Prosím o kontrolu - ukončování aplikací

mr.dodo · Příspěvekod **mr.dodo** » 06 dub 2014 08:07

Zdravím,
prosím o kontrolu logu z HJT, ukončují se mi neočekávaně některé aplikace (nyní historická hra Stronghold

)
Pravidelně provádím "údržbu" pomocí CCleaneru a teď jsem použil i RegCure Pro, ale je to stále stejné.

Děkuji za pomoc.

log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:55:57, on 6.4.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Dassault Systemes\B20\intel_a\code\bin\CATSysDemon.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Documents and Settings\Jiras\Local Settings\Data aplikací\Akamai\netsession_win.exe
C:\Documents and Settings\Jiras\Local Settings\Data aplikací\Akamai\netsession_win.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1:9421;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Documents and Settings\Jiras\Local Settings\Data aplikací\Akamai\netsession_win.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Backbone Service (BBDemon) - Dassault Systemes - C:\Program Files\Dassault Systemes\B20\intel_a\code\bin\CATSysDemon.exe
O23 - Service: Desura Install Service - Desura Pty Ltd - C:\Program Files\Common Files\Desura\desura_service.exe
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

--
End of file - 6099 bytes

Reklama

Příspěvekod **memphisto** » 06 dub 2014 09:54

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

mr.dodo · Příspěvekod **mr.dodo** » 06 dub 2014 10:42

Malwarebytes Anti-Malware mi nejde správně naistalovat, při instalaci dvakrát vyhodí hlášku:
Interní chyba: Expression error 'Runtime Error (at 57:177): External exception E06D7363.'

přesto si instalace dokončí, při pokusu o spuštění vyhodí hlášku:
An unhandled win32 exception occured in mbam.exe [3192] ...

co s tím? :-(

mr.dodo · Příspěvekod **mr.dodo** » 06 dub 2014 10:44

Log z AdwCleaneru:
# AdwCleaner v3.023 - Report created 06/04/2014 at 10:43:15
# Updated 01/04/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Jiras - JD
# Running from : C:\Documents and Settings\Jiras\Plocha\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

File Found : C:\WINDOWS\Tasks\paretologic registration3.job
File Found : C:\WINDOWS\Tasks\YourFile Update.job
Folder Found : C:\Documents and Settings\Jiras\Data aplikací\Mozilla\Firefox\Profiles\gv1jxhyv.default\Extensions\DTToolbar@toolbarnet.com
Folder Found C:\Documents and Settings\All Users\Data aplikací\ParetoLogic
Folder Found C:\Documents and Settings\Jiras\Data aplikací\DriverCure
Folder Found C:\Documents and Settings\Jiras\Data aplikací\ParetoLogic
Folder Found C:\Documents and Settings\Jiras\Data aplikací\yourfiledownloader
Folder Found C:\Documents and Settings\Jiras\Nabídka Start\Programy\ParetoLogic
Folder Found C:\Program Files\Common Files\ParetoLogic
Folder Found C:\Program Files\DAEMON Tools Toolbar
Folder Found C:\Program Files\ParetoLogic
Folder Found C:\Program Files\yourfiledownloader

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\dt soft\daemon tools toolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : HKCU\Software\ParetoLogic
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Found : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
Key Found : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{3E288F79-03E4-4983-A48E-0D879B51FF19}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\dt soft\daemon tools toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar
Key Found : HKLM\Software\ParetoLogic
Key Found : HKLM\Software\YourFileDownloader
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\YourFileDownloader\Downloader.exe]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\YourFileDownloader\YourFile.exe]

***** [ Browsers ] *****

-\\ Internet Explorer v6.0.2900.5512

-\\ Mozilla Firefox v28.0 (cs)

[ File : C:\Documents and Settings\Jiras\Data aplikací\Mozilla\Firefox\Profiles\gv1jxhyv.default\prefs.js ]

-\\ Google Chrome v

[ File : C:\Documents and Settings\Jiras\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [3219 octets] - [06/04/2014 10:43:15]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [3279 octets] ##########

Příspěvekod **Orcus** » 06 dub 2014 19:14

Zkus nainstalovat MBAM v nouzovém režimu.

====================================================

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Smazat“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

====================================================

Stáhni si Junkware Removal Tool

na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

====================================================

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

mr.dodo · Příspěvekod **mr.dodo** » 06 dub 2014 20:29

MBAM se v nouzovém režimu (instalace i pokus o spuštění) chová naprosto stejně blbě jako v normálním.

Ostatní logy:

# AdwCleaner v3.023 - Report created 06/04/2014 at 20:10:06
# Updated 01/04/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Jiras - JD
# Running from : C:\Documents and Settings\Jiras\Plocha\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\ParetoLogic
Folder Deleted : C:\Program Files\DAEMON Tools Toolbar
Folder Deleted : C:\Program Files\ParetoLogic
Folder Deleted : C:\Program Files\yourfiledownloader
Folder Deleted : C:\Program Files\Common Files\ParetoLogic
Folder Deleted : C:\Documents and Settings\Jiras\Data aplikací\DriverCure
Folder Deleted : C:\Documents and Settings\Jiras\Data aplikací\ParetoLogic
Folder Deleted : C:\Documents and Settings\Jiras\Data aplikací\yourfiledownloader
Folder Deleted : C:\Documents and Settings\Jiras\Nabídka Start\Programy\ParetoLogic
Folder Deleted : C:\Documents and Settings\Jiras\Data aplikací\Mozilla\Firefox\Profiles\gv1jxhyv.default\Extensions\DTToolbar@toolbarnet.com
File Deleted : C:\WINDOWS\Tasks\paretologic registration3.job
File Deleted : C:\WINDOWS\Tasks\YourFile Update.job

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
Key Deleted : HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3E288F79-03E4-4983-A48E-0D879B51FF19}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\YourFileDownloader\Downloader.exe]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\YourFileDownloader\YourFile.exe]
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\dt soft\daemon tools toolbar
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\dt soft\daemon tools toolbar
Key Deleted : HKLM\Software\ParetoLogic
Key Deleted : HKLM\Software\YourFileDownloader
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - 127.0.0.1:9421;<local>

***** [ Browsers ] *****

-\\ Internet Explorer v6.0.2900.5512

-\\ Mozilla Firefox v28.0 (cs)

[ File : C:\Documents and Settings\Jiras\Data aplikací\Mozilla\Firefox\Profiles\gv1jxhyv.default\prefs.js ]

[ File : C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\grl5m3a4.default\prefs.js ]

-\\ Google Chrome v

[ File : C:\Documents and Settings\Jiras\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [3359 octets] - [06/04/2014 10:43:15]
AdwCleaner[R1].txt - [3600 octets] - [06/04/2014 20:09:12]
AdwCleaner[S0].txt - [3727 octets] - [06/04/2014 20:10:06]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3787 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Microsoft Windows XP x86
Ran by Jiras on ne 06.04.2014 at 20:15:47,04
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

~~~ FireFox

Emptied folder: C:\Documents and Settings\Jiras\Data aplikacˇ\mozilla\firefox\profiles\gv1jxhyv.default\minidumps [19 files]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ne 06.04.2014 at 20:21:21,78
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Jiras [Práva správce]
Mód : Kontrola -- Datum : 04/06/2014 20:25:07
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 3 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] EAT @firefox.exe (FREEBL_GetVector) : nssckbi.dll -> HOOKED (C:\Program Files\Mozilla Firefox\freebl3.dll @ 0x0B651000)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST3320620AS +++++
--- User ---
[MBR] 2850dc3979ac3fed4f330b3f72ca48ef
[BSP] 256bbe07dbebffb4cb7acd2e0297929f : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 58961 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 217182735 | Size: 199188 MB
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_04062014_202507.txt >>

Příspěvekod **jaro3** » 07 dub 2014 10:24

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků

mr.dodo · Příspěvekod **mr.dodo** » 07 dub 2014 16:09

RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Jiras [Práva správce]
Mód : Odebrat -- Datum : 04/07/2014 16:06:52
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST3320620AS +++++
--- User ---
[MBR] 2850dc3979ac3fed4f330b3f72ca48ef
[BSP] 256bbe07dbebffb4cb7acd2e0297929f : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 58961 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 217182735 | Size: 199188 MB
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_04072014_160652.txt >>
RKreport[0]_D_04072014_155946.txt;RKreport[0]_S_04062014_202507.txt;RKreport[0]_S_04072014_155926.txt
RKreport[0]_S_04072014_160649.txt

mr.dodo · Příspěvekod **mr.dodo** » 07 dub 2014 16:09

16:07:15.0734 0x0b2c TDSS rootkit removing tool 3.0.0.30 Apr 7 2014 15:39:12
16:07:18.0593 0x0b2c ============================================================
16:07:18.0593 0x0b2c Current date / time: 2014/04/07 16:07:18.0593
16:07:18.0593 0x0b2c SystemInfo:
16:07:18.0593 0x0b2c
16:07:18.0593 0x0b2c OS Version: 5.1.2600 ServicePack: 3.0
16:07:18.0593 0x0b2c Product type: Workstation
16:07:18.0593 0x0b2c ComputerName: JD
16:07:18.0593 0x0b2c UserName: Jiras
16:07:18.0593 0x0b2c Windows directory: C:\WINDOWS
16:07:18.0593 0x0b2c System windows directory: C:\WINDOWS
16:07:18.0593 0x0b2c Processor architecture: Intel x86
16:07:18.0593 0x0b2c Number of processors: 2
16:07:18.0593 0x0b2c Page size: 0x1000
16:07:18.0593 0x0b2c Boot type: Normal boot
16:07:18.0593 0x0b2c ============================================================
16:07:20.0250 0x0b2c KLMD registered as C:\WINDOWS\system32\drivers\53623672.sys
16:07:20.0593 0x0b2c System UUID: {7E213B65-0CBF-6E6C-A241-7D64E3A99836}
16:07:21.0359 0x0b2c Drive \Device\Harddisk0\DR0 - Size: 0x4A8594DE00 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9800, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
16:07:21.0359 0x0b2c ============================================================
16:07:21.0359 0x0b2c \Device\Harddisk0\DR0:
16:07:21.0359 0x0b2c MBR partitions:
16:07:21.0359 0x0b2c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x7328FC1
16:07:21.0359 0x0b2c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xCF1F20F, BlocksNum 0x1850A5F1
16:07:21.0359 0x0b2c ============================================================
16:07:21.0375 0x0b2c C: <-> \Device\Harddisk0\DR0\Partition1
16:07:21.0406 0x0b2c D: <-> \Device\Harddisk0\DR0\Partition2
16:07:21.0406 0x0b2c ============================================================
16:07:21.0406 0x0b2c Initialize success
16:07:21.0406 0x0b2c ============================================================
16:07:45.0406 0x02b8 ============================================================
16:07:45.0406 0x02b8 Scan started
16:07:45.0406 0x02b8 Mode: Manual;
16:07:45.0406 0x02b8 ============================================================
16:07:45.0406 0x02b8 KSN ping started
16:07:47.0718 0x02b8 KSN ping finished: true
16:07:48.0156 0x02b8 ================ Scan system memory ========================
16:07:48.0156 0x02b8 System memory - ok
16:07:48.0156 0x02b8 ================ Scan services =============================
16:07:48.0281 0x02b8 Abiosdsk - ok
16:07:48.0281 0x02b8 abp480n5 - ok
16:07:48.0328 0x02b8 [ 4FE34F1F3126B61FCC6B2043AA8112C9, DE370865E47A5D2A4B227EEFFB42384F67F08D622BF936A9C9CEF70CC47F324B ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
16:07:48.0328 0x02b8 ACPI - ok
16:07:48.0468 0x02b8 [ AFDFF022A01F0B11C776F0860C3B282F, 135E5257B62D921B76271014301E9EA1E2383D5DBB04E475DC3A7EFFD2561F56 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
16:07:48.0468 0x02b8 ACPIEC - ok
16:07:48.0468 0x02b8 adpu160m - ok
16:07:48.0515 0x02b8 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
16:07:48.0515 0x02b8 aec - ok
16:07:48.0546 0x02b8 [ 322D0E36693D6E24A2398BEE62A268CD, FB0BFF5846E50DBCC2826639318A6A1DE79EE7DEA2719ED74A5F6F44454E13D0 ] AFD C:\WINDOWS\System32\drivers\afd.sys
16:07:48.0562 0x02b8 AFD - ok
16:07:48.0562 0x02b8 Aha154x - ok
16:07:48.0562 0x02b8 aic78u2 - ok
16:07:48.0578 0x02b8 aic78xx - ok
16:07:49.0109 0x02b8 [ BBE9054FDADC8D49D29C5DA4FB84A803, 4315C1D7DBD35A80E25F15B45587AA76F6E9FCDC617B5ABF62301570771066AF ] Akamai c:\program files\common files\akamai/netsession_win_8fa3539.dll
16:07:49.0109 0x02b8 Suspicious file ( Hidden ): c:\program files\common files\akamai/netsession_win_8fa3539.dll. md5: BBE9054FDADC8D49D29C5DA4FB84A803, sha256: 4315C1D7DBD35A80E25F15B45587AA76F6E9FCDC617B5ABF62301570771066AF
16:07:49.0125 0x02b8 Akamai - detected HiddenFile.Multi.Generic ( 1 )
16:07:51.0625 0x02b8 Detect skipped due to KSN trusted
16:07:51.0625 0x02b8 Akamai - ok
16:07:51.0656 0x02b8 [ E0A6FA244B8624D78FE5FF6F56A33BAE, 26B828FDB03AE4A4F1DC7A1792F9BAD69CF947897D47F5E567F24F4B6D5CB541 ] Alerter C:\WINDOWS\system32\alrsvc.dll
16:07:51.0656 0x02b8 Alerter - ok
16:07:51.0671 0x02b8 [ 88842DE939A827577BF24243699AC80A, A49C9A6A9941F3A2FBBCFE1F6DB48B632739D00670AC98ECCCBC7FD9E786B21A ] ALG C:\WINDOWS\System32\alg.exe
16:07:51.0671 0x02b8 ALG - ok
16:07:51.0671 0x02b8 AliIde - ok
16:07:51.0890 0x02b8 [ 267FC636801EDC5AB28E14036349E3BE, CFEF5DF5F9BE820283376BB86DB3CF6609C02D316A742E17459A2BFA42E724E0 ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys
16:07:51.0921 0x02b8 Ambfilt - ok
16:07:51.0953 0x02b8 [ FCFFA85CFD4BF7A4711012847048DCA3, 89599AC5EBBA580B202F78ED0D6A7D741CE65B6C3FBCD81244CD170766316033 ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
16:07:51.0968 0x02b8 AmdK8 - ok
16:07:51.0968 0x02b8 amsint - ok
16:07:52.0000 0x02b8 [ 6B8E7A90E576D4FE308F97C69060A171, 6CE49BC78715737D78E05DECAC23E26A5672ACD2CF3D10154FEA9D47B318D47C ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
16:07:52.0000 0x02b8 AppMgmt - ok
16:07:52.0031 0x02b8 [ B5B8A80875C1DEDEDA8B02765642C32F, AD0C71D73B1B8225351FBF4FFB43001A32B4DAE69504C59970CD2428BB33D4EF ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
16:07:52.0031 0x02b8 Arp1394 - ok
16:07:52.0031 0x02b8 asc - ok
16:07:52.0046 0x02b8 asc3350p - ok
16:07:52.0046 0x02b8 asc3550 - ok
16:07:52.0125 0x02b8 [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
16:07:52.0125 0x02b8 aspnet_state - ok
16:07:52.0156 0x02b8 [ B347D2FEAE2D063943F16EC98634AB89, 2CA74745232607571ED088270B3B3FA555628455A257A6E52F133D650D861FD4 ] aswMonFlt C:\WINDOWS\system32\drivers\aswMonFlt.sys
16:07:52.0171 0x02b8 aswMonFlt - ok
16:07:52.0187 0x02b8 [ 71A7C3DB37ED3F6118AC7FEB50574C35, D14BFFF9E1FA77ACB4F011C68645D3961E3278ED445D574F49653BA45F0332E2 ] aswRdr C:\WINDOWS\system32\drivers\aswRdr.sys
16:07:52.0187 0x02b8 aswRdr - ok
16:07:52.0218 0x02b8 [ 84B4C00AE8CDFC52CF68F322D821F34C, 9971A8ECDF2B81F4AA59E7680639A8B798430E1FDF5A39C6E05E522BF2DEF3F8 ] aswRvrt C:\WINDOWS\system32\drivers\aswRvrt.sys
16:07:52.0218 0x02b8 aswRvrt - ok
16:07:52.0312 0x02b8 [ 3A50AD6AE8D8A0F78F03316F5B93FE45, 6F3952EDA23E5FD7CACE152D3DA3B1F1238E9B9976CDD5193D21424463BAA0E9 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
16:07:52.0343 0x02b8 aswSnx - ok
16:07:52.0390 0x02b8 [ B6381B4DC603C558419641BA969930E0, F6586B6D055C62942CD0E5702FFCC6F4DB7424DC551EB0041876C3544994EB59 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
16:07:52.0390 0x02b8 aswSP - ok
16:07:52.0421 0x02b8 [ 4A90E597A9AF787C4CEA0DE95C1F74A7, 07A80674038F2C78DA5868CB4350C1E8618E3EAAA3E894E32FDF5C876D5280F4 ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
16:07:52.0421 0x02b8 aswTdi - ok
16:07:52.0437 0x02b8 [ 680448905E27BBC6587ADB28597640D6, A55297D872162178FDCF2C64C2357DCE1D98418AB84CF5E8621DED73C7484629 ] aswVmm C:\WINDOWS\system32\drivers\aswVmm.sys
16:07:52.0453 0x02b8 aswVmm - ok
16:07:52.0484 0x02b8 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
16:07:52.0484 0x02b8 AsyncMac - ok
16:07:52.0500 0x02b8 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
16:07:52.0500 0x02b8 atapi - ok
16:07:52.0515 0x02b8 Atdisk - ok
16:07:52.0593 0x02b8 [ D140E4A4994C031D58D0F62AD4EF5507, 27F50972871DCEF4EA1F16A527ECAE6C2243903AADA1123146C913297D64D8DD ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
16:07:52.0609 0x02b8 Ati HotKey Poller - ok
16:07:53.0312 0x02b8 [ 6660B58E893499FB5CC7F92923D3F720, 362EDFE7B20B5985842D1A0A1C6257D3BAB0D5C14E3BD896039D13D43B81E141 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
16:07:53.0468 0x02b8 ati2mtag - ok
16:07:53.0500 0x02b8 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
16:07:53.0500 0x02b8 Atmarpc - ok
16:07:53.0515 0x02b8 [ DE31B88962A8645DBA5A37B993E7B0F1, CA93F25A3FD0CE68BB9B8E3AB6B813BF38DE3EDDFC990291B3957FAA59B2B274 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
16:07:53.0515 0x02b8 AudioSrv - ok
16:07:53.0531 0x02b8 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
16:07:53.0531 0x02b8 audstub - ok
16:07:53.0593 0x02b8 [ BEA8D0FA8805CC2E6BB49728166699C7, 9A574A1E79DC2D472877443A92ACDA57A1206A2DAB3AF9110C844944EDC9D797 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
16:07:53.0593 0x02b8 avast! Antivirus - ok
16:07:53.0875 0x02b8 [ 584F96E8CA59F2EC987E8FD6712D666E, FD2912779184DD4D2D14D48BD56FC607211CF149A0AE4B0188BC45E1AF5464C6 ] BBDemon C:\Program Files\Dassault Systemes\B20\intel_a\code\bin\CATSysDemon.exe
16:07:53.0890 0x02b8 BBDemon - ok
16:07:54.0015 0x02b8 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
16:07:54.0015 0x02b8 Beep - ok
16:07:54.0078 0x02b8 [ 19395D092FD85DDC2D9C7729CF5A2AC8, 7640F36BA19698EE8A6257BF78A8C57DD9D734BED9CA6BB9B68603BAEA092412 ] BITS C:\WINDOWS\system32\qmgr.dll
16:07:54.0093 0x02b8 BITS - ok
16:07:54.0125 0x02b8 [ 249276D3EF1E74B992299CB96099E4D7, A7E23EC13CB96C0CFD12D2D75E7115361B1F9890DB815D90F7B0A878EF7738F5 ] Browser C:\WINDOWS\System32\browser.dll
16:07:54.0140 0x02b8 Browser - ok
16:07:54.0171 0x02b8 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
16:07:54.0171 0x02b8 cbidf2k - ok
16:07:54.0171 0x02b8 cd20xrnt - ok
16:07:54.0187 0x02b8 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
16:07:54.0187 0x02b8 Cdaudio - ok
16:07:54.0218 0x02b8 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
16:07:54.0218 0x02b8 Cdfs - ok
16:07:54.0250 0x02b8 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
16:07:54.0250 0x02b8 Cdrom - ok
16:07:54.0265 0x02b8 Changer - ok
16:07:54.0281 0x02b8 [ E390DC1D7C461D7D56EC53402F329928, FB37F84E71353CD83FCDDD39C898C6D84C05130C5F1BEF022E3DFDE160398C0E ] CiSvc C:\WINDOWS\system32\cisvc.exe
16:07:54.0296 0x02b8 CiSvc - ok
16:07:54.0296 0x02b8 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA, 1725067BC759484A7185A4F1A44ED3CBE481529D187FE98EF279425B79177EB1 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
16:07:54.0296 0x02b8 ClipSrv - ok
16:07:54.0375 0x02b8 [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:07:54.0390 0x02b8 clr_optimization_v2.0.50727_32 - ok
16:07:54.0437 0x02b8 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:07:54.0453 0x02b8 clr_optimization_v4.0.30319_32 - ok
16:07:54.0453 0x02b8 CmdIde - ok
16:07:54.0453 0x02b8 COMSysApp - ok
16:07:54.0468 0x02b8 Cpqarray - ok
16:07:54.0500 0x02b8 [ F3AB0933CBD166D271992F411C27CCAF, 50E01F3B058F814BE914FA5050B2D972E8584A467719A5ABCF9D9EBD596A54A7 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
16:07:54.0500 0x02b8 CryptSvc - ok
16:07:54.0515 0x02b8 dac2w2k - ok
16:07:54.0515 0x02b8 dac960nt - ok
16:07:54.0562 0x02b8 [ C868F3AE15CF71A93F2AA3A32856D839, 7F08E40AE8F4F15F110550775183EDA690DBADAC95CF859C98A99B3DF308C8F5 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
16:07:54.0578 0x02b8 DcomLaunch - ok
16:07:54.0656 0x02b8 [ 2B9A817DC1BDAD9CE5495099B6A7136A, 6D040069C6CD249A4113E4BDD16658D02685F6018F804654934A03F5E2D161A8 ] Desura Install Service C:\Program Files\Common Files\Desura\desura_service.exe
16:07:54.0656 0x02b8 Desura Install Service - ok
16:07:54.0687 0x02b8 [ 277B9AF0F1034BE4731CBA7EFF10E8F9, 1D4E4D981433C4E94B022A61235D59E1ABC13CC8559383456996900AAC3B39FC ] DgivEcp C:\WINDOWS\system32\Drivers\DgivEcp.Sys
16:07:54.0687 0x02b8 DgivEcp - ok
16:07:54.0703 0x02b8 [ 8C9A53E285AC5E6704844D0459EC85BE, 9E86AF4C06CEC007C9B1590B6E056319603E4D79BED0C2471C6F1BC251B380CF ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
16:07:54.0718 0x02b8 Dhcp - ok
16:07:54.0718 0x02b8 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
16:07:54.0734 0x02b8 Disk - ok
16:07:54.0734 0x02b8 dmadmin - ok
16:07:54.0843 0x02b8 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C, 46074FBBC5E4A40A7B3A45636089DEDD2A619778C7DCD797571C2BB64D775F7E ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
16:07:54.0859 0x02b8 dmboot - ok
16:07:54.0890 0x02b8 [ FFF1720AF51171F32F1EAD5CF71F2810, 2E40D63DC7670C1E88A532DB8923A98ABC8481C351C4D915C2753E10BA77F36D ] dmio C:\WINDOWS\system32\drivers\dmio.sys
16:07:54.0890 0x02b8 dmio - ok
16:07:54.0921 0x02b8 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
16:07:54.0921 0x02b8 dmload - ok
16:07:54.0937 0x02b8 [ 2BFEFE9E865655A76982F050450B9591, 15C7D093D638770519AA43E7D8897310F32AB1F217027F5750D799494A985C35 ] dmserver C:\WINDOWS\System32\dmserver.dll
16:07:54.0937 0x02b8 dmserver - ok
16:07:54.0953 0x02b8 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
16:07:54.0953 0x02b8 DMusic - ok
16:07:54.0968 0x02b8 [ 0634B791684B84F4A331F3D3536FEEF8, 562080C56BB92AB41657D43A4D7FA722F6134CF78CA69B58A1D64816234E768D ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
16:07:54.0984 0x02b8 Dnscache - ok
16:07:55.0015 0x02b8 [ 4A3E2BD20157A0946751229E92EB8621, D8C00CC2C18C517F7262EBC3C511C062E5ABA797056AEB22AC5DEB306BA8C526 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
16:07:55.0015 0x02b8 Dot3svc - ok
16:07:55.0015 0x02b8 dpti2o - ok
16:07:55.0031 0x02b8 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
16:07:55.0031 0x02b8 drmkaud - ok
16:07:55.0062 0x02b8 [ 0887D9C2BE8D940778CAD1E3B85F2A41, 2E30DC06D46A5E174B7CAA2D70BDB697015495942572E90425E2EE7AC541BCF4 ] EapHost C:\WINDOWS\System32\eapsvc.dll
16:07:55.0062 0x02b8 EapHost - ok
16:07:55.0078 0x02b8 [ A2A4912798F2BE706ABADD3D30800D16, CCCCA389D22525D984DE9B59E4CEBE0EEEF315F725176EB5C4DC1A5B6157234A ] ERSvc C:\WINDOWS\System32\ersvc.dll
16:07:55.0078 0x02b8 ERSvc - ok
16:07:55.0093 0x02b8 [ F0D2AE69035092BF22DAD6B50FAB85C2, 982ED53375D9B5F6D3CE290A93987BE98407C746C24FEC7833F9D4D4AF443AD7 ] Eventlog C:\WINDOWS\system32\services.exe
16:07:55.0109 0x02b8 Eventlog - ok
16:07:55.0140 0x02b8 [ 260C69FD67687B0DC062FC3D31655857, A491071B09A726BC77FB134D59FF4FAB3EF1E09F785D86E49142B3A25A96C192 ] EventSystem C:\WINDOWS\system32\es.dll
16:07:55.0140 0x02b8 EventSystem - ok
16:07:55.0171 0x02b8 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
16:07:55.0171 0x02b8 Fastfat - ok
16:07:55.0203 0x02b8 [ B927443008910B412BEC72FC41C1BAD0, B2008DC7EBCEDA0FCCBF4BE1F3BD7F5E27E35695320236D2C9E9C0111CC44774 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
16:07:55.0218 0x02b8 FastUserSwitchingCompatibility - ok
16:07:55.0234 0x02b8 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
16:07:55.0234 0x02b8 Fdc - ok
16:07:55.0250 0x02b8 [ AC366695A0796560AA37215AD5762AAF, 6ADC7443EA42D77199D4879AF3C33A07914116C69A34B895D8CB8444EE50077F ] Fips C:\WINDOWS\system32\drivers\Fips.sys
16:07:55.0250 0x02b8 Fips - ok
16:07:55.0390 0x02b8 [ 73081CF28F0AE20A52CA4F67CEE6E6B0, 806C769F3638D25FF1892C7223E7250AA3B9F627DF3AD83BC5AE1FEF7016F86A ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
16:07:55.0406 0x02b8 FLEXnet Licensing Service - ok
16:07:55.0421 0x02b8 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
16:07:55.0421 0x02b8 Flpydisk - ok
16:07:55.0468 0x02b8 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
16:07:55.0468 0x02b8 FltMgr - ok
16:07:55.0515 0x02b8 [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
16:07:55.0531 0x02b8 FontCache3.0.0.0 - ok
16:07:55.0531 0x02b8 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:07:55.0531 0x02b8 Fs_Rec - ok
16:07:55.0546 0x02b8 [ 4E664D8541DB4A66B73A24257E322E1F, 17A2140AFE2B41E579FCCAFB82532853AD90A6EDBCB13DE80741DAE0AD5B4CC9 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
16:07:55.0546 0x02b8 Ftdisk - ok
16:07:55.0562 0x02b8 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
16:07:55.0578 0x02b8 Gpc - ok
16:07:55.0609 0x02b8 [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
16:07:55.0625 0x02b8 HDAudBus - ok
16:07:55.0656 0x02b8 [ FCFE31FB75F8A6295B6B0AF87A626282, 6BA385797DBC73EB29EFE3293B80C21B1B8A1E9B87A462476E73C526C9565E5F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
16:07:55.0656 0x02b8 helpsvc - ok
16:07:55.0687 0x02b8 [ 00E25EE90166B3E1BE6E74AEBF858306, 92C2F020EF14DE3B4F09E2C5DFF3D2F35D8C50F6D0188F9CEEFE3B6075602EFE ] HidServ C:\WINDOWS\System32\hidserv.dll
16:07:55.0687 0x02b8 HidServ - ok
16:07:55.0703 0x02b8 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
16:07:55.0718 0x02b8 hidusb - ok
16:07:55.0734 0x02b8 [ 7A6B320928F86BC851530D63C82965D9, 1F628759D31098DFBC05244735B5A62ACD8E45DBC5C9D236260D68EB8F1E28F5 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
16:07:55.0734 0x02b8 hkmsvc - ok
16:07:55.0734 0x02b8 hpn - ok
16:07:55.0781 0x02b8 [ F6AACF5BCE2893E0C1754AFEB672E5C9, 62A7A70515B5570A649DC30A3A122B1302F6839A63927C8B29EBE04ABA654892 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
16:07:55.0796 0x02b8 HTTP - ok
16:07:55.0812 0x02b8 [ 58FE2F2DA3BC5573F4A35B3760D3125F, B241ACCE426402EC64DC34C49CECB8CDC0851986D54BFCCED7040D6C43F5787A ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
16:07:55.0828 0x02b8 HTTPFilter - ok
16:07:55.0828 0x02b8 i2omgmt - ok
16:07:55.0828 0x02b8 i2omp - ok
16:07:55.0843 0x02b8 [ C528E27945367191E7BAE364930B6932, 1B95C7B49B4CAE734DC6C9EC22555C5356EEC856B8491C761C777479264CF854 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
16:07:55.0843 0x02b8 i8042prt - ok
16:07:55.0968 0x02b8 [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:07:55.0984 0x02b8 idsvc - ok
16:07:56.0015 0x02b8 [ 0A7C49B48C772591A2D362DAA00246C8, 0A6404D14C9DF95BBCBAEB7304F188BB6968E5E8E6A678D6D766EC6C6275FB1C ] imagedrv C:\WINDOWS\system32\Drivers\imagedrv.sys
16:07:56.0015 0x02b8 imagedrv - ok
16:07:56.0031 0x02b8 [ 549BA4F539E7B8D8129500B96DD7B27A, F474C33919282CBE565E4E0D8568D919F5AAD5801B40A1AC557288E0CFE59BA1 ] imagesrv C:\WINDOWS\system32\DRIVERS\imagesrv.sys
16:07:56.0046 0x02b8 imagesrv - ok
16:07:56.0062 0x02b8 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
16:07:56.0062 0x02b8 Imapi - ok
16:07:56.0093 0x02b8 [ F7B93AAFAD33B2320954C17E26C8D361, 8CFDB11A68B59E195F280BE08B25FA59F1F70833832919B8BECCE17616999934 ] ImapiService C:\WINDOWS\system32\imapi.exe
16:07:56.0093 0x02b8 ImapiService - ok
16:07:56.0109 0x02b8 ini910u - ok
16:07:56.0781 0x02b8 [ 0503EB6F3359E1C6E4C46FEF376405EF, 23763E289A679BB51CFCCB30415598A12C3DBE5C3AEBFD21FD76EE2385415544 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
16:07:56.0921 0x02b8 IntcAzAudAddService - ok
16:07:56.0937 0x02b8 IntelIde - ok
16:07:56.0968 0x02b8 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
16:07:56.0968 0x02b8 Ip6Fw - ok
16:07:57.0000 0x02b8 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:07:57.0000 0x02b8 IpFilterDriver - ok
16:07:57.0015 0x02b8 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
16:07:57.0015 0x02b8 IpInIp - ok
16:07:57.0046 0x02b8 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
16:07:57.0046 0x02b8 IpNat - ok
16:07:57.0093 0x02b8 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
16:07:57.0093 0x02b8 IPSec - ok
16:07:57.0125 0x02b8 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
16:07:57.0125 0x02b8 IRENUM - ok
16:07:57.0156 0x02b8 [ CC9F8A2D60AED1A51A3AC34C59B987AE, CBF69817BE3D9A4617390B1A3306074CB8581F21562CD1357D32BC3E542F3CEE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
16:07:57.0156 0x02b8 isapnp - ok
16:07:57.0218 0x02b8 [ B9436A665A8621073A12338B16D7BFD4, 1F1CB4758768BF7B7DDB27BF9DA944D869B561ABF7EC39CEC059044E10C1EA88 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
16:07:57.0218 0x02b8 JavaQuickStarterService - ok
16:07:57.0234 0x02b8 [ 1B6162FE7F66B1A71A4B70F941C4AA9B, C2EA494BAB0513A6027414FB1E75834F980A77852D0DC8559E8942FC222A075A ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
16:07:57.0234 0x02b8 Kbdclass - ok
16:07:57.0250 0x02b8 [ 86C8F23616C6C6E5B2776901C17B945B, 211B63FC405A2DDB126D204D61E779D66C7211882CC0374521926C633E180B91 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
16:07:57.0250 0x02b8 kbdhid - ok
16:07:57.0296 0x02b8 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
16:07:57.0296 0x02b8 kmixer - ok
16:07:57.0312 0x02b8 [ 1705745D900DABF2D89F90EBADDC7517, FE90589415BDB3BA482D3EBE1A87A7BF1429791E8F18BCB66BF8874631CC8B2C ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
16:07:57.0312 0x02b8 KSecDD - ok
16:07:57.0359 0x02b8 [ 21920AC69594AB021237054FA728FE46, 01D1E231B85BF3B1979491BE6338EEE4A184AED9B8B113CB9AEFCACFAA7B73E9 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
16:07:57.0359 0x02b8 LanmanServer - ok
16:07:57.0390 0x02b8 [ 5190783F51A2D7A8495202C664D7C963, A3ABAC9DB3AE7A200B16E569F0C38007FB8D4F19BEDFB67B2F4229121E242531 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
16:07:57.0390 0x02b8 lanmanworkstation - ok
16:07:57.0406 0x02b8 lbrtfdc - ok
16:07:57.0421 0x02b8 [ 0AB159F536E3E8F7F07113702A07CCA5, 3218C553183E6697C663B6D12790E09756B50505590858DD5AC62411D37CDD7C ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
16:07:57.0421 0x02b8 LmHosts - ok
16:07:57.0453 0x02b8 [ CA020DB361524D1182138EFEAA8CF8F3, FB144937098ED90599BAB056A520FF76679B1D82DA52095786293F3F485EC72F ] LUMDriver C:\WINDOWS\system32\drivers\LUMDriver.sys
16:07:57.0453 0x02b8 LUMDriver - ok
16:07:57.0468 0x02b8 [ 221CD1C815B8A6B79389C3F5D1018DE8, 6D0D25D6669C4F9452F74EC72C6138A41D9408E01AF5FD01C08F27BE7BC9C905 ] Messenger C:\WINDOWS\System32\msgsvc.dll
16:07:57.0468 0x02b8 Messenger - ok
16:07:57.0484 0x02b8 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
16:07:57.0484 0x02b8 mnmdd - ok
16:07:57.0500 0x02b8 [ 9A57D046F88F4B69751B11FD40088A61, 62F65433024CE411F111A88723747B8A83B31076FBAF4CFF40FD02A53D7FF7DF ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
16:07:57.0515 0x02b8 mnmsrvc - ok
16:07:57.0531 0x02b8 [ 44032B0C6D9954D3FD26438330B99EE7, A49749A4C00D50F57170AA5DA9E2DEECC8C524A48B144C8B784894F2C202FBEE ] Modem C:\WINDOWS\system32\drivers\Modem.sys
16:07:57.0531 0x02b8 Modem - ok
16:07:57.0703 0x02b8 [ C7D9F9717916B34C1B00DD4834AF485C, A9512A03E8142C83534189963F90ADA6FA425BD606928C40C3D724177105A658 ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys
16:07:57.0734 0x02b8 Monfilt - ok
16:07:57.0750 0x02b8 [ 4CB582831DBDE63CE43B45D771218374, 6D470B26197C5B388983D9213D48D2CDE934C9591572876DC7790FE4B59E0845 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
16:07:57.0750 0x02b8 Mouclass - ok
16:07:57.0765 0x02b8 [ BB269EBA740737AB749B214D568B6812, ABF41D9B521EBBE674E76981CAD31F8FD05976DE7070266C3956FDB67C83C4C2 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
16:07:57.0765 0x02b8 mouhid - ok
16:07:57.0781 0x02b8 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
16:07:57.0781 0x02b8 MountMgr - ok
16:07:57.0828 0x02b8 [ AEE4E9CC59CDEB55B1ECB0E596E796BE, 674F6F38D86D238AFD6223E03A862F8B43DD8499FBC2D4B7A04E510EC5EACF3B ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
16:07:57.0843 0x02b8 MozillaMaintenance - ok
16:07:57.0843 0x02b8 mraid35x - ok
16:07:57.0859 0x02b8 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
16:07:57.0875 0x02b8 MRxDAV - ok
16:07:57.0921 0x02b8 [ 68755F0FF16070178B54674FE5B847B0, 2FFBCE3A67FA7E30E373624521C602E5510C5565F04381C6C9F961253DA928A6 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:07:57.0937 0x02b8 MRxSmb - ok
16:07:57.0953 0x02b8 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D, 78D63EE2C0B0852F0771071C099643242EBC9F4DA28847B93BCE9C3CC1091938 ] MSDTC C:\WINDOWS\system32\msdtc.exe
16:07:57.0968 0x02b8 MSDTC - ok
16:07:57.0984 0x02b8 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
16:07:57.0984 0x02b8 Msfs - ok
16:07:57.0984 0x02b8 MSIServer - ok
16:07:58.0000 0x02b8 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
16:07:58.0000 0x02b8 MSKSSRV - ok
16:07:58.0015 0x02b8 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:07:58.0015 0x02b8 MSPCLOCK - ok
16:07:58.0031 0x02b8 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
16:07:58.0031 0x02b8 MSPQM - ok
16:07:58.0062 0x02b8 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
16:07:58.0062 0x02b8 mssmbios - ok
16:07:58.0078 0x02b8 [ 2F625D11385B1A94360BFC70AAEFDEE1, 23E4974120233CF1A7BEE48977706A0A55418699379D1450502ABEB24191AC80 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
16:07:58.0078 0x02b8 Mup - ok
16:07:58.0125 0x02b8 [ 6EA362E9DB03D44F6B996F4D8BE237E9, FE6B4C546D26C4A2832CF4CB280B86B1723E10E46A3C24AF6C9856FCCAE9D1FC ] napagent C:\WINDOWS\System32\qagentrt.dll
16:07:58.0140 0x02b8 napagent - ok
16:07:58.0171 0x02b8 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
16:07:58.0171 0x02b8 NDIS - ok
16:07:58.0187 0x02b8 [ 1AB3D00C991AB086E69DB84B6C0ED78F, 1F881FCCF5557C44C078D99CA2DD38D635413D6212DBEDC06A428EDAC7F8B04E ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:07:58.0187 0x02b8 NdisTapi - ok
16:07:58.0218 0x02b8 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:07:58.0218 0x02b8 Ndisuio - ok
16:07:58.0234 0x02b8 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:07:58.0234 0x02b8 NdisWan - ok
16:07:58.0250 0x02b8 [ 6215023940CFD3702B46ABC304E1D45A, C767F3A349B365F6E7566C0738E2F62D8FFF8CB4457347E3614BD403BC6CADCB ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
16:07:58.0250 0x02b8 NDProxy - ok
16:07:58.0265 0x02b8 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
16:07:58.0265 0x02b8 NetBIOS - ok
16:07:58.0296 0x02b8 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
16:07:58.0296 0x02b8 NetBT - ok
16:07:58.0343 0x02b8 [ 933DE774986EC85E48210C44AB431DE6, B8C85085003792B8744D96585CE6F2BC474EEEEC364A100CCBCE08176D91E75C ] NetDDE C:\WINDOWS\system32\netdde.exe
16:07:58.0343 0x02b8 NetDDE - ok
16:07:58.0359 0x02b8 [ 933DE774986EC85E48210C44AB431DE6, B8C85085003792B8744D96585CE6F2BC474EEEEC364A100CCBCE08176D91E75C ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
16:07:58.0375 0x02b8 NetDDEdsdm - ok
16:07:58.0375 0x02b8 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] Netlogon C:\WINDOWS\system32\lsass.exe
16:07:58.0375 0x02b8 Netlogon - ok
16:07:58.0421 0x02b8 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40, 588C8BA14A7255FD36A88960CBE34341301773765ECF2A9A0F1760A509A08A5B ] Netman C:\WINDOWS\System32\netman.dll
16:07:58.0421 0x02b8 Netman - ok
16:07:58.0468 0x02b8 [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:07:58.0468 0x02b8 NetTcpPortSharing - ok
16:07:58.0484 0x02b8 [ E9E47CFB2D461FA0FC75B7A74C6383EA, 544136F5BFD4DC23D45E90F12FA48B82FD9EAEA9EAF3E0F5F0BD27E23D672C3E ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
16:07:58.0484 0x02b8 NIC1394 - ok
16:07:58.0515 0x02b8 [ AAC97DAB5F8A0573CF10E0EAC42A7724, DF151B3F1C6BBE59E72E3AC1053E6A6D2C60FDB21CD5819E6A69182BB4A90D76 ] Nla C:\WINDOWS\System32\mswsock.dll
16:07:58.0531 0x02b8 Nla - ok
16:07:58.0546 0x02b8 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
16:07:58.0546 0x02b8 Npfs - ok
16:07:58.0640 0x02b8 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
16:07:58.0640 0x02b8 Ntfs - ok
16:07:58.0656 0x02b8 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
16:07:58.0656 0x02b8 NtLmSsp - ok
16:07:58.0718 0x02b8 [ 023DD70573D644F3D9C8B1258A7BFD08, 9A1D3210ED5FD8BEDF92ED577A9B30E37035408A73EB66A8C950B75AB7539B83 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
16:07:58.0734 0x02b8 NtmsSvc - ok
16:07:58.0750 0x02b8 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
16:07:58.0750 0x02b8 Null - ok
16:07:58.0781 0x02b8 [ 982702A22349C2B31F7DCEF62241058F, 1762E4EAEFA9E0D61C1A7B28C2E8D9D090B7DB8708AD71ABF4DBBDD213C1EE82 ] NVENETFD C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
16:07:58.0781 0x02b8 NVENETFD - ok
16:07:58.0781 0x02b8 [ BC0F2C4ED9D6DA9A2519C55AF7D4FC60, 659829E3654D19ADED79275FA985A531CBEA664B58B3C06EB7A0DEC23D0E9740 ] nvnetbus C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
16:07:58.0796 0x02b8 nvnetbus - ok
16:07:58.0812 0x02b8 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
16:07:58.0812 0x02b8 NwlnkFlt - ok
16:07:58.0828 0x02b8 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
16:07:58.0828 0x02b8 NwlnkFwd - ok
16:07:58.0953 0x02b8 [ 1F0E05DFF4F5A833168E49BE1256F002, A858267572033C185293B0FD15B2BFDA679D0771A14C0ADF24461B529DBAD8DF ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:07:58.0953 0x02b8 odserv - ok
16:07:58.0984 0x02b8 [ CA33832DF41AFB202EE7AEB05145922F, 9DD0089C2E13C7F81214C3B5A4A61276292052F9BBFEA7FCD0F6AA27815D5F95 ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
16:07:58.0984 0x02b8 ohci1394 - ok
16:07:59.0015 0x02b8 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:07:59.0031 0x02b8 ose - ok
16:07:59.0031 0x02b8 [ 46F8DB73B4A53E543F8E371DC7C75BAE, F6C5E7DE4B4AE0ED785DB075BE14EA6A0FC9050C95669B26DEF2B82D7B7D3B2C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
16:07:59.0046 0x02b8 Parport - ok
16:07:59.0062 0x02b8 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
16:07:59.0062 0x02b8 PartMgr - ok
16:07:59.0078 0x02b8 [ 1FAE19D0457176318BBA4A8795656EBC, 5F3D6CABA203A0485D67F63A6A81151724EE200BE49ED095CFCB1EF29C19D19F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
16:07:59.0078 0x02b8 ParVdm - ok
16:07:59.0093 0x02b8 [ 6CE351D149CB4BEFC702951E471E1730, 758327683BB45F01D5AE550AF21856822B4CF55E17F2A4F452F559088D242B37 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
16:07:59.0093 0x02b8 PCI - ok
16:07:59.0109 0x02b8 PCIDump - ok
16:07:59.0109 0x02b8 [ 2DA4EC85E0EA7A45C6B2A05820492D5A, A8C6BD93D3BC33A5B36EB523997EF9E0783B6E6EAFB6E7F58BCC2629009BDCF9 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
16:07:59.0109 0x02b8 PCIIde - ok
16:07:59.0140 0x02b8 [ 4FC31E6C19A5CE5198B1ABFF94CAE758, A031E21EC1F15DA5E8429269F435337FA961C3C06D535DAFD448C7355F33FD0C ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
16:07:59.0156 0x02b8 Pcmcia - ok
16:07:59.0156 0x02b8 PDCOMP - ok
16:07:59.0156 0x02b8 PDFRAME - ok
16:07:59.0156 0x02b8 PDRELI - ok
16:07:59.0171 0x02b8 PDRFRAME - ok
16:07:59.0171 0x02b8 perc2 - ok
16:07:59.0171 0x02b8 perc2hib - ok
16:07:59.0203 0x02b8 [ F0D2AE69035092BF22DAD6B50FAB85C2, 982ED53375D9B5F6D3CE290A93987BE98407C746C24FEC7833F9D4D4AF443AD7 ] PlugPlay C:\WINDOWS\system32\services.exe
16:07:59.0203 0x02b8 PlugPlay - ok
16:07:59.0218 0x02b8 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
16:07:59.0234 0x02b8 PolicyAgent - ok
16:07:59.0250 0x02b8 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
16:07:59.0250 0x02b8 PptpMiniport - ok
16:07:59.0265 0x02b8 [ 7EB15DCE4EC3A0220BD796A15C18186E, E06C572F3FE4F3377D8AF74E8EF15478E71B4C61F944E48E8C35534BEF086110 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
16:07:59.0265 0x02b8 Processor - ok
16:07:59.0281 0x02b8 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
16:07:59.0281 0x02b8 ProtectedStorage - ok
16:07:59.0296 0x02b8 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
16:07:59.0296 0x02b8 PSched - ok
16:07:59.0312 0x02b8 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
16:07:59.0312 0x02b8 Ptilink - ok
16:07:59.0312 0x02b8 ql1080 - ok
16:07:59.0328 0x02b8 Ql10wnt - ok
16:07:59.0328 0x02b8 ql12160 - ok
16:07:59.0328 0x02b8 ql1240 - ok
16:07:59.0343 0x02b8 ql1280 - ok
16:07:59.0343 0x02b8 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:07:59.0343 0x02b8 RasAcd - ok
16:07:59.0375 0x02b8 [ 2B5E44EA009F2F374B980E1E9A70635D, 62D8FDB80C8ACBA2C42C12760B785587C43BEDFE015EC5C41B25F2BB735EFEB0 ] RasAuto C:\WINDOWS\System32\rasauto.dll
16:07:59.0375 0x02b8 RasAuto - ok
16:07:59.0390 0x02b8 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
16:07:59.0390 0x02b8 Rasl2tp - ok
16:07:59.0421 0x02b8 [ D57554C664B64604BD1EE13EA2C07E77, B090C05B91EA602BFF9A5E89AB1A0FFDE869611961FF749DA8B3F4D00F04E756 ] RasMan C:\WINDOWS\System32\rasmans.dll
16:07:59.0437 0x02b8 RasMan - ok
16:07:59.0437 0x02b8 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:07:59.0437 0x02b8 RasPppoe - ok
16:07:59.0453 0x02b8 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
16:07:59.0453 0x02b8 Raspti - ok
16:07:59.0484 0x02b8 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:07:59.0484 0x02b8 Rdbss - ok
16:07:59.0500 0x02b8 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
16:07:59.0500 0x02b8 RDPCDD - ok
16:07:59.0546 0x02b8 [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
16:07:59.0546 0x02b8 rdpdr - ok
16:07:59.0578 0x02b8 [ 6728E45B66F93C08F11DE2E316FC70DD, EA63ECD4F84CAE08BD2BF843C48AF505B1B9D7B61349A63536C9C6FEBEF23452 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
16:07:59.0593 0x02b8 RDPWD - ok
16:07:59.0625 0x02b8 [ C0D9D9711CB74EE9BC66353D8CBDAB0E, F1AF9A26910707E76BF213D8DE5C902B0088D8A29EBDFF72DE6A4D867E298CC8 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
16:07:59.0640 0x02b8 RDSessMgr - ok
16:07:59.0656 0x02b8 [ 611BFD220305BE3A85AE876EA47D4AA5, FDF87878EB3886649025E5A12F1C3FC9072D66CCD3217944710085C1F8A4512E ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
16:07:59.0656 0x02b8 redbook - ok
16:07:59.0671 0x02b8 [ 127C26B5371651043450E52542099ABA, 98AADAD8D5211CB894AA7C59B6299861B1F44B6D8F46AB5837E7D2F5B615B14A ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
16:07:59.0687 0x02b8 RemoteAccess - ok
16:07:59.0703 0x02b8 [ 8F31505484A190D5B22274708799F4EC, 170FF8193C95CEE73B9342B6FB7D83DF4E80B2CCBB27DF41F4AB5F2FB9AF60E1 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
16:07:59.0718 0x02b8 RemoteRegistry - ok
16:07:59.0734 0x02b8 [ 718B3BDC0BC3C2F7D065A53D26202AF9, 9E58243628F1E1396AB82A80D046FF50803A230EE07B007E0CA5D744C77B091A ] RpcLocator C:\WINDOWS\system32\locator.exe
16:07:59.0750 0x02b8 RpcLocator - ok
16:07:59.0796 0x02b8 [ C868F3AE15CF71A93F2AA3A32856D839, 7F08E40AE8F4F15F110550775183EDA690DBADAC95CF859C98A99B3DF308C8F5 ] RpcSs C:\WINDOWS\system32\rpcss.dll
16:07:59.0812 0x02b8 RpcSs - ok
16:07:59.0843 0x02b8 [ 09AB2E71E58B078038E3BFDBA7FFC984, 8CA277DEEF6376B0F48C6BA5DBBC3E8AF2245983BA9AF6AB83D1A920D35FAF93 ] RSVP C:\WINDOWS\system32\rsvp.exe
16:07:59.0859 0x02b8 RSVP - ok
16:08:00.0296 0x02b8 [ EB5A4E5437C643517F9D0FA0535310AF, 0214236F304C65CF960DB5B3A5EF960ECDBE9CD9AC69AC1FA4AD176225EDDC1E ] RTHDMIAzAudService C:\WINDOWS\system32\drivers\RtKHDMI.sys
16:08:00.0390 0x02b8 RTHDMIAzAudService - ok
16:08:00.0421 0x02b8 [ 594FF5620661D1386475406E78CB6F2F, FFB83A5F586E9E4766B70F0E53B9175E9D0DB91DADF39ED679EA8F4DE07DA0A8 ] s0017bus C:\WINDOWS\system32\DRIVERS\s0017bus.sys
16:08:00.0437 0x02b8 s0017bus - ok
16:08:00.0437 0x02b8 [ 7258F550419D543BC5C8E80C578A5D54, 5A924F86F836990BDF9F3E3DB9713CD3A4C7CF71C7C7977E8051C5730BA1A53B ] s0017mdfl C:\WINDOWS\system32\DRIVERS\s0017mdfl.sys
16:08:00.0453 0x02b8 s0017mdfl - ok
16:08:00.0468 0x02b8 [ 1DE4F6607FEB17A15DBD4F1B139E6D2F, A542E6DF97E5E4D1320E8552F157D988DA910D2DE9501A1CA46FCCB9FE4FFA43 ] s0017mdm C:\WINDOWS\system32\DRIVERS\s0017mdm.sys
16:08:00.0468 0x02b8 s0017mdm - ok
16:08:00.0500 0x02b8 [ 9814E6BACC06D2526CD52981C7EEEDF0, 128CFEC117AC4C4E02A12B853FF006238AEBF7C38285988C38F8E10C1C638BCE ] s0017mgmt C:\WINDOWS\system32\DRIVERS\s0017mgmt.sys
16:08:00.0500 0x02b8 s0017mgmt - ok
16:08:00.0515 0x02b8 [ 2C62CD58225973F26682CD4F783DDEDE, D1FED367DE9DE3AA0853F4E12434E8C932DFFD99A297419FDB3C9440CCFE2BBD ] s0017nd5 C:\WINDOWS\system32\DRIVERS\s0017nd5.sys
16:08:00.0531 0x02b8 s0017nd5 - ok
16:08:00.0546 0x02b8 [ F87C3422E84B2FB1B43E0A26247AD5A5, 731AD1F1324532F496F7561A3152277D6D80093B5E1924443DBB6089536FBD9C ] s0017obex C:\WINDOWS\system32\DRIVERS\s0017obex.sys
16:08:00.0546 0x02b8 s0017obex - ok
16:08:00.0578 0x02b8 [ DF5E7360A0AFA5956BF75DA683D0679F, 65C6E2E40A1F679DD07FC212434B27DD16F91AA221CEF9DCEB922789665D4B49 ] s0017unic C:\WINDOWS\system32\DRIVERS\s0017unic.sys
16:08:00.0578 0x02b8 s0017unic - ok
16:08:00.0593 0x02b8 [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] SamSs C:\WINDOWS\system32\lsass.exe
16:08:00.0593 0x02b8 SamSs - ok
16:08:00.0625 0x02b8 [ 410046E401EB11E1E6749E9DEEA41D4A, 9507268ACD24EF51E994DC418E8EB3E10DEDE61EE892226A22A5DA7662397E25 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
16:08:00.0640 0x02b8 SCardSvr - ok
16:08:00.0671 0x02b8 [ 3FF232A7731621B8902D81D42418C93C, 2030C9A843D9555170179883BD4CC1E978D5FC5EC0D7FCA56518224E428BE421 ] Schedule C:\WINDOWS\system32\schedsvc.dll
16:08:00.0687 0x02b8 Schedule - ok
16:08:00.0703 0x02b8 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
16:08:00.0703 0x02b8 Secdrv - ok
16:08:00.0718 0x02b8 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6, 82EEB2345AC19050FAB202DE76C2CDD93E753F5AB67789A86A1726D3040C02E5 ] seclogon C:\WINDOWS\System32\seclogon.dll
16:08:00.0734 0x02b8 seclogon - ok
16:08:00.0750 0x02b8 [ A530B75C10C23C9AB28FDB6CE719E21F, 14568DF6457758E2F534A46A8E6245C364895C3993BEF2B5A889B98DBB201A27 ] SENS C:\WINDOWS\system32\sens.dll
16:08:00.0750 0x02b8 SENS - ok
16:08:00.0765 0x02b8 [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
16:08:00.0765 0x02b8 serenum - ok
16:08:00.0781 0x02b8 [ B842729337C9B921615C40D3C1A1AF96, 503670A56423B996C6ED6AE95F07FB88910767C4A2041A4BE9070C57A016E7FA ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
16:08:00.0781 0x02b8 Serial - ok
16:08:00.0796 0x02b8 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
16:08:00.0796 0x02b8 Sfloppy - ok
16:08:00.0843 0x02b8 [ F58FACA9621D2DB01BD0927D9A0A208E, 239C87E09261BC9D1DBE99DABCFC4787D42289E8769563A5EFB323BE6F177C9A ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
16:08:00.0859 0x02b8 SharedAccess - ok
16:08:00.0890 0x02b8 [ B927443008910B412BEC72FC41C1BAD0, B2008DC7EBCEDA0FCCBF4BE1F3BD7F5E27E35695320236D2C9E9C0111CC44774 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
16:08:00.0890 0x02b8 ShellHWDetection - ok
16:08:00.0906 0x02b8 Simbad - ok
16:08:00.0906 0x02b8 Sparrow - ok
16:08:00.0937 0x02b8 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
16:08:00.0937 0x02b8 splitter - ok
16:08:00.0953 0x02b8 [ CB1090BCA0E7B40D0B5B4E4D66531809, BFA487D989B4C63FB40407A4FC877B54A3104D7394316E9B8A52E77129816B3D ] Spooler C:\WINDOWS\system32\spoolsv.exe
16:08:00.0953 0x02b8 Spooler - ok
16:08:01.0062 0x02b8 [ CDDDEC541BC3C96F91ECB48759673505, B030FFA02832317AC5626BF1BF8A4A95A5992C9A6E81BC1C002D5F4D667C27FB ] sptd C:\WINDOWS\system32\Drivers\sptd.sys
16:08:01.0062 0x02b8 Suspicious file ( NoAccess ): C:\WINDOWS\system32\Drivers\sptd.sys. md5: CDDDEC541BC3C96F91ECB48759673505, sha256: B030FFA02832317AC5626BF1BF8A4A95A5992C9A6E81BC1C002D5F4D667C27FB
16:08:01.0062 0x02b8 sptd - detected LockedFile.Multi.Generic ( 1 )
16:08:03.0453 0x02b8 Detect skipped due to KSN trusted
16:08:03.0453 0x02b8 sptd - ok
16:08:03.0484 0x02b8 [ 94610C8653635E4459316A0050D55CE7, D148D33B3D2B0757060531C526F2161504A8D7C4E5957D092C7EBDB007271339 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
16:08:03.0484 0x02b8 sr - ok
16:08:03.0515 0x02b8 [ 35B91147124F64AC8081A2EDB9EA4DEE, 1609D19156DAC6EE3C2D2350B062966B64D9CDC289E9B8FEB6D244AAEBE90BBF ] srservice C:\WINDOWS\system32\srsvc.dll
16:08:03.0531 0x02b8 srservice - ok
16:08:03.0562 0x02b8 [ 5252605079810904E31C332E241CD59B, 039DD965DE2137219168F95CA3BF1CA7353957026BDD0481F7964E2578DF2128 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
16:08:03.0578 0x02b8 Srv - ok
16:08:03.0609 0x02b8 [ BECD5271DC4E3B7C3D035F790FCBC1E5, D63B9DB81332553C963EC5057D241CE2287AF652387333C1FD79AF8C9B5F2BA7 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
16:08:03.0625 0x02b8 SSDPSRV - ok
16:08:03.0671 0x02b8 [ C1CDD9275F6A115BB0AE1D55D8D27BA6, CD0511FD7F6AD832CBEB931C605AB3AD217631C57399CB8033248D27619541E4 ] stisvc C:\WINDOWS\system32\wiaservc.dll
16:08:03.0687 0x02b8 stisvc - ok
16:08:03.0703 0x02b8 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
16:08:03.0703 0x02b8 swenum - ok
16:08:03.0734 0x02b8 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
16:08:03.0734 0x02b8 swmidi - ok
16:08:03.0734 0x02b8 SwPrv - ok
16:08:03.0750 0x02b8 symc810 - ok
16:08:03.0750 0x02b8 symc8xx - ok
16:08:03.0750 0x02b8 sym_hi - ok
16:08:03.0750 0x02b8 sym_u3 - ok
16:08:03.0765 0x02b8 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
16:08:03.0781 0x02b8 sysaudio - ok
16:08:03.0812 0x02b8 [ CE06F01B88ACE199A1BF460CAC29C110, 3CD89E5B8E53203287D889C107E4795225742DB6C6ACA2DC0611BD9728382A27 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
16:08:03.0812 0x02b8 SysmonLog - ok
16:08:03.0859 0x02b8 [ C2546CD7A398476F9DF5614B2AE160E8, 11C8435BA983553E9C0806494E9B3C7080515C0375B0604F029D89B50726161A ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
16:08:03.0859 0x02b8 TapiSrv - ok
16:08:03.0921 0x02b8 [ 93EA8D04EC73A85DB02EB8805988F733, 013008E23F5F14E0C836C28524D1181759BAF84530C6331163882A772217F398 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
16:08:03.0921 0x02b8 Tcpip - ok
16:08:03.0937 0x02b8 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
16:08:03.0937 0x02b8 TDPIPE - ok
16:08:03.0953 0x02b8 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
16:08:03.0953 0x02b8 TDTCP - ok
16:08:03.0968 0x02b8 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
16:08:03.0968 0x02b8 TermDD - ok
16:08:04.0015 0x02b8 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E, 3D2B1D899061448EAD993CDE97D1EF50DD64728E9F44D80FEAE591198A937653 ] TermService C:\WINDOWS\System32\termsrv.dll
16:08:04.0031 0x02b8 TermService - ok
16:08:04.0046 0x02b8 [ B927443008910B412BEC72FC41C1BAD0, B2008DC7EBCEDA0FCCBF4BE1F3BD7F5E27E35695320236D2C9E9C0111CC44774 ] Themes C:\WINDOWS\System32\shsvcs.dll
16:08:04.0062 0x02b8 Themes - ok
16:08:04.0078 0x02b8 [ CD0CC7B167D78043A41C98D4921EFB54, 31AAB5D6D6BA52EBDDE1B5DEB8F9B4D9597FFBA4485F959C846F635060CCB5C0 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
16:08:04.0093 0x02b8 TlntSvr - ok
16:08:04.0093 0x02b8 TosIde - ok
16:08:04.0125 0x02b8 [ 38853304CCB938D30E0C4CDE8D2C2A8A, 966E7BCC9F63A1A7777F8A12E51C2A91EC688CE96109943ADC4CB4EB58DC34A6 ] TrkWks C:\WINDOWS\system32\trkwks.dll
16:08:04.0125 0x02b8 TrkWks - ok
16:08:04.0156 0x02b8 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
16:08:04.0156 0x02b8 Udfs - ok
16:08:04.0156 0x02b8 ultra - ok
16:08:04.0218 0x02b8 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
16:08:04.0218 0x02b8 Update - ok
16:08:04.0250 0x02b8 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E, AF7662BCA0819F82CE5EE0863E47149CC127DE664CB3DC6359B63FBD71DB54F8 ] upnphost C:\WINDOWS\System32\upnphost.dll
16:08:04.0265 0x02b8 upnphost - ok
16:08:04.0281 0x02b8 [ 20A0F6A11959E92908717D09E87D670D, 3DD6C99AB0F70FAA43DF470B30078B8A51B8AF735CD5C50DBB195FEA70F4C36E ] UPS C:\WINDOWS\System32\ups.exe
16:08:04.0281 0x02b8 UPS - ok
16:08:04.0296 0x02b8 [ 173F317CE0DB8E21322E71B7E60A27E8, 7042441BA63AE38AE9D7BE0BC5CA7404FC9EE5BB3F084604A68F01E82769652A ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
16:08:04.0296 0x02b8 usbccgp - ok
16:08:04.0312 0x02b8 [ 65DCF09D0E37D4C6B11B5B0B76D470A7, 90EBA8BAF45932B453D905EDF2BDDDF3A432BFD50B9F7DF58CDEAE98D11C2E2F ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
16:08:04.0312 0x02b8 usbehci - ok
16:08:04.0328 0x02b8 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
16:08:04.0343 0x02b8 usbhub - ok
16:08:04.0359 0x02b8 [ 0DAECCE65366EA32B162F85F07C6753B, 3C33AC2FC95E876933F2016CF0CDA2745491679728684DA8DF95A515CE4804BD ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
16:08:04.0359 0x02b8 usbohci - ok
16:08:04.0390 0x02b8 [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
16:08:04.0390 0x02b8 usbprint - ok
16:08:04.0406 0x02b8 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
16:08:04.0406 0x02b8 USBSTOR - ok
16:08:04.0453 0x02b8 [ FCE98C43B5C5DB8E0DA8EA0E2B45E044, 0F6F3FF106015580009776A1F91FD10371BAF229A2A773436A5783F142CC1A0C ] VClone C:\WINDOWS\system32\DRIVERS\VClone.sys
16:08:04.0453 0x02b8 VClone - ok
16:08:04.0468 0x02b8 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
16:08:04.0468 0x02b8 VgaSave - ok
16:08:04.0484 0x02b8 ViaIde - ok
16:08:04.0484 0x02b8 [ 28A4B296B47782173C346E376CB374D1, FE799FE4A41752A2B47027EA88214BF3E39B317302939F4A2D0F2A4EFAAC2F13 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
16:08:04.0500 0x02b8 VolSnap - ok
16:08:04.0531 0x02b8 [ D6BA1A63D9E00933F1CD2A885573AFB2, 36311A060635CEC1DBB6D8A746B8A4D007706EAE97D51A5E12F9958AB16BE486 ] VSS C:\WINDOWS\System32\vssvc.exe
16:08:04.0546 0x02b8 VSS - ok
16:08:04.0578 0x02b8 [ FA4E1CDBA256787F2149F4AAD07BC91F, 1B5FC5248335D70094D04501AA2C30F54782B58FF8D573BE8E784A21529C7CAF ] W32Time C:\WINDOWS\system32\w32time.dll
16:08:04.0593 0x02b8 W32Time - ok
16:08:04.0609 0x02b8 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:08:04.0609 0x02b8 Wanarp - ok
16:08:04.0609 0x02b8 WDICA - ok
16:08:04.0625 0x02b8 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
16:08:04.0640 0x02b8 wdmaud - ok
16:08:04.0656 0x02b8 [ 47AE51048A82DFA1CD6B51D369F7E169, 742F2162B8BDE00D83715093EA9743338964597ED22648B9F4F139D7278235A4 ] WebClient C:\WINDOWS\System32\webclnt.dll
16:08:04.0656 0x02b8 WebClient - ok
16:08:04.0734 0x02b8 [ E488332126E3B1182D2B8A0C35408EC6, F9F60911DF0A539753B2BEF6FAD2D0AED1BC1C3F43509F79D9AF2F810CDE5D9B ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
16:08:04.0734 0x02b8 winmgmt - ok
16:08:04.0765 0x02b8 [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
16:08:04.0781 0x02b8 WmdmPmSN - ok
16:08:04.0859 0x02b8 [ 6538D6BDE04B56737FE743C24D4CE83D, 66F807C849FE7E4ED327915F2901D03D7C4B33530BD2D801C9A47E1483455F91 ] Wmi C:\WINDOWS\System32\advapi32.dll
16:08:04.0890 0x02b8 Wmi - ok
16:08:04.0921 0x02b8 [ 23F6F03272F7E5679F1F050AED5ACEE6, 87EBE773F3E8FFE2F1E1DB435BB0E8852031AA88112EB791085AD3DA918B49CC ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
16:08:04.0921 0x02b8 WmiApSrv - ok
16:08:04.0937 0x02b8 [ CF4DEF1BF66F06964DC0D91844239104, CC1D9CECE2056D29A9651D51BB57C3F4F9BF9E90A4808CF7496C683C874FBD51 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
16:08:04.0937 0x02b8 WpdUsb - ok
16:08:05.0062 0x02b8 [ DCF3E3EDF5109EE8BC02FE6E1F045795, 4B8E14B1CFB095982D34DAEC336114F5039D7793080FB787DC95A63B6B945DD0 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
16:08:05.0093 0x02b8 WPFFontCache_v0400 - ok
16:08:05.0125 0x02b8 [ 4C86D5FAF78194995AF9CC1075F65DD3, D3B23BB0971E0DBC0A51720067489C224323B603178E91149BF56F779DE352F0 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
16:08:05.0140 0x02b8 wscsvc - ok
16:08:05.0156 0x02b8 [ C1364564800EE9784192145324A23308, 5345BAE00364233594C9CF99CE2CC485E65B5D4FFBB81C86B2950EDA2427584C ] wuauserv C:\WINDOWS\system32\wuauserv.dll
16:08:05.0156 0x02b8 wuauserv - ok
16:08:05.0203 0x02b8 [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
16:08:05.0203 0x02b8 WudfPf - ok
16:08:05.0218 0x02b8 [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
16:08:05.0234 0x02b8 WudfRd - ok
16:08:05.0250 0x02b8 [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
16:08:05.0250 0x02b8 WudfSvc - ok
16:08:05.0312 0x02b8 [ A27D4BA7264C0BF52F32D10405BEA1D4, 5F28607CCAB15FB601BEB35FF0B1A5CD27C678C6D1CA724E842C33EED4579B8C ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
16:08:05.0328 0x02b8 WZCSVC - ok
16:08:05.0359 0x02b8 [ EAA4BB9EDB3FB10CF8979FE65E63658F, B80EB477100FD3E26513360E09DB6EBF0C8D8B0618F1F4BF1F387ABA6DEC9B64 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
16:08:05.0375 0x02b8 xmlprov - ok
16:08:05.0375 0x02b8 ================ Scan global ===============================
16:08:05.0406 0x02b8 [ F36278E42C8C5DF03CE17DAC8231C91C, D012A3C8F394DF4F0BF5D5A4C10E73BBF427762B7D3DB6CF5FAB96536E082B7A ] C:\WINDOWS\system32\basesrv.dll
16:08:05.0468 0x02b8 [ 77A41C497ADB0C96D1E8DF6F71D843C0, 39A425A66B127F91B9A6FB5A0832B51ACD5928645D62D09FDA0AB95D3836E479 ] C:\WINDOWS\system32\winsrv.dll
16:08:05.0515 0x02b8 [ 77A41C497ADB0C96D1E8DF6F71D843C0, 39A425A66B127F91B9A6FB5A0832B51ACD5928645D62D09FDA0AB95D3836E479 ] C:\WINDOWS\system32\winsrv.dll
16:08:05.0546 0x02b8 [ F0D2AE69035092BF22DAD6B50FAB85C2, 982ED53375D9B5F6D3CE290A93987BE98407C746C24FEC7833F9D4D4AF443AD7 ] C:\WINDOWS\system32\services.exe
16:08:05.0546 0x02b8 [ Global ] - ok
16:08:05.0546 0x02b8 ================ Scan MBR ==================================
16:08:05.0562 0x02b8 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
16:08:05.0812 0x02b8 \Device\Harddisk0\DR0 - ok
16:08:05.0812 0x02b8 ================ Scan VBR ==================================
16:08:05.0812 0x02b8 [ A655253ED7CA7623FE4F14B57F8BA3BC ] \Device\Harddisk0\DR0\Partition1
16:08:05.0812 0x02b8 \Device\Harddisk0\DR0\Partition1 - ok
16:08:05.0828 0x02b8 [ 947E211E6B513ECEDB75F8FA993DF33A ] \Device\Harddisk0\DR0\Partition2
16:08:05.0843 0x02b8 \Device\Harddisk0\DR0\Partition2 - ok
16:08:05.0843 0x02b8 Waiting for KSN requests completion. In queue: 242
16:08:06.0843 0x02b8 Waiting for KSN requests completion. In queue: 242
16:08:07.0843 0x02b8 Waiting for KSN requests completion. In queue: 242
16:08:08.0859 0x02b8 AV detected via SS1: avast! Antivirus, 5.0.150996960, disabled, updated
16:08:08.0859 0x02b8 Win FW state via NFM: disabled
16:08:11.0171 0x02b8 ============================================================
16:08:11.0171 0x02b8 Scan finished
16:08:11.0171 0x02b8 ============================================================
16:08:11.0171 0x0208 Detected object count: 0
16:08:11.0171 0x0208 Actual detected object count: 0

Příspěvekod **memphisto** » 07 dub 2014 18:01

Problémy?

mr.dodo · Příspěvekod **mr.dodo** » 07 dub 2014 18:25

Řekl bych, že stále to samé. Ke dříve spolehlivému nasimulování pádu aplikace, kde jsem si všiml problému, dochází pořád. MBAM stále při instalaci háže stejné chyby a při pokusu o jeho spuštění dojde k pádu. Jen oznámení o pádu aplikace se změnilo. Nyní vyskakuje typická WIN hláška " V aplikaci došlo k potížím, bylo nutné ji ukončit ... chtcete odeslat protokol ... blabla ... "

Příspěvekod **jaro3** » 07 dub 2014 19:20

Stáhni MbAM znovu a při ukládání zvol jiný název:
winlogon.exe
ten pak spusť normálně

Prosím o kontrolu - ukončování aplikací

Prosím o kontrolu - ukončování aplikací

Re: Prosím o kontrolu - ukončování aplikací

Re: Prosím o kontrolu - ukončování aplikací

Re: Prosím o kontrolu - ukončování aplikací

Re: Prosím o kontrolu - ukončování aplikací

Re: Prosím o kontrolu - ukončování aplikací

Re: Prosím o kontrolu - ukončování aplikací

Re: Prosím o kontrolu - ukončování aplikací

Re: Prosím o kontrolu - ukončování aplikací

Re: Prosím o kontrolu - ukončování aplikací

Re: Prosím o kontrolu - ukončování aplikací

Re: Prosím o kontrolu - ukončování aplikací

Kdo je online