Klavesnica sama pise ;

Zpráva

#16 Příspěvek od **altrok** » 24 úno 2015 00:08

Postup kolegy Naughtyho:
Po stazeni http://www.xuetr.com/download/PCHunter_free.zip
(rezervni odkaz http://www.epoolsoft.com/pchunter/PCHunter_free.zip ),
rozbaleni, spusteni spravne verze dle operacniho systemu 32b vs 64b, prejdi do zalozky Examination, v ni zaskrkej vsechny volby, dej generovat, po skonceni generovani klik na exportovat - textak do raru a vloz do prispevku (neb bude dlouhy a nevesel by se).

Ulozte na plochu MBRScan - http://eric71.geekstogo.com/tools/MbrScan.exe

Spustte jej, vpravo nahore kliknete na Options a vsechno dooznacte
kliknete na Report
obsah prave otevreneho textaku mi vlozte do pristi odpovedi

Pak udelejte aktualni log z rkillu.

/e dneska koncim... zkuste jeste k PC pri zapnutem stavu pripojit externi klavesnici (at se spravne nainstaluje) a pocitac pak restartujte.

Walky · #17 Příspěvek od **Walky** » 24 úno 2015 09:50

Pri zapinani PChunter som dostal chybu "Vstupny bod procedury _except_handler4_common sa nepodarilo v dynamickej propojovane knihovne msvcrt.dll nalezt" ale potom sa spustil ked som klikol na OK.

MBR :

Kód: Vybrat vše

MBRScan v1.1.1

OS             : Windows XP Home Service Pack 3 (32 bit)
PROCESSOR      : x86 Family 6 Model 28 Stepping 2, GenuineIntel
BOOT           : Normal Boot
DATE           : 2015/02/24 (ISO 8601) at 09:52:24
________________________________________________________________________________

DISK           : Device\Harddisk0\DR0 __WDC WD1600BEVT-60ZCT1 (13.01A13)
BUS_TYPE       : (0x03)  P-ATA
USE_PIO        : YES
MAX_TRANSFER   : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________

Device\Harddisk0\DR0	149.1 Go  [Fixed] ==> Vista MBR Code

MBR_MD5   : D2C82CCBDF60745D34173BF45080366F
MBR_SHA1  : B75AF8A126437F1F67CDE38BAFFADE551D82C42E

Device\Harddisk0\Partition1	149.0 Go  	0x07 NTFS / HPFS __ BOOTABLE __
________________________________________________________________________________

############################### Additional scan ################################

DRIVER  : C:\Documents and Settings\anitka\Plocha\PCHunter_free\PCHunter_free\PCHunter32aj.sys => Invisible on the disk
ADDRESS : 0xA7E6F000
SIZE    : 832.0 Ko

Device\Harddisk0\DR0 => Vista MBR Code found in sector 2
SystemStartOptions : NOEXECUTE=OPTIN  FASTDETECT

________________________________________________________________________________

_______MBR   \Device\Harddisk0\DR0  

0x00000000   33 C0 8E D0 BC 00 7C 8E C0 8E D8 BE 00 7C BF 00   3À.Ð¼.|.À.Ø¾.|¿.
0x00000010   06 B9 00 02 FC F3 A4 50 68 1C 06 CB FB B9 04 00   .¹..üó¤Ph..Ëû¹..
0x00000020   BD BE 07 80 7E 00 00 7C 0B 0F 85 10 01 83 C5 10   ½¾..~..|......Å.
0x00000030   E2 F1 CD 18 88 56 00 55 C6 46 11 05 C6 46 10 00   âñÍ..V.UÆF..ÆF..
0x00000040   B4 41 BB AA 55 CD 13 5D 72 0F 81 FB 55 AA 75 09   ´A»ªUÍ.]r..ûUªu.
0x00000050   F7 C1 01 00 74 03 FE 46 10 66 60 80 7E 10 00 74   ÷Á..t.þF.f`.~..t
0x00000060   26 66 68 00 00 00 00 66 FF 76 08 68 00 00 68 00   &fh....f.v.h..h.
0x00000070   7C 68 01 00 68 10 00 B4 42 8A 56 00 8B F4 CD 13   |h..h..´B.V..ôÍ.
0x00000080   9F 83 C4 10 9E EB 14 B8 01 02 BB 00 7C 8A 56 00   ..Ä..ë.¸..».|.V.
0x00000090   8A 76 01 8A 4E 02 8A 6E 03 CD 13 66 61 73 1E FE   .v..N..n.Í.fas.þ
0x000000A0   4E 11 0F 85 0C 00 80 7E 00 80 0F 84 8A 00 B2 80   N......~......².
0x000000B0   EB 82 55 32 E4 8A 56 00 CD 13 5D EB 9C 81 3E FE   ë.U2ä.V.Í.]ë..>þ
0x000000C0   7D 55 AA 75 6E FF 76 00 E8 8A 00 0F 85 15 00 B0   }Uªun.v.è......°
0x000000D0   D1 E6 64 E8 7F 00 B0 DF E6 60 E8 78 00 B0 FF E6   Ñædè..°ßæ`èx.°.æ
0x000000E0   64 E8 71 00 B8 00 BB CD 1A 66 23 C0 75 3B 66 81   dèq.¸.»Í.f#Àu;f.
0x000000F0   FB 54 43 50 41 75 32 81 F9 02 01 72 2C 66 68 07   ûTCPAu2.ù..r,fh.
0x00000100   BB 00 00 66 68 00 02 00 00 66 68 08 00 00 00 66   »..fh....fh....f
0x00000110   53 66 53 66 55 66 68 00 00 00 00 66 68 00 7C 00   SfSfUfh....fh.|.
0x00000120   00 66 61 68 00 00 07 CD 1A 5A 32 F6 EA 00 7C 00   .fah...Í.Z2öê.|.
0x00000130   00 CD 18 A0 B7 07 EB 08 A0 B6 07 EB 03 A0 B5 07   .Í..·.ë..¶.ë..µ.
0x00000140   32 E4 05 00 07 8B F0 AC 3C 00 74 FC BB 07 00 B4   2ä....ð¬<.tü»..´
0x00000150   0E CD 10 EB F2 2B C9 E4 64 EB 00 24 02 E0 F8 24   .Í.ëò+Éädë.$.àø$
0x00000160   02 C3 49 6E 76 61 6C 69 64 20 70 61 72 74 69 74   .ÃInvalid partit
0x00000170   69 6F 6E 20 74 61 62 6C 65 00 45 72 72 6F 72 20   ion table.Error 
0x00000180   6C 6F 61 64 69 6E 67 20 6F 70 65 72 61 74 69 6E   loading operatin
0x00000190   67 20 73 79 73 74 65 6D 00 4D 69 73 73 69 6E 67   g system.Missing
0x000001A0   20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74 65    operating syste
0x000001B0   6D 00 00 00 00 62 7A 99 5A 5D 5A 5D 00 00 80 20   m....bz.Z]Z]... 
0x000001C0   21 00 07 FE FF FF 00 08 00 00 00 44 A1 12 00 00   !..þ.......D¡...
0x000001D0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª

__________________________16_BIT_ASM_CODE
   
0x0000    33c0            XOR AX, AX   
0x0002    8ed0            MOV SS, AX   
0x0004    bc 007c         MOV SP, 0x7c00   
0x0007    8ec0            MOV ES, AX   
0x0009    8ed8            MOV DS, AX   
0x000B    be 007c         MOV SI, 0x7c00   
0x000E    bf 0006         MOV DI, 0x600   
0x0011    b9 0002         MOV CX, 0x200   
0x0014    fc              CLD   
0x0015    f3 a4           REP MOVSB   
0x0017    50              PUSH AX   
0x0018    68 1c06         PUSH 0x61c   
0x001B    cb              RETF   
0x001C    fb              STI   
0x001D    b9 0400         MOV CX, 0x4   
0x0020    bd be07         MOV BP, 0x7be   
0x0023    807e 00 00      CMP BYTE [BP+0x0], 0x0   
0x0027    7c 0b           JL 0x34   
0x0029    0f85 1001       JNZ 0x13d   
0x002D    83c5 10         ADD BP, 0x10   
0x0030    e2 f1           LOOP 0x23   
0x0032    cd 18           INT 0x18   
0x0034    8856 00         MOV [BP+0x0], DL   
0x0037    55              PUSH BP   
0x0038    c646 11 05      MOV BYTE [BP+0x11], 0x5   
0x003C    c646 10 00      MOV BYTE [BP+0x10], 0x0   
0x0040    b4 41           MOV AH, 0x41   
0x0042    bb aa55         MOV BX, 0x55aa   
0x0045    cd 13           INT 0x13   
0x0047    5d              POP BP   
0x0048    72 0f           JB 0x59   
0x004A    81fb 55aa       CMP BX, 0xaa55   
0x004E    75 09           JNZ 0x59   
0x0050    f7c1 0100       TEST CX, 0x1   
0x0054    74 03           JZ 0x59   
0x0056    fe46 10         INC BYTE [BP+0x10]   
0x0059    66 60           PUSHAD   
0x005B    807e 10 00      CMP BYTE [BP+0x10], 0x0   
0x005F    74 26           JZ 0x87   
0x0061    66 68 00000000  PUSH 0x0   
0x0067    66 ff76 08      PUSH DWORD [BP+0x8]   
0x006B    68 0000         PUSH 0x0   
0x006E    68 007c         PUSH 0x7c00   
0x0071    68 0100         PUSH 0x1   
0x0074    68 1000         PUSH 0x10   
0x0077    b4 42           MOV AH, 0x42   
0x0079    8a56 00         MOV DL, [BP+0x0]   
0x007C    8bf4            MOV SI, SP   
0x007E    cd 13           INT 0x13   
0x0080    9f              LAHF   
0x0081    83c4 10         ADD SP, 0x10   
0x0084    9e              SAHF   
0x0085    eb 14           JMP 0x9b   
0x0087    b8 0102         MOV AX, 0x201   
0x008A    bb 007c         MOV BX, 0x7c00   
0x008D    8a56 00         MOV DL, [BP+0x0]   
0x0090    8a76 01         MOV DH, [BP+0x1]   
0x0093    8a4e 02         MOV CL, [BP+0x2]   
0x0096    8a6e 03         MOV CH, [BP+0x3]   
0x0099    cd 13           INT 0x13   
0x009B    66 61           POPAD   
0x009D    73 1e           JAE 0xbd   
0x009F    fe4e 11         DEC BYTE [BP+0x11]   
0x00A2    0f85 0c00       JNZ 0xb2   
0x00A6    807e 00 80      CMP BYTE [BP+0x0], 0x80   
0x00AA    0f84 8a00       JZ 0x138   
0x00AE    b2 80           MOV DL, 0x80   
0x00B0    eb 82           JMP 0x34   
0x00B2    55              PUSH BP   
0x00B3    32e4            XOR AH, AH   
0x00B5    8a56 00         MOV DL, [BP+0x0]   
0x00B8    cd 13           INT 0x13   
0x00BA    5d              POP BP   
0x00BB    eb 9c           JMP 0x59   
0x00BD    813e fe7d 55aa  CMP WORD [0x7dfe], 0xaa55   
0x00C3    75 6e           JNZ 0x133   
0x00C5    ff76 00         PUSH WORD [BP+0x0]   
0x00C8    e8 8a00         CALL 0x155   
0x00CB    0f85 1500       JNZ 0xe4   
0x00CF    b0 d1           MOV AL, 0xd1   
0x00D1    e6 64           OUT 0x64, AL   
0x00D3    e8 7f00         CALL 0x155   
0x00D6    b0 df           MOV AL, 0xdf   
0x00D8    e6 60           OUT 0x60, AL   
0x00DA    e8 7800         CALL 0x155   
0x00DD    b0 ff           MOV AL, 0xff   
0x00DF    e6 64           OUT 0x64, AL   
0x00E1    e8 7100         CALL 0x155   
0x00E4    b8 00bb         MOV AX, 0xbb00   
0x00E7    cd 1a           INT 0x1a   
0x00E9    66 23c0         AND EAX, EAX   
0x00EC    75 3b           JNZ 0x129   
0x00EE    66 81fb 54435041CMP EBX, 0x41504354   
0x00F5    75 32           JNZ 0x129   
0x00F7    81f9 0201       CMP CX, 0x102   
0x00FB    72 2c           JB 0x129   
0x00FD    66 68 07bb0000  PUSH 0xbb07   
0x0103    66 68 00020000  PUSH 0x200   
0x0109    66 68 08000000  PUSH 0x8   
0x010F    66 53           PUSH EBX   
0x0111    66 53           PUSH EBX   
0x0113    66 55           PUSH EBP   
0x0115    66 68 00000000  PUSH 0x0   
0x011B    66 68 007c0000  PUSH 0x7c00   
0x0121    66 61           POPAD   
0x0123    68 0000         PUSH 0x0   
0x0126    07              POP ES   
0x0127    cd 1a           INT 0x1a   
0x0129    5a              POP DX   
0x012A    32f6            XOR DH, DH   
0x012C    ea 007c 0000    JMP FAR 0x0:0x7c00   
0x0131    cd 18           INT 0x18   
0x0133    a0 b707         MOV AL, [0x7b7]   
0x0136    eb 08           JMP 0x140   
0x0138    a0 b607         MOV AL, [0x7b6]   
0x013B    eb 03           JMP 0x140   
0x013D    a0 b507         MOV AL, [0x7b5]   
0x0140    32e4            XOR AH, AH   
0x0142    05 0007         ADD AX, 0x700   
0x0145    8bf0            MOV SI, AX   
0x0147    ac              LODSB   
0x0148    3c 00           CMP AL, 0x0   
0x014A    74 fc           JZ 0x148   
0x014C    bb 0700         MOV BX, 0x7   
0x014F    b4 0e           MOV AH, 0xe   
0x0151    cd 10           INT 0x10   
0x0153    eb f2           JMP 0x147   
0x0155    2bc9            SUB CX, CX   
0x0157    e4 64           IN AL, 0x64   
0x0159    eb 00           JMP 0x15b   
0x015B    24 02           AND AL, 0x2   
0x015D    e0 f8           LOOPNZ 0x157   
0x015F    24 02           AND AL, 0x2   
0x0161    c3              RET   
0x0162    49              DEC CX   
0x0163    6e              OUTSB   
0x0164    76 61           JBE 0x1c7   
0x0166    6c              INSB   
0x0167    6964 20 7061    IMUL SP, [SI+0x20], 0x6170   
0x016C    72 74           JB 0x1e2   
0x016E    6974 69 6f6e    IMUL SI, [SI+0x69], 0x6e6f   
0x0173    2074 61         AND [SI+0x61], DH   
0x0176    626c 65         BOUND BP, [SI+0x65]   
0x0179    0045 72         ADD [DI+0x72], AL   
0x017C    72 6f           JB 0x1ed   
0x017E    72 20           JB 0x1a0   
0x0180    6c              INSB   
0x0181    6f              OUTSW   
0x0182    61              POPA   
0x0183    64 696e 67 206f IMUL BP, FS:[BP+0x67], 0x6f20   
0x0189    70 65           JO 0x1f0   
0x018B    72 61           JB 0x1ee   
0x018D    74 69           JZ 0x1f8   
0x018F    6e              OUTSB   
0x0190    67 2073 79      AND [EBX+0x79], DH   
0x0194    73 74           JAE 0x20a   
0x0196    65 6d           INS WORD GS:[DI], DX   
0x0198    004d 69         ADD [DI+0x69], CL   
0x019B    73 73           JAE 0x210   
0x019D    696e 67 206f    IMUL BP, [BP+0x67], 0x6f20   
0x01A2    70 65           JO 0x209   
0x01A4    72 61           JB 0x207   
0x01A6    74 69           JZ 0x211   
0x01A8    6e              OUTSB   
0x01A9    67 2073 79      AND [EBX+0x79], DH   
0x01AD    73 74           JAE 0x223   
0x01AF    65 6d           INS WORD GS:[DI], DX   
0x01B1    0000            ADD [BX+SI], AL   
0x01B3    0000            ADD [BX+SI], AL   
0x01B5    627a 99         BOUND DI, [BP+SI-0x67]   
0x01B8    5a              POP DX   
0x01B9    5d              POP BP   
0x01BA    5a              POP DX   
0x01BB    5d              POP BP   
0x01BC    0000            ADD [BX+SI], AL   
0x01BE    8020 21         AND BYTE [BX+SI], 0x21   
0x01C1    0007            ADD [BX], AL   
0x01C3    fe              DB 0xfe   
0x01C4    ff              DB 0xff   
0x01C5    ff00            INC WORD [BX+SI]   
0x01C7    0800            OR [BX+SI], AL   
0x01C9    0000            ADD [BX+SI], AL   
0x01CB    44              INC SP   
0x01CC    a1 1200         MOV AX, [0x12]   
0x01CF    0000            ADD [BX+SI], AL   
0x01D1    0000            ADD [BX+SI], AL   
0x01D3    0000            ADD [BX+SI], AL   
0x01D5    0000            ADD [BX+SI], AL   
0x01D7    0000            ADD [BX+SI], AL   
0x01D9    0000            ADD [BX+SI], AL   
0x01DB    0000            ADD [BX+SI], AL   
0x01DD    0000            ADD [BX+SI], AL   
0x01DF    0000            ADD [BX+SI], AL   
0x01E1    0000            ADD [BX+SI], AL   
0x01E3    0000            ADD [BX+SI], AL   
0x01E5    0000            ADD [BX+SI], AL   
0x01E7    0000            ADD [BX+SI], AL   
0x01E9    0000            ADD [BX+SI], AL   
0x01EB    0000            ADD [BX+SI], AL   
0x01ED    0000            ADD [BX+SI], AL   
0x01EF    0000            ADD [BX+SI], AL   
0x01F1    0000            ADD [BX+SI], AL   
0x01F3    0000            ADD [BX+SI], AL   
0x01F5    0000            ADD [BX+SI], AL   
0x01F7    0000            ADD [BX+SI], AL   
0x01F9    0000            ADD [BX+SI], AL   
0x01FB    0000            ADD [BX+SI], AL   
0x01FD    0055 aa         ADD [DI-0x56], DL

Walky · #18 Příspěvek od **Walky** » 24 úno 2015 09:57

Novy RKILL

Rkill 2.7.0 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2015 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 02/24/2015 09:54:54 AM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* System Restore Disabled

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = dword:00000001

Checking Windows Service Integrity:

* Služba obnovení systému (srservice) is not Running.
Startup Type set to: Automatic

* Ovladač filtru Obnovy systému (sr) is not Running.
Startup Type set to: Disabled

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 02/24/2015 09:56:42 AM
Execution time: 0 hours(s), 1 minute(s), and 47 seconds(s)

#19 Příspěvek od **altrok** » 24 úno 2015 12:35

Vyzkousejte pripojit externi klavesnici a sledujte, zda problem pretrvava.

Postup kolegy.

vyosek píše: Stahnete si TDSSKiller http://media.kaspersky.com/utilities/Vi ... killer.exe
Po spusteni odsouhlaste licencni podminky (klik na Accept)

Kliknete na volbu Change parametrs

V okne Additional Option zakliknete vsechny moznosti

Kliknete na OK

Utilite prikazte, at skenuje - klik na Start Scan

Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip

Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip

Pokud mate vsude Skip, kliknete na Continue

Na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt bude log - jeho obsah sem vlozte

Walky · #20 Příspěvek od **Walky** » 24 úno 2015 14:26

Po pripojeni externej klavesnice sa nic nezmenilo. Idem skusit TDSSKiller

Walky · #21 Příspěvek od **Walky** » 24 úno 2015 14:37

log

14:29:25.0421 0x0260 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
14:29:31.0343 0x0260 ============================================================
14:29:31.0343 0x0260 Current date / time: 2015/02/24 14:29:31.0343
14:29:31.0343 0x0260 SystemInfo:
14:29:31.0343 0x0260
14:29:31.0343 0x0260 OS Version: 5.1.2600 ServicePack: 3.0
14:29:31.0343 0x0260 Product type: Workstation
14:29:31.0343 0x0260 ComputerName: MINILAPTOP
14:29:31.0343 0x0260 UserName: anitka
14:29:31.0343 0x0260 Windows directory: C:\WINDOWS
14:29:31.0343 0x0260 System windows directory: C:\WINDOWS
14:29:31.0343 0x0260 Processor architecture: Intel x86
14:29:31.0343 0x0260 Number of processors: 2
14:29:31.0343 0x0260 Page size: 0x1000
14:29:31.0343 0x0260 Boot type: Normal boot
14:29:31.0343 0x0260 ============================================================
14:29:35.0453 0x0260 KLMD registered as C:\WINDOWS\system32\drivers\14870880.sys
14:29:36.0000 0x0260 System UUID: {E615DB88-D0BE-6A4C-F322-CC04AC838B3C}
14:29:37.0781 0x0260 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 ( 149.05 Gb ), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
14:29:37.0781 0x0260 ============================================================
14:29:37.0781 0x0260 \Device\Harddisk0\DR0:
14:29:37.0781 0x0260 MBR partitions:
14:29:37.0781 0x0260 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x12A14400
14:29:37.0781 0x0260 ============================================================
14:29:37.0843 0x0260 C: <-> \Device\Harddisk0\DR0\Partition1
14:29:37.0843 0x0260 ============================================================
14:29:37.0843 0x0260 Initialize success
14:29:37.0843 0x0260 ============================================================
14:30:14.0062 0x08a4 ============================================================
14:30:14.0062 0x08a4 Scan started
14:30:14.0062 0x08a4 Mode: Manual; SigCheck; TDLFS;
14:30:14.0062 0x08a4 ============================================================
14:30:14.0062 0x08a4 KSN ping started
14:30:27.0859 0x08a4 KSN ping finished: true
14:30:28.0703 0x08a4 ================ Scan system memory ========================
14:30:28.0718 0x08a4 System memory - ok
14:30:28.0718 0x08a4 ================ Scan services =============================
14:30:28.0906 0x08a4 [ D0091301536E1D630AA10121001B89BE, 0267C7F556184ACB5B481CEA1A4EDAB37E6BE536A38610353D64453F427458C6 ] 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269 C:\Program Files\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe
14:30:29.0562 0x08a4 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269 - ok
14:30:29.0812 0x08a4 Abiosdsk - ok
14:30:29.0875 0x08a4 [ 6ABB91494FE6C59089B9336452AB2EA3, FA28396820E44F991891042E051A4414485B54D456F252E03E3FFE1B4B4CF843 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
14:30:33.0890 0x08a4 abp480n5 - ok
14:30:33.0984 0x08a4 [ 4FE34F1F3126B61FCC6B2043AA8112C9, DE370865E47A5D2A4B227EEFFB42384F67F08D622BF936A9C9CEF70CC47F324B ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:30:34.0343 0x08a4 ACPI - ok
14:30:34.0343 0x08a4 [ AFDFF022A01F0B11C776F0860C3B282F, 135E5257B62D921B76271014301E9EA1E2383D5DBB04E475DC3A7EFFD2561F56 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
14:30:34.0656 0x08a4 ACPIEC - ok
14:30:34.0828 0x08a4 [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
14:30:34.0968 0x08a4 AdobeFlashPlayerUpdateSvc - ok
14:30:35.0015 0x08a4 [ 9A11864873DA202C996558B2106B0BBC, 4C68F1DBD1541291DD0FAB78DB42B25FA051CD9F55ED869173E3219CD31500C4 ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
14:30:35.0328 0x08a4 adpu160m - ok
14:30:35.0390 0x08a4 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
14:30:35.0671 0x08a4 aec - ok
14:30:35.0734 0x08a4 [ F0F8212D86EF2BFDD5AD01F6AB7B017C, 013B9B6B1910EBC8539FC57F234143035C4D542F790340AA7AEDA35AB4D675F6 ] AESTAud C:\WINDOWS\system32\drivers\AESTAud.sys
14:30:35.0859 0x08a4 AESTAud - ok
14:30:35.0921 0x08a4 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
14:30:36.0031 0x08a4 AFD - ok
14:30:36.0078 0x08a4 [ 08FD04AA961BDC77FB983F328334E3D7, A784EC8A9EDB579262366B5A9AB177DB7BEC0A421BDE85431D0AD4959D5AF5E7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
14:30:36.0312 0x08a4 agp440 - ok
14:30:36.0375 0x08a4 [ 03A7E0922ACFE1B07D5DB2EEB0773063, 93EEA872A5642C95FF19C81F8EFFB9B52742A14DBF138784F0F713AD18C413ED ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
14:30:36.0656 0x08a4 agpCPQ - ok
14:30:36.0687 0x08a4 [ C23EA9B5F46C7F7910DB3EAB648FF013, 92C84E9AF278A3B55D56C4F8E6C10E3EF1F7B336A44A018AED6DC51A46671F0B ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
14:30:36.0859 0x08a4 Aha154x - ok
14:30:36.0890 0x08a4 [ 19DD0FB48B0C18892F70E2E7D61A1529, 95BA1568E8E08314508CA0E1F95555891E70399AEC312C793B46A841F56FFDCF ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
14:30:37.0140 0x08a4 aic78u2 - ok
14:30:37.0187 0x08a4 [ B7FE594A7468AA0132DEB03FB8E34326, BF0DC2B8C474DB151589BA9968264413521DDD9E7316B752B2FA40C24200FBE0 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
14:30:37.0437 0x08a4 aic78xx - ok
14:30:37.0468 0x08a4 [ E0A6FA244B8624D78FE5FF6F56A33BAE, 26B828FDB03AE4A4F1DC7A1792F9BAD69CF947897D47F5E567F24F4B6D5CB541 ] Alerter C:\WINDOWS\system32\alrsvc.dll
14:30:37.0765 0x08a4 Alerter - ok
14:30:37.0812 0x08a4 [ 88842DE939A827577BF24243699AC80A, A49C9A6A9941F3A2FBBCFE1F6DB48B632739D00670AC98ECCCBC7FD9E786B21A ] ALG C:\WINDOWS\System32\alg.exe
14:30:37.0921 0x08a4 ALG - ok
14:30:37.0953 0x08a4 [ 1140AB9938809700B46BB88E46D72A96, 369379ECC5941ACE984A7F31EAABB66A2E693EDBADA639B86D26FD681D45608E ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
14:30:38.0218 0x08a4 AliIde - ok
14:30:38.0250 0x08a4 [ CB08AED0DE2DD889A8A820CD8082D83C, B1A9D493390AEDF6EFF8BCAA3B33EC31758452AB497C34C0728CDDA1D8DCBF2A ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
14:30:38.0531 0x08a4 alim1541 - ok
14:30:38.0562 0x08a4 [ 95B4FB835E28AA1336CEEB07FD5B9398, 36CD3B14EF78B01FB653B78187FAA63C4DD5F4137AC3B91D81256A350EEDCBC1 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
14:30:38.0843 0x08a4 amdagp - ok
14:30:38.0875 0x08a4 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6, 9B179F0B6A559639D3AE3975CEBF2718294BE5743517BEE06586F0D258164C81 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
14:30:39.0031 0x08a4 amsint - ok
14:30:39.0031 0x08a4 AppMgmt - ok
14:30:39.0078 0x08a4 [ B5B8A80875C1DEDEDA8B02765642C32F, AD0C71D73B1B8225351FBF4FFB43001A32B4DAE69504C59970CD2428BB33D4EF ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
14:30:39.0453 0x08a4 Arp1394 - ok
14:30:39.0531 0x08a4 [ 62D318E9A0C8FC9B780008E724283707, 1A69806AB2BDECCEB5EB23A80700B3F98983D5D67F78839CBF269087FA460757 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
14:30:39.0968 0x08a4 asc - ok
14:30:40.0015 0x08a4 [ 69EB0CC7714B32896CCBFD5EDCBEA447, 1CB506B5F71F84EFD26961010681D0A79AA7B266573378E3D2755125DF5D6BB6 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
14:30:40.0234 0x08a4 asc3350p - ok
14:30:40.0265 0x08a4 [ 5D8DE112AA0254B907861E9E9C31D597, 557C93E82A71131D226267151C84B197503831A16263DDFE040E996B605CA9E8 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
14:30:40.0703 0x08a4 asc3550 - ok
14:30:40.0843 0x08a4 [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
14:30:40.0953 0x08a4 aspnet_state - ok
14:30:40.0984 0x08a4 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:30:41.0375 0x08a4 AsyncMac - ok
14:30:41.0437 0x08a4 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
14:30:41.0859 0x08a4 atapi - ok
14:30:41.0906 0x08a4 Atdisk - ok
14:30:41.0937 0x08a4 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:30:42.0343 0x08a4 Atmarpc - ok
14:30:42.0406 0x08a4 [ DE31B88962A8645DBA5A37B993E7B0F1, CA93F25A3FD0CE68BB9B8E3AB6B813BF38DE3EDDFC990291B3957FAA59B2B274 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
14:30:42.0859 0x08a4 AudioSrv - ok
14:30:42.0906 0x08a4 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
14:30:43.0328 0x08a4 audstub - ok
14:30:43.0562 0x08a4 [ 10CF810CBC0B7090C436BB15496B3328, ABD3B951836183C23B8CA30D82C7FD85E69E98379C6FEA81F8A9EAA9FEE484BC ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
14:30:43.0953 0x08a4 BCM43XX - ok
14:30:44.0000 0x08a4 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
14:30:44.0484 0x08a4 Beep - ok
14:30:44.0625 0x08a4 [ 19395D092FD85DDC2D9C7729CF5A2AC8, 7640F36BA19698EE8A6257BF78A8C57DD9D734BED9CA6BB9B68603BAEA092412 ] BITS C:\WINDOWS\system32\qmgr.dll
14:30:45.0187 0x08a4 BITS - ok
14:30:45.0328 0x08a4 [ 73BAA2AB3666CCFF2CBC7BE23B08F60D, 7C0A0194AE2EAE6F905DAE49CA8F9E8A7520C80FA699EF61B28F0390822D68E6 ] BOTService C:\Program Files\Roxio\BackOnTrack\Instant Restore\BOTService.exe
14:30:45.0390 0x08a4 BOTService - ok
14:30:45.0437 0x08a4 [ 89E739BBA5F636297EA5B5F811189E06, 151B32B12F5DD0D388134DA2471FE9741CF22B9C408DA58FEF8019D3C4EC836B ] Browser C:\WINDOWS\System32\browser.dll
14:30:45.0656 0x08a4 Browser - ok
14:30:45.0843 0x08a4 [ 768CC827A2EE09F39908B3B25555814B, 81E6928D5B316DD3983088A00F68D568D221E505CD9B109616268715EF7E4621 ] btkrnl C:\WINDOWS\system32\DRIVERS\btkrnl.sys
14:30:46.0203 0x08a4 btkrnl - ok
14:30:46.0312 0x08a4 [ DCEB2FD46331D021EA8D90E8C21944BF, 7C483D6FBE339F330BFD804F267586CBF8372E81FB2E1A8F0DACCD238E9CCC01 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
14:30:46.0562 0x08a4 btwdins - ok
14:30:46.0609 0x08a4 [ FAC7E5965162C70D184DFE92B4BCBD1B, 429C13BA22B73750131ED44CD8907B2785B2AC14501597D631FF831474891AF9 ] BTWUSB C:\WINDOWS\system32\Drivers\btwusb.sys
14:30:46.0703 0x08a4 BTWUSB - ok
14:30:46.0718 0x08a4 catchme - ok
14:30:46.0765 0x08a4 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
14:30:47.0109 0x08a4 cbidf - ok
14:30:47.0125 0x08a4 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
14:30:47.0375 0x08a4 cbidf2k - ok
14:30:47.0437 0x08a4 [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
14:30:47.0796 0x08a4 CCDECODE - ok
14:30:47.0812 0x08a4 [ F3EC03299634490E97BBCE94CD2954C7, CDC85ADA27E0D501581CE6F28D7E1941E90411FA8E8F2C43A68BAA8CB78E85DD ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
14:30:48.0046 0x08a4 cd20xrnt - ok
14:30:48.0078 0x08a4 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
14:30:48.0421 0x08a4 Cdaudio - ok
14:30:48.0484 0x08a4 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
14:30:48.0843 0x08a4 Cdfs - ok
14:30:48.0937 0x08a4 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:30:49.0281 0x08a4 Cdrom - ok
14:30:49.0281 0x08a4 Changer - ok
14:30:49.0328 0x08a4 [ E390DC1D7C461D7D56EC53402F329928, FB37F84E71353CD83FCDDD39C898C6D84C05130C5F1BEF022E3DFDE160398C0E ] CiSvc C:\WINDOWS\system32\cisvc.exe
14:30:49.0734 0x08a4 CiSvc - ok
14:30:49.0765 0x08a4 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA, 1725067BC759484A7185A4F1A44ED3CBE481529D187FE98EF279425B79177EB1 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
14:30:50.0203 0x08a4 ClipSrv - ok
14:30:50.0281 0x08a4 [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:30:50.0484 0x08a4 clr_optimization_v2.0.50727_32 - ok
14:30:50.0515 0x08a4 [ 0F6C187D38D98F8DF904589A5F94D411, DB987093446216CEE913AC27503BF7E23E5A62DF169B355730285DAB64F6ED28 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
14:30:50.0906 0x08a4 CmBatt - ok
14:30:50.0968 0x08a4 [ 964D0F042ACA51D5644779EB9D9EE40F, C82294A8EE961231B7DAFB7E7998E53D1857B7E4B2F8B98EAE1FB496A73E181F ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
14:30:51.0265 0x08a4 CmdIde - ok
14:30:51.0296 0x08a4 [ 6E4C9F21F0FAE8940661144F41B13203, 731202A0DD021FCF9287FEA631212603AAAC23F9E7F76B2882F913B18A971F1C ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
14:30:51.0546 0x08a4 Compbatt - ok
14:30:51.0546 0x08a4 COMSysApp - ok
14:30:51.0625 0x08a4 [ 3EE529119EED34CD212A215E8C40D4B6, A6B71F3D4EE7358CA85F010E6271A6B72226D25DF30ED331DA830639ED3E9903 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
14:30:51.0968 0x08a4 Cpqarray - ok
14:30:52.0093 0x08a4 [ F3AB0933CBD166D271992F411C27CCAF, 50E01F3B058F814BE914FA5050B2D972E8584A467719A5ABCF9D9EBD596A54A7 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
14:30:52.0375 0x08a4 CryptSvc - ok
14:30:52.0421 0x08a4 [ E550E7418984B65A78299D248F0A7F36, 52F6BD1027E91F9A90AFAB82C7F2A0314B7E55262F5293D5F9F8F12135EDD88C ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
14:30:52.0734 0x08a4 dac2w2k - ok
14:30:52.0750 0x08a4 [ 683789CAA3864EB46125AE86FF677D34, B725D026E069AD253192E21245260CBA44EF3C72781616A2CAD0BF0E2D86D510 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
14:30:53.0015 0x08a4 dac960nt - ok
14:30:53.0093 0x08a4 [ BE27674D1CBC3214AEC84B4336A38BBF, 3DF5F9A9E97595A61314B2731DF4F3D3C19D1B9D2291624A63B8E1861FFC2D76 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
14:30:53.0250 0x08a4 DcomLaunch - ok
14:30:53.0312 0x08a4 [ 8C9A53E285AC5E6704844D0459EC85BE, 9E86AF4C06CEC007C9B1590B6E056319603E4D79BED0C2471C6F1BC251B380CF ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
14:30:53.0593 0x08a4 Dhcp - ok
14:30:53.0640 0x08a4 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
14:30:53.0968 0x08a4 Disk - ok
14:30:53.0984 0x08a4 dmadmin - ok
14:30:54.0109 0x08a4 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C, 46074FBBC5E4A40A7B3A45636089DEDD2A619778C7DCD797571C2BB64D775F7E ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
14:30:54.0531 0x08a4 dmboot - ok
14:30:54.0593 0x08a4 [ FFF1720AF51171F32F1EAD5CF71F2810, 2E40D63DC7670C1E88A532DB8923A98ABC8481C351C4D915C2753E10BA77F36D ] dmio C:\WINDOWS\system32\drivers\dmio.sys
14:30:54.0859 0x08a4 dmio - ok
14:30:54.0906 0x08a4 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
14:30:55.0156 0x08a4 dmload - ok
14:30:55.0218 0x08a4 [ 2BFEFE9E865655A76982F050450B9591, 15C7D093D638770519AA43E7D8897310F32AB1F217027F5750D799494A985C35 ] dmserver C:\WINDOWS\System32\dmserver.dll
14:30:55.0515 0x08a4 dmserver - ok
14:30:55.0593 0x08a4 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
14:30:55.0875 0x08a4 DMusic - ok
14:30:55.0921 0x08a4 [ DFAA406BF19F4EE806A6F8D4342137F7, EE2C11B3E37565FC009E323607B2F5F148F9219012EDF848CEFC1B273DAA98A9 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
14:30:56.0125 0x08a4 Dnscache - ok
14:30:56.0156 0x08a4 [ 4A3E2BD20157A0946751229E92EB8621, D8C00CC2C18C517F7262EBC3C511C062E5ABA797056AEB22AC5DEB306BA8C526 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
14:30:56.0453 0x08a4 Dot3svc - ok
14:30:56.0484 0x08a4 [ 40F3B93B4E5B0126F2F5C0A7A5E22660, 8AFFF28903037F5E36BB5352F2B236A217558FCC0146B23C787606C3F21243DB ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
14:30:56.0734 0x08a4 dpti2o - ok
14:30:56.0750 0x08a4 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
14:30:57.0000 0x08a4 drmkaud - ok
14:30:57.0031 0x08a4 [ 651554E483712B708EDE864D0CA1AA73, A016C03D630A2FF7FC44B826DEA890F5AC09DD270588CEAD05F63A5A0AC79249 ] DrvAgent32 C:\WINDOWS\system32\Drivers\DrvAgent32.sys
14:30:57.0187 0x08a4 DrvAgent32 - detected UnsignedFile.Multi.Generic ( 1 )
14:30:59.0750 0x08a4 Detect skipped due to KSN trusted
14:30:59.0750 0x08a4 DrvAgent32 - ok
14:30:59.0843 0x08a4 [ BA3BB79C859292C3FF2A21B05E64696F, DA68454E4AE222333C27CC7A1B70DF510C8BEA572812D02A041822229ACD1B99 ] eamon C:\WINDOWS\system32\DRIVERS\eamon.sys
14:31:00.0015 0x08a4 eamon - ok
14:31:00.0062 0x08a4 [ 0887D9C2BE8D940778CAD1E3B85F2A41, 2E30DC06D46A5E174B7CAA2D70BDB697015495942572E90425E2EE7AC541BCF4 ] EapHost C:\WINDOWS\System32\eapsvc.dll
14:31:00.0359 0x08a4 EapHost - ok
14:31:00.0406 0x08a4 [ 3C747A0D8CE29720302972AC6ED09733, 9ECB4D824C254A8AE1D8EB8AE8F06498E243E013BA6989EFC326F5B2BA010F08 ] ehdrv C:\WINDOWS\system32\DRIVERS\ehdrv.sys
14:31:00.0484 0x08a4 ehdrv - ok
14:31:00.0609 0x08a4 [ 679AD4AFCAF9520CC5607D204AE27CCE, FDF11CD24B024BAA6BF2F75C0E179A45288E5A2F1078260E2C5D845C2FD94482 ] EhttpSrv C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
14:31:00.0781 0x08a4 EhttpSrv - ok
14:31:00.0906 0x08a4 [ 82A0EE1F5CCC82CC5453D24FF186E9B0, A538767076423D871FE950CAE7BEA6F9FF4218E5C7231078EA3BE8605FAA6FED ] ekrn C:\Program Files\ESET\ESET Smart Security\ekrn.exe
14:31:01.0296 0x08a4 ekrn - ok
14:31:01.0343 0x08a4 [ 44996A2ADDD2DB7454F2CA40B67D8941, 94BA62E95147B84CF6C564156824D8939F0F67EBBB5B87C70BAE3B1CA284DC8F ] ElbyCDIO C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
14:31:01.0421 0x08a4 ElbyCDIO - ok
14:31:01.0453 0x08a4 [ 5680E2C38BA53693D724B796E67E8261, F60D809290B163B081CD32E9CE438131D1EE504840E39771E0484E0FE0251349 ] epfw C:\WINDOWS\system32\DRIVERS\epfw.sys
14:31:01.0531 0x08a4 epfw - ok
14:31:01.0593 0x08a4 [ D9585E144C31D409E28B205253459C3A, 0FB8AAC3EBDA20AC2B9395B0A5A0169347C2287F1E6BD3480FBB3214D415552A ] Epfwndis C:\WINDOWS\system32\DRIVERS\Epfwndis.sys
14:31:01.0656 0x08a4 Epfwndis - ok
14:31:01.0671 0x08a4 [ 8C50EEDC21C5E962A52D3F788129A64B, 7968F9C90AEAEFF555092BF6AE22FB5D6A8ABEAE582932DA3C039FC85AEBA01F ] epfwtdi C:\WINDOWS\system32\DRIVERS\epfwtdi.sys
14:31:01.0734 0x08a4 epfwtdi - ok
14:31:01.0796 0x08a4 [ A2A4912798F2BE706ABADD3D30800D16, CCCCA389D22525D984DE9B59E4CEBE0EEEF315F725176EB5C4DC1A5B6157234A ] ERSvc C:\WINDOWS\System32\ersvc.dll
14:31:02.0093 0x08a4 ERSvc - ok
14:31:02.0156 0x08a4 [ 9EF697AF07BB8DD82C3B02CA953A95B7, F26033E660B8FF1BDB9E88CDA205CE128C03138AF6BEC05DB3CF2D95C16D86C6 ] Eventlog C:\WINDOWS\system32\services.exe
14:31:02.0234 0x08a4 Eventlog - ok
14:31:02.0296 0x08a4 [ A371F11EF07653591C8DE26AFB13CE7F, 1192EDC8B146F1C27E8CD7E126DDC044F8B368C2E891A90CD81620D48C9550B6 ] EventSystem C:\WINDOWS\system32\es.dll
14:31:02.0406 0x08a4 EventSystem - ok
14:31:02.0453 0x08a4 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
14:31:02.0703 0x08a4 Fastfat - ok
14:31:02.0765 0x08a4 [ EE9A2B9EA968A792A053C9D1A86BF870, 39798179F2EA42216CBE98F08ADA3675A87BD0C31A66534367B96CB129AF36BA ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
14:31:02.0968 0x08a4 FastUserSwitchingCompatibility - ok
14:31:03.0015 0x08a4 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
14:31:03.0281 0x08a4 Fdc - ok
14:31:03.0296 0x08a4 [ AC366695A0796560AA37215AD5762AAF, 6ADC7443EA42D77199D4879AF3C33A07914116C69A34B895D8CB8444EE50077F ] Fips C:\WINDOWS\system32\drivers\Fips.sys
14:31:03.0562 0x08a4 Fips - ok
14:31:03.0562 0x08a4 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
14:31:03.0812 0x08a4 Flpydisk - ok
14:31:03.0828 0x08a4 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
14:31:04.0078 0x08a4 FltMgr - ok
14:31:04.0171 0x08a4 [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
14:31:04.0203 0x08a4 FontCache3.0.0.0 - ok
14:31:04.0234 0x08a4 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:31:04.0484 0x08a4 Fs_Rec - ok
14:31:04.0500 0x08a4 [ 4E664D8541DB4A66B73A24257E322E1F, 17A2140AFE2B41E579FCCAFB82532853AD90A6EDBCB13DE80741DAE0AD5B4CC9 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:31:04.0781 0x08a4 Ftdisk - ok
14:31:04.0812 0x08a4 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:31:05.0078 0x08a4 Gpc - ok
14:31:05.0125 0x08a4 [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
14:31:05.0375 0x08a4 HDAudBus - ok
14:31:05.0484 0x08a4 [ FCFE31FB75F8A6295B6B0AF87A626282, 6BA385797DBC73EB29EFE3293B80C21B1B8A1E9B87A462476E73C526C9565E5F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
14:31:05.0781 0x08a4 helpsvc - ok
14:31:05.0828 0x08a4 [ 00E25EE90166B3E1BE6E74AEBF858306, 92C2F020EF14DE3B4F09E2C5DFF3D2F35D8C50F6D0188F9CEEFE3B6075602EFE ] HidServ C:\WINDOWS\System32\hidserv.dll
14:31:06.0156 0x08a4 HidServ - ok
14:31:06.0203 0x08a4 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:31:06.0437 0x08a4 HidUsb - ok
14:31:06.0500 0x08a4 [ 7A6B320928F86BC851530D63C82965D9, 1F628759D31098DFBC05244735B5A62ACD8E45DBC5C9D236260D68EB8F1E28F5 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
14:31:06.0734 0x08a4 hkmsvc - ok
14:31:06.0781 0x08a4 [ B028377DEA0546A5FCFBA928A8AEFAE0, FD7B34A6036AD443014B16394A5F051A298CEE4276D50525FB9F15A0D2684C8B ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
14:31:07.0031 0x08a4 hpn - ok
14:31:07.0156 0x08a4 [ 1665C7121A026DF10C903DB9BC5E9D43, D96189406774842923BC420C4AF33FA81C83B815E14CE7C444F9CCF545971B7E ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
14:31:07.0187 0x08a4 hpqwmiex - ok
14:31:07.0281 0x08a4 [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
14:31:07.0390 0x08a4 HTTP - ok
14:31:07.0437 0x08a4 [ 58FE2F2DA3BC5573F4A35B3760D3125F, B241ACCE426402EC64DC34C49CECB8CDC0851986D54BFCCED7040D6C43F5787A ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
14:31:07.0734 0x08a4 HTTPFilter - ok
14:31:07.0750 0x08a4 hwdatacard - ok
14:31:07.0812 0x08a4 [ 9368670BD426EBEA5E8B18A62416EC28, 0ED865F8FB79F0B6309521925280E8640DB5CA6F75377434830536899734B6EE ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
14:31:08.0093 0x08a4 i2omgmt - ok
14:31:08.0125 0x08a4 [ F10863BF1CCC290BABD1A09188AE49E0, BC038EAE6C8A76D56A5AD27035DC0369D6E766711E9FAA7467144370851F1615 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
14:31:08.0390 0x08a4 i2omp - ok
14:31:08.0437 0x08a4 [ C528E27945367191E7BAE364930B6932, 1B95C7B49B4CAE734DC6C9EC22555C5356EEC856B8491C761C777479264CF854 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
14:31:08.0734 0x08a4 i8042prt - ok
14:31:09.0250 0x08a4 [ 48846B31BE5A4FA662CCFDE7A1BA86B9, BC653F3ADAD70E766484986F196D4045D2CC6D92E5D827907E734254EE489A33 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
14:31:10.0578 0x08a4 ialm - ok
14:31:10.0656 0x08a4 [ 8EF427C54497C5F8A7A645990E4278C7, 3890391A489DAAFE155345C2E16BE17DF1E3E23DEE73EE849A7F96132AE65417 ] iaStor C:\WINDOWS\system32\drivers\iaStor.sys
14:31:10.0812 0x08a4 iaStor - ok
14:31:10.0953 0x08a4 [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
14:31:10.0984 0x08a4 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
14:31:13.0765 0x08a4 Detect skipped due to KSN trusted
14:31:13.0765 0x08a4 IDriverT - ok
14:31:13.0968 0x08a4 [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:31:14.0250 0x08a4 idsvc - ok
14:31:14.0296 0x08a4 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
14:31:14.0625 0x08a4 Imapi - ok
14:31:14.0687 0x08a4 [ F7B93AAFAD33B2320954C17E26C8D361, 8CFDB11A68B59E195F280BE08B25FA59F1F70833832919B8BECCE17616999934 ] ImapiService C:\WINDOWS\system32\imapi.exe
14:31:14.0937 0x08a4 ImapiService - ok
14:31:14.0968 0x08a4 [ 4A40E045FAEE58631FD8D91AFC620719, 7A2FD81BD483821B3DA01B1CD7215423EDD719CBE3862C0342FF7D21A17AF437 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
14:31:15.0234 0x08a4 ini910u - ok
14:31:15.0359 0x08a4 [ 57D928E548B38502ABBA7A77A6EB7312, AD26B8096D918269BD7D9D454BB93850BCE595CE9E2A396F45777E7312396B33 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
14:31:15.0625 0x08a4 IntelIde - ok
14:31:15.0671 0x08a4 [ 27B290D632AF2CF3CF40BFDDB7370985, 2C266777B4A96706658B8C9A7B30D15D6E495C815FAE23A0A1FC747E9B5AE363 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
14:31:15.0921 0x08a4 intelppm - ok
14:31:15.0953 0x08a4 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
14:31:16.0171 0x08a4 Ip6Fw - ok
14:31:16.0218 0x08a4 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:31:16.0437 0x08a4 IpFilterDriver - ok
14:31:16.0468 0x08a4 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:31:16.0703 0x08a4 IpInIp - ok
14:31:16.0750 0x08a4 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:31:16.0984 0x08a4 IpNat - ok
14:31:17.0015 0x08a4 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:31:17.0296 0x08a4 IPSec - ok
14:31:17.0312 0x08a4 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
14:31:17.0468 0x08a4 IRENUM - ok
14:31:17.0500 0x08a4 [ CC9F8A2D60AED1A51A3AC34C59B987AE, CBF69817BE3D9A4617390B1A3306074CB8581F21562CD1357D32BC3E542F3CEE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:31:17.0750 0x08a4 isapnp - ok
14:31:17.0796 0x08a4 [ 1B6162FE7F66B1A71A4B70F941C4AA9B, C2EA494BAB0513A6027414FB1E75834F980A77852D0DC8559E8942FC222A075A ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:31:18.0078 0x08a4 Kbdclass - ok
14:31:18.0093 0x08a4 [ 86C8F23616C6C6E5B2776901C17B945B, 211B63FC405A2DDB126D204D61E779D66C7211882CC0374521926C633E180B91 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
14:31:18.0359 0x08a4 kbdhid - ok
14:31:18.0406 0x08a4 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
14:31:18.0640 0x08a4 kmixer - ok
14:31:18.0671 0x08a4 [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
14:31:18.0843 0x08a4 KSecDD - ok
14:31:18.0859 0x08a4 [ 6C8658587E91EA25B0FD2E71781AD228, EFD9D5E73264175C7E598D8B2DB2CE44A70A0D8B18290338E4FBDE585AA607AF ] L1c C:\WINDOWS\system32\DRIVERS\l1c51x86.sys
14:31:18.0937 0x08a4 L1c - ok
14:31:19.0000 0x08a4 [ 3428E8F86F8ADD36B42FB23542C7B3E4, 9CF643D1A70AF08407ACD5FD6FE4B8777521DDF41B5E63C2E6E1E4CAAC69A403 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
14:31:19.0140 0x08a4 LanmanServer - ok
14:31:19.0203 0x08a4 [ 936C1D110232D23B621CB0196E4F80F0, 2DE3AF93E20F1DC7A6FF31B18054EA4D2350387E4DA91C4B16D451384F0C57E2 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
14:31:19.0359 0x08a4 lanmanworkstation - ok
14:31:19.0375 0x08a4 lbrtfdc - ok
14:31:19.0453 0x08a4 [ 0AB159F536E3E8F7F07113702A07CCA5, 3218C553183E6697C663B6D12790E09756B50505590858DD5AC62411D37CDD7C ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
14:31:19.0875 0x08a4 LmHosts - ok
14:31:19.0953 0x08a4 [ 221CD1C815B8A6B79389C3F5D1018DE8, 6D0D25D6669C4F9452F74EC72C6138A41D9408E01AF5FD01C08F27BE7BC9C905 ] Messenger C:\WINDOWS\System32\msgsvc.dll
14:31:20.0234 0x08a4 Messenger - ok
14:31:20.0281 0x08a4 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
14:31:20.0562 0x08a4 mnmdd - ok
14:31:20.0609 0x08a4 [ 9A57D046F88F4B69751B11FD40088A61, 62F65433024CE411F111A88723747B8A83B31076FBAF4CFF40FD02A53D7FF7DF ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
14:31:20.0890 0x08a4 mnmsrvc - ok
14:31:20.0906 0x08a4 [ 44032B0C6D9954D3FD26438330B99EE7, A49749A4C00D50F57170AA5DA9E2DEECC8C524A48B144C8B784894F2C202FBEE ] Modem C:\WINDOWS\system32\drivers\Modem.sys
14:31:21.0187 0x08a4 Modem - ok
14:31:21.0250 0x08a4 [ 4CB582831DBDE63CE43B45D771218374, 6D470B26197C5B388983D9213D48D2CDE934C9591572876DC7790FE4B59E0845 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:31:21.0531 0x08a4 Mouclass - ok
14:31:21.0578 0x08a4 [ BB269EBA740737AB749B214D568B6812, ABF41D9B521EBBE674E76981CAD31F8FD05976DE7070266C3956FDB67C83C4C2 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:31:21.0828 0x08a4 mouhid - ok
14:31:21.0859 0x08a4 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
14:31:22.0078 0x08a4 MountMgr - ok
14:31:22.0156 0x08a4 [ 345477F02C308B7480702767218C86A2, 98AFB5CF35BD82BA44B8F52CBC5FA3760506ADD7892C2AA1A77E8DF71FC8523F ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
14:31:22.0281 0x08a4 MozillaMaintenance - ok
14:31:22.0296 0x08a4 [ 3F4BB95E5A44F3BE34824E8E7CAF0737, 9A4F9E63AA55B779AF3563C66C8E40D9C42FF3BB5F533F70905ADC7A44EA7DAD ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
14:31:22.0578 0x08a4 mraid35x - ok
14:31:22.0593 0x08a4 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:31:22.0859 0x08a4 MRxDAV - ok
14:31:22.0937 0x08a4 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:31:23.0093 0x08a4 MRxSmb - ok
14:31:23.0140 0x08a4 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D, 78D63EE2C0B0852F0771071C099643242EBC9F4DA28847B93BCE9C3CC1091938 ] MSDTC C:\WINDOWS\system32\msdtc.exe
14:31:23.0406 0x08a4 MSDTC - ok
14:31:23.0421 0x08a4 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
14:31:23.0671 0x08a4 Msfs - ok
14:31:23.0671 0x08a4 MSIServer - ok
14:31:23.0718 0x08a4 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:31:23.0953 0x08a4 MSKSSRV - ok
14:31:24.0046 0x08a4 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:31:24.0281 0x08a4 MSPCLOCK - ok
14:31:24.0312 0x08a4 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
14:31:24.0546 0x08a4 MSPQM - ok
14:31:24.0609 0x08a4 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:31:24.0859 0x08a4 mssmbios - ok
14:31:24.0937 0x08a4 [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
14:31:25.0203 0x08a4 MSTEE - ok
14:31:25.0281 0x08a4 [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
14:31:25.0421 0x08a4 Mup - ok
14:31:25.0484 0x08a4 [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
14:31:25.0750 0x08a4 NABTSFEC - ok
14:31:25.0812 0x08a4 [ 6EA362E9DB03D44F6B996F4D8BE237E9, FE6B4C546D26C4A2832CF4CB280B86B1723E10E46A3C24AF6C9856FCCAE9D1FC ] napagent C:\WINDOWS\System32\qagentrt.dll
14:31:26.0156 0x08a4 napagent - ok
14:31:26.0203 0x08a4 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
14:31:26.0468 0x08a4 NDIS - ok
14:31:26.0578 0x08a4 [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
14:31:26.0843 0x08a4 NdisIP - ok
14:31:26.0953 0x08a4 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:31:27.0062 0x08a4 NdisTapi - ok
14:31:27.0125 0x08a4 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:31:27.0453 0x08a4 Ndisuio - ok
14:31:27.0484 0x08a4 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:31:27.0718 0x08a4 NdisWan - ok
14:31:27.0765 0x08a4 [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
14:31:27.0906 0x08a4 NDProxy - ok
14:31:27.0937 0x08a4 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
14:31:28.0171 0x08a4 NetBIOS - ok
14:31:28.0203 0x08a4 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
14:31:28.0484 0x08a4 NetBT - ok
14:31:28.0531 0x08a4 [ 933DE774986EC85E48210C44AB431DE6, B8C85085003792B8744D96585CE6F2BC474EEEEC364A100CCBCE08176D91E75C ] NetDDE C:\WINDOWS\system32\netdde.exe
14:31:28.0765 0x08a4 NetDDE - ok
14:31:28.0781 0x08a4 [ 933DE774986EC85E48210C44AB431DE6, B8C85085003792B8744D96585CE6F2BC474EEEEC364A100CCBCE08176D91E75C ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
14:31:29.0015 0x08a4 NetDDEdsdm - ok
14:31:29.0078 0x08a4 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] Netlogon C:\WINDOWS\system32\lsass.exe
14:31:29.0343 0x08a4 Netlogon - ok
14:31:29.0390 0x08a4 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40, 588C8BA14A7255FD36A88960CBE34341301773765ECF2A9A0F1760A509A08A5B ] Netman C:\WINDOWS\System32\netman.dll
14:31:29.0640 0x08a4 Netman - ok
14:31:29.0687 0x08a4 [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:31:29.0750 0x08a4 NetTcpPortSharing - ok
14:31:29.0796 0x08a4 [ E9E47CFB2D461FA0FC75B7A74C6383EA, 544136F5BFD4DC23D45E90F12FA48B82FD9EAEA9EAF3E0F5F0BD27E23D672C3E ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
14:31:30.0031 0x08a4 NIC1394 - ok
14:31:30.0093 0x08a4 [ 39EE7C3BFBC64BA87CC8CF67386E814C, B93CCB625CE370D9A49C9374D24C939D7C9FEF81401F4F822C51E12677D77E01 ] Nla C:\WINDOWS\System32\mswsock.dll
14:31:30.0140 0x08a4 Nla - ok
14:31:30.0171 0x08a4 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
14:31:30.0406 0x08a4 Npfs - ok
14:31:30.0468 0x08a4 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
14:31:30.0765 0x08a4 Ntfs - ok
14:31:30.0781 0x08a4 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
14:31:31.0000 0x08a4 NtLmSsp - ok
14:31:31.0093 0x08a4 [ 023DD70573D644F3D9C8B1258A7BFD08, 9A1D3210ED5FD8BEDF92ED577A9B30E37035408A73EB66A8C950B75AB7539B83 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
14:31:31.0390 0x08a4 NtmsSvc - ok
14:31:31.0421 0x08a4 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
14:31:31.0671 0x08a4 Null - ok
14:31:31.0703 0x08a4 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:31:31.0953 0x08a4 NwlnkFlt - ok
14:31:31.0984 0x08a4 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:31:32.0218 0x08a4 NwlnkFwd - ok
14:31:32.0234 0x08a4 [ CA33832DF41AFB202EE7AEB05145922F, 9DD0089C2E13C7F81214C3B5A4A61276292052F9BBFEA7FCD0F6AA27815D5F95 ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
14:31:32.0453 0x08a4 ohci1394 - ok
14:31:32.0593 0x08a4 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:31:32.0640 0x08a4 ose - ok
14:31:32.0671 0x08a4 [ 46F8DB73B4A53E543F8E371DC7C75BAE, F6C5E7DE4B4AE0ED785DB075BE14EA6A0FC9050C95669B26DEF2B82D7B7D3B2C ] Parport C:\WINDOWS\system32\drivers\Parport.sys
14:31:32.0937 0x08a4 Parport - ok
14:31:32.0953 0x08a4 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
14:31:33.0171 0x08a4 PartMgr - ok
14:31:33.0203 0x08a4 [ 1FAE19D0457176318BBA4A8795656EBC, 5F3D6CABA203A0485D67F63A6A81151724EE200BE49ED095CFCB1EF29C19D19F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
14:31:33.0453 0x08a4 ParVdm - ok
14:31:33.0484 0x08a4 [ 6CE351D149CB4BEFC702951E471E1730, 758327683BB45F01D5AE550AF21856822B4CF55E17F2A4F452F559088D242B37 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
14:31:33.0750 0x08a4 PCI - ok
14:31:33.0765 0x08a4 PCIDump - ok
14:31:33.0765 0x08a4 [ 2DA4EC85E0EA7A45C6B2A05820492D5A, A8C6BD93D3BC33A5B36EB523997EF9E0783B6E6EAFB6E7F58BCC2629009BDCF9 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
14:31:34.0015 0x08a4 PCIIde - ok
14:31:34.0046 0x08a4 [ 4FC31E6C19A5CE5198B1ABFF94CAE758, A031E21EC1F15DA5E8429269F435337FA961C3C06D535DAFD448C7355F33FD0C ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
14:31:34.0343 0x08a4 Pcmcia - ok
14:31:34.0343 0x08a4 PDCOMP - ok
14:31:34.0359 0x08a4 PDFRAME - ok
14:31:34.0375 0x08a4 PDRELI - ok
14:31:34.0375 0x08a4 PDRFRAME - ok
14:31:34.0421 0x08a4 [ 6C14B9C19BA84F73D3A86DBA11133101, 2CFB7E027E43C1B3890985DFD7987B23E4E3CC003E3FD2583E4A8AC1F8A13B26 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
14:31:34.0671 0x08a4 perc2 - ok
14:31:34.0687 0x08a4 [ F50F7C27F131AFE7BEBA13E14A3B9416, C0498EA65B908C07A734324ED70DB27F434FAAA815DD02F1BC429A3AB6C663D5 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
14:31:34.0921 0x08a4 perc2hib - ok
14:31:34.0984 0x08a4 [ 9EF697AF07BB8DD82C3B02CA953A95B7, F26033E660B8FF1BDB9E88CDA205CE128C03138AF6BEC05DB3CF2D95C16D86C6 ] PlugPlay C:\WINDOWS\system32\services.exe
14:31:35.0046 0x08a4 PlugPlay - ok
14:31:35.0062 0x08a4 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
14:31:35.0281 0x08a4 PolicyAgent - ok
14:31:35.0296 0x08a4 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:31:35.0531 0x08a4 PptpMiniport - ok
14:31:35.0546 0x08a4 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
14:31:35.0765 0x08a4 ProtectedStorage - ok
14:31:35.0781 0x08a4 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
14:31:36.0046 0x08a4 PSched - ok
14:31:36.0046 0x08a4 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:31:36.0296 0x08a4 Ptilink - ok
14:31:36.0343 0x08a4 [ 153D02480A0A2F45785522E814C634B6, 02B7590F2F4A8FA0B031CDA7A28BD55E7C04A080C1EA810BF3AC3212A62153A6 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
14:31:36.0406 0x08a4 PxHelp20 - ok
14:31:36.0437 0x08a4 [ 0A63FB54039EB5662433CABA3B26DBA7, A1FB923EB2D08D89D24E8AD7042BBED7CB1DBDA9A5B77BDD188E9913BADAB0EF ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
14:31:36.0718 0x08a4 ql1080 - ok
14:31:36.0750 0x08a4 [ 6503449E1D43A0FF0201AD5CB1B8C706, F1EFC2DE5998615CB182D7984366631FE956AE1ECA9AC777F26FCA2E6F2E05A6 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
14:31:37.0046 0x08a4 Ql10wnt - ok
14:31:37.0062 0x08a4 [ 156ED0EF20C15114CA097A34A30D8A01, 7490B90D4C88B7A9BADB9473D4033535F054C797ABF6D542CB859DA5C9B2586A ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
14:31:37.0343 0x08a4 ql12160 - ok
14:31:37.0375 0x08a4 [ 70F016BEBDE6D29E864C1230A07CC5E6, 895BC2C888F6566086FC1399F499A401D447E57333BC9F9C6DBAFE0F117603D6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
14:31:37.0625 0x08a4 ql1240 - ok
14:31:37.0656 0x08a4 [ 907F0AEEA6BC451011611E732BD31FCF, F9E7023BD1042963110D0A613054D094437868B20779F23C316A38E4781A6152 ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
14:31:37.0921 0x08a4 ql1280 - ok
14:31:37.0953 0x08a4 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:31:38.0203 0x08a4 RasAcd - ok
14:31:38.0250 0x08a4 [ 2B5E44EA009F2F374B980E1E9A70635D, 62D8FDB80C8ACBA2C42C12760B785587C43BEDFE015EC5C41B25F2BB735EFEB0 ] RasAuto C:\WINDOWS\System32\rasauto.dll
14:31:38.0484 0x08a4 RasAuto - ok
14:31:38.0531 0x08a4 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:31:38.0750 0x08a4 Rasl2tp - ok
14:31:38.0796 0x08a4 [ D57554C664B64604BD1EE13EA2C07E77, B090C05B91EA602BFF9A5E89AB1A0FFDE869611961FF749DA8B3F4D00F04E756 ] RasMan C:\WINDOWS\System32\rasmans.dll
14:31:39.0046 0x08a4 RasMan - ok
14:31:39.0062 0x08a4 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:31:39.0312 0x08a4 RasPppoe - ok
14:31:39.0312 0x08a4 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
14:31:39.0562 0x08a4 Raspti - ok
14:31:39.0609 0x08a4 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:31:39.0843 0x08a4 Rdbss - ok
14:31:39.0859 0x08a4 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:31:40.0125 0x08a4 RDPCDD - ok
14:31:40.0171 0x08a4 [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
14:31:40.0437 0x08a4 rdpdr - ok
14:31:40.0500 0x08a4 [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
14:31:40.0656 0x08a4 RDPWD - ok
14:31:40.0703 0x08a4 [ C0D9D9711CB74EE9BC66353D8CBDAB0E, F1AF9A26910707E76BF213D8DE5C902B0088D8A29EBDFF72DE6A4D867E298CC8 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
14:31:40.0968 0x08a4 RDSessMgr - ok
14:31:41.0000 0x08a4 [ 611BFD220305BE3A85AE876EA47D4AA5, FDF87878EB3886649025E5A12F1C3FC9072D66CCD3217944710085C1F8A4512E ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
14:31:41.0343 0x08a4 redbook - ok
14:31:41.0421 0x08a4 [ 127C26B5371651043450E52542099ABA, 98AADAD8D5211CB894AA7C59B6299861B1F44B6D8F46AB5837E7D2F5B615B14A ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
14:31:41.0687 0x08a4 RemoteAccess - ok
14:31:41.0734 0x08a4 [ 718B3BDC0BC3C2F7D065A53D26202AF9, 9E58243628F1E1396AB82A80D046FF50803A230EE07B007E0CA5D744C77B091A ] RpcLocator C:\WINDOWS\system32\locator.exe
14:31:42.0031 0x08a4 RpcLocator - ok
14:31:42.0093 0x08a4 [ BE27674D1CBC3214AEC84B4336A38BBF, 3DF5F9A9E97595A61314B2731DF4F3D3C19D1B9D2291624A63B8E1861FFC2D76 ] RpcSs C:\WINDOWS\System32\rpcss.dll
14:31:42.0187 0x08a4 RpcSs - ok
14:31:42.0250 0x08a4 [ 030442F08AEC1A5D7CF035CC514374B9, CDD9A0692D1568EDB046074766CB6D3551C98D6687E098A4B1FC4D3A2E34DBFF ] RSUSBSTOR C:\WINDOWS\system32\Drivers\RTS5121.sys
14:31:42.0390 0x08a4 RSUSBSTOR - ok
14:31:42.0437 0x08a4 [ 09AB2E71E58B078038E3BFDBA7FFC984, 8CA277DEEF6376B0F48C6BA5DBBC3E8AF2245983BA9AF6AB83D1A920D35FAF93 ] RSVP C:\WINDOWS\system32\rsvp.exe
14:31:42.0765 0x08a4 RSVP - ok
14:31:42.0781 0x08a4 Rts516xIR - ok
14:31:42.0828 0x08a4 [ 0B2D5D2341437D7D7E1A6C7BBCE3786A, E28F6FF902963CD725CE8DEDA6A96AEDDC108533BAEC3110380227992BF3C2CF ] SahdIa32 C:\WINDOWS\system32\Drivers\SahdIa32.sys
14:31:42.0890 0x08a4 SahdIa32 - ok
14:31:42.0937 0x08a4 [ 7A5F65B16249AF2BC9D18D815F5D7172, 65B99EC99F92D0A8E7231BE66CAC2C075BF8D0B814E6DFA85A0C87BFBCE270CC ] SaibIa32 C:\WINDOWS\system32\Drivers\SaibIa32.sys
14:31:42.0984 0x08a4 SaibIa32 - ok
14:31:43.0031 0x08a4 [ E333C9515822DE586A3FF759A0C9B7BF, 8633B6A469F1F4CC348B80C2E0B686C119BBC970EE9360A86A42AC16EFC58073 ] SaibVd32 C:\WINDOWS\system32\Drivers\SaibVd32.sys
14:31:43.0093 0x08a4 SaibVd32 - ok
14:31:43.0125 0x08a4 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] SamSs C:\WINDOWS\system32\lsass.exe
14:31:43.0343 0x08a4 SamSs - ok
14:31:43.0375 0x08a4 [ 410046E401EB11E1E6749E9DEEA41D4A, 9507268ACD24EF51E994DC418E8EB3E10DEDE61EE892226A22A5DA7662397E25 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
14:31:43.0671 0x08a4 SCardSvr - ok
14:31:43.0734 0x08a4 [ 9A8925F0E6919272A768D7C42232AA3A, B0DF850169B672A0BA9C233B2D003D6A059431BE905331D38A519F1DE4CBC4DD ] SCDEmu C:\WINDOWS\system32\drivers\SCDEmu.sys
14:31:43.0812 0x08a4 SCDEmu - ok
14:31:43.0843 0x08a4 [ 3FF232A7731621B8902D81D42418C93C, 2030C9A843D9555170179883BD4CC1E978D5FC5EC0D7FCA56518224E428BE421 ] Schedule C:\WINDOWS\system32\schedsvc.dll
14:31:44.0109 0x08a4 Schedule - ok
14:31:44.0156 0x08a4 [ 8D04819A3CE51B9EB47E5689B44D43C4, B0588AF967A7611F05BC8A8AD0C945DBB7BF995D7DA5C28FD0D007E33BF1F502 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys
14:31:44.0390 0x08a4 sdbus - ok
14:31:44.0421 0x08a4 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:31:44.0578 0x08a4 Secdrv - ok
14:31:44.0609 0x08a4 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6, 82EEB2345AC19050FAB202DE76C2CDD93E753F5AB67789A86A1726D3040C02E5 ] seclogon C:\WINDOWS\System32\seclogon.dll
14:31:44.0875 0x08a4 seclogon - ok
14:31:44.0906 0x08a4 [ A530B75C10C23C9AB28FDB6CE719E21F, 14568DF6457758E2F534A46A8E6245C364895C3993BEF2B5A889B98DBB201A27 ] SENS C:\WINDOWS\system32\sens.dll
14:31:45.0375 0x08a4 SENS - ok
14:31:45.0406 0x08a4 [ B842729337C9B921615C40D3C1A1AF96, 503670A56423B996C6ED6AE95F07FB88910767C4A2041A4BE9070C57A016E7FA ] Serial C:\WINDOWS\system32\drivers\Serial.sys
14:31:45.0671 0x08a4 Serial - ok
14:31:45.0718 0x08a4 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
14:31:46.0062 0x08a4 Sfloppy - ok
14:31:46.0125 0x08a4 [ F58FACA9621D2DB01BD0927D9A0A208E, 239C87E09261BC9D1DBE99DABCFC4787D42289E8769563A5EFB323BE6F177C9A ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
14:31:46.0390 0x08a4 SharedAccess - ok
14:31:46.0437 0x08a4 [ EE9A2B9EA968A792A053C9D1A86BF870, 39798179F2EA42216CBE98F08ADA3675A87BD0C31A66534367B96CB129AF36BA ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
14:31:46.0515 0x08a4 ShellHWDetection - ok
14:31:46.0531 0x08a4 Simbad - ok
14:31:46.0562 0x08a4 [ 6B33D0EBD30DB32E27D1D78FE946A754, CDA3D082D370B079C06D943DA124D76BAF0C5DB264FB0C893148EF6322D2FABE ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
14:31:46.0843 0x08a4 sisagp - ok
14:31:47.0234 0x08a4 [ 23E3C83DFF7B09A97B01A85ED8A44478, 1F19D2EE35198D7C64DAEE6914ABD3BD7BAEEF1BAF1668BC13ECA1D379330782 ] Skype C2C Service C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
14:31:48.0078 0x08a4 Skype C2C Service - ok
14:31:48.0203 0x08a4 [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
14:31:48.0265 0x08a4 SkypeUpdate - ok
14:31:48.0296 0x08a4 [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
14:31:48.0562 0x08a4 SLIP - ok
14:31:48.0656 0x08a4 [ 83C0F71F86D3BDAF915685F3D568B20E, 10B24723914A5A9E27A592FD58DAE2207B6E49F13A17CD2B1477C51D2D609D2E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
14:31:48.0843 0x08a4 Sparrow - ok
14:31:48.0890 0x08a4 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
14:31:49.0187 0x08a4 splitter - ok
14:31:49.0234 0x08a4 [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
14:31:49.0359 0x08a4 Spooler - ok
14:31:49.0406 0x08a4 [ 94610C8653635E4459316A0050D55CE7, D148D33B3D2B0757060531C526F2161504A8D7C4E5957D092C7EBDB007271339 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
14:31:49.0593 0x08a4 sr - ok
14:31:49.0656 0x08a4 [ 35B91147124F64AC8081A2EDB9EA4DEE, 1609D19156DAC6EE3C2D2350B062966B64D9CDC289E9B8FEB6D244AAEBE90BBF ] srservice C:\WINDOWS\system32\srsvc.dll
14:31:49.0812 0x08a4 srservice - ok
14:31:49.0859 0x08a4 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
14:31:50.0000 0x08a4 Srv - ok
14:31:50.0031 0x08a4 [ BECD5271DC4E3B7C3D035F790FCBC1E5, D63B9DB81332553C963EC5057D241CE2287AF652387333C1FD79AF8C9B5F2BA7 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
14:31:50.0187 0x08a4 SSDPSRV - ok
14:31:50.0296 0x08a4 [ 7C43EE429B6F503EB6ADAFFF3C20A305, 885A5F480349784002547DF2375E29506A57BDFA632866624405813262223EE4 ] STacSV c:\program files\idt\wdm\STacSV.exe
14:31:50.0546 0x08a4 STacSV - ok
14:31:50.0687 0x08a4 [ DC3489F1EF71AD75B34740D0E6979187, BD6BE706073622B7EB98A869CEB915F75448C66021F5CD54441AB4A73DBCD38D ] STHDA C:\WINDOWS\system32\drivers\sthda.sys
14:31:51.0171 0x08a4 STHDA - ok
14:31:51.0250 0x08a4 [ C1CDD9275F6A115BB0AE1D55D8D27BA6, CD0511FD7F6AD832CBEB931C605AB3AD217631C57399CB8033248D27619541E4 ] stisvc C:\WINDOWS\system32\wiaservc.dll
14:31:51.0546 0x08a4 stisvc - ok
14:31:51.0578 0x08a4 [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
14:31:51.0828 0x08a4 streamip - ok
14:31:51.0859 0x08a4 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
14:31:52.0140 0x08a4 swenum - ok
14:31:52.0171 0x08a4 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
14:31:52.0531 0x08a4 swmidi - ok
14:31:52.0546 0x08a4 SwPrv - ok
14:31:52.0640 0x08a4 [ 1FF3217614018630D0A6758630FC698C, 78A3075BBFF5D7ADEAC1527E65ACA8527BFC509DF124D44410BB46C4D96C96BB ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
14:31:52.0968 0x08a4 symc810 - ok
14:31:53.0031 0x08a4 [ 070E001D95CF725186EF8B20335F933C, B98B29FB01741AF3B4BB02C76A4D117EA04FE4CC4F8CDB491F9216931704A6D8 ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
14:31:53.0375 0x08a4 symc8xx - ok
14:31:53.0437 0x08a4 [ 80AC1C4ABBE2DF3B738BF15517A51F2C, CCF82D09C63F4FA98BCBEF3A1DC8C02D4269B78256D0B6213E815D9BBE174432 ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
14:31:53.0781 0x08a4 sym_hi - ok
14:31:53.0812 0x08a4 [ BF4FAB949A382A8E105F46EBB4937058, FE7C114A19D50E37463CDD3605C26105A779EEA79CB92BF98267C7BE809D853B ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
14:31:54.0156 0x08a4 sym_u3 - ok
14:31:54.0218 0x08a4 [ 8DA49473F997D4C5D821F1E358F94F2D, A1C2C3B0DAAD6560758FC77CEDF0D641DFD155F3975BC2C5FFA37776EFA9528B ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
14:31:54.0375 0x08a4 SynTP - ok
14:31:54.0406 0x08a4 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
14:31:54.0750 0x08a4 sysaudio - ok
14:31:54.0828 0x08a4 [ 806284D876063CE0395C178124E708D3, 7F5CEFCC83066B67B3E532D5EAD75CE88F97FE04E8BE7E8B6C8D9AC4FFC494F1 ] SysCow C:\WINDOWS\system32\drivers\syscow32x.sys
14:31:54.0953 0x08a4 SysCow - ok
14:31:55.0031 0x08a4 [ CE06F01B88ACE199A1BF460CAC29C110, 3CD89E5B8E53203287D889C107E4795225742DB6C6ACA2DC0611BD9728382A27 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
14:31:55.0437 0x08a4 SysmonLog - ok
14:31:55.0546 0x08a4 [ C2546CD7A398476F9DF5614B2AE160E8, 11C8435BA983553E9C0806494E9B3C7080515C0375B0604F029D89B50726161A ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
14:31:55.0953 0x08a4 TapiSrv - ok
14:31:56.0078 0x08a4 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:31:56.0234 0x08a4 Tcpip - ok
14:31:56.0328 0x08a4 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
14:31:56.0703 0x08a4 TDPIPE - ok
14:31:56.0734 0x08a4 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
14:31:57.0093 0x08a4 TDTCP - ok
14:31:57.0125 0x08a4 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
14:31:57.0640 0x08a4 TermDD - ok
14:31:57.0718 0x08a4 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E, 3D2B1D899061448EAD993CDE97D1EF50DD64728E9F44D80FEAE591198A937653 ] TermService C:\WINDOWS\System32\termsrv.dll
14:31:58.0203 0x08a4 TermService - ok
14:31:58.0265 0x08a4 [ EE9A2B9EA968A792A053C9D1A86BF870, 39798179F2EA42216CBE98F08ADA3675A87BD0C31A66534367B96CB129AF36BA ] Themes C:\WINDOWS\System32\shsvcs.dll
14:31:58.0328 0x08a4 Themes - ok
14:31:58.0375 0x08a4 [ FD4FD7D6FDA5C019ED86025D7BE1510F, A2C3B5D452AE48B1D9C48B74CE4A44A9F058737C0A55327FA44BEC9DE2F7D28D ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
14:31:58.0750 0x08a4 TosIde - ok
14:31:58.0812 0x08a4 [ 38853304CCB938D30E0C4CDE8D2C2A8A, 966E7BCC9F63A1A7777F8A12E51C2A91EC688CE96109943ADC4CB4EB58DC34A6 ] TrkWks C:\WINDOWS\system32\trkwks.dll
14:31:59.0234 0x08a4 TrkWks - ok
14:31:59.0296 0x08a4 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
14:31:59.0640 0x08a4 Udfs - ok
14:31:59.0687 0x08a4 [ 1B698A51CD528D8DA4FFAED66DFC51B9, FC3F12D25EE0E99AFE056502FCCFC052854699C21B99D559FAF1244F206DFB4F ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
14:31:59.0875 0x08a4 ultra - ok
14:31:59.0937 0x08a4 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
14:32:00.0234 0x08a4 Update - ok
14:32:00.0296 0x08a4 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E, AF7662BCA0819F82CE5EE0863E47149CC127DE664CB3DC6359B63FBD71DB54F8 ] upnphost C:\WINDOWS\System32\upnphost.dll
14:32:00.0468 0x08a4 upnphost - ok
14:32:00.0500 0x08a4 [ 20A0F6A11959E92908717D09E87D670D, 3DD6C99AB0F70FAA43DF470B30078B8A51B8AF735CD5C50DBB195FEA70F4C36E ] UPS C:\WINDOWS\System32\ups.exe
14:32:00.0750 0x08a4 UPS - ok
14:32:00.0796 0x08a4 [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
14:32:00.0953 0x08a4 usbccgp - ok
14:32:00.0968 0x08a4 USBCCID - ok
14:32:01.0000 0x08a4 [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:32:01.0093 0x08a4 usbehci - ok
14:32:01.0156 0x08a4 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:32:01.0375 0x08a4 usbhub - ok
14:32:01.0437 0x08a4 [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
14:32:01.0546 0x08a4 usbscan - ok
14:32:01.0625 0x08a4 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:32:01.0843 0x08a4 USBSTOR - ok
14:32:01.0906 0x08a4 [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
14:32:02.0125 0x08a4 usbuhci - ok
14:32:02.0171 0x08a4 [ 813236B1183CFCF289E367BD5DE6E29E, 167FE18A96F330AEEC1A4C419770C15EFEB536D43838285E51E7A62E95DF4674 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
14:32:02.0296 0x08a4 usbvideo - ok
14:32:02.0390 0x08a4 [ C5B70A6AA947667CE0E5FC84A05EC8B6, 9BBFC601212A1091F71C66EB56CD93717AC8AF067AFDDC10F046142D8ABEB15A ] usnjsvc C:\Program Files\MSN Messenger\usnsvc.exe
14:32:02.0437 0x08a4 usnjsvc - ok
14:32:02.0484 0x08a4 [ 94D73B62E458FB56C9CE60AA96D914F9, EF0FAC91A1207DA28600000141C26686A7BD6B70EE05F5B78459D3D615454151 ] VClone C:\WINDOWS\system32\DRIVERS\VClone.sys
14:32:02.0562 0x08a4 VClone - detected UnsignedFile.Multi.Generic ( 1 )
14:32:12.0875 0x08a4 VClone ( UnsignedFile.Multi.Generic ) - warning
14:32:17.0312 0x08a4 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
14:32:17.0640 0x08a4 VgaSave - ok
14:32:17.0687 0x08a4 [ 754292CE5848B3738281B4F3607EAEF4, B0DCC9E9F8F78671FF878B493264C3B1DD2ED4A7167E3F5495F66ABF5FACB86C ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
14:32:17.0953 0x08a4 viaagp - ok
14:32:18.0000 0x08a4 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E, FC7FFD53FCC0F81587EFF26A43C141D25C43DBC68311520CE2BCDD739CA58CA9 ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
14:32:18.0234 0x08a4 ViaIde - ok
14:32:18.0250 0x08a4 [ 28A4B296B47782173C346E376CB374D1, FE799FE4A41752A2B47027EA88214BF3E39B317302939F4A2D0F2A4EFAAC2F13 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
14:32:18.0531 0x08a4 VolSnap - ok
14:32:18.0593 0x08a4 [ D6BA1A63D9E00933F1CD2A885573AFB2, 36311A060635CEC1DBB6D8A746B8A4D007706EAE97D51A5E12F9958AB16BE486 ] VSS C:\WINDOWS\System32\vssvc.exe
14:32:18.0765 0x08a4 VSS - ok
14:32:18.0812 0x08a4 [ FA4E1CDBA256787F2149F4AAD07BC91F, 1B5FC5248335D70094D04501AA2C30F54782B58FF8D573BE8E784A21529C7CAF ] W32Time C:\WINDOWS\system32\w32time.dll
14:32:19.0062 0x08a4 W32Time - ok
14:32:19.0093 0x08a4 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:32:19.0312 0x08a4 Wanarp - ok
14:32:19.0421 0x08a4 [ BBCFEAB7E871CDDAC2D397EE7FA91FDC, 06FC132E0E256B9A4E4DDD05D3AF4D75E40C750ECCF94A76251B104C65CFFCDF ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
14:32:19.0937 0x08a4 Wdf01000 - ok
14:32:19.0953 0x08a4 WDICA - ok
14:32:19.0984 0x08a4 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
14:32:20.0328 0x08a4 wdmaud - ok
14:32:20.0390 0x08a4 [ 47AE51048A82DFA1CD6B51D369F7E169, 742F2162B8BDE00D83715093EA9743338964597ED22648B9F4F139D7278235A4 ] WebClient C:\WINDOWS\System32\webclnt.dll
14:32:20.0656 0x08a4 WebClient - ok
14:32:20.0781 0x08a4 [ E488332126E3B1182D2B8A0C35408EC6, F9F60911DF0A539753B2BEF6FAD2D0AED1BC1C3F43509F79D9AF2F810CDE5D9B ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
14:32:21.0015 0x08a4 winmgmt - ok
14:32:21.0093 0x08a4 [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
14:32:21.0265 0x08a4 WmdmPmSN - ok
14:32:21.0312 0x08a4 [ C42584FD66CE9E17403AEBCA199F7BDB, E3F2E1066F36AE5D33D4482239B2E556BE0C137923C9A120DFB36EC82F2E77B0 ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
14:32:21.0578 0x08a4 WmiAcpi - ok
14:32:21.0687 0x08a4 [ 23F6F03272F7E5679F1F050AED5ACEE6, 87EBE773F3E8FFE2F1E1DB435BB0E8852031AA88112EB791085AD3DA918B49CC ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
14:32:21.0953 0x08a4 WmiApSrv - ok
14:32:22.0109 0x08a4 [ 3739866D20ABD42F26A7B85F9E2560AF, 9DD01194A553590146A1A1D790B2F891D244C8C0EE34DA423CF2B1F7418BD3AC ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
14:32:22.0421 0x08a4 WMPNetworkSvc - ok
14:32:22.0453 0x08a4 [ CF4DEF1BF66F06964DC0D91844239104, CC1D9CECE2056D29A9651D51BB57C3F4F9BF9E90A4808CF7496C683C874FBD51 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
14:32:22.0531 0x08a4 WpdUsb - ok
14:32:22.0562 0x08a4 [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
14:32:22.0812 0x08a4 WS2IFSL - ok
14:32:22.0875 0x08a4 [ 4C86D5FAF78194995AF9CC1075F65DD3, D3B23BB0971E0DBC0A51720067489C224323B603178E91149BF56F779DE352F0 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
14:32:23.0109 0x08a4 wscsvc - ok
14:32:23.0156 0x08a4 [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
14:32:23.0421 0x08a4 WSTCODEC - ok
14:32:23.0453 0x08a4 [ C1364564800EE9784192145324A23308, 5345BAE00364233594C9CF99CE2CC485E65B5D4FFBB81C86B2950EDA2427584C ] wuauserv C:\WINDOWS\system32\wuauserv.dll
14:32:23.0718 0x08a4 wuauserv - ok
14:32:23.0765 0x08a4 [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
14:32:23.0859 0x08a4 WudfPf - ok
14:32:23.0890 0x08a4 [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WUDFRd C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
14:32:23.0968 0x08a4 WUDFRd - ok
14:32:24.0000 0x08a4 [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
14:32:24.0109 0x08a4 WudfSvc - ok
14:32:24.0187 0x08a4 [ A27D4BA7264C0BF52F32D10405BEA1D4, 5F28607CCAB15FB601BEB35FF0B1A5CD27C678C6D1CA724E842C33EED4579B8C ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
14:32:24.0468 0x08a4 WZCSVC - ok
14:32:24.0531 0x08a4 [ EAA4BB9EDB3FB10CF8979FE65E63658F, B80EB477100FD3E26513360E09DB6EBF0C8D8B0618F1F4BF1F387ABA6DEC9B64 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
14:32:24.0843 0x08a4 xmlprov - ok
14:32:24.0859 0x08a4 ================ Scan global ===============================
14:32:24.0906 0x08a4 [ F36278E42C8C5DF03CE17DAC8231C91C, D012A3C8F394DF4F0BF5D5A4C10E73BBF427762B7D3DB6CF5FAB96536E082B7A ] C:\WINDOWS\system32\basesrv.dll
14:32:25.0000 0x08a4 [ 4C0AA4ABC4E21672B55D8A700AF2B2A6, FAC6B8E2698D0EB12A0ACE62EA398AD05AB6AC5C39740A1E8BDAAF0BFDD5B4A3 ] C:\WINDOWS\system32\winsrv.dll
14:32:25.0109 0x08a4 [ 4C0AA4ABC4E21672B55D8A700AF2B2A6, FAC6B8E2698D0EB12A0ACE62EA398AD05AB6AC5C39740A1E8BDAAF0BFDD5B4A3 ] C:\WINDOWS\system32\winsrv.dll
14:32:25.0156 0x08a4 [ 9EF697AF07BB8DD82C3B02CA953A95B7, F26033E660B8FF1BDB9E88CDA205CE128C03138AF6BEC05DB3CF2D95C16D86C6 ] C:\WINDOWS\system32\services.exe
14:32:25.0171 0x08a4 [ Global ] - ok
14:32:25.0171 0x08a4 ================ Scan MBR ==================================
14:32:25.0187 0x08a4 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
14:32:26.0218 0x08a4 \Device\Harddisk0\DR0 - ok
14:32:26.0218 0x08a4 ================ Scan VBR ==================================
14:32:26.0218 0x08a4 [ F0CE1F867937E6DBD2AC4FBF56476AC9 ] \Device\Harddisk0\DR0\Partition1
14:32:26.0265 0x08a4 \Device\Harddisk0\DR0\Partition1 - ok
14:32:26.0265 0x08a4 ================ Scan generic autorun ======================
14:32:26.0328 0x08a4 [ F38092DE1D6A8CBB11B6B6D0F07E268E, 12D5AA6A51F0807A6DCAED51EB9E35EF8D34CD9C31B628B6EA38421415377BEE ] C:\WINDOWS\system32\igfxtray.exe
14:32:26.0390 0x08a4 IgfxTray - ok
14:32:26.0406 0x08a4 [ E44733C30F7FE6A1CE7A6B1D2B335CFC, 1638A7C3426504B090E45E0984F52EA9F8C713EC20509F328FC758C4A271C503 ] C:\WINDOWS\system32\hkcmd.exe
14:32:26.0484 0x08a4 HotKeysCmds - ok
14:32:26.0531 0x08a4 [ 2022C54B3A79A51C9538CE47D1F50BC3, AF3E60CAD38C2FEB6CD1BCFC3546C0D03ABA45E6ADF366E8F44659705F7EF0BA ] C:\WINDOWS\system32\igfxpers.exe
14:32:26.0578 0x08a4 Persistence - ok
14:32:26.0703 0x08a4 [ FA67B019063B2C456A6BB2D3FC44A21D, 895E739EAD3853D2BA7F2DCD08EC98AE45DF59886ACB034CDAB4EF7F6E6346BD ] C:\Program Files\IDT\WDM\sttray.exe
14:32:26.0843 0x08a4 SysTrayApp - ok
14:32:27.0000 0x08a4 [ A64B2C3C698F2362FAD8D9357C9AAE83, 9C175A6D37B4C5BC560DC74BFCC283856B70B9818C9755776EDC61121B6C7F8C ] C:\WINDOWS\system32\AESTFltr.exe
14:32:27.0171 0x08a4 AESTFltr - ok
14:32:27.0359 0x08a4 [ 8C4FBABC05806D0FAAEB31802E72331B, 5099C0FCDBAF074B9949E70EE6AF8EBFA998DD9ABDDFD6FEE41D2714649AA9A5 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
14:32:27.0515 0x08a4 SynTPEnh - ok
14:32:27.0609 0x08a4 [ 8CB896C573FD15AE8B13180DA53E93D2, 47E46D77DF345D5BA970A662376828DB0141CE4A62E7DF40947EB6659CA598BC ] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
14:32:27.0687 0x08a4 hpWirelessAssistant - ok
14:32:27.0734 0x08a4 [ 8FB740D758B14B1BC950CC347C21E461, 6EAB429DE35D87C94E9B912E189C248428653674939352E0210FC026F5A4B564 ] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
14:32:27.0781 0x08a4 RemoteControl - detected UnsignedFile.Multi.Generic ( 1 )
14:32:30.0640 0x08a4 Detect skipped due to KSN trusted
14:32:30.0640 0x08a4 RemoteControl - ok
14:32:30.0734 0x08a4 [ F40E80C04475731C6ED5D19C48E45E3C, 40BB48DD37D6DFD61A68BA7891C4C453665561F7C74C5DA1BC7D7B36A0190DAA ] C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
14:32:30.0796 0x08a4 VirtualCloneDrive - ok
14:32:31.0109 0x08a4 [ 126EED659167ECFD15E277301DD80470, F6D07AFA0D4A977879B6107D2AD1717F6424843F44D0B49DE2D43ECEA14207CA ] C:\Program Files\ESET\ESET Smart Security\egui.exe
14:32:31.0328 0x08a4 egui - ok
14:32:31.0421 0x08a4 [ 4EE76D4CB055E8EC281177771345E8B3, 669569288143E481892FD1E479E411638935709F7B2A91ED5157C16166C67FF4 ] C:\Program Files\PowerISO\PWRISOVM.EXE
14:32:31.0468 0x08a4 PWRISOVM.EXE - ok
14:32:31.0609 0x08a4 [ 8572F2010128B9A194DCC329859D045D, 4FDAA0A563E3048F9ADC9D137034DC4BD21DEA84687E9749E3152095C491596C ] C:\Program Files\Weather Watcher\ww.exe
14:32:31.0734 0x08a4 WeatherWatcher - detected UnsignedFile.Multi.Generic ( 1 )
14:32:35.0218 0x08a4 Detect skipped due to KSN trusted
14:32:35.0218 0x08a4 WeatherWatcher - ok
14:32:35.0312 0x08a4 Skype - ok
14:32:35.0359 0x08a4 [ A756B8F0F7BAFBA6DFE39F7D169F2519, 5338DE8FCA5182A919AAADFA5D130BB93069E3675B834D96CFF68C32433B3BDE ] C:\WINDOWS\system32\ctfmon.exe
14:32:35.0687 0x08a4 ctfmon.exe - ok
14:32:35.0703 0x08a4 Waiting for KSN requests completion. In queue: 4
14:32:36.0718 0x08a4 Waiting for KSN requests completion. In queue: 4
14:32:37.0718 0x08a4 Waiting for KSN requests completion. In queue: 1
14:32:38.0718 0x08a4 Waiting for KSN requests completion. In queue: 1
14:32:39.0921 0x08a4 AV detected via SS1: ESET Smart Security 4.2, 4.2, enabled, updated
14:32:39.0937 0x08a4 FW detected via SS1: ESET personal firewall, 4.2.40.10, enabled
14:32:42.0843 0x08a4 ============================================================
14:32:42.0843 0x08a4 Scan finished
14:32:42.0843 0x08a4 ============================================================
14:32:42.0859 0x0484 Detected object count: 1
14:32:42.0859 0x0484 Actual detected object count: 1
14:34:18.0406 0x0484 VClone ( UnsignedFile.Multi.Generic ) - skipped by user
14:34:18.0406 0x0484 VClone ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:34:25.0765 0x0d30 Deinitialize success

#22 Příspěvek od **altrok** » 24 úno 2015 14:50

Dejte jeste aktualni log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101

Walky · #23 Příspěvek od **Walky** » 24 úno 2015 15:25

FRST

14:29:25.0421 0x0260 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
14:29:31.0343 0x0260 ============================================================
14:29:31.0343 0x0260 Current date / time: 2015/02/24 14:29:31.0343
14:29:31.0343 0x0260 SystemInfo:
14:29:31.0343 0x0260
14:29:31.0343 0x0260 OS Version: 5.1.2600 ServicePack: 3.0
14:29:31.0343 0x0260 Product type: Workstation
14:29:31.0343 0x0260 ComputerName: MINILAPTOP
14:29:31.0343 0x0260 UserName: anitka
14:29:31.0343 0x0260 Windows directory: C:\WINDOWS
14:29:31.0343 0x0260 System windows directory: C:\WINDOWS
14:29:31.0343 0x0260 Processor architecture: Intel x86
14:29:31.0343 0x0260 Number of processors: 2
14:29:31.0343 0x0260 Page size: 0x1000
14:29:31.0343 0x0260 Boot type: Normal boot
14:29:31.0343 0x0260 ============================================================
14:29:35.0453 0x0260 KLMD registered as C:\WINDOWS\system32\drivers\14870880.sys
14:29:36.0000 0x0260 System UUID: {E615DB88-D0BE-6A4C-F322-CC04AC838B3C}
14:29:37.0781 0x0260 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 ( 149.05 Gb ), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
14:29:37.0781 0x0260 ============================================================
14:29:37.0781 0x0260 \Device\Harddisk0\DR0:
14:29:37.0781 0x0260 MBR partitions:
14:29:37.0781 0x0260 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x12A14400
14:29:37.0781 0x0260 ============================================================
14:29:37.0843 0x0260 C: <-> \Device\Harddisk0\DR0\Partition1
14:29:37.0843 0x0260 ============================================================
14:29:37.0843 0x0260 Initialize success
14:29:37.0843 0x0260 ============================================================
14:30:14.0062 0x08a4 ============================================================
14:30:14.0062 0x08a4 Scan started
14:30:14.0062 0x08a4 Mode: Manual; SigCheck; TDLFS;
14:30:14.0062 0x08a4 ============================================================
14:30:14.0062 0x08a4 KSN ping started
14:30:27.0859 0x08a4 KSN ping finished: true
14:30:28.0703 0x08a4 ================ Scan system memory ========================
14:30:28.0718 0x08a4 System memory - ok
14:30:28.0718 0x08a4 ================ Scan services =============================
14:30:28.0906 0x08a4 [ D0091301536E1D630AA10121001B89BE, 0267C7F556184ACB5B481CEA1A4EDAB37E6BE536A38610353D64453F427458C6 ] 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269 C:\Program Files\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe
14:30:29.0562 0x08a4 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269 - ok
14:30:29.0812 0x08a4 Abiosdsk - ok
14:30:29.0875 0x08a4 [ 6ABB91494FE6C59089B9336452AB2EA3, FA28396820E44F991891042E051A4414485B54D456F252E03E3FFE1B4B4CF843 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
14:30:33.0890 0x08a4 abp480n5 - ok
14:30:33.0984 0x08a4 [ 4FE34F1F3126B61FCC6B2043AA8112C9, DE370865E47A5D2A4B227EEFFB42384F67F08D622BF936A9C9CEF70CC47F324B ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:30:34.0343 0x08a4 ACPI - ok
14:30:34.0343 0x08a4 [ AFDFF022A01F0B11C776F0860C3B282F, 135E5257B62D921B76271014301E9EA1E2383D5DBB04E475DC3A7EFFD2561F56 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
14:30:34.0656 0x08a4 ACPIEC - ok
14:30:34.0828 0x08a4 [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
14:30:34.0968 0x08a4 AdobeFlashPlayerUpdateSvc - ok
14:30:35.0015 0x08a4 [ 9A11864873DA202C996558B2106B0BBC, 4C68F1DBD1541291DD0FAB78DB42B25FA051CD9F55ED869173E3219CD31500C4 ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
14:30:35.0328 0x08a4 adpu160m - ok
14:30:35.0390 0x08a4 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
14:30:35.0671 0x08a4 aec - ok
14:30:35.0734 0x08a4 [ F0F8212D86EF2BFDD5AD01F6AB7B017C, 013B9B6B1910EBC8539FC57F234143035C4D542F790340AA7AEDA35AB4D675F6 ] AESTAud C:\WINDOWS\system32\drivers\AESTAud.sys
14:30:35.0859 0x08a4 AESTAud - ok
14:30:35.0921 0x08a4 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
14:30:36.0031 0x08a4 AFD - ok
14:30:36.0078 0x08a4 [ 08FD04AA961BDC77FB983F328334E3D7, A784EC8A9EDB579262366B5A9AB177DB7BEC0A421BDE85431D0AD4959D5AF5E7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
14:30:36.0312 0x08a4 agp440 - ok
14:30:36.0375 0x08a4 [ 03A7E0922ACFE1B07D5DB2EEB0773063, 93EEA872A5642C95FF19C81F8EFFB9B52742A14DBF138784F0F713AD18C413ED ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
14:30:36.0656 0x08a4 agpCPQ - ok
14:30:36.0687 0x08a4 [ C23EA9B5F46C7F7910DB3EAB648FF013, 92C84E9AF278A3B55D56C4F8E6C10E3EF1F7B336A44A018AED6DC51A46671F0B ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
14:30:36.0859 0x08a4 Aha154x - ok
14:30:36.0890 0x08a4 [ 19DD0FB48B0C18892F70E2E7D61A1529, 95BA1568E8E08314508CA0E1F95555891E70399AEC312C793B46A841F56FFDCF ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
14:30:37.0140 0x08a4 aic78u2 - ok
14:30:37.0187 0x08a4 [ B7FE594A7468AA0132DEB03FB8E34326, BF0DC2B8C474DB151589BA9968264413521DDD9E7316B752B2FA40C24200FBE0 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
14:30:37.0437 0x08a4 aic78xx - ok
14:30:37.0468 0x08a4 [ E0A6FA244B8624D78FE5FF6F56A33BAE, 26B828FDB03AE4A4F1DC7A1792F9BAD69CF947897D47F5E567F24F4B6D5CB541 ] Alerter C:\WINDOWS\system32\alrsvc.dll
14:30:37.0765 0x08a4 Alerter - ok
14:30:37.0812 0x08a4 [ 88842DE939A827577BF24243699AC80A, A49C9A6A9941F3A2FBBCFE1F6DB48B632739D00670AC98ECCCBC7FD9E786B21A ] ALG C:\WINDOWS\System32\alg.exe
14:30:37.0921 0x08a4 ALG - ok
14:30:37.0953 0x08a4 [ 1140AB9938809700B46BB88E46D72A96, 369379ECC5941ACE984A7F31EAABB66A2E693EDBADA639B86D26FD681D45608E ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
14:30:38.0218 0x08a4 AliIde - ok
14:30:38.0250 0x08a4 [ CB08AED0DE2DD889A8A820CD8082D83C, B1A9D493390AEDF6EFF8BCAA3B33EC31758452AB497C34C0728CDDA1D8DCBF2A ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
14:30:38.0531 0x08a4 alim1541 - ok
14:30:38.0562 0x08a4 [ 95B4FB835E28AA1336CEEB07FD5B9398, 36CD3B14EF78B01FB653B78187FAA63C4DD5F4137AC3B91D81256A350EEDCBC1 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
14:30:38.0843 0x08a4 amdagp - ok
14:30:38.0875 0x08a4 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6, 9B179F0B6A559639D3AE3975CEBF2718294BE5743517BEE06586F0D258164C81 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
14:30:39.0031 0x08a4 amsint - ok
14:30:39.0031 0x08a4 AppMgmt - ok
14:30:39.0078 0x08a4 [ B5B8A80875C1DEDEDA8B02765642C32F, AD0C71D73B1B8225351FBF4FFB43001A32B4DAE69504C59970CD2428BB33D4EF ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
14:30:39.0453 0x08a4 Arp1394 - ok
14:30:39.0531 0x08a4 [ 62D318E9A0C8FC9B780008E724283707, 1A69806AB2BDECCEB5EB23A80700B3F98983D5D67F78839CBF269087FA460757 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
14:30:39.0968 0x08a4 asc - ok
14:30:40.0015 0x08a4 [ 69EB0CC7714B32896CCBFD5EDCBEA447, 1CB506B5F71F84EFD26961010681D0A79AA7B266573378E3D2755125DF5D6BB6 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
14:30:40.0234 0x08a4 asc3350p - ok
14:30:40.0265 0x08a4 [ 5D8DE112AA0254B907861E9E9C31D597, 557C93E82A71131D226267151C84B197503831A16263DDFE040E996B605CA9E8 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
14:30:40.0703 0x08a4 asc3550 - ok
14:30:40.0843 0x08a4 [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
14:30:40.0953 0x08a4 aspnet_state - ok
14:30:40.0984 0x08a4 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:30:41.0375 0x08a4 AsyncMac - ok
14:30:41.0437 0x08a4 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
14:30:41.0859 0x08a4 atapi - ok
14:30:41.0906 0x08a4 Atdisk - ok
14:30:41.0937 0x08a4 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:30:42.0343 0x08a4 Atmarpc - ok
14:30:42.0406 0x08a4 [ DE31B88962A8645DBA5A37B993E7B0F1, CA93F25A3FD0CE68BB9B8E3AB6B813BF38DE3EDDFC990291B3957FAA59B2B274 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
14:30:42.0859 0x08a4 AudioSrv - ok
14:30:42.0906 0x08a4 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
14:30:43.0328 0x08a4 audstub - ok
14:30:43.0562 0x08a4 [ 10CF810CBC0B7090C436BB15496B3328, ABD3B951836183C23B8CA30D82C7FD85E69E98379C6FEA81F8A9EAA9FEE484BC ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
14:30:43.0953 0x08a4 BCM43XX - ok
14:30:44.0000 0x08a4 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
14:30:44.0484 0x08a4 Beep - ok
14:30:44.0625 0x08a4 [ 19395D092FD85DDC2D9C7729CF5A2AC8, 7640F36BA19698EE8A6257BF78A8C57DD9D734BED9CA6BB9B68603BAEA092412 ] BITS C:\WINDOWS\system32\qmgr.dll
14:30:45.0187 0x08a4 BITS - ok
14:30:45.0328 0x08a4 [ 73BAA2AB3666CCFF2CBC7BE23B08F60D, 7C0A0194AE2EAE6F905DAE49CA8F9E8A7520C80FA699EF61B28F0390822D68E6 ] BOTService C:\Program Files\Roxio\BackOnTrack\Instant Restore\BOTService.exe
14:30:45.0390 0x08a4 BOTService - ok
14:30:45.0437 0x08a4 [ 89E739BBA5F636297EA5B5F811189E06, 151B32B12F5DD0D388134DA2471FE9741CF22B9C408DA58FEF8019D3C4EC836B ] Browser C:\WINDOWS\System32\browser.dll
14:30:45.0656 0x08a4 Browser - ok
14:30:45.0843 0x08a4 [ 768CC827A2EE09F39908B3B25555814B, 81E6928D5B316DD3983088A00F68D568D221E505CD9B109616268715EF7E4621 ] btkrnl C:\WINDOWS\system32\DRIVERS\btkrnl.sys
14:30:46.0203 0x08a4 btkrnl - ok
14:30:46.0312 0x08a4 [ DCEB2FD46331D021EA8D90E8C21944BF, 7C483D6FBE339F330BFD804F267586CBF8372E81FB2E1A8F0DACCD238E9CCC01 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
14:30:46.0562 0x08a4 btwdins - ok
14:30:46.0609 0x08a4 [ FAC7E5965162C70D184DFE92B4BCBD1B, 429C13BA22B73750131ED44CD8907B2785B2AC14501597D631FF831474891AF9 ] BTWUSB C:\WINDOWS\system32\Drivers\btwusb.sys
14:30:46.0703 0x08a4 BTWUSB - ok
14:30:46.0718 0x08a4 catchme - ok
14:30:46.0765 0x08a4 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
14:30:47.0109 0x08a4 cbidf - ok
14:30:47.0125 0x08a4 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
14:30:47.0375 0x08a4 cbidf2k - ok
14:30:47.0437 0x08a4 [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
14:30:47.0796 0x08a4 CCDECODE - ok
14:30:47.0812 0x08a4 [ F3EC03299634490E97BBCE94CD2954C7, CDC85ADA27E0D501581CE6F28D7E1941E90411FA8E8F2C43A68BAA8CB78E85DD ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
14:30:48.0046 0x08a4 cd20xrnt - ok
14:30:48.0078 0x08a4 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
14:30:48.0421 0x08a4 Cdaudio - ok
14:30:48.0484 0x08a4 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
14:30:48.0843 0x08a4 Cdfs - ok
14:30:48.0937 0x08a4 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:30:49.0281 0x08a4 Cdrom - ok
14:30:49.0281 0x08a4 Changer - ok
14:30:49.0328 0x08a4 [ E390DC1D7C461D7D56EC53402F329928, FB37F84E71353CD83FCDDD39C898C6D84C05130C5F1BEF022E3DFDE160398C0E ] CiSvc C:\WINDOWS\system32\cisvc.exe
14:30:49.0734 0x08a4 CiSvc - ok
14:30:49.0765 0x08a4 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA, 1725067BC759484A7185A4F1A44ED3CBE481529D187FE98EF279425B79177EB1 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
14:30:50.0203 0x08a4 ClipSrv - ok
14:30:50.0281 0x08a4 [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:30:50.0484 0x08a4 clr_optimization_v2.0.50727_32 - ok
14:30:50.0515 0x08a4 [ 0F6C187D38D98F8DF904589A5F94D411, DB987093446216CEE913AC27503BF7E23E5A62DF169B355730285DAB64F6ED28 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
14:30:50.0906 0x08a4 CmBatt - ok
14:30:50.0968 0x08a4 [ 964D0F042ACA51D5644779EB9D9EE40F, C82294A8EE961231B7DAFB7E7998E53D1857B7E4B2F8B98EAE1FB496A73E181F ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
14:30:51.0265 0x08a4 CmdIde - ok
14:30:51.0296 0x08a4 [ 6E4C9F21F0FAE8940661144F41B13203, 731202A0DD021FCF9287FEA631212603AAAC23F9E7F76B2882F913B18A971F1C ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
14:30:51.0546 0x08a4 Compbatt - ok
14:30:51.0546 0x08a4 COMSysApp - ok
14:30:51.0625 0x08a4 [ 3EE529119EED34CD212A215E8C40D4B6, A6B71F3D4EE7358CA85F010E6271A6B72226D25DF30ED331DA830639ED3E9903 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
14:30:51.0968 0x08a4 Cpqarray - ok
14:30:52.0093 0x08a4 [ F3AB0933CBD166D271992F411C27CCAF, 50E01F3B058F814BE914FA5050B2D972E8584A467719A5ABCF9D9EBD596A54A7 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
14:30:52.0375 0x08a4 CryptSvc - ok
14:30:52.0421 0x08a4 [ E550E7418984B65A78299D248F0A7F36, 52F6BD1027E91F9A90AFAB82C7F2A0314B7E55262F5293D5F9F8F12135EDD88C ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
14:30:52.0734 0x08a4 dac2w2k - ok
14:30:52.0750 0x08a4 [ 683789CAA3864EB46125AE86FF677D34, B725D026E069AD253192E21245260CBA44EF3C72781616A2CAD0BF0E2D86D510 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
14:30:53.0015 0x08a4 dac960nt - ok
14:30:53.0093 0x08a4 [ BE27674D1CBC3214AEC84B4336A38BBF, 3DF5F9A9E97595A61314B2731DF4F3D3C19D1B9D2291624A63B8E1861FFC2D76 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
14:30:53.0250 0x08a4 DcomLaunch - ok
14:30:53.0312 0x08a4 [ 8C9A53E285AC5E6704844D0459EC85BE, 9E86AF4C06CEC007C9B1590B6E056319603E4D79BED0C2471C6F1BC251B380CF ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
14:30:53.0593 0x08a4 Dhcp - ok
14:30:53.0640 0x08a4 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
14:30:53.0968 0x08a4 Disk - ok
14:30:53.0984 0x08a4 dmadmin - ok
14:30:54.0109 0x08a4 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C, 46074FBBC5E4A40A7B3A45636089DEDD2A619778C7DCD797571C2BB64D775F7E ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
14:30:54.0531 0x08a4 dmboot - ok
14:30:54.0593 0x08a4 [ FFF1720AF51171F32F1EAD5CF71F2810, 2E40D63DC7670C1E88A532DB8923A98ABC8481C351C4D915C2753E10BA77F36D ] dmio C:\WINDOWS\system32\drivers\dmio.sys
14:30:54.0859 0x08a4 dmio - ok
14:30:54.0906 0x08a4 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
14:30:55.0156 0x08a4 dmload - ok
14:30:55.0218 0x08a4 [ 2BFEFE9E865655A76982F050450B9591, 15C7D093D638770519AA43E7D8897310F32AB1F217027F5750D799494A985C35 ] dmserver C:\WINDOWS\System32\dmserver.dll
14:30:55.0515 0x08a4 dmserver - ok
14:30:55.0593 0x08a4 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
14:30:55.0875 0x08a4 DMusic - ok
14:30:55.0921 0x08a4 [ DFAA406BF19F4EE806A6F8D4342137F7, EE2C11B3E37565FC009E323607B2F5F148F9219012EDF848CEFC1B273DAA98A9 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
14:30:56.0125 0x08a4 Dnscache - ok
14:30:56.0156 0x08a4 [ 4A3E2BD20157A0946751229E92EB8621, D8C00CC2C18C517F7262EBC3C511C062E5ABA797056AEB22AC5DEB306BA8C526 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
14:30:56.0453 0x08a4 Dot3svc - ok
14:30:56.0484 0x08a4 [ 40F3B93B4E5B0126F2F5C0A7A5E22660, 8AFFF28903037F5E36BB5352F2B236A217558FCC0146B23C787606C3F21243DB ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
14:30:56.0734 0x08a4 dpti2o - ok
14:30:56.0750 0x08a4 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
14:30:57.0000 0x08a4 drmkaud - ok
14:30:57.0031 0x08a4 [ 651554E483712B708EDE864D0CA1AA73, A016C03D630A2FF7FC44B826DEA890F5AC09DD270588CEAD05F63A5A0AC79249 ] DrvAgent32 C:\WINDOWS\system32\Drivers\DrvAgent32.sys
14:30:57.0187 0x08a4 DrvAgent32 - detected UnsignedFile.Multi.Generic ( 1 )
14:30:59.0750 0x08a4 Detect skipped due to KSN trusted
14:30:59.0750 0x08a4 DrvAgent32 - ok
14:30:59.0843 0x08a4 [ BA3BB79C859292C3FF2A21B05E64696F, DA68454E4AE222333C27CC7A1B70DF510C8BEA572812D02A041822229ACD1B99 ] eamon C:\WINDOWS\system32\DRIVERS\eamon.sys
14:31:00.0015 0x08a4 eamon - ok
14:31:00.0062 0x08a4 [ 0887D9C2BE8D940778CAD1E3B85F2A41, 2E30DC06D46A5E174B7CAA2D70BDB697015495942572E90425E2EE7AC541BCF4 ] EapHost C:\WINDOWS\System32\eapsvc.dll
14:31:00.0359 0x08a4 EapHost - ok
14:31:00.0406 0x08a4 [ 3C747A0D8CE29720302972AC6ED09733, 9ECB4D824C254A8AE1D8EB8AE8F06498E243E013BA6989EFC326F5B2BA010F08 ] ehdrv C:\WINDOWS\system32\DRIVERS\ehdrv.sys
14:31:00.0484 0x08a4 ehdrv - ok
14:31:00.0609 0x08a4 [ 679AD4AFCAF9520CC5607D204AE27CCE, FDF11CD24B024BAA6BF2F75C0E179A45288E5A2F1078260E2C5D845C2FD94482 ] EhttpSrv C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
14:31:00.0781 0x08a4 EhttpSrv - ok
14:31:00.0906 0x08a4 [ 82A0EE1F5CCC82CC5453D24FF186E9B0, A538767076423D871FE950CAE7BEA6F9FF4218E5C7231078EA3BE8605FAA6FED ] ekrn C:\Program Files\ESET\ESET Smart Security\ekrn.exe
14:31:01.0296 0x08a4 ekrn - ok
14:31:01.0343 0x08a4 [ 44996A2ADDD2DB7454F2CA40B67D8941, 94BA62E95147B84CF6C564156824D8939F0F67EBBB5B87C70BAE3B1CA284DC8F ] ElbyCDIO C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
14:31:01.0421 0x08a4 ElbyCDIO - ok
14:31:01.0453 0x08a4 [ 5680E2C38BA53693D724B796E67E8261, F60D809290B163B081CD32E9CE438131D1EE504840E39771E0484E0FE0251349 ] epfw C:\WINDOWS\system32\DRIVERS\epfw.sys
14:31:01.0531 0x08a4 epfw - ok
14:31:01.0593 0x08a4 [ D9585E144C31D409E28B205253459C3A, 0FB8AAC3EBDA20AC2B9395B0A5A0169347C2287F1E6BD3480FBB3214D415552A ] Epfwndis C:\WINDOWS\system32\DRIVERS\Epfwndis.sys
14:31:01.0656 0x08a4 Epfwndis - ok
14:31:01.0671 0x08a4 [ 8C50EEDC21C5E962A52D3F788129A64B, 7968F9C90AEAEFF555092BF6AE22FB5D6A8ABEAE582932DA3C039FC85AEBA01F ] epfwtdi C:\WINDOWS\system32\DRIVERS\epfwtdi.sys
14:31:01.0734 0x08a4 epfwtdi - ok
14:31:01.0796 0x08a4 [ A2A4912798F2BE706ABADD3D30800D16, CCCCA389D22525D984DE9B59E4CEBE0EEEF315F725176EB5C4DC1A5B6157234A ] ERSvc C:\WINDOWS\System32\ersvc.dll
14:31:02.0093 0x08a4 ERSvc - ok
14:31:02.0156 0x08a4 [ 9EF697AF07BB8DD82C3B02CA953A95B7, F26033E660B8FF1BDB9E88CDA205CE128C03138AF6BEC05DB3CF2D95C16D86C6 ] Eventlog C:\WINDOWS\system32\services.exe
14:31:02.0234 0x08a4 Eventlog - ok
14:31:02.0296 0x08a4 [ A371F11EF07653591C8DE26AFB13CE7F, 1192EDC8B146F1C27E8CD7E126DDC044F8B368C2E891A90CD81620D48C9550B6 ] EventSystem C:\WINDOWS\system32\es.dll
14:31:02.0406 0x08a4 EventSystem - ok
14:31:02.0453 0x08a4 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
14:31:02.0703 0x08a4 Fastfat - ok
14:31:02.0765 0x08a4 [ EE9A2B9EA968A792A053C9D1A86BF870, 39798179F2EA42216CBE98F08ADA3675A87BD0C31A66534367B96CB129AF36BA ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
14:31:02.0968 0x08a4 FastUserSwitchingCompatibility - ok
14:31:03.0015 0x08a4 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
14:31:03.0281 0x08a4 Fdc - ok
14:31:03.0296 0x08a4 [ AC366695A0796560AA37215AD5762AAF, 6ADC7443EA42D77199D4879AF3C33A07914116C69A34B895D8CB8444EE50077F ] Fips C:\WINDOWS\system32\drivers\Fips.sys
14:31:03.0562 0x08a4 Fips - ok
14:31:03.0562 0x08a4 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
14:31:03.0812 0x08a4 Flpydisk - ok
14:31:03.0828 0x08a4 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
14:31:04.0078 0x08a4 FltMgr - ok
14:31:04.0171 0x08a4 [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
14:31:04.0203 0x08a4 FontCache3.0.0.0 - ok
14:31:04.0234 0x08a4 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:31:04.0484 0x08a4 Fs_Rec - ok
14:31:04.0500 0x08a4 [ 4E664D8541DB4A66B73A24257E322E1F, 17A2140AFE2B41E579FCCAFB82532853AD90A6EDBCB13DE80741DAE0AD5B4CC9 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:31:04.0781 0x08a4 Ftdisk - ok
14:31:04.0812 0x08a4 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:31:05.0078 0x08a4 Gpc - ok
14:31:05.0125 0x08a4 [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
14:31:05.0375 0x08a4 HDAudBus - ok
14:31:05.0484 0x08a4 [ FCFE31FB75F8A6295B6B0AF87A626282, 6BA385797DBC73EB29EFE3293B80C21B1B8A1E9B87A462476E73C526C9565E5F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
14:31:05.0781 0x08a4 helpsvc - ok
14:31:05.0828 0x08a4 [ 00E25EE90166B3E1BE6E74AEBF858306, 92C2F020EF14DE3B4F09E2C5DFF3D2F35D8C50F6D0188F9CEEFE3B6075602EFE ] HidServ C:\WINDOWS\System32\hidserv.dll
14:31:06.0156 0x08a4 HidServ - ok
14:31:06.0203 0x08a4 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:31:06.0437 0x08a4 HidUsb - ok
14:31:06.0500 0x08a4 [ 7A6B320928F86BC851530D63C82965D9, 1F628759D31098DFBC05244735B5A62ACD8E45DBC5C9D236260D68EB8F1E28F5 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
14:31:06.0734 0x08a4 hkmsvc - ok
14:31:06.0781 0x08a4 [ B028377DEA0546A5FCFBA928A8AEFAE0, FD7B34A6036AD443014B16394A5F051A298CEE4276D50525FB9F15A0D2684C8B ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
14:31:07.0031 0x08a4 hpn - ok
14:31:07.0156 0x08a4 [ 1665C7121A026DF10C903DB9BC5E9D43, D96189406774842923BC420C4AF33FA81C83B815E14CE7C444F9CCF545971B7E ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
14:31:07.0187 0x08a4 hpqwmiex - ok
14:31:07.0281 0x08a4 [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
14:31:07.0390 0x08a4 HTTP - ok
14:31:07.0437 0x08a4 [ 58FE2F2DA3BC5573F4A35B3760D3125F, B241ACCE426402EC64DC34C49CECB8CDC0851986D54BFCCED7040D6C43F5787A ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
14:31:07.0734 0x08a4 HTTPFilter - ok
14:31:07.0750 0x08a4 hwdatacard - ok
14:31:07.0812 0x08a4 [ 9368670BD426EBEA5E8B18A62416EC28, 0ED865F8FB79F0B6309521925280E8640DB5CA6F75377434830536899734B6EE ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
14:31:08.0093 0x08a4 i2omgmt - ok
14:31:08.0125 0x08a4 [ F10863BF1CCC290BABD1A09188AE49E0, BC038EAE6C8A76D56A5AD27035DC0369D6E766711E9FAA7467144370851F1615 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
14:31:08.0390 0x08a4 i2omp - ok
14:31:08.0437 0x08a4 [ C528E27945367191E7BAE364930B6932, 1B95C7B49B4CAE734DC6C9EC22555C5356EEC856B8491C761C777479264CF854 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
14:31:08.0734 0x08a4 i8042prt - ok
14:31:09.0250 0x08a4 [ 48846B31BE5A4FA662CCFDE7A1BA86B9, BC653F3ADAD70E766484986F196D4045D2CC6D92E5D827907E734254EE489A33 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
14:31:10.0578 0x08a4 ialm - ok
14:31:10.0656 0x08a4 [ 8EF427C54497C5F8A7A645990E4278C7, 3890391A489DAAFE155345C2E16BE17DF1E3E23DEE73EE849A7F96132AE65417 ] iaStor C:\WINDOWS\system32\drivers\iaStor.sys
14:31:10.0812 0x08a4 iaStor - ok
14:31:10.0953 0x08a4 [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
14:31:10.0984 0x08a4 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
14:31:13.0765 0x08a4 Detect skipped due to KSN trusted
14:31:13.0765 0x08a4 IDriverT - ok
14:31:13.0968 0x08a4 [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:31:14.0250 0x08a4 idsvc - ok
14:31:14.0296 0x08a4 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
14:31:14.0625 0x08a4 Imapi - ok
14:31:14.0687 0x08a4 [ F7B93AAFAD33B2320954C17E26C8D361, 8CFDB11A68B59E195F280BE08B25FA59F1F70833832919B8BECCE17616999934 ] ImapiService C:\WINDOWS\system32\imapi.exe
14:31:14.0937 0x08a4 ImapiService - ok
14:31:14.0968 0x08a4 [ 4A40E045FAEE58631FD8D91AFC620719, 7A2FD81BD483821B3DA01B1CD7215423EDD719CBE3862C0342FF7D21A17AF437 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
14:31:15.0234 0x08a4 ini910u - ok
14:31:15.0359 0x08a4 [ 57D928E548B38502ABBA7A77A6EB7312, AD26B8096D918269BD7D9D454BB93850BCE595CE9E2A396F45777E7312396B33 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
14:31:15.0625 0x08a4 IntelIde - ok
14:31:15.0671 0x08a4 [ 27B290D632AF2CF3CF40BFDDB7370985, 2C266777B4A96706658B8C9A7B30D15D6E495C815FAE23A0A1FC747E9B5AE363 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
14:31:15.0921 0x08a4 intelppm - ok
14:31:15.0953 0x08a4 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
14:31:16.0171 0x08a4 Ip6Fw - ok
14:31:16.0218 0x08a4 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:31:16.0437 0x08a4 IpFilterDriver - ok
14:31:16.0468 0x08a4 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:31:16.0703 0x08a4 IpInIp - ok
14:31:16.0750 0x08a4 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:31:16.0984 0x08a4 IpNat - ok
14:31:17.0015 0x08a4 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:31:17.0296 0x08a4 IPSec - ok
14:31:17.0312 0x08a4 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
14:31:17.0468 0x08a4 IRENUM - ok
14:31:17.0500 0x08a4 [ CC9F8A2D60AED1A51A3AC34C59B987AE, CBF69817BE3D9A4617390B1A3306074CB8581F21562CD1357D32BC3E542F3CEE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:31:17.0750 0x08a4 isapnp - ok
14:31:17.0796 0x08a4 [ 1B6162FE7F66B1A71A4B70F941C4AA9B, C2EA494BAB0513A6027414FB1E75834F980A77852D0DC8559E8942FC222A075A ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:31:18.0078 0x08a4 Kbdclass - ok
14:31:18.0093 0x08a4 [ 86C8F23616C6C6E5B2776901C17B945B, 211B63FC405A2DDB126D204D61E779D66C7211882CC0374521926C633E180B91 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
14:31:18.0359 0x08a4 kbdhid - ok
14:31:18.0406 0x08a4 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
14:31:18.0640 0x08a4 kmixer - ok
14:31:18.0671 0x08a4 [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
14:31:18.0843 0x08a4 KSecDD - ok
14:31:18.0859 0x08a4 [ 6C8658587E91EA25B0FD2E71781AD228, EFD9D5E73264175C7E598D8B2DB2CE44A70A0D8B18290338E4FBDE585AA607AF ] L1c C:\WINDOWS\system32\DRIVERS\l1c51x86.sys
14:31:18.0937 0x08a4 L1c - ok
14:31:19.0000 0x08a4 [ 3428E8F86F8ADD36B42FB23542C7B3E4, 9CF643D1A70AF08407ACD5FD6FE4B8777521DDF41B5E63C2E6E1E4CAAC69A403 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
14:31:19.0140 0x08a4 LanmanServer - ok
14:31:19.0203 0x08a4 [ 936C1D110232D23B621CB0196E4F80F0, 2DE3AF93E20F1DC7A6FF31B18054EA4D2350387E4DA91C4B16D451384F0C57E2 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
14:31:19.0359 0x08a4 lanmanworkstation - ok
14:31:19.0375 0x08a4 lbrtfdc - ok
14:31:19.0453 0x08a4 [ 0AB159F536E3E8F7F07113702A07CCA5, 3218C553183E6697C663B6D12790E09756B50505590858DD5AC62411D37CDD7C ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
14:31:19.0875 0x08a4 LmHosts - ok
14:31:19.0953 0x08a4 [ 221CD1C815B8A6B79389C3F5D1018DE8, 6D0D25D6669C4F9452F74EC72C6138A41D9408E01AF5FD01C08F27BE7BC9C905 ] Messenger C:\WINDOWS\System32\msgsvc.dll
14:31:20.0234 0x08a4 Messenger - ok
14:31:20.0281 0x08a4 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
14:31:20.0562 0x08a4 mnmdd - ok
14:31:20.0609 0x08a4 [ 9A57D046F88F4B69751B11FD40088A61, 62F65433024CE411F111A88723747B8A83B31076FBAF4CFF40FD02A53D7FF7DF ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
14:31:20.0890 0x08a4 mnmsrvc - ok
14:31:20.0906 0x08a4 [ 44032B0C6D9954D3FD26438330B99EE7, A49749A4C00D50F57170AA5DA9E2DEECC8C524A48B144C8B784894F2C202FBEE ] Modem C:\WINDOWS\system32\drivers\Modem.sys
14:31:21.0187 0x08a4 Modem - ok
14:31:21.0250 0x08a4 [ 4CB582831DBDE63CE43B45D771218374, 6D470B26197C5B388983D9213D48D2CDE934C9591572876DC7790FE4B59E0845 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:31:21.0531 0x08a4 Mouclass - ok
14:31:21.0578 0x08a4 [ BB269EBA740737AB749B214D568B6812, ABF41D9B521EBBE674E76981CAD31F8FD05976DE7070266C3956FDB67C83C4C2 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:31:21.0828 0x08a4 mouhid - ok
14:31:21.0859 0x08a4 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
14:31:22.0078 0x08a4 MountMgr - ok
14:31:22.0156 0x08a4 [ 345477F02C308B7480702767218C86A2, 98AFB5CF35BD82BA44B8F52CBC5FA3760506ADD7892C2AA1A77E8DF71FC8523F ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
14:31:22.0281 0x08a4 MozillaMaintenance - ok
14:31:22.0296 0x08a4 [ 3F4BB95E5A44F3BE34824E8E7CAF0737, 9A4F9E63AA55B779AF3563C66C8E40D9C42FF3BB5F533F70905ADC7A44EA7DAD ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
14:31:22.0578 0x08a4 mraid35x - ok
14:31:22.0593 0x08a4 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:31:22.0859 0x08a4 MRxDAV - ok
14:31:22.0937 0x08a4 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:31:23.0093 0x08a4 MRxSmb - ok
14:31:23.0140 0x08a4 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D, 78D63EE2C0B0852F0771071C099643242EBC9F4DA28847B93BCE9C3CC1091938 ] MSDTC C:\WINDOWS\system32\msdtc.exe
14:31:23.0406 0x08a4 MSDTC - ok
14:31:23.0421 0x08a4 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
14:31:23.0671 0x08a4 Msfs - ok
14:31:23.0671 0x08a4 MSIServer - ok
14:31:23.0718 0x08a4 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:31:23.0953 0x08a4 MSKSSRV - ok
14:31:24.0046 0x08a4 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:31:24.0281 0x08a4 MSPCLOCK - ok
14:31:24.0312 0x08a4 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
14:31:24.0546 0x08a4 MSPQM - ok
14:31:24.0609 0x08a4 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:31:24.0859 0x08a4 mssmbios - ok
14:31:24.0937 0x08a4 [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
14:31:25.0203 0x08a4 MSTEE - ok
14:31:25.0281 0x08a4 [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
14:31:25.0421 0x08a4 Mup - ok
14:31:25.0484 0x08a4 [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
14:31:25.0750 0x08a4 NABTSFEC - ok
14:31:25.0812 0x08a4 [ 6EA362E9DB03D44F6B996F4D8BE237E9, FE6B4C546D26C4A2832CF4CB280B86B1723E10E46A3C24AF6C9856FCCAE9D1FC ] napagent C:\WINDOWS\System32\qagentrt.dll
14:31:26.0156 0x08a4 napagent - ok
14:31:26.0203 0x08a4 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
14:31:26.0468 0x08a4 NDIS - ok
14:31:26.0578 0x08a4 [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
14:31:26.0843 0x08a4 NdisIP - ok
14:31:26.0953 0x08a4 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:31:27.0062 0x08a4 NdisTapi - ok
14:31:27.0125 0x08a4 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:31:27.0453 0x08a4 Ndisuio - ok
14:31:27.0484 0x08a4 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:31:27.0718 0x08a4 NdisWan - ok
14:31:27.0765 0x08a4 [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
14:31:27.0906 0x08a4 NDProxy - ok
14:31:27.0937 0x08a4 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
14:31:28.0171 0x08a4 NetBIOS - ok
14:31:28.0203 0x08a4 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
14:31:28.0484 0x08a4 NetBT - ok
14:31:28.0531 0x08a4 [ 933DE774986EC85E48210C44AB431DE6, B8C85085003792B8744D96585CE6F2BC474EEEEC364A100CCBCE08176D91E75C ] NetDDE C:\WINDOWS\system32\netdde.exe
14:31:28.0765 0x08a4 NetDDE - ok
14:31:28.0781 0x08a4 [ 933DE774986EC85E48210C44AB431DE6, B8C85085003792B8744D96585CE6F2BC474EEEEC364A100CCBCE08176D91E75C ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
14:31:29.0015 0x08a4 NetDDEdsdm - ok
14:31:29.0078 0x08a4 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] Netlogon C:\WINDOWS\system32\lsass.exe
14:31:29.0343 0x08a4 Netlogon - ok
14:31:29.0390 0x08a4 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40, 588C8BA14A7255FD36A88960CBE34341301773765ECF2A9A0F1760A509A08A5B ] Netman C:\WINDOWS\System32\netman.dll
14:31:29.0640 0x08a4 Netman - ok
14:31:29.0687 0x08a4 [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:31:29.0750 0x08a4 NetTcpPortSharing - ok
14:31:29.0796 0x08a4 [ E9E47CFB2D461FA0FC75B7A74C6383EA, 544136F5BFD4DC23D45E90F12FA48B82FD9EAEA9EAF3E0F5F0BD27E23D672C3E ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
14:31:30.0031 0x08a4 NIC1394 - ok
14:31:30.0093 0x08a4 [ 39EE7C3BFBC64BA87CC8CF67386E814C, B93CCB625CE370D9A49C9374D24C939D7C9FEF81401F4F822C51E12677D77E01 ] Nla C:\WINDOWS\System32\mswsock.dll
14:31:30.0140 0x08a4 Nla - ok
14:31:30.0171 0x08a4 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
14:31:30.0406 0x08a4 Npfs - ok
14:31:30.0468 0x08a4 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
14:31:30.0765 0x08a4 Ntfs - ok
14:31:30.0781 0x08a4 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
14:31:31.0000 0x08a4 NtLmSsp - ok
14:31:31.0093 0x08a4 [ 023DD70573D644F3D9C8B1258A7BFD08, 9A1D3210ED5FD8BEDF92ED577A9B30E37035408A73EB66A8C950B75AB7539B83 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
14:31:31.0390 0x08a4 NtmsSvc - ok
14:31:31.0421 0x08a4 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
14:31:31.0671 0x08a4 Null - ok
14:31:31.0703 0x08a4 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:31:31.0953 0x08a4 NwlnkFlt - ok
14:31:31.0984 0x08a4 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:31:32.0218 0x08a4 NwlnkFwd - ok
14:31:32.0234 0x08a4 [ CA33832DF41AFB202EE7AEB05145922F, 9DD0089C2E13C7F81214C3B5A4A61276292052F9BBFEA7FCD0F6AA27815D5F95 ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
14:31:32.0453 0x08a4 ohci1394 - ok
14:31:32.0593 0x08a4 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:31:32.0640 0x08a4 ose - ok
14:31:32.0671 0x08a4 [ 46F8DB73B4A53E543F8E371DC7C75BAE, F6C5E7DE4B4AE0ED785DB075BE14EA6A0FC9050C95669B26DEF2B82D7B7D3B2C ] Parport C:\WINDOWS\system32\drivers\Parport.sys
14:31:32.0937 0x08a4 Parport - ok
14:31:32.0953 0x08a4 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
14:31:33.0171 0x08a4 PartMgr - ok
14:31:33.0203 0x08a4 [ 1FAE19D0457176318BBA4A8795656EBC, 5F3D6CABA203A0485D67F63A6A81151724EE200BE49ED095CFCB1EF29C19D19F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
14:31:33.0453 0x08a4 ParVdm - ok
14:31:33.0484 0x08a4 [ 6CE351D149CB4BEFC702951E471E1730, 758327683BB45F01D5AE550AF21856822B4CF55E17F2A4F452F559088D242B37 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
14:31:33.0750 0x08a4 PCI - ok
14:31:33.0765 0x08a4 PCIDump - ok
14:31:33.0765 0x08a4 [ 2DA4EC85E0EA7A45C6B2A05820492D5A, A8C6BD93D3BC33A5B36EB523997EF9E0783B6E6EAFB6E7F58BCC2629009BDCF9 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
14:31:34.0015 0x08a4 PCIIde - ok
14:31:34.0046 0x08a4 [ 4FC31E6C19A5CE5198B1ABFF94CAE758, A031E21EC1F15DA5E8429269F435337FA961C3C06D535DAFD448C7355F33FD0C ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
14:31:34.0343 0x08a4 Pcmcia - ok
14:31:34.0343 0x08a4 PDCOMP - ok
14:31:34.0359 0x08a4 PDFRAME - ok
14:31:34.0375 0x08a4 PDRELI - ok
14:31:34.0375 0x08a4 PDRFRAME - ok
14:31:34.0421 0x08a4 [ 6C14B9C19BA84F73D3A86DBA11133101, 2CFB7E027E43C1B3890985DFD7987B23E4E3CC003E3FD2583E4A8AC1F8A13B26 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
14:31:34.0671 0x08a4 perc2 - ok
14:31:34.0687 0x08a4 [ F50F7C27F131AFE7BEBA13E14A3B9416, C0498EA65B908C07A734324ED70DB27F434FAAA815DD02F1BC429A3AB6C663D5 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
14:31:34.0921 0x08a4 perc2hib - ok
14:31:34.0984 0x08a4 [ 9EF697AF07BB8DD82C3B02CA953A95B7, F26033E660B8FF1BDB9E88CDA205CE128C03138AF6BEC05DB3CF2D95C16D86C6 ] PlugPlay C:\WINDOWS\system32\services.exe
14:31:35.0046 0x08a4 PlugPlay - ok
14:31:35.0062 0x08a4 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
14:31:35.0281 0x08a4 PolicyAgent - ok
14:31:35.0296 0x08a4 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:31:35.0531 0x08a4 PptpMiniport - ok
14:31:35.0546 0x08a4 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
14:31:35.0765 0x08a4 ProtectedStorage - ok
14:31:35.0781 0x08a4 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
14:31:36.0046 0x08a4 PSched - ok
14:31:36.0046 0x08a4 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:31:36.0296 0x08a4 Ptilink - ok
14:31:36.0343 0x08a4 [ 153D02480A0A2F45785522E814C634B6, 02B7590F2F4A8FA0B031CDA7A28BD55E7C04A080C1EA810BF3AC3212A62153A6 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
14:31:36.0406 0x08a4 PxHelp20 - ok
14:31:36.0437 0x08a4 [ 0A63FB54039EB5662433CABA3B26DBA7, A1FB923EB2D08D89D24E8AD7042BBED7CB1DBDA9A5B77BDD188E9913BADAB0EF ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
14:31:36.0718 0x08a4 ql1080 - ok
14:31:36.0750 0x08a4 [ 6503449E1D43A0FF0201AD5CB1B8C706, F1EFC2DE5998615CB182D7984366631FE956AE1ECA9AC777F26FCA2E6F2E05A6 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
14:31:37.0046 0x08a4 Ql10wnt - ok
14:31:37.0062 0x08a4 [ 156ED0EF20C15114CA097A34A30D8A01, 7490B90D4C88B7A9BADB9473D4033535F054C797ABF6D542CB859DA5C9B2586A ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
14:31:37.0343 0x08a4 ql12160 - ok
14:31:37.0375 0x08a4 [ 70F016BEBDE6D29E864C1230A07CC5E6, 895BC2C888F6566086FC1399F499A401D447E57333BC9F9C6DBAFE0F117603D6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
14:31:37.0625 0x08a4 ql1240 - ok
14:31:37.0656 0x08a4 [ 907F0AEEA6BC451011611E732BD31FCF, F9E7023BD1042963110D0A613054D094437868B20779F23C316A38E4781A6152 ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
14:31:37.0921 0x08a4 ql1280 - ok
14:31:37.0953 0x08a4 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:31:38.0203 0x08a4 RasAcd - ok
14:31:38.0250 0x08a4 [ 2B5E44EA009F2F374B980E1E9A70635D, 62D8FDB80C8ACBA2C42C12760B785587C43BEDFE015EC5C41B25F2BB735EFEB0 ] RasAuto C:\WINDOWS\System32\rasauto.dll
14:31:38.0484 0x08a4 RasAuto - ok
14:31:38.0531 0x08a4 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:31:38.0750 0x08a4 Rasl2tp - ok
14:31:38.0796 0x08a4 [ D57554C664B64604BD1EE13EA2C07E77, B090C05B91EA602BFF9A5E89AB1A0FFDE869611961FF749DA8B3F4D00F04E756 ] RasMan C:\WINDOWS\System32\rasmans.dll
14:31:39.0046 0x08a4 RasMan - ok
14:31:39.0062 0x08a4 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:31:39.0312 0x08a4 RasPppoe - ok
14:31:39.0312 0x08a4 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
14:31:39.0562 0x08a4 Raspti - ok
14:31:39.0609 0x08a4 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:31:39.0843 0x08a4 Rdbss - ok
14:31:39.0859 0x08a4 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:31:40.0125 0x08a4 RDPCDD - ok
14:31:40.0171 0x08a4 [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
14:31:40.0437 0x08a4 rdpdr - ok
14:31:40.0500 0x08a4 [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
14:31:40.0656 0x08a4 RDPWD - ok
14:31:40.0703 0x08a4 [ C0D9D9711CB74EE9BC66353D8CBDAB0E, F1AF9A26910707E76BF213D8DE5C902B0088D8A29EBDFF72DE6A4D867E298CC8 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
14:31:40.0968 0x08a4 RDSessMgr - ok
14:31:41.0000 0x08a4 [ 611BFD220305BE3A85AE876EA47D4AA5, FDF87878EB3886649025E5A12F1C3FC9072D66CCD3217944710085C1F8A4512E ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
14:31:41.0343 0x08a4 redbook - ok
14:31:41.0421 0x08a4 [ 127C26B5371651043450E52542099ABA, 98AADAD8D5211CB894AA7C59B6299861B1F44B6D8F46AB5837E7D2F5B615B14A ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
14:31:41.0687 0x08a4 RemoteAccess - ok
14:31:41.0734 0x08a4 [ 718B3BDC0BC3C2F7D065A53D26202AF9, 9E58243628F1E1396AB82A80D046FF50803A230EE07B007E0CA5D744C77B091A ] RpcLocator C:\WINDOWS\system32\locator.exe
14:31:42.0031 0x08a4 RpcLocator - ok
14:31:42.0093 0x08a4 [ BE27674D1CBC3214AEC84B4336A38BBF, 3DF5F9A9E97595A61314B2731DF4F3D3C19D1B9D2291624A63B8E1861FFC2D76 ] RpcSs C:\WINDOWS\System32\rpcss.dll
14:31:42.0187 0x08a4 RpcSs - ok
14:31:42.0250 0x08a4 [ 030442F08AEC1A5D7CF035CC514374B9, CDD9A0692D1568EDB046074766CB6D3551C98D6687E098A4B1FC4D3A2E34DBFF ] RSUSBSTOR C:\WINDOWS\system32\Drivers\RTS5121.sys
14:31:42.0390 0x08a4 RSUSBSTOR - ok
14:31:42.0437 0x08a4 [ 09AB2E71E58B078038E3BFDBA7FFC984, 8CA277DEEF6376B0F48C6BA5DBBC3E8AF2245983BA9AF6AB83D1A920D35FAF93 ] RSVP C:\WINDOWS\system32\rsvp.exe
14:31:42.0765 0x08a4 RSVP - ok
14:31:42.0781 0x08a4 Rts516xIR - ok
14:31:42.0828 0x08a4 [ 0B2D5D2341437D7D7E1A6C7BBCE3786A, E28F6FF902963CD725CE8DEDA6A96AEDDC108533BAEC3110380227992BF3C2CF ] SahdIa32 C:\WINDOWS\system32\Drivers\SahdIa32.sys
14:31:42.0890 0x08a4 SahdIa32 - ok
14:31:42.0937 0x08a4 [ 7A5F65B16249AF2BC9D18D815F5D7172, 65B99EC99F92D0A8E7231BE66CAC2C075BF8D0B814E6DFA85A0C87BFBCE270CC ] SaibIa32 C:\WINDOWS\system32\Drivers\SaibIa32.sys
14:31:42.0984 0x08a4 SaibIa32 - ok
14:31:43.0031 0x08a4 [ E333C9515822DE586A3FF759A0C9B7BF, 8633B6A469F1F4CC348B80C2E0B686C119BBC970EE9360A86A42AC16EFC58073 ] SaibVd32 C:\WINDOWS\system32\Drivers\SaibVd32.sys
14:31:43.0093 0x08a4 SaibVd32 - ok
14:31:43.0125 0x08a4 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] SamSs C:\WINDOWS\system32\lsass.exe
14:31:43.0343 0x08a4 SamSs - ok
14:31:43.0375 0x08a4 [ 410046E401EB11E1E6749E9DEEA41D4A, 9507268ACD24EF51E994DC418E8EB3E10DEDE61EE892226A22A5DA7662397E25 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
14:31:43.0671 0x08a4 SCardSvr - ok
14:31:43.0734 0x08a4 [ 9A8925F0E6919272A768D7C42232AA3A, B0DF850169B672A0BA9C233B2D003D6A059431BE905331D38A519F1DE4CBC4DD ] SCDEmu C:\WINDOWS\system32\drivers\SCDEmu.sys
14:31:43.0812 0x08a4 SCDEmu - ok
14:31:43.0843 0x08a4 [ 3FF232A7731621B8902D81D42418C93C, 2030C9A843D9555170179883BD4CC1E978D5FC5EC0D7FCA56518224E428BE421 ] Schedule C:\WINDOWS\system32\schedsvc.dll
14:31:44.0109 0x08a4 Schedule - ok
14:31:44.0156 0x08a4 [ 8D04819A3CE51B9EB47E5689B44D43C4, B0588AF967A7611F05BC8A8AD0C945DBB7BF995D7DA5C28FD0D007E33BF1F502 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys
14:31:44.0390 0x08a4 sdbus - ok
14:31:44.0421 0x08a4 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:31:44.0578 0x08a4 Secdrv - ok
14:31:44.0609 0x08a4 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6, 82EEB2345AC19050FAB202DE76C2CDD93E753F5AB67789A86A1726D3040C02E5 ] seclogon C:\WINDOWS\System32\seclogon.dll
14:31:44.0875 0x08a4 seclogon - ok
14:31:44.0906 0x08a4 [ A530B75C10C23C9AB28FDB6CE719E21F, 14568DF6457758E2F534A46A8E6245C364895C3993BEF2B5A889B98DBB201A27 ] SENS C:\WINDOWS\system32\sens.dll
14:31:45.0375 0x08a4 SENS - ok
14:31:45.0406 0x08a4 [ B842729337C9B921615C40D3C1A1AF96, 503670A56423B996C6ED6AE95F07FB88910767C4A2041A4BE9070C57A016E7FA ] Serial C:\WINDOWS\system32\drivers\Serial.sys
14:31:45.0671 0x08a4 Serial - ok
14:31:45.0718 0x08a4 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
14:31:46.0062 0x08a4 Sfloppy - ok
14:31:46.0125 0x08a4 [ F58FACA9621D2DB01BD0927D9A0A208E, 239C87E09261BC9D1DBE99DABCFC4787D42289E8769563A5EFB323BE6F177C9A ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
14:31:46.0390 0x08a4 SharedAccess - ok
14:31:46.0437 0x08a4 [ EE9A2B9EA968A792A053C9D1A86BF870, 39798179F2EA42216CBE98F08ADA3675A87BD0C31A66534367B96CB129AF36BA ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
14:31:46.0515 0x08a4 ShellHWDetection - ok
14:31:46.0531 0x08a4 Simbad - ok
14:31:46.0562 0x08a4 [ 6B33D0EBD30DB32E27D1D78FE946A754, CDA3D082D370B079C06D943DA124D76BAF0C5DB264FB0C893148EF6322D2FABE ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
14:31:46.0843 0x08a4 sisagp - ok
14:31:47.0234 0x08a4 [ 23E3C83DFF7B09A97B01A85ED8A44478, 1F19D2EE35198D7C64DAEE6914ABD3BD7BAEEF1BAF1668BC13ECA1D379330782 ] Skype C2C Service C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
14:31:48.0078 0x08a4 Skype C2C Service - ok
14:31:48.0203 0x08a4 [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
14:31:48.0265 0x08a4 SkypeUpdate - ok
14:31:48.0296 0x08a4 [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
14:31:48.0562 0x08a4 SLIP - ok
14:31:48.0656 0x08a4 [ 83C0F71F86D3BDAF915685F3D568B20E, 10B24723914A5A9E27A592FD58DAE2207B6E49F13A17CD2B1477C51D2D609D2E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
14:31:48.0843 0x08a4 Sparrow - ok
14:31:48.0890 0x08a4 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
14:31:49.0187 0x08a4 splitter - ok
14:31:49.0234 0x08a4 [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
14:31:49.0359 0x08a4 Spooler - ok
14:31:49.0406 0x08a4 [ 94610C8653635E4459316A0050D55CE7, D148D33B3D2B0757060531C526F2161504A8D7C4E5957D092C7EBDB007271339 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
14:31:49.0593 0x08a4 sr - ok
14:31:49.0656 0x08a4 [ 35B91147124F64AC8081A2EDB9EA4DEE, 1609D19156DAC6EE3C2D2350B062966B64D9CDC289E9B8FEB6D244AAEBE90BBF ] srservice C:\WINDOWS\system32\srsvc.dll
14:31:49.0812 0x08a4 srservice - ok
14:31:49.0859 0x08a4 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
14:31:50.0000 0x08a4 Srv - ok
14:31:50.0031 0x08a4 [ BECD5271DC4E3B7C3D035F790FCBC1E5, D63B9DB81332553C963EC5057D241CE2287AF652387333C1FD79AF8C9B5F2BA7 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
14:31:50.0187 0x08a4 SSDPSRV - ok
14:31:50.0296 0x08a4 [ 7C43EE429B6F503EB6ADAFFF3C20A305, 885A5F480349784002547DF2375E29506A57BDFA632866624405813262223EE4 ] STacSV c:\program files\idt\wdm\STacSV.exe
14:31:50.0546 0x08a4 STacSV - ok
14:31:50.0687 0x08a4 [ DC3489F1EF71AD75B34740D0E6979187, BD6BE706073622B7EB98A869CEB915F75448C66021F5CD54441AB4A73DBCD38D ] STHDA C:\WINDOWS\system32\drivers\sthda.sys
14:31:51.0171 0x08a4 STHDA - ok
14:31:51.0250 0x08a4 [ C1CDD9275F6A115BB0AE1D55D8D27BA6, CD0511FD7F6AD832CBEB931C605AB3AD217631C57399CB8033248D27619541E4 ] stisvc C:\WINDOWS\system32\wiaservc.dll
14:31:51.0546 0x08a4 stisvc - ok
14:31:51.0578 0x08a4 [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
14:31:51.0828 0x08a4 streamip - ok
14:31:51.0859 0x08a4 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
14:31:52.0140 0x08a4 swenum - ok
14:31:52.0171 0x08a4 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
14:31:52.0531 0x08a4 swmidi - ok
14:31:52.0546 0x08a4 SwPrv - ok
14:31:52.0640 0x08a4 [ 1FF3217614018630D0A6758630FC698C, 78A3075BBFF5D7ADEAC1527E65ACA8527BFC509DF124D44410BB46C4D96C96BB ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
14:31:52.0968 0x08a4 symc810 - ok
14:31:53.0031 0x08a4 [ 070E001D95CF725186EF8B20335F933C, B98B29FB01741AF3B4BB02C76A4D117EA04FE4CC4F8CDB491F9216931704A6D8 ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
14:31:53.0375 0x08a4 symc8xx - ok
14:31:53.0437 0x08a4 [ 80AC1C4ABBE2DF3B738BF15517A51F2C, CCF82D09C63F4FA98BCBEF3A1DC8C02D4269B78256D0B6213E815D9BBE174432 ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
14:31:53.0781 0x08a4 sym_hi - ok
14:31:53.0812 0x08a4 [ BF4FAB949A382A8E105F46EBB4937058, FE7C114A19D50E37463CDD3605C26105A779EEA79CB92BF98267C7BE809D853B ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
14:31:54.0156 0x08a4 sym_u3 - ok
14:31:54.0218 0x08a4 [ 8DA49473F997D4C5D821F1E358F94F2D, A1C2C3B0DAAD6560758FC77CEDF0D641DFD155F3975BC2C5FFA37776EFA9528B ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
14:31:54.0375 0x08a4 SynTP - ok
14:31:54.0406 0x08a4 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
14:31:54.0750 0x08a4 sysaudio - ok
14:31:54.0828 0x08a4 [ 806284D876063CE0395C178124E708D3, 7F5CEFCC83066B67B3E532D5EAD75CE88F97FE04E8BE7E8B6C8D9AC4FFC494F1 ] SysCow C:\WINDOWS\system32\drivers\syscow32x.sys
14:31:54.0953 0x08a4 SysCow - ok
14:31:55.0031 0x08a4 [ CE06F01B88ACE199A1BF460CAC29C110, 3CD89E5B8E53203287D889C107E4795225742DB6C6ACA2DC0611BD9728382A27 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
14:31:55.0437 0x08a4 SysmonLog - ok
14:31:55.0546 0x08a4 [ C2546CD7A398476F9DF5614B2AE160E8, 11C8435BA983553E9C0806494E9B3C7080515C0375B0604F029D89B50726161A ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
14:31:55.0953 0x08a4 TapiSrv - ok
14:31:56.0078 0x08a4 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:31:56.0234 0x08a4 Tcpip - ok
14:31:56.0328 0x08a4 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
14:31:56.0703 0x08a4 TDPIPE - ok
14:31:56.0734 0x08a4 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
14:31:57.0093 0x08a4 TDTCP - ok
14:31:57.0125 0x08a4 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
14:31:57.0640 0x08a4 TermDD - ok
14:31:57.0718 0x08a4 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E, 3D2B1D899061448EAD993CDE97D1EF50DD64728E9F44D80FEAE591198A937653 ] TermService C:\WINDOWS\System32\termsrv.dll
14:31:58.0203 0x08a4 TermService - ok
14:31:58.0265 0x08a4 [ EE9A2B9EA968A792A053C9D1A86BF870, 39798179F2EA42216CBE98F08ADA3675A87BD0C31A66534367B96CB129AF36BA ] Themes C:\WINDOWS\System32\shsvcs.dll
14:31:58.0328 0x08a4 Themes - ok
14:31:58.0375 0x08a4 [ FD4FD7D6FDA5C019ED86025D7BE1510F, A2C3B5D452AE48B1D9C48B74CE4A44A9F058737C0A55327FA44BEC9DE2F7D28D ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
14:31:58.0750 0x08a4 TosIde - ok
14:31:58.0812 0x08a4 [ 38853304CCB938D30E0C4CDE8D2C2A8A, 966E7BCC9F63A1A7777F8A12E51C2A91EC688CE96109943ADC4CB4EB58DC34A6 ] TrkWks C:\WINDOWS\system32\trkwks.dll
14:31:59.0234 0x08a4 TrkWks - ok
14:31:59.0296 0x08a4 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
14:31:59.0640 0x08a4 Udfs - ok
14:31:59.0687 0x08a4 [ 1B698A51CD528D8DA4FFAED66DFC51B9, FC3F12D25EE0E99AFE056502FCCFC052854699C21B99D559FAF1244F206DFB4F ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
14:31:59.0875 0x08a4 ultra - ok
14:31:59.0937 0x08a4 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
14:32:00.0234 0x08a4 Update - ok
14:32:00.0296 0x08a4 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E, AF7662BCA0819F82CE5EE0863E47149CC127DE664CB3DC6359B63FBD71DB54F8 ] upnphost C:\WINDOWS\System32\upnphost.dll
14:32:00.0468 0x08a4 upnphost - ok
14:32:00.0500 0x08a4 [ 20A0F6A11959E92908717D09E87D670D, 3DD6C99AB0F70FAA43DF470B30078B8A51B8AF735CD5C50DBB195FEA70F4C36E ] UPS C:\WINDOWS\System32\ups.exe
14:32:00.0750 0x08a4 UPS - ok
14:32:00.0796 0x08a4 [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
14:32:00.0953 0x08a4 usbccgp - ok
14:32:00.0968 0x08a4 USBCCID - ok
14:32:01.0000 0x08a4 [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:32:01.0093 0x08a4 usbehci - ok
14:32:01.0156 0x08a4 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:32:01.0375 0x08a4 usbhub - ok
14:32:01.0437 0x08a4 [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
14:32:01.0546 0x08a4 usbscan - ok
14:32:01.0625 0x08a4 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:32:01.0843 0x08a4 USBSTOR - ok
14:32:01.0906 0x08a4 [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
14:32:02.0125 0x08a4 usbuhci - ok
14:32:02.0171 0x08a4 [ 813236B1183CFCF289E367BD5DE6E29E, 167FE18A96F330AEEC1A4C419770C15EFEB536D43838285E51E7A62E95DF4674 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
14:32:02.0296 0x08a4 usbvideo - ok
14:32:02.0390 0x08a4 [ C5B70A6AA947667CE0E5FC84A05EC8B6, 9BBFC601212A1091F71C66EB56CD93717AC8AF067AFDDC10F046142D8ABEB15A ] usnjsvc C:\Program Files\MSN Messenger\usnsvc.exe
14:32:02.0437 0x08a4 usnjsvc - ok
14:32:02.0484 0x08a4 [ 94D73B62E458FB56C9CE60AA96D914F9, EF0FAC91A1207DA28600000141C26686A7BD6B70EE05F5B78459D3D615454151 ] VClone C:\WINDOWS\system32\DRIVERS\VClone.sys
14:32:02.0562 0x08a4 VClone - detected UnsignedFile.Multi.Generic ( 1 )
14:32:12.0875 0x08a4 VClone ( UnsignedFile.Multi.Generic ) - warning
14:32:17.0312 0x08a4 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
14:32:17.0640 0x08a4 VgaSave - ok
14:32:17.0687 0x08a4 [ 754292CE5848B3738281B4F3607EAEF4, B0DCC9E9F8F78671FF878B493264C3B1DD2ED4A7167E3F5495F66ABF5FACB86C ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
14:32:17.0953 0x08a4 viaagp - ok
14:32:18.0000 0x08a4 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E, FC7FFD53FCC0F81587EFF26A43C141D25C43DBC68311520CE2BCDD739CA58CA9 ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
14:32:18.0234 0x08a4 ViaIde - ok
14:32:18.0250 0x08a4 [ 28A4B296B47782173C346E376CB374D1, FE799FE4A41752A2B47027EA88214BF3E39B317302939F4A2D0F2A4EFAAC2F13 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
14:32:18.0531 0x08a4 VolSnap - ok
14:32:18.0593 0x08a4 [ D6BA1A63D9E00933F1CD2A885573AFB2, 36311A060635CEC1DBB6D8A746B8A4D007706EAE97D51A5E12F9958AB16BE486 ] VSS C:\WINDOWS\System32\vssvc.exe
14:32:18.0765 0x08a4 VSS - ok
14:32:18.0812 0x08a4 [ FA4E1CDBA256787F2149F4AAD07BC91F, 1B5FC5248335D70094D04501AA2C30F54782B58FF8D573BE8E784A21529C7CAF ] W32Time C:\WINDOWS\system32\w32time.dll
14:32:19.0062 0x08a4 W32Time - ok
14:32:19.0093 0x08a4 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:32:19.0312 0x08a4 Wanarp - ok
14:32:19.0421 0x08a4 [ BBCFEAB7E871CDDAC2D397EE7FA91FDC, 06FC132E0E256B9A4E4DDD05D3AF4D75E40C750ECCF94A76251B104C65CFFCDF ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
14:32:19.0937 0x08a4 Wdf01000 - ok
14:32:19.0953 0x08a4 WDICA - ok
14:32:19.0984 0x08a4 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
14:32:20.0328 0x08a4 wdmaud - ok
14:32:20.0390 0x08a4 [ 47AE51048A82DFA1CD6B51D369F7E169, 742F2162B8BDE00D83715093EA9743338964597ED22648B9F4F139D7278235A4 ] WebClient C:\WINDOWS\System32\webclnt.dll
14:32:20.0656 0x08a4 WebClient - ok
14:32:20.0781 0x08a4 [ E488332126E3B1182D2B8A0C35408EC6, F9F60911DF0A539753B2BEF6FAD2D0AED1BC1C3F43509F79D9AF2F810CDE5D9B ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
14:32:21.0015 0x08a4 winmgmt - ok
14:32:21.0093 0x08a4 [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
14:32:21.0265 0x08a4 WmdmPmSN - ok
14:32:21.0312 0x08a4 [ C42584FD66CE9E17403AEBCA199F7BDB, E3F2E1066F36AE5D33D4482239B2E556BE0C137923C9A120DFB36EC82F2E77B0 ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
14:32:21.0578 0x08a4 WmiAcpi - ok
14:32:21.0687 0x08a4 [ 23F6F03272F7E5679F1F050AED5ACEE6, 87EBE773F3E8FFE2F1E1DB435BB0E8852031AA88112EB791085AD3DA918B49CC ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
14:32:21.0953 0x08a4 WmiApSrv - ok
14:32:22.0109 0x08a4 [ 3739866D20ABD42F26A7B85F9E2560AF, 9DD01194A553590146A1A1D790B2F891D244C8C0EE34DA423CF2B1F7418BD3AC ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
14:32:22.0421 0x08a4 WMPNetworkSvc - ok
14:32:22.0453 0x08a4 [ CF4DEF1BF66F06964DC0D91844239104, CC1D9CECE2056D29A9651D51BB57C3F4F9BF9E90A4808CF7496C683C874FBD51 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
14:32:22.0531 0x08a4 WpdUsb - ok
14:32:22.0562 0x08a4 [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
14:32:22.0812 0x08a4 WS2IFSL - ok
14:32:22.0875 0x08a4 [ 4C86D5FAF78194995AF9CC1075F65DD3, D3B23BB0971E0DBC0A51720067489C224323B603178E91149BF56F779DE352F0 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
14:32:23.0109 0x08a4 wscsvc - ok
14:32:23.0156 0x08a4 [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
14:32:23.0421 0x08a4 WSTCODEC - ok
14:32:23.0453 0x08a4 [ C1364564800EE9784192145324A23308, 5345BAE00364233594C9CF99CE2CC485E65B5D4FFBB81C86B2950EDA2427584C ] wuauserv C:\WINDOWS\system32\wuauserv.dll
14:32:23.0718 0x08a4 wuauserv - ok
14:32:23.0765 0x08a4 [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
14:32:23.0859 0x08a4 WudfPf - ok
14:32:23.0890 0x08a4 [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WUDFRd C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
14:32:23.0968 0x08a4 WUDFRd - ok
14:32:24.0000 0x08a4 [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
14:32:24.0109 0x08a4 WudfSvc - ok
14:32:24.0187 0x08a4 [ A27D4BA7264C0BF52F32D10405BEA1D4, 5F28607CCAB15FB601BEB35FF0B1A5CD27C678C6D1CA724E842C33EED4579B8C ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
14:32:24.0468 0x08a4 WZCSVC - ok
14:32:24.0531 0x08a4 [ EAA4BB9EDB3FB10CF8979FE65E63658F, B80EB477100FD3E26513360E09DB6EBF0C8D8B0618F1F4BF1F387ABA6DEC9B64 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
14:32:24.0843 0x08a4 xmlprov - ok
14:32:24.0859 0x08a4 ================ Scan global ===============================
14:32:24.0906 0x08a4 [ F36278E42C8C5DF03CE17DAC8231C91C, D012A3C8F394DF4F0BF5D5A4C10E73BBF427762B7D3DB6CF5FAB96536E082B7A ] C:\WINDOWS\system32\basesrv.dll
14:32:25.0000 0x08a4 [ 4C0AA4ABC4E21672B55D8A700AF2B2A6, FAC6B8E2698D0EB12A0ACE62EA398AD05AB6AC5C39740A1E8BDAAF0BFDD5B4A3 ] C:\WINDOWS\system32\winsrv.dll
14:32:25.0109 0x08a4 [ 4C0AA4ABC4E21672B55D8A700AF2B2A6, FAC6B8E2698D0EB12A0ACE62EA398AD05AB6AC5C39740A1E8BDAAF0BFDD5B4A3 ] C:\WINDOWS\system32\winsrv.dll
14:32:25.0156 0x08a4 [ 9EF697AF07BB8DD82C3B02CA953A95B7, F26033E660B8FF1BDB9E88CDA205CE128C03138AF6BEC05DB3CF2D95C16D86C6 ] C:\WINDOWS\system32\services.exe
14:32:25.0171 0x08a4 [ Global ] - ok
14:32:25.0171 0x08a4 ================ Scan MBR ==================================
14:32:25.0187 0x08a4 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
14:32:26.0218 0x08a4 \Device\Harddisk0\DR0 - ok
14:32:26.0218 0x08a4 ================ Scan VBR ==================================
14:32:26.0218 0x08a4 [ F0CE1F867937E6DBD2AC4FBF56476AC9 ] \Device\Harddisk0\DR0\Partition1
14:32:26.0265 0x08a4 \Device\Harddisk0\DR0\Partition1 - ok
14:32:26.0265 0x08a4 ================ Scan generic autorun ======================
14:32:26.0328 0x08a4 [ F38092DE1D6A8CBB11B6B6D0F07E268E, 12D5AA6A51F0807A6DCAED51EB9E35EF8D34CD9C31B628B6EA38421415377BEE ] C:\WINDOWS\system32\igfxtray.exe
14:32:26.0390 0x08a4 IgfxTray - ok
14:32:26.0406 0x08a4 [ E44733C30F7FE6A1CE7A6B1D2B335CFC, 1638A7C3426504B090E45E0984F52EA9F8C713EC20509F328FC758C4A271C503 ] C:\WINDOWS\system32\hkcmd.exe
14:32:26.0484 0x08a4 HotKeysCmds - ok
14:32:26.0531 0x08a4 [ 2022C54B3A79A51C9538CE47D1F50BC3, AF3E60CAD38C2FEB6CD1BCFC3546C0D03ABA45E6ADF366E8F44659705F7EF0BA ] C:\WINDOWS\system32\igfxpers.exe
14:32:26.0578 0x08a4 Persistence - ok
14:32:26.0703 0x08a4 [ FA67B019063B2C456A6BB2D3FC44A21D, 895E739EAD3853D2BA7F2DCD08EC98AE45DF59886ACB034CDAB4EF7F6E6346BD ] C:\Program Files\IDT\WDM\sttray.exe
14:32:26.0843 0x08a4 SysTrayApp - ok
14:32:27.0000 0x08a4 [ A64B2C3C698F2362FAD8D9357C9AAE83, 9C175A6D37B4C5BC560DC74BFCC283856B70B9818C9755776EDC61121B6C7F8C ] C:\WINDOWS\system32\AESTFltr.exe
14:32:27.0171 0x08a4 AESTFltr - ok
14:32:27.0359 0x08a4 [ 8C4FBABC05806D0FAAEB31802E72331B, 5099C0FCDBAF074B9949E70EE6AF8EBFA998DD9ABDDFD6FEE41D2714649AA9A5 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
14:32:27.0515 0x08a4 SynTPEnh - ok
14:32:27.0609 0x08a4 [ 8CB896C573FD15AE8B13180DA53E93D2, 47E46D77DF345D5BA970A662376828DB0141CE4A62E7DF40947EB6659CA598BC ] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
14:32:27.0687 0x08a4 hpWirelessAssistant - ok
14:32:27.0734 0x08a4 [ 8FB740D758B14B1BC950CC347C21E461, 6EAB429DE35D87C94E9B912E189C248428653674939352E0210FC026F5A4B564 ] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
14:32:27.0781 0x08a4 RemoteControl - detected UnsignedFile.Multi.Generic ( 1 )
14:32:30.0640 0x08a4 Detect skipped due to KSN trusted
14:32:30.0640 0x08a4 RemoteControl - ok
14:32:30.0734 0x08a4 [ F40E80C04475731C6ED5D19C48E45E3C, 40BB48DD37D6DFD61A68BA7891C4C453665561F7C74C5DA1BC7D7B36A0190DAA ] C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
14:32:30.0796 0x08a4 VirtualCloneDrive - ok
14:32:31.0109 0x08a4 [ 126EED659167ECFD15E277301DD80470, F6D07AFA0D4A977879B6107D2AD1717F6424843F44D0B49DE2D43ECEA14207CA ] C:\Program Files\ESET\ESET Smart Security\egui.exe
14:32:31.0328 0x08a4 egui - ok
14:32:31.0421 0x08a4 [ 4EE76D4CB055E8EC281177771345E8B3, 669569288143E481892FD1E479E411638935709F7B2A91ED5157C16166C67FF4 ] C:\Program Files\PowerISO\PWRISOVM.EXE
14:32:31.0468 0x08a4 PWRISOVM.EXE - ok
14:32:31.0609 0x08a4 [ 8572F2010128B9A194DCC329859D045D, 4FDAA0A563E3048F9ADC9D137034DC4BD21DEA84687E9749E3152095C491596C ] C:\Program Files\Weather Watcher\ww.exe
14:32:31.0734 0x08a4 WeatherWatcher - detected UnsignedFile.Multi.Generic ( 1 )
14:32:35.0218 0x08a4 Detect skipped due to KSN trusted
14:32:35.0218 0x08a4 WeatherWatcher - ok
14:32:35.0312 0x08a4 Skype - ok
14:32:35.0359 0x08a4 [ A756B8F0F7BAFBA6DFE39F7D169F2519, 5338DE8FCA5182A919AAADFA5D130BB93069E3675B834D96CFF68C32433B3BDE ] C:\WINDOWS\system32\ctfmon.exe
14:32:35.0687 0x08a4 ctfmon.exe - ok
14:32:35.0703 0x08a4 Waiting for KSN requests completion. In queue: 4
14:32:36.0718 0x08a4 Waiting for KSN requests completion. In queue: 4
14:32:37.0718 0x08a4 Waiting for KSN requests completion. In queue: 1
14:32:38.0718 0x08a4 Waiting for KSN requests completion. In queue: 1
14:32:39.0921 0x08a4 AV detected via SS1: ESET Smart Security 4.2, 4.2, enabled, updated
14:32:39.0937 0x08a4 FW detected via SS1: ESET personal firewall, 4.2.40.10, enabled
14:32:42.0843 0x08a4 ============================================================
14:32:42.0843 0x08a4 Scan finished
14:32:42.0843 0x08a4 ============================================================
14:32:42.0859 0x0484 Detected object count: 1
14:32:42.0859 0x0484 Actual detected object count: 1
14:34:18.0406 0x0484 VClone ( UnsignedFile.Multi.Generic ) - skipped by user
14:34:18.0406 0x0484 VClone ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:34:25.0765 0x0d30 Deinitialize success

#24 Příspěvek od **altrok** » 24 úno 2015 15:53

Dal jste znovu log z TDSSKillera, ale potrebuju frst.txt asi chyba pri kopirovani

Drzte se presne navodu! Win XP neni podporovan novou verzi 2.0

Stahnete a nainstalujte MBAM 1.75 http://www.bleepingcomputer.com/downloa ... i-malware/
na konci instalace zruste zatrzitko u polozky Povolit bezplatnou zkusebni verzi Malwarebytes Anti-Malware PRO
ted je dulezity krok - stahuje se aktualizace celeho programu a na konci vyskoci hlaska - zvolte Cancel, pripadne Storno
jako dalsi se sama stahla aktualizace virove databaze a dava Vam jedinou moznost -> OK
opet je Vam nabizena aktualizace celeho programu -> zvolte opet Cancel
v zalozce Kontrolor vyberte moznost Kompletni kontrola a kliknete na Prohledat
po dokonceni skenovani, ktere se muze protahnout az na nekolik hodin, na Vas vyskoci log, ktery mi zkopirujte do pristi odpovedi... pripadne jej najdete v karte Slozka protokolu

Walky · #25 Příspěvek od **Walky** » 24 úno 2015 16:06

aha nevsimol som si to uz by to malo byt spravne

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-02-2015 01
Ran by anitka (administrator) on MINILAPTOP on 24-02-2015 15:14:05
Running from C:\Documents and Settings\anitka\Plocha
Loaded Profiles: anitka (Available profiles: anitka)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Sonic Solutions) C:\Program Files\Roxio\BackOnTrack\Instant Restore\BOTService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv.exe
() C:\Program Files\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe
(ESET) C:\Program Files\Eset\ESET Smart Security\ekrn.exe
(Skype Technologies S.A.) C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Andrea Electronics Corporation) C:\WINDOWS\system32\AESTFltr.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Cyberlink Corp.) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Elaborate Bytes AG) C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(ESET) C:\Program Files\Eset\ESET Smart Security\egui.exe
(Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
(Singer's Creations) C:\Program Files\Weather Watcher\ww.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\WINDOWS\system32\ntvdm.exe
(Lingea) C:\Program Files\Common Files\Lingea Shared\luc.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
() C:\Documents and Settings\anitka\Plocha\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [483428 2009-03-30] (IDT, Inc.)
HKLM\...\Run: [AESTFltr] => C:\WINDOWS\system32\AESTFltr.exe [737280 2009-02-18] (Andrea Electronics Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1418536 2009-01-16] (Synaptics, Inc.)
HKLM\...\Run: [hpWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [488752 2008-04-15] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [RemoteControl] => C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [32768 2004-11-02] (Cyberlink Corp.)
HKLM\...\Run: [VirtualCloneDrive] => C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [85160 2009-06-17] (Elaborate Bytes AG)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [2145000 2010-04-07] (ESET)
HKLM\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [312376 2011-11-15] (Power Software Ltd)
HKU\S-1-5-21-2632247924-638629528-3096988594-1006\...\Run: [WeatherWatcher] => C:\Program Files\Weather Watcher\ww.exe [1024000 2007-09-23] (Singer's Creations)
HKU\S-1-5-21-2632247924-638629528-3096988594-1006\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [30520936 2014-11-18] (Skype Technologies S.A.)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Meniny.exe ()
Startup: C:\Documents and Settings\anitka\Nabídka Start\Programy\Po spuštění\Lingea Update Center.lnk
ShortcutTarget: Lingea Update Center.lnk -> C:\Program Files\Common Files\Lingea Shared\luc.exe (Lingea)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-2632247924-638629528-3096988594-1006\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-2632247924-638629528-3096988594-1006\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
SearchScopes: HKU\S-1-5-21-2632247924-638629528-3096988594-1006 -> {76F100B9-A023-466A-B63B-AAD0388C3F9B} URL = http://www.google.co.uk/search?hl=en&q= ... rms}&meta=
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: WebTransBHO Class -> {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} -> C:\TRANSLAT\WebIE.dll ()
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO: No Name -> {53707962-6F74-2D53-2644-206D7942484F} -> No File
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
Toolbar: HKLM - WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\TRANSLAT\WebIE.dll ()
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4

FireFox:
========
FF ProfilePath: C:\Documents and Settings\anitka\Data aplikací\Mozilla\Firefox\Profiles\wl5ei3z9.default
FF Homepage: www.google.sk
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\2.0.31005.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=15.0.1.13 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=15.0.1.13 -> C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.1.13 -> C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.1.13 -> C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=15.0.1.13 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Extension: LexFox - C:\Documents and Settings\anitka\Data aplikací\Mozilla\Firefox\Profiles\wl5ei3z9.default\Extensions\info@lingea.com [2010-12-01]
FF Extension: WebTran - C:\Documents and Settings\anitka\Data aplikací\Mozilla\Firefox\Profiles\wl5ei3z9.default\Extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829} [2010-12-11]
FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\anitka\Data aplikací\Mozilla\Firefox\Profiles\wl5ei3z9.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2012-03-02]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-01-26]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-25]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-01-15]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2011-11-13]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-01-15]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-01-31]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269; C:\Program Files\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe [125424 2008-12-11] ()
R2 BOTService; C:\Program Files\Roxio\BackOnTrack\Instant Restore\BOTService.exe [203248 2009-03-19] (Sonic Solutions)
S3 EhttpSrv; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [33560 2010-04-07] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [810120 2010-04-07] (ESET)
S3 IDriverT; c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 Skype C2C Service; C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3289208 2013-01-31] (Skype Technologies S.A.)
R2 STacSV; c:\program files\idt\wdm\STacSV.exe [254042 2009-03-30] (IDT, Inc.)
S3 usnjsvc; C:\Program Files\MSN Messenger\usnsvc.exe [97136 2007-01-19] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 abp480n5; C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS [23552 2001-08-18] (Microsoft Corporation)
R3 AESTAud; C:\WINDOWS\System32\drivers\AESTAud.sys [113664 2009-03-19] (Andrea Electronics Corporation)
R3 BCM43XX; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [1735040 2009-06-10] (Broadcom Corporation)
R3 btkrnl; C:\WINDOWS\System32\DRIVERS\btkrnl.sys [991400 2008-06-24] (Broadcom Corporation.)
S3 BTWUSB; C:\WINDOWS\System32\Drivers\btwusb.sys [47272 2008-07-25] (Broadcom Corporation.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 DrvAgent32; C:\WINDOWS\system32\Drivers\DrvAgent32.sys [23456 2012-07-30] (Phoenix Technologies) [File not signed]
R2 eamon; C:\WINDOWS\System32\DRIVERS\eamon.sys [139192 2010-04-07] (ESET)
R1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [114984 2010-04-07] (ESET)
R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [26024 2009-12-17] (Elaborate Bytes AG)
R2 epfw; C:\WINDOWS\System32\DRIVERS\epfw.sys [134488 2010-04-07] (ESET)
R3 Epfwndis; C:\WINDOWS\System32\DRIVERS\Epfwndis.sys [32584 2010-04-07] (ESET)
R1 epfwtdi; C:\WINDOWS\System32\DRIVERS\epfwtdi.sys [55232 2010-04-07] (ESET)
R3 L1c; C:\WINDOWS\System32\DRIVERS\l1c51x86.sys [38912 2009-03-02] (Atheros Communications, Inc.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 RSUSBSTOR; C:\WINDOWS\System32\Drivers\RTS5121.sys [160256 2008-11-22] (Realtek Semiconductor Corp.)
R1 SCDEmu; C:\WINDOWS\system32\Drivers\SCDEmu.sys [112096 2011-11-15] (Power Software Ltd)
R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1550891 2009-03-30] (IDT, Inc.)
R0 SysCow; C:\WINDOWS\System32\drivers\syscow32x.sys [103792 2008-09-24] (Sonic Solutions)
R3 VClone; C:\WINDOWS\System32\DRIVERS\VClone.sys [29696 2009-08-09] (Elaborate Bytes AG) [File not signed]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
U4 RemoteRegistry; No ImagePath
S3 Rts516xIR; system32\DRIVERS\Rts516xIR.sys [X]
U3 TlntSvr; No ImagePath
S3 USBCCID; system32\DRIVERS\Rts5161ccid.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-24 15:14 - 2015-02-24 15:14 - 00013874 _____ () C:\Documents and Settings\anitka\Plocha\FRST.txt
2015-02-24 15:13 - 2015-02-24 15:13 - 00000000 ____D () C:\Documents and Settings\anitka\Plocha\FRST-OlderVersion
2015-02-24 14:27 - 2015-02-24 14:28 - 04197016 _____ (Kaspersky Lab ZAO) C:\Documents and Settings\anitka\Plocha\tdsskiller.exe
2015-02-24 09:52 - 2015-02-24 09:52 - 00025786 _____ () C:\Documents and Settings\anitka\Plocha\MbrScan.log
2015-02-24 09:51 - 2015-02-24 09:52 - 00000512 _____ () C:\Documents and Settings\anitka\Plocha\Dump_Hdd0_DR0.mbr
2015-02-24 09:50 - 2015-02-24 09:50 - 00147456 _____ (Eric_71) C:\Documents and Settings\anitka\Plocha\MbrScan.exe
2015-02-24 00:24 - 2015-02-24 00:24 - 00000000 ____D () C:\Documents and Settings\anitka\Plocha\PCHunter_free
2015-02-24 00:20 - 2015-02-24 00:23 - 06739485 _____ () C:\Documents and Settings\anitka\Plocha\PCHunter_free.zip
2015-02-23 23:14 - 2015-02-24 00:01 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Malwarebytes' Anti-Malware (portable)
2015-02-23 23:10 - 2015-02-23 23:10 - 00120024 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-02-23 23:07 - 2015-02-23 23:08 - 16502728 _____ (Malwarebytes Corp.) C:\Documents and Settings\anitka\Plocha\mbar-1.09.1.1004.exe
2015-02-23 23:06 - 2015-02-24 00:01 - 00000000 ____D () C:\Documents and Settings\anitka\Plocha\mbar
2015-02-23 23:02 - 2015-02-23 23:05 - 16466552 _____ (Malwarebytes Corp.) C:\Documents and Settings\anitka\Plocha\mbar-1.08.3.1004.exe
2015-02-23 22:06 - 2015-02-23 22:06 - 00000000 ____D () C:\_OTM
2015-02-23 22:02 - 2015-02-23 22:02 - 00522240 _____ (OldTimer Tools) C:\Documents and Settings\anitka\Plocha\OTM.exe
2015-02-23 22:02 - 2015-02-23 22:02 - 00000000 ____D () C:\Documents and Settings\anitka\Data aplikací\Sun
2015-02-23 21:27 - 2015-02-23 21:27 - 00007766 _____ () C:\Documents and Settings\anitka\Plocha\Addition.rar
2015-02-23 21:18 - 2015-02-24 15:14 - 00000000 ____D () C:\FRST
2015-02-23 21:17 - 2015-02-24 15:13 - 01127424 _____ (Farbar) C:\Documents and Settings\anitka\Plocha\FRST.exe
2015-02-23 09:37 - 2015-02-23 09:37 - 00010476 _____ () C:\ComboFix.txt
2015-02-23 09:37 - 2015-02-23 09:37 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\temp
2015-02-23 09:32 - 2015-02-23 09:32 - 00000435 _____ () C:\WINDOWS\system.ini
2015-02-23 09:22 - 2015-02-24 15:14 - 00000000 ____D () C:\Documents and Settings\anitka\Local Settings\temp
2015-02-23 08:54 - 2015-02-23 08:55 - 00000000 _RSHD () C:\cmdcons
2015-02-22 17:44 - 2015-02-22 17:44 - 00000327 _____ () C:\Boot.bak
2015-02-22 17:44 - 2004-08-03 23:00 - 00261312 __RSH () C:\cmldr
2015-02-22 17:36 - 2015-02-23 22:55 - 00000000 ____D () C:\WINDOWS\erdnt
2015-02-22 17:25 - 2015-02-24 09:56 - 00002664 _____ () C:\Documents and Settings\anitka\Plocha\Rkill.txt
2015-02-22 17:23 - 2015-02-22 17:24 - 01943800 _____ (Bleeping Computer, LLC) C:\Documents and Settings\anitka\Plocha\rkill.exe
2015-02-16 10:00 - 2015-02-16 09:59 - 00090112 _____ () C:\WINDOWS\Minidump\Mini021615-01.dmp
2015-02-15 20:08 - 2015-02-15 20:08 - 00000541 _____ () C:\Documents and Settings\anitka\Plocha\GoogleEarthPluginSetup.lnk
2015-02-15 20:08 - 2015-02-15 20:08 - 00000367 _____ () C:\Documents and Settings\anitka\Plocha\__MACOSX.lnk
2015-01-29 16:41 - 2015-01-29 16:41 - 00000000 ____D () C:\Documents and Settings\LocalService\Data aplikací\McAfee
2015-01-26 20:31 - 2015-01-26 20:32 - 00000000 ____D () C:\Program Files\Mozilla Firefox

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-24 15:14 - 2009-09-26 10:44 - 00000000 ____D () C:\Program Files\Weather Watcher
2015-02-24 15:14 - 2009-09-21 18:37 - 00000000 ____D () C:\Documents and Settings\anitka\Plocha
2015-02-24 15:13 - 2009-09-21 18:37 - 00000000 ___HD () C:\Documents and Settings\anitka\Local Settings\Data aplikací
2015-02-24 15:09 - 2014-12-01 17:56 - 00000282 _____ () C:\WINDOWS\Tasks\BackOnTrack Instant Restore Idle.job
2015-02-24 14:55 - 2012-05-29 21:43 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-02-24 14:25 - 2008-12-01 23:03 - 01056954 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-02-24 14:22 - 2008-12-01 23:22 - 02046826 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-24 14:22 - 2008-12-01 23:01 - 00000626 _____ () C:\WINDOWS\win.ini
2015-02-24 14:21 - 2008-12-01 23:46 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2015-02-24 14:21 - 2008-12-01 23:46 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2015-02-24 14:21 - 2008-12-01 23:22 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-24 14:20 - 2009-09-21 18:37 - 00000272 ___SH () C:\Documents and Settings\anitka\ntuser.ini
2015-02-24 14:20 - 2008-12-01 23:22 - 00032514 _____ () C:\WINDOWS\SchedLgU.Txt
2015-02-24 14:19 - 2012-03-14 23:19 - 00004511 _____ () C:\WINDOWS\setupact.log
2015-02-24 14:19 - 2012-03-05 20:49 - 00319540 _____ () C:\WINDOWS\setupapi.log
2015-02-23 23:14 - 2009-09-22 18:43 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2015-02-23 23:14 - 2009-09-22 02:20 - 00000000 __RHD () C:\Documents and Settings\All Users\Data aplikací
2015-02-23 22:55 - 2009-09-22 02:21 - 00000000 ____D () C:\WINDOWS\system32\Restore
2015-02-23 22:10 - 2009-09-22 02:20 - 00000000 ____D () C:\Documents and Settings\Default User\Local Settings\Temp
2015-02-23 22:02 - 2009-09-21 18:37 - 00000000 __RHD () C:\Documents and Settings\anitka\Data aplikací
2015-02-23 14:14 - 2009-09-23 14:27 - 00002935 _____ () C:\WINDOWS\wincmd.ini
2015-02-23 12:02 - 2009-09-22 02:20 - 00000000 __SHD () C:\Documents and Settings\LocalService
2015-02-23 08:55 - 2008-12-01 22:46 - 00000327 __RSH () C:\boot.ini
2015-02-22 18:09 - 2009-09-22 02:21 - 00000000 ____D () C:\Program Files\HP
2015-02-22 18:09 - 2009-09-21 18:37 - 00000000 ____D () C:\Documents and Settings\anitka
2015-02-18 18:06 - 2009-09-22 02:21 - 00000000 ____D () C:\WINDOWS\Registration
2015-02-18 17:50 - 2009-09-26 10:09 - 00000000 ____D () C:\Documents and Settings\anitka\Data aplikací\Skype
2015-02-18 17:50 - 2009-09-22 02:20 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
2015-02-18 17:50 - 2009-09-22 02:20 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy
2015-02-18 17:50 - 2009-09-22 02:20 - 00000000 ____D () C:\Documents and Settings\All Users\Plocha
2015-02-18 17:46 - 2008-12-01 23:22 - 00001158 _____ () C:\WINDOWS\system32\wpa.dbl
2015-02-16 10:00 - 2011-11-13 12:06 - 00000000 ____D () C:\WINDOWS\Minidump
2015-02-15 18:59 - 2013-10-22 16:20 - 00000000 ____D () C:\Documents and Settings\anitka\Plocha\DIA SKOLA
2015-02-15 13:58 - 2013-08-23 17:10 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-02-15 13:32 - 2009-10-02 22:24 - 113756392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-02-10 21:15 - 2014-09-02 19:34 - 00000000 ____D () C:\Documents and Settings\anitka\Plocha\TURECKO
2015-02-06 10:55 - 2012-05-29 21:43 - 00701616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-02-06 10:55 - 2012-02-24 10:57 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-02-02 21:54 - 2014-04-23 18:20 - 00000000 ____D () C:\Documents and Settings\anitka\Plocha\SMSNG APRIL
2015-01-29 16:41 - 2009-09-22 02:20 - 00000000 ____D () C:\Documents and Settings\LocalService\Data aplikací
2015-01-28 16:06 - 2012-04-30 17:19 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service

==================== Files in the root of some directories =======

2011-06-20 21:52 - 2008-03-09 06:25 - 0000236 _____ () C:\Program Files\Common Files\dx.reg
2009-09-21 18:51 - 2009-09-21 18:51 - 0000000 _____ () C:\Documents and Settings\anitka\Data aplikací\wklnhst.dat
2009-09-25 11:49 - 2014-10-29 13:52 - 0130048 _____ () C:\Documents and Settings\anitka\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-09-21 18:37 - 2009-09-21 18:45 - 0000126 _____ () C:\Documents and Settings\anitka\Local Settings\Data aplikací\fusioncache.dat

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\BackOnTrack Instant Restore Idle.job => C:\Program Files\Roxio\BackOnTrack\Instant Restore\RstIdle.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: ESET Smart Security 4.2 (Enabled - Up to date) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall (Disabled) {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Documents and Settings\anitka\Plocha" je 18938 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\Outlook Express\\wab.exe"="C:\\Program Files\\Outlook Express\\wab.exe:*:Enabled:Adres systmu Windows"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype. Take a deep breath "
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox (C:\\Program Files\\Mozilla Firefox)"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000001

==================== End Of Log ==============================

Walky · #26 Příspěvek od **Walky** » 24 úno 2015 19:06

teraz som si vsimol ze nefunguje niektore kombinacie napr Left shift+ m ale funguje Right shift+m alebo este napr right shift +p ale zaroven left shift + p funguje

log z MBAN

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-02-2015 01
Ran by anitka (administrator) on MINILAPTOP on 24-02-2015 15:14:05
Running from C:\Documents and Settings\anitka\Plocha
Loaded Profiles: anitka (Available profiles: anitka)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Sonic Solutions) C:\Program Files\Roxio\BackOnTrack\Instant Restore\BOTService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv.exe
() C:\Program Files\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe
(ESET) C:\Program Files\Eset\ESET Smart Security\ekrn.exe
(Skype Technologies S.A.) C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Andrea Electronics Corporation) C:\WINDOWS\system32\AESTFltr.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Cyberlink Corp.) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Elaborate Bytes AG) C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(ESET) C:\Program Files\Eset\ESET Smart Security\egui.exe
(Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
(Singer's Creations) C:\Program Files\Weather Watcher\ww.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\WINDOWS\system32\ntvdm.exe
(Lingea) C:\Program Files\Common Files\Lingea Shared\luc.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
() C:\Documents and Settings\anitka\Plocha\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [483428 2009-03-30] (IDT, Inc.)
HKLM\...\Run: [AESTFltr] => C:\WINDOWS\system32\AESTFltr.exe [737280 2009-02-18] (Andrea Electronics Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1418536 2009-01-16] (Synaptics, Inc.)
HKLM\...\Run: [hpWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [488752 2008-04-15] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [RemoteControl] => C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [32768 2004-11-02] (Cyberlink Corp.)
HKLM\...\Run: [VirtualCloneDrive] => C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [85160 2009-06-17] (Elaborate Bytes AG)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [2145000 2010-04-07] (ESET)
HKLM\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [312376 2011-11-15] (Power Software Ltd)
HKU\S-1-5-21-2632247924-638629528-3096988594-1006\...\Run: [WeatherWatcher] => C:\Program Files\Weather Watcher\ww.exe [1024000 2007-09-23] (Singer's Creations)
HKU\S-1-5-21-2632247924-638629528-3096988594-1006\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [30520936 2014-11-18] (Skype Technologies S.A.)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Meniny.exe ()
Startup: C:\Documents and Settings\anitka\Nabídka Start\Programy\Po spuštění\Lingea Update Center.lnk
ShortcutTarget: Lingea Update Center.lnk -> C:\Program Files\Common Files\Lingea Shared\luc.exe (Lingea)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-2632247924-638629528-3096988594-1006\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-2632247924-638629528-3096988594-1006\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
SearchScopes: HKU\S-1-5-21-2632247924-638629528-3096988594-1006 -> {76F100B9-A023-466A-B63B-AAD0388C3F9B} URL = http://www.google.co.uk/search?hl=en&q= ... rms}&meta=
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: WebTransBHO Class -> {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} -> C:\TRANSLAT\WebIE.dll ()
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO: No Name -> {53707962-6F74-2D53-2644-206D7942484F} -> No File
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
Toolbar: HKLM - WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\TRANSLAT\WebIE.dll ()
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4

FireFox:
========
FF ProfilePath: C:\Documents and Settings\anitka\Data aplikací\Mozilla\Firefox\Profiles\wl5ei3z9.default
FF Homepage: www.google.sk
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\2.0.31005.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=15.0.1.13 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=15.0.1.13 -> C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.1.13 -> C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.1.13 -> C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=15.0.1.13 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Extension: LexFox - C:\Documents and Settings\anitka\Data aplikací\Mozilla\Firefox\Profiles\wl5ei3z9.default\Extensions\info@lingea.com [2010-12-01]
FF Extension: WebTran - C:\Documents and Settings\anitka\Data aplikací\Mozilla\Firefox\Profiles\wl5ei3z9.default\Extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829} [2010-12-11]
FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\anitka\Data aplikací\Mozilla\Firefox\Profiles\wl5ei3z9.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2012-03-02]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-01-26]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-25]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-01-15]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2011-11-13]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-01-15]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-01-31]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269; C:\Program Files\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe [125424 2008-12-11] ()
R2 BOTService; C:\Program Files\Roxio\BackOnTrack\Instant Restore\BOTService.exe [203248 2009-03-19] (Sonic Solutions)
S3 EhttpSrv; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [33560 2010-04-07] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [810120 2010-04-07] (ESET)
S3 IDriverT; c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 Skype C2C Service; C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3289208 2013-01-31] (Skype Technologies S.A.)
R2 STacSV; c:\program files\idt\wdm\STacSV.exe [254042 2009-03-30] (IDT, Inc.)
S3 usnjsvc; C:\Program Files\MSN Messenger\usnsvc.exe [97136 2007-01-19] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 abp480n5; C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS [23552 2001-08-18] (Microsoft Corporation)
R3 AESTAud; C:\WINDOWS\System32\drivers\AESTAud.sys [113664 2009-03-19] (Andrea Electronics Corporation)
R3 BCM43XX; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [1735040 2009-06-10] (Broadcom Corporation)
R3 btkrnl; C:\WINDOWS\System32\DRIVERS\btkrnl.sys [991400 2008-06-24] (Broadcom Corporation.)
S3 BTWUSB; C:\WINDOWS\System32\Drivers\btwusb.sys [47272 2008-07-25] (Broadcom Corporation.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 DrvAgent32; C:\WINDOWS\system32\Drivers\DrvAgent32.sys [23456 2012-07-30] (Phoenix Technologies) [File not signed]
R2 eamon; C:\WINDOWS\System32\DRIVERS\eamon.sys [139192 2010-04-07] (ESET)
R1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [114984 2010-04-07] (ESET)
R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [26024 2009-12-17] (Elaborate Bytes AG)
R2 epfw; C:\WINDOWS\System32\DRIVERS\epfw.sys [134488 2010-04-07] (ESET)
R3 Epfwndis; C:\WINDOWS\System32\DRIVERS\Epfwndis.sys [32584 2010-04-07] (ESET)
R1 epfwtdi; C:\WINDOWS\System32\DRIVERS\epfwtdi.sys [55232 2010-04-07] (ESET)
R3 L1c; C:\WINDOWS\System32\DRIVERS\l1c51x86.sys [38912 2009-03-02] (Atheros Communications, Inc.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 RSUSBSTOR; C:\WINDOWS\System32\Drivers\RTS5121.sys [160256 2008-11-22] (Realtek Semiconductor Corp.)
R1 SCDEmu; C:\WINDOWS\system32\Drivers\SCDEmu.sys [112096 2011-11-15] (Power Software Ltd)
R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1550891 2009-03-30] (IDT, Inc.)
R0 SysCow; C:\WINDOWS\System32\drivers\syscow32x.sys [103792 2008-09-24] (Sonic Solutions)
R3 VClone; C:\WINDOWS\System32\DRIVERS\VClone.sys [29696 2009-08-09] (Elaborate Bytes AG) [File not signed]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
U4 RemoteRegistry; No ImagePath
S3 Rts516xIR; system32\DRIVERS\Rts516xIR.sys [X]
U3 TlntSvr; No ImagePath
S3 USBCCID; system32\DRIVERS\Rts5161ccid.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-24 15:14 - 2015-02-24 15:14 - 00013874 _____ () C:\Documents and Settings\anitka\Plocha\FRST.txt
2015-02-24 15:13 - 2015-02-24 15:13 - 00000000 ____D () C:\Documents and Settings\anitka\Plocha\FRST-OlderVersion
2015-02-24 14:27 - 2015-02-24 14:28 - 04197016 _____ (Kaspersky Lab ZAO) C:\Documents and Settings\anitka\Plocha\tdsskiller.exe
2015-02-24 09:52 - 2015-02-24 09:52 - 00025786 _____ () C:\Documents and Settings\anitka\Plocha\MbrScan.log
2015-02-24 09:51 - 2015-02-24 09:52 - 00000512 _____ () C:\Documents and Settings\anitka\Plocha\Dump_Hdd0_DR0.mbr
2015-02-24 09:50 - 2015-02-24 09:50 - 00147456 _____ (Eric_71) C:\Documents and Settings\anitka\Plocha\MbrScan.exe
2015-02-24 00:24 - 2015-02-24 00:24 - 00000000 ____D () C:\Documents and Settings\anitka\Plocha\PCHunter_free
2015-02-24 00:20 - 2015-02-24 00:23 - 06739485 _____ () C:\Documents and Settings\anitka\Plocha\PCHunter_free.zip
2015-02-23 23:14 - 2015-02-24 00:01 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Malwarebytes' Anti-Malware (portable)
2015-02-23 23:10 - 2015-02-23 23:10 - 00120024 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-02-23 23:07 - 2015-02-23 23:08 - 16502728 _____ (Malwarebytes Corp.) C:\Documents and Settings\anitka\Plocha\mbar-1.09.1.1004.exe
2015-02-23 23:06 - 2015-02-24 00:01 - 00000000 ____D () C:\Documents and Settings\anitka\Plocha\mbar
2015-02-23 23:02 - 2015-02-23 23:05 - 16466552 _____ (Malwarebytes Corp.) C:\Documents and Settings\anitka\Plocha\mbar-1.08.3.1004.exe
2015-02-23 22:06 - 2015-02-23 22:06 - 00000000 ____D () C:\_OTM
2015-02-23 22:02 - 2015-02-23 22:02 - 00522240 _____ (OldTimer Tools) C:\Documents and Settings\anitka\Plocha\OTM.exe
2015-02-23 22:02 - 2015-02-23 22:02 - 00000000 ____D () C:\Documents and Settings\anitka\Data aplikací\Sun
2015-02-23 21:27 - 2015-02-23 21:27 - 00007766 _____ () C:\Documents and Settings\anitka\Plocha\Addition.rar
2015-02-23 21:18 - 2015-02-24 15:14 - 00000000 ____D () C:\FRST
2015-02-23 21:17 - 2015-02-24 15:13 - 01127424 _____ (Farbar) C:\Documents and Settings\anitka\Plocha\FRST.exe
2015-02-23 09:37 - 2015-02-23 09:37 - 00010476 _____ () C:\ComboFix.txt
2015-02-23 09:37 - 2015-02-23 09:37 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\temp
2015-02-23 09:32 - 2015-02-23 09:32 - 00000435 _____ () C:\WINDOWS\system.ini
2015-02-23 09:22 - 2015-02-24 15:14 - 00000000 ____D () C:\Documents and Settings\anitka\Local Settings\temp
2015-02-23 08:54 - 2015-02-23 08:55 - 00000000 _RSHD () C:\cmdcons
2015-02-22 17:44 - 2015-02-22 17:44 - 00000327 _____ () C:\Boot.bak
2015-02-22 17:44 - 2004-08-03 23:00 - 00261312 __RSH () C:\cmldr
2015-02-22 17:36 - 2015-02-23 22:55 - 00000000 ____D () C:\WINDOWS\erdnt
2015-02-22 17:25 - 2015-02-24 09:56 - 00002664 _____ () C:\Documents and Settings\anitka\Plocha\Rkill.txt
2015-02-22 17:23 - 2015-02-22 17:24 - 01943800 _____ (Bleeping Computer, LLC) C:\Documents and Settings\anitka\Plocha\rkill.exe
2015-02-16 10:00 - 2015-02-16 09:59 - 00090112 _____ () C:\WINDOWS\Minidump\Mini021615-01.dmp
2015-02-15 20:08 - 2015-02-15 20:08 - 00000541 _____ () C:\Documents and Settings\anitka\Plocha\GoogleEarthPluginSetup.lnk
2015-02-15 20:08 - 2015-02-15 20:08 - 00000367 _____ () C:\Documents and Settings\anitka\Plocha\__MACOSX.lnk
2015-01-29 16:41 - 2015-01-29 16:41 - 00000000 ____D () C:\Documents and Settings\LocalService\Data aplikací\McAfee
2015-01-26 20:31 - 2015-01-26 20:32 - 00000000 ____D () C:\Program Files\Mozilla Firefox

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-24 15:14 - 2009-09-26 10:44 - 00000000 ____D () C:\Program Files\Weather Watcher
2015-02-24 15:14 - 2009-09-21 18:37 - 00000000 ____D () C:\Documents and Settings\anitka\Plocha
2015-02-24 15:13 - 2009-09-21 18:37 - 00000000 ___HD () C:\Documents and Settings\anitka\Local Settings\Data aplikací
2015-02-24 15:09 - 2014-12-01 17:56 - 00000282 _____ () C:\WINDOWS\Tasks\BackOnTrack Instant Restore Idle.job
2015-02-24 14:55 - 2012-05-29 21:43 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-02-24 14:25 - 2008-12-01 23:03 - 01056954 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-02-24 14:22 - 2008-12-01 23:22 - 02046826 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-24 14:22 - 2008-12-01 23:01 - 00000626 _____ () C:\WINDOWS\win.ini
2015-02-24 14:21 - 2008-12-01 23:46 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2015-02-24 14:21 - 2008-12-01 23:46 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2015-02-24 14:21 - 2008-12-01 23:22 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-24 14:20 - 2009-09-21 18:37 - 00000272 ___SH () C:\Documents and Settings\anitka\ntuser.ini
2015-02-24 14:20 - 2008-12-01 23:22 - 00032514 _____ () C:\WINDOWS\SchedLgU.Txt
2015-02-24 14:19 - 2012-03-14 23:19 - 00004511 _____ () C:\WINDOWS\setupact.log
2015-02-24 14:19 - 2012-03-05 20:49 - 00319540 _____ () C:\WINDOWS\setupapi.log
2015-02-23 23:14 - 2009-09-22 18:43 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2015-02-23 23:14 - 2009-09-22 02:20 - 00000000 __RHD () C:\Documents and Settings\All Users\Data aplikací
2015-02-23 22:55 - 2009-09-22 02:21 - 00000000 ____D () C:\WINDOWS\system32\Restore
2015-02-23 22:10 - 2009-09-22 02:20 - 00000000 ____D () C:\Documents and Settings\Default User\Local Settings\Temp
2015-02-23 22:02 - 2009-09-21 18:37 - 00000000 __RHD () C:\Documents and Settings\anitka\Data aplikací
2015-02-23 14:14 - 2009-09-23 14:27 - 00002935 _____ () C:\WINDOWS\wincmd.ini
2015-02-23 12:02 - 2009-09-22 02:20 - 00000000 __SHD () C:\Documents and Settings\LocalService
2015-02-23 08:55 - 2008-12-01 22:46 - 00000327 __RSH () C:\boot.ini
2015-02-22 18:09 - 2009-09-22 02:21 - 00000000 ____D () C:\Program Files\HP
2015-02-22 18:09 - 2009-09-21 18:37 - 00000000 ____D () C:\Documents and Settings\anitka
2015-02-18 18:06 - 2009-09-22 02:21 - 00000000 ____D () C:\WINDOWS\Registration
2015-02-18 17:50 - 2009-09-26 10:09 - 00000000 ____D () C:\Documents and Settings\anitka\Data aplikací\Skype
2015-02-18 17:50 - 2009-09-22 02:20 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
2015-02-18 17:50 - 2009-09-22 02:20 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy
2015-02-18 17:50 - 2009-09-22 02:20 - 00000000 ____D () C:\Documents and Settings\All Users\Plocha
2015-02-18 17:46 - 2008-12-01 23:22 - 00001158 _____ () C:\WINDOWS\system32\wpa.dbl
2015-02-16 10:00 - 2011-11-13 12:06 - 00000000 ____D () C:\WINDOWS\Minidump
2015-02-15 18:59 - 2013-10-22 16:20 - 00000000 ____D () C:\Documents and Settings\anitka\Plocha\DIA SKOLA
2015-02-15 13:58 - 2013-08-23 17:10 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-02-15 13:32 - 2009-10-02 22:24 - 113756392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-02-10 21:15 - 2014-09-02 19:34 - 00000000 ____D () C:\Documents and Settings\anitka\Plocha\TURECKO
2015-02-06 10:55 - 2012-05-29 21:43 - 00701616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-02-06 10:55 - 2012-02-24 10:57 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-02-02 21:54 - 2014-04-23 18:20 - 00000000 ____D () C:\Documents and Settings\anitka\Plocha\SMSNG APRIL
2015-01-29 16:41 - 2009-09-22 02:20 - 00000000 ____D () C:\Documents and Settings\LocalService\Data aplikací
2015-01-28 16:06 - 2012-04-30 17:19 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service

==================== Files in the root of some directories =======

2011-06-20 21:52 - 2008-03-09 06:25 - 0000236 _____ () C:\Program Files\Common Files\dx.reg
2009-09-21 18:51 - 2009-09-21 18:51 - 0000000 _____ () C:\Documents and Settings\anitka\Data aplikací\wklnhst.dat
2009-09-25 11:49 - 2014-10-29 13:52 - 0130048 _____ () C:\Documents and Settings\anitka\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-09-21 18:37 - 2009-09-21 18:45 - 0000126 _____ () C:\Documents and Settings\anitka\Local Settings\Data aplikací\fusioncache.dat

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\BackOnTrack Instant Restore Idle.job => C:\Program Files\Roxio\BackOnTrack\Instant Restore\RstIdle.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: ESET Smart Security 4.2 (Enabled - Up to date) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall (Disabled) {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Documents and Settings\anitka\Plocha" je 18938 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\Outlook Express\\wab.exe"="C:\\Program Files\\Outlook Express\\wab.exe:*:Enabled:Adres systmu Windows"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype. Take a deep breath "
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox (C:\\Program Files\\Mozilla Firefox)"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000001

==================== End Of Log ==============================

#27 Příspěvek od **altrok** » 24 úno 2015 19:50

Zase jste dal log z FRST misto MBAM, takze predpokladam, ze nefunguje ani Ctrl + C

Walky · #28 Příspěvek od **Walky** » 24 úno 2015 20:00

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verzia databázy: v2015.02.24.04

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
anitka :: MINILAPTOP [administrátor]

24. 2. 2015 17:12:59
MBAM-log-2015-02-24 (19-58-01).txt

Typ kontroly: Úplná kontrola (C:\|)
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 375450
Uplynutý čas: 1 hod, 42 min, 9 sek

Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)

Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)

Detegované registračné kľúče: 0
(Škodlivé položky neboli zistené)

Detegované registračné hodnoty: 0
(Škodlivé položky neboli zistené)

Detegované položky registračných dát: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|StartMenuLogoff (PUM.Hijack.StartMenu) -> Škodlivý: (1) Dobrý: (0) -> Žiadna úloha nevykonaná.

Detegované priečinky: 0
(Škodlivé položky neboli zistené)

Detegované súbory: 1
C:\Documents and Settings\anitka\Plocha\Anitt\Programy\Winamp\keygen_winamp.exe (PUP.RiskwareTool.CK) -> Žiadna úloha nevykonaná.

(koniec)

#29 Příspěvek od **altrok** » 24 úno 2015 20:29

Nalezy smazte/presunte do karanteny.

Aktivni havet nevidno, takze mam nejvetsi podezreni na chybu hardwaru....

VIRY.CZ

Klavesnica sama pise ;

Re: Klavesnica sama pise ;

Re: Klavesnica sama pise ;

Re: Klavesnica sama pise ;

Re: Klavesnica sama pise ;

Re: Klavesnica sama pise ;

Re: Klavesnica sama pise ;

Re: Klavesnica sama pise ;

Re: Klavesnica sama pise ;

Re: Klavesnica sama pise ;

Re: Klavesnica sama pise ;

Re: Klavesnica sama pise ;

Re: Klavesnica sama pise ;

Re: Klavesnica sama pise ;

Re: Klavesnica sama pise ;