Prosím o kontrolu HJT

Fucza · Příspěvekod **Fucza** » 23 dub 2014 19:55

Zdravím.
Asi jsem něco chytil. Po zapnutí mi to ukazuje toto:

Navíc mi to při posílání přes FTP weobvých stránek na server něco vkládá do kódu webových stránek. Moc díky.

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 19:52:18, on 23.4.2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.17267)

FIREFOX: 28.0 (cs)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\SMART Technologies\Education Software\SMARTInk.exe
C:\Program Files (x86)\SMART Technologies\Education Software\FloatingTools.exe
C:\Program Files (x86)\SMART Technologies\Education Software\SMARTNotification.exe
C:\Program Files (x86)\SMART Technologies\Education Software\SMARTTrayIcon.exe
C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe
C:\Program Files (x86)\SMART Technologies\Education Software\DesktopMenu.exe
C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\SBWDKService.exe
C:\Program Files (x86)\SMART Technologies\Education Software\ResponseConnectorService.exe
C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
C:\Program Files (x86)\SMART Technologies\Education Software\ResponseSoftwareService.exe
C:\Program Files (x86)\SMART Technologies\Education Software\Office\SMARTInk-SBSDKProxy.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe
C:\Program Files (x86)\Notepad++\notepad++.exe
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
C:\Users\Martin\Desktop\HijackThis.exe
C:\windows\SysWOW64\DllHost.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: HP ProtectTools Security Manager Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll
O2 - BHO: SMART Notebook Download Utility - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files (x86)\SMART Technologies\Education Software\NotebookPlugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [DTRun] c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe
O4 - HKLM\..\Run: [SMART Ink] "C:\Program Files (x86)\SMART Technologies\Education Software\SMARTInk.exe" -a
O4 - HKLM\..\Run: [SMART Floating Tools] "C:\Program Files (x86)\SMART Technologies\Education Software\FloatingTools.exe"
O4 - HKLM\..\Run: [SMARTNotification] "C:\Program Files (x86)\SMART Technologies\Education Software\SMARTNotification.exe"
O4 - HKLM\..\Run: [SMART Tray Tools] "C:\Program Files (x86)\SMART Technologies\Education Software\SMARTTrayIcon.exe"
O4 - HKLM\..\Run: [SMART Board Service] "C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe" -d
O4 - HKLM\..\Run: [sbsdk-server] "C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\NodeLauncher.exe"
O4 - HKLM\..\Run: [Response Desktop Menu] "C:\Program Files (x86)\SMART Technologies\Education Software\DesktopMenu.exe"
O4 - HKLM\..\Run: [ResponseConnectorService] "C:\Program Files (x86)\SMART Technologies\Education Software\response-connector-server\NodeLauncher.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - Startup: mq9lfvhrj.lnk = C:\Windows\System32\rundll32.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Bluetooth Device Manager - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
O23 - Service: Bluetooth Media Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\audiosrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\obexsrv.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Flexera Software LLC - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Response Hardware - SMART Technologies ULC - C:\Program Files (x86)\SMART Technologies\Education Software\ResponseHardwareService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: SMART Helper Service (SMARTHelperService) - SMART Technologies - C:\Program Files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12386 bytes

Reklama

Příspěvekod **fredik** » 24 dub 2014 08:18

Stáhni AdwCleaner (by Xplode)
Ulož si ho na plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovém disku jako AdwCleaner[R?].txt), celý jeho obsah sem vlož.

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Fucza · Příspěvekod **Fucza** » 24 dub 2014 09:30

Moc díky.

# AdwCleaner v3.202 - Report created 24/04/2014 at 09:27:32
# Updated 23/04/2014 by Xplode
# Operating System : Windows 7 Home Premium (64 bits)
# Username : Martin - MARTIN-HP
# Running from : C:\Users\Martin\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

File Found : C:\Users\Martin\daemonprocess.txt
Folder Found C:\Program Files (x86)\Mobogenie
Folder Found C:\Users\Martin\.android
Folder Found C:\Users\Martin\AppData\Local\genienext
Folder Found C:\Users\Martin\AppData\Local\Mobogenie
Folder Found C:\Users\Martin\AppData\Roaming\newnext.me
Folder Found C:\Users\Martin\Documents\Mobogenie

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\Softonic
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.7600.17267

-\\ Mozilla Firefox v28.0 (cs)

[ File : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\14ydu06m.default\prefs.js ]

*************************

AdwCleaner[R0].txt - [1369 octets] - [24/04/2014 09:27:32]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1429 octets] ##########

Příspěvekod **jaro3** » 24 dub 2014 09:46

A Malwarebytes' Anti-Malware?

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean“

Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Fucza · Příspěvekod **Fucza** » 24 dub 2014 09:53

Ten se teprve skenoval:

Malwarebytes Anti-Malware
http://www.malwarebytes.org

Scan Date: 24.4.2014
Scan Time: 9:52:19
Logfile: mban.txt
Administrator: Yes

Version: 2.00.1.1004
Malware Database: v2014.04.24.05
Rootkit Database: v2014.03.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Chameleon: Disabled

OS: Windows 7
CPU: x64
File System: NTFS
User: Martin

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 294638
Time Elapsed: 19 min, 4 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 1
PUP.Optional.Softonic.A, HKU\S-1-5-21-1945869482-4269240588-1351879139-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, , [56cf50de88f3c076e1207ff29c6613ed],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 2
PUP.Optional.NextLive.A, C:\Users\Martin\AppData\Roaming\newnext.me, , [a38227074f2c0234de3a9cc7b54d22de],
PUP.Optional.NextLive.A, C:\Users\Martin\AppData\Roaming\newnext.me\cache, , [a38227074f2c0234de3a9cc7b54d22de],

Files: 7
Hacktool.Agent, C:\$RECYCLE.BIN\S-1-5-21-1945869482-4269240588-1351879139-1002\$RM28PPL\Windows 7 ACTIVATION.zip, , [da4b5fcf0f6c72c4b89aeb5a1be6ca36],
Trojan.FakeMS, C:\Users\Martin\AppData\Local\Temp\mrx.dll, , [b471989687f4251126d3600f5ba6c838],
PUP.Optional.Softonic.A, C:\Users\Martin\AppData\Local\Temp\KMP_3.8.0.120.exe, , [53d20c22ed8e5dd94e3a2af19e63b44c],
PUP.Optional.Softonic.A, C:\Users\Martin\AppData\Local\Temp\KMP_3.8.0.121.exe, , [1114052947346acc0b7dbd5ec140f30d],
PUP.Optional.Softonic.A, C:\Users\Martin\AppData\Local\Temp\KMP_3.8.0.122.exe, , [dc494ae40c6fa6904147819a3dc4e21e],
PUP.Optional.NextLive.A, C:\Users\Martin\AppData\Roaming\newnext.me\nengine.cookie, , [a38227074f2c0234de3a9cc7b54d22de],
PUP.Optional.NextLive.A, C:\Users\Martin\AppData\Roaming\newnext.me\cache\spark.bin, , [a38227074f2c0234de3a9cc7b54d22de],

Physical Sectors: 0
(No malicious items detected)

(end)

-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
# AdwCleaner v3.202 - Report created 24/04/2014 at 09:57:06
# Updated 23/04/2014 by Xplode
# Operating System : Windows 7 Home Premium (64 bits)
# Username : Martin - MARTIN-HP
# Running from : C:\Users\Martin\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\Mobogenie
Folder Deleted : C:\Users\Martin\.android
Folder Deleted : C:\Users\Martin\AppData\Local\genienext
Folder Deleted : C:\Users\Martin\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Martin\AppData\Roaming\newnext.me
Folder Deleted : C:\Users\Martin\Documents\Mobogenie
File Deleted : C:\Users\Martin\daemonprocess.txt

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKCU\Software\Softonic

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.7600.17267

-\\ Mozilla Firefox v28.0 (cs)

[ File : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\14ydu06m.default\prefs.js ]

*************************

AdwCleaner[R0].txt - [1513 octets] - [24/04/2014 09:27:32]
AdwCleaner[R1].txt - [1573 octets] - [24/04/2014 09:56:19]
AdwCleaner[S0].txt - [1490 octets] - [24/04/2014 09:57:06]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1550 octets] ##########

--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Martin on źt 24.04.2014 at 10:04:19,83
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\Users\Martin\AppData\Roaming\thinstall"

~~~ FireFox

Emptied folder: C:\Users\Martin\AppData\Roaming\mozilla\firefox\profiles\14ydu06m.default\minidumps [15 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 24.04.2014 at 10:12:51,01
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Příspěvekod **jaro3** » 24 dub 2014 18:30

. spusť znovu MbAM a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.

Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

Fucza · Příspěvekod **Fucza** » 24 dub 2014 19:19

Zdravím. Díky. Nějak jsem to trochu zmastil. Po karanténě se mě to zeptalo na restart, tak jsem to odklikl, ale log ne a ne najít. Vyhledal jsem jen strukturovaný xml soubor, tak vkládám alespoň obsah:

<?xml version="1.0" encoding="UTF-16" ?>
- <mbam-log>
- <header>
<date>2014/04/24 18:59:26 +0200</date>
<log>mbam-log-2014-04-24 (18-47-34).xml</log>
<isadmin>yes</isadmin>
</header>
- <engine>
<version>2.00.1.1004</version>
<rules-database>v2014.04.24.07</rules-database>
<swissarmy-database>v2014.03.27.01</swissarmy-database>
<license>free</license>
<file-protection>disabled</file-protection>
<web-protection>disabled</web-protection>
<self-protection>disabled</self-protection>
</engine>
- <system>
<osversion>Windows 7</osversion>
<arch>x64</arch>
<username>Martin</username>
<filesys>NTFS</filesys>
</system>
- <summary>
<type>threat</type>
<result>completed</result>
<objects>295062</objects>
<time>693</time>
<processes>0</processes>
<modules>0</modules>
<keys>0</keys>
<values>0</values>
<datas>0</datas>
<folders>0</folders>
<files>4</files>
<sectors>0</sectors>
</summary>
- <options>
<memory>enabled</memory>
<startup>enabled</startup>
<filesystem>enabled</filesystem>
<archives>enabled</archives>
<rootkits>disabled</rootkits>
<deeprootkit>disabled</deeprootkit>
<shuriken>enabled</shuriken>
<pup>enabled</pup>
<pum>enabled</pum>
</options>
- <items>
- <file>
<path>C:\$RECYCLE.BIN\S-1-5-21-1945869482-4269240588-1351879139-1002\$RM28PPL\Windows 7 ACTIVATION.zip</path>
<vendor>Hacktool.Agent</vendor>
<action>success</action>
<hash>81a6c06ee19a0f272f45d5709869a957</hash>
</file>
- <file>
<path>C:\Users\Martin\AppData\Local\Temp\KMP_3.8.0.120.exe</path>
<vendor>PUP.Optional.Softonic.A</vendor>
<action>success</action>
<hash>84a398964536da5c7f2be63500019e62</hash>
</file>
- <file>
<path>C:\Users\Martin\AppData\Local\Temp\KMP_3.8.0.121.exe</path>
<vendor>PUP.Optional.Softonic.A</vendor>
<action>success</action>
<hash>59ce75b97803ba7ce7c343d8748dfc04</hash>
</file>
- <file>
<path>C:\Users\Martin\AppData\Local\Temp\KMP_3.8.0.122.exe</path>
<vendor>PUP.Optional.Softonic.A</vendor>
<action>success</action>
<hash>39eec8663843a09638723ddeed1427d9</hash>
</file>
</items>
</mbam-log>

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
RogueKiller V8.8.15 _x64_ [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7600 ) 64 bits version
Spuštěno v : Normální režim
Uživatel : Martin [Práva správce]
Mód : Kontrola -- Datum : 04/24/2014 19:25:35
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 4 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> NALEZENO

¤¤¤ naplánované úlohy : 1 ¤¤¤
[V2][SUSP PATH] Registration : "C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe" - Registration ShowMessageTask2D [7][-] -> NALEZENO

¤¤¤ spuštění položky : 1 ¤¤¤
[Martin][SUSP PATH] mq9lfvhrj.lnk : C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mq9lfvhrj.lnk @C:\Windows\System32\rundll32.exe C:\PROGRA~3\299219~1\jrhvfl9qm.cpp,work [-][7][x] -> NALEZENO

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD5000BPVT-00HXZT1 +++++
--- User ---
[MBR] d40f084ed81a9db0854c5ab93bc73e08
[BSP] cd27ed3eb96aab5c994ff939e1f9cca6 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 300 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 616448 | Size: 459235 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 941129728 | Size: 15360 MB
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 972587008 | Size: 2043 MB
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) SD Card +++++
--- User ---
[MBR] 9ef8869fcbea5ebf564bf14d16a43bc0
[BSP] df4f83c1f72e36823a12b0dfc7617313 : Empty MBR Code
Partition table:
0 - [ACTIVE] FAT32 (0x0b) [VISIBLE] Offset (sectors): 8192 | Size: 7456 MB
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

Dokončeno : << RKreport[0]_S_04242014_192535.txt >>
RKreport[0]_S_04242014_192322.txt

Příspěvekod **jaro3** » 25 dub 2014 09:35

MbAM udělej ještě jednou.

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků

Fucza · Příspěvekod **Fucza** » 25 dub 2014 10:37

Díky.

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 25.4.2014
Scan Time: 9:57:35
Logfile: dnes1.txt
Administrator: Yes

Version: 2.00.1.1004
Malware Database: v2014.04.25.03
Rootkit Database: v2014.03.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Chameleon: Disabled

OS: Windows 7
CPU: x64
File System: NTFS
User: Martin

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 295365
Time Elapsed: 11 min, 54 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

-------------------------------------------------------------------------------------------------------------------------------------------------------------------------

RogueKiller V8.8.15 _x64_ [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7600 ) 64 bits version
Spuštěno v : Normální režim
Uživatel : Martin [Práva správce]
Mód : Odebrat -- Datum : 04/25/2014 10:17:28
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 4 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> [0x2] Systém nemůže nalézt uvedený soubor.

¤¤¤ naplánované úlohy : 1 ¤¤¤
[V2][SUSP PATH] Registration : "C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe" - Registration ShowMessageTask2D [7][-] -> VYMAZÁNO

¤¤¤ spuštění položky : 1 ¤¤¤
[Martin][SUSP PATH] mq9lfvhrj.lnk : C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mq9lfvhrj.lnk @C:\Windows\System32\rundll32.exe C:\PROGRA~3\299219~1\jrhvfl9qm.cpp,work [-][7][x] -> VYMAZÁNO

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD5000BPVT-00HXZT1 +++++
--- User ---
[MBR] d40f084ed81a9db0854c5ab93bc73e08
[BSP] cd27ed3eb96aab5c994ff939e1f9cca6 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 300 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 616448 | Size: 459235 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 941129728 | Size: 15360 MB
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 972587008 | Size: 2043 MB
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) SD Card +++++
--- User ---
[MBR] 9ef8869fcbea5ebf564bf14d16a43bc0
[BSP] df4f83c1f72e36823a12b0dfc7617313 : Empty MBR Code
Partition table:
0 - [ACTIVE] FAT32 (0x0b) [VISIBLE] Offset (sectors): 8192 | Size: 7456 MB
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

Dokončeno : << RKreport[0]_D_04252014_101728.txt >>
RKreport[0]_S_04242014_192322.txt;RKreport[0]_S_04242014_192535.txt;RKreport[0]_S_04252014_101117.txt

---------------------------------------------------------------------------------------------------------------------------------------------------------

10:20:37.0925 6524 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
10:20:39.0954 6524 ============================================================
10:20:39.0954 6524 Current date / time: 2014/04/25 10:20:39.0954
10:20:39.0954 6524 SystemInfo:
10:20:39.0954 6524
10:20:39.0954 6524 OS Version: 6.1.7600 ServicePack: 0.0
10:20:39.0954 6524 Product type: Workstation
10:20:39.0954 6524 ComputerName: MARTIN-HP
10:20:39.0955 6524 UserName: Martin
10:20:39.0955 6524 Windows directory: C:\windows
10:20:39.0955 6524 System windows directory: C:\windows
10:20:39.0955 6524 Running under WOW64
10:20:39.0955 6524 Processor architecture: Intel x64
10:20:39.0955 6524 Number of processors: 4
10:20:39.0955 6524 Page size: 0x1000
10:20:39.0955 6524 Boot type: Normal boot
10:20:39.0955 6524 ============================================================
10:20:40.0542 6524 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:20:40.0567 6524 Drive \Device\Harddisk1\DR1 - Size: 0x1D2400000 (7.29 Gb), SectorSize: 0x200, Cylinders: 0x3B7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:20:40.0572 6524 ============================================================
10:20:40.0572 6524 \Device\Harddisk0\DR0:
10:20:40.0572 6524 MBR partitions:
10:20:40.0572 6524 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x96000
10:20:40.0572 6524 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x96800, BlocksNum 0x380F1800
10:20:40.0572 6524 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x38188000, BlocksNum 0x1E00000
10:20:40.0572 6524 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x39F88000, BlocksNum 0x3FD800
10:20:40.0572 6524 \Device\Harddisk1\DR1:
10:20:40.0574 6524 MBR partitions:
10:20:40.0574 6524 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x2000, BlocksNum 0xE90000
10:20:40.0574 6524 ============================================================
10:20:40.0641 6524 C: <-> \Device\Harddisk0\DR0\Partition2
10:20:40.0677 6524 E: <-> \Device\Harddisk0\DR0\Partition4
10:20:40.0677 6524 ============================================================
10:20:40.0677 6524 Initialize success
10:20:40.0677 6524 ============================================================
10:20:54.0963 4132 ============================================================
10:20:54.0963 4132 Scan started
10:20:54.0963 4132 Mode: Manual;
10:20:54.0963 4132 ============================================================
10:20:55.0313 4132 ================ Scan system memory ========================
10:20:55.0313 4132 System memory - ok
10:20:55.0313 4132 ================ Scan services =============================
10:20:55.0683 4132 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\windows\system32\DRIVERS\1394ohci.sys
10:20:55.0683 4132 1394ohci - ok
10:20:55.0733 4132 [ 1CFFE9C06E66A57DAE1452E449A58240 ] Accelerometer C:\windows\system32\DRIVERS\Accelerometer.sys
10:20:55.0733 4132 Accelerometer - ok
10:20:55.0833 4132 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
10:20:55.0833 4132 ACDaemon - ok
10:20:55.0893 4132 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\windows\system32\DRIVERS\ACPI.sys
10:20:55.0893 4132 ACPI - ok
10:20:55.0913 4132 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\windows\system32\DRIVERS\acpipmi.sys
10:20:55.0913 4132 AcpiPmi - ok
10:20:56.0123 4132 [ C2CE3311D2477B1B24CFB67020AD49B6 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:20:56.0133 4132 AdobeFlashPlayerUpdateSvc - ok
10:20:56.0183 4132 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
10:20:56.0193 4132 adp94xx - ok

Fucza · Příspěvekod **Fucza** » 25 dub 2014 10:39

10:20:56.0243 4132 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
10:20:56.0253 4132 adpahci - ok
10:20:56.0283 4132 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
10:20:56.0293 4132 adpu320 - ok
10:20:56.0323 4132 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
10:20:56.0323 4132 AeLookupSvc - ok
10:20:56.0403 4132 [ 6CCD1135320109D6B219F1A6E04AD9F6 ] Afc C:\windows\syswow64\drivers\Afc.sys
10:20:56.0403 4132 Afc - ok
10:20:56.0453 4132 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\windows\system32\drivers\afd.sys
10:20:56.0463 4132 AFD - ok
10:20:56.0533 4132 [ 98022774D9930ECBB292E70DB7601DF6 ] AgereSoftModem C:\windows\system32\DRIVERS\agrsm64.sys
10:20:56.0553 4132 AgereSoftModem - ok
10:20:56.0593 4132 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\DRIVERS\agp440.sys
10:20:56.0593 4132 agp440 - ok
10:20:56.0623 4132 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
10:20:56.0623 4132 ALG - ok
10:20:56.0653 4132 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\DRIVERS\aliide.sys
10:20:56.0653 4132 aliide - ok
10:20:56.0693 4132 [ 5A06AB7AB4D389DFE3C109599DF0BB65 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
10:20:56.0703 4132 AMD External Events Utility - ok
10:20:56.0733 4132 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\DRIVERS\amdide.sys
10:20:56.0733 4132 amdide - ok
10:20:56.0753 4132 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
10:20:56.0753 4132 AmdK8 - ok
10:20:56.0903 4132 [ 650DDCCD6657E20737433CB774521B81 ] amdkmdag C:\windows\system32\DRIVERS\atikmdag.sys
10:20:57.0083 4132 amdkmdag - ok
10:20:57.0113 4132 [ F51B013C55B30DBE3AD59A7FE197C5BA ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
10:20:57.0123 4132 amdkmdap - ok
10:20:57.0183 4132 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
10:20:57.0183 4132 AmdPPM - ok
10:20:57.0233 4132 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\windows\system32\drivers\amdsata.sys
10:20:57.0243 4132 amdsata - ok
10:20:57.0263 4132 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
10:20:57.0263 4132 amdsbs - ok
10:20:57.0283 4132 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\windows\system32\drivers\amdxata.sys
10:20:57.0283 4132 amdxata - ok
10:20:57.0323 4132 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\windows\system32\drivers\appid.sys
10:20:57.0323 4132 AppID - ok
10:20:57.0373 4132 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
10:20:57.0383 4132 AppIDSvc - ok
10:20:57.0413 4132 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\windows\System32\appinfo.dll
10:20:57.0413 4132 Appinfo - ok
10:20:57.0453 4132 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\DRIVERS\arc.sys
10:20:57.0453 4132 arc - ok
10:20:57.0463 4132 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
10:20:57.0463 4132 arcsas - ok
10:20:57.0483 4132 ARCVCAM - ok
10:20:57.0613 4132 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:20:57.0613 4132 aspnet_state - ok
10:20:57.0643 4132 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
10:20:57.0643 4132 AsyncMac - ok
10:20:57.0683 4132 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\DRIVERS\atapi.sys
10:20:57.0683 4132 atapi - ok
10:20:57.0733 4132 [ 2D648572BA9A610952FCAFBA1E119C2D ] AtiHdmiService C:\windows\system32\drivers\AtiHdmi.sys
10:20:57.0733 4132 AtiHdmiService - ok
10:20:57.0793 4132 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
10:20:57.0803 4132 AudioEndpointBuilder - ok
10:20:57.0823 4132 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\windows\System32\Audiosrv.dll
10:20:57.0823 4132 AudioSrv - ok
10:20:57.0873 4132 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\windows\System32\AxInstSV.dll
10:20:57.0873 4132 AxInstSV - ok
10:20:57.0913 4132 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
10:20:57.0913 4132 b06bdrv - ok
10:20:57.0973 4132 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
10:20:57.0983 4132 b57nd60a - ok
10:20:58.0053 4132 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
10:20:58.0053 4132 BDESVC - ok
10:20:58.0063 4132 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
10:20:58.0063 4132 Beep - ok
10:20:58.0123 4132 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\windows\System32\bfe.dll
10:20:58.0143 4132 BFE - ok
10:20:58.0223 4132 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\windows\System32\qmgr.dll
10:20:58.0253 4132 BITS - ok
10:20:58.0343 4132 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
10:20:58.0343 4132 blbdrive - ok
10:20:58.0513 4132 [ 2BBD2AB07D779278114BA6A694972F1A ] Bluetooth Device Manager C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
10:20:58.0623 4132 Bluetooth Device Manager - ok
10:20:58.0673 4132 [ 87D6A02028E47CA696C4294C658E3EE6 ] Bluetooth Media Service C:\Program Files\Motorola\Bluetooth\audiosrv.exe
10:20:58.0713 4132 Bluetooth Media Service - ok
10:20:58.0723 4132 [ 9AF4B2CF2F98CF6157CDFD917AE5785B ] Bluetooth OBEX Service C:\Program Files\Motorola\Bluetooth\obexsrv.exe
10:20:58.0733 4132 Bluetooth OBEX Service - ok
10:20:58.0793 4132 [ 19D20159708E152267E53B66677A4995 ] bowser C:\windows\system32\DRIVERS\bowser.sys
10:20:58.0803 4132 bowser - ok
10:20:58.0823 4132 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
10:20:58.0823 4132 BrFiltLo - ok
10:20:58.0843 4132 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
10:20:58.0843 4132 BrFiltUp - ok
10:20:58.0873 4132 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
10:20:58.0873 4132 BridgeMP - ok
10:20:58.0923 4132 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\windows\System32\browser.dll
10:20:58.0923 4132 Browser - ok
10:20:58.0953 4132 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
10:20:58.0953 4132 Brserid - ok
10:20:59.0033 4132 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
10:20:59.0033 4132 BrSerWdm - ok
10:20:59.0033 4132 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
10:20:59.0033 4132 BrUsbMdm - ok
10:20:59.0053 4132 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
10:20:59.0053 4132 BrUsbSer - ok
10:20:59.0093 4132 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
10:20:59.0093 4132 BthEnum - ok
10:20:59.0123 4132 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
10:20:59.0123 4132 BTHMODEM - ok
10:20:59.0153 4132 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
10:20:59.0153 4132 BthPan - ok
10:20:59.0183 4132 [ E10D1912634974EA273A1588C75CCB76 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
10:20:59.0193 4132 BTHPORT - ok
10:20:59.0273 4132 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
10:20:59.0283 4132 bthserv - ok
10:20:59.0313 4132 [ 19B784B6ECBB3ADBB2242700FEE90BEC ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
10:20:59.0313 4132 BTHUSB - ok
10:20:59.0343 4132 [ E588420B950DAC5AC397F76660BCE520 ] BTMCOM C:\windows\system32\Drivers\btmcom.sys
10:20:59.0343 4132 BTMCOM - ok
10:20:59.0473 4132 [ 4EEF6B894E05FC245640DCEE9190A053 ] BTMUSB C:\windows\system32\Drivers\btmusb.sys
10:20:59.0583 4132 BTMUSB - ok
10:20:59.0643 4132 catchme - ok
10:20:59.0673 4132 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
10:20:59.0673 4132 cdfs - ok
10:20:59.0723 4132 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
10:20:59.0723 4132 cdrom - ok
10:20:59.0763 4132 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\windows\System32\certprop.dll
10:20:59.0763 4132 CertPropSvc - ok
10:20:59.0783 4132 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\DRIVERS\circlass.sys
10:20:59.0783 4132 circlass - ok
10:20:59.0813 4132 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
10:20:59.0823 4132 CLFS - ok
10:20:59.0883 4132 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:20:59.0883 4132 clr_optimization_v2.0.50727_32 - ok
10:20:59.0913 4132 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:20:59.0923 4132 clr_optimization_v2.0.50727_64 - ok
10:20:59.0993 4132 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:20:59.0993 4132 clr_optimization_v4.0.30319_32 - ok
10:21:00.0013 4132 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:21:00.0043 4132 clr_optimization_v4.0.30319_64 - ok
10:21:00.0093 4132 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
10:21:00.0093 4132 CmBatt - ok
10:21:00.0103 4132 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\DRIVERS\cmdide.sys
10:21:00.0103 4132 cmdide - ok
10:21:00.0173 4132 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\windows\system32\Drivers\cng.sys
10:21:00.0173 4132 CNG - ok
10:21:00.0203 4132 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
10:21:00.0203 4132 Compbatt - ok
10:21:00.0223 4132 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
10:21:00.0223 4132 CompositeBus - ok
10:21:00.0243 4132 COMSysApp - ok
10:21:00.0253 4132 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
10:21:00.0253 4132 crcdisk - ok
10:21:00.0313 4132 [ BAF19B633933A9FB4883D27D66C39E9A ] CryptSvc C:\windows\system32\cryptsvc.dll
10:21:00.0313 4132 CryptSvc - ok
10:21:00.0353 4132 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\windows\system32\rpcss.dll
10:21:00.0363 4132 DcomLaunch - ok
10:21:00.0403 4132 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
10:21:00.0413 4132 defragsvc - ok
10:21:00.0453 4132 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\windows\system32\Drivers\dfsc.sys
10:21:00.0463 4132 DfsC - ok
10:21:00.0493 4132 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\windows\system32\dhcpcore.dll
10:21:00.0503 4132 Dhcp - ok
10:21:00.0553 4132 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
10:21:00.0553 4132 discache - ok
10:21:00.0613 4132 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\DRIVERS\disk.sys
10:21:00.0613 4132 Disk - ok
10:21:00.0653 4132 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\windows\System32\dnsrslvr.dll
10:21:00.0653 4132 Dnscache - ok
10:21:00.0683 4132 DolBoot - ok
10:21:00.0703 4132 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\windows\System32\dot3svc.dll
10:21:00.0703 4132 dot3svc - ok
10:21:00.0793 4132 [ EF8004B4A9552C77FD0E99AB08841D13 ] DpHost c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
10:21:00.0803 4132 DpHost - ok
10:21:00.0813 4132 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\windows\system32\dps.dll
10:21:00.0823 4132 DPS - ok
10:21:00.0853 4132 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
10:21:00.0853 4132 drmkaud - ok
10:21:00.0913 4132 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
10:21:00.0943 4132 DXGKrnl - ok
10:21:01.0013 4132 [ D00EAE9C735A7DEE8049E50D73D25434 ] eamonm C:\windows\system32\DRIVERS\eamonm.sys
10:21:01.0013 4132 eamonm - ok
10:21:01.0053 4132 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
10:21:01.0063 4132 EapHost - ok
10:21:01.0153 4132 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
10:21:01.0253 4132 ebdrv - ok
10:21:01.0303 4132 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\windows\System32\lsass.exe
10:21:01.0303 4132 EFS - ok
10:21:01.0333 4132 [ E5EDDE3C8158DD0CBC5812F201DCDED0 ] ehdrv C:\windows\system32\DRIVERS\ehdrv.sys
10:21:01.0343 4132 ehdrv - ok
10:21:01.0423 4132 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\windows\ehome\ehRecvr.exe
10:21:01.0433 4132 ehRecvr - ok
10:21:01.0483 4132 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
10:21:01.0483 4132 ehSched - ok
10:21:01.0583 4132 [ AD4FAADE819E0DA9933BEA7C01D2C763 ] ekrn C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
10:21:01.0593 4132 ekrn - ok
10:21:01.0643 4132 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
10:21:01.0653 4132 elxstor - ok
10:21:01.0713 4132 [ 3EBB7FD3C605262B942868A1D840F4F1 ] epfwwfpr C:\windows\system32\DRIVERS\epfwwfpr.sys
10:21:01.0713 4132 epfwwfpr - ok
10:21:01.0733 4132 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\DRIVERS\errdev.sys
10:21:01.0733 4132 ErrDev - ok
10:21:01.0783 4132 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
10:21:01.0783 4132 EventSystem - ok
10:21:01.0813 4132 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
10:21:01.0813 4132 exfat - ok
10:21:01.0833 4132 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
10:21:01.0833 4132 fastfat - ok
10:21:01.0873 4132 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\windows\system32\fxssvc.exe
10:21:01.0883 4132 Fax - ok
10:21:01.0913 4132 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\DRIVERS\fdc.sys
10:21:01.0913 4132 fdc - ok
10:21:01.0933 4132 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
10:21:01.0943 4132 fdPHost - ok
10:21:01.0953 4132 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
10:21:01.0953 4132 FDResPub - ok
10:21:01.0973 4132 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
10:21:01.0973 4132 FileInfo - ok
10:21:01.0993 4132 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
10:21:01.0993 4132 Filetrace - ok
10:21:02.0113 4132 [ 00EDB531DFB127197D625204B138269B ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
10:21:02.0153 4132 FLEXnet Licensing Service - ok
10:21:02.0213 4132 [ 52C0312AB35EB7187015FB6A99136BB5 ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
10:21:02.0223 4132 FLEXnet Licensing Service 64 - ok
10:21:02.0263 4132 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
10:21:02.0263 4132 flpydisk - ok
10:21:02.0293 4132 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
10:21:02.0293 4132 FltMgr - ok
10:21:02.0363 4132 [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache C:\windows\system32\FntCache.dll
10:21:02.0393 4132 FontCache - ok
10:21:02.0443 4132 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:21:02.0443 4132 FontCache3.0.0.0 - ok
10:21:02.0463 4132 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
10:21:02.0463 4132 FsDepends - ok
10:21:02.0503 4132 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
10:21:02.0503 4132 Fs_Rec - ok
10:21:02.0573 4132 [ 1F44F8559E61A8306ECC67BB1E168B7C ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
10:21:02.0573 4132 fvevol - ok
10:21:02.0593 4132 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
10:21:02.0593 4132 gagp30kx - ok
10:21:02.0653 4132 [ 16C2A6BCDDA8952C2035DEC861492A19 ] ggflt C:\windows\system32\DRIVERS\ggflt.sys
10:21:02.0653 4132 ggflt - ok
10:21:02.0713 4132 [ 6B503DF845EABF3457E49FBBDA26C10E ] ggsemc C:\windows\system32\DRIVERS\ggsemc.sys
10:21:02.0713 4132 ggsemc - ok
10:21:02.0753 4132 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\windows\System32\gpsvc.dll
10:21:02.0763 4132 gpsvc - ok
10:21:02.0963 4132 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:21:02.0963 4132 gupdate - ok
10:21:02.0983 4132 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:21:02.0983 4132 gupdatem - ok
10:21:03.0013 4132 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
10:21:03.0013 4132 hcw85cir - ok
10:21:03.0043 4132 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
10:21:03.0043 4132 HdAudAddService - ok
10:21:03.0073 4132 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
10:21:03.0083 4132 HDAudBus - ok
10:21:03.0123 4132 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\windows\system32\DRIVERS\HECIx64.sys
10:21:03.0123 4132 HECIx64 - ok
10:21:03.0143 4132 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
10:21:03.0153 4132 HidBatt - ok
10:21:03.0173 4132 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
10:21:03.0173 4132 HidBth - ok
10:21:03.0203 4132 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\DRIVERS\hidir.sys
10:21:03.0203 4132 HidIr - ok
10:21:03.0233 4132 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\System32\hidserv.dll
10:21:03.0233 4132 hidserv - ok
10:21:03.0263 4132 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
10:21:03.0263 4132 HidUsb - ok
10:21:03.0293 4132 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\windows\system32\kmsvc.dll
10:21:03.0293 4132 hkmsvc - ok
10:21:03.0313 4132 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\windows\system32\ListSvc.dll
10:21:03.0313 4132 HomeGroupListener - ok
10:21:03.0353 4132 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\windows\system32\provsvc.dll
10:21:03.0363 4132 HomeGroupProvider - ok
10:21:03.0433 4132 [ 3F4ADD4196E2B860019539837BE305F9 ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
10:21:03.0443 4132 HP Health Check Service - ok
10:21:03.0503 4132 [ AE2A8C80205F06BE5EDC63BE0AE9A756 ] HP ProtectTools Service c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
10:21:03.0503 4132 HP ProtectTools Service - ok
10:21:03.0563 4132 [ 58CC11D14D88EF70EF7ABBC75B5EEBD8 ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
10:21:03.0563 4132 HP Wireless Assistant Service - ok
10:21:03.0633 4132 [ 881F74074963CDAD8C475D09DC3A0BB6 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
10:21:03.0633 4132 HPDrvMntSvc.exe - ok
10:21:03.0643 4132 [ 05712FDDBD45A5864EB326FAABC6A4E3 ] hpdskflt C:\windows\system32\DRIVERS\hpdskflt.sys
10:21:03.0653 4132 hpdskflt - ok
10:21:03.0673 4132 [ B98EE5D4535A685634B90F7E04DE0DF7 ] HpqKbFiltr C:\windows\system32\DRIVERS\HpqKbFiltr.sys
10:21:03.0673 4132 HpqKbFiltr - ok
10:21:03.0703 4132 [ FE51B163A618B1CBF015485D21C1BC68 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
10:21:03.0713 4132 hpqwmiex - ok
10:21:03.0763 4132 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\windows\system32\DRIVERS\HpSAMD.sys
10:21:03.0763 4132 HpSAMD - ok
10:21:03.0793 4132 [ AA036CC5F5221D9B915F4D4DCE74BA9A ] hpsrv C:\windows\system32\Hpservice.exe
10:21:03.0793 4132 hpsrv - ok
10:21:03.0843 4132 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\windows\system32\drivers\HTTP.sys
10:21:03.0853 4132 HTTP - ok
10:21:03.0873 4132 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
10:21:03.0873 4132 hwpolicy - ok
10:21:03.0923 4132 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
10:21:03.0923 4132 i8042prt - ok
10:21:03.0963 4132 [ ABBF174CB394F5C437410A788B7E404A ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
10:21:03.0963 4132 iaStor - ok
10:21:04.0043 4132 [ 31A0E93CDF29007D6C6FFFB632F375ED ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
10:21:04.0053 4132 IAStorDataMgrSvc - ok
10:21:04.0103 4132 [ B75E45C564E944A2657167D197AB29DA ] iaStorV C:\windows\system32\drivers\iaStorV.sys
10:21:04.0103 4132 iaStorV - ok
10:21:04.0163 4132 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:21:04.0193 4132 idsvc - ok
10:21:04.0243 4132 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
10:21:04.0243 4132 iirsp - ok
10:21:04.0293 4132 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\windows\System32\ikeext.dll
10:21:04.0313 4132 IKEEXT - ok
10:21:04.0363 4132 [ 4B6363CD4610BB848531BB260B15DFCC ] Impcd C:\windows\system32\DRIVERS\Impcd.sys
10:21:04.0363 4132 Impcd - ok
10:21:04.0433 4132 [ CAA8BC6737DFA3BF1A50175CFB226788 ] InputFilter_Hid_FlexDef2b C:\windows\system32\DRIVERS\InputFilter_FlexDef2b.sys
10:21:04.0433 4132 InputFilter_Hid_FlexDef2b - ok
10:21:04.0453 4132 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\DRIVERS\intelide.sys
10:21:04.0453 4132 intelide - ok
10:21:04.0483 4132 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
10:21:04.0483 4132 intelppm - ok
10:21:04.0503 4132 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
10:21:04.0503 4132 IPBusEnum - ok
10:21:04.0533 4132 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
10:21:04.0533 4132 IpFilterDriver - ok
10:21:04.0563 4132 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
10:21:04.0573 4132 iphlpsvc - ok
10:21:04.0593 4132 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\windows\system32\DRIVERS\IPMIDrv.sys
10:21:04.0593 4132 IPMIDRV - ok
10:21:04.0613 4132 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
10:21:04.0613 4132 IPNAT - ok
10:21:04.0633 4132 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
10:21:04.0633 4132 IRENUM - ok
10:21:04.0653 4132 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\DRIVERS\isapnp.sys
10:21:04.0663 4132 isapnp - ok
10:21:04.0683 4132 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\windows\system32\DRIVERS\msiscsi.sys
10:21:04.0683 4132 iScsiPrt - ok
10:21:04.0703 4132 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
10:21:04.0703 4132 kbdclass - ok
10:21:04.0723 4132 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
10:21:04.0723 4132 kbdhid - ok
10:21:04.0763 4132 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\windows\system32\lsass.exe
10:21:04.0763 4132 KeyIso - ok
10:21:04.0813 4132 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
10:21:04.0813 4132 KSecDD - ok
10:21:04.0833 4132 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
10:21:04.0843 4132 KSecPkg - ok
10:21:04.0863 4132 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
10:21:04.0863 4132 ksthunk - ok
10:21:04.0903 4132 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
10:21:04.0913 4132 KtmRm - ok
10:21:04.0943 4132 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\windows\System32\srvsvc.dll
10:21:04.0953 4132 LanmanServer - ok
10:21:04.0983 4132 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
10:21:04.0983 4132 LanmanWorkstation - ok
10:21:05.0033 4132 [ 83D8BE94E1CBCBE2EA8372DB1A95A159 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
10:21:05.0043 4132 LightScribeService - ok
10:21:05.0073 4132 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
10:21:05.0073 4132 lltdio - ok
10:21:05.0113 4132 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
10:21:05.0113 4132 lltdsvc - ok
10:21:05.0143 4132 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
10:21:05.0143 4132 lmhosts - ok
10:21:05.0203 4132 [ BB4E55778D8DE3885E1CDAC795DE7BCE ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
10:21:05.0213 4132 LMS - ok
10:21:05.0243 4132 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
10:21:05.0243 4132 LSI_FC - ok
10:21:05.0263 4132 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
10:21:05.0273 4132 LSI_SAS - ok
10:21:05.0283 4132 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
10:21:05.0283 4132 LSI_SAS2 - ok
10:21:05.0303 4132 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
10:21:05.0303 4132 LSI_SCSI - ok
10:21:05.0323 4132 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
10:21:05.0323 4132 luafv - ok
10:21:05.0393 4132 [ 024DA28053D57E9E32BEE52600576BBB ] MarvinBus C:\windows\system32\DRIVERS\MarvinBus64.sys
10:21:05.0403 4132 MarvinBus - ok
10:21:05.0443 4132 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
10:21:05.0443 4132 Mcx2Svc - ok
10:21:05.0463 4132 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\DRIVERS\megasas.sys
10:21:05.0463 4132 megasas - ok
10:21:05.0483 4132 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
10:21:05.0483 4132 MegaSR - ok
10:21:05.0523 4132 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
10:21:05.0523 4132 MMCSS - ok
10:21:05.0543 4132 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
10:21:05.0543 4132 Modem - ok
10:21:05.0563 4132 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
10:21:05.0563 4132 monitor - ok
10:21:05.0593 4132 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
10:21:05.0593 4132 mouclass - ok
10:21:05.0633 4132 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
10:21:05.0633 4132 mouhid - ok
10:21:05.0673 4132 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\windows\system32\drivers\mountmgr.sys
10:21:05.0673 4132 mountmgr - ok
10:21:05.0723 4132 [ AEE4E9CC59CDEB55B1ECB0E596E796BE ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:21:05.0723 4132 MozillaMaintenance - ok
10:21:05.0743 4132 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\windows\system32\DRIVERS\mpio.sys
10:21:05.0743 4132 mpio - ok
10:21:05.0763 4132 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
10:21:05.0763 4132 mpsdrv - ok
10:21:05.0823 4132 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\windows\system32\mpssvc.dll
10:21:05.0843 4132 MpsSvc - ok
10:21:05.0863 4132 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
10:21:05.0863 4132 MRxDAV - ok
10:21:05.0903 4132 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
10:21:05.0903 4132 mrxsmb - ok
10:21:05.0923 4132 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
10:21:05.0933 4132 mrxsmb10 - ok
10:21:05.0983 4132 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
10:21:05.0983 4132 mrxsmb20 - ok
10:21:06.0013 4132 [ 5E939CF91EA4A841DBAFE4627E0292BB ] msahci C:\windows\system32\DRIVERS\msahci.sys
10:21:06.0013 4132 msahci - ok
10:21:06.0033 4132 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\windows\system32\DRIVERS\msdsm.sys
10:21:06.0033 4132 msdsm - ok
10:21:06.0043 4132 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
10:21:06.0053 4132 MSDTC - ok
10:21:06.0073 4132 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
10:21:06.0073 4132 Msfs - ok
10:21:06.0093 4132 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
10:21:06.0093 4132 mshidkmdf - ok
10:21:06.0103 4132 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\DRIVERS\msisadrv.sys
10:21:06.0103 4132 msisadrv - ok
10:21:06.0143 4132 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
10:21:06.0153 4132 MSiSCSI - ok
10:21:06.0153 4132 msiserver - ok
10:21:06.0193 4132 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
10:21:06.0193 4132 MSKSSRV - ok
10:21:06.0213 4132 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
10:21:06.0223 4132 MSPCLOCK - ok
10:21:06.0233 4132 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
10:21:06.0233 4132 MSPQM - ok
10:21:06.0263 4132 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
10:21:06.0263 4132 MsRPC - ok
10:21:06.0273 4132 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
10:21:06.0283 4132 mssmbios - ok
10:21:06.0283 4132 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
10:21:06.0283 4132 MSTEE - ok
10:21:06.0303 4132 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
10:21:06.0303 4132 MTConfig - ok
10:21:06.0313 4132 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
10:21:06.0323 4132 Mup - ok
10:21:06.0353 4132 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\windows\system32\qagentRT.dll
10:21:06.0363 4132 napagent - ok
10:21:06.0393 4132 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
10:21:06.0393 4132 NativeWifiP - ok
10:21:06.0433 4132 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\windows\system32\drivers\ndis.sys
10:21:06.0443 4132 NDIS - ok
10:21:06.0493 4132 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
10:21:06.0493 4132 NdisCap - ok
10:21:06.0523 4132 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
10:21:06.0523 4132 NdisTapi - ok
10:21:06.0533 4132 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
10:21:06.0533 4132 Ndisuio - ok
10:21:06.0563 4132 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
10:21:06.0563 4132 NdisWan - ok
10:21:06.0593 4132 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\windows\system32\drivers\NDProxy.sys
10:21:06.0593 4132 NDProxy - ok
10:21:06.0613 4132 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
10:21:06.0613 4132 NetBIOS - ok
10:21:06.0633 4132 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\windows\system32\DRIVERS\netbt.sys
10:21:06.0633 4132 NetBT - ok
10:21:06.0663 4132 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\windows\system32\lsass.exe
10:21:06.0663 4132 Netlogon - ok
10:21:06.0693 4132 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
10:21:06.0703 4132 Netman - ok
10:21:06.0753 4132 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:21:06.0763 4132 NetMsmqActivator - ok
10:21:06.0763 4132 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:21:06.0773 4132 NetPipeActivator - ok
10:21:06.0833 4132 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
10:21:06.0843 4132 netprofm - ok
10:21:06.0893 4132 [ B964D4C524A80ABA22DB16FC1EDED0A9 ] netr28x C:\windows\system32\DRIVERS\netr28x.sys
10:21:06.0923 4132 netr28x - ok
10:21:06.0943 4132 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:21:06.0943 4132 NetTcpActivator - ok
10:21:06.0953 4132 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:21:06.0953 4132 NetTcpPortSharing - ok
10:21:06.0983 4132 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
10:21:06.0983 4132 nfrd960 - ok
10:21:07.0033 4132 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\windows\System32\nlasvc.dll
10:21:07.0033 4132 NlaSvc - ok
10:21:07.0043 4132 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
10:21:07.0043 4132 Npfs - ok
10:21:07.0063 4132 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
10:21:07.0063 4132 nsi - ok
10:21:07.0073 4132 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
10:21:07.0073 4132 nsiproxy - ok
10:21:07.0153 4132 [ 9A6089B056EA1B83B36424FC9D0A300E ] Ntfs C:\windows\system32\drivers\Ntfs.sys
10:21:07.0173 4132 Ntfs - ok
10:21:07.0193 4132 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
10:21:07.0193 4132 Null - ok
10:21:07.0233 4132 [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid C:\windows\system32\drivers\nvraid.sys
10:21:07.0233 4132 nvraid - ok
10:21:07.0283 4132 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor C:\windows\system32\drivers\nvstor.sys
10:21:07.0283 4132 nvstor - ok
10:21:07.0323 4132 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\DRIVERS\nv_agp.sys
10:21:07.0323 4132 nv_agp - ok
10:21:07.0443 4132 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:21:07.0453 4132 odserv - ok
10:21:07.0503 4132 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\DRIVERS\ohci1394.sys
10:21:07.0503 4132 ohci1394 - ok
10:21:07.0543 4132 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:21:07.0543 4132 ose - ok
10:21:07.0583 4132 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
10:21:07.0593 4132 p2pimsvc - ok
10:21:07.0613 4132 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
10:21:07.0623 4132 p2psvc - ok
10:21:07.0663 4132 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\DRIVERS\parport.sys
10:21:07.0663 4132 Parport - ok
10:21:07.0693 4132 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\windows\system32\drivers\partmgr.sys
10:21:07.0693 4132 partmgr - ok
10:21:07.0713 4132 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
10:21:07.0713 4132 PcaSvc - ok
10:21:07.0723 4132 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\windows\system32\DRIVERS\pci.sys
10:21:07.0733 4132 pci - ok
10:21:07.0743 4132 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\DRIVERS\pciide.sys
10:21:07.0743 4132 pciide - ok
10:21:07.0773 4132 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
10:21:07.0783 4132 pcmcia - ok
10:21:07.0793 4132 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
10:21:07.0793 4132 pcw - ok
10:21:07.0823 4132 pdfcDispatcher - ok
10:21:07.0843 4132 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
10:21:07.0853 4132 PEAUTH - ok
10:21:07.0993 4132 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
10:21:07.0993 4132 PerfHost - ok
10:21:08.0053 4132 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\windows\system32\pla.dll
10:21:08.0083 4132 pla - ok
10:21:08.0133 4132 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\windows\system32\umpnpmgr.dll
10:21:08.0143 4132 PlugPlay - ok
10:21:08.0153 4132 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
10:21:08.0153 4132 PNRPAutoReg - ok
10:21:08.0173 4132 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
10:21:08.0173 4132 PNRPsvc - ok
10:21:08.0203 4132 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
10:21:08.0213 4132 PolicyAgent - ok
10:21:08.0243 4132 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
10:21:08.0243 4132 Power - ok
10:21:08.0293 4132 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
10:21:08.0293 4132 PptpMiniport - ok
10:21:08.0313 4132 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\DRIVERS\processr.sys
10:21:08.0313 4132 Processor - ok
10:21:08.0363 4132 [ 97293447431311C06703368AD0F6C4BE ] ProfSvc C:\windows\system32\profsvc.dll
10:21:08.0363 4132 ProfSvc - ok
10:21:08.0383 4132 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\windows\system32\lsass.exe
10:21:08.0383 4132 ProtectedStorage - ok
10:21:08.0403 4132 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\windows\system32\DRIVERS\pacer.sys
10:21:08.0403 4132 Psched - ok
10:21:08.0463 4132 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
10:21:08.0503 4132 ql2300 - ok
10:21:08.0523 4132 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
10:21:08.0523 4132 ql40xx - ok
10:21:08.0563 4132 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
10:21:08.0563 4132 QWAVE - ok
10:21:08.0583 4132 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
10:21:08.0583 4132 QWAVEdrv - ok
10:21:08.0603 4132 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
10:21:08.0603 4132 RasAcd - ok
10:21:08.0643 4132 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
10:21:08.0643 4132 RasAgileVpn - ok
10:21:08.0663 4132 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
10:21:08.0663 4132 RasAuto - ok
10:21:08.0683 4132 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
10:21:08.0693 4132 Rasl2tp - ok
10:21:08.0713 4132 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\windows\System32\rasmans.dll
10:21:08.0713 4132 RasMan - ok
10:21:08.0733 4132 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
10:21:08.0733 4132 RasPppoe - ok
10:21:08.0753 4132 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
10:21:08.0763 4132 RasSstp - ok
10:21:08.0773 4132 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
10:21:08.0783 4132 rdbss - ok
10:21:08.0803 4132 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
10:21:08.0803 4132 rdpbus - ok
10:21:08.0833 4132 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
10:21:08.0833 4132 RDPCDD - ok
10:21:08.0843 4132 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
10:21:08.0853 4132 RDPENCDD - ok
10:21:08.0863 4132 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
10:21:08.0863 4132 RDPREFMP - ok
10:21:08.0913 4132 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
10:21:08.0913 4132 RDPWD - ok
10:21:08.0933 4132 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\windows\system32\drivers\rdyboost.sys
10:21:08.0943 4132 rdyboost - ok
10:21:08.0973 4132 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
10:21:08.0973 4132 RemoteAccess - ok
10:21:09.0013 4132 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
10:21:09.0013 4132 RemoteRegistry - ok
10:21:09.0083 4132 [ 8B49BE311B00242D32E7EA6FF7957790 ] Response Hardware C:\Program Files (x86)\SMART Technologies\Education Software\ResponseHardwareService.exe
10:21:09.0113 4132 Response Hardware - ok
10:21:09.0153 4132 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
10:21:09.0153 4132 RFCOMM - ok
10:21:09.0173 4132 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
10:21:09.0183 4132 RpcEptMapper - ok
10:21:09.0203 4132 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
10:21:09.0203 4132 RpcLocator - ok
10:21:09.0223 4132 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\windows\System32\rpcss.dll
10:21:09.0233 4132 RpcSs - ok
10:21:09.0273 4132 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
10:21:09.0283 4132 rspndr - ok
10:21:09.0323 4132 [ 30F463768D5143BFD7B2DF822B53CF4D ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
10:21:09.0323 4132 RSUSBSTOR - ok
10:21:09.0363 4132 [ FD978B2BF8A9B2390DCBEF435E9C1F9F ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
10:21:09.0363 4132 RTL8167 - ok
10:21:09.0403 4132 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\windows\system32\lsass.exe
10:21:09.0403 4132 SamSs - ok
10:21:09.0423 4132 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\windows\system32\DRIVERS\sbp2port.sys
10:21:09.0423 4132 sbp2port - ok
10:21:09.0453 4132 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
10:21:09.0463 4132 SCardSvr - ok
10:21:09.0473 4132 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
10:21:09.0473 4132 scfilter - ok
10:21:09.0523 4132 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\windows\system32\schedsvc.dll
10:21:09.0553 4132 Schedule - ok
10:21:09.0593 4132 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\windows\System32\certprop.dll
10:21:09.0593 4132 SCPolicySvc - ok
10:21:09.0613 4132 [ 54E47AD086782D3AE9417C155CDCEB9B ] sdbus C:\windows\system32\DRIVERS\sdbus.sys
10:21:09.0613 4132 sdbus - ok
10:21:09.0643 4132 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\windows\System32\SDRSVC.dll
10:21:09.0643 4132 SDRSVC - ok
10:21:09.0673 4132 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
10:21:09.0673 4132 secdrv - ok
10:21:09.0683 4132 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\windows\system32\seclogon.dll
10:21:09.0683 4132 seclogon - ok
10:21:09.0703 4132 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\system32\sens.dll
10:21:09.0713 4132 SENS - ok
10:21:09.0723 4132 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
10:21:09.0733 4132 SensrSvc - ok
10:21:09.0773 4132 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\DRIVERS\serenum.sys
10:21:09.0773 4132 Serenum - ok
10:21:09.0813 4132 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\DRIVERS\serial.sys
10:21:09.0813 4132 Serial - ok
10:21:09.0843 4132 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
10:21:09.0853 4132 sermouse - ok
10:21:09.0873 4132 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\windows\system32\sessenv.dll
10:21:09.0883 4132 SessionEnv - ok
10:21:09.0893 4132 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\DRIVERS\sffdisk.sys
10:21:09.0893 4132 sffdisk - ok
10:21:09.0903 4132 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\DRIVERS\sffp_mmc.sys
10:21:09.0903 4132 sffp_mmc - ok
10:21:09.0903 4132 [ 178298F767FE638C9FEDCBDEF58BB5E4 ] sffp_sd C:\windows\system32\DRIVERS\sffp_sd.sys
10:21:09.0903 4132 sffp_sd - ok
10:21:09.0923 4132 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
10:21:09.0923 4132 sfloppy - ok
10:21:09.0983 4132 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
10:21:09.0983 4132 SharedAccess - ok
10:21:10.0003 4132 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\windows\System32\shsvcs.dll
10:21:10.0013 4132 ShellHWDetection - ok
10:21:10.0023 4132 [ 75F3C451D41B35089E92D368EE190ACA ] silabenm C:\windows\system32\DRIVERS\silabenm.sys
10:21:10.0033 4132 silabenm - ok
10:21:10.0063 4132 [ B816D865910E8F5B7E12D593EC584D91 ] silabser C:\windows\system32\DRIVERS\silabser.sys
10:21:10.0063 4132 silabser - ok
10:21:10.0073 4132 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
10:21:10.0083 4132 SiSRaid2 - ok
10:21:10.0103 4132 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
10:21:10.0103 4132 SiSRaid4 - ok
10:21:10.0193 4132 [ 50D9949020E02B847CD48F1243FCB895 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
10:21:10.0193 4132 SkypeUpdate - ok
10:21:10.0243 4132 [ 9941D8C977DD41DEE54E796580D4EA3B ] SMARTHelperService C:\Program Files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe
10:21:10.0263 4132 SMARTHelperService - ok
10:21:10.0293 4132 [ BCE703FE67976C57B789F19A77C4C7D1 ] SMARTMouseFilterx64 C:\windows\system32\DRIVERS\SMARTMouseFilterx64.sys
10:21:10.0293 4132 SMARTMouseFilterx64 - ok
10:21:10.0323 4132 [ C02C2D6EBC48A52C0C2922BD86CCEEDE ] SMARTVHidMiniVistaAmd64 C:\windows\system32\DRIVERS\SMARTVHidMiniVistaAmd64.sys
10:21:10.0323 4132 SMARTVHidMiniVistaAmd64 - ok
10:21:10.0353 4132 [ 8588412F05C55E397374F97588CC7381 ] SMARTVTabletPCx64 C:\windows\system32\DRIVERS\SMARTVTabletPCx64.sys
10:21:10.0353 4132 SMARTVTabletPCx64 - ok
10:21:10.0393 4132 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
10:21:10.0393 4132 Smb - ok
10:21:10.0453 4132 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
10:21:10.0453 4132 SNMPTRAP - ok
10:21:10.0523 4132 [ 6FC63B4B19FB809336034D5C5C4D2BC0 ] SNP2UVC C:\windows\system32\DRIVERS\snp2uvc.sys
10:21:10.0583 4132 SNP2UVC - ok
10:21:10.0653 4132 [ 0FFE35F0B0CD5A324BBE22F02569AE3B ] speedfan C:\windows\syswow64\speedfan.sys
10:21:10.0663 4132 speedfan - ok
10:21:10.0673 4132 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
10:21:10.0673 4132 spldr - ok
10:21:10.0723 4132 [ 567977DC43CC13C4C35ED7084C0B84D5 ] Spooler C:\windows\System32\spoolsv.exe
10:21:10.0733 4132 Spooler - ok
10:21:10.0813 4132 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\windows\system32\sppsvc.exe
10:21:10.0833 4132 sppsvc - ok
10:21:10.0843 4132 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
10:21:10.0843 4132 sppuinotify - ok
10:21:10.0893 4132 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\windows\system32\DRIVERS\srv.sys
10:21:10.0903 4132 srv - ok
10:21:10.0923 4132 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
10:21:10.0923 4132 srv2 - ok
10:21:10.0963 4132 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
10:21:10.0963 4132 srvnet - ok
10:21:10.0993 4132 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
10:21:11.0003 4132 SSDPSRV - ok
10:21:11.0013 4132 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
10:21:11.0023 4132 SstpSvc - ok
10:21:11.0053 4132 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
10:21:11.0053 4132 stexstor - ok
10:21:11.0083 4132 STHDA - ok
10:21:11.0103 4132 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\windows\System32\wiaservc.dll
10:21:11.0113 4132 stisvc - ok
10:21:11.0133 4132 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
10:21:11.0133 4132 swenum - ok
10:21:11.0153 4132 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
10:21:11.0153 4132 swprv - ok
10:21:11.0233 4132 [ D268D2A0DB2A2BBE963E688D0B039267 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
10:21:11.0283 4132 SynTP - ok
10:21:11.0323 4132 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\windows\system32\sysmain.dll
10:21:11.0363 4132 SysMain - ok
10:21:11.0383 4132 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\windows\System32\TabSvc.dll
10:21:11.0383 4132 TabletInputService - ok
10:21:11.0403 4132 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\windows\System32\tapisrv.dll
10:21:11.0403 4132 TapiSrv - ok
10:21:11.0473 4132 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
10:21:11.0473 4132 TBS - ok
10:21:11.0553 4132 [ 5CFB7AB8F9524D1A1E14369DE63B83CC ] Tcpip C:\windows\system32\drivers\tcpip.sys
10:21:11.0603 4132 Tcpip - ok
10:21:11.0653 4132 [ 5CFB7AB8F9524D1A1E14369DE63B83CC ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
10:21:11.0663 4132 TCPIP6 - ok
10:21:11.0713 4132 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
10:21:11.0713 4132 tcpipreg - ok
10:21:11.0723 4132 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
10:21:11.0733 4132 TDPIPE - ok
10:21:11.0753 4132 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
10:21:11.0753 4132 TDTCP - ok
10:21:11.0763 4132 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\windows\system32\DRIVERS\tdx.sys
10:21:11.0763 4132 tdx - ok
10:21:11.0983 4132 [ 6B1B2F8D62D606B200C2072564090104 ] TeamViewer8 C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
10:21:12.0003 4132 TeamViewer8 - ok
10:21:12.0033 4132 [ C448651339196C0E869A355171875522 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
10:21:12.0033 4132 TermDD - ok
10:21:12.0073 4132 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\windows\System32\termsrv.dll
10:21:12.0073 4132 TermService - ok
10:21:12.0093 4132 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
10:21:12.0093 4132 Themes - ok
10:21:12.0123 4132 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
10:21:12.0123 4132 THREADORDER - ok
10:21:12.0153 4132 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\windows\system32\drivers\tpm.sys
10:21:12.0153 4132 TPM - ok
10:21:12.0173 4132 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
10:21:12.0173 4132 TrkWks - ok
10:21:12.0233 4132 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
10:21:12.0233 4132 TrustedInstaller - ok
10:21:12.0253 4132 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
10:21:12.0253 4132 tssecsrv - ok
10:21:12.0293 4132 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
10:21:12.0303 4132 tunnel - ok
10:21:12.0313 4132 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
10:21:12.0313 4132 uagp35 - ok
10:21:12.0343 4132 [ C06E6F4679CEB8F430B90A51D76D8D3C ] udfs C:\windows\system32\DRIVERS\udfs.sys
10:21:12.0343 4132 udfs - ok
10:21:12.0373 4132 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
10:21:12.0373 4132 UI0Detect - ok
10:21:12.0393 4132 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\DRIVERS\uliagpkx.sys
10:21:12.0403 4132 uliagpkx - ok
10:21:12.0443 4132 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\windows\system32\DRIVERS\umbus.sys
10:21:12.0443 4132 umbus - ok
10:21:12.0453 4132 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\DRIVERS\umpass.sys
10:21:12.0453 4132 UmPass - ok
10:21:12.0603 4132 [ 44AA8D5D3B3B5610FEF46CA8A9C52D8C ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
10:21:12.0623 4132 UNS - ok
10:21:12.0643 4132 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
10:21:12.0653 4132 upnphost - ok
10:21:12.0693 4132 [ 77B01BC848298223A95D4EC23E1785A1 ] usbaudio C:\windows\system32\drivers\usbaudio.sys
10:21:12.0693 4132 usbaudio - ok
10:21:12.0743 4132 [ 537A4E03D7103C12D42DFD8FFDB5BDC9 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
10:21:12.0743 4132 usbccgp - ok
10:21:12.0783 4132 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\DRIVERS\usbcir.sys
10:21:12.0783 4132 usbcir - ok
10:21:12.0803 4132 [ FBB21EBE49F6D560DB37AC25FBC68E66 ] usbehci C:\windows\system32\drivers\usbehci.sys
10:21:12.0803 4132 usbehci - ok
10:21:12.0833 4132 [ 6B7A8A99C4A459E73C286A6763EA24CC ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
10:21:12.0833 4132 usbhub - ok
10:21:12.0883 4132 [ 8C88AA7617B4CBC2E4BED61D26B33A27 ] usbohci C:\windows\system32\drivers\usbohci.sys
10:21:12.0883 4132 usbohci - ok
10:21:12.0903 4132 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
10:21:12.0903 4132 usbprint - ok
10:21:12.0953 4132 [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
10:21:12.0963 4132 USBSTOR - ok
10:21:12.0983 4132 [ 0B5B3B2DF3FD1709618ACFA50B8392B0 ] usbuhci C:\windows\system32\drivers\usbuhci.sys
10:21:12.0983 4132 usbuhci - ok
10:21:13.0033 4132 [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
10:21:13.0033 4132 usbvideo - ok
10:21:13.0063 4132 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
10:21:13.0063 4132 UxSms - ok
10:21:13.0083 4132 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\windows\system32\lsass.exe
10:21:13.0083 4132 VaultSvc - ok
10:21:13.0153 4132 [ F81A2648BFF893C8EFD9897811B14263 ] vcsFPService C:\windows\system32\vcsFPService.exe

Fucza · Příspěvekod **Fucza** » 25 dub 2014 10:41

10:21:13.0173 4132 vcsFPService - ok
10:21:13.0213 4132 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\DRIVERS\vdrvroot.sys
10:21:13.0223 4132 vdrvroot - ok
10:21:13.0243 4132 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\windows\System32\vds.exe
10:21:13.0253 4132 vds - ok
10:21:13.0273 4132 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
10:21:13.0273 4132 vga - ok
10:21:13.0293 4132 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
10:21:13.0293 4132 VgaSave - ok
10:21:13.0313 4132 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\windows\system32\DRIVERS\vhdmp.sys
10:21:13.0313 4132 vhdmp - ok
10:21:13.0333 4132 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\DRIVERS\viaide.sys
10:21:13.0333 4132 viaide - ok
10:21:13.0353 4132 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\windows\system32\DRIVERS\volmgr.sys
10:21:13.0363 4132 volmgr - ok
10:21:13.0413 4132 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\windows\system32\drivers\volmgrx.sys
10:21:13.0423 4132 volmgrx - ok
10:21:13.0493 4132 [ 9E425AC5C9A5A973273D169F43B4F5E1 ] volsnap C:\windows\system32\drivers\volsnap.sys
10:21:13.0493 4132 volsnap - ok
10:21:13.0523 4132 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
10:21:13.0533 4132 vsmraid - ok
10:21:13.0583 4132 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\windows\system32\vssvc.exe
10:21:13.0623 4132 VSS - ok
10:21:13.0703 4132 [ E72B7F6AD60EC55B2BBEF6C6202CDE2A ] VSTWinDriver6 C:\windows\system32\drivers\VSTwindrvr6.sys
10:21:13.0703 4132 VSTWinDriver6 - ok
10:21:13.0723 4132 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
10:21:13.0723 4132 vwifibus - ok
10:21:13.0763 4132 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
10:21:13.0763 4132 vwififlt - ok
10:21:13.0773 4132 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
10:21:13.0773 4132 vwifimp - ok
10:21:13.0803 4132 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
10:21:13.0813 4132 W32Time - ok
10:21:13.0833 4132 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
10:21:13.0833 4132 WacomPen - ok
10:21:13.0863 4132 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
10:21:13.0863 4132 WANARP - ok
10:21:13.0873 4132 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
10:21:13.0873 4132 Wanarpv6 - ok
10:21:13.0963 4132 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
10:21:14.0003 4132 WatAdminSvc - ok
10:21:14.0053 4132 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\windows\system32\wbengine.exe
10:21:14.0093 4132 wbengine - ok
10:21:14.0123 4132 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
10:21:14.0123 4132 WbioSrvc - ok
10:21:14.0183 4132 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\windows\System32\wcncsvc.dll
10:21:14.0193 4132 wcncsvc - ok
10:21:14.0213 4132 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
10:21:14.0213 4132 WcsPlugInService - ok
10:21:14.0243 4132 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\DRIVERS\wd.sys
10:21:14.0243 4132 Wd - ok
10:21:14.0283 4132 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
10:21:14.0283 4132 Wdf01000 - ok
10:21:14.0303 4132 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
10:21:14.0303 4132 WdiServiceHost - ok
10:21:14.0313 4132 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
10:21:14.0313 4132 WdiSystemHost - ok
10:21:14.0343 4132 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\windows\System32\webclnt.dll
10:21:14.0353 4132 WebClient - ok
10:21:14.0373 4132 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
10:21:14.0383 4132 Wecsvc - ok
10:21:14.0393 4132 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
10:21:14.0393 4132 wercplsupport - ok
10:21:14.0423 4132 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
10:21:14.0423 4132 WerSvc - ok
10:21:14.0463 4132 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
10:21:14.0463 4132 WfpLwf - ok
10:21:14.0473 4132 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
10:21:14.0473 4132 WIMMount - ok
10:21:14.0493 4132 WinDefend - ok
10:21:14.0503 4132 WinHttpAutoProxySvc - ok
10:21:14.0563 4132 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
10:21:14.0563 4132 Winmgmt - ok
10:21:14.0623 4132 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\windows\system32\WsmSvc.dll
10:21:14.0673 4132 WinRM - ok
10:21:14.0753 4132 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
10:21:14.0753 4132 WinUsb - ok
10:21:14.0793 4132 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
10:21:14.0823 4132 Wlansvc - ok
10:21:14.0943 4132 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:21:14.0963 4132 wlidsvc - ok
10:21:14.0993 4132 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys
10:21:14.0993 4132 WmiAcpi - ok
10:21:15.0033 4132 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
10:21:15.0043 4132 wmiApSrv - ok
10:21:15.0053 4132 WMPNetworkSvc - ok
10:21:15.0083 4132 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
10:21:15.0083 4132 WPCSvc - ok
10:21:15.0103 4132 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
10:21:15.0113 4132 WPDBusEnum - ok
10:21:15.0123 4132 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
10:21:15.0123 4132 ws2ifsl - ok
10:21:15.0143 4132 [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc C:\windows\system32\wscsvc.dll
10:21:15.0153 4132 wscsvc - ok
10:21:15.0153 4132 WSearch - ok
10:21:15.0233 4132 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
10:21:15.0283 4132 wuauserv - ok
10:21:15.0343 4132 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys
10:21:15.0343 4132 WudfPf - ok
10:21:15.0383 4132 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
10:21:15.0383 4132 WUDFRd - ok
10:21:15.0433 4132 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll
10:21:15.0433 4132 wudfsvc - ok
10:21:15.0463 4132 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
10:21:15.0463 4132 WwanSvc - ok
10:21:15.0503 4132 ================ Scan global ===============================
10:21:15.0523 4132 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
10:21:15.0573 4132 [ 3FB74FF230B5D240A57AE1C4A3D0459D ] C:\windows\system32\winsrv.dll
10:21:15.0593 4132 [ 3FB74FF230B5D240A57AE1C4A3D0459D ] C:\windows\system32\winsrv.dll
10:21:15.0613 4132 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
10:21:15.0653 4132 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
10:21:15.0663 4132 [Global] - ok
10:21:15.0663 4132 ================ Scan MBR ==================================
10:21:15.0683 4132 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:21:16.0013 4132 \Device\Harddisk0\DR0 - ok
10:21:16.0023 4132 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
10:21:16.0073 4132 \Device\Harddisk1\DR1 - ok
10:21:16.0073 4132 ================ Scan VBR ==================================
10:21:16.0073 4132 [ FF6BE3BAF4E916BC3C0B45BE3137804C ] \Device\Harddisk0\DR0\Partition1
10:21:16.0073 4132 \Device\Harddisk0\DR0\Partition1 - ok
10:21:16.0083 4132 [ F48279816828875441023E35F9E4C801 ] \Device\Harddisk0\DR0\Partition2
10:21:16.0093 4132 \Device\Harddisk0\DR0\Partition2 - ok
10:21:16.0123 4132 [ 6EE6EA6814C12492CC2E2C0ADC462D81 ] \Device\Harddisk0\DR0\Partition3
10:21:16.0123 4132 \Device\Harddisk0\DR0\Partition3 - ok
10:21:16.0133 4132 [ 82491AF01B2E97DAE94F92EB91E6738E ] \Device\Harddisk0\DR0\Partition4
10:21:16.0143 4132 \Device\Harddisk0\DR0\Partition4 - ok
10:21:16.0143 4132 [ 552BE9127CDCDBCB3183F36D90EB9091 ] \Device\Harddisk1\DR1\Partition1
10:21:16.0143 4132 \Device\Harddisk1\DR1\Partition1 - ok
10:21:16.0143 4132 ============================================================
10:21:16.0143 4132 Scan finished
10:21:16.0143 4132 ============================================================
10:21:16.0163 2792 Detected object count: 0
10:21:16.0163 2792 Actual detected object count: 0
10:21:24.0773 5668 Deinitialize success

Příspěvekod **jaro3** » 25 dub 2014 18:41

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Prosím o kontrolu HJT

Prosím o kontrolu HJT

Re: Prosím o kontrolu HJT

Re: Prosím o kontrolu HJT

Re: Prosím o kontrolu HJT

Re: Prosím o kontrolu HJT

Re: Prosím o kontrolu HJT

Re: Prosím o kontrolu HJT

Re: Prosím o kontrolu HJT

Re: Prosím o kontrolu HJT

Re: Prosím o kontrolu HJT

Re: Prosím o kontrolu HJT

Re: Prosím o kontrolu HJT

Kdo je online