VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

rootkit

https://forum.viry.cz:443/viewtopic.php?t=118879

Stránka 1 z 1

rootkit

Napsal: 17 led 2012 10:00
od Kopi
Prosím o pomoc, Avast neustále nachází rootkit.

Děkuji Kopi

Přikládám logy:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Štika at 2012-01-17 09:46:57
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 171 GB (72%) free of 238 GB
Total RAM: 1015 MB (29% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 09:47:26, on 17.1.2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Štika\Downloads\RSIT.exe
C:\Program Files\trend micro\Štika.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:18810
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe

--
End of file - 3308 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GlaryInitialize.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3883138670-2453589089-1278835916-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3883138670-2453589089-1278835916-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-24 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-05-28 35840]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-02-11 141848]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2008-03-11 689488]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2009-04-13 2387968]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-02-11 204800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2012-01-17 09:46:57 ----D---- C:\rsit
2012-01-16 14:51:23 ----SD---- C:\uninstall8071u
2012-01-16 14:48:04 ----SD---- C:\32788R22FWJFW
2012-01-16 14:34:29 ----A---- C:\ComboFix.txt
2012-01-16 14:21:26 ----D---- C:\$RECYCLE.BIN
2012-01-16 13:35:28 ----A---- C:\Windows\NIRCMD.exe
2012-01-16 13:34:46 ----D---- C:\Windows\ERDNT
2012-01-16 13:34:16 ----D---- C:\ComboFix
2012-01-16 13:21:57 ----A---- C:\Windows\system32\wininet.dll
2012-01-16 13:21:57 ----A---- C:\Windows\system32\urlmon.dll
2012-01-16 13:21:57 ----A---- C:\Windows\system32\msrating.dll
2012-01-16 13:21:57 ----A---- C:\Windows\system32\msls31.dll
2012-01-16 13:21:57 ----A---- C:\Windows\system32\jsproxy.dll
2012-01-16 13:21:57 ----A---- C:\Windows\system32\iertutil.dll
2012-01-16 13:21:56 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2012-01-16 13:21:56 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2012-01-16 13:21:56 ----A---- C:\Windows\system32\mshtmler.dll
2012-01-16 13:21:56 ----A---- C:\Windows\system32\ieui.dll
2012-01-16 13:21:56 ----A---- C:\Windows\system32\iesysprep.dll
2012-01-16 13:21:56 ----A---- C:\Windows\system32\ieframe.dll
2012-01-16 13:21:56 ----A---- C:\Windows\system32\dxtrans.dll
2012-01-16 13:21:56 ----A---- C:\Windows\system32\dxtmsft.dll
2012-01-16 13:21:55 ----A---- C:\Windows\system32\wextract.exe
2012-01-16 13:21:55 ----A---- C:\Windows\system32\webcheck.dll
2012-01-16 13:21:55 ----A---- C:\Windows\system32\vbscript.dll
2012-01-16 13:21:55 ----A---- C:\Windows\system32\url.dll
2012-01-16 13:21:55 ----A---- C:\Windows\system32\mshtmled.dll
2012-01-16 13:21:55 ----A---- C:\Windows\system32\msfeeds.dll
2012-01-16 13:21:55 ----A---- C:\Windows\system32\licmgr10.dll
2012-01-16 13:21:55 ----A---- C:\Windows\system32\inseng.dll
2012-01-16 13:21:55 ----A---- C:\Windows\system32\iexpress.exe
2012-01-16 13:21:55 ----A---- C:\Windows\system32\iesetup.dll
2012-01-16 13:21:55 ----A---- C:\Windows\system32\iernonce.dll
2012-01-16 13:21:55 ----A---- C:\Windows\system32\iedkcs32.dll
2012-01-16 13:21:55 ----A---- C:\Windows\system32\ieapfltr.dll
2012-01-16 13:21:55 ----A---- C:\Windows\system32\ieapfltr.dat
2012-01-16 13:21:55 ----A---- C:\Windows\system32\ie4uinit.exe
2012-01-16 13:21:55 ----A---- C:\Windows\system32\icardie.dll
2012-01-16 13:21:54 ----A---- C:\Windows\system32\pngfilt.dll
2012-01-16 13:21:54 ----A---- C:\Windows\system32\occache.dll
2012-01-16 13:21:54 ----A---- C:\Windows\system32\mshtml.dll
2012-01-16 13:21:54 ----A---- C:\Windows\system32\mshta.exe
2012-01-16 13:21:54 ----A---- C:\Windows\system32\jscript9.dll
2012-01-16 13:21:54 ----A---- C:\Windows\system32\jscript.dll
2012-01-16 13:21:54 ----A---- C:\Windows\system32\imgutil.dll
2012-01-16 13:21:54 ----A---- C:\Windows\system32\ieUnatt.exe
2012-01-16 13:21:54 ----A---- C:\Windows\system32\iepeers.dll
2012-01-16 13:21:54 ----A---- C:\Windows\system32\ieakui.dll
2012-01-16 13:21:54 ----A---- C:\Windows\system32\ieaksie.dll
2012-01-16 13:21:54 ----A---- C:\Windows\system32\advpack.dll
2012-01-16 13:21:54 ----A---- C:\Windows\system32\admparse.dll
2012-01-16 13:21:53 ----A---- C:\Windows\system32\msfeedssync.exe
2012-01-16 13:21:53 ----A---- C:\Windows\system32\msfeedsbs.dll
2012-01-16 13:21:53 ----A---- C:\Windows\system32\ieakeng.dll
2012-01-16 13:21:53 ----A---- C:\Windows\system32\IEAdvpack.dll
2012-01-11 23:13:34 ----A---- C:\Windows\system32\packager.dll
2012-01-11 23:13:32 ----A---- C:\Windows\system32\winmm.dll
2012-01-11 23:13:32 ----A---- C:\Windows\system32\mciseq.dll
2012-01-11 23:13:30 ----A---- C:\Windows\system32\ntdll.dll
2012-01-11 23:13:29 ----A---- C:\Windows\system32\winsrv.dll
2012-01-11 23:13:25 ----A---- C:\Windows\system32\quartz.dll
2012-01-11 23:13:25 ----A---- C:\Windows\system32\qdvd.dll

======List of files/folders modified in the last 1 month======

2012-01-17 09:47:26 ----D---- C:\Program Files\trend micro
2012-01-17 09:47:11 ----D---- C:\Windows\Prefetch
2012-01-17 09:45:37 ----D---- C:\Windows\temp
2012-01-17 09:45:37 ----D---- C:\Windows
2012-01-17 09:45:20 ----D---- C:\Windows\inf
2012-01-17 09:17:12 ----SHD---- C:\System Volume Information
2012-01-16 14:49:22 ----D---- C:\Windows\system32\drivers
2012-01-16 14:47:28 ----D---- C:\Windows\pss
2012-01-16 14:45:10 ----D---- C:\Windows\Panther
2012-01-16 14:45:05 ----D---- C:\Windows\Minidump
2012-01-16 14:45:05 ----D---- C:\Windows\Logs
2012-01-16 14:45:05 ----D---- C:\Windows\Debug
2012-01-16 14:44:36 ----D---- C:\Program Files\CCleaner
2012-01-16 14:21:53 ----A---- C:\Windows\system.ini
2012-01-16 14:21:07 ----D---- C:\Windows\system32\drivers\etc
2012-01-16 14:19:58 ----D---- C:\ProgramData
2012-01-16 14:14:55 ----D---- C:\Windows\System32
2012-01-16 14:07:37 ----D---- C:\Windows\AppPatch
2012-01-16 14:07:34 ----D---- C:\Program Files\Common Files
2012-01-16 13:53:50 ----D---- C:\Windows\rescache
2012-01-16 13:24:40 ----D---- C:\Windows\system32\cs-CZ
2012-01-16 13:24:39 ----RD---- C:\Windows\Offline Web Pages
2012-01-16 13:24:39 ----D---- C:\Windows\system32\wbem
2012-01-16 13:24:39 ----D---- C:\Windows\system32\migration
2012-01-16 13:24:39 ----D---- C:\Windows\system32\en-US
2012-01-16 13:24:39 ----D---- C:\Windows\PolicyDefinitions
2012-01-16 13:24:39 ----D---- C:\Program Files\Internet Explorer
2012-01-16 13:24:38 ----SD---- C:\Windows\Downloaded Program Files
2012-01-16 13:22:50 ----D---- C:\Windows\winsxs
2012-01-16 13:22:46 ----D---- C:\Windows\system32\catroot
2012-01-16 13:22:45 ----D---- C:\Windows\system32\catroot2
2012-01-16 13:22:04 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-01-16 13:18:10 ----SHD---- C:\Windows\Installer
2012-01-16 13:18:08 ----D---- C:\Program Files\Microsoft Office
2012-01-13 12:06:00 ----D---- C:\Windows\Resources
2012-01-13 11:40:20 ----D---- C:\Windows\Microsoft.NET
2012-01-13 11:34:11 ----RSD---- C:\Windows\assembly
2012-01-12 13:37:07 ----A---- C:\Windows\system32\mrt.exe
2012-01-12 13:36:07 ----D---- C:\Program Files\Windows Mail

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-11-28 34392]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-11-28 435032]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-11-28 314456]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-11-28 52952]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-11-28 20568]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-11-28 55128]
R2 BrPar;BrPar; C:\Windows\System32\drivers\BrPar.sys [2000-07-24 19537]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-11 2302976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-04-23 1769952]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-02 44544]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 Dot4;Ovladač MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 131584]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 36864]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-11 2302976]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 PCAlertDriver;PCAlertDriver; \??\C:\PROGRA~1\MSI\MSIWDev\NTGLM7X.sys [2006-06-07 27648]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-11-28 44768]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-04-13 73728]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2008-01-22 275752]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------


info.txt logfile of random's system information tool 1.09 2012-01-17 09:47:31

======Uninstall list======

Update for Microsoft Office 2007 (KB2508958)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
-->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 7.0.5 - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-A70500000002}
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {0A1FAC46-B899-421D-B1A2-470896DC45DB}
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {E68DD413-B834-4923-8181-0A03B7555187}
ArcSoft PhotoStudio 5.5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{85309D89-7BE9-4094-BB17-24999C6118FC}\SETUP.EXE" -l0x9
avast! Free Antivirus-->C:\Program Files\Alwil Software\Avast5\aswRunDll.exe "C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll" RunSetup
Brother HL-2030-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7A0B78E6-74C6-4F7B-A85F-48320459024B}\SETUP.exe" -l0x5 -removeonly /uninst
Canon MP Navigator EX 2.0-->"C:\Program Files\Canon\MP Navigator EX 2.0\Maint.exe" /UninstallRemove C:\Program Files\Canon\MP Navigator EX 2.0\uninst.ini
Canon Utilities Solution Menu-->C:\Program Files\Canon\SolutionMenu\uninst.exe uninst.ini
CanoScan LiDE 100 Scanner Driver-->"C:\Windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2413\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2413 /L0x0005
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Ciko-kalk-->"C:\Program Files\CIKO-kal.komíny\unins000.exe"
DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe"
Exact Audio Copy 0.99pb1-->C:\Program Files\Exact Audio Copy\uninst.exe
Fotolab Fotosvet 3-->"C:\Program Files\Fotolab\Fotolab Fotosvet 3\uninstall.exe"
Fotolab Fotosvet-->"C:\Program Files\Fotolab\Fotolab Fotosvet\uninstall.exe"
Glary Utilities 2.22.0.896-->"C:\Program Files\Glary Utilities\unins000.exe"
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Update-->MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134}
HPSSupply-->MsiExec.exe /X{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}
IKEA HomePlanner Kitchen-->MsiExec.exe /I{E215F522-2FD6-46F4-9507-747E14D71598}
Intel(R) Graphics Media Accelerator Driver-->C:\Windows\system32\igxpun.exe -uninstall
Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
LightScribe System Software-->MsiExec.exe /X{2EC502F7-CBB0-44F8-8F5D-C9A6FC1E5A2A}
MadOnion.com/3DMark2001 SE-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{91B323B5-A79C-4D23-BD6D-046C565F9BCF}\Setup.exe" -l0x9 uninstall -uninst
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 3.5 Language Pack SP1 - csy-->MsiExec.exe /I{DD73CA82-EA82-38AA-863D-9A24A018DC96}
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - csy\setup.exe
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1029 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->MsiExec.exe /X{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {E12F9D31-4025-4BC6-B1B2-AB262C5580B0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office File Validation Add-In-->MsiExec.exe /I{90140000-2005-0000-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0405-0000-0000000FF1CE} /uninstall {294B4278-CF7B-40B9-86A1-2D3FF0C2C524}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-041B-0000-0000000FF1CE} /uninstall {10EC59E5-9BCE-4884-BB1A-E28627220232}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570-->MsiExec.exe /X{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
MSI Live Update 3-->C:\Windows\IsUninst.exe -f"C:\Program Files\MSI\Live Update 3\Uninst.isu"
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Nero 7 Essentials-->MsiExec.exe /X{98EFD8F0-08DE-48DB-B922-A2EBAB711029}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Revo Uninstaller 1.71-->C:\Program Files\VS Revo Group\Revo Uninstaller\uninst.exe
Security Update for 2007 Microsoft Office System (KB2288621)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5C497F0B-2061-4CC9-A61C-6B45B867354D}
Security Update for 2007 Microsoft Office System (KB2288931)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {CD769337-C8AC-46DB-A7DC-643E50089263}
Security Update for 2007 Microsoft Office System (KB2345043)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {536FB502-775F-4494-BACE-C02CC90B7A5B}
Security Update for 2007 Microsoft Office System (KB2553089)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {01D4CA59-7070-4420-9BCC-0EFA7C5D76BE}
Security Update for 2007 Microsoft Office System (KB2553090)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {643C12A2-AF9A-4712-B8BE-3B7650AFE00A}
Security Update for 2007 Microsoft Office System (KB2584063)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BF3F1CBD-B05C-4644-AE43-6EE0FCC227A4}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A}
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {F6F5AC31-9833-3E77-AC8E-8E910CAB39AE} /qb+ REBOOTPROMPT=""
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {3E0806DB-3085-378A-840A-F0D3AE3609D1} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7E97AB83-C1FE-38DE-B848-877E0A4BD81E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DB31DEDD-BF95-31E7-A9B7-5480561CEFF3} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4952F442-5C1A-38EB-8C23-B18EFE77E20C} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2478663)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder ClientLP
Security Update for Microsoft .NET Framework 4 Client Profile CSY Language Pack (KB2518870)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder ClientLP
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A0D5F849-D9D5-48ED-99D0-C74D7BFA6A09}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {AEA16A27-0B97-4670-818F-A98D06EC0A6F}
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0EF0D4FB-BB23-4515-AAEA-1240AC2DA525}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Word 2007 (KB2344993)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
Total Commander (Remove or Repair)-->C:\Program Files\totalcmd\tcuninst.exe
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5E9CF3A4-ADB3-3080-A8BF-976A28340758} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {81EBB9D7-173C-32E3-B477-149C8DE075E4} /parameterfolder Client
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B7873DF5-9E1C-45EE-8895-D29C6AE01202}
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C20964A7-5181-45E5-9E82-72F5D400DEBF}
Update for Microsoft Office 2007 System (KB2539530)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {567103D1-96CD-4B76-93B9-2681A187DEFF}
Update for Microsoft Office OneNote 2007 (KB980729)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF}
WinRAR-->C:\Program Files\WinRAR\uninstall.exe

======Security center information======

AS: Windows Defender

======System event log======

Computer Name: Štika-PC
Event Code: 7036
Message: Stav služby Klient zásad skupiny byl změněn na: Zastaveno
Record Number: 383704
Source Name: Service Control Manager
Time Written: 20110530235556.000000-000
Event Type: Informace
User:

Computer Name: Štika-PC
Event Code: 27
Message: Automatické aktualizace jsou pozastaveny.
Record Number: 383703
Source Name: Microsoft-Windows-WindowsUpdateClient
Time Written: 20110530235554.218405-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: Štika-PC
Event Code: 7036
Message: Stav služby Windows Update byl změněn na: Zastaveno
Record Number: 383702
Source Name: Service Control Manager
Time Written: 20110530235555.000000-000
Event Type: Informace
User:

Computer Name: Štika-PC
Event Code: 7036
Message: Stav služby Instalace modulů systému Windows byl změněn na: Spuštěno
Record Number: 383701
Source Name: Service Control Manager
Time Written: 20110530235552.000000-000
Event Type: Informace
User:

Computer Name: Štika-PC
Event Code: 1074
Message: Proces C:\Windows\system32\winlogon.exe (ŠTIKA-PC) inicioval Napájení vypnuto počítače ŠTIKA-PC jménem uživatele Štika-PC\Štika z následujícího důvodu: Pro tento důvod nebyl nalezen titulek
Kód důvodu: 0x500ff
Typ vypnutí: Napájení vypnuto
Komentář:
Record Number: 383700
Source Name: USER32
Time Written: 20110530235547.000000-000
Event Type: Informace
User: Štika-PC\Štika

=====Application event log=====

Computer Name: Štika-PC
Event Code: 4
Message: The LightScribe Service started successfully.
Record Number: 39787
Source Name: LightScribeService
Time Written: 20090907174122.000000-000
Event Type: Informace
User:

Computer Name: Štika-PC
Event Code: 902
Message: Služba Licencování softwaru byla spuštěna.

Record Number: 39786
Source Name: Microsoft-Windows-Security-Licensing-SLC
Time Written: 20090907174119.000000-000
Event Type: Informace
User:

Computer Name: Štika-PC
Event Code: 1005
Message: Výsledek využití oprávnění systému Windows je: hr=0x0

Record Number: 39785
Source Name: Microsoft-Windows-Security-Licensing-SLC
Time Written: 20090907174118.000000-000
Event Type: Informace
User:

Computer Name: Štika-PC
Event Code: 1003
Message: Služba Licencování softwaru dokončila kontrolu stavu licencování.
ID aplikace=55c92734-d682-4d71-983e-d6ec3f16059f
Stav licencování=
{1,[199086aa-6cb8-4e5b-b698-f2be56f1e8ee, 8, 0xC004F014,0x0]}

{1,[26241618-ffd9-4440-af04-2ab852b2767f, 8, 0xC004F014,0x0]}

{1,[8cc39469-8bf4-4859-9f14-639320501a1f, 8, 0xC004F014,0x0]}

{1,[91dbad68-4713-4f9c-b351-6e77a8361741, 8, 0xC004F014,0x0]}

{1,[95c6e80a-0ff8-4bd0-95f2-c4a39b79d09e, 8, 0xC004F014,0x0]}

{1,[b4b150d0-ec09-4f74-910d-371ed161b2ac, 8, 0xC004F014,0x0]}

{1,[bb4c2c10-dc0d-4ce6-8824-ee71ddb63c07, 0, 0x0,0x0],[0x0,0x0,0x0,0,0,0x0],[0x0,0xFFFFFFFF,0x0,0,0,0x0],[0x0,0xFFFFFFFF,0x0,0,0,0x0],[0,0,0x0]}

{1,[c2f2d79e-121d-482c-b665-83f052c8cbcc, 8, 0xC004F014,0x0]}

{1,[cd2e414a-e728-421e-a934-73506387d641, 8, 0xC004F014,0x0]}

{1,[afd5f68f-b70f-4000-a21d-28dbc8be8b07, 0, 0xC004F055,0x0]}

Record Number: 39784
Source Name: Microsoft-Windows-Security-Licensing-SLC
Time Written: 20090907174118.000000-000
Event Type: Informace
User:

Computer Name: Štika-PC
Event Code: 1033
Message: Zásady budou vyloučeny, protože jsou definovány jen s atributem Pouze přepsat.
Názvy zásad=(IIS-W3SVC-MaxConcurrentRequests) (Telnet-Client-EnableTelnetClient) (Telnet-Client-EnableTelnetClient_w) (Telnet-Server-EnableTelnetServer) (Telnet-Server-EnableTelnetServer_w)
ID aplikace=55c92734-d682-4d71-983e-d6ec3f16059f
ID SKU=bb4c2c10-dc0d-4ce6-8824-ee71ddb63c07
Record Number: 39783
Source Name: Microsoft-Windows-Security-Licensing-SLC
Time Written: 20090907174117.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: Štika-PC
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-21-3883138670-2453589089-1278835916-1000
Název účtu: Štika
Doména účtu: Štika-PC
ID přihlášení: 0x1aef0

Oprávnění: SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 146206
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110620195054.546875-000
Event Type: Úspěch auditu
User:

Computer Name: Štika-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: ŠTIKA-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Typ přihlášení: 2

Nové přihlášení:
ID zabezpečení: S-1-5-21-3883138670-2453589089-1278835916-1000
Název účtu: Štika
Doména účtu: Štika-PC
ID přihlášení: 0x1aef0
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x288
Název procesu: C:\Windows\System32\winlogon.exe

Informace o síti:
Název pracovní stanice: ŠTIKA-PC
Adresa zdrojové sítě 127.0.0.1
Zdrojový port: 0

Podrobné informace o ověření:
Proces přihlášení: User32
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 146205
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110620195054.546875-000
Event Type: Úspěch auditu
User:

Computer Name: Štika-PC
Event Code: 4648
Message: Došlo k pokusu o přihlášení pomocí explicitního pověření.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: ŠTIKA-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Účet, jehož pověření bylo použito:
Název účtu: Štika
Doména účtu: Štika-PC
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Cílový server:
Název cílového serveru: localhost
Další informace: localhost

Informace o procesu:
ID procesu: 0x288
Název procesu: C:\Windows\System32\winlogon.exe

Informace o síti:
Síťová adresa: 127.0.0.1
Port: 0

Tato událost je generována, pokud se proces pokusí přihlásit k účtu explicitním zadáním pověření tohoto účtu. K tomu nejčastěji dochází v dávkových konfiguracích, například naplánovaných úlohách, nebo při použití příkazu RUNAS.
Record Number: 146204
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110620195054.546875-000
Event Type: Úspěch auditu
User:

Computer Name: Štika-PC
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 146203
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110620195051.406250-000
Event Type: Úspěch auditu
User:

Computer Name: Štika-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: ŠTIKA-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Typ přihlášení: 5

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x26c
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 146202
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110620195051.406250-000
Event Type: Úspěch auditu
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=0409
"NUMBER_OF_PROCESSORS"=2
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\

-----------------EOF-----------------

Re: rootkit

Napsal: 17 led 2012 10:06
od Mc_Murphy
Proč zakládáš dva thready se stejným problémem? :x

Pokračuj v tom prvním: http://www.viry.cz/forum/viewtopic.php?f=13&t=118878

Zde poprosím moderátory o :lock:.

Re: rootkit

Napsal: 17 led 2012 10:16
od Kopi
prohlížeč nějak nereagoval, klepnul jsem podruhy na odeslat a najednou byly 2. chtěl jsem jedno téma zamknout, ale to bohužel neumím.

Re: rootkit

Napsal: 17 led 2012 10:21
od JaRon
ten druhy prispevok zmazem :)
spust TDSSKiller - log vloz

Re: rootkit

Napsal: 17 led 2012 10:47
od Kopi
10:38:45.0803 3648 TDSS rootkit removing tool 2.7.3.0 Jan 16 2012 18:53:41
10:38:46.0038 3648 ============================================================
10:38:46.0038 3648 Current date / time: 2012/01/17 10:38:46.0038
10:38:46.0038 3648 SystemInfo:
10:38:46.0038 3648
10:38:46.0038 3648 OS Version: 6.0.6002 ServicePack: 2.0
10:38:46.0038 3648 Product type: Workstation
10:38:46.0038 3648 ComputerName: ŠTIKA-PC
10:38:46.0038 3648 UserName: Štika
10:38:46.0038 3648 Windows directory: C:\Windows
10:38:46.0038 3648 System windows directory: C:\Windows
10:38:46.0038 3648 Processor architecture: Intel x86
10:38:46.0038 3648 Number of processors: 2
10:38:46.0038 3648 Page size: 0x1000
10:38:46.0038 3648 Boot type: Normal boot
10:38:46.0038 3648 ============================================================
10:38:46.0834 3648 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
10:38:46.0850 3648 Initialize success
10:38:50.0038 2652 ============================================================
10:38:50.0038 2652 Scan started
10:38:50.0038 2652 Mode: Manual;
10:38:50.0038 2652 ============================================================
10:38:52.0272 2652 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
10:38:52.0288 2652 ACPI - ok
10:38:52.0350 2652 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
10:38:52.0366 2652 adp94xx - ok
10:38:52.0428 2652 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
10:38:52.0428 2652 adpahci - ok
10:38:52.0459 2652 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
10:38:52.0475 2652 adpu160m - ok
10:38:52.0522 2652 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
10:38:52.0522 2652 adpu320 - ok
10:38:52.0631 2652 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
10:38:52.0647 2652 AFD - ok
10:38:52.0709 2652 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
10:38:52.0709 2652 agp440 - ok
10:38:52.0756 2652 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
10:38:52.0756 2652 aic78xx - ok
10:38:52.0788 2652 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
10:38:52.0788 2652 aliide - ok
10:38:52.0834 2652 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
10:38:52.0834 2652 amdagp - ok
10:38:52.0866 2652 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
10:38:52.0881 2652 amdide - ok
10:38:52.0913 2652 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
10:38:52.0913 2652 AmdK7 - ok
10:38:52.0975 2652 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
10:38:52.0975 2652 AmdK8 - ok
10:38:53.0100 2652 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
10:38:53.0100 2652 arc - ok
10:38:53.0147 2652 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
10:38:53.0147 2652 arcsas - ok
10:38:53.0225 2652 aswFsBlk (054df24c92b55427e0757cfff160e4f2) C:\Windows\system32\drivers\aswFsBlk.sys
10:38:53.0225 2652 aswFsBlk - ok
10:38:53.0303 2652 aswMonFlt (258143605e77e4008f1758481d6a977d) C:\Windows\system32\drivers\aswMonFlt.sys
10:38:53.0303 2652 aswMonFlt - ok
10:38:53.0381 2652 aswRdr (352d5a48ebab35a7693b048679304831) C:\Windows\system32\drivers\aswRdr.sys
10:38:53.0381 2652 aswRdr - ok
10:38:53.0459 2652 aswSnx (8d34d2b24297e27d93e847319abfdec4) C:\Windows\system32\drivers\aswSnx.sys
10:38:53.0459 2652 aswSnx - ok
10:38:53.0506 2652 aswSP (010012597333da1f46c3243f33f8409e) C:\Windows\system32\drivers\aswSP.sys
10:38:53.0506 2652 aswSP - ok
10:38:53.0569 2652 aswTdi (f9f84364416658e9786235904d448d37) C:\Windows\system32\drivers\aswTdi.sys
10:38:53.0569 2652 aswTdi - ok
10:38:53.0616 2652 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
10:38:53.0616 2652 AsyncMac - ok
10:38:53.0678 2652 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
10:38:53.0678 2652 atapi - ok
10:38:53.0803 2652 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
10:38:53.0803 2652 Beep - ok
10:38:53.0834 2652 blbdrive - ok
10:38:53.0913 2652 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
10:38:53.0913 2652 bowser - ok
10:38:53.0959 2652 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
10:38:53.0975 2652 BrFiltLo - ok
10:38:54.0022 2652 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
10:38:54.0022 2652 BrFiltUp - ok
10:38:54.0084 2652 BrPar (2fe6d5be0629f706197b30c0aa05de30) C:\Windows\System32\drivers\BrPar.sys
10:38:54.0084 2652 BrPar - ok
10:38:54.0131 2652 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
10:38:54.0131 2652 Brserid - ok
10:38:54.0163 2652 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
10:38:54.0163 2652 BrSerWdm - ok
10:38:54.0178 2652 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
10:38:54.0178 2652 BrUsbMdm - ok
10:38:54.0209 2652 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
10:38:54.0209 2652 BrUsbSer - ok
10:38:54.0241 2652 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
10:38:54.0241 2652 BTHMODEM - ok
10:38:54.0272 2652 catchme - ok
10:38:54.0334 2652 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
10:38:54.0334 2652 cdfs - ok
10:38:54.0366 2652 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
10:38:54.0381 2652 cdrom - ok
10:38:54.0413 2652 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
10:38:54.0428 2652 circlass - ok
10:38:54.0475 2652 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
10:38:54.0475 2652 CLFS - ok
10:38:54.0553 2652 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
10:38:54.0553 2652 cmdide - ok
10:38:54.0600 2652 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
10:38:54.0600 2652 Compbatt - ok
10:38:54.0663 2652 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
10:38:54.0663 2652 crcdisk - ok
10:38:54.0694 2652 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
10:38:54.0694 2652 Crusoe - ok
10:38:54.0772 2652 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
10:38:54.0772 2652 DfsC - ok
10:38:54.0881 2652 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
10:38:54.0881 2652 disk - ok
10:38:54.0959 2652 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
10:38:54.0975 2652 Dot4 - ok
10:38:55.0038 2652 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
10:38:55.0038 2652 Dot4Print - ok
10:38:55.0084 2652 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
10:38:55.0100 2652 dot4usb - ok
10:38:55.0194 2652 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
10:38:55.0194 2652 drmkaud - ok
10:38:55.0256 2652 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
10:38:55.0272 2652 DXGKrnl - ok
10:38:55.0319 2652 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
10:38:55.0334 2652 E1G60 - ok
10:38:55.0366 2652 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
10:38:55.0381 2652 Ecache - ok
10:38:55.0428 2652 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
10:38:55.0444 2652 elxstor - ok
10:38:55.0569 2652 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
10:38:55.0584 2652 exfat - ok
10:38:55.0616 2652 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
10:38:55.0616 2652 fastfat - ok
10:38:55.0663 2652 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
10:38:55.0663 2652 fdc - ok
10:38:55.0756 2652 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
10:38:55.0756 2652 FileInfo - ok
10:38:55.0788 2652 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
10:38:55.0803 2652 Filetrace - ok
10:38:55.0834 2652 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
10:38:55.0834 2652 flpydisk - ok
10:38:55.0881 2652 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
10:38:55.0881 2652 FltMgr - ok
10:38:55.0944 2652 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
10:38:55.0944 2652 Fs_Rec - ok
10:38:55.0975 2652 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
10:38:55.0975 2652 gagp30kx - ok
10:38:56.0053 2652 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
10:38:56.0069 2652 HdAudAddService - ok
10:38:56.0116 2652 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
10:38:56.0116 2652 HDAudBus - ok
10:38:56.0163 2652 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
10:38:56.0163 2652 HidBth - ok
10:38:56.0194 2652 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
10:38:56.0194 2652 HidIr - ok
10:38:56.0241 2652 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
10:38:56.0241 2652 HidUsb - ok
10:38:56.0288 2652 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
10:38:56.0288 2652 HpCISSs - ok
10:38:56.0350 2652 HTTP (0eeeca26c8d4bde2a4664db058a81937) C:\Windows\system32\drivers\HTTP.sys
10:38:56.0350 2652 HTTP - ok
10:38:56.0381 2652 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
10:38:56.0381 2652 i2omp - ok
10:38:56.0444 2652 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
10:38:56.0444 2652 i8042prt - ok
10:38:56.0522 2652 ialm (9378d57e2b96c0a185d844770ad49948) C:\Windows\system32\DRIVERS\igdkmd32.sys
10:38:56.0584 2652 ialm - ok
10:38:56.0616 2652 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
10:38:56.0631 2652 iaStorV - ok
10:38:56.0741 2652 igfx (9378d57e2b96c0a185d844770ad49948) C:\Windows\system32\DRIVERS\igdkmd32.sys
10:38:56.0756 2652 igfx - ok
10:38:56.0803 2652 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
10:38:56.0819 2652 iirsp - ok
10:38:56.0928 2652 IntcAzAudAddService (389f5d4859f4300d52ead838f1a17131) C:\Windows\system32\drivers\RTKVHDA.sys
10:38:56.0959 2652 IntcAzAudAddService - ok
10:38:57.0006 2652 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
10:38:57.0006 2652 intelide - ok
10:38:57.0069 2652 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
10:38:57.0069 2652 intelppm - ok
10:38:57.0131 2652 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:38:57.0131 2652 IpFilterDriver - ok
10:38:57.0147 2652 IpInIp - ok
10:38:57.0178 2652 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
10:38:57.0194 2652 IPMIDRV - ok
10:38:57.0256 2652 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
10:38:57.0256 2652 IPNAT - ok
10:38:57.0319 2652 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
10:38:57.0319 2652 IRENUM - ok
10:38:57.0334 2652 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
10:38:57.0334 2652 isapnp - ok
10:38:57.0381 2652 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
10:38:57.0397 2652 iScsiPrt - ok
10:38:57.0413 2652 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
10:38:57.0413 2652 iteatapi - ok
10:38:57.0444 2652 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
10:38:57.0459 2652 iteraid - ok
10:38:57.0506 2652 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
10:38:57.0506 2652 kbdclass - ok
10:38:57.0553 2652 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
10:38:57.0569 2652 kbdhid - ok
10:38:57.0600 2652 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
10:38:57.0600 2652 KSecDD - ok
10:38:57.0647 2652 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
10:38:57.0647 2652 lltdio - ok
10:38:57.0709 2652 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
10:38:57.0709 2652 LSI_FC - ok
10:38:57.0756 2652 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
10:38:57.0756 2652 LSI_SAS - ok
10:38:57.0788 2652 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
10:38:57.0788 2652 LSI_SCSI - ok
10:38:57.0834 2652 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
10:38:57.0850 2652 luafv - ok
10:38:57.0897 2652 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
10:38:57.0897 2652 megasas - ok
10:38:57.0944 2652 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
10:38:57.0944 2652 Modem - ok
10:38:58.0006 2652 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
10:38:58.0006 2652 monitor - ok
10:38:58.0053 2652 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
10:38:58.0053 2652 mouclass - ok
10:38:58.0100 2652 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
10:38:58.0100 2652 mouhid - ok
10:38:58.0116 2652 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
10:38:58.0131 2652 MountMgr - ok
10:38:58.0194 2652 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
10:38:58.0194 2652 mpio - ok
10:38:58.0225 2652 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
10:38:58.0241 2652 mpsdrv - ok
10:38:58.0319 2652 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
10:38:58.0334 2652 Mraid35x - ok
10:38:58.0366 2652 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
10:38:58.0366 2652 MRxDAV - ok
10:38:58.0428 2652 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
10:38:58.0428 2652 mrxsmb - ok
10:38:58.0475 2652 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:38:58.0491 2652 mrxsmb10 - ok
10:38:58.0522 2652 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:38:58.0522 2652 mrxsmb20 - ok
10:38:58.0616 2652 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
10:38:58.0616 2652 msahci - ok
10:38:58.0663 2652 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
10:38:58.0663 2652 msdsm - ok
10:38:58.0788 2652 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
10:38:58.0788 2652 Msfs - ok
10:38:58.0850 2652 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
10:38:58.0850 2652 msisadrv - ok
10:38:58.0897 2652 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
10:38:58.0913 2652 MSKSSRV - ok
10:38:58.0991 2652 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
10:38:59.0006 2652 MSPCLOCK - ok
10:38:59.0053 2652 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
10:38:59.0053 2652 MSPQM - ok
10:38:59.0084 2652 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
10:38:59.0084 2652 MsRPC - ok
10:38:59.0178 2652 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
10:38:59.0178 2652 mssmbios - ok
10:38:59.0225 2652 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
10:38:59.0225 2652 MSTEE - ok
10:38:59.0272 2652 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
10:38:59.0272 2652 Mup - ok
10:38:59.0366 2652 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
10:38:59.0366 2652 NativeWifiP - ok
10:38:59.0444 2652 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
10:38:59.0459 2652 NDIS - ok
10:38:59.0553 2652 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
10:38:59.0553 2652 NdisTapi - ok
10:38:59.0584 2652 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
10:38:59.0584 2652 Ndisuio - ok
10:38:59.0631 2652 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
10:38:59.0631 2652 NdisWan - ok
10:38:59.0694 2652 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
10:38:59.0694 2652 NDProxy - ok
10:38:59.0772 2652 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
10:38:59.0772 2652 NetBIOS - ok
10:38:59.0803 2652 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
10:38:59.0819 2652 netbt - ok
10:38:59.0881 2652 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
10:38:59.0881 2652 nfrd960 - ok
10:38:59.0975 2652 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
10:38:59.0975 2652 Npfs - ok
10:39:00.0022 2652 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
10:39:00.0038 2652 nsiproxy - ok
10:39:00.0084 2652 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
10:39:00.0116 2652 Ntfs - ok
10:39:00.0163 2652 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
10:39:00.0163 2652 ntrigdigi - ok
10:39:00.0225 2652 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
10:39:00.0225 2652 Null - ok
10:39:00.0256 2652 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
10:39:00.0272 2652 nvraid - ok
10:39:00.0288 2652 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
10:39:00.0288 2652 nvstor - ok
10:39:00.0319 2652 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
10:39:00.0319 2652 nv_agp - ok
10:39:00.0334 2652 NwlnkFlt - ok
10:39:00.0366 2652 NwlnkFwd - ok
10:39:00.0428 2652 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
10:39:00.0428 2652 ohci1394 - ok
10:39:00.0538 2652 Parport (8a79fdf04a73428597e2caf9d0d67850) C:\Windows\system32\DRIVERS\parport.sys
10:39:00.0538 2652 Parport - ok
10:39:00.0584 2652 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
10:39:00.0584 2652 partmgr - ok
10:39:00.0616 2652 Parvdm (6c580025c81caf3ae9e3617c22cad00e) C:\Windows\system32\DRIVERS\parvdm.sys
10:39:00.0616 2652 Parvdm - ok
10:39:00.0709 2652 PCAlertDriver (96803ea5bf733aedc0c2ecf8927607b2) C:\PROGRA~1\MSI\MSIWDev\NTGLM7X.sys
10:39:00.0709 2652 PCAlertDriver - ok
10:39:00.0772 2652 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
10:39:00.0788 2652 pci - ok
10:39:00.0834 2652 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
10:39:00.0834 2652 pciide - ok
10:39:00.0897 2652 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
10:39:00.0897 2652 pcmcia - ok
10:39:00.0975 2652 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
10:39:01.0006 2652 PEAUTH - ok
10:39:01.0178 2652 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
10:39:01.0178 2652 PptpMiniport - ok
10:39:01.0225 2652 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
10:39:01.0225 2652 Processor - ok
10:39:01.0303 2652 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
10:39:01.0319 2652 PSched - ok
10:39:01.0381 2652 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
10:39:01.0413 2652 ql2300 - ok
10:39:01.0444 2652 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
10:39:01.0444 2652 ql40xx - ok
10:39:01.0553 2652 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
10:39:01.0553 2652 QWAVEdrv - ok
10:39:01.0616 2652 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
10:39:01.0616 2652 RasAcd - ok
10:39:01.0725 2652 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
10:39:01.0741 2652 Rasl2tp - ok
10:39:01.0788 2652 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
10:39:01.0788 2652 RasPppoe - ok
10:39:01.0834 2652 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
10:39:01.0834 2652 RasSstp - ok
10:39:01.0928 2652 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
10:39:01.0959 2652 rdbss - ok
10:39:02.0069 2652 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
10:39:02.0069 2652 RDPCDD - ok
10:39:02.0131 2652 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
10:39:02.0131 2652 rdpdr - ok
10:39:02.0178 2652 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
10:39:02.0178 2652 RDPENCDD - ok
10:39:02.0225 2652 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
10:39:02.0241 2652 RDPWD - ok
10:39:02.0319 2652 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
10:39:02.0319 2652 rspndr - ok
10:39:02.0366 2652 RTL8169 (283392af1860ecdb5e0f8ebd7f3d72df) C:\Windows\system32\DRIVERS\Rtlh86.sys
10:39:02.0366 2652 RTL8169 - ok
10:39:02.0413 2652 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
10:39:02.0428 2652 sbp2port - ok
10:39:02.0569 2652 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
10:39:02.0569 2652 secdrv - ok
10:39:02.0616 2652 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
10:39:02.0631 2652 Serenum - ok
10:39:02.0709 2652 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
10:39:02.0709 2652 Serial - ok
10:39:02.0756 2652 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
10:39:02.0756 2652 sermouse - ok
10:39:02.0897 2652 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
10:39:02.0913 2652 sffdisk - ok
10:39:02.0928 2652 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
10:39:02.0928 2652 sffp_mmc - ok
10:39:02.0959 2652 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
10:39:02.0959 2652 sffp_sd - ok
10:39:02.0975 2652 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
10:39:02.0975 2652 sfloppy - ok
10:39:03.0053 2652 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
10:39:03.0053 2652 sisagp - ok
10:39:03.0131 2652 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
10:39:03.0147 2652 SiSRaid2 - ok
10:39:03.0178 2652 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
10:39:03.0178 2652 SiSRaid4 - ok
10:39:03.0256 2652 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
10:39:03.0272 2652 Smb - ok
10:39:03.0366 2652 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
10:39:03.0381 2652 spldr - ok
10:39:03.0475 2652 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
10:39:03.0475 2652 srv - ok
10:39:03.0538 2652 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
10:39:03.0538 2652 srv2 - ok
10:39:03.0569 2652 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
10:39:03.0584 2652 srvnet - ok
10:39:03.0663 2652 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
10:39:03.0663 2652 swenum - ok
10:39:03.0725 2652 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
10:39:03.0725 2652 Symc8xx - ok
10:39:03.0772 2652 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
10:39:03.0772 2652 Sym_hi - ok
10:39:03.0834 2652 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
10:39:03.0850 2652 Sym_u3 - ok
10:39:03.0944 2652 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
10:39:03.0975 2652 Tcpip - ok
10:39:04.0053 2652 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
10:39:04.0053 2652 Tcpip6 - ok
10:39:04.0100 2652 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
10:39:04.0100 2652 tcpipreg - ok
10:39:04.0178 2652 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
10:39:04.0194 2652 TDPIPE - ok
10:39:04.0209 2652 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
10:39:04.0225 2652 TDTCP - ok
10:39:04.0272 2652 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
10:39:04.0272 2652 tdx - ok
10:39:04.0319 2652 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
10:39:04.0319 2652 TermDD - ok
10:39:04.0381 2652 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
10:39:04.0381 2652 tssecsrv - ok
10:39:04.0444 2652 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
10:39:04.0444 2652 tunmp - ok
10:39:04.0475 2652 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
10:39:04.0491 2652 tunnel - ok
10:39:04.0584 2652 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
10:39:04.0584 2652 uagp35 - ok
10:39:04.0631 2652 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
10:39:04.0631 2652 udfs - ok
10:39:04.0678 2652 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
10:39:04.0678 2652 uliagpkx - ok
10:39:04.0725 2652 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
10:39:04.0725 2652 uliahci - ok
10:39:04.0772 2652 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
10:39:04.0788 2652 UlSata - ok
10:39:04.0834 2652 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
10:39:04.0834 2652 ulsata2 - ok
10:39:04.0913 2652 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
10:39:04.0913 2652 umbus - ok
10:39:04.0991 2652 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
10:39:04.0991 2652 usbccgp - ok
10:39:05.0053 2652 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
10:39:05.0053 2652 usbcir - ok
10:39:05.0147 2652 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
10:39:05.0147 2652 usbehci - ok
10:39:05.0178 2652 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
10:39:05.0194 2652 usbhub - ok
10:39:05.0241 2652 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
10:39:05.0256 2652 usbohci - ok
10:39:05.0288 2652 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
10:39:05.0288 2652 usbprint - ok
10:39:05.0366 2652 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
10:39:05.0366 2652 usbscan - ok
10:39:05.0428 2652 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:39:05.0428 2652 USBSTOR - ok
10:39:05.0475 2652 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
10:39:05.0475 2652 usbuhci - ok
10:39:05.0569 2652 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
10:39:05.0569 2652 vga - ok
10:39:05.0616 2652 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
10:39:05.0616 2652 VgaSave - ok
10:39:05.0647 2652 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
10:39:05.0647 2652 viaagp - ok
10:39:05.0678 2652 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
10:39:05.0678 2652 ViaC7 - ok
10:39:05.0741 2652 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
10:39:05.0741 2652 viaide - ok
10:39:05.0788 2652 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
10:39:05.0788 2652 volmgr - ok
10:39:05.0819 2652 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
10:39:05.0834 2652 volmgrx - ok
10:39:05.0866 2652 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
10:39:05.0866 2652 volsnap - ok
10:39:05.0944 2652 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
10:39:05.0944 2652 vsmraid - ok
10:39:06.0053 2652 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
10:39:06.0069 2652 WacomPen - ok
10:39:06.0116 2652 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
10:39:06.0131 2652 Wanarp - ok
10:39:06.0147 2652 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
10:39:06.0147 2652 Wanarpv6 - ok
10:39:06.0194 2652 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
10:39:06.0194 2652 Wd - ok
10:39:06.0256 2652 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
10:39:06.0272 2652 Wdf01000 - ok
10:39:06.0475 2652 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
10:39:06.0475 2652 WmiAcpi - ok
10:39:06.0631 2652 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
10:39:06.0663 2652 WpdUsb - ok
10:39:06.0772 2652 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
10:39:06.0772 2652 ws2ifsl - ok
10:39:06.0866 2652 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
10:39:06.0866 2652 WUDFRd - ok
10:39:06.0913 2652 MBR (0x1B8) (9c603bc3977968c891de319283e1e7af) \Device\Harddisk0\DR0
10:39:06.0928 2652 \Device\Harddisk0\DR0 ( Rootkit.Boot.Wistler.a ) - infected
10:39:06.0928 2652 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Wistler.a (0)
10:39:06.0959 2652 Boot (0x1200) (67c9293776c7f71b546012724c093469) \Device\Harddisk0\DR0\Partition0
10:39:06.0959 2652 \Device\Harddisk0\DR0\Partition0 - ok
10:39:06.0959 2652 ============================================================
10:39:06.0959 2652 Scan finished
10:39:06.0959 2652 ============================================================
10:39:06.0975 2416 Detected object count: 1
10:39:06.0975 2416 Actual detected object count: 1
10:39:28.0256 2416 \Device\Harddisk0\DR0 ( Rootkit.Boot.Wistler.a ) - will be cured on reboot
10:39:28.0256 2416 \Device\Harddisk0\DR0 - ok
10:39:28.0256 2416 \Device\Harddisk0\DR0 ( Rootkit.Boot.Wistler.a ) - User select action: Cure
10:39:39.0100 2692 Deinitialize success

Re: rootkit

Napsal: 17 led 2012 10:54
od JaRon
zopakuj TDSSK po reboote - log vloz

Re: rootkit

Napsal: 17 led 2012 11:17
od Kopi
11:01:48.0403 3696 TDSS rootkit removing tool 2.7.3.0 Jan 16 2012 18:53:41
11:01:49.0528 3696 ============================================================
11:01:49.0528 3696 Current date / time: 2012/01/17 11:01:49.0528
11:01:49.0528 3696 SystemInfo:
11:01:49.0528 3696
11:01:49.0528 3696 OS Version: 6.0.6002 ServicePack: 2.0
11:01:49.0528 3696 Product type: Workstation
11:01:49.0528 3696 ComputerName: ŠTIKA-PC
11:01:49.0528 3696 UserName: Štika
11:01:49.0528 3696 Windows directory: C:\Windows
11:01:49.0528 3696 System windows directory: C:\Windows
11:01:49.0528 3696 Processor architecture: Intel x86
11:01:49.0528 3696 Number of processors: 2
11:01:49.0528 3696 Page size: 0x1000
11:01:49.0528 3696 Boot type: Normal boot
11:01:49.0528 3696 ============================================================
11:01:50.0575 3696 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
11:01:50.0638 3696 Initialize success
11:01:53.0606 3816 ============================================================
11:01:53.0606 3816 Scan started
11:01:53.0606 3816 Mode: Manual;
11:01:53.0606 3816 ============================================================
11:01:55.0794 3816 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
11:01:55.0997 3816 ACPI - ok
11:01:56.0669 3816 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
11:01:57.0091 3816 adp94xx - ok
11:01:57.0669 3816 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
11:01:57.0919 3816 adpahci - ok
11:01:58.0497 3816 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
11:01:58.0528 3816 adpu160m - ok
11:01:59.0091 3816 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
11:01:59.0185 3816 adpu320 - ok
11:01:59.0950 3816 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
11:02:00.0153 3816 AFD - ok
11:02:00.0700 3816 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
11:02:00.0763 3816 agp440 - ok
11:02:01.0200 3816 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
11:02:01.0216 3816 aic78xx - ok
11:02:01.0606 3816 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
11:02:01.0622 3816 aliide - ok
11:02:02.0013 3816 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
11:02:02.0060 3816 amdagp - ok
11:02:02.0669 3816 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
11:02:02.0700 3816 amdide - ok
11:02:03.0341 3816 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
11:02:03.0372 3816 AmdK7 - ok
11:02:04.0091 3816 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
11:02:04.0122 3816 AmdK8 - ok
11:02:04.0685 3816 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
11:02:04.0716 3816 arc - ok
11:02:05.0044 3816 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
11:02:05.0091 3816 arcsas - ok
11:02:05.0685 3816 aswFsBlk (054df24c92b55427e0757cfff160e4f2) C:\Windows\system32\drivers\aswFsBlk.sys
11:02:05.0731 3816 aswFsBlk - ok
11:02:06.0435 3816 aswMonFlt (258143605e77e4008f1758481d6a977d) C:\Windows\system32\drivers\aswMonFlt.sys
11:02:06.0466 3816 aswMonFlt - ok
11:02:07.0060 3816 aswRdr (352d5a48ebab35a7693b048679304831) C:\Windows\system32\drivers\aswRdr.sys
11:02:07.0060 3816 aswRdr - ok
11:02:07.0763 3816 aswSnx (8d34d2b24297e27d93e847319abfdec4) C:\Windows\system32\drivers\aswSnx.sys
11:02:07.0888 3816 aswSnx - ok
11:02:08.0481 3816 aswSP (010012597333da1f46c3243f33f8409e) C:\Windows\system32\drivers\aswSP.sys
11:02:08.0669 3816 aswSP - ok
11:02:08.0997 3816 aswTdi (f9f84364416658e9786235904d448d37) C:\Windows\system32\drivers\aswTdi.sys
11:02:09.0013 3816 aswTdi - ok
11:02:09.0247 3816 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
11:02:09.0247 3816 AsyncMac - ok
11:02:09.0544 3816 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
11:02:09.0544 3816 atapi - ok
11:02:10.0403 3816 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
11:02:10.0435 3816 Beep - ok
11:02:10.0747 3816 blbdrive - ok
11:02:11.0185 3816 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
11:02:11.0231 3816 bowser - ok
11:02:11.0700 3816 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
11:02:11.0731 3816 BrFiltLo - ok
11:02:12.0247 3816 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
11:02:12.0278 3816 BrFiltUp - ok
11:02:12.0856 3816 BrPar (2fe6d5be0629f706197b30c0aa05de30) C:\Windows\System32\drivers\BrPar.sys
11:02:12.0872 3816 BrPar - ok
11:02:13.0341 3816 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
11:02:13.0497 3816 Brserid - ok
11:02:14.0044 3816 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
11:02:14.0044 3816 BrSerWdm - ok
11:02:14.0435 3816 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
11:02:14.0466 3816 BrUsbMdm - ok
11:02:15.0153 3816 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
11:02:15.0216 3816 BrUsbSer - ok
11:02:15.0935 3816 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
11:02:16.0028 3816 BTHMODEM - ok
11:02:16.0200 3816 catchme - ok
11:02:17.0060 3816 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
11:02:17.0122 3816 cdfs - ok
11:02:17.0763 3816 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
11:02:17.0778 3816 cdrom - ok
11:02:18.0216 3816 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
11:02:18.0231 3816 circlass - ok
11:02:18.0685 3816 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
11:02:19.0575 3816 CLFS - ok
11:02:20.0060 3816 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
11:02:20.0091 3816 cmdide - ok
11:02:20.0481 3816 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
11:02:20.0497 3816 Compbatt - ok
11:02:20.0950 3816 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
11:02:20.0966 3816 crcdisk - ok
11:02:21.0481 3816 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
11:02:21.0497 3816 Crusoe - ok
11:02:21.0997 3816 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
11:02:22.0044 3816 DfsC - ok
11:02:22.0560 3816 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
11:02:22.0606 3816 disk - ok
11:02:23.0106 3816 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
11:02:23.0138 3816 Dot4 - ok
11:02:23.0575 3816 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
11:02:23.0591 3816 Dot4Print - ok
11:02:23.0763 3816 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
11:02:23.0794 3816 dot4usb - ok
11:02:24.0263 3816 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
11:02:24.0278 3816 drmkaud - ok
11:02:24.0794 3816 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
11:02:25.0044 3816 DXGKrnl - ok
11:02:25.0310 3816 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
11:02:25.0341 3816 E1G60 - ok
11:02:25.0810 3816 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
11:02:25.0841 3816 Ecache - ok
11:02:26.0263 3816 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
11:02:26.0356 3816 elxstor - ok
11:02:26.0825 3816 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
11:02:26.0872 3816 exfat - ok
11:02:27.0106 3816 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
11:02:27.0122 3816 fastfat - ok
11:02:27.0419 3816 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
11:02:27.0435 3816 fdc - ok
11:02:27.0872 3816 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
11:02:27.0888 3816 FileInfo - ok
11:02:28.0169 3816 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
11:02:28.0185 3816 Filetrace - ok
11:02:28.0497 3816 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
11:02:28.0497 3816 flpydisk - ok
11:02:28.0935 3816 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
11:02:28.0966 3816 FltMgr - ok
11:02:29.0325 3816 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
11:02:29.0341 3816 Fs_Rec - ok
11:02:29.0497 3816 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
11:02:29.0513 3816 gagp30kx - ok
11:02:30.0044 3816 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
11:02:30.0169 3816 HdAudAddService - ok
11:02:30.0528 3816 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
11:02:30.0638 3816 HDAudBus - ok
11:02:31.0044 3816 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
11:02:31.0060 3816 HidBth - ok
11:02:31.0372 3816 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
11:02:31.0403 3816 HidIr - ok
11:02:31.0856 3816 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
11:02:31.0872 3816 HidUsb - ok
11:02:32.0153 3816 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
11:02:32.0153 3816 HpCISSs - ok
11:02:32.0466 3816 HTTP (0eeeca26c8d4bde2a4664db058a81937) C:\Windows\system32\drivers\HTTP.sys
11:02:32.0497 3816 HTTP - ok
11:02:32.0794 3816 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
11:02:32.0810 3816 i2omp - ok
11:02:33.0153 3816 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
11:02:33.0169 3816 i8042prt - ok
11:02:33.0856 3816 ialm (9378d57e2b96c0a185d844770ad49948) C:\Windows\system32\DRIVERS\igdkmd32.sys
11:02:33.0950 3816 ialm - ok
11:02:34.0294 3816 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
11:02:34.0403 3816 iaStorV - ok
11:02:35.0106 3816 igfx (9378d57e2b96c0a185d844770ad49948) C:\Windows\system32\DRIVERS\igdkmd32.sys
11:02:35.0122 3816 igfx - ok
11:02:35.0356 3816 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
11:02:35.0356 3816 iirsp - ok
11:02:35.0700 3816 IntcAzAudAddService (389f5d4859f4300d52ead838f1a17131) C:\Windows\system32\drivers\RTKVHDA.sys
11:02:35.0794 3816 IntcAzAudAddService - ok
11:02:36.0106 3816 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
11:02:36.0122 3816 intelide - ok
11:02:36.0497 3816 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
11:02:36.0513 3816 intelppm - ok
11:02:36.0856 3816 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:02:36.0888 3816 IpFilterDriver - ok
11:02:37.0013 3816 IpInIp - ok
11:02:37.0106 3816 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
11:02:37.0122 3816 IPMIDRV - ok
11:02:37.0294 3816 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
11:02:37.0310 3816 IPNAT - ok
11:02:37.0388 3816 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
11:02:37.0403 3816 IRENUM - ok
11:02:37.0497 3816 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
11:02:37.0528 3816 isapnp - ok
11:02:37.0841 3816 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
11:02:37.0856 3816 iScsiPrt - ok
11:02:38.0106 3816 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
11:02:38.0122 3816 iteatapi - ok
11:02:38.0497 3816 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
11:02:38.0528 3816 iteraid - ok
11:02:38.0810 3816 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
11:02:38.0825 3816 kbdclass - ok
11:02:39.0044 3816 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
11:02:39.0060 3816 kbdhid - ok
11:02:39.0247 3816 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
11:02:39.0310 3816 KSecDD - ok
11:02:39.0669 3816 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
11:02:39.0685 3816 lltdio - ok
11:02:39.0919 3816 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
11:02:39.0935 3816 LSI_FC - ok
11:02:40.0013 3816 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
11:02:40.0028 3816 LSI_SAS - ok
11:02:40.0388 3816 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
11:02:40.0419 3816 LSI_SCSI - ok
11:02:40.0497 3816 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
11:02:40.0544 3816 luafv - ok
11:02:40.0685 3816 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
11:02:40.0731 3816 megasas - ok
11:02:41.0028 3816 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
11:02:41.0028 3816 Modem - ok
11:02:41.0200 3816 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
11:02:41.0216 3816 monitor - ok
11:02:41.0481 3816 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
11:02:41.0497 3816 mouclass - ok
11:02:41.0856 3816 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
11:02:41.0872 3816 mouhid - ok
11:02:42.0091 3816 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
11:02:42.0106 3816 MountMgr - ok
11:02:42.0341 3816 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
11:02:42.0388 3816 mpio - ok
11:02:42.0606 3816 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
11:02:42.0622 3816 mpsdrv - ok
11:02:42.0856 3816 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
11:02:42.0872 3816 Mraid35x - ok
11:02:42.0997 3816 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
11:02:42.0997 3816 MRxDAV - ok
11:02:43.0153 3816 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:02:43.0169 3816 mrxsmb - ok
11:02:43.0403 3816 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:02:43.0466 3816 mrxsmb10 - ok
11:02:43.0919 3816 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:02:43.0935 3816 mrxsmb20 - ok
11:02:44.0216 3816 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
11:02:44.0216 3816 msahci - ok
11:02:44.0481 3816 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
11:02:44.0481 3816 msdsm - ok
11:02:44.0778 3816 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
11:02:44.0794 3816 Msfs - ok
11:02:45.0075 3816 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
11:02:45.0075 3816 msisadrv - ok
11:02:45.0185 3816 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
11:02:45.0200 3816 MSKSSRV - ok
11:02:45.0263 3816 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
11:02:45.0263 3816 MSPCLOCK - ok
11:02:45.0325 3816 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
11:02:45.0341 3816 MSPQM - ok
11:02:45.0419 3816 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
11:02:45.0419 3816 MsRPC - ok
11:02:45.0591 3816 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
11:02:45.0606 3816 mssmbios - ok
11:02:45.0872 3816 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
11:02:45.0888 3816 MSTEE - ok
11:02:46.0075 3816 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
11:02:46.0091 3816 Mup - ok
11:02:46.0450 3816 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
11:02:46.0497 3816 NativeWifiP - ok
11:02:47.0091 3816 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
11:02:47.0372 3816 NDIS - ok
11:02:47.0841 3816 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
11:02:47.0841 3816 NdisTapi - ok
11:02:48.0075 3816 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
11:02:48.0106 3816 Ndisuio - ok
11:02:49.0216 3816 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
11:02:49.0231 3816 NdisWan - ok
11:02:49.0450 3816 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
11:02:49.0466 3816 NDProxy - ok
11:02:49.0747 3816 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
11:02:49.0763 3816 NetBIOS - ok
11:02:50.0044 3816 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
11:02:50.0075 3816 netbt - ok
11:02:50.0231 3816 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
11:02:50.0231 3816 nfrd960 - ok
11:02:50.0403 3816 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
11:02:50.0435 3816 Npfs - ok
11:02:50.0622 3816 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
11:02:50.0622 3816 nsiproxy - ok
11:02:51.0247 3816 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
11:02:51.0294 3816 Ntfs - ok
11:02:51.0606 3816 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
11:02:51.0716 3816 ntrigdigi - ok
11:02:51.0856 3816 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
11:02:51.0856 3816 Null - ok
11:02:52.0200 3816 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
11:02:52.0231 3816 nvraid - ok
11:02:52.0247 3816 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
11:02:52.0263 3816 nvstor - ok
11:02:52.0294 3816 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
11:02:52.0294 3816 nv_agp - ok
11:02:52.0310 3816 NwlnkFlt - ok
11:02:52.0325 3816 NwlnkFwd - ok
11:02:52.0388 3816 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
11:02:52.0388 3816 ohci1394 - ok
11:02:52.0481 3816 Parport (8a79fdf04a73428597e2caf9d0d67850) C:\Windows\system32\DRIVERS\parport.sys
11:02:52.0497 3816 Parport - ok
11:02:52.0575 3816 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
11:02:52.0591 3816 partmgr - ok
11:02:52.0606 3816 Parvdm (6c580025c81caf3ae9e3617c22cad00e) C:\Windows\system32\DRIVERS\parvdm.sys
11:02:52.0606 3816 Parvdm - ok
11:02:52.0778 3816 PCAlertDriver (96803ea5bf733aedc0c2ecf8927607b2) C:\PROGRA~1\MSI\MSIWDev\NTGLM7X.sys
11:02:52.0810 3816 PCAlertDriver - ok
11:02:53.0060 3816 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
11:02:53.0060 3816 pci - ok
11:02:53.0419 3816 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
11:02:53.0435 3816 pciide - ok
11:02:53.0497 3816 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
11:02:53.0560 3816 pcmcia - ok
11:02:53.0872 3816 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
11:02:53.0950 3816 PEAUTH - ok
11:02:54.0356 3816 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
11:02:54.0372 3816 PptpMiniport - ok
11:02:54.0653 3816 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
11:02:54.0700 3816 Processor - ok
11:02:54.0966 3816 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
11:02:54.0966 3816 PSched - ok
11:02:55.0122 3816 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
11:02:55.0153 3816 ql2300 - ok
11:02:55.0435 3816 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
11:02:55.0435 3816 ql40xx - ok
11:02:55.0591 3816 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
11:02:55.0591 3816 QWAVEdrv - ok
11:02:55.0747 3816 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
11:02:55.0763 3816 RasAcd - ok
11:02:56.0122 3816 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:02:56.0153 3816 Rasl2tp - ok
11:02:56.0560 3816 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
11:02:56.0560 3816 RasPppoe - ok
11:02:56.0669 3816 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
11:02:56.0685 3816 RasSstp - ok
11:02:56.0747 3816 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
11:02:56.0763 3816 rdbss - ok
11:02:56.0810 3816 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:02:56.0810 3816 RDPCDD - ok
11:02:56.0903 3816 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
11:02:56.0919 3816 rdpdr - ok
11:02:56.0981 3816 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
11:02:56.0997 3816 RDPENCDD - ok
11:02:57.0091 3816 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
11:02:57.0106 3816 RDPWD - ok
11:02:57.0341 3816 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
11:02:57.0356 3816 rspndr - ok
11:02:57.0575 3816 RTL8169 (283392af1860ecdb5e0f8ebd7f3d72df) C:\Windows\system32\DRIVERS\Rtlh86.sys
11:02:57.0591 3816 RTL8169 - ok
11:02:57.0638 3816 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
11:02:57.0653 3816 sbp2port - ok
11:02:58.0013 3816 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
11:02:58.0060 3816 secdrv - ok
11:02:58.0622 3816 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
11:02:58.0638 3816 Serenum - ok
11:02:58.0794 3816 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
11:02:58.0888 3816 Serial - ok
11:02:59.0310 3816 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
11:02:59.0341 3816 sermouse - ok
11:02:59.0794 3816 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
11:02:59.0810 3816 sffdisk - ok
11:02:59.0856 3816 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
11:02:59.0872 3816 sffp_mmc - ok
11:02:59.0919 3816 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
11:02:59.0935 3816 sffp_sd - ok
11:02:59.0966 3816 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
11:02:59.0966 3816 sfloppy - ok
11:03:00.0341 3816 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
11:03:00.0388 3816 sisagp - ok
11:03:00.0544 3816 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
11:03:00.0560 3816 SiSRaid2 - ok
11:03:00.0903 3816 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
11:03:00.0950 3816 SiSRaid4 - ok
11:03:01.0278 3816 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
11:03:01.0294 3816 Smb - ok
11:03:01.0403 3816 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
11:03:01.0403 3816 spldr - ok
11:03:01.0497 3816 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
11:03:01.0560 3816 srv - ok
11:03:01.0606 3816 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
11:03:01.0606 3816 srv2 - ok
11:03:01.0622 3816 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
11:03:01.0638 3816 srvnet - ok
11:03:01.0685 3816 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
11:03:01.0716 3816 swenum - ok
11:03:01.0778 3816 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
11:03:01.0794 3816 Symc8xx - ok
11:03:02.0169 3816 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
11:03:02.0169 3816 Sym_hi - ok
11:03:02.0294 3816 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
11:03:02.0310 3816 Sym_u3 - ok
11:03:02.0606 3816 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
11:03:02.0638 3816 Tcpip - ok
11:03:02.0872 3816 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
11:03:02.0888 3816 Tcpip6 - ok
11:03:02.0919 3816 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
11:03:02.0935 3816 tcpipreg - ok
11:03:02.0966 3816 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
11:03:02.0981 3816 TDPIPE - ok
11:03:03.0013 3816 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
11:03:03.0028 3816 TDTCP - ok
11:03:03.0075 3816 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
11:03:03.0091 3816 tdx - ok
11:03:03.0138 3816 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
11:03:03.0138 3816 TermDD - ok
11:03:03.0435 3816 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:03:03.0466 3816 tssecsrv - ok
11:03:03.0606 3816 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
11:03:03.0622 3816 tunmp - ok
11:03:03.0794 3816 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
11:03:03.0794 3816 tunnel - ok
11:03:03.0841 3816 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
11:03:03.0856 3816 uagp35 - ok
11:03:03.0935 3816 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
11:03:03.0950 3816 udfs - ok
11:03:04.0013 3816 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
11:03:04.0028 3816 uliagpkx - ok
11:03:04.0075 3816 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
11:03:04.0091 3816 uliahci - ok
11:03:04.0122 3816 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
11:03:04.0122 3816 UlSata - ok
11:03:04.0153 3816 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
11:03:04.0153 3816 ulsata2 - ok
11:03:04.0200 3816 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
11:03:04.0216 3816 umbus - ok
11:03:04.0388 3816 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
11:03:04.0388 3816 usbccgp - ok
11:03:04.0700 3816 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
11:03:04.0731 3816 usbcir - ok
11:03:04.0981 3816 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
11:03:04.0997 3816 usbehci - ok
11:03:05.0185 3816 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
11:03:05.0185 3816 usbhub - ok
11:03:05.0575 3816 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
11:03:05.0591 3816 usbohci - ok
11:03:05.0731 3816 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
11:03:05.0747 3816 usbprint - ok
11:03:05.0841 3816 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
11:03:05.0888 3816 usbscan - ok
11:03:06.0153 3816 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:03:06.0185 3816 USBSTOR - ok
11:03:06.0591 3816 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
11:03:06.0591 3816 usbuhci - ok
11:03:07.0013 3816 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
11:03:07.0044 3816 vga - ok
11:03:07.0138 3816 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
11:03:07.0138 3816 VgaSave - ok
11:03:07.0185 3816 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
11:03:07.0200 3816 viaagp - ok
11:03:07.0419 3816 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
11:03:07.0450 3816 ViaC7 - ok
11:03:07.0653 3816 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
11:03:07.0685 3816 viaide - ok
11:03:07.0731 3816 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
11:03:07.0731 3816 volmgr - ok
11:03:07.0856 3816 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
11:03:07.0872 3816 volmgrx - ok
11:03:08.0060 3816 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
11:03:08.0106 3816 volsnap - ok
11:03:08.0169 3816 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
11:03:08.0185 3816 vsmraid - ok
11:03:08.0294 3816 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
11:03:08.0310 3816 WacomPen - ok
11:03:08.0481 3816 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
11:03:08.0497 3816 Wanarp - ok
11:03:08.0497 3816 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
11:03:08.0513 3816 Wanarpv6 - ok
11:03:08.0606 3816 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
11:03:08.0622 3816 Wd - ok
11:03:08.0872 3816 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
11:03:08.0919 3816 Wdf01000 - ok
11:03:09.0481 3816 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
11:03:09.0513 3816 WmiAcpi - ok
11:03:09.0841 3816 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
11:03:09.0841 3816 WpdUsb - ok
11:03:09.0903 3816 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
11:03:09.0903 3816 ws2ifsl - ok
11:03:09.0981 3816 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:03:09.0981 3816 WUDFRd - ok
11:03:10.0013 3816 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
11:03:10.0075 3816 \Device\Harddisk0\DR0 - ok
11:03:10.0075 3816 Boot (0x1200) (67c9293776c7f71b546012724c093469) \Device\Harddisk0\DR0\Partition0
11:03:10.0075 3816 \Device\Harddisk0\DR0\Partition0 - ok
11:03:10.0075 3816 ============================================================
11:03:10.0075 3816 Scan finished
11:03:10.0075 3816 ============================================================
11:03:10.0106 3808 Detected object count: 0
11:03:10.0106 3808 Actual detected object count: 0
11:16:35.0528 3660 Deinitialize success

Re: rootkit

Napsal: 17 led 2012 11:28
od JaRon
malo by to byt OK
pre istotu vypni obnovu systemu - restart - zapni obnovu a hotovo :)

Re: rootkit

Napsal: 17 led 2012 12:17
od Kopi
ok, dekuji moc :)

Re: rootkit

Napsal: 17 led 2012 13:09
od JaRon
rado sa stalo :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz