mam vírus kt. sa neda zmazať POMOC PLEASE

Zpráva

timoti · #1 Příspěvek od **timoti** » 05 pro 2011 15:44

ked dam vyhladovať esetom tak mi toto napíše prosím vas nevie niekto čo to znamená či sa maám bať ?????

#2 Příspěvek od **motji** » 05 pro 2011 16:11

Hezký podvečer

Mrkneme na to.

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

netsvcs
drivers32
savembr:0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

/md5start
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
hal.dll
logevent.dll
netlogon.dll
ntelogon.dll
scecli.dll
sceclt.dll
ws2_32.dll
autochk.exe
csrss.exe
explorer.exe
lsass.exe
services.exe
smss.exe
spoolsv.exe
svchost.exe
userinit.exe
winlogon.exe
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
cdrom.sys
Changer.sys
fastfat.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
mv61xx.sys
ndis.sys
ntfs.sys
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
symmpi.sys
tcpip.sys
csc.sys
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
/md5stop

C:\windows\system32\spool\prtprocs|dll;true;true;true /FP
%systemroot%\system32\drivers\*.sys /5
%systemroot%\system32\drivers\*.sys /X
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\*.* /5
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\config\*.sav
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\*.* /U /s
%systemroot%\*. /mp /s
%ALLUSERSPROFILE%\Data Aplikací\*.*
%ALLUSERSPROFILE%\Data Aplikací\*.exe /s
%ALLUSERSPROFILE%\Dáta aplikácií\*.*
%ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s
%APPDATA%\*.
%APPDATA%\*.*
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe


HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

- zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde

#3 Příspěvek od **motji** » 06 pro 2011 09:26

Po domluvě

Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe

- ComboFix je třeba spustit pod účtem s právy administrátora

- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary

- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano

- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna

- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah sem

timoti · #4 Příspěvek od **timoti** » 06 pro 2011 10:41

ComboFix 11-12-05.04 - Timoti . 12. 2011 10:03:39.1.4 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.421.1029.18.3062.2099 [GMT 1:00]
Running from: c:\users\Timoti\Desktop\ComboFix.exe
AV: ESET Smart Security 5.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 5.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Resident AV is active
.
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\xp
c:\programdata\xp\EBLib.dll
c:\programdata\xp\TPwSav.sys
c:\users\Timoti\AppData\Local\96a13fe0\U
c:\users\Timoti\AppData\Local\96a13fe0\U\80000000.@
c:\users\Timoti\AppData\Local\96a13fe0\U\800000cb.@
c:\windows\$NtUninstallKB22206$\1760447246
c:\windows\Downloaded Program Files\IDropPTB.dll
c:\windows\$NtUninstallKB22206$ . . . . Failed to delete
.
.
((((((((((((((((((((((((( Files Created from 2011-11-06 to 2011-12-06 )))))))))))))))))))))))))))))))
.
.
2011-12-06 09:19 . 2010-04-09 17:43 5310288 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{91DE2448-1BE0-4242-AAC3-A39B0BEBE629}\mpengine.dll
2011-12-06 09:17 . 2011-12-06 09:20 -------- d-----w- c:\users\Timoti\AppData\Local\temp
2011-12-06 09:17 . 2011-12-06 09:17 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-12-06 09:05 . 2011-12-06 09:05 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{758BBDE0-DE4B-4F2A-B725-C7131BCF95E6}\offreg.dll
2011-12-06 08:48 . 2009-07-13 23:11 80896 ----a-w- c:\windows\system32\drivers\i8042prt.sys
2011-12-05 22:23 . 2011-12-05 22:23 512 ----a-w- C:\PhysicalMBR.bin
2011-12-05 21:43 . 2011-12-05 21:43 -------- d-----w- c:\program files\ESET
2011-12-05 21:13 . 2011-12-05 21:13 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2011-12-05 21:13 . 2011-12-05 21:13 458064 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-12-05 14:09 . 2011-12-05 14:09 -------- d-----w- C:\TEMP
2011-12-03 19:59 . 2011-11-21 10:47 6823496 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{758BBDE0-DE4B-4F2A-B725-C7131BCF95E6}\mpengine.dll
2011-11-22 22:59 . 2011-12-05 21:20 -------- d-----w- c:\programdata\AVAST Software
2011-11-22 18:21 . 2011-12-06 09:17 -------- d-sh--w- c:\users\Timoti\AppData\Local\96a13fe0
2011-11-22 18:02 . 2011-11-22 18:02 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2011-11-22 18:02 . 2011-11-22 18:02 458048 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-11-20 23:28 . 2011-11-20 23:28 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll
2011-11-20 23:28 . 2011-11-20 23:28 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll
2011-11-16 11:18 . 2011-11-16 11:18 45056 ----a-w- c:\windows\NCUNINST.EXE
2011-11-16 11:14 . 2011-11-16 11:14 -------- d-----w- c:\program files\Common Files\SWF Studio
2011-11-16 11:12 . 2011-11-16 11:13 -------- d-----w- C:\lj1010seriesprintsys
2011-11-16 11:05 . 2011-11-16 11:05 -------- d-----w- C:\HP Universal Print Driver
2011-11-10 08:58 . 2011-09-29 16:03 1290608 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-11-10 08:58 . 2011-10-01 04:37 708608 ----a-w- c:\program files\Common Files\System\wab32.dll
2011-11-10 08:58 . 2011-09-29 03:37 2341888 ----a-w- c:\windows\system32\win32k.sys
2011-11-10 08:54 . 2011-12-05 14:06 -------- d-----w- c:\users\Timoti\AppData\Local\Akamai
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-22 18:21 . 2011-05-16 13:59 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-24 13:29 . 2011-10-24 13:29 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-10-24 13:29 . 2011-10-24 13:29 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-10-04 10:59 . 2010-11-30 00:06 443448 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-10-01 02:42 . 2011-10-11 20:34 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-09-28 16:33 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-11-20 23:28 . 2011-03-31 10:27 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-12-09 39408]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-03-12 153136]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2011-05-16 399736]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
"PCSpeedUp"="c:\program files\Zrychleni Pocitace\PCSpeedUp.lnk" [2011-10-04 2400]
"Akamai NetSession Interface"="c:\users\Timoti\AppData\Local\Akamai\netsession_win.exe" [2011-11-17 3303000]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Toshiba TEMPRO"="c:\program files\Toshiba TEMPRO\TemproTray.exe" [2010-05-11 1050072]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2009-10-02 284696]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-09-08 98304]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-10-21 7858720]
"SVPWUTIL"="c:\program files\TOSHIBA\Utilities\SVPWUTIL.exe" [2009-08-12 352256]
"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2009-06-02 425984]
"KeNotify"="c:\program files\TOSHIBA\Utilities\KeNotify.exe" [2009-01-13 34088]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2009-11-05 480608]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2009-03-09 55160]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2009-08-13 521528]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2009-11-10 738616]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-10-15 1586472]
"TWebCamera"="c:\program files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2009-11-21 2454840]
"SmartFaceVWatcher"="c:\program files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe" [2009-10-19 163840]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2009-11-05 611672]
"ToshibaServiceStation"="c:\program files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2011-02-11 1295736]
"Teco"="c:\program files\TOSHIBA\TECO\Teco.exe" [2009-09-28 1328480]
"TosWaitSrv"="c:\program files\TOSHIBA\TPHM\TosWaitSrv.exe" [2009-11-10 611672]
"TosNC"="c:\program files\Toshiba\BulletinBoard\TosNcCore.exe" [2009-11-30 467304]
"TosReelTimeMonitor"="c:\program files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe" [2009-11-30 29528]
"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaReminder.exe" [2009-08-25 134032]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-09-06 3076144]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"="c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2009-08-12 6203296]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-02-22 136176]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-02-22 136176]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-09-22 174592]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-08-08 1343400]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2011-08-04 50624]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2011-08-04 118104]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [2011-08-04 33656]
S1 LUMDriver;LUMDriver;c:\windows\system32\drivers\LUMDriver.sys [2007-04-24 16688]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-09-08 172032]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe [2009-10-27 185712]
S2 ConfigFree Service;ConfigFree Service;c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2011-08-09 163424]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2011-09-06 974944]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-10-02 13336]
S2 mitsijm2011;Správce úloh aplikace Autodesk Moldflow Inventor Tool Suite Integration 2011;c:\program files\Autodesk\Inventor 2011\Moldflow\bin\mitsijm.exe [2010-01-23 462336]
S2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files\Toshiba TEMPRO\TemproSvc.exe [2010-05-11 124368]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2009-09-28 185712]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 12920]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-09-30 2314240]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2009-10-26 125696]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2009-06-22 24064]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-11-05 230912]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [2009-10-02 862208]
S3 TMachInfo;TMachInfo;c:\program files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-02-11 54136]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-11-05 111960]
S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2009-11-10 677232]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Contents of the 'Scheduled Tasks' folder
.
2011-12-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-22 22:10]
.
2011-12-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-22 22:10]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSEH&bmod=TSEH
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Timoti\AppData\Roaming\Mozilla\Firefox\Profiles\im1vgxpp.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.timostudio.sk/domov.html
.
.
------- File Associations -------
.
.scr=AutoCADScriptFile
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{9CB65206-89C4-402c-BA80-02D8C59F9B1D} - c:\program files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
SafeBoot-mcmscsvc
SafeBoot-MCODS
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files\common files\akamai/netsession_win_d768ebc.dll"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\atieclxx.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\TODDSrv.exe
c:\program files\TOSHIBA\Power Saver\TosCoSrv.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\conhost.exe
c:\program files\TOSHIBA\ConfigFree\NDSTray.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\program files\Common Files\Ahead\Lib\NMIndexingService.exe
c:\program files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
c:\program files\TOSHIBA\ConfigFree\CFSwMgr.exe
c:\windows\system32\sppsvc.exe
c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
c:\program files\TOSHIBA\TPHM\TPCHWMsg.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Completion time: 2011-12-06 10:25:01 - machine was rebooted
ComboFix-quarantined-files.txt 2011-12-06 09:25
.
Pre-Run: Volných bajtů: 139 534 057 472
Post-Run: Volných bajtů: 139 990 360 064
.
- - End Of File - - 21AAAA606C7C49D313FB8E0AD78ADFF1

#5 Příspěvek od **motji** » 06 pro 2011 10:42

Hlásí ještě Nod ěnco?
Ted udělej znovu to OTL, ale v nouzovém režimu.

timoti · #6 Příspěvek od **timoti** » 06 pro 2011 12:46

OTL Extras logfile created on: 6.12.2011 11:12:01 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Timoti\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

2,99 Gb Total Physical Memory | 2,05 Gb Available Physical Memory | 68,50% Memory free
5,98 Gb Paging File | 4,88 Gb Available in Paging File | 81,57% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 130,47 Gb Free Space | 56,02% Space Free | Partition Type: NTFS
Drive D: | 232,49 Gb Total Space | 188,92 Gb Free Space | 81,26% Space Free | Partition Type: NTFS

Computer Name: TOSHIBA-TIMOTI | User Name: Timoti | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-2665343401-776485050-2141503280-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00763F56-1FE5-DA9F-A43E-53F5D46D6E7E}" = CCC Help Dutch
"{02F2BA99-3AFA-F0E6-969B-E6443A469967}" = Catalyst Control Center InstallProxy
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{068B46A0-8858-4CEB-80BC-A4AE787A05FC}" = Windows Live Sync
"{084144E0-8719-9E07-49F9-D728A7533B32}" = CCC Help Russian
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0901FCE8-5415-4499-BBC8-1AA106DD66E2}" = Adobe Setup
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0CB58D13-A9CB-7599-DE28-D17205A3D381}" = Catalyst Control Center Graphics Previews Common
"{0FB630AB-7BD8-40AE-B223-60397D57C3C9}" = Realtek WLAN Driver
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{1373D2A4-694D-44B4-8372-620336827A5A}" = ESET Smart Security
"{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1" = Guitar Pro 6
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1901B979-96F2-3330-D875-4803F233CF47}" = CCC Help Finnish
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1C84AB70-7851-D03E-14B0-2CE969DD6CBA}" = Photo Service - powered by myphotobook
"{1D097338-B4FA-4F29-9C43-8D7A970A007E}" = Windows Live Fotogalerie
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2404C7F8-65CC-9408-F08E-73996B998A7D}" = Catalyst Control Center Graphics Light
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 14
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{290CD70B-6E45-7381-CDC4-45E582F49C60}" = Catalyst Control Center Graphics Previews Vista
"{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}" = PDF Settings
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2FFDADDF-5107-5CB7-1E9C-66E881680F25}" = CCC Help Turkish
"{320F5494-8DB9-10CD-6122-05299B9A4DAD}" = Catalyst Control Center Graphics Full New
"{327302DA-42B3-CF80-A242-E7E16FB6BB91}" = ATI Catalyst Install Manager
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{39987616-5DF2-CDFA-761C-75E66743CE80}" = CCC Help Portuguese
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3BCF8458-04BA-EBB7-3EDD-BFD188230DBE}" = CCC Help Czech
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3E62B27C-342F-4B44-9331-CA4BC59A586F}" = Asistent pro přihlášení ke službě Windows Live
"{41EEF558-3585-4020-8DF2-B182A0CE2D69}" = Autodesk Vault 2011 (Client)
"{41EEF558-3585-4028-8DF2-B182A0CE2D69}" = Autodesk Vault 2011 (Client) Czech Language Pack
"{45D6FC55-A7CA-1EEA-C038-70998C3D190A}" = CCC Help Spanish
"{46D0CFB0-D3F7-6D32-8FBF-2F848F7ECA79}" = CCC Help Italian
"{479A749B-1684-4881-8266-BF8DD22251E7}" = Windows Live Writer
"{4D76C6A4-A8AC-B6FF-C334-E6CBB7471C44}" = Catalyst Control Center Core Implementation
"{5178C1BB-1EB1-4468-894B-7DE964DDCAA2}" = Adobe Photoshop CS3
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{53173451-0DDE-97E9-B6FE-1D068DBF2AF8}" = CCC Help Chinese Standard
"{53536479-DFB0-47ED-9D10-43F3708C222D}" = TOSHIBA eco Utility
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5783F2D7-9001-0405-0002-0060B0CE6BBA}" = AutoCAD 2011 - česky
"{5783F2D7-9001-0405-1002-0060B0CE6BBA}" = AutoCAD 2011 Language Pack - česky
"{5783F2D7-9028-0409-0000-0060B0CE6BBA}" = DWG TrueView 2011
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5E152D08-572A-3375-8FDE-DAD1EFB379BA}" = Microsoft Report Viewer Redistributable 2008
"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
"{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871}" = Adobe Color NA Extra Settings
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{67753C59-3BB3-7CBB-7B10-F47CE982082F}" = CCC Help German
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6ABF4A27-C269-88EB-1CA8-5A1D78A2FF08}" = ccc-core-static
"{6B81F4D9-A640-4081-A01D-7CB37F5DF4A4}" = TOSHIBA Bulletin Board
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{6D12B99F-EAAA-49D8-8E2F-74FA7459CCB2}" = Adobe Asset Services CS3
"{6DE6837F-F3A3-40FF-9F5C-A0B95948E32D}" = Dassault Systemes Software Prerequisites x86
"{7032B400-11EC-11E0-A9BF-0013D3D69929}" = MSVCRT Redists
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{71E40B32-5173-4538-8996-5822DD18E8D4}" = Windows Live Messenger
"{71F89FF7-C913-4A99-B4D9-C05BAA20790B}" = Autodesk Inventor Content Center Libraries 2011 (Desktop Content)
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{767F1CF5-6140-BCF3-549E-69B273099EC9}" = CCC Help Polish
"{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7C4F9145-AEDA-55D4-3F5F-BCA89EA300E2}" = CCC Help Swedish
"{7F4DD591-1532-0409-0000-7107D70F3DB4}" = Autodesk Inventor Professional 2011
"{7F4DD591-1532-0409-0001-7107D70F3DB4}" = Autodesk Inventor Professional 2011 Jazykový balíček – čeština
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8D3D00A7-F448-D3A3-BC79-CD603AEBC2F5}" = CCC Help Danish
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-0044-041B-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}" = Toshiba Manuals
"{921F22A4-290B-4B6C-9E8E-B50B58F18ED0}" = TOSHIBA ReelTime
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}" = FARO LS 1.1.406.58
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9817543D-592D-CDA9-B8E5-E7BB8DA63F45}" = CCC Help Chinese Traditional
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9DA30596-3A38-06B3-5EA2-8AF4B4FE27F2}" = CCC Help Hungarian
"{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}" = Autodesk Material Library 2011
"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
"{A0A61E1A-47BA-DD0F-8B31-2BA14B059258}" = CCC Help Japanese
"{A2690E7C-D909-4AE6-7C84-F1AC267A9020}" = Catalyst Control Center Graphics Full Existing
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A35391E7-4D75-FD08-CBE4-0A9DFB944294}" = CCC Help Korean
"{A49BDCBE-590E-43A6-AB77-7C40E499B7C1}" = Autodesk Design Review 2012
"{A74F16FA-1D5B-405B-8D8D-1BC6F9DAED8B}" = Amazon.co.uk
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.6 - Czech
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B5ACFC20-FA4B-3448-431E-D0107C55E435}" = CCC Help English
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BD087F50-46B2-43E4-BD73-5DB3DC20B47C}" = Adobe Color EU Recommended Settings
"{BD8A0C60-1AEB-11D6-B8E1-00025521AE60}" = VBA (3821b)
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"{CAFE6B40-C54C-4389-AE45-5F961C771051}" = Nero 7 Premium
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CD1E078C-A6B9-47DA-B035-6365C85C7832}" = Autodesk Material Library 2011 Base Image library
"{D05CD952-F58E-D2AC-D6EA-4178331A356C}" = CCC Help Thai
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D36B4583-E804-406B-9D56-F97931286C5B}" = 32 Bit HP CIO Components Installer
"{D408ADFE-DC5B-CA9A-4131-E4D870B07354}" = CCC Help Norwegian
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = Výstraha HDD/SSD TOSHIBA
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{D92B72E2-C854-4738-8ED6-4C3661CC17AE}" = Adobe Color JA Extra Settings
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DBB7021A-3437-446F-ACE5-7261644A972C}" = Toshiba TEMPRO
"{E1FFC21B-CB65-4C06-8FEA-16F47A4222FD}" = eBay
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3D63B95-4B21-414A-A2C7-D6D6A6AC6D79}" = Catalyst Control Center - Branding
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E3F328E4-EB9F-4ABF-8FF3-5AD0472743D8}" = Windows Live Essentials
"{E5A10EF8-DBF3-4251-A9CA-423311DBBFC8}" = Windows Live Mail
"{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher
"{E8B28B89-FF29-9092-19BC-B2B6779FFA9F}" = Catalyst Control Center Localization All
"{E9627240-E930-11E0-8690-F04DA23A5C58}" = MSVCRT Redists
"{EB46ED09-96A4-3768-D924-B0A105B91D0A}" = ccc-utility
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2AF3E5D-9697-485C-A5AC-E2B9468C446A}" = Safari
"{F2F7D8E1-03A2-11E1-AA2E-F04DA23A5C58}" = MSVCRT Redists
"{F3529665-D75E-4D6D-98F0-745C78C68E9B}" = TOSHIBA ConfigFree
"{F7776077-24D8-A51B-1580-46BB742EE0BC}" = CCC Help Greek
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F92DCCC1-0371-916E-78A3-BF9788D39152}" = CCC Help French
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_4977c84bcdc298c444ccfbdcccb660d" = Adobe Photoshop CS3
"Akamai" = Akamai NetSession Interface Service
"AutoCAD 2011 - česky" = AutoCAD 2011 - česky
"Autodesk Design Review 2012" = Autodesk Design Review 2012
"Autodesk Inventor Professional 2011" = Autodesk Inventor Professional 2011 Czech
"Autodesk Vault 2011 (Client)" = Autodesk Vault 2011 (Client)
"DAEMON Tools Lite" = DAEMON Tools Lite
"Dassault Systemes B19_0" = Dassault Systemes Software B19
"DWG TrueView 2011" = DWG TrueView 2011
"eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1" = Photo Service - powered by myphotobook
"Google Chrome" = Google Chrome
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Heslo správce
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = Nastaveni hadrware TOSHIBA
"InstallShield_{53536479-DFB0-47ED-9D10-43F3708C222D}" = TOSHIBA eco Utility
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{6B81F4D9-A640-4081-A01D-7CB37F5DF4A4}" = TOSHIBA Bulletin Board
"InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder
"InstallShield_{921F22A4-290B-4B6C-9E8E-B50B58F18ED0}" = TOSHIBA ReelTime
"InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = Výstraha HDD/SSD TOSHIBA
"InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"IrfanView" = IrfanView (remove only)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Report Viewer Redistributable 2008" = Microsoft Report Viewer Redistributable 2005
"Mozilla Firefox 8.0 (x86 sk)" = Mozilla Firefox 8.0 (x86 sk)
"PROPLUS" = Microsoft Office Professional Plus 2007
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.8
"WinDjView" = WinDjView 1.0.3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2665343401-776485050-2141503280-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 17.11.2011 15:21:56 | Computer Name = TOSHIBA-Timoti | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 17.11.2011 16:03:56 | Computer Name = TOSHIBA-Timoti | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 20.11.2011 16:17:15 | Computer Name = TOSHIBA-Timoti | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 20.11.2011 17:04:17 | Computer Name = TOSHIBA-Timoti | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 20.11.2011 18:03:46 | Computer Name = TOSHIBA-Timoti | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 20.11.2011 19:12:47 | Computer Name = TOSHIBA-Timoti | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 22.11.2011 6:13:57 | Computer Name = TOSHIBA-Timoti | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 22.11.2011 7:10:36 | Computer Name = TOSHIBA-Timoti | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 22.11.2011 10:11:23 | Computer Name = TOSHIBA-Timoti | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 22.11.2011 14:01:07 | Computer Name = TOSHIBA-Timoti | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

[ Media Center Events ]
Error - 4.5.2010 13:54:30 | Computer Name = TOSHIBA-Timoti | Source = MCUpdate | ID = 0
Description = 19:54:30 - Chyba při připojování k Internetu 19:54:30 - Nelze kontaktovat
server..

Error - 19.5.2010 14:09:53 | Computer Name = TOSHIBA-Timoti | Source = MCUpdate | ID = 0
Description = 20:09:53 - Chyba při připojování k Internetu 20:09:53 - Nelze kontaktovat
server..

Error - 24.5.2010 13:53:14 | Computer Name = TOSHIBA-Timoti | Source = MCUpdate | ID = 0
Description = 19:53:14 - Chyba při připojování k Internetu 19:53:14 - Nelze kontaktovat
server..

Error - 21.11.2011 18:06:08 | Computer Name = TOSHIBA-Timoti | Source = MCUpdate | ID = 0
Description = 23:06:08 - Chyba při připojování k Internetu 23:06:08 - Nelze kontaktovat
server..

Error - 22.11.2011 5:33:26 | Computer Name = TOSHIBA-Timoti | Source = MCUpdate | ID = 0
Description = 10:33:26 - Chyba při připojování k Internetu 10:33:26 - Nelze kontaktovat
server..

Error - 22.11.2011 9:51:33 | Computer Name = TOSHIBA-Timoti | Source = MCUpdate | ID = 0
Description = 14:51:33 - Chyba při připojování k Internetu 14:51:33 - Nelze kontaktovat
server..

Error - 4.12.2011 16:46:29 | Computer Name = TOSHIBA-Timoti | Source = MCUpdate | ID = 0
Description = 21:46:29 - Chyba při připojování k Internetu 21:46:29 - Nelze kontaktovat
server..

Error - 4.12.2011 16:47:30 | Computer Name = TOSHIBA-Timoti | Source = MCUpdate | ID = 0
Description = 21:47:19 - Chyba při připojování k Internetu 21:47:19 - Nelze kontaktovat
server..

Error - 5.12.2011 9:42:01 | Computer Name = TOSHIBA-Timoti | Source = MCUpdate | ID = 0
Description = 14:42:01 - Chyba při připojování k Internetu 14:42:01 - Nelze kontaktovat
server..

Error - 5.12.2011 9:42:56 | Computer Name = TOSHIBA-Timoti | Source = MCUpdate | ID = 0
Description = 14:42:53 - Chyba při připojování k Internetu 14:42:53 - Nelze kontaktovat
server..

[ System Events ]
Error - 19.4.2011 3:06:16 | Computer Name = TOSHIBA-Timoti | Source = ipnathlp | ID = 31004
Description =

Error - 19.4.2011 3:17:52 | Computer Name = TOSHIBA-Timoti | Source = ipnathlp | ID = 31004
Description =

Error - 19.4.2011 3:26:55 | Computer Name = TOSHIBA-Timoti | Source = bowser | ID = 8003
Description =

Error - 19.4.2011 4:06:16 | Computer Name = TOSHIBA-Timoti | Source = ipnathlp | ID = 31004
Description =

Error - 19.4.2011 8:40:36 | Computer Name = TOSHIBA-Timoti | Source = ipnathlp | ID = 31004
Description =

Error - 19.4.2011 10:32:13 | Computer Name = TOSHIBA-Timoti | Source = ipnathlp | ID = 31004
Description =

Error - 19.4.2011 11:06:06 | Computer Name = TOSHIBA-Timoti | Source = ipnathlp | ID = 31004
Description =

Error - 19.4.2011 11:06:08 | Computer Name = TOSHIBA-Timoti | Source = ipnathlp | ID = 31004
Description =

Error - 19.4.2011 15:20:59 | Computer Name = TOSHIBA-Timoti | Source = ipnathlp | ID = 31004
Description =

Error - 19.4.2011 16:50:49 | Computer Name = TOSHIBA-Timoti | Source = ipnathlp | ID = 31004
Description =

< End of report >

timoti · #7 Příspěvek od **timoti** » 06 pro 2011 12:49

Potom aj toto zobrazilo ale ulozim to na dva krát lebo je to moc dlhé ::::)))))))))))))))))))

OTL logfile created on: 6.12.2011 11:12:01 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Timoti\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

2,99 Gb Total Physical Memory | 2,05 Gb Available Physical Memory | 68,50% Memory free
5,98 Gb Paging File | 4,88 Gb Available in Paging File | 81,57% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 130,47 Gb Free Space | 56,02% Space Free | Partition Type: NTFS
Drive D: | 232,49 Gb Total Space | 188,92 Gb Free Space | 81,26% Space Free | Partition Type: NTFS

Computer Name: TOSHIBA-TIMOTI | User Name: Timoti | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.12.06 11:01:46 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Timoti\Desktop\OTL.exe
PRC - [2011.11.17 06:58:04 | 003,303,000 | ---- | M] (Akamai Technologies, Inc) -- C:\Users\Timoti\AppData\Local\Akamai\netsession_win.exe
PRC - [2011.09.06 18:16:42 | 000,974,944 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2011.09.06 18:16:16 | 003,076,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2011.08.02 08:33:30 | 004,910,912 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2011.05.16 12:19:40 | 000,399,736 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011.02.11 12:45:54 | 001,295,736 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
PRC - [2010.11.20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010.05.11 08:41:08 | 001,050,072 | ---- | M] (Toshiba Europe GmbH) -- C:\Program Files\Toshiba TEMPRO\TemproTray.exe
PRC - [2010.05.11 08:40:52 | 000,124,368 | ---- | M] (Toshiba Europe GmbH) -- C:\Program Files\Toshiba TEMPRO\TemproSvc.exe
PRC - [2010.01.23 08:12:06 | 000,462,336 | ---- | M] () -- C:\Program Files\Autodesk\Inventor 2011\Moldflow\bin\mitsijm.exe
PRC - [2009.11.30 18:52:08 | 000,029,528 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
PRC - [2009.11.30 10:46:42 | 000,467,304 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
PRC - [2009.11.10 17:57:00 | 000,738,616 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
PRC - [2009.11.10 13:51:16 | 000,611,672 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe
PRC - [2009.11.05 22:04:20 | 000,468,320 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
PRC - [2009.11.05 22:04:12 | 000,480,608 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
PRC - [2009.11.05 09:15:36 | 000,611,672 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
PRC - [2009.10.28 11:15:10 | 000,304,496 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2009.10.02 13:26:12 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2009.10.02 13:26:10 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2009.09.30 19:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009.09.28 14:42:24 | 000,185,712 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TECO\TecoService.exe
PRC - [2009.09.28 14:30:32 | 001,328,480 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TECO\Teco.exe
PRC - [2009.09.08 23:56:26 | 000,360,448 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009.09.08 23:56:00 | 000,172,032 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009.08.13 12:31:24 | 000,521,528 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
PRC - [2009.07.28 20:26:42 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
PRC - [2009.07.28 14:43:04 | 000,128,344 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
PRC - [2009.01.13 21:33:40 | 000,034,088 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
PRC - [2007.03.12 14:49:46 | 001,209,904 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007.03.12 14:49:26 | 000,153,136 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe

========== Modules (No Company Name) ==========

MOD - [2011.10.17 14:06:58 | 001,670,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\32f68764be7200d3796b55e377311245\Microsoft.VisualBasic.ni.dll
MOD - [2011.10.12 07:14:28 | 012,234,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7c94a121334aeca7553c7f01290740f0\PresentationCore.ni.dll
MOD - [2011.10.12 07:14:18 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll
MOD - [2011.10.12 07:14:14 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\6f2de1cb69aef1946760a70f355a3075\System.ServiceProcess.ni.dll
MOD - [2011.10.12 07:14:10 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll
MOD - [2011.10.12 07:13:54 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b2622080e047040fa044dd21a04ff10d\System.Runtime.Remoting.ni.dll
MOD - [2011.10.12 07:13:46 | 011,819,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\8e7909ef6b5f953d49244c6b9f5f5100\System.Web.ni.dll
MOD - [2011.10.12 07:13:39 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll
MOD - [2011.10.12 07:13:33 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll
MOD - [2011.10.12 07:13:29 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll
MOD - [2011.10.12 07:13:18 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll
MOD - [2011.10.12 07:13:12 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2010.11.13 03:37:03 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.02.24 03:30:18 | 001,691,648 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Wizard\2.0.3538.38534__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Wizard.dll
MOD - [2010.02.24 03:30:18 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3538.38505__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2010.02.24 03:30:18 | 000,364,544 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3538.38415__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2010.02.24 03:30:18 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3538.38435__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2010.02.24 03:30:18 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3538.38485__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2010.02.24 03:30:18 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3538.38424__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2010.02.24 03:30:18 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3538.38467__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2010.02.24 03:30:18 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3538.38429__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2010.02.24 03:30:18 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3538.38458__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2010.02.24 03:30:18 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3538.38424__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2010.02.24 03:30:17 | 001,011,712 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Dashboard\2.0.3538.38530__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Dashboard.dll
MOD - [2010.02.24 03:30:17 | 000,798,720 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3538.38460__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2010.02.24 03:30:17 | 000,573,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3538.38436__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2010.02.24 03:30:17 | 000,409,600 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3538.38480__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2010.02.24 03:30:17 | 000,393,216 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3538.38459__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2010.02.24 03:30:17 | 000,360,448 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3538.38454__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2010.02.24 03:30:17 | 000,331,776 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3538.38472__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2010.02.24 03:30:17 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3538.38466__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2010.02.24 03:30:17 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3538.38440__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2010.02.24 03:30:17 | 000,270,336 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2010.02.24 03:30:17 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3538.38435__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2010.02.24 03:30:17 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3538.38504__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll
MOD - [2010.02.24 03:30:17 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3538.38472__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2010.02.24 03:30:17 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3538.38465__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2010.02.24 03:30:17 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3538.38460__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2010.02.24 03:30:17 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3538.38472__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2010.02.24 03:30:17 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3538.38459__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2010.02.24 03:30:17 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3538.38505__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2010.02.24 03:30:17 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3538.38504__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
MOD - [2010.02.24 03:30:17 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3538.38465__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2010.02.24 03:30:17 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3538.38440__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2010.02.24 03:30:17 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3538.38459__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2010.02.24 03:30:17 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3538.38466__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2010.02.24 03:30:17 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3498.37534__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2010.02.24 03:30:17 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3498.37533__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2010.02.24 03:30:17 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3498.37558__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2010.02.24 03:30:17 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3498.37615__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
MOD - [2010.02.24 03:30:17 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3498.37612__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2010.02.24 03:30:17 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3498.37554__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2010.02.24 03:30:17 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3498.37610__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2010.02.24 03:30:17 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2010.02.24 03:30:16 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3538.38429__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2010.02.24 03:30:16 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3498.37541__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2010.02.24 03:30:16 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3538.38499__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2010.02.24 03:30:16 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3498.37518__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2010.02.24 03:30:16 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3538.38498__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2010.02.24 03:30:16 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3498.37583__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2010.02.24 03:30:16 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3538.38414__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2010.02.24 03:30:16 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3538.38413__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2010.02.24 03:30:16 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3498.37579__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2010.02.24 03:30:16 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3498.37582__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2010.02.24 03:30:16 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3498.37578__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2010.02.24 03:30:16 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3498.37577__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2010.02.24 03:30:16 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2010.02.24 03:30:16 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3498.37546__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2010.02.24 03:30:16 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3538.38510__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2010.02.24 03:30:16 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3498.37522__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2010.02.24 03:30:16 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3498.37603__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2010.02.24 03:30:16 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3498.37582__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2010.02.24 03:30:16 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3498.37528__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2010.02.24 03:30:16 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3498.37515__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2010.02.24 03:30:16 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3498.37557__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2010.02.24 03:30:16 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3498.37517__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2010.02.24 03:30:16 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3498.37674__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2010.02.24 03:30:16 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3498.37602__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
MOD - [2010.02.24 03:30:16 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3498.37575__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2010.02.24 03:30:16 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3498.37572__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2010.02.24 03:30:16 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3498.37552__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2010.02.24 03:30:16 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3498.37548__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2010.02.24 03:30:16 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3498.37536__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2010.02.24 03:30:16 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3498.37580__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2010.02.24 03:30:16 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3498.37531__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
MOD - [2010.02.24 03:30:16 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3498.37547__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2010.02.24 03:30:16 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3498.37540__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2010.02.24 03:30:16 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3498.37526__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2010.02.24 03:30:16 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3498.37555__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2010.02.24 03:30:16 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3498.37553__90ba9c70f846762e\APM.Foundation.dll
MOD - [2010.02.24 03:30:16 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3498.37551__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2010.02.24 03:30:16 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2010.02.24 03:30:16 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3498.37571__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2010.02.24 03:30:16 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2010.02.24 03:30:16 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3498.37544__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2010.02.24 03:30:16 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3498.37574__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2010.02.24 03:30:16 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3498.37547__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2010.02.24 03:30:16 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3498.37535__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2010.02.24 03:30:16 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3538.38413__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2010.02.24 03:30:15 | 001,212,416 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3538.38420__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2010.02.24 03:30:15 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3538.38411__90ba9c70f846762e\APM.Server.dll
MOD - [2010.02.24 03:30:15 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3538.38412__90ba9c70f846762e\AEM.Server.dll
MOD - [2010.02.24 03:30:15 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3498.37538__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2010.02.24 03:30:15 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2010.02.24 03:30:15 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3498.37549__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2010.02.24 03:30:15 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3498.37585__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2010.02.24 03:30:15 | 000,019,456 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3538.38499__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2009.11.30 10:47:36 | 003,112,808 | ---- | M] () -- C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll
MOD - [2009.11.03 13:26:26 | 000,058,680 | ---- | M] () -- C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll
MOD - [2009.10.18 15:20:10 | 007,980,344 | ---- | M] () -- C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
MOD - [2009.07.29 15:35:38 | 000,014,648 | ---- | M] () -- C:\Program Files\TOSHIBA\TBS\NotifyTBS.dll
MOD - [2009.06.22 14:38:40 | 000,015,160 | ---- | M] () -- C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll
MOD - [2009.05.04 10:45:14 | 000,016,384 | R--- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2009.03.12 19:08:04 | 000,049,152 | ---- | M] () -- C:\Program Files\TOSHIBA\PCDiag\NotifyPCD.dll
MOD - [2006.10.07 11:57:04 | 000,053,248 | ---- | M] () -- C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll

========== Win32 Services (SafeList) ==========

SRV - [2011.11.20 22:05:27 | 003,313,752 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_d768ebc.dll -- (Akamai)
SRV - [2011.09.06 18:16:42 | 000,974,944 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2011.02.11 12:45:52 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2010.12.08 09:42:55 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.08.08 15:16:52 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010.05.11 08:40:52 | 000,124,368 | ---- | M] (Toshiba Europe GmbH) [Auto | Running] -- C:\Program Files\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO)
SRV - [2010.01.23 08:12:06 | 000,462,336 | ---- | M] () [Auto | Running] -- C:\Program Files\Autodesk\Inventor 2011\Moldflow\bin\mitsijm.exe -- (mitsijm2011)
SRV - [2009.11.10 13:50:44 | 000,677,232 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV - [2009.11.05 22:04:20 | 000,468,320 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2009.11.05 09:15:18 | 000,111,960 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV - [2009.10.27 20:11:56 | 000,185,712 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe -- (cfWiMAXService)
SRV - [2009.10.02 13:26:12 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Úložná technologie Intel(R)
SRV - [2009.09.30 19:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009.09.30 19:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009.09.28 14:42:24 | 000,185,712 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV - [2009.09.08 23:56:00 | 000,172,032 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009.07.28 14:43:04 | 000,128,344 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2009.07.14 02:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.03.10 18:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)

========== Driver Services (SafeList) ==========

DRV - [2011.10.04 11:59:15 | 000,443,448 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2011.08.09 13:57:10 | 000,163,424 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2011.08.04 09:20:38 | 000,147,480 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfw.sys -- (epfw)
DRV - [2011.08.04 09:20:38 | 000,050,624 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\epfwwfp.sys -- (epfwwfp)
DRV - [2011.08.04 09:20:38 | 000,033,656 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV - [2011.08.04 09:20:36 | 000,118,104 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010.11.20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.11.20 09:44:36 | 000,388,096 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\csc.sys -- (CSC)
DRV - [2009.10.26 12:39:04 | 000,125,696 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Impcd.sys -- (Impcd)
DRV - [2009.10.02 13:33:24 | 000,862,208 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192se.sys -- (rtl8192se)
DRV - [2009.09.22 17:40:48 | 000,174,592 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009.09.17 12:54:14 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (HECI) Intel(R)
DRV - [2009.09.09 00:31:10 | 005,174,272 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009.07.30 21:02:34 | 000,036,208 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\LPCFilter.sys -- (LPCFilter)
DRV - [2009.07.30 16:45:56 | 000,022,912 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2009.07.24 15:57:06 | 000,275,536 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tos_sps32.sys -- (tos_sps32)
DRV - [2009.07.14 16:28:42 | 000,023,512 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV - [2009.07.14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009.07.14 00:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\serial.sys -- (Serial)
DRV - [2009.07.13 23:13:48 | 001,035,776 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009.06.22 17:04:58 | 000,024,064 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PGEffect.sys -- (PGEffect)
DRV - [2009.06.19 19:31:08 | 000,012,920 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\TVALZFL.sys -- (TVALZFL)
DRV - [2009.05.20 18:04:40 | 000,157,536 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
DRV - [2007.04.24 17:52:10 | 000,016,688 | ---- | M] (IBM) [Kernel | System | Running] -- C:\Windows\System32\drivers\LUMDriver.sys -- (LUMDriver)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2665343401-776485050-2141503280-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain ... &bmod=TSEH
IE - HKU\S-1-5-21-2665343401-776485050-2141503280-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2665343401-776485050-2141503280-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.timostudio.sk/domov.html"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.11.21 00:28:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.11.02 08:19:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2011.12.05 22:43:59 | 000,000,000 | ---D | M]

[2011.04.18 12:04:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Timoti\AppData\Roaming\mozilla\Extensions
[2011.04.18 12:04:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Timoti\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.11.13 13:54:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Timoti\AppData\Roaming\mozilla\Firefox\Profiles\im1vgxpp.default\extensions
[2011.11.13 13:54:21 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Timoti\AppData\Roaming\mozilla\Firefox\Profiles\im1vgxpp.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011.03.31 11:27:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.01.13 12:01:17 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011.11.21 00:28:18 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.11.21 00:28:15 | 000,001,583 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\atlas-sk.xml
[2011.11.21 00:28:15 | 000,001,380 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\azet-sk.xml
[2011.11.21 00:28:15 | 000,001,479 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\dunaj-sk.xml
[2011.11.21 00:28:15 | 000,001,473 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slovnik-sk.xml
[2011.11.21 00:28:15 | 000,001,104 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-sk.xml
[2011.11.21 00:28:15 | 000,000,830 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\zoznam-sk.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.121\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.140.8 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll
CHR - plugin: Java(TM) Platform SE 6 U14 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\3.0.40624.0\npctrl.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.121\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin

O1 HOSTS File: ([2011.12.06 10:19:43 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Ask Search Assistant BHO) - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL File not found
O2 - BHO: (Ask Toolbar BHO) - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL File not found
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL File not found
O3 - HKU\S-1-5-21-2665343401-776485050-2141503280-1000\..\Toolbar\WebBrowser: (Ask Toolbar) - {FE063DB9-4EC0-403E-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL File not found
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [SmartFaceVWatcher] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Toshiba Registration] C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe (Toshiba Europe GmbH)
O4 - HKLM..\Run: [Toshiba TEMPRO] C:\Program Files\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
O4 - HKU\.DEFAULT..\Run: [TOSHIBA Online Product Information] C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe (TOSHIBA)
O4 - HKU\S-1-5-18..\Run: [TOSHIBA Online Product Information] C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe (TOSHIBA)
O4 - HKU\S-1-5-21-2665343401-776485050-2141503280-1000..\Run: [Akamai NetSession Interface] C:\Users\Timoti\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKU\S-1-5-21-2665343401-776485050-2141503280-1000..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-2665343401-776485050-2141503280-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-2665343401-776485050-2141503280-1000..\Run: [PCSpeedUp] C:\Program Files\Zrychleni Pocitace\PCSpeedUp.lnk ()
O4 - HKU\S-1-5-21-2665343401-776485050-2141503280-1000..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2665343401-776485050-2141503280-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2665343401-776485050-2141503280-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D5192E18-2B90-4FBD-9F5D-4EEB6B9F8212}: DhcpNameServer = 158.193.86.5 158.193.86.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.03.09 20:18:20 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

timoti · #8 Příspěvek od **timoti** » 06 pro 2011 12:50

DRUHÁ ČASŤ

)))))))))))))

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2011.12.06 11:01:39 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Timoti\Desktop\OTL.exe
[2011.12.06 10:19:46 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2011.12.06 10:17:54 | 000,000,000 | ---D | C] -- C:\Users\Timoti\AppData\Local\temp
[2011.12.06 09:46:10 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011.12.06 09:46:10 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011.12.06 09:46:10 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011.12.06 09:45:53 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011.12.06 09:45:50 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.12.06 09:40:50 | 004,329,111 | R--- | C] (Swearware) -- C:\Users\Timoti\Desktop\ComboFix.exe
[2011.12.05 22:43:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2011.12.05 22:43:56 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2011.12.05 22:43:56 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011.12.05 15:09:12 | 000,000,000 | ---D | C] -- C:\TEMP
[2011.11.27 17:27:20 | 000,000,000 | ---D | C] -- C:\Users\Timoti\Desktop\Nová složka
[2011.11.22 23:59:23 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011.11.22 19:21:35 | 000,000,000 | -HSD | C] -- C:\Users\Timoti\AppData\Local\96a13fe0
[2011.11.16 12:18:08 | 000,045,056 | ---- | C] (Northern Codeworks) -- C:\Windows\NCUNINST.EXE
[2011.11.16 12:14:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SWF Studio
[2011.11.16 12:12:58 | 000,000,000 | ---D | C] -- C:\lj1010seriesprintsys
[2011.11.16 12:06:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard
[2011.11.16 12:06:33 | 000,246,784 | ---- | C] (Hewlett-Packard) -- C:\Windows\System32\hpmpm081.dll
[2011.11.16 12:06:33 | 000,223,232 | ---- | C] (Hewlett-Packard) -- C:\Windows\System32\hpmtp115.dll
[2011.11.16 12:06:33 | 000,181,248 | ---- | C] (Hewlett-Packard) -- C:\Windows\System32\hpmpw081.dll
[2011.11.16 12:06:33 | 000,167,480 | ---- | C] (Hewlett-Packard) -- C:\Windows\System32\hppccompio.dll
[2011.11.16 12:06:33 | 000,049,252 | ---- | C] (Hewlett-Packard) -- C:\Windows\System32\hpmnque.dll
[2011.11.16 12:06:33 | 000,049,250 | ---- | C] (Hewlett-Packard) -- C:\Windows\System32\hpmnndps.dll
[2011.11.16 12:06:33 | 000,018,944 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\System32\hppmopjl.dll
[2011.11.16 12:06:32 | 000,328,704 | ---- | C] (Hewlett-Packard) -- C:\Windows\System32\hpmml115.dll
[2011.11.16 12:06:32 | 000,288,256 | ---- | C] (Hewlett-Packard Corporation) -- C:\Windows\System32\hpcpn115.dll
[2011.11.16 12:06:32 | 000,279,040 | ---- | C] (Hewlett-Packard) -- C:\Windows\System32\hpmja115.dll
[2011.11.16 12:06:31 | 000,902,200 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\System32\hpbuio32.dll
[2011.11.16 12:06:31 | 000,059,928 | ---- | C] (Hewlett-Packard) -- C:\Windows\System32\fxcompchannel.dll
[2011.11.16 12:05:08 | 000,000,000 | ---D | C] -- C:\HP Universal Print Driver
[2011.11.10 09:58:09 | 002,341,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011.11.10 09:54:58 | 000,000,000 | ---D | C] -- C:\Users\Timoti\AppData\Local\Akamai
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.12.06 11:16:54 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.12.06 11:16:11 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.12.06 11:11:00 | 000,000,440 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2011.12.06 11:10:47 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.12.06 11:10:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.12.06 11:10:15 | 2407,743,488 | -HS- | M] () -- C:\hiberfil.sys
[2011.12.06 11:06:33 | 000,658,088 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2011.12.06 11:06:33 | 000,651,940 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.12.06 11:06:33 | 000,139,774 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2011.12.06 11:06:33 | 000,120,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.12.06 11:01:46 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Timoti\Desktop\OTL.exe
[2011.12.06 10:28:42 | 000,017,504 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.12.06 10:28:42 | 000,017,504 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.12.06 10:19:43 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011.12.06 09:40:48 | 004,329,111 | R--- | M] (Swearware) -- C:\Users\Timoti\Desktop\ComboFix.exe
[2011.11.23 00:00:10 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2011.11.22 19:21:45 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011.11.17 20:12:36 | 001,867,752 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.11.16 12:18:08 | 000,045,056 | ---- | M] (Northern Codeworks) -- C:\Windows\NCUNINST.EXE
[2011.11.16 12:18:00 | 000,211,284 | ---- | M] () -- C:\Windows\hplj1010.his
[2011.11.16 12:18:00 | 000,013,564 | ---- | M] () -- C:\Windows\hplj1010.ini
[2011.11.16 12:07:09 | 000,000,000 | ---- | M] () -- C:\Windows\HPMProp.INI
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.12.06 09:46:10 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011.12.06 09:46:10 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011.12.06 09:46:10 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011.12.06 09:46:10 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011.12.06 09:46:10 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011.12.05 23:23:49 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.11.29 20:18:30 | 013,506,496 | ---- | C] () -- C:\Users\Timoti\Desktop\posilnovanie.pdf
[2011.11.16 12:14:20 | 000,211,284 | ---- | C] () -- C:\Windows\hplj1010.his
[2011.11.16 12:14:20 | 000,013,564 | ---- | C] () -- C:\Windows\hplj1010.ini
[2011.11.16 12:07:09 | 000,000,000 | ---- | C] () -- C:\Windows\HPMProp.INI
[2011.08.15 22:01:27 | 000,388,096 | ---- | C] () -- C:\Windows\System32\drivers\csc.sys
[2011.08.15 22:00:06 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011.03.01 21:44:33 | 000,000,960 | ---- | C] () -- C:\Users\Timoti\AppData\Local\SRDownloader.nast
[2011.02.23 12:57:54 | 000,025,088 | ---- | C] () -- C:\Users\Timoti\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.01.12 15:54:53 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.09.29 23:18:52 | 000,007,610 | ---- | C] () -- C:\Users\Timoti\AppData\Local\Resmon.ResmonCfg
[2010.04.08 16:28:36 | 000,017,850 | ---- | C] () -- C:\Users\Timoti\AppData\Roaming\UserTile.png
[2010.02.24 03:49:18 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2010.02.24 03:34:26 | 000,045,056 | ---- | C] () -- C:\Windows\System32\HWS_Ctrl.dll
[2010.02.24 03:29:38 | 000,294,912 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2010.02.24 03:29:38 | 000,197,654 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2010.02.24 03:29:38 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
[2010.02.24 03:21:20 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009.12.09 14:50:38 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2009.07.14 09:44:22 | 000,658,088 | ---- | C] () -- C:\Windows\System32\perfh005.dat
[2009.07.14 09:44:22 | 000,292,004 | ---- | C] () -- C:\Windows\System32\perfi005.dat
[2009.07.14 09:44:22 | 000,139,774 | ---- | C] () -- C:\Windows\System32\perfc005.dat
[2009.07.14 09:44:22 | 000,036,232 | ---- | C] () -- C:\Windows\System32\perfd005.dat
[2009.07.14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 05:33:53 | 001,867,752 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009.07.14 03:05:48 | 000,651,940 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 03:05:48 | 000,120,872 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009.07.14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009.07.14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009.07.14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2009.04.28 04:37:00 | 000,028,672 | ---- | C] () -- C:\Windows\System32\SPCtl.dll

========== LOP Check ==========

[2011.12.05 15:09:02 | 000,000,000 | ---D | M] -- C:\Users\Timoti\AppData\Roaming\Autodesk
[2011.10.04 12:03:50 | 000,000,000 | ---D | M] -- C:\Users\Timoti\AppData\Roaming\DAEMON Tools Lite
[2010.11.30 01:06:51 | 000,000,000 | ---D | M] -- C:\Users\Timoti\AppData\Roaming\DAEMON Tools Pro
[2010.10.26 17:00:22 | 000,000,000 | ---D | M] -- C:\Users\Timoti\AppData\Roaming\DassaultSystemes
[2010.08.15 14:48:37 | 000,000,000 | ---D | M] -- C:\Users\Timoti\AppData\Roaming\ESET
[2011.03.10 13:37:51 | 000,000,000 | ---D | M] -- C:\Users\Timoti\AppData\Roaming\Guitar Pro 6
[2011.12.05 15:06:15 | 000,000,000 | ---D | M] -- C:\Users\Timoti\AppData\Roaming\IrfanView
[2011.10.04 12:00:45 | 000,000,000 | ---D | M] -- C:\Users\Timoti\AppData\Roaming\OpenCandy
[2011.10.26 00:04:30 | 000,000,000 | ---D | M] -- C:\Users\Timoti\AppData\Roaming\Publish Providers
[2011.11.22 19:14:40 | 000,000,000 | ---D | M] -- C:\Users\Timoti\AppData\Roaming\Sony
[2011.04.18 12:04:10 | 000,000,000 | ---D | M] -- C:\Users\Timoti\AppData\Roaming\Thunderbird
[2010.05.04 19:32:05 | 000,000,000 | ---D | M] -- C:\Users\Timoti\AppData\Roaming\Toshiba
[2011.12.06 11:11:18 | 000,000,000 | ---D | M] -- C:\Users\Timoti\AppData\Roaming\uTorrent
[2011.01.07 12:39:02 | 000,000,000 | ---D | M] -- C:\Users\Timoti\AppData\Roaming\WinBatch
[2011.08.15 20:46:57 | 000,032,576 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"swg" = "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -- [2009.12.09 14:54:19 | 000,039,408 | ---- | M] (Google Inc.)
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" -- [2007.03.12 14:49:26 | 000,153,136 | ---- | M] (Nero AG)
"uTorrent" = "C:\Program Files\uTorrent\uTorrent.exe" -- [2011.05.16 12:19:40 | 000,399,736 | ---- | M] (BitTorrent, Inc.)
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun -- [2011.08.02 08:33:30 | 004,910,912 | ---- | M] (DT Soft Ltd)
"PCSpeedUp" = C:\Program Files\Zrychleni Pocitace\PCSpeedUp.lnk -- [2011.10.04 12:02:55 | 000,002,400 | ---- | M] ()
"Akamai NetSession Interface" = C:\Users\Timoti\AppData\Local\Akamai\netsession_win.exe -- [2011.11.17 06:58:04 | 003,303,000 | ---- | M] (Akamai Technologies, Inc)

< >

< MD5 for: AGP440.SYS >
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\ERDNT\cache\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\ERDNT\cache\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\ERDNT\cache\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010.11.20 13:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\ERDNT\cache\cryptsvc.dll
[2010.11.20 13:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\System32\cryptsvc.dll
[2010.11.20 13:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll

< MD5 for: CSC.SYS >
[2009.07.14 00:15:13 | 000,387,584 | ---- | M] (Microsoft Corporation) MD5=27C9490BDD0AE48911AB8CF1932591ED -- C:\Windows\winsxs\x86_microsoft-windows-offlinefiles-core_31bf3856ad364e35_6.1.7600.16385_none_9e1e9f0abd3adf87\csc.sys
[2010.11.20 09:44:36 | 000,388,096 | ---- | M] () MD5=B731663ABA1455B33CBBAC11E32E8F80 -- C:\Windows\System32\drivers\csc.sys

< MD5 for: CSRSS.EXE >
[2009.07.14 02:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=342271F6142E7C70805B8A81E1BA5F5C -- C:\Windows\System32\csrss.exe
[2009.07.14 02:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=342271F6142E7C70805B8A81E1BA5F5C -- C:\Windows\winsxs\x86_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_58ba39fb456943bd\csrss.exe

< MD5 for: EXPLORER.EXE >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\ERDNT\cache\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: FASTFAT.SYS >
[2009.07.14 00:14:02 | 000,148,480 | ---- | M] (Microsoft Corporation) MD5=7E0AB74553476622FB6AE36F73D97D35 -- C:\Windows\System32\drivers\fastfat.sys
[2009.07.14 00:14:02 | 000,148,480 | ---- | M] (Microsoft Corporation) MD5=7E0AB74553476622FB6AE36F73D97D35 -- C:\Windows\winsxs\x86_microsoft-windows-fat_31bf3856ad364e35_6.1.7600.16385_none_ae8981a3b8b7be50\fastfat.sys

< MD5 for: HAL.DLL >
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: IASTOR.SYS >
[2009.10.02 12:40:50 | 000,432,664 | ---- | M] (Intel Corporation) MD5=D5EDB998656E6ECF1A17C78DAB019A3C -- C:\Windows\System32\drivers\iaStor.sys
[2009.10.02 12:40:50 | 000,432,664 | ---- | M] (Intel Corporation) MD5=D5EDB998656E6ECF1A17C78DAB019A3C -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_x86_neutral_c08288e6bf102290\iaStor.sys

< MD5 for: IASTORV.SYS >
[2011.03.11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys
[2011.03.11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011.03.11 06:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
[2011.03.11 06:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010.11.20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
[2011.03.11 06:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\drivers\isapnp.sys
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\isapnp.sys
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\isapnp.sys
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\ERDNT\cache\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\System32\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_a620e0e5be1ecda7\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_a61fe281be1fb177\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_a69eaf60d7456d32\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_a851f4adbb0d5141\lsass.exe

< MD5 for: NDIS.SYS >
[2009.07.14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys
[2010.11.20 13:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\ERDNT\cache\ndis.sys
[2010.11.20 13:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\System32\drivers\ndis.sys
[2010.11.20 13:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys

< MD5 for: NETLOGON.DLL >
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\ERDNT\cache\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll

< MD5 for: NTFS.SYS >
[2011.03.11 06:44:01 | 001,210,240 | ---- | M] (Microsoft Corporation) MD5=187002CE05693C306F43C873F821381F -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.16778_none_a65558427e3453b4\ntfs.sys
[2010.11.20 13:30:06 | 001,211,264 | ---- | M] (Microsoft Corporation) MD5=33C3093D09017CFE2E219F2472BFF6EB -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17514_none_a87893a87b2db29e\ntfs.sys
[2009.07.14 02:20:44 | 001,210,432 | ---- | M] (Microsoft Corporation) MD5=3795DCD21F740EE799FB7223234215AF -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.16385_none_a6477fe07e3f2f04\ntfs.sys
[2011.03.11 06:39:00 | 001,211,264 | ---- | M] (Microsoft Corporation) MD5=81189C3D7763838E55C397759D49007A -- C:\Windows\ERDNT\cache\ntfs.sys
[2011.03.11 06:39:00 | 001,211,264 | ---- | M] (Microsoft Corporation) MD5=81189C3D7763838E55C397759D49007A -- C:\Windows\System32\drivers\ntfs.sys
[2011.03.11 06:39:00 | 001,211,264 | ---- | M] (Microsoft Corporation) MD5=81189C3D7763838E55C397759D49007A -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17577_none_a83ab4fe7b5ba649\ntfs.sys
[2011.03.11 06:52:25 | 001,210,752 | ---- | M] (Microsoft Corporation) MD5=A7266D82DB9675AFBDED39695B69EDAC -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.20921_none_a70e0489972fb38f\ntfs.sys
[2011.03.11 06:28:10 | 001,211,264 | ---- | M] (Microsoft Corporation) MD5=E2EDE3F02F95B896A1C7C6F0CC0C4083 -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.21680_none_a8b27fd79487b0a3\ntfs.sys

< MD5 for: NVRAID.SYS >
[2009.07.14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvraid.sys
[2010.11.20 13:30:06 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=AF2EEC9580C1D32FB7EAF105D9784061 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.20 13:30:06 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=AF2EEC9580C1D32FB7EAF105D9784061 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvraid.sys
[2011.03.11 06:39:00 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\System32\drivers\nvraid.sys
[2011.03.11 06:39:00 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.03.11 06:39:00 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvraid.sys
[2011.03.11 06:28:10 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=E3B840350A72CA6F39BD2BEF85A2BCFB -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvraid.sys
[2011.03.11 06:44:01 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=F1B0BED906F97E16F6D0C3629D2F21C6 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvraid.sys
[2011.03.11 06:52:25 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=FCD5C3542A85EEBA7D0833B7E5086C10 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2011.03.11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys
[2011.03.11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011.03.11 06:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011.03.11 06:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011.03.11 06:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2010.11.20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\ERDNT\cache\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\ERDNT\cache\services.exe
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe

< MD5 for: SMSS.EXE >
[2009.07.14 02:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\System32\smss.exe
[2009.07.14 02:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_ac10fe207a85352b\smss.exe

< MD5 for: SPOOLSV.EXE >
[2010.08.20 05:25:14 | 000,316,928 | ---- | M] (Microsoft Corporation) MD5=2FB4CE429488156B19C0D8E5C4552043 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.20785_none_d6ab9bc23bf9f1c6\spoolsv.exe
[2009.07.14 02:14:41 | 000,316,416 | ---- | M] (Microsoft Corporation) MD5=49B6DD6AB3715B7A67965F17194E98A9 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16385_none_d621f94522dc5a87\spoolsv.exe
[2010.11.20 13:17:45 | 000,317,440 | ---- | M] (Microsoft Corporation) MD5=866A43013535DC8587C258E43579C764 -- C:\Windows\ERDNT\cache\spoolsv.exe
[2010.11.20 13:17:45 | 000,317,440 | ---- | M] (Microsoft Corporation) MD5=866A43013535DC8587C258E43579C764 -- C:\Windows\System32\spoolsv.exe
[2010.11.20 13:17:45 | 000,317,440 | ---- | M] (Microsoft Corporation) MD5=866A43013535DC8587C258E43579C764 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17514_none_d8530d0d1fcade21\spoolsv.exe
[2010.08.21 06:32:37 | 000,316,928 | ---- | M] (Microsoft Corporation) MD5=D1BB750EB51694DE183E08B9C33BE5B2 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16661_none_d6339da722cfb4be\spoolsv.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\ERDNT\cache\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 05:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011.06.21 06:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2011.09.29 17:02:44 | 001,301,872 | ---- | M] (Microsoft Corporation) MD5=22F7E7CBCA308DEE3428B097D4F8A61C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\tcpip.sys
[2011.04.25 05:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2010.11.20 13:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011.09.29 17:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2011.09.29 16:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\tcpip.sys
[2011.09.29 17:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\ERDNT\cache\tcpip.sys
[2011.09.29 17:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\System32\drivers\tcpip.sys
[2011.09.29 17:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2011.04.25 07:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2011.04.25 05:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2011.06.21 06:30:45 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=93C444D118B184452132357C322124CD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys
[2010.06.14 07:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys
[2010.06.14 07:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys
[2011.06.21 06:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys
[2011.06.21 07:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\ERDNT\cache\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\ERDNT\cache\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010.11.20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\ERDNT\cache\ws2_32.dll
[2010.11.20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\System32\ws2_32.dll
[2010.11.20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< >

< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2009.07.14 02:15:05 | 000,071,168 | ---- | M] (CANON INC.) -- C:\Windows\System32\spool\prtprocs\w32x86\CNBPP4.DLL
[2011.06.06 02:07:58 | 000,314,880 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\hpcpp115.dll
[2009.07.14 02:15:35 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
[2010.11.20 13:21:36 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\winprint.dll
[2009.07.14 09:43:31 | 000,003,584 | ---- | M] (Lexmark International Inc.) -- C:\Windows\System32\spool\prtprocs\w32x86\cs-CZ\LXKPTPRC.DLL.mui

< %systemroot%\system32\drivers\*.sys /5 >

< %systemroot%\system32\drivers\*.sys /X >
[2009.09.08 22:50:56 | 000,053,248 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\system32\drivers\ati2erec.dll
[2009.06.10 22:19:15 | 000,328,162 | ---- | M] () -- C:\Windows\system32\drivers\ativcaxx.cpa
[2009.06.10 22:19:15 | 000,000,929 | ---- | M] () -- C:\Windows\system32\drivers\ativcaxx.vp
[2009.06.10 22:19:15 | 000,002,096 | ---- | M] () -- C:\Windows\system32\drivers\ativdkxx.vp
[2009.06.10 22:19:15 | 000,002,096 | ---- | M] () -- C:\Windows\system32\drivers\ativokxx.vp
[2009.06.10 22:19:15 | 000,002,096 | ---- | M] () -- C:\Windows\system32\drivers\ativpkxx.vp
[2009.06.10 22:19:15 | 000,052,400 | ---- | M] () -- C:\Windows\system32\drivers\ativvpxx.vp
[2009.06.10 22:14:29 | 003,440,660 | ---- | M] () -- C:\Windows\system32\drivers\gm.dls
[2009.06.10 22:14:29 | 000,000,646 | ---- | M] () -- C:\Windows\system32\drivers\gmreadme.txt
[2009.06.10 22:27:38 | 000,000,003 | ---- | M] () -- C:\Windows\system32\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
[2010.02.24 03:39:31 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_Kernel_SynTP_01009.Wdf
[2010.03.27 20:53:36 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.03.27 14:14:57 | 000,000,000 | RHS- | M] () -- C:\Windows\system32\drivers\TOSHIBA_Satellite Pro L550_10934-CZ_PSLWTE-00L00.MRK

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2011.10.04 11:59:15 | 000,443,448 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sptd.sys

< %systemroot%\system32\*.* /5 >
[2011.12.06 11:18:15 | 000,017,504 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.12.06 11:18:15 | 000,017,504 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.12.06 11:10:32 | 000,000,018 | ---- | M] () -- C:\Windows\system32\log.txt
[2011.12.06 11:06:33 | 000,139,774 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2011.12.06 11:06:33 | 000,120,872 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2011.12.06 11:06:33 | 000,658,088 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2011.12.06 11:06:33 | 000,651,940 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2011.12.06 11:06:33 | 001,575,702 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI

< %systemroot%\system32\*.dll /lockedfiles >
[2009.09.08 23:56:52 | 000,446,464 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\system32\ATIDEMGX.dll

< %systemroot%\system32\config\*.sav >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[9 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\2c5f142d97790997d9b113eb9ad8f966\*.tmp files -> C:\Windows\SoftwareDistribution\Download\2c5f142d97790997d9b113eb9ad8f966\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\552baa0c0d9798bf2308b3040b3436c5\*.tmp files -> C:\Windows\SoftwareDistribution\Download\552baa0c0d9798bf2308b3040b3436c5\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\73359e52f84f08cc68c71cf422b798bb\*.tmp files -> C:\Windows\SoftwareDistribution\Download\73359e52f84f08cc68c71cf422b798bb\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\adb4aff7046d53dc34a758b43ed986bf\*.tmp files -> C:\Windows\SoftwareDistribution\Download\adb4aff7046d53dc34a758b43ed986bf\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\e86cc367db72984a1e1f05b09c03af8c\*.tmp files -> C:\Windows\SoftwareDistribution\Download\e86cc367db72984a1e1f05b09c03af8c\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\eb3696b9932f474fe45978811bea2090\*.tmp files -> C:\Windows\SoftwareDistribution\Download\eb3696b9932f474fe45978811bea2090\*.tmp -> ]

< %systemroot%\*. /mp /s >

< %ALLUSERSPROFILE%\Data Aplikací\*.* >

< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >

< %ALLUSERSPROFILE%\Dáta aplikácií\*.* >

< %ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s >

< %APPDATA%\*. >
[2011.11.03 00:03:07 | 000,000,000 | ---D | M] -- C:\Users\Timoti\AppData\Roaming\Adobe
[2010.05.02 14:39:06 | 000,000,000 | ---D | M] -- C:\Users\Timoti\AppData\Roaming\Ahead
[2011.11.02 08:26:45 | 000,000,000 | ---D | M] -- C:\Users\Timoti\AppData\Roaming\Apple Computer
[2010.03.27 14:27:13 | 000,000,000 | ---D | M] -- C:\Users\Timoti\AppData\Roaming\ATI
[2011.12.05 15:09:02 | 000,000,000 | ---D | M] -- C:\Users\Timoti\AppData\Roaming\Autodesk
[2011.10.04 12:03:50 | 000,000,000 | ---D | M] -- C:\Users\Timoti\AppData\Roaming\DAEMON Tools Lite
[2010.11.30 01:06:51 | 000,000,000 | ---D | M] -- C:\Users\Timoti\AppData\Roaming\DAEMON Tools Pro
[2010.10.26 17:00:22 | 000,000,000 | ---D | M] -- C:\Users\Timoti\AppData\Roaming\DassaultSystemes
[2011.01.25 13:56:30 | 000,000,000 | ---D | M] -- C:\Users\Timoti\AppData\Roaming\dvdcss
[2010.08.15 14:48:37 | 000,000,000 | ---D | M] -- C:\Users\Timoti\AppData\Roaming\ESET
[2010.03.27 14:29:16 | 000,000,000 | ---D | M] -- C:\Users\Timoti\AppData\Roaming\Google
[2011.03.10 13:37:51 | 000,000,000 | ---D | M] -- C:\Users\Timoti\AppData\Roaming\Guitar Pro 6
[2010.03.27 14:26:55 | 000,000,000 | ---D | M] -- C:\Users\Timoti\AppData\Roaming\Identities
[2011.01.07 12:39:05 | 000,000,000 | ---D | M] -- C:\Users\Timoti\AppData\Roaming\InstallShield
[2010.03.27 14:27:15 | 000,000,000 | ---D | M] -- C:\Users\Timoti\AppData\Roaming\Intel Corporation
[2011.12.05 15:06:15 | 000,000,000 | ---D | M] -- C:\Users\Timoti\AppData\Roaming\IrfanView
[2009.12.09 15:00:31 | 000,000,000 | ---D | M] -- C:\Users\Timoti\AppData\Roaming\Macromedia
[2009.07.14 10:20:15 | 000,000,000 | ---D | M] -- C:\Users\Timoti\AppData\Roaming\Media Center Programs
[2011.11.29 20:51:13 | 000,000,000 | --SD | M] -- C:\Users\Timoti\AppData\Roaming\Microsoft
[2010.03.27 14:51:57 | 000,000,000 | ---D | M] -- C:\Users\Timoti\AppData\Roaming\Mozilla
[2011.10.04 12:00:45 | 000,000,000 | ---D | M] -- C:\Users\Timoti\AppData\Roaming\OpenCandy
[2011.10.26 00:04:30 | 000,000,000 | ---D | M] -- C:\Users\Timoti\AppData\Roaming\Publish Providers
[2011.11.28 23:06:57 | 000,000,000 | ---D | M] -- C:\Users\Timoti\AppData\Roaming\Skype
[2011.01.12 16:04:50 | 000,000,000 | ---D | M] -- C:\Users\Timoti\AppData\Roaming\skypePM
[2011.11.22 19:14:40 | 000,000,000 | ---D | M] -- C:\Users\Timoti\AppData\Roaming\Sony
[2011.04.18 12:04:10 | 000,000,000 | ---D | M] -- C:\Users\Timoti\AppData\Roaming\Thunderbird
[2010.05.04 19:32:05 | 000,000,000 | ---D | M] -- C:\Users\Timoti\AppData\Roaming\Toshiba
[2011.12.06 11:44:50 | 000,000,000 | ---D | M] -- C:\Users\Timoti\AppData\Roaming\uTorrent
[2011.12.06 00:03:36 | 000,000,000 | ---D | M] -- C:\Users\Timoti\AppData\Roaming\vlc
[2011.01.07 12:39:02 | 000,000,000 | ---D | M] -- C:\Users\Timoti\AppData\Roaming\WinBatch
[2010.10.25 19:31:04 | 000,000,000 | ---D | M] -- C:\Users\Timoti\AppData\Roaming\WinRAR

< %APPDATA%\*.* >
[2010.04.08 16:28:36 | 000,017,850 | ---- | M] () -- C:\Users\Timoti\AppData\Roaming\UserTile.png

< %APPDATA%\*.exe /s >
[2009.11.11 02:14:22 | 000,038,208 | ---- | M] () -- C:\Users\Timoti\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2011.03.09 20:39:44 | 000,010,134 | R--- | M] () -- C:\Users\Timoti\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2011.10.04 11:59:25 | 000,416,160 | ---- | M] () -- C:\Users\Timoti\AppData\Roaming\OpenCandy\OpenCandy_7A73E470F1714024ADD2136892294625\LatestDLMgr.exe
[2011.08.01 23:38:30 | 001,872,896 | ---- | M] (Speedchecker Limited ) -- C:\Users\Timoti\AppData\Roaming\OpenCandy\OpenCandy_7A73E470F1714024ADD2136892294625\pcspeedup.exe

< %SYSTEMDRIVE%\*.exe >

< >

< >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-12-03 19:59:28

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s >
"JobInactivityTimeout" = 7776000
"JobMinimumRetryDelay" = 600
"JobNoProgressTimeout" = 1209600
"LogFileFlags" = 0
"LogFileMinMemory" = 120
"LogFileSize" = 1
"TimeQuantaLength" = 300
"UseLmCompat" = 2
"IGDSearcherDLL" = bitsigd.dll -- [2009.07.14 02:14:59 | 000,039,936 | ---- | M] (Microsoft Corporation)
"StateIndex" = 0

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
BOOTEXECUTE REG_MULTI_SZ autocheck autochk *

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c >

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2011.12.06 11:16:54 | 000,000,512 | ---- | M] () MD5=5B15701A942F3AA04136A665EE63B67C -- C:\PhysicalMBR.bin
[1 C:\*.tmp files -> C:\*.tmp -> ]

< End of report >

#9 Příspěvek od **motji** » 06 pro 2011 13:40

Vypadá to dobře, ale pořádně na něj mrknu později, ted nestíhám

.

Stáhněte TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe
- a uložte ho na plochu.
- 2x klikněte na ikonu programu a spusťte
- dejte volbu Spustit kontrolu - pak potvrdte start sken
- pokud program najde infikovaný soubor, ukáže se Vám předvolená akce Cure, v tom případě potvrdte tlačítko Continue
- pokud bude chtít program restartovat počítač, klikněte na tlačítko Reboot Now
- pokud si restart nevyžádá, klikněte na tlačítko Report. Měl vy na Vás vyskočit log, obsah logu zkopírujte do svého topicu.
- pokud se log nezobrazí, je uložený ve Vašem kořenovém adresáři.

timoti · #10 Příspěvek od **timoti** » 06 pro 2011 13:54

ok spravil som to tu je výsledok

13:48:17.0482 2320 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44
13:48:17.0950 2320 ============================================================
13:48:17.0950 2320 Current date / time: 2011/12/06 13:48:17.0950
13:48:17.0950 2320 SystemInfo:
13:48:17.0950 2320
13:48:17.0950 2320 OS Version: 6.1.7601 ServicePack: 1.0
13:48:17.0950 2320 Product type: Workstation
13:48:17.0950 2320 ComputerName: TOSHIBA-TIMOTI
13:48:17.0950 2320 UserName: Timoti
13:48:17.0950 2320 Windows directory: C:\Windows
13:48:17.0950 2320 System windows directory: C:\Windows
13:48:17.0950 2320 Processor architecture: Intel x86
13:48:17.0950 2320 Number of processors: 4
13:48:17.0950 2320 Page size: 0x1000
13:48:17.0950 2320 Boot type: Normal boot
13:48:17.0950 2320 ============================================================
13:48:18.0450 2320 Initialize success
13:48:22.0443 4104 ============================================================
13:48:22.0443 4104 Scan started
13:48:22.0443 4104 Mode: Manual;
13:48:22.0443 4104 ============================================================
13:48:23.0442 4104 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
13:48:23.0442 4104 1394ohci - ok
13:48:23.0629 4104 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
13:48:23.0629 4104 ACPI - ok
13:48:23.0800 4104 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
13:48:23.0816 4104 AcpiPmi - ok
13:48:24.0003 4104 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
13:48:24.0003 4104 adp94xx - ok
13:48:24.0206 4104 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
13:48:24.0206 4104 adpahci - ok
13:48:24.0393 4104 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
13:48:24.0393 4104 adpu320 - ok
13:48:24.0612 4104 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
13:48:24.0612 4104 AFD - ok
13:48:24.0830 4104 AgereSoftModem (7e10e3bb9b258ad8a9300f91214d67b9) C:\Windows\system32\DRIVERS\AGRSM.sys
13:48:24.0830 4104 AgereSoftModem - ok
13:48:25.0017 4104 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
13:48:25.0017 4104 agp440 - ok
13:48:25.0236 4104 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
13:48:25.0236 4104 aic78xx - ok
13:48:25.0470 4104 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
13:48:25.0470 4104 aliide - ok
13:48:25.0782 4104 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
13:48:25.0782 4104 amdagp - ok
13:48:26.0125 4104 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
13:48:26.0125 4104 amdide - ok
13:48:26.0343 4104 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
13:48:26.0343 4104 AmdK8 - ok
13:48:26.0593 4104 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
13:48:26.0593 4104 AmdPPM - ok
13:48:27.0388 4104 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
13:48:27.0388 4104 amdsata - ok
13:48:27.0903 4104 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
13:48:27.0919 4104 amdsbs - ok
13:48:28.0200 4104 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
13:48:28.0215 4104 amdxata - ok
13:48:28.0449 4104 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
13:48:28.0449 4104 AppID - ok
13:48:28.0652 4104 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
13:48:28.0652 4104 arc - ok
13:48:28.0855 4104 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
13:48:28.0855 4104 arcsas - ok
13:48:29.0073 4104 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
13:48:29.0073 4104 AsyncMac - ok
13:48:29.0276 4104 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
13:48:29.0276 4104 atapi - ok
13:48:29.0666 4104 atikmdag (a12b4aa7f1294f065a03fba79de29e5a) C:\Windows\system32\DRIVERS\atikmdag.sys
13:48:29.0806 4104 atikmdag - ok
13:48:30.0056 4104 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
13:48:30.0056 4104 b06bdrv - ok
13:48:30.0259 4104 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
13:48:30.0259 4104 b57nd60x - ok
13:48:30.0462 4104 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
13:48:30.0462 4104 Beep - ok
13:48:30.0696 4104 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
13:48:30.0696 4104 blbdrive - ok
13:48:30.0945 4104 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
13:48:30.0945 4104 bowser - ok
13:48:31.0132 4104 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:48:31.0132 4104 BrFiltLo - ok
13:48:31.0320 4104 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:48:31.0320 4104 BrFiltUp - ok
13:48:31.0538 4104 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
13:48:31.0538 4104 Brserid - ok
13:48:31.0741 4104 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
13:48:31.0741 4104 BrSerWdm - ok
13:48:31.0944 4104 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
13:48:31.0944 4104 BrUsbMdm - ok
13:48:32.0131 4104 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
13:48:32.0131 4104 BrUsbSer - ok
13:48:32.0334 4104 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
13:48:32.0334 4104 BTHMODEM - ok
13:48:32.0490 4104 catchme - ok
13:48:32.0677 4104 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
13:48:32.0677 4104 cdfs - ok
13:48:32.0864 4104 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
13:48:32.0880 4104 cdrom - ok
13:48:33.0098 4104 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
13:48:33.0098 4104 circlass - ok
13:48:33.0270 4104 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
13:48:33.0270 4104 CLFS - ok
13:48:33.0519 4104 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
13:48:33.0519 4104 CmBatt - ok
13:48:33.0691 4104 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
13:48:33.0706 4104 cmdide - ok
13:48:33.0909 4104 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
13:48:33.0909 4104 CNG - ok
13:48:34.0112 4104 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
13:48:34.0112 4104 Compbatt - ok
13:48:34.0315 4104 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
13:48:34.0315 4104 CompositeBus - ok
13:48:34.0549 4104 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
13:48:34.0549 4104 crcdisk - ok
13:48:34.0783 4104 CSC (b731663aba1455b33cbbac11e32e8f80) C:\Windows\system32\drivers\csc.sys
13:48:34.0798 4104 Suspicious file (NoAccess): C:\Windows\system32\drivers\csc.sys. md5: b731663aba1455b33cbbac11e32e8f80
13:48:34.0798 4104 CSC ( Rootkit.Win32.ZAccess.g ) - infected
13:48:34.0798 4104 CSC - detected Rootkit.Win32.ZAccess.g (0)
13:48:35.0017 4104 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
13:48:35.0017 4104 DfsC - ok
13:48:35.0266 4104 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
13:48:35.0266 4104 discache - ok
13:48:35.0469 4104 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
13:48:35.0469 4104 Disk - ok
13:48:35.0719 4104 dot4 (b5e479eb83707dd698f66953e922042c) C:\Windows\system32\DRIVERS\Dot4.sys
13:48:35.0719 4104 dot4 - ok
13:48:35.0937 4104 Dot4Print (caefd09b6a6249c53a67d55a9a9fcabf) C:\Windows\system32\DRIVERS\Dot4Prt.sys
13:48:35.0937 4104 Dot4Print - ok
13:48:36.0124 4104 dot4usb (cf491ff38d62143203c065260567e2f7) C:\Windows\system32\DRIVERS\dot4usb.sys
13:48:36.0124 4104 dot4usb - ok
13:48:36.0327 4104 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
13:48:36.0327 4104 drmkaud - ok
13:48:36.0733 4104 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
13:48:36.0733 4104 DXGKrnl - ok
13:48:36.0967 4104 eamonm (04238864710460c5682e260207d06192) C:\Windows\system32\DRIVERS\eamonm.sys
13:48:36.0982 4104 eamonm - ok
13:48:37.0279 4104 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
13:48:37.0310 4104 ebdrv - ok
13:48:37.0513 4104 ehdrv (deff87f04ab5f6dd5edf2b80853bbe10) C:\Windows\system32\DRIVERS\ehdrv.sys
13:48:37.0513 4104 ehdrv - ok
13:48:37.0747 4104 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
13:48:37.0762 4104 elxstor - ok
13:48:37.0996 4104 epfw (5ba193ca0ae31209aaa39939ce6736b2) C:\Windows\system32\DRIVERS\epfw.sys
13:48:37.0996 4104 epfw - ok
13:48:38.0215 4104 EpfwLWF (9cefd59c8e5ebfb48165aef54617f539) C:\Windows\system32\DRIVERS\EpfwLWF.sys
13:48:38.0215 4104 EpfwLWF - ok
13:48:38.0418 4104 epfwwfp (7144a06ac105a2a7302944602e415ec1) C:\Windows\system32\DRIVERS\epfwwfp.sys
13:48:38.0418 4104 epfwwfp - ok
13:48:38.0589 4104 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
13:48:38.0589 4104 ErrDev - ok
13:48:38.0823 4104 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
13:48:38.0823 4104 exfat - ok
13:48:39.0010 4104 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
13:48:39.0010 4104 fastfat - ok
13:48:39.0213 4104 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
13:48:39.0213 4104 fdc - ok
13:48:39.0400 4104 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
13:48:39.0400 4104 FileInfo - ok
13:48:39.0556 4104 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
13:48:39.0556 4104 Filetrace - ok
13:48:39.0759 4104 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
13:48:39.0759 4104 flpydisk - ok
13:48:39.0962 4104 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
13:48:39.0962 4104 FltMgr - ok
13:48:40.0149 4104 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
13:48:40.0165 4104 FsDepends - ok
13:48:40.0352 4104 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
13:48:40.0352 4104 Fs_Rec - ok
13:48:40.0758 4104 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
13:48:40.0758 4104 fvevol - ok
13:48:40.0960 4104 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
13:48:40.0960 4104 gagp30kx - ok
13:48:41.0241 4104 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
13:48:41.0241 4104 hcw85cir - ok
13:48:41.0460 4104 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
13:48:41.0460 4104 HdAudAddService - ok
13:48:41.0647 4104 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
13:48:41.0647 4104 HDAudBus - ok
13:48:41.0834 4104 HECI (a88485dc6a7136c10d9a6c7e38fdfe3c) C:\Windows\system32\DRIVERS\HECI.sys
13:48:41.0834 4104 HECI - ok
13:48:41.0990 4104 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
13:48:42.0006 4104 HidBatt - ok
13:48:42.0162 4104 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
13:48:42.0177 4104 HidBth - ok
13:48:42.0364 4104 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
13:48:42.0364 4104 HidIr - ok
13:48:42.0552 4104 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
13:48:42.0552 4104 HidUsb - ok
13:48:42.0754 4104 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
13:48:42.0754 4104 HpSAMD - ok
13:48:42.0973 4104 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
13:48:42.0988 4104 HTTP - ok
13:48:43.0160 4104 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
13:48:43.0160 4104 hwpolicy - ok
13:48:43.0378 4104 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
13:48:43.0378 4104 i8042prt - ok
13:48:43.0581 4104 iaStor (d5edb998656e6ecf1a17c78dab019a3c) C:\Windows\system32\DRIVERS\iaStor.sys
13:48:43.0581 4104 iaStor - ok
13:48:43.0815 4104 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
13:48:43.0815 4104 iaStorV - ok
13:48:44.0002 4104 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
13:48:44.0002 4104 iirsp - ok
13:48:44.0221 4104 Impcd (2db41ba61d5e44d0667cf126d35dcf34) C:\Windows\system32\DRIVERS\Impcd.sys
13:48:44.0221 4104 Impcd - ok
13:48:44.0486 4104 IntcAzAudAddService (810ad686e0c342817b24a631f734850c) C:\Windows\system32\drivers\RTKVHDA.sys
13:48:44.0517 4104 IntcAzAudAddService - ok
13:48:44.0689 4104 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
13:48:44.0689 4104 intelide - ok
13:48:44.0892 4104 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
13:48:44.0892 4104 intelppm - ok
13:48:45.0079 4104 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:48:45.0079 4104 IpFilterDriver - ok
13:48:45.0266 4104 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
13:48:45.0297 4104 IPMIDRV - ok
13:48:45.0453 4104 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
13:48:45.0469 4104 IPNAT - ok
13:48:45.0640 4104 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
13:48:45.0640 4104 IRENUM - ok
13:48:45.0828 4104 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
13:48:45.0828 4104 isapnp - ok
13:48:45.0999 4104 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
13:48:46.0015 4104 iScsiPrt - ok
13:48:46.0218 4104 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
13:48:46.0218 4104 kbdclass - ok
13:48:46.0405 4104 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
13:48:46.0405 4104 kbdhid - ok
13:48:46.0608 4104 KSecDD (412cea1aa78cc02a447f5c9e62b32ff1) C:\Windows\system32\Drivers\ksecdd.sys
13:48:46.0608 4104 KSecDD - ok
13:48:46.0795 4104 KSecPkg (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys
13:48:46.0795 4104 KSecPkg - ok
13:48:46.0998 4104 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
13:48:46.0998 4104 lltdio - ok
13:48:47.0263 4104 LPCFilter (6adab14d7ad12b35bdc665b35278099b) C:\Windows\system32\DRIVERS\LPCFilter.sys
13:48:47.0263 4104 LPCFilter - ok
13:48:47.0481 4104 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
13:48:47.0481 4104 LSI_FC - ok
13:48:47.0700 4104 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
13:48:47.0700 4104 LSI_SAS - ok
13:48:47.0902 4104 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:48:47.0902 4104 LSI_SAS2 - ok
13:48:48.0121 4104 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:48:48.0121 4104 LSI_SCSI - ok
13:48:48.0324 4104 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
13:48:48.0324 4104 luafv - ok
13:48:48.0542 4104 LUMDriver (ca020db361524d1182138efeaa8cf8f3) C:\Windows\system32\drivers\LUMDriver.sys
13:48:48.0542 4104 LUMDriver - ok
13:48:48.0760 4104 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
13:48:48.0760 4104 megasas - ok
13:48:48.0932 4104 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
13:48:48.0948 4104 MegaSR - ok
13:48:49.0166 4104 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
13:48:49.0166 4104 Modem - ok
13:48:49.0353 4104 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
13:48:49.0353 4104 monitor - ok
13:48:49.0556 4104 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
13:48:49.0556 4104 mouclass - ok
13:48:49.0774 4104 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
13:48:49.0774 4104 mouhid - ok
13:48:49.0977 4104 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
13:48:49.0977 4104 mountmgr - ok
13:48:50.0164 4104 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
13:48:50.0164 4104 mpio - ok
13:48:50.0336 4104 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
13:48:50.0336 4104 mpsdrv - ok
13:48:50.0523 4104 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
13:48:50.0539 4104 MRxDAV - ok
13:48:50.0742 4104 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:48:50.0742 4104 mrxsmb - ok
13:48:50.0944 4104 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:48:50.0944 4104 mrxsmb10 - ok
13:48:51.0147 4104 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:48:51.0147 4104 mrxsmb20 - ok
13:48:51.0319 4104 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
13:48:51.0319 4104 msahci - ok
13:48:51.0506 4104 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
13:48:51.0506 4104 msdsm - ok
13:48:51.0693 4104 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
13:48:51.0693 4104 Msfs - ok
13:48:51.0865 4104 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
13:48:51.0865 4104 mshidkmdf - ok
13:48:52.0036 4104 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
13:48:52.0036 4104 msisadrv - ok
13:48:52.0239 4104 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
13:48:52.0239 4104 MSKSSRV - ok
13:48:52.0426 4104 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
13:48:52.0426 4104 MSPCLOCK - ok
13:48:52.0614 4104 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
13:48:52.0614 4104 MSPQM - ok
13:48:52.0770 4104 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
13:48:52.0785 4104 MsRPC - ok
13:48:52.0957 4104 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
13:48:52.0957 4104 mssmbios - ok
13:48:53.0144 4104 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
13:48:53.0160 4104 MSTEE - ok
13:48:53.0331 4104 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
13:48:53.0331 4104 MTConfig - ok
13:48:53.0487 4104 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
13:48:53.0487 4104 Mup - ok
13:48:53.0674 4104 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
13:48:53.0674 4104 NativeWifiP - ok
13:48:53.0955 4104 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
13:48:53.0955 4104 NDIS - ok
13:48:54.0174 4104 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
13:48:54.0174 4104 NdisCap - ok
13:48:54.0376 4104 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
13:48:54.0376 4104 NdisTapi - ok
13:48:54.0564 4104 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
13:48:54.0564 4104 Ndisuio - ok
13:48:54.0766 4104 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
13:48:54.0766 4104 NdisWan - ok
13:48:54.0969 4104 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
13:48:54.0969 4104 NDProxy - ok
13:48:55.0188 4104 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
13:48:55.0188 4104 NetBIOS - ok
13:48:55.0375 4104 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
13:48:55.0375 4104 NetBT - ok
13:48:55.0640 4104 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
13:48:55.0640 4104 nfrd960 - ok
13:48:55.0843 4104 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
13:48:55.0858 4104 Npfs - ok
13:48:56.0030 4104 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
13:48:56.0030 4104 nsiproxy - ok
13:48:56.0295 4104 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
13:48:56.0311 4104 Ntfs - ok
13:48:56.0482 4104 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
13:48:56.0482 4104 Null - ok
13:48:56.0670 4104 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
13:48:56.0670 4104 nvraid - ok
13:48:56.0872 4104 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
13:48:56.0872 4104 nvstor - ok
13:48:57.0075 4104 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
13:48:57.0075 4104 nv_agp - ok
13:48:57.0262 4104 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
13:48:57.0262 4104 ohci1394 - ok
13:48:57.0465 4104 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
13:48:57.0481 4104 Parport - ok
13:48:57.0652 4104 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
13:48:57.0652 4104 partmgr - ok
13:48:57.0824 4104 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
13:48:57.0824 4104 Parvdm - ok
13:48:58.0011 4104 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
13:48:58.0011 4104 pci - ok
13:48:58.0198 4104 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
13:48:58.0198 4104 pciide - ok
13:48:58.0370 4104 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
13:48:58.0386 4104 pcmcia - ok
13:48:58.0557 4104 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
13:48:58.0557 4104 pcw - ok
13:48:58.0760 4104 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
13:48:58.0760 4104 PEAUTH - ok
13:48:58.0963 4104 PGEffect (1b5011dd8d57f53aed31ff0f7d635802) C:\Windows\system32\DRIVERS\pgeffect.sys
13:48:58.0963 4104 PGEffect - ok
13:48:59.0212 4104 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
13:48:59.0212 4104 PptpMiniport - ok
13:48:59.0384 4104 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
13:48:59.0384 4104 Processor - ok
13:48:59.0571 4104 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
13:48:59.0571 4104 Psched - ok
13:48:59.0821 4104 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
13:48:59.0836 4104 ql2300 - ok
13:49:00.0024 4104 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
13:49:00.0024 4104 ql40xx - ok
13:49:00.0226 4104 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
13:49:00.0226 4104 QWAVEdrv - ok
13:49:00.0414 4104 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
13:49:00.0414 4104 RasAcd - ok
13:49:00.0616 4104 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
13:49:00.0616 4104 RasAgileVpn - ok
13:49:00.0804 4104 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:49:00.0804 4104 Rasl2tp - ok
13:49:01.0022 4104 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
13:49:01.0022 4104 RasPppoe - ok
13:49:01.0209 4104 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
13:49:01.0209 4104 RasSstp - ok
13:49:01.0412 4104 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
13:49:01.0412 4104 rdbss - ok
13:49:01.0599 4104 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
13:49:01.0599 4104 rdpbus - ok
13:49:01.0786 4104 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:49:01.0786 4104 RDPCDD - ok
13:49:01.0974 4104 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
13:49:01.0989 4104 RDPDR - ok
13:49:02.0176 4104 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
13:49:02.0176 4104 RDPENCDD - ok
13:49:02.0348 4104 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
13:49:02.0348 4104 RDPREFMP - ok
13:49:02.0535 4104 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys
13:49:02.0535 4104 RDPWD - ok
13:49:02.0738 4104 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
13:49:02.0738 4104 rdyboost - ok
13:49:02.0956 4104 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
13:49:02.0972 4104 rspndr - ok
13:49:03.0222 4104 RSUSBSTOR (83f7a29b659771e60cd71999ef57aa0c) C:\Windows\system32\Drivers\RtsUStor.sys
13:49:03.0222 4104 RSUSBSTOR - ok
13:49:03.0424 4104 RTHDMIAzAudService (72a5515a2031d458dd38e9336594184b) C:\Windows\system32\drivers\RtHDMIV.sys
13:49:03.0424 4104 RTHDMIAzAudService - ok
13:49:03.0627 4104 RTL8167 (bcebd5d1aabce4efb7597635e347c44b) C:\Windows\system32\DRIVERS\Rt86win7.sys
13:49:03.0627 4104 RTL8167 - ok
13:49:03.0846 4104 rtl8192se (44b7739f2d623ad6fb46755bb60351a4) C:\Windows\system32\DRIVERS\rtl8192se.sys
13:49:03.0861 4104 rtl8192se - ok
13:49:04.0033 4104 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
13:49:04.0033 4104 s3cap - ok
13:49:04.0236 4104 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
13:49:04.0236 4104 sbp2port - ok
13:49:04.0407 4104 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
13:49:04.0407 4104 scfilter - ok
13:49:04.0610 4104 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
13:49:04.0626 4104 secdrv - ok
13:49:04.0828 4104 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
13:49:04.0844 4104 Serenum - ok
13:49:05.0016 4104 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
13:49:05.0016 4104 Serial - ok
13:49:05.0187 4104 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
13:49:05.0187 4104 sermouse - ok
13:49:05.0374 4104 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
13:49:05.0374 4104 sffdisk - ok
13:49:05.0546 4104 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
13:49:05.0546 4104 sffp_mmc - ok
13:49:05.0733 4104 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
13:49:05.0780 4104 sffp_sd - ok
13:49:05.0967 4104 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
13:49:05.0967 4104 sfloppy - ok
13:49:06.0186 4104 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
13:49:06.0186 4104 sisagp - ok
13:49:06.0373 4104 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:49:06.0373 4104 SiSRaid2 - ok
13:49:06.0560 4104 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
13:49:06.0560 4104 SiSRaid4 - ok
13:49:06.0747 4104 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
13:49:06.0747 4104 Smb - ok
13:49:06.0934 4104 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
13:49:06.0934 4104 spldr - ok
13:49:07.0215 4104 sptd (8ea0fd60a5b047e0c734d51aace531c9) C:\Windows\System32\Drivers\sptd.sys
13:49:07.0215 4104 Suspicious file (NoAccess): C:\Windows\System32\Drivers\sptd.sys. md5: 8ea0fd60a5b047e0c734d51aace531c9
13:49:07.0215 4104 sptd ( LockedFile.Multi.Generic ) - warning
13:49:07.0215 4104 sptd - detected LockedFile.Multi.Generic (1)
13:49:07.0402 4104 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
13:49:07.0418 4104 srv - ok
13:49:07.0605 4104 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
13:49:07.0621 4104 srv2 - ok
13:49:07.0792 4104 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
13:49:07.0808 4104 srvnet - ok
13:49:07.0995 4104 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
13:49:07.0995 4104 stexstor - ok
13:49:08.0198 4104 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
13:49:08.0214 4104 storflt - ok
13:49:08.0385 4104 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
13:49:08.0385 4104 storvsc - ok
13:49:08.0557 4104 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
13:49:08.0572 4104 swenum - ok
13:49:08.0775 4104 SynTP (6da97d6b6de6326eba8ab8291ab41a09) C:\Windows\system32\DRIVERS\SynTP.sys
13:49:08.0775 4104 SynTP - ok
13:49:09.0040 4104 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys
13:49:09.0056 4104 Tcpip - ok
13:49:09.0290 4104 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys
13:49:09.0306 4104 TCPIP6 - ok
13:49:09.0493 4104 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
13:49:09.0493 4104 tcpipreg - ok
13:49:09.0680 4104 tdcmdpst (4084ea00d50c858d6f9038f86ae2e2d0) C:\Windows\system32\DRIVERS\tdcmdpst.sys
13:49:09.0696 4104 tdcmdpst - ok
13:49:09.0867 4104 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
13:49:09.0883 4104 TDPIPE - ok
13:49:10.0070 4104 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys
13:49:10.0070 4104 TDTCP - ok
13:49:10.0257 4104 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
13:49:10.0257 4104 tdx - ok
13:49:10.0460 4104 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
13:49:10.0460 4104 TermDD - ok
13:49:10.0694 4104 tos_sps32 (969377943fe7284609babbab4e06b93c) C:\Windows\system32\DRIVERS\tos_sps32.sys
13:49:10.0710 4104 tos_sps32 - ok
13:49:10.0897 4104 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:49:10.0897 4104 tssecsrv - ok
13:49:11.0115 4104 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
13:49:11.0115 4104 TsUsbFlt - ok
13:49:11.0334 4104 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
13:49:11.0334 4104 tunnel - ok
13:49:11.0536 4104 TVALZ (fc24015b4052600c324c43e3a79c0664) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
13:49:11.0536 4104 TVALZ - ok
13:49:11.0708 4104 TVALZFL (866462f5ae3f375ef83ef9dce436031c) C:\Windows\system32\DRIVERS\TVALZFL.sys
13:49:11.0708 4104 TVALZFL - ok
13:49:11.0895 4104 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
13:49:11.0895 4104 uagp35 - ok
13:49:12.0082 4104 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
13:49:12.0082 4104 udfs - ok
13:49:12.0285 4104 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
13:49:12.0285 4104 uliagpkx - ok
13:49:12.0472 4104 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
13:49:12.0488 4104 umbus - ok
13:49:12.0660 4104 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
13:49:12.0660 4104 UmPass - ok
13:49:12.0862 4104 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
13:49:12.0878 4104 usbccgp - ok
13:49:13.0065 4104 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
13:49:13.0065 4104 usbcir - ok
13:49:13.0237 4104 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\drivers\usbehci.sys
13:49:13.0252 4104 usbehci - ok
13:49:13.0455 4104 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
13:49:13.0455 4104 usbhub - ok
13:49:13.0627 4104 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys
13:49:13.0627 4104 usbohci - ok
13:49:13.0830 4104 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
13:49:13.0830 4104 usbprint - ok
13:49:14.0032 4104 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
13:49:14.0032 4104 usbscan - ok
13:49:14.0220 4104 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:49:14.0220 4104 USBSTOR - ok
13:49:14.0391 4104 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys
13:49:14.0391 4104 usbuhci - ok
13:49:14.0594 4104 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\System32\Drivers\usbvideo.sys
13:49:14.0594 4104 usbvideo - ok
13:49:14.0812 4104 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
13:49:14.0812 4104 vdrvroot - ok
13:49:15.0000 4104 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
13:49:15.0000 4104 vga - ok
13:49:15.0171 4104 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
13:49:15.0187 4104 VgaSave - ok
13:49:15.0358 4104 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
13:49:15.0358 4104 vhdmp - ok
13:49:15.0561 4104 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
13:49:15.0561 4104 viaagp - ok
13:49:15.0748 4104 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
13:49:15.0748 4104 ViaC7 - ok
13:49:15.0920 4104 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
13:49:15.0920 4104 viaide - ok
13:49:16.0107 4104 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
13:49:16.0107 4104 vmbus - ok
13:49:16.0294 4104 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
13:49:16.0294 4104 VMBusHID - ok
13:49:16.0466 4104 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
13:49:16.0482 4104 volmgr - ok
13:49:16.0653 4104 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
13:49:16.0669 4104 volmgrx - ok
13:49:16.0840 4104 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
13:49:16.0840 4104 volsnap - ok
13:49:17.0059 4104 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
13:49:17.0059 4104 vsmraid - ok
13:49:17.0230 4104 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
13:49:17.0230 4104 vwifibus - ok
13:49:17.0402 4104 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
13:49:17.0402 4104 vwififlt - ok
13:49:17.0605 4104 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\Windows\system32\DRIVERS\vwifimp.sys
13:49:17.0605 4104 vwifimp - ok
13:49:17.0792 4104 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
13:49:17.0808 4104 WacomPen - ok
13:49:17.0995 4104 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
13:49:17.0995 4104 WANARP - ok
13:49:17.0995 4104 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
13:49:17.0995 4104 Wanarpv6 - ok
13:49:18.0229 4104 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
13:49:18.0229 4104 Wd - ok
13:49:18.0416 4104 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
13:49:18.0416 4104 Wdf01000 - ok
13:49:18.0634 4104 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
13:49:18.0650 4104 WfpLwf - ok
13:49:18.0837 4104 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
13:49:18.0837 4104 WIMMount - ok
13:49:19.0056 4104 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
13:49:19.0056 4104 WmiAcpi - ok
13:49:19.0290 4104 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
13:49:19.0290 4104 ws2ifsl - ok
13:49:19.0477 4104 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
13:49:19.0492 4104 WudfPf - ok
13:49:19.0711 4104 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:49:19.0711 4104 WUDFRd - ok
13:49:19.0789 4104 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
13:49:19.0804 4104 \Device\Harddisk0\DR0 - ok
13:49:19.0820 4104 Boot (0x1200) (0f464e901f0791305370558deba7f648) \Device\Harddisk0\DR0\Partition0
13:49:19.0820 4104 \Device\Harddisk0\DR0\Partition0 - ok
13:49:19.0836 4104 Boot (0x1200) (bf3ac5cf10ec167d6888549572b5789c) \Device\Harddisk0\DR0\Partition1
13:49:19.0836 4104 \Device\Harddisk0\DR0\Partition1 - ok
13:49:19.0836 4104 ============================================================
13:49:19.0836 4104 Scan finished
13:49:19.0836 4104 ============================================================
13:49:19.0867 5368 Detected object count: 2
13:49:19.0867 5368 Actual detected object count: 2
13:49:54.0655 5368 Backup copy found, using it..
13:49:54.0764 5368 C:\Windows\system32\drivers\csc.sys - will be cured on reboot
13:50:13.0313 5368 CSC ( Rootkit.Win32.ZAccess.g ) - User select action: Cure
13:50:13.0313 5368 sptd ( LockedFile.Multi.Generic ) - skipped by user
13:50:13.0313 5368 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
13:50:26.0011 3568 Deinitialize success

#11 Příspěvek od **motji** » 06 pro 2011 14:00

restartuj pc a spust znovu tdss killer, log vlož zde

timoti · #12 Příspěvek od **timoti** » 06 pro 2011 14:14

to je výpis

14:09:39.0928 5860 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44
14:09:40.0208 5860 ============================================================
14:09:40.0208 5860 Current date / time: 2011/12/06 14:09:40.0208
14:09:40.0208 5860 SystemInfo:
14:09:40.0208 5860
14:09:40.0208 5860 OS Version: 6.1.7601 ServicePack: 1.0
14:09:40.0208 5860 Product type: Workstation
14:09:40.0208 5860 ComputerName: TOSHIBA-TIMOTI
14:09:40.0208 5860 UserName: Timoti
14:09:40.0208 5860 Windows directory: C:\Windows
14:09:40.0208 5860 System windows directory: C:\Windows
14:09:40.0208 5860 Processor architecture: Intel x86
14:09:40.0208 5860 Number of processors: 4
14:09:40.0208 5860 Page size: 0x1000
14:09:40.0208 5860 Boot type: Normal boot
14:09:40.0208 5860 ============================================================
14:09:40.0598 5860 Initialize success
14:09:42.0361 2804 ============================================================
14:09:42.0361 2804 Scan started
14:09:42.0361 2804 Mode: Manual;
14:09:42.0361 2804 ============================================================
14:09:43.0141 2804 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
14:09:43.0141 2804 1394ohci - ok
14:09:43.0328 2804 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
14:09:43.0328 2804 ACPI - ok
14:09:43.0516 2804 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
14:09:43.0516 2804 AcpiPmi - ok
14:09:43.0703 2804 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
14:09:43.0703 2804 adp94xx - ok
14:09:43.0906 2804 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
14:09:43.0906 2804 adpahci - ok
14:09:44.0093 2804 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
14:09:44.0093 2804 adpu320 - ok
14:09:44.0311 2804 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
14:09:44.0311 2804 AFD - ok
14:09:44.0514 2804 AgereSoftModem (7e10e3bb9b258ad8a9300f91214d67b9) C:\Windows\system32\DRIVERS\AGRSM.sys
14:09:44.0530 2804 AgereSoftModem - ok
14:09:44.0717 2804 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
14:09:44.0732 2804 agp440 - ok
14:09:44.0920 2804 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
14:09:44.0920 2804 aic78xx - ok
14:09:45.0154 2804 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
14:09:45.0154 2804 aliide - ok
14:09:45.0325 2804 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
14:09:45.0341 2804 amdagp - ok
14:09:45.0512 2804 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
14:09:45.0512 2804 amdide - ok
14:09:45.0684 2804 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
14:09:45.0700 2804 AmdK8 - ok
14:09:45.0871 2804 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
14:09:45.0871 2804 AmdPPM - ok
14:09:46.0058 2804 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
14:09:46.0058 2804 amdsata - ok
14:09:46.0261 2804 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
14:09:46.0261 2804 amdsbs - ok
14:09:46.0433 2804 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
14:09:46.0433 2804 amdxata - ok
14:09:46.0620 2804 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
14:09:46.0620 2804 AppID - ok
14:09:46.0807 2804 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
14:09:46.0823 2804 arc - ok
14:09:46.0994 2804 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
14:09:46.0994 2804 arcsas - ok
14:09:47.0213 2804 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
14:09:47.0213 2804 AsyncMac - ok
14:09:47.0416 2804 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
14:09:47.0416 2804 atapi - ok
14:09:47.0774 2804 atikmdag (a12b4aa7f1294f065a03fba79de29e5a) C:\Windows\system32\DRIVERS\atikmdag.sys
14:09:47.0899 2804 atikmdag - ok
14:09:48.0133 2804 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
14:09:48.0133 2804 b06bdrv - ok
14:09:48.0320 2804 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
14:09:48.0320 2804 b57nd60x - ok
14:09:48.0523 2804 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
14:09:48.0539 2804 Beep - ok
14:09:48.0742 2804 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
14:09:48.0742 2804 blbdrive - ok
14:09:48.0991 2804 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
14:09:48.0991 2804 bowser - ok
14:09:49.0163 2804 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:09:49.0163 2804 BrFiltLo - ok
14:09:49.0334 2804 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:09:49.0334 2804 BrFiltUp - ok
14:09:49.0537 2804 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
14:09:49.0537 2804 Brserid - ok
14:09:49.0709 2804 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
14:09:49.0724 2804 BrSerWdm - ok
14:09:49.0896 2804 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
14:09:49.0912 2804 BrUsbMdm - ok
14:09:50.0083 2804 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
14:09:50.0083 2804 BrUsbSer - ok
14:09:50.0255 2804 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
14:09:50.0270 2804 BTHMODEM - ok
14:09:50.0411 2804 catchme - ok
14:09:50.0598 2804 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
14:09:50.0598 2804 cdfs - ok
14:09:50.0801 2804 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
14:09:50.0801 2804 cdrom - ok
14:09:51.0269 2804 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
14:09:51.0284 2804 circlass - ok
14:09:51.0425 2804 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
14:09:51.0440 2804 CLFS - ok
14:09:51.0643 2804 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
14:09:51.0643 2804 CmBatt - ok
14:09:51.0815 2804 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
14:09:51.0815 2804 cmdide - ok
14:09:51.0986 2804 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
14:09:51.0986 2804 CNG - ok
14:09:52.0189 2804 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
14:09:52.0189 2804 Compbatt - ok
14:09:52.0376 2804 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
14:09:52.0392 2804 CompositeBus - ok
14:09:52.0626 2804 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
14:09:52.0626 2804 crcdisk - ok
14:09:52.0829 2804 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
14:09:52.0829 2804 CSC - ok
14:09:53.0047 2804 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
14:09:53.0047 2804 DfsC - ok
14:09:53.0266 2804 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
14:09:53.0266 2804 discache - ok
14:09:53.0453 2804 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
14:09:53.0453 2804 Disk - ok
14:09:53.0671 2804 dot4 (b5e479eb83707dd698f66953e922042c) C:\Windows\system32\DRIVERS\Dot4.sys
14:09:53.0671 2804 dot4 - ok
14:09:53.0874 2804 Dot4Print (caefd09b6a6249c53a67d55a9a9fcabf) C:\Windows\system32\DRIVERS\Dot4Prt.sys
14:09:53.0874 2804 Dot4Print - ok
14:09:54.0046 2804 dot4usb (cf491ff38d62143203c065260567e2f7) C:\Windows\system32\DRIVERS\dot4usb.sys
14:09:54.0046 2804 dot4usb - ok
14:09:54.0248 2804 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
14:09:54.0248 2804 drmkaud - ok
14:09:54.0436 2804 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
14:09:54.0451 2804 DXGKrnl - ok
14:09:54.0670 2804 eamonm (04238864710460c5682e260207d06192) C:\Windows\system32\DRIVERS\eamonm.sys
14:09:54.0670 2804 eamonm - ok
14:09:54.0950 2804 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
14:09:55.0044 2804 ebdrv - ok
14:09:55.0231 2804 ehdrv (deff87f04ab5f6dd5edf2b80853bbe10) C:\Windows\system32\DRIVERS\ehdrv.sys
14:09:55.0231 2804 ehdrv - ok
14:09:55.0465 2804 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
14:09:55.0465 2804 elxstor - ok
14:09:55.0699 2804 epfw (5ba193ca0ae31209aaa39939ce6736b2) C:\Windows\system32\DRIVERS\epfw.sys
14:09:55.0699 2804 epfw - ok
14:09:55.0902 2804 EpfwLWF (9cefd59c8e5ebfb48165aef54617f539) C:\Windows\system32\DRIVERS\EpfwLWF.sys
14:09:55.0902 2804 EpfwLWF - ok
14:09:56.0089 2804 epfwwfp (7144a06ac105a2a7302944602e415ec1) C:\Windows\system32\DRIVERS\epfwwfp.sys
14:09:56.0089 2804 epfwwfp - ok
14:09:56.0261 2804 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
14:09:56.0261 2804 ErrDev - ok
14:09:56.0448 2804 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
14:09:56.0448 2804 exfat - ok
14:09:56.0604 2804 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
14:09:56.0620 2804 fastfat - ok
14:09:56.0807 2804 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
14:09:56.0807 2804 fdc - ok
14:09:56.0978 2804 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
14:09:56.0978 2804 FileInfo - ok
14:09:57.0134 2804 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
14:09:57.0134 2804 Filetrace - ok
14:09:57.0337 2804 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
14:09:57.0337 2804 flpydisk - ok
14:09:57.0524 2804 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
14:09:57.0524 2804 FltMgr - ok
14:09:57.0680 2804 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
14:09:57.0680 2804 FsDepends - ok
14:09:57.0821 2804 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
14:09:57.0836 2804 Fs_Rec - ok
14:09:58.0024 2804 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
14:09:58.0024 2804 fvevol - ok
14:09:58.0195 2804 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
14:09:58.0195 2804 gagp30kx - ok
14:09:58.0429 2804 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
14:09:58.0429 2804 hcw85cir - ok
14:09:58.0616 2804 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
14:09:58.0616 2804 HdAudAddService - ok
14:09:58.0788 2804 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
14:09:58.0788 2804 HDAudBus - ok
14:09:58.0975 2804 HECI (a88485dc6a7136c10d9a6c7e38fdfe3c) C:\Windows\system32\DRIVERS\HECI.sys
14:09:58.0975 2804 HECI - ok
14:09:59.0162 2804 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
14:09:59.0162 2804 HidBatt - ok
14:09:59.0318 2804 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
14:09:59.0318 2804 HidBth - ok
14:09:59.0490 2804 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
14:09:59.0490 2804 HidIr - ok
14:09:59.0677 2804 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
14:09:59.0677 2804 HidUsb - ok
14:09:59.0864 2804 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
14:09:59.0864 2804 HpSAMD - ok
14:10:00.0083 2804 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
14:10:00.0083 2804 HTTP - ok
14:10:00.0239 2804 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
14:10:00.0254 2804 hwpolicy - ok
14:10:00.0442 2804 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
14:10:00.0457 2804 i8042prt - ok
14:10:00.0629 2804 iaStor (d5edb998656e6ecf1a17c78dab019a3c) C:\Windows\system32\DRIVERS\iaStor.sys
14:10:00.0629 2804 iaStor - ok
14:10:00.0863 2804 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
14:10:00.0863 2804 iaStorV - ok
14:10:01.0034 2804 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
14:10:01.0050 2804 iirsp - ok
14:10:01.0253 2804 Impcd (2db41ba61d5e44d0667cf126d35dcf34) C:\Windows\system32\DRIVERS\Impcd.sys
14:10:01.0253 2804 Impcd - ok
14:10:01.0487 2804 IntcAzAudAddService (810ad686e0c342817b24a631f734850c) C:\Windows\system32\drivers\RTKVHDA.sys
14:10:01.0549 2804 IntcAzAudAddService - ok
14:10:01.0736 2804 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
14:10:01.0768 2804 intelide - ok
14:10:01.0955 2804 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
14:10:01.0970 2804 intelppm - ok
14:10:02.0126 2804 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:10:02.0142 2804 IpFilterDriver - ok
14:10:02.0314 2804 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
14:10:02.0329 2804 IPMIDRV - ok
14:10:02.0485 2804 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
14:10:02.0485 2804 IPNAT - ok
14:10:02.0657 2804 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
14:10:02.0657 2804 IRENUM - ok
14:10:02.0828 2804 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
14:10:02.0828 2804 isapnp - ok
14:10:03.0016 2804 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
14:10:03.0016 2804 iScsiPrt - ok
14:10:03.0203 2804 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
14:10:03.0203 2804 kbdclass - ok
14:10:03.0406 2804 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
14:10:03.0406 2804 kbdhid - ok
14:10:03.0577 2804 KSecDD (412cea1aa78cc02a447f5c9e62b32ff1) C:\Windows\system32\Drivers\ksecdd.sys
14:10:03.0577 2804 KSecDD - ok
14:10:03.0749 2804 KSecPkg (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys
14:10:03.0764 2804 KSecPkg - ok
14:10:03.0983 2804 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
14:10:03.0983 2804 lltdio - ok
14:10:04.0232 2804 LPCFilter (6adab14d7ad12b35bdc665b35278099b) C:\Windows\system32\DRIVERS\LPCFilter.sys
14:10:04.0232 2804 LPCFilter - ok
14:10:04.0435 2804 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
14:10:04.0435 2804 LSI_FC - ok
14:10:04.0654 2804 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
14:10:04.0654 2804 LSI_SAS - ok
14:10:04.0841 2804 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:10:04.0841 2804 LSI_SAS2 - ok
14:10:05.0044 2804 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:10:05.0044 2804 LSI_SCSI - ok
14:10:05.0246 2804 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
14:10:05.0262 2804 luafv - ok
14:10:05.0465 2804 LUMDriver (ca020db361524d1182138efeaa8cf8f3) C:\Windows\system32\drivers\LUMDriver.sys
14:10:05.0465 2804 LUMDriver - ok
14:10:05.0730 2804 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
14:10:05.0730 2804 megasas - ok
14:10:05.0917 2804 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
14:10:05.0917 2804 MegaSR - ok
14:10:06.0136 2804 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
14:10:06.0136 2804 Modem - ok
14:10:06.0338 2804 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
14:10:06.0338 2804 monitor - ok
14:10:06.0557 2804 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
14:10:06.0557 2804 mouclass - ok
14:10:06.0744 2804 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
14:10:06.0744 2804 mouhid - ok
14:10:06.0931 2804 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
14:10:06.0931 2804 mountmgr - ok
14:10:07.0118 2804 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
14:10:07.0118 2804 mpio - ok
14:10:07.0290 2804 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
14:10:07.0290 2804 mpsdrv - ok
14:10:07.0493 2804 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
14:10:07.0508 2804 MRxDAV - ok
14:10:07.0727 2804 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:10:07.0727 2804 mrxsmb - ok
14:10:07.0945 2804 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:10:07.0945 2804 mrxsmb10 - ok
14:10:08.0148 2804 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:10:08.0148 2804 mrxsmb20 - ok
14:10:08.0320 2804 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
14:10:08.0320 2804 msahci - ok
14:10:08.0507 2804 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
14:10:08.0522 2804 msdsm - ok
14:10:08.0725 2804 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
14:10:08.0725 2804 Msfs - ok
14:10:08.0897 2804 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
14:10:08.0897 2804 mshidkmdf - ok
14:10:09.0068 2804 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
14:10:09.0068 2804 msisadrv - ok
14:10:09.0271 2804 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
14:10:09.0271 2804 MSKSSRV - ok
14:10:09.0458 2804 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
14:10:09.0458 2804 MSPCLOCK - ok
14:10:09.0646 2804 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
14:10:09.0646 2804 MSPQM - ok
14:10:09.0817 2804 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
14:10:09.0817 2804 MsRPC - ok
14:10:10.0004 2804 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
14:10:10.0004 2804 mssmbios - ok
14:10:10.0192 2804 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
14:10:10.0192 2804 MSTEE - ok
14:10:10.0363 2804 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
14:10:10.0379 2804 MTConfig - ok
14:10:10.0535 2804 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
14:10:10.0535 2804 Mup - ok
14:10:10.0722 2804 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
14:10:10.0738 2804 NativeWifiP - ok
14:10:10.0972 2804 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
14:10:10.0972 2804 NDIS - ok
14:10:11.0174 2804 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
14:10:11.0174 2804 NdisCap - ok
14:10:11.0377 2804 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
14:10:11.0377 2804 NdisTapi - ok
14:10:11.0596 2804 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
14:10:11.0596 2804 Ndisuio - ok
14:10:11.0798 2804 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
14:10:11.0798 2804 NdisWan - ok
14:10:12.0001 2804 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
14:10:12.0001 2804 NDProxy - ok
14:10:12.0220 2804 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
14:10:12.0220 2804 NetBIOS - ok
14:10:12.0391 2804 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
14:10:12.0391 2804 NetBT - ok
14:10:12.0656 2804 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
14:10:12.0656 2804 nfrd960 - ok
14:10:12.0890 2804 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
14:10:12.0890 2804 Npfs - ok
14:10:13.0062 2804 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
14:10:13.0062 2804 nsiproxy - ok
14:10:13.0312 2804 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
14:10:13.0327 2804 Ntfs - ok
14:10:13.0499 2804 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
14:10:13.0499 2804 Null - ok
14:10:13.0686 2804 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
14:10:13.0686 2804 nvraid - ok
14:10:13.0873 2804 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
14:10:13.0889 2804 nvstor - ok
14:10:14.0060 2804 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
14:10:14.0060 2804 nv_agp - ok
14:10:14.0248 2804 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
14:10:14.0263 2804 ohci1394 - ok
14:10:14.0482 2804 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
14:10:14.0482 2804 Parport - ok
14:10:14.0653 2804 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
14:10:14.0653 2804 partmgr - ok
14:10:14.0825 2804 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
14:10:14.0825 2804 Parvdm - ok
14:10:15.0028 2804 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
14:10:15.0028 2804 pci - ok
14:10:15.0246 2804 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
14:10:15.0246 2804 pciide - ok
14:10:15.0433 2804 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
14:10:15.0433 2804 pcmcia - ok
14:10:15.0605 2804 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
14:10:15.0620 2804 pcw - ok
14:10:15.0808 2804 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
14:10:15.0823 2804 PEAUTH - ok
14:10:16.0026 2804 PGEffect (1b5011dd8d57f53aed31ff0f7d635802) C:\Windows\system32\DRIVERS\pgeffect.sys
14:10:16.0026 2804 PGEffect - ok
14:10:16.0276 2804 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
14:10:16.0291 2804 PptpMiniport - ok
14:10:16.0447 2804 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
14:10:16.0447 2804 Processor - ok
14:10:16.0650 2804 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
14:10:16.0650 2804 Psched - ok
14:10:16.0884 2804 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
14:10:16.0900 2804 ql2300 - ok
14:10:17.0087 2804 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
14:10:17.0087 2804 ql40xx - ok
14:10:17.0290 2804 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
14:10:17.0290 2804 QWAVEdrv - ok
14:10:17.0492 2804 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
14:10:17.0492 2804 RasAcd - ok
14:10:17.0695 2804 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
14:10:17.0695 2804 RasAgileVpn - ok
14:10:17.0898 2804 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:10:17.0898 2804 Rasl2tp - ok
14:10:18.0101 2804 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
14:10:18.0101 2804 RasPppoe - ok
14:10:18.0288 2804 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
14:10:18.0288 2804 RasSstp - ok
14:10:18.0491 2804 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
14:10:18.0491 2804 rdbss - ok
14:10:18.0662 2804 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
14:10:18.0662 2804 rdpbus - ok
14:10:18.0834 2804 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:10:18.0834 2804 RDPCDD - ok
14:10:19.0037 2804 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
14:10:19.0037 2804 RDPDR - ok
14:10:19.0224 2804 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
14:10:19.0318 2804 RDPENCDD - ok
14:10:19.0505 2804 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
14:10:19.0505 2804 RDPREFMP - ok
14:10:19.0692 2804 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys
14:10:19.0692 2804 RDPWD - ok
14:10:19.0895 2804 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
14:10:19.0895 2804 rdyboost - ok
14:10:20.0144 2804 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
14:10:20.0144 2804 rspndr - ok
14:10:20.0378 2804 RSUSBSTOR (83f7a29b659771e60cd71999ef57aa0c) C:\Windows\system32\Drivers\RtsUStor.sys
14:10:20.0394 2804 RSUSBSTOR - ok
14:10:20.0597 2804 RTHDMIAzAudService (72a5515a2031d458dd38e9336594184b) C:\Windows\system32\drivers\RtHDMIV.sys
14:10:20.0597 2804 RTHDMIAzAudService - ok
14:10:20.0800 2804 RTL8167 (bcebd5d1aabce4efb7597635e347c44b) C:\Windows\system32\DRIVERS\Rt86win7.sys
14:10:20.0800 2804 RTL8167 - ok
14:10:21.0018 2804 rtl8192se (44b7739f2d623ad6fb46755bb60351a4) C:\Windows\system32\DRIVERS\rtl8192se.sys
14:10:21.0034 2804 rtl8192se - ok
14:10:21.0221 2804 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
14:10:21.0236 2804 s3cap - ok
14:10:21.0424 2804 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
14:10:21.0424 2804 sbp2port - ok
14:10:21.0611 2804 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
14:10:21.0611 2804 scfilter - ok
14:10:21.0814 2804 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
14:10:21.0814 2804 secdrv - ok
14:10:22.0048 2804 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
14:10:22.0048 2804 Serenum - ok
14:10:22.0250 2804 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
14:10:22.0250 2804 Serial - ok
14:10:22.0422 2804 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
14:10:22.0438 2804 sermouse - ok
14:10:22.0625 2804 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
14:10:22.0625 2804 sffdisk - ok
14:10:22.0812 2804 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
14:10:22.0812 2804 sffp_mmc - ok
14:10:22.0984 2804 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
14:10:22.0984 2804 sffp_sd - ok
14:10:23.0155 2804 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
14:10:23.0171 2804 sfloppy - ok
14:10:23.0374 2804 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
14:10:23.0374 2804 sisagp - ok
14:10:23.0561 2804 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:10:23.0561 2804 SiSRaid2 - ok
14:10:23.0748 2804 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
14:10:23.0748 2804 SiSRaid4 - ok
14:10:23.0951 2804 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
14:10:23.0951 2804 Smb - ok
14:10:24.0138 2804 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
14:10:24.0138 2804 spldr - ok
14:10:24.0419 2804 sptd (8ea0fd60a5b047e0c734d51aace531c9) C:\Windows\System32\Drivers\sptd.sys
14:10:24.0419 2804 Suspicious file (NoAccess): C:\Windows\System32\Drivers\sptd.sys. md5: 8ea0fd60a5b047e0c734d51aace531c9
14:10:24.0419 2804 sptd ( LockedFile.Multi.Generic ) - warning
14:10:24.0419 2804 sptd - detected LockedFile.Multi.Generic (1)
14:10:24.0606 2804 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
14:10:24.0606 2804 srv - ok
14:10:24.0793 2804 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
14:10:24.0809 2804 srv2 - ok
14:10:24.0996 2804 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
14:10:24.0996 2804 srvnet - ok
14:10:25.0183 2804 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
14:10:25.0183 2804 stexstor - ok
14:10:25.0402 2804 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
14:10:25.0402 2804 storflt - ok
14:10:25.0573 2804 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
14:10:25.0573 2804 storvsc - ok
14:10:25.0760 2804 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
14:10:25.0760 2804 swenum - ok
14:10:25.0963 2804 SynTP (6da97d6b6de6326eba8ab8291ab41a09) C:\Windows\system32\DRIVERS\SynTP.sys
14:10:25.0963 2804 SynTP - ok
14:10:26.0228 2804 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys
14:10:26.0244 2804 Tcpip - ok
14:10:26.0478 2804 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys
14:10:26.0494 2804 TCPIP6 - ok
14:10:26.0712 2804 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
14:10:26.0712 2804 tcpipreg - ok
14:10:26.0915 2804 tdcmdpst (4084ea00d50c858d6f9038f86ae2e2d0) C:\Windows\system32\DRIVERS\tdcmdpst.sys
14:10:26.0915 2804 tdcmdpst - ok
14:10:27.0102 2804 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
14:10:27.0102 2804 TDPIPE - ok
14:10:27.0289 2804 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys
14:10:27.0289 2804 TDTCP - ok
14:10:27.0492 2804 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
14:10:27.0492 2804 tdx - ok
14:10:27.0695 2804 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
14:10:27.0695 2804 TermDD - ok
14:10:27.0929 2804 tos_sps32 (969377943fe7284609babbab4e06b93c) C:\Windows\system32\DRIVERS\tos_sps32.sys
14:10:27.0944 2804 tos_sps32 - ok
14:10:28.0163 2804 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:10:28.0163 2804 tssecsrv - ok
14:10:28.0366 2804 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
14:10:28.0366 2804 TsUsbFlt - ok
14:10:28.0584 2804 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
14:10:28.0584 2804 tunnel - ok
14:10:28.0787 2804 TVALZ (fc24015b4052600c324c43e3a79c0664) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
14:10:28.0787 2804 TVALZ - ok
14:10:28.0974 2804 TVALZFL (866462f5ae3f375ef83ef9dce436031c) C:\Windows\system32\DRIVERS\TVALZFL.sys
14:10:28.0974 2804 TVALZFL - ok
14:10:29.0146 2804 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
14:10:29.0146 2804 uagp35 - ok
14:10:29.0333 2804 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
14:10:29.0333 2804 udfs - ok
14:10:29.0536 2804 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
14:10:29.0536 2804 uliagpkx - ok
14:10:29.0723 2804 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
14:10:29.0723 2804 umbus - ok
14:10:29.0894 2804 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
14:10:29.0894 2804 UmPass - ok
14:10:30.0097 2804 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
14:10:30.0097 2804 usbccgp - ok
14:10:30.0284 2804 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
14:10:30.0284 2804 usbcir - ok
14:10:30.0472 2804 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\drivers\usbehci.sys
14:10:30.0487 2804 usbehci - ok
14:10:30.0690 2804 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
14:10:30.0690 2804 usbhub - ok
14:10:30.0877 2804 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys
14:10:30.0893 2804 usbohci - ok
14:10:31.0096 2804 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
14:10:31.0096 2804 usbprint - ok
14:10:31.0298 2804 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
14:10:31.0298 2804 usbscan - ok
14:10:31.0486 2804 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:10:31.0486 2804 USBSTOR - ok
14:10:31.0688 2804 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys
14:10:31.0704 2804 usbuhci - ok
14:10:31.0891 2804 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\System32\Drivers\usbvideo.sys
14:10:31.0907 2804 usbvideo - ok
14:10:32.0125 2804 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
14:10:32.0125 2804 vdrvroot - ok
14:10:32.0312 2804 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
14:10:32.0312 2804 vga - ok
14:10:32.0500 2804 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
14:10:32.0500 2804 VgaSave - ok
14:10:32.0687 2804 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
14:10:32.0687 2804 vhdmp - ok
14:10:32.0890 2804 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
14:10:32.0890 2804 viaagp - ok
14:10:33.0061 2804 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
14:10:33.0061 2804 ViaC7 - ok
14:10:33.0248 2804 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
14:10:33.0248 2804 viaide - ok
14:10:33.0436 2804 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
14:10:33.0436 2804 vmbus - ok
14:10:33.0607 2804 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
14:10:33.0623 2804 VMBusHID - ok
14:10:33.0779 2804 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
14:10:33.0794 2804 volmgr - ok
14:10:33.0966 2804 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
14:10:33.0982 2804 volmgrx - ok
14:10:34.0153 2804 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
14:10:34.0153 2804 volsnap - ok
14:10:34.0372 2804 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
14:10:34.0372 2804 vsmraid - ok
14:10:34.0543 2804 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
14:10:34.0543 2804 vwifibus - ok
14:10:34.0730 2804 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
14:10:34.0730 2804 vwififlt - ok
14:10:34.0933 2804 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\Windows\system32\DRIVERS\vwifimp.sys
14:10:34.0949 2804 vwifimp - ok
14:10:35.0136 2804 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
14:10:35.0136 2804 WacomPen - ok
14:10:35.0323 2804 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
14:10:35.0323 2804 WANARP - ok
14:10:35.0339 2804 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
14:10:35.0339 2804 Wanarpv6 - ok
14:10:35.0588 2804 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
14:10:35.0588 2804 Wd - ok
14:10:35.0776 2804 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
14:10:35.0776 2804 Wdf01000 - ok
14:10:35.0994 2804 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
14:10:35.0994 2804 WfpLwf - ok
14:10:36.0166 2804 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
14:10:36.0166 2804 WIMMount - ok
14:10:36.0400 2804 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
14:10:36.0400 2804 WmiAcpi - ok
14:10:36.0602 2804 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
14:10:36.0618 2804 ws2ifsl - ok
14:10:36.0805 2804 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
14:10:36.0805 2804 WudfPf - ok
14:10:37.0024 2804 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:10:37.0039 2804 WUDFRd - ok
14:10:37.0102 2804 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
14:10:37.0133 2804 \Device\Harddisk0\DR0 - ok
14:10:37.0148 2804 Boot (0x1200) (0f464e901f0791305370558deba7f648) \Device\Harddisk0\DR0\Partition0
14:10:37.0148 2804 \Device\Harddisk0\DR0\Partition0 - ok
14:10:37.0164 2804 Boot (0x1200) (bf3ac5cf10ec167d6888549572b5789c) \Device\Harddisk0\DR0\Partition1
14:10:37.0164 2804 \Device\Harddisk0\DR0\Partition1 - ok
14:10:37.0164 2804 ============================================================
14:10:37.0164 2804 Scan finished
14:10:37.0164 2804 ============================================================
14:10:37.0180 0680 Detected object count: 1
14:10:37.0180 0680 Actual detected object count: 1
14:10:52.0951 0680 HKLM\SYSTEM\ControlSet001\services\sptd - will be deleted on reboot
14:10:52.0998 0680 HKLM\SYSTEM\ControlSet002\services\sptd - will be deleted on reboot
14:10:53.0029 0680 C:\Windows\System32\Drivers\sptd.sys - will be deleted on reboot
14:10:53.0029 0680 sptd ( LockedFile.Multi.Generic ) - User select action: Delete
14:10:56.0992 4772 Deinitialize success

#13 Příspěvek od **motji** » 06 pro 2011 14:18

Fajn, ted to necháme uložet do večera, ju a pak zopakuj ted tdss killer

timoti · #14 Příspěvek od **timoti** » 06 pro 2011 14:44

fajn aj esetom som prehladal a momentalne este nič nenašlo vyzerá to slubne Ďakujem krásne

)) tak zajtra to prehladam zase ahoj

#15 Příspěvek od **motji** » 06 pro 2011 22:20

Ráno to zopakuj, asi po obědě mrknu

VIRY.CZ

mam vírus kt. sa neda zmazať POMOC PLEASE

mam vírus kt. sa neda zmazať POMOC PLEASE

Re: mam vírus kt. sa neda zmazať POMOC PLEASE

Re: mam vírus kt. sa neda zmazať POMOC PLEASE

Re: mam vírus kt. sa neda zmazať POMOC PLEASE

Re: mam vírus kt. sa neda zmazať POMOC PLEASE

Re: mam vírus kt. sa neda zmazať POMOC PLEASE

Re: mam vírus kt. sa neda zmazať POMOC PLEASE

Re: mam vírus kt. sa neda zmazať POMOC PLEASE

Re: mam vírus kt. sa neda zmazať POMOC PLEASE

Re: mam vírus kt. sa neda zmazať POMOC PLEASE

Re: mam vírus kt. sa neda zmazať POMOC PLEASE

Re: mam vírus kt. sa neda zmazať POMOC PLEASE

Re: mam vírus kt. sa neda zmazať POMOC PLEASE

Re: mam vírus kt. sa neda zmazať POMOC PLEASE

Re: mam vírus kt. sa neda zmazať POMOC PLEASE