VIRY.CZ

Dobry vecer, mam tu jeden PC na ktorom sa objavuje tento problem, nainstaloval som Security Essentials, ten sa vsak ihned po spusteni zavre. PC bol infikovany virusom "Slovenska policia" ktory si kamaratka odstranila sama. S tymto si ale neviem dat rady, tu je vypis z ComboFixu:
ComboFix 12-12-27.03 - Alica . 12. 2012 20:25:49.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1029.18.2937.1692 [GMT 1:00]
Running from: c:\users\Alica\Desktop\ComboFix.exe
Command switches used :: c:\users\Alica\Desktop\CFScript.txt
SP: Spybot - Search and Destroy *Disabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2012-11-27 to 2012-12-27 )))))))))))))))))))))))))))))))
.
.
2012-12-27 19:37 . 2012-12-27 19:37 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-27 19:19 . 2012-12-27 19:19 972264 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DC3B3A7F-1AD1-44E2-A0F8-5143F7F5D948}\gapaengine.dll
2012-12-27 19:19 . 2012-11-08 08:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F07586D3-4E5E-42D2-8B40-83E4349051EC}\mpengine.dll
2012-12-27 19:18 . 2012-12-27 19:18 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2012-12-27 19:18 . 2012-12-27 19:18 -------- d-----w- c:\program files\Microsoft Security Client
2012-12-26 13:01 . 2012-12-27 16:10 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-12-26 13:00 . 2012-12-26 13:00 -------- d-----w- c:\users\Alica\AppData\Local\Programs
2012-12-26 12:37 . 2012-12-27 19:15 -------- d-----w- c:\windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2012-12-26 11:03 . 2012-12-26 11:03 -------- d-----w- c:\users\Alica\AppData\Local\APN
2012-12-26 01:53 . 2012-12-26 01:53 959976 ----a-w- c:\windows\system32\deployJava1.dll
2012-12-26 01:53 . 2012-12-26 01:53 308200 ----a-w- c:\windows\system32\javaws.exe
2012-12-26 01:53 . 2012-12-26 01:53 1081320 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-12-26 01:53 . 2012-12-26 01:53 188392 ----a-w- c:\windows\system32\javaw.exe
2012-12-26 01:53 . 2012-12-26 01:53 188392 ----a-w- c:\windows\system32\java.exe
2012-12-26 01:53 . 2012-12-26 01:53 108008 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2012-12-26 01:53 . 2012-12-26 01:53 -------- d-----w- c:\program files\Java
2012-12-25 23:49 . 2012-12-25 23:49 -------- d-----w- c:\users\Alica\AppData\Roaming\Malwarebytes
2012-12-25 23:49 . 2012-12-25 23:49 -------- d-----w- c:\programdata\Malwarebytes
2012-12-25 22:33 . 2012-12-25 22:33 -------- d-----w- c:\program files (x86)\Enigma Software Group
2012-12-25 19:01 . 2012-12-26 12:29 -------- d-----w- c:\program files (x86)\SpyHunter-4.1.11.0-+-Crack
2012-12-25 17:10 . 2012-12-25 17:10 -------- d-----w- c:\program files\Enigma Software Group
2012-12-25 17:10 . 2012-12-25 22:33 -------- d-----w- c:\windows\83B952C7F8F34CA3B4C533C85B24E478.TMP
2012-12-25 16:47 . 2012-12-25 16:47 2888 ----a-w- c:\programdata\dsgsdgdsgdsgw.js
2012-12-22 10:08 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-22 10:08 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-22 10:08 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-22 10:08 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-14 10:38 . 2012-12-14 13:34 -------- d-----w- c:\program files (x86)\Graboid
2012-12-13 06:42 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-10 07:27 . 2012-12-10 07:27 -------- d-----w- c:\users\Alica\AppData\Local\Macromedia
2012-12-10 07:23 . 2012-12-12 12:05 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-04 06:41 . 2012-12-04 06:41 -------- d-----w- c:\program files (x86)\Common Files\Skype
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-14 00:05 . 2011-06-17 17:36 67413224 ----a-w- c:\windows\system32\MRT.exe
2012-12-12 12:05 . 2011-12-04 15:39 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-16 08:38 . 2012-11-28 05:59 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-28 05:59 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-28 05:59 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-12 07:19 . 2012-10-23 07:54 9291768 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{38535B24-DBE8-4D95-8923-B3CC5FEF4A65}\mpengine.dll
2012-10-09 18:17 . 2012-11-15 10:23 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-10-09 18:17 . 2012-11-15 10:23 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-10-09 17:40 . 2012-11-15 10:23 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40 . 2012-11-15 10:23 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
2012-10-04 16:40 . 2012-12-13 06:42 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-10-03 17:56 . 2012-11-15 10:23 1914248 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-10-03 17:44 . 2012-11-15 10:23 70656 ----a-w- c:\windows\system32\nlaapi.dll
2012-10-03 17:44 . 2012-11-15 10:23 303104 ----a-w- c:\windows\system32\nlasvc.dll
2012-10-03 17:44 . 2012-11-15 10:23 246272 ----a-w- c:\windows\system32\netcorehc.dll
2012-10-03 17:44 . 2012-11-15 10:23 18944 ----a-w- c:\windows\system32\netevent.dll
2012-10-03 17:44 . 2012-11-15 10:23 216576 ----a-w- c:\windows\system32\ncsi.dll
2012-10-03 17:42 . 2012-11-15 10:23 569344 ----a-w- c:\windows\system32\iphlpsvc.dll
2012-10-03 16:42 . 2012-11-15 10:23 18944 ----a-w- c:\windows\SysWow64\netevent.dll
2012-10-03 16:42 . 2012-11-15 10:23 175104 ----a-w- c:\windows\SysWow64\netcorehc.dll
2012-10-03 16:42 . 2012-11-15 10:23 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
2012-10-03 16:07 . 2012-11-15 10:23 45568 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2010-06-23 14:44 . 2003-12-11 00:26 53248 ----a-w- c:\program files (x86)\LCISOCreator.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"OfficeSyncProcess"="c:\program files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" [2012-01-20 719672]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SVPWUTIL"="c:\program files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe" [2009-08-12 352256]
"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2009-06-02 423936]
"KeNotify"="c:\program files (x86)\TOSHIBA\Utilities\KeNotify.exe" [2009-01-13 34088]
"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2009-08-17 1294136]
"PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2011-06-15 307200]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"="c:\program files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe" [2009-08-12 6203296]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 ISODisk;ISODisk; [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
R3 dump_wmimmc;dump_wmimmc;c:\program files\L2\L2\system\GameGuard\dump_wmimmc.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-07-30 222208]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\DRIVERS\s0016bus.sys [2008-05-16 115240]
R3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 19496]
R3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 158760]
R3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 137256]
R3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 34344]
R3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0016obex.sys [2008-05-16 136744]
R3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\DRIVERS\s0016unic.sys [2008-05-16 151592]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-08-17 51512]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-08-03 137560]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-23 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2012-03-12 834544]
S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\DRIVERS\tos_sps64.sys [2009-07-24 482384]
S2 ArcGIS License Manager;ArcGIS License Manager;c:\program files (x86)\ESRI\License\arcgis9x\lmgrd.exe [2008-08-02 1431440]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2009-08-10 248688]
S2 ConfigFree Gadget Service;ConfigFree Gadget Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [2009-07-14 42368]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-12-13 3290896]
S2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [2009-08-06 116104]
S3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [2011-06-20 1225832]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-12-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-10 12:05]
.
2012-12-27 c:\windows\Tasks\FBQQWZCGU.job
- c:\windows\system32\rundll32.exe [2009-07-13 01:14]
.
2012-12-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3701055342-4171601920-3176660044-1000Core.job
- c:\users\Alica\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-16 08:36]
.
2012-12-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3701055342-4171601920-3176660044-1000UA.job
- c:\users\Alica\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-16 08:36]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Toshiba TEMPRO"="c:\program files (x86)\Toshiba TEMPRO\TemproTray.exe" [2009-08-06 1050000]
"TosNC"="c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe" [BU]
"TosReelTimeMonitor"="c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe" [BU]
"SmoothView"="c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe" [BU]
"TPwrMain"="c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE" [BU]
"00TCrdMain"="c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe" [BU]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-28 7982112]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SmartFaceVWatcher"="c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe" [BU]
"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaReminder.exe" [2009-07-30 134032]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-02 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-02 387608]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-02 365592]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 1289704]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.avira.com/?l=dis&o=APN10401&gct=hp&dc=EU&locale=en_SK
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = 127.0.0.1:9421;<local>
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovať do programu Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&oslať do programu OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
Trusted Zone: ukf.sk
TCP: DhcpNameServer = 188.123.97.2 188.123.106.66
FF - ProfilePath - c:\users\Alica\AppData\Roaming\Mozilla\Firefox\Profiles\4mxdsk9o.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://search.avira.com/?l=dis&o=APN10401&gct=hp&dc=EU&locale=en_SK
FF - ExtSQL: 2012-12-26 11:31; {EEE6C361-6118-11DC-9C72-001320C79847}; c:\users\Alica\AppData\Roaming\Mozilla\Firefox\Profiles\4mxdsk9o.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-SecureW2 EAP Suite - c:\program files (x86)\SecureW2\Uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3701055342-4171601920-3176660044-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-3701055342-4171601920-3176660044-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.9"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil9f.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil9f.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]
@Denied: (A 2) (Everyone)
@="IFlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\windows\SysWOW64\rundll32.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\ESRI\License\arcgis9x\ARCGIS.exe
c:\program files (x86)\CDBurnerXP\NMSAccessU.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
.
**************************************************************************
.
Completion time: 2012-12-27 20:46:51 - machine was rebooted
ComboFix-quarantined-files.txt 2012-12-27 19:46
ComboFix2.txt 2012-12-27 19:06
.
Pre-Run: Volných bajtů: 41 035 829 248
Post-Run: Volných bajtů: 40 461 377 536
.
- - End Of File - - 7EBDF3328403BCA6AE515FB74B221CE8



Dakujem za rady

Dobry den,
dakujem za informacie a som si vedomy ze som asi sposobil viac skody ako uzitku.

Druhy log nemam k dispozicii, nemazal som ho ale na Ccku sa nenachadza.

Text pouziteho CFScriptu:
Collect::
c:\windows\system32\~.tmp

LOG z TDSKiller:
15:49:01.0601 4600 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
15:49:01.0882 4600 ============================================================
15:49:01.0882 4600 Current date / time: 2012/12/28 15:49:01.0882
15:49:01.0882 4600 SystemInfo:
15:49:01.0882 4600
15:49:01.0882 4600 OS Version: 6.1.7601 ServicePack: 1.0
15:49:01.0882 4600 Product type: Workstation
15:49:01.0882 4600 ComputerName: ALICKIN_PC
15:49:01.0882 4600 UserName: Alica
15:49:01.0882 4600 Windows directory: C:\Windows
15:49:01.0882 4600 System windows directory: C:\Windows
15:49:01.0882 4600 Running under WOW64
15:49:01.0882 4600 Processor architecture: Intel x64
15:49:01.0882 4600 Number of processors: 2
15:49:01.0882 4600 Page size: 0x1000
15:49:01.0882 4600 Boot type: Normal boot
15:49:01.0882 4600 ============================================================
15:49:07.0997 4600 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:49:07.0997 4600 ============================================================
15:49:07.0997 4600 \Device\Harddisk0\DR0:
15:49:07.0997 4600 MBR partitions:
15:49:07.0997 4600 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xC8800, BlocksNum 0x12A17000
15:49:07.0997 4600 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x12ADF800, BlocksNum 0x1294F000
15:49:07.0997 4600 ============================================================
15:49:07.0997 4600 C: <-> \Device\Harddisk0\DR0\Partition1
15:49:08.0028 4600 D: <-> \Device\Harddisk0\DR0\Partition2
15:49:08.0028 4600 ============================================================
15:49:08.0028 4600 Initialize success
15:49:08.0028 4600 ============================================================
15:49:36.0607 5076 ============================================================
15:49:36.0607 5076 Scan started
15:49:36.0607 5076 Mode: Manual; SigCheck; TDLFS;
15:49:36.0607 5076 ============================================================
15:49:36.0951 5076 ================ Scan system memory ========================
15:49:36.0951 5076 System memory - ok
15:49:36.0951 5076 ================ Scan services =============================
15:49:37.0247 5076 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:49:37.0356 5076 1394ohci - ok
15:49:37.0387 5076 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:49:37.0419 5076 ACPI - ok
15:49:37.0481 5076 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:49:37.0512 5076 AcpiPmi - ok
15:49:37.0731 5076 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:49:37.0746 5076 AdobeARMservice - ok
15:49:37.0902 5076 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:49:37.0933 5076 AdobeFlashPlayerUpdateSvc - ok
15:49:37.0996 5076 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:49:38.0043 5076 adp94xx - ok
15:49:38.0074 5076 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:49:38.0121 5076 adpahci - ok
15:49:38.0152 5076 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:49:38.0183 5076 adpu320 - ok
15:49:38.0230 5076 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:49:38.0277 5076 AeLookupSvc - ok
15:49:38.0355 5076 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
15:49:38.0417 5076 AFD - ok
15:49:38.0479 5076 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:49:38.0511 5076 agp440 - ok
15:49:38.0542 5076 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
15:49:38.0604 5076 ALG - ok
15:49:38.0667 5076 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
15:49:38.0698 5076 aliide - ok
15:49:38.0729 5076 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
15:49:38.0745 5076 amdide - ok
15:49:38.0791 5076 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:49:38.0838 5076 AmdK8 - ok
15:49:38.0869 5076 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:49:38.0916 5076 AmdPPM - ok
15:49:38.0963 5076 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:49:38.0994 5076 amdsata - ok
15:49:39.0041 5076 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:49:39.0072 5076 amdsbs - ok
15:49:39.0103 5076 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:49:39.0135 5076 amdxata - ok
15:49:39.0181 5076 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
15:49:39.0275 5076 AppID - ok
15:49:39.0306 5076 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:49:39.0369 5076 AppIDSvc - ok
15:49:39.0431 5076 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
15:49:39.0509 5076 Appinfo - ok
15:49:39.0587 5076 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
15:49:39.0634 5076 arc - ok
15:49:39.0774 5076 [ 338DEABD788009F2D043D3080E29930D ] ArcGIS License Manager C:\Program Files (x86)\ESRI\License\arcgis9x\lmgrd.exe
15:49:39.0821 5076 ArcGIS License Manager - ok
15:49:39.0868 5076 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:49:39.0883 5076 arcsas - ok
15:49:40.0024 5076 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:49:40.0071 5076 aspnet_state - ok
15:49:40.0086 5076 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:49:40.0164 5076 AsyncMac - ok
15:49:40.0227 5076 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
15:49:40.0273 5076 atapi - ok
15:49:40.0320 5076 [ E857EEE6B92AAA473EBB3465ADD8F7E7 ] athr C:\Windows\system32\DRIVERS\athrx.sys
15:49:40.0383 5076 athr - ok
15:49:40.0554 5076 [ 3EFD964D52221360AF0673CD61C2F4F5 ] atikmdag C:\Windows\system32\drivers\atikmdag.sys
15:49:40.0788 5076 atikmdag - ok
15:49:40.0866 5076 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:49:40.0960 5076 AudioEndpointBuilder - ok
15:49:40.0975 5076 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:49:41.0007 5076 AudioSrv - ok
15:49:41.0069 5076 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:49:41.0131 5076 AxInstSV - ok
15:49:41.0194 5076 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
15:49:41.0256 5076 b06bdrv - ok
15:49:41.0303 5076 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:49:41.0350 5076 b57nd60a - ok
15:49:41.0412 5076 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
15:49:41.0459 5076 BDESVC - ok
15:49:41.0475 5076 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
15:49:41.0521 5076 Beep - ok
15:49:41.0599 5076 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
15:49:41.0693 5076 BFE - ok
15:49:41.0755 5076 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
15:49:41.0865 5076 BITS - ok
15:49:41.0896 5076 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:49:41.0943 5076 blbdrive - ok
15:49:42.0005 5076 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:49:42.0036 5076 bowser - ok
15:49:42.0099 5076 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:49:42.0161 5076 BrFiltLo - ok
15:49:42.0192 5076 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:49:42.0208 5076 BrFiltUp - ok
15:49:42.0255 5076 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
15:49:42.0317 5076 BridgeMP - ok
15:49:42.0364 5076 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
15:49:42.0411 5076 Browser - ok
15:49:42.0442 5076 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:49:42.0489 5076 Brserid - ok
15:49:42.0520 5076 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:49:42.0567 5076 BrSerWdm - ok
15:49:42.0582 5076 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:49:42.0629 5076 BrUsbMdm - ok
15:49:42.0660 5076 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:49:42.0723 5076 BrUsbSer - ok
15:49:42.0754 5076 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:49:42.0801 5076 BTHMODEM - ok
15:49:42.0863 5076 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
15:49:42.0941 5076 bthserv - ok
15:49:42.0957 5076 catchme - ok
15:49:42.0988 5076 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:49:43.0050 5076 cdfs - ok
15:49:43.0128 5076 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:49:43.0175 5076 cdrom - ok
15:49:43.0222 5076 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
15:49:43.0300 5076 CertPropSvc - ok
15:49:43.0471 5076 [ 837FF2D497880198C918E6954DBD170C ] cfWiMAXService C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
15:49:43.0487 5076 cfWiMAXService - ok
15:49:43.0518 5076 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:49:43.0565 5076 circlass - ok
15:49:43.0596 5076 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
15:49:43.0659 5076 CLFS - ok
15:49:43.0721 5076 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:49:43.0783 5076 clr_optimization_v2.0.50727_32 - ok
15:49:43.0815 5076 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:49:43.0861 5076 clr_optimization_v2.0.50727_64 - ok
15:49:43.0955 5076 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:49:43.0971 5076 clr_optimization_v4.0.30319_32 - ok
15:49:43.0986 5076 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:49:44.0002 5076 clr_optimization_v4.0.30319_64 - ok
15:49:44.0033 5076 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:49:44.0080 5076 CmBatt - ok
15:49:44.0095 5076 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:49:44.0127 5076 cmdide - ok
15:49:44.0189 5076 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
15:49:44.0236 5076 CNG - ok
15:49:44.0283 5076 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:49:44.0314 5076 Compbatt - ok
15:49:44.0376 5076 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
15:49:44.0423 5076 CompositeBus - ok
15:49:44.0439 5076 COMSysApp - ok
15:49:44.0485 5076 [ D252C53BCDFC199BBA55EEB10CDB266E ] ConfigFree Gadget Service C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
15:49:44.0501 5076 ConfigFree Gadget Service - ok
15:49:44.0548 5076 [ CAB0EEAF5295FC96DDD3E19DCE27E131 ] ConfigFree Service C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
15:49:44.0563 5076 ConfigFree Service - ok
15:49:44.0610 5076 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:49:44.0626 5076 crcdisk - ok
15:49:44.0688 5076 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:49:44.0735 5076 CryptSvc - ok
15:49:44.0782 5076 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:49:44.0844 5076 DcomLaunch - ok
15:49:44.0891 5076 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
15:49:44.0969 5076 defragsvc - ok
15:49:45.0031 5076 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:49:45.0094 5076 DfsC - ok
15:49:45.0172 5076 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
15:49:45.0234 5076 Dhcp - ok
15:49:45.0250 5076 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
15:49:45.0312 5076 discache - ok
15:49:45.0359 5076 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
15:49:45.0390 5076 Disk - ok
15:49:45.0437 5076 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:49:45.0484 5076 Dnscache - ok
15:49:45.0562 5076 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
15:49:45.0671 5076 dot3svc - ok
15:49:45.0718 5076 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
15:49:45.0765 5076 DPS - ok
15:49:45.0811 5076 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:49:45.0858 5076 drmkaud - ok
15:49:45.0921 5076 dump_wmimmc - ok
15:49:46.0014 5076 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:49:46.0077 5076 DXGKrnl - ok
15:49:46.0123 5076 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
15:49:46.0201 5076 EapHost - ok
15:49:46.0435 5076 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
15:49:46.0576 5076 ebdrv - ok
15:49:46.0623 5076 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
15:49:46.0669 5076 EFS - ok
15:49:46.0794 5076 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:49:46.0872 5076 ehRecvr - ok
15:49:46.0919 5076 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
15:49:46.0966 5076 ehSched - ok
15:49:47.0028 5076 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:49:47.0060 5076 elxstor - ok
15:49:47.0106 5076 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:49:47.0122 5076 ErrDev - ok
15:49:47.0184 5076 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
15:49:47.0247 5076 EventSystem - ok
15:49:47.0278 5076 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
15:49:47.0325 5076 exfat - ok
15:49:47.0356 5076 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:49:47.0418 5076 fastfat - ok
15:49:47.0559 5076 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
15:49:47.0652 5076 Fax - ok
15:49:47.0699 5076 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:49:47.0730 5076 fdc - ok
15:49:47.0762 5076 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
15:49:47.0824 5076 fdPHost - ok
15:49:47.0840 5076 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
15:49:47.0918 5076 FDResPub - ok
15:49:47.0949 5076 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:49:47.0980 5076 FileInfo - ok
15:49:47.0996 5076 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:49:48.0058 5076 Filetrace - ok
15:49:48.0105 5076 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:49:48.0152 5076 flpydisk - ok
15:49:48.0183 5076 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:49:48.0245 5076 FltMgr - ok
15:49:48.0339 5076 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
15:49:48.0432 5076 FontCache - ok
15:49:48.0542 5076 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:49:48.0573 5076 FontCache3.0.0.0 - ok
15:49:48.0604 5076 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:49:48.0620 5076 FsDepends - ok
15:49:48.0666 5076 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
15:49:48.0713 5076 fssfltr - ok
15:49:48.0916 5076 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
15:49:49.0088 5076 fsssvc - ok
15:49:49.0119 5076 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:49:49.0150 5076 Fs_Rec - ok
15:49:49.0197 5076 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:49:49.0244 5076 fvevol - ok
15:49:49.0290 5076 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:49:49.0306 5076 gagp30kx - ok
15:49:49.0353 5076 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
15:49:49.0431 5076 gpsvc - ok
15:49:49.0478 5076 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
15:49:49.0571 5076 gusvc - ok
15:49:49.0618 5076 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:49:49.0649 5076 hcw85cir - ok
15:49:49.0727 5076 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:49:49.0790 5076 HdAudAddService - ok
15:49:49.0805 5076 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
15:49:49.0852 5076 HDAudBus - ok
15:49:49.0883 5076 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:49:49.0930 5076 HidBatt - ok
15:49:49.0961 5076 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:49:50.0008 5076 HidBth - ok
15:49:50.0039 5076 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:49:50.0070 5076 HidIr - ok
15:49:50.0102 5076 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
15:49:50.0180 5076 hidserv - ok
15:49:50.0242 5076 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:49:50.0289 5076 HidUsb - ok
15:49:50.0320 5076 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:49:50.0429 5076 hkmsvc - ok
15:49:50.0460 5076 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:49:50.0507 5076 HomeGroupListener - ok
15:49:50.0538 5076 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:49:50.0554 5076 HomeGroupProvider - ok
15:49:50.0616 5076 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:49:50.0632 5076 HpSAMD - ok
15:49:50.0694 5076 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:49:50.0788 5076 HTTP - ok
15:49:50.0835 5076 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:49:50.0850 5076 hwpolicy - ok
15:49:50.0913 5076 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:49:50.0944 5076 i8042prt - ok
15:49:50.0991 5076 [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
15:49:51.0022 5076 iaStor - ok
15:49:51.0084 5076 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:49:51.0147 5076 iaStorV - ok
15:49:51.0240 5076 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
15:49:51.0303 5076 IDriverT ( UnsignedFile.Multi.Generic ) - warning
15:49:51.0303 5076 IDriverT - detected UnsignedFile.Multi.Generic (1)
15:49:51.0396 5076 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:49:51.0459 5076 idsvc - ok
15:49:51.0708 5076 [ 3C3F27002ABC69C5AFE29CBE6CF7ADDF ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
15:49:51.0989 5076 igfx - ok
15:49:52.0052 5076 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:49:52.0083 5076 iirsp - ok
15:49:52.0145 5076 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
15:49:52.0239 5076 IKEEXT - ok
15:49:52.0442 5076 [ 0C3CF4B3BAE28E121A1689E3538F8712 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:49:52.0535 5076 IntcAzAudAddService - ok
15:49:52.0582 5076 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
15:49:52.0613 5076 intelide - ok
15:49:52.0644 5076 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:49:52.0676 5076 intelppm - ok
15:49:52.0707 5076 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:49:52.0785 5076 IPBusEnum - ok
15:49:52.0832 5076 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:49:52.0894 5076 IpFilterDriver - ok
15:49:52.0956 5076 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:49:53.0003 5076 iphlpsvc - ok
15:49:53.0034 5076 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:49:53.0081 5076 IPMIDRV - ok
15:49:53.0128 5076 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:49:53.0190 5076 IPNAT - ok
15:49:53.0237 5076 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:49:53.0268 5076 IRENUM - ok
15:49:53.0331 5076 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:49:53.0346 5076 isapnp - ok
15:49:53.0378 5076 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:49:53.0424 5076 iScsiPrt - ok
15:49:53.0456 5076 ISODisk - ok
15:49:53.0502 5076 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:49:53.0534 5076 kbdclass - ok
15:49:53.0565 5076 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:49:53.0596 5076 kbdhid - ok
15:49:53.0627 5076 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
15:49:53.0643 5076 KeyIso - ok
15:49:53.0690 5076 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:49:53.0736 5076 KSecDD - ok
15:49:53.0768 5076 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:49:53.0799 5076 KSecPkg - ok
15:49:53.0830 5076 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:49:53.0892 5076 ksthunk - ok
15:49:53.0955 5076 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
15:49:54.0033 5076 KtmRm - ok
15:49:54.0111 5076 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
15:49:54.0204 5076 LanmanServer - ok
15:49:54.0267 5076 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:49:54.0360 5076 LanmanWorkstation - ok
15:49:54.0407 5076 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:49:54.0470 5076 lltdio - ok
15:49:54.0532 5076 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:49:54.0610 5076 lltdsvc - ok
15:49:54.0641 5076 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:49:54.0704 5076 lmhosts - ok
15:49:54.0750 5076 [ 41E122F6D1448C94CC05196BC41D6BFB ] LPCFilter C:\Windows\system32\DRIVERS\LPCFilter.sys
15:49:54.0766 5076 LPCFilter - ok
15:49:54.0797 5076 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:49:54.0828 5076 LSI_FC - ok
15:49:54.0844 5076 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:49:54.0875 5076 LSI_SAS - ok
15:49:54.0875 5076 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:49:54.0906 5076 LSI_SAS2 - ok
15:49:54.0922 5076 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:49:54.0953 5076 LSI_SCSI - ok
15:49:54.0984 5076 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
15:49:55.0062 5076 luafv - ok
15:49:55.0187 5076 [ A02707EABECCF78D43F41E8DAD7AC0A6 ] matlabserver C:\MATLAB701\webserver\bin\win32\matlabserver.exe
15:49:55.0343 5076 matlabserver ( UnsignedFile.Multi.Generic ) - warning
15:49:55.0343 5076 matlabserver - detected UnsignedFile.Multi.Generic (1)
15:49:55.0390 5076 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:49:55.0437 5076 Mcx2Svc - ok
15:49:55.0468 5076 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:49:55.0499 5076 megasas - ok
15:49:55.0530 5076 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:49:55.0562 5076 MegaSR - ok
15:49:55.0655 5076 Microsoft SharePoint Workspace Audit Service - ok
15:49:55.0702 5076 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
15:49:55.0749 5076 MMCSS - ok
15:49:55.0780 5076 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
15:49:55.0842 5076 Modem - ok
15:49:55.0858 5076 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:49:55.0905 5076 monitor - ok
15:49:55.0920 5076 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:49:55.0952 5076 mouclass - ok
15:49:56.0014 5076 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:49:56.0061 5076 mouhid - ok
15:49:56.0092 5076 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:49:56.0123 5076 mountmgr - ok
15:49:56.0217 5076 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:49:56.0295 5076 MozillaMaintenance - ok
15:49:56.0373 5076 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
15:49:56.0404 5076 MpFilter - ok
15:49:56.0420 5076 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
15:49:56.0451 5076 mpio - ok
15:49:56.0482 5076 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:49:56.0560 5076 mpsdrv - ok
15:49:56.0607 5076 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:49:56.0716 5076 MpsSvc - ok
15:49:56.0763 5076 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:49:56.0825 5076 MRxDAV - ok
15:49:56.0856 5076 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:49:56.0903 5076 mrxsmb - ok
15:49:56.0950 5076 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:49:56.0997 5076 mrxsmb10 - ok
15:49:57.0028 5076 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:49:57.0059 5076 mrxsmb20 - ok
15:49:57.0090 5076 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
15:49:57.0122 5076 msahci - ok
15:49:57.0153 5076 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:49:57.0184 5076 msdsm - ok
15:49:57.0215 5076 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
15:49:57.0246 5076 MSDTC - ok
15:49:57.0309 5076 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:49:57.0356 5076 Msfs - ok
15:49:57.0387 5076 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:49:57.0449 5076 mshidkmdf - ok
15:49:57.0480 5076 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:49:57.0496 5076 msisadrv - ok
15:49:57.0574 5076 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:49:57.0668 5076 MSiSCSI - ok
15:49:57.0683 5076 msiserver - ok
15:49:57.0714 5076 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:49:57.0761 5076 MSKSSRV - ok
15:49:57.0886 5076 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
15:49:57.0902 5076 MsMpSvc - ok
15:49:57.0964 5076 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:49:58.0042 5076 MSPCLOCK - ok
15:49:58.0073 5076 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:49:58.0136 5076 MSPQM - ok
15:49:58.0182 5076 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:49:58.0214 5076 MsRPC - ok
15:49:58.0260 5076 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
15:49:58.0276 5076 mssmbios - ok
15:49:58.0292 5076 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:49:58.0354 5076 MSTEE - ok
15:49:58.0385 5076 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:49:58.0416 5076 MTConfig - ok
15:49:58.0448 5076 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
15:49:58.0479 5076 Mup - ok
15:49:58.0541 5076 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
15:49:58.0619 5076 napagent - ok
15:49:58.0682 5076 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:49:58.0728 5076 NativeWifiP - ok
15:49:58.0869 5076 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:49:58.0916 5076 NDIS - ok
15:49:58.0994 5076 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:49:59.0040 5076 NdisCap - ok
15:49:59.0056 5076 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:49:59.0134 5076 NdisTapi - ok
15:49:59.0181 5076 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:49:59.0243 5076 Ndisuio - ok
15:49:59.0274 5076 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:49:59.0352 5076 NdisWan - ok
15:49:59.0399 5076 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:49:59.0462 5076 NDProxy - ok
15:49:59.0477 5076 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:49:59.0540 5076 NetBIOS - ok
15:49:59.0571 5076 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:49:59.0649 5076 NetBT - ok
15:49:59.0696 5076 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
15:49:59.0711 5076 Netlogon - ok
15:49:59.0774 5076 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
15:49:59.0852 5076 Netman - ok
15:49:59.0898 5076 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:49:59.0930 5076 NetMsmqActivator - ok
15:49:59.0945 5076 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:49:59.0945 5076 NetPipeActivator - ok
15:49:59.0992 5076 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
15:50:00.0054 5076 netprofm - ok
15:50:00.0086 5076 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:50:00.0101 5076 NetTcpActivator - ok
15:50:00.0101 5076 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:50:00.0117 5076 NetTcpPortSharing - ok
15:50:00.0164 5076 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
15:50:00.0179 5076 nfrd960 - ok
15:50:00.0242 5076 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:50:00.0257 5076 NisDrv - ok
15:50:00.0320 5076 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
15:50:00.0335 5076 NisSrv - ok
15:50:00.0366 5076 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:50:00.0429 5076 NlaSvc - ok
15:50:00.0522 5076 [ 7AEA4DF1CA68FD45DD4BBE1F0243CE7F ] NMSAccess C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
15:50:00.0585 5076 NMSAccess - ok
15:50:00.0647 5076 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:50:00.0694 5076 Npfs - ok
15:50:00.0710 5076 npggsvc - ok
15:50:00.0725 5076 NPPTNT2 - ok
15:50:00.0756 5076 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
15:50:00.0803 5076 nsi - ok
15:50:00.0834 5076 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:50:00.0897 5076 nsiproxy - ok
15:50:00.0975 5076 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:50:01.0037 5076 Ntfs - ok
15:50:01.0084 5076 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
15:50:01.0146 5076 Null - ok
15:50:01.0178 5076 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:50:01.0209 5076 nvraid - ok
15:50:01.0256 5076 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:50:01.0287 5076 nvstor - ok
15:50:01.0334 5076 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:50:01.0365 5076 nv_agp - ok
15:50:01.0396 5076 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:50:01.0427 5076 ohci1394 - ok
15:50:01.0521 5076 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:50:01.0583 5076 ose - ok
15:50:01.0880 5076 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:50:02.0644 5076 osppsvc - ok
15:50:02.0691 5076 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:50:02.0738 5076 p2pimsvc - ok
15:50:02.0769 5076 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
15:50:02.0816 5076 p2psvc - ok
15:50:02.0847 5076 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:50:02.0878 5076 Parport - ok
15:50:02.0909 5076 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:50:02.0940 5076 partmgr - ok
15:50:02.0956 5076 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:50:03.0018 5076 PcaSvc - ok
15:50:03.0050 5076 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
15:50:03.0081 5076 pci - ok
15:50:03.0112 5076 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
15:50:03.0128 5076 pciide - ok
15:50:03.0159 5076 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:50:03.0190 5076 pcmcia - ok
15:50:03.0206 5076 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:50:03.0237 5076 pcw - ok
15:50:03.0299 5076 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:50:03.0362 5076 PEAUTH - ok
15:50:03.0440 5076 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:50:03.0502 5076 PerfHost - ok
15:50:03.0658 5076 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
15:50:03.0798 5076 pla - ok
15:50:03.0861 5076 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:50:03.0939 5076 PlugPlay - ok
15:50:03.0970 5076 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:50:04.0017 5076 PNRPAutoReg - ok
15:50:04.0079 5076 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:50:04.0095 5076 PNRPsvc - ok
15:50:04.0142 5076 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:50:04.0235 5076 PolicyAgent - ok
15:50:04.0266 5076 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
15:50:04.0344 5076 Power - ok
15:50:04.0422 5076 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:50:04.0485 5076 PptpMiniport - ok
15:50:04.0516 5076 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:50:04.0563 5076 Processor - ok
15:50:04.0641 5076 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
15:50:04.0719 5076 ProfSvc - ok
15:50:04.0750 5076 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:50:04.0766 5076 ProtectedStorage - ok
15:50:04.0812 5076 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:50:04.0890 5076 Psched - ok
15:50:04.0922 5076 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:50:04.0984 5076 ql2300 - ok
15:50:05.0031 5076 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:50:05.0062 5076 ql40xx - ok
15:50:05.0109 5076 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
15:50:05.0156 5076 QWAVE - ok
15:50:05.0171 5076 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:50:05.0218 5076 QWAVEdrv - ok
15:50:05.0234 5076 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:50:05.0312 5076 RasAcd - ok
15:50:05.0343 5076 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:50:05.0405 5076 RasAgileVpn - ok
15:50:05.0436 5076 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
15:50:05.0514 5076 RasAuto - ok
15:50:05.0561 5076 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:50:05.0624 5076 Rasl2tp - ok
15:50:05.0702 5076 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
15:50:05.0795 5076 RasMan - ok
15:50:05.0842 5076 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:50:05.0904 5076 RasPppoe - ok
15:50:05.0936 5076 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:50:05.0998 5076 RasSstp - ok
15:50:06.0045 5076 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:50:06.0123 5076 rdbss - ok
15:50:06.0170 5076 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:50:06.0216 5076 rdpbus - ok
15:50:06.0248 5076 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:50:06.0310 5076 RDPCDD - ok
15:50:06.0341 5076 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:50:06.0388 5076 RDPENCDD - ok
15:50:06.0404 5076 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:50:06.0466 5076 RDPREFMP - ok
15:50:06.0513 5076 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:50:06.0560 5076 RDPWD - ok
15:50:06.0622 5076 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:50:06.0653 5076 rdyboost - ok
15:50:06.0684 5076 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:50:06.0747 5076 RemoteAccess - ok
15:50:06.0778 5076 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:50:06.0840 5076 RemoteRegistry - ok
15:50:06.0872 5076 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:50:06.0950 5076 RpcEptMapper - ok
15:50:06.0981 5076 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:50:07.0012 5076 RpcLocator - ok
15:50:07.0059 5076 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
15:50:07.0106 5076 RpcSs - ok
15:50:07.0152 5076 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:50:07.0230 5076 rspndr - ok
15:50:07.0277 5076 [ 8C22F21C924413D4E109995F748E18BB ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
15:50:07.0340 5076 RSUSBSTOR - ok
15:50:07.0371 5076 [ B49DC435AE3695BAC5623DD94B05732D ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
15:50:07.0433 5076 RTL8167 - ok
15:50:07.0511 5076 [ 789C177A1529F0453C625C68A4EF2F00 ] rtl8192se C:\Windows\system32\DRIVERS\rtl8192se.sys
15:50:07.0542 5076 rtl8192se - ok
15:50:07.0558 5076 RtsUIR - ok
15:50:07.0620 5076 [ EA268BCE30691C2DD24F02E617FD2EB5 ] s0016bus C:\Windows\system32\DRIVERS\s0016bus.sys
15:50:07.0667 5076 s0016bus - ok
15:50:07.0698 5076 [ F5F9DEB89996D333EF976624D37E24E3 ] s0016mdfl C:\Windows\system32\DRIVERS\s0016mdfl.sys
15:50:07.0730 5076 s0016mdfl - ok
15:50:07.0776 5076 [ C17CE2AEE67480FEBCC36ECCB54C0BE8 ] s0016mdm C:\Windows\system32\DRIVERS\s0016mdm.sys
15:50:07.0823 5076 s0016mdm - ok
15:50:07.0886 5076 [ CC267F04C54C5EC5B7BD658D7628469F ] s0016mgmt C:\Windows\system32\DRIVERS\s0016mgmt.sys
15:50:07.0901 5076 s0016mgmt - ok
15:50:07.0979 5076 [ 30A35BBCE09D9FE67482FD62C61911FC ] s0016nd5 C:\Windows\system32\DRIVERS\s0016nd5.sys
15:50:07.0995 5076 s0016nd5 - ok
15:50:08.0057 5076 [ CA394DCC38579C7AD82E83EE64D798A0 ] s0016obex C:\Windows\system32\DRIVERS\s0016obex.sys
15:50:08.0088 5076 s0016obex - ok
15:50:08.0120 5076 [ EB267CCEA84E6E8598D92F73332AC67B ] s0016unic C:\Windows\system32\DRIVERS\s0016unic.sys
15:50:08.0151 5076 s0016unic - ok
15:50:08.0166 5076 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
15:50:08.0182 5076 SamSs - ok
15:50:08.0244 5076 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:50:08.0260 5076 sbp2port - ok
15:50:08.0307 5076 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:50:08.0385 5076 SCardSvr - ok
15:50:08.0463 5076 [ B2F50286DC82B93C013E3FC57BA1A956 ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
15:50:08.0494 5076 SCDEmu - ok
15:50:08.0541 5076 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:50:08.0588 5076 scfilter - ok
15:50:08.0650 5076 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
15:50:08.0759 5076 Schedule - ok
15:50:08.0790 5076 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:50:08.0837 5076 SCPolicySvc - ok
15:50:08.0868 5076 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:50:08.0915 5076 SDRSVC - ok
15:50:09.0056 5076 [ 16A252022535B680046F6E34E136D378 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
15:50:09.0071 5076 SeaPort - ok
15:50:09.0149 5076 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:50:09.0196 5076 secdrv - ok
15:50:09.0227 5076 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
15:50:09.0290 5076 seclogon - ok
15:50:09.0321 5076 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
15:50:09.0368 5076 SENS - ok
15:50:09.0383 5076 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:50:09.0430 5076 SensrSvc - ok
15:50:09.0492 5076 [ 82215BBED5D37B0C354F0E83FD0C8423 ] Sentinel C:\Windows\System32\Drivers\SENTINEL64.SYS
15:50:10.0023 5076 Sentinel - ok
15:50:10.0085 5076 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:50:10.0132 5076 Serenum - ok
15:50:10.0148 5076 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:50:10.0179 5076 Serial - ok
15:50:10.0226 5076 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:50:10.0257 5076 sermouse - ok
15:50:10.0397 5076 [ 7D3903AF48E6C1DC2704EAFCB608D031 ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
15:50:10.0538 5076 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
15:50:10.0538 5076 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
15:50:10.0584 5076 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
15:50:10.0662 5076 SessionEnv - ok
15:50:10.0694 5076 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:50:10.0740 5076 sffdisk - ok
15:50:10.0772 5076 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:50:10.0818 5076 sffp_mmc - ok
15:50:10.0834 5076 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:50:10.0881 5076 sffp_sd - ok
15:50:10.0928 5076 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:50:10.0959 5076 sfloppy - ok
15:50:11.0006 5076 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:50:11.0084 5076 SharedAccess - ok
15:50:11.0130 5076 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:50:11.0224 5076 ShellHWDetection - ok
15:50:11.0271 5076 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:50:11.0286 5076 SiSRaid2 - ok
15:50:11.0318 5076 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:50:11.0349 5076 SiSRaid4 - ok
15:50:11.0536 5076 [ 183F04C6742902F33039913A96F5B574 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
15:50:11.0630 5076 Skype C2C Service - ok
15:50:11.0708 5076 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
15:50:11.0723 5076 SkypeUpdate - ok
15:50:11.0754 5076 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:50:11.0817 5076 Smb - ok
15:50:11.0864 5076 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:50:11.0910 5076 SNMPTRAP - ok
15:50:11.0942 5076 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:50:11.0957 5076 spldr - ok
15:50:12.0020 5076 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
15:50:12.0082 5076 Spooler - ok
15:50:12.0207 5076 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
15:50:12.0332 5076 sppsvc - ok
15:50:12.0363 5076 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:50:12.0441 5076 sppuinotify - ok
15:50:12.0566 5076 [ 602884696850C86434530790B110E8EB ] sptd C:\Windows\system32\Drivers\sptd.sys
15:50:12.0566 5076 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850C86434530790B110E8EB
15:50:12.0581 5076 sptd ( LockedFile.Multi.Generic ) - warning
15:50:12.0581 5076 sptd - detected LockedFile.Multi.Generic (1)
15:50:12.0644 5076 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
15:50:12.0690 5076 srv - ok
15:50:12.0737 5076 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:50:12.0800 5076 srv2 - ok
15:50:12.0831 5076 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:50:12.0878 5076 srvnet - ok
15:50:12.0924 5076 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:50:13.0018 5076 SSDPSRV - ok
15:50:13.0049 5076 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:50:13.0080 5076 SstpSvc - ok
15:50:13.0143 5076 [ E57B778208C783D8DEBAB320C16A1B82 ] StarOpen C:\Windows\system32\drivers\StarOpen.sys
15:50:13.0190 5076 StarOpen ( UnsignedFile.Multi.Generic ) - warning
15:50:13.0190 5076 StarOpen - detected UnsignedFile.Multi.Generic (1)
15:50:13.0221 5076 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:50:13.0252 5076 stexstor - ok
15:50:13.0314 5076 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
15:50:13.0392 5076 stisvc - ok
15:50:13.0424 5076 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
15:50:13.0455 5076 swenum - ok
15:50:13.0502 5076 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:50:13.0580 5076 swprv - ok
15:50:13.0658 5076 [ BE7311DA9D6833FA69ED04B744A1C8F8 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
15:50:13.0689 5076 SynTP - ok
15:50:13.0814 5076 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
15:50:13.0876 5076 SysMain - ok
15:50:13.0923 5076 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:50:13.0985 5076 TabletInputService - ok
15:50:14.0001 5076 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:50:14.0094 5076 TapiSrv - ok
15:50:14.0126 5076 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:50:14.0188 5076 TBS - ok
15:50:14.0266 5076 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:50:14.0344 5076 Tcpip - ok
15:50:14.0406 5076 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:50:14.0453 5076 TCPIP6 - ok
15:50:14.0500 5076 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:50:14.0516 5076 tcpipreg - ok
15:50:14.0562 5076 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\Windows\system32\DRIVERS\tdcmdpst.sys
15:50:14.0609 5076 tdcmdpst - ok
15:50:14.0625 5076 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:50:14.0656 5076 TDPIPE - ok
15:50:14.0703 5076 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:50:14.0750 5076 TDTCP - ok
15:50:14.0812 5076 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:50:14.0874 5076 tdx - ok
15:50:14.0937 5076 [ 63B4F544664DC5154FDA4213E2AF09D0 ] TemproMonitoringService C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
15:50:14.0984 5076 TemproMonitoringService - ok
15:50:15.0030 5076 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
15:50:15.0062 5076 TermDD - ok
15:50:15.0124 5076 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
15:50:15.0202 5076 TermService - ok
15:50:15.0249 5076 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
15:50:15.0296 5076 Themes - ok
15:50:15.0327 5076 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:50:15.0374 5076 THREADORDER - ok
15:50:15.0452 5076 [ 32577B987AE5401038451BB392CB8D89 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
15:50:15.0498 5076 TMachInfo - ok
15:50:15.0530 5076 [ ED32035BDFECED1AD66D459FD9CC1140 ] TODDSrv C:\Windows\system32\TODDSrv.exe
15:50:15.0545 5076 TODDSrv - ok
15:50:15.0639 5076 [ 4DB8C79BCEA76063B83B13410366A1F7 ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
15:50:15.0654 5076 TosCoSrv - ok
15:50:15.0717 5076 [ DD58E1250F604CBBADDA04575E5E2376 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
15:50:15.0795 5076 TOSHIBA HDD SSD Alert Service - ok
15:50:15.0873 5076 [ 09FF7B0B1B5C3D225495CB6F5A9B39F8 ] tos_sps64 C:\Windows\system32\DRIVERS\tos_sps64.sys
15:50:15.0904 5076 tos_sps64 - ok
15:50:15.0920 5076 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:50:15.0998 5076 TrkWks - ok
15:50:16.0076 5076 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:50:16.0154 5076 TrustedInstaller - ok
15:50:16.0200 5076 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:50:16.0263 5076 tssecsrv - ok
15:50:16.0310 5076 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:50:16.0356 5076 TsUsbFlt - ok
15:50:16.0419 5076 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:50:16.0466 5076 tunnel - ok
15:50:16.0544 5076 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS
15:50:16.0575 5076 TVALZ - ok
15:50:16.0622 5076 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:50:16.0637 5076 uagp35 - ok
15:50:16.0700 5076 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:50:16.0762 5076 udfs - ok
15:50:16.0809 5076 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:50:16.0840 5076 UI0Detect - ok
15:50:16.0856 5076 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:50:16.0887 5076 uliagpkx - ok
15:50:16.0949 5076 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
15:50:17.0012 5076 umbus - ok
15:50:17.0043 5076 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:50:17.0058 5076 UmPass - ok
15:50:17.0105 5076 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:50:17.0152 5076 upnphost - ok
15:50:17.0183 5076 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:50:17.0214 5076 usbccgp - ok
15:50:17.0214 5076 USBCCID - ok
15:50:17.0277 5076 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:50:17.0324 5076 usbcir - ok
15:50:17.0355 5076 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:50:17.0386 5076 usbehci - ok
15:50:17.0417 5076 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:50:17.0464 5076 usbhub - ok
15:50:17.0495 5076 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:50:17.0542 5076 usbohci - ok
15:50:17.0589 5076 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:50:17.0651 5076 usbprint - ok
15:50:17.0729 5076 [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser C:\Windows\system32\drivers\usbser.sys
15:50:17.0745 5076 usbser - ok
15:50:17.0776 5076 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:50:17.0807 5076 USBSTOR - ok
15:50:17.0854 5076 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
15:50:17.0885 5076 usbuhci - ok
15:50:17.0963 5076 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
15:50:18.0041 5076 usbvideo - ok
15:50:18.0072 5076 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:50:18.0135 5076 UxSms - ok
15:50:18.0150 5076 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
15:50:18.0166 5076 VaultSvc - ok
15:50:18.0197 5076 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:50:18.0213 5076 vdrvroot - ok
15:50:18.0275 5076 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
15:50:18.0338 5076 vds - ok
15:50:18.0384 5076 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:50:18.0416 5076 vga - ok
15:50:18.0431 5076 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:50:18.0494 5076 VgaSave - ok
15:50:18.0540 5076 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:50:18.0572 5076 vhdmp - ok
15:50:18.0603 5076 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
15:50:18.0618 5076 viaide - ok
15:50:18.0634 5076 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:50:18.0665 5076 volmgr - ok
15:50:18.0712 5076 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:50:18.0759 5076 volmgrx - ok
15:50:18.0806 5076 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:50:18.0868 5076 volsnap - ok
15:50:18.0899 5076 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:50:18.0930 5076 vsmraid - ok
15:50:19.0008 5076 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
15:50:19.0118 5076 VSS - ok
15:50:19.0164 5076 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:50:19.0211 5076 vwifibus - ok
15:50:19.0242 5076 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:50:19.0289 5076 vwififlt - ok
15:50:19.0336 5076 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
15:50:19.0367 5076 vwifimp - ok
15:50:19.0430 5076 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:50:19.0508 5076 W32Time - ok
15:50:19.0539 5076 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:50:19.0586 5076 WacomPen - ok
15:50:19.0632 5076 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:50:19.0742 5076 WANARP - ok
15:50:19.0757 5076 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:50:19.0788 5076 Wanarpv6 - ok
15:50:19.0882 5076 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:50:20.0210 5076 WatAdminSvc - ok
15:50:20.0288 5076 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
15:50:20.0412 5076 wbengine - ok
15:50:20.0459 5076 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:50:20.0490 5076 WbioSrvc - ok
15:50:20.0553 5076 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:50:20.0600 5076 wcncsvc - ok
15:50:20.0646 5076 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:50:20.0678 5076 WcsPlugInService - ok
15:50:20.0724 5076 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:50:20.0756 5076 Wd - ok
15:50:20.0802 5076 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:50:20.0834 5076 Wdf01000 - ok
15:50:20.0849 5076 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:50:20.0990 5076 WdiServiceHost - ok
15:50:21.0005 5076 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:50:21.0021 5076 WdiSystemHost - ok
15:50:21.0068 5076 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
15:50:21.0146 5076 WebClient - ok
15:50:21.0192 5076 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:50:21.0286 5076 Wecsvc - ok
15:50:21.0317 5076 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:50:21.0380 5076 wercplsupport - ok
15:50:21.0426 5076 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:50:21.0489 5076 WerSvc - ok
15:50:21.0536 5076 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:50:21.0582 5076 WfpLwf - ok
15:50:21.0598 5076 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:50:21.0629 5076 WIMMount - ok
15:50:21.0645 5076 WinDefend - ok
15:50:21.0645 5076 WinHttpAutoProxySvc - ok
15:50:21.0692 5076 WINIO - ok
15:50:21.0754 5076 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:50:21.0848 5076 Winmgmt - ok
15:50:21.0941 5076 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
15:50:22.0082 5076 WinRM - ok
15:50:22.0128 5076 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:50:22.0175 5076 WinUsb - ok
15:50:22.0238 5076 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:50:22.0300 5076 Wlansvc - ok
15:50:22.0362 5076 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:50:22.0394 5076 wlcrasvc - ok
15:50:22.0534 5076 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:50:22.0596 5076 wlidsvc - ok
15:50:22.0643 5076 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:50:22.0690 5076 WmiAcpi - ok
15:50:22.0737 5076 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:50:22.0799 5076 wmiApSrv - ok
15:50:22.0846 5076 WMPNetworkSvc - ok
15:50:22.0862 5076 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:50:22.0908 5076 WPCSvc - ok
15:50:22.0940 5076 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:50:22.0986 5076 WPDBusEnum - ok
15:50:23.0018 5076 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:50:23.0064 5076 ws2ifsl - ok
15:50:23.0111 5076 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
15:50:23.0174 5076 wscsvc - ok
15:50:23.0174 5076 WSearch - ok
15:50:23.0283 5076 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
15:50:23.0345 5076 wuauserv - ok
15:50:23.0376 5076 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:50:23.0423 5076 WudfPf - ok
15:50:23.0501 5076 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:50:23.0532 5076 WUDFRd - ok
15:50:23.0579 5076 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:50:23.0626 5076 wudfsvc - ok
15:50:23.0673 5076 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
15:50:23.0720 5076 WwanSvc - ok
15:50:23.0766 5076 ================ Scan global ===============================
15:50:23.0798 5076 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:50:23.0860 5076 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
15:50:23.0891 5076 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
15:50:23.0922 5076 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:50:23.0969 5076 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:50:23.0985 5076 [Global] - ok
15:50:24.0000 5076 ================ Scan MBR ==================================
15:50:24.0016 5076 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:50:25.0186 5076 \Device\Harddisk0\DR0 - ok
15:50:25.0186 5076 ================ Scan VBR ==================================
15:50:25.0217 5076 [ D1CC90A5D95595EF30D309E21D9950CA ] \Device\Harddisk0\DR0\Partition1
15:50:25.0217 5076 \Device\Harddisk0\DR0\Partition1 - ok
15:50:25.0248 5076 [ 86B232FC4279FFC5613CE921DFCFFEFB ] \Device\Harddisk0\DR0\Partition2
15:50:25.0248 5076 \Device\Harddisk0\DR0\Partition2 - ok
15:50:25.0248 5076 ============================================================
15:50:25.0248 5076 Scan finished
15:50:25.0248 5076 ============================================================
15:50:25.0280 1656 Detected object count: 5
15:50:25.0280 1656 Actual detected object count: 5
15:50:49.0397 1656 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
15:50:49.0397 1656 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:50:49.0397 1656 matlabserver ( UnsignedFile.Multi.Generic ) - skipped by user
15:50:49.0397 1656 matlabserver ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:50:49.0397 1656 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
15:50:49.0397 1656 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:50:49.0413 1656 sptd ( LockedFile.Multi.Generic ) - skipped by user
15:50:49.0413 1656 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
15:50:49.0413 1656 StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
15:50:49.0413 1656 StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip

Log z TDSKiller:

15:49:01.0601 4600 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
15:49:01.0882 4600 ============================================================
15:49:01.0882 4600 Current date / time: 2012/12/28 15:49:01.0882
15:49:01.0882 4600 SystemInfo:
15:49:01.0882 4600
15:49:01.0882 4600 OS Version: 6.1.7601 ServicePack: 1.0
15:49:01.0882 4600 Product type: Workstation
15:49:01.0882 4600 ComputerName: ALICKIN_PC
15:49:01.0882 4600 UserName: Alica
15:49:01.0882 4600 Windows directory: C:\Windows
15:49:01.0882 4600 System windows directory: C:\Windows
15:49:01.0882 4600 Running under WOW64
15:49:01.0882 4600 Processor architecture: Intel x64
15:49:01.0882 4600 Number of processors: 2
15:49:01.0882 4600 Page size: 0x1000
15:49:01.0882 4600 Boot type: Normal boot
15:49:01.0882 4600 ============================================================
15:49:07.0997 4600 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:49:07.0997 4600 ============================================================
15:49:07.0997 4600 \Device\Harddisk0\DR0:
15:49:07.0997 4600 MBR partitions:
15:49:07.0997 4600 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xC8800, BlocksNum 0x12A17000
15:49:07.0997 4600 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x12ADF800, BlocksNum 0x1294F000
15:49:07.0997 4600 ============================================================
15:49:07.0997 4600 C: <-> \Device\Harddisk0\DR0\Partition1
15:49:08.0028 4600 D: <-> \Device\Harddisk0\DR0\Partition2
15:49:08.0028 4600 ============================================================
15:49:08.0028 4600 Initialize success
15:49:08.0028 4600 ============================================================
15:49:36.0607 5076 ============================================================
15:49:36.0607 5076 Scan started
15:49:36.0607 5076 Mode: Manual; SigCheck; TDLFS;
15:49:36.0607 5076 ============================================================
15:49:36.0951 5076 ================ Scan system memory ========================
15:49:36.0951 5076 System memory - ok
15:49:36.0951 5076 ================ Scan services =============================
15:49:37.0247 5076 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:49:37.0356 5076 1394ohci - ok
15:49:37.0387 5076 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:49:37.0419 5076 ACPI - ok
15:49:37.0481 5076 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:49:37.0512 5076 AcpiPmi - ok
15:49:37.0731 5076 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:49:37.0746 5076 AdobeARMservice - ok
15:49:37.0902 5076 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:49:37.0933 5076 AdobeFlashPlayerUpdateSvc - ok
15:49:37.0996 5076 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:49:38.0043 5076 adp94xx - ok
15:49:38.0074 5076 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:49:38.0121 5076 adpahci - ok
15:49:38.0152 5076 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:49:38.0183 5076 adpu320 - ok
15:49:38.0230 5076 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:49:38.0277 5076 AeLookupSvc - ok
15:49:38.0355 5076 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
15:49:38.0417 5076 AFD - ok
15:49:38.0479 5076 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:49:38.0511 5076 agp440 - ok
15:49:38.0542 5076 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
15:49:38.0604 5076 ALG - ok
15:49:38.0667 5076 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
15:49:38.0698 5076 aliide - ok
15:49:38.0729 5076 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
15:49:38.0745 5076 amdide - ok
15:49:38.0791 5076 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:49:38.0838 5076 AmdK8 - ok
15:49:38.0869 5076 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:49:38.0916 5076 AmdPPM - ok
15:49:38.0963 5076 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:49:38.0994 5076 amdsata - ok
15:49:39.0041 5076 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:49:39.0072 5076 amdsbs - ok
15:49:39.0103 5076 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:49:39.0135 5076 amdxata - ok
15:49:39.0181 5076 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
15:49:39.0275 5076 AppID - ok
15:49:39.0306 5076 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:49:39.0369 5076 AppIDSvc - ok
15:49:39.0431 5076 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
15:49:39.0509 5076 Appinfo - ok
15:49:39.0587 5076 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
15:49:39.0634 5076 arc - ok
15:49:39.0774 5076 [ 338DEABD788009F2D043D3080E29930D ] ArcGIS License Manager C:\Program Files (x86)\ESRI\License\arcgis9x\lmgrd.exe
15:49:39.0821 5076 ArcGIS License Manager - ok
15:49:39.0868 5076 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:49:39.0883 5076 arcsas - ok
15:49:40.0024 5076 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:49:40.0071 5076 aspnet_state - ok
15:49:40.0086 5076 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:49:40.0164 5076 AsyncMac - ok
15:49:40.0227 5076 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
15:49:40.0273 5076 atapi - ok
15:49:40.0320 5076 [ E857EEE6B92AAA473EBB3465ADD8F7E7 ] athr C:\Windows\system32\DRIVERS\athrx.sys
15:49:40.0383 5076 athr - ok
15:49:40.0554 5076 [ 3EFD964D52221360AF0673CD61C2F4F5 ] atikmdag C:\Windows\system32\drivers\atikmdag.sys
15:49:40.0788 5076 atikmdag - ok
15:49:40.0866 5076 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:49:40.0960 5076 AudioEndpointBuilder - ok
15:49:40.0975 5076 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:49:41.0007 5076 AudioSrv - ok
15:49:41.0069 5076 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:49:41.0131 5076 AxInstSV - ok
15:49:41.0194 5076 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
15:49:41.0256 5076 b06bdrv - ok
15:49:41.0303 5076 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:49:41.0350 5076 b57nd60a - ok
15:49:41.0412 5076 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
15:49:41.0459 5076 BDESVC - ok
15:49:41.0475 5076 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
15:49:41.0521 5076 Beep - ok
15:49:41.0599 5076 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
15:49:41.0693 5076 BFE - ok
15:49:41.0755 5076 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
15:49:41.0865 5076 BITS - ok
15:49:41.0896 5076 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:49:41.0943 5076 blbdrive - ok
15:49:42.0005 5076 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:49:42.0036 5076 bowser - ok
15:49:42.0099 5076 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:49:42.0161 5076 BrFiltLo - ok
15:49:42.0192 5076 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:49:42.0208 5076 BrFiltUp - ok
15:49:42.0255 5076 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
15:49:42.0317 5076 BridgeMP - ok
15:49:42.0364 5076 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
15:49:42.0411 5076 Browser - ok
15:49:42.0442 5076 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:49:42.0489 5076 Brserid - ok
15:49:42.0520 5076 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:49:42.0567 5076 BrSerWdm - ok
15:49:42.0582 5076 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:49:42.0629 5076 BrUsbMdm - ok
15:49:42.0660 5076 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:49:42.0723 5076 BrUsbSer - ok
15:49:42.0754 5076 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:49:42.0801 5076 BTHMODEM - ok
15:49:42.0863 5076 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
15:49:42.0941 5076 bthserv - ok
15:49:42.0957 5076 catchme - ok
15:49:42.0988 5076 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:49:43.0050 5076 cdfs - ok
15:49:43.0128 5076 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:49:43.0175 5076 cdrom - ok
15:49:43.0222 5076 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
15:49:43.0300 5076 CertPropSvc - ok
15:49:43.0471 5076 [ 837FF2D497880198C918E6954DBD170C ] cfWiMAXService C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
15:49:43.0487 5076 cfWiMAXService - ok
15:49:43.0518 5076 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:49:43.0565 5076 circlass - ok
15:49:43.0596 5076 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
15:49:43.0659 5076 CLFS - ok
15:49:43.0721 5076 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:49:43.0783 5076 clr_optimization_v2.0.50727_32 - ok
15:49:43.0815 5076 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:49:43.0861 5076 clr_optimization_v2.0.50727_64 - ok
15:49:43.0955 5076 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:49:43.0971 5076 clr_optimization_v4.0.30319_32 - ok
15:49:43.0986 5076 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:49:44.0002 5076 clr_optimization_v4.0.30319_64 - ok
15:49:44.0033 5076 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:49:44.0080 5076 CmBatt - ok
15:49:44.0095 5076 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:49:44.0127 5076 cmdide - ok
15:49:44.0189 5076 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
15:49:44.0236 5076 CNG - ok
15:49:44.0283 5076 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:49:44.0314 5076 Compbatt - ok
15:49:44.0376 5076 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
15:49:44.0423 5076 CompositeBus - ok
15:49:44.0439 5076 COMSysApp - ok
15:49:44.0485 5076 [ D252C53BCDFC199BBA55EEB10CDB266E ] ConfigFree Gadget Service C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
15:49:44.0501 5076 ConfigFree Gadget Service - ok
15:49:44.0548 5076 [ CAB0EEAF5295FC96DDD3E19DCE27E131 ] ConfigFree Service C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
15:49:44.0563 5076 ConfigFree Service - ok
15:49:44.0610 5076 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:49:44.0626 5076 crcdisk - ok
15:49:44.0688 5076 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:49:44.0735 5076 CryptSvc - ok
15:49:44.0782 5076 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:49:44.0844 5076 DcomLaunch - ok
15:49:44.0891 5076 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
15:49:44.0969 5076 defragsvc - ok
15:49:45.0031 5076 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:49:45.0094 5076 DfsC - ok
15:49:45.0172 5076 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
15:49:45.0234 5076 Dhcp - ok
15:49:45.0250 5076 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
15:49:45.0312 5076 discache - ok
15:49:45.0359 5076 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
15:49:45.0390 5076 Disk - ok
15:49:45.0437 5076 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:49:45.0484 5076 Dnscache - ok
15:49:45.0562 5076 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
15:49:45.0671 5076 dot3svc - ok
15:49:45.0718 5076 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
15:49:45.0765 5076 DPS - ok
15:49:45.0811 5076 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:49:45.0858 5076 drmkaud - ok
15:49:45.0921 5076 dump_wmimmc - ok
15:49:46.0014 5076 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:49:46.0077 5076 DXGKrnl - ok
15:49:46.0123 5076 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
15:49:46.0201 5076 EapHost - ok
15:49:46.0435 5076 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
15:49:46.0576 5076 ebdrv - ok
15:49:46.0623 5076 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
15:49:46.0669 5076 EFS - ok
15:49:46.0794 5076 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:49:46.0872 5076 ehRecvr - ok
15:49:46.0919 5076 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
15:49:46.0966 5076 ehSched - ok
15:49:47.0028 5076 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:49:47.0060 5076 elxstor - ok
15:49:47.0106 5076 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:49:47.0122 5076 ErrDev - ok
15:49:47.0184 5076 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
15:49:47.0247 5076 EventSystem - ok
15:49:47.0278 5076 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
15:49:47.0325 5076 exfat - ok
15:49:47.0356 5076 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:49:47.0418 5076 fastfat - ok
15:49:47.0559 5076 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
15:49:47.0652 5076 Fax - ok
15:49:47.0699 5076 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:49:47.0730 5076 fdc - ok
15:49:47.0762 5076 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
15:49:47.0824 5076 fdPHost - ok
15:49:47.0840 5076 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
15:49:47.0918 5076 FDResPub - ok
15:49:47.0949 5076 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:49:47.0980 5076 FileInfo - ok
15:49:47.0996 5076 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:49:48.0058 5076 Filetrace - ok
15:49:48.0105 5076 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:49:48.0152 5076 flpydisk - ok
15:49:48.0183 5076 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:49:48.0245 5076 FltMgr - ok
15:49:48.0339 5076 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
15:49:48.0432 5076 FontCache - ok
15:49:48.0542 5076 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:49:48.0573 5076 FontCache3.0.0.0 - ok
15:49:48.0604 5076 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:49:48.0620 5076 FsDepends - ok
15:49:48.0666 5076 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
15:49:48.0713 5076 fssfltr - ok
15:49:48.0916 5076 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
15:49:49.0088 5076 fsssvc - ok
15:49:49.0119 5076 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:49:49.0150 5076 Fs_Rec - ok
15:49:49.0197 5076 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:49:49.0244 5076 fvevol - ok
15:49:49.0290 5076 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:49:49.0306 5076 gagp30kx - ok
15:49:49.0353 5076 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
15:49:49.0431 5076 gpsvc - ok
15:49:49.0478 5076 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
15:49:49.0571 5076 gusvc - ok
15:49:49.0618 5076 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:49:49.0649 5076 hcw85cir - ok
15:49:49.0727 5076 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:49:49.0790 5076 HdAudAddService - ok
15:49:49.0805 5076 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
15:49:49.0852 5076 HDAudBus - ok
15:49:49.0883 5076 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:49:49.0930 5076 HidBatt - ok
15:49:49.0961 5076 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:49:50.0008 5076 HidBth - ok
15:49:50.0039 5076 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:49:50.0070 5076 HidIr - ok
15:49:50.0102 5076 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
15:49:50.0180 5076 hidserv - ok
15:49:50.0242 5076 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:49:50.0289 5076 HidUsb - ok
15:49:50.0320 5076 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:49:50.0429 5076 hkmsvc - ok
15:49:50.0460 5076 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:49:50.0507 5076 HomeGroupListener - ok
15:49:50.0538 5076 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:49:50.0554 5076 HomeGroupProvider - ok
15:49:50.0616 5076 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:49:50.0632 5076 HpSAMD - ok
15:49:50.0694 5076 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:49:50.0788 5076 HTTP - ok
15:49:50.0835 5076 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:49:50.0850 5076 hwpolicy - ok
15:49:50.0913 5076 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:49:50.0944 5076 i8042prt - ok
15:49:50.0991 5076 [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
15:49:51.0022 5076 iaStor - ok
15:49:51.0084 5076 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:49:51.0147 5076 iaStorV - ok
15:49:51.0240 5076 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
15:49:51.0303 5076 IDriverT ( UnsignedFile.Multi.Generic ) - warning
15:49:51.0303 5076 IDriverT - detected UnsignedFile.Multi.Generic (1)
15:49:51.0396 5076 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:49:51.0459 5076 idsvc - ok
15:49:51.0708 5076 [ 3C3F27002ABC69C5AFE29CBE6CF7ADDF ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
15:49:51.0989 5076 igfx - ok
15:49:52.0052 5076 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:49:52.0083 5076 iirsp - ok
15:49:52.0145 5076 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
15:49:52.0239 5076 IKEEXT - ok
15:49:52.0442 5076 [ 0C3CF4B3BAE28E121A1689E3538F8712 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:49:52.0535 5076 IntcAzAudAddService - ok
15:49:52.0582 5076 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
15:49:52.0613 5076 intelide - ok
15:49:52.0644 5076 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:49:52.0676 5076 intelppm - ok
15:49:52.0707 5076 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:49:52.0785 5076 IPBusEnum - ok
15:49:52.0832 5076 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:49:52.0894 5076 IpFilterDriver - ok
15:49:52.0956 5076 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:49:53.0003 5076 iphlpsvc - ok
15:49:53.0034 5076 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:49:53.0081 5076 IPMIDRV - ok
15:49:53.0128 5076 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:49:53.0190 5076 IPNAT - ok
15:49:53.0237 5076 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:49:53.0268 5076 IRENUM - ok
15:49:53.0331 5076 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:49:53.0346 5076 isapnp - ok
15:49:53.0378 5076 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:49:53.0424 5076 iScsiPrt - ok
15:49:53.0456 5076 ISODisk - ok
15:49:53.0502 5076 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:49:53.0534 5076 kbdclass - ok
15:49:53.0565 5076 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:49:53.0596 5076 kbdhid - ok
15:49:53.0627 5076 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
15:49:53.0643 5076 KeyIso - ok
15:49:53.0690 5076 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:49:53.0736 5076 KSecDD - ok
15:49:53.0768 5076 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:49:53.0799 5076 KSecPkg - ok
15:49:53.0830 5076 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:49:53.0892 5076 ksthunk - ok
15:49:53.0955 5076 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
15:49:54.0033 5076 KtmRm - ok
15:49:54.0111 5076 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
15:49:54.0204 5076 LanmanServer - ok
15:49:54.0267 5076 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:49:54.0360 5076 LanmanWorkstation - ok
15:49:54.0407 5076 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:49:54.0470 5076 lltdio - ok
15:49:54.0532 5076 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:49:54.0610 5076 lltdsvc - ok
15:49:54.0641 5076 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:49:54.0704 5076 lmhosts - ok
15:49:54.0750 5076 [ 41E122F6D1448C94CC05196BC41D6BFB ] LPCFilter C:\Windows\system32\DRIVERS\LPCFilter.sys
15:49:54.0766 5076 LPCFilter - ok
15:49:54.0797 5076 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:49:54.0828 5076 LSI_FC - ok
15:49:54.0844 5076 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:49:54.0875 5076 LSI_SAS - ok
15:49:54.0875 5076 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:49:54.0906 5076 LSI_SAS2 - ok
15:49:54.0922 5076 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:49:54.0953 5076 LSI_SCSI - ok
15:49:54.0984 5076 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
15:49:55.0062 5076 luafv - ok
15:49:55.0187 5076 [ A02707EABECCF78D43F41E8DAD7AC0A6 ] matlabserver C:\MATLAB701\webserver\bin\win32\matlabserver.exe
15:49:55.0343 5076 matlabserver ( UnsignedFile.Multi.Generic ) - warning
15:49:55.0343 5076 matlabserver - detected UnsignedFile.Multi.Generic (1)
15:49:55.0390 5076 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:49:55.0437 5076 Mcx2Svc - ok
15:49:55.0468 5076 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:49:55.0499 5076 megasas - ok
15:49:55.0530 5076 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:49:55.0562 5076 MegaSR - ok
15:49:55.0655 5076 Microsoft SharePoint Workspace Audit Service - ok
15:49:55.0702 5076 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
15:49:55.0749 5076 MMCSS - ok
15:49:55.0780 5076 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
15:49:55.0842 5076 Modem - ok
15:49:55.0858 5076 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:49:55.0905 5076 monitor - ok
15:49:55.0920 5076 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:49:55.0952 5076 mouclass - ok
15:49:56.0014 5076 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:49:56.0061 5076 mouhid - ok
15:49:56.0092 5076 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:49:56.0123 5076 mountmgr - ok
15:49:56.0217 5076 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:49:56.0295 5076 MozillaMaintenance - ok
15:49:56.0373 5076 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
15:49:56.0404 5076 MpFilter - ok
15:49:56.0420 5076 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
15:49:56.0451 5076 mpio - ok
15:49:56.0482 5076 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:49:56.0560 5076 mpsdrv - ok
15:49:56.0607 5076 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:49:56.0716 5076 MpsSvc - ok
15:49:56.0763 5076 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:49:56.0825 5076 MRxDAV - ok
15:49:56.0856 5076 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:49:56.0903 5076 mrxsmb - ok
15:49:56.0950 5076 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:49:56.0997 5076 mrxsmb10 - ok
15:49:57.0028 5076 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:49:57.0059 5076 mrxsmb20 - ok
15:49:57.0090 5076 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
15:49:57.0122 5076 msahci - ok
15:49:57.0153 5076 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:49:57.0184 5076 msdsm - ok
15:49:57.0215 5076 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
15:49:57.0246 5076 MSDTC - ok
15:49:57.0309 5076 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:49:57.0356 5076 Msfs - ok
15:49:57.0387 5076 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:49:57.0449 5076 mshidkmdf - ok
15:49:57.0480 5076 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:49:57.0496 5076 msisadrv - ok
15:49:57.0574 5076 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:49:57.0668 5076 MSiSCSI - ok
15:49:57.0683 5076 msiserver - ok
15:49:57.0714 5076 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:49:57.0761 5076 MSKSSRV - ok
15:49:57.0886 5076 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
15:49:57.0902 5076 MsMpSvc - ok
15:49:57.0964 5076 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:49:58.0042 5076 MSPCLOCK - ok
15:49:58.0073 5076 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:49:58.0136 5076 MSPQM - ok
15:49:58.0182 5076 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:49:58.0214 5076 MsRPC - ok
15:49:58.0260 5076 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
15:49:58.0276 5076 mssmbios - ok
15:49:58.0292 5076 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:49:58.0354 5076 MSTEE - ok
15:49:58.0385 5076 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:49:58.0416 5076 MTConfig - ok
15:49:58.0448 5076 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
15:49:58.0479 5076 Mup - ok
15:49:58.0541 5076 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
15:49:58.0619 5076 napagent - ok
15:49:58.0682 5076 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:49:58.0728 5076 NativeWifiP - ok
15:49:58.0869 5076 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:49:58.0916 5076 NDIS - ok
15:49:58.0994 5076 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:49:59.0040 5076 NdisCap - ok
15:49:59.0056 5076 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:49:59.0134 5076 NdisTapi - ok
15:49:59.0181 5076 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:49:59.0243 5076 Ndisuio - ok
15:49:59.0274 5076 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:49:59.0352 5076 NdisWan - ok
15:49:59.0399 5076 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:49:59.0462 5076 NDProxy - ok
15:49:59.0477 5076 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:49:59.0540 5076 NetBIOS - ok
15:49:59.0571 5076 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:49:59.0649 5076 NetBT - ok
15:49:59.0696 5076 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
15:49:59.0711 5076 Netlogon - ok
15:49:59.0774 5076 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
15:49:59.0852 5076 Netman - ok
15:49:59.0898 5076 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:49:59.0930 5076 NetMsmqActivator - ok
15:49:59.0945 5076 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:49:59.0945 5076 NetPipeActivator - ok
15:49:59.0992 5076 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
15:50:00.0054 5076 netprofm - ok
15:50:00.0086 5076 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:50:00.0101 5076 NetTcpActivator - ok
15:50:00.0101 5076 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:50:00.0117 5076 NetTcpPortSharing - ok
15:50:00.0164 5076 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
15:50:00.0179 5076 nfrd960 - ok
15:50:00.0242 5076 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:50:00.0257 5076 NisDrv - ok
15:50:00.0320 5076 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
15:50:00.0335 5076 NisSrv - ok
15:50:00.0366 5076 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:50:00.0429 5076 NlaSvc - ok
15:50:00.0522 5076 [ 7AEA4DF1CA68FD45DD4BBE1F0243CE7F ] NMSAccess C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
15:50:00.0585 5076 NMSAccess - ok
15:50:00.0647 5076 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:50:00.0694 5076 Npfs - ok
15:50:00.0710 5076 npggsvc - ok
15:50:00.0725 5076 NPPTNT2 - ok
15:50:00.0756 5076 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
15:50:00.0803 5076 nsi - ok
15:50:00.0834 5076 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:50:00.0897 5076 nsiproxy - ok
15:50:00.0975 5076 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:50:01.0037 5076 Ntfs - ok
15:50:01.0084 5076 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
15:50:01.0146 5076 Null - ok
15:50:01.0178 5076 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:50:01.0209 5076 nvraid - ok
15:50:01.0256 5076 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:50:01.0287 5076 nvstor - ok
15:50:01.0334 5076 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:50:01.0365 5076 nv_agp - ok
15:50:01.0396 5076 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:50:01.0427 5076 ohci1394 - ok
15:50:01.0521 5076 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:50:01.0583 5076 ose - ok
15:50:01.0880 5076 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:50:02.0644 5076 osppsvc - ok
15:50:02.0691 5076 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:50:02.0738 5076 p2pimsvc - ok
15:50:02.0769 5076 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
15:50:02.0816 5076 p2psvc - ok
15:50:02.0847 5076 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:50:02.0878 5076 Parport - ok
15:50:02.0909 5076 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:50:02.0940 5076 partmgr - ok
15:50:02.0956 5076 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:50:03.0018 5076 PcaSvc - ok
15:50:03.0050 5076 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
15:50:03.0081 5076 pci - ok
15:50:03.0112 5076 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
15:50:03.0128 5076 pciide - ok
15:50:03.0159 5076 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:50:03.0190 5076 pcmcia - ok
15:50:03.0206 5076 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:50:03.0237 5076 pcw - ok
15:50:03.0299 5076 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:50:03.0362 5076 PEAUTH - ok
15:50:03.0440 5076 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:50:03.0502 5076 PerfHost - ok
15:50:03.0658 5076 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
15:50:03.0798 5076 pla - ok
15:50:03.0861 5076 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:50:03.0939 5076 PlugPlay - ok
15:50:03.0970 5076 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:50:04.0017 5076 PNRPAutoReg - ok
15:50:04.0079 5076 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:50:04.0095 5076 PNRPsvc - ok
15:50:04.0142 5076 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:50:04.0235 5076 PolicyAgent - ok
15:50:04.0266 5076 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
15:50:04.0344 5076 Power - ok
15:50:04.0422 5076 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:50:04.0485 5076 PptpMiniport - ok
15:50:04.0516 5076 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:50:04.0563 5076 Processor - ok
15:50:04.0641 5076 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
15:50:04.0719 5076 ProfSvc - ok
15:50:04.0750 5076 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:50:04.0766 5076 ProtectedStorage - ok
15:50:04.0812 5076 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:50:04.0890 5076 Psched - ok
15:50:04.0922 5076 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:50:04.0984 5076 ql2300 - ok
15:50:05.0031 5076 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:50:05.0062 5076 ql40xx - ok
15:50:05.0109 5076 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
15:50:05.0156 5076 QWAVE - ok
15:50:05.0171 5076 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:50:05.0218 5076 QWAVEdrv - ok
15:50:05.0234 5076 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:50:05.0312 5076 RasAcd - ok
15:50:05.0343 5076 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:50:05.0405 5076 RasAgileVpn - ok
15:50:05.0436 5076 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
15:50:05.0514 5076 RasAuto - ok
15:50:05.0561 5076 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:50:05.0624 5076 Rasl2tp - ok
15:50:05.0702 5076 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
15:50:05.0795 5076 RasMan - ok
15:50:05.0842 5076 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:50:05.0904 5076 RasPppoe - ok
15:50:05.0936 5076 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:50:05.0998 5076 RasSstp - ok
15:50:06.0045 5076 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:50:06.0123 5076 rdbss - ok
15:50:06.0170 5076 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:50:06.0216 5076 rdpbus - ok
15:50:06.0248 5076 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:50:06.0310 5076 RDPCDD - ok
15:50:06.0341 5076 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:50:06.0388 5076 RDPENCDD - ok
15:50:06.0404 5076 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:50:06.0466 5076 RDPREFMP - ok
15:50:06.0513 5076 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:50:06.0560 5076 RDPWD - ok
15:50:06.0622 5076 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:50:06.0653 5076 rdyboost - ok
15:50:06.0684 5076 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:50:06.0747 5076 RemoteAccess - ok
15:50:06.0778 5076 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:50:06.0840 5076 RemoteRegistry - ok
15:50:06.0872 5076 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:50:06.0950 5076 RpcEptMapper - ok
15:50:06.0981 5076 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:50:07.0012 5076 RpcLocator - ok
15:50:07.0059 5076 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
15:50:07.0106 5076 RpcSs - ok
15:50:07.0152 5076 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:50:07.0230 5076 rspndr - ok
15:50:07.0277 5076 [ 8C22F21C924413D4E109995F748E18BB ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
15:50:07.0340 5076 RSUSBSTOR - ok
15:50:07.0371 5076 [ B49DC435AE3695BAC5623DD94B05732D ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
15:50:07.0433 5076 RTL8167 - ok
15:50:07.0511 5076 [ 789C177A1529F0453C625C68A4EF2F00 ] rtl8192se C:\Windows\system32\DRIVERS\rtl8192se.sys
15:50:07.0542 5076 rtl8192se - ok
15:50:07.0558 5076 RtsUIR - ok
15:50:07.0620 5076 [ EA268BCE30691C2DD24F02E617FD2EB5 ] s0016bus C:\Windows\system32\DRIVERS\s0016bus.sys
15:50:07.0667 5076 s0016bus - ok
15:50:07.0698 5076 [ F5F9DEB89996D333EF976624D37E24E3 ] s0016mdfl C:\Windows\system32\DRIVERS\s0016mdfl.sys
15:50:07.0730 5076 s0016mdfl - ok
15:50:07.0776 5076 [ C17CE2AEE67480FEBCC36ECCB54C0BE8 ] s0016mdm C:\Windows\system32\DRIVERS\s0016mdm.sys
15:50:07.0823 5076 s0016mdm - ok
15:50:07.0886 5076 [ CC267F04C54C5EC5B7BD658D7628469F ] s0016mgmt C:\Windows\system32\DRIVERS\s0016mgmt.sys
15:50:07.0901 5076 s0016mgmt - ok
15:50:07.0979 5076 [ 30A35BBCE09D9FE67482FD62C61911FC ] s0016nd5 C:\Windows\system32\DRIVERS\s0016nd5.sys
15:50:07.0995 5076 s0016nd5 - ok
15:50:08.0057 5076 [ CA394DCC38579C7AD82E83EE64D798A0 ] s0016obex C:\Windows\system32\DRIVERS\s0016obex.sys
15:50:08.0088 5076 s0016obex - ok
15:50:08.0120 5076 [ EB267CCEA84E6E8598D92F73332AC67B ] s0016unic C:\Windows\system32\DRIVERS\s0016unic.sys
15:50:08.0151 5076 s0016unic - ok
15:50:08.0166 5076 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
15:50:08.0182 5076 SamSs - ok
15:50:08.0244 5076 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:50:08.0260 5076 sbp2port - ok
15:50:08.0307 5076 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:50:08.0385 5076 SCardSvr - ok
15:50:08.0463 5076 [ B2F50286DC82B93C013E3FC57BA1A956 ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
15:50:08.0494 5076 SCDEmu - ok
15:50:08.0541 5076 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:50:08.0588 5076 scfilter - ok
15:50:08.0650 5076 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
15:50:08.0759 5076 Schedule - ok
15:50:08.0790 5076 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:50:08.0837 5076 SCPolicySvc - ok
15:50:08.0868 5076 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:50:08.0915 5076 SDRSVC - ok
15:50:09.0056 5076 [ 16A252022535B680046F6E34E136D378 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
15:50:09.0071 5076 SeaPort - ok
15:50:09.0149 5076 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:50:09.0196 5076 secdrv - ok
15:50:09.0227 5076 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
15:50:09.0290 5076 seclogon - ok
15:50:09.0321 5076 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
15:50:09.0368 5076 SENS - ok
15:50:09.0383 5076 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:50:09.0430 5076 SensrSvc - ok
15:50:09.0492 5076 [ 82215BBED5D37B0C354F0E83FD0C8423 ] Sentinel C:\Windows\System32\Drivers\SENTINEL64.SYS
15:50:10.0023 5076 Sentinel - ok
15:50:10.0085 5076 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:50:10.0132 5076 Serenum - ok
15:50:10.0148 5076 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:50:10.0179 5076 Serial - ok
15:50:10.0226 5076 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:50:10.0257 5076 sermouse - ok
15:50:10.0397 5076 [ 7D3903AF48E6C1DC2704EAFCB608D031 ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
15:50:10.0538 5076 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
15:50:10.0538 5076 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
15:50:10.0584 5076 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
15:50:10.0662 5076 SessionEnv - ok
15:50:10.0694 5076 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:50:10.0740 5076 sffdisk - ok
15:50:10.0772 5076 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:50:10.0818 5076 sffp_mmc - ok
15:50:10.0834 5076 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:50:10.0881 5076 sffp_sd - ok
15:50:10.0928 5076 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:50:10.0959 5076 sfloppy - ok
15:50:11.0006 5076 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:50:11.0084 5076 SharedAccess - ok
15:50:11.0130 5076 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:50:11.0224 5076 ShellHWDetection - ok
15:50:11.0271 5076 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:50:11.0286 5076 SiSRaid2 - ok
15:50:11.0318 5076 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:50:11.0349 5076 SiSRaid4 - ok
15:50:11.0536 5076 [ 183F04C6742902F33039913A96F5B574 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
15:50:11.0630 5076 Skype C2C Service - ok
15:50:11.0708 5076 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
15:50:11.0723 5076 SkypeUpdate - ok
15:50:11.0754 5076 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:50:11.0817 5076 Smb - ok
15:50:11.0864 5076 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:50:11.0910 5076 SNMPTRAP - ok
15:50:11.0942 5076 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:50:11.0957 5076 spldr - ok
15:50:12.0020 5076 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
15:50:12.0082 5076 Spooler - ok
15:50:12.0207 5076 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
15:50:12.0332 5076 sppsvc - ok
15:50:12.0363 5076 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:50:12.0441 5076 sppuinotify - ok
15:50:12.0566 5076 [ 602884696850C86434530790B110E8EB ] sptd C:\Windows\system32\Drivers\sptd.sys
15:50:12.0566 5076 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850C86434530790B110E8EB
15:50:12.0581 5076 sptd ( LockedFile.Multi.Generic ) - warning
15:50:12.0581 5076 sptd - detected LockedFile.Multi.Generic (1)
15:50:12.0644 5076 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
15:50:12.0690 5076 srv - ok
15:50:12.0737 5076 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:50:12.0800 5076 srv2 - ok
15:50:12.0831 5076 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:50:12.0878 5076 srvnet - ok
15:50:12.0924 5076 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:50:13.0018 5076 SSDPSRV - ok
15:50:13.0049 5076 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:50:13.0080 5076 SstpSvc - ok
15:50:13.0143 5076 [ E57B778208C783D8DEBAB320C16A1B82 ] StarOpen C:\Windows\system32\drivers\StarOpen.sys
15:50:13.0190 5076 StarOpen ( UnsignedFile.Multi.Generic ) - warning
15:50:13.0190 5076 StarOpen - detected UnsignedFile.Multi.Generic (1)
15:50:13.0221 5076 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:50:13.0252 5076 stexstor - ok
15:50:13.0314 5076 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
15:50:13.0392 5076 stisvc - ok
15:50:13.0424 5076 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
15:50:13.0455 5076 swenum - ok
15:50:13.0502 5076 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:50:13.0580 5076 swprv - ok
15:50:13.0658 5076 [ BE7311DA9D6833FA69ED04B744A1C8F8 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
15:50:13.0689 5076 SynTP - ok
15:50:13.0814 5076 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
15:50:13.0876 5076 SysMain - ok
15:50:13.0923 5076 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:50:13.0985 5076 TabletInputService - ok
15:50:14.0001 5076 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:50:14.0094 5076 TapiSrv - ok
15:50:14.0126 5076 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:50:14.0188 5076 TBS - ok
15:50:14.0266 5076 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:50:14.0344 5076 Tcpip - ok
15:50:14.0406 5076 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:50:14.0453 5076 TCPIP6 - ok
15:50:14.0500 5076 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:50:14.0516 5076 tcpipreg - ok
15:50:14.0562 5076 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\Windows\system32\DRIVERS\tdcmdpst.sys
15:50:14.0609 5076 tdcmdpst - ok
15:50:14.0625 5076 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:50:14.0656 5076 TDPIPE - ok
15:50:14.0703 5076 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:50:14.0750 5076 TDTCP - ok
15:50:14.0812 5076 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:50:14.0874 5076 tdx - ok
15:50:14.0937 5076 [ 63B4F544664DC5154FDA4213E2AF09D0 ] TemproMonitoringService C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
15:50:14.0984 5076 TemproMonitoringService - ok
15:50:15.0030 5076 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
15:50:15.0062 5076 TermDD - ok
15:50:15.0124 5076 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
15:50:15.0202 5076 TermService - ok
15:50:15.0249 5076 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
15:50:15.0296 5076 Themes - ok
15:50:15.0327 5076 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:50:15.0374 5076 THREADORDER - ok
15:50:15.0452 5076 [ 32577B987AE5401038451BB392CB8D89 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
15:50:15.0498 5076 TMachInfo - ok
15:50:15.0530 5076 [ ED32035BDFECED1AD66D459FD9CC1140 ] TODDSrv C:\Windows\system32\TODDSrv.exe
15:50:15.0545 5076 TODDSrv - ok
15:50:15.0639 5076 [ 4DB8C79BCEA76063B83B13410366A1F7 ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
15:50:15.0654 5076 TosCoSrv - ok
15:50:15.0717 5076 [ DD58E1250F604CBBADDA04575E5E2376 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
15:50:15.0795 5076 TOSHIBA HDD SSD Alert Service - ok
15:50:15.0873 5076 [ 09FF7B0B1B5C3D225495CB6F5A9B39F8 ] tos_sps64 C:\Windows\system32\DRIVERS\tos_sps64.sys
15:50:15.0904 5076 tos_sps64 - ok
15:50:15.0920 5076 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:50:15.0998 5076 TrkWks - ok
15:50:16.0076 5076 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:50:16.0154 5076 TrustedInstaller - ok
15:50:16.0200 5076 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:50:16.0263 5076 tssecsrv - ok
15:50:16.0310 5076 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:50:16.0356 5076 TsUsbFlt - ok
15:50:16.0419 5076 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:50:16.0466 5076 tunnel - ok
15:50:16.0544 5076 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS
15:50:16.0575 5076 TVALZ - ok
15:50:16.0622 5076 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:50:16.0637 5076 uagp35 - ok
15:50:16.0700 5076 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:50:16.0762 5076 udfs - ok
15:50:16.0809 5076 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:50:16.0840 5076 UI0Detect - ok
15:50:16.0856 5076 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:50:16.0887 5076 uliagpkx - ok
15:50:16.0949 5076 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
15:50:17.0012 5076 umbus - ok
15:50:17.0043 5076 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:50:17.0058 5076 UmPass - ok
15:50:17.0105 5076 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:50:17.0152 5076 upnphost - ok
15:50:17.0183 5076 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:50:17.0214 5076 usbccgp - ok
15:50:17.0214 5076 USBCCID - ok
15:50:17.0277 5076 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:50:17.0324 5076 usbcir - ok
15:50:17.0355 5076 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:50:17.0386 5076 usbehci - ok
15:50:17.0417 5076 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:50:17.0464 5076 usbhub - ok
15:50:17.0495 5076 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:50:17.0542 5076 usbohci - ok
15:50:17.0589 5076 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:50:17.0651 5076 usbprint - ok
15:50:17.0729 5076 [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser C:\Windows\system32\drivers\usbser.sys
15:50:17.0745 5076 usbser - ok
15:50:17.0776 5076 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:50:17.0807 5076 USBSTOR - ok
15:50:17.0854 5076 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
15:50:17.0885 5076 usbuhci - ok
15:50:17.0963 5076 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
15:50:18.0041 5076 usbvideo - ok
15:50:18.0072 5076 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:50:18.0135 5076 UxSms - ok
15:50:18.0150 5076 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
15:50:18.0166 5076 VaultSvc - ok
15:50:18.0197 5076 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:50:18.0213 5076 vdrvroot - ok
15:50:18.0275 5076 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
15:50:18.0338 5076 vds - ok
15:50:18.0384 5076 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:50:18.0416 5076 vga - ok
15:50:18.0431 5076 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:50:18.0494 5076 VgaSave - ok
15:50:18.0540 5076 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:50:18.0572 5076 vhdmp - ok
15:50:18.0603 5076 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
15:50:18.0618 5076 viaide - ok
15:50:18.0634 5076 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:50:18.0665 5076 volmgr - ok
15:50:18.0712 5076 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:50:18.0759 5076 volmgrx - ok
15:50:18.0806 5076 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:50:18.0868 5076 volsnap - ok
15:50:18.0899 5076 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:50:18.0930 5076 vsmraid - ok
15:50:19.0008 5076 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
15:50:19.0118 5076 VSS - ok
15:50:19.0164 5076 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:50:19.0211 5076 vwifibus - ok
15:50:19.0242 5076 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:50:19.0289 5076 vwififlt - ok
15:50:19.0336 5076 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
15:50:19.0367 5076 vwifimp - ok
15:50:19.0430 5076 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:50:19.0508 5076 W32Time - ok
15:50:19.0539 5076 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:50:19.0586 5076 WacomPen - ok
15:50:19.0632 5076 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:50:19.0742 5076 WANARP - ok
15:50:19.0757 5076 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:50:19.0788 5076 Wanarpv6 - ok
15:50:19.0882 5076 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:50:20.0210 5076 WatAdminSvc - ok
15:50:20.0288 5076 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
15:50:20.0412 5076 wbengine - ok
15:50:20.0459 5076 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:50:20.0490 5076 WbioSrvc - ok
15:50:20.0553 5076 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:50:20.0600 5076 wcncsvc - ok
15:50:20.0646 5076 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:50:20.0678 5076 WcsPlugInService - ok
15:50:20.0724 5076 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:50:20.0756 5076 Wd - ok
15:50:20.0802 5076 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:50:20.0834 5076 Wdf01000 - ok
15:50:20.0849 5076 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:50:20.0990 5076 WdiServiceHost - ok
15:50:21.0005 5076 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:50:21.0021 5076 WdiSystemHost - ok
15:50:21.0068 5076 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
15:50:21.0146 5076 WebClient - ok
15:50:21.0192 5076 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:50:21.0286 5076 Wecsvc - ok
15:50:21.0317 5076 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:50:21.0380 5076 wercplsupport - ok
15:50:21.0426 5076 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:50:21.0489 5076 WerSvc - ok
15:50:21.0536 5076 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:50:21.0582 5076 WfpLwf - ok
15:50:21.0598 5076 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:50:21.0629 5076 WIMMount - ok
15:50:21.0645 5076 WinDefend - ok
15:50:21.0645 5076 WinHttpAutoProxySvc - ok
15:50:21.0692 5076 WINIO - ok
15:50:21.0754 5076 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:50:21.0848 5076 Winmgmt - ok
15:50:21.0941 5076 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
15:50:22.0082 5076 WinRM - ok
15:50:22.0128 5076 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:50:22.0175 5076 WinUsb - ok
15:50:22.0238 5076 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:50:22.0300 5076 Wlansvc - ok
15:50:22.0362 5076 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:50:22.0394 5076 wlcrasvc - ok
15:50:22.0534 5076 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:50:22.0596 5076 wlidsvc - ok
15:50:22.0643 5076 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:50:22.0690 5076 WmiAcpi - ok
15:50:22.0737 5076 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:50:22.0799 5076 wmiApSrv - ok
15:50:22.0846 5076 WMPNetworkSvc - ok
15:50:22.0862 5076 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:50:22.0908 5076 WPCSvc - ok
15:50:22.0940 5076 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:50:22.0986 5076 WPDBusEnum - ok
15:50:23.0018 5076 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:50:23.0064 5076 ws2ifsl - ok
15:50:23.0111 5076 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
15:50:23.0174 5076 wscsvc - ok
15:50:23.0174 5076 WSearch - ok
15:50:23.0283 5076 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
15:50:23.0345 5076 wuauserv - ok
15:50:23.0376 5076 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:50:23.0423 5076 WudfPf - ok
15:50:23.0501 5076 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:50:23.0532 5076 WUDFRd - ok
15:50:23.0579 5076 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:50:23.0626 5076 wudfsvc - ok
15:50:23.0673 5076 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
15:50:23.0720 5076 WwanSvc - ok
15:50:23.0766 5076 ================ Scan global ===============================
15:50:23.0798 5076 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:50:23.0860 5076 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
15:50:23.0891 5076 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
15:50:23.0922 5076 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:50:23.0969 5076 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:50:23.0985 5076 [Global] - ok
15:50:24.0000 5076 ================ Scan MBR ==================================
15:50:24.0016 5076 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:50:25.0186 5076 \Device\Harddisk0\DR0 - ok
15:50:25.0186 5076 ================ Scan VBR ==================================
15:50:25.0217 5076 [ D1CC90A5D95595EF30D309E21D9950CA ] \Device\Harddisk0\DR0\Partition1
15:50:25.0217 5076 \Device\Harddisk0\DR0\Partition1 - ok
15:50:25.0248 5076 [ 86B232FC4279FFC5613CE921DFCFFEFB ] \Device\Harddisk0\DR0\Partition2
15:50:25.0248 5076 \Device\Harddisk0\DR0\Partition2 - ok
15:50:25.0248 5076 ============================================================
15:50:25.0248 5076 Scan finished
15:50:25.0248 5076 ============================================================
15:50:25.0280 1656 Detected object count: 5
15:50:25.0280 1656 Actual detected object count: 5
15:50:49.0397 1656 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
15:50:49.0397 1656 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:50:49.0397 1656 matlabserver ( UnsignedFile.Multi.Generic ) - skipped by user
15:50:49.0397 1656 matlabserver ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:50:49.0397 1656 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
15:50:49.0397 1656 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:50:49.0413 1656 sptd ( LockedFile.Multi.Generic ) - skipped by user
15:50:49.0413 1656 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
15:50:49.0413 1656 StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
15:50:49.0413 1656 StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip

LOG z OTL

Ten SpyBot som nepouzil ja, subory som zmazal, shlwapiy.dll sa mi nedari otestovat, nejde s nim nic robit - kopirovat, menit atributy ani cez TotalCommander s pravami spravcu.

Po odstraneni tych 3 suborov a restarte nabehne antivirak, ale centrum zabezpecenia hlasi ten isty problem.

Prikladam log z CF:

ComboFix 12-12-27.03 - Alica . 12. 2012 19:50:05.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1029.18.2937.1506 [GMT 1:00]
Running from: c:\users\Alica\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\SecureW2
c:\program files (x86)\SecureW2\Uninstall.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\SecureW2
c:\programdata\Microsoft\Windows\Start Menu\Programs\SecureW2\TTLS Manager.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\SecureW2\Uninstall.lnk
c:\users\Alica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SecureW2
.
.
((((((((((((((((((((((((( Files Created from 2012-11-27 to 2012-12-27 )))))))))))))))))))))))))))))))
.
.
2012-12-27 18:59 . 2012-12-27 18:59 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-26 11:03 . 2012-12-26 11:03 -------- d-----w- c:\users\Alica\AppData\Local\APN
2012-12-26 01:53 . 2012-12-26 01:53 959976 ----a-w- c:\windows\system32\deployJava1.dll
2012-12-26 01:53 . 2012-12-26 01:53 308200 ----a-w- c:\windows\system32\javaws.exe
2012-12-26 01:53 . 2012-12-26 01:53 1081320 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-12-26 01:53 . 2012-12-26 01:53 188392 ----a-w- c:\windows\system32\javaw.exe
2012-12-26 01:53 . 2012-12-26 01:53 188392 ----a-w- c:\windows\system32\java.exe
2012-12-26 01:53 . 2012-12-26 01:53 108008 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2012-12-26 01:53 . 2012-12-26 01:53 -------- d-----w- c:\program files\Java
2012-12-25 23:49 . 2012-12-25 23:49 -------- d-----w- c:\users\Alica\AppData\Roaming\Malwarebytes
2012-12-25 23:49 . 2012-12-25 23:49 -------- d-----w- c:\programdata\Malwarebytes
2012-12-25 22:33 . 2012-12-25 22:33 -------- d-----w- c:\program files (x86)\Enigma Software Group
2012-12-25 19:01 . 2012-12-26 12:29 -------- d-----w- c:\program files (x86)\SpyHunter-4.1.11.0-+-Crack
2012-12-25 17:10 . 2012-12-25 17:10 -------- d-----w- c:\program files\Enigma Software Group
2012-12-25 17:10 . 2012-12-25 22:33 -------- d-----w- c:\windows\83B952C7F8F34CA3B4C533C85B24E478.TMP
2012-12-25 16:47 . 2012-12-25 16:47 2888 ----a-w- c:\programdata\dsgsdgdsgdsgw.js
2012-12-22 10:08 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-22 10:08 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-22 10:08 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-22 10:08 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-14 10:38 . 2012-12-14 13:34 -------- d-----w- c:\program files (x86)\Graboid
2012-12-13 06:42 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-10 07:27 . 2012-12-10 07:27 -------- d-----w- c:\users\Alica\AppData\Local\Macromedia
2012-12-10 07:23 . 2012-12-12 12:05 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-04 06:41 . 2012-12-04 06:41 -------- d-----w- c:\program files (x86)\Common Files\Skype
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-14 00:05 . 2011-06-17 17:36 67413224 ----a-w- c:\windows\system32\MRT.exe
2012-12-12 12:05 . 2011-12-04 15:39 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-16 08:38 . 2012-11-28 05:59 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-28 05:59 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-28 05:59 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-12 07:19 . 2012-10-23 07:54 9291768 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{38535B24-DBE8-4D95-8923-B3CC5FEF4A65}\mpengine.dll
2012-10-09 18:17 . 2012-11-15 10:23 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-10-09 18:17 . 2012-11-15 10:23 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-10-09 17:40 . 2012-11-15 10:23 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40 . 2012-11-15 10:23 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
2012-10-04 16:40 . 2012-12-13 06:42 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-10-03 17:56 . 2012-11-15 10:23 1914248 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-10-03 17:44 . 2012-11-15 10:23 70656 ----a-w- c:\windows\system32\nlaapi.dll
2012-10-03 17:44 . 2012-11-15 10:23 303104 ----a-w- c:\windows\system32\nlasvc.dll
2012-10-03 17:44 . 2012-11-15 10:23 246272 ----a-w- c:\windows\system32\netcorehc.dll
2012-10-03 17:44 . 2012-11-15 10:23 18944 ----a-w- c:\windows\system32\netevent.dll
2012-10-03 17:44 . 2012-11-15 10:23 216576 ----a-w- c:\windows\system32\ncsi.dll
2012-10-03 17:42 . 2012-11-15 10:23 569344 ----a-w- c:\windows\system32\iphlpsvc.dll
2012-10-03 16:42 . 2012-11-15 10:23 18944 ----a-w- c:\windows\SysWow64\netevent.dll
2012-10-03 16:42 . 2012-11-15 10:23 175104 ----a-w- c:\windows\SysWow64\netcorehc.dll
2012-10-03 16:42 . 2012-11-15 10:23 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
2012-10-03 16:07 . 2012-11-15 10:23 45568 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2010-06-23 14:44 . 2003-12-11 00:26 53248 ----a-w- c:\program files (x86)\LCISOCreator.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"OfficeSyncProcess"="c:\program files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" [2012-01-20 719672]
"Spybot-S&D Cleaning"="c:\program files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" [2012-11-13 3713032]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SVPWUTIL"="c:\program files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe" [2009-08-12 352256]
"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2009-06-02 423936]
"KeNotify"="c:\program files (x86)\TOSHIBA\Utilities\KeNotify.exe" [2009-01-13 34088]
"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2009-08-17 1294136]
"PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2011-06-15 307200]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2012-11-13 3825176]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"="c:\program files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe" [2009-08-12 6203296]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 ISODisk;ISODisk; [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-11-13 168384]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-12-13 3290896]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
R3 dump_wmimmc;dump_wmimmc;c:\program files\L2\L2\system\GameGuard\dump_wmimmc.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-07-30 222208]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\DRIVERS\s0016bus.sys [2008-05-16 115240]
R3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 19496]
R3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 158760]
R3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 137256]
R3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 34344]
R3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0016obex.sys [2008-05-16 136744]
R3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\DRIVERS\s0016unic.sys [2008-05-16 151592]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-08-17 51512]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-08-03 137560]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-23 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2012-03-12 834544]
S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\DRIVERS\tos_sps64.sys [2009-07-24 482384]
S2 ArcGIS License Manager;ArcGIS License Manager;c:\program files (x86)\ESRI\License\arcgis9x\lmgrd.exe [2008-08-02 1431440]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2009-08-10 248688]
S2 ConfigFree Gadget Service;ConfigFree Gadget Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [2009-07-14 42368]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-11-13 1103392]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-11-13 1369624]
S2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [2009-08-06 116104]
S3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [2011-06-20 1225832]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-12-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-10 12:05]
.
2012-12-27 c:\windows\Tasks\FBQQWZCGU.job
- c:\windows\system32\rundll32.exe [2009-07-13 01:14]
.
2012-12-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3701055342-4171601920-3176660044-1000Core.job
- c:\users\Alica\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-16 08:36]
.
2012-12-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3701055342-4171601920-3176660044-1000UA.job
- c:\users\Alica\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-16 08:36]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Toshiba TEMPRO"="c:\program files (x86)\Toshiba TEMPRO\TemproTray.exe" [2009-08-06 1050000]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-28 7982112]
"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaReminder.exe" [2009-07-30 134032]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-02 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-02 387608]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-02 365592]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 1289704]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.avira.com/?l=dis&o=APN10401&gct=hp&dc=EU&locale=en_SK
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = 127.0.0.1:9421;<local>
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovať do programu Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&oslať do programu OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
Trusted Zone: ukf.sk
TCP: DhcpNameServer = 188.123.97.2 188.123.106.66
FF - ProfilePath - c:\users\Alica\AppData\Roaming\Mozilla\Firefox\Profiles\4mxdsk9o.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://search.avira.com/?l=dis&o=APN10401&gct=hp&dc=EU&locale=en_SK
FF - ExtSQL: 2012-12-26 11:31; {EEE6C361-6118-11DC-9C72-001320C79847}; c:\users\Alica\AppData\Roaming\Mozilla\Firefox\Profiles\4mxdsk9o.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
.
- - - - ORPHANS REMOVED - - - -
.
Notify-SDWinLogon - SDWinLogon.dll
SafeBoot-mcmscsvc
SafeBoot-MCODS
HKLM-Run-TosNC - c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
HKLM-Run-TosReelTimeMonitor - c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
HKLM-Run-SmoothView - c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe
HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
HKLM-Run-00TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-SmartFaceVWatcher - c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
AddRemove-SecureW2 EAP Suite - c:\program files (x86)\SecureW2\Uninstall.exe
AddRemove-DRPSu Updater - c:\users\Alica\AppData\Roaming\DRPSu\DrvUpdater.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3701055342-4171601920-3176660044-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-3701055342-4171601920-3176660044-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.9"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil9f.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil9f.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]
@Denied: (A 2) (Everyone)
@="IFlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-12-27 20:06:31
ComboFix-quarantined-files.txt 2012-12-27 19:06
.
Pre-Run: Volných bajtů: 41 119 752 192
Post-Run: Volných bajtů: 40 330 346 496
.
- - End Of File - - 00E1DA1D8120D81CC84AF68AAA239908

Ten shlwapiy.dll je necitatelny aj v nudzovom rezime.

Ja dakujem, Microsoft Security Essentials nezistil pri hlbkovej kontrole nic. Po restarte PC sa ale vzdy vypne ochrana v realnom case v MSE.

Dakujem, centrum zabezpecenia uz funguje, ani antivirak sa nevypina.

Log Opened: 2012-12-29 @ 15:34:49
15:34:49 - -----------------
15:34:49 - | Begin Logging |
15:34:49 - -----------------
15:34:49 - Fix started on a WIN_7 X64 computer
15:34:49 - Prep in progress. Please Wait.
15:34:55 - Prep complete
15:34:55 - Repairing Services Now. Please wait...
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\BFE.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\SubLayer>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\Provider>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\Filter>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\BootTime\Filter>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\BootTime>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\BITS.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Performance>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\iphlpsvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Teredo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Teredo\{FA88062C-9A61-4C1E-AC45-7143F8F01AAD}>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Teredo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Isatap\{8AD2FB26-F91E-44F1-9B24-3C0AE56C9CE0}>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Isatap>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\IPHTTPS>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Interfaces>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\config>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\MpsSvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\Teredo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\RPC-EPMap>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\IPTLSOut>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\IPTLSIn>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\DHCP>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\SharedAccess.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static\System>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable\System>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\GloballyOpenPorts>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Epoch2>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Epoch>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\StandardProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\StandardProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\PublicProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\PublicProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\FirewallRules>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\DomainProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\DomainProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\WinDefend.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\TriggerInfo\0>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\TriggerInfo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\wscsvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\wuauserv.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv>

SetACL finished successfully.
15:34:56 - Services Repair Complete.
15:35:13 - Reboot Initiated

Dakujem pekne, zatial som sa na ziadnom fore nestretol s takouto ochotou pomoct