VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

potvury v ntb

https://forum.viry.cz:443/viewtopic.php?t=143658

Stránka 1 z 2

potvury v ntb

Napsal: 23 bře 2015 22:46
od olhor
Dobry vecer,
dostal se mi do rukou notebook, ktery byl radne zavirovany, prevazne v adresari appdata a pak jsem to projel jeste adwcleanerem a mbam, posledni jmenovany jiz nic nenasel. Ted k problemu, po tom vsem je ntb porad zpomaleny. Jiz jsem vypnul co se da po spusteni, probral sluzby, vycistil ccleanerem, zkontroloval disk jestli neni poskozeny a vypnul aero. Musi tam jeste nekde neco byt vnorene, jinak fakt uz nevim. :o

Tady je log z FRST:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-03-2015
Ran by Jarda at 2015-03-23 22:33:17
Running from C:\Users\Jarda\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Smart Security 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personální firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.0.0.0 - Adobe Systems Incorporated)
Acrobat.com (Version: 2.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.9.0.1030 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.0.42.34 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
BatteryBar (remove only) (HKLM\...\BatteryBar) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
CyberLink PowerDVD 10 (HKLM\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1705 - CyberLink Corp.)
CyberLink PowerDVD 10.0.1516.51 - odinstalovat češtinu (HKLM\...\CyberLink PowerDVD 10.0.1516.51) (Version: - Michellin & Pavlík)
ESET Smart Security (HKLM\...\{A68ED22D-17E8-4B1C-A32F-12177796BA61}) (Version: 8.0.304.1 - ESET, spol s r. o.)
Google Drive (HKLM\...\{6C36881B-0E51-4231-9D02-BF2149664D34}) (Version: 1.20.8672.3137 - Google, Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 41.0.2272.101 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Java 7 Update 76 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217076FF}) (Version: 7.0.760 - Oracle)
KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version: 3.9.1.132 - PandoraTV)
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
ModelPrint 1.0.52 (HKLM\...\ModelPrint 1.0.52) (Version: 1.0.52 - )
Mozilla Firefox 36.0.4 (x86 cs) (HKLM\...\Mozilla Firefox 36.0.4 (x86 cs)) (Version: 36.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 36.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 0.9.9 - Frank Heindörfer, Philip Chinery)
pdfforge Toolbar v1.1.2 (HKLM\...\{5791B7D3-8B34-4218-9750-6A8E45D0AD32}) (Version: 1.1.2 - Spigot, Inc.) <==== ATTENTION
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
STORMWARE PDF Printer 10.1.0.1871 (HKLM\...\STORMWARE PDF Printer_is1) (Version: 10.1.0.1871 - STORMWARE)
STORMWARE POHODA CZ Standard MLP (HKLM\...\{21E61A26-B4FC-4366-B914-E1C67A505784}) (Version: 10800.192 - STORMWARE)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 7.50a - Ghisler Software GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VLC media player 2.1.2 (HKLM\...\VLC media player) (Version: 2.1.2 - VideoLAN)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000_Classes\CLSID\{052253BF-F1FF-4686-B231-8D1904DEED68}\InprocServer32 -> C:\Users\Jarda\AppData\Local\VTShared\Graphicsmgr.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000_Classes\CLSID\{0F81C552-68AD-4AAB-99D2-26F7F72A423C}\InprocServer32 -> C:\Users\Jarda\AppData\Local\VTShared\Commmgr.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000_Classes\CLSID\{1B72D1C3-A1B3-4C87-9552-894CFF74051F}\InprocServer32 -> C:\Users\Jarda\AppData\Local\VTShared\Windowmgr.dll ()
CustomCLSID: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000_Classes\CLSID\{1BC0C7E7-0ADF-4FCE-9FBD-70B2DBC3BD48}\InprocServer32 -> C:\Users\Jarda\AppData\Local\VTShared\GameMdl.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000_Classes\CLSID\{1E1C74D3-EF64-4F13-B631-DFDCEE4572FD}\InprocServer32 -> C:\Users\Jarda\AppData\Local\VTShared\Loginmgr.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000_Classes\CLSID\{1FD9E587-43E1-4F1F-A41F-A6E8B93A5546}\InprocServer32 -> C:\Users\Jarda\AppData\Local\VTShared\Graphicsmgr.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000_Classes\CLSID\{2D0235FC-1701-4F1C-B36C-84CD8813EDB5}\InprocServer32 -> C:\Users\Jarda\AppData\Local\VTShared\Graphicsmgr.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000_Classes\CLSID\{31DC369C-75C3-4D8B-9C2D-0B10BF77BA0F}\InprocServer32 -> C:\Users\Jarda\AppData\Local\VTShared\Graphicsmgr.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000_Classes\CLSID\{343ADE39-3C61-421B-93CB-19C44D33ED9B}\InprocServer32 -> C:\Users\Jarda\AppData\Local\VTShared\Graphicsmgr.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000_Classes\CLSID\{47231DCA-F7A4-4696-B836-B2430D451226}\InprocServer32 -> C:\Users\Jarda\AppData\Local\VTShared\Imagemgr.dll ()
CustomCLSID: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000_Classes\CLSID\{4AC4E235-EB53-4942-B113-931D66A470B8}\InprocServer32 -> C:\Users\Jarda\AppData\Local\VTShared\GameSelectorMdl.dll ()
CustomCLSID: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000_Classes\CLSID\{50021F2A-9C64-4766-A697-84E366A407B1}\InprocServer32 -> C:\Users\Jarda\AppData\Local\VTShared\Windowmgr.dll ()
CustomCLSID: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000_Classes\CLSID\{50632C37-EDD8-4B8F-A32B-8E280D942A8E}\InprocServer32 -> C:\Users\Jarda\AppData\Local\VTShared\Graphicsmgr.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000_Classes\CLSID\{51B894AD-B2D5-48F6-B1D1-C1F0CF849587}\InprocServer32 -> C:\Users\Jarda\AppData\Local\VTShared\Graphicsmgr.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000_Classes\CLSID\{553E32D1-AAF3-406A-B19E-E575829EC651}\InprocServer32 -> C:\Users\Jarda\AppData\Local\VTShared\Graphicsmgr.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000_Classes\CLSID\{648326CD-6F37-4A8F-BF14-E2BAD67AAAA8}\InprocServer32 -> C:\Users\Jarda\AppData\Local\VTShared\Graphicsmgr.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000_Classes\CLSID\{693566bc-21f8-401e-8d42-e2c5ce50dacc}\localserver32 -> C:\Users\Jarda\AppData\Local\Temp\{d5641912-e47a-429c-879e-cfe13eac7a13}\IDriver.NonElevated.exe No (the data entry has 4 more characters).
CustomCLSID: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000_Classes\CLSID\{6BB1EAF0-7572-4166-9DF4-2A817F5FCD83}\InprocServer32 -> C:\Users\Jarda\AppData\Local\VTShared\Graphicsmgr.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000_Classes\CLSID\{6F80F85C-FC5C-4C7E-B7ED-9ECCECC7CF57}\InprocServer32 -> C:\Users\Jarda\AppData\Local\VTShared\Configmgr.dll ()
CustomCLSID: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000_Classes\CLSID\{72A62965-EF25-42E0-97CE-7A2D69BF28C0}\InprocServer32 -> C:\Users\Jarda\AppData\Local\VTShared\Windowmgr.dll ()
CustomCLSID: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000_Classes\CLSID\{8A0F754D-9636-4771-A1A6-8A1126E03345}\InprocServer32 -> C:\Users\Jarda\AppData\Local\VTShared\Windowmgr.dll ()
CustomCLSID: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000_Classes\CLSID\{8A73CF97-446B-46AD-964C-2C3400CAA60F}\InprocServer32 -> C:\Users\Jarda\AppData\Local\VTShared\Graphicsmgr.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000_Classes\CLSID\{8B48847D-052F-4153-93B8-7223BFF1C406}\InprocServer32 -> C:\Users\Jarda\AppData\Local\VTShared\Commmgr.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000_Classes\CLSID\{8B5F91E9-0032-4560-93B0-4539497C5366}\InprocServer32 -> C:\Users\Jarda\AppData\Local\VTShared\Windowmgr.dll ()
CustomCLSID: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000_Classes\CLSID\{941D2E9A-D724-4FB5-94D5-775B70E8C408}\InprocServer32 -> C:\Users\Jarda\AppData\Local\VTShared\Graphicsmgr.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000_Classes\CLSID\{97637B78-01D0-4A40-A842-68774AA416BB}\InprocServer32 -> C:\Users\Jarda\AppData\Local\VTShared\Windowmgr.dll ()
CustomCLSID: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000_Classes\CLSID\{987585FA-DD0C-4E8B-8FC2-89B1181CA701}\InprocServer32 -> C:\Users\Jarda\AppData\Local\VTShared\Graphicsmgr.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000_Classes\CLSID\{9A5A84A0-2E60-47D1-8C75-278A8D0F41FF}\InprocServer32 -> C:\Users\Jarda\AppData\Local\VTShared\Graphicsmgr.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000_Classes\CLSID\{9E8F05AF-C18E-4A72-8743-A479EFD255E6}\InprocServer32 -> C:\Users\Jarda\AppData\Local\VTShared\Windowmgr.dll ()
CustomCLSID: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000_Classes\CLSID\{A16CA865-CD74-46EC-9432-74579FD657A0}\InprocServer32 -> C:\Users\Jarda\AppData\Local\VTShared\Graphicsmgr.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000_Classes\CLSID\{A2DF38B5-93D0-44D6-8130-AA80F351F852}\InprocServer32 -> C:\Users\Jarda\AppData\Local\VTShared\Timemgr.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000_Classes\CLSID\{A70E086C-1477-4B0C-808A-94EF8271ED39}\InprocServer32 -> C:\Users\Jarda\AppData\Local\VTShared\Resourcemgr.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000_Classes\CLSID\{A7674421-DB75-4081-B0FE-2B378F1FFAEB}\InprocServer32 -> C:\Users\Jarda\AppData\Local\VTShared\GameMdl.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000_Classes\CLSID\{ACAB158F-423F-4D59-BEDD-15C9E0CC2DD1}\InprocServer32 -> C:\Users\Jarda\AppData\Local\VTShared\Windowmgr.dll ()
CustomCLSID: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000_Classes\CLSID\{B10A3751-CC13-4A25-875B-EEC84674C6C0}\InprocServer32 -> C:\Users\Jarda\AppData\Local\VTShared\Soundmgr.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000_Classes\CLSID\{B1267A8A-D143-41F7-A655-5765A8464796}\InprocServer32 -> C:\Users\Jarda\AppData\Local\VTShared\Graphicsmgr.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000_Classes\CLSID\{B6C64A50-7BB8-441B-AE31-C4366C84BF00}\InprocServer32 -> C:\Users\Jarda\AppData\Local\VTShared\Graphicsmgr.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000_Classes\CLSID\{B8217B92-8FDD-4A74-9417-B77BD74F62B7}\InprocServer32 -> C:\Users\Jarda\AppData\Local\VTShared\Windowmgr.dll ()
CustomCLSID: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000_Classes\CLSID\{BD75936F-2B69-477E-9E9A-218FFAF35F49}\InprocServer32 -> C:\Users\Jarda\AppData\Local\VTShared\Graphicsmgr.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000_Classes\CLSID\{BE742811-02F4-4D7E-87C1-886909462A16}\InprocServer32 -> C:\Users\Jarda\AppData\Local\VTShared\Modulemgr.dll ()
CustomCLSID: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000_Classes\CLSID\{D2E87C0B-C06A-4E69-8A41-0AC3117505B4}\InprocServer32 -> C:\Users\Jarda\AppData\Local\VTShared\Graphicsmgr.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000_Classes\CLSID\{D4A86438-A95B-487D-8B1D-1E67B2A0F379}\InprocServer32 -> C:\Users\Jarda\AppData\Local\VTShared\DownloadMgr.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000_Classes\CLSID\{D7B3EAC0-36D9-459E-AC96-3A88309FDDCC}\InprocServer32 -> C:\Users\Jarda\AppData\Local\VTShared\Graphicsmgr.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000_Classes\CLSID\{E65E6AAE-9169-4625-B98D-EB903E707116}\InprocServer32 -> C:\Users\Jarda\AppData\Local\VTShared\Windowmgr.dll ()
CustomCLSID: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000_Classes\CLSID\{E6BFA606-59F2-4CD6-89C8-DAED6D789027}\InprocServer32 -> C:\Users\Jarda\AppData\Local\VTShared\Windowmgr.dll ()
CustomCLSID: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000_Classes\CLSID\{E9AC37A2-E79C-4CA3-A6A8-1884BF9A7852}\InprocServer32 -> C:\Users\Jarda\AppData\Local\VTShared\Graphicsmgr.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000_Classes\CLSID\{EAD67B06-459C-48B9-90C1-5F2F34D4F83F}\InprocServer32 -> C:\Users\Jarda\AppData\Local\VTShared\Windowmgr.dll ()
CustomCLSID: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000_Classes\CLSID\{ECA7C134-E84B-4E6B-A3E2-355FCB853766}\InprocServer32 -> C:\Users\Jarda\AppData\Local\VTShared\Graphicsmgr.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000_Classes\CLSID\{ED0BD0F4-ECAC-41D2-BD28-0ABFB129F40C}\InprocServer32 -> C:\Users\Jarda\AppData\Local\VTShared\VersionMgr.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000_Classes\CLSID\{F0349E13-BD03-4073-BA25-6B2610C0750D}\InprocServer32 -> C:\Users\Jarda\AppData\Local\VTShared\Graphicsmgr.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000_Classes\CLSID\{F53E4C9E-703C-41f3-8F69-C7E3D277594B}\InprocServer32 -> C:\Users\Jarda\AppData\Local\VTShared\Graphicsmgr.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000_Classes\CLSID\{FD995983-DC2B-4B97-B3FE-E9534AA1A769}\InprocServer32 -> C:\Users\Jarda\AppData\Local\VTShared\Graphicsmgr.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000_Classes\CLSID\{FE0AA82B-B32A-4D54-BA97-918D2A9F6E70}\InprocServer32 -> C:\Users\Jarda\AppData\Local\VTShared\Windowmgr.dll ()

==================== Restore Points =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0149987B-2C2D-4941-848C-E999C7496C02} - System32\Tasks\{D5A08C13-DAF9-4305-A17F-1CC81566FEFC} => pcalua.exe -a G:\setup.exe -d G:\
Task: {03ED2C1B-E46E-4DE5-B1BD-61F97D352BA6} - System32\Tasks\{B69A4323-FD1D-4B76-8412-759752B923CC} => pcalua.exe -a G:\Installer.exe -d G:\
Task: {046A7CD2-2F9E-4595-B321-A65C03ACDE52} - System32\Tasks\{F6826F31-F3CC-4BD2-8FB9-98F054DCAFF9} => pcalua.exe -a "C:\Program Files\Common Files\CADS Shared\StructuralDesigners\SteelMemberDesigner\Uninstall SMD.exe" -c C:\Program Files\Common Files\CADS Shared\StructuralDesigners\SteelMemberDesigner\Install.log
Task: {0745BB18-569D-43FD-8243-6C9380AB0252} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: {0F025A5E-FA56-4BD1-A5DC-049A963E13BC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {0FA489BC-4407-49B5-953B-7AF80A0A3AB6} - System32\Tasks\{3151EBA5-BC2F-4EAE-BD04-E002892505D4} => C:\Program Files\Skype\Phone\Skype.exe
Task: {1123A1E1-A512-40F4-B438-284550483057} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-23] (Adobe Systems Incorporated)
Task: {18E4DCD7-61BC-4A86-927F-49F4C534D943} - System32\Tasks\{7C9A15EB-DDFE-4842-907B-E0811B66206D} => pcalua.exe -a D:\hry\steam\steam.exe -c steam://uninstall/34200
Task: {22C585C2-C4B2-42A3-B819-388C5CF0808E} - System32\Tasks\{1DD1D994-D800-4B08-9F53-A3C14D8C4136} => pcalua.exe -a C:\Users\Jarda\AppData\Roaming\webssearches\UninstallManager.exe -c -ptid=kmp <==== ATTENTION
Task: {2382DBB0-DF9F-434F-98EB-BC05AAE6E1FF} - System32\Tasks\{C068C1CF-590E-4CFF-99B8-4FE2237B7895} => pcalua.exe -a "D:\hry\Warcraft III\w3_battle124bfix2\w3_battle124bfix2.exe" -d "D:\hry\Warcraft III\w3_battle124bfix2"
Task: {39D2CC2A-653E-47A7-BF55-3F69388F9E02} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-12-08] (Google Inc.)
Task: {3BBF137E-A8C3-4160-AF21-BD4AC4C06097} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {3DE5B956-522F-4F2D-ADCD-CDB8B0EF67D4} - System32\Tasks\{8E132A3C-514B-4098-8F65-900F6C109F7F} => Firefox.exe http://ui.skype.com/ui/0/6.0.0.126/cs/a ... rogressBar
Task: {5156D418-52AE-407D-94F4-61F2192EEA8F} - System32\Tasks\{7C74393A-60C9-43B2-9AEB-0861D91C2830} => pcalua.exe -a C:\Users\Jarda\Desktop\modem\Axesstel_Setup.exe -d C:\Users\Jarda\Desktop\modem
Task: {5AB1A5AE-012B-48CA-BF9A-D547623D4EDC} - System32\Tasks\{AAEAB2D3-9384-4D1A-A8B0-F05D5A11A446} => pcalua.exe -a D:\hry\w3_battle124bfix2\w3_battle124bfix2.exe -d D:\hry\w3_battle124bfix2
Task: {5DF48A6B-6E8D-4119-A20A-D266D35B6998} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-12-08] (Google Inc.)
Task: {5EDDAC18-82CF-437E-9D7B-1F2FD93D23AC} - System32\Tasks\{693BC7DC-C27F-4B3A-98AA-4942A618693F} => pcalua.exe -a "C:\Program Files\ModelPrint\1.0.52\uninstall.bat"
Task: {76DAE199-868B-41E2-ADE2-6BA4B788045E} - System32\Tasks\{FAEE0FF3-DD9B-42C2-B79B-6235F2329D60} => pcalua.exe -a G:\setup.exe -d G:\
Task: {771A4A4A-F53F-40C6-85A6-F622A8A19626} - System32\Tasks\{1C2E7BC4-24F7-4777-A1C6-4162AA6BE30A} => pcalua.exe -a F:\AUTORUN.EXE -d F:\
Task: {888BF0F9-B878-4D91-BB5B-839060BAFE52} - System32\Tasks\{8E20E725-3F61-4868-AD80-C85558789323} => pcalua.exe -a G:\setup.exe -d G:\
Task: {ACE47E23-1BA6-4CDF-A467-7635DA199FDE} - System32\Tasks\{18E89797-CAA7-43F9-81B6-B878762E0086} => pcalua.exe -a "C:\Program Files\InstallShield Installation Information\{6DBAF277-66A6-4DA9-8E01-AA549CED1DDB}\setup.exe" -c -runfromtemp -l0x0405 -removeonly
Task: {CD743E61-14B3-48CC-AD12-6D425F13D21C} - System32\Tasks\{307DDD9B-C03E-418E-AF28-245397E5F407} => pcalua.exe -a "C:\Program Files\AutoCAD 2010\Setup\Setup.exe" -c /P {5783F2D7-8001-0405-0002-0060B0CE6BBA} /M ACAD /language cs-CZ
Task: {CF4DF457-A4D7-4C22-92F7-1247BF8FFF7C} - System32\Tasks\{F2C1836E-D463-4432-AB93-5521B96CAF91} => pcalua.exe -a "D:\prace\škola\Projekt 1\Geo_5.exe" -d "D:\prace\škola\Projekt 1"

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2010-02-05 08:38 - 2001-10-28 16:42 - 00116224 _____ () C:\Windows\System32\pdfcmnnt.dll
2010-02-04 07:41 - 2008-08-29 10:55 - 00132608 _____ () C:\Program Files\WinRAR\rarext.dll
2010-02-04 07:41 - 2008-09-03 15:28 - 00319488 _____ () C:\Program Files\WinRAR\rarlng.dll
2014-03-23 23:29 - 2014-03-23 23:29 - 00818176 _____ () C:\CPP\CppKalkulacky\platforms\qwindows.dll
2013-12-04 15:48 - 2014-02-01 16:39 - 00818176 _____ () C:\Program Files\Kooperativa\KoopPxBN\platforms\qwindows.dll
2015-03-23 13:13 - 2015-03-23 13:13 - 16858288 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_134.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Windows\System32:{4B9A1497-0817-47C4-9612-D6A1C53ACF57}

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2850153352-4128204203-4000747475-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jarda\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 3
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: FLEXnet Licensing Service => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: KoopPdfService => 3
MSCONFIG\startupreg: BDRegion => C:\Program Files\Cyberlink\Shared files\brs.exe
MSCONFIG\startupreg: RemoteControl10 => "C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe"

==================== Accounts: =============================

Administrator (S-1-5-21-2850153352-4128204203-4000747475-500 - Administrator - Disabled)
Guest (S-1-5-21-2850153352-4128204203-4000747475-501 - Limited - Disabled)
Jarda (S-1-5-21-2850153352-4128204203-4000747475-1000 - Administrator - Enabled) => C:\Users\Jarda

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/23/2015 08:57:47 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Index nebyl inicializován.

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (03/23/2015 08:57:47 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Aplikace nebyla inicializována.

Kontext: aplikace Windows

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (03/23/2015 08:57:47 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Objekt indexování nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (03/23/2015 08:57:47 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.TripoliIndexer> nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Prvek nebyl nalezen. (HRESULT : 0x80070490) (0x80070490)

Error: (03/23/2015 08:57:46 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.JetPropStore> nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (03/23/2015 08:57:46 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Služba Windows Search nenačetla informace o úložišti vlastností.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Databáze indexu obsahu je poškozená. (HRESULT : 0xc0041800) (0xc0041800)

Error: (03/23/2015 08:57:46 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Služba Windows Search byla zastavena, protože došlo k problému s indexovacím modulem The catalog is corrupt.

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (03/23/2015 08:57:46 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vyhledávací služby zjistila, že index {id=4700} obsahuje poškozené datové soubory. Služba se pokusí tyto potíže automaticky odstranit vytvořením nového indexu.

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (03/23/2015 08:57:46 PM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: Služba Windows Search neotevřela úložiště vlastností databázového stroje Jet.

Podrobnosti:
0x%08x (0xc0041800 - Databáze indexu obsahu je poškozená. (HRESULT : 0xc0041800))

Error: (03/23/2015 08:57:45 PM) (Source: ESENT) (EventID: 455) (User: )
Description: Windows (3252) Windows: Při otevírání souboru protokolu C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS000D5.log došlo k chybě -1811.


System errors:
=============
Error: (03/23/2015 10:29:48 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (03/23/2015 09:33:23 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (03/23/2015 09:32:46 PM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: 10.0.0.12192.168.137.0255.255.255.0

Error: (03/23/2015 09:05:33 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (03/23/2015 09:01:52 PM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: 10.0.0.12192.168.137.0255.255.255.0

Error: (03/23/2015 08:58:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba zařazování tisku neuspěla při spuštění v důsledku následující chyby:
%%1069

Error: (03/23/2015 08:58:13 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba Spooler se nemohla přihlásit jako NT AUTHORITY\SYSTEM s aktuálně konfigurovaným heslem z důvodu následující chyby:
%%50

Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (03/23/2015 08:57:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (03/23/2015 08:57:47 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Windows Search ukončena s chybou %%-1073473535, specifickou pro službu.

Error: (03/23/2015 08:57:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba zařazování tisku byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.


Microsoft Office Sessions:
=========================
Error: (06/23/2014 09:54:46 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 146 seconds with 120 seconds of active time. This session ended with a crash.

Error: (05/09/2014 07:29:14 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 1911 seconds with 360 seconds of active time. This session ended with a crash.

Error: (01/03/2012 00:41:33 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 28 seconds with 0 seconds of active time. This session ended with a crash.

Error: (05/10/2010 10:21:22 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 83602 seconds with 9000 seconds of active time. This session ended with a crash.


==================== Memory info ===========================

Processor: Intel(R) Pentium(R) Dual CPU T2330 @ 1.60GHz
Percentage of memory in use: 45%
Total physical RAM: 2038.4 MB
Available physical RAM: 1112.34 MB
Total Pagefile: 4076.8 MB
Available Pagefile: 3029.83 MB
Total Virtual: 2047.88 MB
Available Virtual: 1925.22 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:34.57 GB) (Free:7.15 GB) NTFS
Drive d: () (Fixed) (Total:112.92 GB) (Free:24.55 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: 208E64FB)
Partition 1: (Not Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=34.6 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=112.9 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Tady je log z adcleaneru:
# AdwCleaner v4.113 - Logfile created 23/03/2015 at 20:56:28
# Updated 22/03/2015 by Xplode
# Database : 2015-03-23.1 [Server]
# Operating system : Windows 7 Ultimate Service Pack 1 (x86)
# Username : Jarda - JARDA-PC
# Running from : C:\Users\Jarda\Desktop\adwcleaner_4.113.exe
# Option : Cleaning

***** [ Services ] *****

[#] Service Deleted : Util neurowise
[#] Service Deleted : Update neurowise

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\IHProtectUpDate
Folder Deleted : C:\Program Files\Application Updater
Folder Deleted : C:\Program Files\DAEMON Tools Toolbar
Folder Deleted : C:\Program Files\neurowise
Folder Deleted : C:\Users\Jarda\AppData\Local\genienext
Folder Deleted : C:\Users\Jarda\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Jarda\AppData\LocalLow\pdfforge
Folder Deleted : C:\Users\Jarda\AppData\LocalLow\Search Settings
Folder Deleted : C:\Users\Jarda\AppData\Roaming\newnext.me
Folder Deleted : C:\Users\Jarda\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Jarda\AppData\Roaming\RHEng
Folder Deleted : C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\ptwugzj4.default\Extensions\anttoolbar@ant.com
File Deleted : C:\Users\Jarda\daemonprocess.txt
File Deleted : C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\ptwugzj4.default\searchplugins\daemon-search.xml
File Deleted : C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\ptwugzj4.default\user.js

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Classes\pokki
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Search Settings
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B922D405-6D13-4A2B-AE89-08A030DA4402}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{600C2A2B-3E71-43A3-8E0B-D0A64DA53249}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AAB3EF56-AA1D-4D75-A267-66355AB548B6}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Key Deleted : HKCU\Software\dt soft\daemon tools toolbar
Key Deleted : HKCU\Software\Search Settings
Key Deleted : HKCU\Software\AppDataLow\Software\pdfforge
Key Deleted : HKLM\SOFTWARE\Application Updater
Key Deleted : HKLM\SOFTWARE\pdfforge
Key Deleted : HKLM\SOFTWARE\Search Settings
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\SupTab
Key Deleted : HKLM\SOFTWARE\webssearchesSoftware
Key Deleted : HKLM\SOFTWARE\IHProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17689


-\\ Mozilla Firefox v36.0.4 (x86 cs)

[ptwugzj4.default\prefs.js] - Line Deleted : user_pref("extensions.enabledItems", "pdfforge@mybrowserbar.com:1.1.2,searchsettings@spigot.com:1.2.3,{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}:6.0.18,{AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198,pi[...]

Re: potvury v ntb

Napsal: 24 bře 2015 00:36
od altrok
Zdravim :bye:


:arrow: I tady je cast haveti videt. Vlozte jeste obsah logu FRST.txt a dale

  • Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
  • ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
  • znovu spustte FRST a kliknete na Fix
  • obsah prave vytvoreneho fixlogu mi vlozte do pristi odpovedi

    Kód: Vybrat vše

    Start
CMD: dir "C:\PROGRA~1"
CMD: dir "C:\PROGRA~2"
CMD: dir "C:\PROGRA~3"
CMD: dir "%localappdata%"
CMD: dir "%appdata%"
End

Re: potvury v ntb

Napsal: 24 bře 2015 07:42
od olhor
Tady je log z FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by Jarda (administrator) on JARDA-PC on 23-03-2015 22:31:27
Running from C:\Users\Jarda\Desktop
Loaded Profiles: Jarda (Available profiles: Jarda)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynToshiba.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Pražská softwarová s.r.o.) C:\CPP\CppKalkulacky\CppCalcServer.exe
(Pražská softwarová s.r.o.) C:\Program Files\Kooperativa\KoopPxBN\KoopPDFServerSA.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_17_0_0_134.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_17_0_0_134.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1348904 2008-08-14] (Synaptics, Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5088456 2014-10-01] (ESET)
HKU\S-1-5-21-2850153352-4128204203-4000747475-1000\...\Run: [ShowBatteryBar] => C:\Program Files\BatteryBar\ShowBatteryBar.exe [90624 2009-05-28] ()
HKU\S-1-5-21-2850153352-4128204203-4000747475-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [26232152 2015-02-19] (Google)
HKU\S-1-5-21-2850153352-4128204203-4000747475-1000\...\MountPoints2: F - F:\LaunchU3.exe -a
HKU\S-1-5-21-2850153352-4128204203-4000747475-1000\...\MountPoints2: {6d62c7c6-1153-11df-a3de-001e3330a284} - G:\setup.exe
HKU\S-1-5-21-2850153352-4128204203-4000747475-1000\...\MountPoints2: {7bc2e3b0-15ac-11df-8427-001644a31964} - F:\Axesstel_Setup.exe
HKU\S-1-5-21-2850153352-4128204203-4000747475-1000\...\MountPoints2: {d131fa9e-1f22-11e0-a9fc-001e3330a284} - F:\LaunchU3.exe -a
HKU\S-1-5-21-2850153352-4128204203-4000747475-1000\...\MountPoints2: {df2562aa-96a6-11e1-8cca-806e6f6e6963} - G:\HPLauncher.exe
Startup: C:\Users\Jarda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CPP - CalcServer.lnk
ShortcutTarget: CPP - CalcServer.lnk -> C:\CPP\CppKalkulacky\CppCalcServer.exe (Pražská softwarová s.r.o.)
Startup: C:\Users\Jarda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Kooperativa - PDF Server.lnk
ShortcutTarget: Kooperativa - PDF Server.lnk -> C:\Program Files\Kooperativa\KoopPxBN\KoopPDFServerSA.exe (Pražská softwarová s.r.o.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2850153352-4128204203-4000747475-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
HKU\S-1-5-21-2850153352-4128204203-4000747475-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
HKU\S-1-5-21-2850153352-4128204203-4000747475-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
SearchScopes: HKLM -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\ptwugzj4.default
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-23] ()
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\ptwugzj4.default\Extensions\adblockpopups@jessehakanen.net.xpi [2015-03-23]
FF Extension: Adblock Plus - C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\ptwugzj4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-03-23]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2015-03-23]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Profile: C:\Users\Jarda\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-16]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-02-16]
CHR Extension: (Google Wallet) - C:\Users\Jarda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-08]
CHR HKU\S-1-5-21-2850153352-4128204203-4000747475-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Jarda\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2015-02-16]
CHR HKU\S-1-5-21-2850153352-4128204203-4000747475-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.google.com/service/update2/crx

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1349576 2014-10-01] (ESET)
S4 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2010-11-09] (Macrovision Europe Ltd.) [File not signed]
S4 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S4 KoopPdfService; C:\Program Files\Kooperativa\Services\KoopPDFServer.exe [2454016 2013-10-31] () [File not signed]
S3 PrintNotify; C:\Windows\system32\spool\DRIVERS\W32X86\3\PrintConfig.dll [2407936 2013-08-21] (Microsoft Corporation) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Axtmvflt; C:\Windows\System32\DRIVERS\Axtmvflt.sys [3456 2007-03-22] (Axesstel)
S3 Axtmvmdm; C:\Windows\System32\DRIVERS\Axtmvmdm.sys [40064 2007-03-26] (Axesstel)
S3 Axtmvprt; C:\Windows\System32\Drivers\Axtmvprt.sys [38784 2007-03-26] (Axesstel)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [191928 2014-10-10] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [135296 2014-10-10] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [176448 2014-10-10] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [37928 2014-10-10] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [51288 2014-10-10] (ESET)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-09-23] (LogMeIn, Inc.)
R3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [379904 2010-03-31] (Realtek Semiconductor Corporation )
S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [89256 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [15016 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [120744 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [114216 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [25512 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [110632 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [115752 2008-05-16] (MCCI Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [324096 2013-12-08] (Duplex Secure Ltd.)
R1 TsLwWfF; C:\Windows\System32\DRIVERS\TsLwWfF.sys [22632 2009-11-12] (TamoSoft)
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}; C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl [87536 2010-04-02] (CyberLink Corp.)
S3 GGSAFERDriver; \??\C:\Program Files\Garena Classic\safedrv.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-23 22:31 - 2015-03-23 22:32 - 00012081 _____ () C:\Users\Jarda\Desktop\FRST.txt
2015-03-23 22:29 - 2015-03-23 22:31 - 00000000 ____D () C:\FRST
2015-03-23 21:38 - 2015-03-23 21:38 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-23 21:02 - 2015-03-23 21:02 - 00005857 _____ () C:\Users\Jarda\Desktop\AdwCleaner[S0].txt
2015-03-23 21:00 - 2015-03-23 21:32 - 00000112 _____ () C:\Windows\setupact.log
2015-03-23 21:00 - 2015-03-23 21:00 - 00000572 _____ () C:\Windows\PFRO.log
2015-03-23 21:00 - 2015-03-23 21:00 - 00000000 _____ () C:\Windows\setuperr.log
2015-03-23 19:04 - 2015-03-23 19:05 - 01135104 _____ (Farbar) C:\Users\Jarda\Desktop\FRST.exe
2015-03-23 19:02 - 2015-03-23 19:03 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Jarda\Desktop\mbam-setup-2.1.4.1018.exe
2015-03-23 18:29 - 2015-03-23 18:32 - 133192904 _____ (Kaspersky Lab ZAO) C:\Users\Jarda\Desktop\KVRT.exe
2015-03-23 13:45 - 2015-03-23 13:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-03-23 13:45 - 2015-03-23 13:45 - 00000000 ____D () C:\Program Files\CCleaner
2015-03-23 13:42 - 2015-03-23 13:44 - 05325696 _____ (Piriform Ltd) C:\Users\Jarda\Desktop\ccsetup503.exe
2015-03-23 13:41 - 2015-03-23 13:43 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-03-23 13:32 - 2015-03-23 13:32 - 00000000 ____D () C:\Users\Jarda\AppData\Roaming\ESET
2015-03-23 13:27 - 2015-03-23 13:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2015-03-23 12:18 - 2015-03-23 12:21 - 71135232 _____ () C:\Users\Jarda\Desktop\ess_nt32_csy.msi
2015-03-15 21:30 - 2015-03-23 11:38 - 00000000 ____D () C:\Users\Jarda\Desktop\Analíza
2015-03-15 20:18 - 2015-03-15 20:18 - 00375477 _____ () C:\Users\Jarda\Desktop\Finanční plánování.xlsx
2015-03-15 18:31 - 2015-03-15 18:31 - 00000395 _____ () C:\Users\Jarda\Desktop\Finanční plánování.xlsx.URL
2015-03-15 18:29 - 2015-03-15 18:29 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2015-03-15 18:29 - 2015-03-15 18:29 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2015-03-13 13:28 - 2015-02-24 03:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-13 13:28 - 2015-02-21 01:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-13 13:28 - 2015-02-21 01:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-13 13:28 - 2015-02-21 01:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-13 13:28 - 2015-02-20 03:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-13 13:28 - 2015-02-20 03:22 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-13 13:28 - 2015-02-20 03:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-13 13:28 - 2015-02-20 03:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-13 13:28 - 2015-02-20 03:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-13 13:28 - 2015-02-20 03:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-13 13:28 - 2015-02-20 02:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-13 13:28 - 2015-02-20 02:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-13 13:28 - 2015-02-20 02:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-13 13:28 - 2015-02-20 02:56 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-13 13:28 - 2015-02-20 02:50 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-13 13:28 - 2015-02-20 02:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-13 13:28 - 2015-02-20 02:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-13 13:28 - 2015-02-20 02:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-13 13:28 - 2015-02-20 02:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-13 13:28 - 2015-02-20 02:24 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-13 13:28 - 2015-02-20 02:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-13 13:28 - 2015-02-20 01:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-13 13:28 - 2015-02-20 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-13 13:27 - 2015-02-21 01:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-13 13:27 - 2015-02-21 00:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-13 13:27 - 2015-02-20 03:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-13 13:27 - 2015-02-20 03:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-13 13:27 - 2015-02-20 03:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-13 13:27 - 2015-02-20 02:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-13 13:27 - 2015-02-20 02:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-13 13:27 - 2015-02-03 04:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-13 13:27 - 2015-01-31 04:32 - 00919552 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-13 13:27 - 2015-01-31 03:52 - 00134656 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-13 13:27 - 2015-01-31 03:51 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-03-13 13:27 - 2015-01-17 03:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-13 13:26 - 2015-02-26 04:11 - 02381312 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-13 13:26 - 2015-02-13 06:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-13 13:23 - 2015-02-03 04:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-13 13:22 - 2015-03-06 06:15 - 00137656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-13 13:22 - 2015-03-06 06:15 - 00067512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-13 13:22 - 2015-03-06 06:10 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-13 13:22 - 2015-03-06 06:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-13 13:22 - 2015-03-06 06:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-13 13:22 - 2015-03-06 06:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-13 13:22 - 2015-03-06 06:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-13 13:22 - 2015-03-06 06:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-13 13:22 - 2015-03-06 06:10 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-13 13:22 - 2015-03-06 06:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-13 13:22 - 2015-03-06 06:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-13 13:22 - 2015-03-06 06:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-13 13:22 - 2015-03-06 06:10 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-13 13:22 - 2015-03-06 06:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-13 13:22 - 2015-03-06 06:09 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-13 13:22 - 2015-03-06 06:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-13 13:22 - 2015-03-06 06:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-13 13:22 - 2015-03-06 06:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-13 13:21 - 2015-02-20 05:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-13 13:21 - 2015-02-20 05:13 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-13 13:21 - 2015-02-20 05:13 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-13 13:21 - 2015-02-20 05:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-13 13:21 - 2015-02-20 04:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-13 13:21 - 2015-02-04 03:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-13 13:20 - 2015-02-03 04:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-03-13 13:20 - 2015-02-03 04:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-13 13:20 - 2015-02-03 04:16 - 00078784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-13 13:20 - 2015-02-03 04:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-13 13:20 - 2015-02-03 04:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-13 13:20 - 2015-02-03 04:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-13 13:20 - 2015-02-03 04:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-13 13:20 - 2015-02-03 04:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-13 13:20 - 2015-02-03 04:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-13 13:20 - 2015-02-03 04:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-13 13:20 - 2015-02-03 04:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-13 13:20 - 2015-02-03 04:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-13 13:20 - 2015-02-03 04:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-13 13:20 - 2015-02-03 04:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-13 13:20 - 2015-02-03 04:12 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-13 13:20 - 2015-02-03 04:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-13 13:20 - 2015-02-03 04:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-13 13:20 - 2015-02-03 04:12 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-13 13:20 - 2015-02-03 04:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-13 13:20 - 2015-02-03 04:11 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-13 13:20 - 2015-02-03 04:00 - 00593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-13 13:20 - 2015-01-31 00:56 - 00370488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-13 13:20 - 2014-10-31 23:22 - 00521384 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-13 13:20 - 2014-06-28 01:21 - 00455752 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-03-13 13:20 - 2014-06-28 01:21 - 00409272 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-03-13 13:19 - 2015-02-03 04:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-13 13:19 - 2015-02-03 04:12 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-13 13:19 - 2015-02-03 04:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-13 13:19 - 2015-02-03 04:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-13 13:19 - 2015-02-03 04:12 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-13 13:19 - 2015-02-03 04:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-13 13:19 - 2015-02-03 04:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-13 13:19 - 2015-02-03 04:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-13 13:19 - 2015-02-03 04:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-13 13:19 - 2015-02-03 04:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-13 13:19 - 2015-02-03 04:12 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-13 13:19 - 2015-02-03 04:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-13 13:19 - 2015-02-03 04:12 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-13 13:19 - 2015-02-03 04:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-13 13:19 - 2015-02-03 04:12 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-13 13:19 - 2015-02-03 04:12 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-13 13:19 - 2015-02-03 04:12 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-13 13:19 - 2015-02-03 04:12 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-13 13:19 - 2015-02-03 04:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-13 13:19 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-13 13:19 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-13 13:19 - 2015-02-03 04:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-13 13:19 - 2015-02-03 04:11 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-13 13:19 - 2015-02-03 04:11 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-13 13:19 - 2015-02-03 04:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-13 13:19 - 2015-02-03 04:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-13 13:19 - 2015-02-03 04:11 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-13 13:19 - 2015-02-03 04:11 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-13 13:19 - 2015-02-03 04:11 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-13 13:19 - 2015-02-03 04:10 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-13 13:19 - 2015-02-03 04:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-13 13:19 - 2015-02-03 04:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-13 13:19 - 2015-02-03 03:26 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-13 12:17 - 2015-03-13 12:17 - 00000165 ____H () C:\Users\Jarda\Desktop\~$Finanční plánování.xlsx
2015-03-06 00:02 - 2015-03-23 12:08 - 00001912 _____ () C:\Windows\epplauncher.mif
2015-03-05 23:42 - 2015-03-05 23:50 - 11557168 _____ (Microsoft Corporation) C:\Users\Jarda\Downloads\MSEInstall.exe
2015-03-02 09:02 - 2015-03-23 21:00 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-03-02 08:57 - 2015-03-02 09:01 - 24901448 _____ (Mozilla) C:\Users\Jarda\Downloads\seznam-firefox-win32-cs-26.0.0.exe
2015-02-28 03:02 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-26 10:13 - 2015-02-26 10:13 - 00000000 ____D () C:\Program Files\HP
2015-02-24 15:07 - 2015-02-24 15:09 - 00023552 _____ () C:\Users\Jarda\Desktop\vyrovnání+-+mamka+x+já.xls

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-23 22:10 - 2012-12-14 15:17 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-23 22:03 - 2013-12-08 18:26 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-23 22:03 - 2013-12-08 18:26 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-23 21:46 - 2010-02-04 06:37 - 01688578 _____ () C:\Windows\WindowsUpdate.log
2015-03-23 21:46 - 2009-07-14 05:34 - 00020704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-23 21:46 - 2009-07-14 05:34 - 00020704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-23 21:32 - 2010-09-20 08:56 - 00000432 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2015-03-23 21:32 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-23 21:02 - 2015-02-16 20:53 - 00000000 ___RD () C:\Users\Jarda\Disk Google
2015-03-23 20:57 - 2010-02-04 06:41 - 00000000 ____D () C:\Users\Jarda
2015-03-23 14:00 - 2010-02-04 07:04 - 00000000 ____D () C:\Users\Jarda\AppData\Roaming\DAEMON Tools Lite
2015-03-23 13:59 - 2011-07-07 21:40 - 00000000 ____D () C:\Users\Jarda\AppData\Roaming\Azureus
2015-03-23 13:59 - 2010-10-15 11:27 - 00000000 ____D () C:\Users\Jarda\AppData\Roaming\Media Player Classic
2015-03-23 13:59 - 2010-02-05 08:38 - 00000000 ____D () C:\Program Files\PDFCreator
2015-03-23 13:54 - 2010-03-28 23:45 - 00000000 ____D () C:\Windows\Minidump
2015-03-23 13:32 - 2010-02-05 21:18 - 00000000 ____D () C:\Users\Jarda\AppData\Local\ESET
2015-03-23 13:27 - 2010-02-04 07:38 - 00000000 ____D () C:\ProgramData\ESET
2015-03-23 13:27 - 2010-02-04 07:38 - 00000000 ____D () C:\Program Files\ESET
2015-03-23 13:13 - 2012-12-14 15:17 - 00778928 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-03-23 13:13 - 2011-09-03 10:52 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-03-23 13:12 - 2010-02-04 18:08 - 00000000 ____D () C:\Users\Jarda\AppData\Local\Adobe
2015-03-19 22:14 - 2009-07-14 05:46 - 00001515 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-03-17 17:48 - 2013-04-15 10:20 - 00000000 ____D () C:\Users\Jarda\AppData\Local\Deployment
2015-03-17 16:43 - 2009-07-14 05:33 - 00432256 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-16 01:54 - 2012-12-17 08:37 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-16 01:49 - 2013-10-04 02:01 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-16 01:35 - 2010-02-04 07:44 - 119837696 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-15 18:30 - 2015-02-16 20:47 - 00001948 _____ () C:\Users\Public\Desktop\Google Docs.lnk
2015-03-15 18:30 - 2015-02-16 20:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-03-13 12:23 - 2010-02-04 06:50 - 00006248 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-06 05:03 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\registration
2015-03-03 20:32 - 2011-01-22 02:56 - 00000000 ____D () C:\Users\Jarda\AppData\Roaming\vlc
2015-03-02 09:02 - 2011-03-23 19:41 - 00001081 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-02-26 20:36 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\wfp
2015-02-26 18:56 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2015-02-24 04:23 - 2010-02-04 07:02 - 00246920 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2011-08-21 19:20 - 2012-01-10 13:13 - 0051270 _____ () C:\Users\Jarda\AppData\Roaming\room_v3.dat
2011-06-09 16:50 - 2011-06-09 16:50 - 0003584 _____ () C:\Users\Jarda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-04-28 17:01 - 2010-04-28 17:01 - 0004096 ____H () C:\Users\Jarda\AppData\Local\keyfile3.drm
2013-12-05 13:06 - 2015-01-28 20:11 - 0000444 _____ () C:\Users\Jarda\AppData\Local\Model6.env
2013-10-02 20:39 - 2013-12-02 22:59 - 0000279 _____ () C:\Users\Jarda\AppData\Local\Model7.env
2013-10-02 20:37 - 2013-10-20 22:13 - 0000080 _____ () C:\Users\Jarda\AppData\Local\Model_he.ini
2010-02-04 08:48 - 2010-06-21 16:01 - 0007605 _____ () C:\Users\Jarda\AppData\Local\resmon.resmoncfg
2011-11-20 15:06 - 2011-11-20 15:06 - 0000872 _____ () C:\Users\Jarda\AppData\Local\SRDownloader.nast
2013-10-02 20:36 - 2013-10-02 20:36 - 0000855 _____ () C:\Users\Jarda\AppData\Local\User_he.cds
2014-12-10 20:06 - 2014-12-10 20:06 - 0000000 _____ () C:\Users\Jarda\AppData\Local\{9E0A09B4-23DA-4756-B2B0-12EF6913C525}

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-21 15:09

==================== End Of Log ============================


tady je fixlog:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 11-03-2015
Ran by Jarda at 2015-03-24 07:30:17 Run:1
Running from C:\Users\Jarda\Desktop
Loaded Profiles: Jarda (Available profiles: Jarda)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
CMD: dir "C:\PROGRA~1"
CMD: dir "C:\PROGRA~2"
CMD: dir "C:\PROGRA~3"
CMD: dir "%localappdata%"
CMD: dir "%appdata%"
End
*****************


========= dir "C:\PROGRA~1" =========

Svazek v jednotce C nem� ��dnou jmenovku.
S�riov� ��slo svazku je 1C50-CFEE.

V�pis adres��e C:\PROGRA~1

23.03.2015 22:18 <DIR> .
23.03.2015 22:18 <DIR> ..
09.10.2013 13:46 <DIR> Adobe
06.02.2011 16:14 <DIR> AviSynth 2.5
04.02.2013 16:59 <DIR> BatteryBar
23.03.2015 13:45 <DIR> CCleaner
28.01.2015 20:49 <DIR> Common Files
19.05.2010 00:18 <DIR> CyberLink
21.11.2010 20:25 <DIR> DivX
14.08.2011 09:04 <DIR> DVD Maker
23.03.2015 13:27 <DIR> ESET
28.01.2015 19:46 <DIR> Flexense
16.02.2015 20:47 <DIR> Google
26.02.2015 10:13 <DIR> HP
17.03.2015 16:40 <DIR> Internet Explorer
09.10.2013 13:32 <DIR> Java
02.12.2013 22:57 <DIR> JLabs
15.04.2013 11:34 <DIR> Kooperativa
09.05.2014 21:30 <DIR> Microsoft
14.07.2009 08:50 <DIR> Microsoft Games
13.08.2011 15:49 <DIR> Microsoft Office
13.08.2014 07:56 <DIR> Microsoft Silverlight
03.03.2014 19:50 <DIR> Microsoft SQL Server Compact Edition
03.03.2014 19:50 <DIR> Microsoft Synchronization Services
04.02.2010 08:19 <DIR> Microsoft Visual Studio
01.05.2011 02:05 <DIR> Microsoft Works
18.10.2010 11:23 <DIR> Microsoft.NET
28.01.2015 19:33 <DIR> ModelH
15.04.2013 11:11 <DIR> ModelPrint
23.03.2015 13:43 <DIR> Mozilla Firefox
23.03.2015 21:00 <DIR> Mozilla Maintenance Service
16.03.2011 20:02 <DIR> Mplayer
14.07.2009 05:52 <DIR> MSBuild
16.04.2010 02:00 <DIR> MSXML 4.0
12.06.2012 19:11 <DIR> Pando Networks
23.03.2015 13:59 <DIR> PDFCreator
14.07.2009 05:52 <DIR> Reference Assemblies
28.01.2015 20:05 <DIR> RegCleaner
15.05.2011 22:52 <DIR> SolidDocuments
28.01.2015 20:49 <DIR> STORMWARE
18.10.2010 11:30 <DIR> Synaptics
06.12.2012 10:29 <DIR> TeamViewer
27.01.2015 12:36 <DIR> The KMPlayer
15.02.2010 13:04 <DIR> VideoLAN
09.06.2011 16:56 <DIR> WIBU-SYSTEMS
03.10.2013 02:29 <DIR> Windows Defender
10.07.2014 02:24 <DIR> Windows Journal
14.08.2011 09:04 <DIR> Windows Mail
17.03.2015 16:40 <DIR> Windows Media Player
04.02.2010 06:41 <DIR> Windows NT
14.08.2011 09:04 <DIR> Windows Photo Viewer
14.08.2011 09:04 <DIR> Windows Portable Devices
14.08.2011 09:04 <DIR> Windows Sidebar
04.02.2010 07:41 <DIR> WinRAR
Soubor�: 0, Bajt�: 0
Adres���: 54, Voln�ch bajt�: 7�478�583�296

========= End of CMD: =========


========= dir "C:\PROGRA~2" =========

Svazek v jednotce C nem� ��dnou jmenovku.
S�riov� ��slo svazku je 1C50-CFEE.

V�pis adres��e C:\PROGRA~2

23.03.2015 21:38 <DIR> .
23.03.2015 21:38 <DIR> ..
09.10.2013 13:46 <DIR> Adobe
04.12.2012 16:12 <DIR> Apple
27.01.2015 12:47 <DIR> AVG
19.05.2010 12:00 <DIR> CyberLink
05.12.2012 14:47 <DIR> DAEMON Tools Lite
23.03.2015 13:27 <DIR> ESET
25.06.2014 22:27 <DIR> firebird
23.03.2015 21:38 <DIR> Malwarebytes
04.02.2013 10:46 <DIR> McAfee
05.03.2015 23:55 <DIR> Microsoft
16.03.2015 01:54 <DIR> Microsoft Help
06.12.2012 10:10 <DIR> Mozilla
09.10.2013 13:33 <DIR> Oracle
02.02.2014 12:15 <DIR> PDF Writer
28.01.2015 20:48 <DIR> STORMWARE
04.02.2013 10:47 <DIR> Sun
Soubor�: 0, Bajt�: 0
Adres���: 18, Voln�ch bajt�: 7�478�579�200

========= End of CMD: =========


========= dir "C:\PROGRA~3" =========

Svazek v jednotce C nem� ��dnou jmenovku.
S�riov� ��slo svazku je 1C50-CFEE.

V�pis adres��e C:\PROGRA~3

17.01.2011 23:47 <DIR> .
17.01.2011 23:47 <DIR> ..
17.01.2011 23:47 <DIR> FlashFXP 4
Soubor�: 0, Bajt�: 0
Adres���: 3, Voln�ch bajt�: 7�478�579�200

========= End of CMD: =========


========= dir "%localappdata%" =========

Svazek v jednotce C nem� ��dnou jmenovku.
S�riov� ��slo svazku je 1C50-CFEE.

V�pis adres��e C:\Users\Jarda\AppData\Local

23.03.2015 20:57 <DIR> .
23.03.2015 20:57 <DIR> ..
23.03.2015 13:12 <DIR> Adobe
26.02.2010 02:08 <DIR> AliensVsPredator
04.02.2010 07:10 <DIR> Apple
04.02.2010 23:41 <DIR> Apple Computer
15.04.2013 10:20 <DIR> Apps
06.12.2012 09:52 <DIR> Autodesk
27.01.2015 12:40 <DIR> Avg
02.02.2014 11:53 <DIR> cache
14.06.2010 21:04 <DIR> Cooliris
19.05.2010 18:40 <DIR> Cyberlink
09.06.2011 16:50 3�584 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
17.03.2015 17:48 <DIR> Deployment
15.02.2014 16:45 <DIR> Downloaded Installations
03.02.2015 12:00 <DIR> ElevatedDiagnostics
23.03.2015 13:32 <DIR> ESET
18.10.2010 10:38 <DIR> Flexense
27.01.2015 13:01 115�592 GDIPFONTCACHEV1.DAT
18.02.2010 20:26 <DIR> GHISLER
16.02.2015 20:47 <DIR> Google
09.06.2011 17:01 <DIR> Graphisoft
05.02.2010 08:58 <DIR> GS-LW-Temp
14.12.2012 15:17 <DIR> Macromedia
30.11.2013 19:59 <DIR> Microsoft
19.03.2010 18:33 <DIR> Microsoft Games
28.01.2015 16:46 <DIR> Microsoft Help
28.01.2015 20:11 444 Model6.env
02.12.2013 22:59 279 Model7.env
20.10.2013 22:13 80 Model_he.ini
04.10.2013 12:03 <DIR> Mozilla
05.10.2010 00:20 <DIR> My Games
09.05.2010 00:21 <DIR> OnlineVegasCasino
11.02.2013 17:40 <DIR> PDF Writer
15.04.2013 13:46 <DIR> Programs
01.11.2010 22:57 <DIR> PunkBuster
21.06.2010 16:01 7�605 resmon.resmoncfg
05.10.2010 11:39 <DIR> SKIDROW
15.02.2010 18:58 <DIR> Sony Ericsson
20.11.2011 15:06 872 SRDownloader.nast
24.03.2015 07:25 <DIR> Temp
02.10.2013 20:36 855 User_he.cds
28.01.2015 12:59 <DIR> VirtualStore
08.05.2010 15:18 <DIR> VTShared
10.12.2014 20:06 0 {9E0A09B4-23DA-4756-B2B0-12EF6913C525}
01.07.2014 17:04 <DIR> �SOB_Poji�ovna,_a.s
Soubor�: 9, Bajt�: 129�311
Adres���: 37, Voln�ch bajt�: 7�478�579�200

========= End of CMD: =========


========= dir "%appdata%" =========

Svazek v jednotce C nem� ��dnou jmenovku.
S�riov� ��slo svazku je 1C50-CFEE.

V�pis adres��e C:\Users\Jarda\AppData\Roaming

23.03.2015 20:57 <DIR> .
23.03.2015 20:57 <DIR> ..
15.04.2013 13:43 <DIR> Adobe
05.12.2012 14:47 <DIR> Apple Computer
18.11.2010 16:52 <DIR> Autodesk
27.01.2015 12:41 <DIR> AVG
23.03.2015 13:59 <DIR> Azureus
03.12.2012 16:47 <DIR> BatteryBar
13.04.2010 14:52 <DIR> CADS
02.06.2010 13:51 <DIR> com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
19.05.2010 12:00 <DIR> CyberLink
23.03.2015 14:00 <DIR> DAEMON Tools Lite
21.11.2010 19:26 <DIR> DivX
21.01.2011 00:20 <DIR> dvdcss
23.03.2015 13:32 <DIR> ESET
17.01.2011 23:47 <DIR> FlashFXP
14.12.2011 02:18 <DIR> GetRightToGo
18.02.2010 20:22 <DIR> GHISLER
09.06.2011 17:01 <DIR> Graphisoft
15.04.2013 11:02 <DIR> HypoKalk
04.02.2010 06:41 <DIR> Identities
23.04.2014 22:03 <DIR> KA10
04.02.2010 06:53 <DIR> Macromedia
07.02.2010 00:47 <DIR> Mathematica
06.02.2010 22:52 <DIR> MathWorks
14.07.2009 08:48 <DIR> Media Center Programs
23.03.2015 13:59 <DIR> Media Player Classic
04.02.2010 07:02 <DIR> Mozilla
11.02.2013 17:39 <DIR> PDF Writer
26.04.2011 22:08 <DIR> Realtime Soft
18.02.2010 20:26 <DIR> Red Alert 3
10.01.2012 13:13 51�270 room_v3.dat
25.05.2011 11:22 <DIR> Sachy
09.05.2014 22:07 <DIR> Simulace_2009
27.01.2015 12:55 <DIR> Skype
08.09.2012 16:33 <DIR> skypePM
02.06.2010 13:41 <DIR> Softland
15.05.2011 23:15 <DIR> SolidDocuments
27.04.2011 11:49 <DIR> TeamViewer
03.03.2015 20:32 <DIR> vlc
08.05.2010 15:18 <DIR> VTExtra
05.02.2010 16:32 <DIR> WinRAR
Soubor�: 1, Bajt�: 51�270
Adres���: 41, Voln�ch bajt�: 7�478�575�104

========= End of CMD: =========


==== End of Fixlog 07:30:19 ====

Re: potvury v ntb

Napsal: 24 bře 2015 07:49
od olhor
Omlouvam se za prehlednuti puvodne jsem zkopiroval jen Addition misto logu z FRSTu. Take tam jeste neco vidim, ale pockam na odbornou pomoc, muzem odstranit i ty neuplne odinstalace?

Re: potvury v ntb

Napsal: 24 bře 2015 12:00
od altrok
:arrow: Je tento OS legalni? Opravdu neni bezne, ze by si bezny domaci uzivatel kupoval nejvyssi licenci, ktera zacina na 5.000 Kc s funkcemi, ktere nevyuzije, misto obycejne licence Home Premium, ktera stoji polovic :shock:

Re: potvury v ntb

Napsal: 24 bře 2015 15:02
od olhor
Neni to muj ntb, tak ze nevim, ale na nic jako crack jsem nenarazil, ani majitelka nic nerikala a dole je OEM stitek. Pry ji to spravoval syn, ale u min. PC ji taky nainstalil do firemniho, co tam byt nemelo a pri tom mela zaplacene legalni licence. To jsem resil minule, bude to tu v historii. Pry to pouzivaji doma i na intenetove bankovnictvi. Tak ze pokud tam neco je, tak pryc s tim, nema to tam co delat.

Re: potvury v ntb

Napsal: 24 bře 2015 15:36
od altrok
:arrow: V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

:arrow: Vypnete trvale Windows Defender - http://windows.microsoft.com/cs-cz/wind ... =windows-7

:arrow: Odinstalujte starou a zranitelnou verzi javy Java 7 Update 76. Pokud javu potrebujete, pak nainstalujte novou z java.com - pozor na adware pri jeji instalaci http://forum.viry.cz/viewtopic.php?p=1374438#p1374438 . Z hlediska bezpecnosti (exploity) je lepsi ji nemit.

:arrow: V PC jsou jeste zbytky po AVG - pouzijte oficialni odinstalator pro jejich docisteni http://www.avg.com/cz-cs/utilities



  • Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
  • ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
  • znovu spustte FRST a kliknete na Fix
  • po restartu bude na plose ulozen fixlog, jehoz obsah mi vlozte do pristi odpovedi

    Kód: Vybrat vše

    Start
CloseProcesses:
Task: {0149987B-2C2D-4941-848C-E999C7496C02} - System32\Tasks\{D5A08C13-DAF9-4305-A17F-1CC81566FEFC} => pcalua.exe -a G:\setup.exe -d G:\
Task: {03ED2C1B-E46E-4DE5-B1BD-61F97D352BA6} - System32\Tasks\{B69A4323-FD1D-4B76-8412-759752B923CC} => pcalua.exe -a G:\Installer.exe -d G:\
Task: {0745BB18-569D-43FD-8243-6C9380AB0252} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: {18E4DCD7-61BC-4A86-927F-49F4C534D943} - System32\Tasks\{7C9A15EB-DDFE-4842-907B-E0811B66206D} => pcalua.exe -a D:\hry\steam\steam.exe -c steam://uninstall/34200
Task: {22C585C2-C4B2-42A3-B819-388C5CF0808E} - System32\Tasks\{1DD1D994-D800-4B08-9F53-A3C14D8C4136} => pcalua.exe -a C:\Users\Jarda\AppData\Roaming\webssearches\UninstallManager.exe -c -ptid=kmp <==== ATTENTION
C:\Users\Jarda\AppData\Roaming\webssearches
Task: {2382DBB0-DF9F-434F-98EB-BC05AAE6E1FF} - System32\Tasks\{C068C1CF-590E-4CFF-99B8-4FE2237B7895} => pcalua.exe -a "D:\hry\Warcraft III\w3_battle124bfix2\w3_battle124bfix2.exe" -d "D:\hry\Warcraft III\w3_battle124bfix2"
Task: {76DAE199-868B-41E2-ADE2-6BA4B788045E} - System32\Tasks\{FAEE0FF3-DD9B-42C2-B79B-6235F2329D60} => pcalua.exe -a G:\setup.exe -d G:\
Task: {771A4A4A-F53F-40C6-85A6-F622A8A19626} - System32\Tasks\{1C2E7BC4-24F7-4777-A1C6-4162AA6BE30A} => pcalua.exe -a F:\AUTORUN.EXE -d F:\
Task: {888BF0F9-B878-4D91-BB5B-839060BAFE52} - System32\Tasks\{8E20E725-3F61-4868-AD80-C85558789323} => pcalua.exe -a G:\setup.exe -d G:\
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\Windows\System32:{4B9A1497-0817-47C4-9612-D6A1C53ACF57}

HKU\S-1-5-21-2850153352-4128204203-4000747475-1000\...\MountPoints2: F - F:\LaunchU3.exe -a
HKU\S-1-5-21-2850153352-4128204203-4000747475-1000\...\MountPoints2: {6d62c7c6-1153-11df-a3de-001e3330a284} - G:\setup.exe
HKU\S-1-5-21-2850153352-4128204203-4000747475-1000\...\MountPoints2: {7bc2e3b0-15ac-11df-8427-001644a31964} - F:\Axesstel_Setup.exe
HKU\S-1-5-21-2850153352-4128204203-4000747475-1000\...\MountPoints2: {d131fa9e-1f22-11e0-a9fc-001e3330a284} - F:\LaunchU3.exe -a
HKU\S-1-5-21-2850153352-4128204203-4000747475-1000\...\MountPoints2: {df2562aa-96a6-11e1-8cca-806e6f6e6963} - G:\HPLauncher.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2850153352-4128204203-4000747475-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}

S3 GGSAFERDriver; \??\C:\Program Files\Garena Classic\safedrv.sys [X]

2015-03-23 21:02 - 2015-03-23 21:02 - 00005857 _____ () C:\Users\Jarda\Desktop\AdwCleaner[S0].txt
2015-03-23 21:00 - 2015-03-23 21:32 - 00000112 _____ () C:\Windows\setupact.log
2015-03-23 21:00 - 2015-03-23 21:00 - 00000572 _____ () C:\Windows\PFRO.log
2015-03-23 21:00 - 2015-03-23 21:00 - 00000000 _____ () C:\Windows\setuperr.log
2015-03-23 19:02 - 2015-03-23 19:03 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Jarda\Desktop\mbam-setup-2.1.4.1018.exe
2015-03-23 13:42 - 2015-03-23 13:44 - 05325696 _____ (Piriform Ltd) C:\Users\Jarda\Desktop\ccsetup503.exe

C:\Users\Jarda\AppData\Roaming\GetRightToGo
CMD: dir "C:\PROGRA~1"
CMD: dir "C:\PROGRA~2"
CMD: dir "C:\PROGRA~3"
CMD: dir "%localappdata%"
CMD: dir "%appdata%"
Hosts:
EmptyTemp:
End

Re: potvury v ntb

Napsal: 24 bře 2015 16:27
od olhor
Vse provedeno dle prispevku vyse.

Zde je fixlog:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 11-03-2015
Ran by Jarda at 2015-03-24 16:15:20 Run:2
Running from C:\Users\Jarda\Desktop
Loaded Profiles: Jarda (Available profiles: Jarda)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
Task: {0149987B-2C2D-4941-848C-E999C7496C02} - System32\Tasks\{D5A08C13-DAF9-4305-A17F-1CC81566FEFC} => pcalua.exe -a G:\setup.exe -d G:\
Task: {03ED2C1B-E46E-4DE5-B1BD-61F97D352BA6} - System32\Tasks\{B69A4323-FD1D-4B76-8412-759752B923CC} => pcalua.exe -a G:\Installer.exe -d G:\
Task: {0745BB18-569D-43FD-8243-6C9380AB0252} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: {18E4DCD7-61BC-4A86-927F-49F4C534D943} - System32\Tasks\{7C9A15EB-DDFE-4842-907B-E0811B66206D} => pcalua.exe -a D:\hry\steam\steam.exe -c steam://uninstall/34200
Task: {22C585C2-C4B2-42A3-B819-388C5CF0808E} - System32\Tasks\{1DD1D994-D800-4B08-9F53-A3C14D8C4136} => pcalua.exe -a C:\Users\Jarda\AppData\Roaming\webssearches\UninstallManager.exe -c -ptid=kmp <==== ATTENTION
C:\Users\Jarda\AppData\Roaming\webssearches
Task: {2382DBB0-DF9F-434F-98EB-BC05AAE6E1FF} - System32\Tasks\{C068C1CF-590E-4CFF-99B8-4FE2237B7895} => pcalua.exe -a "D:\hry\Warcraft III\w3_battle124bfix2\w3_battle124bfix2.exe" -d "D:\hry\Warcraft III\w3_battle124bfix2"
Task: {76DAE199-868B-41E2-ADE2-6BA4B788045E} - System32\Tasks\{FAEE0FF3-DD9B-42C2-B79B-6235F2329D60} => pcalua.exe -a G:\setup.exe -d G:\
Task: {771A4A4A-F53F-40C6-85A6-F622A8A19626} - System32\Tasks\{1C2E7BC4-24F7-4777-A1C6-4162AA6BE30A} => pcalua.exe -a F:\AUTORUN.EXE -d F:\
Task: {888BF0F9-B878-4D91-BB5B-839060BAFE52} - System32\Tasks\{8E20E725-3F61-4868-AD80-C85558789323} => pcalua.exe -a G:\setup.exe -d G:\
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\Windows\System32:{4B9A1497-0817-47C4-9612-D6A1C53ACF57}

HKU\S-1-5-21-2850153352-4128204203-4000747475-1000\...\MountPoints2: F - F:\LaunchU3.exe -a
HKU\S-1-5-21-2850153352-4128204203-4000747475-1000\...\MountPoints2: {6d62c7c6-1153-11df-a3de-001e3330a284} - G:\setup.exe
HKU\S-1-5-21-2850153352-4128204203-4000747475-1000\...\MountPoints2: {7bc2e3b0-15ac-11df-8427-001644a31964} - F:\Axesstel_Setup.exe
HKU\S-1-5-21-2850153352-4128204203-4000747475-1000\...\MountPoints2: {d131fa9e-1f22-11e0-a9fc-001e3330a284} - F:\LaunchU3.exe -a
HKU\S-1-5-21-2850153352-4128204203-4000747475-1000\...\MountPoints2: {df2562aa-96a6-11e1-8cca-806e6f6e6963} - G:\HPLauncher.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2850153352-4128204203-4000747475-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKLM -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2850153352-4128204203-4000747475-1000 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}

S3 GGSAFERDriver; \??\C:\Program Files\Garena Classic\safedrv.sys [X]

2015-03-23 21:02 - 2015-03-23 21:02 - 00005857 _____ () C:\Users\Jarda\Desktop\AdwCleaner[S0].txt
2015-03-23 21:00 - 2015-03-23 21:32 - 00000112 _____ () C:\Windows\setupact.log
2015-03-23 21:00 - 2015-03-23 21:00 - 00000572 _____ () C:\Windows\PFRO.log
2015-03-23 21:00 - 2015-03-23 21:00 - 00000000 _____ () C:\Windows\setuperr.log
2015-03-23 19:02 - 2015-03-23 19:03 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Jarda\Desktop\mbam-setup-2.1.4.1018.exe
2015-03-23 13:42 - 2015-03-23 13:44 - 05325696 _____ (Piriform Ltd) C:\Users\Jarda\Desktop\ccsetup503.exe

C:\Users\Jarda\AppData\Roaming\GetRightToGo
CMD: dir "C:\PROGRA~1"
CMD: dir "C:\PROGRA~2"
CMD: dir "C:\PROGRA~3"
CMD: dir "%localappdata%"
CMD: dir "%appdata%"
Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0149987B-2C2D-4941-848C-E999C7496C02}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0149987B-2C2D-4941-848C-E999C7496C02}" => Key deleted successfully.
C:\Windows\System32\Tasks\{D5A08C13-DAF9-4305-A17F-1CC81566FEFC} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D5A08C13-DAF9-4305-A17F-1CC81566FEFC}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{03ED2C1B-E46E-4DE5-B1BD-61F97D352BA6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{03ED2C1B-E46E-4DE5-B1BD-61F97D352BA6}" => Key deleted successfully.
C:\Windows\System32\Tasks\{B69A4323-FD1D-4B76-8412-759752B923CC} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{B69A4323-FD1D-4B76-8412-759752B923CC}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0745BB18-569D-43FD-8243-6C9380AB0252}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0745BB18-569D-43FD-8243-6C9380AB0252}" => Key deleted successfully.
C:\Windows\System32\Tasks\avast! Emergency Update => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\avast! Emergency Update" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{18E4DCD7-61BC-4A86-927F-49F4C534D943}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{18E4DCD7-61BC-4A86-927F-49F4C534D943}" => Key deleted successfully.
C:\Windows\System32\Tasks\{7C9A15EB-DDFE-4842-907B-E0811B66206D} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7C9A15EB-DDFE-4842-907B-E0811B66206D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{22C585C2-C4B2-42A3-B819-388C5CF0808E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{22C585C2-C4B2-42A3-B819-388C5CF0808E}" => Key deleted successfully.
C:\Windows\System32\Tasks\{1DD1D994-D800-4B08-9F53-A3C14D8C4136} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1DD1D994-D800-4B08-9F53-A3C14D8C4136}" => Key deleted successfully.
"C:\Users\Jarda\AppData\Roaming\webssearches" => File/Directory not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2382DBB0-DF9F-434F-98EB-BC05AAE6E1FF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2382DBB0-DF9F-434F-98EB-BC05AAE6E1FF}" => Key deleted successfully.
C:\Windows\System32\Tasks\{C068C1CF-590E-4CFF-99B8-4FE2237B7895} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C068C1CF-590E-4CFF-99B8-4FE2237B7895}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{76DAE199-868B-41E2-ADE2-6BA4B788045E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{76DAE199-868B-41E2-ADE2-6BA4B788045E}" => Key deleted successfully.
C:\Windows\System32\Tasks\{FAEE0FF3-DD9B-42C2-B79B-6235F2329D60} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FAEE0FF3-DD9B-42C2-B79B-6235F2329D60}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{771A4A4A-F53F-40C6-85A6-F622A8A19626}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{771A4A4A-F53F-40C6-85A6-F622A8A19626}" => Key deleted successfully.
C:\Windows\System32\Tasks\{1C2E7BC4-24F7-4777-A1C6-4162AA6BE30A} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1C2E7BC4-24F7-4777-A1C6-4162AA6BE30A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{888BF0F9-B878-4D91-BB5B-839060BAFE52}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{888BF0F9-B878-4D91-BB5B-839060BAFE52}" => Key deleted successfully.
C:\Windows\System32\Tasks\{8E20E725-3F61-4868-AD80-C85558789323} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8E20E725-3F61-4868-AD80-C85558789323}" => Key deleted successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\System32 => ":{4B9A1497-0817-47C4-9612-D6A1C53ACF57}" ADS removed successfully.
"HKU\S-1-5-21-2850153352-4128204203-4000747475-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F" => Key deleted successfully.
"HKU\S-1-5-21-2850153352-4128204203-4000747475-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6d62c7c6-1153-11df-a3de-001e3330a284}" => Key deleted successfully.
HKCR\CLSID\{6d62c7c6-1153-11df-a3de-001e3330a284} => Key not found.
"HKU\S-1-5-21-2850153352-4128204203-4000747475-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7bc2e3b0-15ac-11df-8427-001644a31964}" => Key deleted successfully.
HKCR\CLSID\{7bc2e3b0-15ac-11df-8427-001644a31964} => Key not found.
"HKU\S-1-5-21-2850153352-4128204203-4000747475-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d131fa9e-1f22-11e0-a9fc-001e3330a284}" => Key deleted successfully.
HKCR\CLSID\{d131fa9e-1f22-11e0-a9fc-001e3330a284} => Key not found.
"HKU\S-1-5-21-2850153352-4128204203-4000747475-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{df2562aa-96a6-11e1-8cca-806e6f6e6963}" => Key deleted successfully.
HKCR\CLSID\{df2562aa-96a6-11e1-8cca-806e6f6e6963} => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => Key deleted successfully.
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt4" => Key deleted successfully.
HKCR\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => Key not found.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKU\S-1-5-21-2850153352-4128204203-4000747475-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}" => Key deleted successfully.
HKCR\CLSID\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0} => Key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-2850153352-4128204203-4000747475-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}" => Key deleted successfully.
HKCR\CLSID\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0} => Key not found.
GGSAFERDriver => Service deleted successfully.
C:\Users\Jarda\Desktop\AdwCleaner[S0].txt => Moved successfully.
C:\Windows\setupact.log => Moved successfully.
C:\Windows\PFRO.log => Moved successfully.
C:\Windows\setuperr.log => Moved successfully.
C:\Users\Jarda\Desktop\mbam-setup-2.1.4.1018.exe => Moved successfully.
"C:\Users\Jarda\Desktop\ccsetup503.exe" => File/Directory not found.
C:\Users\Jarda\AppData\Roaming\GetRightToGo => Moved successfully.

========= dir "C:\PROGRA~1" =========

Svazek v jednotce C nem� ��dnou jmenovku.
S�riov� ��slo svazku je 1C50-CFEE.

V�pis adres��e C:\PROGRA~1

23.03.2015 22:18 <DIR> .
23.03.2015 22:18 <DIR> ..
09.10.2013 13:46 <DIR> Adobe
06.02.2011 16:14 <DIR> AviSynth 2.5
04.02.2013 16:59 <DIR> BatteryBar
23.03.2015 13:45 <DIR> CCleaner
24.03.2015 16:09 <DIR> Common Files
19.05.2010 00:18 <DIR> CyberLink
21.11.2010 20:25 <DIR> DivX
14.08.2011 09:04 <DIR> DVD Maker
23.03.2015 13:27 <DIR> ESET
28.01.2015 19:46 <DIR> Flexense
16.02.2015 20:47 <DIR> Google
26.02.2015 10:13 <DIR> HP
17.03.2015 16:40 <DIR> Internet Explorer
24.03.2015 16:00 <DIR> Java
02.12.2013 22:57 <DIR> JLabs
15.04.2013 11:34 <DIR> Kooperativa
09.05.2014 21:30 <DIR> Microsoft
14.07.2009 08:50 <DIR> Microsoft Games
13.08.2011 15:49 <DIR> Microsoft Office
13.08.2014 07:56 <DIR> Microsoft Silverlight
03.03.2014 19:50 <DIR> Microsoft SQL Server Compact Edition
03.03.2014 19:50 <DIR> Microsoft Synchronization Services
04.02.2010 08:19 <DIR> Microsoft Visual Studio
01.05.2011 02:05 <DIR> Microsoft Works
18.10.2010 11:23 <DIR> Microsoft.NET
28.01.2015 19:33 <DIR> ModelH
15.04.2013 11:11 <DIR> ModelPrint
23.03.2015 13:43 <DIR> Mozilla Firefox
23.03.2015 21:00 <DIR> Mozilla Maintenance Service
16.03.2011 20:02 <DIR> Mplayer
14.07.2009 05:52 <DIR> MSBuild
16.04.2010 02:00 <DIR> MSXML 4.0
12.06.2012 19:11 <DIR> Pando Networks
23.03.2015 13:59 <DIR> PDFCreator
14.07.2009 05:52 <DIR> Reference Assemblies
28.01.2015 20:05 <DIR> RegCleaner
15.05.2011 22:52 <DIR> SolidDocuments
28.01.2015 20:49 <DIR> STORMWARE
18.10.2010 11:30 <DIR> Synaptics
06.12.2012 10:29 <DIR> TeamViewer
27.01.2015 12:36 <DIR> The KMPlayer
15.02.2010 13:04 <DIR> VideoLAN
09.06.2011 16:56 <DIR> WIBU-SYSTEMS
03.10.2013 02:29 <DIR> Windows Defender
10.07.2014 02:24 <DIR> Windows Journal
14.08.2011 09:04 <DIR> Windows Mail
17.03.2015 16:40 <DIR> Windows Media Player
04.02.2010 06:41 <DIR> Windows NT
14.08.2011 09:04 <DIR> Windows Photo Viewer
14.08.2011 09:04 <DIR> Windows Portable Devices
14.08.2011 09:04 <DIR> Windows Sidebar
04.02.2010 07:41 <DIR> WinRAR
Soubor�: 0, Bajt�: 0
Adres���: 54, Voln�ch bajt�: 7�080�751�104

========= End of CMD: =========


========= dir "C:\PROGRA~2" =========

Svazek v jednotce C nem� ��dnou jmenovku.
S�riov� ��slo svazku je 1C50-CFEE.

V�pis adres��e C:\PROGRA~2

23.03.2015 21:38 <DIR> .
23.03.2015 21:38 <DIR> ..
09.10.2013 13:46 <DIR> Adobe
04.12.2012 16:12 <DIR> Apple
27.01.2015 12:47 <DIR> AVG
19.05.2010 12:00 <DIR> CyberLink
05.12.2012 14:47 <DIR> DAEMON Tools Lite
23.03.2015 13:27 <DIR> ESET
25.06.2014 22:27 <DIR> firebird
23.03.2015 21:38 <DIR> Malwarebytes
04.02.2013 10:46 <DIR> McAfee
05.03.2015 23:55 <DIR> Microsoft
16.03.2015 01:54 <DIR> Microsoft Help
06.12.2012 10:10 <DIR> Mozilla
24.03.2015 16:09 <DIR> Oracle
02.02.2014 12:15 <DIR> PDF Writer
28.01.2015 20:48 <DIR> STORMWARE
04.02.2013 10:47 <DIR> Sun
Soubor�: 0, Bajt�: 0
Adres���: 18, Voln�ch bajt�: 7�080�747�008

========= End of CMD: =========


========= dir "C:\PROGRA~3" =========

Svazek v jednotce C nem� ��dnou jmenovku.
S�riov� ��slo svazku je 1C50-CFEE.

V�pis adres��e C:\PROGRA~3

17.01.2011 23:47 <DIR> .
17.01.2011 23:47 <DIR> ..
17.01.2011 23:47 <DIR> FlashFXP 4
Soubor�: 0, Bajt�: 0
Adres���: 3, Voln�ch bajt�: 7�080�747�008

========= End of CMD: =========


========= dir "%localappdata%" =========

Svazek v jednotce C nem� ��dnou jmenovku.
S�riov� ��slo svazku je 1C50-CFEE.

V�pis adres��e C:\Users\Jarda\AppData\Local

24.03.2015 16:11 <DIR> .
24.03.2015 16:11 <DIR> ..
23.03.2015 13:12 <DIR> Adobe
04.02.2010 07:10 <DIR> Apple
04.02.2010 23:41 <DIR> Apple Computer
15.04.2013 10:20 <DIR> Apps
02.02.2014 11:53 <DIR> cache
14.06.2010 21:04 <DIR> Cooliris
19.05.2010 18:40 <DIR> Cyberlink
09.06.2011 16:50 3�584 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
17.03.2015 17:48 <DIR> Deployment
15.02.2014 16:45 <DIR> Downloaded Installations
24.03.2015 09:11 <DIR> ElevatedDiagnostics
23.03.2015 13:32 <DIR> ESET
18.10.2010 10:38 <DIR> Flexense
27.01.2015 13:01 115�592 GDIPFONTCACHEV1.DAT
16.02.2015 20:47 <DIR> Google
09.06.2011 17:01 <DIR> Graphisoft
05.02.2010 08:58 <DIR> GS-LW-Temp
14.12.2012 15:17 <DIR> Macromedia
30.11.2013 19:59 <DIR> Microsoft
19.03.2010 18:33 <DIR> Microsoft Games
28.01.2015 16:46 <DIR> Microsoft Help
28.01.2015 20:11 444 Model6.env
02.12.2013 22:59 279 Model7.env
20.10.2013 22:13 80 Model_he.ini
04.10.2013 12:03 <DIR> Mozilla
05.10.2010 00:20 <DIR> My Games
11.02.2013 17:40 <DIR> PDF Writer
15.04.2013 13:46 <DIR> Programs
21.06.2010 16:01 7�605 resmon.resmoncfg
20.11.2011 15:06 872 SRDownloader.nast
24.03.2015 16:11 <DIR> Temp
02.10.2013 20:36 855 User_he.cds
08.05.2010 15:18 <DIR> VTShared
10.12.2014 20:06 0 {9E0A09B4-23DA-4756-B2B0-12EF6913C525}
01.07.2014 17:04 <DIR> �SOB_Poji�ovna,_a.s
Soubor�: 9, Bajt�: 129�311
Adres���: 28, Voln�ch bajt�: 7�080�747�008

========= End of CMD: =========


========= dir "%appdata%" =========

Svazek v jednotce C nem� ��dnou jmenovku.
S�riov� ��slo svazku je 1C50-CFEE.

V�pis adres��e C:\Users\Jarda\AppData\Roaming

24.03.2015 16:15 <DIR> .
24.03.2015 16:15 <DIR> ..
15.04.2013 13:43 <DIR> Adobe
05.12.2012 14:47 <DIR> Apple Computer
23.03.2015 13:59 <DIR> Azureus
03.12.2012 16:47 <DIR> BatteryBar
02.06.2010 13:51 <DIR> com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
19.05.2010 12:00 <DIR> CyberLink
21.11.2010 19:26 <DIR> DivX
21.01.2011 00:20 <DIR> dvdcss
23.03.2015 13:32 <DIR> ESET
17.01.2011 23:47 <DIR> FlashFXP
18.02.2010 20:22 <DIR> GHISLER
09.06.2011 17:01 <DIR> Graphisoft
15.04.2013 11:02 <DIR> HypoKalk
04.02.2010 06:41 <DIR> Identities
23.04.2014 22:03 <DIR> KA10
04.02.2010 06:53 <DIR> Macromedia
14.07.2009 08:48 <DIR> Media Center Programs
23.03.2015 13:59 <DIR> Media Player Classic
04.02.2010 07:02 <DIR> Mozilla
11.02.2013 17:39 <DIR> PDF Writer
26.04.2011 22:08 <DIR> Realtime Soft
10.01.2012 13:13 51�270 room_v3.dat
27.01.2015 12:55 <DIR> Skype
08.09.2012 16:33 <DIR> skypePM
02.06.2010 13:41 <DIR> Softland
15.05.2011 23:15 <DIR> SolidDocuments
27.04.2011 11:49 <DIR> TeamViewer
03.03.2015 20:32 <DIR> vlc
05.02.2010 16:32 <DIR> WinRAR
Soubor�: 1, Bajt�: 51�270
Adres���: 30, Voln�ch bajt�: 7�080�742�912

========= End of CMD: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 376.8 MB temporary data.


The system needed a reboot.

==== End of Fixlog 16:15:40 ====

Re: potvury v ntb

Napsal: 24 bře 2015 16:31
od altrok
Zlepsil se stav a zacneme uklizet?

Re: potvury v ntb

Napsal: 24 bře 2015 16:45
od olhor
No prave, ze moc ne. Koukal jsem se na taskmgr a procak i RAM jsou vytizeny jen minimalne, i pri spustenym FF, ale i presto odezva nic moc. Koukal jsem, ze je tam pomerne hodne procesu svchost, s tim jsem se jeste nesetkal(viz print screen). Je to normalni?

Navic jsem koukal, ze ve fixlogu jsou programy jako mcafee, ktere tam jiz vubec nejsou??

Disk jsem kontroloval, tou cristal utilitou a vse je zelene/modre, stav dobry. Tak ze diskem to nebude. Prijde mi slabsi grafika, ale ntb je s win7 prodavan jako OEM, tudiz by je "mel" zvladat. Nevic Aero jsem jiz vypnul.

Dochazi mi napady jak to jinak zrychlit.

Re: potvury v ntb

Napsal: 24 bře 2015 16:49
od altrok
:arrow: Dnes odchazim od PC.


:arrow: Ulozte na plochu MBAR - http://www.bleepingcomputer.com/downloa ... i-rootkit/
  • Spuste dvojklikem a extrahujte na plochu
  • kliknete na Next
  • Aktualizujte virovou databazi klikem na Update a pokracujte na Next
  • Vsechny 3 moznosti nechte zaskrtnute a zvolte Scan (potrva cca 15 minut)
  • zatrhnete vsechny nalezy a take zkontrolujte zatrzitko u Create Restore Point
  • kliknete na Cleanup a souhlaste s restartem - Yes
  • obsah logu ulozene na plose v mbar\mbar-log-2015-mm-dd (hh-mm-ss).txt vlozte do pristi odpovedi

:arrow: Postup kolegy.
vyosek píše: :arrow: Stahnete si TDSSKiller http://media.kaspersky.com/utilities/Vi ... killer.exe
  • Po spusteni odsouhlaste licencni podminky (klik na Accept)
  • Kliknete na volbu Change parametrs
  • V okne Additional Option zakliknete vsechny moznosti
  • Kliknete na OK
  • Utilite prikazte, at skenuje - klik na Start Scan
  • Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip
  • Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip
  • Pokud mate vsude Skip, kliknete na Continue
  • Na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt bude log - jeho obsah sem vlozte

Re: potvury v ntb

Napsal: 24 bře 2015 18:27
od olhor
MBAR nic nenasel, tady je log:
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
main: v2015.03.24.06
rootkit: v2015.02.25.01

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.17691
Jarda :: JARDA-PC [administrator]

24.3.2015 17:24:11
mbar-log-2015-03-24 (17-24-11).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Kernel memory modifications detected. Deep Anti-Rootkit Scan engaged.
Objects scanned: 322178
Time elapsed: 39 minute(s), 16 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

Re: potvury v ntb

Napsal: 24 bře 2015 18:27
od olhor
tady je log z TDSS Killer:
18:03:24.0638 0x0d34 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
18:03:28.0319 0x0d34 ============================================================
18:03:28.0319 0x0d34 Current date / time: 2015/03/24 18:03:28.0319
18:03:28.0319 0x0d34 SystemInfo:
18:03:28.0319 0x0d34
18:03:28.0319 0x0d34 OS Version: 6.1.7601 ServicePack: 1.0
18:03:28.0319 0x0d34 Product type: Workstation
18:03:28.0319 0x0d34 ComputerName: JARDA-PC
18:03:28.0319 0x0d34 UserName: Jarda
18:03:28.0319 0x0d34 Windows directory: C:\Windows
18:03:28.0319 0x0d34 System windows directory: C:\Windows
18:03:28.0319 0x0d34 Processor architecture: Intel x86
18:03:28.0319 0x0d34 Number of processors: 2
18:03:28.0319 0x0d34 Page size: 0x1000
18:03:28.0319 0x0d34 Boot type: Normal boot
18:03:28.0319 0x0d34 ============================================================
18:03:30.0722 0x0d34 KLMD registered as C:\Windows\system32\drivers\80221031.sys
18:03:31.0049 0x0d34 System UUID: {87F3C5DD-3C2F-A8A5-6596-AB8224482FD2}
18:03:32.0828 0x0d34 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 ( 149.05 Gb ), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:03:32.0828 0x0d34 ============================================================
18:03:32.0828 0x0d34 \Device\Harddisk0\DR0:
18:03:32.0843 0x0d34 MBR partitions:
18:03:32.0843 0x0d34 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x32000
18:03:32.0843 0x0d34 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x320800, BlocksNum 0x4524000
18:03:32.0843 0x0d34 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x4844800, BlocksNum 0xE1D4800
18:03:32.0843 0x0d34 ============================================================
18:03:32.0874 0x0d34 C: <-> \Device\Harddisk0\DR0\Partition2
18:03:32.0906 0x0d34 D: <-> \Device\Harddisk0\DR0\Partition3
18:03:32.0906 0x0d34 ============================================================
18:03:32.0921 0x0d34 Initialize success
18:03:32.0921 0x0d34 ============================================================
18:03:49.0832 0x0ed4 ============================================================
18:03:49.0832 0x0ed4 Scan started
18:03:49.0832 0x0ed4 Mode: Manual; SigCheck; TDLFS;
18:03:49.0832 0x0ed4 ============================================================
18:03:49.0832 0x0ed4 KSN ping started
18:03:52.0484 0x0ed4 KSN ping finished: true
18:03:53.0934 0x0ed4 ================ Scan system memory ========================
18:03:53.0934 0x0ed4 System memory - ok
18:03:53.0934 0x0ed4 ================ Scan services =============================
18:03:54.0200 0x0ed4 [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:03:54.0527 0x0ed4 1394ohci - ok
18:03:54.0621 0x0ed4 [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:03:54.0714 0x0ed4 ACPI - ok
18:03:54.0761 0x0ed4 [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:03:54.0855 0x0ed4 AcpiPmi - ok
18:03:55.0104 0x0ed4 [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
18:03:55.0182 0x0ed4 AdobeARMservice - ok
18:03:55.0307 0x0ed4 [ B0FE8D243A4EC6727D7EC5019C4B26B1, 6A319A77E19937208237BDBD2A545367EEC7B4B7ED732E0BAF616070C2FD88A3 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:03:55.0385 0x0ed4 AdobeFlashPlayerUpdateSvc - ok
18:03:55.0494 0x0ed4 [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
18:03:55.0619 0x0ed4 adp94xx - ok
18:03:55.0682 0x0ed4 [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
18:03:55.0791 0x0ed4 adpahci - ok
18:03:55.0838 0x0ed4 [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
18:03:55.0916 0x0ed4 adpu320 - ok
18:03:55.0978 0x0ed4 [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:03:56.0181 0x0ed4 AeLookupSvc - ok
18:03:56.0290 0x0ed4 [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD C:\Windows\system32\drivers\afd.sys
18:03:56.0446 0x0ed4 AFD - ok
18:03:56.0618 0x0ed4 [ 7E10E3BB9B258AD8A9300F91214D67B9, CE5FAD7BF78234B64EAADF64DB23F3C342AADB9C5E3B0168E57863F494F30318 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
18:03:56.0852 0x0ed4 AgereSoftModem - ok
18:03:56.0898 0x0ed4 [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\drivers\agp440.sys
18:03:56.0976 0x0ed4 agp440 - ok
18:03:57.0023 0x0ed4 [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
18:03:57.0086 0x0ed4 aic78xx - ok
18:03:57.0164 0x0ed4 [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe
18:03:57.0257 0x0ed4 ALG - ok
18:03:57.0320 0x0ed4 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\drivers\aliide.sys
18:03:57.0382 0x0ed4 aliide - ok
18:03:57.0429 0x0ed4 [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
18:03:57.0491 0x0ed4 amdagp - ok
18:03:57.0522 0x0ed4 [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\drivers\amdide.sys
18:03:57.0600 0x0ed4 amdide - ok
18:03:57.0647 0x0ed4 [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
18:03:57.0741 0x0ed4 AmdK8 - ok
18:03:57.0788 0x0ed4 [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
18:03:57.0881 0x0ed4 AmdPPM - ok
18:03:57.0959 0x0ed4 [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:03:58.0022 0x0ed4 amdsata - ok
18:03:58.0084 0x0ed4 [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
18:03:58.0162 0x0ed4 amdsbs - ok
18:03:58.0209 0x0ed4 [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:03:58.0271 0x0ed4 amdxata - ok
18:03:58.0349 0x0ed4 [ 81F97D8F8B3FB94A451CC6F7CF8B2965, 8DEBA4E47E1016D69740C0BB7CDD23852D86E0D42C1C1EA5A847ECB115C38CB1 ] AppID C:\Windows\system32\drivers\appid.sys
18:03:58.0474 0x0ed4 AppID - ok
18:03:58.0521 0x0ed4 [ F5090F8FA6757C58E17BAEAA86093636, 5E14CF3032DF5801240F45C59AA93962EA41AA5648A0C6458D16D9B9D95A131F ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:03:58.0614 0x0ed4 AppIDSvc - ok
18:03:58.0692 0x0ed4 [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo C:\Windows\System32\appinfo.dll
18:03:58.0770 0x0ed4 Appinfo - ok
18:03:58.0848 0x0ed4 [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt C:\Windows\System32\appmgmts.dll
18:03:58.0973 0x0ed4 AppMgmt - ok
18:03:59.0036 0x0ed4 [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\DRIVERS\arc.sys
18:03:59.0098 0x0ed4 arc - ok
18:03:59.0145 0x0ed4 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
18:03:59.0223 0x0ed4 arcsas - ok
18:03:59.0394 0x0ed4 [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
18:03:59.0472 0x0ed4 aspnet_state - ok
18:03:59.0613 0x0ed4 [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:03:59.0894 0x0ed4 AsyncMac - ok
18:03:59.0940 0x0ed4 [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\drivers\atapi.sys
18:04:00.0003 0x0ed4 atapi - ok
18:04:00.0112 0x0ed4 [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:04:00.0252 0x0ed4 AudioEndpointBuilder - ok
18:04:00.0346 0x0ed4 [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] Audiosrv C:\Windows\System32\Audiosrv.dll
18:04:00.0471 0x0ed4 Audiosrv - ok
18:04:00.0533 0x0ed4 [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:04:00.0658 0x0ed4 AxInstSV - ok
18:04:00.0720 0x0ed4 [ 59629EDD214C35A01E2527AC3B8A7FB3, E71716CC1FF1574A2D854FA62350C73ECDAE21D3B827E18835D37F8B5857B4E3 ] Axtmvflt C:\Windows\system32\DRIVERS\Axtmvflt.sys
18:04:00.0798 0x0ed4 Axtmvflt - ok
18:04:00.0830 0x0ed4 [ 37E23B1756ECA768656097F72C0B458D, 1E2D517C932B60869B470FD00623B8ED15B62A20DC27DF54D167B643819227ED ] Axtmvmdm C:\Windows\system32\DRIVERS\Axtmvmdm.sys
18:04:00.0908 0x0ed4 Axtmvmdm - ok
18:04:00.0954 0x0ed4 [ 2C7170BE24EACC0B432EB1832FEE0DDC, B9555982073E836FAB68626435A382F55B74C60928D57AB35B17BFC202325EE8 ] Axtmvprt C:\Windows\system32\Drivers\Axtmvprt.sys
18:04:01.0017 0x0ed4 Axtmvprt - ok
18:04:01.0126 0x0ed4 [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
18:04:01.0282 0x0ed4 b06bdrv - ok
18:04:01.0360 0x0ed4 [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
18:04:01.0454 0x0ed4 b57nd60x - ok
18:04:01.0532 0x0ed4 [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll
18:04:01.0625 0x0ed4 BDESVC - ok
18:04:01.0672 0x0ed4 [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys
18:04:01.0828 0x0ed4 Beep - ok
18:04:01.0968 0x0ed4 [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\Windows\System32\bfe.dll
18:04:02.0109 0x0ed4 BFE - ok
18:04:02.0218 0x0ed4 [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\Windows\System32\qmgr.dll
18:04:02.0436 0x0ed4 BITS - ok
18:04:02.0499 0x0ed4 [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:04:02.0577 0x0ed4 blbdrive - ok
18:04:02.0639 0x0ed4 [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:04:02.0748 0x0ed4 bowser - ok
18:04:02.0795 0x0ed4 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:04:02.0889 0x0ed4 BrFiltLo - ok
18:04:02.0951 0x0ed4 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:04:03.0029 0x0ed4 BrFiltUp - ok
18:04:03.0092 0x0ed4 [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser C:\Windows\System32\browser.dll
18:04:03.0185 0x0ed4 Browser - ok
18:04:03.0248 0x0ed4 [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:04:03.0372 0x0ed4 Brserid - ok
18:04:03.0419 0x0ed4 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:04:03.0497 0x0ed4 BrSerWdm - ok
18:04:03.0528 0x0ed4 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:04:03.0622 0x0ed4 BrUsbMdm - ok
18:04:03.0653 0x0ed4 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:04:03.0747 0x0ed4 BrUsbSer - ok
18:04:03.0778 0x0ed4 [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
18:04:03.0872 0x0ed4 BTHMODEM - ok
18:04:03.0934 0x0ed4 [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll
18:04:04.0090 0x0ed4 bthserv - ok
18:04:04.0152 0x0ed4 [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:04:04.0293 0x0ed4 cdfs - ok
18:04:04.0386 0x0ed4 [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:04:04.0480 0x0ed4 cdrom - ok
18:04:04.0542 0x0ed4 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\Windows\System32\certprop.dll
18:04:04.0730 0x0ed4 CertPropSvc - ok
18:04:04.0776 0x0ed4 [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
18:04:04.0870 0x0ed4 circlass - ok
18:04:04.0948 0x0ed4 [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS C:\Windows\system32\CLFS.sys
18:04:05.0042 0x0ed4 CLFS - ok
18:04:05.0120 0x0ed4 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:04:05.0198 0x0ed4 clr_optimization_v2.0.50727_32 - ok
18:04:05.0276 0x0ed4 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:04:05.0354 0x0ed4 clr_optimization_v4.0.30319_32 - ok
18:04:05.0416 0x0ed4 [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:04:05.0494 0x0ed4 CmBatt - ok
18:04:05.0556 0x0ed4 [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:04:05.0619 0x0ed4 cmdide - ok
18:04:05.0712 0x0ed4 [ 3051724F223EA48968B19567DE2A81F4, DCC27DE1B2B35866FC6DBDE95A368E7D0D346B6C3F31D0BACA63DD39B0A8874E ] CNG C:\Windows\system32\Drivers\cng.sys
18:04:05.0837 0x0ed4 CNG - ok
18:04:05.0884 0x0ed4 [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:04:05.0962 0x0ed4 Compbatt - ok
18:04:06.0040 0x0ed4 [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
18:04:06.0134 0x0ed4 CompositeBus - ok
18:04:06.0165 0x0ed4 COMSysApp - ok
18:04:06.0196 0x0ed4 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
18:04:06.0274 0x0ed4 crcdisk - ok
18:04:06.0336 0x0ed4 [ 49474B3E37969AF4B5C076F42B623AFF, BDA6B57E9B60EF1B67C74099263D33A367AAA035667239F76AB8B268FD3E8F23 ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:04:06.0446 0x0ed4 CryptSvc - ok
18:04:06.0539 0x0ed4 [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC C:\Windows\system32\drivers\csc.sys
18:04:06.0648 0x0ed4 CSC - ok
18:04:06.0758 0x0ed4 [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService C:\Windows\System32\cscsvc.dll
18:04:06.0914 0x0ed4 CscService - ok
18:04:07.0007 0x0ed4 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch C:\Windows\system32\rpcss.dll
18:04:07.0194 0x0ed4 DcomLaunch - ok
18:04:07.0272 0x0ed4 [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll
18:04:07.0460 0x0ed4 defragsvc - ok
18:04:07.0553 0x0ed4 [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:04:07.0694 0x0ed4 DfsC - ok
18:04:07.0787 0x0ed4 [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\Windows\system32\dhcpcore.dll
18:04:07.0928 0x0ed4 Dhcp - ok
18:04:07.0959 0x0ed4 [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys
18:04:08.0130 0x0ed4 discache - ok
18:04:08.0193 0x0ed4 [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\Windows\system32\DRIVERS\disk.sys
18:04:08.0255 0x0ed4 Disk - ok
18:04:08.0333 0x0ed4 [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:04:08.0442 0x0ed4 Dnscache - ok
18:04:08.0505 0x0ed4 [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\Windows\System32\dot3svc.dll
18:04:08.0676 0x0ed4 dot3svc - ok
18:04:08.0754 0x0ed4 [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\Windows\system32\dps.dll
18:04:08.0926 0x0ed4 DPS - ok
18:04:08.0988 0x0ed4 [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:04:09.0082 0x0ed4 drmkaud - ok
18:04:09.0207 0x0ed4 [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:04:09.0363 0x0ed4 DXGKrnl - ok
18:04:09.0566 0x0ed4 [ 687CCC438AA414AE22EEA081F98DC645, F8CA8B99A241D080D7AD8867244FBACE87095190908D62AB0B989FDBE27D6CE5 ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
18:04:09.0675 0x0ed4 eamonm - ok
18:04:09.0768 0x0ed4 [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll
18:04:09.0971 0x0ed4 EapHost - ok
18:04:10.0377 0x0ed4 [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
18:04:10.0938 0x0ed4 ebdrv - ok
18:04:11.0032 0x0ed4 [ F65F365AC0D1657917EFDB52445C848B, 1BDCEFED2799B5507B28B4D72D13D2DD7A1102B21F3938E98BA65737985A4ED9 ] EFS C:\Windows\System32\lsass.exe
18:04:11.0110 0x0ed4 EFS - ok
18:04:11.0266 0x0ed4 [ 340870877DBE2A6D848537FC6AC2BA2F, 97A0D3EAC232A86DB3AACF3359B8AA61EF5C5152930E46D37C18BAC6DB234AD7 ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
18:04:11.0344 0x0ed4 ehdrv - ok
18:04:11.0469 0x0ed4 [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:04:11.0609 0x0ed4 ehRecvr - ok
18:04:11.0656 0x0ed4 [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\Windows\ehome\ehsched.exe
18:04:11.0750 0x0ed4 ehSched - ok
18:04:12.0093 0x0ed4 [ 58FBDA10FC403CF9F82ABD0A68129BA3, D731021C2A94A31CD944E95628AC2DFFF0D555659BF0DF6FC57676B8B88355A4 ] ekrn C:\Program Files\ESET\ESET Smart Security\ekrn.exe
18:04:12.0311 0x0ed4 ekrn - ok
18:04:12.0452 0x0ed4 [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
18:04:12.0576 0x0ed4 elxstor - ok
18:04:12.0717 0x0ed4 [ 372AA9B1146D66E5D6B65844D9416778, 35E48F3728CC4FB9CA967DAEFC280DA372D740947B69C39A5F5CF2ED64CC8D9D ] epfw C:\Windows\system32\DRIVERS\epfw.sys
18:04:12.0795 0x0ed4 epfw - ok
18:04:12.0842 0x0ed4 [ 2789A04E91E4E2C4CAF24C966342859B, 41CDA6950FE4F0BC1125054D5E8D98FD4A8245332035562B53E6296A90AA1C85 ] EpfwLWF C:\Windows\system32\DRIVERS\EpfwLWF.sys
18:04:12.0888 0x0ed4 EpfwLWF - ok
18:04:12.0951 0x0ed4 [ 752924FC04A89BDD6D6A42BD6D5CA12B, 773D26F0AAC0C5FD8B7C235CE1E0C94B601616599DF79EC9E752E4AC2D26E3AD ] epfwwfp C:\Windows\system32\DRIVERS\epfwwfp.sys
18:04:13.0013 0x0ed4 epfwwfp - ok
18:04:13.0060 0x0ed4 [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:04:13.0154 0x0ed4 ErrDev - ok
18:04:13.0278 0x0ed4 [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll
18:04:13.0481 0x0ed4 EventSystem - ok
18:04:13.0544 0x0ed4 [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys
18:04:13.0715 0x0ed4 exfat - ok
18:04:13.0762 0x0ed4 [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:04:13.0934 0x0ed4 fastfat - ok
18:04:14.0074 0x0ed4 [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\Windows\system32\fxssvc.exe
18:04:14.0246 0x0ed4 Fax - ok
18:04:14.0292 0x0ed4 [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:04:14.0386 0x0ed4 fdc - ok
18:04:14.0433 0x0ed4 [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll
18:04:14.0573 0x0ed4 fdPHost - ok
18:04:14.0604 0x0ed4 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll
18:04:14.0745 0x0ed4 FDResPub - ok
18:04:14.0776 0x0ed4 [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:04:14.0854 0x0ed4 FileInfo - ok
18:04:14.0885 0x0ed4 [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:04:15.0041 0x0ed4 Filetrace - ok
18:04:15.0182 0x0ed4 [ F76D04F7413B07DAA029F6520B64B4E8, 3EB13C0EFE737880853FB8952381E7A57723F9472E0E4ED7CDA8A0D7DE8DC90D ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
18:04:15.0353 0x0ed4 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
18:04:18.0114 0x0ed4 Detect skipped due to KSN trusted
18:04:18.0114 0x0ed4 FLEXnet Licensing Service - ok
18:04:18.0192 0x0ed4 [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:04:18.0255 0x0ed4 flpydisk - ok
18:04:18.0348 0x0ed4 [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:04:18.0426 0x0ed4 FltMgr - ok
18:04:18.0582 0x0ed4 [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache C:\Windows\system32\FntCache.dll
18:04:18.0785 0x0ed4 FontCache - ok
18:04:18.0863 0x0ed4 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:04:18.0926 0x0ed4 FontCache3.0.0.0 - ok
18:04:18.0972 0x0ed4 [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:04:19.0035 0x0ed4 FsDepends - ok
18:04:19.0082 0x0ed4 [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:04:19.0144 0x0ed4 Fs_Rec - ok
18:04:19.0238 0x0ed4 [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:04:19.0331 0x0ed4 fvevol - ok
18:04:19.0378 0x0ed4 [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
18:04:19.0440 0x0ed4 gagp30kx - ok
18:04:19.0565 0x0ed4 [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc C:\Windows\System32\gpsvc.dll
18:04:19.0768 0x0ed4 gpsvc - ok
18:04:19.0877 0x0ed4 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
18:04:19.0940 0x0ed4 gupdate - ok
18:04:19.0971 0x0ed4 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
18:04:20.0018 0x0ed4 gupdatem - ok
18:04:20.0080 0x0ed4 [ 833051C6C6C42117191935F734CFBD97, 5EB5672ABC7994A4AFF855A572158B8BE4FC6E541CFD4B9BE4FF2739A9A6AFB8 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
18:04:20.0127 0x0ed4 hamachi - ok
18:04:20.0189 0x0ed4 [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:04:20.0252 0x0ed4 hcw85cir - ok
18:04:20.0345 0x0ed4 [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:04:20.0454 0x0ed4 HdAudAddService - ok
18:04:20.0501 0x0ed4 [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
18:04:20.0579 0x0ed4 HDAudBus - ok
18:04:20.0626 0x0ed4 [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
18:04:20.0704 0x0ed4 HidBatt - ok
18:04:20.0751 0x0ed4 [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
18:04:20.0844 0x0ed4 HidBth - ok
18:04:20.0891 0x0ed4 [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
18:04:20.0985 0x0ed4 HidIr - ok
18:04:21.0047 0x0ed4 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\system32\hidserv.dll
18:04:21.0188 0x0ed4 hidserv - ok
18:04:21.0266 0x0ed4 [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:04:21.0344 0x0ed4 HidUsb - ok
18:04:21.0406 0x0ed4 [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\Windows\system32\kmsvc.dll
18:04:21.0546 0x0ed4 hkmsvc - ok
18:04:21.0609 0x0ed4 [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:04:21.0718 0x0ed4 HomeGroupListener - ok
18:04:21.0796 0x0ed4 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:04:21.0921 0x0ed4 HomeGroupProvider - ok
18:04:22.0030 0x0ed4 [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:04:22.0124 0x0ed4 HpSAMD - ok
18:04:22.0248 0x0ed4 [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:04:22.0436 0x0ed4 HTTP - ok
18:04:22.0529 0x0ed4 [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:04:22.0607 0x0ed4 hwpolicy - ok
18:04:22.0670 0x0ed4 [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
18:04:22.0763 0x0ed4 i8042prt - ok
18:04:22.0841 0x0ed4 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:04:22.0950 0x0ed4 iaStorV - ok
18:04:23.0028 0x0ed4 [ DAF66902F08796F9C694901660E5A64A, F4A4764DED05980426BAB54AAF040BC27A39C80315F5161E8D0B4C7F694BD8E6 ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
18:04:23.0075 0x0ed4 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
18:04:25.0758 0x0ed4 Detect skipped due to KSN trusted
18:04:25.0758 0x0ed4 IDriverT - ok
18:04:25.0961 0x0ed4 [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:04:26.0133 0x0ed4 idsvc - ok
18:04:26.0289 0x0ed4 IEEtwCollectorService - ok
18:04:26.0913 0x0ed4 [ 9467514EA189475A6E7FDC5D7BDE9D3F, E6F5B99BF6B614832770F9310B06334A8174C7660DDEC7589433640527A14683 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
18:04:27.0693 0x0ed4 igfx - ok
18:04:27.0802 0x0ed4 [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
18:04:27.0880 0x0ed4 iirsp - ok
18:04:28.0020 0x0ed4 [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT C:\Windows\System32\ikeext.dll
18:04:28.0176 0x0ed4 IKEEXT - ok
18:04:28.0254 0x0ed4 [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\drivers\intelide.sys
18:04:28.0317 0x0ed4 intelide - ok
18:04:28.0395 0x0ed4 [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:04:28.0488 0x0ed4 intelppm - ok
18:04:28.0535 0x0ed4 [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:04:28.0691 0x0ed4 IPBusEnum - ok
18:04:28.0722 0x0ed4 [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:04:28.0863 0x0ed4 IpFilterDriver - ok
18:04:28.0972 0x0ed4 [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:04:29.0128 0x0ed4 iphlpsvc - ok
18:04:29.0190 0x0ed4 [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:04:29.0268 0x0ed4 IPMIDRV - ok
18:04:29.0315 0x0ed4 [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:04:29.0471 0x0ed4 IPNAT - ok
18:04:29.0518 0x0ed4 [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:04:29.0612 0x0ed4 IRENUM - ok
18:04:29.0658 0x0ed4 [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:04:29.0721 0x0ed4 isapnp - ok
18:04:29.0799 0x0ed4 [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:04:29.0877 0x0ed4 iScsiPrt - ok
18:04:29.0939 0x0ed4 [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:04:30.0017 0x0ed4 kbdclass - ok
18:04:30.0064 0x0ed4 [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:04:30.0142 0x0ed4 kbdhid - ok
18:04:30.0173 0x0ed4 [ F65F365AC0D1657917EFDB52445C848B, 1BDCEFED2799B5507B28B4D72D13D2DD7A1102B21F3938E98BA65737985A4ED9 ] KeyIso C:\Windows\system32\lsass.exe
18:04:30.0236 0x0ed4 KeyIso - ok
18:04:30.0594 0x0ed4 [ 901B484F2B24B929679C49B301AD652C, 57195AC9038C33C179CA1186C94B195684AD308FCF5E5386BDB4C7B06495182F ] KoopPdfService C:\Program Files\Kooperativa\Services\KoopPDFServer.exe
18:04:31.0031 0x0ed4 KoopPdfService - detected UnsignedFile.Multi.Generic ( 1 )
18:04:34.0042 0x0ed4 KoopPdfService ( UnsignedFile.Multi.Generic ) - warning
18:04:34.0042 0x0ed4 Force sending object to P2P due to detect: KoopPdfService
18:04:36.0850 0x0ed4 Object send P2P result: true
18:04:39.0611 0x0ed4 [ 4DAC97CF81FAE4B2988AEF0DF40D04AE, 5560304972693DE5D5B21CE010A76067FA5B64AD5968122EE9F8248B3EA4878E ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:04:39.0689 0x0ed4 KSecDD - ok
18:04:39.0736 0x0ed4 [ 9EED5E0B7BF784C491C2289A09920BDA, 9E82EB777A01AB32EDA2AE0420546602A82C850D68D2C0AEDB4EA5ADEDF835E6 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:04:39.0814 0x0ed4 KSecPkg - ok
18:04:39.0908 0x0ed4 [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll
18:04:40.0095 0x0ed4 KtmRm - ok
18:04:40.0173 0x0ed4 [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\Windows\system32\srvsvc.dll
18:04:40.0344 0x0ed4 LanmanServer - ok
18:04:40.0407 0x0ed4 [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:04:40.0563 0x0ed4 LanmanWorkstation - ok
18:04:40.0641 0x0ed4 [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:04:40.0797 0x0ed4 lltdio - ok
18:04:40.0859 0x0ed4 [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:04:41.0031 0x0ed4 lltdsvc - ok
18:04:41.0078 0x0ed4 [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:04:41.0218 0x0ed4 lmhosts - ok
18:04:41.0296 0x0ed4 [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
18:04:41.0374 0x0ed4 LSI_FC - ok
18:04:41.0421 0x0ed4 [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
18:04:41.0499 0x0ed4 LSI_SAS - ok
18:04:41.0530 0x0ed4 [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:04:41.0608 0x0ed4 LSI_SAS2 - ok
18:04:41.0639 0x0ed4 [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:04:41.0717 0x0ed4 LSI_SCSI - ok
18:04:41.0764 0x0ed4 [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys
18:04:41.0904 0x0ed4 luafv - ok
18:04:41.0967 0x0ed4 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:04:42.0060 0x0ed4 Mcx2Svc - ok
18:04:42.0092 0x0ed4 [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
18:04:42.0154 0x0ed4 megasas - ok
18:04:42.0232 0x0ed4 [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
18:04:42.0326 0x0ed4 MegaSR - ok
18:04:42.0372 0x0ed4 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll
18:04:42.0528 0x0ed4 MMCSS - ok
18:04:42.0575 0x0ed4 [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys
18:04:42.0747 0x0ed4 Modem - ok
18:04:42.0778 0x0ed4 [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:04:42.0856 0x0ed4 monitor - ok
18:04:42.0903 0x0ed4 [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:04:42.0965 0x0ed4 mouclass - ok
18:04:43.0012 0x0ed4 [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:04:43.0090 0x0ed4 mouhid - ok
18:04:43.0137 0x0ed4 [ 644905A19D0F37F2233DFCE53BC4BC19, F52CB40AA0FD1EBF8CBF0F3BFB20C47142C637719840877FB93F10D085EB8C2B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:04:43.0215 0x0ed4 mountmgr - ok
18:04:43.0324 0x0ed4 [ 0A68B3E37961CEC327EED518F6D62530, EDEB16545ECDDEA2ADFF73E4DF3E9FD87E4B7126C8CFB037ABAF883D157103DE ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:04:43.0418 0x0ed4 MozillaMaintenance - ok
18:04:43.0480 0x0ed4 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\Windows\system32\drivers\mpio.sys
18:04:43.0574 0x0ed4 mpio - ok
18:04:43.0605 0x0ed4 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:04:43.0761 0x0ed4 mpsdrv - ok
18:04:43.0870 0x0ed4 [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:04:44.0088 0x0ed4 MpsSvc - ok
18:04:44.0151 0x0ed4 [ 03F899F521D2AAED1C55008F734DF252, 4E56A51476A13F5630719018037B1F63DF9ACEA1CFE782AF04E669BD696954C5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:04:44.0244 0x0ed4 MRxDAV - ok
18:04:44.0322 0x0ed4 [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:04:44.0447 0x0ed4 mrxsmb - ok
18:04:44.0525 0x0ed4 [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:04:44.0634 0x0ed4 mrxsmb10 - ok
18:04:44.0681 0x0ed4 [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:04:44.0790 0x0ed4 mrxsmb20 - ok
18:04:44.0837 0x0ed4 [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\Windows\system32\drivers\msahci.sys
18:04:44.0915 0x0ed4 msahci - ok
18:04:44.0962 0x0ed4 [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:04:45.0040 0x0ed4 msdsm - ok
18:04:45.0087 0x0ed4 [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe
18:04:45.0180 0x0ed4 MSDTC - ok
18:04:45.0258 0x0ed4 [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:04:45.0414 0x0ed4 Msfs - ok
18:04:45.0446 0x0ed4 [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:04:45.0602 0x0ed4 mshidkmdf - ok
18:04:45.0664 0x0ed4 [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:04:45.0726 0x0ed4 msisadrv - ok
18:04:45.0789 0x0ed4 [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:04:45.0945 0x0ed4 MSiSCSI - ok
18:04:45.0976 0x0ed4 msiserver - ok
18:04:46.0023 0x0ed4 [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:04:46.0163 0x0ed4 MSKSSRV - ok
18:04:46.0179 0x0ed4 [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:04:46.0335 0x0ed4 MSPCLOCK - ok
18:04:46.0366 0x0ed4 [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:04:46.0506 0x0ed4 MSPQM - ok
18:04:46.0569 0x0ed4 [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:04:46.0647 0x0ed4 MsRPC - ok
18:04:46.0709 0x0ed4 [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
18:04:46.0818 0x0ed4 mssmbios - ok
18:04:46.0881 0x0ed4 [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:04:47.0037 0x0ed4 MSTEE - ok
18:04:47.0084 0x0ed4 [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
18:04:47.0177 0x0ed4 MTConfig - ok
18:04:47.0224 0x0ed4 [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\Windows\system32\Drivers\mup.sys
18:04:47.0286 0x0ed4 Mup - ok
18:04:47.0380 0x0ed4 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\Windows\system32\qagentRT.dll
18:04:47.0583 0x0ed4 napagent - ok
18:04:47.0676 0x0ed4 [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:04:47.0786 0x0ed4 NativeWifiP - ok
18:04:47.0926 0x0ed4 [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:04:48.0082 0x0ed4 NDIS - ok
18:04:48.0144 0x0ed4 [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:04:48.0285 0x0ed4 NdisCap - ok
18:04:48.0332 0x0ed4 [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:04:48.0488 0x0ed4 NdisTapi - ok
18:04:48.0534 0x0ed4 [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:04:48.0675 0x0ed4 Ndisuio - ok
18:04:48.0737 0x0ed4 [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:04:48.0893 0x0ed4 NdisWan - ok
18:04:48.0956 0x0ed4 [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:04:49.0096 0x0ed4 NDProxy - ok
18:04:49.0158 0x0ed4 [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:04:49.0330 0x0ed4 NetBIOS - ok
18:04:49.0392 0x0ed4 [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:04:49.0564 0x0ed4 NetBT - ok
18:04:49.0595 0x0ed4 [ F65F365AC0D1657917EFDB52445C848B, 1BDCEFED2799B5507B28B4D72D13D2DD7A1102B21F3938E98BA65737985A4ED9 ] Netlogon C:\Windows\system32\lsass.exe
18:04:49.0673 0x0ed4 Netlogon - ok
18:04:49.0751 0x0ed4 [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\Windows\System32\netman.dll
18:04:49.0938 0x0ed4 Netman - ok
18:04:50.0001 0x0ed4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:04:50.0094 0x0ed4 NetMsmqActivator - ok
18:04:50.0126 0x0ed4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:04:50.0219 0x0ed4 NetPipeActivator - ok
18:04:50.0313 0x0ed4 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\Windows\System32\netprofm.dll
18:04:50.0500 0x0ed4 netprofm - ok
18:04:50.0547 0x0ed4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:04:50.0625 0x0ed4 NetTcpActivator - ok
18:04:50.0656 0x0ed4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:04:50.0750 0x0ed4 NetTcpPortSharing - ok
18:04:50.0812 0x0ed4 [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
18:04:50.0874 0x0ed4 nfrd960 - ok
18:04:50.0952 0x0ed4 [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:04:51.0077 0x0ed4 NlaSvc - ok
18:04:51.0108 0x0ed4 [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:04:51.0249 0x0ed4 Npfs - ok
18:04:51.0296 0x0ed4 [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\Windows\system32\nsisvc.dll
18:04:51.0452 0x0ed4 nsi - ok
18:04:51.0498 0x0ed4 [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:04:51.0654 0x0ed4 nsiproxy - ok
18:04:51.0873 0x0ed4 [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:04:52.0091 0x0ed4 Ntfs - ok
18:04:52.0169 0x0ed4 [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\Windows\system32\drivers\Null.sys
18:04:52.0294 0x0ed4 Null - ok
18:04:52.0341 0x0ed4 [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:04:52.0434 0x0ed4 nvraid - ok
18:04:52.0497 0x0ed4 [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:04:52.0575 0x0ed4 nvstor - ok
18:04:52.0637 0x0ed4 [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:04:52.0715 0x0ed4 nv_agp - ok
18:04:52.0840 0x0ed4 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:04:52.0949 0x0ed4 odserv - ok
18:04:53.0012 0x0ed4 [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:04:53.0105 0x0ed4 ohci1394 - ok
18:04:53.0183 0x0ed4 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:04:53.0261 0x0ed4 ose - ok
18:04:53.0339 0x0ed4 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:04:53.0464 0x0ed4 p2pimsvc - ok
18:04:53.0558 0x0ed4 [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\Windows\system32\p2psvc.dll
18:04:53.0698 0x0ed4 p2psvc - ok
18:04:53.0745 0x0ed4 [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\Windows\system32\DRIVERS\parport.sys
18:04:53.0838 0x0ed4 Parport - ok
18:04:53.0901 0x0ed4 [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:04:53.0963 0x0ed4 partmgr - ok
18:04:54.0010 0x0ed4 [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
18:04:54.0072 0x0ed4 Parvdm - ok
18:04:54.0150 0x0ed4 [ 52954BE460EC6C54C0ACB2B3B126FFC6, 9F9878EC5ABC74C5A8EE8E1D940F0934F081895B07D844F42F80A638FE713F7B ] PcaSvc C:\Windows\System32\pcasvc.dll
18:04:54.0244 0x0ed4 PcaSvc - ok
18:04:54.0306 0x0ed4 [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\Windows\system32\drivers\pci.sys
18:04:54.0384 0x0ed4 pci - ok
18:04:54.0431 0x0ed4 [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\Windows\system32\drivers\pciide.sys
18:04:54.0494 0x0ed4 pciide - ok
18:04:54.0556 0x0ed4 [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
18:04:54.0634 0x0ed4 pcmcia - ok
18:04:54.0696 0x0ed4 [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\Windows\system32\drivers\pcw.sys
18:04:54.0774 0x0ed4 pcw - ok
18:04:54.0899 0x0ed4 [ AEBC369F7DC72AB3F5B9BDF34FA0D43F, 2A819154AC6C23E97C583D90B4D0C112188B7AE9D8D9B3F88811BFCED124E551 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:04:55.0055 0x0ed4 PEAUTH - ok
18:04:55.0227 0x0ed4 [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
18:04:55.0430 0x0ed4 PeerDistSvc - ok
18:04:55.0726 0x0ed4 [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\Windows\system32\pla.dll
18:04:56.0101 0x0ed4 pla - ok
18:04:56.0210 0x0ed4 [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:04:56.0319 0x0ed4 PlugPlay - ok
18:04:56.0350 0x0ed4 [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:04:56.0444 0x0ed4 PNRPAutoReg - ok
18:04:56.0506 0x0ed4 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:04:56.0615 0x0ed4 PNRPsvc - ok
18:04:56.0709 0x0ed4 [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:04:56.0912 0x0ed4 PolicyAgent - ok
18:04:56.0990 0x0ed4 [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\Windows\system32\umpo.dll
18:04:57.0146 0x0ed4 Power - ok
18:04:57.0224 0x0ed4 [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:04:57.0380 0x0ed4 PptpMiniport - ok
18:04:57.0770 0x0ed4 [ 801FDB9F5F565B56C917CFEF555F2B91, 24559B1D976460D88AD727CEEBA38A8F5EB037BE0479051F76CA31A92470DA80 ] PrintNotify C:\Windows\system32\spool\DRIVERS\W32X86\3\PrintConfig.dll
18:04:58.0222 0x0ed4 PrintNotify - detected UnsignedFile.Multi.Generic ( 1 )
18:05:00.0859 0x0ed4 Detect skipped due to KSN trusted
18:05:00.0859 0x0ed4 PrintNotify - ok
18:05:00.0921 0x0ed4 [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\Windows\system32\DRIVERS\processr.sys
18:05:00.0999 0x0ed4 Processor - ok
18:05:01.0077 0x0ed4 [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc C:\Windows\system32\profsvc.dll
18:05:01.0171 0x0ed4 ProfSvc - ok
18:05:01.0186 0x0ed4 [ F65F365AC0D1657917EFDB52445C848B, 1BDCEFED2799B5507B28B4D72D13D2DD7A1102B21F3938E98BA65737985A4ED9 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:05:01.0264 0x0ed4 ProtectedStorage - ok
18:05:01.0311 0x0ed4 [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:05:01.0467 0x0ed4 Psched - ok
18:05:01.0685 0x0ed4 [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
18:05:01.0919 0x0ed4 ql2300 - ok
18:05:01.0997 0x0ed4 [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
18:05:02.0075 0x0ed4 ql40xx - ok
18:05:02.0153 0x0ed4 [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\Windows\system32\qwave.dll
18:05:02.0294 0x0ed4 QWAVE - ok
18:05:02.0341 0x0ed4 [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:05:02.0481 0x0ed4 QWAVEdrv - ok
18:05:02.0512 0x0ed4 [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:05:02.0684 0x0ed4 RasAcd - ok
18:05:02.0731 0x0ed4 [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:05:02.0871 0x0ed4 RasAgileVpn - ok
18:05:02.0918 0x0ed4 [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\Windows\System32\rasauto.dll
18:05:03.0074 0x0ed4 RasAuto - ok
18:05:03.0121 0x0ed4 [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:05:03.0261 0x0ed4 Rasl2tp - ok
18:05:03.0401 0x0ed4 [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\Windows\System32\rasmans.dll
18:05:03.0620 0x0ed4 RasMan - ok
18:05:03.0760 0x0ed4 [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:05:03.0916 0x0ed4 RasPppoe - ok
18:05:03.0963 0x0ed4 [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:05:04.0088 0x0ed4 RasSstp - ok
18:05:04.0150 0x0ed4 [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:05:04.0306 0x0ed4 rdbss - ok
18:05:04.0337 0x0ed4 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
18:05:04.0431 0x0ed4 rdpbus - ok
18:05:04.0478 0x0ed4 [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:05:04.0603 0x0ed4 RDPCDD - ok
18:05:04.0681 0x0ed4 [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
18:05:04.0774 0x0ed4 RDPDR - ok
18:05:04.0821 0x0ed4 [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:05:04.0961 0x0ed4 RDPENCDD - ok
18:05:05.0008 0x0ed4 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:05:05.0149 0x0ed4 RDPREFMP - ok
18:05:05.0227 0x0ed4 [ 83EE20D7160484C9172FDF0ACBDC8929, 520C0C685C43B2D39D5B6FA3DE61C2A91A3E0B40E912BABD38AF20972C91A895 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:05:05.0305 0x0ed4 RdpVideoMiniport - ok
18:05:05.0383 0x0ed4 [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:05:05.0492 0x0ed4 RDPWD - ok
18:05:05.0585 0x0ed4 [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:05:05.0695 0x0ed4 rdyboost - ok
18:05:05.0741 0x0ed4 [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:05:05.0882 0x0ed4 RemoteAccess - ok
18:05:05.0929 0x0ed4 [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:05:06.0100 0x0ed4 RemoteRegistry - ok
18:05:06.0147 0x0ed4 [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:05:06.0303 0x0ed4 RpcEptMapper - ok
18:05:06.0334 0x0ed4 [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\Windows\system32\locator.exe
18:05:06.0412 0x0ed4 RpcLocator - ok
18:05:06.0490 0x0ed4 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs C:\Windows\system32\rpcss.dll
18:05:06.0662 0x0ed4 RpcSs - ok
18:05:06.0724 0x0ed4 [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:05:06.0865 0x0ed4 rspndr - ok
18:05:06.0974 0x0ed4 [ 949F74CB383A1D5DA67AEA9CCD4A8B87, F3FE508A5EE5AE86351ECB8971651EF1B75CAC4B7CF68EEBE2846285DCAA2099 ] RTL8187B C:\Windows\system32\DRIVERS\RTL8187B.sys
18:05:07.0099 0x0ed4 RTL8187B - ok
18:05:07.0177 0x0ed4 [ 59509AD6CBC28F2C73056268985B3E48, 116B2F7C3AA3AF2E1E9380780D24A33B9DD169C2D5DDD4EE182A3BDFBA081436 ] s0016bus C:\Windows\system32\DRIVERS\s0016bus.sys
18:05:07.0239 0x0ed4 s0016bus - ok
18:05:07.0270 0x0ed4 [ B98C3A6F91F4FBA285AF9606A240C6B4, 21AF9324116BB87A8B26F218AC7707882D10D6ADD7E1D01A9C1E9B0BFCAEE708 ] s0016mdfl C:\Windows\system32\DRIVERS\s0016mdfl.sys
18:05:07.0317 0x0ed4 s0016mdfl - ok
18:05:07.0364 0x0ed4 [ 8A83426F4FB7B5212825D9DE76368B1A, 990A3CF48CA6CAE7DE10CBE06A75085E0186DD4735B3F64FE151B1727DC118A2 ] s0016mdm C:\Windows\system32\DRIVERS\s0016mdm.sys
18:05:07.0426 0x0ed4 s0016mdm - ok
18:05:07.0473 0x0ed4 [ 7A78BBA97FEB5E6D24C49E93A3BF7287, 99A447242968050940647A52C2191CAB57B7D293636FFA38300E89D872C60876 ] s0016mgmt C:\Windows\system32\DRIVERS\s0016mgmt.sys
18:05:07.0520 0x0ed4 s0016mgmt - ok
18:05:07.0567 0x0ed4 [ 34EF7B5F611957B73E7219DD5A222AD1, FA9EA663184FF9E2F7386789B613E29A5464566055E6D0EF22A743928155A6D3 ] s0016nd5 C:\Windows\system32\DRIVERS\s0016nd5.sys
18:05:07.0613 0x0ed4 s0016nd5 - ok
18:05:07.0660 0x0ed4 [ 36792935847143E4A3CDA0DC87248487, F23B477925078ADB2BC1CD8CFE690623BD8ABD7B9F88C62DD56766D1BDD90783 ] s0016obex C:\Windows\system32\DRIVERS\s0016obex.sys
18:05:07.0723 0x0ed4 s0016obex - ok
18:05:07.0754 0x0ed4 [ 927208754FB27FC3E7A659E77500C5D1, DD5FBC7151D9C2785BBC54D033771FD06C822CA2254C3C8A5D2FEDF6EA8B3DC6 ] s0016unic C:\Windows\system32\DRIVERS\s0016unic.sys
18:05:07.0816 0x0ed4 s0016unic - ok
18:05:07.0863 0x0ed4 [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap C:\Windows\system32\drivers\vms3cap.sys
18:05:07.0957 0x0ed4 s3cap - ok
18:05:07.0988 0x0ed4 [ F65F365AC0D1657917EFDB52445C848B, 1BDCEFED2799B5507B28B4D72D13D2DD7A1102B21F3938E98BA65737985A4ED9 ] SamSs C:\Windows\system32\lsass.exe
18:05:08.0066 0x0ed4 SamSs - ok
18:05:08.0097 0x0ed4 [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:05:08.0175 0x0ed4 sbp2port - ok
18:05:08.0222 0x0ed4 [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:05:08.0378 0x0ed4 SCardSvr - ok
18:05:08.0440 0x0ed4 [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:05:08.0581 0x0ed4 scfilter - ok
18:05:08.0737 0x0ed4 [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule C:\Windows\system32\schedsvc.dll
18:05:09.0064 0x0ed4 Schedule - ok
18:05:09.0127 0x0ed4 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\Windows\System32\certprop.dll
18:05:09.0267 0x0ed4 SCPolicySvc - ok
18:05:09.0314 0x0ed4 [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:05:09.0392 0x0ed4 SDRSVC - ok
18:05:09.0439 0x0ed4 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:05:09.0595 0x0ed4 secdrv - ok
18:05:09.0641 0x0ed4 [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\Windows\system32\seclogon.dll
18:05:09.0797 0x0ed4 seclogon - ok
18:05:09.0844 0x0ed4 [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\Windows\System32\sens.dll
18:05:09.0985 0x0ed4 SENS - ok
18:05:10.0031 0x0ed4 [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:05:10.0109 0x0ed4 SensrSvc - ok
18:05:10.0141 0x0ed4 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
18:05:10.0234 0x0ed4 Serenum - ok
18:05:10.0281 0x0ed4 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\Windows\system32\DRIVERS\serial.sys
18:05:10.0359 0x0ed4 Serial - ok
18:05:10.0421 0x0ed4 [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
18:05:10.0484 0x0ed4 sermouse - ok
18:05:10.0593 0x0ed4 [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\Windows\system32\sessenv.dll
18:05:10.0749 0x0ed4 SessionEnv - ok
18:05:10.0796 0x0ed4 [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:05:10.0889 0x0ed4 sffdisk - ok
18:05:10.0921 0x0ed4 [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:05:10.0999 0x0ed4 sffp_mmc - ok
18:05:11.0030 0x0ed4 [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:05:11.0108 0x0ed4 sffp_sd - ok
18:05:11.0155 0x0ed4 [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
18:05:11.0233 0x0ed4 sfloppy - ok
18:05:11.0311 0x0ed4 [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:05:11.0482 0x0ed4 SharedAccess - ok
18:05:11.0560 0x0ed4 [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:05:11.0732 0x0ed4 ShellHWDetection - ok
18:05:11.0794 0x0ed4 [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\Windows\system32\drivers\sisagp.sys
18:05:11.0857 0x0ed4 sisagp - ok
18:05:11.0903 0x0ed4 [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:05:11.0981 0x0ed4 SiSRaid2 - ok
18:05:12.0013 0x0ed4 [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
18:05:12.0091 0x0ed4 SiSRaid4 - ok
18:05:12.0137 0x0ed4 [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:05:12.0293 0x0ed4 Smb - ok
18:05:12.0371 0x0ed4 [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:05:12.0434 0x0ed4 SNMPTRAP - ok
18:05:12.0496 0x0ed4 [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\Windows\system32\drivers\spldr.sys
18:05:12.0559 0x0ed4 spldr - ok
18:05:12.0637 0x0ed4 [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler C:\Windows\System32\spoolsv.exe
18:05:12.0761 0x0ed4 Spooler - ok
18:05:13.0183 0x0ed4 [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc C:\Windows\system32\sppsvc.exe
18:05:13.0791 0x0ed4 sppsvc - ok
18:05:13.0885 0x0ed4 [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:05:14.0041 0x0ed4 sppuinotify - ok
18:05:14.0134 0x0ed4 [ FEB11DBAA5E152D98BD897C97A6DDCD0, 7ABCCDDE6B9A58CECA480AA57468E7A1F537893A2CB7C20E1A366EC8EEC7FA59 ] sptd C:\Windows\System32\Drivers\sptd.sys
18:05:14.0228 0x0ed4 sptd - ok
18:05:14.0321 0x0ed4 [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv C:\Windows\system32\DRIVERS\srv.sys
18:05:14.0446 0x0ed4 srv - ok
18:05:14.0524 0x0ed4 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:05:14.0633 0x0ed4 srv2 - ok
18:05:14.0680 0x0ed4 [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:05:14.0774 0x0ed4 srvnet - ok
18:05:14.0836 0x0ed4 [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:05:15.0008 0x0ed4 SSDPSRV - ok
18:05:15.0070 0x0ed4 [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:05:15.0226 0x0ed4 SstpSvc - ok
18:05:15.0273 0x0ed4 [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
18:05:15.0335 0x0ed4 stexstor - ok
18:05:15.0429 0x0ed4 [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc C:\Windows\System32\wiaservc.dll
18:05:15.0585 0x0ed4 StiSvc - ok
18:05:15.0663 0x0ed4 [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt C:\Windows\system32\drivers\vmstorfl.sys
18:05:15.0741 0x0ed4 storflt - ok
18:05:15.0788 0x0ed4 [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc C:\Windows\system32\drivers\storvsc.sys
18:05:15.0850 0x0ed4 storvsc - ok
18:05:15.0866 0x0ed4 [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\Windows\system32\drivers\swenum.sys
18:05:15.0928 0x0ed4 swenum - ok
18:05:16.0006 0x0ed4 [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\Windows\System32\swprv.dll
18:05:16.0178 0x0ed4 swprv - ok
18:05:16.0209 0x0ed4 Synth3dVsc - ok
18:05:16.0303 0x0ed4 [ 70534D1E4F9AC990536D5FB5B550B3DE, BD7F52FAD8FDF7F5FE37B6E6101D1386816F371894DD46D799FF4107F98134A1 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
18:05:16.0381 0x0ed4 SynTP - ok
18:05:16.0552 0x0ed4 [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain C:\Windows\system32\sysmain.dll
18:05:16.0786 0x0ed4 SysMain - ok
18:05:16.0864 0x0ed4 [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
18:05:16.0973 0x0ed4 TabletInputService - ok
18:05:17.0051 0x0ed4 [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv C:\Windows\System32\tapisrv.dll
18:05:17.0207 0x0ed4 TapiSrv - ok
18:05:17.0254 0x0ed4 [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\Windows\System32\tbssvc.dll
18:05:17.0395 0x0ed4 TBS - ok
18:05:17.0597 0x0ed4 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:05:17.0831 0x0ed4 Tcpip - ok
18:05:18.0065 0x0ed4 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:05:18.0284 0x0ed4 TCPIP6 - ok
18:05:18.0377 0x0ed4 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:05:18.0487 0x0ed4 tcpipreg - ok
18:05:18.0533 0x0ed4 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:05:18.0627 0x0ed4 TDPIPE - ok
18:05:18.0674 0x0ed4 [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:05:18.0752 0x0ed4 TDTCP - ok
18:05:18.0799 0x0ed4 [ 7FE680A3DFA421C4A8E4879AE4C5AAB0, A4C64E155AB2843823CD3586756BA7681CFDEA50812095468221503BBAD30DCD ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:05:18.0892 0x0ed4 tdx - ok
18:05:18.0939 0x0ed4 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD C:\Windows\system32\drivers\termdd.sys
18:05:19.0001 0x0ed4 TermDD - ok
18:05:19.0111 0x0ed4 [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService C:\Windows\System32\termsrv.dll
18:05:19.0267 0x0ed4 TermService - ok
18:05:19.0313 0x0ed4 [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\Windows\system32\themeservice.dll
18:05:19.0407 0x0ed4 Themes - ok
18:05:19.0438 0x0ed4 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\Windows\system32\mmcss.dll
18:05:19.0579 0x0ed4 THREADORDER - ok
18:05:19.0625 0x0ed4 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\Windows\System32\trkwks.dll
18:05:19.0797 0x0ed4 TrkWks - ok
18:05:19.0891 0x0ed4 [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:05:20.0031 0x0ed4 TrustedInstaller - ok
18:05:20.0109 0x0ed4 [ D61B3FC65E4DD1FD78229800406831A5, 00D7BBF1185480307F53F5BB3129221792C3DC6FD5C07F975384F180EC73FF90 ] TsLwWfF C:\Windows\system32\DRIVERS\TsLwWfF.sys
18:05:20.0171 0x0ed4 TsLwWfF - ok
18:05:20.0218 0x0ed4 [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:05:20.0296 0x0ed4 tssecsrv - ok
18:05:20.0343 0x0ed4 [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:05:20.0421 0x0ed4 TsUsbFlt - ok
18:05:20.0437 0x0ed4 tsusbhub - ok
18:05:20.0515 0x0ed4 [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:05:20.0655 0x0ed4 tunnel - ok
18:05:20.0733 0x0ed4 [ 792A8B80F8188ABA4B2BE271583F3E46, BFE96D13926F3CB7D807CEBB5E190736B742EB5C93F7FED08AA5D145F4B6A874 ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS
18:05:20.0795 0x0ed4 TVALZ - ok
18:05:20.0858 0x0ed4 [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
18:05:20.0920 0x0ed4 uagp35 - ok
18:05:20.0998 0x0ed4 [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:05:21.0139 0x0ed4 udfs - ok
18:05:21.0217 0x0ed4 [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:05:21.0295 0x0ed4 UI0Detect - ok
18:05:21.0357 0x0ed4 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:05:21.0419 0x0ed4 uliagpkx - ok
18:05:21.0482 0x0ed4 [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:05:21.0575 0x0ed4 umbus - ok
18:05:21.0638 0x0ed4 [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
18:05:21.0716 0x0ed4 UmPass - ok
18:05:21.0809 0x0ed4 [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService C:\Windows\System32\umrdp.dll
18:05:21.0903 0x0ed4 UmRdpService - ok
18:05:21.0981 0x0ed4 [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\Windows\System32\upnphost.dll
18:05:22.0168 0x0ed4 upnphost - ok
18:05:22.0231 0x0ed4 [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:05:22.0309 0x0ed4 usbccgp - ok
18:05:22.0355 0x0ed4 [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:05:22.0433 0x0ed4 usbcir - ok
18:05:22.0496 0x0ed4 [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:05:22.0589 0x0ed4 usbehci - ok
18:05:22.0667 0x0ed4 [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:05:22.0792 0x0ed4 usbhub - ok
18:05:22.0839 0x0ed4 [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:05:22.0917 0x0ed4 usbohci - ok
18:05:22.0995 0x0ed4 [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:05:23.0073 0x0ed4 usbprint - ok
18:05:23.0151 0x0ed4 [ FC6B21DB4B5B398AB93DBE59CBF11036, A94094C208F376405C07822A6143001EF1B12AE93205CD8002E87F6EB45F6374 ] usbscan C:\Windows\system32\drivers\usbscan.sys
18:05:23.0213 0x0ed4 usbscan - ok
18:05:23.0260 0x0ed4 [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:05:23.0338 0x0ed4 USBSTOR - ok
18:05:23.0401 0x0ed4 [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
18:05:23.0479 0x0ed4 usbuhci - ok
18:05:23.0541 0x0ed4 [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\Windows\System32\uxsms.dll
18:05:23.0697 0x0ed4 UxSms - ok
18:05:23.0744 0x0ed4 [ F65F365AC0D1657917EFDB52445C848B, 1BDCEFED2799B5507B28B4D72D13D2DD7A1102B21F3938E98BA65737985A4ED9 ] VaultSvc C:\Windows\system32\lsass.exe
18:05:23.0806 0x0ed4 VaultSvc - ok
18:05:23.0853 0x0ed4 [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:05:23.0915 0x0ed4 vdrvroot - ok
18:05:24.0025 0x0ed4 [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds C:\Windows\System32\vds.exe
18:05:24.0212 0x0ed4 vds - ok
18:05:24.0259 0x0ed4 [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:05:24.0368 0x0ed4 vga - ok
18:05:24.0399 0x0ed4 [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\Windows\System32\drivers\vga.sys
18:05:24.0539 0x0ed4 VgaSave - ok
18:05:24.0571 0x0ed4 VGPU - ok
18:05:24.0649 0x0ed4 [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:05:24.0727 0x0ed4 vhdmp - ok
18:05:24.0773 0x0ed4 [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\Windows\system32\drivers\viaagp.sys
18:05:24.0836 0x0ed4 viaagp - ok
18:05:24.0883 0x0ed4 [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
18:05:24.0961 0x0ed4 ViaC7 - ok
18:05:25.0007 0x0ed4 [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\Windows\system32\drivers\viaide.sys
18:05:25.0070 0x0ed4 viaide - ok
18:05:25.0132 0x0ed4 [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus C:\Windows\system32\drivers\vmbus.sys
18:05:25.0210 0x0ed4 vmbus - ok
18:05:25.0241 0x0ed4 [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
18:05:25.0304 0x0ed4 VMBusHID - ok
18:05:25.0351 0x0ed4 [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:05:25.0413 0x0ed4 volmgr - ok
18:05:25.0491 0x0ed4 [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:05:25.0585 0x0ed4 volmgrx - ok
18:05:25.0647 0x0ed4 [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:05:25.0741 0x0ed4 volsnap - ok
18:05:25.0803 0x0ed4 [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
18:05:25.0881 0x0ed4 vsmraid - ok
18:05:26.0068 0x0ed4 [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS C:\Windows\system32\vssvc.exe
18:05:26.0333 0x0ed4 VSS - ok
18:05:26.0380 0x0ed4 [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
18:05:26.0458 0x0ed4 vwifibus - ok
18:05:26.0521 0x0ed4 [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
18:05:26.0599 0x0ed4 vwififlt - ok
18:05:26.0630 0x0ed4 [ A3F04CBEA6C2A10E6CB01F8B47611882, 32AFE18B07FECA30BC95831A5DC94C784E543784DF16165334A777DC84E91EF3 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
18:05:26.0708 0x0ed4 vwifimp - ok
18:05:26.0786 0x0ed4 [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\Windows\system32\w32time.dll
18:05:26.0973 0x0ed4 W32Time - ok
18:05:27.0035 0x0ed4 [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
18:05:27.0098 0x0ed4 WacomPen - ok
18:05:27.0129 0x0ed4 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:05:27.0285 0x0ed4 WANARP - ok
18:05:27.0316 0x0ed4 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:05:27.0441 0x0ed4 Wanarpv6 - ok
18:05:27.0691 0x0ed4 [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
18:05:27.0925 0x0ed4 WatAdminSvc - ok
18:05:28.0143 0x0ed4 [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine C:\Windows\system32\wbengine.exe
18:05:28.0393 0x0ed4 wbengine - ok
18:05:28.0486 0x0ed4 [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:05:28.0595 0x0ed4 WbioSrvc - ok
18:05:28.0689 0x0ed4 [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:05:28.0829 0x0ed4 wcncsvc - ok
18:05:28.0876 0x0ed4 [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:05:28.0970 0x0ed4 WcsPlugInService - ok
18:05:29.0001 0x0ed4 [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\Windows\system32\DRIVERS\wd.sys
18:05:29.0063 0x0ed4 Wd - ok
18:05:29.0173 0x0ed4 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:05:29.0313 0x0ed4 Wdf01000 - ok
18:05:29.0453 0x0ed4 [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:05:29.0531 0x0ed4 WdiServiceHost - ok
18:05:29.0563 0x0ed4 [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:05:29.0641 0x0ed4 WdiSystemHost - ok
18:05:29.0719 0x0ed4 [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient C:\Windows\System32\webclnt.dll
18:05:29.0828 0x0ed4 WebClient - ok
18:05:29.0890 0x0ed4 [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:05:30.0062 0x0ed4 Wecsvc - ok
18:05:30.0109 0x0ed4 [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:05:30.0265 0x0ed4 wercplsupport - ok
18:05:30.0327 0x0ed4 [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\Windows\System32\WerSvc.dll
18:05:30.0467 0x0ed4 WerSvc - ok
18:05:30.0514 0x0ed4 [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:05:30.0670 0x0ed4 WfpLwf - ok
18:05:30.0701 0x0ed4 [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:05:30.0764 0x0ed4 WIMMount - ok
18:05:30.0920 0x0ed4 [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
18:05:31.0060 0x0ed4 WinDefend - ok
18:05:31.0107 0x0ed4 WinHttpAutoProxySvc - ok
18:05:31.0216 0x0ed4 [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:05:31.0357 0x0ed4 Winmgmt - ok
18:05:31.0544 0x0ed4 [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM C:\Windows\system32\WsmSvc.dll
18:05:31.0871 0x0ed4 WinRM - ok
18:05:32.0059 0x0ed4 [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\Windows\System32\wlansvc.dll
18:05:32.0246 0x0ed4 Wlansvc - ok
18:05:32.0339 0x0ed4 [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:05:32.0402 0x0ed4 WmiAcpi - ok
18:05:32.0464 0x0ed4 [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:05:32.0558 0x0ed4 wmiApSrv - ok
18:05:32.0745 0x0ed4 [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
18:05:33.0010 0x0ed4 WMPNetworkSvc - ok
18:05:33.0073 0x0ed4 [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:05:33.0151 0x0ed4 WPCSvc - ok
18:05:33.0213 0x0ed4 [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:05:33.0291 0x0ed4 WPDBusEnum - ok
18:05:33.0338 0x0ed4 [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:05:33.0478 0x0ed4 ws2ifsl - ok
18:05:33.0525 0x0ed4 [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\Windows\System32\wscsvc.dll
18:05:33.0634 0x0ed4 wscsvc - ok
18:05:33.0665 0x0ed4 WSearch - ok
18:05:33.0962 0x0ed4 [ D9B0134913E5EF007AF82A418C503322, 7418DD28C8E968674382F8352AAFFC4DE77887E2B71B8844D615F19432B4C55A ] wuauserv C:\Windows\system32\wuaueng.dll
18:05:34.0289 0x0ed4 wuauserv - ok
18:05:34.0383 0x0ed4 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:05:34.0461 0x0ed4 WudfPf - ok
18:05:34.0523 0x0ed4 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:05:34.0601 0x0ed4 WUDFRd - ok
18:05:34.0679 0x0ed4 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:05:34.0773 0x0ed4 wudfsvc - ok
18:05:34.0851 0x0ed4 [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc C:\Windows\System32\wwansvc.dll
18:05:34.0945 0x0ed4 WwanSvc - ok
18:05:35.0023 0x0ed4 [ B07C5B7EFDF936FF93D4F540938725BE, A9D559B0A99937CC4E7F065566054DAFCCD0C6C3AA98B47ADF7CB2ABD30B0182 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x86.sys
18:05:35.0132 0x0ed4 yukonw7 - ok
18:05:35.0241 0x0ed4 [ 74EC37B9EAF9FCA015B933A526825C7A, E75D73422B4383210F912B424377D5F2DBBF0E9418A2F450636B689572B1B9F6 ] {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl
18:05:35.0319 0x0ed4 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} - ok
18:05:35.0366 0x0ed4 ================ Scan global ===============================
18:05:35.0428 0x0ed4 [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
18:05:35.0506 0x0ed4 [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
18:05:35.0553 0x0ed4 [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
18:05:35.0615 0x0ed4 [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
18:05:35.0693 0x0ed4 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
18:05:35.0725 0x0ed4 [ Global ] - ok
18:05:35.0725 0x0ed4 ================ Scan MBR ==================================
18:05:35.0756 0x0ed4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:05:37.0612 0x0ed4 \Device\Harddisk0\DR0 - ok
18:05:37.0612 0x0ed4 ================ Scan VBR ==================================
18:05:37.0628 0x0ed4 [ 38F955A20833809BCFF20DB7BC3FE2DE ] \Device\Harddisk0\DR0\Partition1
18:05:37.0643 0x0ed4 \Device\Harddisk0\DR0\Partition1 - ok
18:05:37.0659 0x0ed4 [ 7321C70A1AC730C8FCA1D285DDB01650 ] \Device\Harddisk0\DR0\Partition2
18:05:37.0659 0x0ed4 \Device\Harddisk0\DR0\Partition2 - ok
18:05:37.0690 0x0ed4 [ 5F2F24120FE4E8208FE5650B5C0FF36F ] \Device\Harddisk0\DR0\Partition3
18:05:37.0721 0x0ed4 \Device\Harddisk0\DR0\Partition3 - ok
18:05:37.0721 0x0ed4 ================ Scan generic autorun ======================
18:05:37.0768 0x0ed4 [ 68239842340DDFF8993DFD9127553EDA, 9FEC34A35D5A91FEF1C4859AFD0C2538C5CD3E1792FB118487368CFDF66CBCA0 ] C:\Windows\system32\igfxtray.exe
18:05:37.0846 0x0ed4 IgfxTray - ok
18:05:37.0893 0x0ed4 [ 004763BDF8E48244DBB9FDFDE3065EBC, AA88911C51D73C501C67F62A907425EF91D1820D3ED581F0952619EBB6216F14 ] C:\Windows\system32\hkcmd.exe
18:05:37.0955 0x0ed4 HotKeysCmds - ok
18:05:37.0987 0x0ed4 [ CD1102E5D340216138C7F56FA8D26998, 805BE128B6A52E304A91AD44B6A7322BAD5F72CD400DB5E74D8EF47424894266 ] C:\Windows\system32\igfxpers.exe
18:05:38.0049 0x0ed4 Persistence - ok
18:05:38.0267 0x0ed4 [ 6E240D6C2F0DB74BED13AD723D3AB0A1, 99811F1EF27E0B6DDCF79DD07F49931FD55788407AB48C019C1E1B7592919614 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
18:05:38.0470 0x0ed4 SynTPEnh - ok
18:05:39.0235 0x0ed4 [ D2124327CB66F3727D26343122DBC4F5, BEE49D88C8FE602E78613B62BD2F3759596FED0C0F39633CD955A55474F1F479 ] C:\Program Files\ESET\ESET Smart Security\egui.exe
18:05:39.0890 0x0ed4 egui - ok
18:05:40.0015 0x0ed4 [ ED70821F65B120FDBD76FCFF746FE219, D038CC5198099B2FE02F2789E6817E96E210E27CF6C0E8FF39E6746B31653DDE ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
18:05:40.0108 0x0ed4 SunJavaUpdateSched - ok
18:05:40.0327 0x0ed4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
18:05:40.0545 0x0ed4 Sidebar - ok
18:05:40.0607 0x0ed4 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
18:05:40.0717 0x0ed4 mctadmin - ok
18:05:40.0888 0x0ed4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
18:05:41.0169 0x0ed4 Sidebar - ok
18:05:41.0231 0x0ed4 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
18:05:41.0356 0x0ed4 mctadmin - ok
18:05:41.0450 0x0ed4 [ A8D6F4F2AF68837CA77C51C0F0BACB34, 1CEB737F885C9E2A8353335AAACEE8F933637B297B5D14B8B5F52046630388FB ] C:\Program Files\BatteryBar\ShowBatteryBar.exe
18:05:41.0497 0x0ed4 ShowBatteryBar - detected UnsignedFile.Multi.Generic ( 1 )
18:05:44.0523 0x0ed4 Detect skipped due to KSN trusted
18:05:44.0523 0x0ed4 ShowBatteryBar - ok
18:05:44.0585 0x0ed4 GoogleDriveSync - ok
18:05:44.0601 0x0ed4 Waiting for KSN requests completion. In queue: 181
18:05:45.0615 0x0ed4 Waiting for KSN requests completion. In queue: 181
18:05:46.0629 0x0ed4 Waiting for KSN requests completion. In queue: 181
18:05:47.0768 0x0ed4 AV detected via SS2: ESET Smart Security 8.0, C:\Program Files\ESET\ESET Smart Security\ecmd.exe ( 8.0.304.0 ), 0x41000 ( enabled : updated )
18:05:47.0768 0x0ed4 FW detected via SS2: ESET Personální firewall, C:\Program Files\ESET\ESET Smart Security\ecmd.exe ( 8.0.304.0 ), 0x41010 ( enabled )
18:05:50.0404 0x0ed4 ============================================================
18:05:50.0404 0x0ed4 Scan finished
18:05:50.0404 0x0ed4 ============================================================
18:05:50.0467 0x0934 Detected object count: 1
18:05:50.0467 0x0934 Actual detected object count: 1
18:06:26.0347 0x0934 KoopPdfService ( UnsignedFile.Multi.Generic ) - skipped by user
18:06:26.0347 0x0934 KoopPdfService ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:06:31.0807 0x0c10 Deinitialize success

Re: potvury v ntb

Napsal: 25 bře 2015 00:12
od altrok
:arrow: Postup kolegy Naughtyho:
Po stazeni http://www.xuetr.com/download/PCHunter_free.zip
(rezervni odkaz http://www.epoolsoft.com/pchunter/PCHunter_free.zip ),
rozbaleni, spusteni spravne verze dle operacniho systemu 32b vs 64b, prejdi do zalozky Examination, v ni zaskrkej vsechny volby, dej generovat, po skonceni generovani klik na exportovat - textak do raru a vloz do prispevku (neb bude dlouhy a nevesel by se).

Re: potvury v ntb

Napsal: 25 bře 2015 13:00
od olhor
Dobry den,
log hodim az program dojede, jinak koop je proces nejakeho programu kooperativy pro pojistovny, ale nasel jsem hodne slozek v korenu c:\, ktere tam urcite byt nemusi. Podle me tam jsou take zbytky po preinstalaci a odinstalaci autocad, archicad....Nicmene si nejsem jistej co presne vsechno muzu smazout.
Jinak google prohlizec a disk odinstaluju, pry ho Maruska vubec nepouziva, to by to mohlo taky zrychlit. Plocha ma neco pres 500MB, tak to jeste procistim.

tohle jsem rovnou smazal:
C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\ptwugzj4.default\extensions\staged
C:\Users\Jarda\AppData\Local\{9E0A09B4-23DA-4756-B2B0-12EF6913C525}
cache jsem smazal C:\Users\Jarda\AppData\Roaming\Mozilla\Firefox\Profiles\ptwugzj4.default
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz