VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o kontrolu. Díky

https://forum.viry.cz:443/viewtopic.php?t=144050

Stránka 2 z 2

Re: Prosím o kontrolu. Díky

Napsal: 27 dub 2015 11:36
od cica18
combofix jsem samovolne nepouzival

zatim posilam zkopirovane crystaldiskinfo

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Home Premium Edition SP1 [6.1 Build 7601] (x86)
Date : 2015/04/27 12:35:52

-- Controller Map ----------------------------------------------------------
+ Intel(R) ICH9M-E/M SATA AHCI Controller [ATA]
- ST9500420AS
- HL-DT-ST DVDRAM GTB0N

-- Disk List ---------------------------------------------------------------
(1) ST9500420AS : 500,1 GB [0/0/0, pd1] - st

----------------------------------------------------------------------------
(1) ST9500420AS
----------------------------------------------------------------------------
Model : ST9500420AS
Firmware : 0006HPM1
Serial Number : 5VJBPBAR
Disk Size : 500,1 GB (8,4/137,4/500,1)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 4
Transfer Mode : SATA/300
Power On Hours : 9547 hod.
Power On Count : 6558 krát
Temparature : 34 C (93 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 8080h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 116 _99 __6 0000068E282F Počet chyb čtení
03 _98 _97 __0 000000000000 Čas na roztočení ploten
04 _94 _94 __0 0000000019E5 Počet spuštění/zastavení
05 100 100 _36 000000000000 Počet přemapovaných sektorů
07 _71 _60 _30 00271A1F720A Počet chybných hledání
09 _90 _90 __0 00000000254B Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _94 _37 _20 00000000199E Počet cyklů zapnutí zařízení
B7 100 253 __0 000000000000 Neznámý
B8 100 100 _97 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 100 __0 000000000000 Časový limit příkazu
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _66 _41 _45 000D2D150022 Teplota toku vzduchu
BF 100 100 __0 0000000000E9 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 00000000000B Počet vypnutí disku
C1 _45 _45 __0 00000001B172 Počet cyklů načítání/vymazání
C2 _34 _59 __0 000400000022 Teplota
C3 _49 _34 __0 0000068E282F Počet oprav chybného čtení
C4 100 100 _36 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
FE 100 100 __0 000000000000 Ochrana proti pádu

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 3556 4A42 5042 4152 2020 2020 2020 2020 2020 2020
020: 0000 8000 0004 3030 3036 4D31 4D31 5354 3935 3030
030: 3432 3041 5320 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0D06 0D06 0000 004C 004C
080: 01F8 0029 306B 7C09 6123 BC09 BC09 6123 203F 0034
090: 0034 8080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 0000 0000 5000 C500
110: 384A 2202 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 6030
130: 3A38 6030 3A38 2020 0002 0108 0108 5000 3C06 3C0A
140: 0000 0078 0000 0008 0000 001F 001F 0280 0000 0000
150: 0008 0000 0000 0000 0000 0000 0000 0000 3E00 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 103F 103F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 1010 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 17A5

Re: Prosím o kontrolu. Díky

Napsal: 27 dub 2015 13:00
od cica18
ComboFix 15-04-19.01 - Marketa 27.04.2015 12:45:10.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3066.1926 [GMT 2:00]
Spuštěný z: c:\users\Marketa\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-03-27 do 2015-04-27 )))))))))))))))))))))))))))))))
.
.
2015-04-27 11:48 . 2015-04-27 11:48 -------- d-----w- c:\users\Public\AppData\Local\temp
2015-04-27 11:48 . 2015-04-27 11:48 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-04-26 14:01 . 2015-04-26 14:01 -------- d-----w- c:\windows\LastGood
2015-04-21 20:10 . 2015-04-22 04:10 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F431D5F4-D745-4735-A91D-45C222AE3BCD}\offreg.dll
2015-04-21 06:11 . 2015-04-04 06:39 9201616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F431D5F4-D745-4735-A91D-45C222AE3BCD}\mpengine.dll
2015-04-20 06:05 . 2015-04-21 04:54 -------- d-----w- c:\program files\Seznam.cz
2015-04-20 06:05 . 2015-04-21 04:54 -------- d-----w- c:\users\Marketa\AppData\Roaming\Seznam.cz
2015-04-15 03:56 . 2015-04-15 03:56 -------- d-----w- c:\program files\Common Files\Skype
2015-04-15 03:56 . 2015-04-15 03:56 -------- d-----r- c:\program files\Skype
2015-04-15 03:48 . 2015-03-05 04:06 305152 ----a-w- c:\windows\system32\gdi32.dll
2015-04-07 22:09 . 2015-04-07 22:10 -------- d-----w- c:\users\Marketa\AppData\Roaming\MyHeritage
2015-04-07 22:09 . 2015-04-07 22:10 -------- d-----w- c:\programdata\MyHeritage
2015-04-07 22:08 . 2012-08-02 06:56 606208 ----a-w- c:\windows\system32\HexUniRTFBox.ocx
2015-04-07 22:08 . 2010-06-17 17:49 2029056 ----a-w- c:\windows\system32\PDFDocScout.DLL
2015-04-07 22:08 . 2004-12-07 09:11 258352 ----a-w- c:\windows\system32\unicows.dll
2015-04-07 22:08 . 2003-07-06 12:07 372736 ----a-w- c:\windows\system32\ijl15.dll
2015-04-07 22:08 . 2002-03-06 23:19 454656 ----a-w- c:\windows\system32\PaintX.dll
2015-04-07 22:08 . 2015-04-07 22:08 -------- d-----w- c:\users\Marketa\AppData\Roaming\The Complete Genealogy Reporter - FTB
2015-04-07 22:08 . 1998-06-23 23:00 137000 ----a-w- c:\windows\system32\msmapi32.ocx
2015-04-07 22:08 . 2015-04-07 22:08 -------- d-----w- c:\program files\MyHeritage
2015-04-05 06:11 . 2015-04-05 06:11 -------- d-s---w- c:\windows\system32\GWX
2015-04-05 04:15 . 2015-04-05 04:14 291312 ----a-w- c:\windows\system32\aswBoot.exe
2015-04-05 04:14 . 2015-04-05 04:14 43112 ----a-w- c:\windows\avastSS.scr
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-04-26 20:33 . 2014-06-30 09:21 114904 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-04-05 04:15 . 2014-04-25 18:17 24144 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-04-05 04:15 . 2013-12-26 14:31 106912 ----a-w- c:\windows\system32\drivers\aswStm.sys
2015-04-05 04:15 . 2013-03-01 22:39 208024 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-04-05 04:15 . 2013-03-01 22:39 49904 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-04-05 04:15 . 2012-02-25 21:34 81728 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2015-04-05 04:15 . 2011-09-14 09:28 427736 ----a-w- c:\windows\system32\drivers\aswSP.sys
2015-04-05 04:15 . 2011-09-14 09:28 73440 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2015-04-05 04:14 . 2011-09-14 09:28 788272 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2015-04-05 04:11 . 2012-04-02 03:04 778928 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-04-05 04:11 . 2011-09-26 18:32 142512 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-03-17 04:57 . 2015-04-15 03:49 248832 ----a-w- c:\windows\system32\schannel.dll
2015-03-02 09:14 . 2015-03-02 09:14 912928 ----a-w- c:\windows\system32\FTBSaver.scr
2015-02-26 03:11 . 2015-03-11 06:25 2381312 ----a-w- c:\windows\system32\win32k.sys
2015-02-24 02:23 . 2011-09-23 15:07 246920 ------w- c:\windows\system32\MpSigStub.exe
2015-02-20 04:13 . 2015-03-11 06:24 26624 ----a-w- c:\windows\system32\lpk.dll
2015-02-20 04:13 . 2015-03-11 06:24 70656 ----a-w- c:\windows\system32\fontsub.dll
2015-02-20 04:13 . 2015-03-11 06:24 10240 ----a-w- c:\windows\system32\dciman32.dll
2015-02-20 04:13 . 2015-03-11 06:24 34304 ----a-w- c:\windows\system32\atmlib.dll
2015-02-20 03:09 . 2015-03-11 06:24 299008 ----a-w- c:\windows\system32\atmfd.dll
2015-02-17 14:26 . 2015-02-17 14:26 1217184 ----a-w- c:\windows\system32\FM20.DLL
2015-02-04 10:23 . 2015-02-04 10:23 875688 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2015-02-04 02:54 . 2015-03-11 06:24 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2015-02-03 03:16 . 2015-03-11 06:24 78784 ----a-w- c:\windows\system32\drivers\mountmgr.sys
2015-02-03 03:12 . 2015-03-11 06:24 179200 ----a-w- c:\windows\system32\wintrust.dll
2015-02-03 03:12 . 2015-03-11 06:24 617984 ----a-w- c:\windows\system32\wmdrmsdk.dll
2015-02-03 03:12 . 2015-03-11 06:26 1230848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2015-02-03 03:12 . 2015-03-11 06:25 171520 ----a-w- c:\windows\system32\ubpm.dll
2015-02-03 03:12 . 2015-03-11 06:24 4096 ----a-w- c:\windows\system32\msdxm.ocx
2015-02-03 03:12 . 2015-03-11 06:24 4096 ----a-w- c:\windows\system32\dxmasf.dll
2015-02-03 03:12 . 2015-03-11 06:24 50176 ----a-w- c:\windows\system32\setbcdlocale.dll
2015-02-03 03:12 . 2015-03-11 06:24 1329664 ----a-w- c:\windows\system32\quartz.dll
2015-02-03 03:12 . 2015-03-11 06:24 519680 ----a-w- c:\windows\system32\qdvd.dll
2015-02-03 03:12 . 2015-03-11 06:24 442880 ----a-w- c:\windows\system32\AUDIOKSE.dll
2015-02-03 03:12 . 2015-03-11 06:24 157184 ----a-w- c:\windows\system32\pcasvc.dll
2015-02-03 03:12 . 2015-03-11 06:24 28160 ----a-w- c:\windows\system32\pcadm.dll
2015-02-03 03:12 . 2015-03-11 06:24 8192 ----a-w- c:\windows\system32\spwmp.dll
2015-02-03 03:12 . 2015-03-11 06:24 504320 ----a-w- c:\windows\system32\msscp.dll
2015-02-03 03:12 . 2015-03-11 06:24 265216 ----a-w- c:\windows\system32\msnetobj.dll
2015-02-03 03:12 . 2015-03-11 06:24 10752 ----a-w- c:\windows\system32\msmmsp.dll
2015-02-03 03:12 . 2015-03-11 06:24 3209728 ----a-w- c:\windows\system32\mf.dll
2015-02-03 03:12 . 2015-03-11 06:24 354816 ----a-w- c:\windows\system32\mfplat.dll
2015-02-03 03:12 . 2015-03-11 06:24 103424 ----a-w- c:\windows\system32\mfps.dll
2015-02-03 03:12 . 2015-03-11 06:24 489984 ----a-w- c:\windows\system32\evr.dll
2015-02-03 03:12 . 2015-03-11 06:24 275968 ----a-w- c:\windows\system32\EncDump.dll
2015-02-03 03:12 . 2015-03-11 06:24 988160 ----a-w- c:\windows\system32\drmv2clt.dll
2015-02-03 03:12 . 2015-03-11 06:24 406016 ----a-w- c:\windows\system32\drmmgrtn.dll
2015-02-03 03:12 . 2015-03-11 06:24 1174528 ----a-w- c:\windows\system32\crypt32.dll
2015-02-03 03:12 . 2015-03-11 06:24 1005056 ----a-w- c:\windows\system32\cryptui.dll
2015-02-03 03:12 . 2015-03-11 06:24 103936 ----a-w- c:\windows\system32\cryptnet.dll
2015-02-03 03:12 . 2015-03-11 06:24 143872 ----a-w- c:\windows\system32\cryptsvc.dll
2015-02-03 03:12 . 2015-03-11 06:24 81408 ----a-w- c:\windows\system32\cryptsp.dll
2015-02-03 03:12 . 2015-03-11 06:24 744960 ----a-w- c:\windows\system32\blackbox.dll
2015-02-03 03:12 . 2015-03-11 06:24 475136 ----a-w- c:\windows\system32\audiosrv.dll
2015-02-03 03:12 . 2015-03-11 06:24 374784 ----a-w- c:\windows\system32\AudioEng.dll
2015-02-03 03:12 . 2015-03-11 06:24 50688 ----a-w- c:\windows\system32\appidapi.dll
2015-02-03 03:12 . 2015-03-11 06:24 195584 ----a-w- c:\windows\system32\AudioSes.dll
2015-02-03 03:12 . 2015-03-11 06:24 27648 ----a-w- c:\windows\system32\appidsvc.dll
2015-02-03 03:11 . 2015-03-11 06:24 50176 ----a-w- c:\windows\system32\rrinstaller.exe
2015-02-03 03:11 . 2015-03-11 06:24 9728 ----a-w- c:\windows\system32\pcawrk.exe
2015-02-03 03:11 . 2015-03-11 06:24 8192 ----a-w- c:\windows\system32\pcalua.exe
2015-02-03 03:11 . 2015-03-11 06:24 23040 ----a-w- c:\windows\system32\mfpmp.exe
2015-02-03 03:11 . 2015-03-11 06:24 100864 ----a-w- c:\windows\system32\audiodg.exe
2015-02-03 03:11 . 2015-03-11 06:24 96768 ----a-w- c:\windows\system32\appidpolicyconverter.exe
2015-02-03 03:11 . 2015-03-11 06:24 16896 ----a-w- c:\windows\system32\appidcertstorecheck.exe
2015-02-03 03:11 . 2015-03-11 06:24 12625408 ----a-w- c:\windows\system32\wmploc.DLL
2015-02-03 03:10 . 2015-03-11 06:24 8704 ----a-w- c:\windows\system32\pcaevts.dll
2015-02-03 03:09 . 2015-03-11 06:23 2048 ----a-w- c:\windows\system32\mferror.dll
2015-02-03 03:00 . 2015-03-11 06:24 593920 ----a-w- c:\windows\system32\drivers\PEAuth.sys
2015-02-03 02:26 . 2015-03-11 06:24 50176 ----a-w- c:\windows\system32\drivers\appid.sys
2015-02-01 09:44 . 2013-06-06 19:01 19840 ----a-w- c:\windows\help\OEM\Scripts\Solution_RecoveryPgm.exe
2015-01-31 03:33 . 2015-03-11 06:26 2744320 ----a-w- c:\windows\system32\rdpcorets.dll
2015-01-31 03:33 . 2015-03-11 06:26 13824 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2015-01-31 00:48 . 2015-03-11 06:26 221184 ----a-w- c:\windows\system32\rdpudd.dll
2015-01-30 23:56 . 2015-03-11 06:24 370488 ----a-w- c:\windows\system32\drivers\cng.sys
2015-01-27 23:36 . 2015-02-11 09:07 1167520 ----a-w- c:\windows\system32\aitstatic.exe
2010-01-26 09:11 . 2011-10-07 17:16 444283 ------w- c:\program files\Common Files\WinPcapNmap.exe
2007-02-16 13:17 . 2007-02-16 13:17 3792183 ------w- c:\program files\face2face.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-04-05 04:14 644608 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ShowBatteryBar"="c:\program files\BatteryBar\ShowBatteryBar.exe" [2013-04-11 90624]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-04-05 5512912]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"GarminExpressTrayApp"="c:\program files\Garmin\Express Tray\ExpressTray.exe" [2014-04-23 122200]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\HEWLET~1\IAM\Bin\APSHook.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
backup=c:\windows\pss\WinZip Quick Pick.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Marketa^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
path=c:\users\Marketa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
backup=c:\windows\pss\Dropbox.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Marketa^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk]
path=c:\users\Marketa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\accrdsub]
2009-06-03 14:13 400936 ------w- c:\program files\ActivIdentity\ActivClient\accrdsub.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\acevents]
2009-06-03 14:16 153640 ------w- c:\program files\ActivIdentity\ActivClient\acevents.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\actSessionUI32.exe]
2012-10-18 20:00 59064 ------w- c:\program files\ActivityMon Software\ActivityMon\actSessionUI32.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ANT Agent]
2013-02-15 16:23 14731776 ------w- c:\program files\Garmin\ANT Agent\ANT Agent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-02-20 19:28 59240 ------w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
2015-03-13 11:10 5529880 ----a-w- c:\program files\CCleaner\CCleaner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cobian Backup 11 interface]
2012-12-05 21:08 4407808 ------w- c:\program files\Cobian Backup 11\cbInterface.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CognizanceTS]
2009-07-23 09:05 24848 ------w- c:\progra~1\HEWLET~1\IAM\Bin\ASTSVCC.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Family Tree Builder Update]
2015-03-02 09:03 2477056 ----a-w- c:\program files\MyHeritage\Bin\FTBCheckUpdates.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadwin PrintScreen Pro (32-bit)]
2014-02-04 03:20 13005480 ------w- c:\program files\Gadwin\Gadwin PrintScreenPro\PrintScreenPro32.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarminExpressTrayApp]
2014-04-23 07:26 122200 ------w- c:\program files\Garmin\Express Tray\ExpressTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPADVISOR]
2009-07-16 00:51 1668664 ------w- c:\program files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
2009-08-25 17:57 186904 ------w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileBroadband]
2011-07-14 13:45 279552 ------w- c:\program files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NCPluginUpdater]
2015-04-21 19:14 21304 ----a-w- c:\program files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PTHOSTTR]
2009-07-30 11:28 354360 ------w- c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]
2009-07-27 22:49 288312 ------w- c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX]
2009-05-18 11:29 3866624 ------w- c:\program files\Analog Devices\SoundMAX\SoundMAX.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
2009-05-18 21:28 1314816 ------w- c:\program files\Analog Devices\Core\smax4pnp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2009-08-04 18:09 98304 ------w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2010-06-04 00:17 1791272 ------w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vidalia]
2011-04-12 01:11 5735369 ------w- c:\program files\Vidalia Bundle\Vidalia\vidalia.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WirelessAssistant]
2009-07-23 18:04 498744 ------w- c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
.
R2 ActivityMon2;ActivityMon;c:\program files\ActivityMon Software\ActivityMon\svchost.exe [2012-10-18 80568]
R2 yksvc;Marvell Yukon Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
R3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-04-05 3205216]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [2011-07-12 102784]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys [2011-07-12 11136]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2010-06-14 36608]
R3 HP ProtectTools Service;HP ProtectTools Service;c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2009-07-30 45056]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys [2011-07-12 89856]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys [2011-07-12 26624]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys [2011-07-12 182272]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2015-03-13 102912]
R3 NETw1v32;Intel(R) Wireless WiFi Link 1000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw1v32.sys [2009-07-20 5958656]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 PasswordBox;PasswordBox;c:\program files\PasswordBox\pbbtnService.exe [2013-11-01 67584]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 RoxMediaDB10;RoxMediaDB10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-06-13 1120752]
R3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2010-04-27 98432]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2010-04-27 14848]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2010-04-27 123648]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-09-17 1343400]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys [2013-11-08 86304]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2012-06-05 436792]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2015-04-05 788272]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2015-04-05 427736]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-10-07 232512]
S2 ac.sharedstore;ActivIdentity Shared Store Service;c:\program files\Common Files\ActivIdentity\ac.sharedstore.exe [2009-06-03 207400]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-04 176128]
S2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2015-04-05 24144]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2015-04-05 73440]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2015-04-05 106912]
S2 ATService;AuthenTec Fingerprint Service;c:\program files\Fingerprint Sensor\AtService.exe [2009-07-29 1201400]
S2 cbVSCService11;Cobian Backup 11 Volume Shadow Copy Requester;c:\program files\Cobian Backup 11\cbVSCService11.exe [2012-12-05 67584]
S2 CobianBackup11;Cobian Backup 11 Gravity;c:\program files\Cobian Backup 11\cbService.exe [2012-12-05 1131008]
S2 Garmin Core Update Service;Garmin Core Update Service;c:\program files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2014-04-23 436056]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2011-05-13 26168]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-01-27 50704]
S2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [2009-06-18 635416]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-04-05 220240]
S3 5U876UVC;HP Webcam [2 MP series];c:\windows\system32\DRIVERS\5U876.sys [2009-06-30 12:01 118656]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [2011-07-12 73344]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2015-04-26 114904]
S3 NETw5s32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [2010-01-13 6755840]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-09-28 315392]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MBAMSWISSARMY
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
Cognizance REG_MULTI_SZ ASBroker
Bioscrypt REG_MULTI_SZ ASChannel
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 19:11 451872 ------w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-04-16 14:41 988488 ----a-w- c:\program files\Google\Chrome\Application\42.0.2311.90\Installer\chrmstp.exe
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
TCP: DhcpNameServer = 10.0.0.138 192.168.1.1
TCP: Interfaces\{080FA4BF-28B2-4E7A-A306-E06364A2E9F9}: NameServer = 217.77.165.81 217.77.161.131
TCP: Interfaces\{58A95CB5-18F8-4B18-929F-C7A966324B11}: NameServer = 217.77.165.81 217.77.161.131
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
Binary file temp00 matches
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(7104)
c:\program files\Hewlett-Packard\IAM\Bin\ItClient.dll
.
Celkový čas: 2015-04-27 13:53:12
ComboFix-quarantined-files.txt 2015-04-27 11:53
.
Před spuštěním: Volných bajtů: 33 877 655 552
Po spuštění: Volných bajtů: 33 970 098 176
.
- - End Of File - - 07B07305FA2C57DC9BEAA36B3678160C
A36C5E4F47E84449FF07ED3517B43A31

Re: Prosím o kontrolu. Díky

Napsal: 27 dub 2015 17:38
od Márty84
cica18 píše:combofix jsem samovolne nepouzival
Ja vim, to je varovani pro pripadne ctenare :)

cica18 píše:zatim posilam zkopirovane crystaldiskinfo
Disk hlasi chyby, i to muze pusobit potize.
cica18 píše:01 116 _99 __6 0000068E282F Počet chyb čtení
07 _71 _60 _30 00271A1F720A Počet chybných hledání
BF 100 100 __0 0000000000E9 Počet udalostí zaznamenaných otřesovým senzorem
C3 _49 _34 __0 0000068E282F Počet oprav chybného čtení

:arrow: Postupujte podle navodu kolegy
vyosek píše: :arrow: Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe
  • Kliknete na volbu Change parametrs
  • V okne Additional Option zakliknete vsechny moznosti
  • Kliknete na OK
  • Utilite prikazte, at skenuje - klik na Start Scan
  • Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip
  • Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip
  • Pokud mate vsude Skip, kliknete na Continue
  • Na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt bude log - jeho obsah sem vlozte

:arrow: Postupujte podle navodu kolegy
vyosek píše: :arrow: Stahnete Malwarebytes Anti-Rootkit http://www.bleepingcomputer.com/downloa ... i-rootkit/
  • Ulozte nejlepe na Plochu a rozbalte
  • Spustte kliknutim na mbar
  • Nyni postupne kliknete na Next a Update
  • Po dokonceni update (aktualizace) databaze kliknete opet na Next
  • Nechte zaskrtnute vsechny tri moznosti a klinete na Scan cimz spustite prohledavani PC
  • Po dokonceni skenu (cca 5 minutek) zkontrolujte, zda-li je u vsech nalezu (samozrejme pokud budou) zatrzitko
  • Tez zkontrolujte, jetsli je zatrzitko u Create Restore point
  • Nyni kliknete na CleanUp cimz nalezenou infekci odstranime
  • PC bude restartovan
  • Slozka mbar by mela obsahovat log (a zrejme se i sam otevre) mbar-log-rok-mesic-den (hodina-minuta-sekunda).txt, ten mi sem dejte

Re: Prosím o kontrolu. Díky

Napsal: 27 dub 2015 21:33
od cica18
22:29:23.0840 0x1224 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
22:29:28.0529 0x1224 ============================================================
22:29:28.0529 0x1224 Current date / time: 2015/04/27 22:29:28.0529
22:29:28.0529 0x1224 SystemInfo:
22:29:28.0529 0x1224
22:29:28.0529 0x1224 OS Version: 6.1.7601 ServicePack: 1.0
22:29:28.0529 0x1224 Product type: Workstation
22:29:28.0529 0x1224 ComputerName: MARKETA-PC
22:29:28.0530 0x1224 UserName: Marketa
22:29:28.0530 0x1224 Windows directory: C:\windows
22:29:28.0530 0x1224 System windows directory: C:\windows
22:29:28.0530 0x1224 Processor architecture: Intel x86
22:29:28.0530 0x1224 Number of processors: 2
22:29:28.0530 0x1224 Page size: 0x1000
22:29:28.0530 0x1224 Boot type: Normal boot
22:29:28.0530 0x1224 ============================================================
22:29:29.0380 0x1224 KLMD registered as C:\windows\system32\drivers\49463808.sys
22:29:29.0905 0x1224 System UUID: {0D2FFBA2-8AD4-D4CC-C674-07358DEB0CC3}
22:29:31.0018 0x1224 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:29:31.0024 0x1224 ============================================================
22:29:31.0024 0x1224 \Device\Harddisk0\DR0:
22:29:31.0025 0x1224 MBR partitions:
22:29:31.0025 0x1224 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x96000
22:29:31.0025 0x1224 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x96800, BlocksNum 0x380F0800
22:29:31.0025 0x1224 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x38187000, BlocksNum 0x1E00800
22:29:31.0025 0x1224 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x39F87800, BlocksNum 0x3FE000
22:29:31.0025 0x1224 ============================================================
22:29:31.0043 0x1224 C: <-> \Device\Harddisk0\DR0\Partition2
22:29:31.0075 0x1224 E: <-> \Device\Harddisk0\DR0\Partition4
22:29:31.0104 0x1224 ============================================================
22:29:31.0104 0x1224 Initialize success
22:29:31.0104 0x1224 ============================================================
22:29:49.0021 0x0f14 ============================================================
22:29:49.0021 0x0f14 Scan started
22:29:49.0021 0x0f14 Mode: Manual; SigCheck; TDLFS;
22:29:49.0021 0x0f14 ============================================================
22:29:49.0021 0x0f14 KSN ping started
22:30:02.0879 0x0f14 KSN ping finished: true
22:30:05.0347 0x0f14 ================ Scan system memory ========================
22:30:05.0347 0x0f14 System memory - ok
22:30:05.0348 0x0f14 ================ Scan services =============================
22:30:05.0555 0x0f14 [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
22:30:05.0783 0x0f14 1394ohci - ok
22:30:05.0829 0x0f14 [ 080A40550FB95A328917512F3F5A0409, AD4B9E1B694A4E35C1C2EF51A001CB6202CC2287E23B8D6BC54F6C182908D0B0 ] 5U876UVC C:\windows\system32\DRIVERS\5U876.sys
22:30:05.0921 0x0f14 5U876UVC - ok
22:30:05.0986 0x0f14 [ 00659E56339389469473AEC41587E706, 33CF74B079268D7B1205969212F2F6145095F0A5500C1B96957F0EB08C2D9D4E ] ac.sharedstore C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
22:30:06.0025 0x0f14 ac.sharedstore - ok
22:30:06.0052 0x0f14 [ CC1F1D3D70DC13C2C281488D347D4415, 3AB1495F8982C727D02E9975E2E04203B918AFAA7B05B5E7FEB5142EB30D1998 ] Accelerometer C:\windows\system32\DRIVERS\Accelerometer.sys
22:30:06.0073 0x0f14 Accelerometer - ok
22:30:06.0111 0x0f14 [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\windows\system32\drivers\ACPI.sys
22:30:06.0160 0x0f14 ACPI - ok
22:30:06.0205 0x0f14 [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
22:30:06.0301 0x0f14 AcpiPmi - ok
22:30:06.0384 0x0f14 ActivityMon2 - ok
22:30:06.0424 0x0f14 [ 6C61BCEB60C2C187E6F96001FD69493E, AB8752E7DCCE134CA63D2E660D3E2688086426167B9E8E2C24E0D45B87497774 ] ADIHdAudAddService C:\windows\system32\drivers\ADIHdAud.sys
22:30:06.0541 0x0f14 ADIHdAudAddService - ok
22:30:06.0586 0x0f14 [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
22:30:06.0644 0x0f14 adp94xx - ok
22:30:06.0670 0x0f14 [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
22:30:06.0711 0x0f14 adpahci - ok
22:30:06.0729 0x0f14 [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
22:30:06.0762 0x0f14 adpu320 - ok
22:30:06.0778 0x0f14 [ 4DC6B0772D1698F04FC79053A21C8260, 010D4660DB9F7BC49C72691B5D9936EAB6F4A0799374B4019B97343B517D86F4 ] AEADIFilters C:\windows\system32\AEADISRV.EXE
22:30:06.0840 0x0f14 AEADIFilters - ok
22:30:06.0870 0x0f14 [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc C:\windows\System32\aelupsvc.dll
22:30:07.0050 0x0f14 AeLookupSvc - ok
22:30:07.0100 0x0f14 [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD C:\windows\system32\drivers\afd.sys
22:30:07.0209 0x0f14 AFD - ok
22:30:07.0286 0x0f14 [ 7E10E3BB9B258AD8A9300F91214D67B9, CE5FAD7BF78234B64EAADF64DB23F3C342AADB9C5E3B0168E57863F494F30318 ] AgereSoftModem C:\windows\system32\DRIVERS\AGRSM.sys
22:30:07.0455 0x0f14 AgereSoftModem - ok
22:30:07.0493 0x0f14 [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\windows\system32\drivers\agp440.sys
22:30:07.0521 0x0f14 agp440 - ok
22:30:07.0537 0x0f14 [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\windows\system32\DRIVERS\djsvs.sys
22:30:07.0566 0x0f14 aic78xx - ok
22:30:07.0575 0x0f14 [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\windows\System32\alg.exe
22:30:07.0656 0x0f14 ALG - ok
22:30:07.0676 0x0f14 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\windows\system32\drivers\aliide.sys
22:30:07.0702 0x0f14 aliide - ok
22:30:07.0749 0x0f14 [ A236CEE2BF90381E981EBB870429FA9B, 47311728773C6E5ED5E122536DBD3A02C0F7E72E9343066111DE8690626C6398 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
22:30:07.0842 0x0f14 AMD External Events Utility - ok
22:30:07.0873 0x0f14 [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\windows\system32\drivers\amdagp.sys
22:30:07.0901 0x0f14 amdagp - ok
22:30:07.0927 0x0f14 [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\windows\system32\drivers\amdide.sys
22:30:07.0953 0x0f14 amdide - ok
22:30:07.0975 0x0f14 [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
22:30:08.0009 0x0f14 AmdK8 - ok
22:30:08.0043 0x0f14 [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
22:30:08.0091 0x0f14 AmdPPM - ok
22:30:08.0131 0x0f14 [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata C:\windows\system32\drivers\amdsata.sys
22:30:08.0161 0x0f14 amdsata - ok
22:30:08.0187 0x0f14 [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
22:30:08.0228 0x0f14 amdsbs - ok
22:30:08.0251 0x0f14 [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata C:\windows\system32\drivers\amdxata.sys
22:30:08.0278 0x0f14 amdxata - ok
22:30:08.0342 0x0f14 [ 81F97D8F8B3FB94A451CC6F7CF8B2965, 8DEBA4E47E1016D69740C0BB7CDD23852D86E0D42C1C1EA5A847ECB115C38CB1 ] AppID C:\windows\system32\drivers\appid.sys
22:30:08.0445 0x0f14 AppID - ok
22:30:08.0488 0x0f14 [ F5090F8FA6757C58E17BAEAA86093636, 5E14CF3032DF5801240F45C59AA93962EA41AA5648A0C6458D16D9B9D95A131F ] AppIDSvc C:\windows\System32\appidsvc.dll
22:30:08.0541 0x0f14 AppIDSvc - ok
22:30:08.0568 0x0f14 [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo C:\windows\System32\appinfo.dll
22:30:08.0662 0x0f14 Appinfo - ok
22:30:08.0680 0x0f14 [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\windows\system32\DRIVERS\arc.sys
22:30:08.0709 0x0f14 arc - ok
22:30:08.0721 0x0f14 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
22:30:08.0749 0x0f14 arcsas - ok
22:30:08.0804 0x0f14 [ 37B781DF6F1AE6FB4A419F42CDF30CC3, CCEEE862686E3C90054FCCC0E3E2B042ACCDF0E7C5F1ACF1D8B3169ADFB7356A ] ASBroker C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll
22:30:08.0839 0x0f14 ASBroker - ok
22:30:08.0861 0x0f14 [ 1AEE23BA023CDA7909B9AD1CEF21764F, 037FA668A3FFD3FDCEA0CE23E94F916C3AA01FDB3CD254310F83AE44E50C881E ] ASChannel C:\Program Files\Hewlett-Packard\IAM\Bin\AsChnl.dll
22:30:08.0886 0x0f14 ASChannel - ok
22:30:08.0999 0x0f14 [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
22:30:09.0074 0x0f14 aspnet_state - ok
22:30:09.0177 0x0f14 [ FE99FCB91E93BC4A7E222928A06411DE, C0F9A2A6324B17D435A7C62EB133E3E529D5622ED83C65E48F092CAB79D9A787 ] aswHwid C:\windows\system32\drivers\aswHwid.sys
22:30:09.0219 0x0f14 aswHwid - ok
22:30:09.0248 0x0f14 [ 5D70C1C6C61C5A034BD086AD219A0237, 318C3CC5AF2A4B99C6C3938B36C95ECA63EABC5E93A2A3D7C729BA0BF191CDF1 ] aswMonFlt C:\windows\system32\drivers\aswMonFlt.sys
22:30:09.0275 0x0f14 aswMonFlt - ok
22:30:09.0341 0x0f14 [ 456106F51D03D99A8C65BFC0E37E3D0B, AC616957C299DF452E37ACB1C77F20A50AD4B23AD07BF09951817EF8B460A6D6 ] aswRdr C:\windows\system32\drivers\aswRdr2.sys
22:30:09.0370 0x0f14 aswRdr - ok
22:30:09.0450 0x0f14 [ 74E84C8CEB52042E8A1EA3104D151843, B9D1ADC6A0FF31EE18E2EECCCC3D98C41FAE9E37295A0F555DAB59D0B6028A6E ] aswRvrt C:\windows\system32\drivers\aswRvrt.sys
22:30:09.0478 0x0f14 aswRvrt - ok
22:30:09.0588 0x0f14 [ 48FA0C8E04A37A619C894A1C02D5AB96, F79C7252D0C578F827EED28630D97F2B5E3B361F920AF626343D8A71CDD86288 ] aswSnx C:\windows\system32\drivers\aswSnx.sys
22:30:09.0667 0x0f14 aswSnx - ok
22:30:09.0753 0x0f14 [ 2AB454C9C10C427738426C06D3749361, BC604BC9006CF52520FA962055F391A806B7452639640F13516B151E34517643 ] aswSP C:\windows\system32\drivers\aswSP.sys
22:30:09.0803 0x0f14 aswSP - ok
22:30:09.0875 0x0f14 [ F7D2CE852966935E2F85C3DB4D50D3A5, BE41E9849380BC047B145B8AC7A402C223A901D39CA349F5D2A070C890B7DCE6 ] aswStm C:\windows\system32\drivers\aswStm.sys
22:30:09.0905 0x0f14 aswStm - ok
22:30:09.0929 0x0f14 [ 0AE22EAD6B30E448160338E708BCB71D, 4657A7C60635B916FFBC0A731D52E944FDDE6B052AD0DBD0848C3C7A5C15DD0D ] aswVmm C:\windows\system32\drivers\aswVmm.sys
22:30:09.0970 0x0f14 aswVmm - ok
22:30:09.0982 0x0f14 [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
22:30:10.0128 0x0f14 AsyncMac - ok
22:30:10.0155 0x0f14 [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\windows\system32\drivers\atapi.sys
22:30:10.0181 0x0f14 atapi - ok
22:30:10.0219 0x0f14 [ E2398389648B5D44DC63CA43FDD5B3F8, 4401065F30C75F453FF9342029A8CCF46C317B6F1A2ECE3509350B0C8F23547B ] AtiHdmiService C:\windows\system32\drivers\AtiHdmi.sys
22:30:10.0245 0x0f14 AtiHdmiService - ok
22:30:10.0492 0x0f14 [ A4252328D2B1520571102992EF0B0E5C, 5D2F5B2898CE5235D5084C27E223453C22A9C0731039052E9658604FF70DE65A ] atikmdag C:\windows\system32\DRIVERS\atikmdag.sys
22:30:10.0794 0x0f14 atikmdag - ok
22:30:10.0904 0x0f14 [ B09D413EB812F65651162C516C75CC5F, 595EA4EEDD66EA9BE310AE5635A5C21FADDF80129288DE7035D2FAEFFD5C1976 ] ATService C:\Program Files\Fingerprint Sensor\AtService.exe
22:30:10.0991 0x0f14 ATService - ok
22:30:11.0090 0x0f14 [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
22:30:11.0189 0x0f14 AudioEndpointBuilder - ok
22:30:11.0230 0x0f14 [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] Audiosrv C:\windows\System32\Audiosrv.dll
22:30:11.0280 0x0f14 Audiosrv - ok
22:30:11.0376 0x0f14 [ 210A326658D72D7F2EE2267F3D9C44D4, 25BC620209B5F4BCF5C3F323290E41255F68660F3DFF901FA5A78423A7293D73 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
22:30:11.0426 0x0f14 avast! Antivirus - ok
22:30:11.0750 0x0f14 [ 5019A83BE87FD8B60F7333901BFD35E5, 674DF51CAA1B6C0BC9CA9755B3BC5A9A71C583BD7C7A2826BD280E107B855092 ] AvastVBoxSvc C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
22:30:11.0966 0x0f14 AvastVBoxSvc - ok
22:30:12.0004 0x0f14 [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\windows\System32\AxInstSV.dll
22:30:12.0101 0x0f14 AxInstSV - ok
22:30:12.0160 0x0f14 [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\windows\system32\DRIVERS\bxvbdx.sys
22:30:12.0284 0x0f14 b06bdrv - ok
22:30:12.0328 0x0f14 [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\windows\system32\DRIVERS\b57nd60x.sys
22:30:12.0394 0x0f14 b57nd60x - ok
22:30:12.0426 0x0f14 [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\windows\System32\bdesvc.dll
22:30:12.0482 0x0f14 BDESVC - ok
22:30:12.0515 0x0f14 [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\windows\system32\drivers\Beep.sys
22:30:12.0569 0x0f14 Beep - ok
22:30:12.0619 0x0f14 [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\windows\System32\bfe.dll
22:30:12.0741 0x0f14 BFE - ok
22:30:12.0805 0x0f14 [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\windows\system32\qmgr.dll
22:30:12.0950 0x0f14 BITS - ok
22:30:12.0986 0x0f14 [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
22:30:13.0017 0x0f14 blbdrive - ok
22:30:13.0048 0x0f14 [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser C:\windows\system32\DRIVERS\bowser.sys
22:30:13.0092 0x0f14 bowser - ok
22:30:13.0106 0x0f14 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
22:30:13.0159 0x0f14 BrFiltLo - ok
22:30:13.0192 0x0f14 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
22:30:13.0247 0x0f14 BrFiltUp - ok
22:30:13.0277 0x0f14 [ 77361D72A04F18809D0EFB6CCEB74D4B, 55E7DB65BB29FF421F138CDFF05E5ECFFC7C8862FAA68F6179A3BA9D6B69AE64 ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
22:30:13.0359 0x0f14 BridgeMP - ok
22:30:13.0403 0x0f14 [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser C:\windows\System32\browser.dll
22:30:13.0452 0x0f14 Browser - ok
22:30:13.0481 0x0f14 [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\windows\System32\Drivers\Brserid.sys
22:30:13.0534 0x0f14 Brserid - ok
22:30:13.0546 0x0f14 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
22:30:13.0615 0x0f14 BrSerWdm - ok
22:30:13.0647 0x0f14 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
22:30:13.0680 0x0f14 BrUsbMdm - ok
22:30:13.0710 0x0f14 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
22:30:13.0760 0x0f14 BrUsbSer - ok
22:30:13.0782 0x0f14 [ 2865A5C8E98C70C605F417908CEBB3A4, B1C5AC228BD7072AF8668C009C6CDC13EE9FCB9481F57524300F37C40BF1E935 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
22:30:13.0865 0x0f14 BthEnum - ok
22:30:13.0876 0x0f14 [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
22:30:13.0943 0x0f14 BTHMODEM - ok
22:30:13.0974 0x0f14 [ AD1872E5829E8A2C3B5B4B641C3EAB0E, 8C2DBCAC08DDB41E2B44E257C55FA2D0272959B308EFF9EAF5FF9AE1E4A0AA39 ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
22:30:14.0011 0x0f14 BthPan - ok
22:30:14.0054 0x0f14 [ 1153DE2E4F5941E10C399CB5592F78A1, 2B88AF246D62F72FA9F5B921B0375AE59A0F263672472D5EC9FDB5CA5EF51C31 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
22:30:14.0108 0x0f14 BTHPORT - ok
22:30:14.0156 0x0f14 [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\windows\system32\bthserv.dll
22:30:14.0239 0x0f14 bthserv - ok
22:30:14.0270 0x0f14 [ C81E9413A25A439F436B1D4B6A0CF9E9, A4C290163207AED22C70C7F90B28F6FC24892889643D60D915059405AC5A4A72 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
22:30:14.0301 0x0f14 BTHUSB - ok
22:30:14.0332 0x0f14 [ D57D29132EFE13A83133D9BD449E0CF1, 8C12FC2404A53EFA028B3423A96F2B5ADDE1640A964AFAF2C460E73338551FFB ] btwaudio C:\windows\system32\drivers\btwaudio.sys
22:30:14.0358 0x0f14 btwaudio - ok
22:30:14.0426 0x0f14 [ D282C14A69357D0E1BAFAECC2CA98C3A, 1F576218591B87920641F7E2FA349E477032C4C38DF5A6584738DC0280E203A9 ] btwavdt C:\windows\system32\DRIVERS\btwavdt.sys
22:30:14.0451 0x0f14 btwavdt - ok
22:30:14.0505 0x0f14 [ 7D2DD14E60CE4FF3308D66FDA7990546, FB92C2FAE8C9F3F25A5766BFB1A05CD4D7BF8FB84F548752C17476926B21153F ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
22:30:14.0559 0x0f14 btwdins - ok
22:30:14.0588 0x0f14 [ AAFD7CB76BA61FBB08E302DA208C974A, 1B342095E373ECCA1775B30E92CD337BECEB4BA9F821132C33507A646E6A341C ] btwl2cap C:\windows\system32\DRIVERS\btwl2cap.sys
22:30:14.0608 0x0f14 btwl2cap - ok
22:30:14.0637 0x0f14 [ 02EB4D2B05967DF2D32F29C84AB1FB17, 95B7901F7BCE41DF53309158AC12888BA1F82FF2E576BF3ED0E67EA3CFAB1288 ] btwrchid C:\windows\system32\DRIVERS\btwrchid.sys
22:30:14.0659 0x0f14 btwrchid - ok
22:30:14.0818 0x0f14 catchme - ok
22:30:14.0936 0x0f14 [ 58BF7714A312698108A96D0DE2BB6825, 87E0EC24520C9C421AF6A680FEF42E18911AABA373A9F927C5CE77AD50F8196F ] cbVSCService11 C:\Program Files\Cobian Backup 11\cbVSCService11.exe
22:30:14.0950 0x0f14 cbVSCService11 - detected UnsignedFile.Multi.Generic ( 1 )
22:30:19.0258 0x0f14 Detect skipped due to KSN trusted
22:30:19.0258 0x0f14 cbVSCService11 - ok
22:30:19.0327 0x0f14 [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
22:30:19.0405 0x0f14 cdfs - ok
22:30:19.0447 0x0f14 [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
22:30:19.0485 0x0f14 cdrom - ok
22:30:19.0550 0x0f14 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\windows\System32\certprop.dll
22:30:19.0604 0x0f14 CertPropSvc - ok
22:30:19.0625 0x0f14 [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\windows\system32\DRIVERS\circlass.sys
22:30:19.0662 0x0f14 circlass - ok
22:30:19.0730 0x0f14 [ 33A60554882FDF59CDA3E1806370BBA1, 3DE5451E1CB84AAEBD03F54BEFC670C401447B4881A8B022748B6ECF0F500F01 ] CLFS C:\windows\system32\CLFS.sys
22:30:19.0776 0x0f14 CLFS - ok
22:30:19.0843 0x0f14 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:30:19.0871 0x0f14 clr_optimization_v2.0.50727_32 - ok
22:30:19.0948 0x0f14 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:30:20.0080 0x0f14 clr_optimization_v4.0.30319_32 - ok
22:30:20.0124 0x0f14 [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
22:30:20.0175 0x0f14 CmBatt - ok
22:30:20.0202 0x0f14 [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\windows\system32\drivers\cmdide.sys
22:30:20.0229 0x0f14 cmdide - ok
22:30:20.0317 0x0f14 [ 3051724F223EA48968B19567DE2A81F4, DCC27DE1B2B35866FC6DBDE95A368E7D0D346B6C3F31D0BACA63DD39B0A8874E ] CNG C:\windows\system32\Drivers\cng.sys
22:30:20.0385 0x0f14 CNG - ok
22:30:20.0526 0x0f14 [ 644FBD0AE1D570C3751E0EAD7A3FFE56, 9DD7ADE1FE67E37BC2BB8C41EB524F5EA16F39DC668B31CFA8B0906773C020B9 ] CobianBackup11 C:\Program Files\Cobian Backup 11\cbService.exe
22:30:20.0605 0x0f14 CobianBackup11 - detected UnsignedFile.Multi.Generic ( 1 )
22:30:24.0881 0x0f14 Detect skipped due to KSN trusted
22:30:24.0882 0x0f14 CobianBackup11 - ok
22:30:24.0939 0x0f14 [ F9A79C5B27037821112C50A9C8FB367A, D9990AE1A0CA767E54C9D3FD2C6EA2A068DFD5A270102E915F71648A0C59097B ] Com4QLBEx C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
22:30:24.0980 0x0f14 Com4QLBEx - ok
22:30:24.0999 0x0f14 [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
22:30:25.0027 0x0f14 Compbatt - ok
22:30:25.0062 0x0f14 [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
22:30:25.0117 0x0f14 CompositeBus - ok
22:30:25.0125 0x0f14 COMSysApp - ok
22:30:25.0155 0x0f14 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
22:30:25.0182 0x0f14 crcdisk - ok
22:30:25.0252 0x0f14 [ 49474B3E37969AF4B5C076F42B623AFF, BDA6B57E9B60EF1B67C74099263D33A367AAA035667239F76AB8B268FD3E8F23 ] CryptSvc C:\windows\system32\cryptsvc.dll
22:30:25.0318 0x0f14 CryptSvc - ok
22:30:25.0420 0x0f14 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch C:\windows\system32\rpcss.dll
22:30:25.0535 0x0f14 DcomLaunch - ok
22:30:25.0569 0x0f14 [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\windows\System32\defragsvc.dll
22:30:25.0645 0x0f14 defragsvc - ok
22:30:25.0672 0x0f14 [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC C:\windows\system32\Drivers\dfsc.sys
22:30:25.0744 0x0f14 DfsC - ok
22:30:25.0781 0x0f14 [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\windows\system32\dhcpcore.dll
22:30:25.0878 0x0f14 Dhcp - ok
22:30:25.0889 0x0f14 [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\windows\system32\drivers\discache.sys
22:30:25.0981 0x0f14 discache - ok
22:30:25.0991 0x0f14 [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\windows\system32\DRIVERS\disk.sys
22:30:26.0020 0x0f14 Disk - ok
22:30:26.0056 0x0f14 [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache C:\windows\System32\dnsrslvr.dll
22:30:26.0139 0x0f14 Dnscache - ok
22:30:26.0167 0x0f14 [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\windows\System32\dot3svc.dll
22:30:26.0243 0x0f14 dot3svc - ok
22:30:26.0275 0x0f14 [ B5E479EB83707DD698F66953E922042C, 82891A4699F180A20EB25A0EC49A7E008B007A374BAA3279483AC1C95D125FE8 ] Dot4 C:\windows\system32\DRIVERS\Dot4.sys
22:30:26.0313 0x0f14 Dot4 - ok
22:30:26.0349 0x0f14 [ CAEFD09B6A6249C53A67D55A9A9FCABF, A76C951EA8A830E5BA22D8D393A946BBAEEDB76478539F647E58199B383F786B ] Dot4Print C:\windows\system32\DRIVERS\Dot4Prt.sys
22:30:26.0403 0x0f14 Dot4Print - ok
22:30:26.0416 0x0f14 [ CF491FF38D62143203C065260567E2F7, 4315FD8FC88CF627EBE469A2DF0F280B17C95D3004FC7A93D6F8E47F0D91A037 ] dot4usb C:\windows\system32\DRIVERS\dot4usb.sys
22:30:26.0487 0x0f14 dot4usb - ok
22:30:26.0524 0x0f14 [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\windows\system32\dps.dll
22:30:26.0616 0x0f14 DPS - ok
22:30:26.0682 0x0f14 [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud C:\windows\system32\drivers\drmkaud.sys
22:30:26.0727 0x0f14 drmkaud - ok
22:30:26.0764 0x0f14 [ C0C7CECCB6C85994C2BC92D58E52D3F2, 993483E6667D8D3AD2E64FD5A689DCB28B3910824B1E036DB626F334996DEAC9 ] dtsoftbus01 C:\windows\system32\DRIVERS\dtsoftbus01.sys
22:30:26.0801 0x0f14 dtsoftbus01 - ok
22:30:26.0894 0x0f14 [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
22:30:26.0973 0x0f14 DXGKrnl - ok
22:30:27.0005 0x0f14 [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\windows\System32\eapsvc.dll
22:30:27.0065 0x0f14 EapHost - ok
22:30:27.0236 0x0f14 [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\windows\system32\DRIVERS\evbdx.sys
22:30:27.0476 0x0f14 ebdrv - ok
22:30:27.0560 0x0f14 [ 981CE3E3A653511799F4A862494B66A8, 414D975387A118535E39636413969A7D4C98A85E542A44B8FA515C8A20D6093F ] EFS C:\windows\System32\lsass.exe
22:30:27.0623 0x0f14 EFS - ok
22:30:27.0713 0x0f14 [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\windows\ehome\ehRecvr.exe
22:30:27.0806 0x0f14 ehRecvr - ok
22:30:27.0849 0x0f14 [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\windows\ehome\ehsched.exe
22:30:27.0925 0x0f14 ehSched - ok
22:30:27.0971 0x0f14 [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
22:30:28.0059 0x0f14 elxstor - ok
22:30:28.0081 0x0f14 [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\windows\system32\drivers\errdev.sys
22:30:28.0112 0x0f14 ErrDev - ok
22:30:28.0195 0x0f14 [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\windows\system32\es.dll
22:30:28.0301 0x0f14 EventSystem - ok
22:30:28.0355 0x0f14 [ 57C171EA22F0A7F068FCB0CAEDD1E8E7, 9AAF39AA22372FB8582C1422581C08E61444BF843E1CE2E199EB00FBEA6F9C06 ] ew_hwusbdev C:\windows\system32\DRIVERS\ew_hwusbdev.sys
22:30:28.0465 0x0f14 ew_hwusbdev - ok
22:30:28.0526 0x0f14 [ 61A973F60E94A551BA7B15F3460444FB, FC2FB69978D99D75673AFE9F08176F3139DCBAEDE4D339BD09DA29CD3EC01005 ] ew_usbenumfilter C:\windows\system32\DRIVERS\ew_usbenumfilter.sys
22:30:28.0600 0x0f14 ew_usbenumfilter - ok
22:30:28.0637 0x0f14 [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\windows\system32\drivers\exfat.sys
22:30:28.0714 0x0f14 exfat - ok
22:30:28.0745 0x0f14 [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\windows\system32\drivers\fastfat.sys
22:30:28.0832 0x0f14 fastfat - ok
22:30:29.0011 0x0f14 [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\windows\system32\fxssvc.exe
22:30:29.0163 0x0f14 Fax - ok
22:30:29.0213 0x0f14 [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\windows\system32\DRIVERS\fdc.sys
22:30:29.0312 0x0f14 fdc - ok
22:30:29.0365 0x0f14 [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\windows\system32\fdPHost.dll
22:30:29.0576 0x0f14 fdPHost - ok
22:30:29.0626 0x0f14 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\windows\system32\fdrespub.dll
22:30:29.0758 0x0f14 FDResPub - ok
22:30:29.0768 0x0f14 [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
22:30:29.0803 0x0f14 FileInfo - ok
22:30:29.0814 0x0f14 [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\windows\system32\drivers\filetrace.sys
22:30:29.0959 0x0f14 Filetrace - ok
22:30:29.0993 0x0f14 [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
22:30:30.0033 0x0f14 flpydisk - ok
22:30:30.0051 0x0f14 [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
22:30:30.0089 0x0f14 FltMgr - ok
22:30:30.0118 0x0f14 [ 25A6A4FE918BE28B75C5CD3F32A46B3C, B9DAC7FD860CA67F5E10709EF6607D0F3CC5D6D05F8065A37E9D996FF7C83B93 ] fltsrv C:\windows\system32\DRIVERS\fltsrv.sys
22:30:30.0175 0x0f14 fltsrv - ok
22:30:30.0435 0x0f14 [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache C:\windows\system32\FntCache.dll
22:30:30.0660 0x0f14 FontCache - ok
22:30:30.0765 0x0f14 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:30:30.0815 0x0f14 FontCache3.0.0.0 - ok
22:30:30.0826 0x0f14 [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\windows\system32\drivers\FsDepends.sys
22:30:30.0862 0x0f14 FsDepends - ok
22:30:30.0931 0x0f14 [ CBE5F69A5E5B918225F420BA748F3742, 930C81195346239A7843CAE140896698675E8025BF32C3E71D2BDDA53FAB0264 ] FsUsbExDisk C:\windows\system32\FsUsbExDisk.SYS
22:30:31.0002 0x0f14 FsUsbExDisk - detected UnsignedFile.Multi.Generic ( 1 )
22:30:35.0377 0x0f14 Detect skipped due to KSN trusted
22:30:35.0377 0x0f14 FsUsbExDisk - ok
22:30:35.0436 0x0f14 [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
22:30:35.0473 0x0f14 Fs_Rec - ok
22:30:35.0518 0x0f14 [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
22:30:35.0567 0x0f14 fvevol - ok
22:30:35.0618 0x0f14 [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
22:30:35.0649 0x0f14 gagp30kx - ok
22:30:35.0843 0x0f14 [ 5B54469855533D8E9F420297F8DFBCC8, E6F2DECA3F60A9BFA5B8A2CF80DE2EF90946F1BE2D3509A9453F67D7D279E1C6 ] Garmin Core Update Service C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
22:30:35.0920 0x0f14 Garmin Core Update Service - ok
22:30:36.0016 0x0f14 [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc C:\windows\System32\gpsvc.dll
22:30:36.0165 0x0f14 gpsvc - ok
22:30:36.0208 0x0f14 [ CEC45180029F1012054A41CEEEA9CEAB, FCE330FB9E4A9BA0BD1C31D94A5A73034175DB5FF4115009B3B3FFE327E31995 ] grmnusb C:\windows\system32\drivers\grmnusb.sys
22:30:36.0311 0x0f14 grmnusb - ok
22:30:36.0328 0x0f14 [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
22:30:36.0372 0x0f14 hcw85cir - ok
22:30:36.0419 0x0f14 [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
22:30:36.0573 0x0f14 HdAudAddService - ok
22:30:36.0615 0x0f14 [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
22:30:36.0765 0x0f14 HDAudBus - ok
22:30:36.0822 0x0f14 [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
22:30:36.0878 0x0f14 HidBatt - ok
22:30:36.0907 0x0f14 [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
22:30:36.0992 0x0f14 HidBth - ok
22:30:37.0026 0x0f14 [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\windows\system32\DRIVERS\hidir.sys
22:30:37.0069 0x0f14 HidIr - ok
22:30:37.0158 0x0f14 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\windows\System32\hidserv.dll
22:30:37.0239 0x0f14 hidserv - ok
22:30:37.0289 0x0f14 [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
22:30:37.0457 0x0f14 HidUsb - ok
22:30:37.0499 0x0f14 [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\windows\system32\kmsvc.dll
22:30:37.0692 0x0f14 hkmsvc - ok
22:30:37.0755 0x0f14 [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\windows\system32\ListSvc.dll
22:30:37.0836 0x0f14 HomeGroupListener - ok
22:30:37.0922 0x0f14 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\windows\system32\provsvc.dll
22:30:38.0070 0x0f14 HomeGroupProvider - ok
22:30:38.0121 0x0f14 [ 0141816A095A3F5A83FFA5B4A47B8023, F7B26D707EB817FA0F5BFDFA785370B458AF54C94A1E679B36F6808158EA467C ] HP Health Check Service C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
22:30:38.0217 0x0f14 HP Health Check Service - detected UnsignedFile.Multi.Generic ( 1 )
22:30:42.0709 0x0f14 Detect skipped due to KSN trusted
22:30:42.0709 0x0f14 HP Health Check Service - ok
22:30:42.0767 0x0f14 [ 9FF8868DE43435DF5F015CA7D786C3E2, 33A66967B97312FB261BB8932CD950B5B1F91FDA0EFB30A11014A7ABEF2E3193 ] HP ProtectTools Service C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
22:30:42.0827 0x0f14 HP ProtectTools Service - detected UnsignedFile.Multi.Generic ( 1 )
22:30:47.0368 0x0f14 Detect skipped due to KSN trusted
22:30:47.0369 0x0f14 HP ProtectTools Service - ok
22:30:47.0398 0x0f14 [ 4EF10B866C62ABBEAF7511CDD05A19BE, B758DCB9CD8C7E6ED4DEFB666A94B0F749CB86964D2CA9004DF94C5E321F5151 ] hpdskflt C:\windows\system32\DRIVERS\hpdskflt.sys
22:30:47.0419 0x0f14 hpdskflt - ok
22:30:47.0509 0x0f14 [ 5DA42D24712E00728CEA2342A65009B2, 73EC5250DCFD556525B24B3CA66C64AC7747E77652A2AD6119936A59A9E8562A ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
22:30:47.0562 0x0f14 hpqcxs08 - ok
22:30:47.0581 0x0f14 [ D86A39BF100069444D026D22D9A6E555, 7B24D48D5BA67704C88697FADB64364E0E64D26259408E3C219820C5404C5EEC ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
22:30:47.0607 0x0f14 hpqddsvc - ok
22:30:47.0631 0x0f14 [ 1210960FF8928950D2A786895B0C424A, 22C8785E024CFDD3A43FAEAAA96B8332C37E9B6C765AB7AFBCD3DAA2DC9EFFC7 ] HpqKbFiltr C:\windows\system32\DRIVERS\HpqKbFiltr.sys
22:30:47.0714 0x0f14 HpqKbFiltr - ok
22:30:47.0758 0x0f14 [ FDF273A845F1FFCCEADF363AAF47582F, 9BB99346A977225EF77261CD3CF4219A238EB06FFE2DB91D00A0037BDCFECEF1 ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
22:30:47.0808 0x0f14 hpqwmiex - ok
22:30:47.0836 0x0f14 [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
22:30:47.0870 0x0f14 HpSAMD - ok
22:30:47.0932 0x0f14 [ A04F4AC48895774A2CF9D1C9EAAACEF0, 012F10DE086C3551D75716EF1F6DCC477C8C1E776267D9FC4073BEADAFD37C9C ] HPSLPSVC C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
22:30:48.0002 0x0f14 HPSLPSVC - ok
22:30:48.0031 0x0f14 [ C0BEB56ED79B59B7B33D0AA6C38A0BA6, 8A21DB7B51BF533CBA08640498C132560641244B9218C483E2053502DF88313D ] hpsrv C:\windows\system32\Hpservice.exe
22:30:48.0059 0x0f14 hpsrv - ok
22:30:48.0155 0x0f14 [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP C:\windows\system32\drivers\HTTP.sys
22:30:48.0286 0x0f14 HTTP - ok
22:30:48.0329 0x0f14 [ 2EB6C536E63C1047577DA6BF6C154E54, C25CCB0920EF776492C6ECD39827757F424C5854A09F050042810E7F0F9AAEB5 ] huawei_cdcacm C:\windows\system32\DRIVERS\ew_jucdcacm.sys
22:30:48.0436 0x0f14 huawei_cdcacm - ok
22:30:48.0470 0x0f14 [ 033CF42B457366CFA1F8C669C5E30233, 0EEB470847A6926CF18B505278C26A70B4E3D2D1EEE22CC7AF1EDA8623577370 ] huawei_enumerator C:\windows\system32\DRIVERS\ew_jubusenum.sys
22:30:48.0582 0x0f14 huawei_enumerator - ok
22:30:48.0618 0x0f14 [ 37CD1813D0A20B3199E9E904935B725D, 033B332E546F9942F07A83BDCCA8E5779531CC2DFA5F4B38EA1875375CE8DFD4 ] huawei_ext_ctrl C:\windows\system32\DRIVERS\ew_juextctrl.sys
22:30:48.0705 0x0f14 huawei_ext_ctrl - ok
22:30:48.0810 0x0f14 [ DBB03D622BD258FB88186F70C2482583, 0B1B28DF3E54AF76C25B96B0320C6510448525B3A8BD18D5FE1B51E982601B74 ] huawei_wwanecm C:\windows\system32\DRIVERS\ew_juwwanecm.sys
22:30:48.0927 0x0f14 huawei_wwanecm - ok
22:30:49.0006 0x0f14 [ 90CF9FDF55B12BCCD69CA1C3C9DC6ADB, D743B5D7305E86C37A87CB2E0365A7D21FD452C35EA6A1FEB19916DDCE2CFC30 ] hwdatacard C:\windows\system32\DRIVERS\ewusbmdm.sys
22:30:49.0152 0x0f14 hwdatacard - ok
22:30:49.0196 0x0f14 [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
22:30:49.0235 0x0f14 hwpolicy - ok
22:30:49.0327 0x0f14 [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
22:30:49.0432 0x0f14 i8042prt - ok
22:30:49.0605 0x0f14 [ F54B3DB096ABD6E9BBBD052FD3878A48, 6B1DB34DB96B590415EADF035BEC02AC935304F324062E92887F6C9F07BAA6C7 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
22:30:49.0947 0x0f14 IAANTMON - ok
22:30:50.0016 0x0f14 [ 01446278D4563B3013C92830AE6CBB26, 68DB91660E46945CAD5AB9767A603D1B750899A0737C538551F01892E755F0ED ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
22:30:50.0064 0x0f14 iaStor - ok
22:30:50.0121 0x0f14 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
22:30:50.0187 0x0f14 iaStorV - ok
22:30:50.0327 0x0f14 [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:30:50.0452 0x0f14 idsvc - ok
22:30:50.0512 0x0f14 IEEtwCollectorService - ok
22:30:50.0938 0x0f14 [ AD626F6964F4D364D226C39E06872DD3, 5D52F89930BB07D4D2D0FC12143BD233B5D2C238527B3B4CAD74736D1EC84218 ] igfx C:\windows\system32\DRIVERS\igdkmd32.sys
22:30:51.0464 0x0f14 igfx - ok
22:30:51.0514 0x0f14 [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
22:30:51.0561 0x0f14 iirsp - ok
22:30:51.0621 0x0f14 [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT C:\windows\System32\ikeext.dll
22:30:51.0944 0x0f14 IKEEXT - ok
22:30:51.0995 0x0f14 [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\windows\system32\drivers\intelide.sys
22:30:52.0039 0x0f14 intelide - ok
22:30:52.0052 0x0f14 [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
22:30:52.0216 0x0f14 intelppm - ok
22:30:52.0248 0x0f14 [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\windows\system32\ipbusenum.dll
22:30:52.0406 0x0f14 IPBusEnum - ok
22:30:52.0440 0x0f14 [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
22:30:52.0606 0x0f14 IpFilterDriver - ok
22:30:52.0701 0x0f14 [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
22:30:52.0847 0x0f14 iphlpsvc - ok
22:30:52.0912 0x0f14 [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
22:30:52.0972 0x0f14 IPMIDRV - ok
22:30:53.0016 0x0f14 [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\windows\system32\drivers\ipnat.sys
22:30:53.0149 0x0f14 IPNAT - ok
22:30:53.0223 0x0f14 [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\windows\system32\drivers\irenum.sys
22:30:53.0314 0x0f14 IRENUM - ok
22:30:53.0352 0x0f14 [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\windows\system32\drivers\isapnp.sys
22:30:53.0389 0x0f14 isapnp - ok
22:30:53.0448 0x0f14 [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
22:30:53.0502 0x0f14 iScsiPrt - ok
22:30:53.0512 0x0f14 [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\windows\system32\drivers\kbdclass.sys
22:30:53.0553 0x0f14 kbdclass - ok
22:30:53.0578 0x0f14 [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\windows\system32\drivers\kbdhid.sys
22:30:53.0646 0x0f14 kbdhid - ok
22:30:53.0670 0x0f14 [ 981CE3E3A653511799F4A862494B66A8, 414D975387A118535E39636413969A7D4C98A85E542A44B8FA515C8A20D6093F ] KeyIso C:\windows\system32\lsass.exe
22:30:53.0721 0x0f14 KeyIso - ok
22:30:53.0782 0x0f14 [ 746F89CE0C6569C589E6AC4D3DA82D41, 6D41311CBA8BB7C9C09C1757D7947539B67FE3EFF6299502176C673809BAEAD8 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
22:30:53.0821 0x0f14 KSecDD - ok
22:30:53.0847 0x0f14 [ D800E1EAF33630A1636BB21E8256AA92, D07542A242E0D52B494BE63A6A141207D0A59CF66ABEBA9CE33877594BF7BA5D ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
22:30:53.0895 0x0f14 KSecPkg - ok
22:30:53.0956 0x0f14 [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\windows\system32\msdtckrm.dll
22:30:54.0111 0x0f14 KtmRm - ok
22:30:54.0140 0x0f14 [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\windows\System32\srvsvc.dll
22:30:54.0222 0x0f14 LanmanServer - ok
22:30:54.0253 0x0f14 [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
22:30:54.0389 0x0f14 LanmanWorkstation - ok
22:30:54.0603 0x0f14 [ 83D8BE94E1CBCBE2EA8372DB1A95A159, 28D18C7B93EFB6C83023D39A54489DDE98DE578AFCC06DD0712D00DE7CD48968 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
22:30:54.0672 0x0f14 LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
22:30:58.0983 0x0f14 Detect skipped due to KSN trusted
22:30:58.0983 0x0f14 LightScribeService - ok
22:30:59.0007 0x0f14 [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
22:30:59.0064 0x0f14 lltdio - ok
22:30:59.0106 0x0f14 [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\windows\System32\lltdsvc.dll
22:30:59.0208 0x0f14 lltdsvc - ok
22:30:59.0246 0x0f14 [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\windows\System32\lmhsvc.dll
22:30:59.0303 0x0f14 lmhosts - ok
22:30:59.0321 0x0f14 [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
22:30:59.0351 0x0f14 LSI_FC - ok
22:30:59.0362 0x0f14 [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
22:30:59.0391 0x0f14 LSI_SAS - ok
22:30:59.0405 0x0f14 [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
22:30:59.0434 0x0f14 LSI_SAS2 - ok
22:30:59.0445 0x0f14 [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
22:30:59.0474 0x0f14 LSI_SCSI - ok
22:30:59.0495 0x0f14 [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\windows\system32\drivers\luafv.sys
22:30:59.0590 0x0f14 luafv - ok
22:30:59.0686 0x0f14 [ 8E2E9CCD873ABF180F48BCAEEEBE347D, 35DBBB8E63B480151EA5701D9DB7C90642FA2391D044DB400D3644F3E21BB0C1 ] MBAMSwissArmy C:\windows\system32\drivers\MBAMSwissArmy.sys
22:30:59.0715 0x0f14 MBAMSwissArmy - ok
22:30:59.0752 0x0f14 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
22:30:59.0790 0x0f14 Mcx2Svc - ok
22:30:59.0798 0x0f14 [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\windows\system32\DRIVERS\megasas.sys
22:30:59.0825 0x0f14 megasas - ok
22:30:59.0843 0x0f14 [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
22:30:59.0879 0x0f14 MegaSR - ok
22:30:59.0940 0x0f14 Microsoft SharePoint Workspace Audit Service - ok
22:30:59.0970 0x0f14 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\windows\system32\mmcss.dll
22:31:00.0033 0x0f14 MMCSS - ok
22:31:00.0057 0x0f14 [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\windows\system32\drivers\modem.sys
22:31:00.0131 0x0f14 Modem - ok
22:31:00.0154 0x0f14 [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\windows\system32\DRIVERS\monitor.sys
22:31:00.0209 0x0f14 monitor - ok
22:31:00.0240 0x0f14 [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
22:31:00.0270 0x0f14 mouclass - ok
22:31:00.0278 0x0f14 [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
22:31:00.0342 0x0f14 mouhid - ok
22:31:00.0416 0x0f14 [ 644905A19D0F37F2233DFCE53BC4BC19, F52CB40AA0FD1EBF8CBF0F3BFB20C47142C637719840877FB93F10D085EB8C2B ] mountmgr C:\windows\system32\drivers\mountmgr.sys
22:31:00.0445 0x0f14 mountmgr - ok
22:31:00.0493 0x0f14 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\windows\system32\drivers\mpio.sys
22:31:00.0536 0x0f14 mpio - ok
22:31:00.0548 0x0f14 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
22:31:00.0602 0x0f14 mpsdrv - ok
22:31:00.0648 0x0f14 [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\windows\system32\mpssvc.dll
22:31:00.0744 0x0f14 MpsSvc - ok
22:31:00.0805 0x0f14 [ 03F899F521D2AAED1C55008F734DF252, 4E56A51476A13F5630719018037B1F63DF9ACEA1CFE782AF04E669BD696954C5 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
22:31:00.0898 0x0f14 MRxDAV - ok
22:31:00.0930 0x0f14 [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
22:31:00.0980 0x0f14 mrxsmb - ok
22:31:01.0012 0x0f14 [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
22:31:01.0063 0x0f14 mrxsmb10 - ok
22:31:01.0091 0x0f14 [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
22:31:01.0167 0x0f14 mrxsmb20 - ok
22:31:01.0196 0x0f14 [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\windows\system32\drivers\msahci.sys
22:31:01.0223 0x0f14 msahci - ok
22:31:01.0249 0x0f14 [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\windows\system32\drivers\msdsm.sys
22:31:01.0281 0x0f14 msdsm - ok
22:31:01.0305 0x0f14 [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\windows\System32\msdtc.exe
22:31:01.0360 0x0f14 MSDTC - ok
22:31:01.0426 0x0f14 [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\windows\system32\drivers\Msfs.sys
22:31:01.0509 0x0f14 Msfs - ok
22:31:01.0528 0x0f14 [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
22:31:01.0583 0x0f14 mshidkmdf - ok
22:31:01.0605 0x0f14 [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
22:31:01.0633 0x0f14 msisadrv - ok
22:31:01.0676 0x0f14 [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\windows\system32\iscsiexe.dll
22:31:01.0743 0x0f14 MSiSCSI - ok
22:31:01.0751 0x0f14 msiserver - ok
22:31:01.0772 0x0f14 [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
22:31:01.0852 0x0f14 MSKSSRV - ok
22:31:01.0872 0x0f14 [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
22:31:01.0928 0x0f14 MSPCLOCK - ok
22:31:01.0961 0x0f14 [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
22:31:02.0038 0x0f14 MSPQM - ok
22:31:02.0055 0x0f14 [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
22:31:02.0091 0x0f14 MsRPC - ok
22:31:02.0120 0x0f14 [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\windows\system32\drivers\mssmbios.sys
22:31:02.0147 0x0f14 mssmbios - ok
22:31:02.0187 0x0f14 [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\windows\system32\drivers\MSTEE.sys
22:31:02.0278 0x0f14 MSTEE - ok
22:31:02.0345 0x0f14 [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
22:31:02.0592 0x0f14 MTConfig - ok
22:31:02.0621 0x0f14 [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\windows\system32\Drivers\mup.sys
22:31:02.0672 0x0f14 Mup - ok
22:31:02.0763 0x0f14 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\windows\system32\qagentRT.dll
22:31:02.0872 0x0f14 napagent - ok
22:31:02.0902 0x0f14 [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
22:31:03.0030 0x0f14 NativeWifiP - ok
22:31:03.0112 0x0f14 [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS C:\windows\system32\drivers\ndis.sys
22:31:03.0199 0x0f14 NDIS - ok
22:31:03.0225 0x0f14 [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
22:31:03.0319 0x0f14 NdisCap - ok
22:31:03.0350 0x0f14 [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
22:31:03.0407 0x0f14 NdisTapi - ok
22:31:03.0427 0x0f14 [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
22:31:03.0481 0x0f14 Ndisuio - ok
22:31:03.0541 0x0f14 [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
22:31:03.0632 0x0f14 NdisWan - ok
22:31:03.0687 0x0f14 [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\windows\system32\drivers\NDProxy.sys
22:31:03.0739 0x0f14 NDProxy - ok
22:31:03.0759 0x0f14 [ A081CB6FB9A12668F233EB5414BE3A0E, EE2A1311B51D1FEBAF79F45E568A927D8EA7704AFC8495AED2D26927566F61E3 ] Net Driver HPZ12 C:\windows\system32\HPZinw12.dll
22:31:03.0775 0x0f14 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
22:31:13.0903 0x0f14 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
22:31:17.0811 0x0f14 [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
22:31:17.0953 0x0f14 NetBIOS - ok
22:31:17.0991 0x0f14 [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
22:31:18.0057 0x0f14 NetBT - ok
22:31:18.0142 0x0f14 [ 981CE3E3A653511799F4A862494B66A8, 414D975387A118535E39636413969A7D4C98A85E542A44B8FA515C8A20D6093F ] Netlogon C:\windows\system32\lsass.exe
22:31:18.0257 0x0f14 Netlogon - ok
22:31:18.0314 0x0f14 [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\windows\System32\netman.dll
22:31:18.0627 0x0f14 Netman - ok
22:31:18.0707 0x0f14 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:31:18.0764 0x0f14 NetMsmqActivator - ok
22:31:18.0777 0x0f14 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:31:18.0811 0x0f14 NetPipeActivator - ok
22:31:18.0840 0x0f14 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\windows\System32\netprofm.dll
22:31:18.0963 0x0f14 netprofm - ok
22:31:18.0976 0x0f14 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:31:19.0011 0x0f14 NetTcpActivator - ok
22:31:19.0031 0x0f14 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:31:19.0073 0x0f14 NetTcpPortSharing - ok
22:31:19.0965 0x0f14 [ D1F531B61CB35422D691E545DE60554C, E942DA40E5DE02238E59E13731613578A834D4CAFB3C0D437FB6FAC2E46F3B31 ] NETw1v32 C:\windows\system32\DRIVERS\NETw1v32.sys
22:31:20.0616 0x0f14 NETw1v32 - ok
22:31:21.0860 0x0f14 [ 5B2DFA9C5C02DDF2A113CC0F551B59DF, C599955025A64A735AD8C7E24F52525CD7A82438A7214EB9103AAAD137EB9989 ] NETw5s32 C:\windows\system32\DRIVERS\NETw5s32.sys
22:31:22.0337 0x0f14 NETw5s32 - ok
22:31:22.0914 0x0f14 [ 58218EC6B61B1169CF54AAB0D00F5FE2, B76ABB2AD78CE68D30F0F08563B0593D658298CDCF1B138B6E9FB0D64CBCC3C2 ] netw5v32 C:\windows\system32\DRIVERS\netw5v32.sys
22:31:23.0222 0x0f14 netw5v32 - ok
22:31:23.0311 0x0f14 [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
22:31:23.0338 0x0f14 nfrd960 - ok
22:31:23.0406 0x0f14 [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc C:\windows\System32\nlasvc.dll
22:31:23.0491 0x0f14 NlaSvc - ok
22:31:23.0559 0x0f14 [ B9730495E0CF674680121E34BD95A73B, 1A3DD943B0EEA19A676175825CB135825ECF41404B59349AC9B1E6D137FA9B46 ] npf C:\windows\system32\drivers\npf.sys
22:31:23.0586 0x0f14 npf - ok
22:31:23.0597 0x0f14 [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\windows\system32\drivers\Npfs.sys
22:31:23.0672 0x0f14 Npfs - ok
22:31:23.0778 0x0f14 [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\windows\system32\nsisvc.dll
22:31:23.0869 0x0f14 nsi - ok
22:31:23.0879 0x0f14 [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
22:31:23.0985 0x0f14 nsiproxy - ok
22:31:24.0376 0x0f14 [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs C:\windows\system32\drivers\Ntfs.sys
22:31:24.0510 0x0f14 Ntfs - ok
22:31:24.0591 0x0f14 [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\windows\system32\drivers\Null.sys
22:31:24.0649 0x0f14 Null - ok
22:31:24.0764 0x0f14 [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid C:\windows\system32\drivers\nvraid.sys
22:31:24.0796 0x0f14 nvraid - ok
22:31:24.0815 0x0f14 [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor C:\windows\system32\drivers\nvstor.sys
22:31:24.0849 0x0f14 nvstor - ok
22:31:24.0911 0x0f14 [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
22:31:24.0942 0x0f14 nv_agp - ok
22:31:25.0003 0x0f14 [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
22:31:25.0062 0x0f14 ohci1394 - ok
22:31:25.0228 0x0f14 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:31:25.0255 0x0f14 ose - ok
22:31:26.0288 0x0f14 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:31:26.0609 0x0f14 osppsvc - ok
22:31:26.0735 0x0f14 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\windows\system32\pnrpsvc.dll
22:31:26.0873 0x0f14 p2pimsvc - ok
22:31:26.0941 0x0f14 [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\windows\system32\p2psvc.dll
22:31:27.0004 0x0f14 p2psvc - ok
22:31:27.0045 0x0f14 [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\windows\system32\DRIVERS\parport.sys
22:31:27.0078 0x0f14 Parport - ok
22:31:27.0126 0x0f14 [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr C:\windows\system32\drivers\partmgr.sys
22:31:27.0156 0x0f14 partmgr - ok
22:31:27.0188 0x0f14 [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\windows\system32\DRIVERS\parvdm.sys
22:31:27.0222 0x0f14 Parvdm - ok
22:31:27.0461 0x0f14 [ 733357D50FCD27812FC1B292DC5C1693, C5DB5D786FBE44FA001DE9F3D6ACD3B7DB382FB5CA32AA1D24C82AC3B80F27AE ] PasswordBox C:\Program Files\PasswordBox\pbbtnService.exe
22:31:27.0499 0x0f14 PasswordBox - detected UnsignedFile.Multi.Generic ( 1 )
22:31:30.0352 0x0f14 Detect skipped due to KSN trusted
22:31:30.0352 0x0f14 PasswordBox - ok
22:31:30.0438 0x0f14 [ 52954BE460EC6C54C0ACB2B3B126FFC6, 9F9878EC5ABC74C5A8EE8E1D940F0934F081895B07D844F42F80A638FE713F7B ] PcaSvc C:\windows\System32\pcasvc.dll
22:31:30.0486 0x0f14 PcaSvc - ok
22:31:30.0514 0x0f14 [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\windows\system32\drivers\pci.sys
22:31:30.0554 0x0f14 pci - ok
22:31:30.0617 0x0f14 [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\windows\system32\drivers\pciide.sys
22:31:30.0646 0x0f14 pciide - ok
22:31:30.0694 0x0f14 [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
22:31:30.0746 0x0f14 pcmcia - ok
22:31:30.0783 0x0f14 [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\windows\system32\drivers\pcw.sys
22:31:30.0811 0x0f14 pcw - ok
22:31:30.0878 0x0f14 pdfcDispatcher - ok
22:31:30.0926 0x0f14 [ AEBC369F7DC72AB3F5B9BDF34FA0D43F, 2A819154AC6C23E97C583D90B4D0C112188B7AE9D8D9B3F88811BFCED124E551 ] PEAUTH C:\windows\system32\drivers\peauth.sys
22:31:31.0041 0x0f14 PEAUTH - ok
22:31:31.0212 0x0f14 [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\windows\system32\pla.dll
22:31:31.0431 0x0f14 pla - ok
22:31:31.0533 0x0f14 [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay C:\windows\system32\umpnpmgr.dll
22:31:31.0660 0x0f14 PlugPlay - ok
22:31:31.0692 0x0f14 [ 65BC271F337637731D3C71455AE1F476, DAD32B61FE0147F8D2DA4C8F016920CD6BB2098F16E3CC2768009763E71DEFBC ] Pml Driver HPZ12 C:\windows\system32\HPZipm12.dll
22:31:31.0727 0x0f14 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
22:31:34.0784 0x0f14 Detect skipped due to KSN trusted
22:31:34.0785 0x0f14 Pml Driver HPZ12 - ok
22:31:34.0806 0x0f14 [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
22:31:34.0925 0x0f14 PNRPAutoReg - ok
22:31:34.0967 0x0f14 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\windows\system32\pnrpsvc.dll
22:31:35.0014 0x0f14 PNRPsvc - ok
22:31:35.0063 0x0f14 [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
22:31:35.0146 0x0f14 PolicyAgent - ok
22:31:35.0195 0x0f14 [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\windows\system32\umpo.dll
22:31:35.0298 0x0f14 Power - ok
22:31:35.0351 0x0f14 [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
22:31:35.0447 0x0f14 PptpMiniport - ok
22:31:35.0485 0x0f14 [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\windows\system32\DRIVERS\processr.sys
22:31:35.0556 0x0f14 Processor - ok
22:31:35.0600 0x0f14 [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc C:\windows\system32\profsvc.dll
22:31:35.0671 0x0f14 ProfSvc - ok
22:31:35.0694 0x0f14 [ 981CE3E3A653511799F4A862494B66A8, 414D975387A118535E39636413969A7D4C98A85E542A44B8FA515C8A20D6093F ] ProtectedStorage C:\windows\system32\lsass.exe
22:31:35.0728 0x0f14 ProtectedStorage - ok
22:31:35.0744 0x0f14 [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\windows\system32\DRIVERS\pacer.sys
22:31:35.0842 0x0f14 Psched - ok
22:31:35.0875 0x0f14 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E, 20ABD8372B242FD356AC143E7EB56F93CFEA4988ED1B0C4434CB64C387D7F66C ] PxHelp20 C:\windows\system32\Drivers\PxHelp20.sys
22:31:35.0899 0x0f14 PxHelp20 - ok
22:31:35.0978 0x0f14 [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
22:31:36.0090 0x0f14 ql2300 - ok
22:31:36.0106 0x0f14 [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
22:31:36.0139 0x0f14 ql40xx - ok
22:31:36.0171 0x0f14 [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\windows\system32\qwave.dll
22:31:36.0258 0x0f14 QWAVE - ok
22:31:36.0269 0x0f14 [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
22:31:36.0448 0x0f14 QWAVEdrv - ok
22:31:36.0525 0x0f14 [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
22:31:36.0641 0x0f14 RasAcd - ok
22:31:36.0729 0x0f14 [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
22:31:36.0821 0x0f14 RasAgileVpn - ok
22:31:36.0927 0x0f14 [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\windows\System32\rasauto.dll
22:31:37.0013 0x0f14 RasAuto - ok
22:31:37.0050 0x0f14 [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
22:31:37.0126 0x0f14 Rasl2tp - ok
22:31:37.0330 0x0f14 [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\windows\System32\rasmans.dll
22:31:37.0428 0x0f14 RasMan - ok
22:31:37.0462 0x0f14 [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
22:31:37.0539 0x0f14 RasPppoe - ok
22:31:37.0584 0x0f14 [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
22:31:37.0678 0x0f14 RasSstp - ok
22:31:37.0769 0x0f14 [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
22:31:37.0833 0x0f14 rdbss - ok
22:31:37.0873 0x0f14 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
22:31:37.0906 0x0f14 rdpbus - ok
22:31:37.0984 0x0f14 [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
22:31:38.0038 0x0f14 RDPCDD - ok
22:31:38.0067 0x0f14 [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
22:31:38.0119 0x0f14 RDPENCDD - ok
22:31:38.0139 0x0f14 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
22:31:38.0214 0x0f14 RDPREFMP - ok
22:31:38.0372 0x0f14 [ 65375DF758CA1872AB7EBBBA457FD5E6, 8AC7681F51277E799C22FF95FA0B833E9E260D37C0416319FF05B66FB3948005 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
22:31:38.0732 0x0f14 RdpVideoMiniport - ok
22:31:39.0098 0x0f14 [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
22:31:39.0381 0x0f14 RDPWD - ok
22:31:39.0533 0x0f14 [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
22:31:39.0567 0x0f14 rdyboost - ok
22:31:39.0665 0x0f14 [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\windows\System32\mprdim.dll
22:31:39.0752 0x0f14 RemoteAccess - ok
22:31:39.0790 0x0f14 [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\windows\system32\regsvc.dll
22:31:39.0868 0x0f14 RemoteRegistry - ok
22:31:39.0924 0x0f14 [ CB928D9E6DAF51879DD6BA8D02F01321, DFD263B67DDF98AE09AF6D6986CBC7BE3206BCE8403AAC51BCF9459E78233D12 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
22:31:39.0963 0x0f14 RFCOMM - ok
22:31:40.0104 0x0f14 [ 85F9924FB26D924C4A10DC620AE2C350, 52DC870426EF36851D5037EB244B156F66CE2D661E0378232E12F635DDFE3D1A ] RoxMediaDB10 c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
22:31:40.0215 0x0f14 RoxMediaDB10 - ok
22:31:40.0246 0x0f14 [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
22:31:40.0391 0x0f14 RpcEptMapper - ok
22:31:40.0511 0x0f14 [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\windows\system32\locator.exe
22:31:40.0545 0x0f14 RpcLocator - ok
22:31:41.0003 0x0f14 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs C:\windows\system32\rpcss.dll
22:31:41.0075 0x0f14 RpcSs - ok
22:31:41.0152 0x0f14 [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
22:31:41.0208 0x0f14 rspndr - ok
22:31:41.0263 0x0f14 [ 981CE3E3A653511799F4A862494B66A8, 414D975387A118535E39636413969A7D4C98A85E542A44B8FA515C8A20D6093F ] SamSs C:\windows\system32\lsass.exe
22:31:41.0295 0x0f14 SamSs - ok
22:31:41.0442 0x0f14 [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\windows\system32\drivers\sbp2port.sys
22:31:41.0472 0x0f14 sbp2port - ok
22:31:41.0575 0x0f14 [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\windows\System32\SCardSvr.dll
22:31:41.0640 0x0f14 SCardSvr - ok
22:31:41.0702 0x0f14 [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
22:31:41.0793 0x0f14 scfilter - ok
22:31:42.0138 0x0f14 [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule C:\windows\system32\schedsvc.dll
22:31:42.0378 0x0f14 Schedule - ok
22:31:42.0660 0x0f14 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\windows\System32\certprop.dll
22:31:42.0713 0x0f14 SCPolicySvc - ok
22:31:42.0811 0x0f14 [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\windows\System32\SDRSVC.dll
22:31:42.0949 0x0f14 SDRSVC - ok
22:31:42.0975 0x0f14 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\windows\system32\drivers\secdrv.sys
22:31:43.0033 0x0f14 secdrv - ok
22:31:43.0141 0x0f14 [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\windows\system32\seclogon.dll
22:31:43.0233 0x0f14 seclogon - ok
22:31:43.0321 0x0f14 [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\windows\system32\sens.dll
22:31:43.0386 0x0f14 SENS - ok
22:31:43.0400 0x0f14 [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\windows\system32\sensrsvc.dll
22:31:43.0482 0x0f14 SensrSvc - ok
22:31:43.0530 0x0f14 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\windows\system32\DRIVERS\serenum.sys
22:31:43.0562 0x0f14 Serenum - ok
22:31:43.0593 0x0f14 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\windows\system32\DRIVERS\serial.sys
22:31:43.0634 0x0f14 Serial - ok
22:31:43.0656 0x0f14 [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
22:31:43.0688 0x0f14 sermouse - ok
22:31:43.0750 0x0f14 [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\windows\system32\sessenv.dll
22:31:43.0812 0x0f14 SessionEnv - ok
22:31:43.0834 0x0f14 [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\windows\system32\drivers\sffdisk.sys
22:31:43.0895 0x0f14 sffdisk - ok
22:31:43.0970 0x0f14 [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
22:31:44.0054 0x0f14 sffp_mmc - ok
22:31:44.0090 0x0f14 [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
22:31:44.0126 0x0f14 sffp_sd - ok
22:31:44.0174 0x0f14 [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
22:31:44.0216 0x0f14 sfloppy - ok
22:31:44.0433 0x0f14 [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\windows\System32\ipnathlp.dll
22:31:44.0590 0x0f14 SharedAccess - ok
22:31:44.0736 0x0f14 [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\windows\System32\shsvcs.dll
22:31:44.0821 0x0f14 ShellHWDetection - ok
22:31:44.0862 0x0f14 [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\windows\system32\drivers\sisagp.sys
22:31:44.0892 0x0f14 sisagp - ok
22:31:44.0912 0x0f14 [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
22:31:44.0940 0x0f14 SiSRaid2 - ok
22:31:44.0951 0x0f14 [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
22:31:44.0980 0x0f14 SiSRaid4 - ok
22:31:45.0077 0x0f14 [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\windows\system32\DRIVERS\smb.sys
22:31:45.0175 0x0f14 Smb - ok
22:31:45.0217 0x0f14 [ AF0C80CBC0A2C29462F84FBF74BE59BD, 22741C103F8E85F1A4D3F17008048D22413E71941EFC78174DEC8445CA0A5F63 ] snapman C:\windows\system32\DRIVERS\snapman.sys
22:31:45.0255 0x0f14 snapman - ok
22:31:45.0325 0x0f14 [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\windows\System32\snmptrap.exe
22:31:45.0369 0x0f14 SNMPTRAP - ok
22:31:45.0495 0x0f14 [ 3A4F2C0BB87A0895ABEBA341AA1E341B, 4DADEEF3C5D181502D6F4A00FBBF3B001FA626E49569FB330D7AE2955CC7DE08 ] Sony PC Companion C:\Program Files\Sony\Sony PC Companion\PCCService.exe
22:31:45.0536 0x0f14 Sony PC Companion - ok
22:31:45.0571 0x0f14 [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\windows\system32\drivers\spldr.sys
22:31:45.0598 0x0f14 spldr - ok
22:31:45.0638 0x0f14 [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler C:\windows\System32\spoolsv.exe
22:31:45.0775 0x0f14 Spooler - ok
22:31:46.0058 0x0f14 [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc C:\windows\system32\sppsvc.exe
22:31:46.0319 0x0f14 sppsvc - ok
22:31:46.0506 0x0f14 [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify C:\windows\system32\sppuinotify.dll
22:31:46.0568 0x0f14 sppuinotify - ok
22:31:46.0569 0x0f14 ================ Scan global ===============================
22:31:46.0830 0x0f14 [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\windows\system32\basesrv.dll
22:31:46.0868 0x0f14 [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\windows\system32\winsrv.dll
22:31:46.0916 0x0f14 [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\windows\system32\winsrv.dll
22:31:46.0975 0x0f14 [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\windows\system32\sxssrv.dll
22:31:47.0026 0x0f14 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\windows\system32\services.exe
22:31:47.0051 0x0f14 [ Global ] - ok
22:31:47.0052 0x0f14 ================ Scan MBR ==================================
22:31:47.0063 0x0f14 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:31:47.0825 0x0f14 \Device\Harddisk0\DR0 - ok
22:31:47.0826 0x0f14 ================ Scan VBR ==================================
22:31:47.0831 0x0f14 [ 2DDE72576502D5B6DC133BEFCA8EEBE4 ] \Device\Harddisk0\DR0\Partition1
22:31:47.0895 0x0f14 \Device\Harddisk0\DR0\Partition1 - ok
22:31:47.0902 0x0f14 [ 46E9E9EC86E1372FCAABE741372DBECF ] \Device\Harddisk0\DR0\Partition2
22:31:47.0981 0x0f14 \Device\Harddisk0\DR0\Partition2 - ok
22:31:47.0988 0x0f14 [ 13F95F2D2B666E8ABC22AC37FC3EE811 ] \Device\Harddisk0\DR0\Partition3
22:31:47.0991 0x0f14 \Device\Harddisk0\DR0\Partition3 - ok
22:31:47.0997 0x0f14 [ 58609B412F6C32FEC7957BCE3D29CB87 ] \Device\Harddisk0\DR0\Partition4
22:31:47.0999 0x0f14 \Device\Harddisk0\DR0\Partition4 - ok
22:31:48.0000 0x0f14 ================ Scan generic autorun ======================
22:31:49.0245 0x0f14 [ 06964B7DE858BB6317164BF184E9C766, ADE3D2A7256A8F3F11B6E35979413850EB22B9BBADCE3EC73BE04A1622512126 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
22:31:49.0582 0x0f14 AvastUI.exe - ok
22:31:49.0650 0x0f14 [ 9DECF401AE4CB834D89957BDBF484068, 084056EAA068F88B6168566F14D315F2AD35F2202B18CFC5F88A466C154210A3 ] C:\Program Files\AVAST Software\Avast\setup\emupdate\bfe47010-87f2-475a-ba5f-03e8fd38a56a.exe
22:31:49.0703 0x0f14 20150107 - ok
22:31:49.0760 0x0f14 [ A8D6F4F2AF68837CA77C51C0F0BACB34, 1CEB737F885C9E2A8353335AAACEE8F933637B297B5D14B8B5F52046630388FB ] C:\Program Files\BatteryBar\ShowBatteryBar.exe
22:31:49.0802 0x0f14 ShowBatteryBar - detected UnsignedFile.Multi.Generic ( 1 )
22:31:52.0644 0x0f14 Detect skipped due to KSN trusted
22:31:52.0644 0x0f14 ShowBatteryBar - ok
22:31:52.0647 0x0f14 Waiting for KSN requests completion. In queue: 66
22:31:53.0647 0x0f14 Waiting for KSN requests completion. In queue: 66
22:31:54.0647 0x0f14 Waiting for KSN requests completion. In queue: 66
22:31:56.0087 0x0f14 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.2.2215.880 ), 0x41000 ( enabled : updated )
22:31:56.0424 0x0f14 Win FW state via NFP2: enabled
22:31:59.0219 0x0f14 ============================================================
22:31:59.0219 0x0f14 Scan finished
22:31:59.0219 0x0f14 ============================================================
22:31:59.0241 0x167c Detected object count: 1
22:31:59.0241 0x167c Actual detected object count: 1
22:32:36.0356 0x167c Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
22:32:36.0356 0x167c Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip

Re: Prosím o kontrolu. Díky

Napsal: 28 dub 2015 02:41
od cica18
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x86

Account is Administrative

Internet Explorer version: 11.0.9600.17728

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, E:\ DRIVE_FIXED
CPU speed: 2.194000 GHz
Memory total: 3215212544, free: 1672916992

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x86

Account is Administrative

Internet Explorer version: 11.0.9600.17728

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, E:\ DRIVE_FIXED
CPU speed: 2.194000 GHz
Memory total: 3215212544, free: 1674801152

Downloaded database version: v2015.04.27.04
Downloaded database version: v2015.04.21.01
Downloaded database version: v2015.04.22.01
=======================================
Initializing...
------------ Kernel report ------------
04/27/2015 22:35:04
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\halmacpi.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\sptd.sys
\SystemRoot\System32\Drivers\WMILIB.SYS
\SystemRoot\System32\Drivers\SCSIPORT.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\isapnp.sys
\SystemRoot\system32\drivers\mpio.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\intelide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\aliide.sys
\SystemRoot\system32\drivers\amdide.sys
\SystemRoot\system32\drivers\cmdide.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\msdsm.sys
\SystemRoot\system32\drivers\nvraid.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\drivers\pciide.sys
\SystemRoot\system32\drivers\viaide.sys
\SystemRoot\system32\drivers\iaStorV.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\DRIVERS\lsi_sas.sys
\SystemRoot\system32\DRIVERS\storport.sys
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\HpSAMD.sys
\SystemRoot\system32\DRIVERS\adp94xx.sys
\SystemRoot\system32\DRIVERS\adpahci.sys
\SystemRoot\system32\DRIVERS\adpu320.sys
\SystemRoot\system32\DRIVERS\djsvs.sys
\SystemRoot\system32\drivers\amdsata.sys
\SystemRoot\system32\DRIVERS\amdsbs.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\DRIVERS\arc.sys
\SystemRoot\system32\DRIVERS\arcsas.sys
\SystemRoot\system32\DRIVERS\elxstor.sys
\SystemRoot\system32\DRIVERS\iirsp.sys
\SystemRoot\system32\DRIVERS\lsi_fc.sys
\SystemRoot\system32\DRIVERS\lsi_sas2.sys
\SystemRoot\system32\DRIVERS\lsi_scsi.sys
\SystemRoot\system32\DRIVERS\megasas.sys
\SystemRoot\system32\DRIVERS\MegaSR.sys
\SystemRoot\system32\DRIVERS\nfrd960.sys
\SystemRoot\system32\drivers\nvstor.sys
\SystemRoot\system32\DRIVERS\ql2300.sys
\SystemRoot\system32\DRIVERS\ql40xx.sys
\SystemRoot\system32\DRIVERS\SiSRaid2.sys
\SystemRoot\system32\DRIVERS\sisraid4.sys
\SystemRoot\system32\DRIVERS\vsmraid.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\PxHelp20.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\wd.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\system32\DRIVERS\stexstor.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\system32\DRIVERS\snapman.sys
\SystemRoot\system32\drivers\sbp2port.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\system32\DRIVERS\hpdskflt.sys
\SystemRoot\system32\DRIVERS\fltsrv.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\System32\Drivers\aswVmm.sys
\SystemRoot\System32\Drivers\aswRvrt.sys
\SystemRoot\system32\DRIVERS\dtsoftbus01.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\drivers\aswSnx.sys
\SystemRoot\system32\drivers\aswSP.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\drivers\aswRdr2.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\NETw5s32.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\yk62x86.sys
\SystemRoot\system32\drivers\i8042prt.sys
\SystemRoot\system32\DRIVERS\HpqKbFiltr.sys
\SystemRoot\system32\drivers\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\Accelerometer.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\drivers\wmiacpi.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\ew_jubusenum.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\AtiHdmi.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ADIHdAud.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\5U876.sys
\SystemRoot\system32\DRIVERS\STREAM.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\aswMonFlt.sys
\SystemRoot\system32\drivers\aswStm.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\aswHwid.sys
\SystemRoot\system32\drivers\npf.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\??\C:\windows\system32\drivers\mbamchameleon.sys
\??\C:\windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\imm32.dll
\Windows\System32\urlmon.dll
\Windows\System32\msvcrt.dll
\Windows\System32\psapi.dll
\Windows\System32\kernel32.dll
\Windows\System32\sechost.dll
\Windows\System32\Wldap32.dll
\Windows\System32\gdi32.dll
\Windows\System32\msctf.dll
\Windows\System32\shlwapi.dll
\Windows\System32\iertutil.dll
\Windows\System32\wininet.dll
\Windows\System32\shell32.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\oleaut32.dll
\Windows\System32\comdlg32.dll
\Windows\System32\normaliz.dll
\Windows\System32\lpk.dll
\Windows\System32\usp10.dll
\Windows\System32\imagehlp.dll
\Windows\System32\user32.dll
\Windows\System32\ole32.dll
\Windows\System32\setupapi.dll
\Windows\System32\nsi.dll
\Windows\System32\advapi32.dll
\Windows\System32\difxapi.dll
\Windows\System32\ws2_32.dll
\Windows\System32\clbcatq.dll
\Windows\System32\comctl32.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\crypt32.dll
\Windows\System32\devobj.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\KernelBase.dll
\Windows\System32\wintrust.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\userenv.dll
\Windows\System32\msasn1.dll
\Windows\System32\profapi.dll
----------- End -----------
Done!
IRP handler 0 of \Driver\iaStor is hooked
Unhooking enabled.

Scan started
Database versions:
main: v2015.04.27.04
rootkit: v2015.04.21.01

<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff899d51d0
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-1\
Lower Device Object: 0xffffffff88efa028
Lower Device Driver Name: \Driver\iaStor\
Driver name found: iaStor
Initialization returned 0x0
Load Function returned 0x0
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff899d51d0, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff899d6cc8, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff899d51d0, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff899d59c0, DeviceName: Unknown, DriverName: \Driver\hpdskflt\
DevicePointer: 0xffffffff88f79838, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff88efa028, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0xffffffffed431048, 0xffffffff899d51d0, 0xffffffff88c28ac8
Lower DeviceData: 0xffffffffe929c400, 0xffffffff88efa028, 0xffffffff8c9b55b8
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
File user open failed: C:\WINDOWS\SYSTEM32\drivers\sptd.sys (0x00000020)
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 68E784C7

Partition information:

Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 614400
Partition file system is NTFS
Partition is bootable

Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 616448 Numsec = 940509184

Partition 2 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 941125632 Numsec = 31459328

Partition 3 type is Other (0xc)
Partition is NOT ACTIVE.
Partition starts at LBA: 972584960 Numsec = 4186112

Disk Size: 500107862016 bytes
Sector size: 512 bytes

Done!
Scan finished

Re: Prosím o kontrolu. Díky

Napsal: 28 dub 2015 09:29
od Márty84
:!: Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

:arrow: Prejmenujte ComboFix na Uninstall a spustte ho. CF by se mel odinstalovat.

:arrow:
vyosek píše: :arrow: DelFix https://toolslib.net/downloads/finish/2/
  • Stahnete a spustte
  • Ponechte zatrzitkou pouze u volby Remove disinfection tools
  • Kliknete na Run


:???: Nastala nejaka zmena?

Re: Prosím o kontrolu. Díky

Napsal: 29 dub 2015 15:58
od cica18
stale nejdou klavesy

+ěščýáíé

jinak comp se zda uz ok

Re: Prosím o kontrolu. Díky

Napsal: 29 dub 2015 16:45
od Márty84
V nouzaku klavesy fungujou? Zkousel jste jinou klavesnici?

Re: Prosím o kontrolu. Díky

Napsal: 29 dub 2015 17:10
od cica18
nouzak nevim nezkousel jak?.....je to notebook....mam doma jen klavesnice s tim starsim pripojenim....pokusim se sehnat s usb

Re: Prosím o kontrolu. Díky

Napsal: 29 dub 2015 17:22
od Márty84
:arrow: Do nouzoveho rezimu se dostanete takto:
restartujte pc, mackejte klavesu F8 - pripadne jinou, zalezi na typu stroje - a zvolte moznost nouzovy rezim.
Kdyby to neslo, zde je jiny postup http://forum.viry.cz/viewtopic.php?f=46&t=7554


Pripadne zkuste i klavesnici na obrazovce, jestli bude psat vsechna pismenka http://windows.microsoft.com/cs-cz/wind ... =windows-7

Re: Prosím o kontrolu. Díky

Napsal: 03 kvě 2015 20:43
od cica18
klavesnice na obrazovce funguje komplet
v nouzovem rezimu stejna situace jako v normalnim rezimu

Re: Prosím o kontrolu. Díky

Napsal: 04 kvě 2015 01:36
od Márty84
Muze to byt vada klavesnice. Chtelo by to vyzkouset nejakou jinou. V lozich nevidim zadnou havet, ktera by tohle zpusobovala. Ty klavesy nejdou vubec, nebo jen pisi neco jineho?



23.5. pro neaktivitu :lock: http://forum.viry.cz/viewtopic.php?f=12&t=123975
Všechny časy jsou v UTC+01:00
Stránka 2 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz