Aktivní sektor 0. fyzického disku, neznámý TSR.BOOT virus

[tomascz105]

Ahoj
7.2.2012 mi eset ukázal toto 27.2.2012 10:21:35 Kontrola při startu boot sektor aktivní boot sektor 0. fyzického disku pravděpodobně neznámý TSR.BOOT virus nelze léčit,hledal jsem tady na foru a našel jsem plno odkazů,ale pak jsem našel toto http://forum.viry.cz/viewtopic.php?f=13 ... 39,pročetl jsem a chci se jenom ujistit,že je to to samé,čas kdy to eset objevil se shoduje,datum taky i verze virové databáze,jinak když dám kontrolu tak už nic neoběví tak prosím o odpověď

[Rudy]

Zdravím!
Začneme logem RSIT: http://forum.viry.cz/viewtopic.php?f=13&t=105895 .

[tomascz105]

Logfile of random's system information tool 1.09 (written by random/random)
Run by Tom at 2012-03-17 07:58:27
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 311 GB (87%) free of 357 GB
Total RAM: 3767 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:58:28, on 17.3.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files\trend micro\Tom.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - (no file)
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-690493506-2440755053-609296324-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-690493506-2440755053-609296324-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://E:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (no file)
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Unknown owner - C:\Windows\System32\appdrvrem01.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9952 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 29891632
\??\C:\Windows\system32\conhost.exe "444188606-1104975426849426245-261033729798986131-208107360018104737831440825681
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
"C:\Program Files (x86)\Acer\Registration\GREGsvc.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Windows\System32\igfxtray.exe"
C:\Windows\system32\igfxext.exe -Embedding
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-7995a6ec-059a-45dd-b9fa-77c9391583f3 -SystemEventPortName:HostProcess-03dcf7fc-2b47-48e9-9e2f-4112efc43617 -IoCancelEventPortName:HostProcess-20d48126-1a9f-4081-8c28-8116f5b43378 -NonStateChangingEventPortName:HostProcess-89e6461d-a9ef-4b22-be66-a6165d05dd38 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:029a371f-29f3-4b01-b3b2-ccd95c41bcc3
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\system32\NOTEPAD.EXE" C:\rsit\info.txt
C:\Windows\explorer.exe /factory,{ceff45ee-c862-41de-aee2-a022c81eda92} -Embedding
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Tom\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-690493506-2440755053-609296324-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-690493506-2440755053-609296324-1001UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\lke3tyw8.default

prefs.js - "browser.startup.homepage" - "www.seznam.cz"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
quickstores@quickstores.de
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-06-22 10920552]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2010-04-13 649608]
"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2011-01-05 860040]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-08-12 2916584]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-01-10 167704]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-01-10 392984]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-01-10 417560]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-14 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-02-13 3481408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2012-02-28 1987976]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2011-06-17 266496]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-08-10 975952]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-01-10 390656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-03-17 07:45:01 ----D---- C:\Program Files\trend micro
2012-03-17 07:45:00 ----D---- C:\rsit
2012-03-14 12:53:21 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-03-14 12:53:19 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-03-14 12:53:18 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-03-14 12:50:40 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2012-03-14 12:50:40 ----A---- C:\Windows\system32\DWrite.dll
2012-03-14 12:50:39 ----A---- C:\Windows\system32\win32k.sys
2012-03-14 12:50:38 ----A---- C:\Windows\system32\rdrmemptylst.exe
2012-03-14 12:50:38 ----A---- C:\Windows\system32\rdpwsx.dll
2012-03-14 12:50:38 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-03-14 12:50:37 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2012-03-14 12:50:37 ----A---- C:\Windows\system32\rdpcore.dll
2012-03-14 12:50:37 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2012-03-14 12:50:37 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-03-08 12:02:35 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2012-03-08 11:59:21 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2012-03-08 11:59:14 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2012-03-08 11:58:13 ----D---- C:\Users\Tom\AppData\Roaming\DAEMON Tools Lite
2012-03-04 13:21:30 ----D---- C:\Users\Tom\AppData\Roaming\My Battle for Middle-earth(tm) II Files
2012-03-04 11:36:28 ----D---- C:\Users\Tom\AppData\Roaming\My Battle for Middle-earth Files
2012-03-01 16:58:14 ----A---- C:\Windows\system32\drivers\VBoxDrv.sys
2012-03-01 16:57:53 ----DC---- C:\Windows\system32\DRVSTORE
2012-03-01 16:57:53 ----A---- C:\Windows\system32\drivers\VBoxUSBMon.sys
2012-02-28 15:44:51 ----D---- C:\Program Files (x86)\Disney Interactive Studios
2012-02-27 09:23:08 ----D---- C:\Users\Tom\AppData\Roaming\NVIDIA
2012-02-26 17:39:28 ----D---- C:\Program Files\CCleaner
2012-02-22 16:20:12 ----A---- C:\Windows\Burnout(TM) Paradise The Ultimate Box Patch Log.txt
2012-02-18 08:33:18 ----D---- C:\Windows\system32\Macromed

======List of files/folders modified in the last 1 month======

2012-03-17 07:58:27 ----D---- C:\Windows\Temp
2012-03-17 07:46:36 ----D---- C:\Windows\System32
2012-03-17 07:46:36 ----D---- C:\Windows\inf
2012-03-17 07:46:36 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-03-17 07:45:01 ----RD---- C:\Program Files
2012-03-17 07:41:43 ----D---- C:\Windows\system32\config
2012-03-17 07:41:28 ----A---- C:\Windows\SYSWOW64\log.txt
2012-03-16 18:20:12 ----D---- C:\ProgramData\TmForever
2012-03-16 15:48:43 ----D---- C:\Users\Tom\AppData\Roaming\Skype
2012-03-16 13:38:40 ----SD---- C:\Users\Tom\AppData\Roaming\Microsoft
2012-03-15 15:02:42 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-03-15 12:38:53 ----D---- C:\Windows\system32\wdi
2012-03-14 12:55:10 ----D---- C:\Windows\winsxs
2012-03-14 12:53:43 ----D---- C:\Windows\SysWOW64
2012-03-14 12:53:42 ----D---- C:\Windows\system32\drivers
2012-03-14 12:53:24 ----D---- C:\Windows\system32\catroot
2012-03-14 12:51:26 ----A---- C:\Windows\system32\MRT.exe
2012-03-14 12:51:09 ----SHD---- C:\System Volume Information
2012-03-14 12:50:24 ----D---- C:\Windows\system32\catroot2
2012-03-13 17:33:01 ----D---- C:\Users\Tom\AppData\Roaming\gtk-2.0
2012-03-11 17:18:35 ----D---- C:\ProgramData\boost_interprocess
2012-03-11 13:54:50 ----D---- C:\Windows\system32\NDF
2012-03-08 21:00:49 ----SHD---- C:\Windows\Installer
2012-03-08 21:00:12 ----SHD---- C:\Config.Msi
2012-03-08 12:38:12 ----D---- C:\Program Files (x86)\Common Files
2012-03-08 12:37:22 ----RSD---- C:\Windows\assembly
2012-03-08 12:02:35 ----D---- C:\Program Files (x86)
2012-03-08 12:00:42 ----D---- C:\Windows\system32\DriverStore
2012-03-01 16:58:42 ----D---- C:\Windows\Prefetch
2012-02-28 15:45:02 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-02-28 11:08:05 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2012-02-28 09:30:45 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2012-02-23 09:18:36 ----N---- C:\Windows\system32\MpSigStub.exe
2012-02-22 16:20:12 ----D---- C:\Windows
2012-02-22 15:35:57 ----D---- C:\ProgramData\Electronic Arts
2012-02-19 12:21:50 ----D---- C:\Windows\Microsoft.NET
2012-02-18 20:08:54 ----D---- C:\Windows\ModemLogs
2012-02-18 19:56:20 ----D---- C:\Windows\system32\Tasks
2012-02-18 11:43:12 ----D---- C:\Windows\SYSWOW64\NV
2012-02-18 11:43:12 ----D---- C:\Windows\system32\NV

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-04-13 540696]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2011-03-30 25960]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 appdrv01;Application Driver (01); C:\Windows\System32\Drivers\appdrv01.sys [2011-12-25 2687592]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-03-08 283200]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-07-29 141264]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-07-29 168544]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2010-07-29 126320]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-06-08 4729408]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-04-13 135560]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\drivers\HECIx64.sys [2009-09-17 56344]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-01-10 12311904]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-27 158976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-06-22 2399848]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-06-21 287232]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2010-05-15 384040]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2011-03-10 18432]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2011-03-10 17408]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 BTWAMPFL;btwampfl; C:\Windows\system32\DRIVERS\btwampfl.sys [2010-12-10 349224]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-08-20 106536]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2010-09-14 138280]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-12-10 39464]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-09-14 21416]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-09-22 243712]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2011-12-19 146736]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-12-10 953632]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-08-10 321104]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2010-08-12 810144]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-01-05 867712]
R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-05-26 29696]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-02-28 2343816]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-04-22 244624]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-03-18 268824]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2011-06-17 255744]
R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe [2011-03-31 993896]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-03-30 2009704]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
S2 appdrvrem01;Application Driver Auto Removal Service (01); C:\Windows\System32\appdrvrem01.exe [2011-12-25 538000]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-08-12 42360]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-09-02 655624]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-12-24 1255736]
S3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

-----------------EOF-----------------

[Rudy]

Nyní poprosím o log ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

[tomascz105]

Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3767.2411 [GMT 1:00]
Spuštěný z: c:\users\Tom\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
E:\install.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-02-17 do 2012-03-17 )))))))))))))))))))))))))))))))
.
.
2012-03-17 13:14 . 2012-03-17 13:14 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-03-17 13:14 . 2012-03-17 13:14 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-17 06:45 . 2012-03-17 06:58 -------- d-----w- c:\program files\trend micro
2012-03-17 06:45 . 2012-03-17 06:45 -------- d-----w- C:\rsit
2012-03-16 12:38 . 2012-03-16 12:38 -------- d-----w- c:\users\Tom\Tracing
2012-03-16 12:17 . 2012-02-08 07:13 8643640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B68DD6B6-5FF1-4E32-BBFB-F8E24CA8D10E}\mpengine.dll
2012-03-15 14:02 . 2012-03-15 14:02 592824 ----a-w- c:\program files (x86)\Mozilla Firefox\gkmedias.dll
2012-03-15 14:02 . 2012-03-15 14:02 44472 ----a-w- c:\program files (x86)\Mozilla Firefox\mozglue.dll
2012-03-14 11:53 . 2011-11-19 15:20 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-14 11:53 . 2011-11-19 14:50 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-03-14 11:53 . 2011-11-19 14:50 3913584 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-03-14 11:50 . 2012-02-10 06:36 1544192 ----a-w- c:\windows\system32\DWrite.dll
2012-03-14 11:50 . 2012-02-10 05:38 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-03-14 11:50 . 2012-02-03 04:34 3145728 ----a-w- c:\windows\system32\win32k.sys
2012-03-14 11:50 . 2012-01-25 06:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-03-14 11:50 . 2012-01-25 06:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-03-14 11:50 . 2012-01-25 06:33 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-03-14 11:50 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-03-14 11:50 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-03-14 11:50 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-14 11:50 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-03-08 11:38 . 2012-03-08 11:38 -------- d--h--w- c:\program files (x86)\Common Files\EAInstaller
2012-03-08 11:03 . 2012-03-12 14:11 -------- d-----w- c:\users\Tom\AppData\Local\LogMeIn Hamachi
2012-03-08 11:02 . 2012-03-08 11:02 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2012-03-08 10:59 . 2012-03-08 10:59 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-03-08 10:59 . 2012-03-08 10:59 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2012-03-08 10:58 . 2012-03-12 14:11 -------- d-----w- c:\users\Tom\AppData\Roaming\DAEMON Tools Lite
2012-03-04 12:21 . 2012-03-08 11:09 -------- d-----w- c:\users\Tom\AppData\Roaming\My Battle for Middle-earth(tm) II Files
2012-03-04 10:36 . 2012-03-12 13:13 -------- d-----w- c:\users\Tom\AppData\Roaming\My Battle for Middle-earth Files
2012-03-01 15:59 . 2012-03-01 16:46 -------- d-----w- c:\users\Tom\VirtualBox VMs
2012-03-01 15:58 . 2011-12-19 12:45 224048 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2012-03-01 15:57 . 2012-03-01 16:48 -------- dc----w- c:\windows\system32\DRVSTORE
2012-03-01 15:57 . 2011-12-19 12:45 130864 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2012-02-28 14:44 . 2012-02-28 14:44 -------- d-----w- c:\program files (x86)\Disney Interactive Studios
2012-02-27 08:23 . 2012-02-27 08:23 -------- d-----w- c:\users\Tom\AppData\Roaming\NVIDIA
2012-02-26 16:39 . 2012-02-26 16:39 -------- d-----w- c:\program files\CCleaner
2012-02-18 16:14 . 2012-02-18 16:14 -------- d-----w- c:\users\Tom\AppData\Local\APN
2012-02-18 07:33 . 2012-02-18 07:33 -------- d-----w- c:\windows\system32\Macromed
2012-02-16 18:23 . 2012-02-16 18:23 -------- d-----w- c:\users\Tom\AppData\Roaming\CyberLink
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-28 10:08 . 2012-01-08 10:17 183112 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-02-28 08:30 . 2012-01-08 10:17 66872 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-02-23 08:18 . 2010-11-21 03:27 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-02-18 07:33 . 2011-07-21 13:40 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-01-10 21:43 . 2012-01-10 21:43 167704 ----a-w- c:\windows\system32\igfxtray.exe
2012-01-10 21:43 . 2012-01-10 21:43 510232 ----a-w- c:\windows\system32\igfxsrvc.exe
2012-01-10 21:43 . 2012-01-10 21:43 417560 ----a-w- c:\windows\system32\igfxpers.exe
2012-01-10 21:43 . 2012-01-10 21:43 239896 ----a-w- c:\windows\system32\igfxext.exe
2012-01-10 21:43 . 2012-01-10 21:43 4379416 ----a-w- c:\windows\system32\GfxUI.exe
2012-01-10 21:43 . 2012-01-10 21:43 392984 ----a-w- c:\windows\system32\hkcmd.exe
2012-01-10 21:43 . 2012-01-10 21:43 184600 ----a-w- c:\windows\system32\difx64.exe
2012-01-10 21:37 . 2012-01-10 21:37 90112 ----a-w- c:\windows\system32\igfxCoIn_v2622.dll
2012-01-10 21:28 . 2012-01-10 21:28 8313856 ----a-w- c:\windows\system32\igdumd64.dll
2012-01-10 21:28 . 2012-01-10 21:28 12311904 ----a-w- c:\windows\system32\drivers\igdkmd64.sys
2012-01-10 21:18 . 2012-01-10 21:18 6323712 ----a-w- c:\windows\SysWow64\igdumd32.dll
2012-01-10 21:12 . 2012-01-10 21:12 581120 ----a-w- c:\windows\SysWow64\igdumdx32.dll
2012-01-10 21:06 . 2011-07-21 13:19 9528832 ----a-w- c:\windows\system32\igd10umd64.dll
2012-01-10 20:55 . 2012-01-10 20:55 7988224 ----a-w- c:\windows\SysWow64\igd10umd32.dll
2012-01-10 20:42 . 2012-01-10 20:42 18653696 ----a-w- c:\windows\system32\ig4icd64.dll
2012-01-10 20:29 . 2012-01-10 20:29 13904384 ----a-w- c:\windows\SysWow64\ig4icd32.dll
2012-01-10 20:20 . 2012-01-10 20:20 286720 ----a-w- c:\windows\system32\igfxrrom.lrc
2012-01-10 20:20 . 2012-01-10 20:20 286720 ----a-w- c:\windows\system32\igfxrsky.lrc
2012-01-10 20:20 . 2012-01-10 20:20 286720 ----a-w- c:\windows\system32\igfxrhrv.lrc
2012-01-10 20:20 . 2012-01-10 20:20 286208 ----a-w- c:\windows\system32\igfxrslv.lrc
2012-01-10 20:20 . 2012-01-10 20:20 287232 ----a-w- c:\windows\system32\igfxresn.lrc
2012-01-10 20:20 . 2012-01-10 20:20 286208 ----a-w- c:\windows\system32\igfxrtrk.lrc
2012-01-10 20:20 . 2012-01-10 20:20 286208 ----a-w- c:\windows\system32\igfxrsve.lrc
2012-01-10 20:20 . 2012-01-10 20:20 285696 ----a-w- c:\windows\system32\igfxrtha.lrc
2012-01-10 20:20 . 2012-01-10 20:20 286720 ----a-w- c:\windows\system32\igfxrrus.lrc
2012-01-10 20:20 . 2012-01-10 20:20 286720 ----a-w- c:\windows\system32\igfxrptg.lrc
2012-01-10 20:20 . 2012-01-10 20:20 286208 ----a-w- c:\windows\system32\igfxrptb.lrc
2012-01-10 20:20 . 2012-01-10 20:20 286720 ----a-w- c:\windows\system32\igfxrplk.lrc
2012-01-10 20:20 . 2012-01-10 20:20 286208 ----a-w- c:\windows\system32\igfxrnor.lrc
2012-01-10 20:20 . 2012-01-10 20:20 283136 ----a-w- c:\windows\system32\igfxrkor.lrc
2012-01-10 20:20 . 2012-01-10 20:20 286720 ----a-w- c:\windows\system32\igfxrita.lrc
2012-01-10 20:20 . 2012-01-10 20:20 286208 ----a-w- c:\windows\system32\igfxrhun.lrc
2012-01-10 20:20 . 2012-01-10 20:20 285184 ----a-w- c:\windows\system32\igfxrheb.lrc
2012-01-10 20:20 . 2012-01-10 20:20 283648 ----a-w- c:\windows\system32\igfxrjpn.lrc
2012-01-10 20:20 . 2012-01-10 20:20 287232 ----a-w- c:\windows\system32\igfxrfra.lrc
2012-01-10 20:20 . 2012-01-10 20:20 287232 ----a-w- c:\windows\system32\igfxrell.lrc
2012-01-10 20:20 . 2012-01-10 20:20 286720 ----a-w- c:\windows\system32\igfxrdeu.lrc
2012-01-10 20:20 . 2012-01-10 20:20 286720 ----a-w- c:\windows\system32\igfxrnld.lrc
2012-01-10 20:20 . 2012-01-10 20:20 286720 ----a-w- c:\windows\system32\igfxrcsy.lrc
2012-01-10 20:20 . 2012-01-10 20:20 286208 ----a-w- c:\windows\system32\igfxrfin.lrc
2012-01-10 20:20 . 2012-01-10 20:20 285696 ----a-w- c:\windows\system32\igfxrdan.lrc
2012-01-10 20:20 . 2012-01-10 20:20 285184 ----a-w- c:\windows\system32\igfxrara.lrc
2012-01-10 20:20 . 2012-01-10 20:20 282624 ----a-w- c:\windows\system32\igfxrcht.lrc
2012-01-10 20:20 . 2012-01-10 20:20 282624 ----a-w- c:\windows\system32\igfxrchs.lrc
2012-01-10 20:20 . 2012-01-10 20:20 126976 ----a-w- c:\windows\system32\igfxcpl.cpl
2012-01-10 20:20 . 2011-07-21 13:19 375808 ----a-w- c:\windows\system32\igfxpph.dll
2012-01-10 20:19 . 2012-01-10 20:19 378368 ----a-w- c:\windows\system32\igfxTMM.dll
2012-01-10 20:19 . 2011-07-21 13:19 28672 ----a-w- c:\windows\system32\igfxexps.dll
2012-01-10 20:19 . 2011-07-21 13:19 62464 ----a-w- c:\windows\system32\igfxsrvc.dll
2012-01-10 20:19 . 2011-07-21 13:19 110080 ----a-w- c:\windows\system32\hccutils.dll
2012-01-10 20:19 . 2012-01-10 20:19 4096 ----a-w- c:\windows\system32\IGFXDEVLib.dll
2012-01-10 20:19 . 2012-01-10 20:19 146432 ----a-w- c:\windows\system32\gfxSrvc.dll
2012-01-10 20:19 . 2011-07-21 13:19 390656 ----a-w- c:\windows\system32\igfxdev.dll
2012-01-10 20:18 . 2012-01-10 20:18 285696 ----a-w- c:\windows\system32\igfxrenu.lrc
2012-01-10 20:18 . 2012-01-10 20:18 142336 ----a-w- c:\windows\system32\igfxdo.dll
2012-01-10 20:18 . 2011-07-21 13:19 9014784 ----a-w- c:\windows\system32\igfxress.dll
2012-01-10 20:15 . 2012-01-10 20:15 24576 ----a-w- c:\windows\SysWow64\igfxexps32.dll
2012-01-10 20:14 . 2012-01-10 20:14 294400 ----a-w- c:\windows\SysWow64\igfxdv32.dll
2012-01-04 10:44 . 2012-02-15 05:37 509952 ----a-w- c:\windows\system32\ntshrui.dll
2012-01-04 08:58 . 2012-02-15 05:37 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll
2012-01-01 17:48 . 2012-01-01 17:48 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2011-12-30 06:26 . 2012-02-15 05:37 515584 ----a-w- c:\windows\system32\timedate.cpl
2011-12-30 05:27 . 2012-02-15 05:37 478720 ----a-w- c:\windows\SysWow64\timedate.cpl
2011-12-28 03:59 . 2012-02-15 05:37 498688 ----a-w- c:\windows\system32\drivers\afd.sys
2011-12-25 19:14 . 2011-12-25 19:14 538000 ----a-w- c:\windows\system32\appdrvrem01.exe
2011-12-25 19:14 . 2011-12-25 19:14 2687592 ----a-w- c:\windows\system32\drivers\appdrv01.sys
2011-12-25 07:49 . 2011-12-25 07:49 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2011-12-25 07:48 . 2011-12-25 07:48 484176 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-12-19 18:39 . 2010-06-24 18:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-12-19 15:46 . 2011-12-19 15:46 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-12-19 15:46 . 2011-12-19 15:46 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-12-19 15:46 . 2011-12-19 15:46 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2011-12-19 15:46 . 2011-12-19 15:46 85504 ----a-w- c:\windows\system32\iesetup.dll
2011-12-19 15:46 . 2011-12-19 15:46 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2011-12-19 15:46 . 2011-12-19 15:46 76800 ----a-w- c:\windows\system32\tdc.ocx
2011-12-19 15:46 . 2011-12-19 15:46 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2011-12-19 15:46 . 2011-12-19 15:46 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2011-12-19 15:46 . 2011-12-19 15:46 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2011-12-19 15:46 . 2011-12-19 15:46 603648 ----a-w- c:\windows\system32\vbscript.dll
2011-12-19 15:46 . 2011-12-19 15:46 49664 ----a-w- c:\windows\system32\imgutil.dll
2011-12-19 15:46 . 2011-12-19 15:46 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2011-12-19 15:46 . 2011-12-19 15:46 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-12-19 15:46 . 2011-12-19 15:46 448512 ----a-w- c:\windows\system32\html.iec
2011-12-19 15:46 . 2011-12-19 15:46 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-12-19 15:46 . 2011-12-19 15:46 367104 ----a-w- c:\windows\SysWow64\html.iec
2011-12-19 15:46 . 2011-12-19 15:46 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2011-12-19 15:46 . 2011-12-19 15:46 30720 ----a-w- c:\windows\system32\licmgr10.dll
2011-12-19 15:46 . 2011-12-19 15:46 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2011-12-19 15:46 . 2011-12-19 15:46 222208 ----a-w- c:\windows\system32\msls31.dll
2011-12-19 15:46 . 2011-12-19 15:46 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2011-12-19 15:46 . 2011-12-19 15:46 165888 ----a-w- c:\windows\system32\iexpress.exe
2011-12-19 15:46 . 2011-12-19 15:46 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2011-12-19 15:46 . 2011-12-19 15:46 160256 ----a-w- c:\windows\system32\wextract.exe
2011-12-19 15:46 . 2011-12-19 15:46 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2011-12-19 15:46 . 2011-12-19 15:46 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2011-12-19 15:46 . 2011-12-19 15:46 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2011-06-17 266496]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-08-10 975952]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 appdrvrem01;Application Driver Auto Removal Service (01);c:\windows\System32\appdrvrem01.exe svc [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
S1 appdrv01;Application Driver (01);c:\windows\system32\Drivers\appdrv01.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-08-10 321104]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2010-08-12 810144]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2011-01-05 867712]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2011-05-26 29696]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-02-28 2343816]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2011-04-22 244624]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2011-06-17 255744]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-03-30 2009704]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-03-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-690493506-2440755053-609296324-1001Core.job
- c:\users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-14 15:29]
.
2012-03-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-690493506-2440755053-609296324-1001UA.job
- c:\users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-14 15:29]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-22 10920552]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2011-01-05 860040]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-08-12 2916584]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-01-10 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-01-10 392984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-01-10 417560]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://acer.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - e:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
FF - ProfilePath - c:\users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\lke3tyw8.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-{3EC0A49B-BF10-45A5-B15C-D90484A846E6} - c:\program files (x86)\InstallShield Installation Information\{3EC0A49B-BF10-45A5-B15C-D90484A846E6}\setup.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-690493506-2440755053-609296324-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:c4,db,8e,cc,9c,68,7d,6e,99,ce,8a,4a,67,fe,d1,25,99,18,4e,29,f1,3d,71,
a2,23,4e,2d,10,58,9f,39,6d,29,c1,3e,73,dd,9a,55,00,64,57,ce,00,b6,84,30,0c,\
"??"=hex:b9,db,94,7d,35,a3,c9,78,b4,12,f5,c8,8c,78,3a,d5
.
[HKEY_USERS\S-1-5-21-690493506-2440755053-609296324-1001\Software\SecuROM\License information*]
"datasecu"=hex:e7,b8,b4,6b,8b,7f,20,cc,d8,b3,a4,2a,5a,3b,69,df,08,e3,d8,06,70,
17,fd,0a,2e,d4,7c,0c,5d,b1,2b,54,f9,1d,5a,00,07,d2,42,55,cb,92,b9,73,18,ee,\
"rkeysecu"=hex:00,14,61,c9,d6,55,92,9d,64,c7,23,73,8b,9a,1a,87
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-03-17 14:16:04
ComboFix-quarantined-files.txt 2012-03-17 13:16
.
Před spuštěním: Volných bajtů: 326 763 024 384
Po spuštění: Volných bajtů: 326 255 845 376
.
- - End Of File - - 50061F013E34A8DC40B3BAA5BEE81D4F

[Rudy]

Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

Collect::
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-690493506-2440755053-609296324-1001Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-690493506-2440755053-609296324-1001UA.job

Folder::
c:\users\Tom\AppData\Local\Google\Update

Regnull::
[HKEY_USERS\S-1-5-21-690493506-2440755053-609296324-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
[HKEY_USERS\S-1-5-21-690493506-2440755053-609296324-1001\Software\SecuROM\License information*]

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

[tomascz105]

Hotovo
přikládám log
ale po této operaci přestaly fungovat aktualizace u chromu


ComboFix 12-03-16.05 - Tom 17.03.2012 17:20:06.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3767.2516 [GMT 1:00]
Spuštěný z: c:\users\Tom\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Tom\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Tom\AppData\Local\Google\Update
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\GoogleCrashHandler.exe
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\GoogleCrashHandler64.exe
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\GoogleUpdate.exe
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\GoogleUpdateBroker.exe
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\GoogleUpdateHelper.msi
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\GoogleUpdateOnDemand.exe
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdate.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_am.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_ar.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_bg.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_bn.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_ca.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_cs.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_da.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_de.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_el.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_en-GB.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_en.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_es-419.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_es.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_et.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_fa.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_fi.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_fil.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_fr.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_gu.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_hi.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_hr.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_hu.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_id.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_is.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_it.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_iw.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_ja.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_kn.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_ko.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_lt.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_lv.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_ml.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_mr.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_ms.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_nl.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_no.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_pl.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_pt-BR.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_pt-PT.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_ro.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_ru.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_sk.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_sl.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_sr.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_sv.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_sw.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_ta.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_te.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_th.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_tr.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_uk.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_ur.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_vi.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_zh-CN.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\goopdateres_zh-TW.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\psmachine.dll
c:\users\Tom\AppData\Local\Google\Update\1.3.21.99\psuser.dll
c:\users\Tom\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\17.0.963.79\chrome_installer.exe
c:\users\Tom\AppData\Local\Google\Update\GoogleUpdate.exe
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-690493506-2440755053-609296324-1001Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-690493506-2440755053-609296324-1001UA.job
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-02-17 do 2012-03-17 )))))))))))))))))))))))))))))))
.
.
2012-03-17 06:45 . 2012-03-17 06:58 -------- d-----w- c:\program files\trend micro
2012-03-17 06:45 . 2012-03-17 06:45 -------- d-----w- C:\rsit
2012-03-16 12:38 . 2012-03-16 12:38 -------- d-----w- c:\users\Tom\Tracing
2012-03-16 12:17 . 2012-02-08 07:13 8643640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B68DD6B6-5FF1-4E32-BBFB-F8E24CA8D10E}\mpengine.dll
2012-03-15 14:02 . 2012-03-15 14:02 592824 ----a-w- c:\program files (x86)\Mozilla Firefox\gkmedias.dll
2012-03-15 14:02 . 2012-03-15 14:02 44472 ----a-w- c:\program files (x86)\Mozilla Firefox\mozglue.dll
2012-03-14 11:53 . 2011-11-19 15:20 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-14 11:53 . 2011-11-19 14:50 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-03-14 11:53 . 2011-11-19 14:50 3913584 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-03-14 11:50 . 2012-02-10 06:36 1544192 ----a-w- c:\windows\system32\DWrite.dll
2012-03-14 11:50 . 2012-02-10 05:38 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-03-14 11:50 . 2012-02-03 04:34 3145728 ----a-w- c:\windows\system32\win32k.sys
2012-03-14 11:50 . 2012-01-25 06:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-03-14 11:50 . 2012-01-25 06:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-03-14 11:50 . 2012-01-25 06:33 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-03-14 11:50 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-03-14 11:50 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-03-14 11:50 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-14 11:50 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-03-08 11:38 . 2012-03-08 11:38 -------- d--h--w- c:\program files (x86)\Common Files\EAInstaller
2012-03-08 11:03 . 2012-03-12 14:11 -------- d-----w- c:\users\Tom\AppData\Local\LogMeIn Hamachi
2012-03-08 11:02 . 2012-03-08 11:02 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2012-03-08 10:59 . 2012-03-08 10:59 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-03-08 10:59 . 2012-03-08 10:59 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2012-03-08 10:58 . 2012-03-12 14:11 -------- d-----w- c:\users\Tom\AppData\Roaming\DAEMON Tools Lite
2012-03-04 12:21 . 2012-03-08 11:09 -------- d-----w- c:\users\Tom\AppData\Roaming\My Battle for Middle-earth(tm) II Files
2012-03-04 10:36 . 2012-03-12 13:13 -------- d-----w- c:\users\Tom\AppData\Roaming\My Battle for Middle-earth Files
2012-03-01 15:59 . 2012-03-01 16:46 -------- d-----w- c:\users\Tom\VirtualBox VMs
2012-03-01 15:58 . 2011-12-19 12:45 224048 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2012-03-01 15:57 . 2012-03-01 16:48 -------- dc----w- c:\windows\system32\DRVSTORE
2012-03-01 15:57 . 2011-12-19 12:45 130864 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2012-02-28 14:44 . 2012-02-28 14:44 -------- d-----w- c:\program files (x86)\Disney Interactive Studios
2012-02-27 08:23 . 2012-02-27 08:23 -------- d-----w- c:\users\Tom\AppData\Roaming\NVIDIA
2012-02-26 16:39 . 2012-02-26 16:39 -------- d-----w- c:\program files\CCleaner
2012-02-18 16:14 . 2012-02-18 16:14 -------- d-----w- c:\users\Tom\AppData\Local\APN
2012-02-18 07:33 . 2012-02-18 07:33 -------- d-----w- c:\windows\system32\Macromed
2012-02-16 18:23 . 2012-02-16 18:23 -------- d-----w- c:\users\Tom\AppData\Roaming\CyberLink
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-28 10:08 . 2012-01-08 10:17 183112 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-02-28 08:30 . 2012-01-08 10:17 66872 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-02-23 08:18 . 2010-11-21 03:27 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-02-18 07:33 . 2011-07-21 13:40 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-01-10 21:43 . 2012-01-10 21:43 167704 ----a-w- c:\windows\system32\igfxtray.exe
2012-01-10 21:43 . 2012-01-10 21:43 510232 ----a-w- c:\windows\system32\igfxsrvc.exe
2012-01-10 21:43 . 2012-01-10 21:43 417560 ----a-w- c:\windows\system32\igfxpers.exe
2012-01-10 21:43 . 2012-01-10 21:43 239896 ----a-w- c:\windows\system32\igfxext.exe
2012-01-10 21:43 . 2012-01-10 21:43 4379416 ----a-w- c:\windows\system32\GfxUI.exe
2012-01-10 21:43 . 2012-01-10 21:43 392984 ----a-w- c:\windows\system32\hkcmd.exe
2012-01-10 21:43 . 2012-01-10 21:43 184600 ----a-w- c:\windows\system32\difx64.exe
2012-01-10 21:37 . 2012-01-10 21:37 90112 ----a-w- c:\windows\system32\igfxCoIn_v2622.dll
2012-01-10 21:28 . 2012-01-10 21:28 8313856 ----a-w- c:\windows\system32\igdumd64.dll
2012-01-10 21:28 . 2012-01-10 21:28 12311904 ----a-w- c:\windows\system32\drivers\igdkmd64.sys
2012-01-10 21:18 . 2012-01-10 21:18 6323712 ----a-w- c:\windows\SysWow64\igdumd32.dll
2012-01-10 21:12 . 2012-01-10 21:12 581120 ----a-w- c:\windows\SysWow64\igdumdx32.dll
2012-01-10 21:06 . 2011-07-21 13:19 9528832 ----a-w- c:\windows\system32\igd10umd64.dll
2012-01-10 20:55 . 2012-01-10 20:55 7988224 ----a-w- c:\windows\SysWow64\igd10umd32.dll
2012-01-10 20:42 . 2012-01-10 20:42 18653696 ----a-w- c:\windows\system32\ig4icd64.dll
2012-01-10 20:29 . 2012-01-10 20:29 13904384 ----a-w- c:\windows\SysWow64\ig4icd32.dll
2012-01-10 20:20 . 2012-01-10 20:20 286720 ----a-w- c:\windows\system32\igfxrrom.lrc
2012-01-10 20:20 . 2012-01-10 20:20 286720 ----a-w- c:\windows\system32\igfxrsky.lrc
2012-01-10 20:20 . 2012-01-10 20:20 286720 ----a-w- c:\windows\system32\igfxrhrv.lrc
2012-01-10 20:20 . 2012-01-10 20:20 286208 ----a-w- c:\windows\system32\igfxrslv.lrc
2012-01-10 20:20 . 2012-01-10 20:20 287232 ----a-w- c:\windows\system32\igfxresn.lrc
2012-01-10 20:20 . 2012-01-10 20:20 286208 ----a-w- c:\windows\system32\igfxrtrk.lrc
2012-01-10 20:20 . 2012-01-10 20:20 286208 ----a-w- c:\windows\system32\igfxrsve.lrc
2012-01-10 20:20 . 2012-01-10 20:20 285696 ----a-w- c:\windows\system32\igfxrtha.lrc
2012-01-10 20:20 . 2012-01-10 20:20 286720 ----a-w- c:\windows\system32\igfxrrus.lrc
2012-01-10 20:20 . 2012-01-10 20:20 286720 ----a-w- c:\windows\system32\igfxrptg.lrc
2012-01-10 20:20 . 2012-01-10 20:20 286208 ----a-w- c:\windows\system32\igfxrptb.lrc
2012-01-10 20:20 . 2012-01-10 20:20 286720 ----a-w- c:\windows\system32\igfxrplk.lrc
2012-01-10 20:20 . 2012-01-10 20:20 286208 ----a-w- c:\windows\system32\igfxrnor.lrc
2012-01-10 20:20 . 2012-01-10 20:20 283136 ----a-w- c:\windows\system32\igfxrkor.lrc
2012-01-10 20:20 . 2012-01-10 20:20 286720 ----a-w- c:\windows\system32\igfxrita.lrc
2012-01-10 20:20 . 2012-01-10 20:20 286208 ----a-w- c:\windows\system32\igfxrhun.lrc
2012-01-10 20:20 . 2012-01-10 20:20 285184 ----a-w- c:\windows\system32\igfxrheb.lrc
2012-01-10 20:20 . 2012-01-10 20:20 283648 ----a-w- c:\windows\system32\igfxrjpn.lrc
2012-01-10 20:20 . 2012-01-10 20:20 287232 ----a-w- c:\windows\system32\igfxrfra.lrc
2012-01-10 20:20 . 2012-01-10 20:20 287232 ----a-w- c:\windows\system32\igfxrell.lrc
2012-01-10 20:20 . 2012-01-10 20:20 286720 ----a-w- c:\windows\system32\igfxrdeu.lrc
2012-01-10 20:20 . 2012-01-10 20:20 286720 ----a-w- c:\windows\system32\igfxrnld.lrc
2012-01-10 20:20 . 2012-01-10 20:20 286720 ----a-w- c:\windows\system32\igfxrcsy.lrc
2012-01-10 20:20 . 2012-01-10 20:20 286208 ----a-w- c:\windows\system32\igfxrfin.lrc
2012-01-10 20:20 . 2012-01-10 20:20 285696 ----a-w- c:\windows\system32\igfxrdan.lrc
2012-01-10 20:20 . 2012-01-10 20:20 285184 ----a-w- c:\windows\system32\igfxrara.lrc
2012-01-10 20:20 . 2012-01-10 20:20 282624 ----a-w- c:\windows\system32\igfxrcht.lrc
2012-01-10 20:20 . 2012-01-10 20:20 282624 ----a-w- c:\windows\system32\igfxrchs.lrc
2012-01-10 20:20 . 2012-01-10 20:20 126976 ----a-w- c:\windows\system32\igfxcpl.cpl
2012-01-10 20:20 . 2011-07-21 13:19 375808 ----a-w- c:\windows\system32\igfxpph.dll
2012-01-10 20:19 . 2012-01-10 20:19 378368 ----a-w- c:\windows\system32\igfxTMM.dll
2012-01-10 20:19 . 2011-07-21 13:19 28672 ----a-w- c:\windows\system32\igfxexps.dll
2012-01-10 20:19 . 2011-07-21 13:19 62464 ----a-w- c:\windows\system32\igfxsrvc.dll
2012-01-10 20:19 . 2011-07-21 13:19 110080 ----a-w- c:\windows\system32\hccutils.dll
2012-01-10 20:19 . 2012-01-10 20:19 4096 ----a-w- c:\windows\system32\IGFXDEVLib.dll
2012-01-10 20:19 . 2012-01-10 20:19 146432 ----a-w- c:\windows\system32\gfxSrvc.dll
2012-01-10 20:19 . 2011-07-21 13:19 390656 ----a-w- c:\windows\system32\igfxdev.dll
2012-01-10 20:18 . 2012-01-10 20:18 285696 ----a-w- c:\windows\system32\igfxrenu.lrc
2012-01-10 20:18 . 2012-01-10 20:18 142336 ----a-w- c:\windows\system32\igfxdo.dll
2012-01-10 20:18 . 2011-07-21 13:19 9014784 ----a-w- c:\windows\system32\igfxress.dll
2012-01-10 20:15 . 2012-01-10 20:15 24576 ----a-w- c:\windows\SysWow64\igfxexps32.dll
2012-01-10 20:14 . 2012-01-10 20:14 294400 ----a-w- c:\windows\SysWow64\igfxdv32.dll
2012-01-04 10:44 . 2012-02-15 05:37 509952 ----a-w- c:\windows\system32\ntshrui.dll
2012-01-04 08:58 . 2012-02-15 05:37 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll
2012-01-01 17:48 . 2012-01-01 17:48 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2011-12-30 06:26 . 2012-02-15 05:37 515584 ----a-w- c:\windows\system32\timedate.cpl
2011-12-30 05:27 . 2012-02-15 05:37 478720 ----a-w- c:\windows\SysWow64\timedate.cpl
2011-12-28 03:59 . 2012-02-15 05:37 498688 ----a-w- c:\windows\system32\drivers\afd.sys
2011-12-25 19:14 . 2011-12-25 19:14 538000 ----a-w- c:\windows\system32\appdrvrem01.exe
2011-12-25 19:14 . 2011-12-25 19:14 2687592 ----a-w- c:\windows\system32\drivers\appdrv01.sys
2011-12-25 07:49 . 2011-12-25 07:49 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2011-12-25 07:48 . 2011-12-25 07:48 484176 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-12-19 18:39 . 2010-06-24 18:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-12-19 15:46 . 2011-12-19 15:46 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-12-19 15:46 . 2011-12-19 15:46 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-12-19 15:46 . 2011-12-19 15:46 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2011-12-19 15:46 . 2011-12-19 15:46 85504 ----a-w- c:\windows\system32\iesetup.dll
2011-12-19 15:46 . 2011-12-19 15:46 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2011-12-19 15:46 . 2011-12-19 15:46 76800 ----a-w- c:\windows\system32\tdc.ocx
2011-12-19 15:46 . 2011-12-19 15:46 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2011-12-19 15:46 . 2011-12-19 15:46 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2011-12-19 15:46 . 2011-12-19 15:46 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2011-12-19 15:46 . 2011-12-19 15:46 603648 ----a-w- c:\windows\system32\vbscript.dll
2011-12-19 15:46 . 2011-12-19 15:46 49664 ----a-w- c:\windows\system32\imgutil.dll
2011-12-19 15:46 . 2011-12-19 15:46 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2011-12-19 15:46 . 2011-12-19 15:46 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-12-19 15:46 . 2011-12-19 15:46 448512 ----a-w- c:\windows\system32\html.iec
2011-12-19 15:46 . 2011-12-19 15:46 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-12-19 15:46 . 2011-12-19 15:46 367104 ----a-w- c:\windows\SysWow64\html.iec
2011-12-19 15:46 . 2011-12-19 15:46 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2011-12-19 15:46 . 2011-12-19 15:46 30720 ----a-w- c:\windows\system32\licmgr10.dll
2011-12-19 15:46 . 2011-12-19 15:46 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2011-12-19 15:46 . 2011-12-19 15:46 222208 ----a-w- c:\windows\system32\msls31.dll
2011-12-19 15:46 . 2011-12-19 15:46 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2011-12-19 15:46 . 2011-12-19 15:46 165888 ----a-w- c:\windows\system32\iexpress.exe
2011-12-19 15:46 . 2011-12-19 15:46 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2011-12-19 15:46 . 2011-12-19 15:46 160256 ----a-w- c:\windows\system32\wextract.exe
2011-12-19 15:46 . 2011-12-19 15:46 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2011-12-19 15:46 . 2011-12-19 15:46 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2011-12-19 15:46 . 2011-12-19 15:46 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2012-03-17_13.14.22 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-14 05:10 . 2012-03-17 15:43 37900 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-12-19 15:39 . 2012-03-17 15:43 9408 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-690493506-2440755053-609296324-1001_UserData.bin
- 2012-03-17 10:30 . 2012-03-17 10:30 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-03-17 16:25 . 2012-03-17 16:25 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-03-17 10:30 . 2012-03-17 10:30 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-03-17 16:25 . 2012-03-17 16:25 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 02:36 . 2012-03-17 11:11 616008 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-03-17 15:47 616008 c:\windows\system32\perfh009.dat
- 2011-09-02 22:51 . 2012-03-17 11:11 631292 c:\windows\system32\perfh005.dat
+ 2011-09-02 22:51 . 2012-03-17 15:47 631292 c:\windows\system32\perfh005.dat
- 2009-07-14 02:36 . 2012-03-17 11:11 106388 c:\windows\system32\perfc009.dat
+ 2009-07-14 02:36 . 2012-03-17 15:47 106388 c:\windows\system32\perfc009.dat
- 2011-09-02 22:51 . 2012-03-17 11:11 121914 c:\windows\system32\perfc005.dat
+ 2011-09-02 22:51 . 2012-03-17 15:47 121914 c:\windows\system32\perfc005.dat
- 2009-07-14 05:01 . 2012-03-17 09:31 319396 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-03-17 16:24 319396 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2011-06-17 266496]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-08-10 975952]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 appdrvrem01;Application Driver Auto Removal Service (01);c:\windows\System32\appdrvrem01.exe svc [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
S1 appdrv01;Application Driver (01);c:\windows\system32\Drivers\appdrv01.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-08-10 321104]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2010-08-12 810144]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2011-01-05 867712]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2011-05-26 29696]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-02-28 2343816]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2011-04-22 244624]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2011-06-17 255744]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-03-30 2009704]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-22 10920552]
"ETDWare"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2011-01-05 860040]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-08-12 2916584]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-01-10 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-01-10 392984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-01-10 417560]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://acer.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - e:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 10.10.10.10 10.10.10.9
FF - ProfilePath - c:\users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\lke3tyw8.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Launch Manager\LMworker.exe
.
**************************************************************************
.
Celkový čas: 2012-03-17 17:28:34 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-03-17 16:28
ComboFix2.txt 2012-03-17 13:16
.
Před spuštěním: Volných bajtů: 326 315 982 848
Po spuštění: Volných bajtů: 326 228 705 280
.
- - End Of File - - F4ADBFAC6F94BEC59B35115A6C10754A
Nahr nˇ probŘhlo ŁspŘçnŘ

[Rudy]

Nyní stáhněte, rozbalte a spusťte TDSSKiller: http://support.kaspersky.com/downloads/ ... killer.zip . Nechte pracovat. Po skončení operace vyskočí log, který sem zkopírujte.

GoogleUpdate celkem dost zatěžuje systém. Použijte ruční aktualizaci.

[tomascz105]

17:50:59.0262 1772 TDSS rootkit removing tool 2.7.20.0 Mar 9 2012 17:10:43
17:50:59.0527 1772 ============================================================
17:50:59.0527 1772 Current date / time: 2012/03/17 17:50:59.0527
17:50:59.0527 1772 SystemInfo:
17:50:59.0527 1772
17:50:59.0527 1772 OS Version: 6.1.7601 ServicePack: 1.0
17:50:59.0527 1772 Product type: Workstation
17:50:59.0527 1772 ComputerName: TOM-PC
17:50:59.0527 1772 UserName: Tom
17:50:59.0527 1772 Windows directory: C:\Windows
17:50:59.0527 1772 System windows directory: C:\Windows
17:50:59.0527 1772 Running under WOW64
17:50:59.0527 1772 Processor architecture: Intel x64
17:50:59.0527 1772 Number of processors: 4
17:50:59.0527 1772 Page size: 0x1000
17:50:59.0527 1772 Boot type: Normal boot
17:50:59.0527 1772 ============================================================
17:50:59.0886 1772 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:50:59.0901 1772 Drive \Device\Harddisk1\DR1 - Size: 0x3BA00000 (0.93 Gb), SectorSize: 0x200, Cylinders: 0x79, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:50:59.0901 1772 \Device\Harddisk0\DR0:
17:50:59.0901 1772 MBR used
17:50:59.0901 1772 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000
17:50:59.0901 1772 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0x2BA03000
17:50:59.0917 1772 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2D836000, BlocksNum 0x29D0F800
17:50:59.0917 1772 \Device\Harddisk1\DR1:
17:50:59.0917 1772 MBR used
17:50:59.0917 1772 \Device\Harddisk1\DR1\Partition0: MBR, Type 0xB, StartLBA 0x20, BlocksNum 0x1DCFE0
17:51:00.0011 1772 Initialize success
17:51:00.0011 1772 ============================================================
17:51:05.0205 0240 ============================================================
17:51:05.0205 0240 Scan started
17:51:05.0205 0240 Mode: Manual;
17:51:05.0205 0240 ============================================================
17:51:05.0658 0240 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
17:51:05.0658 0240 1394ohci - ok
17:51:05.0783 0240 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
17:51:05.0783 0240 ACPI - ok
17:51:05.0892 0240 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
17:51:05.0892 0240 AcpiPmi - ok
17:51:06.0032 0240 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
17:51:06.0048 0240 adp94xx - ok
17:51:06.0173 0240 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
17:51:06.0173 0240 adpahci - ok
17:51:06.0297 0240 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
17:51:06.0297 0240 adpu320 - ok
17:51:06.0422 0240 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
17:51:06.0422 0240 AFD - ok
17:51:06.0516 0240 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
17:51:06.0516 0240 agp440 - ok
17:51:06.0656 0240 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
17:51:06.0656 0240 aliide - ok
17:51:06.0750 0240 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
17:51:06.0750 0240 amdide - ok
17:51:06.0859 0240 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
17:51:06.0859 0240 AmdK8 - ok
17:51:06.0953 0240 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
17:51:06.0953 0240 AmdPPM - ok
17:51:07.0077 0240 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
17:51:07.0077 0240 amdsata - ok
17:51:07.0187 0240 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
17:51:07.0187 0240 amdsbs - ok
17:51:07.0311 0240 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
17:51:07.0311 0240 amdxata - ok
17:51:07.0514 0240 appdrv01 (4aa6d71bed980042d079e428f7668b44) C:\Windows\system32\Drivers\appdrv01.sys
17:51:07.0545 0240 appdrv01 - ok
17:51:07.0670 0240 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
17:51:07.0670 0240 AppID - ok
17:51:07.0826 0240 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
17:51:07.0826 0240 arc - ok
17:51:07.0920 0240 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
17:51:07.0920 0240 arcsas - ok
17:51:08.0042 0240 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
17:51:08.0043 0240 AsyncMac - ok
17:51:08.0158 0240 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
17:51:08.0159 0240 atapi - ok
17:51:08.0301 0240 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
17:51:08.0309 0240 b06bdrv - ok
17:51:08.0409 0240 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
17:51:08.0413 0240 b57nd60a - ok
17:51:08.0651 0240 BCM43XX (11f844b46b631337395651abe9c4167b) C:\Windows\system32\DRIVERS\bcmwl664.sys
17:51:08.0676 0240 BCM43XX - ok
17:51:08.0782 0240 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
17:51:08.0782 0240 Beep - ok
17:51:08.0905 0240 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
17:51:08.0906 0240 blbdrive - ok
17:51:09.0019 0240 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
17:51:09.0020 0240 bowser - ok
17:51:09.0110 0240 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
17:51:09.0110 0240 BrFiltLo - ok
17:51:09.0204 0240 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
17:51:09.0204 0240 BrFiltUp - ok
17:51:09.0313 0240 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
17:51:09.0313 0240 BridgeMP - ok
17:51:09.0453 0240 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
17:51:09.0469 0240 Brserid - ok
17:51:09.0578 0240 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
17:51:09.0578 0240 BrSerWdm - ok
17:51:09.0672 0240 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
17:51:09.0672 0240 BrUsbMdm - ok
17:51:09.0765 0240 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
17:51:09.0765 0240 BrUsbSer - ok
17:51:09.0890 0240 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
17:51:09.0890 0240 BthEnum - ok
17:51:09.0968 0240 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
17:51:09.0968 0240 BTHMODEM - ok
17:51:10.0077 0240 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
17:51:10.0093 0240 BthPan - ok
17:51:10.0218 0240 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
17:51:10.0233 0240 BTHPORT - ok
17:51:10.0358 0240 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
17:51:10.0358 0240 BTHUSB - ok
17:51:10.0530 0240 BTWAMPFL (9de56fa4533e485ae5409d3c11747143) C:\Windows\system32\DRIVERS\btwampfl.sys
17:51:10.0530 0240 BTWAMPFL - ok
17:51:10.0670 0240 btwaudio (f6135859a582a7294ba7a3336e08baa1) C:\Windows\system32\drivers\btwaudio.sys
17:51:10.0670 0240 btwaudio - ok
17:51:10.0779 0240 btwavdt (3def2370e414b4e299673558ba171a51) C:\Windows\system32\DRIVERS\btwavdt.sys
17:51:10.0795 0240 btwavdt - ok
17:51:10.0920 0240 btwl2cap (e8d2bcd080ea91e74775b9f5ea051f97) C:\Windows\system32\DRIVERS\btwl2cap.sys
17:51:10.0920 0240 btwl2cap - ok
17:51:11.0013 0240 btwrchid (9937e0e4dfc0030560a6dfe9d3a94b39) C:\Windows\system32\DRIVERS\btwrchid.sys
17:51:11.0013 0240 btwrchid - ok
17:51:11.0060 0240 catchme - ok
17:51:11.0169 0240 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
17:51:11.0169 0240 cdfs - ok
17:51:11.0279 0240 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
17:51:11.0279 0240 cdrom - ok
17:51:11.0388 0240 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
17:51:11.0388 0240 circlass - ok
17:51:11.0497 0240 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
17:51:11.0513 0240 CLFS - ok
17:51:11.0637 0240 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
17:51:11.0637 0240 CmBatt - ok
17:51:11.0731 0240 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
17:51:11.0731 0240 cmdide - ok
17:51:11.0840 0240 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
17:51:11.0856 0240 CNG - ok
17:51:11.0965 0240 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
17:51:11.0965 0240 Compbatt - ok
17:51:12.0059 0240 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
17:51:12.0059 0240 CompositeBus - ok
17:51:12.0168 0240 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
17:51:12.0168 0240 crcdisk - ok
17:51:12.0293 0240 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
17:51:12.0293 0240 DfsC - ok
17:51:12.0402 0240 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
17:51:12.0402 0240 discache - ok
17:51:12.0511 0240 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
17:51:12.0511 0240 Disk - ok
17:51:12.0636 0240 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
17:51:12.0636 0240 drmkaud - ok
17:51:12.0776 0240 dtsoftbus01 (46571ed73ae84469dca53081d33cf3c8) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
17:51:12.0776 0240 dtsoftbus01 - ok
17:51:12.0885 0240 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
17:51:12.0901 0240 DXGKrnl - ok
17:51:13.0026 0240 eamonm (398fdc5694f2ba9e51e321ca40d1706e) C:\Windows\system32\DRIVERS\eamonm.sys
17:51:13.0026 0240 eamonm - ok
17:51:13.0244 0240 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
17:51:13.0260 0240 ebdrv - ok
17:51:13.0400 0240 ehdrv (e99457900012b53b2226f146ecaf9136) C:\Windows\system32\DRIVERS\ehdrv.sys
17:51:13.0400 0240 ehdrv - ok
17:51:13.0556 0240 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
17:51:13.0572 0240 elxstor - ok
17:51:13.0681 0240 epfwwfpr (a2af094dcbe8bff7e898d327750506a0) C:\Windows\system32\DRIVERS\epfwwfpr.sys
17:51:13.0681 0240 epfwwfpr - ok
17:51:13.0790 0240 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
17:51:13.0790 0240 ErrDev - ok
17:51:13.0915 0240 ETD (0975bf32399a24117e317b5bf1d5d0aa) C:\Windows\system32\DRIVERS\ETD.sys
17:51:13.0915 0240 ETD - ok
17:51:14.0024 0240 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
17:51:14.0040 0240 exfat - ok
17:51:14.0133 0240 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
17:51:14.0133 0240 fastfat - ok
17:51:14.0243 0240 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
17:51:14.0243 0240 fdc - ok
17:51:14.0367 0240 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
17:51:14.0367 0240 FileInfo - ok
17:51:14.0445 0240 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
17:51:14.0445 0240 Filetrace - ok
17:51:14.0539 0240 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
17:51:14.0539 0240 flpydisk - ok
17:51:14.0648 0240 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
17:51:14.0648 0240 FltMgr - ok
17:51:14.0757 0240 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
17:51:14.0757 0240 FsDepends - ok
17:51:14.0851 0240 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
17:51:14.0851 0240 Fs_Rec - ok
17:51:14.0960 0240 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
17:51:14.0960 0240 fvevol - ok
17:51:15.0069 0240 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
17:51:15.0069 0240 gagp30kx - ok
17:51:15.0210 0240 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
17:51:15.0210 0240 hamachi - ok
17:51:15.0319 0240 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
17:51:15.0319 0240 hcw85cir - ok
17:51:15.0428 0240 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
17:51:15.0444 0240 HdAudAddService - ok
17:51:15.0553 0240 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
17:51:15.0553 0240 HDAudBus - ok
17:51:15.0662 0240 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\drivers\HECIx64.sys
17:51:15.0678 0240 HECIx64 - ok
17:51:15.0756 0240 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
17:51:15.0756 0240 HidBatt - ok
17:51:15.0881 0240 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
17:51:15.0881 0240 HidBth - ok
17:51:15.0974 0240 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
17:51:15.0974 0240 HidIr - ok
17:51:16.0083 0240 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
17:51:16.0099 0240 HidUsb - ok
17:51:16.0208 0240 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
17:51:16.0208 0240 HpSAMD - ok
17:51:16.0333 0240 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
17:51:16.0333 0240 HTTP - ok
17:51:16.0427 0240 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
17:51:16.0427 0240 hwpolicy - ok
17:51:16.0520 0240 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
17:51:16.0520 0240 i8042prt - ok
17:51:16.0645 0240 iaStor (1384872112e8e7fd5786eceb8bddf4c9) C:\Windows\system32\drivers\iaStor.sys
17:51:16.0661 0240 iaStor - ok
17:51:16.0785 0240 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
17:51:16.0801 0240 iaStorV - ok
17:51:17.0113 0240 igfx (f4f91789c7c7a159ce8215c1f69f2a85) C:\Windows\system32\DRIVERS\igdkmd64.sys
17:51:17.0316 0240 igfx - ok
17:51:17.0425 0240 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
17:51:17.0425 0240 iirsp - ok
17:51:17.0534 0240 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
17:51:17.0534 0240 Impcd - ok
17:51:17.0690 0240 IntcAzAudAddService (235362d403d9d677514649d88db31914) C:\Windows\system32\drivers\RTKVHD64.sys
17:51:17.0721 0240 IntcAzAudAddService - ok
17:51:17.0831 0240 IntcDAud (03c74719d48056a1078f3a51ceb76baa) C:\Windows\system32\DRIVERS\IntcDAud.sys
17:51:17.0846 0240 IntcDAud - ok
17:51:17.0940 0240 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
17:51:17.0940 0240 intelide - ok
17:51:18.0033 0240 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
17:51:18.0033 0240 intelppm - ok
17:51:18.0127 0240 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:51:18.0143 0240 IpFilterDriver - ok
17:51:18.0252 0240 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
17:51:18.0252 0240 IPMIDRV - ok
17:51:18.0345 0240 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
17:51:18.0345 0240 IPNAT - ok
17:51:18.0439 0240 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
17:51:18.0455 0240 IRENUM - ok
17:51:18.0548 0240 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
17:51:18.0548 0240 isapnp - ok
17:51:18.0642 0240 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
17:51:18.0642 0240 iScsiPrt - ok
17:51:18.0767 0240 k57nd60a (37e053a2cf8f0082b689ed74106e0cec) C:\Windows\system32\DRIVERS\k57nd60a.sys
17:51:18.0782 0240 k57nd60a - ok
17:51:18.0876 0240 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
17:51:18.0876 0240 kbdclass - ok
17:51:18.0969 0240 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
17:51:18.0969 0240 kbdhid - ok
17:51:19.0079 0240 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
17:51:19.0094 0240 KSecDD - ok
17:51:19.0172 0240 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
17:51:19.0172 0240 KSecPkg - ok
17:51:19.0250 0240 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
17:51:19.0250 0240 ksthunk - ok
17:51:19.0375 0240 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
17:51:19.0375 0240 lltdio - ok
17:51:19.0531 0240 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
17:51:19.0531 0240 LSI_FC - ok
17:51:19.0640 0240 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
17:51:19.0640 0240 LSI_SAS - ok
17:51:19.0749 0240 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
17:51:19.0749 0240 LSI_SAS2 - ok
17:51:19.0859 0240 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
17:51:19.0859 0240 LSI_SCSI - ok
17:51:19.0952 0240 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
17:51:19.0952 0240 luafv - ok
17:51:20.0061 0240 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
17:51:20.0061 0240 megasas - ok
17:51:20.0202 0240 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
17:51:20.0202 0240 MegaSR - ok
17:51:20.0311 0240 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
17:51:20.0311 0240 Modem - ok
17:51:20.0420 0240 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
17:51:20.0420 0240 monitor - ok
17:51:20.0529 0240 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
17:51:20.0529 0240 mouclass - ok
17:51:20.0639 0240 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
17:51:20.0639 0240 mouhid - ok
17:51:20.0732 0240 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
17:51:20.0732 0240 mountmgr - ok
17:51:20.0826 0240 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
17:51:20.0841 0240 mpio - ok
17:51:20.0919 0240 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
17:51:20.0919 0240 mpsdrv - ok
17:51:21.0013 0240 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
17:51:21.0013 0240 MRxDAV - ok
17:51:21.0122 0240 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:51:21.0122 0240 mrxsmb - ok
17:51:21.0231 0240 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:51:21.0231 0240 mrxsmb10 - ok
17:51:21.0325 0240 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:51:21.0341 0240 mrxsmb20 - ok
17:51:21.0434 0240 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
17:51:21.0434 0240 msahci - ok
17:51:21.0528 0240 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
17:51:21.0528 0240 msdsm - ok
17:51:21.0637 0240 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
17:51:21.0637 0240 Msfs - ok
17:51:21.0731 0240 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
17:51:21.0731 0240 mshidkmdf - ok
17:51:21.0824 0240 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
17:51:21.0824 0240 msisadrv - ok
17:51:21.0965 0240 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
17:51:21.0965 0240 MSKSSRV - ok
17:51:22.0058 0240 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
17:51:22.0074 0240 MSPCLOCK - ok
17:51:22.0167 0240 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
17:51:22.0167 0240 MSPQM - ok
17:51:22.0261 0240 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
17:51:22.0261 0240 MsRPC - ok
17:51:22.0355 0240 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
17:51:22.0355 0240 mssmbios - ok
17:51:22.0464 0240 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
17:51:22.0464 0240 MSTEE - ok
17:51:22.0542 0240 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
17:51:22.0557 0240 MTConfig - ok
17:51:22.0635 0240 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
17:51:22.0635 0240 Mup - ok
17:51:22.0745 0240 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
17:51:22.0760 0240 NativeWifiP - ok
17:51:22.0885 0240 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
17:51:22.0885 0240 NDIS - ok
17:51:22.0994 0240 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
17:51:22.0994 0240 NdisCap - ok
17:51:23.0103 0240 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
17:51:23.0103 0240 NdisTapi - ok
17:51:23.0213 0240 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
17:51:23.0213 0240 Ndisuio - ok
17:51:23.0306 0240 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
17:51:23.0306 0240 NdisWan - ok
17:51:23.0415 0240 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
17:51:23.0415 0240 NDProxy - ok
17:51:23.0525 0240 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
17:51:23.0525 0240 NetBIOS - ok
17:51:23.0603 0240 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
17:51:23.0618 0240 NetBT - ok
17:51:23.0743 0240 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
17:51:23.0743 0240 nfrd960 - ok
17:51:23.0837 0240 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
17:51:23.0837 0240 Npfs - ok
17:51:23.0930 0240 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
17:51:23.0930 0240 nsiproxy - ok
17:51:24.0039 0240 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
17:51:24.0055 0240 Ntfs - ok
17:51:24.0180 0240 NTIDrvr (ee3ba1024594d5d09e314f206b94069e) C:\Windows\system32\drivers\NTIDrvr.sys
17:51:24.0180 0240 NTIDrvr - ok
17:51:24.0273 0240 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
17:51:24.0273 0240 Null - ok
17:51:24.0648 0240 nvlddmkm (73dc184af4d2addc41b37344636d2cc7) C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:51:24.0710 0240 nvlddmkm - ok
17:51:24.0835 0240 nvpciflt (477a3cf725c4040f77eb9e2c17b922a0) C:\Windows\system32\DRIVERS\nvpciflt.sys
17:51:24.0835 0240 nvpciflt - ok
17:51:24.0944 0240 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
17:51:24.0944 0240 nvraid - ok
17:51:25.0069 0240 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
17:51:25.0069 0240 nvstor - ok
17:51:25.0178 0240 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
17:51:25.0178 0240 nv_agp - ok
17:51:25.0303 0240 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
17:51:25.0303 0240 ohci1394 - ok
17:51:25.0428 0240 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
17:51:25.0428 0240 Parport - ok
17:51:25.0521 0240 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
17:51:25.0521 0240 partmgr - ok
17:51:25.0599 0240 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
17:51:25.0615 0240 pci - ok
17:51:25.0724 0240 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
17:51:25.0724 0240 pciide - ok
17:51:25.0818 0240 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
17:51:25.0818 0240 pcmcia - ok
17:51:25.0911 0240 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
17:51:25.0911 0240 pcw - ok
17:51:26.0005 0240 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
17:51:26.0021 0240 PEAUTH - ok
17:51:26.0161 0240 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
17:51:26.0161 0240 PptpMiniport - ok
17:51:26.0255 0240 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
17:51:26.0255 0240 Processor - ok
17:51:26.0364 0240 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
17:51:26.0364 0240 Psched - ok
17:51:26.0504 0240 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
17:51:26.0520 0240 ql2300 - ok
17:51:26.0629 0240 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
17:51:26.0629 0240 ql40xx - ok
17:51:26.0738 0240 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
17:51:26.0738 0240 QWAVEdrv - ok
17:51:26.0847 0240 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
17:51:26.0847 0240 RasAcd - ok
17:51:26.0957 0240 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
17:51:26.0957 0240 RasAgileVpn - ok
17:51:27.0066 0240 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:51:27.0066 0240 Rasl2tp - ok
17:51:27.0191 0240 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
17:51:27.0191 0240 RasPppoe - ok
17:51:27.0300 0240 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
17:51:27.0300 0240 RasSstp - ok
17:51:27.0409 0240 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
17:51:27.0409 0240 rdbss - ok
17:51:27.0487 0240 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
17:51:27.0487 0240 rdpbus - ok
17:51:27.0596 0240 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:51:27.0596 0240 RDPCDD - ok
17:51:27.0690 0240 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
17:51:27.0690 0240 RDPENCDD - ok
17:51:27.0783 0240 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
17:51:27.0783 0240 RDPREFMP - ok
17:51:27.0893 0240 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
17:51:27.0893 0240 RDPWD - ok
17:51:28.0002 0240 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
17:51:28.0002 0240 rdyboost - ok
17:51:28.0127 0240 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
17:51:28.0127 0240 RFCOMM - ok
17:51:28.0251 0240 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
17:51:28.0251 0240 rspndr - ok
17:51:28.0361 0240 RSUSBSTOR (0e3dcf76f11dc431b088a2dfd7265cda) C:\Windows\System32\Drivers\RtsUStor.sys
17:51:28.0376 0240 RSUSBSTOR - ok
17:51:28.0470 0240 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
17:51:28.0470 0240 sbp2port - ok
17:51:28.0563 0240 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
17:51:28.0563 0240 scfilter - ok
17:51:28.0673 0240 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
17:51:28.0673 0240 secdrv - ok
17:51:28.0813 0240 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
17:51:28.0813 0240 Serenum - ok
17:51:28.0938 0240 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
17:51:28.0938 0240 Serial - ok
17:51:29.0047 0240 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
17:51:29.0047 0240 sermouse - ok
17:51:29.0172 0240 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
17:51:29.0172 0240 sffdisk - ok
17:51:29.0265 0240 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
17:51:29.0265 0240 sffp_mmc - ok
17:51:29.0359 0240 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
17:51:29.0359 0240 sffp_sd - ok
17:51:29.0484 0240 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
17:51:29.0484 0240 sfloppy - ok
17:51:29.0593 0240 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
17:51:29.0593 0240 SiSRaid2 - ok
17:51:29.0687 0240 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
17:51:29.0687 0240 SiSRaid4 - ok
17:51:29.0780 0240 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
17:51:29.0780 0240 Smb - ok
17:51:29.0889 0240 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
17:51:29.0889 0240 spldr - ok
17:51:30.0014 0240 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
17:51:30.0030 0240 srv - ok
17:51:30.0123 0240 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
17:51:30.0139 0240 srv2 - ok
17:51:30.0233 0240 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
17:51:30.0233 0240 srvnet - ok
17:51:30.0342 0240 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
17:51:30.0342 0240 stexstor - ok
17:51:30.0467 0240 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
17:51:30.0467 0240 swenum - ok
17:51:30.0607 0240 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
17:51:30.0623 0240 Tcpip - ok
17:51:30.0747 0240 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
17:51:30.0763 0240 TCPIP6 - ok
17:51:30.0872 0240 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
17:51:30.0872 0240 tcpipreg - ok
17:51:30.0966 0240 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
17:51:30.0966 0240 TDPIPE - ok
17:51:31.0059 0240 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
17:51:31.0059 0240 TDTCP - ok
17:51:31.0169 0240 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
17:51:31.0169 0240 tdx - ok
17:51:31.0278 0240 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
17:51:31.0278 0240 TermDD - ok
17:51:31.0418 0240 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:51:31.0418 0240 tssecsrv - ok
17:51:31.0512 0240 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
17:51:31.0512 0240 TsUsbFlt - ok
17:51:31.0611 0240 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
17:51:31.0612 0240 TsUsbGD - ok
17:51:31.0727 0240 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
17:51:31.0729 0240 tunnel - ok
17:51:31.0826 0240 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
17:51:31.0827 0240 uagp35 - ok
17:51:31.0926 0240 UBHelper (a17d5e1a6df4eab0a480f2c490de4c9d) C:\Windows\system32\drivers\UBHelper.sys
17:51:31.0927 0240 UBHelper - ok
17:51:32.0016 0240 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
17:51:32.0021 0240 udfs - ok
17:51:32.0134 0240 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
17:51:32.0135 0240 uliagpkx - ok
17:51:32.0249 0240 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
17:51:32.0250 0240 umbus - ok
17:51:32.0335 0240 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
17:51:32.0336 0240 UmPass - ok
17:51:32.0450 0240 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
17:51:32.0452 0240 usbccgp - ok
17:51:32.0561 0240 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
17:51:32.0563 0240 usbcir - ok
17:51:32.0671 0240 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
17:51:32.0671 0240 usbehci - ok
17:51:32.0780 0240 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\drivers\usbhub.sys
17:51:32.0796 0240 usbhub - ok
17:51:32.0889 0240 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
17:51:32.0889 0240 usbohci - ok
17:51:32.0998 0240 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
17:51:32.0998 0240 usbprint - ok
17:51:33.0108 0240 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
17:51:33.0108 0240 usbscan - ok
17:51:33.0186 0240 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:51:33.0201 0240 USBSTOR - ok
17:51:33.0295 0240 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
17:51:33.0295 0240 usbuhci - ok
17:51:33.0404 0240 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
17:51:33.0404 0240 usbvideo - ok
17:51:33.0513 0240 VBoxNetAdp (8acf22b86ce4e85c23e3e9513bf45c37) C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
17:51:33.0529 0240 VBoxNetAdp - ok
17:51:33.0607 0240 VBoxNetFlt - ok
17:51:33.0716 0240 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
17:51:33.0716 0240 vdrvroot - ok
17:51:33.0841 0240 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
17:51:33.0841 0240 vga - ok
17:51:33.0934 0240 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
17:51:33.0934 0240 VgaSave - ok
17:51:34.0012 0240 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
17:51:34.0028 0240 vhdmp - ok
17:51:34.0137 0240 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
17:51:34.0137 0240 viaide - ok
17:51:34.0231 0240 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
17:51:34.0231 0240 volmgr - ok
17:51:34.0340 0240 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
17:51:34.0340 0240 volmgrx - ok
17:51:34.0449 0240 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
17:51:34.0449 0240 volsnap - ok
17:51:34.0558 0240 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
17:51:34.0558 0240 vsmraid - ok
17:51:34.0668 0240 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
17:51:34.0668 0240 vwifibus - ok
17:51:34.0777 0240 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
17:51:34.0777 0240 vwififlt - ok
17:51:34.0886 0240 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
17:51:34.0886 0240 WacomPen - ok
17:51:34.0995 0240 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:51:34.0995 0240 WANARP - ok
17:51:35.0011 0240 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:51:35.0011 0240 Wanarpv6 - ok
17:51:35.0136 0240 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
17:51:35.0151 0240 Wd - ok
17:51:35.0260 0240 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
17:51:35.0260 0240 Wdf01000 - ok
17:51:35.0401 0240 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
17:51:35.0401 0240 WfpLwf - ok
17:51:35.0479 0240 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
17:51:35.0479 0240 WIMMount - ok
17:51:35.0619 0240 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
17:51:35.0619 0240 WmiAcpi - ok
17:51:35.0744 0240 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
17:51:35.0744 0240 ws2ifsl - ok
17:51:35.0853 0240 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
17:51:35.0853 0240 WudfPf - ok
17:51:35.0962 0240 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:51:35.0962 0240 WUDFRd - ok
17:51:36.0025 0240 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
17:51:36.0087 0240 \Device\Harddisk0\DR0 - ok
17:51:36.0087 0240 MBR (0x1B8) (65e858a8a0293be11a920b0bc99d695e) \Device\Harddisk1\DR1
17:51:36.0540 0240 \Device\Harddisk1\DR1 - ok
17:51:36.0555 0240 Boot (0x1200) (760559aa4d4e888a7fcac855c0cffd82) \Device\Harddisk0\DR0\Partition0
17:51:36.0555 0240 \Device\Harddisk0\DR0\Partition0 - ok
17:51:36.0571 0240 Boot (0x1200) (232c74a435d3a50b6e9ba3b78b2feded) \Device\Harddisk0\DR0\Partition1
17:51:36.0571 0240 \Device\Harddisk0\DR0\Partition1 - ok
17:51:36.0586 0240 Boot (0x1200) (c6271f4b36146dc1adc72b290e1d67a2) \Device\Harddisk0\DR0\Partition2
17:51:36.0586 0240 \Device\Harddisk0\DR0\Partition2 - ok
17:51:36.0586 0240 Boot (0x1200) (5895f47ac87693ac6b30e5fa55416325) \Device\Harddisk1\DR1\Partition0
17:51:36.0602 0240 \Device\Harddisk1\DR1\Partition0 - ok
17:51:36.0602 0240 ============================================================
17:51:36.0602 0240 Scan finished
17:51:36.0602 0240 ============================================================
17:51:36.0602 0808 Detected object count: 0
17:51:36.0602 0808 Actual detected object count: 0
17:52:04.0140 3112 ============================================================
17:52:04.0140 3112 Scan started
17:52:04.0140 3112 Mode: Manual;
17:52:04.0140 3112 ============================================================
17:52:04.0389 3112 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
17:52:04.0389 3112 1394ohci - ok
17:52:04.0483 3112 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
17:52:04.0483 3112 ACPI - ok
17:52:04.0577 3112 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
17:52:04.0577 3112 AcpiPmi - ok
17:52:04.0701 3112 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
17:52:04.0701 3112 adp94xx - ok
17:52:04.0795 3112 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
17:52:04.0811 3112 adpahci - ok
17:52:04.0904 3112 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
17:52:04.0904 3112 adpu320 - ok
17:52:05.0013 3112 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
17:52:05.0029 3112 AFD - ok
17:52:05.0107 3112 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
17:52:05.0107 3112 agp440 - ok
17:52:05.0216 3112 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
17:52:05.0216 3112 aliide - ok
17:52:05.0310 3112 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
17:52:05.0310 3112 amdide - ok
17:52:05.0388 3112 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
17:52:05.0388 3112 AmdK8 - ok
17:52:05.0481 3112 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
17:52:05.0481 3112 AmdPPM - ok
17:52:05.0591 3112 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
17:52:05.0591 3112 amdsata - ok
17:52:05.0684 3112 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
17:52:05.0684 3112 amdsbs - ok
17:52:05.0778 3112 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
17:52:05.0778 3112 amdxata - ok
17:52:05.0918 3112 appdrv01 (4aa6d71bed980042d079e428f7668b44) C:\Windows\system32\Drivers\appdrv01.sys
17:52:05.0949 3112 appdrv01 - ok
17:52:06.0043 3112 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
17:52:06.0043 3112 AppID - ok
17:52:06.0152 3112 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
17:52:06.0152 3112 arc - ok
17:52:06.0246 3112 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
17:52:06.0246 3112 arcsas - ok
17:52:06.0324 3112 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
17:52:06.0324 3112 AsyncMac - ok
17:52:06.0417 3112 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
17:52:06.0417 3112 atapi - ok
17:52:06.0542 3112 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
17:52:06.0542 3112 b06bdrv - ok
17:52:06.0651 3112 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
17:52:06.0651 3112 b57nd60a - ok
17:52:06.0870 3112 BCM43XX (11f844b46b631337395651abe9c4167b) C:\Windows\system32\DRIVERS\bcmwl664.sys
17:52:06.0901 3112 BCM43XX - ok
17:52:06.0995 3112 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
17:52:06.0995 3112 Beep - ok
17:52:07.0073 3112 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
17:52:07.0073 3112 blbdrive - ok
17:52:07.0166 3112 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
17:52:07.0166 3112 bowser - ok
17:52:07.0260 3112 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
17:52:07.0260 3112 BrFiltLo - ok
17:52:07.0353 3112 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
17:52:07.0353 3112 BrFiltUp - ok
17:52:07.0447 3112 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
17:52:07.0447 3112 BridgeMP - ok
17:52:07.0556 3112 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
17:52:07.0556 3112 Brserid - ok
17:52:07.0634 3112 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
17:52:07.0634 3112 BrSerWdm - ok
17:52:07.0728 3112 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
17:52:07.0728 3112 BrUsbMdm - ok
17:52:07.0821 3112 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
17:52:07.0821 3112 BrUsbSer - ok
17:52:07.0915 3112 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
17:52:07.0915 3112 BthEnum - ok
17:52:07.0993 3112 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
17:52:07.0993 3112 BTHMODEM - ok
17:52:08.0087 3112 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
17:52:08.0087 3112 BthPan - ok
17:52:08.0196 3112 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
17:52:08.0196 3112 BTHPORT - ok
17:52:08.0289 3112 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
17:52:08.0289 3112 BTHUSB - ok
17:52:08.0383 3112 BTWAMPFL (9de56fa4533e485ae5409d3c11747143) C:\Windows\system32\DRIVERS\btwampfl.sys
17:52:08.0383 3112 BTWAMPFL - ok
17:52:08.0477 3112 btwaudio (f6135859a582a7294ba7a3336e08baa1) C:\Windows\system32\drivers\btwaudio.sys
17:52:08.0477 3112 btwaudio - ok
17:52:08.0586 3112 btwavdt (3def2370e414b4e299673558ba171a51) C:\Windows\system32\DRIVERS\btwavdt.sys
17:52:08.0586 3112 btwavdt - ok
17:52:08.0679 3112 btwl2cap (e8d2bcd080ea91e74775b9f5ea051f97) C:\Windows\system32\DRIVERS\btwl2cap.sys
17:52:08.0679 3112 btwl2cap - ok
17:52:08.0773 3112 btwrchid (9937e0e4dfc0030560a6dfe9d3a94b39) C:\Windows\system32\DRIVERS\btwrchid.sys
17:52:08.0773 3112 btwrchid - ok
17:52:08.0773 3112 catchme - ok
17:52:08.0882 3112 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
17:52:08.0882 3112 cdfs - ok
17:52:08.0960 3112 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
17:52:08.0960 3112 cdrom - ok
17:52:09.0054 3112 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
17:52:09.0054 3112 circlass - ok
17:52:09.0147 3112 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
17:52:09.0147 3112 CLFS - ok
17:52:09.0257 3112 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
17:52:09.0257 3112 CmBatt - ok
17:52:09.0350 3112 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
17:52:09.0350 3112 cmdide - ok
17:52:09.0444 3112 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
17:52:09.0459 3112 CNG - ok
17:52:09.0537 3112 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
17:52:09.0537 3112 Compbatt - ok
17:52:09.0615 3112 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
17:52:09.0615 3112 CompositeBus - ok
17:52:09.0709 3112 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
17:52:09.0709 3112 crcdisk - ok
17:52:09.0818 3112 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
17:52:09.0818 3112 DfsC - ok
17:52:09.0896 3112 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
17:52:09.0896 3112 discache - ok
17:52:09.0990 3112 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
17:52:09.0990 3112 Disk - ok
17:52:10.0099 3112 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
17:52:10.0099 3112 drmkaud - ok
17:52:10.0208 3112 dtsoftbus01 (46571ed73ae84469dca53081d33cf3c8) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
17:52:10.0208 3112 dtsoftbus01 - ok
17:52:10.0317 3112 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
17:52:10.0333 3112 DXGKrnl - ok
17:52:10.0427 3112 eamonm (398fdc5694f2ba9e51e321ca40d1706e) C:\Windows\system32\DRIVERS\eamonm.sys
17:52:10.0427 3112 eamonm - ok
17:52:10.0598 3112 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
17:52:10.0629 3112 ebdrv - ok
17:52:10.0739 3112 ehdrv (e99457900012b53b2226f146ecaf9136) C:\Windows\system32\DRIVERS\ehdrv.sys
17:52:10.0739 3112 ehdrv - ok
17:52:10.0848 3112 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
17:52:10.0863 3112 elxstor - ok
17:52:10.0941 3112 epfwwfpr (a2af094dcbe8bff7e898d327750506a0) C:\Windows\system32\DRIVERS\epfwwfpr.sys
17:52:10.0941 3112 epfwwfpr - ok
17:52:11.0051 3112 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
17:52:11.0051 3112 ErrDev - ok
17:52:11.0144 3112 ETD (0975bf32399a24117e317b5bf1d5d0aa) C:\Windows\system32\DRIVERS\ETD.sys
17:52:11.0160 3112 ETD - ok
17:52:11.0253 3112 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
17:52:11.0253 3112 exfat - ok
17:52:11.0363 3112 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
17:52:11.0363 3112 fastfat - ok
17:52:11.0441 3112 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
17:52:11.0441 3112 fdc - ok
17:52:11.0550 3112 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
17:52:11.0550 3112 FileInfo - ok
17:52:11.0628 3112 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
17:52:11.0628 3112 Filetrace - ok
17:52:11.0721 3112 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
17:52:11.0721 3112 flpydisk - ok
17:52:11.0815 3112 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
17:52:11.0815 3112 FltMgr - ok
17:52:11.0924 3112 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
17:52:11.0924 3112 FsDepends - ok
17:52:12.0018 3112 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
17:52:12.0018 3112 Fs_Rec - ok
17:52:12.0111 3112 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
17:52:12.0111 3112 fvevol - ok
17:52:12.0205 3112 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
17:52:12.0205 3112 gagp30kx - ok
17:52:12.0299 3112 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
17:52:12.0299 3112 hamachi - ok
17:52:12.0392 3112 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
17:52:12.0392 3112 hcw85cir - ok
17:52:12.0486 3112 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
17:52:12.0486 3112 HdAudAddService - ok
17:52:12.0595 3112 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
17:52:12.0595 3112 HDAudBus - ok
17:52:12.0689 3112 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\drivers\HECIx64.sys
17:52:12.0689 3112 HECIx64 - ok
17:52:12.0782 3112 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
17:52:12.0782 3112 HidBatt - ok
17:52:12.0860 3112 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
17:52:12.0876 3112 HidBth - ok
17:52:12.0954 3112 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
17:52:12.0954 3112 HidIr - ok
17:52:13.0047 3112 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
17:52:13.0047 3112 HidUsb - ok
17:52:13.0157 3112 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
17:52:13.0157 3112 HpSAMD - ok
17:52:13.0250 3112 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
17:52:13.0266 3112 HTTP - ok
17:52:13.0344 3112 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
17:52:13.0344 3112 hwpolicy - ok
17:52:13.0437 3112 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
17:52:13.0437 3112 i8042prt - ok
17:52:13.0547 3112 iaStor (1384872112e8e7fd5786eceb8bddf4c9) C:\Windows\system32\drivers\iaStor.sys
17:52:13.0547 3112 iaStor - ok
17:52:13.0656 3112 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
17:52:13.0656 3112 iaStorV - ok
17:52:13.0952 3112 igfx (f4f91789c7c7a159ce8215c1f69f2a85) C:\Windows\system32\DRIVERS\igdkmd64.sys
17:52:14.0015 3112 igfx - ok
17:52:14.0108 3112 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
17:52:14.0108 3112 iirsp - ok
17:52:14.0217 3112 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
17:52:14.0217 3112 Impcd - ok
17:52:14.0342 3112 IntcAzAudAddService (235362d403d9d677514649d88db31914) C:\Windows\system32\drivers\RTKVHD64.sys
17:52:14.0358 3112 IntcAzAudAddService - ok
17:52:14.0483 3112 IntcDAud (03c74719d48056a1078f3a51ceb76baa) C:\Windows\system32\DRIVERS\IntcDAud.sys
17:52:14.0483 3112 IntcDAud - ok
17:52:14.0576 3112 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
17:52:14.0576 3112 intelide - ok
17:52:14.0670 3112 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
17:52:14.0670 3112 intelppm - ok
17:52:14.0748 3112 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:52:14.0748 3112 IpFilterDriver - ok
17:52:14.0841 3112 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
17:52:14.0841 3112 IPMIDRV - ok
17:52:14.0935 3112 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
17:52:14.0935 3112 IPNAT - ok
17:52:15.0013 3112 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
17:52:15.0013 3112 IRENUM - ok
17:52:15.0107 3112 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
17:52:15.0107 3112 isapnp - ok
17:52:15.0200 3112 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
17:52:15.0200 3112 iScsiPrt - ok
17:52:15.0309 3112 k57nd60a (37e053a2cf8f0082b689ed74106e0cec) C:\Windows\system32\DRIVERS\k57nd60a.sys
17:52:15.0309 3112 k57nd60a - ok
17:52:15.0403 3112 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
17:52:15.0403 3112 kbdclass - ok
17:52:15.0481 3112 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
17:52:15.0497 3112 kbdhid - ok
17:52:15.0590 3112 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
17:52:15.0590 3112 KSecDD - ok
17:52:15.0668 3112 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
17:52:15.0668 3112 KSecPkg - ok
17:52:15.0762 3112 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
17:52:15.0777 3112 ksthunk - ok
17:52:15.0871 3112 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
17:52:15.0871 3112 lltdio - ok
17:52:15.0980 3112 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
17:52:15.0980 3112 LSI_FC - ok
17:52:16.0074 3112 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
17:52:16.0074 3112 LSI_SAS - ok
17:52:16.0167 3112 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
17:52:16.0167 3112 LSI_SAS2 - ok
17:52:16.0261 3112 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
17:52:16.0261 3112 LSI_SCSI - ok
17:52:16.0339 3112 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
17:52:16.0339 3112 luafv - ok
17:52:16.0433 3112 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
17:52:16.0433 3112 megasas - ok
17:52:16.0557 3112 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
17:52:16.0557 3112 MegaSR - ok
17:52:16.0651 3112 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
17:52:16.0651 3112 Modem - ok
17:52:16.0760 3112 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
17:52:16.0760 3112 monitor - ok
17:52:16.0838 3112 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
17:52:16.0838 3112 mouclass - ok
17:52:16.0932 3112 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
17:52:16.0932 3112 mouhid - ok
17:52:17.0010 3112 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
17:52:17.0025 3112 mountmgr - ok
17:52:17.0119 3112 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
17:52:17.0119 3112 mpio - ok
17:52:17.0213 3112 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
17:52:17.0213 3112 mpsdrv - ok
17:52:17.0322 3112 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
17:52:17.0322 3112 MRxDAV - ok
17:52:17.0415 3112 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:52:17.0415 3112 mrxsmb - ok
17:52:17.0509 3112 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:52:17.0509 3112 mrxsmb10 - ok
17:52:17.0618 3112 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:52:17.0618 3112 mrxsmb20 - ok
17:52:17.0712 3112 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
17:52:17.0712 3112 msahci - ok
17:52:17.0805 3112 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
17:52:17.0805 3112 msdsm - ok
17:52:17.0899 3112 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
17:52:17.0899 3112 Msfs - ok
17:52:17.0993 3112 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
17:52:17.0993 3112 mshidkmdf - ok
17:52:18.0086 3112 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
17:52:18.0086 3112 msisadrv - ok
17:52:18.0180 3112 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
17:52:18.0180 3112 MSKSSRV - ok
17:52:18.0273 3112 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
17:52:18.0273 3112 MSPCLOCK - ok
17:52:18.0367 3112 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
17:52:18.0367 3112 MSPQM - ok
17:52:18.0461 3112 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
17:52:18.0461 3112 MsRPC - ok
17:52:18.0554 3112 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
17:52:18.0570 3112 mssmbios - ok
17:52:18.0648 3112 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
17:52:18.0648 3112 MSTEE - ok
17:52:18.0741 3112 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
17:52:18.0741 3112 MTConfig - ok
17:52:18.0835 3112 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
17:52:18.0835 3112 Mup - ok
17:52:18.0929 3112 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
17:52:18.0929 3112 NativeWifiP - ok
17:52:19.0038 3112 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
17:52:19.0038 3112 NDIS - ok
17:52:19.0131 3112 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
17:52:19.0131 3112 NdisCap - ok
17:52:19.0225 3112 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
17:52:19.0225 3112 NdisTapi - ok
17:52:19.0319 3112 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
17:52:19.0319 3112 Ndisuio - ok
17:52:19.0412 3112 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
17:52:19.0412 3112 NdisWan - ok
17:52:19.0506 3112 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
17:52:19.0506 3112 NDProxy - ok
17:52:19.0584 3112 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
17:52:19.0584 3112 NetBIOS - ok
17:52:19.0677 3112 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
17:52:19.0677 3112 NetBT - ok
17:52:19.0787 3112 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
17:52:19.0787 3112 nfrd960 - ok
17:52:19.0880 3112 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
17:52:19.0880 3112 Npfs - ok
17:52:19.0974 3112 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
17:52:19.0974 3112 nsiproxy - ok
17:52:20.0099 3112 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
17:52:20.0114 3112 Ntfs - ok
17:52:20.0208 3112 NTIDrvr (ee3ba1024594d5d09e314f206b94069e) C:\Windows\system32\drivers\NTIDrvr.sys
17:52:20.0208 3112 NTIDrvr - ok
17:52:20.0286 3112 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
17:52:20.0286 3112 Null - ok
17:52:20.0598 3112 nvlddmkm (73dc184af4d2addc41b37344636d2cc7) C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:52:20.0660 3112 nvlddmkm - ok
17:52:20.0769 3112 nvpciflt (477a3cf725c4040f77eb9e2c17b922a0) C:\Windows\system32\DRIVERS\nvpciflt.sys
17:52:20.0769 3112 nvpciflt - ok
17:52:20.0863 3112 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
17:52:20.0863 3112 nvraid - ok
17:52:20.0957 3112 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
17:52:20.0957 3112 nvstor - ok
17:52:21.0066 3112 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
17:52:21.0066 3112 nv_agp - ok
17:52:21.0159 3112 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
17:52:21.0175 3112 ohci1394 - ok
17:52:21.0284 3112 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
17:52:21.0284 3112 Parport - ok
17:52:21.0378 3112 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
17:52:21.0378 3112 partmgr - ok
17:52:21.0471 3112 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
17:52:21.0471 3112 pci - ok
17:52:21.0565 3112 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
17:52:21.0565 3112 pciide - ok
17:52:21.0659 3112 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
17:52:21.0659 3112 pcmcia - ok
17:52:21.0752 3112 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
17:52:21.0752 3112 pcw - ok
17:52:21.0846 3112 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
17:52:21.0861 3112 PEAUTH - ok
17:52:21.0986 3112 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
17:52:21.0986 3112 PptpMiniport - ok
17:52:22.0080 3112 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
17:52:22.0080 3112 Processor - ok
17:52:22.0189 3112 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
17:52:22.0189 3112 Psched - ok
17:52:22.0298 3112 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
17:52:22.0314 3112 ql2300 - ok
17:52:22.0407 3112 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
17:52:22.0407 3112 ql40xx - ok
17:52:22.0563 3112 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
17:52:22.0563 3112 QWAVEdrv - ok
17:52:22.0673 3112 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
17:52:22.0673 3112 RasAcd - ok
17:52:22.0766 3112 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
17:52:22.0766 3112 RasAgileVpn - ok
17:52:22.0860 3112 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:52:22.0875 3112 Rasl2tp - ok
17:52:22.0969 3112 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
17:52:22.0969 3112 RasPppoe - ok
17:52:23.0063 3112 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
17:52:23.0063 3112 RasSstp - ok
17:52:23.0156 3112 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
17:52:23.0172 3112 rdbss - ok
17:52:23.0250 3112 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
17:52:23.0250 3112 rdpbus - ok
17:52:23.0343 3112 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:52:23.0343 3112 RDPCDD - ok
17:52:23.0421 3112 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
17:52:23.0421 3112 RDPENCDD - ok
17:52:23.0515 3112 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
17:52:23.0515 3112 RDPREFMP - ok
17:52:23.0609 3112 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
17:52:23.0624 3112 RDPWD - ok
17:52:23.0702 3112 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
17:52:23.0718 3112 rdyboost - ok
17:52:23.0811 3112 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
17:52:23.0811 3112 RFCOMM - ok
17:52:23.0905 3112 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
17:52:23.0905 3112 rspndr - ok
17:52:23.0999 3112 RSUSBSTOR (0e3dcf76f11dc431b088a2dfd7265cda) C:\Windows\System32\Drivers\RtsUStor.sys
17:52:24.0014 3112 RSUSBSTOR - ok
17:52:24.0092 3112 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
17:52:24.0092 3112 sbp2port - ok
17:52:24.0186 3112 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
17:52:24.0186 3112 scfilter - ok
17:52:24.0279 3112 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
17:52:24.0279 3112 secdrv - ok
17:52:24.0389 3112 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
17:52:24.0389 3112 Serenum - ok
17:52:24.0482 3112 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
17:52:24.0482 3112 Serial - ok
17:52:24.0576 3112 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
17:52:24.0576 3112 sermouse - ok
17:52:24.0685 3112 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
17:52:24.0685 3112 sffdisk - ok
17:52:24.0794 3112 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
17:52:24.0794 3112 sffp_mmc - ok
17:52:24.0888 3112 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
17:52:24.0888 3112 sffp_sd - ok
17:52:24.0997 3112 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
17:52:24.0997 3112 sfloppy - ok
17:52:25.0091 3112 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
17:52:25.0091 3112 SiSRaid2 - ok
17:52:25.0169 3112 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
17:52:25.0169 3112 SiSRaid4 - ok
17:52:25.0262 3112 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
17:52:25.0262 3112 Smb - ok
17:52:25.0371 3112 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
17:52:25.0371 3112 spldr - ok
17:52:25.0481 3112 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
17:52:25.0481 3112 srv - ok
17:52:25.0574 3112 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
17:52:25.0574 3112 srv2 - ok
17:52:25.0683 3112 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
17:52:25.0683 3112 srvnet - ok
17:52:25.0777 3112 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
17:52:25.0777 3112 stexstor - ok
17:52:25.0871 3112 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
17:52:25.0871 3112 swenum - ok
17:52:26.0011 3112 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
17:52:26.0027 3112 Tcpip - ok
17:52:26.0151 3112 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
17:52:26.0167 3112 TCPIP6 - ok
17:52:26.0276 3112 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
17:52:26.0276 3112 tcpipreg - ok
17:52:26.0370 3112 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
17:52:26.0370 3112 TDPIPE - ok
17:52:26.0463 3112 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
17:52:26.0463 3112 TDTCP - ok
17:52:26.0573 3112 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
17:52:26.0573 3112 tdx - ok
17:52:26.0651 3112 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
17:52:26.0651 3112 TermDD - ok
17:52:26.0775 3112 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:52:26.0775 3112 tssecsrv - ok
17:52:26.0869 3112 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
17:52:26.0869 3112 TsUsbFlt - ok
17:52:26.0947 3112 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
17:52:26.0947 3112 TsUsbGD - ok
17:52:27.0041 3112 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
17:52:27.0041 3112 tunnel - ok
17:52:27.0150 3112 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
17:52:27.0150 3112 uagp35 - ok
17:52:27.0243 3112 UBHelper (a17d5e1a6df4eab0a480f2c490de4c9d) C:\Windows\system32\drivers\UBHelper.sys
17:52:27.0243 3112 UBHelper - ok
17:52:27.0337 3112 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
17:52:27.0337 3112 udfs - ok
17:52:27.0446 3112 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
17:52:27.0446 3112 uliagpkx - ok
17:52:27.0540 3112 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
17:52:27.0540 3112 umbus - ok
17:52:27.0618 3112 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
17:52:27.0618 3112 UmPass - ok
17:52:27.0727 3112 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
17:52:27.0727 3112 usbccgp - ok
17:52:27.0821 3112 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
17:52:27.0821 3112 usbcir - ok
17:52:27.0930 3112 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
17:52:27.0930 3112 usbehci - ok
17:52:28.0023 3112 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\drivers\usbhub.sys
17:52:28.0039 3112 usbhub - ok
17:52:28.0117 3112 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
17:52:28.0133 3112 usbohci - ok
17:52:28.0226 3112 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
17:52:28.0226 3112 usbprint - ok
17:52:28.0320 3112 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
17:52:28.0320 3112 usbscan - ok
17:52:28.0413 3112 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:52:28.0413 3112 USBSTOR - ok
17:52:28.0507 3112 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
17:52:28.0507 3112 usbuhci - ok
17:52:28.0601 3112 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
17:52:28.0601 3112 usbvideo - ok
17:52:28.0694 3112 VBoxNetAdp (8acf22b86ce4e85c23e3e9513bf45c37) C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
17:52:28.0710 3112 VBoxNetAdp - ok
17:52:28.0772 3112 VBoxNetFlt - ok
17:52:28.0819 3112 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
17:52:28.0819 3112 vdrvroot - ok
17:52:28.0913 3112 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
17:52:28.0913 3112 vga - ok
17:52:29.0006 3112 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
17:52:29.0006 3112 VgaSave - ok
17:52:29.0100 3112 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
17:52:29.0100 3112 vhdmp - ok
17:52:29.0193 3112 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
17:52:29.0193 3112 viaide - ok
17:52:29.0303 3112 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
17:52:29.0303 3112 volmgr - ok
17:52:29.0412 3112 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
17:52:29.0412 3112 volmgrx - ok
17:52:29.0521 3112 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
17:52:29.0521 3112 volsnap - ok
17:52:29.0615 3112 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
17:52:29.0630 3112 vsmraid - ok
17:52:29.0724 3112 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
17:52:29.0724 3112 vwifibus - ok
17:52:29.0817 3112 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
17:52:29.0817 3112 vwififlt - ok
17:52:29.0911 3112 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
17:52:29.0911 3112 WacomPen - ok
17:52:30.0005 3112 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:52:30.0005 3112 WANARP - ok
17:52:30.0005 3112 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:52:30.0005 3112 Wanarpv6 - ok
17:52:30.0129 3112 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
17:52:30.0129 3112 Wd - ok
17:52:30.0239 3112 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
17:52:30.0239 3112 Wdf01000 - ok
17:52:30.0348 3112 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
17:52:30.0348 3112 WfpLwf - ok
17:52:30.0441 3112 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
17:52:30.0441 3112 WIMMount - ok
17:52:30.0566 3112 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
17:52:30.0566 3112 WmiAcpi - ok
17:52:30.0675 3112 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
17:52:30.0675 3112 ws2ifsl - ok
17:52:30.0800 3112 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
17:52:30.0800 3112 WudfPf - ok
17:52:30.0894 3112 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:52:30.0894 3112 WUDFRd - ok
17:52:30.0925 3112 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
17:52:30.0987 3112 \Device\Harddisk0\DR0 - ok
17:52:31.0003 3112 MBR (0x1B8) (65e858a8a0293be11a920b0bc99d695e) \Device\Harddisk1\DR1
17:52:31.0471 3112 \Device\Harddisk1\DR1 - ok
17:52:31.0471 3112 Boot (0x1200) (760559aa4d4e888a7fcac855c0cffd82) \Device\Harddisk0\DR0\Partition0
17:52:31.0471 3112 \Device\Harddisk0\DR0\Partition0 - ok
17:52:31.0487 3112 Boot (0x1200) (232c74a435d3a50b6e9ba3b78b2feded) \Device\Harddisk0\DR0\Partition1
17:52:31.0487 3112 \Device\Harddisk0\DR0\Partition1 - ok
17:52:31.0502 3112 Boot (0x1200) (c6271f4b36146dc1adc72b290e1d67a2) \Device\Harddisk0\DR0\Partition2
17:52:31.0502 3112 \Device\Harddisk0\DR0\Partition2 - ok
17:52:31.0502 3112 Boot (0x1200) (5895f47ac87693ac6b30e5fa55416325) \Device\Harddisk1\DR1\Partition0
17:52:31.0518 3112 \Device\Harddisk1\DR1\Partition0 - ok
17:52:31.0518 3112 ============================================================
17:52:31.0518 3112 Scan finished
17:52:31.0518 3112 ============================================================
17:52:31.0518 5072 Detected object count: 0
17:52:31.0518 5072 Actual detected object count: 0

[Rudy]

Log vypadá čistý, po boot viru ani stopa.

[tomascz105]

Tak díky za vše

[Rudy]

Nemáte zač!

[tomascz105]

Dobrý den,dnes jsem zjistil,že po činnosti combofixu přestalo fungovat přepínání grafik v nvidia optimus tak sem musel dát obnovu systému,takže pokud tam byl vir tak je zpátky ale nvidia optimus zase funguje

[Rudy]

Dobrý den,dnes jsem zjistil,že po činnosti combofixu přestalo fungovat přepínání grafik v nvidia optimus tak sem musel dát obnovu systému,takže pokud tam byl vir tak je zpátky ale nvidia optimus zase funguje

Mohl jste reinstalovat graf. ovladač. Systém vykazuje nějaké anomálie?

[tomascz105]

ovladač jsem zkoušel přeinstalovat ale i tak to nešlo
systém se chová normálně