Win32/Olmarik.TDL4.trojan - prosim pomoc o odstranenie SURNE

[Vulgi]

Nazdar vsetci!! prosim Vas nod mi vypisal ze sa mi nachadza v operacnej pamati tento virus a potrebujem pomoct s odstranenim nakolko nod to nevie... Z plochy a aj celkovo mi zmizli vsetky veci o ktore nemozem prist!! ale inac v pc su zda sa mi ze su len skryte. Nemozem prist o tie data mam tam veci na maturitu a tento rok maturujem a mam tam kopu fotiek o ktore ked pridem tak ma vyhodia z domu. Prosim vas pomozte mi uz som z toho zufaly neviem co s tym. V zivote som taky virus nemal.
mam Win7 home premium 64bit

skusal som uz aj nastroj co ma este na odstranenie tohto viru na stranke ale ten mi hned vypisal ze ho nenasiel. Chcel som pustit nabootovat drweb live cd co mi odporucil ucitel v skole ale nechcelo mi to nabootovat a vypisalo mi to nejaky error. Teraz mam pusteny drweb cureit! ale mam taky dojem ze ten mi moc nepomoze.

Este raz vas velmi pekne prosim o pomoct potrebujem to co najskor.
Vopred vam velmi pekne dakujem!!!!!

[vyosek]

Zdravim a pekny podvecer preji

potrebujem to co najskor.

Jen na uvod - nase forum funguje na bazi dobrovolnosti, radci jsou tu zdarma a ve svem volnem case. Pokud potrebujete urgentni pomoc, mel jste se obratit na specializovane servisy...

Ja tu budu ale dne cely vecer, takze se nam snad podari haveti zbavit...

Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe

• Utilitu spustte a prikazte ji, at skenuje - klik na Start Scan
• Pokud utilita najde infikekci, bude ji chtit lecit (Cure), povolte leceni kliknutim na Continue
• Pokud utilita najde podezrely soubor (suspicious), bude jej chtit preskocit (Skip), povolte preskoceni kliknutim na Continue
• Po dokonceni skenu bude mozna nutny restart PC, povolte jej kliknutim na Reboot now
• Po restartu na Vas vyskoci log, pokud se tak nestane, najdete jej primo na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt - jeho obsah sem vlozte
• Pokud restart nebude vyzadovan, kliknete na Close a nasledne na Report - vytvori se log - jeho obsah sem vlozte

Dejte log z RSIT http://www.viry.cz/forum/viewtopic.php?f=13&t=105895

[Vulgi]

Logfile of random's system information tool 1.09 (written by random/random)
Run by Vulgi at 2011-11-10 17:20:14
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 6 GB (6%) free of 105 GB
Total RAM: 4095 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:20:50, on 10. 11. 2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\SysWOW64\HsMgr.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files\ASUS Xonar DX Audio\Customapp\ASUSAUDIOCENTER.EXE
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files\trend micro\Vulgi.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [HDD Regenerator] C:\Program Files (x86)\HDD Regenerator\HDD Regenerator.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [AtiTrayTools] "C:\Program Files (x86)\Ray Adams\ATI Tray Tools\atitray.exe"
O4 - HKCU\..\Run: [Infium] "C:\Program Files (x86)\QIP 2010\qip.exe" /autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AODService - Unknown owner - C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files (x86)\Ovislink\Common\RaRegistry.exe
O23 - Service: Ralink Registry Writer 64 (RalinkRegistryWriter64) - Ralink Technology, Corp. - C:\Program Files (x86)\Ovislink\Common\RaRegistry64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files (x86)\PC Tools Security\pctsSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9705 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Ovislink\Common\RaRegistry.exe"
"C:\Program Files (x86)\Ovislink\Common\RaRegistry64.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Tunngle\TnglCtrl.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\SysWOW64\HsMgr.exe" Envoke
"C:\Windows\system\HsMgr64.exe" Envoke
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe"
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files\ASUS Xonar DX Audio\Customapp\ASUSAUDIOCENTER.EXE"
"C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
WLIDSvcM.exe 2520
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-fb65a59d-1b1a-4d52-a45d-11584e28a494 -SystemEventPortName:HostProcess-d174ac9e-9e6f-4060-8d71-67c2c95aea98 -IoCancelEventPortName:HostProcess-ead3d826-dc73-44a0-86e7-c89e82a619eb -NonStateChangingEventPortName:HostProcess-6bec2035-6ee9-4dde-8835-2391ec04a724 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:476a44d3-f145-4ab5-99cb-d504e48db79e
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" -Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe16_ Global\UsGthrCtrlFltPipeMssGthrPipe16 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\Vulgi\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"c:\program files\windows defender\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey B39565F1-1D59-D7A0-F1E3-A4B31691BE73 -Reinvoke

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Vulgi\AppData\Roaming\Mozilla\Firefox\Profiles\ma8cwmx7.default

prefs.js - "browser.startup.homepage" - "www.google.sk"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
npdeployJava1.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npwachk.dll
QuickTimePlugin.class

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-12-24 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-08-12 2916584]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-07-06 11057768]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"Cmaudio8788"=C:\Windows\syswow64\RunDll32.exe [2009-07-14 44544]
"Cmaudio8788GX"=C:\Windows\syswow64\HsMgr.exe [2008-07-11 200704]
"Cmaudio8788GX64"=C:\Windows\system\HsMgr64.exe [2008-07-11 282112]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"AtiTrayTools"=C:\Program Files (x86)\Ray Adams\ATI Tray Tools\atitray.exe [2011-03-27 929280]
"Infium"=C:\Program Files (x86)\QIP 2010\qip.exe [2011-07-18 6812032]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-03-30 113296]
"HDD Regenerator"=C:\Program Files (x86)\HDD Regenerator\HDD Regenerator.exe [2010-10-14 4249872]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-09-08 343168]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2011-10-09 421736]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2011-10-24 421888]

C:\Users\Vulgi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 3.2.lnk - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
"DisableTaskMgr"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.XFR1"=xfcodec64.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2011-11-10 17:20:14 ----D---- C:\rsit
2011-11-10 17:20:14 ----D---- C:\Program Files\trend micro
2011-11-08 23:02:54 ----A---- C:\Windows\system32\drivers\Cat.DB
2011-11-08 23:02:49 ----A---- C:\Windows\system32\drivers\pctEFA64.sys
2011-11-08 23:02:49 ----A---- C:\Windows\system32\drivers\pctDS64.sys
2011-11-08 23:02:45 ----A---- C:\Windows\system32\drivers\pctwfpfilter64.sys
2011-11-08 23:02:45 ----A---- C:\Windows\system32\drivers\pctgntdi64.sys
2011-11-08 23:02:41 ----A---- C:\Windows\system32\drivers\PCTCore64.sys
2011-11-08 23:02:39 ----A---- C:\Windows\system32\drivers\pctplsg64.sys
2011-11-08 23:02:15 ----D---- C:\Users\Vulgi\AppData\Roaming\PC Tools
2011-11-08 23:02:15 ----D---- C:\Program Files (x86)\PC Tools Security
2011-11-08 23:02:15 ----AD---- C:\ProgramData\TEMP
2011-11-08 22:57:02 ----D---- C:\ProgramData\PC Tools
2011-11-05 17:33:31 ----A---- C:\Windows\ntbtlog.txt
2011-11-05 13:38:39 ----HD---- C:\Program Files (x86)\QuickTime
2011-11-04 11:46:51 ----N---- C:\Windows\system32\cmasiopx.ini
2011-11-04 11:46:51 ----N---- C:\Windows\system32\cmasiopx.dll
2011-11-04 11:46:51 ----N---- C:\Windows\system32\Cm_Oal.dll
2011-11-04 11:46:51 ----H---- C:\Windows\SYSWOW64\HsSrv2.dll
2011-11-04 11:46:51 ----H---- C:\Windows\SYSWOW64\HsSrv.dll
2011-11-04 11:46:51 ----H---- C:\Windows\SYSWOW64\HsMgr.exe
2011-11-04 11:46:51 ----H---- C:\Windows\SYSWOW64\Cmpaoxy.dll
2011-11-04 11:46:51 ----H---- C:\Windows\SYSWOW64\cmasiop.ini
2011-11-04 11:46:51 ----H---- C:\Windows\SYSWOW64\cmasiop.dll
2011-11-04 11:46:51 ----H---- C:\Windows\SYSWOW64\Cm_Oal.dll
2011-11-04 11:46:50 ----H---- C:\Windows\SYSWOW64\VmixP8.dll
2011-11-04 11:46:50 ----H---- C:\Windows\SYSWOW64\CmiCnfgp.dll
2011-11-04 11:46:39 ----N---- C:\Windows\system32\Cmeauoxy.exe
2011-11-04 11:35:12 ----A---- C:\Windows\system32\shell32.dll
2011-11-04 11:35:08 ----A---- C:\Windows\SYSWOW64\shell32.dll
2011-10-30 20:53:35 ----HD---- C:\Users\Vulgi\AppData\Roaming\ASUS
2011-10-30 20:53:12 ----HD---- C:\Program Files\ASUS Xonar DX Audio
2011-10-30 20:52:31 ----N---- C:\Windows\system32\CmiInstallResAll64.dll
2011-10-30 20:52:31 ----H---- C:\Windows\cmudaxp.ini
2011-10-30 20:52:31 ----AH---- C:\Windows\difxapi.dll
2011-10-30 20:08:44 ----AH---- C:\Windows\SYSWOW64\CmiFltr.dll
2011-10-30 20:08:44 ----A---- C:\Windows\system32\drivers\cmudaxp.sys
2011-10-30 20:08:44 ----A---- C:\Windows\system32\cmudaxp.dll
2011-10-25 18:07:23 ----HD---- C:\Program Files (x86)\Futuremark
2011-10-25 18:06:51 ----HD---- C:\Program Files\Futuremark
2011-10-25 16:59:23 ----HD---- C:\Program Files (x86)\FinalWire
2011-10-22 20:19:47 ----AH---- C:\Windows\SYSWOW64\Access.dat
2011-10-22 20:16:00 ----HD---- C:\Users\Vulgi\AppData\Roaming\Tunngle
2011-10-22 20:16:00 ----HD---- C:\ProgramData\Tunngle
2011-10-22 20:15:52 ----HD---- C:\Program Files (x86)\Tunngle
2011-10-22 20:15:52 ----A---- C:\Windows\system32\drivers\tap0901t.sys
2011-10-19 16:56:14 ----HD---- C:\Program Files\iPod
2011-10-19 16:55:45 ----HD---- C:\Program Files\iTunes
2011-10-19 16:55:45 ----HD---- C:\Program Files (x86)\iTunes
2011-10-19 16:42:41 ----HD---- C:\Program Files\Bonjour
2011-10-19 16:42:41 ----HD---- C:\Program Files (x86)\Bonjour
2011-10-12 22:38:44 ----HD---- C:\ProgramData\ATI
2011-10-12 22:38:13 ----HD---- C:\Program Files (x86)\AMD APP
2011-10-12 22:35:49 ----AH---- C:\Windows\SYSWOW64\Oemdspif.dll
2011-10-12 22:35:49 ----AH---- C:\Windows\SYSWOW64\atiumdmv.dll
2011-10-12 22:35:49 ----AH---- C:\Windows\SYSWOW64\atioglxx.dll
2011-10-12 22:35:49 ----AH---- C:\Windows\SYSWOW64\atimpc32.dll
2011-10-12 22:35:49 ----AH---- C:\Windows\SYSWOW64\atiglpxx.dll
2011-10-12 22:35:49 ----AH---- C:\Windows\SYSWOW64\atigktxx.dll
2011-10-12 22:35:49 ----AH---- C:\Windows\SYSWOW64\atidxx32.dll
2011-10-12 22:35:49 ----AH---- C:\Windows\SYSWOW64\aticalrt.dll
2011-10-12 22:35:49 ----AH---- C:\Windows\SYSWOW64\aticaldd.dll
2011-10-12 22:35:49 ----AH---- C:\Windows\SYSWOW64\aticalcl.dll
2011-10-12 22:35:49 ----AH---- C:\Windows\SYSWOW64\atiadlxy.dll
2011-10-12 22:35:49 ----AH---- C:\Windows\SYSWOW64\ati2edxx.dll
2011-10-12 22:35:49 ----AH---- C:\Windows\SYSWOW64\amdpcom32.dll
2011-10-12 22:35:49 ----A---- C:\Windows\system32\drivers\atikmpag.sys
2011-10-12 22:35:49 ----A---- C:\Windows\system32\drivers\atikmdag.sys
2011-10-12 22:35:49 ----A---- C:\Windows\system32\drivers\ati2erec.dll
2011-10-12 22:35:49 ----A---- C:\Windows\system32\atiumd6v.dll
2011-10-12 22:35:49 ----A---- C:\Windows\system32\atitmm64.dll
2011-10-12 22:35:49 ----A---- C:\Windows\system32\atipdl64.dll
2011-10-12 22:35:49 ----A---- C:\Windows\system32\atio6axx.dll
2011-10-12 22:35:49 ----A---- C:\Windows\system32\atimuixx.dll
2011-10-12 22:35:49 ----A---- C:\Windows\system32\atimpc64.dll
2011-10-12 22:35:49 ----A---- C:\Windows\system32\atiicdxx.dat
2011-10-12 22:35:49 ----A---- C:\Windows\system32\atiglpxx.dll
2011-10-12 22:35:49 ----A---- C:\Windows\system32\atig6txx.dll
2011-10-12 22:35:49 ----A---- C:\Windows\system32\atig6pxx.dll
2011-10-12 22:35:49 ----A---- C:\Windows\system32\atiesrxx.exe
2011-10-12 22:35:49 ----A---- C:\Windows\system32\atiedu64.dll
2011-10-12 22:35:49 ----A---- C:\Windows\system32\atieclxx.exe
2011-10-12 22:35:49 ----A---- C:\Windows\system32\ATIDEMGX.dll
2011-10-12 22:35:49 ----A---- C:\Windows\system32\aticalrt64.dll
2011-10-12 22:35:49 ----A---- C:\Windows\system32\aticaldd64.dll
2011-10-12 22:35:49 ----A---- C:\Windows\system32\aticalcl64.dll
2011-10-12 22:35:49 ----A---- C:\Windows\system32\atiapfxx.exe
2011-10-12 22:35:49 ----A---- C:\Windows\system32\atiadlxx.dll
2011-10-12 22:35:49 ----A---- C:\Windows\system32\amdpcom64.dll
2011-10-12 21:45:47 ----A---- C:\Windows\SYSWOW64\url.dll
2011-10-12 21:45:47 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-10-12 21:45:47 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-10-12 21:45:47 ----A---- C:\Windows\system32\url.dll
2011-10-12 21:45:47 ----A---- C:\Windows\system32\mshtmled.dll
2011-10-12 21:45:47 ----A---- C:\Windows\system32\iertutil.dll
2011-10-12 21:45:46 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-10-12 21:45:46 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-10-12 21:45:46 ----A---- C:\Windows\SYSWOW64\ieui.dll
2011-10-12 21:45:46 ----A---- C:\Windows\system32\wininet.dll
2011-10-12 21:45:46 ----A---- C:\Windows\system32\urlmon.dll
2011-10-12 21:45:46 ----A---- C:\Windows\system32\jsproxy.dll
2011-10-12 21:45:45 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2011-10-12 21:45:45 ----A---- C:\Windows\SYSWOW64\jscript.dll
2011-10-12 21:45:45 ----A---- C:\Windows\system32\jscript9.dll
2011-10-12 21:45:45 ----A---- C:\Windows\system32\jscript.dll
2011-10-12 21:45:45 ----A---- C:\Windows\system32\ieui.dll
2011-10-12 21:45:44 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-10-12 21:45:44 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2011-10-12 21:45:43 ----A---- C:\Windows\system32\mshtml.dll
2011-10-12 21:45:42 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-10-12 21:45:41 ----A---- C:\Windows\system32\ieframe.dll
2011-10-12 21:24:01 ----A---- C:\Windows\system32\win32k.sys
2011-10-12 21:24:00 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2011-10-12 21:24:00 ----A---- C:\Windows\system32\psisdecd.dll
2011-10-12 21:23:44 ----A---- C:\Windows\system32\oleacc.dll
2011-10-12 21:23:43 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2011-10-12 21:23:43 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2011-10-12 21:23:43 ----A---- C:\Windows\system32\oleaut32.dll

======List of files/folders modified in the last 1 month======

2011-11-10 17:20:25 ----HD---- C:\Windows\Prefetch
2011-11-10 17:20:18 ----HD---- C:\Windows\Temp
2011-11-10 17:20:14 ----RHD---- C:\Program Files
2011-11-10 16:43:31 ----D---- C:\Windows\system32\drivers
2011-11-10 16:37:18 ----HD---- C:\Windows\inf
2011-11-10 16:37:18 ----D---- C:\Windows\System32
2011-11-10 16:37:18 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-11-09 19:24:28 ----HD---- C:\Program Files (x86)\HDD Regenerator
2011-11-09 16:48:32 ----D---- C:\Windows\system32\drivers\etc
2011-11-09 15:07:34 ----D---- C:\Windows\system32\config
2011-11-08 23:02:54 ----SHD---- C:\System Volume Information
2011-11-08 23:02:35 ----SHD---- C:\Windows\Installer
2011-11-08 23:02:29 ----D---- C:\Windows\winsxs
2011-11-08 23:02:15 ----RHD---- C:\Program Files (x86)
2011-11-08 23:02:15 ----HD---- C:\ProgramData
2011-11-08 23:02:15 ----HD---- C:\Program Files (x86)\Common Files
2011-11-08 22:30:03 ----HD---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-11-05 17:39:09 ----HD---- C:\Program Files (x86)\QIP 2010
2011-11-05 17:33:31 ----HD---- C:\Windows
2011-11-05 13:38:39 ----HD---- C:\Windows\SysWOW64
2011-11-04 11:46:51 ----HD---- C:\Windows\system
2011-11-04 11:46:28 ----HD---- C:\Windows\system32\catroot
2011-11-04 11:46:26 ----D---- C:\Windows\system32\DriverStore
2011-11-04 11:34:34 ----HD---- C:\Windows\system32\catroot2
2011-11-04 11:29:29 ----HD---- C:\Windows\Tasks
2011-11-04 11:29:29 ----D---- C:\Windows\system32\wfp
2011-11-04 11:29:28 ----D---- C:\Windows\system32\wbem
2011-11-04 11:29:27 ----D---- C:\Windows\system32\CodeIntegrity
2011-11-04 11:29:25 ----HD---- C:\Windows\AppCompat
2011-11-04 11:29:25 ----HD---- C:\Users\Vulgi\AppData\Roaming\vlc
2011-11-04 11:29:21 ----HD---- C:\Windows\registration
2011-10-30 20:53:30 ----HD---- C:\Windows\SoftwareDistribution
2011-10-25 18:07:22 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-10-22 20:15:53 ----RSD---- C:\Windows\Fonts
2011-10-22 20:13:09 ----HD---- C:\Users\Vulgi\AppData\Roaming\Hamachi
2011-10-19 17:02:24 ----HD---- C:\Program Files\Common Files\Apple
2011-10-19 17:01:31 ----HD---- C:\Program Files (x86)\Safari
2011-10-12 23:03:13 ----HD---- C:\Windows\Microsoft.NET
2011-10-12 23:03:12 ----RSD---- C:\Windows\assembly
2011-10-12 22:37:55 ----HD---- C:\Program Files\ATI Technologies
2011-10-12 22:37:48 ----HD---- C:\ProgramData\AMD
2011-10-12 21:57:45 ----HD---- C:\Program Files (x86)\Microsoft Silverlight
2011-10-12 21:56:21 ----HD---- C:\Windows\SYSWOW64\migration
2011-10-12 21:56:21 ----HD---- C:\Windows\ehome
2011-10-12 21:56:21 ----HD---- C:\Program Files\Internet Explorer
2011-10-12 21:56:21 ----HD---- C:\Program Files (x86)\Internet Explorer
2011-10-12 21:56:21 ----D---- C:\Windows\system32\migration
2011-10-12 21:49:50 ----A---- C:\Windows\system32\MRT.exe
2011-10-11 14:09:23 ----HD---- C:\Program Files (x86)\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-08-24 16440]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 PCTCore;PCTools KDS; C:\Windows\system32\drivers\PCTCore64.sys [2010-12-10 257232]
R0 pctDS;PC Tools Data Store; C:\Windows\system32\drivers\pctDS64.sys [2010-06-29 452872]
R0 pctEFA;PC Tools Extended File Attributes; C:\Windows\system32\drivers\pctEFA64.sys [2010-07-16 816016]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-07-25 503352]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-07-29 141264]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2010-04-12 91568]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 AODDriver4.01;AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2011-06-24 55424]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-07-29 168544]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2010-07-29 126320]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-09-08 10203648]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-09-08 310784]
R3 AODDriver2;AODDriver2; \??\C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [2010-07-01 52352]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2011-06-06 231440]
R3 cmudaxp;ASUS Xonar DX Audio Interface; C:\Windows\system32\drivers\cmudaxp.sys [2011-03-10 2725376]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2011-01-28 33344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-07-06 2419176]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-05-14 15416]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-02-24 78336]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-02-24 181248]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
S1 atitray;atitray; \??\C:\Program Files (x86)\Ray Adams\ATI Tray Tools\atitray64.sys [2011-03-27 24224]
S3 adf32ehk;adf32ehk; C:\Windows\system32\drivers\adf32ehk.sys []
S3 AODDriver4.0;AODDriver4.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2011-06-24 55424]
S3 cpuz135;cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys []
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2011-10-10 13352]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena\safedrv.sys []
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2011-10-10 27176]
S3 netr28ux;AirLive WN-5000USB Card Driver; C:\Windows\system32\DRIVERS\netr28ux.sys [2009-09-15 1061888]
S3 OXSDIDRV_x64;Oxford Semi eSATA Filter (x64); C:\Windows\system32\DRIVERS\OXSDIDRV_x64.sys [2009-09-28 51760]
S3 OXUDIDRV;OXUDIDRV; \??\C:\Windows\system32\Drivers\OXUDIDRV_X64.sys [2010-05-25 31280]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2011-05-10 51712]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-09-08 204288]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-09-08 361984]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-10-09 55144]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2010-08-12 810144]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2011-01-08 75136]
R2 RalinkRegistryWriter;Ralink Registry Writer; C:\Program Files (x86)\Ovislink\Common\RaRegistry.exe [2009-10-06 185632]
R2 RalinkRegistryWriter64;Ralink Registry Writer 64; C:\Program Files (x86)\Ovislink\Common\RaRegistry64.exe [2009-10-06 212256]
R2 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2011-10-14 745832]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-10-09 934760]
S2 AODService;AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [2010-07-01 136616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-23 136176]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-08-12 42360]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2011-08-15 130976]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-23 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 sdAuxService;PC Tools Auxiliary Service; C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe [2010-03-15 366840]
S3 sdCoreService;PC Tools Security Service; C:\Program Files (x86)\PC Tools Security\pctsSvc.exe [2010-11-19 1150936]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-02-26 1255736]

-----------------EOF-----------------

[vyosek]

Jeste ten TDSSKiller

A poprosim i o druh log z RSIT s nazvem info.txt, je ulozen v c:\rsit

Predpokladam, ze ten ESET mate legalni = zakoupena licence

[Vulgi]

este sa chcem spytat co sa tyka ohladom DAT na hdd dufam ze o ne nepridem. Ak je nejake riziko tak na co si treba davat pozor? Uz som cital jednu temu s tym istym problemom a pisal ze mu to odstranilo vsetky data ale vedel to obnovit ale nenapisal ako.... ale mne sa zda ze zatial vsetky data v pc mam aj ked mi zmizlo vsetko z plochy a ked chcem ist do C alebo D mi vypise ze precinok prazdny tak si myslim ze on vsetky tie data iba skryl


idem este na ten TDSSkiller a ano NOD mam normalne zakupeny plateny ziadny crack ani nic podobne....

[vyosek]

Dulezita data je treba mit stale zalohovana, havet je vzdy o kousek napred takze nevime co presne muze udelat, ci nejak nezmutovala

Pockam na TDSSKiller a pujdem dale...

[Vulgi]

info.txt logfile of random's system information tool 1.09 2011-11-10 17:20:53

======Uninstall list======

-->MsiExec /X{F9835182-794B-4F24-902A-E2CA9D43380F}
µTorrent-->"C:\Program Files (x86)\uTorrent\uTorrent.exe" /UNINSTALL
3DMark 11-->"C:\Program Files (x86)\InstallShield Installation Information\{46EDCFA5-7EDB-46A9-B093-1C6237470CEC}\setup.exe" -runfromtemp -l0x0409 -removeonly
Adobe AIR-->C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Community Help-->msiexec /qb /x {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Community Help-->MsiExec.exe /I{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10l_ActiveX.exe -maintain activex
Adobe Flash Player 11 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11c_Plugin.exe -maintain plugin
Adobe Media Player-->msiexec /qb /x {DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Media Player-->MsiExec.exe /I{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Photoshop CS5-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{15FEDA5F-141C-4127-8D7E-B962D1742728}"
Adobe Reader X (10.1.1)-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-AA1000000001}
AIDA64 Extreme Edition v1.85-->"C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\unins000.exe"
AirLive 802.11N Wireless Utility-->C:\Program Files (x86)\InstallShield Installation Information\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}\setup.exe -runfromtemp -l0x0009 -removeonly
AMD APP SDK Runtime-->MsiExec.exe /I{503F672D-6C84-448A-8F8F-4BC35AC83441}
AMD Catalyst Install Manager-->msiexec /q/x{44E3AB6B-453B-8DAE-9777-1C48F5AB8965} REBOOT=ReallySuppress
AMD Drag and Drop Transcoding-->MsiExec.exe /X{8FCBB6DA-069C-8D08-DD99-F0881B9EECC3}
AMD Media Foundation Decoders-->MsiExec.exe /X{A73F0084-A1CC-6E42-06DF-D088D583CC2A}
AMD OverDrive-->MsiExec.exe /X{652F3200-5E12-4CAD-BA2E-88EFE0113BCD}
Apple Application Support-->MsiExec.exe /I{A83279FD-CA4B-4206-9535-90974DE76654}
Apple Mobile Device Support-->MsiExec.exe /I{9C98CA38-4C1A-4AC8-B55C-169497C8826B}
Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
ASUS Xonar DX Audio Driver-->C:\Windows\System32\cmeauoxy.exe /rm /ppcioxygen
ATI AVIVO64 Codecs-->MsiExec.exe /X{90AB246D-A0A0-29EA-199A-4B07841E0737}
ATI Problem Report Wizard-->MsiExec.exe /X{A9C6CA47-D937-D61D-4BD3-7CFAB7A5BA56}
Bonjour-->MsiExec.exe /X{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch-->C:\Program Files (x86)\InstallShield Installation Information\{931C37FC-594D-43A9-B10F-A2F2B1F03498}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM)-->C:\Program Files (x86)\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x0409
Canon PIXMA iP5000-->C:\Windows\system32\CNMCP6D.exe "-PRINTERNAMECanon PIXMA iP5000" "-HELPERDLLC:\ProgramData\CanonBJ\IJPrinter\CNMWindows\Canon PIXMA iP5000 Installer\Inst2\cnmis.dll" "-RCDLLcnmi0409.dll"
Catalyst Control Center - Branding-->MsiExec.exe /I{19A492A0-888F-44A0-9B21-D91700763F62}
Cisco EAP-FAST Module-->MsiExec.exe /I{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}
Cisco LEAP Module-->MsiExec.exe /I{51C7AD07-C3F6-4635-8E8A-231306D810FE}
Cisco PEAP Module-->MsiExec.exe /I{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}
Command & Conquer Generals-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\7\Intel 32\IDriver.exe /M{06F80017-8F98-4C94-B868-52358569FC32}
Command and ConquerTM Generals Zero Hour-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\7\Intel 32\IDriver.exe /M{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}
COWON Media Center - jetAudio Plus VX-->"C:\Program Files (x86)\InstallShield Installation Information\{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}\setup.exe" -runfromtemp -l0x0409 -removeonly
Crysis(R)-->MsiExec.exe /I{000E79B7-E725-4F01-870A-C12942B7F8E4}
F1 2010-->MsiExec.exe /I{434D0831-3E0C-4D03-A5D4-5E1000008400}
F1 2010-->MsiExec.exe /X{434D0831-3E0C-4D03-A5D4-5E1000008400}
FlatOut2-->"D:\Games\FlatOut2\unins000.exe"
Futuremark SystemInfo-->"C:\Program Files (x86)\InstallShield Installation Information\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}\setup.exe" -runfromtemp -l0x0409 -removeonly
Garena 2010-->C:\Program Files (x86)\Garena\uninst.exe
Google Earth Plug-in-->MsiExec.exe /X{A9F6CFB0-806D-11E0-8EA1-B8AC6F97B88E}
Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\15.0.874.106\Installer\setup.exe" --uninstall --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Grand Theft Auto IV-->"C:\Program Files (x86)\InstallShield Installation Information\{579BA58C-F33D-4970-9953-B94B43768AC3}\setup.exe" -runfromtemp -l0x0009 -removeonly
Grand Theft Auto IV-->MsiExec.exe /I{5454083B-1308-4485-BF17-1110000B8301}
Grand Theft Auto IV-->MsiExec.exe /I{5454083B-1308-4485-BF17-1110000D8301}
Grand Theft Auto IV-->MsiExec.exe /I{5454083B-1308-4485-BF17-1110000D8302}
Grand Theft Auto IV-->MsiExec.exe /I{5454083B-1308-4485-BF17-1110000D8303}
Grand Theft Auto IV-->MsiExec.exe /I{5454083B-1308-4485-BF17-1110000D8304}
Grand Theft Auto IV-->MsiExec.exe /I{5454083B-1308-4485-BF17-1110000D8305}
Grand Theft Auto IV-->MsiExec.exe /I{5454083B-1308-4485-BF17-1110000D8306}
Grand Theft Auto IV-->MsiExec.exe /I{5454083B-1308-4485-BF17-1110000D8307}
Grand Theft Auto IV-->MsiExec.exe /I{5454083B-1308-4485-BF17-1110000D8308}
Grand Theft Auto IV-->MsiExec.exe /I{5454083B-1308-4485-BF17-1110000D8309}
Hamachi 1.0.2.5-->C:\Program Files (x86)\Hamachi\uninstall.exe
HD Tune Pro 4.60-->"C:\Program Files (x86)\HD Tune Pro\unins000.exe"
HDD Regenerator-->MsiExec.exe /X{97A39919-9FEA-48B7-AB2B-4F99212D1E98}
Hedgewars-->D:\Games\Hedgewars 0.9.15\Uninstall.exe
High-Definition Video Playback-->MsiExec.exe /X{237CCB62-8454-43E3-B158-3ACD0134852E}
iTunes-->MsiExec.exe /I{9CD0F7D3-B67F-4BF8-8784-D73AD229FF1E}
Java(TM) 6 Update 23-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216023FF}
JDownloader-->C:\Program Files (x86)\JDownloader\uninstall.exe
jetAudio 8.0.x Slovak Language Pack-->C:\Program Files (x86)\JetAudio\Uninstall_SKY_LPack.exe
Mafia II DLC Joe's Adventures-->"D:\Games\Mafia II\unins001.exe"
Mafia II Update 1-->"D:\Games\Mafia II\unins000.exe"
Malwarebytes' Anti-Malware-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{F2508213-9989-4E85-A078-72BE483917EF}
Microsoft Games for Windows Marketplace-->MsiExec.exe /X{4CB0307C-565E-4441-86BE-0DF2E4FB828C}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{071c9b48-7c32-4621-a0ac-3f809523288f}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570-->MsiExec.exe /X{8338783A-0968-3B85-AFC7-BAAE0A63DC50}
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570-->MsiExec.exe /X{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319-->MsiExec.exe /X{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}
Microsoft_VC80_ATL_x86_x64-->MsiExec.exe /I{925D058B-564A-443A-B4B2-7E90C6432E55}
Microsoft_VC80_CRT_x86_x64-->MsiExec.exe /I{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}
Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
Microsoft_VC80_MFC_x86_x64-->MsiExec.exe /I{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}
Microsoft_VC80_MFC_x86-->MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57}
Microsoft_VC80_MFCLOC_x86_x64-->MsiExec.exe /I{1E9FC118-651D-4934-97BE-E53CAE5C7D45}
Microsoft_VC80_MFCLOC_x86-->MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}
Microsoft_VC90_ATL_x86_x64-->MsiExec.exe /I{8557397C-A42D-486F-97B3-A2CBC2372593}
Microsoft_VC90_ATL_x86-->MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}
Microsoft_VC90_CRT_x86_x64-->MsiExec.exe /I{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}
Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403}
Microsoft_VC90_MFC_x86_x64-->MsiExec.exe /I{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}
Microsoft_VC90_MFC_x86-->MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}
Mozilla Firefox 7.0.1 (x86 sk)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MyPhoneExplorer-->C:\Program Files (x86)\MyPhoneExplorer\uninstall.exe
NEC Electronics USB 3.0 Host Controller Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{D7BF9739-8A68-4335-BBEE-37752AD9E86B}\setup.exe" -runfromtemp -l0x041b -removeonly
NEC Electronics USB 3.0 Host Controller Driver-->MsiExec.exe /I{D7BF9739-8A68-4335-BBEE-37752AD9E86B}
Need for Speed™ ProStreet-->MsiExec.exe /X{CC419DDC-E0F0-4013-B25A-6FA036516F0D}
Nero 10 ClipartPack-->MsiExec.exe /X{96ED4B78-300E-4033-AE6C-C115CEB4DF07}
Nero 10 Menu TemplatePack 1-->MsiExec.exe /X{42C8B7DF-FEB0-4D51-B169-506B6BEC5797}
Nero 10 Menu TemplatePack 2-->MsiExec.exe /X{E712C273-7564-4C8E-AA59-0FA19BC35117}
Nero 10 Menu TemplatePack 3-->MsiExec.exe /X{92146419-AE44-4C8B-A48B-0ABB1B5EC026}
Nero 10 Menu TemplatePack Basic-->MsiExec.exe /X{63AA3EAB-23BB-48B2-9AD0-44F878075604}
Nero 10 Movie ThemePack 1-->MsiExec.exe /X{43FBAB46-5969-4200-9958-1FF81FEE506F}
Nero 10 Movie ThemePack 2-->MsiExec.exe /X{70F19404-B96C-4EBB-AD2B-3574F8736197}
Nero 10 Movie ThemePack 3-->MsiExec.exe /X{DD238642-14C7-4D54-8BD7-FAD6DEA9999B}
Nero 10 Movie ThemePack 4-->MsiExec.exe /X{A70B0C7B-3527-4D53-A694-E9492ECE9EE1}
Nero 10 Movie ThemePack Basic-->MsiExec.exe /X{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}
Nero 10 PiP EffectPack 1-->MsiExec.exe /X{EF3A4DAE-F16F-4AC1-87BB-FE00A784084F}
Nero 10 Sample ImagePack-->MsiExec.exe /X{ACD15FDF-FC42-4175-B477-576F92FF2256}
Nero 10 Sample Videos-->MsiExec.exe /X{92A10E9D-EA00-4A46-8F22-EEA660992D61}
Nero 10 Video TransitionPack 1-->MsiExec.exe /X{85BEC8F6-9AA3-43FF-B56B-8276277137B3}
Nero BackItUp 10 Help (CHM)-->MsiExec.exe /X{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}
Nero BackItUp 10-->MsiExec.exe /X{68AB6930-5BFF-4FF6-923B-516A91984FE6}
Nero Burning ROM 10-->MsiExec.exe /X{7A5D731D-B4B3-490E-B339-75685712BAAB}
Nero BurningROM 10 Help (CHM)-->MsiExec.exe /X{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}
Nero BurnRights 10 Help (CHM)-->MsiExec.exe /X{555868C6-49FB-484F-BB43-8980651A1B00}
Nero BurnRights 10-->MsiExec.exe /X{943CFD7D-5336-47AF-9418-E02473A5A517}
Nero Control Center 10-->MsiExec.exe /X{6DFB899F-17A2-48F0-A533-ED8D6866CF38}
Nero ControlCenter 10 Help (CHM)-->MsiExec.exe /X{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}
Nero Core Components 10-->MsiExec.exe /X{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}
Nero CoverDesigner 10 Help (CHM)-->MsiExec.exe /X{C3273C55-E1E4-41FF-8D69-0158090DB8D8}
Nero CoverDesigner 10-->MsiExec.exe /X{FCF00A6E-FB58-477A-ABE9-232907105521}
Nero DiscSpeed 10 Help (CHM)-->MsiExec.exe /X{C18A0418-442A-4186-AF98-D08F5054A2FC}
Nero DiscSpeed 10-->MsiExec.exe /X{34490F4E-48D0-492E-8249-B48BECF0537C}
Nero Dolby Files 10-->MsiExec.exe /X{C3580AC4-C827-4332-B935-9A282ED5BB97}
Nero Express 10 Help (CHM)-->MsiExec.exe /X{33643918-7957-4839-92C7-EA96CB621A98}
Nero Express 10-->MsiExec.exe /X{70550193-1C22-445C-8FA4-564E155DB1A7}
Nero InfoTool 10 Help (CHM)-->MsiExec.exe /X{66049135-9659-4AAD-9169-9CCA269EBB3E}
Nero InfoTool 10-->MsiExec.exe /X{F412B4AF-388C-4FF5-9B2F-33DB1C536953}
Nero MediaHub 10 Help (CHM)-->MsiExec.exe /X{F467862A-D9CA-47ED-8D81-B4B3C9399272}
Nero MediaHub 10-->MsiExec.exe /X{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}
Nero Multimedia Suite 10 Platinum HD-->MsiExec.exe /I{277C1559-4CF7-44FF-8D07-98AA9C13AABD}
Nero Recode 10 Help (CHM)-->MsiExec.exe /X{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}
Nero Recode 10-->MsiExec.exe /X{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}
Nero RescueAgent 10 Help (CHM)-->MsiExec.exe /X{92E25238-61A3-4ACD-A407-3C480EEF47A7}
Nero RescueAgent 10-->MsiExec.exe /X{E337E787-CF61-4B7B-B84F-509202A54023}
Nero SoundTrax 10 Help (CHM)-->MsiExec.exe /X{16987E99-C95C-4513-9239-7B44A0A71DB5}
Nero SoundTrax 10-->MsiExec.exe /X{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}
Nero StartSmart 10 Help (CHM)-->MsiExec.exe /X{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}
Nero StartSmart 10-->MsiExec.exe /X{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}
Nero Update-->MsiExec.exe /X{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}
Nero Vision 10 Help (CHM)-->MsiExec.exe /X{329411A0-19F3-4740-874F-17400B126F27}
Nero Vision 10-->MsiExec.exe /X{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}
Nero WaveEditor 10 Help (CHM)-->MsiExec.exe /X{7A295D8F-484B-4FFB-89AB-C1FD497591FE}
Nero WaveEditor 10-->MsiExec.exe /X{EDCDFAD5-DF80-4600-A493-E9DAD6810230}
NVIDIA PhysX-->MsiExec.exe /X{F9835182-794B-4F24-902A-E2CA9D43380F}
OpenAL-->"C:\Program Files (x86)\OpenAL\openalweax.exe" /U
OpenOffice.org 3.2-->MsiExec.exe /I{28B94253-5729-4C30-8DE4-F2A0A63149B0}
PDF Settings CS5-->MsiExec.exe /I{A78FE97A-C0C8-49CE-89D0-EDD524A17392}
PDFCreator-->C:\Program Files (x86)\PDFCreator\unins000.exe
PowerISO-->"C:\Program Files (x86)\PowerISO\uninstall.exe"
QuickTime-->MsiExec.exe /I{7BE15435-2D3E-4B58-867F-9C75BED0208C}
Rapture3D 2.4.4 Game-->"C:\Program Files (x86)\BRS\unins000.exe"
Ray Adams ATI Tray Tools-->"C:\Program Files (x86)\Ray Adams\ATI Tray Tools\uninstall.exe"
Realtek Ethernet Controller Driver For Windows 7-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -removeonly
RemoteComms External Disk Access-->MsiExec.exe /I{04FCD5DE-1662-4F99-BDA9-C57212113EF2}
Safari-->MsiExec.exe /I{5E453519-60F6-4A4D-A0BF-16663F9B3536}
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD8D7C9A-E56A-3E7B-BA6D-FE68F13296E3} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F66C3466-1FDB-347C-B3AE-FB6C50627B10} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BCD37DCB-F479-3D4D-A90E-A0F7575549C4} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FF811680-AECE-3F35-A98C-1B84B6E09168} /parameterfolder Client
Skype™ 5.1-->MsiExec.exe /X{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}
Sony Ericsson Media Manager 1.2-->MsiExec.exe /X{9EB1504E-FD95-4BCD-8E93-B4039F59C469}
Sony Ericsson Update Service-->C:\Program Files (x86)\Sony Ericsson\Update Service\uninst.exe
Spyware Doctor 8.0-->C:\Program Files (x86)\PC Tools Security\unins000.exe /LOG
Total Commander (Remove or Repair)-->C:\Program Files (x86)\Total Commander\tcuninst.exe
Tropico 3 1.00-->"D:\Games\Tropico 3\uninst.exe"
Tunngle beta-->"C:\Program Files (x86)\Tunngle\unins000.exe"
TurboFLOORPLAN Dum & Interiér & Zahrada Pro v12-->"C:\Program Files (x86)\InstallShield Installation Information\{74F541C8-EB78-4606-8234-0955ED803787}\setup.exe" -runfromtemp -l0x0405 -removeonly
TurboFLOORPLAN Dum & Interiér & Zahrada Pro v12-->MsiExec.exe /X{74F541C8-EB78-4606-8234-0955ED803787}
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {A45DD0BE-3CD9-3F1E-B233-B90C6983AE77} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client
VLC media player 1.1.5-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
Warcraft III-->C:\Windows\War3Unin.exe C:\Windows\War3Unin.dat
Winamp-->"C:\Program Files (x86)\Winamp\UninstWA.exe"
Windows Live ID Sign-in Assistant-->MsiExec.exe /X{9B48B0AC-C813-4174-9042-476A887592C7}
WinRAR archivátor-->C:\Program Files\WinRAR\uninstall.exe
WinSCP 4.3.3-->"C:\Program Files (x86)\WinSCP\unins000.exe"
World of Warcraft-->C:\Program Files (x86)\Common Files\Blizzard Entertainment\World of Warcraft (4)\Uninstall.exe
Xfire (remove only)-->"C:\Program Files (x86)\Xfire\uninst.exe"

======System event log======

Computer Name: Vulgi
Event Code: 4001
Message: Služba automatickej konfigurácie siete WLAN sa úspešne zastavila.

Record Number: 496028
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20110918040625.736704-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: Vulgi
Event Code: 10010
Message: The server {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} did not register with DCOM within the required timeout.
Record Number: 495987
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20110918040619.000000-000
Event Type: Error
User:

Computer Name: Vulgi
Event Code: 4001
Message: Služba automatickej konfigurácie siete WLAN sa úspešne zastavila.

Record Number: 495806
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20110918012633.782606-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: Vulgi
Event Code: 10010
Message: The server {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} did not register with DCOM within the required timeout.
Record Number: 495769
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20110918012603.000000-000
Event Type: Error
User:

Computer Name: Vulgi
Event Code: 1014
Message: Name resolution for the name teredo.ipv6.microsoft.com timed out after none of the configured DNS servers responded.
Record Number: 474142
Source Name: Microsoft-Windows-DNS-Client
Time Written: 20110917134529.610692-000
Event Type: Warning
User: NT AUTHORITY\NETWORK SERVICE

=====Application event log=====

Computer Name: Vulgi-PC
Event Code: 3006
Message: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Record Number: 197
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20101224104406.329610-000
Event Type: Error
User: NT AUTHORITY\SYSTEM

Computer Name: Vulgi-PC
Event Code: 1008
Message: Služba Windows Search sa spúšťa a pokúša sa odstrániť starý index hľadania. {Dôvod: Full Index Reset}.

Record Number: 117
Source Name: Microsoft-Windows-Search
Time Written: 20101224104030.000000-000
Event Type: Warning
User:

Computer Name: 37L4247E29-32
Event Code: 257
Message: Službe Cryptographic Services sa nepodarilo inicializovať databázu katalógu. Chyba ESENT: -546.
Record Number: 7
Source Name: Microsoft-Windows-CAPI2
Time Written: 20101224102943.687718-000
Event Type: Error
User:

Computer Name: 37L4247E29-32
Event Code: 412
Message: Catalog Database (292) Catalog Database: Unable to read the header of logfile C:\Windows\system32\CatRoot2\edb.log. Error -546.
Record Number: 6
Source Name: ESENT
Time Written: 20101224102943.000000-000
Event Type: Error
User:

Computer Name: 37L4247E29-32
Event Code: 412
Message: Catalog Database (292) Catalog Database: Unable to read the header of logfile C:\Windows\system32\CatRoot2\edb.log. Error -546.
Record Number: 5
Source Name: ESENT
Time Written: 20101224102943.000000-000
Event Type: Error
User:

=====Security event log=====

Computer Name: Vulgi
Event Code: 4648
Message: A logon was attempted using explicit credentials.

Subject:
Security ID: S-1-5-21-577622813-1983179613-234765878-1000
Account Name: Vulgi
Account Domain: VULGI
Logon ID: 0x1b494
Logon GUID: {00000000-0000-0000-0000-000000000000}

Account Whose Credentials Were Used:
Account Name: HomeGroupUser$
Account Domain: VULGI-PC
Logon GUID: {00000000-0000-0000-0000-000000000000}

Target Server:
Target Server Name: Vulgi-PC
Additional Information: Vulgi-PC

Process Information:
Process ID: 0x4
Process Name:

Network Information:
Network Address: -
Port: -

This event is generated when a process attempts to log on an account by explicitly specifying that account’s credentials. This most commonly occurs in batch-type configurations such as scheduled tasks, or when using the RUNAS command.
Record Number: 11085
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110313143706.927979-000
Event Type: Audit Success
User:

Computer Name: Vulgi
Event Code: 4634
Message: An account was logged off.

Subject:
Security ID: S-1-5-7
Account Name: ANONYMOUS LOGON
Account Domain: NT AUTHORITY
Logon ID: 0x2b4e49f

Logon Type: 3

This event is generated when a logon session is destroyed. It may be positively correlated with a logon event using the Logon ID value. Logon IDs are only unique between reboots on the same computer.
Record Number: 11084
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110313143641.548527-000
Event Type: Audit Success
User:

Computer Name: Vulgi
Event Code: 4634
Message: An account was logged off.

Subject:
Security ID: S-1-5-7
Account Name: ANONYMOUS LOGON
Account Domain: NT AUTHORITY
Logon ID: 0x2b4e3fc

Logon Type: 3

This event is generated when a logon session is destroyed. It may be positively correlated with a logon event using the Logon ID value. Logon IDs are only unique between reboots on the same computer.
Record Number: 11083
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110313143641.547527-000
Event Type: Audit Success
User:

Computer Name: Vulgi
Event Code: 4648
Message: A logon was attempted using explicit credentials.

Subject:
Security ID: S-1-5-21-577622813-1983179613-234765878-1000
Account Name: Vulgi
Account Domain: VULGI
Logon ID: 0x1b494
Logon GUID: {00000000-0000-0000-0000-000000000000}

Account Whose Credentials Were Used:
Account Name: HomeGroupUser$
Account Domain: VULGI-PC
Logon GUID: {00000000-0000-0000-0000-000000000000}

Target Server:
Target Server Name: Vulgi-PC
Additional Information: Vulgi-PC

Process Information:
Process ID: 0x4
Process Name:

Network Information:
Network Address: -
Port: -

This event is generated when a process attempts to log on an account by explicitly specifying that account’s credentials. This most commonly occurs in batch-type configurations such as scheduled tasks, or when using the RUNAS command.
Record Number: 11082
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110313143636.933263-000
Event Type: Audit Success
User:

Computer Name: Vulgi
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-0-0
Account Name: -
Account Domain: -
Logon ID: 0x0

Logon Type: 3

New Logon:
Security ID: S-1-5-7
Account Name: ANONYMOUS LOGON
Account Domain: NT AUTHORITY
Logon ID: 0x2b4e49f
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x0
Process Name: -

Network Information:
Workstation Name: VULGI-PC
Source Network Address: 192.168.1.6
Source Port: 49488

Detailed Authentication Information:
Logon Process: NtLmSsp
Authentication Package: NTLM
Transited Services: -
Package Name (NTLM only): NTLM V1
Key Length: 128

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 11081
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110313143628.952807-000
Event Type: Audit Success
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;%CommonProgramFiles%\Microsoft Shared\Windows Live;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=16
"PROCESSOR_IDENTIFIER"=AMD64 Family 16 Model 5 Stepping 3, AuthenticAMD
"PROCESSOR_REVISION"=0503
"asl.log"=Destination=file
"AMDAPPSDKROOT"=C:\Program Files (x86)\AMD APP\
"CLASSPATH"=.;C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------

[vyosek]

Sjupr, nyni TDSSKillera

[Vulgi]

http://i.imgur.com/Ne4pc.jpg

takto vyzera je tdsskiller len sa chcem spytat ci mozem dat to co je tam zvolene ked je tam napisane ze velke riziko tak mam predtym strach.....


pri tom locked file ide skip, copy to quarantine a delete

pri tom druhom ide skip, copy to quarantine, cure a restore

[vyosek]

Dejte co je predvolene, ten High Risk znamena ze nalez je nebezpecim pro PC

[Vulgi]

dpc asi som to posral som dal krizik lebo som si nebol isty ci som to neprehodil.... potom to chcelo reboot tak som dal later a dal som scanovat znova a uz mi potom naslo iba jednu vec a to s tym vysokym rizikom mi nenaslo tak som to restartoval a uvidim ci to teraz najde.....

budem musiet nachvilu odbehnut aspon trosku sa musim naucit valcik pretoze mam zajtra stuzkovu

toto je prvy log



17:35:10.0538 1664 TDSS rootkit removing tool 2.6.17.0 Nov 9 2011 16:48:26
17:35:10.0851 1664 ============================================================
17:35:10.0851 1664 Current date / time: 2011/11/10 17:35:10.0851
17:35:10.0851 1664 SystemInfo:
17:35:10.0851 1664
17:35:10.0851 1664 OS Version: 6.1.7601 ServicePack: 1.0
17:35:10.0851 1664 Product type: Workstation
17:35:10.0851 1664 ComputerName: VULGI
17:35:10.0851 1664 UserName: Vulgi
17:35:10.0851 1664 Windows directory: C:\Windows
17:35:10.0851 1664 System windows directory: C:\Windows
17:35:10.0851 1664 Running under WOW64
17:35:10.0851 1664 Processor architecture: Intel x64
17:35:10.0851 1664 Number of processors: 4
17:35:10.0851 1664 Page size: 0x1000
17:35:10.0851 1664 Boot type: Normal boot
17:35:10.0851 1664 ============================================================
17:35:11.0952 1664 Initialize success
17:35:22.0487 5012 ============================================================
17:35:22.0487 5012 Scan started
17:35:22.0487 5012 Mode: Manual;
17:35:22.0487 5012 ============================================================
17:35:23.0542 5012 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
17:35:23.0587 5012 1394ohci - ok
17:35:23.0655 5012 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
17:35:23.0661 5012 ACPI - ok
17:35:23.0697 5012 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
17:35:23.0709 5012 AcpiPmi - ok
17:35:23.0780 5012 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
17:35:23.0831 5012 adp94xx - ok
17:35:23.0855 5012 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
17:35:23.0857 5012 adpahci - ok
17:35:23.0877 5012 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
17:35:23.0880 5012 adpu320 - ok
17:35:23.0925 5012 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
17:35:23.0942 5012 AFD - ok
17:35:23.0965 5012 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
17:35:23.0979 5012 agp440 - ok
17:35:23.0998 5012 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
17:35:23.0999 5012 aliide - ok
17:35:24.0065 5012 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
17:35:24.0077 5012 amdide - ok
17:35:24.0108 5012 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
17:35:24.0110 5012 amdiox64 - ok
17:35:24.0125 5012 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
17:35:24.0137 5012 AmdK8 - ok
17:35:24.0306 5012 amdkmdag (446a1aad34191665a8df6092bd8eb5a8) C:\Windows\system32\DRIVERS\atikmdag.sys
17:35:24.0445 5012 amdkmdag - ok
17:35:24.0470 5012 amdkmdap (f8f8a908fdb005a65ddf7238c814eea5) C:\Windows\system32\DRIVERS\atikmpag.sys
17:35:24.0473 5012 amdkmdap - ok
17:35:24.0489 5012 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
17:35:24.0491 5012 AmdPPM - ok
17:35:24.0506 5012 amdsata (53d8d46d51d390abdb54eca623165cb7) C:\Windows\system32\DRIVERS\amdsata.sys
17:35:24.0507 5012 amdsata - ok
17:35:24.0543 5012 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
17:35:24.0556 5012 amdsbs - ok
17:35:24.0568 5012 amdxata (75c51148154e34eb3d7bb84749a758d5) C:\Windows\system32\DRIVERS\amdxata.sys
17:35:24.0580 5012 amdxata - ok
17:35:24.0673 5012 AODDriver2 (6a488397b2e020ec24ce1aacfc830f90) C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys
17:35:24.0674 5012 AODDriver2 - ok
17:35:24.0727 5012 AODDriver4.0 (f312fad7dbd49ed21a194ac71b497832) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
17:35:24.0730 5012 AODDriver4.0 - ok
17:35:24.0740 5012 AODDriver4.01 (f312fad7dbd49ed21a194ac71b497832) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
17:35:24.0741 5012 AODDriver4.01 - ok
17:35:24.0787 5012 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
17:35:24.0799 5012 AppID - ok
17:35:24.0832 5012 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
17:35:24.0834 5012 arc - ok
17:35:24.0852 5012 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
17:35:24.0855 5012 arcsas - ok
17:35:24.0878 5012 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
17:35:24.0889 5012 AsyncMac - ok
17:35:24.0910 5012 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
17:35:24.0923 5012 atapi - ok
17:35:24.0960 5012 AtiHDAudioService (dbb487d09f56c674430ac454fd8bcab9) C:\Windows\system32\drivers\AtihdW76.sys
17:35:24.0963 5012 AtiHDAudioService - ok
17:35:24.0988 5012 AtiPcie (c07a040d6b5a42dd41ee386cf90974c8) C:\Windows\system32\DRIVERS\AtiPcie.sys
17:35:24.0990 5012 AtiPcie - ok
17:35:25.0039 5012 atitray (5f4599052d6036f782f2718363d5215b) C:\Program Files (x86)\Ray Adams\ATI Tray Tools\atitray64.sys
17:35:25.0040 5012 atitray - ok
17:35:25.0097 5012 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
17:35:25.0100 5012 b06bdrv - ok
17:35:25.0120 5012 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
17:35:25.0133 5012 b57nd60a - ok
17:35:25.0164 5012 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
17:35:25.0166 5012 Beep - ok
17:35:25.0194 5012 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
17:35:25.0205 5012 blbdrive - ok
17:35:25.0244 5012 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
17:35:25.0246 5012 bowser - ok
17:35:25.0253 5012 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:35:25.0255 5012 BrFiltLo - ok
17:35:25.0271 5012 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:35:25.0273 5012 BrFiltUp - ok
17:35:25.0285 5012 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
17:35:25.0298 5012 Brserid - ok
17:35:25.0317 5012 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
17:35:25.0319 5012 BrSerWdm - ok
17:35:25.0327 5012 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
17:35:25.0327 5012 BrUsbMdm - ok
17:35:25.0335 5012 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
17:35:25.0337 5012 BrUsbSer - ok
17:35:25.0346 5012 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
17:35:25.0348 5012 BTHMODEM - ok
17:35:25.0364 5012 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
17:35:25.0366 5012 cdfs - ok
17:35:25.0410 5012 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
17:35:25.0424 5012 cdrom - ok
17:35:25.0435 5012 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
17:35:25.0437 5012 circlass - ok
17:35:25.0460 5012 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
17:35:25.0493 5012 CLFS - ok
17:35:25.0535 5012 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
17:35:25.0544 5012 CmBatt - ok
17:35:25.0562 5012 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
17:35:25.0563 5012 cmdide - ok
17:35:25.0646 5012 cmudaxp (0367f029425cbd5506e8db2757ff3a8f) C:\Windows\system32\drivers\cmudaxp.sys
17:35:25.0700 5012 cmudaxp - ok
17:35:25.0747 5012 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
17:35:25.0761 5012 CNG - ok
17:35:25.0778 5012 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
17:35:25.0790 5012 Compbatt - ok
17:35:25.0831 5012 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
17:35:25.0833 5012 CompositeBus - ok
17:35:25.0877 5012 cpuz135 - ok
17:35:25.0893 5012 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
17:35:25.0894 5012 crcdisk - ok
17:35:25.0934 5012 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
17:35:25.0937 5012 DfsC - ok
17:35:25.0957 5012 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
17:35:25.0979 5012 discache - ok
17:35:26.0001 5012 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
17:35:26.0002 5012 Disk - ok
17:35:26.0040 5012 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
17:35:26.0041 5012 drmkaud - ok
17:35:26.0082 5012 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
17:35:26.0088 5012 DXGKrnl - ok
17:35:26.0121 5012 eamonm (398fdc5694f2ba9e51e321ca40d1706e) C:\Windows\system32\DRIVERS\eamonm.sys
17:35:26.0123 5012 eamonm - ok
17:35:26.0192 5012 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
17:35:26.0248 5012 ebdrv - ok
17:35:26.0272 5012 ehdrv (e99457900012b53b2226f146ecaf9136) C:\Windows\system32\DRIVERS\ehdrv.sys
17:35:26.0275 5012 ehdrv - ok
17:35:26.0321 5012 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
17:35:26.0325 5012 elxstor - ok
17:35:26.0360 5012 epfwwfpr (a2af094dcbe8bff7e898d327750506a0) C:\Windows\system32\DRIVERS\epfwwfpr.sys
17:35:26.0362 5012 epfwwfpr - ok
17:35:26.0380 5012 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
17:35:26.0381 5012 ErrDev - ok
17:35:26.0397 5012 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
17:35:26.0419 5012 exfat - ok
17:35:26.0442 5012 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
17:35:26.0464 5012 fastfat - ok
17:35:26.0491 5012 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
17:35:26.0513 5012 fdc - ok
17:35:26.0550 5012 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
17:35:26.0562 5012 FileInfo - ok
17:35:26.0577 5012 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
17:35:26.0590 5012 Filetrace - ok
17:35:26.0677 5012 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
17:35:26.0678 5012 flpydisk - ok
17:35:26.0716 5012 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
17:35:26.0739 5012 FltMgr - ok
17:35:26.0751 5012 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
17:35:26.0753 5012 FsDepends - ok
17:35:26.0774 5012 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
17:35:26.0786 5012 Fs_Rec - ok
17:35:26.0889 5012 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
17:35:26.0892 5012 fvevol - ok
17:35:26.0911 5012 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
17:35:26.0944 5012 gagp30kx - ok
17:35:26.0992 5012 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:35:26.0995 5012 GEARAspiWDM - ok
17:35:27.0037 5012 ggflt (a4198f2bd8aa592cb90476277a81b5e1) C:\Windows\system32\DRIVERS\ggflt.sys
17:35:27.0038 5012 ggflt - ok
17:35:27.0089 5012 GGSAFERDriver - ok
17:35:27.0124 5012 ggsemc (d266350bdaab9eb6c1aec370eeaaff3a) C:\Windows\system32\DRIVERS\ggsemc.sys
17:35:27.0125 5012 ggsemc - ok
17:35:27.0182 5012 hamachi (f8f0851d336c3b88dbd7232b6348e09a) C:\Windows\system32\DRIVERS\hamachi.sys
17:35:27.0183 5012 hamachi - ok
17:35:27.0200 5012 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
17:35:27.0202 5012 hcw85cir - ok
17:35:27.0245 5012 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
17:35:27.0248 5012 HdAudAddService - ok
17:35:27.0283 5012 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
17:35:27.0285 5012 HDAudBus - ok
17:35:27.0293 5012 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
17:35:27.0294 5012 HidBatt - ok
17:35:27.0316 5012 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
17:35:27.0317 5012 HidBth - ok
17:35:27.0325 5012 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
17:35:27.0327 5012 HidIr - ok
17:35:27.0361 5012 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
17:35:27.0362 5012 HidUsb - ok
17:35:27.0392 5012 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
17:35:27.0395 5012 HpSAMD - ok
17:35:27.0447 5012 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
17:35:27.0466 5012 HTTP - ok
17:35:27.0484 5012 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
17:35:27.0484 5012 hwpolicy - ok
17:35:27.0514 5012 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
17:35:27.0526 5012 i8042prt - ok
17:35:27.0565 5012 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
17:35:27.0579 5012 iaStorV - ok
17:35:27.0611 5012 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
17:35:27.0614 5012 iirsp - ok
17:35:27.0711 5012 IntcAzAudAddService (f5872a11eb4f6db170d636cd4e53ca9f) C:\Windows\system32\drivers\RTKVHD64.sys
17:35:27.0754 5012 IntcAzAudAddService - ok
17:35:27.0776 5012 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
17:35:27.0777 5012 intelide - ok
17:35:27.0807 5012 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
17:35:27.0808 5012 intelppm - ok
17:35:27.0846 5012 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:35:27.0849 5012 IpFilterDriver - ok
17:35:27.0859 5012 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
17:35:27.0861 5012 IPMIDRV - ok
17:35:27.0870 5012 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
17:35:27.0871 5012 IPNAT - ok
17:35:27.0893 5012 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
17:35:27.0895 5012 IRENUM - ok
17:35:27.0931 5012 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
17:35:27.0933 5012 isapnp - ok
17:35:27.0947 5012 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
17:35:27.0951 5012 iScsiPrt - ok
17:35:27.0959 5012 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
17:35:27.0961 5012 kbdclass - ok
17:35:27.0976 5012 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
17:35:27.0992 5012 kbdhid - ok
17:35:28.0015 5012 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
17:35:28.0016 5012 KSecDD - ok
17:35:28.0035 5012 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
17:35:28.0040 5012 KSecPkg - ok
17:35:28.0060 5012 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
17:35:28.0061 5012 ksthunk - ok
17:35:28.0091 5012 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
17:35:28.0103 5012 lltdio - ok
17:35:28.0133 5012 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
17:35:28.0135 5012 LSI_FC - ok
17:35:28.0148 5012 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
17:35:28.0160 5012 LSI_SAS - ok
17:35:28.0175 5012 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:35:28.0176 5012 LSI_SAS2 - ok
17:35:28.0197 5012 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:35:28.0209 5012 LSI_SCSI - ok
17:35:28.0228 5012 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
17:35:28.0231 5012 luafv - ok
17:35:28.0252 5012 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
17:35:28.0274 5012 megasas - ok
17:35:28.0296 5012 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
17:35:28.0310 5012 MegaSR - ok
17:35:28.0329 5012 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
17:35:28.0331 5012 Modem - ok
17:35:28.0347 5012 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
17:35:28.0358 5012 monitor - ok
17:35:28.0377 5012 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
17:35:28.0378 5012 mouclass - ok
17:35:28.0392 5012 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
17:35:28.0394 5012 mouhid - ok
17:35:28.0418 5012 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
17:35:28.0430 5012 mountmgr - ok
17:35:28.0461 5012 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
17:35:28.0467 5012 mpio - ok
17:35:28.0476 5012 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
17:35:28.0488 5012 mpsdrv - ok
17:35:28.0526 5012 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
17:35:28.0529 5012 MRxDAV - ok
17:35:28.0571 5012 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:35:28.0573 5012 mrxsmb - ok
17:35:28.0614 5012 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:35:28.0659 5012 mrxsmb10 - ok
17:35:28.0680 5012 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:35:28.0682 5012 mrxsmb20 - ok
17:35:28.0719 5012 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
17:35:28.0731 5012 msahci - ok
17:35:28.0754 5012 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
17:35:28.0756 5012 msdsm - ok
17:35:28.0792 5012 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
17:35:28.0793 5012 Msfs - ok
17:35:28.0804 5012 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
17:35:28.0805 5012 mshidkmdf - ok
17:35:28.0826 5012 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
17:35:28.0827 5012 msisadrv - ok
17:35:28.0847 5012 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
17:35:28.0849 5012 MSKSSRV - ok
17:35:28.0864 5012 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
17:35:28.0865 5012 MSPCLOCK - ok
17:35:28.0874 5012 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
17:35:28.0885 5012 MSPQM - ok
17:35:28.0919 5012 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
17:35:28.0922 5012 MsRPC - ok
17:35:28.0942 5012 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
17:35:28.0944 5012 mssmbios - ok
17:35:28.0953 5012 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
17:35:28.0954 5012 MSTEE - ok
17:35:28.0974 5012 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
17:35:28.0975 5012 MTConfig - ok
17:35:29.0023 5012 MTsensor (2219a3d695405e7ba2186ba6b9ede14a) C:\Windows\system32\DRIVERS\ASACPI.sys
17:35:29.0035 5012 MTsensor - ok
17:35:29.0047 5012 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
17:35:29.0049 5012 Mup - ok
17:35:29.0072 5012 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
17:35:29.0076 5012 NativeWifiP - ok
17:35:29.0136 5012 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
17:35:29.0145 5012 NDIS - ok
17:35:29.0159 5012 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
17:35:29.0171 5012 NdisCap - ok
17:35:29.0189 5012 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
17:35:29.0191 5012 NdisTapi - ok
17:35:29.0200 5012 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
17:35:29.0202 5012 Ndisuio - ok
17:35:29.0224 5012 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
17:35:29.0236 5012 NdisWan - ok
17:35:29.0279 5012 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
17:35:29.0301 5012 NDProxy - ok
17:35:29.0309 5012 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
17:35:29.0321 5012 NetBIOS - ok
17:35:29.0352 5012 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
17:35:29.0355 5012 NetBT - ok
17:35:29.0414 5012 netr28ux (eed1fbde98cf5f6d5c0c5b27ab1f68ec) C:\Windows\system32\DRIVERS\netr28ux.sys
17:35:29.0430 5012 netr28ux - ok
17:35:29.0452 5012 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
17:35:29.0473 5012 nfrd960 - ok
17:35:29.0494 5012 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
17:35:29.0506 5012 Npfs - ok
17:35:29.0524 5012 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
17:35:29.0525 5012 nsiproxy - ok
17:35:29.0587 5012 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
17:35:29.0609 5012 Ntfs - ok
17:35:29.0623 5012 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
17:35:29.0634 5012 Null - ok
17:35:29.0669 5012 nusb3hub (088cd71003f21f96f01c63955150a1fb) C:\Windows\system32\DRIVERS\nusb3hub.sys
17:35:29.0670 5012 nusb3hub - ok
17:35:29.0686 5012 nusb3xhc (d90a2d44e93daea47aea946d9e87000f) C:\Windows\system32\DRIVERS\nusb3xhc.sys
17:35:29.0690 5012 nusb3xhc - ok
17:35:29.0742 5012 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
17:35:29.0754 5012 nvraid - ok
17:35:29.0795 5012 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
17:35:29.0797 5012 nvstor - ok
17:35:29.0846 5012 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
17:35:29.0847 5012 nv_agp - ok
17:35:29.0861 5012 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
17:35:29.0863 5012 ohci1394 - ok
17:35:29.0921 5012 OXSDIDRV_x64 (daf5d6b1696d42140839cd557336efc8) C:\Windows\system32\DRIVERS\OXSDIDRV_x64.sys
17:35:29.0933 5012 OXSDIDRV_x64 - ok
17:35:29.0973 5012 OXUDIDRV (d77856902312ab9129c966f64a3ac430) C:\Windows\system32\Drivers\OXUDIDRV_X64.sys
17:35:29.0974 5012 OXUDIDRV - ok
17:35:29.0995 5012 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
17:35:29.0996 5012 Parport - ok
17:35:30.0028 5012 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
17:35:30.0030 5012 partmgr - ok
17:35:30.0062 5012 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
17:35:30.0064 5012 pci - ok
17:35:30.0096 5012 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
17:35:30.0107 5012 pciide - ok
17:35:30.0133 5012 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
17:35:30.0146 5012 pcmcia - ok
17:35:30.0185 5012 PCTCore (54e013b6d55b81c0aa1ebea80ff42383) C:\Windows\system32\drivers\PCTCore64.sys
17:35:30.0188 5012 PCTCore - ok
17:35:30.0206 5012 pctDS (ff43e3b1687e4e2140de6349ea5c7372) C:\Windows\system32\drivers\pctDS64.sys
17:35:30.0211 5012 pctDS - ok
17:35:30.0235 5012 pctEFA (60e9a05852af7e9cb11237c00aee4ccf) C:\Windows\system32\drivers\pctEFA64.sys
17:35:30.0242 5012 pctEFA - ok
17:35:30.0262 5012 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
17:35:30.0274 5012 pcw - ok
17:35:30.0297 5012 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
17:35:30.0312 5012 PEAUTH - ok
17:35:30.0393 5012 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
17:35:30.0395 5012 PptpMiniport - ok
17:35:30.0403 5012 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
17:35:30.0405 5012 Processor - ok
17:35:30.0467 5012 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
17:35:30.0479 5012 Psched - ok
17:35:30.0525 5012 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
17:35:30.0539 5012 ql2300 - ok
17:35:30.0560 5012 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
17:35:30.0563 5012 ql40xx - ok
17:35:30.0582 5012 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
17:35:30.0594 5012 QWAVEdrv - ok
17:35:30.0623 5012 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
17:35:30.0635 5012 RasAcd - ok
17:35:30.0656 5012 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
17:35:30.0657 5012 RasAgileVpn - ok
17:35:30.0685 5012 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:35:30.0707 5012 Rasl2tp - ok
17:35:30.0727 5012 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
17:35:30.0729 5012 RasPppoe - ok
17:35:30.0744 5012 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
17:35:30.0746 5012 RasSstp - ok
17:35:30.0769 5012 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
17:35:30.0772 5012 rdbss - ok
17:35:30.0780 5012 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
17:35:30.0781 5012 rdpbus - ok
17:35:30.0802 5012 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:35:30.0802 5012 RDPCDD - ok
17:35:30.0819 5012 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
17:35:30.0821 5012 RDPENCDD - ok
17:35:30.0840 5012 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
17:35:30.0841 5012 RDPREFMP - ok
17:35:30.0877 5012 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
17:35:30.0879 5012 RDPWD - ok
17:35:30.0910 5012 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
17:35:30.0914 5012 rdyboost - ok
17:35:30.0945 5012 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
17:35:30.0957 5012 rspndr - ok
17:35:31.0001 5012 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
17:35:31.0012 5012 RTL8167 - ok
17:35:31.0053 5012 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
17:35:31.0055 5012 sbp2port - ok
17:35:31.0114 5012 SCDEmu (6ce6f98ea3d07a9c2ce3cd0a5a86352d) C:\Windows\system32\drivers\SCDEmu.sys
17:35:31.0116 5012 SCDEmu - ok
17:35:31.0157 5012 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
17:35:31.0165 5012 scfilter - ok
17:35:31.0187 5012 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
17:35:31.0188 5012 secdrv - ok
17:35:31.0215 5012 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
17:35:31.0227 5012 Serenum - ok
17:35:31.0243 5012 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
17:35:31.0245 5012 Serial - ok
17:35:31.0266 5012 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
17:35:31.0278 5012 sermouse - ok
17:35:31.0319 5012 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
17:35:31.0320 5012 sffdisk - ok
17:35:31.0340 5012 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
17:35:31.0341 5012 sffp_mmc - ok
17:35:31.0350 5012 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
17:35:31.0351 5012 sffp_sd - ok
17:35:31.0360 5012 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
17:35:31.0361 5012 sfloppy - ok
17:35:31.0387 5012 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:35:31.0388 5012 SiSRaid2 - ok
17:35:31.0409 5012 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
17:35:31.0411 5012 SiSRaid4 - ok
17:35:31.0426 5012 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
17:35:31.0427 5012 Smb - ok
17:35:31.0456 5012 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
17:35:31.0467 5012 spldr - ok
17:35:31.0509 5012 sptd (34f974f8b3c86de03a30dcbe79091c97) C:\Windows\system32\Drivers\sptd.sys
17:35:31.0509 5012 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 34f974f8b3c86de03a30dcbe79091c97
17:35:31.0511 5012 sptd ( LockedFile.Multi.Generic ) - warning
17:35:31.0511 5012 sptd - detected LockedFile.Multi.Generic (1)
17:35:31.0553 5012 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
17:35:31.0558 5012 srv - ok
17:35:31.0578 5012 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
17:35:31.0582 5012 srv2 - ok
17:35:31.0598 5012 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
17:35:31.0601 5012 srvnet - ok
17:35:31.0633 5012 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
17:35:31.0636 5012 stexstor - ok
17:35:31.0664 5012 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
17:35:31.0676 5012 swenum - ok
17:35:31.0733 5012 tap0901t (b08740047145b9bce15bf75ca0f9718a) C:\Windows\system32\DRIVERS\tap0901t.sys
17:35:31.0735 5012 tap0901t - ok
17:35:31.0790 5012 Tcpip (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\drivers\tcpip.sys
17:35:31.0820 5012 Tcpip - ok
17:35:31.0847 5012 TCPIP6 (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\DRIVERS\tcpip.sys
17:35:31.0856 5012 TCPIP6 - ok
17:35:31.0896 5012 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
17:35:31.0898 5012 tcpipreg - ok
17:35:31.0908 5012 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
17:35:31.0920 5012 TDPIPE - ok
17:35:31.0928 5012 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
17:35:31.0929 5012 TDTCP - ok
17:35:31.0972 5012 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
17:35:31.0983 5012 tdx - ok
17:35:31.0995 5012 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
17:35:31.0996 5012 TermDD - ok
17:35:32.0026 5012 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:35:32.0028 5012 tssecsrv - ok
17:35:32.0083 5012 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
17:35:32.0105 5012 TsUsbFlt - ok
17:35:32.0128 5012 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
17:35:32.0141 5012 tunnel - ok
17:35:32.0164 5012 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
17:35:32.0166 5012 uagp35 - ok
17:35:32.0209 5012 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
17:35:32.0212 5012 udfs - ok
17:35:32.0244 5012 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
17:35:32.0257 5012 uliagpkx - ok
17:35:32.0276 5012 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
17:35:32.0278 5012 umbus - ok
17:35:32.0296 5012 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
17:35:32.0297 5012 UmPass - ok
17:35:32.0320 5012 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
17:35:32.0321 5012 USBAAPL64 - ok
17:35:32.0350 5012 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
17:35:32.0352 5012 usbccgp - ok
17:35:32.0385 5012 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
17:35:32.0387 5012 usbcir - ok
17:35:32.0400 5012 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
17:35:32.0402 5012 usbehci - ok
17:35:32.0419 5012 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
17:35:32.0423 5012 usbhub - ok
17:35:32.0458 5012 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
17:35:32.0460 5012 usbohci - ok
17:35:32.0469 5012 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
17:35:32.0470 5012 usbprint - ok
17:35:32.0502 5012 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:35:32.0524 5012 USBSTOR - ok
17:35:32.0533 5012 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
17:35:32.0535 5012 usbuhci - ok
17:35:32.0558 5012 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
17:35:32.0560 5012 vdrvroot - ok
17:35:32.0570 5012 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
17:35:32.0572 5012 vga - ok
17:35:32.0581 5012 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
17:35:32.0593 5012 VgaSave - ok
17:35:32.0608 5012 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
17:35:32.0611 5012 vhdmp - ok
17:35:32.0646 5012 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
17:35:32.0658 5012 viaide - ok
17:35:32.0682 5012 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
17:35:32.0683 5012 volmgr - ok
17:35:32.0701 5012 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
17:35:32.0704 5012 volmgrx - ok
17:35:32.0744 5012 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
17:35:32.0748 5012 volsnap - ok
17:35:32.0763 5012 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
17:35:32.0776 5012 vsmraid - ok
17:35:32.0796 5012 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
17:35:32.0797 5012 vwifibus - ok
17:35:32.0821 5012 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
17:35:32.0823 5012 vwififlt - ok
17:35:32.0843 5012 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
17:35:32.0844 5012 WacomPen - ok
17:35:32.0878 5012 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:35:32.0890 5012 WANARP - ok
17:35:32.0894 5012 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:35:32.0895 5012 Wanarpv6 - ok
17:35:32.0922 5012 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
17:35:32.0924 5012 Wd - ok
17:35:32.0952 5012 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
17:35:32.0958 5012 Wdf01000 - ok
17:35:32.0988 5012 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
17:35:32.0999 5012 WfpLwf - ok
17:35:33.0008 5012 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
17:35:33.0019 5012 WIMMount - ok
17:35:33.0067 5012 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
17:35:33.0069 5012 WinUsb - ok
17:35:33.0109 5012 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
17:35:33.0120 5012 WmiAcpi - ok
17:35:33.0143 5012 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
17:35:33.0155 5012 ws2ifsl - ok
17:35:33.0196 5012 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
17:35:33.0209 5012 WudfPf - ok
17:35:33.0244 5012 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:35:33.0256 5012 WUDFRd - ok
17:35:33.0276 5012 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
17:35:33.0299 5012 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - infected
17:35:33.0299 5012 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.b (0)
17:35:33.0330 5012 Boot (0x1200) (74d553d176312cb28422d94a65a749f0) \Device\Harddisk0\DR0\Partition0
17:35:33.0330 5012 \Device\Harddisk0\DR0\Partition0 - ok
17:35:33.0336 5012 Boot (0x1200) (d6ef72b20742aa2d39fac9104ae44ebb) \Device\Harddisk0\DR0\Partition1
17:35:33.0337 5012 \Device\Harddisk0\DR0\Partition1 - ok
17:35:33.0351 5012 Boot (0x1200) (b79f0c8f32eb1327e761add1aa375c06) \Device\Harddisk0\DR0\Partition2
17:35:33.0352 5012 \Device\Harddisk0\DR0\Partition2 - ok
17:35:33.0352 5012 ============================================================
17:35:33.0352 5012 Scan finished
17:35:33.0352 5012 ============================================================
17:35:33.0364 5472 Detected object count: 2
17:35:33.0364 5472 Actual detected object count: 2
17:49:54.0469 5472 sptd ( LockedFile.Multi.Generic ) - skipped by user
17:49:54.0469 5472 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
17:49:54.0506 5472 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - will be cured on reboot
17:49:54.0506 5472 \Device\Harddisk0\DR0 - ok
17:49:54.0507 5472 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - User select action: Cure
17:49:59.0492 3840 Deinitialize success

[vyosek]

TDSKiller dela ze vsech skenu logy, budou ulozeny na c:\ jako TDSSKiller.nejaka cisilka _log.txt tak je pripadne zabalte vsechny a nekam uploadnete

[Vulgi]

a tento je po restarte (uz nenasiel ten s vysokym rizkom)




17:53:59.0035 2020 TDSS rootkit removing tool 2.6.17.0 Nov 9 2011 16:48:26
17:53:59.0338 2020 ============================================================
17:53:59.0338 2020 Current date / time: 2011/11/10 17:53:59.0338
17:53:59.0338 2020 SystemInfo:
17:53:59.0338 2020
17:53:59.0338 2020 OS Version: 6.1.7601 ServicePack: 1.0
17:53:59.0338 2020 Product type: Workstation
17:53:59.0338 2020 ComputerName: VULGI
17:53:59.0338 2020 UserName: Vulgi
17:53:59.0338 2020 Windows directory: C:\Windows
17:53:59.0338 2020 System windows directory: C:\Windows
17:53:59.0338 2020 Running under WOW64
17:53:59.0338 2020 Processor architecture: Intel x64
17:53:59.0338 2020 Number of processors: 4
17:53:59.0338 2020 Page size: 0x1000
17:53:59.0338 2020 Boot type: Normal boot
17:53:59.0338 2020 ============================================================
17:54:01.0481 2020 Initialize success
17:54:02.0418 3772 ============================================================
17:54:02.0418 3772 Scan started
17:54:02.0418 3772 Mode: Manual;
17:54:02.0418 3772 ============================================================
17:54:04.0884 3772 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
17:54:04.0885 3772 1394ohci - ok
17:54:05.0124 3772 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
17:54:05.0126 3772 ACPI - ok
17:54:05.0205 3772 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
17:54:05.0205 3772 AcpiPmi - ok
17:54:05.0287 3772 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
17:54:05.0290 3772 adp94xx - ok
17:54:05.0330 3772 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
17:54:05.0331 3772 adpahci - ok
17:54:05.0351 3772 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
17:54:05.0352 3772 adpu320 - ok
17:54:05.0489 3772 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
17:54:05.0491 3772 AFD - ok
17:54:05.0516 3772 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
17:54:05.0517 3772 agp440 - ok
17:54:05.0561 3772 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
17:54:05.0561 3772 aliide - ok
17:54:05.0627 3772 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
17:54:05.0629 3772 amdide - ok
17:54:05.0660 3772 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
17:54:05.0661 3772 amdiox64 - ok
17:54:05.0676 3772 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
17:54:05.0677 3772 AmdK8 - ok
17:54:05.0844 3772 amdkmdag (446a1aad34191665a8df6092bd8eb5a8) C:\Windows\system32\DRIVERS\atikmdag.sys
17:54:05.0889 3772 amdkmdag - ok
17:54:05.0910 3772 amdkmdap (f8f8a908fdb005a65ddf7238c814eea5) C:\Windows\system32\DRIVERS\atikmpag.sys
17:54:05.0914 3772 amdkmdap - ok
17:54:05.0930 3772 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
17:54:05.0931 3772 AmdPPM - ok
17:54:05.0946 3772 amdsata (53d8d46d51d390abdb54eca623165cb7) C:\Windows\system32\DRIVERS\amdsata.sys
17:54:05.0947 3772 amdsata - ok
17:54:05.0984 3772 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
17:54:05.0985 3772 amdsbs - ok
17:54:05.0997 3772 amdxata (75c51148154e34eb3d7bb84749a758d5) C:\Windows\system32\DRIVERS\amdxata.sys
17:54:05.0999 3772 amdxata - ok
17:54:06.0080 3772 AODDriver2 (6a488397b2e020ec24ce1aacfc830f90) C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys
17:54:06.0081 3772 AODDriver2 - ok
17:54:06.0135 3772 AODDriver4.0 (f312fad7dbd49ed21a194ac71b497832) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
17:54:06.0135 3772 AODDriver4.0 - ok
17:54:06.0139 3772 AODDriver4.01 (f312fad7dbd49ed21a194ac71b497832) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
17:54:06.0139 3772 AODDriver4.01 - ok
17:54:06.0194 3772 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
17:54:06.0195 3772 AppID - ok
17:54:06.0239 3772 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
17:54:06.0240 3772 arc - ok
17:54:06.0260 3772 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
17:54:06.0261 3772 arcsas - ok
17:54:06.0274 3772 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
17:54:06.0275 3772 AsyncMac - ok
17:54:06.0306 3772 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
17:54:06.0307 3772 atapi - ok
17:54:06.0345 3772 AtiHDAudioService (dbb487d09f56c674430ac454fd8bcab9) C:\Windows\system32\drivers\AtihdW76.sys
17:54:06.0346 3772 AtiHDAudioService - ok
17:54:06.0372 3772 AtiPcie (c07a040d6b5a42dd41ee386cf90974c8) C:\Windows\system32\DRIVERS\AtiPcie.sys
17:54:06.0374 3772 AtiPcie - ok
17:54:06.0431 3772 atitray (5f4599052d6036f782f2718363d5215b) C:\Program Files (x86)\Ray Adams\ATI Tray Tools\atitray64.sys
17:54:06.0432 3772 atitray - ok
17:54:06.0471 3772 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
17:54:06.0474 3772 b06bdrv - ok
17:54:06.0494 3772 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
17:54:06.0496 3772 b57nd60a - ok
17:54:06.0539 3772 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
17:54:06.0539 3772 Beep - ok
17:54:06.0579 3772 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
17:54:06.0580 3772 blbdrive - ok
17:54:06.0629 3772 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
17:54:06.0630 3772 bowser - ok
17:54:06.0637 3772 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:54:06.0639 3772 BrFiltLo - ok
17:54:06.0656 3772 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:54:06.0656 3772 BrFiltUp - ok
17:54:06.0681 3772 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
17:54:06.0682 3772 Brserid - ok
17:54:06.0702 3772 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
17:54:06.0704 3772 BrSerWdm - ok
17:54:06.0711 3772 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
17:54:06.0712 3772 BrUsbMdm - ok
17:54:06.0720 3772 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
17:54:06.0720 3772 BrUsbSer - ok
17:54:06.0731 3772 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
17:54:06.0732 3772 BTHMODEM - ok
17:54:06.0750 3772 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
17:54:06.0751 3772 cdfs - ok
17:54:06.0774 3772 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
17:54:06.0775 3772 cdrom - ok
17:54:06.0785 3772 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
17:54:06.0786 3772 circlass - ok
17:54:06.0811 3772 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
17:54:06.0814 3772 CLFS - ok
17:54:06.0840 3772 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
17:54:06.0841 3772 CmBatt - ok
17:54:06.0891 3772 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
17:54:06.0892 3772 cmdide - ok
17:54:06.0975 3772 cmudaxp (0367f029425cbd5506e8db2757ff3a8f) C:\Windows\system32\drivers\cmudaxp.sys
17:54:06.0987 3772 cmudaxp - ok
17:54:07.0044 3772 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
17:54:07.0046 3772 CNG - ok
17:54:07.0064 3772 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
17:54:07.0064 3772 Compbatt - ok
17:54:07.0087 3772 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
17:54:07.0089 3772 CompositeBus - ok
17:54:07.0129 3772 cpuz135 - ok
17:54:07.0145 3772 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
17:54:07.0146 3772 crcdisk - ok
17:54:07.0186 3772 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
17:54:07.0187 3772 DfsC - ok
17:54:07.0210 3772 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
17:54:07.0210 3772 discache - ok
17:54:07.0222 3772 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
17:54:07.0222 3772 Disk - ok
17:54:07.0270 3772 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
17:54:07.0270 3772 drmkaud - ok
17:54:07.0311 3772 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
17:54:07.0316 3772 DXGKrnl - ok
17:54:07.0340 3772 eamonm (398fdc5694f2ba9e51e321ca40d1706e) C:\Windows\system32\DRIVERS\eamonm.sys
17:54:07.0341 3772 eamonm - ok
17:54:07.0410 3772 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
17:54:07.0425 3772 ebdrv - ok
17:54:07.0457 3772 ehdrv (e99457900012b53b2226f146ecaf9136) C:\Windows\system32\DRIVERS\ehdrv.sys
17:54:07.0459 3772 ehdrv - ok
17:54:07.0495 3772 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
17:54:07.0499 3772 elxstor - ok
17:54:07.0534 3772 epfwwfpr (a2af094dcbe8bff7e898d327750506a0) C:\Windows\system32\DRIVERS\epfwwfpr.sys
17:54:07.0535 3772 epfwwfpr - ok
17:54:07.0565 3772 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
17:54:07.0566 3772 ErrDev - ok
17:54:07.0585 3772 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
17:54:07.0586 3772 exfat - ok
17:54:07.0605 3772 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
17:54:07.0606 3772 fastfat - ok
17:54:07.0621 3772 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
17:54:07.0622 3772 fdc - ok
17:54:07.0646 3772 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
17:54:07.0647 3772 FileInfo - ok
17:54:07.0662 3772 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
17:54:07.0664 3772 Filetrace - ok
17:54:07.0774 3772 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
17:54:07.0774 3772 flpydisk - ok
17:54:07.0812 3772 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
17:54:07.0815 3772 FltMgr - ok
17:54:07.0827 3772 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
17:54:07.0827 3772 FsDepends - ok
17:54:07.0849 3772 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
17:54:07.0861 3772 Fs_Rec - ok
17:54:07.0941 3772 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
17:54:07.0942 3772 fvevol - ok
17:54:07.0962 3772 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
17:54:07.0964 3772 gagp30kx - ok
17:54:08.0011 3772 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:54:08.0012 3772 GEARAspiWDM - ok
17:54:08.0067 3772 ggflt (a4198f2bd8aa592cb90476277a81b5e1) C:\Windows\system32\DRIVERS\ggflt.sys
17:54:08.0067 3772 ggflt - ok
17:54:08.0109 3772 GGSAFERDriver - ok
17:54:08.0142 3772 ggsemc (d266350bdaab9eb6c1aec370eeaaff3a) C:\Windows\system32\DRIVERS\ggsemc.sys
17:54:08.0144 3772 ggsemc - ok
17:54:08.0200 3772 hamachi (f8f0851d336c3b88dbd7232b6348e09a) C:\Windows\system32\DRIVERS\hamachi.sys
17:54:08.0201 3772 hamachi - ok
17:54:08.0219 3772 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
17:54:08.0220 3772 hcw85cir - ok
17:54:08.0264 3772 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
17:54:08.0266 3772 HdAudAddService - ok
17:54:08.0312 3772 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
17:54:08.0314 3772 HDAudBus - ok
17:54:08.0321 3772 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
17:54:08.0322 3772 HidBatt - ok
17:54:08.0331 3772 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
17:54:08.0332 3772 HidBth - ok
17:54:08.0340 3772 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
17:54:08.0341 3772 HidIr - ok
17:54:08.0357 3772 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
17:54:08.0359 3772 HidUsb - ok
17:54:08.0389 3772 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
17:54:08.0390 3772 HpSAMD - ok
17:54:08.0442 3772 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
17:54:08.0447 3772 HTTP - ok
17:54:08.0469 3772 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
17:54:08.0470 3772 hwpolicy - ok
17:54:08.0499 3772 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
17:54:08.0500 3772 i8042prt - ok
17:54:08.0540 3772 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
17:54:08.0542 3772 iaStorV - ok
17:54:08.0574 3772 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
17:54:08.0575 3772 iirsp - ok
17:54:08.0684 3772 IntcAzAudAddService (f5872a11eb4f6db170d636cd4e53ca9f) C:\Windows\system32\drivers\RTKVHD64.sys
17:54:08.0696 3772 IntcAzAudAddService - ok
17:54:08.0727 3772 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
17:54:08.0729 3772 intelide - ok
17:54:08.0759 3772 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
17:54:08.0760 3772 intelppm - ok
17:54:08.0799 3772 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:54:08.0799 3772 IpFilterDriver - ok
17:54:08.0810 3772 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
17:54:08.0811 3772 IPMIDRV - ok
17:54:08.0820 3772 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
17:54:08.0821 3772 IPNAT - ok
17:54:08.0845 3772 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
17:54:08.0845 3772 IRENUM - ok
17:54:08.0882 3772 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
17:54:08.0884 3772 isapnp - ok
17:54:08.0899 3772 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
17:54:08.0900 3772 iScsiPrt - ok
17:54:08.0914 3772 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
17:54:08.0914 3772 kbdclass - ok
17:54:08.0939 3772 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
17:54:08.0939 3772 kbdhid - ok
17:54:08.0955 3772 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
17:54:08.0956 3772 KSecDD - ok
17:54:08.0976 3772 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
17:54:08.0977 3772 KSecPkg - ok
17:54:08.0989 3772 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
17:54:08.0990 3772 ksthunk - ok
17:54:09.0021 3772 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
17:54:09.0021 3772 lltdio - ok
17:54:09.0051 3772 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
17:54:09.0052 3772 LSI_FC - ok
17:54:09.0066 3772 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
17:54:09.0067 3772 LSI_SAS - ok
17:54:09.0082 3772 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:54:09.0084 3772 LSI_SAS2 - ok
17:54:09.0104 3772 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:54:09.0105 3772 LSI_SCSI - ok
17:54:09.0136 3772 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
17:54:09.0137 3772 luafv - ok
17:54:09.0159 3772 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
17:54:09.0160 3772 megasas - ok
17:54:09.0181 3772 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
17:54:09.0195 3772 MegaSR - ok
17:54:09.0215 3772 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
17:54:09.0215 3772 Modem - ok
17:54:09.0231 3772 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
17:54:09.0232 3772 monitor - ok
17:54:09.0251 3772 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
17:54:09.0251 3772 mouclass - ok
17:54:09.0266 3772 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
17:54:09.0266 3772 mouhid - ok
17:54:09.0291 3772 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
17:54:09.0292 3772 mountmgr - ok
17:54:09.0324 3772 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
17:54:09.0326 3772 mpio - ok
17:54:09.0334 3772 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
17:54:09.0335 3772 mpsdrv - ok
17:54:09.0366 3772 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
17:54:09.0367 3772 MRxDAV - ok
17:54:09.0400 3772 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:54:09.0401 3772 mrxsmb - ok
17:54:09.0432 3772 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:54:09.0434 3772 mrxsmb10 - ok
17:54:09.0454 3772 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:54:09.0455 3772 mrxsmb20 - ok
17:54:09.0471 3772 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
17:54:09.0471 3772 msahci - ok
17:54:09.0494 3772 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
17:54:09.0495 3772 msdsm - ok
17:54:09.0532 3772 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
17:54:09.0532 3772 Msfs - ok
17:54:09.0544 3772 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
17:54:09.0545 3772 mshidkmdf - ok
17:54:09.0555 3772 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
17:54:09.0556 3772 msisadrv - ok
17:54:09.0569 3772 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
17:54:09.0569 3772 MSKSSRV - ok
17:54:09.0582 3772 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
17:54:09.0584 3772 MSPCLOCK - ok
17:54:09.0592 3772 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
17:54:09.0592 3772 MSPQM - ok
17:54:09.0636 3772 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
17:54:09.0639 3772 MsRPC - ok
17:54:09.0660 3772 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
17:54:09.0661 3772 mssmbios - ok
17:54:09.0669 3772 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
17:54:09.0670 3772 MSTEE - ok
17:54:09.0681 3772 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
17:54:09.0681 3772 MTConfig - ok
17:54:09.0730 3772 MTsensor (2219a3d695405e7ba2186ba6b9ede14a) C:\Windows\system32\DRIVERS\ASACPI.sys
17:54:09.0730 3772 MTsensor - ok
17:54:09.0744 3772 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
17:54:09.0744 3772 Mup - ok
17:54:09.0769 3772 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
17:54:09.0770 3772 NativeWifiP - ok
17:54:09.0831 3772 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
17:54:09.0836 3772 NDIS - ok
17:54:09.0855 3772 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
17:54:09.0856 3772 NdisCap - ok
17:54:09.0874 3772 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
17:54:09.0874 3772 NdisTapi - ok
17:54:09.0882 3772 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
17:54:09.0884 3772 Ndisuio - ok
17:54:09.0897 3772 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
17:54:09.0900 3772 NdisWan - ok
17:54:09.0942 3772 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
17:54:09.0942 3772 NDProxy - ok
17:54:09.0956 3772 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
17:54:09.0957 3772 NetBIOS - ok
17:54:09.0981 3772 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
17:54:09.0984 3772 NetBT - ok
17:54:10.0042 3772 netr28ux (eed1fbde98cf5f6d5c0c5b27ab1f68ec) C:\Windows\system32\DRIVERS\netr28ux.sys
17:54:10.0049 3772 netr28ux - ok
17:54:10.0070 3772 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
17:54:10.0071 3772 nfrd960 - ok
17:54:10.0090 3772 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
17:54:10.0091 3772 Npfs - ok
17:54:10.0109 3772 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
17:54:10.0110 3772 nsiproxy - ok
17:54:10.0171 3772 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
17:54:10.0180 3772 Ntfs - ok
17:54:10.0196 3772 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
17:54:10.0197 3772 Null - ok
17:54:10.0231 3772 nusb3hub (088cd71003f21f96f01c63955150a1fb) C:\Windows\system32\DRIVERS\nusb3hub.sys
17:54:10.0232 3772 nusb3hub - ok
17:54:10.0249 3772 nusb3xhc (d90a2d44e93daea47aea946d9e87000f) C:\Windows\system32\DRIVERS\nusb3xhc.sys
17:54:10.0250 3772 nusb3xhc - ok
17:54:10.0294 3772 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
17:54:10.0295 3772 nvraid - ok
17:54:10.0335 3772 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
17:54:10.0336 3772 nvstor - ok
17:54:10.0375 3772 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
17:54:10.0376 3772 nv_agp - ok
17:54:10.0391 3772 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
17:54:10.0391 3772 ohci1394 - ok
17:54:10.0439 3772 OXSDIDRV_x64 (daf5d6b1696d42140839cd557336efc8) C:\Windows\system32\DRIVERS\OXSDIDRV_x64.sys
17:54:10.0440 3772 OXSDIDRV_x64 - ok
17:54:10.0480 3772 OXUDIDRV (d77856902312ab9129c966f64a3ac430) C:\Windows\system32\Drivers\OXUDIDRV_X64.sys
17:54:10.0480 3772 OXUDIDRV - ok
17:54:10.0501 3772 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
17:54:10.0502 3772 Parport - ok
17:54:10.0525 3772 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
17:54:10.0525 3772 partmgr - ok
17:54:10.0557 3772 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
17:54:10.0559 3772 pci - ok
17:54:10.0591 3772 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
17:54:10.0592 3772 pciide - ok
17:54:10.0619 3772 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
17:54:10.0620 3772 pcmcia - ok
17:54:10.0659 3772 PCTCore (54e013b6d55b81c0aa1ebea80ff42383) C:\Windows\system32\drivers\PCTCore64.sys
17:54:10.0660 3772 PCTCore - ok
17:54:10.0680 3772 pctDS (ff43e3b1687e4e2140de6349ea5c7372) C:\Windows\system32\drivers\pctDS64.sys
17:54:10.0682 3772 pctDS - ok
17:54:10.0709 3772 pctEFA (60e9a05852af7e9cb11237c00aee4ccf) C:\Windows\system32\drivers\pctEFA64.sys
17:54:10.0712 3772 pctEFA - ok
17:54:10.0736 3772 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
17:54:10.0737 3772 pcw - ok
17:54:10.0760 3772 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
17:54:10.0764 3772 PEAUTH - ok
17:54:10.0834 3772 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
17:54:10.0835 3772 PptpMiniport - ok
17:54:10.0842 3772 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
17:54:10.0844 3772 Processor - ok
17:54:10.0885 3772 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
17:54:10.0886 3772 Psched - ok
17:54:10.0921 3772 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
17:54:10.0929 3772 ql2300 - ok
17:54:10.0945 3772 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
17:54:10.0946 3772 ql40xx - ok
17:54:10.0967 3772 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
17:54:10.0967 3772 QWAVEdrv - ok
17:54:10.0986 3772 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
17:54:10.0997 3772 RasAcd - ok
17:54:11.0040 3772 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
17:54:11.0041 3772 RasAgileVpn - ok
17:54:11.0070 3772 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:54:11.0071 3772 Rasl2tp - ok
17:54:11.0089 3772 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
17:54:11.0091 3772 RasPppoe - ok
17:54:11.0106 3772 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
17:54:11.0107 3772 RasSstp - ok
17:54:11.0131 3772 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
17:54:11.0134 3772 rdbss - ok
17:54:11.0141 3772 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
17:54:11.0142 3772 rdpbus - ok
17:54:11.0165 3772 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:54:11.0166 3772 RDPCDD - ok
17:54:11.0177 3772 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
17:54:11.0180 3772 RDPENCDD - ok
17:54:11.0214 3772 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
17:54:11.0215 3772 RDPREFMP - ok
17:54:11.0250 3772 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
17:54:11.0265 3772 RDPWD - ok
17:54:11.0296 3772 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
17:54:11.0301 3772 rdyboost - ok
17:54:11.0330 3772 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
17:54:11.0342 3772 rspndr - ok
17:54:11.0386 3772 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
17:54:11.0396 3772 RTL8167 - ok
17:54:11.0439 3772 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
17:54:11.0451 3772 sbp2port - ok
17:54:11.0489 3772 SCDEmu (6ce6f98ea3d07a9c2ce3cd0a5a86352d) C:\Windows\system32\drivers\SCDEmu.sys
17:54:11.0500 3772 SCDEmu - ok
17:54:11.0542 3772 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
17:54:11.0551 3772 scfilter - ok
17:54:11.0572 3772 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
17:54:11.0584 3772 secdrv - ok
17:54:11.0610 3772 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
17:54:11.0622 3772 Serenum - ok
17:54:11.0639 3772 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
17:54:11.0679 3772 Serial - ok
17:54:11.0696 3772 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
17:54:11.0707 3772 sermouse - ok
17:54:11.0749 3772 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
17:54:11.0760 3772 sffdisk - ok
17:54:11.0780 3772 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
17:54:11.0794 3772 sffp_mmc - ok
17:54:11.0801 3772 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
17:54:11.0804 3772 sffp_sd - ok
17:54:11.0811 3772 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
17:54:11.0822 3772 sfloppy - ok
17:54:11.0850 3772 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:54:11.0872 3772 SiSRaid2 - ok
17:54:11.0894 3772 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
17:54:11.0906 3772 SiSRaid4 - ok
17:54:11.0921 3772 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
17:54:11.0925 3772 Smb - ok
17:54:11.0952 3772 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
17:54:11.0965 3772 spldr - ok
17:54:12.0005 3772 sptd (34f974f8b3c86de03a30dcbe79091c97) C:\Windows\system32\Drivers\sptd.sys
17:54:12.0005 3772 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 34f974f8b3c86de03a30dcbe79091c97
17:54:12.0007 3772 sptd ( LockedFile.Multi.Generic ) - warning
17:54:12.0007 3772 sptd - detected LockedFile.Multi.Generic (1)
17:54:12.0049 3772 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
17:54:12.0094 3772 srv - ok
17:54:12.0117 3772 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
17:54:12.0134 3772 srv2 - ok
17:54:12.0150 3772 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
17:54:12.0154 3772 srvnet - ok
17:54:12.0185 3772 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
17:54:12.0187 3772 stexstor - ok
17:54:12.0215 3772 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
17:54:12.0226 3772 swenum - ok
17:54:12.0285 3772 tap0901t (b08740047145b9bce15bf75ca0f9718a) C:\Windows\system32\DRIVERS\tap0901t.sys
17:54:12.0286 3772 tap0901t - ok
17:54:12.0341 3772 Tcpip (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\drivers\tcpip.sys
17:54:12.0372 3772 Tcpip - ok
17:54:12.0400 3772 TCPIP6 (f0e98c00a09fdf791525829a1d14240f) C:\Windows\system32\DRIVERS\tcpip.sys
17:54:12.0409 3772 TCPIP6 - ok
17:54:12.0447 3772 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
17:54:12.0450 3772 tcpipreg - ok
17:54:12.0460 3772 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
17:54:12.0472 3772 TDPIPE - ok
17:54:12.0480 3772 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
17:54:12.0489 3772 TDTCP - ok
17:54:12.0524 3772 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
17:54:12.0536 3772 tdx - ok
17:54:12.0547 3772 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
17:54:12.0559 3772 TermDD - ok
17:54:12.0619 3772 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:54:12.0621 3772 tssecsrv - ok
17:54:12.0690 3772 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
17:54:12.0712 3772 TsUsbFlt - ok
17:54:12.0746 3772 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
17:54:12.0759 3772 tunnel - ok
17:54:12.0816 3772 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
17:54:12.0829 3772 uagp35 - ok
17:54:12.0872 3772 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
17:54:12.0877 3772 udfs - ok
17:54:12.0907 3772 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
17:54:12.0920 3772 uliagpkx - ok
17:54:12.0939 3772 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
17:54:12.0951 3772 umbus - ok
17:54:12.0970 3772 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
17:54:12.0982 3772 UmPass - ok
17:54:13.0005 3772 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
17:54:13.0017 3772 USBAAPL64 - ok
17:54:13.0046 3772 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
17:54:13.0059 3772 usbccgp - ok
17:54:13.0092 3772 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
17:54:13.0096 3772 usbcir - ok
17:54:13.0119 3772 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
17:54:13.0131 3772 usbehci - ok
17:54:13.0149 3772 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
17:54:13.0164 3772 usbhub - ok
17:54:13.0187 3772 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
17:54:13.0200 3772 usbohci - ok
17:54:13.0207 3772 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
17:54:13.0220 3772 usbprint - ok
17:54:13.0254 3772 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:54:13.0276 3772 USBSTOR - ok
17:54:13.0284 3772 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
17:54:13.0286 3772 usbuhci - ok
17:54:13.0299 3772 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
17:54:13.0321 3772 vdrvroot - ok
17:54:13.0331 3772 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
17:54:13.0334 3772 vga - ok
17:54:13.0342 3772 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
17:54:13.0355 3772 VgaSave - ok
17:54:13.0394 3772 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
17:54:13.0407 3772 vhdmp - ok
17:54:13.0441 3772 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
17:54:13.0454 3772 viaide - ok
17:54:13.0477 3772 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
17:54:13.0501 3772 volmgr - ok
17:54:13.0530 3772 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
17:54:13.0536 3772 volmgrx - ok
17:54:13.0551 3772 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
17:54:13.0571 3772 volsnap - ok
17:54:13.0592 3772 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
17:54:13.0607 3772 vsmraid - ok
17:54:13.0626 3772 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
17:54:13.0637 3772 vwifibus - ok
17:54:13.0661 3772 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
17:54:13.0664 3772 vwififlt - ok
17:54:13.0682 3772 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
17:54:13.0686 3772 WacomPen - ok
17:54:13.0730 3772 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:54:13.0742 3772 WANARP - ok
17:54:13.0745 3772 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:54:13.0746 3772 Wanarpv6 - ok
17:54:13.0807 3772 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
17:54:13.0810 3772 Wd - ok
17:54:13.0836 3772 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
17:54:13.0845 3772 Wdf01000 - ok
17:54:13.0872 3772 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
17:54:13.0885 3772 WfpLwf - ok
17:54:13.0892 3772 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
17:54:13.0905 3772 WIMMount - ok
17:54:13.0952 3772 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
17:54:13.0961 3772 WinUsb - ok
17:54:14.0005 3772 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
17:54:14.0016 3772 WmiAcpi - ok
17:54:14.0050 3772 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
17:54:14.0062 3772 ws2ifsl - ok
17:54:14.0104 3772 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
17:54:14.0116 3772 WudfPf - ok
17:54:14.0151 3772 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:54:14.0164 3772 WUDFRd - ok
17:54:14.0184 3772 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
17:54:14.0192 3772 \Device\Harddisk0\DR0 - ok
17:54:14.0196 3772 Boot (0x1200) (74d553d176312cb28422d94a65a749f0) \Device\Harddisk0\DR0\Partition0
17:54:14.0196 3772 \Device\Harddisk0\DR0\Partition0 - ok
17:54:14.0210 3772 Boot (0x1200) (d6ef72b20742aa2d39fac9104ae44ebb) \Device\Harddisk0\DR0\Partition1
17:54:14.0210 3772 \Device\Harddisk0\DR0\Partition1 - ok
17:54:14.0225 3772 Boot (0x1200) (b79f0c8f32eb1327e761add1aa375c06) \Device\Harddisk0\DR0\Partition2
17:54:14.0226 3772 \Device\Harddisk0\DR0\Partition2 - ok
17:54:14.0226 3772 ============================================================
17:54:14.0226 3772 Scan finished
17:54:14.0226 3772 ============================================================
17:54:14.0236 3704 Detected object count: 1
17:54:14.0236 3704 Actual detected object count: 1
17:54:17.0071 3704 sptd ( LockedFile.Multi.Generic ) - skipped by user
17:54:17.0071 3704 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
17:54:19.0642 4956 Deinitialize success








Ok musim uz ist mam vypnut pc alebo ten vir uz nebude dalej nejak mutovat a mozem nechat zapnute pc? hned ked dojdem vam pisem....
nemusite mi vykat

[vyosek]

To nejhorsi je pryc, ale je mozne ze je tam neco dal...Muzes jej vypnout ale i nechal bezet, to je jedno...Jak budes u PC, tak napis a pujdem dal...

[Vulgi]

Ale ono sa to asi nejako skrylo niekam alebo co:( lebo ja som dal krizik cize som zrušil a uz potom to nenašlo som to posral:(
Pc uz som vypol tak snad budem coskoro doma



Uz som tu tak co teda dalej?