ok
17:00:51.0181 0x169c [ 2A8B93A01621E100A578E83C768AFA2C, 6637D260AF180D1F200D219796FCE6D524FC6BF57C0CEEF9E1B3616E85865AD1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
17:00:51.0197 0x169c HP Support Assistant Service - detected UnsignedFile.Multi.Generic ( 1 )
17:00:51.0197 0x169c Detect skipped due to KSN trusted
17:00:51.0197 0x169c HP Support Assistant Service - ok
17:00:51.0231 0x169c [ 9ABD12FCE4A62905731C286BB1D66789, 2D1A5B991EE5BDBAF5501B0BA0CE75B2468B2179B179AF0769A8F1542FCD926B ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
17:00:51.0231 0x169c HP Wireless Assistant Service - ok
17:00:51.0294 0x169c [ 94C74D758E0F7B1D962DA452B4D28C91, F7E8F0C4895C50E25C4E6073BE008099D8BC9F1AA1298C53EC2561B00D8EC2B9 ] HPDayStarterService c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe
17:00:51.0309 0x169c HPDayStarterService - detected UnsignedFile.Multi.Generic ( 1 )
17:00:51.0309 0x169c Detect skipped due to KSN trusted
17:00:51.0309 0x169c HPDayStarterService - ok
17:00:51.0356 0x169c [ 33761EBD9A26DE33BC83DD2DAFEC4513, F1A397D6B72F998A64B8BBAA292C13E8354D2C1BE14B7C46840A512AA3BE1770 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
17:00:51.0372 0x169c HPDrvMntSvc.exe - ok
17:00:51.0403 0x169c [ 4E0BEC0F78096FFD6D3314B497FC49D3, 15B545815D0C80102963FFF13B6643CC9A74717137C1CBA45345B18912E72DB6 ] hpdskflt C:\windows\system32\DRIVERS\hpdskflt.sys
17:00:51.0418 0x169c hpdskflt - ok
17:00:51.0450 0x169c [ E27B4A34CAA5DA0E872477F4F71C50E2, 375500814F8AFAAC34716411B0FCB03A9E12A90DA163747610F41CF567AB2EE2 ] HpFkCryptService c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
17:00:51.0465 0x169c HpFkCryptService - ok
17:00:51.0545 0x169c [ E123B122D5217F724B1D2641010C9D3C, CCF5D52B0519C09E7EAEF1C7AF9FE954FF8A5A7F95DB24E0F988A24FFCED1C94 ] HPFSService C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
17:00:51.0577 0x169c HPFSService - detected UnsignedFile.Multi.Generic ( 1 )
17:00:51.0577 0x169c Detect skipped due to KSN trusted
17:00:51.0577 0x169c HPFSService - ok
17:00:51.0639 0x169c [ 4D94F4D7782657E79EB1352570B563DB, 5563BF93070EEA43BB15E2FE05C80374129B04B6F773502C21AA3D51BF61ECF5 ] hpHotkeyMonitor C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
17:00:51.0670 0x169c hpHotkeyMonitor - ok
17:00:51.0694 0x169c [ B98EE5D4535A685634B90F7E04DE0DF7, E37D26EF83B70E84742498D2F53037F83BE13F0E01484D85A20C872F1F02ADDA ] HpqKbFiltr C:\windows\system32\DRIVERS\HpqKbFiltr.sys
17:00:51.0702 0x169c HpqKbFiltr - ok
17:00:51.0749 0x169c [ D2946D9F020AE76E9CEF9B4A6DF838C0, C29CE594879385DA12B8EAA90B258905827B613839CCD820DE49215B68676995 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
17:00:51.0780 0x169c hpqwmiex - ok
17:00:51.0831 0x169c [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
17:00:51.0847 0x169c HpSAMD - ok
17:00:51.0893 0x169c [ FC7C13B5A9E9BE23B7AE72BBC7FDB278, E85A7BF1CFE52BA7D663A1ED48A4F8874EFBDDF48979138F7E3E24817705B6A1 ] hpsrv C:\windows\system32\Hpservice.exe
17:00:51.0909 0x169c hpsrv - ok
17:00:51.0987 0x169c [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\windows\system32\drivers\HTTP.sys
17:00:52.0034 0x169c HTTP - ok
17:00:52.0081 0x169c [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
17:00:52.0112 0x169c hwpolicy - ok
17:00:52.0162 0x169c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\windows\system32\drivers\i8042prt.sys
17:00:52.0178 0x169c i8042prt - ok
17:00:52.0215 0x169c [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
17:00:52.0246 0x169c iaStorV - ok
17:00:52.0314 0x169c [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:00:52.0345 0x169c idsvc - ok
17:00:52.0345 0x169c IEEtwCollectorService - ok
17:00:52.0376 0x169c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
17:00:52.0376 0x169c iirsp - ok
17:00:52.0462 0x169c [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\windows\System32\ikeext.dll
17:00:52.0493 0x169c IKEEXT - ok
17:00:52.0540 0x169c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\windows\system32\drivers\intelide.sys
17:00:52.0556 0x169c intelide - ok
17:00:52.0587 0x169c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
17:00:52.0618 0x169c intelppm - ok
17:00:52.0649 0x169c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\windows\system32\ipbusenum.dll
17:00:52.0680 0x169c IPBusEnum - ok
17:00:52.0735 0x169c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
17:00:52.0796 0x169c IpFilterDriver - ok
17:00:52.0874 0x169c [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\windows\System32\iphlpsvc.dll
17:00:52.0906 0x169c iphlpsvc - ok
17:00:52.0952 0x169c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
17:00:52.0999 0x169c IPMIDRV - ok
17:00:53.0030 0x169c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\windows\system32\drivers\ipnat.sys
17:00:53.0063 0x169c IPNAT - ok
17:00:53.0079 0x169c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\windows\system32\drivers\irenum.sys
17:00:53.0095 0x169c IRENUM - ok
17:00:53.0141 0x169c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\windows\system32\drivers\isapnp.sys
17:00:53.0141 0x169c isapnp - ok
17:00:53.0188 0x169c [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
17:00:53.0219 0x169c iScsiPrt - ok
17:00:53.0235 0x169c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
17:00:53.0251 0x169c kbdclass - ok
17:00:53.0293 0x169c [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
17:00:53.0304 0x169c kbdhid - ok
17:00:53.0314 0x169c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\windows\system32\lsass.exe
17:00:53.0330 0x169c KeyIso - ok
17:00:53.0366 0x169c [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
17:00:53.0377 0x169c KSecDD - ok
17:00:53.0385 0x169c [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
17:00:53.0401 0x169c KSecPkg - ok
17:00:53.0432 0x169c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\windows\system32\drivers\ksthunk.sys
17:00:53.0469 0x169c ksthunk - ok
17:00:53.0501 0x169c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\windows\system32\msdtckrm.dll
17:00:53.0576 0x169c KtmRm - ok
17:00:53.0619 0x169c [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\windows\System32\srvsvc.dll
17:00:53.0662 0x169c LanmanServer - ok
17:00:53.0697 0x169c [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
17:00:53.0728 0x169c LanmanWorkstation - ok
17:00:53.0775 0x169c [ 3503F257B3203F824B1567238EBE17E2, A6F7B0D3C213DC17B266199FAC7F242529A1C030244A819BDBDB892BF2969FD3 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
17:00:53.0790 0x169c LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
17:00:53.0790 0x169c Detect skipped due to KSN trusted
17:00:53.0790 0x169c LightScribeService - ok
17:00:53.0837 0x169c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
17:00:53.0884 0x169c lltdio - ok
17:00:53.0904 0x169c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\windows\System32\lltdsvc.dll
17:00:53.0944 0x169c lltdsvc - ok
17:00:53.0946 0x169c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\windows\System32\lmhsvc.dll
17:00:53.0988 0x169c lmhosts - ok
17:00:54.0014 0x169c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
17:00:54.0029 0x169c LSI_FC - ok
17:00:54.0060 0x169c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
17:00:54.0076 0x169c LSI_SAS - ok
17:00:54.0092 0x169c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
17:00:54.0092 0x169c LSI_SAS2 - ok
17:00:54.0123 0x169c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
17:00:54.0123 0x169c LSI_SCSI - ok
17:00:54.0138 0x169c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\windows\system32\drivers\luafv.sys
17:00:54.0186 0x169c luafv - ok
17:00:54.0217 0x169c [ 024DA28053D57E9E32BEE52600576BBB, 8EC636DAB90A835DEBA2EC6176F4547EEF557415FF77C6378EF423569702731E ] MarvinBus C:\windows\system32\DRIVERS\MarvinBus64.sys
17:00:54.0234 0x169c MarvinBus - ok
17:00:54.0265 0x169c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
17:00:54.0280 0x169c Mcx2Svc - ok
17:00:54.0311 0x169c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\windows\system32\DRIVERS\megasas.sys
17:00:54.0311 0x169c megasas - ok
17:00:54.0343 0x169c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
17:00:54.0358 0x169c MegaSR - ok
17:00:54.0389 0x169c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\windows\system32\mmcss.dll
17:00:54.0421 0x169c MMCSS - ok
17:00:54.0436 0x169c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\windows\system32\drivers\modem.sys
17:00:54.0489 0x169c Modem - ok
17:00:54.0502 0x169c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\windows\system32\DRIVERS\monitor.sys
17:00:54.0517 0x169c monitor - ok
17:00:54.0518 0x169c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
17:00:54.0534 0x169c mouclass - ok
17:00:54.0550 0x169c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
17:00:54.0565 0x169c mouhid - ok
17:00:54.0597 0x169c [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\windows\system32\drivers\mountmgr.sys
17:00:54.0612 0x169c mountmgr - ok
17:00:54.0659 0x169c [ 6439D1E559D08BD8A1465A8943357053, 0E300508C22D12FBA3BE566B722F574CBE1B4A1A305356B92B8EA8B86267071B ] MpFilter C:\windows\system32\DRIVERS\MpFilter.sys
17:00:54.0675 0x169c MpFilter - ok
17:00:54.0722 0x169c [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\windows\system32\drivers\mpio.sys
17:00:54.0737 0x169c mpio - ok
17:00:54.0753 0x169c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
17:00:54.0791 0x169c mpsdrv - ok
17:00:54.0898 0x169c [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\windows\system32\mpssvc.dll
17:00:54.0981 0x169c MpsSvc - ok
17:00:55.0012 0x169c [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
17:00:55.0028 0x169c MRxDAV - ok
17:00:55.0067 0x169c [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
17:00:55.0083 0x169c mrxsmb - ok
17:00:55.0098 0x169c [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
17:00:55.0126 0x169c mrxsmb10 - ok
17:00:55.0142 0x169c [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
17:00:55.0155 0x169c mrxsmb20 - ok
17:00:55.0180 0x169c [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\windows\system32\drivers\msahci.sys
17:00:55.0196 0x169c msahci - ok
17:00:55.0218 0x169c [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\windows\system32\drivers\msdsm.sys
17:00:55.0232 0x169c msdsm - ok
17:00:55.0259 0x169c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\windows\System32\msdtc.exe
17:00:55.0275 0x169c MSDTC - ok
17:00:55.0297 0x169c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\windows\system32\drivers\Msfs.sys
17:00:55.0328 0x169c Msfs - ok
17:00:55.0328 0x169c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
17:00:55.0359 0x169c mshidkmdf - ok
17:00:55.0407 0x169c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
17:00:55.0417 0x169c msisadrv - ok
17:00:55.0449 0x169c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\windows\system32\iscsiexe.dll
17:00:55.0480 0x169c MSiSCSI - ok
17:00:55.0480 0x169c msiserver - ok
17:00:55.0496 0x169c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
17:00:55.0527 0x169c MSKSSRV - ok
17:00:55.0590 0x169c [ F0D5494D8B177C37E16966262F5D0F68, DD63427DFFD9DD2BEC8336F6AD1BEFE347012331631DC5FEC65E83B1EACDBC67 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
17:00:55.0605 0x169c MsMpSvc - ok
17:00:55.0621 0x169c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
17:00:55.0652 0x169c MSPCLOCK - ok
17:00:55.0652 0x169c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\windows\system32\drivers\MSPQM.sys
17:00:55.0699 0x169c MSPQM - ok
17:00:55.0747 0x169c [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
17:00:55.0763 0x169c MsRPC - ok
17:00:55.0794 0x169c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
17:00:55.0809 0x169c mssmbios - ok
17:00:55.0825 0x169c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\windows\system32\drivers\MSTEE.sys
17:00:55.0856 0x169c MSTEE - ok
17:00:55.0856 0x169c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
17:00:55.0872 0x169c MTConfig - ok
17:00:55.0887 0x169c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\windows\system32\Drivers\mup.sys
17:00:55.0903 0x169c Mup - ok
17:00:55.0950 0x169c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\windows\system32\qagentRT.dll
17:00:55.0981 0x169c napagent - ok
17:00:56.0017 0x169c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
17:00:56.0031 0x169c NativeWifiP - ok
17:00:56.0078 0x169c [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\windows\system32\drivers\ndis.sys
17:00:56.0109 0x169c NDIS - ok
17:00:56.0140 0x169c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
17:00:56.0172 0x169c NdisCap - ok
17:00:56.0187 0x169c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
17:00:56.0218 0x169c NdisTapi - ok
17:00:56.0250 0x169c [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
17:00:56.0317 0x169c Ndisuio - ok
17:00:56.0362 0x169c [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
17:00:56.0409 0x169c NdisWan - ok
17:00:56.0456 0x169c [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
17:00:56.0501 0x169c NDProxy - ok
17:00:56.0517 0x169c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
17:00:56.0548 0x169c NetBIOS - ok
17:00:56.0595 0x169c [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
17:00:56.0631 0x169c NetBT - ok
17:00:56.0646 0x169c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\windows\system32\lsass.exe
17:00:56.0662 0x169c Netlogon - ok
17:00:56.0693 0x169c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\windows\System32\netman.dll
17:00:56.0724 0x169c Netman - ok
17:00:56.0802 0x169c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:00:56.0849 0x169c NetMsmqActivator - ok
17:00:56.0849 0x169c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:00:56.0865 0x169c NetPipeActivator - ok
17:00:56.0880 0x169c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\windows\System32\netprofm.dll
17:00:56.0934 0x169c netprofm - ok
17:00:56.0980 0x169c [ B72BB9496A126FCFC7FC5945DED9B411, FA5CC4E93761FB2B59B9B34C699B1486560BDB39280AB1125DE42DB7C4BE303A ] netr28x C:\windows\system32\DRIVERS\netr28x.sys
17:00:57.0011 0x169c netr28x - ok
17:00:57.0011 0x169c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:00:57.0027 0x169c NetTcpActivator - ok
17:00:57.0043 0x169c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:00:57.0060 0x169c NetTcpPortSharing - ok
17:00:57.0082 0x169c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
17:00:57.0097 0x169c nfrd960 - ok
17:00:57.0129 0x169c [ F9EEFFC65C68A45001D1349E652B8B6F, E5F223129416083A12A85D48C65B2C8D1BF1124110399938E144308C89F9241D ] NisDrv C:\windows\system32\DRIVERS\NisDrvWFP.sys
17:00:57.0144 0x169c NisDrv - ok
17:00:57.0160 0x169c [ 9690F420A99364C1E5C439914B0DE25C, 6C6E0B27C4255001FE5F1EAD911DE1A8BF922C405B0C8031A6BD253CEB1D02A6 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
17:00:57.0175 0x169c NisSrv - ok
17:00:57.0246 0x169c [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\windows\System32\nlasvc.dll
17:00:57.0277 0x169c NlaSvc - ok
17:00:57.0293 0x169c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\windows\system32\drivers\Npfs.sys
17:00:57.0324 0x169c Npfs - ok
17:00:57.0339 0x169c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\windows\system32\nsisvc.dll
17:00:57.0371 0x169c nsi - ok
17:00:57.0386 0x169c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
17:00:57.0417 0x169c nsiproxy - ok
17:00:57.0511 0x169c [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
17:00:57.0575 0x169c Ntfs - ok
17:00:57.0598 0x169c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\windows\system32\drivers\Null.sys
17:00:57.0630 0x169c Null - ok
17:00:57.0661 0x169c [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\windows\system32\drivers\nvraid.sys
17:00:57.0676 0x169c nvraid - ok
17:00:57.0692 0x169c [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\windows\system32\drivers\nvstor.sys
17:00:57.0708 0x169c nvstor - ok
17:00:57.0754 0x169c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\windows\system32\drivers\nv_agp.sys
17:00:57.0770 0x169c nv_agp - ok
17:00:57.0801 0x169c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
17:00:57.0827 0x169c ohci1394 - ok
17:00:57.0862 0x169c [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:00:57.0893 0x169c ose - ok
17:00:58.0136 0x169c [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:00:58.0266 0x169c osppsvc - ok
17:00:58.0297 0x169c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\windows\system32\pnrpsvc.dll
17:00:58.0328 0x169c p2pimsvc - ok
17:00:58.0344 0x169c [ 927463ECB02179F88E4B9A17568C63C3,