Preventivní log spolu s (ne)spuštěním systému Windows 7

Zpráva

#31 Příspěvek od **Márty84** » 12 bře 2012 10:15

Jeste se zeptam, jak dlouho trval ten error scan s HD Tune? Delal jste rychly, nebo normalni? Vpravo nahore je napis quick scan. Bylo tam zatrzitko? Jestli tam bylo, dejte ho pryc a udelejte test znovu. Jestli tam nebylo, tak napiste

iriverimp · #32 Příspěvek od **iriverimp** » 12 bře 2012 10:34

Error Scan

Delal jsem normalni scan, quick scan jsem nezaskrtaval a trvalo to zhruba 45 minut, coz se shodovalo i s vypoctem, jez jsem provedl rychle v hlave.. 250Gb, 60 sekund a 100 Mb/s davalo i podobny cas

Benchmark pak trval par minut.

#33 Příspěvek od **Márty84** » 12 bře 2012 11:11

Kliknete na START a pak na Spustit
V okenku co vyskoci bude radek, do ktereho napiste

Kód: Vybrat vše

cmd

Kliknete na OK
Vyskoci na vas dalsi okno. Do nej napiste

Kód: Vybrat vše

sfc /scannow

ta mezera tam je schvalne, taky ji tam udelejte
Az to napisete, zmacknete Enter

iriverimp · #34 Příspěvek od **iriverimp** » 12 bře 2012 11:33

windows nic nenalezly>

Windows Resource Protection did not find any integrity violation.

#35 Příspěvek od **Márty84** » 12 bře 2012 18:55

No, konzultoval jsem to s kolegy a vypada to, ze vas opravna instalace nemine

Co se tyka toho disku, neni v nejlepsi kondici. Podle kolegy, ktery je na HW odbornik, je vetsina chyb ve cteni, nebo zapisu dat. Proto byste mel zkontrolovat datovy kabel, pripadne zkusit jiny (nevim, jestli jste nekdy oteviral notas). A az pak se pokusit o opravnou instalaci. Nebo pokud uz to mate zalohovane, byl by lepsi komplet format. Rad bych napsal lepsi zpravy, ale nic me nenapada

iriverimp · #36 Příspěvek od **iriverimp** » 12 bře 2012 19:03

dobre, takze posledni moznosti je rozebrat pocitac, asi bych si na to zkusil pozvat znameho, co mi uz jednou drive jeden rozebiral a zkusit ten kabel, pripadne koupit novy kabel a zapojit. Jen nevim, kdy ho sezenu, ale to se zvladne. Nasledne bych pak mel asi pustit par programu(prikazu), co jste mi posilal a sem to pak pastnout, at je vysledek hmatatelny. Pokud by ani toto nezabralo, tak se asi rozloucim se zbytnymi daty a kompletni format teda... Dekuji mnohokrat za pomoc a dam Vam vedet, jak se to vsechno nakonec dokoncilo

#37 Příspěvek od **Márty84** » 12 bře 2012 19:06

Jestli mate nekoho znameho, urcite ho pozvete. Ono treba kdyz u toho bude, treba na neco prijde, co nas takhle na dalku nenapadlo a nebudete to muset resit tak drasticky

Uvidite a pak se teda ozvete. Zatim se mejte a drzim palce

iriverimp · #38 Příspěvek od **iriverimp** » 12 bře 2012 21:10

ComboFix 12-03-12.03 - pokus admin 12.03.2012 20:51:04.3.4 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1033.18.2991.1487 [GMT 1:00]
Spuštěný z: c:\users\pokus admin\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
Nakažená kopie c:\windows\system32\Drivers\atapi.sys byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ERDNT\cache\atapi.sys
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-02-12 do 2012-03-12 )))))))))))))))))))))))))))))))
.
.
2012-03-12 20:01 . 2012-03-12 20:01 -------- d-----w- c:\users\HP\AppData\Local\temp
2012-03-12 20:01 . 2012-03-12 20:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-12 19:29 . 2012-03-12 19:37 -------- d-----w- c:\users\pokus admin
2012-03-11 13:22 . 2012-03-11 13:22 -------- d-----w- c:\program files\HD Tune
2012-03-11 13:11 . 2012-03-11 13:12 -------- d-----w- c:\program files\CrystalDiskInfo
2012-03-11 09:46 . 2012-03-11 09:46 -------- d-----w- c:\windows\system32\SPReview
2012-03-11 09:04 . 2010-11-20 03:21 20992 ----a-w- c:\windows\system32\shgina.dll
2012-03-11 08:53 . 2012-03-11 08:53 -------- d-----w- c:\windows\system32\EventProviders
2012-03-11 08:52 . 2012-03-11 08:53 -------- d-----w- C:\50553d7b1d353eece9
2012-03-11 07:47 . 2012-03-11 07:47 -------- d-----w- c:\windows\system32\%LocalAppData%
2012-03-10 08:56 . 2012-03-10 08:57 -------- d-----w- C:\rsit
2012-03-10 08:56 . 2012-03-10 08:57 -------- d-----w- c:\program files\trend micro
2012-03-10 08:48 . 2012-03-11 08:39 -------- d-----w- c:\program files\FullDataBackup
2012-03-10 07:56 . 2012-02-08 06:03 6552120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DA8CC6D3-D3AE-441E-BE4C-32521886BB3F}\mpengine.dll
2012-02-16 19:16 . 2011-11-28 17:51 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-02-16 19:16 . 2011-11-28 17:53 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-02-16 19:16 . 2011-11-28 17:53 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-02-16 19:16 . 2011-11-28 17:52 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-02-16 19:16 . 2011-11-28 17:52 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-02-16 19:16 . 2011-11-28 17:52 55128 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-02-16 19:16 . 2011-11-28 18:01 41184 ----a-w- c:\windows\avastSS.scr
2012-02-16 19:16 . 2011-11-28 18:01 199816 ----a-w- c:\windows\system32\aswBoot.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-11 09:42 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2012-01-29 04:10 . 2011-08-02 15:33 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-01-21 10:42 . 2012-01-20 22:39 967 ----a-w- c:\windows\ScUnin.pif
2012-01-21 10:42 . 2012-01-20 22:39 94208 ----a-w- c:\windows\ScUnin.exe
2012-01-11 21:14 . 2012-01-11 21:14 98304 ----a-w- c:\windows\system32\CmdLineExt.dll
2012-01-11 20:15 . 2012-01-11 20:15 239168 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-02-21 10:12 . 2011-08-01 12:33 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"="c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" [2010-04-05 1691192]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-04-05 8192]
"QLBController"="c:\program files\Hewlett-Packard\HP HotKey Support\QLBController.exe" [2010-03-01 256056]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-02-26 1713448]
"PDF Complete"="c:\program files\PDF Complete\pdfsty.exe" [2010-03-06 563736]
"File Sanitizer"="c:\program files\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2010-01-19 11266048]
"acevents"="c:\program files\ActivIdentity\ActivClient\acevents.exe" [2009-06-04 153640]
"accrdsub"="c:\program files\ActivIdentity\ActivClient\accrdsub.exe" [2009-06-04 400936]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-01-20 1206544]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2010-03-17 495708]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2010-01-08 186904]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-04-26 136216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-04-26 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-04-26 169496]
"IMSS"="c:\program files\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2010-03-03 111640]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-12-29 795936]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
c:\users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Registration Heroes of Might & Magic 5.LNK - c:\program files\Ubisoft\Heroes of Might and Magic V\registration\RegistrationReminder.exe [2012-1-11 868352]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv.sys [2009-10-21 32312]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-02-08 83912]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2010-01-20 211216]
R3 RoxMediaDB10;RoxMediaDB10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-11-23 1120752]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 tswNT;toolstar*testWIN support driver;c:\users\ADMINI~1\AppData\Local\Temp\00736826\tswnt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-08-09 1343400]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2010-02-08 160912]
S0 SafeBoot;SafeBoot; [x]
S0 SbAlg;SbAlg; [x]
S0 SbFsLock;SbFsLock; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-01-11 239168]
S1 RsvLock;RsvLock; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 ac.sharedstore;ActivIdentity Shared Store Service;c:\program files\Common Files\ActivIdentity\ac.sharedstore.exe [2009-06-04 207400]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\aestsrv.exe [2009-03-03 81920]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-11-28 55128]
S2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2010-04-05 103992]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-04-05 103992]
S2 HPDayStarterService;HP DayStarter Service;c:\program files\Hewlett-Packard\HP QuickLook\HPDayStarterService.exe [2010-03-26 90112]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2009-12-11 251448]
S2 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2010-02-02 281192]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files\Hewlett-Packard\File Sanitizer\HPFSService.exe [2010-01-19 297984]
S2 hpHotkeyMonitor;HP Hotkey Monitor;c:\program files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-03-01 264248]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2009-07-08 26168]
S2 McAfee SiteAdvisor Enterprise Service;McAfee SiteAdvisor Enterprise Service;c:\program files\McAfee\SiteAdvisor Enterprise\McSACore.exe [2009-08-07 222528]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [2010-02-08 141792]
S2 myAgtSvc;McAfee Virus and Spyware Protection Service;c:\program files\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe [2010-02-17 282824]
S2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [2010-03-06 635416]
S2 rimspci;rimspci;c:\windows\system32\DRIVERS\rimspe86.sys [2009-10-26 48640]
S2 risdpcie;risdpcie;c:\windows\system32\DRIVERS\risdpe86.sys [2009-10-29 47616]
S2 rixdpcie;rixdpcie;c:\windows\system32\DRIVERS\rixdpe86.sys [2009-12-12 38912]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-03 2320920]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe [2010-02-18 1664304]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-01-07 29472]
S3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k6232.sys [2010-01-07 215208]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-27 132480]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-02-03 232960]
S3 NETw5s32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [2010-01-13 6755840]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
.
------- Doplňkový sken -------
.
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files\ICQ7.6\ICQ.exe
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\pokus admin\AppData\Roaming\Mozilla\Firefox\Profiles\znufkl0j.default\
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(1168)
c:\program files\WIDCOMM\Bluetooth Software\btmmhook.dll
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\STacSV.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
c:\windows\system32\taskhost.exe
c:\program files\LSI SoftModem\agrsmsvc.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\program files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files\McAfee\MPF\MPFSrv.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\program files\Common Files\McAfee\SystemCore\mcshield.exe
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\windows\system32\conhost.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\program files\WIDCOMM\Bluetooth Software\BtStackServer.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\windows\system32\sppsvc.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
.
**************************************************************************
.
Celkový čas: 2012-03-12 21:09:32 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-03-12 20:09
ComboFix2.txt 2012-03-12 19:41
ComboFix3.txt 2012-03-11 10:54
.
Před spuštěním: 74 930 720 768 bytes free
Po spuštění: 74 613 747 712 bytes free
.
- - End Of File - - 8130169DC7545C1A88CE6CEBEC017453

iriverimp · #39 Příspěvek od **iriverimp** » 13 bře 2012 11:19

Prvni TXT LOG:

11:13:29.0801 4712 TDSS rootkit removing tool 2.7.20.0 Mar 9 2012 17:10:43
11:13:29.0914 4712 ============================================================
11:13:29.0914 4712 Current date / time: 2012/03/13 11:13:29.0914
11:13:29.0914 4712 SystemInfo:
11:13:29.0914 4712
11:13:29.0914 4712 OS Version: 6.1.7601 ServicePack: 1.0
11:13:29.0915 4712 Product type: Workstation
11:13:29.0915 4712 ComputerName: HP-PC
11:13:29.0915 4712 UserName: pokus admin
11:13:29.0915 4712 Windows directory: C:\Windows
11:13:29.0915 4712 System windows directory: C:\Windows
11:13:29.0915 4712 Processor architecture: Intel x86
11:13:29.0915 4712 Number of processors: 4
11:13:29.0915 4712 Page size: 0x1000
11:13:29.0915 4712 Boot type: Normal boot
11:13:29.0915 4712 ============================================================
11:13:30.0516 4712 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
11:13:30.0519 4712 \Device\Harddisk0\DR0:
11:13:30.0519 4712 MBR used
11:13:30.0519 4712 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
11:13:30.0519 4712 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1CD8E800
11:13:30.0519 4712 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xC, StartLBA 0x1CDC1000, BlocksNum 0x400000
11:13:30.0569 4712 Initialize success
11:13:30.0569 4712 ============================================================
11:13:35.0746 6120 Deinitialize success

2. TXT LOG

11:14:46.0326 4444 TDSS rootkit removing tool 2.7.20.0 Mar 9 2012 17:10:43
11:14:46.0455 4444 ============================================================
11:14:46.0455 4444 Current date / time: 2012/03/13 11:14:46.0455
11:14:46.0455 4444 SystemInfo:
11:14:46.0455 4444
11:14:46.0455 4444 OS Version: 6.1.7601 ServicePack: 1.0
11:14:46.0455 4444 Product type: Workstation
11:14:46.0455 4444 ComputerName: HP-PC
11:14:46.0455 4444 UserName: pokus admin
11:14:46.0455 4444 Windows directory: C:\Windows
11:14:46.0455 4444 System windows directory: C:\Windows
11:14:46.0456 4444 Processor architecture: Intel x86
11:14:46.0456 4444 Number of processors: 4
11:14:46.0456 4444 Page size: 0x1000
11:14:46.0456 4444 Boot type: Normal boot
11:14:46.0456 4444 ============================================================
11:14:46.0971 4444 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
11:14:46.0973 4444 \Device\Harddisk0\DR0:
11:14:46.0974 4444 MBR used
11:14:46.0974 4444 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
11:14:46.0974 4444 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1CD8E800
11:14:46.0974 4444 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xC, StartLBA 0x1CDC1000, BlocksNum 0x400000
11:14:47.0024 4444 Initialize success
11:14:47.0024 4444 ============================================================
11:15:41.0771 5356 ============================================================
11:15:41.0771 5356 Scan started
11:15:41.0771 5356 Mode: Manual; SigCheck; TDLFS;
11:15:41.0771 5356 ============================================================
11:15:42.0347 5356 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
11:15:42.0536 5356 1394ohci - ok
11:15:42.0580 5356 Accelerometer (4df5e6215a102a192b2b6dbb61f2fba5) C:\Windows\system32\DRIVERS\Accelerometer.sys
11:15:42.0598 5356 Accelerometer - ok
11:15:42.0636 5356 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
11:15:42.0676 5356 ACPI - ok
11:15:42.0707 5356 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
11:15:42.0789 5356 AcpiPmi - ok
11:15:42.0904 5356 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
11:15:42.0938 5356 adp94xx - ok
11:15:42.0960 5356 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
11:15:42.0983 5356 adpahci - ok
11:15:42.0995 5356 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
11:15:43.0015 5356 adpu320 - ok
11:15:43.0176 5356 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
11:15:43.0278 5356 AFD - ok
11:15:43.0364 5356 AgereSoftModem (7560f465f1ce69c53bf17559ee195548) C:\Windows\system32\DRIVERS\AGRSM.sys
11:15:43.0467 5356 AgereSoftModem - ok
11:15:43.0571 5356 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
11:15:43.0603 5356 agp440 - ok
11:15:43.0635 5356 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
11:15:43.0662 5356 aic78xx - ok
11:15:43.0684 5356 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
11:15:43.0701 5356 aliide - ok
11:15:43.0721 5356 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
11:15:43.0737 5356 amdagp - ok
11:15:43.0760 5356 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
11:15:43.0777 5356 amdide - ok
11:15:43.0797 5356 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
11:15:43.0901 5356 AmdK8 - ok
11:15:43.0996 5356 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
11:15:44.0056 5356 AmdPPM - ok
11:15:44.0104 5356 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
11:15:44.0140 5356 amdsata - ok
11:15:44.0169 5356 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
11:15:44.0189 5356 amdsbs - ok
11:15:44.0210 5356 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
11:15:44.0228 5356 amdxata - ok
11:15:44.0274 5356 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
11:15:44.0412 5356 AppID - ok
11:15:44.0531 5356 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
11:15:44.0561 5356 arc - ok
11:15:44.0587 5356 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
11:15:44.0606 5356 arcsas - ok
11:15:44.0664 5356 aswFsBlk (054df24c92b55427e0757cfff160e4f2) C:\Windows\system32\drivers\aswFsBlk.sys
11:15:45.0988 5356 aswFsBlk - ok
11:15:46.0112 5356 aswMonFlt (258143605e77e4008f1758481d6a977d) C:\Windows\system32\drivers\aswMonFlt.sys
11:15:46.0147 5356 aswMonFlt - ok
11:15:46.0194 5356 aswRdr (352d5a48ebab35a7693b048679304831) C:\Windows\system32\drivers\aswRdr.sys
11:15:46.0214 5356 aswRdr - ok
11:15:46.0278 5356 aswSnx (8d34d2b24297e27d93e847319abfdec4) C:\Windows\system32\drivers\aswSnx.sys
11:15:46.0311 5356 aswSnx - ok
11:15:46.0447 5356 aswSP (010012597333da1f46c3243f33f8409e) C:\Windows\system32\drivers\aswSP.sys
11:15:46.0482 5356 aswSP - ok
11:15:46.0535 5356 aswTdi (f9f84364416658e9786235904d448d37) C:\Windows\system32\drivers\aswTdi.sys
11:15:46.0555 5356 aswTdi - ok
11:15:46.0600 5356 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
11:15:46.0667 5356 AsyncMac - ok
11:15:46.0710 5356 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
11:15:46.0728 5356 atapi - ok
11:15:46.0843 5356 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
11:15:46.0948 5356 b06bdrv - ok
11:15:46.0972 5356 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
11:15:47.0047 5356 b57nd60x - ok
11:15:47.0156 5356 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
11:15:47.0221 5356 Beep - ok
11:15:47.0295 5356 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
11:15:47.0343 5356 blbdrive - ok
11:15:47.0383 5356 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
11:15:47.0461 5356 bowser - ok
11:15:47.0557 5356 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:15:47.0656 5356 BrFiltLo - ok
11:15:47.0666 5356 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:15:47.0721 5356 BrFiltUp - ok
11:15:47.0786 5356 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys
11:15:47.0890 5356 BridgeMP - ok
11:15:48.0007 5356 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
11:15:48.0099 5356 Brserid - ok
11:15:48.0113 5356 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
11:15:48.0164 5356 BrSerWdm - ok
11:15:48.0174 5356 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
11:15:48.0247 5356 BrUsbMdm - ok
11:15:48.0256 5356 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
11:15:48.0295 5356 BrUsbSer - ok
11:15:48.0359 5356 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\drivers\BthEnum.sys
11:15:48.0454 5356 BthEnum - ok
11:15:48.0568 5356 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
11:15:48.0618 5356 BTHMODEM - ok
11:15:48.0669 5356 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
11:15:48.0724 5356 BthPan - ok
11:15:48.0771 5356 BTHPORT (c2fbf6d271d9a94d839c416bf186ead9) C:\Windows\System32\Drivers\BTHport.sys
11:15:48.0831 5356 BTHPORT - ok
11:15:48.0930 5356 BTHUSB (c81e9413a25a439f436b1d4b6a0cf9e9) C:\Windows\System32\Drivers\BTHUSB.sys
11:15:48.0988 5356 BTHUSB - ok
11:15:49.0029 5356 btwaudio (7e826be3b3558208d5c9b00034e51be5) C:\Windows\system32\drivers\btwaudio.sys
11:15:49.0046 5356 btwaudio - ok
11:15:49.0077 5356 btwavdt (af9148c3e844131ac954cb53ff43d971) C:\Windows\system32\DRIVERS\btwavdt.sys
11:15:49.0093 5356 btwavdt - ok
11:15:49.0111 5356 btwl2cap (aafd7cb76ba61fbb08e302da208c974a) C:\Windows\system32\DRIVERS\btwl2cap.sys
11:15:49.0124 5356 btwl2cap - ok
11:15:49.0160 5356 btwrchid (480b3d195854b2e55299cddddc50bcf9) C:\Windows\system32\DRIVERS\btwrchid.sys
11:15:49.0177 5356 btwrchid - ok
11:15:49.0310 5356 catchme - ok
11:15:49.0410 5356 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
11:15:49.0492 5356 cdfs - ok
11:15:49.0538 5356 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys
11:15:49.0628 5356 cdrom - ok
11:15:49.0661 5356 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
11:15:49.0716 5356 circlass - ok
11:15:49.0760 5356 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
11:15:49.0788 5356 CLFS - ok
11:15:49.0911 5356 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
11:15:49.0990 5356 CmBatt - ok
11:15:50.0027 5356 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
11:15:50.0052 5356 cmdide - ok
11:15:50.0106 5356 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
11:15:50.0135 5356 CNG - ok
11:15:50.0155 5356 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
11:15:50.0172 5356 Compbatt - ok
11:15:50.0209 5356 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
11:15:50.0293 5356 CompositeBus - ok
11:15:50.0398 5356 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
11:15:50.0434 5356 crcdisk - ok
11:15:50.0492 5356 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
11:15:50.0559 5356 CSC - ok
11:15:50.0618 5356 DAMDrv (a05433f6218dcb8f0dec232de65f8b26) C:\Windows\system32\DRIVERS\DAMDrv.sys
11:15:50.0637 5356 DAMDrv - ok
11:15:50.0679 5356 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
11:15:50.0754 5356 DfsC - ok
11:15:50.0877 5356 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
11:15:50.0964 5356 discache - ok
11:15:50.0997 5356 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
11:15:51.0016 5356 Disk - ok
11:15:51.0054 5356 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
11:15:51.0102 5356 drmkaud - ok
11:15:51.0151 5356 dtsoftbus01 (fb38473835476a6fb272215a1d972af9) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
11:15:51.0175 5356 dtsoftbus01 - ok
11:15:51.0211 5356 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
11:15:51.0245 5356 DXGKrnl - ok
11:15:51.0361 5356 e1kexpress (3d042b4c6fdde698a3d6bd0b6191c92f) C:\Windows\system32\DRIVERS\e1k6232.sys
11:15:51.0397 5356 e1kexpress - ok
11:15:51.0488 5356 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
11:15:51.0605 5356 ebdrv - ok
11:15:51.0733 5356 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
11:15:51.0774 5356 elxstor - ok
11:15:51.0810 5356 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
11:15:51.0860 5356 ErrDev - ok
11:15:51.0911 5356 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
11:15:51.0972 5356 exfat - ok
11:15:52.0080 5356 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
11:15:52.0169 5356 fastfat - ok
11:15:52.0182 5356 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
11:15:52.0220 5356 fdc - ok
11:15:52.0268 5356 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
11:15:52.0286 5356 FileInfo - ok
11:15:52.0313 5356 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
11:15:52.0379 5356 Filetrace - ok
11:15:52.0414 5356 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
11:15:52.0475 5356 flpydisk - ok
11:15:52.0597 5356 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
11:15:52.0628 5356 FltMgr - ok
11:15:52.0661 5356 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
11:15:52.0677 5356 FsDepends - ok
11:15:52.0716 5356 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
11:15:52.0735 5356 Fs_Rec - ok
11:15:52.0794 5356 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
11:15:52.0838 5356 fvevol - ok
11:15:52.0867 5356 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
11:15:52.0886 5356 gagp30kx - ok
11:15:52.0998 5356 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
11:15:53.0091 5356 hcw85cir - ok
11:15:53.0182 5356 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
11:15:53.0262 5356 HdAudAddService - ok
11:15:53.0300 5356 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
11:15:53.0347 5356 HDAudBus - ok
11:15:53.0382 5356 HECI (a88485dc6a7136c10d9a6c7e38fdfe3c) C:\Windows\system32\DRIVERS\HECI.sys
11:15:53.0467 5356 HECI - ok
11:15:53.0559 5356 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
11:15:53.0646 5356 HidBatt - ok
11:15:53.0660 5356 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
11:15:53.0700 5356 HidBth - ok
11:15:53.0710 5356 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
11:15:53.0752 5356 HidIr - ok
11:15:53.0792 5356 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\drivers\hidusb.sys
11:15:53.0838 5356 HidUsb - ok
11:15:53.0906 5356 hpdskflt (e1d82f0c8456abb03b7df5d623ca47d1) C:\Windows\system32\DRIVERS\hpdskflt.sys
11:15:53.0921 5356 hpdskflt - ok
11:15:54.0025 5356 HpqKbFiltr (ee9f88368739554dcca142ae0214bcb1) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
11:15:54.0054 5356 HpqKbFiltr - ok
11:15:54.0091 5356 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
11:15:54.0110 5356 HpSAMD - ok
11:15:54.0156 5356 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
11:15:54.0218 5356 HTTP - ok
11:15:54.0343 5356 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
11:15:54.0377 5356 hwpolicy - ok
11:15:54.0421 5356 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
11:15:54.0484 5356 i8042prt - ok
11:15:54.0537 5356 iaStor (d9d3f168a2fd4c2380d98821a3ff3357) C:\Windows\system32\DRIVERS\iaStor.sys
11:15:54.0564 5356 iaStor - ok
11:15:54.0614 5356 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
11:15:54.0638 5356 iaStorV - ok
11:15:54.0835 5356 igfx (59fa038451070172e47d0cd347f32bc4) C:\Windows\system32\DRIVERS\igdkmd32.sys
11:15:55.0119 5356 igfx - ok
11:15:55.0220 5356 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
11:15:55.0250 5356 iirsp - ok
11:15:55.0294 5356 Impcd (e3c36ac5ae87ec970ae8ea2a93d59ae1) C:\Windows\system32\DRIVERS\Impcd.sys
11:15:55.0358 5356 Impcd - ok
11:15:55.0379 5356 IntcDAud (bf31740828a26ab451803e3b35432651) C:\Windows\system32\DRIVERS\IntcDAud.sys
11:15:55.0424 5356 IntcDAud - ok
11:15:55.0470 5356 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
11:15:55.0506 5356 intelide - ok
11:15:55.0524 5356 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
11:15:55.0573 5356 intelppm - ok
11:15:55.0697 5356 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:15:55.0800 5356 IpFilterDriver - ok
11:15:55.0841 5356 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
11:15:55.0897 5356 IPMIDRV - ok
11:15:55.0932 5356 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
11:15:55.0999 5356 IPNAT - ok
11:15:56.0030 5356 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
11:15:56.0138 5356 IRENUM - ok
11:15:56.0240 5356 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
11:15:56.0278 5356 isapnp - ok
11:15:56.0320 5356 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
11:15:56.0341 5356 iScsiPrt - ok
11:15:56.0363 5356 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
11:15:56.0380 5356 kbdclass - ok
11:15:56.0405 5356 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
11:15:56.0466 5356 kbdhid - ok
11:15:56.0545 5356 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
11:15:56.0583 5356 KSecDD - ok
11:15:56.0691 5356 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
11:15:56.0724 5356 KSecPkg - ok
11:15:56.0772 5356 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
11:15:56.0833 5356 lltdio - ok
11:15:56.0869 5356 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
11:15:56.0887 5356 LSI_FC - ok
11:15:56.0896 5356 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
11:15:56.0914 5356 LSI_SAS - ok
11:15:56.0925 5356 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:15:56.0943 5356 LSI_SAS2 - ok
11:15:56.0967 5356 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:15:56.0985 5356 LSI_SCSI - ok
11:15:57.0013 5356 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
11:15:57.0077 5356 luafv - ok
11:15:57.0209 5356 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
11:15:57.0243 5356 megasas - ok
11:15:57.0258 5356 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
11:15:57.0280 5356 MegaSR - ok
11:15:57.0335 5356 mfeapfk (49fdce9682c41299a2fe12172c7bc652) C:\Windows\system32\drivers\mfeapfk.sys
11:15:57.0355 5356 mfeapfk - ok
11:15:57.0385 5356 mfeavfk (ce3b127fd512e820b574d6fe39d952c0) C:\Windows\system32\drivers\mfeavfk.sys
11:15:57.0405 5356 mfeavfk - ok
11:15:57.0440 5356 mfebopk (939e0fd21ed5334a60c19aaabc5ecf05) C:\Windows\system32\drivers\mfebopk.sys
11:15:57.0462 5356 mfebopk - ok
11:15:57.0500 5356 mfehidk (665a3e97b61f8040d73f45afe0c9d732) C:\Windows\system32\drivers\mfehidk.sys
11:15:57.0532 5356 mfehidk - ok
11:15:57.0554 5356 mferkdet (764ee2c8a9ca88a5f5144a07bd20694e) C:\Windows\system32\drivers\mferkdet.sys
11:15:57.0576 5356 mferkdet - ok
11:15:57.0714 5356 mfewfpk (ff718e22d6b4b653a6ecd98feda9f191) C:\Windows\system32\drivers\mfewfpk.sys
11:15:57.0751 5356 mfewfpk - ok
11:15:57.0789 5356 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
11:15:57.0879 5356 Modem - ok
11:15:57.0911 5356 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
11:15:57.0958 5356 monitor - ok
11:15:58.0030 5356 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys
11:15:58.0066 5356 mouclass - ok
11:15:58.0170 5356 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
11:15:58.0208 5356 mouhid - ok
11:15:58.0248 5356 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
11:15:58.0267 5356 mountmgr - ok
11:15:58.0305 5356 MPFP (95675c3398dcc084c8d1dc35cc4e9e01) C:\Windows\system32\Drivers\Mpfp.sys
11:15:58.0326 5356 MPFP - ok
11:15:58.0380 5356 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
11:15:58.0403 5356 mpio - ok
11:15:58.0430 5356 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
11:15:58.0500 5356 mpsdrv - ok
11:15:58.0618 5356 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
11:15:58.0733 5356 MRxDAV - ok
11:15:58.0828 5356 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:15:58.0881 5356 mrxsmb - ok
11:15:58.0989 5356 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:15:59.0051 5356 mrxsmb10 - ok
11:15:59.0081 5356 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:15:59.0135 5356 mrxsmb20 - ok
11:15:59.0174 5356 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
11:15:59.0198 5356 msahci - ok
11:15:59.0238 5356 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
11:15:59.0258 5356 msdsm - ok
11:15:59.0320 5356 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
11:15:59.0402 5356 Msfs - ok
11:15:59.0480 5356 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
11:15:59.0590 5356 mshidkmdf - ok
11:15:59.0638 5356 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
11:15:59.0658 5356 msisadrv - ok
11:15:59.0694 5356 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
11:15:59.0761 5356 MSKSSRV - ok
11:15:59.0810 5356 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
11:15:59.0919 5356 MSPCLOCK - ok
11:15:59.0994 5356 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
11:16:00.0061 5356 MSPQM - ok
11:16:00.0094 5356 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
11:16:00.0115 5356 MsRPC - ok
11:16:00.0153 5356 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
11:16:00.0186 5356 mssmbios - ok
11:16:00.0230 5356 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
11:16:00.0305 5356 MSTEE - ok
11:16:00.0317 5356 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
11:16:00.0355 5356 MTConfig - ok
11:16:00.0419 5356 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
11:16:00.0455 5356 Mup - ok
11:16:00.0504 5356 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
11:16:00.0581 5356 NativeWifiP - ok
11:16:00.0662 5356 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
11:16:00.0710 5356 NDIS - ok
11:16:00.0788 5356 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
11:16:00.0861 5356 NdisCap - ok
11:16:00.0906 5356 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
11:16:00.0968 5356 NdisTapi - ok
11:16:01.0024 5356 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
11:16:01.0096 5356 Ndisuio - ok
11:16:01.0133 5356 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
11:16:01.0194 5356 NdisWan - ok
11:16:01.0288 5356 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
11:16:01.0343 5356 NDProxy - ok
11:16:01.0406 5356 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
11:16:01.0493 5356 NetBIOS - ok
11:16:01.0561 5356 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
11:16:01.0668 5356 NetBT - ok
11:16:01.0886 5356 NETw5s32 (5b2dfa9c5c02ddf2a113cc0f551b59df) C:\Windows\system32\DRIVERS\NETw5s32.sys
11:16:02.0117 5356 NETw5s32 - ok
11:16:02.0217 5356 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
11:16:02.0254 5356 nfrd960 - ok
11:16:02.0275 5356 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
11:16:02.0335 5356 Npfs - ok
11:16:02.0377 5356 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
11:16:02.0438 5356 nsiproxy - ok
11:16:02.0522 5356 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
11:16:02.0581 5356 Ntfs - ok
11:16:02.0675 5356 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
11:16:02.0737 5356 Null - ok
11:16:02.0781 5356 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
11:16:02.0803 5356 nvraid - ok
11:16:02.0830 5356 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
11:16:02.0853 5356 nvstor - ok
11:16:02.0895 5356 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
11:16:02.0916 5356 nv_agp - ok
11:16:02.0949 5356 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
11:16:03.0004 5356 ohci1394 - ok
11:16:03.0125 5356 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
11:16:03.0185 5356 Parport - ok
11:16:03.0240 5356 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
11:16:03.0274 5356 partmgr - ok
11:16:03.0310 5356 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
11:16:03.0357 5356 Parvdm - ok
11:16:03.0417 5356 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
11:16:03.0455 5356 pci - ok
11:16:03.0546 5356 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
11:16:03.0575 5356 pciide - ok
11:16:03.0602 5356 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
11:16:03.0625 5356 pcmcia - ok
11:16:03.0649 5356 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
11:16:03.0667 5356 pcw - ok
11:16:03.0708 5356 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
11:16:03.0780 5356 PEAUTH - ok
11:16:03.0919 5356 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
11:16:04.0008 5356 PptpMiniport - ok
11:16:04.0034 5356 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
11:16:04.0082 5356 Processor - ok
11:16:04.0120 5356 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
11:16:04.0196 5356 Psched - ok
11:16:04.0322 5356 PxHelp20 (40fedd328f98245ad201cf5f9f311724) C:\Windows\system32\Drivers\PxHelp20.sys
11:16:04.0357 5356 PxHelp20 - ok
11:16:04.0408 5356 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
11:16:04.0461 5356 ql2300 - ok
11:16:04.0472 5356 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
11:16:04.0490 5356 ql40xx - ok
11:16:04.0510 5356 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
11:16:04.0535 5356 QWAVEdrv - ok
11:16:04.0628 5356 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
11:16:04.0697 5356 RasAcd - ok
11:16:04.0744 5356 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
11:16:04.0818 5356 RasAgileVpn - ok
11:16:04.0850 5356 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:16:04.0932 5356 Rasl2tp - ok
11:16:04.0965 5356 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
11:16:05.0028 5356 RasPppoe - ok
11:16:05.0140 5356 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
11:16:05.0228 5356 RasSstp - ok
11:16:05.0276 5356 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
11:16:05.0331 5356 rdbss - ok
11:16:05.0359 5356 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
11:16:05.0387 5356 rdpbus - ok
11:16:05.0423 5356 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:16:05.0513 5356 RDPCDD - ok
11:16:05.0633 5356 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
11:16:05.0714 5356 RDPDR - ok
11:16:05.0755 5356 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
11:16:05.0837 5356 RDPENCDD - ok
11:16:05.0849 5356 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
11:16:05.0914 5356 RDPREFMP - ok
11:16:05.0945 5356 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys
11:16:06.0004 5356 RDPWD - ok
11:16:06.0124 5356 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
11:16:06.0157 5356 rdyboost - ok
11:16:06.0227 5356 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
11:16:06.0256 5356 RFCOMM - ok
11:16:06.0287 5356 rimspci (e891f07815af88075705ef6a248711f6) C:\Windows\system32\DRIVERS\rimspe86.sys
11:16:06.0365 5356 rimspci - ok
11:16:06.0452 5356 risdpcie (d853d35f792a3a44726a794bf9a0bbc3) C:\Windows\system32\DRIVERS\risdpe86.sys
11:16:06.0492 5356 risdpcie - ok
11:16:06.0512 5356 rixdpcie (cf2de2365fd99e5b8e38c9f3467dcdb8) C:\Windows\system32\DRIVERS\rixdpe86.sys
11:16:06.0537 5356 rixdpcie - ok
11:16:06.0595 5356 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
11:16:06.0654 5356 rspndr - ok
11:16:06.0712 5356 RsvLock (6c50aded23d160c95fc9859748c253dd) C:\Windows\system32\drivers\RsvLock.sys
11:16:06.0747 5356 RsvLock - ok
11:16:06.0849 5356 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
11:16:06.0936 5356 s3cap - ok
11:16:06.0975 5356 SafeBoot (31b48cb3d35d076291e3b8afd9a7f203) C:\Windows\system32\drivers\SafeBoot.sys
11:16:06.0976 5356 Suspicious file (NoAccess): C:\Windows\system32\drivers\SafeBoot.sys. md5: 31b48cb3d35d076291e3b8afd9a7f203
11:16:06.0983 5356 SafeBoot ( LockedFile.Multi.Generic ) - warning
11:16:06.0984 5356 SafeBoot - detected LockedFile.Multi.Generic (1)
11:16:07.0012 5356 SbAlg (67215032a3039e5b78bbbbb4f21b904e) C:\Windows\system32\drivers\SbAlg.sys
11:16:07.0034 5356 SbAlg - ok
11:16:07.0057 5356 SbFsLock (cd8e12bb9b16c55def2ac52b78a09f09) C:\Windows\system32\drivers\SbFsLock.sys
11:16:07.0077 5356 SbFsLock - ok
11:16:07.0136 5356 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
11:16:07.0168 5356 sbp2port - ok
11:16:07.0276 5356 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
11:16:07.0359 5356 scfilter - ok
11:16:07.0414 5356 sdbus (0328be1c7f1cba23848179f8762e391c) C:\Windows\system32\drivers\sdbus.sys
11:16:07.0503 5356 sdbus - ok
11:16:07.0547 5356 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
11:16:07.0609 5356 secdrv - ok
11:16:07.0653 5356 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
11:16:07.0699 5356 Serenum - ok
11:16:07.0801 5356 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
11:16:07.0863 5356 Serial - ok
11:16:07.0909 5356 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
11:16:07.0957 5356 sermouse - ok
11:16:08.0016 5356 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
11:16:08.0107 5356 sffdisk - ok
11:16:08.0141 5356 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
11:16:08.0187 5356 sffp_mmc - ok
11:16:08.0286 5356 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
11:16:08.0348 5356 sffp_sd - ok
11:16:08.0385 5356 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
11:16:08.0432 5356 sfloppy - ok
11:16:08.0508 5356 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
11:16:08.0543 5356 sisagp - ok
11:16:08.0558 5356 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:16:08.0575 5356 SiSRaid2 - ok
11:16:08.0587 5356 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
11:16:08.0605 5356 SiSRaid4 - ok
11:16:08.0616 5356 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
11:16:08.0670 5356 Smb - ok
11:16:08.0774 5356 SNP2UVC (c2a90604b7f85cb4afad61f9edd05da8) C:\Windows\system32\DRIVERS\snp2uvc.sys
11:16:08.0842 5356 SNP2UVC - ok
11:16:08.0941 5356 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
11:16:08.0978 5356 spldr - ok
11:16:09.0055 5356 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
11:16:09.0155 5356 srv - ok
11:16:09.0198 5356 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
11:16:09.0259 5356 srv2 - ok
11:16:09.0403 5356 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
11:16:09.0453 5356 srvnet - ok
11:16:09.0504 5356 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
11:16:09.0524 5356 stexstor - ok
11:16:09.0560 5356 STHDA (356cc453b79c35b8ce1a14873dd6322d) C:\Windows\system32\DRIVERS\stwrt.sys
11:16:09.0642 5356 STHDA - ok
11:16:09.0778 5356 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
11:16:09.0813 5356 storflt - ok
11:16:09.0844 5356 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
11:16:09.0862 5356 storvsc - ok
11:16:09.0895 5356 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
11:16:09.0913 5356 swenum - ok
11:16:09.0952 5356 SynTP (069e5728e565bd401347cb94732c4733) C:\Windows\system32\DRIVERS\SynTP.sys
11:16:09.0977 5356 SynTP - ok
11:16:10.0062 5356 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys
11:16:10.0115 5356 Tcpip - ok
11:16:10.0256 5356 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys
11:16:10.0307 5356 TCPIP6 - ok
11:16:10.0387 5356 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
11:16:10.0475 5356 tcpipreg - ok
11:16:10.0559 5356 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
11:16:10.0641 5356 TDPIPE - ok
11:16:10.0667 5356 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys
11:16:10.0714 5356 TDTCP - ok
11:16:10.0771 5356 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
11:16:10.0846 5356 tdx - ok
11:16:10.0975 5356 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
11:16:11.0013 5356 TermDD - ok
11:16:11.0052 5356 TPM (5ad05191dc8b444a7ba4d79b76c42a30) C:\Windows\system32\drivers\tpm.sys
11:16:11.0101 5356 TPM - ok
11:16:11.0145 5356 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:16:11.0206 5356 tssecsrv - ok
11:16:11.0282 5356 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
11:16:11.0347 5356 TsUsbFlt - ok
11:16:11.0390 5356 tswNT - ok
11:16:11.0508 5356 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
11:16:11.0583 5356 tunnel - ok
11:16:11.0620 5356 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
11:16:11.0655 5356 uagp35 - ok
11:16:11.0692 5356 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
11:16:11.0758 5356 udfs - ok
11:16:11.0810 5356 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
11:16:11.0830 5356 uliagpkx - ok
11:16:11.0934 5356 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
11:16:12.0001 5356 umbus - ok
11:16:12.0051 5356 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
11:16:12.0116 5356 UmPass - ok
11:16:12.0176 5356 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
11:16:12.0254 5356 usbccgp - ok
11:16:12.0286 5356 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
11:16:12.0349 5356 usbcir - ok
11:16:12.0454 5356 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\drivers\usbehci.sys
11:16:12.0510 5356 usbehci - ok
11:16:12.0546 5356 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
11:16:12.0582 5356 usbhub - ok
11:16:12.0621 5356 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys
11:16:12.0662 5356 usbohci - ok
11:16:12.0715 5356 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
11:16:12.0797 5356 usbprint - ok
11:16:12.0909 5356 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\drivers\USBSTOR.SYS
11:16:12.0997 5356 USBSTOR - ok
11:16:13.0021 5356 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys
11:16:13.0049 5356 usbuhci - ok
11:16:13.0069 5356 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\System32\Drivers\usbvideo.sys
11:16:13.0117 5356 usbvideo - ok
11:16:13.0187 5356 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
11:16:13.0203 5356 vdrvroot - ok
11:16:13.0302 5356 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
11:16:13.0343 5356 vga - ok
11:16:13.0362 5356 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
11:16:13.0417 5356 VgaSave - ok
11:16:13.0453 5356 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
11:16:13.0473 5356 vhdmp - ok
11:16:13.0491 5356 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
11:16:13.0510 5356 viaagp - ok
11:16:13.0529 5356 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
11:16:13.0576 5356 ViaC7 - ok
11:16:13.0619 5356 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
11:16:13.0637 5356 viaide - ok
11:16:13.0748 5356 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
11:16:13.0784 5356 vmbus - ok
11:16:13.0806 5356 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
11:16:13.0849 5356 VMBusHID - ok
11:16:13.0882 5356 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
11:16:13.0903 5356 volmgr - ok
11:16:13.0953 5356 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
11:16:13.0994 5356 volmgrx - ok
11:16:14.0025 5356 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
11:16:14.0048 5356 volsnap - ok
11:16:14.0097 5356 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
11:16:14.0137 5356 vsmraid - ok
11:16:14.0203 5356 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
11:16:14.0275 5356 vwifibus - ok
11:16:14.0344 5356 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
11:16:14.0407 5356 vwififlt - ok
11:16:14.0442 5356 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\Windows\system32\DRIVERS\vwifimp.sys
11:16:14.0470 5356 vwifimp - ok
11:16:14.0515 5356 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
11:16:14.0559 5356 WacomPen - ok
11:16:14.0631 5356 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
11:16:14.0674 5356 WANARP - ok
11:16:14.0703 5356 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
11:16:14.0742 5356 Wanarpv6 - ok
11:16:14.0843 5356 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
11:16:14.0881 5356 Wd - ok
11:16:14.0954 5356 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
11:16:14.0996 5356 Wdf01000 - ok
11:16:15.0049 5356 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
11:16:15.0087 5356 WfpLwf - ok
11:16:15.0099 5356 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
11:16:15.0116 5356 WIMMount - ok
11:16:15.0251 5356 WinUSB (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUSB.sys
11:16:15.0316 5356 WinUSB - ok
11:16:15.0390 5356 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
11:16:15.0452 5356 WmiAcpi - ok
11:16:15.0520 5356 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
11:16:15.0579 5356 ws2ifsl - ok
11:16:15.0698 5356 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
11:16:15.0783 5356 WudfPf - ok
11:16:15.0867 5356 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:16:15.0938 5356 WUDFRd - ok
11:16:15.0986 5356 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
11:16:16.0104 5356 \Device\Harddisk0\DR0 - ok
11:16:16.0109 5356 Boot (0x1200) (2a28b380aab1cbb6500a455a5081a01e) \Device\Harddisk0\DR0\Partition0
11:16:16.0111 5356 \Device\Harddisk0\DR0\Partition0 - ok
11:16:16.0139 5356 Boot (0x1200) (b2f430d70bad1bc884dc57e54b7a4577) \Device\Harddisk0\DR0\Partition1
11:16:16.0141 5356 \Device\Harddisk0\DR0\Partition1 - ok
11:16:16.0171 5356 Boot (0x1200) (d2fcacb6d0e7c908e929864201eed0ec) \Device\Harddisk0\DR0\Partition2
11:16:16.0172 5356 \Device\Harddisk0\DR0\Partition2 - ok
11:16:16.0173 5356 ============================================================
11:16:16.0173 5356 Scan finished
11:16:16.0173 5356 ============================================================
11:16:16.0188 5844 Detected object count: 1
11:16:16.0188 5844 Actual detected object count: 1
11:17:04.0467 5844 SafeBoot ( LockedFile.Multi.Generic ) - skipped by user
11:17:04.0467 5844 SafeBoot ( LockedFile.Multi.Generic ) - User select action: Skip

iriverimp · #40 Příspěvek od **iriverimp** » 13 bře 2012 11:21

Druhy programek...

Kód: Vybrat vše

MBRScan v1.1.1

OS             : Windows 7 Service Pack 1 (32 bit)
PROCESSOR      : x86 Family 6 Model 37 Stepping 5, GenuineIntel
BOOT           : Normal Boot
DATE           : 2012/03/13 (ISO 8601) at 11:21:12
________________________________________________________________________________

DISK           : Device\Harddisk0\DR0 __Hitachi HTS725025A9A (PC2O)
BUS_TYPE       : (0x03)  P-ATA
USE_PIO        : NO
MAX_TRANSFER   : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________

Device\Harddisk0\DR0	232.9 Go  [Fixed] ==> 7 MBR Code

MBR_MD5   : A1DE005C43BAEB5E07BD65EAE9673B31
MBR_SHA1  : 6B4712969FD317ED6F16D47022CAB474806BD0C7

Device\Harddisk0\Partition1	100.0 Mo  	0x07 NTFS / HPFS __ BOOTABLE __
Device\Harddisk0\Partition2	230.8 Go  	0x07 NTFS / HPFS
Device\Harddisk0\Partition3	2.00 Go  	0x0C FAT32 [LBA] 
________________________________________________________________________________

############################### Additional scan ################################

DRIVER  : C:\Windows\System32\Drivers\SafeBoot.sys => LOCKED!
ADDRESS : 0x8C000000
SIZE    : 100.0 Ko

DRIVER  : C:\Windows\System32\Drivers\dump_iaStor.sys => Invisible on the disk
ADDRESS : 0x9008E000
SIZE    : 872.0 Ko

DRIVER  : C:\Windows\System32\Drivers\dump_SbHiber.sys => Invisible on the disk
ADDRESS : 0x90168000
SIZE    : 4.0 Ko

DRIVER  : C:\Windows\System32\Drivers\dump_dumpfve.sys => Invisible on the disk
ADDRESS : 0x90169000
SIZE    : 68.0 Ko

BCD EmsSettings {0CE4991B-E6B3-4B16-B23C-5E0D9250E5D9} => BcdLibraryBoolean_EmsEnabled (16000020)

SystemStartOptions :  NOEXECUTE=OPTIN

________________________________________________________________________________

_______MBR   \Device\Harddisk0\DR0  

0x00000000   33 C0 8E D0 BC 00 7C 8E C0 8E D8 BE 00 7C BF 00   3À.Ð¼.|.À.Ø¾.|¿.
0x00000010   06 B9 00 02 FC F3 A4 50 68 1C 06 CB FB B9 04 00   .¹..üó¤Ph..Ëû¹..
0x00000020   BD BE 07 80 7E 00 00 7C 0B 0F 85 0E 01 83 C5 10   ½¾..~..|......Å.
0x00000030   E2 F1 CD 18 88 56 00 55 C6 46 11 05 C6 46 10 00   âñÍ..V.UÆF..ÆF..
0x00000040   B4 41 BB AA 55 CD 13 5D 72 0F 81 FB 55 AA 75 09   ´A»ªUÍ.]r..ûUªu.
0x00000050   F7 C1 01 00 74 03 FE 46 10 66 60 80 7E 10 00 74   ÷Á..t.þF.f`.~..t
0x00000060   26 66 68 00 00 00 00 66 FF 76 08 68 00 00 68 00   &fh....f.v.h..h.
0x00000070   7C 68 01 00 68 10 00 B4 42 8A 56 00 8B F4 CD 13   |h..h..´B.V..ôÍ.
0x00000080   9F 83 C4 10 9E EB 14 B8 01 02 BB 00 7C 8A 56 00   ..Ä..ë.¸..».|.V.
0x00000090   8A 76 01 8A 4E 02 8A 6E 03 CD 13 66 61 73 1C FE   .v..N..n.Í.fas.þ
0x000000A0   4E 11 75 0C 80 7E 00 80 0F 84 8A 00 B2 80 EB 84   N.u..~......².ë.
0x000000B0   55 32 E4 8A 56 00 CD 13 5D EB 9E 81 3E FE 7D 55   U2ä.V.Í.]ë..>þ}U
0x000000C0   AA 75 6E FF 76 00 E8 8D 00 75 17 FA B0 D1 E6 64   ªun.v.è..u.ú°Ñæd
0x000000D0   E8 83 00 B0 DF E6 60 E8 7C 00 B0 FF E6 64 E8 75   è..°ßæ`è|.°.ædèu
0x000000E0   00 FB B8 00 BB CD 1A 66 23 C0 75 3B 66 81 FB 54   .û¸.»Í.f#Àu;f.ûT
0x000000F0   43 50 41 75 32 81 F9 02 01 72 2C 66 68 07 BB 00   CPAu2.ù..r,fh.».
0x00000100   00 66 68 00 02 00 00 66 68 08 00 00 00 66 53 66   .fh....fh....fSf
0x00000110   53 66 55 66 68 00 00 00 00 66 68 00 7C 00 00 66   SfUfh....fh.|..f
0x00000120   61 68 00 00 07 CD 1A 5A 32 F6 EA 00 7C 00 00 CD   ah...Í.Z2öê.|..Í
0x00000130   18 A0 B7 07 EB 08 A0 B6 07 EB 03 A0 B5 07 32 E4   ..·.ë..¶.ë..µ.2ä
0x00000140   05 00 07 8B F0 AC 3C 00 74 09 BB 07 00 B4 0E CD   ....ð¬<.t.»..´.Í
0x00000150   10 EB F2 F4 EB FD 2B C9 E4 64 EB 00 24 02 E0 F8   .ëòôëý+Éädë.$.àø
0x00000160   24 02 C3 49 6E 76 61 6C 69 64 20 70 61 72 74 69   $.ÃInvalid parti
0x00000170   74 69 6F 6E 20 74 61 62 6C 65 00 45 72 72 6F 72   tion table.Error
0x00000180   20 6C 6F 61 64 69 6E 67 20 6F 70 65 72 61 74 69    loading operati
0x00000190   6E 67 20 73 79 73 74 65 6D 00 4D 69 73 73 69 6E   ng system.Missin
0x000001A0   67 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74   g operating syst
0x000001B0   65 6D 00 00 00 63 7B 9A EF F6 88 25 00 00 80 20   em...c{.ïö.%... 
0x000001C0   21 00 07 DF 13 0C 00 08 00 00 00 20 03 00 00 DF   !..ß....... ...ß
0x000001D0   14 0C 07 FE FF FF 00 28 03 00 00 E8 D8 1C 00 FE   ...þ...(...èØ..þ
0x000001E0   FF FF 0C FE FF FF 00 10 DC 1C 00 00 40 00 00 00   ...þ....Ü...@...
0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª

#41 Příspěvek od **Márty84** » 14 bře 2012 16:29

Jestli jste jeste neudelal tu preinstalaci, otestujte tento soubor na virustotal, pripadne jotti http://forum.viry.cz/viewtopic.php?f=29&t=5846 a dejte sem vysledky
C:\Windows\system32\drivers\SafeBoot.sys

iriverimp · #42 Příspěvek od **iriverimp** » 14 bře 2012 20:37

několikrát jsem zkoušel projet daný soubor pomocí obou odkazů a vůbec to nechce provést, je to bez reakce

a tudíž i bez výsledku..

#43 Příspěvek od **Márty84** » 15 bře 2012 10:00

Nechte tedy zkontrolovat ten disk a kabel, at je jistota, ze je to v poradku. Podle vysledku pak budeme pokracovat, kdyz bude treba

iriverimp · #44 Příspěvek od **iriverimp** » 15 bře 2012 10:03

dobre, pak se ozvu

#45 Příspěvek od **Márty84** » 15 bře 2012 10:06

OK
Drzim palce, at vas to nic nestoji

VIRY.CZ

Preventivní log spolu s (ne)spuštěním systému Windows 7

Re: Preventivní log spolu s (ne)spuštěním systému Windows 7

Re: Preventivní log spolu s (ne)spuštěním systému Windows 7

Re: Preventivní log spolu s (ne)spuštěním systému Windows 7

Re: Preventivní log spolu s (ne)spuštěním systému Windows 7

Re: Preventivní log spolu s (ne)spuštěním systému Windows 7

Re: Preventivní log spolu s (ne)spuštěním systému Windows 7

Re: Preventivní log spolu s (ne)spuštěním systému Windows 7

Re: Preventivní log spolu s (ne)spuštěním systému Windows 7

Re: Preventivní log spolu s (ne)spuštěním systému Windows 7

Re: Preventivní log spolu s (ne)spuštěním systému Windows 7

Re: Preventivní log spolu s (ne)spuštěním systému Windows 7

Re: Preventivní log spolu s (ne)spuštěním systému Windows 7

Re: Preventivní log spolu s (ne)spuštěním systému Windows 7

Re: Preventivní log spolu s (ne)spuštěním systému Windows 7

Re: Preventivní log spolu s (ne)spuštěním systému Windows 7