VIRY.CZ

Kliknete na Start a pote Spustit, pripadne pouzijte klavesou zkratku Win+R

• Vyskoci na Vas okenko, do ktereho zkopirujte text nize

• Kód: Vybrat vše

  %windir%\system32\wbem\wmic.exe partition get name,bootable,size,type > "%userprofile%\Desktop\disk.txt"

• Kliknete na OK
• Na plose se Vam vytvori log s nazvem disk, jeho obsah mi sem vlozte

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

Dobrý večer,
v prvním případě mě to nevytvořilo žádný log na ploše.


A zde je log z ComboFixu.


ComboFix 12-01-03.04 - Deniska 03.01.2012 18:27:49.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3767.2488 [GMT 1:00]
Spuštěný z: c:\users\Deniska\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 4.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\LP
c:\programdata\FullRemove.exe
c:\users\Deniska\AppData\Local\Microsoft\Windows\Temporary Internet Files\SLOVA.WAV
c:\windows\assembly\tmp\U
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-03 do 2012-01-03 )))))))))))))))))))))))))))))))
.
.
2012-01-03 17:34 . 2012-01-03 17:34 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-02 17:29 . 2012-01-02 17:29 -------- d-----w- C:\rsit
2012-01-02 17:29 . 2012-01-02 17:29 -------- d-----w- c:\program files\trend micro
2012-01-01 21:44 . 2012-01-01 21:44 626688 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr80.dll
2012-01-01 21:44 . 2012-01-01 21:44 548864 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp80.dll
2012-01-01 21:44 . 2012-01-01 21:44 479232 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcm80.dll
2012-01-01 21:44 . 2012-01-01 21:44 43992 ----a-w- c:\program files (x86)\Mozilla Firefox\mozutils.dll
2012-01-01 19:22 . 2012-01-01 19:22 286720 ----a-w- C:\swreg.exe
2011-12-31 02:36 . 2011-12-31 01:03 -------- d-----w- c:\windows\Microsoft Antimalware
2011-12-14 11:25 . 2011-10-26 05:21 43520 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-14 11:23 . 2011-11-05 05:32 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-14 11:23 . 2011-11-05 04:26 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-21 08:42 . 2011-05-31 04:06 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-10-07 04:16 . 2011-11-22 18:36 8570192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{415102C8-AAB2-4415-BC00-741D1B532DA8}\mpengine.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-10-13 17351304]
"ICQ"="c:\program files (x86)\ICQ7.6\ICQ.exe" [2011-10-10 127040]
"Facebook Update"="c:\users\Deniska\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2011-10-19 137536]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2009-12-24 284696]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-03-03 1300560]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2009-12-25 201512]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2009-12-25 401192]
"IJNetworkScanUtility"="c:\program files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE" [2007-05-21 124512]
"Luxand Blink!"="c:\program files\Luxand\Blink!\LuxandBlinkTray.exe" [2010-10-18 7143224]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"Google Desktop Search"="c:\program files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" [2011-10-12 30192]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Acer VCM.lnk - c:\program files (x86)\Acer\Acer VCM\AcerVCM.exe [2010-4-15 704032]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-3-26 1125152]
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAHealth"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\Google\GOOGLE~2\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [x]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [2011-10-12 30192]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [x]
R3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-04-20 152064]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/09/18 18:58];c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-03-13 10:58 146928]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-03-03 325200]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2010-08-12 810144]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-03-17 866336]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-12-24 13336]
S2 ODDPwrSvc;Acer ODD Power Service;c:\program files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [2010-02-05 171040]
S2 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [2010-01-29 260640]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-01-03 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2507351934-888822584-2405633601-1000Core.job
- c:\users\Deniska\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-19 13:07]
.
2012-01-03 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2507351934-888822584-2405633601-1000UA.job
- c:\users\Deniska\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-19 13:07]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-04-09 320000]
"ODDPwr"="c:\program files\Acer\Optical Drive Power Management\ODDPwr.exe" [2010-02-05 222240]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-02-22 10081312]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-02-22 877600]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-02-12 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-02-12 390680]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-02-12 410136]
"PLFSetI"="c:\windows\PLFSetI.exe" [2010-01-13 206208]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-03-17 860704]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-08-12 2916584]
"Logitech Download Assistant"="c:\windows\system32\rundll32.exe" [2009-07-14 45568]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&m=aspire_4820t&r=27360910t806l0443z1j5t5591j41o
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files (x86)\ICQ7.6\ICQ.exe
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\programdata\LangSoft\WebIE.dll
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Deniska\AppData\Roaming\Mozilla\Firefox\Profiles\l02siibl.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q=
FF - prefs.js: network.proxy.type - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-OEXPRESS - (no file)
Wow6432Node-HKLM-Run-AA9.exe - c:\program files (x86)\LP\0C3D\AA9.exe
Toolbar-Locked - (no file)
WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-PC Translator - c:\users\Deniska\AppData\Local\Temp\UN32.EXE
.
.
Binary file temp00 matches
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\BFE]
"ImagePath"="NADA"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2507351934-888822584-2405633601-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-2507351934-888822584-2405633601-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-01-03 18:37:36
ComboFix-quarantined-files.txt 2012-01-03 17:37
.
Před spuštěním: Volných bajtů: 12 092 280 832
Po spuštění: Volných bajtů: 12 273 344 512
.
- - End Of File - - 1490CC3CEFA7BB72EA9A58FDDBFC35F6

Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe

• Kliknete na volbu Change parametrs
• V obou oknech (Objects to scan i Additional Option) zakliknete vsechny moznosti - ve vsech ctvereccich musi mit fajecka
• Kliknete na OK
• Utilite prikazte, at skenuje - klik na Start Scan
• Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip
• Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip
• Pokud mate vsude Skip, kliknete na Continue
• Na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt bude log - jeho obsah sem vlozte

Pokud nemate, tak presunte Combofix na plochu

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  KillAll::
  
  Folder::
  c:\users\Deniska\AppData\Local\Facebook\Update
  C:\Program Files (x86)\ICQ6Toolbar
  C:\Program Files (x86)\uTorrentBar
  C:\Users\Deniska\AppData\Roaming\Microsoft\0C3D
  C:\Users\Deniska\AppData\Roaming\Microsoft\6CFD
  C:\Program Files (x86)\LP
  
  Registry::
  [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "Skype"=-
  "ICQ"=-
  "Facebook Update"=-
  [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
  "SunJavaUpdateSched"=-
  "QuickTime Task"=-
  "Adobe ARM"=-
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl10]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
  
  File::
  c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2507351934-888822584-2405633601-1000Core.job
  c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2507351934-888822584-2405633601-1000UA.job
  
  Driver::
  BFE
  ICQ Service
  
  DDS::
  mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACA ... 5t5591j41o
  
  Firefox::
  FF - ProfilePath - c:\users\Deniska\AppData\Roaming\Mozilla\Firefox\Profiles\l02siibl.default\
  FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... r=1.1.9&q=
  FF - prefs.js: network.proxy.type - 0
  
  RegLock::
  [HKEY_USERS\S-1-5-21-2507351934-888822584-2405633601-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
  [HKEY_USERS\S-1-5-21-2507351934-888822584-2405633601-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
  
  Reboot::

• Ulozte vytvoreny TXT jako CFScript.txt
• Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
  
• Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

Po dokončení skenu TDSSKillerem že žádné okno nezobrazilo.
Zde je sken.


12:43:12.0141 4076 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
12:43:12.0526 4076 ============================================================
12:43:12.0526 4076 Current date / time: 2012/01/04 12:43:12.0526
12:43:12.0526 4076 SystemInfo:
12:43:12.0526 4076
12:43:12.0527 4076 OS Version: 6.1.7601 ServicePack: 1.0
12:43:12.0527 4076 Product type: Workstation
12:43:12.0527 4076 ComputerName: NB-DENISKA
12:43:12.0527 4076 UserName: Deniska
12:43:12.0527 4076 Windows directory: C:\Windows
12:43:12.0527 4076 System windows directory: C:\Windows
12:43:12.0527 4076 Running under WOW64
12:43:12.0527 4076 Processor architecture: Intel x64
12:43:12.0527 4076 Number of processors: 4
12:43:12.0527 4076 Page size: 0x1000
12:43:12.0527 4076 Boot type: Normal boot
12:43:12.0527 4076 ============================================================
12:43:13.0749 4076 Initialize success
12:43:38.0988 2872 ============================================================
12:43:38.0989 2872 Scan started
12:43:38.0989 2872 Mode: Manual; SigCheck; TDLFS;
12:43:38.0989 2872 ============================================================
12:43:45.0409 2872 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
12:43:45.0976 2872 1394ohci - ok
12:43:46.0265 2872 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
12:43:46.0300 2872 ACPI - ok
12:43:46.0545 2872 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
12:43:46.0709 2872 AcpiPmi - ok
12:43:47.0194 2872 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
12:43:47.0277 2872 adp94xx - ok
12:43:47.0492 2872 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
12:43:47.0568 2872 adpahci - ok
12:43:47.0774 2872 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
12:43:47.0799 2872 adpu320 - ok
12:43:47.0978 2872 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
12:43:48.0055 2872 AFD - ok
12:43:48.0206 2872 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
12:43:48.0258 2872 agp440 - ok
12:43:48.0442 2872 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
12:43:48.0474 2872 aliide - ok
12:43:48.0654 2872 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
12:43:48.0699 2872 amdide - ok
12:43:48.0887 2872 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
12:43:48.0975 2872 AmdK8 - ok
12:43:49.0153 2872 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
12:43:49.0223 2872 AmdPPM - ok
12:43:49.0417 2872 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
12:43:49.0495 2872 amdsata - ok
12:43:49.0687 2872 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
12:43:49.0739 2872 amdsbs - ok
12:43:49.0948 2872 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
12:43:49.0994 2872 amdxata - ok
12:43:50.0183 2872 AmUStor (391887990cdaa83de5c56c3fde966da1) C:\Windows\system32\drivers\AmUStor.SYS
12:43:50.0266 2872 AmUStor - ok
12:43:50.0461 2872 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
12:43:53.0799 2872 AppID - ok
12:43:54.0158 2872 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
12:43:54.0237 2872 arc - ok
12:43:54.0436 2872 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
12:43:54.0464 2872 arcsas - ok
12:43:54.0641 2872 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
12:43:55.0005 2872 AsyncMac - ok
12:43:55.0223 2872 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
12:43:55.0269 2872 atapi - ok
12:43:55.0604 2872 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
12:43:55.0642 2872 b06bdrv - ok
12:43:55.0885 2872 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
12:43:55.0959 2872 b57nd60a - ok
12:43:56.0184 2872 BCM43XX (fde8c8dc07e75347e4c6b455a0964217) C:\Windows\system32\DRIVERS\bcmwl664.sys
12:43:56.0354 2872 BCM43XX - ok
12:43:56.0555 2872 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
12:43:56.0662 2872 Beep - ok
12:43:57.0003 2872 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
12:43:57.0074 2872 blbdrive - ok
12:43:57.0238 2872 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
12:43:57.0374 2872 bowser - ok
12:43:57.0557 2872 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:43:57.0678 2872 BrFiltLo - ok
12:43:57.0816 2872 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:43:57.0852 2872 BrFiltUp - ok
12:43:58.0198 2872 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
12:43:58.0308 2872 Brserid - ok
12:43:58.0570 2872 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
12:43:58.0650 2872 BrSerWdm - ok
12:43:58.0921 2872 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
12:43:58.0971 2872 BrUsbMdm - ok
12:43:59.0217 2872 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
12:43:59.0266 2872 BrUsbSer - ok
12:43:59.0538 2872 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
12:43:59.0617 2872 BthEnum - ok
12:43:59.0886 2872 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
12:43:59.0965 2872 BTHMODEM - ok
12:44:00.0233 2872 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
12:44:00.0269 2872 BthPan - ok
12:44:00.0677 2872 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
12:44:00.0886 2872 BTHPORT - ok
12:44:01.0172 2872 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
12:44:01.0252 2872 BTHUSB - ok
12:44:01.0376 2872 btwampfl (380b798d30c56ede4af58619d0e86ccb) C:\Windows\system32\drivers\btwampfl.sys
12:44:01.0465 2872 btwampfl - ok
12:44:01.0775 2872 btwaudio (ba5622f5544c6c445dff1a05acc8b19d) C:\Windows\system32\drivers\btwaudio.sys
12:44:01.0793 2872 btwaudio - ok
12:44:02.0090 2872 btwavdt (a11905d0f4bd34771f195217b6aa5ae0) C:\Windows\system32\DRIVERS\btwavdt.sys
12:44:02.0113 2872 btwavdt - ok
12:44:02.0392 2872 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys
12:44:02.0412 2872 btwl2cap - ok
12:44:02.0614 2872 btwrchid (bd776f32d64ec615be4563dc2747224e) C:\Windows\system32\DRIVERS\btwrchid.sys
12:44:02.0632 2872 btwrchid - ok
12:44:02.0770 2872 catchme - ok
12:44:03.0063 2872 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
12:44:03.0129 2872 cdfs - ok
12:44:03.0387 2872 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
12:44:03.0496 2872 cdrom - ok
12:44:03.0805 2872 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
12:44:03.0860 2872 circlass - ok
12:44:04.0020 2872 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
12:44:04.0149 2872 CLFS - ok
12:44:04.0458 2872 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
12:44:04.0521 2872 CmBatt - ok
12:44:04.0748 2872 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
12:44:04.0801 2872 cmdide - ok
12:44:05.0064 2872 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
12:44:05.0177 2872 CNG - ok
12:44:05.0393 2872 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
12:44:05.0439 2872 Compbatt - ok
12:44:05.0627 2872 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
12:44:05.0682 2872 CompositeBus - ok
12:44:05.0948 2872 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
12:44:05.0973 2872 crcdisk - ok
12:44:06.0215 2872 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
12:44:06.0293 2872 DfsC - ok
12:44:06.0626 2872 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
12:44:06.0747 2872 discache - ok
12:44:07.0020 2872 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
12:44:07.0071 2872 Disk - ok
12:44:07.0453 2872 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
12:44:07.0601 2872 drmkaud - ok
12:44:07.0978 2872 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
12:44:08.0024 2872 DXGKrnl - ok
12:44:08.0237 2872 eamonm (398fdc5694f2ba9e51e321ca40d1706e) C:\Windows\system32\DRIVERS\eamonm.sys
12:44:08.0266 2872 eamonm - ok
12:44:08.0898 2872 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
12:44:09.0185 2872 ebdrv - ok
12:44:09.0423 2872 ehdrv (e99457900012b53b2226f146ecaf9136) C:\Windows\system32\DRIVERS\ehdrv.sys
12:44:09.0468 2872 ehdrv - ok
12:44:09.0811 2872 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
12:44:09.0850 2872 elxstor - ok
12:44:10.0003 2872 epfwwfpr (a2af094dcbe8bff7e898d327750506a0) C:\Windows\system32\DRIVERS\epfwwfpr.sys
12:44:10.0052 2872 epfwwfpr - ok
12:44:10.0415 2872 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
12:44:10.0471 2872 ErrDev - ok
12:44:10.0739 2872 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
12:44:10.0894 2872 exfat - ok
12:44:11.0080 2872 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
12:44:11.0262 2872 fastfat - ok
12:44:11.0515 2872 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
12:44:11.0583 2872 fdc - ok
12:44:11.0840 2872 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
12:44:11.0885 2872 FileInfo - ok
12:44:12.0086 2872 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
12:44:12.0241 2872 Filetrace - ok
12:44:12.0448 2872 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
12:44:12.0474 2872 flpydisk - ok
12:44:12.0728 2872 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
12:44:12.0855 2872 FltMgr - ok
12:44:13.0067 2872 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
12:44:13.0118 2872 FsDepends - ok
12:44:13.0366 2872 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
12:44:13.0408 2872 fssfltr - ok
12:44:13.0656 2872 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
12:44:13.0710 2872 Fs_Rec - ok
12:44:13.0931 2872 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
12:44:14.0037 2872 fvevol - ok
12:44:14.0394 2872 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
12:44:14.0486 2872 gagp30kx - ok
12:44:14.0692 2872 ggflt (a4198f2bd8aa592cb90476277a81b5e1) C:\Windows\system32\DRIVERS\ggflt.sys
12:44:14.0798 2872 ggflt - ok
12:44:15.0014 2872 ggsemc (d266350bdaab9eb6c1aec370eeaaff3a) C:\Windows\system32\DRIVERS\ggsemc.sys
12:44:15.0064 2872 ggsemc - ok
12:44:15.0381 2872 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
12:44:15.0434 2872 hcw85cir - ok
12:44:15.0649 2872 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
12:44:15.0691 2872 HdAudAddService - ok
12:44:15.0927 2872 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
12:44:15.0975 2872 HDAudBus - ok
12:44:16.0120 2872 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
12:44:16.0140 2872 HECIx64 - ok
12:44:16.0364 2872 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
12:44:16.0454 2872 HidBatt - ok
12:44:16.0673 2872 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
12:44:16.0761 2872 HidBth - ok
12:44:16.0941 2872 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
12:44:17.0049 2872 HidIr - ok
12:44:17.0280 2872 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
12:44:17.0365 2872 HidUsb - ok
12:44:17.0591 2872 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
12:44:17.0619 2872 HpSAMD - ok
12:44:17.0945 2872 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
12:44:18.0078 2872 HTTP - ok
12:44:18.0296 2872 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
12:44:18.0315 2872 hwpolicy - ok
12:44:18.0507 2872 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
12:44:18.0573 2872 i8042prt - ok
12:44:18.0845 2872 iaStor (42e00996dfc13c46366689c0ea8abc5e) C:\Windows\system32\DRIVERS\iaStor.sys
12:44:18.0874 2872 iaStor - ok
12:44:19.0196 2872 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
12:44:19.0275 2872 iaStorV - ok
12:44:19.0969 2872 igfx (7467ae8f96ea983423148c62458669fa) C:\Windows\system32\DRIVERS\igdkmd64.sys
12:44:20.0278 2872 igfx - ok
12:44:20.0454 2872 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
12:44:20.0481 2872 iirsp - ok
12:44:20.0653 2872 Impcd (c48567d80ad357613cd0eeade18780ae) C:\Windows\system32\DRIVERS\Impcd.sys
12:44:20.0741 2872 Impcd - ok
12:44:21.0046 2872 IntcAzAudAddService (a0eab13a78cc5fb960ec76e3d6408da3) C:\Windows\system32\drivers\RTKVHD64.sys
12:44:21.0161 2872 IntcAzAudAddService - ok
12:44:21.0470 2872 IntcDAud (da24c1f66ee1b5a92e045376d7a44b58) C:\Windows\system32\DRIVERS\IntcDAud.sys
12:44:21.0566 2872 IntcDAud - ok
12:44:21.0770 2872 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
12:44:21.0792 2872 intelide - ok
12:44:21.0989 2872 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
12:44:22.0059 2872 intelppm - ok
12:44:22.0296 2872 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:44:22.0400 2872 IpFilterDriver - ok
12:44:22.0603 2872 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
12:44:22.0651 2872 IPMIDRV - ok
12:44:22.0949 2872 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
12:44:23.0058 2872 IPNAT - ok
12:44:23.0286 2872 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
12:44:23.0584 2872 IRENUM - ok
12:44:23.0810 2872 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
12:44:23.0857 2872 isapnp - ok
12:44:24.0148 2872 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
12:44:24.0210 2872 iScsiPrt - ok
12:44:24.0428 2872 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
12:44:24.0454 2872 kbdclass - ok
12:44:24.0664 2872 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
12:44:24.0702 2872 kbdhid - ok
12:44:24.0924 2872 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
12:44:24.0948 2872 KSecDD - ok
12:44:25.0146 2872 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
12:44:25.0173 2872 KSecPkg - ok
12:44:25.0451 2872 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
12:44:25.0574 2872 ksthunk - ok
12:44:25.0862 2872 L1C (39918db0efcf045a1ce6fabbf339f975) C:\Windows\system32\DRIVERS\L1C62x64.sys
12:44:25.0900 2872 L1C - ok
12:44:26.0161 2872 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
12:44:26.0267 2872 lltdio - ok
12:44:26.0536 2872 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
12:44:26.0591 2872 LSI_FC - ok
12:44:26.0978 2872 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
12:44:27.0027 2872 LSI_SAS - ok
12:44:27.0264 2872 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:44:27.0314 2872 LSI_SAS2 - ok
12:44:27.0470 2872 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:44:27.0523 2872 LSI_SCSI - ok
12:44:27.0769 2872 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
12:44:27.0859 2872 luafv - ok
12:44:28.0095 2872 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
12:44:28.0199 2872 megasas - ok
12:44:28.0438 2872 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
12:44:28.0503 2872 MegaSR - ok
12:44:28.0725 2872 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
12:44:28.0833 2872 Modem - ok
12:44:29.0000 2872 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
12:44:29.0049 2872 monitor - ok
12:44:29.0341 2872 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
12:44:29.0362 2872 mouclass - ok
12:44:29.0621 2872 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
12:44:29.0664 2872 mouhid - ok
12:44:29.0950 2872 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
12:44:30.0008 2872 mountmgr - ok
12:44:30.0258 2872 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
12:44:30.0283 2872 mpio - ok
12:44:30.0432 2872 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
12:44:30.0566 2872 mpsdrv - ok
12:44:30.0816 2872 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
12:44:30.0869 2872 MRxDAV - ok
12:44:31.0089 2872 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
12:44:31.0181 2872 mrxsmb - ok
12:44:31.0404 2872 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:44:31.0492 2872 mrxsmb10 - ok
12:44:31.0700 2872 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:44:31.0760 2872 mrxsmb20 - ok
12:44:31.0904 2872 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
12:44:31.0957 2872 msahci - ok
12:44:32.0297 2872 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
12:44:32.0354 2872 msdsm - ok
12:44:32.0581 2872 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
12:44:32.0683 2872 Msfs - ok
12:44:32.0879 2872 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
12:44:32.0967 2872 mshidkmdf - ok
12:44:33.0189 2872 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
12:44:33.0242 2872 msisadrv - ok
12:44:33.0483 2872 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
12:44:33.0552 2872 MSKSSRV - ok
12:44:33.0779 2872 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
12:44:33.0862 2872 MSPCLOCK - ok
12:44:34.0083 2872 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
12:44:34.0252 2872 MSPQM - ok
12:44:34.0441 2872 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
12:44:34.0480 2872 MsRPC - ok
12:44:34.0635 2872 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
12:44:34.0652 2872 mssmbios - ok
12:44:34.0806 2872 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
12:44:34.0908 2872 MSTEE - ok
12:44:35.0106 2872 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
12:44:35.0152 2872 MTConfig - ok
12:44:35.0459 2872 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
12:44:35.0507 2872 Mup - ok
12:44:35.0671 2872 mwlPSDFilter (6ffecc25b39dc7652a0cec0ada9db589) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
12:44:35.0712 2872 mwlPSDFilter - ok
12:44:35.0929 2872 mwlPSDNServ (0befe32ca56d6ee89d58175725596a85) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
12:44:35.0976 2872 mwlPSDNServ - ok
12:44:36.0158 2872 mwlPSDVDisk (d43bc633b8660463e446e28e14a51262) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
12:44:36.0179 2872 mwlPSDVDisk - ok
12:44:36.0462 2872 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
12:44:36.0568 2872 NativeWifiP - ok
12:44:36.0869 2872 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
12:44:36.0920 2872 NDIS - ok
12:44:37.0110 2872 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
12:44:37.0219 2872 NdisCap - ok
12:44:37.0445 2872 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
12:44:37.0541 2872 NdisTapi - ok
12:44:37.0754 2872 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
12:44:37.0850 2872 Ndisuio - ok
12:44:38.0028 2872 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
12:44:38.0167 2872 NdisWan - ok
12:44:38.0479 2872 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
12:44:38.0633 2872 NDProxy - ok
12:44:38.0870 2872 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
12:44:39.0030 2872 NetBIOS - ok
12:44:39.0314 2872 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
12:44:39.0460 2872 NetBT - ok
12:44:40.0205 2872 NETw5s64 (24f64343f14a119308456e1ca7507b26) C:\Windows\system32\DRIVERS\NETw5s64.sys
12:44:40.0593 2872 NETw5s64 - ok
12:44:40.0944 2872 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
12:44:41.0003 2872 nfrd960 - ok
12:44:41.0371 2872 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
12:44:41.0464 2872 Npfs - ok
12:44:41.0671 2872 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
12:44:41.0826 2872 nsiproxy - ok
12:44:42.0234 2872 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
12:44:42.0443 2872 Ntfs - ok
12:44:42.0705 2872 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
12:44:42.0795 2872 Null - ok
12:44:43.0228 2872 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
12:44:43.0275 2872 nvraid - ok
12:44:43.0659 2872 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
12:44:43.0730 2872 nvstor - ok
12:44:44.0126 2872 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
12:44:44.0184 2872 nv_agp - ok
12:44:44.0498 2872 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
12:44:44.0550 2872 ohci1394 - ok
12:44:44.0881 2872 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
12:44:44.0947 2872 Parport - ok
12:44:45.0314 2872 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
12:44:45.0370 2872 partmgr - ok
12:44:45.0695 2872 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
12:44:45.0778 2872 pci - ok
12:44:46.0164 2872 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
12:44:46.0213 2872 pciide - ok
12:44:46.0755 2872 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
12:44:46.0859 2872 pcmcia - ok
12:44:47.0164 2872 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
12:44:47.0204 2872 pcw - ok
12:44:47.0518 2872 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
12:44:47.0971 2872 PEAUTH - ok
12:44:48.0440 2872 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
12:44:48.0569 2872 PptpMiniport - ok
12:44:48.0905 2872 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
12:44:48.0966 2872 Processor - ok
12:44:49.0413 2872 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
12:44:49.0526 2872 Psched - ok
12:44:49.0938 2872 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
12:44:50.0110 2872 ql2300 - ok
12:44:50.0336 2872 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
12:44:50.0351 2872 ql40xx - ok
12:44:50.0658 2872 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
12:44:50.0805 2872 QWAVEdrv - ok
12:44:51.0155 2872 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
12:44:51.0367 2872 RasAcd - ok
12:44:51.0627 2872 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
12:44:51.0690 2872 RasAgileVpn - ok
12:44:52.0034 2872 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
12:44:52.0221 2872 Rasl2tp - ok
12:44:52.0566 2872 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
12:44:52.0673 2872 RasPppoe - ok
12:44:52.0950 2872 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
12:44:53.0030 2872 RasSstp - ok
12:44:53.0311 2872 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
12:44:53.0424 2872 rdbss - ok
12:44:53.0668 2872 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
12:44:53.0761 2872 rdpbus - ok
12:44:54.0131 2872 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
12:44:54.0265 2872 RDPCDD - ok
12:44:54.0580 2872 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
12:44:54.0679 2872 RDPENCDD - ok
12:44:55.0015 2872 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
12:44:55.0084 2872 RDPREFMP - ok
12:44:55.0421 2872 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
12:44:55.0515 2872 RDPWD - ok
12:44:55.0910 2872 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
12:44:55.0945 2872 rdyboost - ok
12:44:56.0415 2872 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
12:44:56.0475 2872 RFCOMM - ok
12:44:56.0732 2872 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
12:44:56.0917 2872 rspndr - ok
12:44:57.0369 2872 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
12:44:57.0428 2872 sbp2port - ok
12:44:57.0694 2872 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
12:44:57.0834 2872 scfilter - ok
12:44:58.0064 2872 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
12:44:58.0233 2872 secdrv - ok
12:44:58.0590 2872 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
12:44:58.0648 2872 Serenum - ok
12:44:59.0016 2872 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
12:44:59.0119 2872 Serial - ok
12:44:59.0415 2872 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
12:44:59.0486 2872 sermouse - ok
12:44:59.0742 2872 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
12:44:59.0836 2872 sffdisk - ok
12:45:00.0181 2872 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
12:45:00.0244 2872 sffp_mmc - ok
12:45:00.0544 2872 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
12:45:00.0703 2872 sffp_sd - ok
12:45:01.0018 2872 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
12:45:01.0137 2872 sfloppy - ok
12:45:01.0507 2872 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:45:01.0576 2872 SiSRaid2 - ok
12:45:02.0021 2872 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
12:45:02.0077 2872 SiSRaid4 - ok
12:45:02.0481 2872 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
12:45:02.0550 2872 Smb - ok
12:45:03.0013 2872 snapman (427c2b34bf4dd4f813da4c0df154cc94) C:\Windows\system32\DRIVERS\snapman.sys
12:45:03.0076 2872 snapman - ok
12:45:03.0499 2872 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
12:45:03.0551 2872 spldr - ok
12:45:03.0591 2872 MBR (0x1B8) (3e0a9b8449a315e0044be2adf3d12596) \Device\Harddisk0\DR0
12:45:19.0180 2872 \Device\Harddisk0\DR0 - ok
12:45:19.0216 2872 Boot (0x1200) (a43d79a78c5b4535be26f9f25de6069c) \Device\Harddisk0\DR0\Partition0
12:45:19.0218 2872 \Device\Harddisk0\DR0\Partition0 - ok
12:45:19.0239 2872 Boot (0x1200) (3350a685c6045e143ebf009f7a03fac8) \Device\Harddisk0\DR0\Partition1
12:45:19.0242 2872 \Device\Harddisk0\DR0\Partition1 - ok
12:45:19.0283 2872 Boot (0x1200) (fc5744c6c2f46bddb4986937ce4f09c4) \Device\Harddisk0\DR0\Partition2
12:45:19.0285 2872 \Device\Harddisk0\DR0\Partition2 - ok
12:45:19.0286 2872 ============================================================
12:45:19.0286 2872 Scan finished
12:45:19.0286 2872 ============================================================
12:45:19.0302 3496 Detected object count: 0
12:45:19.0303 3496 Actual detected object count: 0
12:46:19.0367 3240 ============================================================
12:46:19.0367 3240 Scan started
12:46:19.0367 3240 Mode: Manual; SigCheck; TDLFS;
12:46:19.0367 3240 ============================================================
12:46:29.0678 0688 ============================================================
12:46:29.0678 0688 Scan started
12:46:29.0678 0688 Mode: Manual; SigCheck; TDLFS;
12:46:29.0678 0688 ============================================================
12:46:37.0239 0688 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
12:46:37.0278 0688 1394ohci - ok
12:46:37.0462 0688 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
12:46:37.0478 0688 ACPI - ok
12:46:37.0665 0688 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
12:46:37.0685 0688 AcpiPmi - ok
12:46:37.0848 0688 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
12:46:37.0886 0688 adp94xx - ok
12:46:38.0090 0688 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
12:46:38.0109 0688 adpahci - ok
12:46:38.0272 0688 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
12:46:38.0299 0688 adpu320 - ok
12:46:38.0487 0688 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
12:46:38.0576 0688 AFD - ok
12:46:38.0704 0688 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
12:46:38.0724 0688 agp440 - ok
12:46:38.0906 0688 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
12:46:38.0926 0688 aliide - ok
12:46:39.0118 0688 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
12:46:39.0136 0688 amdide - ok
12:46:39.0296 0688 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
12:46:39.0375 0688 AmdK8 - ok
12:46:39.0451 0688 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
12:46:39.0476 0688 AmdPPM - ok
12:46:39.0637 0688 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
12:46:39.0662 0688 amdsata - ok
12:46:39.0852 0688 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
12:46:39.0909 0688 amdsbs - ok
12:46:40.0057 0688 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
12:46:40.0078 0688 amdxata - ok
12:46:40.0336 0688 AmUStor (391887990cdaa83de5c56c3fde966da1) C:\Windows\system32\drivers\AmUStor.SYS
12:46:40.0360 0688 AmUStor - ok
12:46:40.0492 0688 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
12:46:40.0561 0688 AppID - ok
12:46:40.0734 0688 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
12:46:40.0791 0688 arc - ok
12:46:40.0912 0688 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
12:46:40.0936 0688 arcsas - ok
12:46:41.0084 0688 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
12:46:41.0197 0688 AsyncMac - ok
12:46:41.0332 0688 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
12:46:41.0352 0688 atapi - ok
12:46:41.0581 0688 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
12:46:41.0615 0688 b06bdrv - ok
12:46:41.0795 0688 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
12:46:41.0870 0688 b57nd60a - ok
12:46:42.0123 0688 BCM43XX (fde8c8dc07e75347e4c6b455a0964217) C:\Windows\system32\DRIVERS\bcmwl664.sys
12:46:42.0223 0688 BCM43XX - ok
12:46:42.0365 0688 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
12:46:42.0437 0688 Beep - ok
12:46:42.0568 0688 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
12:46:42.0619 0688 blbdrive - ok
12:46:42.0769 0688 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
12:46:42.0790 0688 bowser - ok
12:46:42.0921 0688 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:46:42.0953 0688 BrFiltLo - ok
12:46:43.0158 0688 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:46:43.0191 0688 BrFiltUp - ok
12:46:43.0351 0688 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
12:46:43.0379 0688 Brserid - ok
12:46:43.0523 0688 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
12:46:43.0552 0688 BrSerWdm - ok
12:46:43.0707 0688 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
12:46:43.0763 0688 BrUsbMdm - ok
12:46:43.0903 0688 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
12:46:43.0930 0688 BrUsbSer - ok
12:46:44.0113 0688 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
12:46:44.0140 0688 BthEnum - ok
12:46:44.0272 0688 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
12:46:44.0357 0688 BTHMODEM - ok
12:46:44.0508 0688 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
12:46:44.0541 0688 BthPan - ok
12:46:44.0741 0688 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
12:46:44.0780 0688 BTHPORT - ok
12:46:44.0903 0688 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
12:46:44.0929 0688 BTHUSB - ok
12:46:45.0118 0688 btwampfl (380b798d30c56ede4af58619d0e86ccb) C:\Windows\system32\drivers\btwampfl.sys
12:46:45.0147 0688 btwampfl - ok
12:46:45.0283 0688 btwaudio (ba5622f5544c6c445dff1a05acc8b19d) C:\Windows\system32\drivers\btwaudio.sys
12:46:45.0302 0688 btwaudio - ok
12:46:45.0454 0688 btwavdt (a11905d0f4bd34771f195217b6aa5ae0) C:\Windows\system32\DRIVERS\btwavdt.sys
12:46:45.0478 0688 btwavdt - ok
12:46:45.0611 0688 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys
12:46:45.0627 0688 btwl2cap - ok
12:46:45.0756 0688 btwrchid (bd776f32d64ec615be4563dc2747224e) C:\Windows\system32\DRIVERS\btwrchid.sys
12:46:45.0772 0688 btwrchid - ok
12:46:45.0776 0688 catchme - ok
12:46:45.0905 0688 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
12:46:45.0989 0688 cdfs - ok
12:46:46.0207 0688 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
12:46:46.0257 0688 cdrom - ok
12:46:46.0491 0688 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
12:46:46.0537 0688 circlass - ok
12:46:46.0662 0688 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
12:46:46.0733 0688 CLFS - ok
12:46:46.0833 0688 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
12:46:46.0882 0688 CmBatt - ok
12:46:47.0012 0688 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
12:46:47.0060 0688 cmdide - ok
12:46:47.0273 0688 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
12:46:47.0315 0688 CNG - ok
12:46:47.0412 0688 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
12:46:47.0454 0688 Compbatt - ok
12:46:47.0602 0688 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
12:46:47.0632 0688 CompositeBus - ok
12:46:47.0668 0688 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
12:46:47.0686 0688 crcdisk - ok
12:46:47.0779 0688 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
12:46:47.0851 0688 DfsC - ok
12:46:48.0002 0688 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
12:46:48.0093 0688 discache - ok
12:46:48.0217 0688 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
12:46:48.0272 0688 Disk - ok
12:46:48.0417 0688 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
12:46:48.0472 0688 drmkaud - ok
12:46:48.0731 0688 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
12:46:48.0792 0688 DXGKrnl - ok
12:46:48.0900 0688 eamonm (398fdc5694f2ba9e51e321ca40d1706e) C:\Windows\system32\DRIVERS\eamonm.sys
12:46:48.0920 0688 eamonm - ok
12:46:49.0636 0688 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
12:46:49.0733 0688 ebdrv - ok
12:46:49.0865 0688 ehdrv (e99457900012b53b2226f146ecaf9136) C:\Windows\system32\DRIVERS\ehdrv.sys
12:46:49.0885 0688 ehdrv - ok
12:46:50.0053 0688 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
12:46:50.0083 0688 elxstor - ok
12:46:50.0200 0688 epfwwfpr (a2af094dcbe8bff7e898d327750506a0) C:\Windows\system32\DRIVERS\epfwwfpr.sys
12:46:50.0212 0688 epfwwfpr - ok
12:46:50.0313 0688 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
12:46:50.0328 0688 ErrDev - ok
12:46:50.0437 0688 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
12:46:50.0492 0688 exfat - ok
12:46:50.0733 0688 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
12:46:50.0831 0688 fastfat - ok
12:46:50.0980 0688 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
12:46:51.0020 0688 fdc - ok
12:46:51.0171 0688 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
12:46:51.0219 0688 FileInfo - ok
12:46:51.0361 0688 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
12:46:51.0424 0688 Filetrace - ok
12:46:51.0523 0688 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
12:46:51.0536 0688 flpydisk - ok
12:46:51.0581 0688 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
12:46:51.0595 0688 FltMgr - ok
12:46:51.0643 0688 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
12:46:51.0665 0688 FsDepends - ok
12:46:51.0731 0688 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
12:46:51.0749 0688 fssfltr - ok
12:46:51.0798 0688 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
12:46:51.0814 0688 Fs_Rec - ok
12:46:51.0885 0688 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
12:46:51.0918 0688 fvevol - ok
12:46:51.0993 0688 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
12:46:52.0093 0688 gagp30kx - ok
12:46:52.0257 0688 ggflt (a4198f2bd8aa592cb90476277a81b5e1) C:\Windows\system32\DRIVERS\ggflt.sys
12:46:52.0272 0688 ggflt - ok
12:46:52.0401 0688 ggsemc (d266350bdaab9eb6c1aec370eeaaff3a) C:\Windows\system32\DRIVERS\ggsemc.sys
12:46:52.0447 0688 ggsemc - ok
12:46:52.0579 0688 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
12:46:52.0617 0688 hcw85cir - ok
12:46:52.0835 0688 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
12:46:52.0872 0688 HdAudAddService - ok
12:46:53.0091 0688 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
12:46:53.0127 0688 HDAudBus - ok
12:46:53.0351 0688 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
12:46:53.0371 0688 HECIx64 - ok
12:46:53.0561 0688 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
12:46:53.0638 0688 HidBatt - ok
12:46:53.0805 0688 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
12:46:53.0882 0688 HidBth - ok
12:46:53.0961 0688 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
12:46:54.0049 0688 HidIr - ok
12:46:54.0122 0688 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
12:46:54.0150 0688 HidUsb - ok
12:46:54.0322 0688 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
12:46:54.0347 0688 HpSAMD - ok
12:46:54.0497 0688 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
12:46:54.0568 0688 HTTP - ok
12:46:54.0772 0688 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
12:46:54.0791 0688 hwpolicy - ok
12:46:54.0949 0688 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
12:46:55.0008 0688 i8042prt - ok
12:46:55.0143 0688 iaStor (42e00996dfc13c46366689c0ea8abc5e) C:\Windows\system32\DRIVERS\iaStor.sys
12:46:55.0193 0688 iaStor - ok
12:46:55.0460 0688 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
12:46:55.0492 0688 iaStorV - ok
12:46:55.0816 0688 igfx (7467ae8f96ea983423148c62458669fa) C:\Windows\system32\DRIVERS\igdkmd64.sys
12:46:55.0945 0688 igfx - ok
12:46:56.0252 0688 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
12:46:56.0270 0688 iirsp - ok
12:46:56.0440 0688 Impcd (c48567d80ad357613cd0eeade18780ae) C:\Windows\system32\DRIVERS\Impcd.sys
12:46:56.0467 0688 Impcd - ok
12:46:56.0653 0688 IntcAzAudAddService (a0eab13a78cc5fb960ec76e3d6408da3) C:\Windows\system32\drivers\RTKVHD64.sys
12:46:56.0728 0688 IntcAzAudAddService - ok
12:46:56.0846 0688 IntcDAud (da24c1f66ee1b5a92e045376d7a44b58) C:\Windows\system32\DRIVERS\IntcDAud.sys
12:46:56.0863 0688 IntcDAud - ok
12:46:56.0913 0688 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
12:46:56.0928 0688 intelide - ok
12:46:56.0965 0688 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
12:46:57.0013 0688 intelppm - ok
12:46:57.0061 0688 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:46:57.0115 0688 IpFilterDriver - ok
12:46:57.0157 0688 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
12:46:57.0173 0688 IPMIDRV - ok
12:46:57.0225 0688 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
12:46:57.0332 0688 IPNAT - ok
12:46:57.0361 0688 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
12:46:57.0397 0688 IRENUM - ok
12:46:57.0430 0688 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
12:46:57.0482 0688 isapnp - ok
12:46:57.0525 0688 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
12:46:57.0553 0688 iScsiPrt - ok
12:46:57.0571 0688 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
12:46:57.0587 0688 kbdclass - ok
12:46:57.0617 0688 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
12:46:57.0636 0688 kbdhid - ok
12:46:57.0678 0688 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
12:46:57.0702 0688 KSecDD - ok
12:46:57.0744 0688 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
12:46:57.0765 0688 KSecPkg - ok
12:46:57.0805 0688 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
12:46:57.0886 0688 ksthunk - ok
12:46:57.0916 0688 L1C (39918db0efcf045a1ce6fabbf339f975) C:\Windows\system32\DRIVERS\L1C62x64.sys
12:46:57.0927 0688 L1C - ok
12:46:57.0970 0688 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
12:46:58.0075 0688 lltdio - ok
12:46:58.0112 0688 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
12:46:58.0145 0688 LSI_FC - ok
12:46:58.0164 0688 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
12:46:58.0197 0688 LSI_SAS - ok
12:46:58.0218 0688 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:46:58.0251 0688 LSI_SAS2 - ok
12:46:58.0279 0688 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:46:58.0312 0688 LSI_SCSI - ok
12:46:58.0334 0688 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
12:46:58.0389 0688 luafv - ok
12:46:58.0416 0688 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
12:46:58.0459 0688 megasas - ok
12:46:58.0480 0688 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
12:46:58.0516 0688 MegaSR - ok
12:46:58.0657 0688 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
12:46:58.0701 0688 Modem - ok
12:46:58.0820 0688 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
12:46:58.0885 0688 monitor - ok
12:46:59.0051 0688 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
12:46:59.0073 0688 mouclass - ok
12:46:59.0263 0688 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
12:46:59.0288 0688 mouhid - ok
12:46:59.0638 0688 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
12:46:59.0698 0688 mountmgr - ok
12:47:00.0023 0688 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
12:47:00.0047 0688 mpio - ok
12:47:00.0164 0688 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
12:47:00.0230 0688 mpsdrv - ok
12:47:00.0436 0688 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
12:47:00.0469 0688 MRxDAV - ok
12:47:00.0576 0688 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
12:47:00.0595 0688 mrxsmb - ok
12:47:00.0758 0688 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:47:00.0821 0688 mrxsmb10 - ok
12:47:00.0977 0688 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:47:01.0036 0688 mrxsmb20 - ok
12:47:01.0158 0688 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
12:47:01.0180 0688 msahci - ok
12:47:01.0272 0688 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
12:47:01.0288 0688 msdsm - ok
12:47:01.0446 0688 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
12:47:01.0502 0688 Msfs - ok
12:47:01.0610 0688 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
12:47:01.0679 0688 mshidkmdf - ok
12:47:01.0864 0688 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
12:47:01.0885 0688 msisadrv - ok
12:47:01.0958 0688 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
12:47:02.0034 0688 MSKSSRV - ok
12:47:02.0221 0688 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
12:47:02.0288 0688 MSPCLOCK - ok
12:47:02.0481 0688 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
12:47:02.0568 0688 MSPQM - ok
12:47:02.0705 0688 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
12:47:02.0742 0688 MsRPC - ok
12:47:02.0899 0688 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
12:47:02.0919 0688 mssmbios - ok
12:47:03.0037 0688 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
12:47:03.0113 0688 MSTEE - ok
12:47:03.0237 0688 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
12:47:03.0259 0688 MTConfig - ok
12:47:03.0356 0688 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
12:47:03.0406 0688 Mup - ok
12:47:03.0558 0688 mwlPSDFilter (6ffecc25b39dc7652a0cec0ada9db589) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
12:47:03.0605 0688 mwlPSDFilter - ok
12:47:03.0771 0688 mwlPSDNServ (0befe32ca56d6ee89d58175725596a85) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
12:47:03.0787 0688 mwlPSDNServ - ok
12:47:03.0900 0688 mwlPSDVDisk (d43bc633b8660463e446e28e14a51262) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
12:47:03.0916 0688 mwlPSDVDisk - ok
12:47:04.0059 0688 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
12:47:04.0106 0688 NativeWifiP - ok
12:47:04.0233 0688 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
12:47:04.0299 0688 NDIS - ok
12:47:04.0419 0688 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
12:47:04.0511 0688 NdisCap - ok
12:47:04.0698 0688 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
12:47:04.0794 0688 NdisTapi - ok
12:47:04.0951 0688 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
12:47:05.0020 0688 Ndisuio - ok
12:47:05.0170 0688 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
12:47:05.0246 0688 NdisWan - ok
12:47:05.0365 0688 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
12:47:05.0432 0688 NDProxy - ok
12:47:05.0556 0688 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
12:47:05.0663 0688 NetBIOS - ok
12:47:05.0811 0688 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
12:47:05.0913 0688 NetBT - ok
12:47:06.0575 0688 NETw5s64 (24f64343f14a119308456e1ca7507b26) C:\Windows\system32\DRIVERS\NETw5s64.sys
12:47:06.0685 0688 NETw5s64 - ok
12:47:06.0819 0688 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
12:47:06.0902 0688 nfrd960 - ok
12:47:06.0957 0688 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
12:47:07.0075 0688 Npfs - ok
12:47:07.0235 0688 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
12:47:07.0339 0688 nsiproxy - ok
12:47:07.0497 0688 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
12:47:07.0561 0688 Ntfs - ok
12:47:07.0658 0688 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
12:47:07.0748 0688 Null - ok
12:47:07.0815 0688 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
12:47:07.0840 0688 nvraid - ok
12:47:07.0869 0688 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
12:47:07.0938 0688 nvstor - ok
12:47:07.0979 0688 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
12:47:07.0997 0688 nv_agp - ok
12:47:08.0041 0688 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
12:47:08.0083 0688 ohci1394 - ok
12:47:08.0124 0688 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
12:47:08.0165 0688 Parport - ok
12:47:08.0201 0688 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
12:47:08.0225 0688 partmgr - ok
12:47:08.0271 0688 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
12:47:08.0293 0688 pci - ok
12:47:08.0318 0688 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
12:47:08.0335 0688 pciide - ok
12:47:08.0375 0688 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
12:47:08.0427 0688 pcmcia - ok
12:47:08.0451 0688 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
12:47:08.0485 0688 pcw - ok
12:47:08.0513 0688 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
12:47:08.0600 0688 PEAUTH - ok
12:47:08.0950 0688 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
12:47:09.0046 0688 PptpMiniport - ok
12:47:09.0349 0688 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
12:47:09.0406 0688 Processor - ok
12:47:09.0668 0688 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
12:47:09.0750 0688 Psched - ok
12:47:10.0139 0688 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
12:47:10.0177 0688 ql2300 - ok
12:47:10.0502 0688 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
12:47:10.0530 0688 ql40xx - ok
12:47:10.0568 0688 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
12:47:10.0638 0688 QWAVEdrv - ok
12:47:10.0676 0688 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
12:47:10.0756 0688 RasAcd - ok
12:47:10.0814 0688 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
12:47:10.0888 0688 RasAgileVpn - ok
12:47:10.0966 0688 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
12:47:11.0087 0688 Rasl2tp - ok
12:47:11.0398 0688 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
12:47:11.0467 0688 RasPppoe - ok
12:47:11.0534 0688 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
12:47:11.0609 0688 RasSstp - ok
12:47:11.0920 0688 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
12:47:11.0994 0688 rdbss - ok
12:47:12.0144 0688 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
12:47:12.0173 0688 rdpbus - ok
12:47:12.0318 0688 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
12:47:12.0384 0688 RDPCDD - ok
12:47:12.0568 0688 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
12:47:12.0626 0688 RDPENCDD - ok
12:47:12.0736 0688 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
12:47:12.0820 0688 RDPREFMP - ok
12:47:12.0952 0688 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
12:47:13.0062 0688 RDPWD - ok
12:47:13.0208 0688 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
12:47:13.0237 0688 rdyboost - ok
12:47:13.0447 0688 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
12:47:13.0518 0688 RFCOMM - ok
12:47:13.0675 0688 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
12:47:13.0788 0688 rspndr - ok
12:47:13.0989 0688 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
12:47:14.0014 0688 sbp2port - ok
12:47:14.0147 0688 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
12:47:14.0228 0688 scfilter - ok
12:47:14.0429 0688 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
12:47:14.0514 0688 secdrv - ok
12:47:14.0655 0688 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
12:47:14.0723 0688 Serenum - ok
12:47:14.0837 0688 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
12:47:14.0964 0688 Serial - ok
12:47:15.0225 0688 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
12:47:15.0277 0688 sermouse - ok
12:47:15.0429 0688 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
12:47:15.0463 0688 sffdisk - ok
12:47:15.0491 0688 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
12:47:15.0542 0688 sffp_mmc - ok
12:47:15.0664 0688 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
12:47:15.0700 0688 sffp_sd - ok
12:47:15.0828 0688 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
12:47:15.0899 0688 sfloppy - ok
12:47:16.0128 0688 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:47:16.0209 0688 SiSRaid2 - ok
12:47:16.0364 0688 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
12:47:16.0418 0688 SiSRaid4 - ok
12:47:16.0569 0688 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
12:47:16.0645 0688 Smb - ok
12:47:16.0791 0688 snapman (427c2b34bf4dd4f813da4c0df154cc94) C:\Windows\system32\DRIVERS\snapman.sys
12:47:16.0820 0688 snapman - ok
12:47:16.0975 0688 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
12:47:17.0034 0688 spldr - ok
12:47:17.0056 0688 MBR (0x1B8) (3e0a9b8449a315e0044be2adf3d12596) \Device\Harddisk0\DR0
12:47:17.0379 0688 \Device\Harddisk0\DR0 - ok
12:47:17.0384 0688 Boot (0x1200) (a43d79a78c5b4535be26f9f25de6069c) \Device\Harddisk0\DR0\Partition0
12:47:17.0386 0688 \Device\Harddisk0\DR0\Partition0 - ok
12:47:17.0405 0688 Boot (0x1200) (3350a685c6045e143ebf009f7a03fac8) \Device\Harddisk0\DR0\Partition1
12:47:17.0407 0688 \Device\Harddisk0\DR0\Partition1 - ok
12:47:17.0426 0688 Boot (0x1200) (fc5744c6c2f46bddb4986937ce4f09c4) \Device\Harddisk0\DR0\Partition2
12:47:17.0427 0688 \Device\Harddisk0\DR0\Partition2 - ok
12:47:17.0428 0688 ============================================================
12:47:17.0428 0688 Scan finished
12:47:17.0428 0688 ============================================================
12:47:17.0444 4024 Detected object count: 0
12:47:17.0444 4024 Actual detected object count: 0
12:50:39.0557 3576 Deinitialize success

ComboFix 12-01-03.04 - Deniska 04.01.2012 12:58:29.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3767.2215 [GMT 1:00]
Spuštěný z: c:\users\Deniska\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Deniska\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 4.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 4.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2507351934-888822584-2405633601-1000Core.job"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2507351934-888822584-2405633601-1000UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\ICQ6Toolbar
c:\program files (x86)\ICQ6Toolbar\config.xml
c:\program files (x86)\ICQ6Toolbar\Icons.bmp
c:\program files (x86)\ICQ6Toolbar\ICQ Service.exe
c:\program files (x86)\ICQ6Toolbar\icq6Toolbar.ico
c:\program files (x86)\ICQ6Toolbar\ICQToolBar.dll
c:\program files (x86)\ICQ6Toolbar\ICQUnToolbar.exe
c:\program files (x86)\ICQ6Toolbar\logo_small.gif
c:\program files (x86)\ICQ6Toolbar\ServiceStarter.exe
c:\program files (x86)\ICQ6Toolbar\short.wav
c:\program files (x86)\ICQ6Toolbar\Version.txt
c:\program files (x86)\ICQ6Toolbar\voucher.bmp
c:\program files (x86)\ICQ6Toolbar\voucher2.bmp
c:\users\Deniska\AppData\Local\Facebook\Update
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\FacebookCrashHandler.exe
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\FacebookUpdate.exe
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\FacebookUpdateHelper.msi
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdate.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_ar.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_bg.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_bn.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_ca.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_cs.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_da.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_de.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_el.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_en-GB.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_en.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_es-419.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_es.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_et.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_fa.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_fi.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_fil.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_fr.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_gu.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_hi.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_hr.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_hu.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_id.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_is.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_it.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_iw.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_ja.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_kn.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_ko.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_lt.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_lv.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_ml.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_mr.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_ms.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_nl.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_no.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_or.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_pl.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_pt-BR.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_pt-PT.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_ro.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_ru.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_sk.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_sl.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_sr.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_sv.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_ta.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_te.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_th.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_tr.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_uk.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_ur.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_vi.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_zh-CN.dll
c:\users\Deniska\AppData\Local\Facebook\Update\1.2.203.0\goopdateres_zh-TW.dll
c:\users\Deniska\AppData\Local\Facebook\Update\FacebookUpdate.exe
c:\users\Deniska\AppData\Roaming\Microsoft\0C3D
c:\users\Deniska\AppData\Roaming\Microsoft\0C3D\1525.tmp
c:\users\Deniska\AppData\Roaming\Microsoft\0C3D\313D.tmp
c:\users\Deniska\AppData\Roaming\Microsoft\0C3D\35A.tmp
c:\users\Deniska\AppData\Roaming\Microsoft\0C3D\4DF1.tmp
c:\users\Deniska\AppData\Roaming\Microsoft\0C3D\52D1.tmp
c:\users\Deniska\AppData\Roaming\Microsoft\0C3D\5A2.tmp
c:\users\Deniska\AppData\Roaming\Microsoft\0C3D\66ED.tmp
c:\users\Deniska\AppData\Roaming\Microsoft\0C3D\8349.tmp
c:\users\Deniska\AppData\Roaming\Microsoft\0C3D\92C5.exe
c:\users\Deniska\AppData\Roaming\Microsoft\0C3D\92C5.tmp
c:\users\Deniska\AppData\Roaming\Microsoft\0C3D\CC43.tmp
c:\users\Deniska\AppData\Roaming\Microsoft\0C3D\D7E7.tmp
c:\users\Deniska\AppData\Roaming\Microsoft\0C3D\EF5D.tmp
c:\users\Deniska\AppData\Roaming\Microsoft\0C3D\F5F2.tmp
c:\users\Deniska\AppData\Roaming\Microsoft\6CFD
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2507351934-888822584-2405633601-1000Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2507351934-888822584-2405633601-1000UA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_BFE
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-04 do 2012-01-04 )))))))))))))))))))))))))))))))
.
.
2012-01-04 12:04 . 2012-01-04 12:04 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-02 17:29 . 2012-01-02 17:29 -------- d-----w- C:\rsit
2012-01-02 17:29 . 2012-01-02 17:29 -------- d-----w- c:\program files\trend micro
2012-01-01 21:44 . 2012-01-01 21:44 626688 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr80.dll
2012-01-01 21:44 . 2012-01-01 21:44 548864 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp80.dll
2012-01-01 21:44 . 2012-01-01 21:44 479232 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcm80.dll
2012-01-01 21:44 . 2012-01-01 21:44 43992 ----a-w- c:\program files (x86)\Mozilla Firefox\mozutils.dll
2012-01-01 19:22 . 2012-01-01 19:22 286720 ----a-w- C:\swreg.exe
2011-12-31 02:36 . 2011-12-31 01:03 -------- d-----w- c:\windows\Microsoft Antimalware
2011-12-14 11:25 . 2011-10-26 05:21 43520 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-14 11:23 . 2011-11-05 05:32 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-14 11:23 . 2011-11-05 04:26 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-21 08:42 . 2011-05-31 04:06 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-10-07 04:16 . 2011-11-22 18:36 8570192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{415102C8-AAB2-4415-BC00-741D1B532DA8}\mpengine.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-01-03_17.35.17 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-14 05:10 . 2012-01-04 11:40 39350 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2009-07-14 05:10 . 2012-01-02 17:17 39350 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-09-16 23:17 . 2012-01-04 11:40 14702 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2507351934-888822584-2405633601-1000_UserData.bin
- 2010-09-16 23:17 . 2012-01-02 17:17 14702 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2507351934-888822584-2405633601-1000_UserData.bin
- 2009-02-28 05:01 . 2012-01-02 17:52 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-02-28 05:01 . 2012-01-04 12:05 32768 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-02-28 05:01 . 2012-01-02 17:52 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-02-28 05:01 . 2012-01-04 12:05 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2012-01-03 17:57 . 2012-01-03 17:57 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012012010320120104\index.dat
+ 2009-07-14 04:54 . 2012-01-04 12:05 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-01-02 17:52 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:46 . 2012-01-01 16:27 94640 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2009-07-14 04:46 . 2012-01-03 21:30 94640 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
- 2010-09-16 23:19 . 2012-01-03 16:59 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-09-16 23:19 . 2012-01-04 11:41 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-09-16 23:19 . 2012-01-03 16:59 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-09-16 23:19 . 2012-01-04 11:41 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2012-01-02 17:11 . 2012-01-02 17:11 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-01-04 12:05 . 2012-01-04 12:05 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-01-02 17:11 . 2012-01-02 17:11 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-01-04 12:05 . 2012-01-04 12:05 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-09-19 18:44 . 2012-01-03 22:55 388274 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
- 2009-07-14 05:01 . 2012-01-01 23:30 352504 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-01-04 12:04 352504 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2010-10-29 20:23 . 2012-01-01 19:33 353272 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2507351934-888822584-2405633601-1000-8192.dat
+ 2010-10-29 20:23 . 2012-01-04 12:04 353272 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2507351934-888822584-2405633601-1000-8192.dat
- 2012-01-01 19:46 . 2012-01-01 23:30 353272 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2507351934-888822584-2405633601-1000-12288.dat
+ 2012-01-01 19:46 . 2012-01-03 22:58 353272 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2507351934-888822584-2405633601-1000-12288.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2009-12-24 284696]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-03-03 1300560]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2009-12-25 201512]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2009-12-25 401192]
"IJNetworkScanUtility"="c:\program files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE" [2007-05-21 124512]
"Luxand Blink!"="c:\program files\Luxand\Blink!\LuxandBlinkTray.exe" [2010-10-18 7143224]
"Google Desktop Search"="c:\program files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" [2011-10-12 30192]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Acer VCM.lnk - c:\program files (x86)\Acer\Acer VCM\AcerVCM.exe [2010-4-15 704032]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-3-26 1125152]
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAHealth"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\Google\GOOGLE~2\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [x]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [2011-10-12 30192]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [x]
R3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-04-20 152064]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/09/18 18:58];c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-03-13 10:58 146928]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-03-03 325200]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2010-08-12 810144]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-03-17 866336]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-12-24 13336]
S2 ODDPwrSvc;Acer ODD Power Service;c:\program files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [2010-02-05 171040]
S2 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [2010-01-29 260640]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-04-09 320000]
"ODDPwr"="c:\program files\Acer\Optical Drive Power Management\ODDPwr.exe" [2010-02-05 222240]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-02-22 10081312]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-02-22 877600]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-02-12 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-02-12 390680]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-02-12 410136]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"PLFSetI"="c:\windows\PLFSetI.exe" [2010-01-13 206208]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-03-17 860704]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-08-12 2916584]
"Logitech Download Assistant"="c:\windows\system32\rundll32.exe" [2009-07-14 45568]
"combofix"="c:\combofix\CF28415.3XE" [2010-11-20 345088]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files (x86)\ICQ7.6\ICQ.exe
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\programdata\LangSoft\WebIE.dll
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Deniska\AppData\Roaming\Mozilla\Firefox\Profiles\l02siibl.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
Binary file temp00 matches
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
c:\windows\SysWOW64\RunDll32.exe
c:\program files (x86)\Launch Manager\LMworker.exe
.
**************************************************************************
.
Celkový čas: 2012-01-04 13:10:17 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-01-04 12:10
ComboFix2.txt 2012-01-03 17:37
.
Před spuštěním: Volných bajtů: 12 351 741 952
Po spuštění: Volných bajtů: 12 114 575 360
.
- - End Of File - - 763DE90384557B50461D806578A518BA

Jak se chova PC, co aktualizace

Zdá se že se aktualizace rozeběhli. Myslím že tam je ještě nějaký problém s centrem zabezpečení. Neměl jsem čas to zkoumat protože notebook je dcery a ta s ním odjela na zkoušky. Ozval bych se až zítra večer. Zatím mnohokrát díky za pomoc a trpělivost.

OK, tak tedy napiste a pripadne dejte screen pokud tam je nejaky problem

Dobrý večer, tak jsem opět zde.
Co se týče aktualizací tak ty fungují. Další problém je s Windows Firewallem. Vůbec nejde zapnout ani nijak nastavit. Vždy se objeví okno viz screen. Další problém s antivirem Nod 32. Pořád hlásil "Analýza aplikačních protokolů je nefunkční". Tak mě nenapadlo nic jiného než ho zkusit přeinstalovat a teď uz nejde zpět nainstalovat. Vždy skončí hláškou že po odinstalaci nebyl počítač restartován, což není pravda. Windows Defender taky nefunkční. Hlásí "Zadaná služba není nainstalovaná služba.(Kod chyby 0x80070424)

Zkuste tenhel Fix It od MS http://go.microsoft.com/?linkid=9666880

Pokud NOD nepujde nainstalovat, tak napiste a pozvu nekoho z kolegu od ESETu

Dobrý večer,
tekže bohužel po aplikaci uvedeného fixu se vůbec nic nezměnilo. Vypadá to jako by bylo nějak vypnuté zabezpečení systému - Firewal, Defender. Ani ve službách se tyto položky nenachází.

Zkuste tento postup http://support.microsoft.com/kb/2530126

Podle tohoto návodu jsem to zkoušel než jsem psal poslední příspěvek. Skener nic nenašel a po pokusu spuštění služby Windows Firewall stále nic.

A s tim souborem repair.bat jste to tez zkousel

Ano zkoušel, přesně podle návodu.