MBR sector of the 1. physical disk Win32/Agent.SDG.Gen

Zpráva

Kifik · #1 Příspěvek od **Kifik** » 12 pro 2011 18:52

Ahoj,

dnes ráno jsem zapl notebook a najednou mi NOD hlásí vir. Vůbec netuším jak jsem ho dostal a už vůbec ne jak se dostal do až MBR. Nic neobvyklého jsem nedělal, každopádně koukám, že si na tento virus stěžuje čím dál tím víc lidí.

Nejsem žádný počítačový amatér, ale konkrétně tato problematika jde mimo mě. Byl bych moc rád za každou pomoc ... sám si opravdu nevím rady a návody zde a jinde na internetu se značně liší.

Přikládám log z RSITu, protože jsem vypozoroval, že asi bude třeba

Logfile of random's system information tool 1.09 (written by random/random)
Run by Kifík at 2011-12-12 18:48:28
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 115 GB (49%) free of 235 GB
Total RAM: 8106 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:48:34, on 12.12.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\QIP Infium\infium.exe
C:\Users\Kifík\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Users\Kifík\AppData\Local\RockMelt\Update\1.2.189.1\RockMeltCrashHandler.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Program Files (x86)\Paymo\Paymo.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Users\Kifík\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Kifík\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Kifík\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Kifík\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Kifík\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Kifík\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Kifík\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Kifík\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Kifík\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Kifík\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Kifík\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Users\Kifík\AppData\Local\RockMelt\Application\rockmelt.exe
C:\Program Files\trend micro\Kifík.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.euro.dell.com/content/defau ... l=cs&s=bsd
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www1.euro.dell.com/content/defau ... l=cs&s=bsd
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
O4 - HKLM\..\Run: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Kifík\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [RockMelt Update] "C:\Users\Kifík\AppData\Local\RockMelt\Update\RockMeltUpdate.exe" /c
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [RGSC] D:\Hry\GTA4\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Infium] "C:\Program Files (x86)\QIP Infium\infium.exe" /autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-967542819-3253104675-82975415-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-967542819-3253104675-82975415-1000\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-967542819-3253104675-82975415-1000\..\Run: [RGSC] D:\Hry\GTA4\Rockstar Games Social Club\RGSCLauncher.exe /silent (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-967542819-3253104675-82975415-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: Dropbox.lnk = ?
O4 - Startup: EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
O4 - Startup: Paymo.lnk = C:\Program Files (x86)\Paymo\Paymo.exe
O8 - Extra context menu item: Add to Evernote 4.0 - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{F5012A5A-593B-4A96-A9C5-53921169CD57}: NameServer = 192.168.201.1
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Connectify - Unknown owner - C:\Program Files (x86)\Connectify\ConnectifyService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\nlssrv32.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: RoxMediaDB12OEM - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
O23 - Service: Roxio Hard Drive Watcher 12 (RoxWatch12) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 18180 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
winlogon.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\WLANExt.exe 26305360
\??\C:\Windows\system32\conhost.exe "-483678552-10115936731056767726-4343669248865440492004083578972146214-1497731936
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Program Files (x86)\Connectify\ConnectifyService.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"ConnectifyD.exe"
\??\C:\Windows\system32\conhost.exe "10857750085400268671375937142628925471-1779794027-177823391551325330-966354815
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe"
"C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe"
"C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe"
C:\Windows\SysWOW64\nlssrv32.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
WLIDSvcM.exe 2456
C:\Windows\System32\alg.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
"C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
"C:\Program Files\Dell\QuickSet\quickset.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\Logitech\SetPointP\SetPoint.exe" /launchGaming
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX3
"C:\Windows\WindowsMobile\wmdc.exe"
"C:\Program Files (x86)\Steam\Steam.exe" -silent
C:\Windows\system32\svchost.exe -k WindowsMobile
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE" C:\Users\Kifík
"C:\Program Files (x86)\QIP Infium\infium.exe" /autorun
"C:\Users\Kifík\AppData\Roaming\Dropbox\bin\Dropbox.exe"
"C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE"
"C:\Users\Kifík\AppData\Local\RockMelt\Update\1.2.189.1\RockMeltCrashHandler.exe" /crashhandler
"C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe"
"C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe"
"C:\Program Files (x86)\Paymo\Paymo.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\wbem\unsecapp.exe -Embedding
KHALMNPR.EXE /API
"C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
"C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe" -Embedding
"C:\Program Files\Logitech\SetPointG\SetPointII.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Users\Kifík\AppData\Local\RockMelt\Application\rockmelt.exe"
"C:\Users\Kifík\AppData\Local\RockMelt\Application\rockmelt.exe" --type=extension --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/InstantControl2/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Default_Prefix/WarmSocketImpact/warmest_socket/ --channel=7784.02E17160.286616253 --ignored=" --type=renderer " /prefetch:3
"C:\Users\Kifík\AppData\Local\RockMelt\Application\rockmelt.exe" --type=extension --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/InstantControl2/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Default_Prefix/WarmSocketImpact/warmest_socket/ --channel=7784.02E17580.483591220 --ignored=" --type=renderer " /prefetch:3
"C:\Users\Kifík\AppData\Local\RockMelt\Application\rockmelt.exe" --type=extension --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/InstantControl2/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Default_Prefix/WarmSocketImpact/warmest_socket/ --channel=7784.02E17DC0.1165945544 --ignored=" --type=renderer " /prefetch:3
"C:\Users\Kifík\AppData\Local\RockMelt\Application\rockmelt.exe" --type=extension --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/InstantControl2/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Default_Prefix/WarmSocketImpact/warmest_socket/ --channel=7784.02E17C60.1282858110 --ignored=" --type=renderer " /prefetch:3
"C:\Users\Kifík\AppData\Local\RockMelt\Application\rockmelt.exe" --type=extension --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/InstantControl2/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Default_Prefix/WarmSocketImpact/warmest_socket/ --channel=7784.048C5580.1319116252 --ignored=" --type=renderer " /prefetch:3
"C:\Users\Kifík\AppData\Local\RockMelt\Application\rockmelt.exe" --type=extension --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/InstantControl2/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Default_Prefix/WarmSocketImpact/warmest_socket/ --channel=7784.048C5420.2086995794 --ignored=" --type=renderer " /prefetch:3
"C:\Users\Kifík\AppData\Local\RockMelt\Application\rockmelt.exe" --type=extension --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/InstantControl2/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Default_Prefix/WarmSocketImpact/warmest_socket/ --channel=7784.048C52C0.746881612 --ignored=" --type=renderer " /prefetch:3
"C:\Users\Kifík\AppData\Local\RockMelt\Application\rockmelt.exe" --type=extension --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/InstantControl2/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Default_Prefix/WarmSocketImpact/warmest_socket/ --channel=7784.048C5160.448587957 --ignored=" --type=renderer " /prefetch:3
"C:\Users\Kifík\AppData\Local\RockMelt\Application\rockmelt.exe" --type=extension --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/InstantControl2/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Default_Prefix/WarmSocketImpact/warmest_socket/ --channel=7784.048C5000.1620263260 --ignored=" --type=renderer " /prefetch:3
"C:\Users\Kifík\AppData\Local\RockMelt\Application\rockmelt.exe" --type=plugin --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" --lang=cs --channel=7784.0EF238C0.1110742937 /prefetch:4
"C:\Users\Kifík\AppData\Local\RockMelt\Application\rockmelt.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/InstantControl2/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Default_Prefix/WarmSocketImpact/warmest_socket/ --channel=7784.0B3BF6E0.1934887433 /prefetch:3
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe15_ Global\UsGthrCtrlFltPipeMssGthrPipe15 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"D:\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-967542819-3253104675-82975415-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-967542819-3253104675-82975415-1001UA.job
C:\Windows\tasks\RockMeltUpdateTaskUserS-1-5-21-967542819-3253104675-82975415-1001Core.job
C:\Windows\tasks\RockMeltUpdateTaskUserS-1-5-21-967542819-3253104675-82975415-1001UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 6721936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-06-28 49440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-09-21 3853984]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-12-17 2531624]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-02-12 167960]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-02-12 391704]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-02-12 418328]
"FreeFallProtection"=C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [2010-12-17 686704]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2011-01-24 10355200]
"IntelWireless"=C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [2010-12-17 1933584]
"QuickSet"=c:\Program Files\Dell\QuickSet\QuickSet.exe [2011-01-25 4479648]
"IntelTBRunOnce"=wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs []
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-05-14 2692520]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-10-30 499608]
"LogMeIn GUI"=C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [2011-01-11 57928]
"AutoKMS"=C:\Windows\AutoKMS.exe []
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2011-06-24 1744152]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2011-07-06 7233640]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-06-03 2226280]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]
"NVHotkey"=C:\Windows\system32\nvHotkey.dll [2011-10-15 539456]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Kifík\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-07 136176]
"RockMelt Update"=C:\Users\Kifík\AppData\Local\RockMelt\Update\RockMeltUpdate.exe [2011-07-07 136336]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2011-08-02 1242448]
"RGSC"=D:\Hry\GTA4\Rockstar Games Social Club\RGSCLauncher.exe /silent []
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"Infium"=C:\Program Files (x86)\QIP Infium\infium.exe [2011-05-11 6848384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Connectify]
C:\Program Files (x86)\Connectify\Connectify.exe [2011-09-29 2967368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe [2011-08-19 421736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2011-07-05 421888]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2011-06-06 35736]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"Dell Webcam Central"=C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [2010-08-20 487562]
""= []
"RoxWatchTray"=C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [2010-11-25 240112]
"Desktop Disc Tool"=C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [2010-11-17 514544]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5.5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [2011-01-12 1523360]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2011-04-14 113288]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2011-08-19 421736]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
""C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe""=C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe [2011-10-05 559616]

C:\Users\Kifík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Kifík\AppData\Roaming\Dropbox\bin\Dropbox.exe
EvernoteClipper.lnk - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
Paymo.lnk - C:\Program Files (x86)\Paymo\Paymo.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-01-28 385024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2011-06-17 68376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2010-06-22 253288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 6721936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2011-12-12 18:48:28 ----D---- C:\rsit
2011-12-12 18:48:28 ----D---- C:\Program Files\trend micro
2011-12-05 23:03:09 ----D---- C:\Program Files (x86)\Paymo
2011-12-04 00:18:32 ----A---- C:\STFCC.tmp
2011-12-03 10:23:00 ----D---- C:\Program Files (x86)\Evernote
2011-11-21 10:22:38 ----D---- C:\Windows\system32\Macromed

======List of files/folders modified in the last 1 month======

2011-12-12 18:48:35 ----D---- C:\Windows\Prefetch
2011-12-12 18:48:32 ----D---- C:\Windows\Temp
2011-12-12 18:48:28 ----RD---- C:\Program Files
2011-12-12 16:55:40 ----D---- C:\Users\Kifík\AppData\Roaming\Media Player Classic
2011-12-12 16:55:40 ----D---- C:\Program Files (x86)\Steam
2011-12-12 16:55:39 ----D---- C:\Users\Kifík\AppData\Roaming\uTorrent
2011-12-12 16:55:39 ----D---- C:\Users\Kifík\AppData\Roaming\TS3Client
2011-12-12 16:55:26 ----AD---- C:\Windows
2011-12-12 16:11:55 ----D---- C:\Users\Kifík\AppData\Roaming\Dropbox
2011-12-12 16:11:52 ----A---- C:\Windows\SYSWOW64\log.txt
2011-12-12 16:11:28 ----D---- C:\Program Files (x86)\Dell DataSafe Local Backup
2011-12-12 16:11:15 ----D---- C:\Program Files (x86)\QIP Infium
2011-12-12 16:10:08 ----D---- C:\Windows\system32\config
2011-12-12 16:09:25 ----D---- C:\ProgramData\NVIDIA
2011-12-12 08:30:23 ----D---- C:\Windows\System32
2011-12-12 08:30:23 ----D---- C:\Windows\inf
2011-12-12 08:30:23 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-12-12 08:26:57 ----D---- C:\ProgramData\LogMeIn
2011-12-11 19:36:20 ----SHD---- C:\System Volume Information
2011-12-07 18:29:33 ----D---- C:\ProgramData\Sonic
2011-12-07 14:20:05 ----D---- C:\Windows\system32\Tasks
2011-12-06 09:11:50 ----N---- C:\Windows\system32\MpSigStub.exe
2011-12-05 23:03:09 ----RD---- C:\Program Files (x86)
2011-12-05 20:34:00 ----D---- C:\Users\Kifík\AppData\Roaming\Skype
2011-12-04 18:27:44 ----D---- C:\Program Files\TeamSpeak 3 Client
2011-12-03 17:17:29 ----SHD---- C:\Windows\Installer
2011-12-01 20:35:39 ----RD---- C:\Program Files (x86)\Skype
2011-12-01 18:50:05 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2011-11-30 00:19:49 ----D---- C:\Windows\SysWOW64
2011-11-25 21:17:45 ----D---- C:\Windows\system32\catroot2
2011-11-21 15:19:37 ----D---- C:\Users\Kifík\AppData\Roaming\DAEMON Tools Lite
2011-11-21 15:19:12 ----D---- C:\Windows\Minidump
2011-11-21 15:19:12 ----D---- C:\Windows\Logs
2011-11-21 15:19:12 ----D---- C:\Windows\debug
2011-11-20 13:53:29 ----D---- C:\Windows\SYSWOW64\NV
2011-11-20 13:53:29 ----D---- C:\Windows\system32\NV
2011-11-19 17:10:55 ----D---- C:\Windows\system32\DriverStore
2011-11-19 17:10:55 ----D---- C:\Windows\system32\catroot
2011-11-19 17:10:25 ----D---- C:\Program Files (x86)\NVIDIA Corporation

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2011-01-13 439320]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2011-10-15 28992]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer; C:\Windows\system32\DRIVERS\stdcfltn.sys [2010-08-20 21616]
R1 cnnctfy2;Connectify LightWeight Filter; C:\Windows\system32\DRIVERS\cnnctfy2.sys [2011-10-15 31344]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-08-07 270912]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-05-14 134024]
R1 nvkflt;nvkflt; C:\Windows\system32\DRIVERS\nvkflt.sys [2011-10-15 249152]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-05-14 142776]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2009-05-14 165960]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2009-05-14 44944]
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [2011-01-11 15928]
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\Windows\system32\drivers\LMIRfsDriver.sys [2011-01-11 72216]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120]
R3 Acceler;Accelerometer Service; C:\Windows\system32\DRIVERS\Accelern.sys [2010-12-13 27760]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver; C:\Windows\system32\DRIVERS\CtClsFlt.sys [2010-08-12 175168]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2009-05-14 33608]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-01-28 12273408]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-07-07 2914408]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-16 317440]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2011-04-30 66840]
R3 lmimirr;lmimirr; C:\Windows\system32\DRIVERS\lmimirr.sys [2011-01-11 11552]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2011-04-30 60184]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys [2011-05-01 8593920]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2011-06-10 91648]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2011-06-10 208896]
R3 qicflt;upper Device Filter Driver; C:\Windows\system32\DRIVERS\qicflt.sys [2010-07-13 29288]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-12-17 1404464]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 wdkmd;Intel WiDi KMD; C:\Windows\system32\DRIVERS\WDKMD.sys [2010-12-01 42392]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btmaux;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys [2011-01-24 58128]
S3 btmhsf;btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [2011-01-24 274944]
S3 iBtFltCoex;iBtFltCoex; C:\Windows\system32\DRIVERS\iBtFltCoex.sys [2011-01-24 59904]
S3 Impcd;Impcd; C:\Windows\system32\drivers\Impcd.sys [2010-02-27 158976]
S3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2010-12-15 174168]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2011-05-10 51712]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2006-11-01 151656]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\Windows\system32\drivers\LMIRfsClientNP.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-17 98208]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-05-25 37664]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-01-24 901184]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-01-24 991296]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2011-07-12 387944]
R2 Connectify;Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [2011-09-29 69632]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2009-05-14 731840]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2010-12-17 1515792]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2011-10-07 375176]
R2 LMIMaint;LogMeIn Maintenance Service; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [2011-10-07 147336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-21 325656]
R2 LogMeIn;LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [2011-01-11 407424]
R2 nlsX86cc;Nalpeiron Licensing Service; C:\Windows\SysWOW64\nlssrv32.exe [2011-03-29 66560]
R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-10-15 1640768]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-15 2253120]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2011-10-01 75136]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2011-10-01 189248]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2010-12-17 836880]
R2 SftService;SoftThinks Agent Service; C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-08-18 1692480]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-10-15 381248]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-01-24 1298496]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-08-19 934760]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 RoxWatch12;Roxio Hard Drive Watcher 12; C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-05-14 23296]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2011-06-17 359192]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-17 340240]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM; C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2011-09-09 411432]
S3 stllssvr;stllssvr; C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe [2010-11-08 74392]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-07-07 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 12 pro 2011 18:59

Zdravim a pekny vecer preji

Poprosim i o druhy log z RSIT s nazvem info.txt, je ulozen v c:\rsit

Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe

Utilitu spustte a prikazte ji, at skenuje - klik na Start Scan
Pokud utilita najde infikekci, bude ji chtit lecit (Cure), povolte leceni kliknutim na Continue
Pokud utilita najde podezrely soubor (suspicious), bude jej chtit preskocit (Skip), povolte preskoceni kliknutim na Continue
Po dokonceni skenu bude mozna nutny restart PC, povolte jej kliknutim na Reboot now
Po restartu na Vas vyskoci log, pokud se tak nestane, najdete jej primo na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt - jeho obsah sem vlozte
Pokud restart nebude vyzadovan, kliknete na Close a nasledne na Report - vytvori se log - jeho obsah sem vlozte

Kifik · #3 Příspěvek od **Kifik** » 12 pro 2011 19:09

Taky zdravím a moc děkuji za tak rychlou odpověď.

Zde je výpis z druhého logu RSITu:
info.txt logfile of random's system information tool 1.09 2011-12-12 18:48:36

======Uninstall list======

-->C:\ProgramData\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6}\Fences.exe
-->MsiExec /X{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{88564CEF-20A5-4EF2-A05F-309F2EBA9B06}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{BC12448A-0B41-4E11-B242-B1129512F5B7}\setup.exe" -l0x9
µTorrent-->"C:\Program Files (x86)\uTorrent\uTorrent.exe" /UNINSTALL
AccelerometerP11-->"C:\Program Files (x86)\InstallShield Installation Information\{87434D51-51DB-4109-B68F-A829ECDCF380}\setup.exe" -runfromtemp -l0x0405 -removeonly
Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{ACEB2BAF-96DF-48FD-ADD5-43842D4C443D}
Adobe Community Help-->msiexec /qb /x {3521BDBD-D453-5D9F-AA55-44B75D214629}
Adobe Community Help-->MsiExec.exe /I{3521BDBD-D453-5D9F-AA55-44B75D214629}
Adobe Download Assistant-->msiexec /qb /x {E1845F1C-068C-F8F4-D31D-D3540D47C453}
Adobe Download Assistant-->MsiExec.exe /I{E1845F1C-068C-F8F4-D31D-D3540D47C453}
Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10o_ActiveX.exe -maintain activex
Adobe Flash Player 11 Plugin 64-bit-->C:\Windows\system32\Macromed\Flash\FlashUtil64_11_1_102_Plugin.exe -maintain plugin
Adobe Illustrator CS5.1-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{23767F5D-A80C-4264-B8EA-ED4085FC332A}"
Adobe Photoshop CS5.1-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{9158FF30-78D7-40EF-B83E-451AC5334640}"
Adobe Photoshop Lightroom 3.4.1 64-bit-->MsiExec.exe /I{8BBA6F77-4A79-4E90-BD82-E24669ACF221}
Adobe Reader X (10.1.0) MUI-->MsiExec.exe /I{AC76BA86-7AD7-FFFF-7B44-AA0000000001}
Advanced Audio FX Engine-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{88564CEF-20A5-4EF2-A05F-309F2EBA9B06}\setup.exe" -l0x9 /remove
Aktualizace NVIDIA 1.5.20-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.4\NVI2.DLL",UninstallPackage Display.Update
Alien Skin Bokeh 2-->"C:\Program Files (x86)\Alien Skin\Alien Uninstall.exe" "Bokeh 2"
Alien Skin Exposure 3-->"C:\Program Files (x86)\Alien Skin\Alien Uninstall.exe" "Exposure 3"
Amnesia: The Dark Descent-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/57300
Apple Application Support-->MsiExec.exe /I{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}
Apple Mobile Device Support-->MsiExec.exe /I{439760BC-7737-4386-9B1D-A90A3E8A22EA}
Apple Software Update-->MsiExec.exe /I{C6579A65-9CAE-4B31-8B6B-3306E0630A66}
Bonjour-->MsiExec.exe /X{CA0D2F09-F811-48D4-843E-C87696C6A9D9}
BulletStorm-->MsiExec.exe /I{45410935-B52C-468A-A836-0D1000018201}
Canon Utilities EOS Utility-->"C:\Program Files (x86)\Common Files\Canon\UIW\1.7.0.0\Uninst.exe" "C:\Program Files (x86)\Canon\EOS Utility\Uninst.ini"
Canon Utilities WFT Utility-->"C:\Program Files (x86)\Common Files\Canon\UIW\1.7.0.0\Uninst.exe" "C:\Program Files (x86)\Canon\WFT Utility\Uninst.ini"
CCleaner-->"C:\Program Files (x86)\CCleaner\uninst.exe"
Centrum zařízení Windows Mobile-->MsiExec.exe /X{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}
Connectify-->C:\Program Files (x86)\Connectify\Uninstall.exe
Contextual Tool Yourprofitclub-->C:\Windows\system32\3cef0289.exe
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
DAEMON Tools Lite-->C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe
Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{0DA5C61E-18AE-4BBE-A29B-0BFACADB5C6A}" "1029" "0"
Dell DataSafe Local Backup - Support Software-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}\setup.exe" -l0x5 -removeonly /z"dsu"
Dell DataSafe Local Backup-->"C:\Program Files (x86)\InstallShield Installation Information\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}\setup.exe" -runfromtemp -l0x5 -removeonly
Dell Edoc Viewer-->MsiExec.exe /I{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}
Dell Webcam Central-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{BC12448A-0B41-4E11-B242-B1129512F5B7}\setup.exe" -l0x9 /remove
DirectX 9 Runtime-->MsiExec.exe /I{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}
eReg-->MsiExec.exe /I{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}
ESN Sonar-->C:\Program Files (x86)\Battlelog Web Plugins\Sonar\esnsonar_uninstall.exe
Evernote v. 4.5.2-->MsiExec.exe /X{8CE152BA-1D16-11E1-867D-984BE15F174E}
Fences-->"C:\ProgramData\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6}\Fences.exe" REMOVE=TRUE MODIFY=FALSE
Grand Theft Auto IV-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/12210
Grand Theft Auto IV-->MsiExec.exe /I{5454083B-1308-4485-BF17-1110000D8301}
Grand Theft Auto IV-->MsiExec.exe /I{5454083B-1308-4485-BF17-1110000D8302}
Grand Theft Auto IV-->MsiExec.exe /I{5454083B-1308-4485-BF17-1110000D8303}
HDR Efex Pro-->C:\Program Files\Nik Software\HDR Efex Pro\Uninstall HDR Efex Pro.exe
Heroes of Newerth-->D:\Hry\Heroes of Newerth\uninstall.exe
IcoFX 1.6.4-->"C:\Program Files (x86)\IcoFX 1.6\unins000.exe"
Intel PROSet Wireless-->Intel PROSet Wireless
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Intel(R) Processor Graphics-->C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe -uninstall
Intel(R) Wireless Display-->MsiExec.exe /X{F84906ED-BB54-4889-B131-FED9C9056FC8}
iTunes-->MsiExec.exe /I{997C9EC4-B53D-479D-81B7-0AEC8D174BA1}
Java(TM) 6 Update 24 (64-bit)-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F86416024FF}
Java(TM) 6 Update 29-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216024FF}
JDownloader 0.9-->C:\Program Files (x86)\JDownloader\JDUninstall.exe
Junk Mail filter update-->MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
K-Lite Mega Codec Pack 7.2.0-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe"
Kolor Autopano Giga 2.5-->C:\Program Files (x86)\Kolor\Autopano Giga 2.5\Uninstall.exe
Logitech SetPoint 6.30-->C:\Program Files\Common Files\LogiShrd\sp6_Uninstall\setup.exe
LogMeIn-->MsiExec.exe /I{803259ED-7A67-4CB5-B6D7-281ED371091B}
Magicka-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/42910
Mesh Runtime-->MsiExec.exe /I{8C6D6116-B724-4810-8F2D-D047E6B7D68E}
Messenger Companion-->MsiExec.exe /I{B44F3823-52DD-45CA-A916-8B320778715D}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft .NET Framework 4 Extended-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\Setup.exe /repair /x86 /x64 /parameterfolder Extended
Microsoft .NET Framework 4 Extended-->MsiExec.exe /X{8E34682C-8118-31F1-BC4C-98CD9675E1C2}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{F2508213-9989-4E85-A078-72BE483917EF}
Microsoft Games for Windows Marketplace-->MsiExec.exe /X{4CB0307C-565E-4441-86BE-0DF2E4FB828C}
Microsoft Office 2010 Primary Interop Assemblies-->MsiExec.exe /X{90140000-1105-0000-0000-0000000FF1CE}
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0015-0405-0000-0000000FF1CE}" "{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0016-0405-0000-0000000FF1CE}" "{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0018-0405-0000-0000000FF1CE}" "{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0019-0405-0000-0000000FF1CE}" "{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0405-0000-0000000FF1CE}" "{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001B-0405-0000-0000000FF1CE}" "{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0405-0000-0000000FF1CE}" "{2304F942-79D2-46F7-A512-269A7F5B7EFC}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0407-0000-0000000FF1CE}" "{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0409-0000-0000000FF1CE}" "{99ACCA38-6DD3-48A8-96AE-A283C9759279}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-041B-0000-0000000FF1CE}" "{A162C5E6-7778-4D5B-9F0A-38F0122DD859}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0000-1000-0000000FF1CE}" "{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0405-1000-0000000FF1CE}" "{AB90513B-B892-41B5-8F8B-1D356A449652}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002C-0405-0000-0000000FF1CE}" "{8148DB19-71B1-4415-8B26-DF5B9E873FC3}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0044-0405-0000-0000000FF1CE}" "{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0405-0000-0000000FF1CE}" "{EEF3E2C0-135B-44DC-BEDD-7F01CFBEFF46}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00A1-0405-0000-0000000FF1CE}" "{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00BA-0405-0000-0000000FF1CE}" "{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" "1029" "0"
Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{047B0968-E622-4FAA-9B4B-121FA109EDDE}" "1029" "0"
Microsoft Office Access MUI (Czech) 2010-->MsiExec.exe /X{90140000-0015-0405-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2010-->MsiExec.exe /X{90140000-0016-0405-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2010-->MsiExec.exe /X{90140000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2010-->MsiExec.exe /X{90140000-0044-0405-0000-0000000FF1CE}
Microsoft Office Office 64-bit Components 2010-->MsiExec.exe /X{90140000-002A-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2010-->MsiExec.exe /X{90140000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2010-->MsiExec.exe /X{90140000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2010-->MsiExec.exe /X{90140000-0018-0405-0000-0000000FF1CE}
Microsoft Office Professional Plus 2010-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall PROPLUSR /dll OSETUP.DLL
Microsoft Office Professional Plus 2010-->MsiExec.exe /X{91140000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2010-->MsiExec.exe /X{90140000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2010-->MsiExec.exe /X{90140000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2010-->MsiExec.exe /X{90140000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2010-->MsiExec.exe /X{90140000-002C-0405-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Czech) 2010-->MsiExec.exe /X{90140000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Czech) 2010-->MsiExec.exe /X{90140000-002A-0405-1000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2010-->MsiExec.exe /X{90140000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2010-->MsiExec.exe /X{90140000-001B-0405-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable - KB2467175-->MsiExec.exe /X{a0fe116e-9a8a-466f-aee0-625cb7c207e3}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{071c9b48-7c32-4621-a0ac-3f809523288f}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729-->MsiExec.exe /X{820B6609-4C97-3A2B-B644-573B06A0F0CC}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319-->MsiExec.exe /X{196BB40D-1578-3D01-B289-BEFC77A11A1E}
Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13}
Microsoft XNA Framework Redistributable 3.1-->MsiExec.exe /I{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}
Microsoft XNA Framework Redistributable 4.0-->MsiExec.exe /I{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}
Microsoft_VC80_ATL_x86_x64-->MsiExec.exe /I{925D058B-564A-443A-B4B2-7E90C6432E55}
Microsoft_VC80_ATL_x86-->MsiExec.exe /I{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}
Microsoft_VC80_CRT_x86_x64-->MsiExec.exe /I{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}
Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
Microsoft_VC80_MFC_x86_x64-->MsiExec.exe /I{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}
Microsoft_VC80_MFC_x86-->MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57}
Microsoft_VC80_MFCLOC_x86_x64-->MsiExec.exe /I{1E9FC118-651D-4934-97BE-E53CAE5C7D45}
Microsoft_VC80_MFCLOC_x86-->MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}
Microsoft_VC90_ATL_x86_x64-->MsiExec.exe /I{8557397C-A42D-486F-97B3-A2CBC2372593}
Microsoft_VC90_ATL_x86-->MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}
Microsoft_VC90_CRT_x86_x64-->MsiExec.exe /I{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}
Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403}
Microsoft_VC90_MFC_x86_x64-->MsiExec.exe /I{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}
Microsoft_VC90_MFC_x86-->MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}
Microsoft_VC90_MFCLOC_x86_x64-->MsiExec.exe /I{90BF0360-A1DB-4599-A643-95AB90A52C1E}
Microsoft_VC90_MFCLOC_x86-->MsiExec.exe /I{B6D38690-755E-4F40-A35A-23F8BC2B86AC}
Monitor technologie Intel(R) Turbo Boost 2.0-->MsiExec.exe /X{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}
MSVCRT_amd64-->MsiExec.exe /I{D0B44725-3666-492D-BEF6-587A14BD9BD9}
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MyFonts Order M3192931-->MsiExec.exe /I{A94AB981-4B6D-1110-86BC-8D38A677051C}
NVIDIA 3D Vision Controller Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{714B9C6C-70FC-4750-98E2-61520B906C45}\setup.exe" -runfromtemp -l0x0009 -removeonly
NVIDIA Ovladač 3D Vision 285.62-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.4\NVI2.DLL",UninstallPackage Display.3DVision
NVIDIA Ovladač HD audia 1.2.24.0-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.4\NVI2.DLL",UninstallPackage HDAudio.Driver
NVIDIA Ovladač řídící jednotky 3D Vision 285.62-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.4\NVI2.DLL",UninstallPackage Display.NVIRUSB
NVIDIA Ovladače grafiky 285.62-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.4\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA PhysX-->MsiExec.exe /X{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}
NVIDIA Stereoscopic 3D Driver-->"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask
NVIDIA Systémový software PhysX 9.11.0621-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.3\NVI2.DLL",UninstallPackage Display.PhysX
OpenAL-->"C:\Program Files (x86)\OpenAL\OpenALwEAX.exe" /U
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení-->MsiExec.exe /I{B6190387-0036-4BEB-8D74-A0AFC5F14706}
Paymo 3.0.9-->"C:\Program Files (x86)\Paymo\unins000.exe"
PDF Settings CS5-->MsiExec.exe /I{A78FE97A-C0C8-49CE-89D0-EDD524A17392}
PhotoShowExpress-->MsiExec.exe /I{3250260C-7A95-4632-893B-89657EB5545B}
PunkBuster Services-->C:\Program Files (x86)\Origin Games\Battlefield 3 Beta\pbsvc.exe -u
Quickset64-->MsiExec.exe /I{87CF757E-C1F1-4D22-865C-00C6950B5258}
QuickTime-->MsiExec.exe /I{C9E14402-3631-4182-B377-6B0DFB1C0339}
Rapture3D 2.4.8 Game-->"C:\Program Files (x86)\BRS\unins000.exe"
RBVirtualFolder64Inst-->MsiExec.exe /I{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}
Realtek Ethernet Controller Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
Renesas Electronics USB 3.0 Host Controller Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{5442DAB8-7177-49E1-8B22-09A049EA5996}\setup.exe" -runfromtemp -l0x0405 -removeonly
Renesas Electronics USB 3.0 Host Controller Driver-->MsiExec.exe /X{5442DAB8-7177-49E1-8B22-09A049EA5996}
Roxio Activation Module-->MsiExec.exe /I{A121EEDE-C68F-461D-91AA-D48BA226AF1C}
Roxio BackOnTrack-->MsiExec.exe /I{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}
Roxio Burn-->MsiExec.exe /I{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}
Roxio Creator Starter-->C:\ProgramData\Uninstall\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}\setup.exe /x {6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC} /qb
Roxio Creator Starter-->MsiExec.exe /I{EF56258E-0326-48C5-A86C-3BAC26FC15DF}
Roxio Creator Starter-->MsiExec.exe /I{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}
Roxio Express Labeler 3-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Roxio File Backup-->MsiExec.exe /I{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F66C3466-1FDB-347C-B3AE-FB6C50627B10} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BCD37DCB-F479-3D4D-A90E-A0F7575549C4} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FF811680-AECE-3F35-A98C-1B84B6E09168} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {3162617C-537F-3BB6-8D0C-C6021F442391} /parameterfolder Extended
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {9D621E6E-E010-3C80-A055-135891134750} /parameterfolder Extended
Security Update for Microsoft Excel 2010 (KB2553070)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{294BAA9E-9209-497F-A71F-7E52EFB194D4}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2553091)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{07CA44F3-F5B3-4D12-8C91-EDC5FE91D45C}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2553096)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{10802A6D-EDBF-4383-BCBD-9D5B32F56D35}" "1029" "0"
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0000-1000-0000000FF1CE}" "{337A3FB9-281D-4EC8-9CC1-7F6DDAC2359F}" "1029" "0"
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{337A3FB9-281D-4EC8-9CC1-7F6DDAC2359F}" "1029" "0"
Shared Add-in Extensibility Update for Microsoft .NET Framework 2.0 (KB908002)-->MsiExec.exe /X{09959E11-AD5D-408E-96AF-E3346954D6B8}
Skype Click to Call-->MsiExec.exe /I{B6CF2967-C81E-40C0-9815-C05774FEF120}
Skype™ 5.5-->MsiExec.exe /X{AA59DDE4-B672-4621-A016-4C248204957A}
Software Intel(R) PROSet/Wireless WiFi-->MsiExec /I{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}
Sonic CinePlayer Decoder Pack-->MsiExec.exe /I{9A00EC4E-27E1-42C4-98DD-662F32AC8870}
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Sybase PowerDesigner 15.3-->C:\Program Files (x86)\InstallShield Installation Information\{D88DF8F0-B749-4D26-AFBC-A6E588099793}\setup.exe -runfromtemp -l0x0009 -removeonly
Synaptics Pointing Device Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Team Fortress 2-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/440
TeamSpeak 3 Client-->"C:\Program Files\TeamSpeak 3 Client\uninstall.exe"
The Sims™ 3 Cestovní horečka-->"C:\Program Files (x86)\InstallShield Installation Information\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}\Sims3EP01Setup.exe" -runfromtemp -l0x0005 -removeonly
The Sims™ 3 Domácí mazlíčci-->"C:\Program Files (x86)\InstallShield Installation Information\{C12631C6-804D-4B32-B0DD-8A496462F106}\Sims3EP05Setup.exe" -runfromtemp -l0x0005 -removeonly
The Sims™ 3 Hrátky osudu-->"C:\Program Files (x86)\InstallShield Installation Information\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}\Sims3EP04Setup.exe" -runfromtemp -l0x0005 -removeonly
The Sims™ 3 Povolání snů-->"C:\Program Files (x86)\InstallShield Installation Information\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}\Sims3EP02Setup.exe" -runfromtemp -l0x0005 -removeonly
The Sims™ 3-->"C:\Program Files (x86)\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\setup.exe" -runfromtemp -l0x0005 -removeonly
The Sims™ 3 Po setmění-->"C:\Program Files (x86)\InstallShield Installation Information\{45057FCE-5784-48BE-8176-D9D00AF56C3C}\Sims3EP03Setup.exe" -runfromtemp -l0x0005 -removeonly
Total Commander (Remove or Repair)-->C:\Program Files\Totalcmd\tcuninst.exe
Ubisoft Game Launcher-->"C:\Program Files (x86)\InstallShield Installation Information\{888F1505-C2B3-4FDE-835D-36353EBD4754}\setup.exe" -runfromtemp -l0x0409 -removeonly
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {A45DD0BE-3CD9-3F1E-B233-B90C6983AE77} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client
Update for Microsoft .NET Framework 4 Extended (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Extended
Update for Microsoft .NET Framework 4 Extended (KB2533523)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Extended
Update for Microsoft Office 2010 (KB2494150)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}" "1029" "0"
Update for Microsoft Office 2010 (KB2553065)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{A8686D24-1E89-43A1-973E-05A258D2B3F8}" "1029" "0"
Update for Microsoft Office 2010 (KB2553092)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{7AC49FC8-F8D2-4DD8-9086-09E52385A21F}" "1029" "0"
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{48E1B6C2-7299-4F3F-AA63-42F0ACE55AA4}" "1029" "0"
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0405-0000-0000000FF1CE}" "{6F6FD0B7-2500-41ED-8425-A6AE5958EB52}" "1029" "0"
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{C8694FF0-8203-483B-A07A-2BC40433167D}" "1029" "0"
Update for Microsoft Office 2010 (KB2553455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0000-1000-0000000FF1CE}" "{147E3669-1EA6-454C-B53E-A2BE51D8E520}" "1029" "0"
Update for Microsoft Office 2010 (KB2553455) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{147E3669-1EA6-454C-B53E-A2BE51D8E520}" "1029" "0"
Update for Microsoft Office 2010 (KB2566458)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{EFB525A0-E1C0-4E32-9968-FE401BC87363}" "1029" "0"
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0000-1000-0000000FF1CE}" "{BEBC2484-290C-46AD-9834-6DAD1FA80273}" "1029" "0"
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00A1-0405-0000-0000000FF1CE}" "{3CF6665E-28CD-4EBC-B0C1-34BF7FB09C53}" "1029" "0"
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{BEBC2484-290C-46AD-9834-6DAD1FA80273}" "1029" "0"
Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{29E94638-D92F-4C40-BDA1-FEDCC92F478D}" "1029" "0"
Update for Microsoft Outlook Social Connector (KB2583935)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0405-0000-0000000FF1CE}" "{111B84C3-DACD-4F98-83E9-385598549B2B}" "1029" "0"
Update for Microsoft Outlook Social Connector (KB2583935)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{EDF9874C-9E37-4110-9FC3-094247E114DF}" "1029" "0"
Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}
Windows Live Fotogalerie-->MsiExec.exe /X{FB79FDB7-4DE1-453D-99FE-9A880F57380E}
Windows Live ID Sign-in Assistant-->MsiExec.exe /I{1B8ABA62-74F0-47ED-B18C-A43128E591B8}
Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}
Windows Live Language Selector-->MsiExec.exe /I{D07A61E5-A59C-433C-BCBD-22025FA2287B}
Windows Live Mail-->MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30}
Windows Live Mail-->MsiExec.exe /I{C454280F-3C3E-4929-B60E-9E6CED5717E7}
Windows Live Mesh-->MsiExec.exe /I{80E8C65A-8F70-4585-88A2-ABC54BABD576}
Windows Live Mesh-->MsiExec.exe /I{DECDCB7C-58CC-4865-91AF-627F9798FE48}
Windows Live Messenger Companion Core-->MsiExec.exe /I{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}
Windows Live Messenger-->MsiExec.exe /X{50300123-F8FC-4B50-B449-E847D04F1BA2}
Windows Live Messenger-->MsiExec.exe /X{EB4DF488-AAEF-406F-A341-CB2AAA315B90}
Windows Live MIME IFilter-->MsiExec.exe /I{DA54F80E-261C-41A2-A855-549A144F2F59}
Windows Live Movie Maker-->MsiExec.exe /X{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}
Windows Live Movie Maker-->MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38}
Windows Live Photo Common-->MsiExec.exe /X{78906B56-0E81-42A7-AC25-F54C946E1538}
Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
Windows Live Photo Gallery-->MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1}
Windows Live PIMT Platform-->MsiExec.exe /I{83C292B7-38A5-440B-A731-07070E81A64F}
Windows Live Remote Client Resources-->MsiExec.exe /I{3921492E-82D2-4180-8124-E347AD2F2DB4}
Windows Live Remote Client-->MsiExec.exe /I{DF6D988A-EEA0-4277-AAB8-158E086E439B}
Windows Live Remote Service Resources-->MsiExec.exe /I{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}
Windows Live Remote Service-->MsiExec.exe /I{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}
Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}
Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}
Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
Windows Live Writer Resources-->MsiExec.exe /X{AB78C965-5C67-409B-8433-D7B5BDB12073}
Windows Live Writer-->MsiExec.exe /X{4264C020-850B-4F08-ACBE-98205D9C336C}
Windows Live Writer-->MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04}
Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
WinRAR 4.01 (64-bit)-->C:\Program Files\WinRAR\uninstall.exe
Wunderlist-->MsiExec.exe /X{3031A053-DC97-4D03-9179-BF6F98F63FA2}

======Hosts File======

127.0.0.1 activate.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 practivate.adobe.com

======System event log======

Computer Name: Kifík-PC
Event Code: 7036
Message: Stav služby Server byl změněn na: Spuštěno
Record Number: 19157
Source Name: Service Control Manager
Time Written: 20110809072603.016044-000
Event Type: Informace
User:

Computer Name: Kifík-PC
Event Code: 7036
Message: Stav služby ESET Service byl změněn na: Spuštěno
Record Number: 19156
Source Name: Service Control Manager
Time Written: 20110809072602.657243-000
Event Type: Informace
User:

Computer Name: Kifík-PC
Event Code: 10001
Message: Rozšiřující modul sítě WLAN byl úspěšně spuštěn.

Cesta k modulu: C:\Windows\System32\IWMSSvc.dll

Record Number: 19155
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20110809072602.314042-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: Kifík-PC
Event Code: 7036
Message: Stav služby Pomocná služba protokolu IP byl změněn na: Spuštěno
Record Number: 19154
Source Name: Service Control Manager
Time Written: 20110809072601.859842-000
Event Type: Informace
User:

Computer Name: Kifík-PC
Event Code: 7036
Message: Stav služby Bluetooth OBEX Service byl změněn na: Spuštěno
Record Number: 19153
Source Name: Service Control Manager
Time Written: 20110809072601.469841-000
Event Type: Informace
User:

=====Application event log=====

Computer Name: Kifík-PC
Event Code: 223
Message: WinMail (3500) WindowsMail0: Začíná zálohování souboru protokolu (rozsah C:\Users\Kifík\AppData\Local\Microsoft\Windows Mail\edb00001.log - C:\Users\Kifík\AppData\Local\Microsoft\Windows Mail\edb00001.log).
Record Number: 1250
Source Name: ESENT
Time Written: 20110707140727.000000-000
Event Type: Informace
User:

Computer Name: Kifík-PC
Event Code: 221
Message: WinMail (3500) WindowsMail0: Končí zálohování souboru C:\Users\Kifík\AppData\Local\Microsoft\Windows Mail\WindowsMail.MSMessageStore.
Record Number: 1249
Source Name: ESENT
Time Written: 20110707140727.000000-000
Event Type: Informace
User:

Computer Name: Kifík-PC
Event Code: 220
Message: WinMail (3500) WindowsMail0: Začíná zálohování souboru C:\Users\Kifík\AppData\Local\Microsoft\Windows Mail\WindowsMail.MSMessageStore (velikost 2 Mb).
Record Number: 1248
Source Name: ESENT
Time Written: 20110707140727.000000-000
Event Type: Informace
User:

Computer Name: Kifík-PC
Event Code: 210
Message: WinMail (3500) WindowsMail0: Probíhá spouštění úplného zálohování.
Record Number: 1247
Source Name: ESENT
Time Written: 20110707140727.000000-000
Event Type: Informace
User:

Computer Name: Kifík-PC
Event Code: 102
Message: WinMail (3500) WindowsMail0: Databázový stroj (6.01.7601.0000) spustil novou instanci (0).
Record Number: 1246
Source Name: ESENT
Time Written: 20110707140726.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: Kifík-PC
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 663
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110707141746.005813-000
Event Type: Úspěšný audit
User:

Computer Name: Kifík-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: D5NJ1RQ1$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Typ přihlášení: 5

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x2b4
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 662
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110707141746.005813-000
Event Type: Úspěšný audit
User:

Computer Name: Kifík-PC
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 661
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110707141012.183415-000
Event Type: Úspěšný audit
User:

Computer Name: Kifík-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: D5NJ1RQ1$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Typ přihlášení: 5

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x2b4
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 660
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110707141012.183415-000
Event Type: Úspěšný audit
User:

Computer Name: Kifík-PC
Event Code: 1102
Message: Protokol auditu byl vymazán.
Předmět:
ID zabezpečení: S-1-5-21-967542819-3253104675-82975415-1001
Název účtu: Kifík
Název domény: Kifík-PC
ID přihlášení: 0xc4949
Record Number: 659
Source Name: Microsoft-Windows-Eventlog
Time Written: 20110707140707.105756-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\DLLShared\;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\DLLShared\;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\DLLShared\;C:\Program Files (x86)\Roxio\OEM\AudioCore\;C:\Program Files (x86)\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
"PROCESSOR_REVISION"=2a07
"windows_tracing_logfile"=C:\BVTBin\Tests\installpackage\csilogfile.log
"windows_tracing_flags"=3
"EMC_AUTOPLAY"=C:\Program Files (x86)\Common Files\Roxio Shared\OEM\
"RCAUTOPLAY"=C:\Program Files (x86)\Roxio\OEM\Roxio Central 5\
"BURN_AUTOPLAY"=C:\Program Files (x86)\Roxio\OEM\Roxio Burn\
"asl.log"=Destination=file
"CLASSPATH"=.;C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------

Kifik · #4 Příspěvek od **Kifik** » 12 pro 2011 19:12

Zde je výpis z TDSSKilleru, ale na 2x, protože se nevleze do příspěvku:
19:03:49.0909 4756 TDSS rootkit removing tool 2.6.22.0 Dec 7 2011 13:21:06
19:03:50.0578 4756 ============================================================
19:03:50.0579 4756 Current date / time: 2011/12/12 19:03:50.0578
19:03:50.0579 4756 SystemInfo:
19:03:50.0579 4756
19:03:50.0579 4756 OS Version: 6.1.7601 ServicePack: 1.0
19:03:50.0579 4756 Product type: Workstation
19:03:50.0579 4756 ComputerName: KIFÍK-PC
19:03:50.0579 4756 UserName: Kifík
19:03:50.0579 4756 Windows directory: C:\Windows
19:03:50.0579 4756 System windows directory: C:\Windows
19:03:50.0579 4756 Running under WOW64
19:03:50.0579 4756 Processor architecture: Intel x64
19:03:50.0579 4756 Number of processors: 4
19:03:50.0579 4756 Page size: 0x1000
19:03:50.0579 4756 Boot type: Normal boot
19:03:50.0579 4756 ============================================================
19:03:55.0048 4756 Initialize success
19:04:00.0359 6636 ============================================================
19:04:00.0359 6636 Scan started
19:04:00.0359 6636 Mode: Manual;
19:04:00.0359 6636 ============================================================
19:04:02.0123 6636 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
19:04:02.0148 6636 1394ohci - ok
19:04:02.0190 6636 Acceler (e0065cbf1a25c015c218457d2cd522b9) C:\Windows\system32\DRIVERS\Accelern.sys
19:04:02.0195 6636 Acceler - ok
19:04:02.0215 6636 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:04:02.0223 6636 ACPI - ok
19:04:02.0253 6636 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:04:02.0264 6636 AcpiPmi - ok
19:04:02.0322 6636 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
19:04:02.0351 6636 adp94xx - ok
19:04:02.0386 6636 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
19:04:02.0415 6636 adpahci - ok
19:04:02.0447 6636 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
19:04:02.0474 6636 adpu320 - ok
19:04:02.0538 6636 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
19:04:02.0556 6636 AFD - ok
19:04:02.0581 6636 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:04:02.0599 6636 agp440 - ok
19:04:02.0628 6636 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:04:02.0640 6636 aliide - ok
19:04:02.0690 6636 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:04:02.0702 6636 amdide - ok
19:04:02.0741 6636 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
19:04:02.0753 6636 AmdK8 - ok
19:04:02.0764 6636 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
19:04:02.0775 6636 AmdPPM - ok
19:04:02.0828 6636 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
19:04:02.0852 6636 amdsata - ok
19:04:02.0876 6636 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
19:04:02.0893 6636 amdsbs - ok
19:04:02.0917 6636 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
19:04:02.0929 6636 amdxata - ok
19:04:02.0957 6636 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:04:02.0970 6636 AppID - ok
19:04:03.0024 6636 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
19:04:03.0039 6636 arc - ok
19:04:03.0076 6636 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
19:04:03.0079 6636 arcsas - ok
19:04:03.0116 6636 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:04:03.0129 6636 AsyncMac - ok
19:04:03.0164 6636 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:04:03.0177 6636 atapi - ok
19:04:03.0233 6636 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
19:04:03.0241 6636 b06bdrv - ok
19:04:03.0259 6636 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:04:03.0274 6636 b57nd60a - ok
19:04:03.0307 6636 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:04:03.0309 6636 Beep - ok
19:04:03.0341 6636 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
19:04:03.0354 6636 blbdrive - ok
19:04:03.0416 6636 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:04:03.0438 6636 bowser - ok
19:04:03.0468 6636 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
19:04:03.0471 6636 BrFiltLo - ok
19:04:03.0480 6636 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
19:04:03.0482 6636 BrFiltUp - ok
19:04:03.0501 6636 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:04:03.0518 6636 Brserid - ok
19:04:03.0527 6636 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:04:03.0539 6636 BrSerWdm - ok
19:04:03.0551 6636 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:04:03.0562 6636 BrUsbMdm - ok
19:04:03.0572 6636 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:04:03.0573 6636 BrUsbSer - ok
19:04:03.0610 6636 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
19:04:03.0626 6636 BthEnum - ok
19:04:03.0646 6636 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
19:04:03.0658 6636 BTHMODEM - ok
19:04:03.0684 6636 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
19:04:03.0687 6636 BthPan - ok
19:04:03.0727 6636 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
19:04:03.0733 6636 BTHPORT - ok
19:04:03.0765 6636 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
19:04:03.0765 6636 BTHUSB - ok
19:04:03.0794 6636 btmaux (ba554bfcbf21201d310738a42c9c19e1) C:\Windows\system32\DRIVERS\btmaux.sys
19:04:03.0798 6636 btmaux - ok
19:04:03.0826 6636 btmhsf (0010a54571f525a97eed8c091e96eaa9) C:\Windows\system32\DRIVERS\btmhsf.sys
19:04:03.0841 6636 btmhsf - ok
19:04:03.0860 6636 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:04:03.0863 6636 cdfs - ok
19:04:03.0887 6636 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
19:04:03.0902 6636 cdrom - ok
19:04:03.0931 6636 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
19:04:03.0933 6636 circlass - ok
19:04:03.0965 6636 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:04:03.0992 6636 CLFS - ok
19:04:04.0049 6636 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
19:04:04.0060 6636 CmBatt - ok
19:04:04.0081 6636 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:04:04.0093 6636 cmdide - ok
19:04:04.0125 6636 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
19:04:04.0146 6636 CNG - ok
19:04:04.0194 6636 cnnctfy2 (040ff3b09f26926a3792e047db0f47dd) C:\Windows\system32\DRIVERS\cnnctfy2.sys
19:04:04.0198 6636 cnnctfy2 - ok
19:04:04.0227 6636 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
19:04:04.0230 6636 Compbatt - ok
19:04:04.0261 6636 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
19:04:04.0264 6636 CompositeBus - ok
19:04:04.0315 6636 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
19:04:04.0319 6636 crcdisk - ok
19:04:04.0381 6636 CtClsFlt (fbe228abeab2be13b9c3a3a112d4d8dc) C:\Windows\system32\DRIVERS\CtClsFlt.sys
19:04:04.0396 6636 CtClsFlt - ok
19:04:04.0424 6636 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:04:04.0428 6636 DfsC - ok
19:04:04.0452 6636 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:04:04.0473 6636 discache - ok
19:04:04.0506 6636 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
19:04:04.0520 6636 Disk - ok
19:04:04.0561 6636 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:04:04.0572 6636 drmkaud - ok
19:04:04.0649 6636 dtsoftbus01 (d3d64cf7b2bceaa34a270f45a3fffb36) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
19:04:04.0661 6636 dtsoftbus01 - ok
19:04:04.0704 6636 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:04:04.0729 6636 DXGKrnl - ok
19:04:04.0787 6636 eamon (55851f4864f8ad6e98b02307eca29db4) C:\Windows\system32\DRIVERS\eamon.sys
19:04:04.0802 6636 eamon - ok
19:04:04.0889 6636 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
19:04:04.0999 6636 ebdrv - ok
19:04:05.0057 6636 ehdrv (62c96b617ac7c4c8a9c29d57a36aa874) C:\Windows\system32\DRIVERS\ehdrv.sys
19:04:05.0071 6636 ehdrv - ok
19:04:05.0129 6636 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
19:04:05.0139 6636 elxstor - ok
19:04:05.0175 6636 epfw (9c4476159ccdef1a9b3f91dc580f1c46) C:\Windows\system32\DRIVERS\epfw.sys
19:04:05.0195 6636 epfw - ok
19:04:05.0233 6636 Epfwndis (34f666bf6387210034e4bcc5be6a3e45) C:\Windows\system32\DRIVERS\Epfwndis.sys
19:04:05.0255 6636 Epfwndis - ok
19:04:05.0301 6636 epfwwfp (bf2cb1efb98a888d6f676683cd48936f) C:\Windows\system32\DRIVERS\epfwwfp.sys
19:04:05.0325 6636 epfwwfp - ok
19:04:05.0347 6636 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:04:05.0363 6636 ErrDev - ok
19:04:05.0407 6636 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:04:05.0429 6636 exfat - ok
19:04:05.0468 6636 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:04:05.0491 6636 fastfat - ok
19:04:05.0542 6636 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
19:04:05.0565 6636 fdc - ok
19:04:05.0612 6636 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:04:05.0625 6636 FileInfo - ok
19:04:05.0647 6636 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:04:05.0662 6636 Filetrace - ok
19:04:05.0693 6636 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
19:04:05.0697 6636 flpydisk - ok
19:04:05.0731 6636 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:04:05.0762 6636 FltMgr - ok
19:04:05.0788 6636 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:04:05.0800 6636 FsDepends - ok
19:04:05.0833 6636 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
19:04:05.0847 6636 Fs_Rec - ok
19:04:05.0875 6636 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:04:05.0901 6636 fvevol - ok
19:04:05.0933 6636 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
19:04:05.0964 6636 gagp30kx - ok
19:04:06.0004 6636 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:04:06.0007 6636 GEARAspiWDM - ok
19:04:06.0042 6636 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:04:06.0045 6636 hcw85cir - ok
19:04:06.0102 6636 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
19:04:06.0109 6636 HdAudAddService - ok
19:04:06.0157 6636 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:04:06.0161 6636 HDAudBus - ok
19:04:06.0193 6636 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
19:04:06.0214 6636 HidBatt - ok
19:04:06.0254 6636 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
19:04:06.0268 6636 HidBth - ok
19:04:06.0313 6636 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
19:04:06.0334 6636 HidIr - ok
19:04:06.0384 6636 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
19:04:06.0396 6636 HidUsb - ok
19:04:06.0432 6636 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:04:06.0435 6636 HpSAMD - ok
19:04:06.0479 6636 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:04:06.0496 6636 HTTP - ok
19:04:06.0539 6636 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:04:06.0551 6636 hwpolicy - ok
19:04:06.0594 6636 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
19:04:06.0606 6636 i8042prt - ok
19:04:06.0651 6636 iaStor (d469b77687e12fe43e344806740b624d) C:\Windows\system32\drivers\iaStor.sys
19:04:06.0654 6636 iaStor - ok
19:04:06.0701 6636 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
19:04:06.0719 6636 iaStorV - ok
19:04:06.0767 6636 iBtFltCoex (50b8ab6013ef9970ac85fdba0f622300) C:\Windows\system32\DRIVERS\iBtFltCoex.sys
19:04:06.0770 6636 iBtFltCoex - ok
19:04:06.0992 6636 igfx (efe5a0af39a8e179624117c521f1e012) C:\Windows\system32\DRIVERS\igdkmd64.sys
19:04:07.0202 6636 igfx - ok
19:04:07.0242 6636 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
19:04:07.0245 6636 iirsp - ok
19:04:07.0295 6636 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\drivers\Impcd.sys
19:04:07.0301 6636 Impcd - ok
19:04:07.0388 6636 IntcAzAudAddService (028e40182a6f0374978c755f85b9f07c) C:\Windows\system32\drivers\RTKVHD64.sys
19:04:07.0481 6636 IntcAzAudAddService - ok
19:04:07.0537 6636 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
19:04:07.0553 6636 IntcDAud - ok
19:04:07.0596 6636 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:04:07.0599 6636 intelide - ok
19:04:07.0629 6636 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:04:07.0641 6636 intelppm - ok
19:04:07.0674 6636 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:04:07.0677 6636 IpFilterDriver - ok
19:04:07.0716 6636 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:04:07.0720 6636 IPMIDRV - ok
19:04:07.0753 6636 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:04:07.0767 6636 IPNAT - ok
19:04:07.0819 6636 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:04:07.0821 6636 IRENUM - ok
19:04:07.0860 6636 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:04:07.0872 6636 isapnp - ok
19:04:07.0927 6636 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:04:07.0943 6636 iScsiPrt - ok
19:04:08.0009 6636 JMCR (e56417c56b6a7316b6f527c890a1860d) C:\Windows\system32\DRIVERS\jmcr.sys
19:04:08.0012 6636 JMCR - ok
19:04:08.0048 6636 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
19:04:08.0051 6636 kbdclass - ok
19:04:08.0076 6636 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
19:04:08.0079 6636 kbdhid - ok
19:04:08.0122 6636 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
19:04:08.0127 6636 KSecDD - ok
19:04:08.0169 6636 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
19:04:08.0174 6636 KSecPkg - ok
19:04:08.0198 6636 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:04:08.0212 6636 ksthunk - ok
19:04:08.0276 6636 LHidFilt (1074c77a47835e03c15bf92452f9a750) C:\Windows\system32\DRIVERS\LHidFilt.Sys
19:04:08.0289 6636 LHidFilt - ok
19:04:08.0319 6636 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:04:08.0333 6636 lltdio - ok
19:04:08.0467 6636 LMIInfo (0317335b15ff3bda8e10197e3434cfc0) C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
19:04:08.0468 6636 LMIInfo - ok
19:04:08.0505 6636 lmimirr (413ecdcfad9a82804d3674c8d7eec24e) C:\Windows\system32\DRIVERS\lmimirr.sys
19:04:08.0518 6636 lmimirr - ok
19:04:08.0538 6636 LMIRfsClientNP - ok
19:04:08.0569 6636 LMIRfsDriver (c57d3faa50e6f395759ffb7c709bd944) C:\Windows\system32\drivers\LMIRfsDriver.sys
19:04:08.0601 6636 LMIRfsDriver - ok
19:04:08.0638 6636 LMouFilt (96999c364c649e2866a268f7420a304a) C:\Windows\system32\DRIVERS\LMouFilt.Sys
19:04:08.0651 6636 LMouFilt - ok
19:04:08.0732 6636 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
19:04:08.0747 6636 LSI_FC - ok
19:04:08.0785 6636 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
19:04:08.0799 6636 LSI_SAS - ok
19:04:08.0829 6636 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
19:04:08.0846 6636 LSI_SAS2 - ok
19:04:08.0879 6636 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
19:04:08.0892 6636 LSI_SCSI - ok
19:04:08.0942 6636 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:04:08.0946 6636 luafv - ok
19:04:08.0981 6636 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
19:04:09.0003 6636 megasas - ok
19:04:09.0045 6636 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
19:04:09.0063 6636 MegaSR - ok
19:04:09.0121 6636 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
19:04:09.0122 6636 MEIx64 - ok
19:04:09.0173 6636 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:04:09.0176 6636 Modem - ok
19:04:09.0212 6636 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:04:09.0224 6636 monitor - ok
19:04:09.0267 6636 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
19:04:09.0270 6636 mouclass - ok
19:04:09.0313 6636 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
19:04:09.0316 6636 mouhid - ok
19:04:09.0356 6636 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
19:04:09.0370 6636 mountmgr - ok
19:04:09.0408 6636 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
19:04:09.0416 6636 mpio - ok
19:04:09.0444 6636 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:04:09.0457 6636 mpsdrv - ok
19:04:09.0493 6636 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
19:04:09.0498 6636 MRxDAV - ok
19:04:09.0535 6636 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:04:09.0540 6636 mrxsmb - ok
19:04:09.0598 6636 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:04:09.0622 6636 mrxsmb10 - ok
19:04:09.0649 6636 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:04:09.0662 6636 mrxsmb20 - ok
19:04:09.0702 6636 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
19:04:09.0714 6636 msahci - ok
19:04:09.0768 6636 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
19:04:09.0782 6636 msdsm - ok
19:04:09.0818 6636 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:04:09.0820 6636 Msfs - ok
19:04:09.0851 6636 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:04:09.0853 6636 mshidkmdf - ok
19:04:09.0879 6636 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:04:09.0891 6636 msisadrv - ok
19:04:09.0939 6636 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:04:09.0941 6636 MSKSSRV - ok
19:04:09.0974 6636 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:04:09.0977 6636 MSPCLOCK - ok
19:04:10.0003 6636 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:04:10.0015 6636 MSPQM - ok
19:04:10.0042 6636 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
19:04:10.0050 6636 MsRPC - ok
19:04:10.0083 6636 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
19:04:10.0086 6636 mssmbios - ok
19:04:10.0116 6636 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:04:10.0118 6636 MSTEE - ok
19:04:10.0154 6636 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
19:04:10.0156 6636 MTConfig - ok
19:04:10.0192 6636 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:04:10.0205 6636 Mup - ok
19:04:10.0268 6636 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:04:10.0296 6636 NativeWifiP - ok
19:04:10.0356 6636 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
19:04:10.0398 6636 NDIS - ok
19:04:10.0446 6636 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:04:10.0463 6636 NdisCap - ok
19:04:10.0510 6636 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:04:10.0513 6636 NdisTapi - ok
19:04:10.0547 6636 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
19:04:10.0551 6636 Ndisuio - ok
19:04:10.0575 6636 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
19:04:10.0589 6636 NdisWan - ok
19:04:10.0623 6636 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
19:04:10.0645 6636 NDProxy - ok
19:04:10.0675 6636 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:04:10.0688 6636 NetBIOS - ok
19:04:10.0719 6636 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
19:04:10.0737 6636 NetBT - ok
19:04:10.0918 6636 NETwNs64 (ac69618de5bcce8747c9ab0aae1003c1) C:\Windows\system32\DRIVERS\NETwNs64.sys
19:04:11.0059 6636 NETwNs64 - ok
19:04:11.0101 6636 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
19:04:11.0123 6636 nfrd960 - ok
19:04:11.0180 6636 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:04:11.0192 6636 Npfs - ok
19:04:11.0220 6636 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:04:11.0236 6636 nsiproxy - ok
19:04:11.0318 6636 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
19:04:11.0345 6636 Ntfs - ok
19:04:11.0375 6636 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:04:11.0386 6636 Null - ok
19:04:11.0444 6636 nusb3hub (9a33100ac62a0463c49e47ee8e77083a) C:\Windows\system32\DRIVERS\nusb3hub.sys
19:04:11.0457 6636 nusb3hub - ok
19:04:11.0489 6636 nusb3xhc (87c321f7bee646b7ec6eedd6eb725741) C:\Windows\system32\DRIVERS\nusb3xhc.sys
19:04:11.0497 6636 nusb3xhc - ok
19:04:11.0552 6636 nvkflt (63bcd806f51c31159193697f306feb7f) C:\Windows\system32\DRIVERS\nvkflt.sys
19:04:11.0562 6636 nvkflt - ok
19:04:11.0784 6636 nvlddmkm (b15258b1f45f9571758ac6bb2f043b01) C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:04:12.0005 6636 nvlddmkm - ok
19:04:12.0060 6636 nvpciflt (682ea9ed3399d6066f0daecf7938727e) C:\Windows\system32\DRIVERS\nvpciflt.sys
19:04:12.0073 6636 nvpciflt - ok
19:04:12.0134 6636 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
19:04:12.0149 6636 nvraid - ok
19:04:12.0194 6636 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
19:04:12.0218 6636 nvstor - ok
19:04:12.0265 6636 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:04:12.0278 6636 nv_agp - ok
19:04:12.0312 6636 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:04:12.0325 6636 ohci1394 - ok
19:04:12.0431 6636 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
19:04:12.0443 6636 Parport - ok
19:04:12.0474 6636 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
19:04:12.0486 6636 partmgr - ok
19:04:12.0530 6636 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
19:04:12.0555 6636 pci - ok
19:04:12.0585 6636 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:04:12.0598 6636 pciide - ok
19:04:12.0640 6636 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
19:04:12.0656 6636 pcmcia - ok
19:04:12.0685 6636 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:04:12.0698 6636 pcw - ok
19:04:12.0740 6636 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:04:12.0759 6636 PEAUTH - ok
19:04:12.0827 6636 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
19:04:12.0857 6636 PptpMiniport - ok
19:04:12.0896 6636 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
19:04:12.0908 6636 Processor - ok
19:04:12.0957 6636 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
19:04:12.0972 6636 Psched - ok
19:04:13.0017 6636 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
19:04:13.0030 6636 PxHlpa64 - ok
19:04:13.0076 6636 qicflt (0928bd20273625622722fe1de5bbde57) C:\Windows\system32\DRIVERS\qicflt.sys
19:04:13.0079 6636 qicflt - ok
19:04:13.0146 6636 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
19:04:13.0173 6636 ql2300 - ok
19:04:13.0214 6636 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
19:04:13.0218 6636 ql40xx - ok
19:04:13.0251 6636 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:04:13.0264 6636 QWAVEdrv - ok
19:04:13.0284 6636 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:04:13.0296 6636 RasAcd - ok
19:04:13.0344 6636 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:04:13.0363 6636 RasAgileVpn - ok
19:04:13.0390 6636 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:04:13.0412 6636 Rasl2tp - ok
19:04:13.0454 6636 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:04:13.0458 6636 RasPppoe - ok
19:04:13.0487 6636 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:04:13.0500 6636 RasSstp - ok
19:04:13.0540 6636 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
19:04:13.0547 6636 rdbss - ok
19:04:13.0578 6636 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
19:04:13.0598 6636 rdpbus - ok
19:04:13.0625 6636 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:04:13.0627 6636 RDPCDD - ok
19:04:13.0650 6636 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:04:13.0652 6636 RDPENCDD - ok
19:04:13.0680 6636 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:04:13.0683 6636 RDPREFMP - ok
19:04:13.0721 6636 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
19:04:13.0738 6636 RDPWD - ok
19:04:13.0774 6636 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
19:04:13.0782 6636 rdyboost - ok
19:04:13.0843 6636 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
19:04:13.0859 6636 RFCOMM - ok
19:04:13.0909 6636 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:04:13.0921 6636 rspndr - ok
19:04:13.0974 6636 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
19:04:13.0980 6636 RTL8167 - ok
19:04:14.0018 6636 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
19:04:14.0031 6636 sbp2port - ok
19:04:14.0065 6636 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
19:04:14.0076 6636 scfilter - ok
19:04:14.0127 6636 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
19:04:14.0130 6636 sdbus - ok
19:04:14.0166 6636 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:04:14.0178 6636 secdrv - ok
19:04:14.0221 6636 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
19:04:14.0233 6636 Serenum - ok
19:04:14.0273 6636 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
19:04:14.0311 6636 Serial - ok
19:04:14.0344 6636 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
19:04:14.0359 6636 sermouse - ok
19:04:14.0423 6636 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
19:04:14.0438 6636 sffdisk - ok
19:04:14.0472 6636 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:04:14.0486 6636 sffp_mmc - ok
19:04:14.0514 6636 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\DRIVERS\sffp_sd.sys
19:04:14.0517 6636 sffp_sd - ok
19:04:14.0546 6636 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
19:04:14.0557 6636 sfloppy - ok
19:04:14.0588 6636 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
19:04:14.0613 6636 SiSRaid2 - ok
19:04:14.0653 6636 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
19:04:14.0667 6636 SiSRaid4 - ok
19:04:14.0704 6636 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:04:14.0708 6636 Smb - ok
19:04:14.0740 6636 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:04:14.0753 6636 spldr - ok
19:04:14.0794 6636 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
19:04:14.0827 6636 srv - ok
19:04:14.0863 6636 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
19:04:14.0882 6636 srv2 - ok
19:04:14.0926 6636 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
19:04:14.0931 6636 srvnet - ok
19:04:14.0985 6636 stdcfltn (92e7f6666633d2dd91d527503daa7be0) C:\Windows\system32\DRIVERS\stdcfltn.sys
19:04:14.0988 6636 stdcfltn - ok
19:04:15.0040 6636 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
19:04:15.0043 6636 stexstor - ok
19:04:15.0084 6636 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
19:04:15.0096 6636 swenum - ok
19:04:15.0161 6636 SynTP (b0c7d4dcf4800df2f2145b500d0161e8) C:\Windows\system32\DRIVERS\SynTP.sys
19:04:15.0205 6636 SynTP - ok
19:04:15.0285 6636 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
19:04:15.0358 6636 Tcpip - ok
19:04:15.0414 6636 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
19:04:15.0422 6636 TCPIP6 - ok

#5 Příspěvek od **vyosek** » 12 pro 2011 19:12

Nedavejte prosim logy do code - spatne se to lusti a boli z toho oci - code slouzi radcum pro skripty - ty neni treba lustit

Kifik · #6 Příspěvek od **Kifik** » 12 pro 2011 19:14

Omlouvám se

Už nebudu používát CODE

Zde je zbytek logu:

19:04:15.0469 6636 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
19:04:15.0473 6636 tcpipreg - ok
19:04:15.0505 6636 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:04:15.0517 6636 TDPIPE - ok
19:04:15.0553 6636 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
19:04:15.0563 6636 TDTCP - ok
19:04:15.0594 6636 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
19:04:15.0609 6636 tdx - ok
19:04:15.0645 6636 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
19:04:15.0658 6636 TermDD - ok
19:04:15.0707 6636 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:04:15.0711 6636 tssecsrv - ok
19:04:15.0750 6636 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
19:04:15.0772 6636 TsUsbFlt - ok
19:04:15.0801 6636 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
19:04:15.0803 6636 TsUsbGD - ok
19:04:15.0848 6636 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
19:04:15.0862 6636 tunnel - ok
19:04:15.0911 6636 TurboB (fd24f98d2898be093fe926604be7db99) C:\Windows\system32\DRIVERS\TurboB.sys
19:04:15.0914 6636 TurboB - ok
19:04:15.0953 6636 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
19:04:15.0966 6636 uagp35 - ok
19:04:16.0003 6636 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
19:04:16.0009 6636 udfs - ok
19:04:16.0051 6636 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:04:16.0064 6636 uliagpkx - ok
19:04:16.0102 6636 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
19:04:16.0116 6636 umbus - ok
19:04:16.0149 6636 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
19:04:16.0162 6636 UmPass - ok
19:04:16.0224 6636 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
19:04:16.0238 6636 USBAAPL64 - ok
19:04:16.0289 6636 usbccgp (19ad7990c0b67e48dac5b26f99628223) C:\Windows\system32\DRIVERS\usbccgp.sys
19:04:16.0302 6636 usbccgp - ok
19:04:16.0330 6636 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
19:04:16.0334 6636 usbcir - ok
19:04:16.0373 6636 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
19:04:16.0385 6636 usbehci - ok
19:04:16.0423 6636 usbhub (8b892002d7b79312821169a14317ab86) C:\Windows\system32\DRIVERS\usbhub.sys
19:04:16.0441 6636 usbhub - ok
19:04:16.0477 6636 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
19:04:16.0489 6636 usbohci - ok
19:04:16.0531 6636 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
19:04:16.0543 6636 usbprint - ok
19:04:16.0585 6636 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:04:16.0586 6636 USBSTOR - ok
19:04:16.0621 6636 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
19:04:16.0623 6636 usbuhci - ok
19:04:16.0695 6636 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
19:04:16.0710 6636 usbvideo - ok
19:04:16.0738 6636 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:04:16.0759 6636 vdrvroot - ok
19:04:16.0809 6636 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:04:16.0812 6636 vga - ok
19:04:16.0850 6636 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:04:16.0867 6636 VgaSave - ok
19:04:16.0904 6636 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
19:04:16.0920 6636 vhdmp - ok
19:04:16.0955 6636 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:04:16.0966 6636 viaide - ok
19:04:16.0998 6636 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
19:04:17.0019 6636 volmgr - ok
19:04:17.0055 6636 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
19:04:17.0062 6636 volmgrx - ok
19:04:17.0087 6636 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
19:04:17.0112 6636 volsnap - ok
19:04:17.0157 6636 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
19:04:17.0172 6636 vsmraid - ok
19:04:17.0210 6636 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
19:04:17.0224 6636 vwifibus - ok
19:04:17.0248 6636 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
19:04:17.0251 6636 vwififlt - ok
19:04:17.0296 6636 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
19:04:17.0309 6636 vwifimp - ok
19:04:17.0345 6636 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
19:04:17.0348 6636 WacomPen - ok
19:04:17.0378 6636 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:04:17.0390 6636 WANARP - ok
19:04:17.0394 6636 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:04:17.0395 6636 Wanarpv6 - ok
19:04:17.0449 6636 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
19:04:17.0452 6636 Wd - ok
19:04:17.0496 6636 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:04:17.0519 6636 Wdf01000 - ok
19:04:17.0565 6636 wdkmd (94dc2bf6cbaaa95e369c3756d3115a76) C:\Windows\system32\DRIVERS\WDKMD.sys
19:04:17.0568 6636 wdkmd - ok
19:04:17.0609 6636 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:04:17.0621 6636 WfpLwf - ok
19:04:17.0675 6636 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
19:04:17.0692 6636 WimFltr - ok
19:04:17.0729 6636 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:04:17.0741 6636 WIMMount - ok
19:04:17.0808 6636 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
19:04:17.0821 6636 WinUsb - ok
19:04:17.0871 6636 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
19:04:17.0882 6636 WmiAcpi - ok
19:04:17.0936 6636 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:04:17.0948 6636 ws2ifsl - ok
19:04:17.0987 6636 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
19:04:18.0002 6636 WudfPf - ok
19:04:18.0052 6636 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:04:18.0067 6636 WUDFRd - ok
19:04:18.0102 6636 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
19:04:18.0112 6636 \Device\Harddisk0\DR0 - ok
19:04:18.0400 6636 MBR (0x1B8) (95143c9843fa5b9e6624f0a766576462) \Device\Harddisk1\DR1
19:04:18.0401 6636 \Device\Harddisk1\DR1 ( Rootkit.Boot.Wistler.a ) - infected
19:04:18.0401 6636 \Device\Harddisk1\DR1 - detected Rootkit.Boot.Wistler.a (0)
19:04:18.0408 6636 Boot (0x1200) (c551b8ed463f7ad3b144425d60fbfd8c) \Device\Harddisk0\DR0\Partition0
19:04:18.0410 6636 \Device\Harddisk0\DR0\Partition0 - ok
19:04:18.0425 6636 Boot (0x1200) (27108033eca6ddbd34f94e7e0ad5b041) \Device\Harddisk0\DR0\Partition1
19:04:18.0427 6636 \Device\Harddisk0\DR0\Partition1 - ok
19:04:18.0449 6636 Boot (0x1200) (464ca9e57ee578176b93216d7534e24e) \Device\Harddisk0\DR0\Partition2
19:04:18.0450 6636 \Device\Harddisk0\DR0\Partition2 - ok
19:04:18.0453 6636 Boot (0x1200) (0c16cc1111834cf468e2839998b7d66b) \Device\Harddisk1\DR1\Partition0
19:04:18.0454 6636 \Device\Harddisk1\DR1\Partition0 - ok
19:04:18.0455 6636 ============================================================
19:04:18.0455 6636 Scan finished
19:04:18.0455 6636 ============================================================
19:04:18.0464 7300 Detected object count: 1
19:04:18.0464 7300 Actual detected object count: 1
19:04:33.0505 7300 \Device\Harddisk1\DR1 - processing error
19:05:48.0468 7300 \Device\Harddisk1\DR1 ( Rootkit.Boot.Wistler.a ) - User select action: Cure
19:05:50.0127 8884 ============================================================
19:05:50.0127 8884 Scan started
19:05:50.0128 8884 Mode: Manual;
19:05:50.0128 8884 ============================================================
19:05:50.0509 8884 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
19:05:50.0511 8884 1394ohci - ok
19:05:50.0552 8884 Acceler (e0065cbf1a25c015c218457d2cd522b9) C:\Windows\system32\DRIVERS\Accelern.sys
19:05:50.0553 8884 Acceler - ok
19:05:50.0585 8884 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:05:50.0587 8884 ACPI - ok
19:05:50.0623 8884 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:05:50.0623 8884 AcpiPmi - ok
19:05:50.0667 8884 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
19:05:50.0670 8884 adp94xx - ok
19:05:50.0695 8884 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
19:05:50.0696 8884 adpahci - ok
19:05:50.0726 8884 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
19:05:50.0727 8884 adpu320 - ok
19:05:50.0767 8884 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
19:05:50.0771 8884 AFD - ok
19:05:50.0795 8884 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:05:50.0795 8884 agp440 - ok
19:05:50.0808 8884 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:05:50.0808 8884 aliide - ok
19:05:50.0819 8884 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:05:50.0820 8884 amdide - ok
19:05:50.0830 8884 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
19:05:50.0831 8884 AmdK8 - ok
19:05:50.0841 8884 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
19:05:50.0842 8884 AmdPPM - ok
19:05:50.0868 8884 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
19:05:50.0869 8884 amdsata - ok
19:05:50.0882 8884 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
19:05:50.0884 8884 amdsbs - ok
19:05:50.0907 8884 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
19:05:50.0908 8884 amdxata - ok
19:05:50.0920 8884 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:05:50.0921 8884 AppID - ok
19:05:50.0935 8884 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
19:05:50.0937 8884 arc - ok
19:05:50.0959 8884 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
19:05:50.0959 8884 arcsas - ok
19:05:50.0983 8884 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:05:50.0983 8884 AsyncMac - ok
19:05:51.0014 8884 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:05:51.0015 8884 atapi - ok
19:05:51.0067 8884 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
19:05:51.0069 8884 b06bdrv - ok
19:05:51.0084 8884 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:05:51.0085 8884 b57nd60a - ok
19:05:51.0108 8884 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:05:51.0109 8884 Beep - ok
19:05:51.0125 8884 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
19:05:51.0126 8884 blbdrive - ok
19:05:51.0158 8884 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:05:51.0159 8884 bowser - ok
19:05:51.0185 8884 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
19:05:51.0185 8884 BrFiltLo - ok
19:05:51.0196 8884 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
19:05:51.0197 8884 BrFiltUp - ok
19:05:51.0211 8884 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:05:51.0213 8884 Brserid - ok
19:05:51.0224 8884 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:05:51.0225 8884 BrSerWdm - ok
19:05:51.0234 8884 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:05:51.0235 8884 BrUsbMdm - ok
19:05:51.0245 8884 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:05:51.0246 8884 BrUsbSer - ok
19:05:51.0279 8884 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
19:05:51.0279 8884 BthEnum - ok
19:05:51.0298 8884 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
19:05:51.0299 8884 BTHMODEM - ok
19:05:51.0328 8884 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
19:05:51.0329 8884 BthPan - ok
19:05:51.0354 8884 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
19:05:51.0357 8884 BTHPORT - ok
19:05:51.0375 8884 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
19:05:51.0376 8884 BTHUSB - ok
19:05:51.0405 8884 btmaux (ba554bfcbf21201d310738a42c9c19e1) C:\Windows\system32\DRIVERS\btmaux.sys
19:05:51.0406 8884 btmaux - ok
19:05:51.0437 8884 btmhsf (0010a54571f525a97eed8c091e96eaa9) C:\Windows\system32\DRIVERS\btmhsf.sys
19:05:51.0439 8884 btmhsf - ok
19:05:51.0462 8884 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:05:51.0463 8884 cdfs - ok
19:05:51.0482 8884 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
19:05:51.0483 8884 cdrom - ok
19:05:51.0509 8884 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
19:05:51.0509 8884 circlass - ok
19:05:51.0542 8884 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:05:51.0545 8884 CLFS - ok
19:05:51.0569 8884 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
19:05:51.0570 8884 CmBatt - ok
19:05:51.0580 8884 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:05:51.0581 8884 cmdide - ok
19:05:51.0612 8884 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
19:05:51.0615 8884 CNG - ok
19:05:51.0657 8884 cnnctfy2 (040ff3b09f26926a3792e047db0f47dd) C:\Windows\system32\DRIVERS\cnnctfy2.sys
19:05:51.0657 8884 cnnctfy2 - ok
19:05:51.0673 8884 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
19:05:51.0673 8884 Compbatt - ok
19:05:51.0690 8884 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
19:05:51.0691 8884 CompositeBus - ok
19:05:51.0720 8884 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
19:05:51.0720 8884 crcdisk - ok
19:05:51.0761 8884 CtClsFlt (fbe228abeab2be13b9c3a3a112d4d8dc) C:\Windows\system32\DRIVERS\CtClsFlt.sys
19:05:51.0762 8884 CtClsFlt - ok
19:05:51.0786 8884 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:05:51.0786 8884 DfsC - ok
19:05:51.0815 8884 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:05:51.0816 8884 discache - ok
19:05:51.0844 8884 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
19:05:51.0845 8884 Disk - ok
19:05:51.0883 8884 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:05:51.0884 8884 drmkaud - ok
19:05:51.0939 8884 dtsoftbus01 (d3d64cf7b2bceaa34a270f45a3fffb36) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
19:05:51.0940 8884 dtsoftbus01 - ok
19:05:51.0977 8884 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:05:51.0982 8884 DXGKrnl - ok
19:05:52.0026 8884 eamon (55851f4864f8ad6e98b02307eca29db4) C:\Windows\system32\DRIVERS\eamon.sys
19:05:52.0027 8884 eamon - ok
19:05:52.0118 8884 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
19:05:52.0133 8884 ebdrv - ok
19:05:52.0167 8884 ehdrv (62c96b617ac7c4c8a9c29d57a36aa874) C:\Windows\system32\DRIVERS\ehdrv.sys
19:05:52.0169 8884 ehdrv - ok
19:05:52.0220 8884 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
19:05:52.0223 8884 elxstor - ok
19:05:52.0258 8884 epfw (9c4476159ccdef1a9b3f91dc580f1c46) C:\Windows\system32\DRIVERS\epfw.sys
19:05:52.0259 8884 epfw - ok
19:05:52.0291 8884 Epfwndis (34f666bf6387210034e4bcc5be6a3e45) C:\Windows\system32\DRIVERS\Epfwndis.sys
19:05:52.0291 8884 Epfwndis - ok
19:05:52.0310 8884 epfwwfp (bf2cb1efb98a888d6f676683cd48936f) C:\Windows\system32\DRIVERS\epfwwfp.sys
19:05:52.0310 8884 epfwwfp - ok
19:05:52.0321 8884 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:05:52.0322 8884 ErrDev - ok
19:05:52.0339 8884 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:05:52.0340 8884 exfat - ok
19:05:52.0361 8884 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:05:52.0381 8884 fastfat - ok
19:05:52.0393 8884 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
19:05:52.0393 8884 fdc - ok
19:05:52.0414 8884 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:05:52.0414 8884 FileInfo - ok
19:05:52.0432 8884 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:05:52.0433 8884 Filetrace - ok
19:05:52.0449 8884 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
19:05:52.0450 8884 flpydisk - ok
19:05:52.0467 8884 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:05:52.0469 8884 FltMgr - ok
19:05:52.0491 8884 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:05:52.0492 8884 FsDepends - ok
19:05:52.0511 8884 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
19:05:52.0512 8884 Fs_Rec - ok
19:05:52.0529 8884 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:05:52.0531 8884 fvevol - ok
19:05:52.0554 8884 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
19:05:52.0555 8884 gagp30kx - ok
19:05:52.0578 8884 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:05:52.0579 8884 GEARAspiWDM - ok
19:05:52.0605 8884 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:05:52.0605 8884 hcw85cir - ok
19:05:52.0648 8884 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
19:05:52.0650 8884 HdAudAddService - ok
19:05:52.0679 8884 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:05:52.0680 8884 HDAudBus - ok
19:05:52.0693 8884 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
19:05:52.0694 8884 HidBatt - ok
19:05:52.0706 8884 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
19:05:52.0707 8884 HidBth - ok
19:05:52.0718 8884 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
19:05:52.0718 8884 HidIr - ok
19:05:52.0749 8884 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
19:05:52.0749 8884 HidUsb - ok
19:05:52.0780 8884 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:05:52.0781 8884 HpSAMD - ok
19:05:52.0812 8884 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:05:52.0816 8884 HTTP - ok
19:05:52.0838 8884 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:05:52.0838 8884 hwpolicy - ok
19:05:52.0868 8884 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
19:05:52.0869 8884 i8042prt - ok
19:05:52.0901 8884 iaStor (d469b77687e12fe43e344806740b624d) C:\Windows\system32\drivers\iaStor.sys
19:05:52.0903 8884 iaStor - ok
19:05:52.0934 8884 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
19:05:52.0936 8884 iaStorV - ok
19:05:52.0966 8884 iBtFltCoex (50b8ab6013ef9970ac85fdba0f622300) C:\Windows\system32\DRIVERS\iBtFltCoex.sys
19:05:52.0967 8884 iBtFltCoex - ok
19:05:53.0176 8884 igfx (efe5a0af39a8e179624117c521f1e012) C:\Windows\system32\DRIVERS\igdkmd64.sys
19:05:53.0253 8884 igfx - ok
19:05:53.0277 8884 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
19:05:53.0277 8884 iirsp - ok
19:05:53.0305 8884 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\drivers\Impcd.sys
19:05:53.0306 8884 Impcd - ok
19:05:53.0383 8884 IntcAzAudAddService (028e40182a6f0374978c755f85b9f07c) C:\Windows\system32\drivers\RTKVHD64.sys
19:05:53.0400 8884 IntcAzAudAddService - ok
19:05:53.0432 8884 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
19:05:53.0434 8884 IntcDAud - ok
19:05:53.0466 8884 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:05:53.0467 8884 intelide - ok
19:05:53.0491 8884 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:05:53.0491 8884 intelppm - ok
19:05:53.0519 8884 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:05:53.0520 8884 IpFilterDriver - ok
19:05:53.0532 8884 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:05:53.0533 8884 IPMIDRV - ok
19:05:53.0557 8884 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:05:53.0558 8884 IPNAT - ok
19:05:53.0573 8884 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:05:53.0574 8884 IRENUM - ok
19:05:53.0585 8884 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:05:53.0586 8884 isapnp - ok
19:05:53.0624 8884 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:05:53.0625 8884 iScsiPrt - ok
19:05:53.0657 8884 JMCR (e56417c56b6a7316b6f527c890a1860d) C:\Windows\system32\DRIVERS\jmcr.sys
19:05:53.0658 8884 JMCR - ok
19:05:53.0679 8884 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
19:05:53.0680 8884 kbdclass - ok
19:05:53.0699 8884 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
19:05:53.0699 8884 kbdhid - ok
19:05:53.0720 8884 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
19:05:53.0721 8884 KSecDD - ok
19:05:53.0742 8884 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
19:05:53.0743 8884 KSecPkg - ok
19:05:53.0763 8884 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:05:53.0763 8884 ksthunk - ok
19:05:53.0792 8884 LHidFilt (1074c77a47835e03c15bf92452f9a750) C:\Windows\system32\DRIVERS\LHidFilt.Sys
19:05:53.0792 8884 LHidFilt - ok
19:05:53.0810 8884 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:05:53.0810 8884 lltdio - ok
19:05:53.0875 8884 LMIInfo (0317335b15ff3bda8e10197e3434cfc0) C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
19:05:53.0876 8884 LMIInfo - ok
19:05:53.0905 8884 lmimirr (413ecdcfad9a82804d3674c8d7eec24e) C:\Windows\system32\DRIVERS\lmimirr.sys
19:05:53.0905 8884 lmimirr - ok
19:05:53.0915 8884 LMIRfsClientNP - ok
19:05:53.0936 8884 LMIRfsDriver (c57d3faa50e6f395759ffb7c709bd944) C:\Windows\system32\drivers\LMIRfsDriver.sys
19:05:53.0936 8884 LMIRfsDriver - ok
19:05:53.0955 8884 LMouFilt (96999c364c649e2866a268f7420a304a) C:\Windows\system32\DRIVERS\LMouFilt.Sys
19:05:53.0955 8884 LMouFilt - ok
19:05:53.0984 8884 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
19:05:53.0985 8884 LSI_FC - ok
19:05:53.0996 8884 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
19:05:53.0997 8884 LSI_SAS - ok
19:05:54.0008 8884 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
19:05:54.0009 8884 LSI_SAS2 - ok
19:05:54.0019 8884 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
19:05:54.0020 8884 LSI_SCSI - ok
19:05:54.0045 8884 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:05:54.0046 8884 luafv - ok
19:05:54.0058 8884 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
19:05:54.0058 8884 megasas - ok
19:05:54.0072 8884 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
19:05:54.0073 8884 MegaSR - ok
19:05:54.0100 8884 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
19:05:54.0101 8884 MEIx64 - ok
19:05:54.0119 8884 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:05:54.0120 8884 Modem - ok
19:05:54.0142 8884 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:05:54.0142 8884 monitor - ok
19:05:54.0163 8884 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
19:05:54.0164 8884 mouclass - ok
19:05:54.0184 8884 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
19:05:54.0185 8884 mouhid - ok
19:05:54.0203 8884 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
19:05:54.0204 8884 mountmgr - ok
19:05:54.0230 8884 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
19:05:54.0232 8884 mpio - ok
19:05:54.0257 8884 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:05:54.0258 8884 mpsdrv - ok
19:05:54.0271 8884 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
19:05:54.0272 8884 MRxDAV - ok
19:05:54.0299 8884 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:05:54.0300 8884 mrxsmb - ok
19:05:54.0346 8884 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:05:54.0347 8884 mrxsmb10 - ok
19:05:54.0364 8884 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:05:54.0365 8884 mrxsmb20 - ok
19:05:54.0392 8884 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
19:05:54.0393 8884 msahci - ok
19:05:54.0408 8884 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
19:05:54.0409 8884 msdsm - ok
19:05:54.0434 8884 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:05:54.0434 8884 Msfs - ok
19:05:54.0450 8884 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:05:54.0451 8884 mshidkmdf - ok
19:05:54.0479 8884 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:05:54.0479 8884 msisadrv - ok
19:05:54.0493 8884 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:05:54.0493 8884 MSKSSRV - ok
19:05:54.0508 8884 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:05:54.0508 8884 MSPCLOCK - ok
19:05:54.0528 8884 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:05:54.0529 8884 MSPQM - ok
19:05:54.0551 8884 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
19:05:54.0553 8884 MsRPC - ok
19:05:54.0575 8884 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
19:05:54.0576 8884 mssmbios - ok
19:05:54.0592 8884 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:05:54.0592 8884 MSTEE - ok
19:05:54.0613 8884 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
19:05:54.0613 8884 MTConfig - ok
19:05:54.0636 8884 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:05:54.0637 8884 Mup - ok
19:05:54.0661 8884 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:05:54.0662 8884 NativeWifiP - ok
19:05:54.0701 8884 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
19:05:54.0709 8884 NDIS - ok
19:05:54.0732 8884 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:05:54.0733 8884 NdisCap - ok
19:05:54.0755 8884 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:05:54.0756 8884 NdisTapi - ok
19:05:54.0775 8884 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
19:05:54.0776 8884 Ndisuio - ok
19:05:54.0795 8884 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
19:05:54.0796 8884 NdisWan - ok
19:05:54.0819 8884 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
19:05:54.0838 8884 NDProxy - ok
19:05:54.0853 8884 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:05:54.0854 8884 NetBIOS - ok
19:05:54.0873 8884 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
19:05:54.0874 8884 NetBT - ok
19:05:55.0040 8884 NETwNs64 (ac69618de5bcce8747c9ab0aae1003c1) C:\Windows\system32\DRIVERS\NETwNs64.sys
19:05:55.0078 8884 NETwNs64 - ok
19:05:55.0098 8884 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
19:05:55.0099 8884 nfrd960 - ok
19:05:55.0127 8884 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:05:55.0128 8884 Npfs - ok
19:05:55.0151 8884 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:05:55.0152 8884 nsiproxy - ok
19:05:55.0208 8884 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
19:05:55.0216 8884 Ntfs - ok
19:05:55.0249 8884 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:05:55.0249 8884 Null - ok
19:05:55.0275 8884 nusb3hub (9a33100ac62a0463c49e47ee8e77083a) C:\Windows\system32\DRIVERS\nusb3hub.sys
19:05:55.0276 8884 nusb3hub - ok
19:05:55.0296 8884 nusb3xhc (87c321f7bee646b7ec6eedd6eb725741) C:\Windows\system32\DRIVERS\nusb3xhc.sys
19:05:55.0298 8884 nusb3xhc - ok
19:05:55.0326 8884 nvkflt (63bcd806f51c31159193697f306feb7f) C:\Windows\system32\DRIVERS\nvkflt.sys
19:05:55.0327 8884 nvkflt - ok
19:05:55.0531 8884 nvlddmkm (b15258b1f45f9571758ac6bb2f043b01) C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:05:55.0590 8884 nvlddmkm - ok
19:05:55.0619 8884 nvpciflt (682ea9ed3399d6066f0daecf7938727e) C:\Windows\system32\DRIVERS\nvpciflt.sys
19:05:55.0620 8884 nvpciflt - ok
19:05:55.0652 8884 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
19:05:55.0653 8884 nvraid - ok
19:05:55.0671 8884 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
19:05:55.0672 8884 nvstor - ok
19:05:55.0693 8884 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:05:55.0694 8884 nv_agp - ok
19:05:55.0719 8884 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:05:55.0720 8884 ohci1394 - ok
19:05:55.0739 8884 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
19:05:55.0740 8884 Parport - ok
19:05:55.0761 8884 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
19:05:55.0762 8884 partmgr - ok
19:05:55.0793 8884 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
19:05:55.0794 8884 pci - ok
19:05:55.0815 8884 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:05:55.0826 8884 pciide - ok
19:05:55.0845 8884 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
19:05:55.0847 8884 pcmcia - ok
19:05:55.0866 8884 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:05:55.0866 8884 pcw - ok
19:05:55.0895 8884 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:05:55.0898 8884 PEAUTH - ok
19:05:55.0941 8884 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
19:05:55.0942 8884 PptpMiniport - ok
19:05:55.0953 8884 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
19:05:55.0954 8884 Processor - ok
19:05:55.0972 8884 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
19:05:55.0973 8884 Psched - ok
19:05:55.0999 8884 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
19:05:56.0000 8884 PxHlpa64 - ok
19:05:56.0025 8884 qicflt (0928bd20273625622722fe1de5bbde57) C:\Windows\system32\DRIVERS\qicflt.sys
19:05:56.0026 8884 qicflt - ok
19:05:56.0073 8884 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
19:05:56.0081 8884 ql2300 - ok
19:05:56.0105 8884 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
19:05:56.0106 8884 ql40xx - ok
19:05:56.0126 8884 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:05:56.0127 8884 QWAVEdrv - ok
19:05:56.0141 8884 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:05:56.0141 8884 RasAcd - ok
19:05:56.0162 8884 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:05:56.0162 8884 RasAgileVpn - ok
19:05:56.0183 8884 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:05:56.0184 8884 Rasl2tp - ok
19:05:56.0205 8884 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:05:56.0206 8884 RasPppoe - ok
19:05:56.0222 8884 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:05:56.0223 8884 RasSstp - ok
19:05:56.0242 8884 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
19:05:56.0243 8884 rdbss - ok
19:05:56.0263 8884 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
19:05:56.0264 8884 rdpbus - ok
19:05:56.0275 8884 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:05:56.0275 8884 RDPCDD - ok
19:05:56.0302 8884 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:05:56.0303 8884 RDPENCDD - ok
19:05:56.0324 8884 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:05:56.0324 8884 RDPREFMP - ok
19:05:56.0337 8884 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
19:05:56.0338 8884 RDPWD - ok
19:05:56.0360 8884 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
19:05:56.0361 8884 rdyboost - ok
19:05:56.0396 8884 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
19:05:56.0397 8884 RFCOMM - ok
19:05:56.0421 8884 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:05:56.0421 8884 rspndr - ok
19:05:56.0454 8884 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
19:05:56.0457 8884 RTL8167 - ok
19:05:56.0481 8884 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
19:05:56.0481 8884 sbp2port - ok
19:05:56.0511 8884 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
19:05:56.0512 8884 scfilter - ok
19:05:56.0548 8884 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
19:05:56.0549 8884 sdbus - ok
19:05:56.0571 8884 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:05:56.0571 8884 secdrv - ok
19:05:56.0586 8884 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
19:05:56.0586 8884 Serenum - ok
19:05:56.0604 8884 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
19:05:56.0604 8884 Serial - ok
19:05:56.0615 8884 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
19:05:56.0615 8884 sermouse - ok
19:05:56.0632 8884 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
19:05:56.0632 8884 sffdisk - ok
19:05:56.0642 8884 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:05:56.0643 8884 sffp_mmc - ok
19:05:56.0653 8884 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\DRIVERS\sffp_sd.sys
19:05:56.0654 8884 sffp_sd - ok
19:05:56.0664 8884 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
19:05:56.0664 8884 sfloppy - ok
19:05:56.0683 8884 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
19:05:56.0684 8884 SiSRaid2 - ok
19:05:56.0703 8884 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
19:05:56.0704 8884 SiSRaid4 - ok
19:05:56.0716 8884 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:05:56.0716 8884 Smb - ok
19:05:56.0740 8884 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:05:56.0740 8884 spldr - ok
19:05:56.0769 8884 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
19:05:56.0772 8884 srv - ok
19:05:56.0797 8884 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
19:05:56.0800 8884 srv2 - ok
19:05:56.0818 8884 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
19:05:56.0820 8884 srvnet - ok
19:05:56.0845 8884 stdcfltn (92e7f6666633d2dd91d527503daa7be0) C:\Windows\system32\DRIVERS\stdcfltn.sys
19:05:56.0846 8884 stdcfltn - ok
19:05:56.0875 8884 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
19:05:56.0876 8884 stexstor - ok
19:05:56.0903 8884 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
19:05:56.0904 8884 swenum - ok
19:05:56.0947 8884 SynTP (b0c7d4dcf4800df2f2145b500d0161e8) C:\Windows\system32\DRIVERS\SynTP.sys
19:05:56.0953 8884 SynTP - ok
19:05:57.0022 8884 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
19:05:57.0030 8884 Tcpip - ok
19:05:57.0080 8884 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
19:05:57.0089 8884 TCPIP6 - ok
19:05:57.0114 8884 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
19:05:57.0115 8884 tcpipreg - ok
19:05:57.0143 8884 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:05:57.0153 8884 TDPIPE - ok
19:05:57.0174 8884 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
19:05:57.0175 8884 TDTCP - ok
19:05:57.0198 8884 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
19:05:57.0199 8884 tdx - ok
19:05:57.0217 8884 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
19:05:57.0217 8884 TermDD - ok
19:05:57.0246 8884 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:05:57.0246 8884 tssecsrv - ok
19:05:57.0258 8884 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
19:05:57.0259 8884 TsUsbFlt - ok
19:05:57.0272 8884 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
19:05:57.0273 8884 TsUsbGD - ok
19:05:57.0306 8884 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
19:05:57.0307 8884 tunnel - ok
19:05:57.0333 8884 TurboB (fd24f98d2898be093fe926604be7db99) C:\Windows\system32\DRIVERS\TurboB.sys
19:05:57.0333 8884 TurboB - ok
19:05:57.0346 8884 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
19:05:57.0347 8884 uagp35 - ok
19:05:57.0367 8884 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
19:05:57.0370 8884 udfs - ok
19:05:57.0390 8884 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:05:57.0391 8884 uliagpkx - ok
19:05:57.0408 8884 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
19:05:57.0409 8884 umbus - ok
19:05:57.0431 8884 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
19:05:57.0432 8884 UmPass - ok
19:05:57.0465 8884 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
19:05:57.0465 8884 USBAAPL64 - ok
19:05:57.0504 8884 usbccgp (19ad7990c0b67e48dac5b26f99628223) C:\Windows\system32\DRIVERS\usbccgp.sys
19:05:57.0505 8884 usbccgp - ok
19:05:57.0529 8884 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
19:05:57.0530 8884 usbcir - ok
19:05:57.0556 8884 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
19:05:57.0556 8884 usbehci - ok
19:05:57.0590 8884 usbhub (8b892002d7b79312821169a14317ab86) C:\Windows\system32\DRIVERS\usbhub.sys
19:05:57.0592 8884 usbhub - ok
19:05:57.0619 8884 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
19:05:57.0619 8884 usbohci - ok
19:05:57.0656 8884 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
19:05:57.0656 8884 usbprint - ok
19:05:57.0677 8884 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:05:57.0678 8884 USBSTOR - ok
19:05:57.0704 8884 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
19:05:57.0705 8884 usbuhci - ok
19:05:57.0746 8884 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
19:05:57.0747 8884 usbvideo - ok
19:05:57.0764 8884 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:05:57.0764 8884 vdrvroot - ok
19:05:57.0777 8884 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:05:57.0777 8884 vga - ok
19:05:57.0793 8884 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:05:57.0794 8884 VgaSave - ok
19:05:57.0807 8884 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
19:05:57.0808 8884 vhdmp - ok
19:05:57.0840 8884 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:05:57.0841 8884 viaide - ok
19:05:57.0867 8884 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
19:05:57.0867 8884 volmgr - ok
19:05:57.0891 8884 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
19:05:57.0893 8884 volmgrx - ok
19:05:57.0915 8884 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
19:05:57.0916 8884 volsnap - ok
19:05:57.0944 8884 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
19:05:57.0945 8884 vsmraid - ok
19:05:57.0972 8884 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
19:05:57.0973 8884 vwifibus - ok
19:05:57.0994 8884 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
19:05:57.0994 8884 vwififlt - ok
19:05:58.0008 8884 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
19:05:58.0009 8884 vwifimp - ok
19:05:58.0025 8884 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
19:05:58.0025 8884 WacomPen - ok
19:05:58.0049 8884 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:05:58.0050 8884 WANARP - ok
19:05:58.0054 8884 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:05:58.0055 8884 Wanarpv6 - ok
19:05:58.0073 8884 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
19:05:58.0074 8884 Wd - ok
19:05:58.0110 8884 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:05:58.0113 8884 Wdf01000 - ok
19:05:58.0146 8884 wdkmd (94dc2bf6cbaaa95e369c3756d3115a76) C:\Windows\system32\DRIVERS\WDKMD.sys
19:05:58.0146 8884 wdkmd - ok
19:05:58.0173 8884 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:05:58.0174 8884 WfpLwf - ok
19:05:58.0205 8884 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
19:05:58.0207 8884 WimFltr - ok
19:05:58.0227 8884 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:05:58.0228 8884 WIMMount - ok
19:05:58.0273 8884 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
19:05:58.0273 8884 WinUsb - ok
19:05:58.0294 8884 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
19:05:58.0295 8884 WmiAcpi - ok
19:05:58.0318 8884 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:05:58.0319 8884 ws2ifsl - ok
19:05:58.0345 8884 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
19:05:58.0346 8884 WudfPf - ok
19:05:58.0367 8884 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:05:58.0369 8884 WUDFRd - ok
19:05:58.0394 8884 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
19:05:58.0403 8884 \Device\Harddisk0\DR0 - ok
19:05:58.0406 8884 MBR (0x1B8) (95143c9843fa5b9e6624f0a766576462) \Device\Harddisk1\DR1
19:05:58.0407 8884 \Device\Harddisk1\DR1 ( Rootkit.Boot.Wistler.a ) - infected
19:05:58.0407 8884 \Device\Harddisk1\DR1 - detected Rootkit.Boot.Wistler.a (0)
19:05:58.0412 8884 Boot (0x1200) (c551b8ed463f7ad3b144425d60fbfd8c) \Device\Harddisk0\DR0\Partition0
19:05:58.0413 8884 \Device\Harddisk0\DR0\Partition0 - ok
19:05:58.0428 8884 Boot (0x1200) (27108033eca6ddbd34f94e7e0ad5b041) \Device\Harddisk0\DR0\Partition1
19:05:58.0430 8884 \Device\Harddisk0\DR0\Partition1 - ok
19:05:58.0452 8884 Boot (0x1200) (464ca9e57ee578176b93216d7534e24e) \Device\Harddisk0\DR0\Partition2
19:05:58.0453 8884 \Device\Harddisk0\DR0\Partition2 - ok
19:05:58.0456 8884 Boot (0x1200) (0c16cc1111834cf468e2839998b7d66b) \Device\Harddisk1\DR1\Partition0
19:05:58.0456 8884 \Device\Harddisk1\DR1\Partition0 - ok
19:05:58.0457 8884 ============================================================
19:05:58.0457 8884 Scan finished
19:05:58.0457 8884 ============================================================
19:05:58.0463 8868 Detected object count: 1
19:05:58.0463 8868 Actual detected object count: 1
19:06:19.0781 8868 \Device\Harddisk1\DR1 - processing error
19:06:21.0246 8868 \Device\Harddisk1\DR1 - restored
19:06:21.0246 8868 \Device\Harddisk1\DR1 ( Rootkit.Boot.Wistler.a ) - User select action: Cure Restore
19:06:34.0583 5972 Deinitialize success

#7 Příspěvek od **vyosek** » 12 pro 2011 19:15

Fajn, restartujte PC pokud jste tak neucinil

Stahnete aswMBR http://public.avast.com/%7Egmerek/aswMBR.exe a ulozte jej na plochu.

Utilitu spustte a prikazte ji, at skenuje - klik na Scan
Kliknutim na Save log ulozte log aswMBR na plochu
Obsah logu aswMBR mi sem vlozte

Kifik · #8 Příspěvek od **Kifik** » 12 pro 2011 19:44

Tady je:

aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-12-12 19:24:17
-----------------------------
19:24:17.659 OS Version: Windows x64 6.1.7601 Service Pack 1
19:24:17.660 Number of processors: 4 586 0x2A07
19:24:17.660 ComputerName: KIFÍK-PC UserName: Kifík
19:24:20.552 Initialize success
19:25:13.932 AVAST engine defs: 11121201
19:26:09.057 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:26:09.059 Disk 0 Vendor: ST950042 D005 Size: 476940MB BusType: 3
19:26:09.070 Disk 0 MBR read successfully
19:26:09.072 Disk 0 MBR scan
19:26:09.076 Disk 0 Windows VISTA default MBR code
19:26:09.078 Service scanning
19:26:14.747 Modules scanning
19:26:14.753 Disk 0 trace - called modules:
19:26:14.763 ntoskrnl.exe CLASSPNP.SYS disk.sys stdcfltn.sys ACPI.sys iaStor.sys hal.dll
19:26:14.766 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800968a060]
19:26:14.770 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> [0xfffffa80094e9ba0]
19:26:14.773 5 stdcfltn.sys[fffff88001b16c52] -> nt!IofCallDriver -> [0xfffffa8007a34440]
19:26:14.777 7 ACPI.sys[fffff88000f2b7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007b38050]
19:26:17.538 AVAST engine scan C:\Windows
19:26:19.073 AVAST engine scan C:\Windows\system32
19:27:53.846 AVAST engine scan C:\Windows\system32\drivers
19:28:09.977 AVAST engine scan C:\Users\Kifík
19:38:13.189 AVAST engine scan C:\ProgramData
19:39:56.976 Scan finished successfully
19:43:52.899 Disk 0 MBR has been saved successfully to "C:\Users\Kifík\Desktop\MBR.dat"
19:43:52.906 The log file has been saved successfully to "C:\Users\Kifík\Desktop\aswMBR.txt"

#9 Příspěvek od **vyosek** » 12 pro 2011 19:46

Nasledujici soubory otestujte na VirusTotalu (viz muj podpis)

C:\Users\Kifík\Desktop\MBR.dat
Kliknete na Prochazet
Soubor nehledejte, jen vlozte cestu souboru, ktery chci otestovat
Kliknete na Send File
Pokud na Vas vyskoci obrazovka jako je nize, tak kliknete na ReAnalyse
Vysledek analyzy sem vlozte (jako odkaz)

Kifik · #10 Příspěvek od **Kifik** » 12 pro 2011 19:56

Zde je odkaz: http://www.virustotal.com/file-scan/rep ... 1323715532

#11 Příspěvek od **vyosek** » 12 pro 2011 19:56

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

Kifik · #12 Příspěvek od **Kifik** » 12 pro 2011 20:11

Nedaří se mi aplikaci stáhnout z uvedeného odkazu :/

#13 Příspěvek od **vyosek** » 12 pro 2011 20:22

BCcu asi spadl server

Zkuste odsud http://www.infospyware.com/Software/ComboFix.exe

Kifik · #14 Příspěvek od **Kifik** » 12 pro 2011 20:42

Tak se konečně zadařilo. Zde je log:

ComboFix 11-12-12.03 - Kifík 12.12.2011 20:28:00.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8106.5694 [GMT 1:00]
Spuštěný z: c:\combofix\ComboFix.exe
AV: ESET Smart Security 4.0 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
FW: ESET Personal firewall *Disabled* {F3340042-195E-BB41-42D1-CDB495BB46DE}
SP: ESET Smart Security 4.0 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\programdata\Roaming
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\SysWow64\3cef0289.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-11-12 do 2011-12-12 )))))))))))))))))))))))))))))))
.
.
2011-12-12 19:33 . 2011-12-12 19:33 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2011-12-12 19:33 . 2011-12-12 19:33 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-12-12 18:23 . 2011-12-12 18:23 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FC91EE1C-B384-4F52-9CF5-95133618BFE7}\offreg.dll
2011-12-12 17:48 . 2011-12-12 17:48 -------- d-----w- C:\rsit
2011-12-12 17:48 . 2011-12-12 17:48 -------- d-----w- c:\program files\trend micro
2011-12-11 18:36 . 2011-11-30 01:21 8822856 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FC91EE1C-B384-4F52-9CF5-95133618BFE7}\mpengine.dll
2011-12-06 11:58 . 2011-12-06 11:58 -------- d-----w- c:\users\Kifík\AppData\Local\{4E050683-8C18-4C19-80D1-31D2DB96F882}
2011-12-06 11:58 . 2011-12-06 11:58 -------- d-----w- c:\users\Kifík\AppData\Local\{DB2E7572-7654-4E9F-81F0-9DF28FDBA5EB}
2011-12-05 22:03 . 2011-12-12 18:23 -------- d-----w- c:\program files (x86)\Paymo
2011-12-03 23:18 . 2011-12-03 23:18 5285 ----a-w- C:\STFCC.tmp
2011-12-03 09:23 . 2011-12-03 09:23 -------- d-----w- c:\program files (x86)\Evernote
2011-11-22 18:16 . 2011-11-22 18:16 -------- d-----w- c:\users\Kifík\AppData\Local\Chromium
2011-11-21 09:22 . 2011-11-21 09:22 -------- d-----w- c:\windows\system32\Macromed
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-06 08:11 . 2010-11-21 03:27 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-11-21 09:22 . 2011-07-07 16:38 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-10-15 13:15 . 2011-10-15 13:15 31344 ----a-w- c:\windows\system32\drivers\cnnctfy2.sys
2011-10-15 08:53 . 2011-10-26 14:24 8791360 ----a-w- c:\windows\system32\nvwgf2umx.dll
2011-10-15 08:53 . 2011-10-26 14:24 7041856 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2011-10-15 08:53 . 2011-10-26 14:24 68928 ----a-w- c:\windows\system32\OpenCL.dll
2011-10-15 08:53 . 2011-10-26 14:24 61248 ----a-w- c:\windows\SysWow64\OpenCL.dll
2011-10-15 08:53 . 2011-10-26 14:24 371520 ----a-w- c:\windows\system32\nvoptimusmft.dll
2011-10-15 08:53 . 2011-10-26 14:24 330560 ----a-w- c:\windows\SysWow64\nvoptimusmft.dll
2011-10-15 08:53 . 2011-10-26 14:24 28992 ----a-w- c:\windows\system32\drivers\nvpciflt.sys
2011-10-15 08:53 . 2011-10-26 14:24 249152 ----a-w- c:\windows\system32\drivers\nvkflt.sys
2011-10-15 08:53 . 2011-10-26 14:24 24742720 ----a-w- c:\windows\system32\nvoglv64.dll
2011-10-15 08:53 . 2011-10-26 14:24 18871616 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2011-10-15 08:53 . 2011-10-26 14:24 12971840 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2011-10-15 08:53 . 2011-10-26 14:24 7581504 ----a-w- c:\windows\system32\nvcuda.dll
2011-10-15 08:53 . 2011-10-26 14:24 5578560 ----a-w- c:\windows\SysWow64\nvcuda.dll
2011-10-15 08:53 . 2011-10-26 14:24 364352 ----a-w- c:\windows\system32\nvdecodemft.dll
2011-10-15 08:53 . 2011-10-26 14:24 301888 ----a-w- c:\windows\SysWow64\nvdecodemft.dll
2011-10-15 08:53 . 2011-10-26 14:24 2542912 ----a-w- c:\windows\system32\nvcuvid.dll
2011-10-15 08:53 . 2011-10-26 14:24 24796992 ----a-w- c:\windows\system32\nvcompiler.dll
2011-10-15 08:53 . 2011-10-26 14:24 2401088 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2011-10-15 08:53 . 2011-10-26 14:24 2232128 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-10-15 08:53 . 2011-10-26 14:24 2099520 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2011-10-15 08:53 . 2011-10-26 14:24 17248576 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2011-10-15 08:53 . 2011-10-26 14:24 15693120 ----a-w- c:\windows\system32\nvd3dumx.dll
2011-10-15 08:53 . 2011-10-13 22:00 1533248 ----a-w- c:\windows\system32\nvdispco64.dll
2011-10-15 08:53 . 2011-10-13 22:00 1454400 ----a-w- c:\windows\system32\nvgenco64.dll
2011-10-15 08:53 . 2011-06-28 19:13 860992 ----a-w- c:\windows\system32\nvumdshimx.dll
2011-10-15 08:53 . 2011-06-28 19:13 716608 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2011-10-15 08:53 . 2011-06-28 19:13 241984 ----a-w- c:\windows\system32\nvinitx.dll
2011-10-15 08:53 . 2011-06-28 19:13 203072 ----a-w- c:\windows\SysWow64\nvinit.dll
2011-10-15 08:53 . 2011-06-28 19:13 13205312 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2011-10-15 08:53 . 2011-06-28 19:13 2808128 ----a-w- c:\windows\system32\nvapi64.dll
2011-10-15 08:53 . 2011-06-28 19:13 2458432 ----a-w- c:\windows\SysWow64\nvapi.dll
2011-10-15 08:53 . 2011-02-18 17:19 55616 ----a-w- c:\windows\system32\nv3dappshextr.dll
2011-10-15 08:53 . 2011-02-18 17:19 539456 ----a-w- c:\windows\system32\nvhotkey.dll
2011-10-15 08:53 . 2011-02-18 17:19 3074368 ----a-w- c:\windows\system32\nvsvcr.dll
2011-10-15 08:53 . 2011-02-18 17:19 222528 ----a-w- c:\windows\system32\nvmctray.dll
2011-10-15 08:53 . 2011-02-18 17:19 1640768 ----a-w- c:\windows\system32\nvvsvc.exe
2011-10-15 08:53 . 2011-02-18 17:19 1349440 ----a-w- c:\windows\system32\nv3dappshext.dll
2011-10-15 08:53 . 2011-02-18 17:19 837952 ----a-w- c:\windows\system32\easyUpdatusAPIU64.dll
2011-10-15 08:53 . 2011-02-18 17:19 10406208 ----a-w- c:\windows\system32\nvcpl.dll
2011-10-15 08:53 . 2011-02-18 17:19 5067584 ----a-w- c:\windows\system32\nvsvc64.dll
2011-10-15 08:53 . 2011-02-18 10:19 1985841 ----a-w- c:\windows\system32\nvcoproc.bin
2011-10-15 08:53 . 2011-02-18 10:19 137536 ----a-w- c:\windows\system32\nvshext.dll
2011-10-14 23:54 . 2011-10-14 23:54 321856 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2011-10-07 21:34 . 2011-07-10 07:34 87456 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2011-10-07 21:34 . 2011-07-10 07:34 34688 ----a-w- c:\windows\system32\LMIport.dll
2011-10-07 21:34 . 2011-07-10 07:34 80768 ----a-w- c:\windows\system32\LMIinit.dll
2011-10-03 03:06 . 2011-06-28 17:50 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-10-01 10:40 . 2011-10-01 10:40 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-10-01 10:40 . 2011-10-01 10:40 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2011-10-01 10:40 . 2011-10-01 10:40 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2011-09-29 16:29 . 2011-11-09 14:39 1923952 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-09-29 04:03 . 2011-11-09 14:39 3144704 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Kifík\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Kifík\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Kifík\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Kifík\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RockMelt Update"="c:\users\Kifík\AppData\Local\RockMelt\Update\RockMeltUpdate.exe" [2011-07-07 136336]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2011-08-02 1242448]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"Infium"="c:\program files (x86)\QIP Infium\infium.exe" [2011-05-11 6848384]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-06-06 35736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2010-08-19 487562]
"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112]
"Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-17 514544]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2011-04-14 113288]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-08-18 421736]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"="c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [2011-10-05 559616]
.
c:\users\Kifík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Kifík\AppData\Roaming\Dropbox\bin\Dropbox.exe [2011-5-25 24176560]
EvernoteClipper.lnk - c:\program files (x86)\Evernote\Evernote\EvernoteClipper.exe [2011-12-2 1000288]
Paymo.lnk - c:\program files (x86)\Paymo\Paymo.exe [2011-12-5 434176]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-01-24 901184]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2011-01-24 991296]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2011-01-24 1298496]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [x]
R3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [x]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [x]
R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-17 340240]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys [x]
S1 cnnctfy2;Connectify LightWeight Filter;c:\windows\system32\DRIVERS\cnnctfy2.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S1 nvkflt;nvkflt;c:\windows\system32\DRIVERS\nvkflt.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-17 98208]
S2 Connectify;Connectify;c:\program files (x86)\Connectify\ConnectifyService.exe [2011-09-29 69632]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2009-05-14 731840]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2011-10-07 375176]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [2011-01-11 15928]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\nlssrv32.exe [2011-03-29 66560]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-15 2253120]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-08-18 1692480]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-10-14 381248]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-20 2656280]
S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Accelern.sys [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 qicflt;upper Device Filter Driver;c:\windows\system32\DRIVERS\qicflt.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - ASWMBR
*Deregistered* - aswMBR
.
Obsah adresáře 'Naplánované úlohy'
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Kifík\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Kifík\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Kifík\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 97792 ----a-w- c:\users\Kifík\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-12 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-12 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-12 418328]
"FreeFallProtection"="c:\program files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe" [2010-12-17 686704]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-01-24 10355200]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-12-17 1933584]
"QuickSet"="c:\program files\Dell\QuickSet\QuickSet.exe" [2011-01-25 4479648]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-05-14 2692520]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-10-30 499608]
"LogMeIn GUI"="c:\program files (x86)\LogMeIn\x64\LogMeInSystray.exe" [2011-01-11 57928]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-06-23 1744152]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-07-06 7233640]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-06-03 2226280]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"NVHotkey"="c:\windows\system32\nvHotkey.dll" [2011-10-15 539456]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files (x86)\Stardock\Fences\FencesMenu64.dll" [2010-06-22 253288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www1.euro.dell.com/content/default.aspx?c=cz&l=cs&s=bsd
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: {{A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-RGSC - d:\hry\GTA4\Rockstar Games Social Club\RGSCLauncher.exe
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-AutoKMS - c:\windows\AutoKMS.exe
AddRemove-3cef0289 - c:\windows\system32\3cef0289.exe
AddRemove-ESN Sonar-0.70.0 - c:\program files (x86)\Battlelog Web Plugins\Sonar\esnsonar_uninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-967542819-3253104675-82975415-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:48,31,e3,e8,43,e4,a2,92,95,cf,c9,14,93,f8,05,82,ca,a4,55,2e,31,12,dc,
7d,4d,72,97,74,f3,21,ec,f9,27,44,fc,e1,58,0b,d5,3a,15,a4,fd,79,e5,f0,4f,59,\
"??"=hex:ab,4b,1e,3d,0a,56,ce,fe,91,a2,82,5a,59,f9,ad,85
.
[HKEY_USERS\S-1-5-21-967542819-3253104675-82975415-1001\Software\SecuROM\License information*]
"datasecu"=hex:96,85,ee,c5,74,e4,68,dc,88,bb,cb,49,aa,1c,af,9b,27,05,74,41,df,
2d,e6,9d,58,ca,b8,bd,49,15,e5,5c,3b,c3,25,57,25,93,bf,6c,3d,cd,67,e5,52,73,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-12-12 20:34:51
ComboFix-quarantined-files.txt 2011-12-12 19:34
.
Před spuštěním: Volných bajtů: 120 527 867 904
Po spuštění: Volných bajtů: 120 500 383 744
.
- - End Of File - - C944E215EB4ADD112FE2F8BDFBC9F327

#15 Příspěvek od **vyosek** » 12 pro 2011 20:44

Udelejte prosim znovu sken TDSSKillerem, log opet dejte, ja zatim napisu skript pro CF

VIRY.CZ

MBR sector of the 1. physical disk Win32/Agent.SDG.Gen

MBR sector of the 1. physical disk Win32/Agent.SDG.Gen

Re: MBR sector of the 1. physical disk Win32/Agent.SDG.Gen

Re: MBR sector of the 1. physical disk Win32/Agent.SDG.Gen

Re: MBR sector of the 1. physical disk Win32/Agent.SDG.Gen

Re: MBR sector of the 1. physical disk Win32/Agent.SDG.Gen

Re: MBR sector of the 1. physical disk Win32/Agent.SDG.Gen

Re: MBR sector of the 1. physical disk Win32/Agent.SDG.Gen

Re: MBR sector of the 1. physical disk Win32/Agent.SDG.Gen

Re: MBR sector of the 1. physical disk Win32/Agent.SDG.Gen

Re: MBR sector of the 1. physical disk Win32/Agent.SDG.Gen

Re: MBR sector of the 1. physical disk Win32/Agent.SDG.Gen

Re: MBR sector of the 1. physical disk Win32/Agent.SDG.Gen

Re: MBR sector of the 1. physical disk Win32/Agent.SDG.Gen

Re: MBR sector of the 1. physical disk Win32/Agent.SDG.Gen

Re: MBR sector of the 1. physical disk Win32/Agent.SDG.Gen