Nefungující Windows Update

Zpráva

#16 Příspěvek od **vyosek** » 03 led 2012 01:17

Kliknete na Start a pote Spustit, pripadne pouzijte klavesou zkratku Win+R

Vyskoci na Vas okenko, do ktereho zkopirujte text nize

%windir%\system32\wbem\wmic.exe partition get name,bootable,size,type > "%userprofile%\Desktop\disk.txt"

Kliknete na OK
Na plose se Vam vytvori log s nazvem disk, jeho obsah mi sem vlozte

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

luba · #17 Příspěvek od **luba** » 03 led 2012 18:45

Dobrý večer,
v prvním případě mě to nevytvořilo žádný log na ploše.

A zde je log z ComboFixu.

ComboFix 12-01-03.04 - Deniska 03.01.2012 18:27:49.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3767.2488 [GMT 1:00]
Spuštěný z: c:\users\Deniska\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 4.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\LP
c:\programdata\FullRemove.exe
c:\users\Deniska\AppData\Local\Microsoft\Windows\Temporary Internet Files\SLOVA.WAV
c:\windows\assembly\tmp\U
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-03 do 2012-01-03 )))))))))))))))))))))))))))))))
.
.
2012-01-03 17:34 . 2012-01-03 17:34 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-02 17:29 . 2012-01-02 17:29 -------- d-----w- C:\rsit
2012-01-02 17:29 . 2012-01-02 17:29 -------- d-----w- c:\program files\trend micro
2012-01-01 21:44 . 2012-01-01 21:44 626688 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr80.dll
2012-01-01 21:44 . 2012-01-01 21:44 548864 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp80.dll
2012-01-01 21:44 . 2012-01-01 21:44 479232 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcm80.dll
2012-01-01 21:44 . 2012-01-01 21:44 43992 ----a-w- c:\program files (x86)\Mozilla Firefox\mozutils.dll
2012-01-01 19:22 . 2012-01-01 19:22 286720 ----a-w- C:\swreg.exe
2011-12-31 02:36 . 2011-12-31 01:03 -------- d-----w- c:\windows\Microsoft Antimalware
2011-12-14 11:25 . 2011-10-26 05:21 43520 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-14 11:23 . 2011-11-05 05:32 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-14 11:23 . 2011-11-05 04:26 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-21 08:42 . 2011-05-31 04:06 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-10-07 04:16 . 2011-11-22 18:36 8570192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{415102C8-AAB2-4415-BC00-741D1B532DA8}\mpengine.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-10-13 17351304]
"ICQ"="c:\program files (x86)\ICQ7.6\ICQ.exe" [2011-10-10 127040]
"Facebook Update"="c:\users\Deniska\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2011-10-19 137536]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2009-12-24 284696]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-03-03 1300560]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2009-12-25 201512]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2009-12-25 401192]
"IJNetworkScanUtility"="c:\program files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE" [2007-05-21 124512]
"Luxand Blink!"="c:\program files\Luxand\Blink!\LuxandBlinkTray.exe" [2010-10-18 7143224]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"Google Desktop Search"="c:\program files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" [2011-10-12 30192]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Acer VCM.lnk - c:\program files (x86)\Acer\Acer VCM\AcerVCM.exe [2010-4-15 704032]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-3-26 1125152]
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAHealth"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\Google\GOOGLE~2\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [x]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [2011-10-12 30192]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [x]
R3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-04-20 152064]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/09/18 18:58];c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-03-13 10:58 146928]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-03-03 325200]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2010-08-12 810144]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-03-17 866336]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-12-24 13336]
S2 ODDPwrSvc;Acer ODD Power Service;c:\program files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [2010-02-05 171040]
S2 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [2010-01-29 260640]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-01-03 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2507351934-888822584-2405633601-1000Core.job
- c:\users\Deniska\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-19 13:07]
.
2012-01-03 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2507351934-888822584-2405633601-1000UA.job
- c:\users\Deniska\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-19 13:07]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-04-09 320000]
"ODDPwr"="c:\program files\Acer\Optical Drive Power Management\ODDPwr.exe" [2010-02-05 222240]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-02-22 10081312]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-02-22 877600]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-02-12 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-02-12 390680]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-02-12 410136]
"PLFSetI"="c:\windows\PLFSetI.exe" [2010-01-13 206208]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-03-17 860704]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-08-12 2916584]
"Logitech Download Assistant"="c:\windows\system32\rundll32.exe" [2009-07-14 45568]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&m=aspire_4820t&r=27360910t806l0443z1j5t5591j41o
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files (x86)\ICQ7.6\ICQ.exe
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\programdata\LangSoft\WebIE.dll
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Deniska\AppData\Roaming\Mozilla\Firefox\Profiles\l02siibl.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q=
FF - prefs.js: network.proxy.type - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-OEXPRESS - (no file)
Wow6432Node-HKLM-Run-AA9.exe - c:\program files (x86)\LP\0C3D\AA9.exe
Toolbar-Locked - (no file)
WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-PC Translator - c:\users\Deniska\AppData\Local\Temp\UN32.EXE
.
.
Binary file temp00 matches
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BFE]
"ImagePath"="NADA"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2507351934-888822584-2405633601-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-2507351934-888822584-2405633601-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-01-03 18:37:36
ComboFix-quarantined-files.txt 2012-01-03 17:37
.
Před spuštěním: Volných bajtů: 12 092 280 832
Po spuštění: Volných bajtů: 12 273 344 512
.
- - End Of File - - 1490CC3CEFA7BB72EA9A58FDDBFC35F6

#18 Příspěvek od **vyosek** » 04 led 2012 01:56

Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe

Kliknete na volbu Change parametrs
V obou oknech (Objects to scan i Additional Option) zakliknete vsechny moznosti - ve vsech ctvereccich musi mit fajecka
Kliknete na OK
Utilite prikazte, at skenuje - klik na Start Scan
Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip
Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip
Pokud mate vsude Skip, kliknete na Continue
Na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt bude log - jeho obsah sem vlozte

Pokud nemate, tak presunte Combofix na plochu

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

KillAll::

Folder::
c:\users\Deniska\AppData\Local\Facebook\Update
C:\Program Files (x86)\ICQ6Toolbar
C:\Program Files (x86)\uTorrentBar
C:\Users\Deniska\AppData\Roaming\Microsoft\0C3D
C:\Users\Deniska\AppData\Roaming\Microsoft\6CFD
C:\Program Files (x86)\LP

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"=-
"ICQ"=-
"Facebook Update"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
"QuickTime Task"=-
"Adobe ARM"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl10]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]

File::
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2507351934-888822584-2405633601-1000Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2507351934-888822584-2405633601-1000UA.job

Driver::
BFE
ICQ Service

DDS::
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACA ... 5t5591j41o

Firefox::
FF - ProfilePath - c:\users\Deniska\AppData\Roaming\Mozilla\Firefox\Profiles\l02siibl.default\
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... r=1.1.9&q=
FF - prefs.js: network.proxy.type - 0

RegLock::
[HKEY_USERS\S-1-5-21-2507351934-888822584-2405633601-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
[HKEY_USERS\S-1-5-21-2507351934-888822584-2405633601-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Reboot::

Ulozte vytvoreny TXT jako CFScript.txt
Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

luba · #19 Příspěvek od **luba** » 04 led 2012 13:19

Po dokončení skenu TDSSKillerem že žádné okno nezobrazilo.
Zde je sken.

12:43:12.0141 4076 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
12:43:12.0526 4076 ============================================================
12:43:12.0526 4076 Current date / time: 2012/01/04 12:43:12.0526
12:43:12.0526 4076 SystemInfo:
12:43:12.0526 4076
12:43:12.0527 4076 OS Version: 6.1.7601 ServicePack: 1.0
12:43:12.0527 4076 Product type: Workstation
12:43:12.0527 4076 ComputerName: NB-DENISKA
12:43:12.0527 4076 UserName: Deniska
12:43:12.0527 4076 Windows directory: C:\Windows
12:43:12.0527 4076 System windows directory: C:\Windows
12:43:12.0527 4076 Running under WOW64
12:43:12.0527 4076 Processor architecture: Intel x64
12:43:12.0527 4076 Number of processors: 4
12:43:12.0527 4076 Page size: 0x1000
12:43:12.0527 4076 Boot type: Normal boot
12:43:12.0527 4076 ============================================================
12:43:13.0749 4076 Initialize success
12:43:38.0988 2872 ============================================================
12:43:38.0989 2872 Scan started
12:43:38.0989 2872 Mode: Manual; SigCheck; TDLFS;
12:43:38.0989 2872 ============================================================
12:43:45.0409 2872 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
12:43:45.0976 2872 1394ohci - ok
12:43:46.0265 2872 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
12:43:46.0300 2872 ACPI - ok
12:43:46.0545 2872 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
12:43:46.0709 2872 AcpiPmi - ok
12:43:47.0194 2872 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
12:43:47.0277 2872 adp94xx - ok
12:43:47.0492 2872 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
12:43:47.0568 2872 adpahci - ok
12:43:47.0774 2872 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
12:43:47.0799 2872 adpu320 - ok
12:43:47.0978 2872 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
12:43:48.0055 2872 AFD - ok
12:43:48.0206 2872 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
12:43:48.0258 2872 agp440 - ok
12:43:48.0442 2872 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
12:43:48.0474 2872 aliide - ok
12:43:48.0654 2872 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
12:43:48.0699 2872 amdide - ok
12:43:48.0887 2872 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
12:43:48.0975 2872 AmdK8 - ok
12:43:49.0153 2872 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
12:43:49.0223 2872 AmdPPM - ok
12:43:49.0417 2872 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
12:43:49.0495 2872 amdsata - ok
12:43:49.0687 2872 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
12:43:49.0739 2872 amdsbs - ok
12:43:49.0948 2872 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
12:43:49.0994 2872 amdxata - ok
12:43:50.0183 2872 AmUStor (391887990cdaa83de5c56c3fde966da1) C:\Windows\system32\drivers\AmUStor.SYS
12:43:50.0266 2872 AmUStor - ok
12:43:50.0461 2872 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
12:43:53.0799 2872 AppID - ok
12:43:54.0158 2872 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
12:43:54.0237 2872 arc - ok
12:43:54.0436 2872 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
12:43:54.0464 2872 arcsas - ok
12:43:54.0641 2872 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
12:43:55.0005 2872 AsyncMac - ok
12:43:55.0223 2872 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
12:43:55.0269 2872 atapi - ok
12:43:55.0604 2872 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
12:43:55.0642 2872 b06bdrv - ok
12:43:55.0885 2872 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
12:43:55.0959 2872 b57nd60a - ok
12:43:56.0184 2872 BCM43XX (fde8c8dc07e75347e4c6b455a0964217) C:\Windows\system32\DRIVERS\bcmwl664.sys
12:43:56.0354 2872 BCM43XX - ok
12:43:56.0555 2872 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
12:43:56.0662 2872 Beep - ok
12:43:57.0003 2872 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
12:43:57.0074 2872 blbdrive - ok
12:43:57.0238 2872 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
12:43:57.0374 2872 bowser - ok
12:43:57.0557 2872 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:43:57.0678 2872 BrFiltLo - ok
12:43:57.0816 2872 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:43:57.0852 2872 BrFiltUp - ok
12:43:58.0198 2872 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
12:43:58.0308 2872 Brserid - ok
12:43:58.0570 2872 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
12:43:58.0650 2872 BrSerWdm - ok
12:43:58.0921 2872 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
12:43:58.0971 2872 BrUsbMdm - ok
12:43:59.0217 2872 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
12:43:59.0266 2872 BrUsbSer - ok
12:43:59.0538 2872 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
12:43:59.0617 2872 BthEnum - ok
12:43:59.0886 2872 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
12:43:59.0965 2872 BTHMODEM - ok
12:44:00.0233 2872 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
12:44:00.0269 2872 BthPan - ok
12:44:00.0677 2872 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
12:44:00.0886 2872 BTHPORT - ok
12:44:01.0172 2872 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
12:44:01.0252 2872 BTHUSB - ok
12:44:01.0376 2872 btwampfl (380b798d30c56ede4af58619d0e86ccb) C:\Windows\system32\drivers\btwampfl.sys
12:44:01.0465 2872 btwampfl - ok
12:44:01.0775 2872 btwaudio (ba5622f5544c6c445dff1a05acc8b19d) C:\Windows\system32\drivers\btwaudio.sys
12:44:01.0793 2872 btwaudio - ok
12:44:02.0090 2872 btwavdt (a11905d0f4bd34771f195217b6aa5ae0) C:\Windows\system32\DRIVERS\btwavdt.sys
12:44:02.0113 2872 btwavdt - ok
12:44:02.0392 2872 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys
12:44:02.0412 2872 btwl2cap - ok
12:44:02.0614 2872 btwrchid (bd776f32d64ec615be4563dc2747224e) C:\Windows\system32\DRIVERS\btwrchid.sys
12:44:02.0632 2872 btwrchid - ok
12:44:02.0770 2872 catchme - ok
12:44:03.0063 2872 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
12:44:03.0129 2872 cdfs - ok
12:44:03.0387 2872 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
12:44:03.0496 2872 cdrom - ok
12:44:03.0805 2872 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
12:44:03.0860 2872 circlass - ok
12:44:04.0020 2872 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
12:44:04.0149 2872 CLFS - ok
12:44:04.0458 2872 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
12:44:04.0521 2872 CmBatt - ok
12:44:04.0748 2872 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
12:44:04.0801 2872 cmdide - ok
12:44:05.0064 2872 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
12:44:05.0177 2872 CNG - ok
12:44:05.0393 2872 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
12:44:05.0439 2872 Compbatt - ok
12:44:05.0627 2872 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
12:44:05.0682 2872 CompositeBus - ok
12:44:05.0948 2872 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
12:44:05.0973 2872 crcdisk - ok
12:44:06.0215 2872 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
12:44:06.0293 2872 DfsC - ok
12:44:06.0626 2872 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
12:44:06.0747 2872 discache - ok
12:44:07.0020 2872 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
12:44:07.0071 2872 Disk - ok
12:44:07.0453 2872 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
12:44:07.0601 2872 drmkaud - ok
12:44:07.0978 2872 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
12:44:08.0024 2872 DXGKrnl - ok
12:44:08.0237 2872 eamonm (398fdc5694f2ba9e51e321ca40d1706e) C:\Windows\system32\DRIVERS\eamonm.sys
12:44:08.0266 2872 eamonm - ok
12:44:08.0898 2872 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
12:44:09.0185 2872 ebdrv - ok
12:44:09.0423 2872 ehdrv (e99457900012b53b2226f146ecaf9136) C:\Windows\system32\DRIVERS\ehdrv.sys
12:44:09.0468 2872 ehdrv - ok
12:44:09.0811 2872 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
12:44:09.0850 2872 elxstor - ok
12:44:10.0003 2872 epfwwfpr (a2af094dcbe8bff7e898d327750506a0) C:\Windows\system32\DRIVERS\epfwwfpr.sys
12:44:10.0052 2872 epfwwfpr - ok
12:44:10.0415 2872 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
12:44:10.0471 2872 ErrDev - ok
12:44:10.0739 2872 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
12:44:10.0894 2872 exfat - ok
12:44:11.0080 2872 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
12:44:11.0262 2872 fastfat - ok
12:44:11.0515 2872 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
12:44:11.0583 2872 fdc - ok
12:44:11.0840 2872 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
12:44:11.0885 2872 FileInfo - ok
12:44:12.0086 2872 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
12:44:12.0241 2872 Filetrace - ok
12:44:12.0448 2872 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
12:44:12.0474 2872 flpydisk - ok
12:44:12.0728 2872 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
12:44:12.0855 2872 FltMgr - ok
12:44:13.0067 2872 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
12:44:13.0118 2872 FsDepends - ok
12:44:13.0366 2872 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
12:44:13.0408 2872 fssfltr - ok
12:44:13.0656 2872 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
12:44:13.0710 2872 Fs_Rec - ok
12:44:13.0931 2872 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
12:44:14.0037 2872 fvevol - ok
12:44:14.0394 2872 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
12:44:14.0486 2872 gagp30kx - ok
12:44:14.0692 2872 ggflt (a4198f2bd8aa592cb90476277a81b5e1) C:\Windows\system32\DRIVERS\ggflt.sys
12:44:14.0798 2872 ggflt - ok
12:44:15.0014 2872 ggsemc (d266350bdaab9eb6c1aec370eeaaff3a) C:\Windows\system32\DRIVERS\ggsemc.sys
12:44:15.0064 2872 ggsemc - ok
12:44:15.0381 2872 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
12:44:15.0434 2872 hcw85cir - ok
12:44:15.0649 2872 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
12:44:15.0691 2872 HdAudAddService - ok
12:44:15.0927 2872 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
12:44:15.0975 2872 HDAudBus - ok
12:44:16.0120 2872 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
12:44:16.0140 2872 HECIx64 - ok
12:44:16.0364 2872 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
12:44:16.0454 2872 HidBatt - ok
12:44:16.0673 2872 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
12:44:16.0761 2872 HidBth - ok
12:44:16.0941 2872 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
12:44:17.0049 2872 HidIr - ok
12:44:17.0280 2872 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
12:44:17.0365 2872 HidUsb - ok
12:44:17.0591 2872 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
12:44:17.0619 2872 HpSAMD - ok
12:44:17.0945 2872 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
12:44:18.0078 2872 HTTP - ok
12:44:18.0296 2872 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
12:44:18.0315 2872 hwpolicy - ok
12:44:18.0507 2872 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
12:44:18.0573 2872 i8042prt - ok
12:44:18.0845 2872 iaStor (42e00996dfc13c46366689c0ea8abc5e) C:\Windows\system32\DRIVERS\iaStor.sys
12:44:18.0874 2872 iaStor - ok
12:44:19.0196 2872 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
12:44:19.0275 2872 iaStorV - ok
12:44:19.0969 2872 igfx (7467ae8f96ea983423148c62458669fa) C:\Windows\system32\DRIVERS\igdkmd64.sys
12:44:20.0278 2872 igfx - ok
12:44:20.0454 2872 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
12:44:20.0481 2872 iirsp - ok
12:44:20.0653 2872 Impcd (c48567d80ad357613cd0eeade18780ae) C:\Windows\system32\DRIVERS\Impcd.sys
12:44:20.0741 2872 Impcd - ok
12:44:21.0046 2872 IntcAzAudAddService (a0eab13a78cc5fb960ec76e3d6408da3) C:\Windows\system32\drivers\RTKVHD64.sys
12:44:21.0161 2872 IntcAzAudAddService - ok
12:44:21.0470 2872 IntcDAud (da24c1f66ee1b5a92e045376d7a44b58) C:\Windows\system32\DRIVERS\IntcDAud.sys
12:44:21.0566 2872 IntcDAud - ok
12:44:21.0770 2872 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
12:44:21.0792 2872 intelide - ok
12:44:21.0989 2872 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
12:44:22.0059 2872 intelppm - ok
12:44:22.0296 2872 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:44:22.0400 2872 IpFilterDriver - ok
12:44:22.0603 2872 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
12:44:22.0651 2872 IPMIDRV - ok
12:44:22.0949 2872 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
12:44:23.0058 2872 IPNAT - ok
12:44:23.0286 2872 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
12:44:23.0584 2872 IRENUM - ok
12:44:23.0810 2872 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
12:44:23.0857 2872 isapnp - ok
12:44:24.0148 2872 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
12:44:24.0210 2872 iScsiPrt - ok
12:44:24.0428 2872 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
12:44:24.0454 2872 kbdclass - ok
12:44:24.0664 2872 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
12:44:24.0702 2872 kbdhid - ok
12:44:24.0924 2872 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
12:44:24.0948 2872 KSecDD - ok
12:44:25.0146 2872 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
12:44:25.0173 2872 KSecPkg - ok
12:44:25.0451 2872 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
12:44:25.0574 2872 ksthunk - ok
12:44:25.0862 2872 L1C (39918db0efcf045a1ce6fabbf339f975) C:\Windows\system32\DRIVERS\L1C62x64.sys
12:44:25.0900 2872 L1C - ok
12:44:26.0161 2872 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
12:44:26.0267 2872 lltdio - ok
12:44:26.0536 2872 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
12:44:26.0591 2872 LSI_FC - ok
12:44:26.0978 2872 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
12:44:27.0027 2872 LSI_SAS - ok
12:44:27.0264 2872 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:44:27.0314 2872 LSI_SAS2 - ok
12:44:27.0470 2872 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:44:27.0523 2872 LSI_SCSI - ok
12:44:27.0769 2872 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
12:44:27.0859 2872 luafv - ok
12:44:28.0095 2872 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
12:44:28.0199 2872 megasas - ok
12:44:28.0438 2872 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
12:44:28.0503 2872 MegaSR - ok
12:44:28.0725 2872 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
12:44:28.0833 2872 Modem - ok
12:44:29.0000 2872 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
12:44:29.0049 2872 monitor - ok
12:44:29.0341 2872 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
12:44:29.0362 2872 mouclass - ok
12:44:29.0621 2872 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
12:44:29.0664 2872 mouhid - ok
12:44:29.0950 2872 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
12:44:30.0008 2872 mountmgr - ok
12:44:30.0258 2872 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
12:44:30.0283 2872 mpio - ok
12:44:30.0432 2872 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
12:44:30.0566 2872 mpsdrv - ok
12:44:30.0816 2872 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
12:44:30.0869 2872 MRxDAV - ok
12:44:31.0089 2872 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
12:44:31.0181 2872 mrxsmb - ok
12:44:31.0404 2872 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:44:31.0492 2872 mrxsmb10 - ok
12:44:31.0700 2872 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:44:31.0760 2872 mrxsmb20 - ok
12:44:31.0904 2872 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
12:44:31.0957 2872 msahci - ok
12:44:32.0297 2872 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
12:44:32.0354 2872 msdsm - ok
12:44:32.0581 2872 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
12:44:32.0683 2872 Msfs - ok
12:44:32.0879 2872 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
12:44:32.0967 2872 mshidkmdf - ok
12:44:33.0189 2872 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
12:44:33.0242 2872 msisadrv - ok
12:44:33.0483 2872 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
12:44:33.0552 2872 MSKSSRV - ok
12:44:33.0779 2872 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
12:44:33.0862 2872 MSPCLOCK - ok
12:44:34.0083 2872 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
12:44:34.0252 2872 MSPQM - ok
12:44:34.0441 2872 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
12:44:34.0480 2872 MsRPC - ok
12:44:34.0635 2872 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
12:44:34.0652 2872 mssmbios - ok
12:44:34.0806 2872 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
12:44:34.0908 2872 MSTEE - ok
12:44:35.0106 2872 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
12:44:35.0152 2872 MTConfig - ok
12:44:35.0459 2872 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
12:44:35.0507 2872 Mup - ok
12:44:35.0671 2872 mwlPSDFilter (6ffecc25b39dc7652a0cec0ada9db589) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
12:44:35.0712 2872 mwlPSDFilter - ok
12:44:35.0929 2872 mwlPSDNServ (0befe32ca56d6ee89d58175725596a85) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
12:44:35.0976 2872 mwlPSDNServ - ok
12:44:36.0158 2872 mwlPSDVDisk (d43bc633b8660463e446e28e14a51262) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
12:44:36.0179 2872 mwlPSDVDisk - ok
12:44:36.0462 2872 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
12:44:36.0568 2872 NativeWifiP - ok
12:44:36.0869 2872 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
12:44:36.0920 2872 NDIS - ok
12:44:37.0110 2872 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
12:44:37.0219 2872 NdisCap - ok
12:44:37.0445 2872 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
12:44:37.0541 2872 NdisTapi - ok
12:44:37.0754 2872 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
12:44:37.0850 2872 Ndisuio - ok
12:44:38.0028 2872 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
12:44:38.0167 2872 NdisWan - ok
12:44:38.0479 2872 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
12:44:38.0633 2872 NDProxy - ok
12:44:38.0870 2872 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
12:44:39.0030 2872 NetBIOS - ok
12:44:39.0314 2872 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
12:44:39.0460 2872 NetBT - ok
12:44:40.0205 2872 NETw5s64 (24f64343f14a119308456e1ca7507b26) C:\Windows\system32\DRIVERS\NETw5s64.sys
12:44:40.0593 2872 NETw5s64 - ok
12:44:40.0944 2872 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
12:44:41.0003 2872 nfrd960 - ok
12:44:41.0371 2872 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
12:44:41.0464 2872 Npfs - ok
12:44:41.0671 2872 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
12:44:41.0826 2872 nsiproxy - ok
12:44:42.0234 2872 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
12:44:42.0443 2872 Ntfs - ok
12:44:42.0705 2872 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
12:44:42.0795 2872 Null - ok
12:44:43.0228 2872 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
12:44:43.0275 2872 nvraid - ok
12:44:43.0659 2872 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
12:44:43.0730 2872 nvstor - ok
12:44:44.0126 2872 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
12:44:44.0184 2872 nv_agp - ok
12:44:44.0498 2872 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
12:44:44.0550 2872 ohci1394 - ok
12:44:44.0881 2872 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
12:44:44.0947 2872 Parport - ok
12:44:45.0314 2872 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
12:44:45.0370 2872 partmgr - ok
12:44:45.0695 2872 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
12:44:45.0778 2872 pci - ok
12:44:46.0164 2872 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
12:44:46.0213 2872 pciide - ok
12:44:46.0755 2872 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
12:44:46.0859 2872 pcmcia - ok
12:44:47.0164 2872 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
12:44:47.0204 2872 pcw - ok
12:44:47.0518 2872 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
12:44:47.0971 2872 PEAUTH - ok
12:44:48.0440 2872 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
12:44:48.0569 2872 PptpMiniport - ok
12:44:48.0905 2872 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
12:44:48.0966 2872 Processor - ok
12:44:49.0413 2872 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
12:44:49.0526 2872 Psched - ok
12:44:49.0938 2872 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
12:44:50.0110 2872 ql2300 - ok
12:44:50.0336 2872 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
12:44:50.0351 2872 ql40xx - ok
12:44:50.0658 2872 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
12:44:50.0805 2872 QWAVEdrv - ok
12:44:51.0155 2872 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
12:44:51.0367 2872 RasAcd - ok
12:44:51.0627 2872 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
12:44:51.0690 2872 RasAgileVpn - ok
12:44:52.0034 2872 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
12:44:52.0221 2872 Rasl2tp - ok
12:44:52.0566 2872 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
12:44:52.0673 2872 RasPppoe - ok
12:44:52.0950 2872 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
12:44:53.0030 2872 RasSstp - ok
12:44:53.0311 2872 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
12:44:53.0424 2872 rdbss - ok
12:44:53.0668 2872 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
12:44:53.0761 2872 rdpbus - ok
12:44:54.0131 2872 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
12:44:54.0265 2872 RDPCDD - ok
12:44:54.0580 2872 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
12:44:54.0679 2872 RDPENCDD - ok
12:44:55.0015 2872 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
12:44:55.0084 2872 RDPREFMP - ok
12:44:55.0421 2872 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
12:44:55.0515 2872 RDPWD - ok
12:44:55.0910 2872 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
12:44:55.0945 2872 rdyboost - ok
12:44:56.0415 2872 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
12:44:56.0475 2872 RFCOMM - ok
12:44:56.0732 2872 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
12:44:56.0917 2872 rspndr - ok
12:44:57.0369 2872 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
12:44:57.0428 2872 sbp2port - ok
12:44:57.0694 2872 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
12:44:57.0834 2872 scfilter - ok
12:44:58.0064 2872 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
12:44:58.0233 2872 secdrv - ok
12:44:58.0590 2872 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
12:44:58.0648 2872 Serenum - ok
12:44:59.0016 2872 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
12:44:59.0119 2872 Serial - ok
12:44:59.0415 2872 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
12:44:59.0486 2872 sermouse - ok
12:44:59.0742 2872 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
12:44:59.0836 2872 sffdisk - ok
12:45:00.0181 2872 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
12:45:00.0244 2872 sffp_mmc - ok
12:45:00.0544 2872 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
12:45:00.0703 2872 sffp_sd - ok
12:45:01.0018 2872 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
12:45:01.0137 2872 sfloppy - ok
12:45:01.0507 2872 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:45:01.0576 2872 SiSRaid2 - ok
12:45:02.0021 2872 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
12:45:02.0077 2872 SiSRaid4 - ok
12:45:02.0481 2872 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
12:45:02.0550 2872 Smb - ok
12:45:03.0013 2872 snapman (427c2b34bf4dd4f813da4c0df154cc94) C:\Windows\system32\DRIVERS\snapman.sys
12:45:03.0076 2872 snapman - ok
12:45:03.0499 2872 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
12:45:03.0551 2872 spldr - ok
12:45:03.0591 2872 MBR (0x1B8) (3e0a9b8449a315e0044be2adf3d12596) \Device\Harddisk0\DR0
12:45:19.0180 2872 \Device\Harddisk0\DR0 - ok
12:45:19.0216 2872 Boot (0x1200) (a43d79a78c5b4535be26f9f25de6069c) \Device\Harddisk0\DR0\Partition0
12:45:19.0218 2872 \Device\Harddisk0\DR0\Partition0 - ok
12:45:19.0239 2872 Boot (0x1200) (3350a685c6045e143ebf009f7a03fac8) \Device\Harddisk0\DR0\Partition1
12:45:19.0242 2872 \Device\Harddisk0\DR0\Partition1 - ok
12:45:19.0283 2872 Boot (0x1200) (fc5744c6c2f46bddb4986937ce4f09c4) \Device\Harddisk0\DR0\Partition2
12:45:19.0285 2872 \Device\Harddisk0\DR0\Partition2 - ok
12:45:19.0286 2872 ============================================================
12:45:19.0286 2872 Scan finished
12:45:19.0286 2872 ============================================================
12:45:19.0302 3496 Detected object count: 0
12:45:19.0303 3496 Actual detected object count: 0
12:46:19.0367 3240 ============================================================
12:46:19.0367 3240 Scan started
12:46:19.0367 3240 Mode: Manual; SigCheck; TDLFS;
12:46:19.0367 3240 ============================================================
12:46:29.0678 0688 ============================================================
12:46:29.0678 0688 Scan started
12:46:29.0678 0688 Mode: Manual; SigCheck; TDLFS;
12:46:29.0678 0688 ============================================================
12:46:37.0239 0688 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
12:46:37.0278 0688 1394ohci - ok
12:46:37.0462 0688 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
12:46:37.0478 0688 ACPI - ok
12:46:37.0665 0688 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
12:46:37.0685 0688 AcpiPmi - ok
12:46:37.0848 0688 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
12:46:37.0886 0688 adp94xx - ok
12:46:38.0090 0688 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
12:46:38.0109 0688 adpahci - ok
12:46:38.0272 0688 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
12:46:38.0299 0688 adpu320 - ok
12:46:38.0487 0688 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
12:46:38.0576 0688 AFD - ok
12:46:38.0704 0688 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
12:46:38.0724 0688 agp440 - ok
12:46:38.0906 0688 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
12:46:38.0926 0688 aliide - ok
12:46:39.0118 0688 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
12:46:39.0136 0688 amdide - ok
12:46:39.0296 0688 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
12:46:39.0375 0688 AmdK8 - ok
12:46:39.0451 0688 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
12:46:39.0476 0688 AmdPPM - ok
12:46:39.0637 0688 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
12:46:39.0662 0688 amdsata - ok
12:46:39.0852 0688 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
12:46:39.0909 0688 amdsbs - ok
12:46:40.0057 0688 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
12:46:40.0078 0688 amdxata - ok
12:46:40.0336 0688 AmUStor (391887990cdaa83de5c56c3fde966da1) C:\Windows\system32\drivers\AmUStor.SYS
12:46:40.0360 0688 AmUStor - ok
12:46:40.0492 0688 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
12:46:40.0561 0688 AppID - ok
12:46:40.0734 0688 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
12:46:40.0791 0688 arc - ok
12:46:40.0912 0688 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
12:46:40.0936 0688 arcsas - ok
12:46:41.0084 0688 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
12:46:41.0197 0688 AsyncMac - ok
12:46:41.0332 0688 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
12:46:41.0352 0688 atapi - ok
12:46:41.0581 0688 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
12:46:41.0615 0688 b06bdrv - ok
12:46:41.0795 0688 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
12:46:41.0870 0688 b57nd60a - ok
12:46:42.0123 0688 BCM43XX (fde8c8dc07e75347e4c6b455a0964217) C:\Windows\system32\DRIVERS\bcmwl664.sys
12:46:42.0223 0688 BCM43XX - ok
12:46:42.0365 0688 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
12:46:42.0437 0688 Beep - ok
12:46:42.0568 0688 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
12:46:42.0619 0688 blbdrive - ok
12:46:42.0769 0688 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
12:46:42.0790 0688 bowser - ok
12:46:42.0921 0688 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:46:42.0953 0688 BrFiltLo - ok
12:46:43.0158 0688 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:46:43.0191 0688 BrFiltUp - ok
12:46:43.0351 0688 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
12:46:43.0379 0688 Brserid - ok
12:46:43.0523 0688 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
12:46:43.0552 0688 BrSerWdm - ok
12:46:43.0707 0688 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
12:46:43.0763 0688 BrUsbMdm - ok
12:46:43.0903 0688 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
12:46:43.0930 0688 BrUsbSer - ok
12:46:44.0113 0688 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
12:46:44.0140 0688 BthEnum - ok
12:46:44.0272 0688 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
12:46:44.0357 0688 BTHMODEM - ok
12:46:44.0508 0688 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
12:46:44.0541 0688 BthPan - ok
12:46:44.0741 0688 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
12:46:44.0780 0688 BTHPORT - ok
12:46:44.0903 0688 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
12:46:44.0929 0688 BTHUSB - ok
12:46:45.0118 0688 btwampfl (380b798d30c56ede4af58619d0e86ccb) C:\Windows\system32\drivers\btwampfl.sys
12:46:45.0147 0688 btwampfl - ok
12:46:45.0283 0688 btwaudio (ba5622f5544c6c445dff1a05acc8b19d) C:\Windows\system32\drivers\btwaudio.sys
12:46:45.0302 0688 btwaudio - ok
12:46:45.0454 0688 btwavdt (a11905d0f4bd34771f195217b6aa5ae0) C:\Windows\system32\DRIVERS\btwavdt.sys
12:46:45.0478 0688 btwavdt - ok
12:46:45.0611 0688 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys
12:46:45.0627 0688 btwl2cap - ok
12:46:45.0756 0688 btwrchid (bd776f32d64ec615be4563dc2747224e) C:\Windows\system32\DRIVERS\btwrchid.sys
12:46:45.0772 0688 btwrchid - ok
12:46:45.0776 0688 catchme - ok
12:46:45.0905 0688 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
12:46:45.0989 0688 cdfs - ok
12:46:46.0207 0688 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
12:46:46.0257 0688 cdrom - ok
12:46:46.0491 0688 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
12:46:46.0537 0688 circlass - ok
12:46:46.0662 0688 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
12:46:46.0733 0688 CLFS - ok
12:46:46.0833 0688 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
12:46:46.0882 0688 CmBatt - ok
12:46:47.0012 0688 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
12:46:47.0060 0688 cmdide - ok
12:46:47.0273 0688 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
12:46:47.0315 0688 CNG - ok
12:46:47.0412 0688 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
12:46:47.0454 0688 Compbatt - ok
12:46:47.0602 0688 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
12:46:47.0632 0688 CompositeBus - ok
12:46:47.0668 0688 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
12:46:47.0686 0688 crcdisk - ok
12:46:47.0779 0688 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
12:46:47.0851 0688 DfsC - ok
12:46:48.0002 0688 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
12:46:48.0093 0688 discache - ok
12:46:48.0217 0688 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
12:46:48.0272 0688 Disk - ok
12:46:48.0417 0688 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
12:46:48.0472 0688 drmkaud - ok
12:46:48.0731 0688 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
12:46:48.0792 0688 DXGKrnl - ok
12:46:48.0900 0688 eamonm (398fdc5694f2ba9e51e321ca40d1706e) C:\Windows\system32\DRIVERS\eamonm.sys
12:46:48.0920 0688 eamonm - ok
12:46:49.0636 0688 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
12:46:49.0733 0688 ebdrv - ok
12:46:49.0865 0688 ehdrv (e99457900012b53b2226f146ecaf9136) C:\Windows\system32\DRIVERS\ehdrv.sys
12:46:49.0885 0688 ehdrv - ok
12:46:50.0053 0688 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
12:46:50.0083 0688 elxstor - ok
12:46:50.0200 0688 epfwwfpr (a2af094dcbe8bff7e898d327750506a0) C:\Windows\system32\DRIVERS\epfwwfpr.sys
12:46:50.0212 0688 epfwwfpr - ok
12:46:50.0313 0688 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
12:46:50.0328 0688 ErrDev - ok
12:46:50.0437 0688 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
12:46:50.0492 0688 exfat - ok
12:46:50.0733 0688 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
12:46:50.0831 0688 fastfat - ok
12:46:50.0980 0688 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
12:46:51.0020 0688 fdc - ok
12:46:51.0171 0688 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
12:46:51.0219 0688 FileInfo - ok
12:46:51.0361 0688 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
12:46:51.0424 0688 Filetrace - ok
12:46:51.0523 0688 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
12:46:51.0536 0688 flpydisk - ok
12:46:51.0581 0688 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
12:46:51.0595 0688 FltMgr - ok
12:46:51.0643 0688 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
12:46:51.0665 0688 FsDepends - ok
12:46:51.0731 0688 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
12:46:51.0749 0688 fssfltr - ok
12:46:51.0798 0688 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
12:46:51.0814 0688 Fs_Rec - ok
12:46:51.0885 0688 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
12:46:51.0918 0688 fvevol - ok
12:46:51.0993 0688 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
12:46:52.0093 0688 gagp30kx - ok
12:46:52.0257 0688 ggflt (a4198f2bd8aa592cb90476277a81b5e1) C:\Windows\system32\DRIVERS\ggflt.sys
12:46:52.0272 0688 ggflt - ok
12:46:52.0401 0688 ggsemc (d266350bdaab9eb6c1aec370eeaaff3a) C:\Windows\system32\DRIVERS\ggsemc.sys
12:46:52.0447 0688 ggsemc - ok
12:46:52.0579 0688 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
12:46:52.0617 0688 hcw85cir - ok
12:46:52.0835 0688 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
12:46:52.0872 0688 HdAudAddService - ok
12:46:53.0091 0688 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
12:46:53.0127 0688 HDAudBus - ok
12:46:53.0351 0688 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
12:46:53.0371 0688 HECIx64 - ok
12:46:53.0561 0688 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
12:46:53.0638 0688 HidBatt - ok
12:46:53.0805 0688 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
12:46:53.0882 0688 HidBth - ok
12:46:53.0961 0688 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
12:46:54.0049 0688 HidIr - ok
12:46:54.0122 0688 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
12:46:54.0150 0688 HidUsb - ok
12:46:54.0322 0688 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
12:46:54.0347 0688 HpSAMD - ok
12:46:54.0497 0688 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
12:46:54.0568 0688 HTTP - ok
12:46:54.0772 0688 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
12:46:54.0791 0688 hwpolicy - ok
12:46:54.0949 0688 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
12:46:55.0008 0688 i8042prt - ok
12:46:55.0143 0688 iaStor (42e00996dfc13c46366689c0ea8abc5e) C:\Windows\system32\DRIVERS\iaStor.sys
12:46:55.0193 0688 iaStor - ok
12:46:55.0460 0688 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
12:46:55.0492 0688 iaStorV - ok
12:46:55.0816 0688 igfx (7467ae8f96ea983423148c62458669fa) C:\Windows\system32\DRIVERS\igdkmd64.sys
12:46:55.0945 0688 igfx - ok
12:46:56.0252 0688 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
12:46:56.0270 0688 iirsp - ok
12:46:56.0440 0688 Impcd (c48567d80ad357613cd0eeade18780ae) C:\Windows\system32\DRIVERS\Impcd.sys
12:46:56.0467 0688 Impcd - ok
12:46:56.0653 0688 IntcAzAudAddService (a0eab13a78cc5fb960ec76e3d6408da3) C:\Windows\system32\drivers\RTKVHD64.sys
12:46:56.0728 0688 IntcAzAudAddService - ok
12:46:56.0846 0688 IntcDAud (da24c1f66ee1b5a92e045376d7a44b58) C:\Windows\system32\DRIVERS\IntcDAud.sys
12:46:56.0863 0688 IntcDAud - ok
12:46:56.0913 0688 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
12:46:56.0928 0688 intelide - ok
12:46:56.0965 0688 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
12:46:57.0013 0688 intelppm - ok
12:46:57.0061 0688 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:46:57.0115 0688 IpFilterDriver - ok
12:46:57.0157 0688 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
12:46:57.0173 0688 IPMIDRV - ok
12:46:57.0225 0688 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
12:46:57.0332 0688 IPNAT - ok
12:46:57.0361 0688 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
12:46:57.0397 0688 IRENUM - ok
12:46:57.0430 0688 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
12:46:57.0482 0688 isapnp - ok
12:46:57.0525 0688 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
12:46:57.0553 0688 iScsiPrt - ok
12:46:57.0571 0688 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
12:46:57.0587 0688 kbdclass - ok
12:46:57.0617 0688 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
12:46:57.0636 0688 kbdhid - ok
12:46:57.0678 0688 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
12:46:57.0702 0688 KSecDD - ok
12:46:57.0744 0688 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
12:46:57.0765 0688 KSecPkg - ok
12:46:57.0805 0688 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
12:46:57.0886 0688 ksthunk - ok
12:46:57.0916 0688 L1C (39918db0efcf045a1ce6fabbf339f975) C:\Windows\system32\DRIVERS\L1C62x64.sys
12:46:57.0927 0688 L1C - ok
12:46:57.0970 0688 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
12:46:58.0075 0688 lltdio - ok
12:46:58.0112 0688 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
12:46:58.0145 0688 LSI_FC - ok
12:46:58.0164 0688 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
12:46:58.0197 0688 LSI_SAS - ok
12:46:58.0218 0688 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:46:58.0251 0688 LSI_SAS2 - ok
12:46:58.0279 0688 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:46:58.0312 0688 LSI_SCSI - ok
12:46:58.0334 0688 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
12:46:58.0389 0688 luafv - ok
12:46:58.0416 0688 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
12:46:58.0459 0688 megasas - ok
12:46:58.0480 0688 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
12:46:58.0516 0688 MegaSR - ok
12:46:58.0657 0688 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
12:46:58.0701 0688 Modem - ok
12:46:58.0820 0688 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
12:46:58.0885 0688 monitor - ok
12:46:59.0051 0688 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
12:46:59.0073 0688 mouclass - ok
12:46:59.0263 0688 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
12:46:59.0288 0688 mouhid - ok
12:46:59.0638 0688 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
12:46:59.0698 0688 mountmgr - ok
12:47:00.0023 0688 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
12:47:00.0047 0688 mpio - ok
12:47:00.0164 0688 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
12:47:00.0230 0688 mpsdrv - ok
12:47:00.0436 0688 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
12:47:00.0469 0688 MRxDAV - ok
12:47:00.0576 0688 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
12:47:00.0595 0688 mrxsmb - ok
12:47:00.0758 0688 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:47:00.0821 0688 mrxsmb10 - ok
12:47:00.0977 0688 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:47:01.0036 0688 mrxsmb20 - ok
12:47:01.0158 0688 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
12:47:01.0180 0688 msahci - ok
12:47:01.0272 0688 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
12:47:01.0288 0688 msdsm - ok
12:47:01.0446 0688 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
12:47:01.0502 0688 Msfs - ok
12:47:01.0610 0688 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
12:47:01.0679 0688 mshidkmdf - ok
12:47:01.0864 0688 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
12:47:01.0885 0688 msisadrv - ok
12:47:01.0958 0688 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
12:47:02.0034 0688 MSKSSRV - ok
12:47:02.0221 0688 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
12:47:02.0288 0688 MSPCLOCK - ok
12:47:02.0481 0688 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
12:47:02.0568 0688 MSPQM - ok
12:47:02.0705 0688 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
12:47:02.0742 0688 MsRPC - ok
12:47:02.0899 0688 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
12:47:02.0919 0688 mssmbios - ok
12:47:03.0037 0688 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
12:47:03.0113 0688 MSTEE - ok
12:47:03.0237 0688 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
12:47:03.0259 0688 MTConfig - ok
12:47:03.0356 0688 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
12:47:03.0406 0688 Mup - ok
12:47:03.0558 0688 mwlPSDFilter (6ffecc25b39dc7652a0cec0ada9db589) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
12:47:03.0605 0688 mwlPSDFilter - ok
12:47:03.0771 0688 mwlPSDNServ (0befe32ca56d6ee89d58175725596a85) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
12:47:03.0787 0688 mwlPSDNServ - ok
12:47:03.0900 0688 mwlPSDVDisk (d43bc633b8660463e446e28e14a51262) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
12:47:03.0916 0688 mwlPSDVDisk - ok
12:47:04.0059 0688 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
12:47:04.0106 0688 NativeWifiP - ok
12:47:04.0233 0688 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
12:47:04.0299 0688 NDIS - ok
12:47:04.0419 0688 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
12:47:04.0511 0688 NdisCap - ok
12:47:04.0698 0688 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
12:47:04.0794 0688 NdisTapi - ok
12:47:04.0951 0688 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
12:47:05.0020 0688 Ndisuio - ok
12:47:05.0170 0688 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
12:47:05.0246 0688 NdisWan - ok
12:47:05.0365 0688 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
12:47:05.0432 0688 NDProxy - ok
12:47:05.0556 0688 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
12:47:05.0663 0688 NetBIOS - ok
12:47:05.0811 0688 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
12:47:05.0913 0688 NetBT - ok
12:47:06.0575 0688 NETw5s64 (24f64343f14a119308456e1ca7507b26) C:\Windows\system32\DRIVERS\NETw5s64.sys
12:47:06.0685 0688 NETw5s64 - ok
12:47:06.0819 0688 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
12:47:06.0902 0688 nfrd960 - ok
12:47:06.0957 0688 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
12:47:07.0075 0688 Npfs - ok
12:47:07.0235 0688 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
12:47:07.0339 0688 nsiproxy - ok
12:47:07.0497 0688 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
12:47:07.0561 0688 Ntfs - ok
12:47:07.0658 0688 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
12:47:07.0748 0688 Null - ok
12:47:07.0815 0688 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
12:47:07.0840 0688 nvraid - ok
12:47:07.0869 0688 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
12:47:07.0938 0688 nvstor - ok
12:47:07.0979 0688 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
12:47:07.0997 0688 nv_agp - ok
12:47:08.0041 0688 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
12:47:08.0083 0688 ohci1394 - ok
12:47:08.0124 0688 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
12:47:08.0165 0688 Parport - ok
12:47:08.0201 0688 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
12:47:08.0225 0688 partmgr - ok
12:47:08.0271 0688 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
12:47:08.0293 0688 pci - ok
12:47:08.0318 0688 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
12:47:08.0335 0688 pciide - ok
12:47:08.0375 0688 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
12:47:08.0427 0688 pcmcia - ok
12:47:08.0451 0688 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
12:47:08.0485 0688 pcw - ok
12:47:08.0513 0688 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
12:47:08.0600 0688 PEAUTH - ok
12:47:08.0950 0688 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
12:47:09.0046 0688 PptpMiniport - ok
12:47:09.0349 0688 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
12:47:09.0406 0688 Processor - ok
12:47:09.0668 0688 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
12:47:09.0750 0688 Psched - ok
12:47:10.0139 0688 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
12:47:10.0177 0688 ql2300 - ok
12:47:10.0502 0688 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
12:47:10.0530 0688 ql40xx - ok
12:47:10.0568 0688 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
12:47:10.0638 0688 QWAVEdrv - ok
12:47:10.0676 0688 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
12:47:10.0756 0688 RasAcd - ok
12:47:10.0814 0688 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
12:47:10.0888 0688 RasAgileVpn - ok
12:47:10.0966 0688 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
12:47:11.0087 0688 Rasl2tp - ok
12:47:11.0398 0688 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
12:47:11.0467 0688 RasPppoe - ok
12:47:11.0534 0688 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
12:47:11.0609 0688 RasSstp - ok
12:47:11.0920 0688 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
12:47:11.0994 0688 rdbss - ok
12:47:12.0144 0688 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
12:47:12.0173 0688 rdpbus - ok
12:47:12.0318 0688 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
12:47:12.0384 0688 RDPCDD - ok
12:47:12.0568 0688 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
12:47:12.0626 0688 RDPENCDD - ok
12:47:12.0736 0688 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
12:47:12.0820 0688 RDPREFMP - ok
12:47:12.0952 0688 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
12:47:13.0062 0688 RDPWD - ok
12:47:13.0208 0688 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
12:47:13.0237 0688 rdyboost - ok
12:47:13.0447 0688 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
12:47:13.0518 0688 RFCOMM - ok
12:47:13.0675 0688 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
12:47:13.0788 0688 rspndr - ok
12:47:13.0989 0688 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
12:47:14.0014 0688 sbp2port - ok
12:47:14.0147 0688 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
12:47:14.0228 0688 scfilter - ok
12:47:14.0429 0688 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
12:47:14.0514 0688 secdrv - ok
12:47:14.0655 0688 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
12:47:14.0723 0688 Serenum - ok
12:47:14.0837 0688 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
12:47:14.0964 0688 Serial - ok
12:47:15.0225 0688 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
12:47:15.0277 0688 sermouse - ok
12:47:15.0429 0688 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
12:47:15.0463 0688 sffdisk - ok
12:47:15.0491 0688 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
12:47:15.0542 0688 sffp_mmc - ok
12:47:15.0664 0688 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
12:47:15.0700 0688 sffp_sd - ok
12:47:15.0828 0688 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
12:47:15.0899 0688 sfloppy - ok
12:47:16.0128 0688 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:47:16.0209 0688 SiSRaid2 - ok
12:47:16.0364 0688 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
12:47:16.0418 0688 SiSRaid4 - ok
12:47:16.0569 0688 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
12:47:16.0645 0688 Smb - ok
12:47:16.0791 0688 snapman (427c2b34bf4dd4f813da4c0df154cc94) C:\Windows\system32\DRIVERS\snapman.sys
12:47:16.0820 0688 snapman - ok
12:47:16.0975 0688 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
12:47:17.0034 0688 spldr - ok
12:47:17.0056 0688 MBR (0x1B8) (3e0a9b8449a315e0044be2adf3d12596) \Device\Harddisk0\DR0
12:47:17.0379 0688 \Device\Harddisk0\DR0 - ok
12:47:17.0384 0688 Boot (0x1200) (a43d79a78c5b4535be26f9f25de6069c) \Device\Harddisk0\DR0\Partition0
12:47:17.0386 0688 \Device\Harddisk0\DR0\Partition0 - ok
12:47:17.0405 0688 Boot (0x1200) (3350a685c6045e143ebf009f7a03fac8) \Device\Harddisk0\DR0\Partition1
12:47:17.0407 0688 \Device\Harddisk0\DR0\Partition1 - ok
12:47:17.0426 0688 Boot (0x1200) (fc5744c6c2f46bddb4986937ce4f09c4) \Device\Harddisk0\DR0\Partition2
12:47:17.0427 0688 \Device\Harddisk0\DR0\Partition2 - ok
12:47:17.0428 0688 ============================================================
12:47:17.0428 0688 Scan finished
12:47:17.0428 0688 ============================================================
12:47:17.0444 4024 Detected object count: 0
12:47:17.0444 4024 Actual detected object count: 0
12:50:39.0557 3576 Deinitialize success

luba · #20 Příspěvek od **luba** » 04 led 2012 13:19

ComboFix 12-01-03.04 - Deniska 04.01.2012 12:58:29.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3767.2215 [GMT 1:00]
Spuštěný z: c:\users\Deniska\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Deniska\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 4.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 4.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2507351934-888822584-2405633601-1000Core.job"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2507351934-888822584-2405633601-1000UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\ICQ6Toolbar
c:\program files (x86)\ICQ6Toolbar\config.xml
c:\program files (x86)\ICQ6Toolbar\Icons.bmp
c:\program files (x86)\ICQ6Toolbar\ICQ Service.exe
c:\program files (x86)\ICQ6Toolbar\icq6Toolbar.ico
c:\program files (x86)\ICQ6Toolbar\ICQToolBar.dll
c:\program files (x86)\ICQ6Toolbar\ICQUnToolbar.exe
c:\program files (x86)\ICQ6Toolbar\logo_small.gif
c:\program files (x86)\ICQ6Toolbar\ServiceStarter.exe
c:\program files (x86)\ICQ6Toolbar\short.wav
c:\program files (x86)\ICQ6Toolbar\Version.txt
c:\program files (x86)\ICQ6Toolbar\voucher.bmp
c:\program files (x86)\ICQ6Toolbar\voucher2.bmp
c:\users\Deniska\AppData\Local\Facebook\Update
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\FacebookCrashHandler.exe
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\FacebookUpdate.exe
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\FacebookUpdateHelper.msi
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdate.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_ar.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_bg.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_bn.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_ca.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_cs.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_da.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_de.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_el.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_en-GB.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_en.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_es-419.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_es.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_et.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_fa.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_fi.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_fil.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_fr.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_gu.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_hi.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_hr.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_hu.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_id.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_is.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_it.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_iw.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_ja.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_kn.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_ko.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_lt.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_lv.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_ml.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_mr.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_ms.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_nl.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_no.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_or.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_pl.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_pt-BR.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_pt-PT.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_ro.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_ru.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_sk.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_sl.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_sr.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_sv.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_ta.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_te.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_th.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_tr.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_uk.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_ur.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_vi.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_zh-CN.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_zh-TW.dll
c:\users\Deniska\AppData\Local\Facebook\Update\FacebookUpdate.exe
c:\users\Deniska\AppData\Roaming\Microsoft\0C3D
c:\users\Deniska\AppData\Roaming\Microsoft\0C3D\1525.tmp
c:\users\Deniska\AppData\Roaming\Microsoft\0C3D\313D.tmp
c:\users\Deniska\AppData\Roaming\Microsoft\0C3D\35A.tmp
c:\users\Deniska\AppData\Roaming\Microsoft\0C3D\4DF1.tmp
c:\users\Deniska\AppData\Roaming\Microsoft\0C3D\52D1.tmp
c:\users\Deniska\AppData\Roaming\Microsoft\0C3D\5A2.tmp
c:\users\Deniska\AppData\Roaming\Microsoft\0C3D\66ED.tmp
c:\users\Deniska\AppData\Roaming\Microsoft\0C3D\8349.tmp
c:\users\Deniska\AppData\Roaming\Microsoft\0C3D\92C5.exe
c:\users\Deniska\AppData\Roaming\Microsoft\0C3D\92C5.tmp
c:\users\Deniska\AppData\Roaming\Microsoft\0C3D\CC43.tmp
c:\users\Deniska\AppData\Roaming\Microsoft\0C3D\D7E7.tmp
c:\users\Deniska\AppData\Roaming\Microsoft\0C3D\EF5D.tmp
c:\users\Deniska\AppData\Roaming\Microsoft\0C3D\F5F2.tmp
c:\users\Deniska\AppData\Roaming\Microsoft\6CFD
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2507351934-888822584-2405633601-1000Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2507351934-888822584-2405633601-1000UA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_BFE
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-04 do 2012-01-04 )))))))))))))))))))))))))))))))
.
.
2012-01-04 12:04 . 2012-01-04 12:04 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-02 17:29 . 2012-01-02 17:29 -------- d-----w- C:\rsit
2012-01-02 17:29 . 2012-01-02 17:29 -------- d-----w- c:\program files\trend micro
2012-01-01 21:44 . 2012-01-01 21:44 626688 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr80.dll
2012-01-01 21:44 . 2012-01-01 21:44 548864 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp80.dll
2012-01-01 21:44 . 2012-01-01 21:44 479232 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcm80.dll
2012-01-01 21:44 . 2012-01-01 21:44 43992 ----a-w- c:\program files (x86)\Mozilla Firefox\mozutils.dll
2012-01-01 19:22 . 2012-01-01 19:22 286720 ----a-w- C:\swreg.exe
2011-12-31 02:36 . 2011-12-31 01:03 -------- d-----w- c:\windows\Microsoft Antimalware
2011-12-14 11:25 . 2011-10-26 05:21 43520 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-14 11:23 . 2011-11-05 05:32 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-14 11:23 . 2011-11-05 04:26 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-21 08:42 . 2011-05-31 04:06 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-10-07 04:16 . 2011-11-22 18:36 8570192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{415102C8-AAB2-4415-BC00-741D1B532DA8}\mpengine.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-01-03_17.35.17 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-14 05:10 . 2012-01-04 11:40 39350 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2009-07-14 05:10 . 2012-01-02 17:17 39350 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-09-16 23:17 . 2012-01-04 11:40 14702 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2507351934-888822584-2405633601-1000_UserData.bin
- 2010-09-16 23:17 . 2012-01-02 17:17 14702 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2507351934-888822584-2405633601-1000_UserData.bin
- 2009-02-28 05:01 . 2012-01-02 17:52 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-02-28 05:01 . 2012-01-04 12:05 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-02-28 05:01 . 2012-01-02 17:52 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-02-28 05:01 . 2012-01-04 12:05 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2012-01-03 17:57 . 2012-01-03 17:57 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012012010320120104\index.dat
+ 2009-07-14 04:54 . 2012-01-04 12:05 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-01-02 17:52 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:46 . 2012-01-01 16:27 94640 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2009-07-14 04:46 . 2012-01-03 21:30 94640 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
- 2010-09-16 23:19 . 2012-01-03 16:59 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-09-16 23:19 . 2012-01-04 11:41 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-09-16 23:19 . 2012-01-03 16:59 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-09-16 23:19 . 2012-01-04 11:41 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2012-01-02 17:11 . 2012-01-02 17:11 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-01-04 12:05 . 2012-01-04 12:05 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-01-02 17:11 . 2012-01-02 17:11 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-01-04 12:05 . 2012-01-04 12:05 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-09-19 18:44 . 2012-01-03 22:55 388274 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
- 2009-07-14 05:01 . 2012-01-01 23:30 352504 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-01-04 12:04 352504 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2010-10-29 20:23 . 2012-01-01 19:33 353272 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2507351934-888822584-2405633601-1000-8192.dat
+ 2010-10-29 20:23 . 2012-01-04 12:04 353272 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2507351934-888822584-2405633601-1000-8192.dat
- 2012-01-01 19:46 . 2012-01-01 23:30 353272 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2507351934-888822584-2405633601-1000-12288.dat
+ 2012-01-01 19:46 . 2012-01-03 22:58 353272 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2507351934-888822584-2405633601-1000-12288.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2009-12-24 284696]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-03-03 1300560]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2009-12-25 201512]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2009-12-25 401192]
"IJNetworkScanUtility"="c:\program files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE" [2007-05-21 124512]
"Luxand Blink!"="c:\program files\Luxand\Blink!\LuxandBlinkTray.exe" [2010-10-18 7143224]
"Google Desktop Search"="c:\program files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" [2011-10-12 30192]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Acer VCM.lnk - c:\program files (x86)\Acer\Acer VCM\AcerVCM.exe [2010-4-15 704032]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-3-26 1125152]
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAHealth"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\Google\GOOGLE~2\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [x]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [2011-10-12 30192]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [x]
R3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-04-20 152064]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/09/18 18:58];c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-03-13 10:58 146928]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-03-03 325200]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2010-08-12 810144]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-03-17 866336]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-12-24 13336]
S2 ODDPwrSvc;Acer ODD Power Service;c:\program files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [2010-02-05 171040]
S2 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [2010-01-29 260640]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-04-09 320000]
"ODDPwr"="c:\program files\Acer\Optical Drive Power Management\ODDPwr.exe" [2010-02-05 222240]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-02-22 10081312]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-02-22 877600]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-02-12 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-02-12 390680]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-02-12 410136]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"PLFSetI"="c:\windows\PLFSetI.exe" [2010-01-13 206208]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-03-17 860704]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-08-12 2916584]
"Logitech Download Assistant"="c:\windows\system32\rundll32.exe" [2009-07-14 45568]
"combofix"="c:\combofix\CF28415.3XE" [2010-11-20 345088]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files (x86)\ICQ7.6\ICQ.exe
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\programdata\LangSoft\WebIE.dll
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Deniska\AppData\Roaming\Mozilla\Firefox\Profiles\l02siibl.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
Binary file temp00 matches
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
c:\windows\SysWOW64\RunDll32.exe
c:\program files (x86)\Launch Manager\LMworker.exe
.
**************************************************************************
.
Celkový čas: 2012-01-04 13:10:17 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-01-04 12:10
ComboFix2.txt 2012-01-03 17:37
.
Před spuštěním: Volných bajtů: 12 351 741 952
Po spuštění: Volných bajtů: 12 114 575 360
.
- - End Of File - - 763DE90384557B50461D806578A518BA

#21 Příspěvek od **vyosek** » 04 led 2012 16:00

Jak se chova PC, co aktualizace

luba · #22 Příspěvek od **luba** » 04 led 2012 17:23

Zdá se že se aktualizace rozeběhli. Myslím že tam je ještě nějaký problém s centrem zabezpečení. Neměl jsem čas to zkoumat protože notebook je dcery a ta s ním odjela na zkoušky. Ozval bych se až zítra večer. Zatím mnohokrát díky za pomoc a trpělivost.

#23 Příspěvek od **vyosek** » 04 led 2012 17:27

OK, tak tedy napiste a pripadne dejte screen pokud tam je nejaky problem

luba · #24 Příspěvek od **luba** » 05 led 2012 21:40

Dobrý večer, tak jsem opět zde.
Co se týče aktualizací tak ty fungují. Další problém je s Windows Firewallem. Vůbec nejde zapnout ani nijak nastavit. Vždy se objeví okno viz screen. Další problém s antivirem Nod 32. Pořád hlásil "Analýza aplikačních protokolů je nefunkční". Tak mě nenapadlo nic jiného než ho zkusit přeinstalovat a teď uz nejde zpět nainstalovat. Vždy skončí hláškou že po odinstalaci nebyl počítač restartován, což není pravda. Windows Defender taky nefunkční. Hlásí "Zadaná služba není nainstalovaná služba.(Kod chyby 0x80070424)

#25 Příspěvek od **vyosek** » 06 led 2012 16:37

Zkuste tenhel Fix It od MS http://go.microsoft.com/?linkid=9666880

Pokud NOD nepujde nainstalovat, tak napiste a pozvu nekoho z kolegu od ESETu

luba · #26 Příspěvek od **luba** » 06 led 2012 18:35

Dobrý večer,
tekže bohužel po aplikaci uvedeného fixu se vůbec nic nezměnilo. Vypadá to jako by bylo nějak vypnuté zabezpečení systému - Firewal, Defender. Ani ve službách se tyto položky nenachází.

#27 Příspěvek od **vyosek** » 06 led 2012 18:52

Zkuste tento postup http://support.microsoft.com/kb/2530126

luba · #28 Příspěvek od **luba** » 06 led 2012 19:03

Podle tohoto návodu jsem to zkoušel než jsem psal poslední příspěvek. Skener nic nenašel a po pokusu spuštění služby Windows Firewall stále nic.

#29 Příspěvek od **vyosek** » 06 led 2012 19:06

A s tim souborem repair.bat jste to tez zkousel

luba · #30 Příspěvek od **luba** » 06 led 2012 19:13

Ano zkoušel, přesně podle návodu.

VIRY.CZ

Nefungující Windows Update

Re: Nefungující Windows Update

Re: Nefungující Windows Update

Re: Nefungující Windows Update

Re: Nefungující Windows Update

Re: Nefungující Windows Update

Re: Nefungující Windows Update

Re: Nefungující Windows Update

Re: Nefungující Windows Update

Re: Nefungující Windows Update

Re: Nefungující Windows Update

Re: Nefungující Windows Update

Re: Nefungující Windows Update

Re: Nefungující Windows Update

Re: Nefungující Windows Update

Re: Nefungující Windows Update