VIRY.CZ

Zdravím.

Včera se zpomalil mi notebook a dnes ráno už se ani nechtěl nastartovat. Windows to sám řešil v nouzovém režimu nějakým nástrojem na start systému, nic ovšem nenašel a najednou to po restartu běželo. Při tom prvním raním startu notebook ještě divně pískal, tudíž může být problém i v hardwaru, ale zmátlo mě, že po tom úspěšném startu jsem zjistil, že tu nemám žádné body obnovy a nástroj obnovení systému byl vypnutý. Možná toho bude i víc. Mám tedy i podezření na nějaký vir, který mohl něco napáchat. Pravděpobobnou příčinou bude vir na FB napodobujíci YT. Budu moc vděčný za pomoc.

Logfile of random's system information tool 1.09 (written by random/random)
Run by martin at 2012-01-10 12:38:28
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 353 GB (74%) free of 477 GB
Total RAM: 3819 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:38:46, on 10.1.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Acer Display\eDisplay Management\DTHtml.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\wpctrl.exe
C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\floater.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files\trend micro\martin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [PivotSoftware] "C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe" -delay=10
O4 - HKLM\..\Run: [DT ACR] C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe -ACR
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [ShowBatteryBar] "C:\Program Files\BatteryBar\ShowBatteryBar.exe" show
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Správce úloh aplikace Autodesk Moldflow Inventor Tool Suite Integration 2012 (mitsijm2012) - Autodesk, Inc. - C:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8848 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 26670032
\??\C:\Windows\system32\conhost.exe "-1873993869-802050066751253565-1939537821-814897236576597745297023946-1030649048
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
"C:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe"
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}"
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 1100
"c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-5d251c47-f618-415b-a118-f081af6c0365 -SystemEventPortName:HostProcess-dfa34261-b056-43f1-975e-85bcba586adf -IoCancelEventPortName:HostProcess-79831780-6172-4ac6-9a1c-42e2b1d3d99d -NonStateChangingEventPortName:HostProcess-9a5a9f93-d8dd-4366-8211-5a81d1680c12 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:8ab2d93d-6323-407e-867b-7594711e0341
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"C:\Program Files (x86)\Acer Display\eDisplay Management\DTHtml.exe" -Customer=ACR -startup_folder -DT_Startup
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Common Files\Portrait Displays\Shared\HookManager.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\wpctrl.exe"
"C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\floater.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Opera\opera.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Users\martin\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-01-13 2538280]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2011-06-15 1436736]
"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2011-01-28 862088]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ShowBatteryBar"=C:\Program Files\BatteryBar\ShowBatteryBar.exe [2009-05-28 89600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files (x86)\ICQ7.7\ICQ.exe [2011-11-26 127040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^martin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk]
C:\PROGRA~2\OPENOF~1.ORG\program\QUICKS~1.EXE [2010-12-13 1198592]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-05-24 336384]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
"PivotSoftware"=C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe [2010-05-13 110192]
"DT ACR"=C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe [2011-05-26 121456]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2011-03-14 1081424]
"Malwarebytes' Anti-Malware"=C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [2011-12-24 460872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1
"UseOEMBackground"=0
"DisplayLastLogonInfo"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2012-01-10 12:38:29 ----D---- C:\Program Files\trend micro
2012-01-10 12:38:28 ----D---- C:\rsit
2011-12-14 09:11:29 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-12-14 09:11:29 ----A---- C:\Windows\system32\mshtmled.dll
2011-12-14 09:11:27 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-12-14 09:11:27 ----A---- C:\Windows\system32\iertutil.dll
2011-12-14 09:11:25 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-12-14 09:11:25 ----A---- C:\Windows\SYSWOW64\url.dll
2011-12-14 09:11:25 ----A---- C:\Windows\system32\url.dll
2011-12-14 09:11:24 ----A---- C:\Windows\SYSWOW64\ieui.dll
2011-12-14 09:11:24 ----A---- C:\Windows\system32\urlmon.dll
2011-12-14 09:11:24 ----A---- C:\Windows\system32\ieui.dll
2011-12-14 09:11:23 ----A---- C:\Windows\system32\jsproxy.dll
2011-12-14 09:11:22 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-12-14 09:11:22 ----A---- C:\Windows\system32\wininet.dll
2011-12-14 09:11:20 ----A---- C:\Windows\system32\jscript9.dll
2011-12-14 09:11:19 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2011-12-14 09:11:19 ----A---- C:\Windows\SYSWOW64\jscript.dll
2011-12-14 09:11:18 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2011-12-14 09:11:18 ----A---- C:\Windows\system32\jscript.dll
2011-12-14 09:11:16 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-12-14 09:11:11 ----A---- C:\Windows\system32\mshtml.dll
2011-12-14 09:11:10 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-12-14 09:11:09 ----A---- C:\Windows\system32\ieframe.dll
2011-12-14 07:46:22 ----A---- C:\Windows\system32\csrsrv.dll
2011-12-14 07:46:20 ----A---- C:\Windows\system32\win32k.sys
2011-12-14 07:46:17 ----A---- C:\Windows\system32\EncDec.dll
2011-12-14 07:46:16 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2011-12-14 07:46:09 ----A---- C:\Windows\SYSWOW64\tzres.dll
2011-12-14 07:46:09 ----A---- C:\Windows\system32\tzres.dll
2011-12-13 23:02:56 ----D---- C:\Program Files\DWG TrueView 2010
2011-12-13 23:02:14 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2011-12-13 23:02:14 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2011-12-13 23:02:14 ----A---- C:\Windows\system32\d3dx10_37.dll
2011-12-13 23:02:14 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2011-12-13 23:02:11 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2011-12-13 23:02:11 ----A---- C:\Windows\system32\D3DX9_37.dll
2011-12-13 20:32:38 ----A---- C:\Windows\system32\d3dx10_41.dll
2011-12-13 20:32:38 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2011-12-13 20:32:35 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2011-12-13 20:32:35 ----A---- C:\Windows\system32\D3DX9_41.dll
2011-12-13 20:32:22 ----A---- C:\Windows\system32\d3dx9_30.dll

======List of files/folders modified in the last 1 month======

2012-01-10 12:38:46 ----D---- C:\Windows\Temp
2012-01-10 12:38:41 ----D---- C:\Windows\Prefetch
2012-01-10 12:38:29 ----RD---- C:\Program Files
2012-01-10 12:38:27 ----D---- C:\Users\martin\AppData\Roaming\ICQ
2012-01-10 12:21:29 ----SHD---- C:\System Volume Information
2012-01-10 12:15:06 ----D---- C:\Windows\System32
2012-01-10 12:15:06 ----D---- C:\Windows\inf
2012-01-10 12:15:06 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-01-10 12:09:13 ----D---- C:\Windows\system32\config
2012-01-10 11:53:55 ----D---- C:\Windows\system32\LogFiles
2012-01-10 11:53:30 ----D---- C:\Windows
2012-01-09 19:56:27 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-01-09 19:56:16 ----D---- C:\Windows\system32\drivers
2012-01-09 18:30:28 ----D---- C:\Users\martin\AppData\Roaming\AIMP3
2012-01-09 18:28:32 ----D---- C:\Windows\Logs
2012-01-09 18:28:32 ----D---- C:\Windows\debug
2012-01-09 18:22:33 ----D---- C:\Program Files\CCleaner
2012-01-08 18:27:00 ----RSD---- C:\Windows\assembly
2012-01-08 18:27:00 ----D---- C:\Windows\Microsoft.NET
2012-01-08 17:03:16 ----D---- C:\Windows\winsxs
2012-01-08 17:02:52 ----SHD---- C:\Windows\Installer
2012-01-08 17:02:13 ----D---- C:\Windows\SysWOW64
2012-01-08 17:02:13 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2012-01-08 16:54:29 ----D---- C:\Windows\system32\catroot2
2012-01-08 16:54:29 ----D---- C:\Windows\system32\catroot
2012-01-01 19:17:54 ----D---- C:\Program Files (x86)\AIMP3
2011-12-22 20:10:20 ----HD---- C:\Windows\system32\GroupPolicy
2011-12-22 20:04:37 ----SHD---- C:\$Recycle.Bin
2011-12-22 20:04:28 ----RD---- C:\Users
2011-12-21 20:02:18 ----D---- C:\Windows\system32\NDF
2011-12-19 21:37:58 ----RSD---- C:\Windows\Fonts
2011-12-19 21:30:38 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-12-19 21:26:49 ----D---- C:\RBR
2011-12-19 21:20:23 ----D---- C:\Windows\SYSWOW64\drivers
2011-12-18 11:34:25 ----D---- C:\Windows\rescache
2011-12-15 23:09:48 ----D---- C:\Users\martin\AppData\Roaming\Skype
2011-12-14 09:19:02 ----D---- C:\Windows\SYSWOW64\migration
2011-12-14 09:19:02 ----D---- C:\Windows\system32\migration
2011-12-14 09:19:02 ----D---- C:\Program Files\Internet Explorer
2011-12-14 09:19:02 ----D---- C:\Program Files (x86)\Internet Explorer
2011-12-14 09:12:52 ----A---- C:\Windows\system32\MRT.exe
2011-12-14 09:10:22 ----D---- C:\Windows\SYSWOW64\cs-CZ
2011-12-14 09:10:22 ----D---- C:\Windows\system32\cs-CZ
2011-12-13 23:38:09 ----D---- C:\Users\martin\AppData\Roaming\Autodesk
2011-12-13 23:20:11 ----D---- C:\ProgramData\Autodesk
2011-12-13 23:15:19 ----D---- C:\Program Files\Autodesk
2011-12-13 23:09:19 ----D---- C:\Windows\Downloaded Program Files
2011-12-13 23:03:28 ----D---- C:\Program Files\Common Files\Autodesk Shared
2011-12-13 23:03:27 ----D---- C:\Windows\Help
2011-12-13 22:56:13 ----D---- C:\Windows\system32\Tasks
2011-12-13 20:56:07 ----D---- C:\Autodesk

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-12-08 279616]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2011-04-18 189440]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-05-24 9359872]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-05-24 309760]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2011-03-30 114704]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-01-12 4720704]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-01-25 77424]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2011-12-10 23152]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 40832]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 84864]
R3 PdiPorts;Portrait Displays low level device driver; C:\Windows\system32\DRIVERS\PdiPorts.sys [2011-05-05 20592]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-01-13 1412144]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2010-11-28 44672]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2011-05-13 48488]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-05-24 204288]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-03-14 352336]
R2 DTSRVC;Portrait Displays Display Tune Service; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [2011-05-26 129648]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-01-28 868224]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-24 652872]
R2 mitsijm2012;Správce úloh aplikace Autodesk Moldflow Inventor Tool Suite Integration 2012; C:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe [2010-12-08 848184]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2011-04-27 12784]
R2 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-05-05 113264]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-11-02 136176]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-11-21 1431888]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-05-13 1492840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-11-02 136176]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-11-02 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------





info.txt logfile of random's system information tool 1.09 2012-01-10 12:38:50

======Uninstall list======

Acer 3G Connection Manager-->"C:\Program Files (x86)\InstallShield Installation Information\{96F5085A-FAB3-40DA-BF1A-EABC37EA031C}\setup.exe" -runfromtemp -l0x0005 -removeonly
Acer Crystal Eye Webcam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
Acer Crystal Eye Webcam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
Acer eDisplay Management-->"C:\Program Files (x86)\InstallShield Installation Information\{A586DC50-B18D-48FB-B7CC-A598200457C2}\setup.exe" -runfromtemp -l0x0409 -removeonly
Acer ePower Management-->"C:\Program Files (x86)\InstallShield Installation Information\{3DB0448D-AD82-4923-B305-D001E521A964}\setup.exe" -runfromtemp -l0x0005 -removeonly
Adobe Flash Player 11 ActiveX 64-bit-->C:\Windows\system32\Macromed\Flash\FlashUtil64_11_1_102_ActiveX.exe -maintain activex
Adobe Flash Player 11 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_Plugin.exe -maintain plugin
Adobe Reader X (10.1.1) - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AA1000000001}
Adobe Shockwave Player 11.6-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"
AIMP3-->C:\Program Files (x86)\AIMP3\Uninstall.exe
AMD APP SDK Runtime-->MsiExec.exe /I{503F672D-6C84-448A-8F8F-4BC35AC83441}
AMD Media Foundation Decoders-->MsiExec.exe /X{2E12FEB9-11CD-5B44-D51B-0837225A6594}
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\setup.exe" -runfromtemp -removeonly
Atheros Driver Installation Program-->"C:\Program Files (x86)\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\setup.exe" -runfromtemp -l0x0405
ATI Catalyst Install Manager-->msiexec /q/x{3605D89A-BD66-F5C5-779B-BE9110B41077} REBOOT=ReallySuppress
Audacity 1.3.13 (Unicode)-->"C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)\unins000.exe"
AutoCAD Mechanical 2011 Version 2-->Msiexec.exe /uninstall {C54E50A4-DD5A-1864-923C-ABD5B71C79FC} /package {5783F2D7-9005-0405-0102-0060B0CE6BBA} /qb
AutoCAD Mechanical 2011-->C:\Program Files\Autodesk\ACADM 2011\Setup\Setup.exe /P {5783F2D7-9005-0405-0102-0060B0CE6BBA} /M ACM /language cs-CZ
AutoCAD Mechanical 2011-->C:\Program Files\Autodesk\ACADM 2011\Setup\Setup.exe /P {5783F2D7-9005-0405-0102-0060B0CE6BBA} /M ACM /language cs-CZ
Autodesk Design Review 2012-->C:\Program Files (x86)\Autodesk\Autodesk Design Review 2012\Setup\Setup.exe /P {A49BDCBE-590E-43A6-AB77-7C40E499B7C1} /M ADR /language en-US
Autodesk Inventor Content Center Libraries 2010 (Desktop Content)-->MsiExec.exe /X{EF90F06A-3B2D-48E3-8C7A-1F2210200476}
Autodesk Inventor Content Center Libraries 2012 (Desktop Content)-->MsiExec.exe /X{B46DECD1-1664-4EF1-0000-22D71E81877C}
Autodesk Inventor Fusion 2012-->C:\Program Files\Autodesk\Inventor Fusion 2012\Setup\Setup.exe /P {FFF5619F-6669-4EC5-A85E-9994F70A9E5D} /M INVENTORFUSION /LANG cs-CZ
Autodesk Inventor Fusion 2012-->MsiExec.exe /X{FFF5619F-6669-4EC5-A85E-9994F70A9E5D}
Autodesk Inventor Fusion for Inventor 2012 Add-in-->C:\Program Files\Autodesk\Inventor 2012\Bin\FUSION4INVADDINSSetup\Setup\Setup.exe /P {4E3B47F2-21EB-4F20-87C8-5A0E4D5F3858} /M FUSION4INVADDINS /LANG cs-CZ
Autodesk Inventor Professional 2010 čeština (Czech)-->C:\Program Files\Autodesk\Inventor 2010\Setup\Setup.exe /P {144B2F95-E2C6-4317-94E7-0B9B03F133B7} /M INVENTOR /LANG cs-CZ
Autodesk Inventor Professional 2010 SP1-->Msiexec.exe /uninstall {702F2425-1400-1000-0064-F0408A8E25CA} /package {144B2F95-E2C6-4317-94E7-0B9B03F133B7} /qb
Autodesk Inventor Professional 2010-->MsiExec.exe /I{144B2F95-E2C6-4317-94E7-0B9B03F133B7}
Autodesk Inventor Professional 2010-->MsiExec.exe /I{F763AC14-3F26-4161-9567-11D5260AD4FE}
Autodesk Inventor Professional 2012 Čeština-->C:\Program Files\Autodesk\Inventor 2012\Setup\Setup.exe /P {7F4DD591-1664-0409-0000-7107D70F3DB4} /M INVENTOR /LANG cs-CZ
Autodesk Inventor Professional 2012 Jazykový balíček – čeština-->MsiExec.exe /I{7F4DD591-1664-0409-0001-7107D70F3DB4}
Autodesk Inventor Professional 2012-->MsiExec.exe /I{7F4DD591-1664-0409-0000-7107D70F3DB4}
Autodesk Material Library 2011 Base Image library-->MsiExec.exe /I{CD1E078C-A6B9-47DA-B035-6365C85C7832}
Autodesk Material Library 2011-->MsiExec.exe /I{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}
Autodesk Material Library 2012-->MsiExec.exe /I{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}
Autodesk Material Library Base Resolution Image Library 2012-->MsiExec.exe /I{65420DC9-306E-4371-905F-F4DC3B418E52}
Autodesk Material Library Low Resolution Image Library 2012-->MsiExec.exe /I{24FF088D-CDCF-480C-8A4B-98F14A54CAA8}
Autodesk Vault 2012 (Client) Czech Language Pack-->MsiExec.exe /I{266597A9-1664-0000-0100-DCBF2B69166B}
Autodesk Vault 2012 (Client)-->C:\Program Files\Autodesk\Vault 2012\Setup\setup.exe /P {CF526A26-1664-0000-0000-02E95019B628} /M VAULT /language cs-CZ
Autodesk Vault 2012 (Client)-->MsiExec.exe /X{CF526A26-1664-0000-0000-02E95019B628}
BatteryBar (remove only)-->"C:\Program Files\BatteryBar\Uninstall.exe"
Broadcom 802.11 Network Adapter-->"C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver"
Catalyst Control Center - Branding-->MsiExec.exe /I{1895E5C2-A9F8-4757-AD7B-0E9EA8BA1C46}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Celestia 1.6.1-->"C:\Program Files (x86)\Celestia\unins000.exe"
Cisco EAP-FAST Module-->MsiExec.exe /I{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}
Cisco LEAP Module-->MsiExec.exe /I{51C7AD07-C3F6-4635-8E8A-231306D810FE}
Cisco PEAP Module-->MsiExec.exe /I{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
DAEMON Tools Lite-->C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe
D-Fend Reloaded 1.2.1 (Odinstalovat)-->"C:\Program Files (x86)\D-Fend Reloaded\Uninstall.exe"
Doplněk Autodesk Inventor Fusion pro aplikaci Inventor 2012-->MsiExec.exe /I{4E3B47F2-21EB-4F20-87C8-5A0E4D5F3858}
DWG TrueView 2010-->c:\Program Files\DWG TrueView 2010\Setup\Setup.exe /P {5783F2D7-8028-0409-0100-0060B0CE6BBA} /M AOEM /language en-US
DWG TrueView 2012-->C:\Program Files\Autodesk\DWG TrueView 2012\Setup\Setup.exe /P {5783F2D7-A028-0409-0100-0060B0CE6BBA} /M AOEM /language en-US
Eco Materials Adviser (x64)-->MsiExec.exe /X{E027C59C-4C47-4BE8-8078-BCD3D2680EC3}
FARO LS 1.1.406.58-->MsiExec.exe /I{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}
GIMP 2.6.11-->"C:\Program Files (x86)\GIMP-2.0\setup\unins000.exe"
Google Earth-->MsiExec.exe /X{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Gutekunst WinFSB 6.2-->C:\PROGRA~2\GKWinFSB\GKWinFSB\UNWISE.EXE C:\PROGRA~2\GKWinFSB\GKWinFSB\INSTALL.LOG
ICQ7.7-->"C:\Program Files (x86)\InstallShield Installation Information\{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
Java(TM) 6 Update 29-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216022FF}
Jazykový balíček Autodesk Inventor Fusion 2012-->MsiExec.exe /X{FFF7F80F-929E-497F-A112-B070DE816128}
Jazykový balíček doplňku Autodesk Inventor Fusion pro aplikaci Inventor 2012-->MsiExec.exe /I{4E1A54A9-FFB3-4BE6-B59B-3CC94C3B31D2}
Junk Mail filter update-->MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
K-Lite Codec Pack 7.9.0 (Basic)-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe"
Last.fm 1.5.4.27091-->"C:\Program Files (x86)\Last.fm\unins000.exe"
Launch Manager-->C:\Windows\UNINSTLMv4.EXE LMv4.UNI
Malwarebytes Anti-Malware verze 1.60.0.1800-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /x64 /lcid 1029 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->MsiExec.exe /X{790E02A1-145A-3843-8C13-A4F41C9B48B7}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft .NET Framework 4 Extended-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\Setup.exe /repair /x86 /x64 /parameterfolder Extended
Microsoft .NET Framework 4 Extended-->MsiExec.exe /X{8E34682C-8118-31F1-BC4C-98CD9675E1C2}
Microsoft Antimalware Service CS-CZ Language Pack-->MsiExec.exe /X{17CA32D1-73BD-4990-B8F6-369D8D34B05D}
Microsoft Antimalware-->MsiExec.exe /X{05BFB060-4F22-4710-B0A2-2801A1B606C5}
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170)-->MsiExec.exe /X{41785C66-90F2-40CE-8CB5-1C94BFC97280}
Microsoft Security Client CS-CZ Language Pack-->MsiExec.exe /I{DC911ADF-7B60-40F2-A112-FB1EB6402D07}
Microsoft Security Client-->MsiExec.exe /I{42738DB0-FC3E-4672-A99B-9372F5696E30}
Microsoft Security Essentials-->C:\Program Files\Microsoft Security Client\Setup.exe /x
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{071c9b48-7c32-4621-a0ac-3f809523288f}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319-->MsiExec.exe /X{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319-->MsiExec.exe /X{196BB40D-1578-3D01-B289-BEFC77A11A1E}
Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13}
MSVCRT_amd64-->MsiExec.exe /I{D0B44725-3666-492D-BEF6-587A14BD9BD9}
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
OpenOffice.org 3.3-->MsiExec.exe /I{10B43A43-FF73-47FD-83E8-A503E84F9ED6}
Opera 11.60-->"C:\Program Files (x86)\Opera\Opera.exe" /uninstall
Orbiter 2010-P1-->MsiExec.exe /I{4D27CE85-F519-42C1-B4AB-C0BD976FB0BA}
Pivot Pro Plugin-->"C:\Program Files (x86)\InstallShield Installation Information\{0217E1D1-BCEF-4A61-AF6D-F7740F65A066}\setup.exe" -runfromtemp -l0x0009 -removeonly
Quick Uninstall Tool for Autodesk Inventor 2012-->MsiExec.exe /X{D25FF5C1-1664-469A-9794-69309387C193}
Richard Burns Rally-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{72CE541B-52BD-4FA1-8CD6-19341939AB21}
RSRBR2012-->"C:\RBR\Richard Burns Rally\unins000.exe"
SDK-->"C:\Program Files (x86)\InstallShield Installation Information\{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}\setup.exe" -runfromtemp -l0x0409
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BCD37DCB-F479-3D4D-A90E-A0F7575549C4} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FF811680-AECE-3F35-A98C-1B84B6E09168} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2478663)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder ClientLP
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2518870)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder ClientLP
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {9D621E6E-E010-3C80-A055-135891134750} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Extended
SimCity 4 Deluxe-->C:\Program Files (x86)\Maxis\SimCity 4 Deluxe\EAUninstall.exe
Skype™ 5.5-->MsiExec.exe /X{AA59DDE4-B672-4621-A016-4C248204957A}
Stellarium 0.11.1-->"C:\Program Files (x86)\Stellarium\unins000.exe"
swMSM-->MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726}
Synaptics Pointing Device Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Total Commander 64-bit (Remove or Repair)-->c:\totalcmd\tcunin64.exe
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client
Update for Microsoft .NET Framework 4 Extended (KB2468871)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Extended
Update for Microsoft .NET Framework 4 Extended (KB2533523)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Extended
VLC media player 1.1.11-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}
Windows Live Family Safety-->MsiExec.exe /I{553BB3BD-7A2A-4E5E-9B2F-2D14DC70093A}
Windows Live Family Safety-->MsiExec.exe /X{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}
Windows Live Fotogalerie-->MsiExec.exe /X{FB79FDB7-4DE1-453D-99FE-9A880F57380E}
Windows Live ID Sign-in Assistant-->MsiExec.exe /I{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}
Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}
Windows Live Language Selector-->MsiExec.exe /I{180C8888-50F1-426B-A9DC-AB83A1989C65}
Windows Live Mail-->MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30}
Windows Live Mail-->MsiExec.exe /I{C454280F-3C3E-4929-B60E-9E6CED5717E7}
Windows Live MIME IFilter-->MsiExec.exe /I{DA54F80E-261C-41A2-A855-549A144F2F59}
Windows Live Movie Maker-->MsiExec.exe /X{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}
Windows Live Movie Maker-->MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38}
Windows Live Photo Common-->MsiExec.exe /X{78906B56-0E81-42A7-AC25-F54C946E1538}
Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
Windows Live Photo Gallery-->MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1}
Windows Live PIMT Platform-->MsiExec.exe /I{83C292B7-38A5-440B-A731-07070E81A64F}
Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}
Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}
Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
Windows Live Writer Resources-->MsiExec.exe /X{AB78C965-5C67-409B-8433-D7B5BDB12073}
Windows Live Writer-->MsiExec.exe /X{4264C020-850B-4F08-ACBE-98205D9C336C}
Windows Live Writer-->MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04}
Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
WinRAR 4.01 (64-bit)-->C:\Program Files\WinRAR\uninstall.exe
Zip Motion Block Video codec (Remove Only)-->rundll32.exe setupapi,InstallHinfSection DefaultUninstall 132 C:\Windows\INF\ZMBV.INF
Zoner Photo Studio 13 FREE-->"C:\Program Files (x86)\Zoner\Photo Studio 13\unins000.exe" /SILENT

======System event log======

Computer Name: ONE722
Event Code: 7036
Message: Stav služby Mezipaměť písem Windows byl změněn na: Spuštěno
Record Number: 98353
Source Name: Service Control Manager
Time Written: 20111205093834.150196-000
Event Type: Informace
User:

Computer Name: ONE722
Event Code: 7036
Message: Stav služby Microsoft .NET Framework NGEN v4.0.30319_X64 byl změněn na: Zastaveno
Record Number: 98352
Source Name: Service Control Manager
Time Written: 20111205093832.487670-000
Event Type: Informace
User:

Computer Name: ONE722
Event Code: 7036
Message: Stav služby Microsoft .NET Framework NGEN v4.0.30319_X64 byl změněn na: Spuštěno
Record Number: 98351
Source Name: Service Control Manager
Time Written: 20111205093832.485170-000
Event Type: Informace
User:

Computer Name: ONE722
Event Code: 7036
Message: Stav služby Microsoft .NET Framework NGEN v4.0.30319_X86 byl změněn na: Zastaveno
Record Number: 98350
Source Name: Service Control Manager
Time Written: 20111205093831.842660-000
Event Type: Informace
User:

Computer Name: ONE722
Event Code: 7036
Message: Stav služby Microsoft .NET Framework NGEN v4.0.30319_X86 byl změněn na: Spuštěno
Record Number: 98349
Source Name: Service Control Manager
Time Written: 20111205093831.842660-000
Event Type: Informace
User:

=====Application event log=====

Computer Name: 37L4247E29-32
Event Code: 412
Message: Catalog Database (304) Catalog Database: Ze záhlaví souboru protokolu C:\Windows\system32\CatRoot2\edb.log nelze číst. Chyba -546
Record Number: 5
Source Name: ESENT
Time Written: 20110111201101.000000-000
Event Type: Chyba
User:

Computer Name: 37L4247E29-32
Event Code: 5617
Message: Windows Management Instrumentation Service subsystems initialized successfully
Record Number: 4
Source Name: Microsoft-Windows-WMI
Time Written: 20110111201056.000000-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 5615
Message: Windows Management Instrumentation Service started sucessfully
Record Number: 3
Source Name: Microsoft-Windows-WMI
Time Written: 20110111201052.000000-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 1531
Message: Služba Profil uživatele byla úspěšně spuštěna.


Record Number: 2
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20110111201046.483320-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: 37L4247E29-32
Event Code: 4625
Message: Subsystém EventSystem zabraňuje vytváření duplicitních záznamů v protokolu událostí po dobu 86400 sekund. Tuto dobu lze změnit pomocí hodnoty REG_DWORD s názvem SuppressDuplicateDuration v následujícím klíči registru: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 1
Source Name: Microsoft-Windows-EventSystem
Time Written: 20110111201046.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: 37L4247E29-32
Event Code: 4735
Message: Byla změněna zabezpečená místní skupina.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: 37L4247E29-32$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Skupina:
ID zabezpečení: S-1-5-32-551
Název skupiny: Backup Operators
Doména skupiny: Builtin

Změněné atributy:
Název účtu SAM: -
Historie identifikátoru zabezpečení: -

Další informace:
Oprávnění: -
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110111201017.046068-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247E29-32
Event Code: 4731
Message: Byla vytvořena zabezpečená místní skupina.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: 37L4247E29-32$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Nová skupina:
ID zabezpečení: S-1-5-32-551
Název skupiny: Backup Operators
Doména skupiny: Builtin

Atributy:
Název účtu SAM: Backup Operators
Historie identifikátoru zabezpečení: -

Další informace:
Oprávnění: -
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110111201017.046068-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247E29-32
Event Code: 4902
Message: Tabulka zásad auditu pro jednotlivé uživatele byla vytvořena.

Počet prvků: 0
ID zásady: 0x30b63
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110111201016.546868-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247E29-32
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
ID přihlášení: 0x0

Typ přihlášení: 0

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x4
Název procesu:

Informace o síti:
Název pracovní stanice: -
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: -
Balíček ověření: -
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110111201014.175663-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247E29-32
Event Code: 4608
Message: Spouští se systém Windows.

Tato událost je zaznamenána při spuštění procesu LSASS.EXE a inicializaci kontrolního podsystému.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110111201014.082063-000
Event Type: Úspěšný audit
User:

======Environment variables======

"AMDAPPSDKROOT"=C:\Program Files (x86)\AMD APP\
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"NUMBER_OF_PROCESSORS"=2
"OS"=Windows_NT
"Path"=C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\Program Files (x86)\AMD APP\bin\x86_64;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Windows Live\Shared
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"PROCESSOR_IDENTIFIER"=AMD64 Family 20 Model 2 Stepping 0, AuthenticAMD
"PROCESSOR_LEVEL"=20
"PROCESSOR_REVISION"=0200
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"CM2012DIR"=C:\Program Files (x86)\Common Files\Autodesk Shared\Materials\
"ILBDIR"=C:\Program Files (x86)\Common Files\Autodesk Shared\Materials\
"ILLDIR"=C:\Program Files (x86)\Common Files\Autodesk Shared\Materials\
"OMP_NUM_THREADS"=2

-----------------EOF-----------------

Také zdravím!
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Program Files (x86)\Google\Update

:services
gupdate
gupdatem

:commands
[Purity]
[Emtytemp]
[Emptyflash]

a klikněte na MoveIt!. PC bude restartován.

Provedeno. Jen restart se nekonal, i když jsem to chvíli nechal, tak jsem to restartoval ručně.
Popravdě nevím, kde přesně mám poznat rozdíl, jen vím, že jsem klikl na ten vir obsahující odkaz, co se tvářil jako YT, notebook byl poté ještě pomalejší než jindy a ráno nechtěl naběhnout systém, respektive naběhl až na 3. pokus. Divil jsem se, že nešel použít nástroj Obnovení systému, byl vyplý a body obnovy pryč a je to jediný problém, na který jsem přišel jen vlastním zkoumáním, jinak od toho úspěšného startu funguje na oko naprosto normálně.
Mám tedy ještě nějak pokračovat, nebo by to mělo být v pořádku? Jak říkám, nelze to z běžného uživatelského hlediska poznat.

Po čištění by se měl zrychlit. Pokud se tak nestalo, dejte log ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

Je tu ovšem stále problém s tím startem. Na chvíli jsem notebook vypnul a opět se nechtěl nastartovat. Objevil se jen nápis "No bootable device", a to vše za celkem hlasitého bzučení. Až na několikátý pokus (možná po zahřátí, nevím), systém naskočil - to již za běžné hlasitosti. Sice jsem kliknul na ten zavirovaný odkaz, kdy se vše opravdu výrazně zpomalilo, ale není přímo tohle přeci jen vadným hardwarem? Jen souhra náhod? Netuším, jestli tohle mohou dělat i viry.

No bootable device rozhodně nezpůsobuje virus. Buď je to chyba disku, nebo řadiče, případně datového kabelu k disku. Vir tam, samozřejmě může být také, jen toto nezpůsobuje. Proto jsem žádal sken CF. Pokud se vám podaří PC nastartovat, zkuste ten CF a také test disku CrystalDiskInfo: http://www.stahuj.centrum.cz/utility_a_ ... ldiskinfo/ . Přes Úpravy>kopírovat sem dejte log.

Tak vkládám CF log, scan bohužel trval velmi dlouho:

ComboFix 12-01-10.02 - martin 10.01.2012 20:40:05.1.2 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.3819.2478 [GMT 1:00]
Spuštěný z: c:\users\martin\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-10 do 2012-01-10 )))))))))))))))))))))))))))))))
.
.
2012-01-10 20:44 . 2012-01-10 20:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-10 19:27 . 2012-01-10 19:27 69000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9C112FFD-3BBD-45EE-9AAA-B26DCD1999B9}\offreg.dll
2012-01-10 18:02 . 2012-01-10 18:02 -------- d-----w- C:\_OTM
2012-01-10 11:38 . 2012-01-10 11:38 -------- d-----w- c:\program files\trend micro
2012-01-10 11:38 . 2012-01-10 11:38 -------- d-----w- C:\rsit
2012-01-10 10:58 . 2011-11-21 11:40 8822856 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9C112FFD-3BBD-45EE-9AAA-B26DCD1999B9}\mpengine.dll
2012-01-01 19:23 . 2012-01-01 22:08 -------- d-----w- c:\users\martin\AppData\Local\Microsoft Games
2011-12-22 19:04 . 2011-12-22 19:04 -------- d-----w- c:\users\Guest
2011-12-19 14:26 . 2011-12-19 14:26 -------- d-----w- c:\users\martin\AppData\Local\GHISLER
2011-12-14 06:46 . 2011-10-26 05:21 43520 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-14 06:46 . 2011-11-24 04:52 3145216 ----a-w- c:\windows\system32\win32k.sys
2011-12-14 06:46 . 2011-10-15 06:31 723456 ----a-w- c:\windows\system32\EncDec.dll
2011-12-14 06:46 . 2011-10-15 05:38 534528 ----a-w- c:\windows\SysWow64\EncDec.dll
2011-12-14 06:46 . 2011-11-05 05:32 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-14 06:46 . 2011-11-05 04:26 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2011-12-13 22:02 . 2011-12-13 22:03 -------- d-----w- c:\program files\DWG TrueView 2010
2011-12-13 22:02 . 2008-03-05 14:56 1860120 ----a-w- c:\windows\system32\D3DCompiler_37.dll
2011-12-13 22:02 . 2008-03-05 14:56 1420824 ----a-w- c:\windows\SysWow64\D3DCompiler_37.dll
2011-12-13 22:02 . 2008-02-05 22:07 462864 ----a-w- c:\windows\SysWow64\d3dx10_37.dll
2011-12-13 22:02 . 2008-02-05 22:07 529424 ----a-w- c:\windows\system32\d3dx10_37.dll
2011-12-13 22:02 . 2008-03-05 14:56 4910088 ----a-w- c:\windows\system32\D3DX9_37.dll
2011-12-13 22:02 . 2008-03-05 14:56 3786760 ----a-w- c:\windows\SysWow64\D3DX9_37.dll
2011-12-13 19:32 . 2009-03-09 14:27 520544 ----a-w- c:\windows\system32\d3dx10_41.dll
2011-12-13 19:32 . 2009-03-09 14:27 2430312 ----a-w- c:\windows\system32\D3DCompiler_41.dll
2011-12-13 19:32 . 2009-03-09 14:27 5425496 ----a-w- c:\windows\system32\D3DX9_41.dll
2011-12-13 19:32 . 2009-03-09 14:27 4178264 ----a-w- c:\windows\SysWow64\D3DX9_41.dll
2011-12-13 19:17 . 2010-04-20 15:15 -------- d-----w- c:\users\martin\CER
2011-12-13 19:09 . 2008-05-05 15:55 319248 ----a-w- c:\users\martin\UPI32.dll
2011-12-13 19:09 . 2010-01-14 11:37 319248 ----a-w- c:\users\martin\UPI.dll
2011-12-13 19:09 . 2010-01-14 11:40 693096 ----a-w- c:\users\martin\SetupUi.dll
2011-12-13 19:09 . 2010-01-14 11:40 704360 ----a-w- c:\users\martin\SetupAcadUi.dll
2011-12-13 19:08 . 2010-02-10 11:48 1049312 ----a-w- c:\users\martin\PatchMgr.dll
2011-12-13 19:08 . 2009-10-29 15:18 653120 ----a-r- c:\users\martin\msvcr90.dll
2011-12-13 19:08 . 2009-10-29 15:18 569664 ----a-r- c:\users\martin\msvcp90.dll
2011-12-13 19:08 . 2009-10-29 15:18 225280 ----a-r- c:\users\martin\msvcm90.dll
2011-12-13 19:08 . 2009-06-08 12:37 3783672 ----a-r- c:\users\martin\mfc90u.dll
2011-12-13 19:07 . 2010-01-14 11:36 375128 ----a-w- c:\users\martin\MC3Res.dll
2011-12-13 19:07 . 2010-01-14 11:36 1764696 ----a-w- c:\users\martin\MC3.dll
2011-12-13 19:07 . 2010-01-14 11:40 108392 ----a-w- c:\users\martin\LiteHtml.dll
2011-12-13 19:06 . 2004-05-05 01:53 1645320 ----a-r- c:\users\martin\gdiplus.dll
2011-12-13 19:06 . 2010-02-11 18:28 532480 ----a-w- c:\users\martin\EdmUI.dll
2011-12-13 19:05 . 2010-01-14 11:40 544616 ----a-w- c:\users\martin\DeployUi.dll
2011-12-13 19:05 . 2010-01-14 11:40 85352 ----a-w- c:\users\martin\CIPUtil.dll
2011-12-13 19:01 . 2009-11-20 12:07 189800 ----a-r- c:\users\martin\adlmutil.dll
2011-12-13 19:01 . 2009-11-20 12:07 1274728 ----a-r- c:\users\martin\adlmPIT.dll
2011-12-13 19:00 . 2010-02-10 11:48 47328 ----a-w- c:\users\martin\AcSetup.dll
2011-12-13 18:59 . 2010-02-17 20:22 634792 ----a-w- c:\users\martin\AcadmUi.dll
2011-12-13 18:59 . 2010-04-20 15:14 -------- d-----w- c:\users\martin\Msi
2011-12-13 18:59 . 2010-01-14 11:40 452456 ----a-w- c:\users\martin\Setup.exe
2011-12-13 18:59 . 2010-01-14 11:36 190688 ----a-w- c:\users\martin\senddmp.exe
2011-12-13 18:59 . 2010-04-20 15:14 -------- d-----w- c:\users\martin\NLSDL
2011-12-13 18:59 . 2010-04-20 15:11 -------- d-----w- c:\users\martin\support
2011-12-13 18:57 . 2010-01-14 11:40 161640 ----a-w- c:\users\martin\AcDelTree.exe
2011-12-13 18:55 . 2010-04-20 15:14 -------- d-----w- c:\users\martin\Eula
2011-12-13 18:53 . 2010-04-20 17:42 -------- d---a-w- c:\users\martin\cs-CZ
2011-12-13 18:53 . 2010-04-20 17:41 -------- d-----w- c:\users\martin\x64
2011-12-13 18:53 . 2010-04-20 15:13 -------- d-----w- c:\users\martin\sdk
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-10 14:24 . 2011-11-03 22:05 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-12-08 09:49 . 2011-12-08 09:49 279616 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-12-05 20:24 . 2011-12-05 20:19 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-11-21 11:40 . 2011-11-03 19:45 8822856 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-11-04 00:04 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-11-04 00:04 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-11-03 08:11 . 2011-03-28 17:36 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-11-03 07:58 . 2011-11-03 07:58 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-11-03 07:58 . 2011-11-03 07:58 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-11-03 07:58 . 2011-11-03 07:58 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2011-11-03 07:58 . 2011-11-03 07:58 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2011-11-03 07:58 . 2011-11-03 07:58 76800 ----a-w- c:\windows\system32\tdc.ocx
2011-11-03 07:58 . 2011-11-03 07:58 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2011-11-03 07:58 . 2011-11-03 07:58 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2011-11-03 07:58 . 2011-11-03 07:58 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2011-11-03 07:58 . 2011-11-03 07:58 49664 ----a-w- c:\windows\system32\imgutil.dll
2011-11-03 07:58 . 2011-11-03 07:58 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2011-11-03 07:58 . 2011-11-03 07:58 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-11-03 07:58 . 2011-11-03 07:58 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-11-03 07:58 . 2011-11-03 07:58 367104 ----a-w- c:\windows\SysWow64\html.iec
2011-11-03 07:58 . 2011-11-03 07:58 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2011-11-03 07:58 . 2011-11-03 07:58 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2011-11-03 07:58 . 2011-11-03 07:58 222208 ----a-w- c:\windows\system32\msls31.dll
2011-11-03 07:58 . 2011-11-03 07:58 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2011-11-03 07:58 . 2011-11-03 07:58 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2011-11-03 07:58 . 2011-11-03 07:58 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2011-11-03 07:58 . 2011-11-03 07:58 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2011-11-03 07:58 . 2011-11-03 07:58 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2011-11-03 07:58 . 2011-11-03 07:58 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-11-03 07:58 . 2011-11-03 07:58 12288 ----a-w- c:\windows\system32\mshta.exe
2011-11-03 07:58 . 2011-11-03 07:58 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2011-11-03 07:58 . 2011-11-03 07:58 114176 ----a-w- c:\windows\system32\admparse.dll
2011-11-03 07:58 . 2011-11-03 07:58 111616 ----a-w- c:\windows\system32\iesysprep.dll
2011-11-03 07:58 . 2011-11-03 07:58 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2011-11-03 07:58 . 2011-11-03 07:58 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2011-11-03 07:58 . 2011-11-03 07:58 85504 ----a-w- c:\windows\system32\iesetup.dll
2011-11-03 07:58 . 2011-11-03 07:58 603648 ----a-w- c:\windows\system32\vbscript.dll
2011-11-03 07:58 . 2011-11-03 07:58 448512 ----a-w- c:\windows\system32\html.iec
2011-11-03 07:58 . 2011-11-03 07:58 30720 ----a-w- c:\windows\system32\licmgr10.dll
2011-11-03 07:58 . 2011-11-03 07:58 165888 ----a-w- c:\windows\system32\iexpress.exe
2011-11-03 07:58 . 2011-11-03 07:58 160256 ----a-w- c:\windows\system32\wextract.exe
2011-11-02 20:54 . 2011-11-02 20:54 917840 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{23DCB805-CB87-400C-BC1A-FFE36D1DB3E3}\gapaengine.dll
2011-10-18 01:27 . 2011-01-12 11:28 8570192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F6667373-9EEE-448F-973B-5A9C951A889D}\mpengine.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ShowBatteryBar"="c:\program files\BatteryBar\ShowBatteryBar.exe" [2009-05-28 89600]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-05-24 336384]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"PivotSoftware"="c:\program files (x86)\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe" [2010-05-13 110192]
"DT ACR"="c:\program files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe" [2011-05-26 121456]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2011-03-14 1081424]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"DisableCAD"= 1 (0x1)
"UseOEMBackground"= 0 (0x0)
"DisplayLastLogonInfo"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-11-21 1431888]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2011-03-14 352336]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2011-01-28 868224]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-24 652872]
S2 mitsijm2012;Správce úloh aplikace Autodesk Moldflow Inventor Tool Suite Integration 2012;c:\program files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe [2010-12-08 848184]
S2 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-05-05 113264]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2011-01-28 862088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files (x86)\ICQ7.7\ICQ.exe
TCP: DhcpNameServer = 147.32.127.214 147.32.127.218
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1148658234-3143656349-2246955291-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1148658234-3143656349-2246955291-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{6EF568F4-D437-4466-AA63-A3645136D93E}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]
@Denied: (A 2) (Everyone)
@="IFlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]
@="{6EF568F4-D437-4466-AA63-A3645136D93E}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
@Denied: (A 2) (Everyone)
@="IFlashBroker2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
@="{6EF568F4-D437-4466-AA63-A3645136D93E}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-01-10 21:49:42
ComboFix-quarantined-files.txt 2012-01-10 20:49
.
Před spuštěním: Volných bajtů: 374 341 165 056
Po spuštění: Volných bajtů: 373 853 782 016
.
- - End Of File - - C88A5F565812A5D96ACA8F88B2288628


----------------------------------------------------------------------------
CrystalDiskInfo 4.1.4 (C) 2008-2011 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 SP1 [6.1 Build 7601] (x64)
Date : 2012/01/10 21:54:57

-- Controller Map ----------------------------------------------------------
+ ATA Channel 0 (0) [ATA]
- WDC WD5000BPVT-22HXZT3 ATA Device
+ Standardní řadič AHCI 1.0 s rozhraním Serial ATA [ATA]
- ATA Channel 0 (0)

-- Disk List ---------------------------------------------------------------
(1) WDC WD5000BPVT-22HXZT3 : 500.1 GB [0-0-0, pd1]

----------------------------------------------------------------------------
(1) WDC WD5000BPVT-22HXZT3
----------------------------------------------------------------------------
Model : WDC WD5000BPVT-22HXZT3
Firmware : 01.01A01
Serial Number : WD-WX11E61RJ069
Disk Size : 500.1 GB (8.4/137.4/500.1)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 486 hod.
Power On Count : 367 krát
Temparature : 35 C (95 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 00FEh [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 178 176 _21 000000000812 Čas na roztočení ploten
04 100 100 __0 000000000313 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 168 __0 000000000000 Počet chybných hledání
09 100 100 __0 0000000001E6 Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C 100 100 __0 00000000016F Počet cyklů zapnutí zařízení
BF _31 _31 __0 000000000045 Počet udalostí zaznamenaných otřesovým senzorem
C0 200 200 __0 000000000015 Počet vypnutí disku
C1 192 192 __0 0000000064AD Počet cyklů načítání/vymazání
C2 112 107 __0 000000000023 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 42 7A 3F FF C8 37 00 10 00 00 00 00 00 3F 00 00
010: 00 00 00 00 20 20 20 20 20 57 44 2D 57 58 31 31
020: 45 36 31 52 4A 30 36 39 00 00 40 00 00 32 30 31
030: 2E 30 31 41 30 31 57 44 43 20 57 44 35 30 30 30
040: 42 50 56 54 2D 32 32 48 58 5A 54 33 20 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 80 10
060: 00 00 2F 00 40 01 00 00 00 00 00 07 3F FF 00 10
070: 00 3F FC 10 00 FB 01 10 FF FF 0F FF 00 00 00 07
080: 00 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00
090: 00 00 00 00 00 00 00 1F 1F 06 00 00 00 4C 00 40
0A0: 01 FE 00 00 74 6B 7D 09 61 23 74 69 BC 09 61 23
0B0: 20 7F 00 3C 00 3C 00 FE FF FE 00 00 00 00 00 00
0C0: 00 00 00 00 00 00 00 00 60 30 3A 38 00 00 00 00
0D0: 00 00 00 00 60 03 00 00 50 01 4E E2 B1 04 F6 5B
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 18
0F0: 40 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 29 00 00 00 00 00 00 00 00 16 FE 01 2D 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 70 35 00 00
1A0: 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 15 18 00 00 00 00 00 00 00 00 10 1E 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 01 10 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 D5 A5

Obojí je OK. Udělejte ještě sken TDSSKillerem: http://support.kaspersky.com/downloads/ ... killer.zip a dejte log. Stažený soubor rozbalte na plochu, spusťte a nechte pracovat. Po skončení dejte log.

22:40:53.0023 3184 TDSS rootkit removing tool 2.7.0.0 Jan 10 2012 09:14:26
22:40:53.0258 3184 ============================================================
22:40:53.0261 3184 Current date / time: 2012/01/10 22:40:53.0258
22:40:53.0261 3184 SystemInfo:
22:40:53.0261 3184
22:40:53.0261 3184 OS Version: 6.1.7601 ServicePack: 1.0
22:40:53.0261 3184 Product type: Workstation
22:40:53.0261 3184 ComputerName: ONE722
22:40:53.0261 3184 UserName: martin
22:40:53.0261 3184 Windows directory: C:\Windows
22:40:53.0261 3184 System windows directory: C:\Windows
22:40:53.0261 3184 Running under WOW64
22:40:53.0261 3184 Processor architecture: Intel x64
22:40:53.0261 3184 Number of processors: 2
22:40:53.0261 3184 Page size: 0x1000
22:40:53.0261 3184 Boot type: Normal boot
22:40:53.0261 3184 ============================================================
22:40:55.0257 3184 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000, SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K', Flags 0x00000040
22:40:55.0335 3184 Initialize success
22:41:01.0840 0508 ============================================================
22:41:01.0840 0508 Scan started
22:41:01.0840 0508 Mode: Manual;
22:41:01.0840 0508 ============================================================
22:41:03.0073 0508 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
22:41:03.0073 0508 1394ohci - ok
22:41:03.0135 0508 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
22:41:03.0151 0508 ACPI - ok
22:41:03.0197 0508 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
22:41:03.0197 0508 AcpiPmi - ok
22:41:03.0291 0508 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
22:41:03.0291 0508 adp94xx - ok
22:41:03.0322 0508 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
22:41:03.0322 0508 adpahci - ok
22:41:03.0338 0508 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
22:41:03.0353 0508 adpu320 - ok
22:41:03.0431 0508 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
22:41:03.0431 0508 AFD - ok
22:41:03.0494 0508 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
22:41:03.0494 0508 agp440 - ok
22:41:03.0525 0508 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
22:41:03.0525 0508 aliide - ok
22:41:03.0572 0508 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
22:41:03.0572 0508 amdide - ok
22:41:03.0650 0508 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
22:41:03.0650 0508 AmdK8 - ok
22:41:03.0946 0508 amdkmdag (9a4b92150a5e259a7159d914cc3a60d7) C:\Windows\system32\DRIVERS\atikmdag.sys
22:41:04.0055 0508 amdkmdag - ok
22:41:04.0118 0508 amdkmdap (9deb889d152f9c9dba98be8986084535) C:\Windows\system32\DRIVERS\atikmpag.sys
22:41:04.0118 0508 amdkmdap - ok
22:41:04.0180 0508 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
22:41:04.0180 0508 AmdPPM - ok
22:41:04.0243 0508 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
22:41:04.0243 0508 amdsata - ok
22:41:04.0274 0508 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
22:41:04.0274 0508 amdsbs - ok
22:41:04.0321 0508 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
22:41:04.0321 0508 amdxata - ok
22:41:04.0445 0508 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
22:41:04.0445 0508 AppID - ok
22:41:04.0555 0508 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
22:41:04.0555 0508 arc - ok
22:41:04.0570 0508 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
22:41:04.0570 0508 arcsas - ok
22:41:04.0633 0508 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
22:41:04.0633 0508 AsyncMac - ok
22:41:04.0679 0508 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
22:41:04.0679 0508 atapi - ok
22:41:04.0726 0508 AtiHDAudioService (cbd14f698def12ee3557604b726cb8eb) C:\Windows\system32\drivers\AtihdW76.sys
22:41:04.0742 0508 AtiHDAudioService - ok
22:41:04.0835 0508 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
22:41:04.0835 0508 b06bdrv - ok
22:41:04.0882 0508 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
22:41:04.0882 0508 b57nd60a - ok
22:41:05.0069 0508 BCM43XX (85111026f1c5a1c4cce3697f0da7bc1a) C:\Windows\system32\DRIVERS\bcmwl664.sys
22:41:05.0132 0508 BCM43XX - ok
22:41:05.0179 0508 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
22:41:05.0179 0508 Beep - ok
22:41:05.0225 0508 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
22:41:05.0225 0508 blbdrive - ok
22:41:05.0272 0508 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
22:41:05.0272 0508 bowser - ok
22:41:05.0303 0508 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:41:05.0303 0508 BrFiltLo - ok
22:41:05.0319 0508 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:41:05.0319 0508 BrFiltUp - ok
22:41:05.0381 0508 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
22:41:05.0381 0508 BridgeMP - ok
22:41:05.0413 0508 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
22:41:05.0428 0508 Brserid - ok
22:41:05.0444 0508 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
22:41:05.0444 0508 BrSerWdm - ok
22:41:05.0459 0508 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
22:41:05.0459 0508 BrUsbMdm - ok
22:41:05.0475 0508 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
22:41:05.0491 0508 BrUsbSer - ok
22:41:05.0553 0508 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
22:41:05.0569 0508 BthEnum - ok
22:41:05.0584 0508 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
22:41:05.0584 0508 BTHMODEM - ok
22:41:05.0615 0508 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
22:41:05.0631 0508 BthPan - ok
22:41:05.0693 0508 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
22:41:05.0693 0508 BTHPORT - ok
22:41:05.0725 0508 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
22:41:05.0740 0508 BTHUSB - ok
22:41:05.0803 0508 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
22:41:05.0803 0508 cdfs - ok
22:41:05.0881 0508 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
22:41:05.0881 0508 cdrom - ok
22:41:05.0943 0508 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
22:41:05.0943 0508 circlass - ok
22:41:06.0005 0508 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
22:41:06.0021 0508 CLFS - ok
22:41:06.0177 0508 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
22:41:06.0177 0508 CmBatt - ok
22:41:06.0224 0508 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
22:41:06.0224 0508 cmdide - ok
22:41:06.0286 0508 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
22:41:06.0286 0508 CNG - ok
22:41:06.0364 0508 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
22:41:06.0364 0508 Compbatt - ok
22:41:06.0473 0508 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
22:41:06.0473 0508 CompositeBus - ok
22:41:06.0551 0508 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
22:41:06.0551 0508 crcdisk - ok
22:41:06.0614 0508 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
22:41:06.0629 0508 CSC - ok
22:41:06.0692 0508 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
22:41:06.0707 0508 DfsC - ok
22:41:06.0754 0508 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
22:41:06.0754 0508 discache - ok
22:41:06.0785 0508 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
22:41:06.0785 0508 Disk - ok
22:41:06.0863 0508 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
22:41:06.0863 0508 drmkaud - ok
22:41:06.0941 0508 dtsoftbus01 (400582b09e0bb557d0ec28a945150eeb) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
22:41:06.0941 0508 dtsoftbus01 - ok
22:41:07.0129 0508 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
22:41:07.0144 0508 DXGKrnl - ok
22:41:07.0519 0508 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
22:41:07.0550 0508 ebdrv - ok
22:41:07.0643 0508 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
22:41:07.0659 0508 elxstor - ok
22:41:07.0721 0508 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
22:41:07.0721 0508 ErrDev - ok
22:41:07.0846 0508 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
22:41:07.0846 0508 exfat - ok
22:41:07.0862 0508 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
22:41:07.0862 0508 fastfat - ok
22:41:07.0909 0508 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
22:41:07.0909 0508 fdc - ok
22:41:07.0955 0508 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
22:41:07.0955 0508 FileInfo - ok
22:41:07.0987 0508 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
22:41:07.0987 0508 Filetrace - ok
22:41:08.0065 0508 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
22:41:08.0065 0508 flpydisk - ok
22:41:08.0111 0508 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
22:41:08.0127 0508 FltMgr - ok
22:41:08.0174 0508 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
22:41:08.0174 0508 FsDepends - ok
22:41:08.0221 0508 fssfltr (dc0dce4ec2c5d2cf6472f9fd6aa9a7dc) C:\Windows\system32\DRIVERS\fssfltr.sys
22:41:08.0221 0508 fssfltr - ok
22:41:08.0252 0508 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
22:41:08.0252 0508 Fs_Rec - ok
22:41:08.0314 0508 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
22:41:08.0314 0508 fvevol - ok
22:41:08.0377 0508 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
22:41:08.0377 0508 gagp30kx - ok
22:41:08.0439 0508 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
22:41:08.0439 0508 hcw85cir - ok
22:41:08.0579 0508 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
22:41:08.0579 0508 HdAudAddService - ok
22:41:08.0626 0508 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
22:41:08.0626 0508 HDAudBus - ok
22:41:08.0704 0508 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
22:41:08.0704 0508 HidBatt - ok
22:41:08.0720 0508 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
22:41:08.0735 0508 HidBth - ok
22:41:08.0751 0508 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
22:41:08.0751 0508 HidIr - ok
22:41:08.0845 0508 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
22:41:08.0845 0508 HidUsb - ok
22:41:08.0907 0508 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
22:41:08.0907 0508 HpSAMD - ok
22:41:08.0954 0508 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
22:41:08.0969 0508 HTTP - ok
22:41:09.0047 0508 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
22:41:09.0047 0508 hwpolicy - ok
22:41:09.0110 0508 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
22:41:09.0110 0508 i8042prt - ok
22:41:09.0172 0508 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
22:41:09.0172 0508 iaStorV - ok
22:41:09.0250 0508 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
22:41:09.0250 0508 iirsp - ok
22:41:09.0313 0508 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
22:41:09.0313 0508 intelide - ok
22:41:09.0375 0508 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
22:41:09.0375 0508 intelppm - ok
22:41:09.0437 0508 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:41:09.0437 0508 IpFilterDriver - ok
22:41:09.0469 0508 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
22:41:09.0484 0508 IPMIDRV - ok
22:41:09.0547 0508 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
22:41:09.0547 0508 IPNAT - ok
22:41:09.0578 0508 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
22:41:09.0593 0508 IRENUM - ok
22:41:09.0609 0508 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
22:41:09.0625 0508 isapnp - ok
22:41:09.0656 0508 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
22:41:09.0671 0508 iScsiPrt - ok
22:41:09.0703 0508 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
22:41:09.0703 0508 kbdclass - ok
22:41:09.0765 0508 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
22:41:09.0765 0508 kbdhid - ok
22:41:09.0827 0508 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
22:41:09.0827 0508 KSecDD - ok
22:41:09.0874 0508 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
22:41:09.0874 0508 KSecPkg - ok
22:41:09.0983 0508 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
22:41:09.0983 0508 ksthunk - ok
22:41:10.0139 0508 L1C (6dd5383c9413aae3113faf89e345663d) C:\Windows\system32\DRIVERS\L1C62x64.sys
22:41:10.0139 0508 L1C - ok
22:41:10.0217 0508 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
22:41:10.0217 0508 lltdio - ok
22:41:10.0280 0508 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
22:41:10.0280 0508 LSI_FC - ok
22:41:10.0311 0508 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
22:41:10.0311 0508 LSI_SAS - ok
22:41:10.0327 0508 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:41:10.0327 0508 LSI_SAS2 - ok
22:41:10.0342 0508 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:41:10.0358 0508 LSI_SCSI - ok
22:41:10.0389 0508 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
22:41:10.0389 0508 luafv - ok
22:41:10.0467 0508 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
22:41:10.0467 0508 MBAMProtector - ok
22:41:10.0498 0508 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
22:41:10.0514 0508 megasas - ok
22:41:10.0529 0508 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
22:41:10.0529 0508 MegaSR - ok
22:41:10.0592 0508 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
22:41:10.0607 0508 Modem - ok
22:41:10.0701 0508 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
22:41:10.0701 0508 monitor - ok
22:41:10.0779 0508 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
22:41:10.0779 0508 mouclass - ok
22:41:10.0888 0508 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
22:41:10.0888 0508 mouhid - ok
22:41:10.0935 0508 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
22:41:10.0935 0508 mountmgr - ok
22:41:10.0997 0508 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
22:41:10.0997 0508 MpFilter - ok
22:41:11.0044 0508 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
22:41:11.0044 0508 mpio - ok
22:41:11.0091 0508 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
22:41:11.0091 0508 MpNWMon - ok
22:41:11.0138 0508 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
22:41:11.0138 0508 mpsdrv - ok
22:41:11.0200 0508 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
22:41:11.0200 0508 MRxDAV - ok
22:41:11.0247 0508 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:41:11.0247 0508 mrxsmb - ok
22:41:11.0278 0508 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:41:11.0278 0508 mrxsmb10 - ok
22:41:11.0309 0508 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:41:11.0325 0508 mrxsmb20 - ok
22:41:11.0387 0508 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
22:41:11.0387 0508 msahci - ok
22:41:11.0450 0508 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
22:41:11.0450 0508 msdsm - ok
22:41:11.0512 0508 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
22:41:11.0528 0508 Msfs - ok
22:41:11.0575 0508 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
22:41:11.0575 0508 mshidkmdf - ok
22:41:11.0606 0508 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
22:41:11.0606 0508 msisadrv - ok
22:41:11.0653 0508 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
22:41:11.0653 0508 MSKSSRV - ok
22:41:11.0699 0508 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
22:41:11.0715 0508 MSPCLOCK - ok
22:41:11.0731 0508 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
22:41:11.0731 0508 MSPQM - ok
22:41:11.0777 0508 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
22:41:11.0777 0508 MsRPC - ok
22:41:11.0824 0508 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
22:41:11.0824 0508 mssmbios - ok
22:41:11.0871 0508 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
22:41:11.0871 0508 MSTEE - ok
22:41:11.0902 0508 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
22:41:11.0902 0508 MTConfig - ok
22:41:11.0933 0508 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
22:41:11.0933 0508 Mup - ok
22:41:11.0996 0508 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
22:41:11.0996 0508 NativeWifiP - ok
22:41:12.0058 0508 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
22:41:12.0074 0508 NDIS - ok
22:41:12.0136 0508 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
22:41:12.0136 0508 NdisCap - ok
22:41:12.0199 0508 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
22:41:12.0199 0508 NdisTapi - ok
22:41:12.0261 0508 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
22:41:12.0277 0508 Ndisuio - ok
22:41:12.0323 0508 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
22:41:12.0323 0508 NdisWan - ok
22:41:12.0355 0508 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
22:41:12.0355 0508 NDProxy - ok
22:41:12.0417 0508 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
22:41:12.0417 0508 NetBIOS - ok
22:41:12.0479 0508 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
22:41:12.0479 0508 NetBT - ok
22:41:12.0823 0508 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
22:41:12.0823 0508 nfrd960 - ok
22:41:13.0010 0508 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
22:41:13.0025 0508 NisDrv - ok
22:41:13.0228 0508 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
22:41:13.0228 0508 Npfs - ok
22:41:13.0291 0508 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
22:41:13.0291 0508 nsiproxy - ok
22:41:13.0431 0508 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
22:41:13.0462 0508 Ntfs - ok
22:41:13.0649 0508 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
22:41:13.0649 0508 Null - ok
22:41:13.0899 0508 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
22:41:13.0899 0508 nvraid - ok
22:41:13.0993 0508 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
22:41:13.0993 0508 nvstor - ok
22:41:14.0149 0508 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
22:41:14.0164 0508 nv_agp - ok
22:41:14.0476 0508 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
22:41:14.0492 0508 ohci1394 - ok
22:41:14.0710 0508 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
22:41:14.0710 0508 Parport - ok
22:41:14.0960 0508 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
22:41:14.0960 0508 partmgr - ok
22:41:15.0256 0508 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
22:41:15.0256 0508 pci - ok
22:41:15.0475 0508 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
22:41:15.0475 0508 pciide - ok
22:41:15.0771 0508 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
22:41:15.0771 0508 pcmcia - ok
22:41:15.0974 0508 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
22:41:15.0989 0508 pcw - ok
22:41:16.0192 0508 PdiPorts (078f0efd66613a2f4c47fdb4092d772d) C:\Windows\system32\DRIVERS\PdiPorts.sys
22:41:16.0208 0508 PdiPorts - ok
22:41:16.0567 0508 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
22:41:16.0582 0508 PEAUTH - ok
22:41:16.0879 0508 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
22:41:16.0879 0508 PptpMiniport - ok
22:41:17.0175 0508 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
22:41:17.0175 0508 Processor - ok
22:41:17.0409 0508 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
22:41:17.0409 0508 Psched - ok
22:41:17.0549 0508 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
22:41:17.0565 0508 ql2300 - ok
22:41:17.0721 0508 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
22:41:17.0721 0508 ql40xx - ok
22:41:17.0955 0508 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
22:41:17.0955 0508 QWAVEdrv - ok
22:41:18.0033 0508 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
22:41:18.0033 0508 RasAcd - ok
22:41:18.0189 0508 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
22:41:18.0189 0508 RasAgileVpn - ok
22:41:18.0345 0508 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:41:18.0361 0508 Rasl2tp - ok
22:41:18.0688 0508 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
22:41:18.0688 0508 RasPppoe - ok
22:41:18.0907 0508 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
22:41:18.0907 0508 RasSstp - ok
22:41:19.0156 0508 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
22:41:19.0172 0508 rdbss - ok
22:41:19.0515 0508 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
22:41:19.0515 0508 rdpbus - ok
22:41:19.0718 0508 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:41:19.0718 0508 RDPCDD - ok
22:41:19.0967 0508 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
22:41:19.0967 0508 RDPDR - ok
22:41:20.0186 0508 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
22:41:20.0186 0508 RDPENCDD - ok
22:41:20.0264 0508 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
22:41:20.0264 0508 RDPREFMP - ok
22:41:20.0342 0508 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
22:41:20.0342 0508 RDPWD - ok
22:41:20.0576 0508 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
22:41:20.0591 0508 rdyboost - ok
22:41:20.0872 0508 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
22:41:20.0872 0508 RFCOMM - ok
22:41:21.0122 0508 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
22:41:21.0122 0508 rspndr - ok
22:41:21.0449 0508 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
22:41:21.0465 0508 s3cap - ok
22:41:21.0683 0508 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
22:41:21.0699 0508 sbp2port - ok
22:41:21.0917 0508 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
22:41:21.0917 0508 scfilter - ok
22:41:22.0198 0508 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
22:41:22.0198 0508 secdrv - ok
22:41:22.0479 0508 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
22:41:22.0479 0508 Serenum - ok
22:41:22.0775 0508 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
22:41:22.0775 0508 Serial - ok
22:41:23.0025 0508 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
22:41:23.0025 0508 sermouse - ok
22:41:23.0306 0508 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
22:41:23.0306 0508 sffdisk - ok
22:41:23.0540 0508 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
22:41:23.0540 0508 sffp_mmc - ok
22:41:23.0758 0508 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
22:41:23.0758 0508 sffp_sd - ok
22:41:24.0086 0508 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
22:41:24.0086 0508 sfloppy - ok
22:41:24.0320 0508 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:41:24.0320 0508 SiSRaid2 - ok
22:41:24.0585 0508 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
22:41:24.0585 0508 SiSRaid4 - ok
22:41:24.0835 0508 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
22:41:24.0835 0508 Smb - ok
22:41:25.0053 0508 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
22:41:25.0053 0508 spldr - ok
22:41:25.0271 0508 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
22:41:25.0271 0508 srv - ok
22:41:25.0412 0508 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
22:41:25.0412 0508 srv2 - ok
22:41:25.0537 0508 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
22:41:25.0537 0508 srvnet - ok
22:41:25.0755 0508 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
22:41:25.0755 0508 stexstor - ok
22:41:26.0051 0508 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
22:41:26.0051 0508 storflt - ok
22:41:26.0114 0508 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
22:41:26.0114 0508 storvsc - ok
22:41:26.0176 0508 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
22:41:26.0176 0508 swenum - ok
22:41:26.0348 0508 SynTP (02364d8be46a51361b0905736c3f7438) C:\Windows\system32\DRIVERS\SynTP.sys
22:41:26.0363 0508 SynTP - ok
22:41:26.0722 0508 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
22:41:26.0738 0508 Tcpip - ok
22:41:26.0972 0508 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
22:41:26.0987 0508 TCPIP6 - ok
22:41:27.0175 0508 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
22:41:27.0175 0508 tcpipreg - ok
22:41:27.0284 0508 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
22:41:27.0284 0508 TDPIPE - ok
22:41:27.0331 0508 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
22:41:27.0331 0508 TDTCP - ok
22:41:27.0409 0508 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
22:41:27.0409 0508 tdx - ok
22:41:27.0487 0508 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
22:41:27.0487 0508 TermDD - ok
22:41:27.0658 0508 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:41:27.0674 0508 tssecsrv - ok
22:41:27.0877 0508 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
22:41:27.0877 0508 TsUsbFlt - ok
22:41:28.0111 0508 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
22:41:28.0111 0508 tunnel - ok
22:41:28.0313 0508 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
22:41:28.0313 0508 uagp35 - ok
22:41:28.0532 0508 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
22:41:28.0532 0508 udfs - ok
22:41:28.0781 0508 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
22:41:28.0781 0508 uliagpkx - ok
22:41:29.0000 0508 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
22:41:29.0000 0508 umbus - ok
22:41:29.0203 0508 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
22:41:29.0203 0508 UmPass - ok
22:41:29.0717 0508 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
22:41:29.0733 0508 usbccgp - ok
22:41:30.0045 0508 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
22:41:30.0045 0508 usbcir - ok
22:41:30.0248 0508 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
22:41:30.0248 0508 usbehci - ok
22:41:30.0497 0508 usbfilter (76e2ffad301490ba27b947c6507752fb) C:\Windows\system32\DRIVERS\usbfilter.sys
22:41:30.0497 0508 usbfilter - ok
22:41:30.0778 0508 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
22:41:30.0778 0508 usbhub - ok
22:41:30.0981 0508 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
22:41:30.0997 0508 usbohci - ok
22:41:31.0199 0508 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
22:41:31.0199 0508 usbprint - ok
22:41:31.0496 0508 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:41:31.0496 0508 USBSTOR - ok
22:41:31.0667 0508 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
22:41:31.0667 0508 usbuhci - ok
22:41:31.0870 0508 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
22:41:31.0870 0508 usbvideo - ok
22:41:32.0089 0508 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
22:41:32.0089 0508 vdrvroot - ok
22:41:32.0307 0508 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
22:41:32.0307 0508 vga - ok
22:41:32.0354 0508 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
22:41:32.0369 0508 VgaSave - ok
22:41:32.0494 0508 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
22:41:32.0510 0508 vhdmp - ok
22:41:32.0603 0508 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
22:41:32.0603 0508 viaide - ok
22:41:32.0681 0508 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
22:41:32.0681 0508 vmbus - ok
22:41:32.0791 0508 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
22:41:32.0791 0508 VMBusHID - ok
22:41:32.0869 0508 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
22:41:32.0869 0508 volmgr - ok
22:41:32.0962 0508 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
22:41:32.0978 0508 volmgrx - ok
22:41:33.0087 0508 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
22:41:33.0087 0508 volsnap - ok
22:41:33.0274 0508 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
22:41:33.0274 0508 vsmraid - ok
22:41:33.0368 0508 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
22:41:33.0368 0508 vwifibus - ok
22:41:33.0508 0508 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
22:41:33.0524 0508 vwififlt - ok
22:41:33.0680 0508 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
22:41:33.0680 0508 WacomPen - ok
22:41:33.0898 0508 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
22:41:33.0898 0508 WANARP - ok
22:41:33.0914 0508 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
22:41:33.0929 0508 Wanarpv6 - ok
22:41:34.0179 0508 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
22:41:34.0179 0508 Wd - ok
22:41:34.0319 0508 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
22:41:34.0335 0508 Wdf01000 - ok
22:41:34.0569 0508 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
22:41:34.0569 0508 WfpLwf - ok
22:41:34.0647 0508 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
22:41:34.0647 0508 WIMMount - ok
22:41:34.0928 0508 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
22:41:34.0928 0508 WmiAcpi - ok
22:41:35.0162 0508 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
22:41:35.0162 0508 ws2ifsl - ok
22:41:35.0287 0508 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
22:41:35.0287 0508 WudfPf - ok
22:41:35.0458 0508 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:41:35.0474 0508 WUDFRd - ok
22:41:35.0552 0508 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
22:41:35.0614 0508 \Device\Harddisk0\DR0 - ok
22:41:35.0630 0508 Boot (0x1200) (fce05034299af8c66c30babf0f1d3b0a) \Device\Harddisk0\DR0\Partition0
22:41:35.0630 0508 \Device\Harddisk0\DR0\Partition0 - ok
22:41:35.0645 0508 Boot (0x1200) (8fc5f30a7a99264d391648a46ae06f15) \Device\Harddisk0\DR0\Partition1
22:41:35.0645 0508 \Device\Harddisk0\DR0\Partition1 - ok
22:41:35.0645 0508 ============================================================
22:41:35.0645 0508 Scan finished
22:41:35.0645 0508 ============================================================
22:41:35.0677 0652 Detected object count: 0
22:41:35.0677 0652 Actual detected object count: 0

I toto je OK. Lze konstatovat, že v NB viry nemáte. Ještě bych zkusil opravu systému z instal. média a pokud by to nevedlo ke změně, reklamoval bych. Podle prov. hodin je NB celkem nový, že?

Ano, celkem nový, ovšem už po jedné reklamaci, kdy neběžel přímo po koupi - taky HDD. Po několika pokusech včetně dnešního rána nastartoval normálně, takže nemám jistotu uznání reklamace, budu muset zjistit za jakých okolností přesně se nechytá. Ale tím už nechci obtěžovat, to sem již nepatří, díky moc za pomoc, při nejhorším to byla preventivní kontrola, která taky není k zahození.

Nemáte zač!