Dobrý den, po surfovani na internetu mi zničeho nic vypadl antivir a přestalo fungovat připojení k internetu. Deaktivoval se i firewall. Antivir (Microsoft Essentials) spustit nešel hlásil chybu, zkoušel jsem nainstalovat NOD, i v nouzovem rezimu, i v normálním. Instalace neproběhla.
posílám log a prosím o radu.
Logfile of random's system information tool 1.09 (written by random/random)
Run by Lucka at 2011-09-28 12:17:05
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 23 GB (20%) free of 114 GB
Total RAM: 1023 MB (71% free)
HijackThis download failed
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1708537768-861567501-725345543-1003.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1708537768-861567501-725345543-1003.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Lucka\Data aplikací\Mozilla\Firefox\Profiles\av491d33.default
prefs.js - "browser.startup.homepage" - "www.seznam.cz"
prefs.js - "extensions.enabledItems" - "cs@dictionaries.addons.mozilla.org:1.0.2, toolbar@ask.com:3.9.1.14019, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, jqs@sun.com:1.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
np-mswmp.dll.old
npdeployJava1.dll
NPOFF12.DLL
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Documents and Settings\Lucka\Data aplikací\Mozilla\Firefox\Profiles\av491d33.default\extensions\
cs@dictionaries.addons.mozilla.org
plugin3@gameplaylabs.com
{20a82645-c095-46ed-80e3-08825760534b}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-08-16 3942048]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-03-04 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-03-04 79648]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2011-06-15 997920]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-07-20 7581696]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"cf5b411afc6481a4.exe"=C:\Documents and Settings\Lucka\Local Settings\Data aplikací\cf5b411afc6481a4.exe [2011-09-28 321024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark X1100 Series]
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe [2003-08-19 57344]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\system32\NvCpl.dll [2006-07-20 7581696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\system32\NvMcTray.dll [2006-07-20 86016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2011-08-18 17360520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zástupce stránky vlastností sběrnice High Definition Audio]
C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth Manager.lnk]
C:\PROGRA~1\Toshiba\BLUETO~1\TOSBTM~1.EXE [2006-05-24 49152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Lucka^Nabídka Start^Programy^Po spuštění^Adobe Gamma.lnk]
C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2005-03-16 113664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-01-30 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe"="C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Documents and Settings\Lucka\Local Settings\Data aplikací\cf5b411afc6481a4.exe"="C:\Documents and Settings\Lucka\Local Settings\Data aplikací\cf5b411afc6481a4.exe:*:Enabled:cf5b411afc6481a4"
"C:\Program Files\Common Files\Microsoft Shared\DW\DW20.EXE"="C:\Program Files\Common Files\Microsoft Shared\DW\DW20.EXE:*:Disabled:Microsoft Application Error Reporting"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
======List of files/folders created in the last 1 month======
2011-09-28 12:17:05 ----D---- C:\rsit
2011-09-28 12:17:05 ----D---- C:\Program Files\trend micro
2011-09-28 12:16:46 ----D---- C:\WINDOWS\LastGood
2011-09-28 12:16:00 ----D---- C:\Program Files\ESET
2011-09-28 12:16:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\ESET
2011-09-28 11:50:34 ----D---- C:\WINDOWS\CSC
2011-09-28 11:50:26 ----A---- C:\WINDOWS\ntbtlog.txt
2011-09-28 11:45:35 ----D---- C:\WINDOWS\Minidump
2011-09-28 11:36:56 ----A---- C:\WINDOWS\system32\drivers\b0e62ae32eac016.sys
2011-09-14 21:49:30 ----A---- C:\WINDOWS\system32\hidserv.dll
2011-09-14 18:36:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2616676$
2011-09-14 18:31:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2570947$
2011-09-07 07:42:04 ----A---- C:\WINDOWS\imsins.BAK
2011-09-07 07:41:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2607712$
2011-09-03 12:23:22 ----D---- C:\WINDOWS\pss
======List of files/folders modified in the last 1 month======
2011-09-28 12:17:05 ----RD---- C:\Program Files
2011-09-28 12:16:48 ----D---- C:\WINDOWS\Temp
2011-09-28 12:16:47 ----HD---- C:\WINDOWS\inf
2011-09-28 12:16:47 ----D---- C:\WINDOWS\system32\drivers
2011-09-28 12:16:46 ----D---- C:\WINDOWS
2011-09-28 12:16:42 ----D---- C:\WINDOWS\system32\CatRoot2
2011-09-28 12:16:01 ----SHD---- C:\WINDOWS\Installer
2011-09-28 12:14:45 ----D---- C:\WINDOWS\Prefetch
2011-09-28 12:00:11 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-09-28 11:50:43 ----D---- C:\Documents and Settings
2011-09-28 11:42:22 ----D---- C:\WINDOWS\system32
2011-09-28 11:40:31 ----A---- C:\WINDOWS\system32\MRT.exe
2011-09-28 10:15:52 ----SD---- C:\WINDOWS\Tasks
2011-09-27 22:41:58 ----D---- C:\Documents and Settings\Lucka\Data aplikací\.purple
2011-09-14 21:49:35 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-09-14 18:37:31 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-09-14 18:32:36 ----D---- C:\WINDOWS\Debug
2011-09-14 18:30:06 ----HD---- C:\WINDOWS\$hf_mig$
2011-09-10 02:23:05 ----D---- C:\Documents and Settings\Lucka\Data aplikací\Skype
2011-09-09 22:08:37 ----SD---- C:\Documents and Settings\Lucka\Data aplikací\Microsoft
2011-09-09 11:12:04 ----A---- C:\WINDOWS\system32\crypt32.dll
2011-09-07 07:41:57 ----D---- C:\Program Files\Mozilla Firefox
2011-09-04 22:39:24 ----D---- C:\WINDOWS\system32\wbem
2011-09-04 22:39:23 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-09-03 12:26:31 ----D---- C:\WINDOWS\Logs
2011-09-03 12:23:00 ----D---- C:\Program Files\CCleaner
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2005-10-18 11008]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2005-08-01 64896]
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2011-03-20 142848]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NETw3x32;Ovladač adaptéru Intel(R) PRO/Wireless 3945ABG pro Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw3x32.sys [2011-03-20 1711104]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-07-20 3685152]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2005-07-14 28544]
R3 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2005-07-12 51328]
R3 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2005-07-14 307968]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2005-11-16 78976]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 SMCIRDA;SMSC IrCC Miniport Device Driver; C:\WINDOWS\system32\DRIVERS\smcirda.sys [2006-03-12 48128]
R3 tosporte;Bluetooth Port Driver from Toshiba; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2006-04-19 47488]
R3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbd.sys [2006-05-18 110976]
R3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2006-03-16 37632]
R3 Tosrfhid;Bluetooth RFHID from TOSHIBA; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2006-05-09 62848]
R3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\System32\Drivers\tosrfusb.sys [2006-05-09 40192]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 usbvm321;Vimicro USB PC Camera (VC0321); C:\WINDOWS\System32\Drivers\usbvm321.sys [2005-10-21 227840]
S1 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2011-04-18 165648]
S1 MpKsl19c4db5d;MpKsl19c4db5d; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8DB6ED70-307E-43D0-BEA3-629841919AA3}\MpKsl19c4db5d.sys []
S1 MpKsl3baff57d;MpKsl3baff57d; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{2329368B-5ABB-478B-92FD-16013CCDD8B5}\MpKsl3baff57d.sys []
S1 MpKsl507acd58;MpKsl507acd58; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{093C17A3-3C47-4462-87EA-972ACC9CF665}\MpKsl507acd58.sys []
S1 MpKsl783c19f1;MpKsl783c19f1; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{649E9EBC-EAB1-457B-968A-9BA0DCDF8693}\MpKsl783c19f1.sys []
S1 MpKsl92d6471d;MpKsl92d6471d; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{093C17A3-3C47-4462-87EA-972ACC9CF665}\MpKsl92d6471d.sys []
S1 MpKsl99da5fd8;MpKsl99da5fd8; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{4E920287-8060-4678-885E-688FA5E0C8C8}\MpKsl99da5fd8.sys []
S1 MpKsld7cb9d28;MpKsld7cb9d28; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{7E342DC7-9256-45BE-AF33-2343C0A5AC86}\MpKsld7cb9d28.sys []
S1 MpKsle3b7fcbb;MpKsle3b7fcbb; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{C0F231B9-9D5D-427E-B618-53A3DD85D645}\MpKsle3b7fcbb.sys []
S3 .i8042prt;.i8042prt; \* []
S3 .imapi;.imapi; \* []
S3 .intelppm;.intelppm; \* []
S3 .netbt;.netbt; \* []
S3 .redbook;.redbook; \* []
S3 8af85527;8af85527; C:\WINDOWS\659945610:1963436760.exe []
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 HdAudAddService;Ovladač funkcí Microsoft UAA pro služby sběrnice High Definition Audio; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
S3 ICDSX;Sony IC Recorder (SX); C:\WINDOWS\System32\Drivers\ICDSX.sys [2003-10-01 31744]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 sffdisk;Ovladač třídy úložiště SFF; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-13 11904]
S3 sffp_sd;Ovladač protokolu úložiště SFF pro paměť sběrnici SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-13 11008]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 toshidpt;TOSHIBA Bluetooth HID port driver; C:\WINDOWS\system32\drivers\Toshidpt.sys [2005-07-11 3712]
S3 tosrfnds;Bluetooth Personal Area Network from TOSHIBA; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
S3 TosRfSnd;Bluetooth Audio Device (WDM) from TOSHIBA; C:\WINDOWS\system32\drivers\TosRfSnd.sys [2006-03-15 52864]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2005-10-18 241152]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-03-04 153376]
R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2003-08-18 303104]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-07-20 143426]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-12-20 136176]
S2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2011-04-27 11736]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2010-10-10 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-12-20 136176]
S3 ICDSPTSV;Sony SPTI Service for DVE; C:\WINDOWS\system32\IcdSptSv.exe [2003-04-02 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-02-04 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
viry-vypnuti antiviru, nefunkční internet ...
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: viry-vypnuti antiviru, nefunkční internet ...
Nejde připojení k internetu, takže jsem to v Combu přešel bez obnovení.
ComboFix 11-09-26.02 - Lucka 28.09.2011 13:55:15.1.2 - x86 MINIMAL
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.824 [GMT 2:00]
Spuštěný z: c:\documents and settings\Lucka\Plocha\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Lucka\Local Settings\Data aplikací\cf5b411afc6481a4.exe
c:\documents and settings\Lucka\WINDOWS
c:\windows\$NtUninstallKB8224$\2422925913
c:\windows\{2521BB91-29B1-4d7e-9137-AC9875D77735}
c:\windows\659945610
c:\windows\assembly\GAC_MSIL\desktop.ini
c:\windows\iun6002.exe
c:\windows\msmqinst.log
c:\windows\system32\d3d9caps.dat
c:\windows\system32\drivers\b0e62ae32eac016.sys
c:\windows\unin0405.exe
.
Nakažená kopie c:\program files\Java\jre6\bin\jqs.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\system volume information\_restore{03258FF5-1774-445A-AF8F-D31C1D22EA67}\RP358\A0044234.exe
.
Nakažená kopie c:\windows\system32\LEXBCES.EXE byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\system32\spool\drivers\w32x86\3\LEXBCES.EXE
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_.i8042prt
-------\Service_.netbt
-------\Service_8af85527
-------\Legacy_b0e62ae32eac016
-------\Service_b0e62ae32eac016
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-08-28 do 2011-09-28 )))))))))))))))))))))))))))))))
.
.
2011-09-28 10:17 . 2011-09-28 10:17 -------- d-----w- C:\rsit
2011-09-28 10:17 . 2011-09-28 10:17 -------- d-----w- c:\program files\trend micro
2011-09-28 10:16 . 2011-09-28 10:16 -------- d-----w- c:\windows\LastGood.Tmp
2011-09-28 10:16 . 2011-09-28 10:16 -------- d-----w- c:\program files\ESET
2011-09-28 10:16 . 2011-09-28 10:16 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ESET
2011-09-28 09:50 . 2011-09-28 09:50 -------- d-----w- c:\documents and settings\Administrator
2011-09-28 09:49 . 2011-09-28 09:49 -------- d-----w- c:\documents and settings\Lucka\Local Settings\Data aplikací\PCHealth
2011-09-28 09:42 . 2011-09-28 11:50 48016 --sha-w- c:\windows\system32\c_17051.nl_
2011-09-27 12:07 . 2011-09-28 08:10 56200 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{B79B30F6-46F3-462F-8FA1-AA196A09D4C6}\offreg.dll
2011-09-27 12:07 . 2011-09-12 23:14 7269712 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{B79B30F6-46F3-462F-8FA1-AA196A09D4C6}\mpengine.dll
2011-09-14 19:49 . 2008-04-14 02:21 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2011-09-14 19:49 . 2008-04-14 02:21 21504 ----a-w- c:\windows\system32\hidserv.dll
2011-09-03 10:17 . 2011-09-09 09:12 602112 -c----w- c:\windows\system32\dllcache\crypt32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-28 08:13 . 2011-05-17 18:18 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-12 23:14 . 2010-10-13 17:21 7269712 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-09-09 09:12 . 2004-08-18 12:00 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-07-15 13:29 . 2004-08-18 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-13 03:39 . 2011-08-02 07:08 6881616 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpengine.dll
2011-07-08 14:02 . 2004-08-18 12:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-09-07 05:41 . 2011-03-24 07:25 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-07-20 7581696]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-03 435096]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth Manager.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth Manager.lnk
backup=c:\windows\pss\Bluetooth Manager.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Lucka^Nabídka Start^Programy^Po spuštění^Adobe Gamma.lnk]
path=c:\documents and settings\Lucka\Nabídka Start\Programy\Po spuštění\Adobe Gamma.lnk
backup=c:\windows\pss\Adobe Gamma.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-03-30 04:59 937920 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-06-08 04:02 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 09:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark X1100 Series]
2003-08-19 14:36 57344 ----a-w- c:\program files\Lexmark X1100 Series\lxbkbmgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 03:22 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2006-07-20 18:58 7581696 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2006-07-20 18:58 86016 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2006-07-20 18:58 1519616 ----a-w- c:\windows\system32\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2011-08-18 15:04 17360520 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 10:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zástupce stránky vlastností sběrnice High Definition Audio]
2005-01-07 15:07 61952 ------w- c:\windows\system32\HdAShCut.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Common Files\\Microsoft Shared\\DW\\DW20.EXE"=
.
S1 MpKsl19c4db5d;MpKsl19c4db5d;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8DB6ED70-307E-43D0-BEA3-629841919AA3}\MpKsl19c4db5d.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8DB6ED70-307E-43D0-BEA3-629841919AA3}\MpKsl19c4db5d.sys [?]
S1 MpKsl3baff57d;MpKsl3baff57d;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{2329368B-5ABB-478B-92FD-16013CCDD8B5}\MpKsl3baff57d.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{2329368B-5ABB-478B-92FD-16013CCDD8B5}\MpKsl3baff57d.sys [?]
S1 MpKsl507acd58;MpKsl507acd58;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{093C17A3-3C47-4462-87EA-972ACC9CF665}\MpKsl507acd58.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{093C17A3-3C47-4462-87EA-972ACC9CF665}\MpKsl507acd58.sys [?]
S1 MpKsl783c19f1;MpKsl783c19f1;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{649E9EBC-EAB1-457B-968A-9BA0DCDF8693}\MpKsl783c19f1.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{649E9EBC-EAB1-457B-968A-9BA0DCDF8693}\MpKsl783c19f1.sys [?]
S1 MpKsl92d6471d;MpKsl92d6471d;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{093C17A3-3C47-4462-87EA-972ACC9CF665}\MpKsl92d6471d.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{093C17A3-3C47-4462-87EA-972ACC9CF665}\MpKsl92d6471d.sys [?]
S1 MpKsl99da5fd8;MpKsl99da5fd8;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{4E920287-8060-4678-885E-688FA5E0C8C8}\MpKsl99da5fd8.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{4E920287-8060-4678-885E-688FA5E0C8C8}\MpKsl99da5fd8.sys [?]
S1 MpKsld7cb9d28;MpKsld7cb9d28;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{7E342DC7-9256-45BE-AF33-2343C0A5AC86}\MpKsld7cb9d28.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{7E342DC7-9256-45BE-AF33-2343C0A5AC86}\MpKsld7cb9d28.sys [?]
S1 MpKsle3b7fcbb;MpKsle3b7fcbb;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{C0F231B9-9D5D-427E-B618-53A3DD85D645}\MpKsle3b7fcbb.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{C0F231B9-9D5D-427E-B618-53A3DD85D645}\MpKsle3b7fcbb.sys [?]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [20.12.2010 8:50 136176]
S3 CFcatchme;CFcatchme;\??\c:\docume~1\Lucka\LOCALS~1\Temp\CFcatchme.sys --> c:\docume~1\Lucka\LOCALS~1\Temp\CFcatchme.sys [?]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [20.12.2010 8:50 136176]
S3 ICDSX;Sony IC Recorder (SX);c:\windows\system32\drivers\IcdSX.sys [11.10.2010 0:17 31744]
.
Obsah adresáře 'Naplánované úlohy'
.
2011-09-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-20 06:50]
.
2011-09-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-20 06:50]
.
2011-09-28 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 13:39]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\documents and settings\Lucka\Data aplikací\Mozilla\Firefox\Profiles\av491d33.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKCU-Run-cf5b411afc6481a4.exe - c:\documents and settings\Lucka\Local Settings\Data aplikací\cf5b411afc6481a4.exe
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
AddRemove-FreeOCR.net - c:\windows\FreeOCR.net
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-09-28 14:11
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
.
c:\windows\$NtUninstallKB8224$:SummaryInformation 0 bytes hidden from API
.
sken byl úspešně dokončen
skryté soubory: 1
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\.imapi]
"ImagePath"="\*"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\.intelppm]
"ImagePath"="\*"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\.redbook]
"ImagePath"="\*"
.
Celkový čas: 2011-09-28 14:17:10 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-09-28 12:17
.
Před spuštěním: Volných bajtů: 24 099 246 080
Po spuštění: Volných bajtů: 24 515 526 656
.
- - End Of File - - 783964FFC2CF394EDA170280F7AD34A7
ComboFix 11-09-26.02 - Lucka 28.09.2011 13:55:15.1.2 - x86 MINIMAL
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.824 [GMT 2:00]
Spuštěný z: c:\documents and settings\Lucka\Plocha\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Lucka\Local Settings\Data aplikací\cf5b411afc6481a4.exe
c:\documents and settings\Lucka\WINDOWS
c:\windows\$NtUninstallKB8224$\2422925913
c:\windows\{2521BB91-29B1-4d7e-9137-AC9875D77735}
c:\windows\659945610
c:\windows\assembly\GAC_MSIL\desktop.ini
c:\windows\iun6002.exe
c:\windows\msmqinst.log
c:\windows\system32\d3d9caps.dat
c:\windows\system32\drivers\b0e62ae32eac016.sys
c:\windows\unin0405.exe
.
Nakažená kopie c:\program files\Java\jre6\bin\jqs.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\system volume information\_restore{03258FF5-1774-445A-AF8F-D31C1D22EA67}\RP358\A0044234.exe
.
Nakažená kopie c:\windows\system32\LEXBCES.EXE byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\system32\spool\drivers\w32x86\3\LEXBCES.EXE
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_.i8042prt
-------\Service_.netbt
-------\Service_8af85527
-------\Legacy_b0e62ae32eac016
-------\Service_b0e62ae32eac016
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-08-28 do 2011-09-28 )))))))))))))))))))))))))))))))
.
.
2011-09-28 10:17 . 2011-09-28 10:17 -------- d-----w- C:\rsit
2011-09-28 10:17 . 2011-09-28 10:17 -------- d-----w- c:\program files\trend micro
2011-09-28 10:16 . 2011-09-28 10:16 -------- d-----w- c:\windows\LastGood.Tmp
2011-09-28 10:16 . 2011-09-28 10:16 -------- d-----w- c:\program files\ESET
2011-09-28 10:16 . 2011-09-28 10:16 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ESET
2011-09-28 09:50 . 2011-09-28 09:50 -------- d-----w- c:\documents and settings\Administrator
2011-09-28 09:49 . 2011-09-28 09:49 -------- d-----w- c:\documents and settings\Lucka\Local Settings\Data aplikací\PCHealth
2011-09-28 09:42 . 2011-09-28 11:50 48016 --sha-w- c:\windows\system32\c_17051.nl_
2011-09-27 12:07 . 2011-09-28 08:10 56200 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{B79B30F6-46F3-462F-8FA1-AA196A09D4C6}\offreg.dll
2011-09-27 12:07 . 2011-09-12 23:14 7269712 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{B79B30F6-46F3-462F-8FA1-AA196A09D4C6}\mpengine.dll
2011-09-14 19:49 . 2008-04-14 02:21 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2011-09-14 19:49 . 2008-04-14 02:21 21504 ----a-w- c:\windows\system32\hidserv.dll
2011-09-03 10:17 . 2011-09-09 09:12 602112 -c----w- c:\windows\system32\dllcache\crypt32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-28 08:13 . 2011-05-17 18:18 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-12 23:14 . 2010-10-13 17:21 7269712 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-09-09 09:12 . 2004-08-18 12:00 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-07-15 13:29 . 2004-08-18 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-13 03:39 . 2011-08-02 07:08 6881616 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpengine.dll
2011-07-08 14:02 . 2004-08-18 12:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-09-07 05:41 . 2011-03-24 07:25 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-07-20 7581696]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-03 435096]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth Manager.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth Manager.lnk
backup=c:\windows\pss\Bluetooth Manager.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Lucka^Nabídka Start^Programy^Po spuštění^Adobe Gamma.lnk]
path=c:\documents and settings\Lucka\Nabídka Start\Programy\Po spuštění\Adobe Gamma.lnk
backup=c:\windows\pss\Adobe Gamma.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-03-30 04:59 937920 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-06-08 04:02 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 09:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark X1100 Series]
2003-08-19 14:36 57344 ----a-w- c:\program files\Lexmark X1100 Series\lxbkbmgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 03:22 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2006-07-20 18:58 7581696 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2006-07-20 18:58 86016 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2006-07-20 18:58 1519616 ----a-w- c:\windows\system32\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2011-08-18 15:04 17360520 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 10:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zástupce stránky vlastností sběrnice High Definition Audio]
2005-01-07 15:07 61952 ------w- c:\windows\system32\HdAShCut.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Common Files\\Microsoft Shared\\DW\\DW20.EXE"=
.
S1 MpKsl19c4db5d;MpKsl19c4db5d;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8DB6ED70-307E-43D0-BEA3-629841919AA3}\MpKsl19c4db5d.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8DB6ED70-307E-43D0-BEA3-629841919AA3}\MpKsl19c4db5d.sys [?]
S1 MpKsl3baff57d;MpKsl3baff57d;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{2329368B-5ABB-478B-92FD-16013CCDD8B5}\MpKsl3baff57d.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{2329368B-5ABB-478B-92FD-16013CCDD8B5}\MpKsl3baff57d.sys [?]
S1 MpKsl507acd58;MpKsl507acd58;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{093C17A3-3C47-4462-87EA-972ACC9CF665}\MpKsl507acd58.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{093C17A3-3C47-4462-87EA-972ACC9CF665}\MpKsl507acd58.sys [?]
S1 MpKsl783c19f1;MpKsl783c19f1;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{649E9EBC-EAB1-457B-968A-9BA0DCDF8693}\MpKsl783c19f1.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{649E9EBC-EAB1-457B-968A-9BA0DCDF8693}\MpKsl783c19f1.sys [?]
S1 MpKsl92d6471d;MpKsl92d6471d;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{093C17A3-3C47-4462-87EA-972ACC9CF665}\MpKsl92d6471d.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{093C17A3-3C47-4462-87EA-972ACC9CF665}\MpKsl92d6471d.sys [?]
S1 MpKsl99da5fd8;MpKsl99da5fd8;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{4E920287-8060-4678-885E-688FA5E0C8C8}\MpKsl99da5fd8.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{4E920287-8060-4678-885E-688FA5E0C8C8}\MpKsl99da5fd8.sys [?]
S1 MpKsld7cb9d28;MpKsld7cb9d28;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{7E342DC7-9256-45BE-AF33-2343C0A5AC86}\MpKsld7cb9d28.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{7E342DC7-9256-45BE-AF33-2343C0A5AC86}\MpKsld7cb9d28.sys [?]
S1 MpKsle3b7fcbb;MpKsle3b7fcbb;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{C0F231B9-9D5D-427E-B618-53A3DD85D645}\MpKsle3b7fcbb.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{C0F231B9-9D5D-427E-B618-53A3DD85D645}\MpKsle3b7fcbb.sys [?]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [20.12.2010 8:50 136176]
S3 CFcatchme;CFcatchme;\??\c:\docume~1\Lucka\LOCALS~1\Temp\CFcatchme.sys --> c:\docume~1\Lucka\LOCALS~1\Temp\CFcatchme.sys [?]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [20.12.2010 8:50 136176]
S3 ICDSX;Sony IC Recorder (SX);c:\windows\system32\drivers\IcdSX.sys [11.10.2010 0:17 31744]
.
Obsah adresáře 'Naplánované úlohy'
.
2011-09-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-20 06:50]
.
2011-09-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-20 06:50]
.
2011-09-28 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 13:39]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\documents and settings\Lucka\Data aplikací\Mozilla\Firefox\Profiles\av491d33.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKCU-Run-cf5b411afc6481a4.exe - c:\documents and settings\Lucka\Local Settings\Data aplikací\cf5b411afc6481a4.exe
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
AddRemove-FreeOCR.net - c:\windows\FreeOCR.net
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-09-28 14:11
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
.
c:\windows\$NtUninstallKB8224$:SummaryInformation 0 bytes hidden from API
.
sken byl úspešně dokončen
skryté soubory: 1
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\.imapi]
"ImagePath"="\*"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\.intelppm]
"ImagePath"="\*"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\.redbook]
"ImagePath"="\*"
.
Celkový čas: 2011-09-28 14:17:10 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-09-28 12:17
.
Před spuštěním: Volných bajtů: 24 099 246 080
Po spuštění: Volných bajtů: 24 515 526 656
.
- - End Of File - - 783964FFC2CF394EDA170280F7AD34A7
Re: viry-vypnuti antiviru, nefunkční internet ...
14:17:50.0000 1592 TDSS rootkit removing tool 2.6.2.0 Sep 26 2011 18:56:43
14:17:50.0000 1592 ============================================================
14:17:50.0000 1592 Current date / time: 2011/09/28 14:17:50.0000
14:17:50.0000 1592 SystemInfo:
14:17:50.0000 1592
14:17:50.0000 1592 OS Version: 5.1.2600 ServicePack: 3.0
14:17:50.0000 1592 Product type: Workstation
14:17:50.0000 1592 ComputerName: LUU
14:17:50.0000 1592 UserName: Lucka
14:17:50.0000 1592 Windows directory: C:\WINDOWS
14:17:50.0000 1592 System windows directory: C:\WINDOWS
14:17:50.0000 1592 Processor architecture: Intel x86
14:17:50.0000 1592 Number of processors: 2
14:17:50.0000 1592 Page size: 0x1000
14:17:50.0000 1592 Boot type: Safe boot
14:17:50.0000 1592 ============================================================
14:17:52.0109 1592 Initialize success
14:17:55.0578 1904 ============================================================
14:17:55.0578 1904 Scan started
14:17:55.0578 1904 Mode: Manual;
14:17:55.0578 1904 ============================================================
14:17:58.0187 1904 .imapi - ok
14:17:58.0218 1904 .intelppm - ok
14:17:58.0312 1904 .redbook - ok
14:17:58.0750 1904 Abiosdsk - ok
14:17:59.0171 1904 abp480n5 - ok
14:17:59.0687 1904 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:17:59.0765 1904 ACPI - ok
14:18:00.0203 1904 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
14:18:00.0203 1904 ACPIEC - ok
14:18:00.0718 1904 ADIHdAudAddService (be1423364bb05a6b1751a1e9515e6cac) C:\WINDOWS\system32\drivers\ADIHdAud.sys
14:18:00.0796 1904 ADIHdAudAddService - ok
14:18:01.0218 1904 adpu160m - ok
14:18:01.0703 1904 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
14:18:01.0703 1904 aec - ok
14:18:02.0250 1904 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
14:18:02.0312 1904 AFD - ok
14:18:02.0718 1904 Aha154x - ok
14:18:03.0125 1904 aic78u2 - ok
14:18:03.0546 1904 aic78xx - ok
14:18:03.0984 1904 AliIde - ok
14:18:04.0375 1904 amsint - ok
14:18:04.0828 1904 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
14:18:04.0859 1904 Arp1394 - ok
14:18:05.0250 1904 asc - ok
14:18:05.0640 1904 asc3350p - ok
14:18:06.0031 1904 asc3550 - ok
14:18:06.0531 1904 asuskbnt (f5c2ccdb273a546e9c3a15250f1d9165) C:\WINDOWS\system32\drivers\atkkbnt.sys
14:18:06.0531 1904 asuskbnt - ok
14:18:06.0968 1904 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:18:06.0968 1904 AsyncMac - ok
14:18:07.0437 1904 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
14:18:07.0437 1904 atapi - ok
14:18:07.0812 1904 Atdisk - ok
14:18:08.0328 1904 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:18:08.0359 1904 Atmarpc - ok
14:18:08.0765 1904 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
14:18:08.0765 1904 audstub - ok
14:18:09.0234 1904 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
14:18:09.0234 1904 Beep - ok
14:18:09.0281 1904 catchme - ok
14:18:09.0703 1904 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
14:18:09.0718 1904 cbidf2k - ok
14:18:10.0156 1904 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
14:18:10.0156 1904 CCDECODE - ok
14:18:10.0546 1904 cd20xrnt - ok
14:18:10.0953 1904 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
14:18:10.0968 1904 Cdaudio - ok
14:18:11.0437 1904 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
14:18:11.0468 1904 Cdfs - ok
14:18:11.0921 1904 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:18:11.0953 1904 Cdrom - ok
14:18:12.0109 1904 CFcatchme - ok
14:18:12.0515 1904 Changer - ok
14:18:12.0984 1904 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
14:18:12.0984 1904 CmBatt - ok
14:18:13.0406 1904 CmdIde - ok
14:18:13.0843 1904 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
14:18:13.0859 1904 Compbatt - ok
14:18:14.0296 1904 Cpqarray - ok
14:18:14.0703 1904 dac2w2k - ok
14:18:15.0093 1904 dac960nt - ok
14:18:15.0562 1904 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
14:18:15.0578 1904 Disk - ok
14:18:16.0421 1904 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
14:18:16.0812 1904 dmboot - ok
14:18:17.0296 1904 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
14:18:17.0359 1904 dmio - ok
14:18:17.0765 1904 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
14:18:17.0765 1904 dmload - ok
14:18:18.0312 1904 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
14:18:18.0328 1904 DMusic - ok
14:18:18.0765 1904 dpti2o - ok
14:18:19.0171 1904 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
14:18:19.0171 1904 drmkaud - ok
14:18:19.0718 1904 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
14:18:19.0796 1904 Fastfat - ok
14:18:20.0234 1904 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
14:18:20.0250 1904 Fdc - ok
14:18:20.0703 1904 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
14:18:20.0734 1904 Fips - ok
14:18:21.0125 1904 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
14:18:21.0125 1904 Flpydisk - ok
14:18:21.0609 1904 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
14:18:21.0671 1904 FltMgr - ok
14:18:22.0078 1904 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:18:22.0078 1904 Fs_Rec - ok
14:18:22.0546 1904 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:18:22.0609 1904 Ftdisk - ok
14:18:23.0062 1904 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:18:23.0078 1904 Gpc - ok
14:18:23.0625 1904 HdAudAddService (2a013e7530beab6e569faa83f517e836) C:\WINDOWS\system32\drivers\HdAudio.sys
14:18:23.0687 1904 HdAudAddService - ok
14:18:24.0250 1904 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
14:18:24.0250 1904 HDAudBus - ok
14:18:24.0703 1904 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:18:24.0703 1904 HidUsb - ok
14:18:25.0125 1904 hpn - ok
14:18:25.0687 1904 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
14:18:25.0828 1904 HTTP - ok
14:18:26.0250 1904 i2omgmt - ok
14:18:26.0640 1904 i2omp - ok
14:18:27.0093 1904 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
14:18:27.0125 1904 i8042prt - ok
14:18:27.0562 1904 ICDSX (9404719c43986ef811e69520db411516) C:\WINDOWS\system32\Drivers\ICDSX.sys
14:18:27.0578 1904 ICDSX - ok
14:18:28.0031 1904 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
14:18:28.0046 1904 Imapi - ok
14:18:28.0500 1904 ini910u - ok
14:18:28.0921 1904 IntelIde - ok
14:18:29.0359 1904 intelppm (27b290d632af2cf3cf40bfddb7370985) C:\WINDOWS\system32\DRIVERS\intelppm.sys
14:18:29.0375 1904 intelppm - ok
14:18:29.0781 1904 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
14:18:29.0781 1904 Ip6Fw - ok
14:18:30.0218 1904 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:18:30.0234 1904 IpFilterDriver - ok
14:18:30.0671 1904 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:18:30.0687 1904 IpInIp - ok
14:18:31.0187 1904 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:18:31.0265 1904 IpNat - ok
14:18:31.0703 1904 IPSec (2e17fe76fa4ad3a4a297ff536f00e181) C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:18:31.0734 1904 IPSec - ok
14:18:32.0203 1904 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
14:18:32.0250 1904 irda - ok
14:18:32.0671 1904 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
14:18:32.0671 1904 IRENUM - ok
14:18:33.0187 1904 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:18:33.0218 1904 isapnp - ok
14:18:33.0656 1904 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:18:33.0656 1904 Kbdclass - ok
14:18:34.0156 1904 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
14:18:34.0234 1904 kmixer - ok
14:18:34.0687 1904 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
14:18:34.0734 1904 KSecDD - ok
14:18:35.0171 1904 lbrtfdc - ok
14:18:35.0703 1904 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
14:18:35.0718 1904 mnmdd - ok
14:18:36.0187 1904 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
14:18:36.0203 1904 Modem - ok
14:18:36.0625 1904 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:18:36.0640 1904 Mouclass - ok
14:18:37.0109 1904 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:18:37.0109 1904 mouhid - ok
14:18:37.0515 1904 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
14:18:37.0546 1904 MountMgr - ok
14:18:38.0031 1904 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
14:18:38.0125 1904 MpFilter - ok
14:18:38.0250 1904 MpKsl19c4db5d - ok
14:18:38.0296 1904 MpKsl3baff57d - ok
14:18:38.0359 1904 MpKsl507acd58 - ok
14:18:38.0406 1904 MpKsl783c19f1 - ok
14:18:38.0453 1904 MpKsl92d6471d - ok
14:18:38.0531 1904 MpKsl99da5fd8 - ok
14:18:38.0593 1904 MpKsld7cb9d28 - ok
14:18:38.0656 1904 MpKsle3b7fcbb - ok
14:18:39.0078 1904 mraid35x - ok
14:18:39.0609 1904 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:18:39.0703 1904 MRxDAV - ok
14:18:40.0343 1904 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:18:40.0562 1904 MRxSmb - ok
14:18:41.0000 1904 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
14:18:41.0015 1904 Msfs - ok
14:18:41.0468 1904 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:18:41.0468 1904 MSKSSRV - ok
14:18:41.0906 1904 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:18:41.0906 1904 MSPCLOCK - ok
14:18:42.0312 1904 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
14:18:42.0312 1904 MSPQM - ok
14:18:42.0734 1904 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:18:42.0750 1904 mssmbios - ok
14:18:43.0156 1904 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
14:18:43.0171 1904 MSTEE - ok
14:18:43.0640 1904 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
14:18:43.0687 1904 Mup - ok
14:18:44.0234 1904 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
14:18:44.0281 1904 NABTSFEC - ok
14:18:44.0859 1904 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
14:18:44.0859 1904 NDIS - ok
14:18:45.0281 1904 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
14:18:45.0281 1904 NdisIP - ok
14:18:45.0718 1904 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:18:45.0718 1904 NdisTapi - ok
14:18:46.0187 1904 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:18:46.0187 1904 Ndisuio - ok
14:18:46.0625 1904 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:18:46.0671 1904 NdisWan - ok
14:18:47.0125 1904 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
14:18:47.0140 1904 NDProxy - ok
14:18:47.0562 1904 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
14:18:47.0578 1904 NetBIOS - ok
14:18:48.0062 1904 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
14:18:48.0140 1904 NetBT - ok
14:18:49.0562 1904 NETw3x32 (71371ed9086a3d65f43967c89634e9a9) C:\WINDOWS\system32\DRIVERS\NETw3x32.sys
14:18:50.0437 1904 NETw3x32 - ok
14:18:50.0875 1904 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
14:18:50.0906 1904 NIC1394 - ok
14:18:51.0359 1904 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
14:18:51.0375 1904 Npfs - ok
14:18:52.0046 1904 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
14:18:52.0062 1904 Ntfs - ok
14:18:52.0515 1904 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
14:18:52.0515 1904 Null - ok
14:18:54.0796 1904 nv (59e5d945934ec2e7eaa22af81813dabf) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
14:18:56.0640 1904 nv - ok
14:18:57.0078 1904 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:18:57.0093 1904 NwlnkFlt - ok
14:18:57.0484 1904 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:18:57.0500 1904 NwlnkFwd - ok
14:18:57.0984 1904 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
14:18:58.0015 1904 ohci1394 - ok
14:18:58.0484 1904 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\drivers\Parport.sys
14:18:58.0515 1904 Parport - ok
14:18:58.0906 1904 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
14:18:58.0921 1904 PartMgr - ok
14:18:59.0375 1904 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
14:18:59.0375 1904 ParVdm - ok
14:18:59.0796 1904 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
14:18:59.0843 1904 PCI - ok
14:19:00.0234 1904 PCIDump - ok
14:19:00.0656 1904 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
14:19:00.0656 1904 PCIIde - ok
14:19:01.0140 1904 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
14:19:01.0203 1904 Pcmcia - ok
14:19:01.0593 1904 PDCOMP - ok
14:19:01.0984 1904 PDFRAME - ok
14:19:02.0390 1904 PDRELI - ok
14:19:02.0796 1904 PDRFRAME - ok
14:19:03.0203 1904 perc2 - ok
14:19:03.0609 1904 perc2hib - ok
14:19:04.0156 1904 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:19:04.0171 1904 PptpMiniport - ok
14:19:04.0656 1904 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
14:19:04.0687 1904 PSched - ok
14:19:05.0125 1904 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:19:05.0125 1904 Ptilink - ok
14:19:05.0531 1904 ql1080 - ok
14:19:05.0921 1904 Ql10wnt - ok
14:19:06.0328 1904 ql12160 - ok
14:19:06.0734 1904 ql1240 - ok
14:19:07.0140 1904 ql1280 - ok
14:19:07.0562 1904 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:19:07.0578 1904 RasAcd - ok
14:19:08.0015 1904 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
14:19:08.0031 1904 Rasirda - ok
14:19:08.0453 1904 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:19:08.0484 1904 Rasl2tp - ok
14:19:08.0937 1904 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:19:08.0968 1904 RasPppoe - ok
14:19:09.0421 1904 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
14:19:09.0421 1904 Raspti - ok
14:19:09.0984 1904 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:19:10.0062 1904 Rdbss - ok
14:19:10.0484 1904 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:19:10.0484 1904 RDPCDD - ok
14:19:10.0984 1904 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
14:19:11.0078 1904 rdpdr - ok
14:19:11.0578 1904 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
14:19:11.0656 1904 RDPWD - ok
14:19:12.0125 1904 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
14:19:12.0156 1904 redbook - ok
14:19:12.0687 1904 rimmptsk (24ed7af20651f9fa1f249482e7c1f165) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
14:19:12.0703 1904 rimmptsk - ok
14:19:13.0125 1904 rimsptsk (1bdba2d2d402415a78a4ba766dfe0f7b) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
14:19:13.0140 1904 rimsptsk - ok
14:19:13.0703 1904 rismxdp (f774ecd11a064f0debb2d4395418153c) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
14:19:13.0859 1904 rismxdp - ok
14:19:14.0406 1904 RTL8023xp (d6e1b1bd04fad422af17fc4b810cb9af) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
14:19:14.0437 1904 RTL8023xp - ok
14:19:15.0000 1904 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
14:19:15.0031 1904 sdbus - ok
14:19:15.0500 1904 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:19:15.0500 1904 Secdrv - ok
14:19:15.0968 1904 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\drivers\Serial.sys
14:19:16.0015 1904 Serial - ok
14:19:16.0468 1904 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
14:19:16.0468 1904 sffdisk - ok
14:19:16.0859 1904 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
14:19:16.0875 1904 sffp_sd - ok
14:19:17.0312 1904 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
14:19:17.0312 1904 Sfloppy - ok
14:19:17.0718 1904 Simbad - ok
14:19:18.0156 1904 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
14:19:18.0156 1904 SLIP - ok
14:19:18.0625 1904 SMCIRDA (faedd4ac72c5772672cce88b3adafa56) C:\WINDOWS\system32\DRIVERS\smcirda.sys
14:19:18.0656 1904 SMCIRDA - ok
14:19:19.0046 1904 Sparrow - ok
14:19:19.0484 1904 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
14:19:19.0500 1904 splitter - ok
14:19:19.0953 1904 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
14:19:19.0984 1904 sr - ok
14:19:20.0609 1904 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
14:19:20.0796 1904 Srv - ok
14:19:21.0281 1904 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
14:19:21.0296 1904 streamip - ok
14:19:21.0734 1904 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
14:19:21.0734 1904 swenum - ok
14:19:22.0156 1904 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
14:19:22.0187 1904 swmidi - ok
14:19:22.0593 1904 symc810 - ok
14:19:22.0984 1904 symc8xx - ok
14:19:23.0390 1904 sym_hi - ok
14:19:23.0796 1904 sym_u3 - ok
14:19:24.0218 1904 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
14:19:24.0250 1904 sysaudio - ok
14:19:24.0875 1904 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:19:24.0875 1904 Tcpip - ok
14:19:25.0312 1904 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
14:19:25.0312 1904 TDPIPE - ok
14:19:25.0734 1904 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
14:19:25.0750 1904 TDTCP - ok
14:19:26.0171 1904 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
14:19:26.0203 1904 TermDD - ok
14:19:26.0640 1904 toshidpt (e362d54fd394999c4178936396664e57) C:\WINDOWS\system32\drivers\Toshidpt.sys
14:19:26.0640 1904 toshidpt - ok
14:19:27.0031 1904 TosIde - ok
14:19:27.0468 1904 tosporte (02ebf69066d6f208af4d07481bbae0ad) C:\WINDOWS\system32\DRIVERS\tosporte.sys
14:19:27.0484 1904 tosporte - ok
14:19:27.0968 1904 Tosrfbd (b52d9ce4a1f2feb1c77f913b55768530) C:\WINDOWS\system32\Drivers\tosrfbd.sys
14:19:28.0031 1904 Tosrfbd - ok
14:19:28.0437 1904 Tosrfbnp (1ae2ba74b2a4f5a358b13fcd35258c30) C:\WINDOWS\system32\Drivers\tosrfbnp.sys
14:19:28.0468 1904 Tosrfbnp - ok
14:19:28.0890 1904 Tosrfcom (5ba1ca3b3cddb1ddc67df473f05d1ec2) C:\WINDOWS\system32\Drivers\tosrfcom.sys
14:19:28.0921 1904 Tosrfcom - ok
14:19:29.0359 1904 Tosrfhid (8310963d2d06860e272eec87bca4217a) C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys
14:19:29.0406 1904 Tosrfhid - ok
14:19:29.0828 1904 tosrfnds (c52fd27b9adf3a1f22cb90e6bcf9b0cb) C:\WINDOWS\system32\DRIVERS\tosrfnds.sys
14:19:29.0843 1904 tosrfnds - ok
14:19:30.0281 1904 TosRfSnd (ab6fd13d7efa2634fa6bdf84c7ef0696) C:\WINDOWS\system32\drivers\TosRfSnd.sys
14:19:30.0312 1904 TosRfSnd - ok
14:19:30.0750 1904 Tosrfusb (c639fc314ea7436325ade8cd514b627c) C:\WINDOWS\system32\Drivers\tosrfusb.sys
14:19:30.0765 1904 Tosrfusb - ok
14:19:31.0265 1904 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
14:19:31.0296 1904 Udfs - ok
14:19:31.0687 1904 ultra - ok
14:19:32.0296 1904 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
14:19:32.0500 1904 Update - ok
14:19:32.0984 1904 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:19:33.0000 1904 usbehci - ok
14:19:33.0468 1904 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:19:33.0500 1904 usbhub - ok
14:19:33.0921 1904 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
14:19:33.0937 1904 usbprint - ok
14:19:34.0375 1904 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
14:19:34.0375 1904 usbscan - ok
14:19:34.0828 1904 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:19:34.0828 1904 USBSTOR - ok
14:19:35.0312 1904 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
14:19:35.0328 1904 usbuhci - ok
14:19:35.0859 1904 usbvm321 (bce87e9547a6c8815f64cd3c80733bc7) C:\WINDOWS\system32\Drivers\usbvm321.sys
14:19:35.0984 1904 usbvm321 - ok
14:19:36.0453 1904 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
14:19:36.0453 1904 VgaSave - ok
14:19:36.0843 1904 ViaIde - ok
14:19:37.0296 1904 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
14:19:37.0312 1904 VolSnap - ok
14:19:37.0828 1904 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:19:37.0843 1904 Wanarp - ok
14:19:38.0218 1904 WDICA - ok
14:19:38.0671 1904 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
14:19:38.0703 1904 wdmaud - ok
14:19:39.0328 1904 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
14:19:39.0343 1904 WSTCODEC - ok
14:19:39.0828 1904 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
14:19:39.0875 1904 WudfPf - ok
14:19:40.0359 1904 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
14:19:40.0390 1904 WudfRd - ok
14:19:40.0546 1904 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
14:19:40.0812 1904 \Device\Harddisk0\DR0 - ok
14:19:40.0828 1904 MBR (0x1B8) (f1a02ca4aafdb0f687f3961df0048c74) \Device\Harddisk1\DR2
14:19:40.0843 1904 \Device\Harddisk1\DR2 - ok
14:19:40.0859 1904 Boot (0x1200) (fc843fc1bc011f2e0f49efbfd770ea57) \Device\Harddisk0\DR0\Partition0
14:19:40.0859 1904 \Device\Harddisk0\DR0\Partition0 - ok
14:19:40.0875 1904 ============================================================
14:19:40.0875 1904 Scan finished
14:19:40.0875 1904 ============================================================
14:19:40.0921 1096 Detected object count: 0
14:19:40.0921 1096 Actual detected object count: 0
14:20:19.0296 1912 ============================================================
14:20:19.0296 1912 Scan started
14:20:19.0296 1912 Mode: Manual; SigCheck; TDLFS;
14:20:19.0296 1912 ============================================================
14:20:19.0734 1912 .imapi - ok
14:20:19.0765 1912 .intelppm - ok
14:20:19.0843 1912 .redbook - ok
14:20:20.0281 1912 Abiosdsk - ok
14:20:20.0687 1912 abp480n5 - ok
14:20:21.0203 1912 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:20:21.0593 1912 ACPI - ok
14:20:22.0031 1912 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
14:20:22.0140 1912 ACPIEC - ok
14:20:22.0640 1912 ADIHdAudAddService (be1423364bb05a6b1751a1e9515e6cac) C:\WINDOWS\system32\drivers\ADIHdAud.sys
14:20:22.0703 1912 ADIHdAudAddService - ok
14:20:23.0109 1912 adpu160m - ok
14:20:23.0625 1912 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
14:20:23.0734 1912 aec - ok
14:20:24.0250 1912 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
14:20:24.0328 1912 AFD - ok
14:20:24.0718 1912 Aha154x - ok
14:20:25.0109 1912 aic78u2 - ok
14:20:25.0531 1912 aic78xx - ok
14:20:25.0937 1912 AliIde - ok
14:20:26.0375 1912 amsint - ok
14:20:26.0859 1912 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
14:20:26.0953 1912 Arp1394 - ok
14:20:27.0343 1912 asc - ok
14:20:27.0765 1912 asc3350p - ok
14:20:28.0156 1912 asc3550 - ok
14:20:28.0656 1912 asuskbnt (f5c2ccdb273a546e9c3a15250f1d9165) C:\WINDOWS\system32\drivers\atkkbnt.sys
14:20:28.0671 1912 asuskbnt ( UnsignedFile.Multi.Generic ) - warning
14:20:28.0671 1912 asuskbnt - detected UnsignedFile.Multi.Generic (1)
14:20:29.0093 1912 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:20:29.0218 1912 AsyncMac - ok
14:20:29.0703 1912 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
14:20:29.0812 1912 atapi - ok
14:20:30.0203 1912 Atdisk - ok
14:20:30.0671 1912 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:20:30.0781 1912 Atmarpc - ok
14:20:31.0250 1912 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
14:20:31.0359 1912 audstub - ok
14:20:31.0796 1912 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
14:20:31.0890 1912 Beep - ok
14:20:31.0937 1912 catchme - ok
14:20:32.0406 1912 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
14:20:32.0531 1912 cbidf2k - ok
14:20:32.0968 1912 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
14:20:33.0078 1912 CCDECODE - ok
14:20:33.0484 1912 cd20xrnt - ok
14:20:33.0906 1912 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
14:20:34.0015 1912 Cdaudio - ok
14:20:34.0484 1912 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
14:20:34.0656 1912 Cdfs - ok
14:20:35.0078 1912 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:20:35.0187 1912 Cdrom - ok
14:20:35.0312 1912 CFcatchme - ok
14:20:35.0718 1912 Changer - ok
14:20:36.0187 1912 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
14:20:36.0296 1912 CmBatt - ok
14:20:36.0703 1912 CmdIde - ok
14:20:37.0093 1912 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
14:20:37.0203 1912 Compbatt - ok
14:20:37.0640 1912 Cpqarray - ok
14:20:38.0046 1912 dac2w2k - ok
14:20:38.0453 1912 dac960nt - ok
14:20:38.0906 1912 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
14:20:39.0015 1912 Disk - ok
14:20:39.0875 1912 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
14:20:40.0281 1912 dmboot - ok
14:20:40.0765 1912 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
14:20:40.0875 1912 dmio - ok
14:20:41.0296 1912 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
14:20:41.0375 1912 dmload - ok
14:20:41.0843 1912 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
14:20:41.0937 1912 DMusic - ok
14:20:42.0390 1912 dpti2o - ok
14:20:42.0828 1912 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
14:20:42.0906 1912 drmkaud - ok
14:20:43.0468 1912 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
14:20:43.0578 1912 Fastfat - ok
14:20:44.0015 1912 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
14:20:44.0109 1912 Fdc - ok
14:20:44.0593 1912 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
14:20:44.0703 1912 Fips - ok
14:20:45.0140 1912 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
14:20:45.0250 1912 Flpydisk - ok
14:20:45.0750 1912 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
14:20:45.0859 1912 FltMgr - ok
14:20:46.0296 1912 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:20:46.0406 1912 Fs_Rec - ok
14:20:46.0859 1912 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:20:46.0968 1912 Ftdisk - ok
14:20:47.0453 1912 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:20:47.0562 1912 Gpc - ok
14:20:48.0109 1912 HdAudAddService (2a013e7530beab6e569faa83f517e836) C:\WINDOWS\system32\drivers\HdAudio.sys
14:20:48.0156 1912 HdAudAddService - ok
14:20:48.0671 1912 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
14:20:48.0781 1912 HDAudBus - ok
14:20:49.0218 1912 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:20:49.0328 1912 HidUsb - ok
14:20:49.0734 1912 hpn - ok
14:20:50.0343 1912 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
14:20:50.0375 1912 HTTP - ok
14:20:50.0765 1912 i2omgmt - ok
14:20:51.0171 1912 i2omp - ok
14:20:51.0609 1912 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
14:20:51.0718 1912 i8042prt - ok
14:20:52.0187 1912 ICDSX (9404719c43986ef811e69520db411516) C:\WINDOWS\system32\Drivers\ICDSX.sys
14:20:52.0265 1912 ICDSX - ok
14:20:52.0703 1912 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
14:20:52.0796 1912 Imapi - ok
14:20:53.0218 1912 ini910u - ok
14:20:53.0640 1912 IntelIde - ok
14:20:54.0078 1912 intelppm (27b290d632af2cf3cf40bfddb7370985) C:\WINDOWS\system32\DRIVERS\intelppm.sys
14:20:54.0156 1912 intelppm - ok
14:20:54.0609 1912 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
14:20:54.0718 1912 Ip6Fw - ok
14:20:55.0156 1912 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:20:55.0265 1912 IpFilterDriver - ok
14:20:55.0703 1912 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:20:55.0796 1912 IpInIp - ok
14:20:56.0281 1912 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:20:56.0390 1912 IpNat - ok
14:20:56.0859 1912 IPSec (2e17fe76fa4ad3a4a297ff536f00e181) C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:20:56.0875 1912 IPSec ( UnsignedFile.Multi.Generic ) - warning
14:20:56.0875 1912 IPSec - detected UnsignedFile.Multi.Generic (1)
14:20:57.0343 1912 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
14:20:57.0468 1912 irda - ok
14:20:57.0921 1912 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
14:20:58.0015 1912 IRENUM - ok
14:20:58.0500 1912 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:20:58.0593 1912 isapnp - ok
14:20:59.0062 1912 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:20:59.0156 1912 Kbdclass - ok
14:20:59.0671 1912 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
14:20:59.0781 1912 kmixer - ok
14:21:00.0296 1912 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
14:21:00.0359 1912 KSecDD - ok
14:21:00.0781 1912 lbrtfdc - ok
14:21:01.0328 1912 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
14:21:01.0437 1912 mnmdd - ok
14:21:01.0906 1912 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
14:21:02.0015 1912 Modem - ok
14:21:02.0453 1912 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:21:02.0546 1912 Mouclass - ok
14:21:02.0984 1912 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:21:03.0093 1912 mouhid - ok
14:21:03.0562 1912 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
14:21:03.0656 1912 MountMgr - ok
14:21:04.0187 1912 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
14:21:04.0203 1912 MpFilter - ok
14:21:04.0296 1912 MpKsl19c4db5d - ok
14:21:04.0359 1912 MpKsl3baff57d - ok
14:21:04.0406 1912 MpKsl507acd58 - ok
14:21:04.0453 1912 MpKsl783c19f1 - ok
14:21:04.0515 1912 MpKsl92d6471d - ok
14:21:04.0562 1912 MpKsl99da5fd8 - ok
14:21:04.0609 1912 MpKsld7cb9d28 - ok
14:21:04.0671 1912 MpKsle3b7fcbb - ok
14:21:05.0093 1912 mraid35x - ok
14:21:05.0671 1912 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:21:05.0781 1912 MRxDAV - ok
14:21:06.0421 1912 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:21:06.0609 1912 MRxSmb - ok
14:21:07.0062 1912 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
14:21:07.0171 1912 Msfs - ok
14:21:07.0625 1912 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:21:07.0734 1912 MSKSSRV - ok
14:21:08.0171 1912 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:21:08.0296 1912 MSPCLOCK - ok
14:21:08.0687 1912 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
14:21:08.0796 1912 MSPQM - ok
14:21:09.0203 1912 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:21:09.0296 1912 mssmbios - ok
14:21:09.0750 1912 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
14:21:09.0859 1912 MSTEE - ok
14:21:10.0343 1912 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
14:21:10.0375 1912 Mup - ok
14:21:10.0843 1912 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
14:21:10.0953 1912 NABTSFEC - ok
14:21:11.0484 1912 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
14:21:11.0578 1912 NDIS - ok
14:21:12.0015 1912 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
14:21:12.0125 1912 NdisIP - ok
14:21:12.0562 1912 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:21:12.0609 1912 NdisTapi - ok
14:21:13.0031 1912 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:21:13.0125 1912 Ndisuio - ok
14:21:13.0578 1912 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:21:13.0671 1912 NdisWan - ok
14:21:14.0140 1912 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
14:21:14.0187 1912 NDProxy - ok
14:21:14.0609 1912 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
14:21:14.0703 1912 NetBIOS - ok
14:21:15.0187 1912 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
14:21:15.0343 1912 NetBT - ok
14:21:16.0718 1912 NETw3x32 (71371ed9086a3d65f43967c89634e9a9) C:\WINDOWS\system32\DRIVERS\NETw3x32.sys
14:21:17.0562 1912 NETw3x32 - ok
14:21:18.0031 1912 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
14:21:18.0125 1912 NIC1394 - ok
14:21:18.0562 1912 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
14:21:18.0656 1912 Npfs - ok
14:21:19.0359 1912 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
14:21:19.0578 1912 Ntfs - ok
14:21:20.0046 1912 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
14:21:20.0156 1912 Null - ok
14:21:22.0593 1912 nv (59e5d945934ec2e7eaa22af81813dabf) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
14:21:24.0375 1912 nv - ok
14:21:24.0875 1912 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:21:24.0984 1912 NwlnkFlt - ok
14:21:25.0453 1912 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:21:25.0546 1912 NwlnkFwd - ok
14:21:26.0046 1912 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
14:21:26.0125 1912 ohci1394 - ok
14:21:26.0640 1912 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\drivers\Parport.sys
14:21:26.0734 1912 Parport - ok
14:21:27.0156 1912 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
14:21:27.0234 1912 PartMgr - ok
14:21:27.0640 1912 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
14:21:27.0765 1912 ParVdm - ok
14:21:28.0203 1912 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
14:21:28.0281 1912 PCI - ok
14:21:28.0656 1912 PCIDump - ok
14:21:29.0062 1912 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
14:21:29.0187 1912 PCIIde - ok
14:21:29.0656 1912 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
14:21:29.0734 1912 Pcmcia - ok
14:21:30.0125 1912 PDCOMP - ok
14:21:30.0531 1912 PDFRAME - ok
14:21:30.0921 1912 PDRELI - ok
14:21:31.0312 1912 PDRFRAME - ok
14:21:31.0703 1912 perc2 - ok
14:21:32.0109 1912 perc2hib - ok
14:21:32.0640 1912 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:21:32.0718 1912 PptpMiniport - ok
14:21:33.0171 1912 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
14:21:33.0265 1912 PSched - ok
14:21:33.0656 1912 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:21:33.0765 1912 Ptilink - ok
14:21:34.0140 1912 ql1080 - ok
14:21:34.0546 1912 Ql10wnt - ok
14:21:34.0937 1912 ql12160 - ok
14:21:35.0328 1912 ql1240 - ok
14:21:35.0734 1912 ql1280 - ok
14:21:36.0171 1912 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:21:36.0281 1912 RasAcd - ok
14:21:36.0750 1912 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
14:21:36.0796 1912 Rasirda - ok
14:21:37.0250 1912 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:21:37.0343 1912 Rasl2tp - ok
14:21:37.0812 1912 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:21:37.0906 1912 RasPppoe - ok
14:21:38.0312 1912 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
14:21:38.0421 1912 Raspti - ok
14:21:38.0921 1912 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:21:39.0015 1912 Rdbss - ok
14:21:39.0421 1912 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:21:39.0531 1912 RDPCDD - ok
14:21:40.0046 1912 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
14:21:40.0171 1912 rdpdr - ok
14:21:40.0718 1912 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
14:21:40.0765 1912 RDPWD - ok
14:21:41.0234 1912 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
14:21:41.0343 1912 redbook - ok
14:21:41.0828 1912 rimmptsk (24ed7af20651f9fa1f249482e7c1f165) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
14:21:41.0875 1912 rimmptsk - ok
14:21:42.0312 1912 rimsptsk (1bdba2d2d402415a78a4ba766dfe0f7b) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
14:21:42.0375 1912 rimsptsk - ok
14:21:43.0031 1912 rismxdp (f774ecd11a064f0debb2d4395418153c) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
14:21:43.0078 1912 rismxdp - ok
14:21:43.0625 1912 RTL8023xp (d6e1b1bd04fad422af17fc4b810cb9af) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
14:21:43.0671 1912 RTL8023xp - ok
14:21:44.0203 1912 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
14:21:44.0312 1912 sdbus - ok
14:21:44.0796 1912 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:21:44.0906 1912 Secdrv - ok
14:21:45.0406 1912 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\drivers\Serial.sys
14:21:45.0515 1912 Serial - ok
14:21:46.0000 1912 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
14:21:46.0109 1912 sffdisk - ok
14:21:46.0515 1912 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
14:21:46.0609 1912 sffp_sd - ok
14:21:47.0015 1912 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
14:21:47.0109 1912 Sfloppy - ok
14:21:47.0531 1912 Simbad - ok
14:21:47.0968 1912 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
14:21:48.0062 1912 SLIP - ok
14:21:48.0515 1912 SMCIRDA (faedd4ac72c5772672cce88b3adafa56) C:\WINDOWS\system32\DRIVERS\smcirda.sys
14:21:48.0562 1912 SMCIRDA - ok
14:21:48.0968 1912 Sparrow - ok
14:21:49.0406 1912 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
14:21:49.0515 1912 splitter - ok
14:21:49.0968 1912 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
14:21:50.0062 1912 sr - ok
14:21:50.0703 1912 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
14:21:50.0875 1912 Srv - ok
14:21:51.0328 1912 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
14:21:51.0421 1912 streamip - ok
14:21:51.0859 1912 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
14:21:51.0953 1912 swenum - ok
14:21:52.0406 1912 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
14:21:52.0546 1912 swmidi - ok
14:21:52.0984 1912 symc810 - ok
14:21:53.0375 1912 symc8xx - ok
14:21:53.0765 1912 sym_hi - ok
14:21:54.0187 1912 sym_u3 - ok
14:21:54.0656 1912 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
14:21:54.0750 1912 sysaudio - ok
14:21:55.0406 1912 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:21:55.0593 1912 Tcpip - ok
14:21:56.0031 1912 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
14:21:56.0140 1912 TDPIPE - ok
14:21:56.0593 1912 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
14:21:56.0703 1912 TDTCP - ok
14:21:57.0125 1912 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
14:21:57.0218 1912 TermDD - ok
14:21:57.0687 1912 toshidpt (e362d54fd394999c4178936396664e57) C:\WINDOWS\system32\drivers\Toshidpt.sys
14:21:57.0687 1912 toshidpt ( UnsignedFile.Multi.Generic ) - warning
14:21:57.0687 1912 toshidpt - detected UnsignedFile.Multi.Generic (1)
14:21:58.0093 1912 TosIde - ok
14:21:58.0546 1912 tosporte (02ebf69066d6f208af4d07481bbae0ad) C:\WINDOWS\system32\DRIVERS\tosporte.sys
14:21:58.0562 1912 tosporte ( UnsignedFile.Multi.Generic ) - warning
14:21:58.0562 1912 tosporte - detected UnsignedFile.Multi.Generic (1)
14:21:59.0046 1912 Tosrfbd (b52d9ce4a1f2feb1c77f913b55768530) C:\WINDOWS\system32\Drivers\tosrfbd.sys
14:21:59.0062 1912 Tosrfbd ( UnsignedFile.Multi.Generic ) - warning
14:21:59.0062 1912 Tosrfbd - detected UnsignedFile.Multi.Generic (1)
14:21:59.0484 1912 Tosrfbnp (1ae2ba74b2a4f5a358b13fcd35258c30) C:\WINDOWS\system32\Drivers\tosrfbnp.sys
14:21:59.0500 1912 Tosrfbnp ( UnsignedFile.Multi.Generic ) - warning
14:21:59.0500 1912 Tosrfbnp - detected UnsignedFile.Multi.Generic (1)
14:21:59.0984 1912 Tosrfcom (5ba1ca3b3cddb1ddc67df473f05d1ec2) C:\WINDOWS\system32\Drivers\tosrfcom.sys
14:22:00.0015 1912 Tosrfcom ( UnsignedFile.Multi.Generic ) - warning
14:22:00.0015 1912 Tosrfcom - detected UnsignedFile.Multi.Generic (1)
14:22:00.0437 1912 Tosrfhid (8310963d2d06860e272eec87bca4217a) C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys
14:22:00.0531 1912 Tosrfhid ( UnsignedFile.Multi.Generic ) - warning
14:22:00.0531 1912 Tosrfhid - detected UnsignedFile.Multi.Generic (1)
14:22:00.0953 1912 tosrfnds (c52fd27b9adf3a1f22cb90e6bcf9b0cb) C:\WINDOWS\system32\DRIVERS\tosrfnds.sys
14:22:00.0953 1912 tosrfnds ( UnsignedFile.Multi.Generic ) - warning
14:22:00.0953 1912 tosrfnds - detected UnsignedFile.Multi.Generic (1)
14:22:01.0406 1912 TosRfSnd (ab6fd13d7efa2634fa6bdf84c7ef0696) C:\WINDOWS\system32\drivers\TosRfSnd.sys
14:22:01.0421 1912 TosRfSnd ( UnsignedFile.Multi.Generic ) - warning
14:22:01.0421 1912 TosRfSnd - detected UnsignedFile.Multi.Generic (1)
14:22:01.0906 1912 Tosrfusb (c639fc314ea7436325ade8cd514b627c) C:\WINDOWS\system32\Drivers\tosrfusb.sys
14:22:01.0906 1912 Tosrfusb ( UnsignedFile.Multi.Generic ) - warning
14:22:01.0906 1912 Tosrfusb - detected UnsignedFile.Multi.Generic (1)
14:22:02.0406 1912 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
14:22:02.0515 1912 Udfs - ok
14:22:02.0906 1912 ultra - ok
14:22:03.0515 1912 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
14:22:03.0750 1912 Update - ok
14:22:04.0234 1912 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:22:04.0328 1912 usbehci - ok
14:22:04.0781 1912 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:22:04.0875 1912 usbhub - ok
14:22:05.0296 1912 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
14:22:05.0406 1912 usbprint - ok
14:22:05.0875 1912 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
14:22:05.0968 1912 usbscan - ok
14:22:06.0406 1912 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:22:06.0515 1912 USBSTOR - ok
14:22:06.0968 1912 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
14:22:07.0062 1912 usbuhci - ok
14:22:07.0640 1912 usbvm321 (bce87e9547a6c8815f64cd3c80733bc7) C:\WINDOWS\system32\Drivers\usbvm321.sys
14:22:07.0687 1912 usbvm321 - ok
14:22:08.0125 1912 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
14:22:08.0218 1912 VgaSave - ok
14:22:08.0609 1912 ViaIde - ok
14:22:09.0062 1912 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
14:22:09.0156 1912 VolSnap - ok
14:22:09.0656 1912 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:22:09.0765 1912 Wanarp - ok
14:22:10.0156 1912 WDICA - ok
14:22:10.0625 1912 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
14:22:10.0718 1912 wdmaud - ok
14:22:11.0359 1912 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
14:22:11.0468 1912 WSTCODEC - ok
14:22:11.0968 1912 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
14:22:12.0000 1912 WudfPf - ok
14:22:12.0468 1912 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
14:22:12.0484 1912 WudfRd - ok
14:22:12.0671 1912 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
14:22:13.0062 1912 \Device\Harddisk0\DR0 - ok
14:22:13.0078 1912 MBR (0x1B8) (f1a02ca4aafdb0f687f3961df0048c74) \Device\Harddisk1\DR2
14:22:13.0265 1912 \Device\Harddisk1\DR2 - ok
14:22:13.0281 1912 Boot (0x1200) (fc843fc1bc011f2e0f49efbfd770ea57) \Device\Harddisk0\DR0\Partition0
14:22:13.0296 1912 \Device\Harddisk0\DR0\Partition0 - ok
14:22:13.0296 1912 ============================================================
14:22:13.0296 1912 Scan finished
14:22:13.0296 1912 ============================================================
14:22:13.0437 1868 Detected object count: 11
14:22:13.0437 1868 Actual detected object count: 11
14:24:54.0515 1868 asuskbnt ( UnsignedFile.Multi.Generic ) - skipped by user
14:24:54.0515 1868 asuskbnt ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:24:54.0515 1868 IPSec ( UnsignedFile.Multi.Generic ) - skipped by user
14:24:54.0515 1868 IPSec ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:24:54.0531 1868 toshidpt ( UnsignedFile.Multi.Generic ) - skipped by user
14:24:54.0531 1868 toshidpt ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:24:54.0546 1868 tosporte ( UnsignedFile.Multi.Generic ) - skipped by user
14:24:54.0546 1868 tosporte ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:24:54.0562 1868 Tosrfbd ( UnsignedFile.Multi.Generic ) - skipped by user
14:24:54.0562 1868 Tosrfbd ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:24:54.0578 1868 Tosrfbnp ( UnsignedFile.Multi.Generic ) - skipped by user
14:24:54.0578 1868 Tosrfbnp ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:24:54.0593 1868 Tosrfcom ( UnsignedFile.Multi.Generic ) - skipped by user
14:24:54.0593 1868 Tosrfcom ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:24:54.0609 1868 Tosrfhid ( UnsignedFile.Multi.Generic ) - skipped by user
14:24:54.0609 1868 Tosrfhid ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:24:54.0625 1868 tosrfnds ( UnsignedFile.Multi.Generic ) - skipped by user
14:24:54.0625 1868 tosrfnds ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:24:54.0640 1868 TosRfSnd ( UnsignedFile.Multi.Generic ) - skipped by user
14:24:54.0640 1868 TosRfSnd ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:24:54.0656 1868 Tosrfusb ( UnsignedFile.Multi.Generic ) - skipped by user
14:24:54.0656 1868 Tosrfusb ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:17:50.0000 1592 ============================================================
14:17:50.0000 1592 Current date / time: 2011/09/28 14:17:50.0000
14:17:50.0000 1592 SystemInfo:
14:17:50.0000 1592
14:17:50.0000 1592 OS Version: 5.1.2600 ServicePack: 3.0
14:17:50.0000 1592 Product type: Workstation
14:17:50.0000 1592 ComputerName: LUU
14:17:50.0000 1592 UserName: Lucka
14:17:50.0000 1592 Windows directory: C:\WINDOWS
14:17:50.0000 1592 System windows directory: C:\WINDOWS
14:17:50.0000 1592 Processor architecture: Intel x86
14:17:50.0000 1592 Number of processors: 2
14:17:50.0000 1592 Page size: 0x1000
14:17:50.0000 1592 Boot type: Safe boot
14:17:50.0000 1592 ============================================================
14:17:52.0109 1592 Initialize success
14:17:55.0578 1904 ============================================================
14:17:55.0578 1904 Scan started
14:17:55.0578 1904 Mode: Manual;
14:17:55.0578 1904 ============================================================
14:17:58.0187 1904 .imapi - ok
14:17:58.0218 1904 .intelppm - ok
14:17:58.0312 1904 .redbook - ok
14:17:58.0750 1904 Abiosdsk - ok
14:17:59.0171 1904 abp480n5 - ok
14:17:59.0687 1904 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:17:59.0765 1904 ACPI - ok
14:18:00.0203 1904 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
14:18:00.0203 1904 ACPIEC - ok
14:18:00.0718 1904 ADIHdAudAddService (be1423364bb05a6b1751a1e9515e6cac) C:\WINDOWS\system32\drivers\ADIHdAud.sys
14:18:00.0796 1904 ADIHdAudAddService - ok
14:18:01.0218 1904 adpu160m - ok
14:18:01.0703 1904 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
14:18:01.0703 1904 aec - ok
14:18:02.0250 1904 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
14:18:02.0312 1904 AFD - ok
14:18:02.0718 1904 Aha154x - ok
14:18:03.0125 1904 aic78u2 - ok
14:18:03.0546 1904 aic78xx - ok
14:18:03.0984 1904 AliIde - ok
14:18:04.0375 1904 amsint - ok
14:18:04.0828 1904 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
14:18:04.0859 1904 Arp1394 - ok
14:18:05.0250 1904 asc - ok
14:18:05.0640 1904 asc3350p - ok
14:18:06.0031 1904 asc3550 - ok
14:18:06.0531 1904 asuskbnt (f5c2ccdb273a546e9c3a15250f1d9165) C:\WINDOWS\system32\drivers\atkkbnt.sys
14:18:06.0531 1904 asuskbnt - ok
14:18:06.0968 1904 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:18:06.0968 1904 AsyncMac - ok
14:18:07.0437 1904 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
14:18:07.0437 1904 atapi - ok
14:18:07.0812 1904 Atdisk - ok
14:18:08.0328 1904 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:18:08.0359 1904 Atmarpc - ok
14:18:08.0765 1904 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
14:18:08.0765 1904 audstub - ok
14:18:09.0234 1904 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
14:18:09.0234 1904 Beep - ok
14:18:09.0281 1904 catchme - ok
14:18:09.0703 1904 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
14:18:09.0718 1904 cbidf2k - ok
14:18:10.0156 1904 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
14:18:10.0156 1904 CCDECODE - ok
14:18:10.0546 1904 cd20xrnt - ok
14:18:10.0953 1904 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
14:18:10.0968 1904 Cdaudio - ok
14:18:11.0437 1904 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
14:18:11.0468 1904 Cdfs - ok
14:18:11.0921 1904 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:18:11.0953 1904 Cdrom - ok
14:18:12.0109 1904 CFcatchme - ok
14:18:12.0515 1904 Changer - ok
14:18:12.0984 1904 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
14:18:12.0984 1904 CmBatt - ok
14:18:13.0406 1904 CmdIde - ok
14:18:13.0843 1904 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
14:18:13.0859 1904 Compbatt - ok
14:18:14.0296 1904 Cpqarray - ok
14:18:14.0703 1904 dac2w2k - ok
14:18:15.0093 1904 dac960nt - ok
14:18:15.0562 1904 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
14:18:15.0578 1904 Disk - ok
14:18:16.0421 1904 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
14:18:16.0812 1904 dmboot - ok
14:18:17.0296 1904 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
14:18:17.0359 1904 dmio - ok
14:18:17.0765 1904 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
14:18:17.0765 1904 dmload - ok
14:18:18.0312 1904 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
14:18:18.0328 1904 DMusic - ok
14:18:18.0765 1904 dpti2o - ok
14:18:19.0171 1904 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
14:18:19.0171 1904 drmkaud - ok
14:18:19.0718 1904 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
14:18:19.0796 1904 Fastfat - ok
14:18:20.0234 1904 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
14:18:20.0250 1904 Fdc - ok
14:18:20.0703 1904 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
14:18:20.0734 1904 Fips - ok
14:18:21.0125 1904 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
14:18:21.0125 1904 Flpydisk - ok
14:18:21.0609 1904 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
14:18:21.0671 1904 FltMgr - ok
14:18:22.0078 1904 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:18:22.0078 1904 Fs_Rec - ok
14:18:22.0546 1904 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:18:22.0609 1904 Ftdisk - ok
14:18:23.0062 1904 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:18:23.0078 1904 Gpc - ok
14:18:23.0625 1904 HdAudAddService (2a013e7530beab6e569faa83f517e836) C:\WINDOWS\system32\drivers\HdAudio.sys
14:18:23.0687 1904 HdAudAddService - ok
14:18:24.0250 1904 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
14:18:24.0250 1904 HDAudBus - ok
14:18:24.0703 1904 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:18:24.0703 1904 HidUsb - ok
14:18:25.0125 1904 hpn - ok
14:18:25.0687 1904 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
14:18:25.0828 1904 HTTP - ok
14:18:26.0250 1904 i2omgmt - ok
14:18:26.0640 1904 i2omp - ok
14:18:27.0093 1904 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
14:18:27.0125 1904 i8042prt - ok
14:18:27.0562 1904 ICDSX (9404719c43986ef811e69520db411516) C:\WINDOWS\system32\Drivers\ICDSX.sys
14:18:27.0578 1904 ICDSX - ok
14:18:28.0031 1904 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
14:18:28.0046 1904 Imapi - ok
14:18:28.0500 1904 ini910u - ok
14:18:28.0921 1904 IntelIde - ok
14:18:29.0359 1904 intelppm (27b290d632af2cf3cf40bfddb7370985) C:\WINDOWS\system32\DRIVERS\intelppm.sys
14:18:29.0375 1904 intelppm - ok
14:18:29.0781 1904 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
14:18:29.0781 1904 Ip6Fw - ok
14:18:30.0218 1904 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:18:30.0234 1904 IpFilterDriver - ok
14:18:30.0671 1904 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:18:30.0687 1904 IpInIp - ok
14:18:31.0187 1904 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:18:31.0265 1904 IpNat - ok
14:18:31.0703 1904 IPSec (2e17fe76fa4ad3a4a297ff536f00e181) C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:18:31.0734 1904 IPSec - ok
14:18:32.0203 1904 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
14:18:32.0250 1904 irda - ok
14:18:32.0671 1904 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
14:18:32.0671 1904 IRENUM - ok
14:18:33.0187 1904 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:18:33.0218 1904 isapnp - ok
14:18:33.0656 1904 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:18:33.0656 1904 Kbdclass - ok
14:18:34.0156 1904 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
14:18:34.0234 1904 kmixer - ok
14:18:34.0687 1904 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
14:18:34.0734 1904 KSecDD - ok
14:18:35.0171 1904 lbrtfdc - ok
14:18:35.0703 1904 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
14:18:35.0718 1904 mnmdd - ok
14:18:36.0187 1904 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
14:18:36.0203 1904 Modem - ok
14:18:36.0625 1904 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:18:36.0640 1904 Mouclass - ok
14:18:37.0109 1904 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:18:37.0109 1904 mouhid - ok
14:18:37.0515 1904 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
14:18:37.0546 1904 MountMgr - ok
14:18:38.0031 1904 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
14:18:38.0125 1904 MpFilter - ok
14:18:38.0250 1904 MpKsl19c4db5d - ok
14:18:38.0296 1904 MpKsl3baff57d - ok
14:18:38.0359 1904 MpKsl507acd58 - ok
14:18:38.0406 1904 MpKsl783c19f1 - ok
14:18:38.0453 1904 MpKsl92d6471d - ok
14:18:38.0531 1904 MpKsl99da5fd8 - ok
14:18:38.0593 1904 MpKsld7cb9d28 - ok
14:18:38.0656 1904 MpKsle3b7fcbb - ok
14:18:39.0078 1904 mraid35x - ok
14:18:39.0609 1904 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:18:39.0703 1904 MRxDAV - ok
14:18:40.0343 1904 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:18:40.0562 1904 MRxSmb - ok
14:18:41.0000 1904 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
14:18:41.0015 1904 Msfs - ok
14:18:41.0468 1904 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:18:41.0468 1904 MSKSSRV - ok
14:18:41.0906 1904 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:18:41.0906 1904 MSPCLOCK - ok
14:18:42.0312 1904 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
14:18:42.0312 1904 MSPQM - ok
14:18:42.0734 1904 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:18:42.0750 1904 mssmbios - ok
14:18:43.0156 1904 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
14:18:43.0171 1904 MSTEE - ok
14:18:43.0640 1904 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
14:18:43.0687 1904 Mup - ok
14:18:44.0234 1904 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
14:18:44.0281 1904 NABTSFEC - ok
14:18:44.0859 1904 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
14:18:44.0859 1904 NDIS - ok
14:18:45.0281 1904 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
14:18:45.0281 1904 NdisIP - ok
14:18:45.0718 1904 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:18:45.0718 1904 NdisTapi - ok
14:18:46.0187 1904 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:18:46.0187 1904 Ndisuio - ok
14:18:46.0625 1904 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:18:46.0671 1904 NdisWan - ok
14:18:47.0125 1904 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
14:18:47.0140 1904 NDProxy - ok
14:18:47.0562 1904 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
14:18:47.0578 1904 NetBIOS - ok
14:18:48.0062 1904 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
14:18:48.0140 1904 NetBT - ok
14:18:49.0562 1904 NETw3x32 (71371ed9086a3d65f43967c89634e9a9) C:\WINDOWS\system32\DRIVERS\NETw3x32.sys
14:18:50.0437 1904 NETw3x32 - ok
14:18:50.0875 1904 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
14:18:50.0906 1904 NIC1394 - ok
14:18:51.0359 1904 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
14:18:51.0375 1904 Npfs - ok
14:18:52.0046 1904 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
14:18:52.0062 1904 Ntfs - ok
14:18:52.0515 1904 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
14:18:52.0515 1904 Null - ok
14:18:54.0796 1904 nv (59e5d945934ec2e7eaa22af81813dabf) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
14:18:56.0640 1904 nv - ok
14:18:57.0078 1904 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:18:57.0093 1904 NwlnkFlt - ok
14:18:57.0484 1904 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:18:57.0500 1904 NwlnkFwd - ok
14:18:57.0984 1904 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
14:18:58.0015 1904 ohci1394 - ok
14:18:58.0484 1904 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\drivers\Parport.sys
14:18:58.0515 1904 Parport - ok
14:18:58.0906 1904 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
14:18:58.0921 1904 PartMgr - ok
14:18:59.0375 1904 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
14:18:59.0375 1904 ParVdm - ok
14:18:59.0796 1904 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
14:18:59.0843 1904 PCI - ok
14:19:00.0234 1904 PCIDump - ok
14:19:00.0656 1904 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
14:19:00.0656 1904 PCIIde - ok
14:19:01.0140 1904 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
14:19:01.0203 1904 Pcmcia - ok
14:19:01.0593 1904 PDCOMP - ok
14:19:01.0984 1904 PDFRAME - ok
14:19:02.0390 1904 PDRELI - ok
14:19:02.0796 1904 PDRFRAME - ok
14:19:03.0203 1904 perc2 - ok
14:19:03.0609 1904 perc2hib - ok
14:19:04.0156 1904 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:19:04.0171 1904 PptpMiniport - ok
14:19:04.0656 1904 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
14:19:04.0687 1904 PSched - ok
14:19:05.0125 1904 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:19:05.0125 1904 Ptilink - ok
14:19:05.0531 1904 ql1080 - ok
14:19:05.0921 1904 Ql10wnt - ok
14:19:06.0328 1904 ql12160 - ok
14:19:06.0734 1904 ql1240 - ok
14:19:07.0140 1904 ql1280 - ok
14:19:07.0562 1904 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:19:07.0578 1904 RasAcd - ok
14:19:08.0015 1904 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
14:19:08.0031 1904 Rasirda - ok
14:19:08.0453 1904 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:19:08.0484 1904 Rasl2tp - ok
14:19:08.0937 1904 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:19:08.0968 1904 RasPppoe - ok
14:19:09.0421 1904 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
14:19:09.0421 1904 Raspti - ok
14:19:09.0984 1904 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:19:10.0062 1904 Rdbss - ok
14:19:10.0484 1904 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:19:10.0484 1904 RDPCDD - ok
14:19:10.0984 1904 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
14:19:11.0078 1904 rdpdr - ok
14:19:11.0578 1904 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
14:19:11.0656 1904 RDPWD - ok
14:19:12.0125 1904 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
14:19:12.0156 1904 redbook - ok
14:19:12.0687 1904 rimmptsk (24ed7af20651f9fa1f249482e7c1f165) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
14:19:12.0703 1904 rimmptsk - ok
14:19:13.0125 1904 rimsptsk (1bdba2d2d402415a78a4ba766dfe0f7b) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
14:19:13.0140 1904 rimsptsk - ok
14:19:13.0703 1904 rismxdp (f774ecd11a064f0debb2d4395418153c) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
14:19:13.0859 1904 rismxdp - ok
14:19:14.0406 1904 RTL8023xp (d6e1b1bd04fad422af17fc4b810cb9af) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
14:19:14.0437 1904 RTL8023xp - ok
14:19:15.0000 1904 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
14:19:15.0031 1904 sdbus - ok
14:19:15.0500 1904 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:19:15.0500 1904 Secdrv - ok
14:19:15.0968 1904 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\drivers\Serial.sys
14:19:16.0015 1904 Serial - ok
14:19:16.0468 1904 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
14:19:16.0468 1904 sffdisk - ok
14:19:16.0859 1904 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
14:19:16.0875 1904 sffp_sd - ok
14:19:17.0312 1904 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
14:19:17.0312 1904 Sfloppy - ok
14:19:17.0718 1904 Simbad - ok
14:19:18.0156 1904 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
14:19:18.0156 1904 SLIP - ok
14:19:18.0625 1904 SMCIRDA (faedd4ac72c5772672cce88b3adafa56) C:\WINDOWS\system32\DRIVERS\smcirda.sys
14:19:18.0656 1904 SMCIRDA - ok
14:19:19.0046 1904 Sparrow - ok
14:19:19.0484 1904 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
14:19:19.0500 1904 splitter - ok
14:19:19.0953 1904 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
14:19:19.0984 1904 sr - ok
14:19:20.0609 1904 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
14:19:20.0796 1904 Srv - ok
14:19:21.0281 1904 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
14:19:21.0296 1904 streamip - ok
14:19:21.0734 1904 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
14:19:21.0734 1904 swenum - ok
14:19:22.0156 1904 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
14:19:22.0187 1904 swmidi - ok
14:19:22.0593 1904 symc810 - ok
14:19:22.0984 1904 symc8xx - ok
14:19:23.0390 1904 sym_hi - ok
14:19:23.0796 1904 sym_u3 - ok
14:19:24.0218 1904 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
14:19:24.0250 1904 sysaudio - ok
14:19:24.0875 1904 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:19:24.0875 1904 Tcpip - ok
14:19:25.0312 1904 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
14:19:25.0312 1904 TDPIPE - ok
14:19:25.0734 1904 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
14:19:25.0750 1904 TDTCP - ok
14:19:26.0171 1904 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
14:19:26.0203 1904 TermDD - ok
14:19:26.0640 1904 toshidpt (e362d54fd394999c4178936396664e57) C:\WINDOWS\system32\drivers\Toshidpt.sys
14:19:26.0640 1904 toshidpt - ok
14:19:27.0031 1904 TosIde - ok
14:19:27.0468 1904 tosporte (02ebf69066d6f208af4d07481bbae0ad) C:\WINDOWS\system32\DRIVERS\tosporte.sys
14:19:27.0484 1904 tosporte - ok
14:19:27.0968 1904 Tosrfbd (b52d9ce4a1f2feb1c77f913b55768530) C:\WINDOWS\system32\Drivers\tosrfbd.sys
14:19:28.0031 1904 Tosrfbd - ok
14:19:28.0437 1904 Tosrfbnp (1ae2ba74b2a4f5a358b13fcd35258c30) C:\WINDOWS\system32\Drivers\tosrfbnp.sys
14:19:28.0468 1904 Tosrfbnp - ok
14:19:28.0890 1904 Tosrfcom (5ba1ca3b3cddb1ddc67df473f05d1ec2) C:\WINDOWS\system32\Drivers\tosrfcom.sys
14:19:28.0921 1904 Tosrfcom - ok
14:19:29.0359 1904 Tosrfhid (8310963d2d06860e272eec87bca4217a) C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys
14:19:29.0406 1904 Tosrfhid - ok
14:19:29.0828 1904 tosrfnds (c52fd27b9adf3a1f22cb90e6bcf9b0cb) C:\WINDOWS\system32\DRIVERS\tosrfnds.sys
14:19:29.0843 1904 tosrfnds - ok
14:19:30.0281 1904 TosRfSnd (ab6fd13d7efa2634fa6bdf84c7ef0696) C:\WINDOWS\system32\drivers\TosRfSnd.sys
14:19:30.0312 1904 TosRfSnd - ok
14:19:30.0750 1904 Tosrfusb (c639fc314ea7436325ade8cd514b627c) C:\WINDOWS\system32\Drivers\tosrfusb.sys
14:19:30.0765 1904 Tosrfusb - ok
14:19:31.0265 1904 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
14:19:31.0296 1904 Udfs - ok
14:19:31.0687 1904 ultra - ok
14:19:32.0296 1904 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
14:19:32.0500 1904 Update - ok
14:19:32.0984 1904 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:19:33.0000 1904 usbehci - ok
14:19:33.0468 1904 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:19:33.0500 1904 usbhub - ok
14:19:33.0921 1904 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
14:19:33.0937 1904 usbprint - ok
14:19:34.0375 1904 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
14:19:34.0375 1904 usbscan - ok
14:19:34.0828 1904 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:19:34.0828 1904 USBSTOR - ok
14:19:35.0312 1904 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
14:19:35.0328 1904 usbuhci - ok
14:19:35.0859 1904 usbvm321 (bce87e9547a6c8815f64cd3c80733bc7) C:\WINDOWS\system32\Drivers\usbvm321.sys
14:19:35.0984 1904 usbvm321 - ok
14:19:36.0453 1904 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
14:19:36.0453 1904 VgaSave - ok
14:19:36.0843 1904 ViaIde - ok
14:19:37.0296 1904 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
14:19:37.0312 1904 VolSnap - ok
14:19:37.0828 1904 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:19:37.0843 1904 Wanarp - ok
14:19:38.0218 1904 WDICA - ok
14:19:38.0671 1904 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
14:19:38.0703 1904 wdmaud - ok
14:19:39.0328 1904 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
14:19:39.0343 1904 WSTCODEC - ok
14:19:39.0828 1904 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
14:19:39.0875 1904 WudfPf - ok
14:19:40.0359 1904 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
14:19:40.0390 1904 WudfRd - ok
14:19:40.0546 1904 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
14:19:40.0812 1904 \Device\Harddisk0\DR0 - ok
14:19:40.0828 1904 MBR (0x1B8) (f1a02ca4aafdb0f687f3961df0048c74) \Device\Harddisk1\DR2
14:19:40.0843 1904 \Device\Harddisk1\DR2 - ok
14:19:40.0859 1904 Boot (0x1200) (fc843fc1bc011f2e0f49efbfd770ea57) \Device\Harddisk0\DR0\Partition0
14:19:40.0859 1904 \Device\Harddisk0\DR0\Partition0 - ok
14:19:40.0875 1904 ============================================================
14:19:40.0875 1904 Scan finished
14:19:40.0875 1904 ============================================================
14:19:40.0921 1096 Detected object count: 0
14:19:40.0921 1096 Actual detected object count: 0
14:20:19.0296 1912 ============================================================
14:20:19.0296 1912 Scan started
14:20:19.0296 1912 Mode: Manual; SigCheck; TDLFS;
14:20:19.0296 1912 ============================================================
14:20:19.0734 1912 .imapi - ok
14:20:19.0765 1912 .intelppm - ok
14:20:19.0843 1912 .redbook - ok
14:20:20.0281 1912 Abiosdsk - ok
14:20:20.0687 1912 abp480n5 - ok
14:20:21.0203 1912 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:20:21.0593 1912 ACPI - ok
14:20:22.0031 1912 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
14:20:22.0140 1912 ACPIEC - ok
14:20:22.0640 1912 ADIHdAudAddService (be1423364bb05a6b1751a1e9515e6cac) C:\WINDOWS\system32\drivers\ADIHdAud.sys
14:20:22.0703 1912 ADIHdAudAddService - ok
14:20:23.0109 1912 adpu160m - ok
14:20:23.0625 1912 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
14:20:23.0734 1912 aec - ok
14:20:24.0250 1912 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
14:20:24.0328 1912 AFD - ok
14:20:24.0718 1912 Aha154x - ok
14:20:25.0109 1912 aic78u2 - ok
14:20:25.0531 1912 aic78xx - ok
14:20:25.0937 1912 AliIde - ok
14:20:26.0375 1912 amsint - ok
14:20:26.0859 1912 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
14:20:26.0953 1912 Arp1394 - ok
14:20:27.0343 1912 asc - ok
14:20:27.0765 1912 asc3350p - ok
14:20:28.0156 1912 asc3550 - ok
14:20:28.0656 1912 asuskbnt (f5c2ccdb273a546e9c3a15250f1d9165) C:\WINDOWS\system32\drivers\atkkbnt.sys
14:20:28.0671 1912 asuskbnt ( UnsignedFile.Multi.Generic ) - warning
14:20:28.0671 1912 asuskbnt - detected UnsignedFile.Multi.Generic (1)
14:20:29.0093 1912 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:20:29.0218 1912 AsyncMac - ok
14:20:29.0703 1912 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
14:20:29.0812 1912 atapi - ok
14:20:30.0203 1912 Atdisk - ok
14:20:30.0671 1912 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:20:30.0781 1912 Atmarpc - ok
14:20:31.0250 1912 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
14:20:31.0359 1912 audstub - ok
14:20:31.0796 1912 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
14:20:31.0890 1912 Beep - ok
14:20:31.0937 1912 catchme - ok
14:20:32.0406 1912 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
14:20:32.0531 1912 cbidf2k - ok
14:20:32.0968 1912 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
14:20:33.0078 1912 CCDECODE - ok
14:20:33.0484 1912 cd20xrnt - ok
14:20:33.0906 1912 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
14:20:34.0015 1912 Cdaudio - ok
14:20:34.0484 1912 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
14:20:34.0656 1912 Cdfs - ok
14:20:35.0078 1912 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:20:35.0187 1912 Cdrom - ok
14:20:35.0312 1912 CFcatchme - ok
14:20:35.0718 1912 Changer - ok
14:20:36.0187 1912 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
14:20:36.0296 1912 CmBatt - ok
14:20:36.0703 1912 CmdIde - ok
14:20:37.0093 1912 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
14:20:37.0203 1912 Compbatt - ok
14:20:37.0640 1912 Cpqarray - ok
14:20:38.0046 1912 dac2w2k - ok
14:20:38.0453 1912 dac960nt - ok
14:20:38.0906 1912 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
14:20:39.0015 1912 Disk - ok
14:20:39.0875 1912 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
14:20:40.0281 1912 dmboot - ok
14:20:40.0765 1912 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
14:20:40.0875 1912 dmio - ok
14:20:41.0296 1912 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
14:20:41.0375 1912 dmload - ok
14:20:41.0843 1912 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
14:20:41.0937 1912 DMusic - ok
14:20:42.0390 1912 dpti2o - ok
14:20:42.0828 1912 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
14:20:42.0906 1912 drmkaud - ok
14:20:43.0468 1912 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
14:20:43.0578 1912 Fastfat - ok
14:20:44.0015 1912 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
14:20:44.0109 1912 Fdc - ok
14:20:44.0593 1912 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
14:20:44.0703 1912 Fips - ok
14:20:45.0140 1912 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
14:20:45.0250 1912 Flpydisk - ok
14:20:45.0750 1912 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
14:20:45.0859 1912 FltMgr - ok
14:20:46.0296 1912 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:20:46.0406 1912 Fs_Rec - ok
14:20:46.0859 1912 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:20:46.0968 1912 Ftdisk - ok
14:20:47.0453 1912 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:20:47.0562 1912 Gpc - ok
14:20:48.0109 1912 HdAudAddService (2a013e7530beab6e569faa83f517e836) C:\WINDOWS\system32\drivers\HdAudio.sys
14:20:48.0156 1912 HdAudAddService - ok
14:20:48.0671 1912 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
14:20:48.0781 1912 HDAudBus - ok
14:20:49.0218 1912 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:20:49.0328 1912 HidUsb - ok
14:20:49.0734 1912 hpn - ok
14:20:50.0343 1912 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
14:20:50.0375 1912 HTTP - ok
14:20:50.0765 1912 i2omgmt - ok
14:20:51.0171 1912 i2omp - ok
14:20:51.0609 1912 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
14:20:51.0718 1912 i8042prt - ok
14:20:52.0187 1912 ICDSX (9404719c43986ef811e69520db411516) C:\WINDOWS\system32\Drivers\ICDSX.sys
14:20:52.0265 1912 ICDSX - ok
14:20:52.0703 1912 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
14:20:52.0796 1912 Imapi - ok
14:20:53.0218 1912 ini910u - ok
14:20:53.0640 1912 IntelIde - ok
14:20:54.0078 1912 intelppm (27b290d632af2cf3cf40bfddb7370985) C:\WINDOWS\system32\DRIVERS\intelppm.sys
14:20:54.0156 1912 intelppm - ok
14:20:54.0609 1912 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
14:20:54.0718 1912 Ip6Fw - ok
14:20:55.0156 1912 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:20:55.0265 1912 IpFilterDriver - ok
14:20:55.0703 1912 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:20:55.0796 1912 IpInIp - ok
14:20:56.0281 1912 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:20:56.0390 1912 IpNat - ok
14:20:56.0859 1912 IPSec (2e17fe76fa4ad3a4a297ff536f00e181) C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:20:56.0875 1912 IPSec ( UnsignedFile.Multi.Generic ) - warning
14:20:56.0875 1912 IPSec - detected UnsignedFile.Multi.Generic (1)
14:20:57.0343 1912 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
14:20:57.0468 1912 irda - ok
14:20:57.0921 1912 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
14:20:58.0015 1912 IRENUM - ok
14:20:58.0500 1912 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:20:58.0593 1912 isapnp - ok
14:20:59.0062 1912 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:20:59.0156 1912 Kbdclass - ok
14:20:59.0671 1912 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
14:20:59.0781 1912 kmixer - ok
14:21:00.0296 1912 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
14:21:00.0359 1912 KSecDD - ok
14:21:00.0781 1912 lbrtfdc - ok
14:21:01.0328 1912 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
14:21:01.0437 1912 mnmdd - ok
14:21:01.0906 1912 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
14:21:02.0015 1912 Modem - ok
14:21:02.0453 1912 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:21:02.0546 1912 Mouclass - ok
14:21:02.0984 1912 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:21:03.0093 1912 mouhid - ok
14:21:03.0562 1912 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
14:21:03.0656 1912 MountMgr - ok
14:21:04.0187 1912 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
14:21:04.0203 1912 MpFilter - ok
14:21:04.0296 1912 MpKsl19c4db5d - ok
14:21:04.0359 1912 MpKsl3baff57d - ok
14:21:04.0406 1912 MpKsl507acd58 - ok
14:21:04.0453 1912 MpKsl783c19f1 - ok
14:21:04.0515 1912 MpKsl92d6471d - ok
14:21:04.0562 1912 MpKsl99da5fd8 - ok
14:21:04.0609 1912 MpKsld7cb9d28 - ok
14:21:04.0671 1912 MpKsle3b7fcbb - ok
14:21:05.0093 1912 mraid35x - ok
14:21:05.0671 1912 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:21:05.0781 1912 MRxDAV - ok
14:21:06.0421 1912 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:21:06.0609 1912 MRxSmb - ok
14:21:07.0062 1912 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
14:21:07.0171 1912 Msfs - ok
14:21:07.0625 1912 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:21:07.0734 1912 MSKSSRV - ok
14:21:08.0171 1912 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:21:08.0296 1912 MSPCLOCK - ok
14:21:08.0687 1912 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
14:21:08.0796 1912 MSPQM - ok
14:21:09.0203 1912 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:21:09.0296 1912 mssmbios - ok
14:21:09.0750 1912 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
14:21:09.0859 1912 MSTEE - ok
14:21:10.0343 1912 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
14:21:10.0375 1912 Mup - ok
14:21:10.0843 1912 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
14:21:10.0953 1912 NABTSFEC - ok
14:21:11.0484 1912 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
14:21:11.0578 1912 NDIS - ok
14:21:12.0015 1912 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
14:21:12.0125 1912 NdisIP - ok
14:21:12.0562 1912 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:21:12.0609 1912 NdisTapi - ok
14:21:13.0031 1912 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:21:13.0125 1912 Ndisuio - ok
14:21:13.0578 1912 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:21:13.0671 1912 NdisWan - ok
14:21:14.0140 1912 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
14:21:14.0187 1912 NDProxy - ok
14:21:14.0609 1912 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
14:21:14.0703 1912 NetBIOS - ok
14:21:15.0187 1912 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
14:21:15.0343 1912 NetBT - ok
14:21:16.0718 1912 NETw3x32 (71371ed9086a3d65f43967c89634e9a9) C:\WINDOWS\system32\DRIVERS\NETw3x32.sys
14:21:17.0562 1912 NETw3x32 - ok
14:21:18.0031 1912 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
14:21:18.0125 1912 NIC1394 - ok
14:21:18.0562 1912 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
14:21:18.0656 1912 Npfs - ok
14:21:19.0359 1912 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
14:21:19.0578 1912 Ntfs - ok
14:21:20.0046 1912 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
14:21:20.0156 1912 Null - ok
14:21:22.0593 1912 nv (59e5d945934ec2e7eaa22af81813dabf) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
14:21:24.0375 1912 nv - ok
14:21:24.0875 1912 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:21:24.0984 1912 NwlnkFlt - ok
14:21:25.0453 1912 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:21:25.0546 1912 NwlnkFwd - ok
14:21:26.0046 1912 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
14:21:26.0125 1912 ohci1394 - ok
14:21:26.0640 1912 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\drivers\Parport.sys
14:21:26.0734 1912 Parport - ok
14:21:27.0156 1912 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
14:21:27.0234 1912 PartMgr - ok
14:21:27.0640 1912 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
14:21:27.0765 1912 ParVdm - ok
14:21:28.0203 1912 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
14:21:28.0281 1912 PCI - ok
14:21:28.0656 1912 PCIDump - ok
14:21:29.0062 1912 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
14:21:29.0187 1912 PCIIde - ok
14:21:29.0656 1912 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
14:21:29.0734 1912 Pcmcia - ok
14:21:30.0125 1912 PDCOMP - ok
14:21:30.0531 1912 PDFRAME - ok
14:21:30.0921 1912 PDRELI - ok
14:21:31.0312 1912 PDRFRAME - ok
14:21:31.0703 1912 perc2 - ok
14:21:32.0109 1912 perc2hib - ok
14:21:32.0640 1912 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:21:32.0718 1912 PptpMiniport - ok
14:21:33.0171 1912 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
14:21:33.0265 1912 PSched - ok
14:21:33.0656 1912 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:21:33.0765 1912 Ptilink - ok
14:21:34.0140 1912 ql1080 - ok
14:21:34.0546 1912 Ql10wnt - ok
14:21:34.0937 1912 ql12160 - ok
14:21:35.0328 1912 ql1240 - ok
14:21:35.0734 1912 ql1280 - ok
14:21:36.0171 1912 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:21:36.0281 1912 RasAcd - ok
14:21:36.0750 1912 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
14:21:36.0796 1912 Rasirda - ok
14:21:37.0250 1912 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:21:37.0343 1912 Rasl2tp - ok
14:21:37.0812 1912 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:21:37.0906 1912 RasPppoe - ok
14:21:38.0312 1912 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
14:21:38.0421 1912 Raspti - ok
14:21:38.0921 1912 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:21:39.0015 1912 Rdbss - ok
14:21:39.0421 1912 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:21:39.0531 1912 RDPCDD - ok
14:21:40.0046 1912 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
14:21:40.0171 1912 rdpdr - ok
14:21:40.0718 1912 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
14:21:40.0765 1912 RDPWD - ok
14:21:41.0234 1912 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
14:21:41.0343 1912 redbook - ok
14:21:41.0828 1912 rimmptsk (24ed7af20651f9fa1f249482e7c1f165) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
14:21:41.0875 1912 rimmptsk - ok
14:21:42.0312 1912 rimsptsk (1bdba2d2d402415a78a4ba766dfe0f7b) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
14:21:42.0375 1912 rimsptsk - ok
14:21:43.0031 1912 rismxdp (f774ecd11a064f0debb2d4395418153c) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
14:21:43.0078 1912 rismxdp - ok
14:21:43.0625 1912 RTL8023xp (d6e1b1bd04fad422af17fc4b810cb9af) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
14:21:43.0671 1912 RTL8023xp - ok
14:21:44.0203 1912 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
14:21:44.0312 1912 sdbus - ok
14:21:44.0796 1912 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:21:44.0906 1912 Secdrv - ok
14:21:45.0406 1912 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\drivers\Serial.sys
14:21:45.0515 1912 Serial - ok
14:21:46.0000 1912 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
14:21:46.0109 1912 sffdisk - ok
14:21:46.0515 1912 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
14:21:46.0609 1912 sffp_sd - ok
14:21:47.0015 1912 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
14:21:47.0109 1912 Sfloppy - ok
14:21:47.0531 1912 Simbad - ok
14:21:47.0968 1912 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
14:21:48.0062 1912 SLIP - ok
14:21:48.0515 1912 SMCIRDA (faedd4ac72c5772672cce88b3adafa56) C:\WINDOWS\system32\DRIVERS\smcirda.sys
14:21:48.0562 1912 SMCIRDA - ok
14:21:48.0968 1912 Sparrow - ok
14:21:49.0406 1912 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
14:21:49.0515 1912 splitter - ok
14:21:49.0968 1912 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
14:21:50.0062 1912 sr - ok
14:21:50.0703 1912 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
14:21:50.0875 1912 Srv - ok
14:21:51.0328 1912 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
14:21:51.0421 1912 streamip - ok
14:21:51.0859 1912 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
14:21:51.0953 1912 swenum - ok
14:21:52.0406 1912 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
14:21:52.0546 1912 swmidi - ok
14:21:52.0984 1912 symc810 - ok
14:21:53.0375 1912 symc8xx - ok
14:21:53.0765 1912 sym_hi - ok
14:21:54.0187 1912 sym_u3 - ok
14:21:54.0656 1912 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
14:21:54.0750 1912 sysaudio - ok
14:21:55.0406 1912 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:21:55.0593 1912 Tcpip - ok
14:21:56.0031 1912 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
14:21:56.0140 1912 TDPIPE - ok
14:21:56.0593 1912 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
14:21:56.0703 1912 TDTCP - ok
14:21:57.0125 1912 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
14:21:57.0218 1912 TermDD - ok
14:21:57.0687 1912 toshidpt (e362d54fd394999c4178936396664e57) C:\WINDOWS\system32\drivers\Toshidpt.sys
14:21:57.0687 1912 toshidpt ( UnsignedFile.Multi.Generic ) - warning
14:21:57.0687 1912 toshidpt - detected UnsignedFile.Multi.Generic (1)
14:21:58.0093 1912 TosIde - ok
14:21:58.0546 1912 tosporte (02ebf69066d6f208af4d07481bbae0ad) C:\WINDOWS\system32\DRIVERS\tosporte.sys
14:21:58.0562 1912 tosporte ( UnsignedFile.Multi.Generic ) - warning
14:21:58.0562 1912 tosporte - detected UnsignedFile.Multi.Generic (1)
14:21:59.0046 1912 Tosrfbd (b52d9ce4a1f2feb1c77f913b55768530) C:\WINDOWS\system32\Drivers\tosrfbd.sys
14:21:59.0062 1912 Tosrfbd ( UnsignedFile.Multi.Generic ) - warning
14:21:59.0062 1912 Tosrfbd - detected UnsignedFile.Multi.Generic (1)
14:21:59.0484 1912 Tosrfbnp (1ae2ba74b2a4f5a358b13fcd35258c30) C:\WINDOWS\system32\Drivers\tosrfbnp.sys
14:21:59.0500 1912 Tosrfbnp ( UnsignedFile.Multi.Generic ) - warning
14:21:59.0500 1912 Tosrfbnp - detected UnsignedFile.Multi.Generic (1)
14:21:59.0984 1912 Tosrfcom (5ba1ca3b3cddb1ddc67df473f05d1ec2) C:\WINDOWS\system32\Drivers\tosrfcom.sys
14:22:00.0015 1912 Tosrfcom ( UnsignedFile.Multi.Generic ) - warning
14:22:00.0015 1912 Tosrfcom - detected UnsignedFile.Multi.Generic (1)
14:22:00.0437 1912 Tosrfhid (8310963d2d06860e272eec87bca4217a) C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys
14:22:00.0531 1912 Tosrfhid ( UnsignedFile.Multi.Generic ) - warning
14:22:00.0531 1912 Tosrfhid - detected UnsignedFile.Multi.Generic (1)
14:22:00.0953 1912 tosrfnds (c52fd27b9adf3a1f22cb90e6bcf9b0cb) C:\WINDOWS\system32\DRIVERS\tosrfnds.sys
14:22:00.0953 1912 tosrfnds ( UnsignedFile.Multi.Generic ) - warning
14:22:00.0953 1912 tosrfnds - detected UnsignedFile.Multi.Generic (1)
14:22:01.0406 1912 TosRfSnd (ab6fd13d7efa2634fa6bdf84c7ef0696) C:\WINDOWS\system32\drivers\TosRfSnd.sys
14:22:01.0421 1912 TosRfSnd ( UnsignedFile.Multi.Generic ) - warning
14:22:01.0421 1912 TosRfSnd - detected UnsignedFile.Multi.Generic (1)
14:22:01.0906 1912 Tosrfusb (c639fc314ea7436325ade8cd514b627c) C:\WINDOWS\system32\Drivers\tosrfusb.sys
14:22:01.0906 1912 Tosrfusb ( UnsignedFile.Multi.Generic ) - warning
14:22:01.0906 1912 Tosrfusb - detected UnsignedFile.Multi.Generic (1)
14:22:02.0406 1912 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
14:22:02.0515 1912 Udfs - ok
14:22:02.0906 1912 ultra - ok
14:22:03.0515 1912 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
14:22:03.0750 1912 Update - ok
14:22:04.0234 1912 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:22:04.0328 1912 usbehci - ok
14:22:04.0781 1912 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:22:04.0875 1912 usbhub - ok
14:22:05.0296 1912 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
14:22:05.0406 1912 usbprint - ok
14:22:05.0875 1912 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
14:22:05.0968 1912 usbscan - ok
14:22:06.0406 1912 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:22:06.0515 1912 USBSTOR - ok
14:22:06.0968 1912 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
14:22:07.0062 1912 usbuhci - ok
14:22:07.0640 1912 usbvm321 (bce87e9547a6c8815f64cd3c80733bc7) C:\WINDOWS\system32\Drivers\usbvm321.sys
14:22:07.0687 1912 usbvm321 - ok
14:22:08.0125 1912 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
14:22:08.0218 1912 VgaSave - ok
14:22:08.0609 1912 ViaIde - ok
14:22:09.0062 1912 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
14:22:09.0156 1912 VolSnap - ok
14:22:09.0656 1912 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:22:09.0765 1912 Wanarp - ok
14:22:10.0156 1912 WDICA - ok
14:22:10.0625 1912 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
14:22:10.0718 1912 wdmaud - ok
14:22:11.0359 1912 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
14:22:11.0468 1912 WSTCODEC - ok
14:22:11.0968 1912 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
14:22:12.0000 1912 WudfPf - ok
14:22:12.0468 1912 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
14:22:12.0484 1912 WudfRd - ok
14:22:12.0671 1912 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
14:22:13.0062 1912 \Device\Harddisk0\DR0 - ok
14:22:13.0078 1912 MBR (0x1B8) (f1a02ca4aafdb0f687f3961df0048c74) \Device\Harddisk1\DR2
14:22:13.0265 1912 \Device\Harddisk1\DR2 - ok
14:22:13.0281 1912 Boot (0x1200) (fc843fc1bc011f2e0f49efbfd770ea57) \Device\Harddisk0\DR0\Partition0
14:22:13.0296 1912 \Device\Harddisk0\DR0\Partition0 - ok
14:22:13.0296 1912 ============================================================
14:22:13.0296 1912 Scan finished
14:22:13.0296 1912 ============================================================
14:22:13.0437 1868 Detected object count: 11
14:22:13.0437 1868 Actual detected object count: 11
14:24:54.0515 1868 asuskbnt ( UnsignedFile.Multi.Generic ) - skipped by user
14:24:54.0515 1868 asuskbnt ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:24:54.0515 1868 IPSec ( UnsignedFile.Multi.Generic ) - skipped by user
14:24:54.0515 1868 IPSec ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:24:54.0531 1868 toshidpt ( UnsignedFile.Multi.Generic ) - skipped by user
14:24:54.0531 1868 toshidpt ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:24:54.0546 1868 tosporte ( UnsignedFile.Multi.Generic ) - skipped by user
14:24:54.0546 1868 tosporte ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:24:54.0562 1868 Tosrfbd ( UnsignedFile.Multi.Generic ) - skipped by user
14:24:54.0562 1868 Tosrfbd ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:24:54.0578 1868 Tosrfbnp ( UnsignedFile.Multi.Generic ) - skipped by user
14:24:54.0578 1868 Tosrfbnp ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:24:54.0593 1868 Tosrfcom ( UnsignedFile.Multi.Generic ) - skipped by user
14:24:54.0593 1868 Tosrfcom ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:24:54.0609 1868 Tosrfhid ( UnsignedFile.Multi.Generic ) - skipped by user
14:24:54.0609 1868 Tosrfhid ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:24:54.0625 1868 tosrfnds ( UnsignedFile.Multi.Generic ) - skipped by user
14:24:54.0625 1868 tosrfnds ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:24:54.0640 1868 TosRfSnd ( UnsignedFile.Multi.Generic ) - skipped by user
14:24:54.0640 1868 TosRfSnd ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:24:54.0656 1868 Tosrfusb ( UnsignedFile.Multi.Generic ) - skipped by user
14:24:54.0656 1868 Tosrfusb ( UnsignedFile.Multi.Generic ) - User select action: Skip
Re: viry-vypnuti antiviru, nefunkční internet ...
Internet stále nejde, lépe řečeno, v připojeních vše ok, jak wifi tak kabel online ale je nejspíš nějak blokován, v CF porad hlasi neni internet. Odinstaloval jsem antivir (microsoft essential) nešlo s ním nic dělat a CF hlásilo že jím může být blokován.
Jinak ten soubor je ke stažení zde. V zipu, winrar jsem tam přítelkyni nenašel..
http://www.uschovna.cz/zasilka/D1K7ERT32K6HABYR-TUC
Jinak ten soubor je ke stažení zde. V zipu, winrar jsem tam přítelkyni nenašel..
http://www.uschovna.cz/zasilka/D1K7ERT32K6HABYR-TUC
Re: viry-vypnuti antiviru, nefunkční internet ...
Logicky, když už tak už.. je tam servis pack 3. jaký je postup v tomto případě?
Re: viry-vypnuti antiviru, nefunkční internet ...
Konzole pro onovení proběhlo vpoho. Ping pong se mnou seznam hrát nechce. CF se při kontrole jednou restartoval a informoval o rootu..
ComboFix 11-09-26.02 - Lucka 28.09.2011 18:45:47.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.752 [GMT 2:00]
Spuštěný z: c:\documents and settings\Lucka\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Lucka\Plocha\WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
AV: Microsoft Security Essentials *Enabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\$NtUninstallKB8224$\448200240
c:\windows\ehome\medctrro.exe
c:\windows\system32\
c:\windows\$NtUninstallKB8224$ . . . . nemohl být smazán
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-08-28 do 2011-09-28 )))))))))))))))))))))))))))))))
.
.
2011-09-28 15:32 . 2011-09-28 15:32 -------- d--h--w- c:\windows\system32\GroupPolicy
2011-09-28 10:17 . 2011-09-28 10:17 -------- d-----w- C:\rsit
2011-09-28 10:17 . 2011-09-28 10:17 -------- d-----w- c:\program files\trend micro
2011-09-28 10:16 . 2011-09-28 10:16 -------- d-----w- c:\program files\ESET
2011-09-28 10:16 . 2011-09-28 10:16 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ESET
2011-09-28 09:50 . 2011-09-28 09:50 -------- d-----w- c:\documents and settings\Administrator
2011-09-28 09:49 . 2011-09-28 09:49 -------- d-----w- c:\documents and settings\Lucka\Local Settings\Data aplikací\PCHealth
2011-09-28 09:42 . 2011-09-28 11:50 48016 --sha-w- c:\windows\system32\c_17051.nl_
2011-09-14 19:49 . 2008-04-14 02:21 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2011-09-14 19:49 . 2008-04-14 02:21 21504 ----a-w- c:\windows\system32\hidserv.dll
2011-09-03 10:17 . 2011-09-09 09:12 602112 -c----w- c:\windows\system32\dllcache\crypt32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-28 08:13 . 2011-05-17 18:18 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-09 09:12 . 2004-08-18 12:00 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-07-15 13:29 . 2004-08-18 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02 . 2004-08-18 12:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-09-07 05:41 . 2011-03-24 07:25 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
Chyba šifrovací služby !!
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-07-20 7581696]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-03 435096]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth Manager.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth Manager.lnk
backup=c:\windows\pss\Bluetooth Manager.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Lucka^Nabídka Start^Programy^Po spuštění^Adobe Gamma.lnk]
path=c:\documents and settings\Lucka\Nabídka Start\Programy\Po spuštění\Adobe Gamma.lnk
backup=c:\windows\pss\Adobe Gamma.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-03-30 04:59 937920 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-06-08 04:02 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 09:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark X1100 Series]
2003-08-19 14:36 57344 ----a-w- c:\program files\Lexmark X1100 Series\lxbkbmgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 03:22 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2006-07-20 18:58 7581696 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2006-07-20 18:58 86016 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2006-07-20 18:58 1519616 ----a-w- c:\windows\system32\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2011-08-18 15:04 17360520 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 10:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zástupce stránky vlastností sběrnice High Definition Audio]
2005-01-07 15:07 61952 ------w- c:\windows\system32\HdAShCut.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Common Files\\Microsoft Shared\\DW\\DW20.EXE"=
.
R1 MpKsl19c4db5d;MpKsl19c4db5d;c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8DB6ED70-307E-43D0-BEA3-629841919AA3}\MpKsl19c4db5d.sys [x]
R1 MpKsl3baff57d;MpKsl3baff57d;c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{2329368B-5ABB-478B-92FD-16013CCDD8B5}\MpKsl3baff57d.sys [x]
R1 MpKsl507acd58;MpKsl507acd58;c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{093C17A3-3C47-4462-87EA-972ACC9CF665}\MpKsl507acd58.sys [x]
R1 MpKsl783c19f1;MpKsl783c19f1;c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{649E9EBC-EAB1-457B-968A-9BA0DCDF8693}\MpKsl783c19f1.sys [x]
R1 MpKsl92d6471d;MpKsl92d6471d;c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{093C17A3-3C47-4462-87EA-972ACC9CF665}\MpKsl92d6471d.sys [x]
R1 MpKsl99da5fd8;MpKsl99da5fd8;c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{4E920287-8060-4678-885E-688FA5E0C8C8}\MpKsl99da5fd8.sys [x]
R1 MpKsld7cb9d28;MpKsld7cb9d28;c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{7E342DC7-9256-45BE-AF33-2343C0A5AC86}\MpKsld7cb9d28.sys [x]
R1 MpKsle3b7fcbb;MpKsle3b7fcbb;c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{C0F231B9-9D5D-427E-B618-53A3DD85D645}\MpKsle3b7fcbb.sys [x]
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-12-20 136176]
R3 CFcatchme;CFcatchme;c:\docume~1\Lucka\LOCALS~1\Temp\CFcatchme.sys [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-12-20 136176]
R3 ICDSX;Sony IC Recorder (SX);c:\windows\system32\Drivers\ICDSX.sys [2003-10-01 31744]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-09-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-20 06:50]
.
2011-09-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-20 06:50]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\documents and settings\Lucka\Data aplikací\Mozilla\Firefox\Profiles\av491d33.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-09-28 18:55
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\.imapi]
"ImagePath"="\*"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\.intelppm]
"ImagePath"="\*"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\.redbook]
"ImagePath"="\*"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(1912)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\LEXBCES.EXE
c:\windows\system32\LEXPPS.EXE
c:\windows\ATKKBService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\imapi.exe
.
**************************************************************************
.
Celkový čas: 2011-09-28 18:56:26 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-09-28 16:56
ComboFix2.txt 2011-09-28 12:17
.
Před spuštěním: Volných bajtů: 24 807 436 288
Po spuštění: Volných bajtů: 24 807 985 152
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 61A1BD455FA7B0820C4D11BB3D2570BB
ComboFix 11-09-26.02 - Lucka 28.09.2011 18:45:47.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.752 [GMT 2:00]
Spuštěný z: c:\documents and settings\Lucka\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Lucka\Plocha\WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
AV: Microsoft Security Essentials *Enabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\$NtUninstallKB8224$\448200240
c:\windows\ehome\medctrro.exe
c:\windows\system32\
c:\windows\$NtUninstallKB8224$ . . . . nemohl být smazán
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-08-28 do 2011-09-28 )))))))))))))))))))))))))))))))
.
.
2011-09-28 15:32 . 2011-09-28 15:32 -------- d--h--w- c:\windows\system32\GroupPolicy
2011-09-28 10:17 . 2011-09-28 10:17 -------- d-----w- C:\rsit
2011-09-28 10:17 . 2011-09-28 10:17 -------- d-----w- c:\program files\trend micro
2011-09-28 10:16 . 2011-09-28 10:16 -------- d-----w- c:\program files\ESET
2011-09-28 10:16 . 2011-09-28 10:16 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ESET
2011-09-28 09:50 . 2011-09-28 09:50 -------- d-----w- c:\documents and settings\Administrator
2011-09-28 09:49 . 2011-09-28 09:49 -------- d-----w- c:\documents and settings\Lucka\Local Settings\Data aplikací\PCHealth
2011-09-28 09:42 . 2011-09-28 11:50 48016 --sha-w- c:\windows\system32\c_17051.nl_
2011-09-14 19:49 . 2008-04-14 02:21 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2011-09-14 19:49 . 2008-04-14 02:21 21504 ----a-w- c:\windows\system32\hidserv.dll
2011-09-03 10:17 . 2011-09-09 09:12 602112 -c----w- c:\windows\system32\dllcache\crypt32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-28 08:13 . 2011-05-17 18:18 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-09 09:12 . 2004-08-18 12:00 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-07-15 13:29 . 2004-08-18 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02 . 2004-08-18 12:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-09-07 05:41 . 2011-03-24 07:25 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
Chyba šifrovací služby !!
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-07-20 7581696]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-03 435096]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth Manager.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth Manager.lnk
backup=c:\windows\pss\Bluetooth Manager.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Lucka^Nabídka Start^Programy^Po spuštění^Adobe Gamma.lnk]
path=c:\documents and settings\Lucka\Nabídka Start\Programy\Po spuštění\Adobe Gamma.lnk
backup=c:\windows\pss\Adobe Gamma.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-03-30 04:59 937920 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-06-08 04:02 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 09:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark X1100 Series]
2003-08-19 14:36 57344 ----a-w- c:\program files\Lexmark X1100 Series\lxbkbmgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 03:22 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2006-07-20 18:58 7581696 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2006-07-20 18:58 86016 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2006-07-20 18:58 1519616 ----a-w- c:\windows\system32\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2011-08-18 15:04 17360520 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 10:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zástupce stránky vlastností sběrnice High Definition Audio]
2005-01-07 15:07 61952 ------w- c:\windows\system32\HdAShCut.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Common Files\\Microsoft Shared\\DW\\DW20.EXE"=
.
R1 MpKsl19c4db5d;MpKsl19c4db5d;c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8DB6ED70-307E-43D0-BEA3-629841919AA3}\MpKsl19c4db5d.sys [x]
R1 MpKsl3baff57d;MpKsl3baff57d;c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{2329368B-5ABB-478B-92FD-16013CCDD8B5}\MpKsl3baff57d.sys [x]
R1 MpKsl507acd58;MpKsl507acd58;c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{093C17A3-3C47-4462-87EA-972ACC9CF665}\MpKsl507acd58.sys [x]
R1 MpKsl783c19f1;MpKsl783c19f1;c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{649E9EBC-EAB1-457B-968A-9BA0DCDF8693}\MpKsl783c19f1.sys [x]
R1 MpKsl92d6471d;MpKsl92d6471d;c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{093C17A3-3C47-4462-87EA-972ACC9CF665}\MpKsl92d6471d.sys [x]
R1 MpKsl99da5fd8;MpKsl99da5fd8;c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{4E920287-8060-4678-885E-688FA5E0C8C8}\MpKsl99da5fd8.sys [x]
R1 MpKsld7cb9d28;MpKsld7cb9d28;c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{7E342DC7-9256-45BE-AF33-2343C0A5AC86}\MpKsld7cb9d28.sys [x]
R1 MpKsle3b7fcbb;MpKsle3b7fcbb;c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{C0F231B9-9D5D-427E-B618-53A3DD85D645}\MpKsle3b7fcbb.sys [x]
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-12-20 136176]
R3 CFcatchme;CFcatchme;c:\docume~1\Lucka\LOCALS~1\Temp\CFcatchme.sys [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-12-20 136176]
R3 ICDSX;Sony IC Recorder (SX);c:\windows\system32\Drivers\ICDSX.sys [2003-10-01 31744]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-09-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-20 06:50]
.
2011-09-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-20 06:50]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\documents and settings\Lucka\Data aplikací\Mozilla\Firefox\Profiles\av491d33.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-09-28 18:55
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\.imapi]
"ImagePath"="\*"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\.intelppm]
"ImagePath"="\*"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\.redbook]
"ImagePath"="\*"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(1912)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\LEXBCES.EXE
c:\windows\system32\LEXPPS.EXE
c:\windows\ATKKBService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\imapi.exe
.
**************************************************************************
.
Celkový čas: 2011-09-28 18:56:26 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-09-28 16:56
ComboFix2.txt 2011-09-28 12:17
.
Před spuštěním: Volných bajtů: 24 807 436 288
Po spuštění: Volných bajtů: 24 807 985 152
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 61A1BD455FA7B0820C4D11BB3D2570BB
Re: viry-vypnuti antiviru, nefunkční internet ...
Zdá se, že tď juž proběhl CF celý. Ty tři registry jsem vyexportoval a můžu poslat, nevím jak je přečíst a zkopčit.
ComboFix 11-09-26.02 - Lucka 28.09.2011 19:33:42.3.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.613 [GMT 2:00]
Spuštěný z: c:\documents and settings\Lucka\Plocha\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-08-28 do 2011-09-28 )))))))))))))))))))))))))))))))
.
.
2011-09-28 15:32 . 2011-09-28 15:32 -------- d--h--w- c:\windows\system32\GroupPolicy
2011-09-28 10:17 . 2011-09-28 10:17 -------- d-----w- C:\rsit
2011-09-28 10:17 . 2011-09-28 10:17 -------- d-----w- c:\program files\trend micro
2011-09-28 10:16 . 2011-09-28 10:16 -------- d-----w- c:\program files\ESET
2011-09-28 10:16 . 2011-09-28 10:16 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ESET
2011-09-28 09:50 . 2011-09-28 09:50 -------- d-----w- c:\documents and settings\Administrator
2011-09-28 09:49 . 2011-09-28 09:49 -------- d-----w- c:\documents and settings\Lucka\Local Settings\Data aplikací\PCHealth
2011-09-28 09:42 . 2011-09-28 11:50 48016 --sha-w- c:\windows\system32\c_17051.nl_
2011-09-14 19:49 . 2008-04-14 02:21 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2011-09-14 19:49 . 2008-04-14 02:21 21504 ----a-w- c:\windows\system32\hidserv.dll
2011-09-03 10:17 . 2011-09-09 09:12 602112 -c----w- c:\windows\system32\dllcache\crypt32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-28 08:13 . 2011-05-17 18:18 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-09 09:12 . 2004-08-18 12:00 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-07-15 13:29 . 2004-08-18 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02 . 2004-08-18 12:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-09-07 05:41 . 2011-03-24 07:25 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-09-28_12.11.24 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-09-28 17:21 . 2011-09-28 17:21 16384 c:\windows\temp\Perflib_Perfdata_680.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-07-20 7581696]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-03 435096]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth Manager.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth Manager.lnk
backup=c:\windows\pss\Bluetooth Manager.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Lucka^Nabídka Start^Programy^Po spuštění^Adobe Gamma.lnk]
path=c:\documents and settings\Lucka\Nabídka Start\Programy\Po spuštění\Adobe Gamma.lnk
backup=c:\windows\pss\Adobe Gamma.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-03-30 04:59 937920 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-06-08 04:02 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 09:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark X1100 Series]
2003-08-19 14:36 57344 ----a-w- c:\program files\Lexmark X1100 Series\lxbkbmgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 03:22 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2006-07-20 18:58 7581696 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2006-07-20 18:58 86016 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2006-07-20 18:58 1519616 ----a-w- c:\windows\system32\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2011-08-18 15:04 17360520 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 10:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zástupce stránky vlastností sběrnice High Definition Audio]
2005-01-07 15:07 61952 ------w- c:\windows\system32\HdAShCut.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Common Files\\Microsoft Shared\\DW\\DW20.EXE"=
.
S1 MpKsl19c4db5d;MpKsl19c4db5d;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8DB6ED70-307E-43D0-BEA3-629841919AA3}\MpKsl19c4db5d.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8DB6ED70-307E-43D0-BEA3-629841919AA3}\MpKsl19c4db5d.sys [?]
S1 MpKsl3baff57d;MpKsl3baff57d;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{2329368B-5ABB-478B-92FD-16013CCDD8B5}\MpKsl3baff57d.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{2329368B-5ABB-478B-92FD-16013CCDD8B5}\MpKsl3baff57d.sys [?]
S1 MpKsl507acd58;MpKsl507acd58;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{093C17A3-3C47-4462-87EA-972ACC9CF665}\MpKsl507acd58.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{093C17A3-3C47-4462-87EA-972ACC9CF665}\MpKsl507acd58.sys [?]
S1 MpKsl783c19f1;MpKsl783c19f1;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{649E9EBC-EAB1-457B-968A-9BA0DCDF8693}\MpKsl783c19f1.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{649E9EBC-EAB1-457B-968A-9BA0DCDF8693}\MpKsl783c19f1.sys [?]
S1 MpKsl92d6471d;MpKsl92d6471d;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{093C17A3-3C47-4462-87EA-972ACC9CF665}\MpKsl92d6471d.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{093C17A3-3C47-4462-87EA-972ACC9CF665}\MpKsl92d6471d.sys [?]
S1 MpKsl99da5fd8;MpKsl99da5fd8;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{4E920287-8060-4678-885E-688FA5E0C8C8}\MpKsl99da5fd8.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{4E920287-8060-4678-885E-688FA5E0C8C8}\MpKsl99da5fd8.sys [?]
S1 MpKsld7cb9d28;MpKsld7cb9d28;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{7E342DC7-9256-45BE-AF33-2343C0A5AC86}\MpKsld7cb9d28.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{7E342DC7-9256-45BE-AF33-2343C0A5AC86}\MpKsld7cb9d28.sys [?]
S1 MpKsle3b7fcbb;MpKsle3b7fcbb;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{C0F231B9-9D5D-427E-B618-53A3DD85D645}\MpKsle3b7fcbb.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{C0F231B9-9D5D-427E-B618-53A3DD85D645}\MpKsle3b7fcbb.sys [?]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [20.12.2010 8:50 136176]
S3 CFcatchme;CFcatchme;\??\c:\docume~1\Lucka\LOCALS~1\Temp\CFcatchme.sys --> c:\docume~1\Lucka\LOCALS~1\Temp\CFcatchme.sys [?]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [20.12.2010 8:50 136176]
S3 ICDSX;Sony IC Recorder (SX);c:\windows\system32\drivers\IcdSX.sys [11.10.2010 0:17 31744]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - XUETR
*Deregistered* - XueTr
.
Obsah adresáře 'Naplánované úlohy'
.
2011-09-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-20 06:50]
.
2011-09-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-20 06:50]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\documents and settings\Lucka\Data aplikací\Mozilla\Firefox\Profiles\av491d33.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-09-28 19:37
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(980)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2011-09-28 19:39:04
ComboFix-quarantined-files.txt 2011-09-28 17:39
ComboFix2.txt 2011-09-28 16:56
ComboFix3.txt 2011-09-28 12:17
.
Před spuštěním: Volných bajtů: 29 747 957 760
Po spuštění: Volných bajtů: 29 737 332 736
.
- - End Of File - - 9ABD1735F052A690DA5768142A98A4E1
ComboFix 11-09-26.02 - Lucka 28.09.2011 19:33:42.3.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.613 [GMT 2:00]
Spuštěný z: c:\documents and settings\Lucka\Plocha\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-08-28 do 2011-09-28 )))))))))))))))))))))))))))))))
.
.
2011-09-28 15:32 . 2011-09-28 15:32 -------- d--h--w- c:\windows\system32\GroupPolicy
2011-09-28 10:17 . 2011-09-28 10:17 -------- d-----w- C:\rsit
2011-09-28 10:17 . 2011-09-28 10:17 -------- d-----w- c:\program files\trend micro
2011-09-28 10:16 . 2011-09-28 10:16 -------- d-----w- c:\program files\ESET
2011-09-28 10:16 . 2011-09-28 10:16 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ESET
2011-09-28 09:50 . 2011-09-28 09:50 -------- d-----w- c:\documents and settings\Administrator
2011-09-28 09:49 . 2011-09-28 09:49 -------- d-----w- c:\documents and settings\Lucka\Local Settings\Data aplikací\PCHealth
2011-09-28 09:42 . 2011-09-28 11:50 48016 --sha-w- c:\windows\system32\c_17051.nl_
2011-09-14 19:49 . 2008-04-14 02:21 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2011-09-14 19:49 . 2008-04-14 02:21 21504 ----a-w- c:\windows\system32\hidserv.dll
2011-09-03 10:17 . 2011-09-09 09:12 602112 -c----w- c:\windows\system32\dllcache\crypt32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-28 08:13 . 2011-05-17 18:18 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-09 09:12 . 2004-08-18 12:00 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-07-15 13:29 . 2004-08-18 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02 . 2004-08-18 12:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-09-07 05:41 . 2011-03-24 07:25 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-09-28_12.11.24 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-09-28 17:21 . 2011-09-28 17:21 16384 c:\windows\temp\Perflib_Perfdata_680.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-07-20 7581696]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-03 435096]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth Manager.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth Manager.lnk
backup=c:\windows\pss\Bluetooth Manager.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Lucka^Nabídka Start^Programy^Po spuštění^Adobe Gamma.lnk]
path=c:\documents and settings\Lucka\Nabídka Start\Programy\Po spuštění\Adobe Gamma.lnk
backup=c:\windows\pss\Adobe Gamma.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-03-30 04:59 937920 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-06-08 04:02 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 09:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark X1100 Series]
2003-08-19 14:36 57344 ----a-w- c:\program files\Lexmark X1100 Series\lxbkbmgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 03:22 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2006-07-20 18:58 7581696 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2006-07-20 18:58 86016 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2006-07-20 18:58 1519616 ----a-w- c:\windows\system32\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2011-08-18 15:04 17360520 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 10:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zástupce stránky vlastností sběrnice High Definition Audio]
2005-01-07 15:07 61952 ------w- c:\windows\system32\HdAShCut.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Common Files\\Microsoft Shared\\DW\\DW20.EXE"=
.
S1 MpKsl19c4db5d;MpKsl19c4db5d;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8DB6ED70-307E-43D0-BEA3-629841919AA3}\MpKsl19c4db5d.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8DB6ED70-307E-43D0-BEA3-629841919AA3}\MpKsl19c4db5d.sys [?]
S1 MpKsl3baff57d;MpKsl3baff57d;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{2329368B-5ABB-478B-92FD-16013CCDD8B5}\MpKsl3baff57d.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{2329368B-5ABB-478B-92FD-16013CCDD8B5}\MpKsl3baff57d.sys [?]
S1 MpKsl507acd58;MpKsl507acd58;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{093C17A3-3C47-4462-87EA-972ACC9CF665}\MpKsl507acd58.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{093C17A3-3C47-4462-87EA-972ACC9CF665}\MpKsl507acd58.sys [?]
S1 MpKsl783c19f1;MpKsl783c19f1;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{649E9EBC-EAB1-457B-968A-9BA0DCDF8693}\MpKsl783c19f1.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{649E9EBC-EAB1-457B-968A-9BA0DCDF8693}\MpKsl783c19f1.sys [?]
S1 MpKsl92d6471d;MpKsl92d6471d;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{093C17A3-3C47-4462-87EA-972ACC9CF665}\MpKsl92d6471d.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{093C17A3-3C47-4462-87EA-972ACC9CF665}\MpKsl92d6471d.sys [?]
S1 MpKsl99da5fd8;MpKsl99da5fd8;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{4E920287-8060-4678-885E-688FA5E0C8C8}\MpKsl99da5fd8.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{4E920287-8060-4678-885E-688FA5E0C8C8}\MpKsl99da5fd8.sys [?]
S1 MpKsld7cb9d28;MpKsld7cb9d28;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{7E342DC7-9256-45BE-AF33-2343C0A5AC86}\MpKsld7cb9d28.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{7E342DC7-9256-45BE-AF33-2343C0A5AC86}\MpKsld7cb9d28.sys [?]
S1 MpKsle3b7fcbb;MpKsle3b7fcbb;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{C0F231B9-9D5D-427E-B618-53A3DD85D645}\MpKsle3b7fcbb.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{C0F231B9-9D5D-427E-B618-53A3DD85D645}\MpKsle3b7fcbb.sys [?]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [20.12.2010 8:50 136176]
S3 CFcatchme;CFcatchme;\??\c:\docume~1\Lucka\LOCALS~1\Temp\CFcatchme.sys --> c:\docume~1\Lucka\LOCALS~1\Temp\CFcatchme.sys [?]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [20.12.2010 8:50 136176]
S3 ICDSX;Sony IC Recorder (SX);c:\windows\system32\drivers\IcdSX.sys [11.10.2010 0:17 31744]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - XUETR
*Deregistered* - XueTr
.
Obsah adresáře 'Naplánované úlohy'
.
2011-09-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-20 06:50]
.
2011-09-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-12-20 06:50]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\documents and settings\Lucka\Data aplikací\Mozilla\Firefox\Profiles\av491d33.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-09-28 19:37
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(980)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2011-09-28 19:39:04
ComboFix-quarantined-files.txt 2011-09-28 17:39
ComboFix2.txt 2011-09-28 16:56
ComboFix3.txt 2011-09-28 12:17
.
Před spuštěním: Volných bajtů: 29 747 957 760
Po spuštění: Volných bajtů: 29 737 332 736
.
- - End Of File - - 9ABD1735F052A690DA5768142A98A4E1
Re: viry-vypnuti antiviru, nefunkční internet ...
Internet zatim nechodi, zkusim nainstalovat antivir. Export registru do .reg posilam ppres uschovnu. Zatim dik za pomoc, dobrou noc.
Zitra můžu pokračovat až tak po 18 hodině
http://www.uschovna.cz/zasilka/D1IXJ693R9IGS6YC-8LP
Zitra můžu pokračovat až tak po 18 hodině
http://www.uschovna.cz/zasilka/D1IXJ693R9IGS6YC-8LP
Re: viry-vypnuti antiviru, nefunkční internet ...
Zdravim,
jen narychlo z práce, ještě jsem včera přehlédl postup:
Jo přes xuetr vymaž všechny soubory v
%USERPROFILE%\AppData\LocalLow\Sun\Java\Deployment\cache
%APPDATA%\Sun\Java\Deployment\cache
%LOCALAPPDATA%\Sun\Java\Deployment\cache
Udělám, hned jak dorazím, zkoušel jsem zatím instal NODu bezúspěšně, je ale možné, že mám nějakou divnou verzi, zkusím ještě jiný antivir. Kasperský mi ze skenu pořád háže nějakých 11 chyb. Internet zatím stále nejede ale je dost možné, že to je už mýma rukama. Tam bych případně potřeboval detailnější postup
heh, jen dát opravit připojení nefunguje.. hlásí problém s TPC/IP. (notas je připojen přes kabel a zároveň chytá wifi, ani jedna z věcí nejede, ping taky nereaguje).
Zatím díky...
jen narychlo z práce, ještě jsem včera přehlédl postup:
Jo přes xuetr vymaž všechny soubory v
%USERPROFILE%\AppData\LocalLow\Sun\Java\Deployment\cache
%APPDATA%\Sun\Java\Deployment\cache
%LOCALAPPDATA%\Sun\Java\Deployment\cache
Udělám, hned jak dorazím, zkoušel jsem zatím instal NODu bezúspěšně, je ale možné, že mám nějakou divnou verzi, zkusím ještě jiný antivir. Kasperský mi ze skenu pořád háže nějakých 11 chyb. Internet zatím stále nejede ale je dost možné, že to je už mýma rukama. Tam bych případně potřeboval detailnější postup
heh, jen dát opravit připojení nefunguje.. hlásí problém s TPC/IP. (notas je připojen přes kabel a zároveň chytá wifi, ani jedna z věcí nejede, ping taky nereaguje).Zatím díky...
Re: viry-vypnuti antiviru, nefunkční internet ...
Nemám to u sebe, dostanu se k tomu tak za hoďku. Z modemu (UPC tuším) jde kabel do routeru a z něj kabel do PC. Předtím tam byla v pc nastavená adresa dynamická mám ten dojem. Problém je, že na tu wifi jí běží ještě soused a nerad bych se v tom routeru nějak moc hrabal, má tam nastavované povolené IP adresy ručně. Kouknu se na to a zkusím případně popsat detailněji 
Re: viry-vypnuti antiviru, nefunkční internet ...
Je mozne takovou sbirku pobrat jen z prohlizeni jedne warez stranky? Zadne stahovani, instalovani, otevirani... Prijde mi to trosku divne.
Re: viry-vypnuti antiviru, nefunkční internet ...
zbytky antiviru uspěšně odstraněny. Mám teď instalovat nový? Když by mi potom akorát blokoval CF...
V stavu přiojení přes kabel hlásí připojeno, žádný packety to ale nepřijímá, jen odesílá a to nepatrně. V podpoře nejsou žádné údaje, IP, maska, brána... v podrobnostech také ne. Pži opravit hlásí Zjištění nastevní TCP/IP pro pžipojení se nezdařilo.
Ty soubory na smazání v xuetru mám hledat kde přesně?
tady máš log z kašpera
18:22:34.0093 3376 TDSS rootkit removing tool 2.6.2.0 Sep 26 2011 18:56:43
18:22:34.0093 3376 ============================================================
18:22:34.0093 3376 Current date / time: 2011/09/29 18:22:34.0093
18:22:34.0093 3376 SystemInfo:
18:22:34.0093 3376
18:22:34.0093 3376 OS Version: 5.1.2600 ServicePack: 3.0
18:22:34.0093 3376 Product type: Workstation
18:22:34.0093 3376 ComputerName: LUU
18:22:34.0093 3376 UserName: Lucka
18:22:34.0093 3376 Windows directory: C:\WINDOWS
18:22:34.0093 3376 System windows directory: C:\WINDOWS
18:22:34.0093 3376 Processor architecture: Intel x86
18:22:34.0093 3376 Number of processors: 2
18:22:34.0093 3376 Page size: 0x1000
18:22:34.0093 3376 Boot type: Normal boot
18:22:34.0093 3376 ============================================================
18:22:34.0843 3376 Initialize success
18:22:39.0968 3380 ============================================================
18:22:39.0968 3380 Scan started
18:22:39.0968 3380 Mode: Manual; SigCheck; TDLFS;
18:22:39.0968 3380 ============================================================
18:22:41.0109 3380 Abiosdsk - ok
18:22:41.0140 3380 abp480n5 - ok
18:22:41.0234 3380 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:22:41.0500 3380 ACPI - ok
18:22:41.0593 3380 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
18:22:41.0703 3380 ACPIEC - ok
18:22:41.0796 3380 ADIHdAudAddService (be1423364bb05a6b1751a1e9515e6cac) C:\WINDOWS\system32\drivers\ADIHdAud.sys
18:22:41.0859 3380 ADIHdAudAddService - ok
18:22:41.0906 3380 adpu160m - ok
18:22:41.0984 3380 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
18:22:42.0093 3380 aec - ok
18:22:42.0187 3380 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
18:22:42.0250 3380 AFD - ok
18:22:42.0328 3380 Aha154x - ok
18:22:42.0375 3380 aic78u2 - ok
18:22:42.0406 3380 aic78xx - ok
18:22:42.0437 3380 AliIde - ok
18:22:42.0500 3380 amsint - ok
18:22:42.0562 3380 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
18:22:42.0656 3380 Arp1394 - ok
18:22:42.0718 3380 asc - ok
18:22:42.0750 3380 asc3350p - ok
18:22:42.0828 3380 asc3550 - ok
18:22:42.0921 3380 asuskbnt (f5c2ccdb273a546e9c3a15250f1d9165) C:\WINDOWS\system32\drivers\atkkbnt.sys
18:22:42.0937 3380 asuskbnt ( UnsignedFile.Multi.Generic ) - warning
18:22:42.0937 3380 asuskbnt - detected UnsignedFile.Multi.Generic (1)
18:22:42.0984 3380 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:22:43.0093 3380 AsyncMac - ok
18:22:43.0156 3380 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
18:22:43.0281 3380 atapi - ok
18:22:43.0328 3380 Atdisk - ok
18:22:43.0453 3380 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:22:43.0578 3380 Atmarpc - ok
18:22:43.0906 3380 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
18:22:44.0046 3380 audstub - ok
18:22:44.0500 3380 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
18:22:44.0640 3380 Beep - ok
18:22:44.0812 3380 catchme - ok
18:22:44.0937 3380 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
18:22:45.0109 3380 cbidf2k - ok
18:22:45.0281 3380 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
18:22:45.0437 3380 CCDECODE - ok
18:22:45.0765 3380 cd20xrnt - ok
18:22:45.0890 3380 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
18:22:46.0015 3380 Cdaudio - ok
18:22:46.0250 3380 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
18:22:46.0406 3380 Cdfs - ok
18:22:46.0625 3380 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:22:46.0734 3380 Cdrom - ok
18:22:46.0875 3380 CFcatchme - ok
18:22:47.0031 3380 Changer - ok
18:22:47.0171 3380 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
18:22:47.0296 3380 CmBatt - ok
18:22:47.0406 3380 CmdIde - ok
18:22:47.0515 3380 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
18:22:47.0640 3380 Compbatt - ok
18:22:47.0906 3380 Cpqarray - ok
18:22:47.0921 3380 dac2w2k - ok
18:22:47.0937 3380 dac960nt - ok
18:22:48.0015 3380 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
18:22:48.0125 3380 Disk - ok
18:22:48.0187 3380 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
18:22:48.0343 3380 dmboot - ok
18:22:48.0453 3380 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
18:22:48.0562 3380 dmio - ok
18:22:48.0609 3380 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
18:22:48.0703 3380 dmload - ok
18:22:48.0765 3380 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
18:22:48.0859 3380 DMusic - ok
18:22:48.0875 3380 dpti2o - ok
18:22:48.0890 3380 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
18:22:48.0968 3380 drmkaud - ok
18:22:49.0046 3380 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
18:22:49.0140 3380 Fastfat - ok
18:22:49.0171 3380 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
18:22:49.0265 3380 Fdc - ok
18:22:49.0296 3380 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
18:22:49.0406 3380 Fips - ok
18:22:49.0468 3380 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
18:22:49.0562 3380 Flpydisk - ok
18:22:49.0593 3380 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
18:22:49.0703 3380 FltMgr - ok
18:22:49.0765 3380 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:22:49.0875 3380 Fs_Rec - ok
18:22:49.0921 3380 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:22:50.0046 3380 Ftdisk - ok
18:22:50.0093 3380 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:22:50.0171 3380 Gpc - ok
18:22:50.0218 3380 HdAudAddService (2a013e7530beab6e569faa83f517e836) C:\WINDOWS\system32\drivers\HdAudio.sys
18:22:50.0265 3380 HdAudAddService - ok
18:22:50.0375 3380 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
18:22:50.0500 3380 HDAudBus - ok
18:22:50.0546 3380 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:22:50.0640 3380 HidUsb - ok
18:22:50.0656 3380 hpn - ok
18:22:50.0703 3380 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
18:22:50.0734 3380 HTTP - ok
18:22:50.0750 3380 i2omgmt - ok
18:22:50.0750 3380 i2omp - ok
18:22:50.0812 3380 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
18:22:50.0921 3380 i8042prt - ok
18:22:51.0015 3380 ICDSX (9404719c43986ef811e69520db411516) C:\WINDOWS\system32\Drivers\ICDSX.sys
18:22:51.0078 3380 ICDSX - ok
18:22:51.0093 3380 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
18:22:51.0203 3380 Imapi - ok
18:22:51.0250 3380 ini910u - ok
18:22:51.0281 3380 IntelIde - ok
18:22:51.0375 3380 intelppm (27b290d632af2cf3cf40bfddb7370985) C:\WINDOWS\system32\DRIVERS\intelppm.sys
18:22:51.0468 3380 intelppm - ok
18:22:51.0531 3380 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
18:22:51.0640 3380 Ip6Fw - ok
18:22:51.0734 3380 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:22:51.0843 3380 IpFilterDriver - ok
18:22:51.0890 3380 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:22:52.0000 3380 IpInIp - ok
18:22:52.0031 3380 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:22:52.0140 3380 IpNat - ok
18:22:52.0171 3380 IPSec (2e17fe76fa4ad3a4a297ff536f00e181) C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:22:52.0171 3380 IPSec ( UnsignedFile.Multi.Generic ) - warning
18:22:52.0171 3380 IPSec - detected UnsignedFile.Multi.Generic (1)
18:22:52.0203 3380 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
18:22:52.0312 3380 irda - ok
18:22:52.0390 3380 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
18:22:52.0484 3380 IRENUM - ok
18:22:52.0531 3380 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:22:52.0609 3380 isapnp - ok
18:22:52.0671 3380 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:22:52.0781 3380 Kbdclass - ok
18:22:52.0812 3380 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
18:22:52.0921 3380 kmixer - ok
18:22:52.0953 3380 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
18:22:53.0046 3380 KSecDD - ok
18:22:53.0093 3380 lbrtfdc - ok
18:22:53.0265 3380 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
18:22:53.0781 3380 mnmdd - ok
18:22:53.0875 3380 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
18:22:53.0984 3380 Modem - ok
18:22:54.0031 3380 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:22:54.0125 3380 Mouclass - ok
18:22:54.0187 3380 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
18:22:54.0296 3380 mouhid - ok
18:22:54.0375 3380 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
18:22:54.0484 3380 MountMgr - ok
18:22:54.0515 3380 MpKsl19c4db5d - ok
18:22:54.0531 3380 MpKsl3baff57d - ok
18:22:54.0531 3380 MpKsl507acd58 - ok
18:22:54.0531 3380 MpKsl783c19f1 - ok
18:22:54.0531 3380 MpKsl92d6471d - ok
18:22:54.0531 3380 MpKsl99da5fd8 - ok
18:22:54.0546 3380 MpKsld7cb9d28 - ok
18:22:54.0546 3380 MpKsle3b7fcbb - ok
18:22:54.0593 3380 mraid35x - ok
18:22:54.0671 3380 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:22:54.0781 3380 MRxDAV - ok
18:22:54.0859 3380 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:22:54.0953 3380 MRxSmb - ok
18:22:55.0015 3380 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
18:22:55.0109 3380 Msfs - ok
18:22:55.0171 3380 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:22:55.0281 3380 MSKSSRV - ok
18:22:55.0531 3380 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:22:55.0640 3380 MSPCLOCK - ok
18:22:55.0781 3380 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
18:22:55.0875 3380 MSPQM - ok
18:22:55.0984 3380 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:22:56.0078 3380 mssmbios - ok
18:22:56.0171 3380 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
18:22:56.0296 3380 MSTEE - ok
18:22:56.0390 3380 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
18:22:56.0437 3380 Mup - ok
18:22:56.0531 3380 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
18:22:56.0640 3380 NABTSFEC - ok
18:22:56.0750 3380 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
18:22:56.0859 3380 NDIS - ok
18:22:56.0953 3380 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
18:22:57.0062 3380 NdisIP - ok
18:22:57.0109 3380 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:22:57.0140 3380 NdisTapi - ok
18:22:57.0203 3380 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:22:57.0296 3380 Ndisuio - ok
18:22:57.0312 3380 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:22:57.0421 3380 NdisWan - ok
18:22:57.0453 3380 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
18:22:57.0484 3380 NDProxy - ok
18:22:57.0546 3380 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
18:22:57.0640 3380 NetBIOS - ok
18:22:57.0734 3380 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
18:22:57.0843 3380 NetBT - ok
18:22:57.0984 3380 NETw3x32 (71371ed9086a3d65f43967c89634e9a9) C:\WINDOWS\system32\DRIVERS\NETw3x32.sys
18:22:58.0140 3380 NETw3x32 - ok
18:22:58.0218 3380 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
18:22:58.0328 3380 NIC1394 - ok
18:22:58.0390 3380 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
18:22:58.0484 3380 Npfs - ok
18:22:58.0562 3380 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
18:22:58.0671 3380 Ntfs - ok
18:22:58.0734 3380 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
18:22:58.0843 3380 Null - ok
18:22:59.0062 3380 nv (59e5d945934ec2e7eaa22af81813dabf) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
18:22:59.0406 3380 nv - ok
18:22:59.0546 3380 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:22:59.0656 3380 NwlnkFlt - ok
18:22:59.0703 3380 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:22:59.0796 3380 NwlnkFwd - ok
18:22:59.0875 3380 NwlnkIpx (8b8b1be2dba4025da6786c645f77f123) C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
18:22:59.0984 3380 NwlnkIpx - ok
18:23:00.0046 3380 NwlnkNb (56d34a67c05e94e16377c60609741ff8) C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
18:23:00.0140 3380 NwlnkNb - ok
18:23:00.0234 3380 NwlnkSpx (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
18:23:00.0312 3380 NwlnkSpx - ok
18:23:00.0390 3380 NWRDR (36b9b950e3d2e100970a48d8bad86740) C:\WINDOWS\system32\DRIVERS\nwrdr.sys
18:23:00.0500 3380 NWRDR - ok
18:23:00.0531 3380 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
18:23:00.0640 3380 ohci1394 - ok
18:23:00.0703 3380 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\drivers\Parport.sys
18:23:01.0203 3380 Parport - ok
18:23:01.0218 3380 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
18:23:01.0328 3380 PartMgr - ok
18:23:01.0375 3380 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
18:23:01.0453 3380 ParVdm - ok
18:23:01.0484 3380 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
18:23:01.0578 3380 PCI - ok
18:23:01.0625 3380 PCIDump - ok
18:23:01.0656 3380 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
18:23:01.0765 3380 PCIIde - ok
18:23:01.0843 3380 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
18:23:01.0921 3380 Pcmcia - ok
18:23:01.0968 3380 PDCOMP - ok
18:23:02.0000 3380 PDFRAME - ok
18:23:02.0046 3380 PDRELI - ok
18:23:02.0125 3380 PDRFRAME - ok
18:23:02.0156 3380 perc2 - ok
18:23:02.0187 3380 perc2hib - ok
18:23:02.0265 3380 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:23:02.0375 3380 PptpMiniport - ok
18:23:02.0656 3380 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
18:23:02.0734 3380 PSched - ok
18:23:02.0812 3380 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:23:02.0890 3380 Ptilink - ok
18:23:02.0921 3380 ql1080 - ok
18:23:02.0921 3380 Ql10wnt - ok
18:23:02.0937 3380 ql12160 - ok
18:23:02.0953 3380 ql1240 - ok
18:23:02.0953 3380 ql1280 - ok
18:23:02.0968 3380 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:23:03.0078 3380 RasAcd - ok
18:23:03.0156 3380 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
18:23:03.0234 3380 Rasirda - ok
18:23:03.0265 3380 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:23:03.0375 3380 Rasl2tp - ok
18:23:03.0421 3380 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:23:03.0515 3380 RasPppoe - ok
18:23:03.0593 3380 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
18:23:03.0703 3380 Raspti - ok
18:23:03.0796 3380 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:23:03.0890 3380 Rdbss - ok
18:23:03.0968 3380 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:23:04.0062 3380 RDPCDD - ok
18:23:04.0109 3380 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
18:23:04.0218 3380 rdpdr - ok
18:23:04.0359 3380 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
18:23:04.0406 3380 RDPWD - ok
18:23:04.0468 3380 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
18:23:04.0562 3380 redbook - ok
18:23:04.0609 3380 rimmptsk (24ed7af20651f9fa1f249482e7c1f165) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
18:23:04.0656 3380 rimmptsk - ok
18:23:04.0687 3380 rimsptsk (1bdba2d2d402415a78a4ba766dfe0f7b) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
18:23:04.0750 3380 rimsptsk - ok
18:23:04.0796 3380 rismxdp (f774ecd11a064f0debb2d4395418153c) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
18:23:04.0875 3380 rismxdp - ok
18:23:04.0953 3380 RTL8023xp (d6e1b1bd04fad422af17fc4b810cb9af) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
18:23:04.0984 3380 RTL8023xp - ok
18:23:05.0125 3380 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
18:23:05.0218 3380 sdbus - ok
18:23:05.0312 3380 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:23:05.0421 3380 Secdrv - ok
18:23:05.0500 3380 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\drivers\Serial.sys
18:23:05.0609 3380 Serial - ok
18:23:05.0656 3380 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
18:23:05.0765 3380 sffdisk - ok
18:23:05.0796 3380 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
18:23:05.0890 3380 sffp_sd - ok
18:23:05.0953 3380 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
18:23:06.0046 3380 Sfloppy - ok
18:23:06.0093 3380 Simbad - ok
18:23:06.0156 3380 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
18:23:06.0250 3380 SLIP - ok
18:23:06.0390 3380 SMCIRDA (faedd4ac72c5772672cce88b3adafa56) C:\WINDOWS\system32\DRIVERS\smcirda.sys
18:23:06.0437 3380 SMCIRDA - ok
18:23:06.0484 3380 Sparrow - ok
18:23:06.0609 3380 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
18:23:06.0718 3380 splitter - ok
18:23:06.0796 3380 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
18:23:06.0890 3380 sr - ok
18:23:07.0031 3380 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
18:23:07.0109 3380 Srv - ok
18:23:07.0187 3380 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
18:23:07.0296 3380 streamip - ok
18:23:07.0328 3380 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
18:23:07.0437 3380 swenum - ok
18:23:07.0484 3380 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
18:23:07.0578 3380 swmidi - ok
18:23:07.0593 3380 symc810 - ok
18:23:07.0609 3380 symc8xx - ok
18:23:07.0609 3380 sym_hi - ok
18:23:07.0625 3380 sym_u3 - ok
18:23:07.0656 3380 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
18:23:07.0750 3380 sysaudio - ok
18:23:07.0828 3380 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:23:07.0937 3380 Tcpip - ok
18:23:08.0015 3380 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
18:23:08.0125 3380 TDPIPE - ok
18:23:08.0187 3380 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
18:23:08.0296 3380 TDTCP - ok
18:23:08.0390 3380 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
18:23:08.0484 3380 TermDD - ok
18:23:08.0593 3380 toshidpt (e362d54fd394999c4178936396664e57) C:\WINDOWS\system32\drivers\Toshidpt.sys
18:23:08.0609 3380 toshidpt ( UnsignedFile.Multi.Generic ) - warning
18:23:08.0609 3380 toshidpt - detected UnsignedFile.Multi.Generic (1)
18:23:08.0671 3380 TosIde - ok
18:23:08.0750 3380 tosporte (02ebf69066d6f208af4d07481bbae0ad) C:\WINDOWS\system32\DRIVERS\tosporte.sys
18:23:08.0781 3380 tosporte ( UnsignedFile.Multi.Generic ) - warning
18:23:08.0781 3380 tosporte - detected UnsignedFile.Multi.Generic (1)
18:23:08.0937 3380 Tosrfbd (b52d9ce4a1f2feb1c77f913b55768530) C:\WINDOWS\system32\Drivers\tosrfbd.sys
18:23:08.0953 3380 Tosrfbd ( UnsignedFile.Multi.Generic ) - warning
18:23:08.0953 3380 Tosrfbd - detected UnsignedFile.Multi.Generic (1)
18:23:09.0000 3380 Tosrfbnp (1ae2ba74b2a4f5a358b13fcd35258c30) C:\WINDOWS\system32\Drivers\tosrfbnp.sys
18:23:09.0015 3380 Tosrfbnp ( UnsignedFile.Multi.Generic ) - warning
18:23:09.0015 3380 Tosrfbnp - detected UnsignedFile.Multi.Generic (1)
18:23:09.0062 3380 Tosrfcom (5ba1ca3b3cddb1ddc67df473f05d1ec2) C:\WINDOWS\system32\Drivers\tosrfcom.sys
18:23:09.0078 3380 Tosrfcom ( UnsignedFile.Multi.Generic ) - warning
18:23:09.0078 3380 Tosrfcom - detected UnsignedFile.Multi.Generic (1)
18:23:09.0125 3380 Tosrfhid (8310963d2d06860e272eec87bca4217a) C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys
18:23:09.0140 3380 Tosrfhid ( UnsignedFile.Multi.Generic ) - warning
18:23:09.0140 3380 Tosrfhid - detected UnsignedFile.Multi.Generic (1)
18:23:09.0203 3380 tosrfnds (c52fd27b9adf3a1f22cb90e6bcf9b0cb) C:\WINDOWS\system32\DRIVERS\tosrfnds.sys
18:23:09.0218 3380 tosrfnds ( UnsignedFile.Multi.Generic ) - warning
18:23:09.0218 3380 tosrfnds - detected UnsignedFile.Multi.Generic (1)
18:23:09.0406 3380 TosRfSnd (ab6fd13d7efa2634fa6bdf84c7ef0696) C:\WINDOWS\system32\drivers\TosRfSnd.sys
18:23:09.0437 3380 TosRfSnd ( UnsignedFile.Multi.Generic ) - warning
18:23:09.0437 3380 TosRfSnd - detected UnsignedFile.Multi.Generic (1)
18:23:09.0484 3380 Tosrfusb (c639fc314ea7436325ade8cd514b627c) C:\WINDOWS\system32\Drivers\tosrfusb.sys
18:23:09.0484 3380 Tosrfusb ( UnsignedFile.Multi.Generic ) - warning
18:23:09.0484 3380 Tosrfusb - detected UnsignedFile.Multi.Generic (1)
18:23:09.0562 3380 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
18:23:09.0671 3380 Udfs - ok
18:23:09.0734 3380 ultra - ok
18:23:09.0828 3380 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
18:23:09.0968 3380 Update - ok
18:23:10.0078 3380 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:23:10.0171 3380 usbehci - ok
18:23:10.0218 3380 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:23:10.0328 3380 usbhub - ok
18:23:10.0406 3380 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
18:23:10.0500 3380 usbprint - ok
18:23:10.0578 3380 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
18:23:10.0687 3380 usbscan - ok
18:23:10.0781 3380 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:23:10.0890 3380 USBSTOR - ok
18:23:10.0937 3380 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
18:23:11.0031 3380 usbuhci - ok
18:23:11.0125 3380 usbvm321 (bce87e9547a6c8815f64cd3c80733bc7) C:\WINDOWS\system32\Drivers\usbvm321.sys
18:23:11.0156 3380 usbvm321 - ok
18:23:11.0296 3380 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
18:23:11.0406 3380 VgaSave - ok
18:23:11.0468 3380 ViaIde - ok
18:23:11.0531 3380 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
18:23:11.0625 3380 VolSnap - ok
18:23:11.0687 3380 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:23:11.0796 3380 Wanarp - ok
18:23:11.0828 3380 WDICA - ok
18:23:11.0890 3380 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
18:23:11.0984 3380 wdmaud - ok
18:23:12.0078 3380 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
18:23:12.0171 3380 WSTCODEC - ok
18:23:12.0218 3380 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
18:23:12.0281 3380 WudfPf - ok
18:23:12.0328 3380 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
18:23:12.0375 3380 WudfRd - ok
18:23:12.0406 3380 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
18:23:12.0609 3380 \Device\Harddisk0\DR0 - ok
18:23:12.0625 3380 MBR (0x1B8) (f1a02ca4aafdb0f687f3961df0048c74) \Device\Harddisk1\DR2
18:23:12.0843 3380 \Device\Harddisk1\DR2 - ok
18:23:12.0843 3380 Boot (0x1200) (fc843fc1bc011f2e0f49efbfd770ea57) \Device\Harddisk0\DR0\Partition0
18:23:12.0843 3380 \Device\Harddisk0\DR0\Partition0 - ok
18:23:12.0843 3380 ============================================================
18:23:12.0843 3380 Scan finished
18:23:12.0843 3380 ============================================================
18:23:12.0953 3384 Detected object count: 11
18:23:12.0953 3384 Actual detected object count: 11
18:23:36.0031 3384 asuskbnt ( UnsignedFile.Multi.Generic ) - skipped by user
18:23:36.0031 3384 asuskbnt ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:23:36.0031 3384 IPSec ( UnsignedFile.Multi.Generic ) - skipped by user
18:23:36.0031 3384 IPSec ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:23:36.0031 3384 toshidpt ( UnsignedFile.Multi.Generic ) - skipped by user
18:23:36.0031 3384 toshidpt ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:23:36.0031 3384 tosporte ( UnsignedFile.Multi.Generic ) - skipped by user
18:23:36.0031 3384 tosporte ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:23:36.0031 3384 Tosrfbd ( UnsignedFile.Multi.Generic ) - skipped by user
18:23:36.0031 3384 Tosrfbd ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:23:36.0031 3384 Tosrfbnp ( UnsignedFile.Multi.Generic ) - skipped by user
18:23:36.0031 3384 Tosrfbnp ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:23:36.0031 3384 Tosrfcom ( UnsignedFile.Multi.Generic ) - skipped by user
18:23:36.0031 3384 Tosrfcom ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:23:36.0031 3384 Tosrfhid ( UnsignedFile.Multi.Generic ) - skipped by user
18:23:36.0031 3384 Tosrfhid ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:23:36.0031 3384 tosrfnds ( UnsignedFile.Multi.Generic ) - skipped by user
18:23:36.0031 3384 tosrfnds ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:23:36.0031 3384 TosRfSnd ( UnsignedFile.Multi.Generic ) - skipped by user
18:23:36.0031 3384 TosRfSnd ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:23:36.0031 3384 Tosrfusb ( UnsignedFile.Multi.Generic ) - skipped by user
18:23:36.0031 3384 Tosrfusb ( UnsignedFile.Multi.Generic ) - User select action: Skip
V stavu přiojení přes kabel hlásí připojeno, žádný packety to ale nepřijímá, jen odesílá a to nepatrně. V podpoře nejsou žádné údaje, IP, maska, brána... v podrobnostech také ne. Pži opravit hlásí Zjištění nastevní TCP/IP pro pžipojení se nezdařilo.
Ty soubory na smazání v xuetru mám hledat kde přesně?
tady máš log z kašpera
18:22:34.0093 3376 TDSS rootkit removing tool 2.6.2.0 Sep 26 2011 18:56:43
18:22:34.0093 3376 ============================================================
18:22:34.0093 3376 Current date / time: 2011/09/29 18:22:34.0093
18:22:34.0093 3376 SystemInfo:
18:22:34.0093 3376
18:22:34.0093 3376 OS Version: 5.1.2600 ServicePack: 3.0
18:22:34.0093 3376 Product type: Workstation
18:22:34.0093 3376 ComputerName: LUU
18:22:34.0093 3376 UserName: Lucka
18:22:34.0093 3376 Windows directory: C:\WINDOWS
18:22:34.0093 3376 System windows directory: C:\WINDOWS
18:22:34.0093 3376 Processor architecture: Intel x86
18:22:34.0093 3376 Number of processors: 2
18:22:34.0093 3376 Page size: 0x1000
18:22:34.0093 3376 Boot type: Normal boot
18:22:34.0093 3376 ============================================================
18:22:34.0843 3376 Initialize success
18:22:39.0968 3380 ============================================================
18:22:39.0968 3380 Scan started
18:22:39.0968 3380 Mode: Manual; SigCheck; TDLFS;
18:22:39.0968 3380 ============================================================
18:22:41.0109 3380 Abiosdsk - ok
18:22:41.0140 3380 abp480n5 - ok
18:22:41.0234 3380 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:22:41.0500 3380 ACPI - ok
18:22:41.0593 3380 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
18:22:41.0703 3380 ACPIEC - ok
18:22:41.0796 3380 ADIHdAudAddService (be1423364bb05a6b1751a1e9515e6cac) C:\WINDOWS\system32\drivers\ADIHdAud.sys
18:22:41.0859 3380 ADIHdAudAddService - ok
18:22:41.0906 3380 adpu160m - ok
18:22:41.0984 3380 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
18:22:42.0093 3380 aec - ok
18:22:42.0187 3380 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
18:22:42.0250 3380 AFD - ok
18:22:42.0328 3380 Aha154x - ok
18:22:42.0375 3380 aic78u2 - ok
18:22:42.0406 3380 aic78xx - ok
18:22:42.0437 3380 AliIde - ok
18:22:42.0500 3380 amsint - ok
18:22:42.0562 3380 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
18:22:42.0656 3380 Arp1394 - ok
18:22:42.0718 3380 asc - ok
18:22:42.0750 3380 asc3350p - ok
18:22:42.0828 3380 asc3550 - ok
18:22:42.0921 3380 asuskbnt (f5c2ccdb273a546e9c3a15250f1d9165) C:\WINDOWS\system32\drivers\atkkbnt.sys
18:22:42.0937 3380 asuskbnt ( UnsignedFile.Multi.Generic ) - warning
18:22:42.0937 3380 asuskbnt - detected UnsignedFile.Multi.Generic (1)
18:22:42.0984 3380 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:22:43.0093 3380 AsyncMac - ok
18:22:43.0156 3380 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
18:22:43.0281 3380 atapi - ok
18:22:43.0328 3380 Atdisk - ok
18:22:43.0453 3380 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:22:43.0578 3380 Atmarpc - ok
18:22:43.0906 3380 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
18:22:44.0046 3380 audstub - ok
18:22:44.0500 3380 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
18:22:44.0640 3380 Beep - ok
18:22:44.0812 3380 catchme - ok
18:22:44.0937 3380 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
18:22:45.0109 3380 cbidf2k - ok
18:22:45.0281 3380 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
18:22:45.0437 3380 CCDECODE - ok
18:22:45.0765 3380 cd20xrnt - ok
18:22:45.0890 3380 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
18:22:46.0015 3380 Cdaudio - ok
18:22:46.0250 3380 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
18:22:46.0406 3380 Cdfs - ok
18:22:46.0625 3380 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:22:46.0734 3380 Cdrom - ok
18:22:46.0875 3380 CFcatchme - ok
18:22:47.0031 3380 Changer - ok
18:22:47.0171 3380 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
18:22:47.0296 3380 CmBatt - ok
18:22:47.0406 3380 CmdIde - ok
18:22:47.0515 3380 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
18:22:47.0640 3380 Compbatt - ok
18:22:47.0906 3380 Cpqarray - ok
18:22:47.0921 3380 dac2w2k - ok
18:22:47.0937 3380 dac960nt - ok
18:22:48.0015 3380 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
18:22:48.0125 3380 Disk - ok
18:22:48.0187 3380 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
18:22:48.0343 3380 dmboot - ok
18:22:48.0453 3380 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
18:22:48.0562 3380 dmio - ok
18:22:48.0609 3380 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
18:22:48.0703 3380 dmload - ok
18:22:48.0765 3380 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
18:22:48.0859 3380 DMusic - ok
18:22:48.0875 3380 dpti2o - ok
18:22:48.0890 3380 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
18:22:48.0968 3380 drmkaud - ok
18:22:49.0046 3380 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
18:22:49.0140 3380 Fastfat - ok
18:22:49.0171 3380 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
18:22:49.0265 3380 Fdc - ok
18:22:49.0296 3380 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
18:22:49.0406 3380 Fips - ok
18:22:49.0468 3380 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
18:22:49.0562 3380 Flpydisk - ok
18:22:49.0593 3380 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
18:22:49.0703 3380 FltMgr - ok
18:22:49.0765 3380 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:22:49.0875 3380 Fs_Rec - ok
18:22:49.0921 3380 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:22:50.0046 3380 Ftdisk - ok
18:22:50.0093 3380 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:22:50.0171 3380 Gpc - ok
18:22:50.0218 3380 HdAudAddService (2a013e7530beab6e569faa83f517e836) C:\WINDOWS\system32\drivers\HdAudio.sys
18:22:50.0265 3380 HdAudAddService - ok
18:22:50.0375 3380 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
18:22:50.0500 3380 HDAudBus - ok
18:22:50.0546 3380 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:22:50.0640 3380 HidUsb - ok
18:22:50.0656 3380 hpn - ok
18:22:50.0703 3380 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
18:22:50.0734 3380 HTTP - ok
18:22:50.0750 3380 i2omgmt - ok
18:22:50.0750 3380 i2omp - ok
18:22:50.0812 3380 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
18:22:50.0921 3380 i8042prt - ok
18:22:51.0015 3380 ICDSX (9404719c43986ef811e69520db411516) C:\WINDOWS\system32\Drivers\ICDSX.sys
18:22:51.0078 3380 ICDSX - ok
18:22:51.0093 3380 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
18:22:51.0203 3380 Imapi - ok
18:22:51.0250 3380 ini910u - ok
18:22:51.0281 3380 IntelIde - ok
18:22:51.0375 3380 intelppm (27b290d632af2cf3cf40bfddb7370985) C:\WINDOWS\system32\DRIVERS\intelppm.sys
18:22:51.0468 3380 intelppm - ok
18:22:51.0531 3380 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
18:22:51.0640 3380 Ip6Fw - ok
18:22:51.0734 3380 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:22:51.0843 3380 IpFilterDriver - ok
18:22:51.0890 3380 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:22:52.0000 3380 IpInIp - ok
18:22:52.0031 3380 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:22:52.0140 3380 IpNat - ok
18:22:52.0171 3380 IPSec (2e17fe76fa4ad3a4a297ff536f00e181) C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:22:52.0171 3380 IPSec ( UnsignedFile.Multi.Generic ) - warning
18:22:52.0171 3380 IPSec - detected UnsignedFile.Multi.Generic (1)
18:22:52.0203 3380 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
18:22:52.0312 3380 irda - ok
18:22:52.0390 3380 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
18:22:52.0484 3380 IRENUM - ok
18:22:52.0531 3380 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:22:52.0609 3380 isapnp - ok
18:22:52.0671 3380 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:22:52.0781 3380 Kbdclass - ok
18:22:52.0812 3380 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
18:22:52.0921 3380 kmixer - ok
18:22:52.0953 3380 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
18:22:53.0046 3380 KSecDD - ok
18:22:53.0093 3380 lbrtfdc - ok
18:22:53.0265 3380 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
18:22:53.0781 3380 mnmdd - ok
18:22:53.0875 3380 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
18:22:53.0984 3380 Modem - ok
18:22:54.0031 3380 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:22:54.0125 3380 Mouclass - ok
18:22:54.0187 3380 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
18:22:54.0296 3380 mouhid - ok
18:22:54.0375 3380 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
18:22:54.0484 3380 MountMgr - ok
18:22:54.0515 3380 MpKsl19c4db5d - ok
18:22:54.0531 3380 MpKsl3baff57d - ok
18:22:54.0531 3380 MpKsl507acd58 - ok
18:22:54.0531 3380 MpKsl783c19f1 - ok
18:22:54.0531 3380 MpKsl92d6471d - ok
18:22:54.0531 3380 MpKsl99da5fd8 - ok
18:22:54.0546 3380 MpKsld7cb9d28 - ok
18:22:54.0546 3380 MpKsle3b7fcbb - ok
18:22:54.0593 3380 mraid35x - ok
18:22:54.0671 3380 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:22:54.0781 3380 MRxDAV - ok
18:22:54.0859 3380 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:22:54.0953 3380 MRxSmb - ok
18:22:55.0015 3380 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
18:22:55.0109 3380 Msfs - ok
18:22:55.0171 3380 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:22:55.0281 3380 MSKSSRV - ok
18:22:55.0531 3380 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:22:55.0640 3380 MSPCLOCK - ok
18:22:55.0781 3380 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
18:22:55.0875 3380 MSPQM - ok
18:22:55.0984 3380 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:22:56.0078 3380 mssmbios - ok
18:22:56.0171 3380 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
18:22:56.0296 3380 MSTEE - ok
18:22:56.0390 3380 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
18:22:56.0437 3380 Mup - ok
18:22:56.0531 3380 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
18:22:56.0640 3380 NABTSFEC - ok
18:22:56.0750 3380 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
18:22:56.0859 3380 NDIS - ok
18:22:56.0953 3380 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
18:22:57.0062 3380 NdisIP - ok
18:22:57.0109 3380 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:22:57.0140 3380 NdisTapi - ok
18:22:57.0203 3380 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:22:57.0296 3380 Ndisuio - ok
18:22:57.0312 3380 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:22:57.0421 3380 NdisWan - ok
18:22:57.0453 3380 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
18:22:57.0484 3380 NDProxy - ok
18:22:57.0546 3380 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
18:22:57.0640 3380 NetBIOS - ok
18:22:57.0734 3380 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
18:22:57.0843 3380 NetBT - ok
18:22:57.0984 3380 NETw3x32 (71371ed9086a3d65f43967c89634e9a9) C:\WINDOWS\system32\DRIVERS\NETw3x32.sys
18:22:58.0140 3380 NETw3x32 - ok
18:22:58.0218 3380 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
18:22:58.0328 3380 NIC1394 - ok
18:22:58.0390 3380 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
18:22:58.0484 3380 Npfs - ok
18:22:58.0562 3380 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
18:22:58.0671 3380 Ntfs - ok
18:22:58.0734 3380 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
18:22:58.0843 3380 Null - ok
18:22:59.0062 3380 nv (59e5d945934ec2e7eaa22af81813dabf) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
18:22:59.0406 3380 nv - ok
18:22:59.0546 3380 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:22:59.0656 3380 NwlnkFlt - ok
18:22:59.0703 3380 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:22:59.0796 3380 NwlnkFwd - ok
18:22:59.0875 3380 NwlnkIpx (8b8b1be2dba4025da6786c645f77f123) C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
18:22:59.0984 3380 NwlnkIpx - ok
18:23:00.0046 3380 NwlnkNb (56d34a67c05e94e16377c60609741ff8) C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
18:23:00.0140 3380 NwlnkNb - ok
18:23:00.0234 3380 NwlnkSpx (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
18:23:00.0312 3380 NwlnkSpx - ok
18:23:00.0390 3380 NWRDR (36b9b950e3d2e100970a48d8bad86740) C:\WINDOWS\system32\DRIVERS\nwrdr.sys
18:23:00.0500 3380 NWRDR - ok
18:23:00.0531 3380 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
18:23:00.0640 3380 ohci1394 - ok
18:23:00.0703 3380 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\drivers\Parport.sys
18:23:01.0203 3380 Parport - ok
18:23:01.0218 3380 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
18:23:01.0328 3380 PartMgr - ok
18:23:01.0375 3380 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
18:23:01.0453 3380 ParVdm - ok
18:23:01.0484 3380 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
18:23:01.0578 3380 PCI - ok
18:23:01.0625 3380 PCIDump - ok
18:23:01.0656 3380 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
18:23:01.0765 3380 PCIIde - ok
18:23:01.0843 3380 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
18:23:01.0921 3380 Pcmcia - ok
18:23:01.0968 3380 PDCOMP - ok
18:23:02.0000 3380 PDFRAME - ok
18:23:02.0046 3380 PDRELI - ok
18:23:02.0125 3380 PDRFRAME - ok
18:23:02.0156 3380 perc2 - ok
18:23:02.0187 3380 perc2hib - ok
18:23:02.0265 3380 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:23:02.0375 3380 PptpMiniport - ok
18:23:02.0656 3380 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
18:23:02.0734 3380 PSched - ok
18:23:02.0812 3380 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:23:02.0890 3380 Ptilink - ok
18:23:02.0921 3380 ql1080 - ok
18:23:02.0921 3380 Ql10wnt - ok
18:23:02.0937 3380 ql12160 - ok
18:23:02.0953 3380 ql1240 - ok
18:23:02.0953 3380 ql1280 - ok
18:23:02.0968 3380 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:23:03.0078 3380 RasAcd - ok
18:23:03.0156 3380 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
18:23:03.0234 3380 Rasirda - ok
18:23:03.0265 3380 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:23:03.0375 3380 Rasl2tp - ok
18:23:03.0421 3380 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:23:03.0515 3380 RasPppoe - ok
18:23:03.0593 3380 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
18:23:03.0703 3380 Raspti - ok
18:23:03.0796 3380 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:23:03.0890 3380 Rdbss - ok
18:23:03.0968 3380 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:23:04.0062 3380 RDPCDD - ok
18:23:04.0109 3380 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
18:23:04.0218 3380 rdpdr - ok
18:23:04.0359 3380 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
18:23:04.0406 3380 RDPWD - ok
18:23:04.0468 3380 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
18:23:04.0562 3380 redbook - ok
18:23:04.0609 3380 rimmptsk (24ed7af20651f9fa1f249482e7c1f165) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
18:23:04.0656 3380 rimmptsk - ok
18:23:04.0687 3380 rimsptsk (1bdba2d2d402415a78a4ba766dfe0f7b) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
18:23:04.0750 3380 rimsptsk - ok
18:23:04.0796 3380 rismxdp (f774ecd11a064f0debb2d4395418153c) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
18:23:04.0875 3380 rismxdp - ok
18:23:04.0953 3380 RTL8023xp (d6e1b1bd04fad422af17fc4b810cb9af) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
18:23:04.0984 3380 RTL8023xp - ok
18:23:05.0125 3380 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
18:23:05.0218 3380 sdbus - ok
18:23:05.0312 3380 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:23:05.0421 3380 Secdrv - ok
18:23:05.0500 3380 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\drivers\Serial.sys
18:23:05.0609 3380 Serial - ok
18:23:05.0656 3380 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys
18:23:05.0765 3380 sffdisk - ok
18:23:05.0796 3380 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
18:23:05.0890 3380 sffp_sd - ok
18:23:05.0953 3380 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
18:23:06.0046 3380 Sfloppy - ok
18:23:06.0093 3380 Simbad - ok
18:23:06.0156 3380 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
18:23:06.0250 3380 SLIP - ok
18:23:06.0390 3380 SMCIRDA (faedd4ac72c5772672cce88b3adafa56) C:\WINDOWS\system32\DRIVERS\smcirda.sys
18:23:06.0437 3380 SMCIRDA - ok
18:23:06.0484 3380 Sparrow - ok
18:23:06.0609 3380 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
18:23:06.0718 3380 splitter - ok
18:23:06.0796 3380 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
18:23:06.0890 3380 sr - ok
18:23:07.0031 3380 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
18:23:07.0109 3380 Srv - ok
18:23:07.0187 3380 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
18:23:07.0296 3380 streamip - ok
18:23:07.0328 3380 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
18:23:07.0437 3380 swenum - ok
18:23:07.0484 3380 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
18:23:07.0578 3380 swmidi - ok
18:23:07.0593 3380 symc810 - ok
18:23:07.0609 3380 symc8xx - ok
18:23:07.0609 3380 sym_hi - ok
18:23:07.0625 3380 sym_u3 - ok
18:23:07.0656 3380 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
18:23:07.0750 3380 sysaudio - ok
18:23:07.0828 3380 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:23:07.0937 3380 Tcpip - ok
18:23:08.0015 3380 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
18:23:08.0125 3380 TDPIPE - ok
18:23:08.0187 3380 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
18:23:08.0296 3380 TDTCP - ok
18:23:08.0390 3380 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
18:23:08.0484 3380 TermDD - ok
18:23:08.0593 3380 toshidpt (e362d54fd394999c4178936396664e57) C:\WINDOWS\system32\drivers\Toshidpt.sys
18:23:08.0609 3380 toshidpt ( UnsignedFile.Multi.Generic ) - warning
18:23:08.0609 3380 toshidpt - detected UnsignedFile.Multi.Generic (1)
18:23:08.0671 3380 TosIde - ok
18:23:08.0750 3380 tosporte (02ebf69066d6f208af4d07481bbae0ad) C:\WINDOWS\system32\DRIVERS\tosporte.sys
18:23:08.0781 3380 tosporte ( UnsignedFile.Multi.Generic ) - warning
18:23:08.0781 3380 tosporte - detected UnsignedFile.Multi.Generic (1)
18:23:08.0937 3380 Tosrfbd (b52d9ce4a1f2feb1c77f913b55768530) C:\WINDOWS\system32\Drivers\tosrfbd.sys
18:23:08.0953 3380 Tosrfbd ( UnsignedFile.Multi.Generic ) - warning
18:23:08.0953 3380 Tosrfbd - detected UnsignedFile.Multi.Generic (1)
18:23:09.0000 3380 Tosrfbnp (1ae2ba74b2a4f5a358b13fcd35258c30) C:\WINDOWS\system32\Drivers\tosrfbnp.sys
18:23:09.0015 3380 Tosrfbnp ( UnsignedFile.Multi.Generic ) - warning
18:23:09.0015 3380 Tosrfbnp - detected UnsignedFile.Multi.Generic (1)
18:23:09.0062 3380 Tosrfcom (5ba1ca3b3cddb1ddc67df473f05d1ec2) C:\WINDOWS\system32\Drivers\tosrfcom.sys
18:23:09.0078 3380 Tosrfcom ( UnsignedFile.Multi.Generic ) - warning
18:23:09.0078 3380 Tosrfcom - detected UnsignedFile.Multi.Generic (1)
18:23:09.0125 3380 Tosrfhid (8310963d2d06860e272eec87bca4217a) C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys
18:23:09.0140 3380 Tosrfhid ( UnsignedFile.Multi.Generic ) - warning
18:23:09.0140 3380 Tosrfhid - detected UnsignedFile.Multi.Generic (1)
18:23:09.0203 3380 tosrfnds (c52fd27b9adf3a1f22cb90e6bcf9b0cb) C:\WINDOWS\system32\DRIVERS\tosrfnds.sys
18:23:09.0218 3380 tosrfnds ( UnsignedFile.Multi.Generic ) - warning
18:23:09.0218 3380 tosrfnds - detected UnsignedFile.Multi.Generic (1)
18:23:09.0406 3380 TosRfSnd (ab6fd13d7efa2634fa6bdf84c7ef0696) C:\WINDOWS\system32\drivers\TosRfSnd.sys
18:23:09.0437 3380 TosRfSnd ( UnsignedFile.Multi.Generic ) - warning
18:23:09.0437 3380 TosRfSnd - detected UnsignedFile.Multi.Generic (1)
18:23:09.0484 3380 Tosrfusb (c639fc314ea7436325ade8cd514b627c) C:\WINDOWS\system32\Drivers\tosrfusb.sys
18:23:09.0484 3380 Tosrfusb ( UnsignedFile.Multi.Generic ) - warning
18:23:09.0484 3380 Tosrfusb - detected UnsignedFile.Multi.Generic (1)
18:23:09.0562 3380 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
18:23:09.0671 3380 Udfs - ok
18:23:09.0734 3380 ultra - ok
18:23:09.0828 3380 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
18:23:09.0968 3380 Update - ok
18:23:10.0078 3380 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:23:10.0171 3380 usbehci - ok
18:23:10.0218 3380 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:23:10.0328 3380 usbhub - ok
18:23:10.0406 3380 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
18:23:10.0500 3380 usbprint - ok
18:23:10.0578 3380 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
18:23:10.0687 3380 usbscan - ok
18:23:10.0781 3380 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:23:10.0890 3380 USBSTOR - ok
18:23:10.0937 3380 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
18:23:11.0031 3380 usbuhci - ok
18:23:11.0125 3380 usbvm321 (bce87e9547a6c8815f64cd3c80733bc7) C:\WINDOWS\system32\Drivers\usbvm321.sys
18:23:11.0156 3380 usbvm321 - ok
18:23:11.0296 3380 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
18:23:11.0406 3380 VgaSave - ok
18:23:11.0468 3380 ViaIde - ok
18:23:11.0531 3380 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
18:23:11.0625 3380 VolSnap - ok
18:23:11.0687 3380 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:23:11.0796 3380 Wanarp - ok
18:23:11.0828 3380 WDICA - ok
18:23:11.0890 3380 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
18:23:11.0984 3380 wdmaud - ok
18:23:12.0078 3380 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
18:23:12.0171 3380 WSTCODEC - ok
18:23:12.0218 3380 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
18:23:12.0281 3380 WudfPf - ok
18:23:12.0328 3380 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
18:23:12.0375 3380 WudfRd - ok
18:23:12.0406 3380 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
18:23:12.0609 3380 \Device\Harddisk0\DR0 - ok
18:23:12.0625 3380 MBR (0x1B8) (f1a02ca4aafdb0f687f3961df0048c74) \Device\Harddisk1\DR2
18:23:12.0843 3380 \Device\Harddisk1\DR2 - ok
18:23:12.0843 3380 Boot (0x1200) (fc843fc1bc011f2e0f49efbfd770ea57) \Device\Harddisk0\DR0\Partition0
18:23:12.0843 3380 \Device\Harddisk0\DR0\Partition0 - ok
18:23:12.0843 3380 ============================================================
18:23:12.0843 3380 Scan finished
18:23:12.0843 3380 ============================================================
18:23:12.0953 3384 Detected object count: 11
18:23:12.0953 3384 Actual detected object count: 11
18:23:36.0031 3384 asuskbnt ( UnsignedFile.Multi.Generic ) - skipped by user
18:23:36.0031 3384 asuskbnt ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:23:36.0031 3384 IPSec ( UnsignedFile.Multi.Generic ) - skipped by user
18:23:36.0031 3384 IPSec ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:23:36.0031 3384 toshidpt ( UnsignedFile.Multi.Generic ) - skipped by user
18:23:36.0031 3384 toshidpt ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:23:36.0031 3384 tosporte ( UnsignedFile.Multi.Generic ) - skipped by user
18:23:36.0031 3384 tosporte ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:23:36.0031 3384 Tosrfbd ( UnsignedFile.Multi.Generic ) - skipped by user
18:23:36.0031 3384 Tosrfbd ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:23:36.0031 3384 Tosrfbnp ( UnsignedFile.Multi.Generic ) - skipped by user
18:23:36.0031 3384 Tosrfbnp ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:23:36.0031 3384 Tosrfcom ( UnsignedFile.Multi.Generic ) - skipped by user
18:23:36.0031 3384 Tosrfcom ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:23:36.0031 3384 Tosrfhid ( UnsignedFile.Multi.Generic ) - skipped by user
18:23:36.0031 3384 Tosrfhid ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:23:36.0031 3384 tosrfnds ( UnsignedFile.Multi.Generic ) - skipped by user
18:23:36.0031 3384 tosrfnds ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:23:36.0031 3384 TosRfSnd ( UnsignedFile.Multi.Generic ) - skipped by user
18:23:36.0031 3384 TosRfSnd ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:23:36.0031 3384 Tosrfusb ( UnsignedFile.Multi.Generic ) - skipped by user
18:23:36.0031 3384 Tosrfusb ( UnsignedFile.Multi.Generic ) - User select action: Skip
Re: viry-vypnuti antiviru, nefunkční internet ...
Když do konzole zadám ipconfig tak mi to hodí Došlo k vnitřní chybě: Požadavek není podporován.
Re: viry-vypnuti antiviru, nefunkční internet ...
Ten bat soubor... vytvořim poznamkac, vložim do něj celej ten řádek a uložim ho jako notepad nalez? psk přesun na tdskiller?
Znovu, kde mám najít ty tři soubory ke smazání ze včera?
Znovu, kde mám najít ty tři soubory ke smazání ze včera?
Re: viry-vypnuti antiviru, nefunkční internet ...
Tady je zatim sken z RKU, teď čekám na CF, psk udělám ten bat. Očividně tam ještě něco málo z antiviru zustalo, na ebu byly k odstraněnění dva soubory, první proběhl vpoho, druhý spadnul...
RkU Version: 3.8.389.593, Type LE (SR2)
==============================================
OS Name: Windows XP
Version 5.1.2600 (Service Pack 3)
Number of processors #2
==============================================
>SSDT State
==============================================
==============================================
>Shadow
==============================================
==============================================
>Processes
==============================================
0x867C4830 [4] System
0x8649B938 [200] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation, GrooveMonitor Utility)
0x866E0C08 [468] C:\WINDOWS\system32\smss.exe (Microsoft Corporation, Správce relací systému Windows NT)
0x86659970 [632] C:\WINDOWS\system32\csrss.exe (Microsoft Corporation, Client Server Runtime Process)
0x864FC700 [660] C:\WINDOWS\system32\winlogon.exe (Microsoft Corporation, Windows NT Logon Application)
0x864A15E0 [704] C:\WINDOWS\system32\services.exe (Microsoft Corporation, Services and Controller app)
0x8656BDA0 [716] C:\WINDOWS\system32\lsass.exe (Microsoft Corporation, LSA Shell (Export Version))
0x860C8800 [884] C:\WINDOWS\system32\svchost.exe (Microsoft Corporation, Generic Host Process for Win32 Services)
0x866786D8 [912] C:\WINDOWS\ATKKBService.exe (ASUSTeK COMPUTER INC., ASUS Keyboard Service )
0x8648BDA0 [948] C:\WINDOWS\system32\svchost.exe (Microsoft Corporation, Generic Host Process for Win32 Services)
0x864AE978 [980] C:\WINDOWS\system32\svchost.exe (Microsoft Corporation, Generic Host Process for Win32 Services)
0x8529C610 [1072] C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc., Java(TM) Quick Starter Service)
0x864ABC88 [1140] C:\WINDOWS\system32\svchost.exe (Microsoft Corporation, Generic Host Process for Win32 Services)
0x85307DA0 [1332] C:\WINDOWS\system32\LEXBCES.EXE (Lexmark International, Inc., LexBce Service)
0x852F0020 [1352] C:\WINDOWS\system32\spoolsv.exe (Microsoft Corporation, Spooler SubSystem App)
0x864C9708 [1376] C:\WINDOWS\system32\LEXPPS.EXE (Lexmark International, Inc., LEXPPS.EXE)
0x852C1BC0 [1508] C:\WINDOWS\system32\svchost.exe (Microsoft Corporation, Generic Host Process for Win32 Services)
0x864F8BC8 [1524] C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation, NVIDIA Driver Helper Service, Version 86.02)
0x86686608 [1576] C:\WINDOWS\system32\svchost.exe (Microsoft Corporation, Generic Host Process for Win32 Services)
0x866D83A8 [1848] C:\WINDOWS\system32\wscntfy.exe (Microsoft Corporation, Windows Security Center Notification App)
0x85289BC0 [1864] C:\WINDOWS\explorer.exe (Microsoft Corporation, Průzkumník Windows)
0x852F4DA0 [2988] C:\WINDOWS\system32\notepad.exe (Microsoft Corporation, Poznámkový blok)
0x864C29F0 [3448] C:\Documents and Settings\Lucka\Plocha\RKUnhookerLE.EXE (UG North, RKULE, SR2 Overlord)
==============================================
>Drivers
==============================================
0xBF04C000 C:\WINDOWS\System32\nv4_disp.dll 3989504 bytes (NVIDIA Corporation, NVIDIA Compatible Windows 2000 Display driver, Version 86.02 )
0xF680F000 C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 3686400 bytes (NVIDIA Corporation, NVIDIA Compatible Windows 2000 Miniport Driver, Version 86.02 )
0x804D7000 C:\WINDOWS\system32\ntkrnlpa.exe 2154496 bytes (Microsoft Corporation, NT Kernel & System)
0x804D7000 PnpManager 2154496 bytes
0x804D7000 RAW 2154496 bytes
0x804D7000 WMIxWDM 2154496 bytes
0xBF800000 Win32k 1859584 bytes
0xBF800000 C:\WINDOWS\System32\win32k.sys 1859584 bytes (Microsoft Corporation, Multi-User Win32 Driver)
0xF7369000 Ntfs.sys 577536 bytes (Microsoft Corporation, NT File System Driver)
0xF434C000 C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 458752 bytes (Microsoft Corporation, Windows NT SMB Minirdr)
0xF659A000 C:\WINDOWS\system32\DRIVERS\update.sys 385024 bytes (Microsoft Corporation, Update Driver)
0xF4431000 C:\WINDOWS\system32\DRIVERS\tcpip.sys 364544 bytes (Microsoft Corporation, TCP/IP Protocol Driver)
0xB947C000 C:\WINDOWS\system32\DRIVERS\srv.sys 360448 bytes (Microsoft Corporation, Server driver)
0xF673B000 C:\WINDOWS\system32\DRIVERS\rixdptsk.sys 311296 bytes (REDC, RICOH XD SM Driver)
0xBF41A000 C:\WINDOWS\System32\ATMFD.DLL 290816 bytes (Adobe Systems Incorporated, Windows NT OpenType/Type 1 Font Driver)
0xB91BD000 C:\WINDOWS\System32\Drivers\HTTP.sys 266240 bytes (Microsoft Corporation, HTTP Protocol Stack)
0xF4270000 C:\WINDOWS\System32\Drivers\usbvm321.sys 245760 bytes (Vimicro Corporation, VM321 Video Driver)
0xBF012000 C:\WINDOWS\System32\atkdisp.dll 225280 bytes (ASUSTeK Computer Inc., ASUS Windows 2000/XP Display Driver)
0xF65F8000 C:\WINDOWS\system32\DRIVERS\rdpdr.sys 196608 bytes (Microsoft Corporation, Microsoft RDP Device redirector)
0xF74AD000 ACPI.sys 188416 bytes (Microsoft Corporation, ACPI Driver for NT)
0xBA147000 C:\WINDOWS\system32\DRIVERS\mrxdav.sys 184320 bytes (Microsoft Corporation, Windows NT WebDav Minirdr)
0xF733C000 NDIS.sys 184320 bytes (Microsoft Corporation, NDIS 5.1 wrapper driver)
0xB811A000 C:\WINDOWS\system32\drivers\kmixer.sys 176128 bytes (Microsoft Corporation, Kernel Mode Audio Mixer)
0xF43BC000 C:\WINDOWS\system32\DRIVERS\rdbss.sys 176128 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)
0xF67D3000 C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 163840 bytes (Windows (R) Server 2003 DDK provider, High Definition Audio Bus Driver v1.0a)
0xF4409000 C:\WINDOWS\system32\DRIVERS\netbt.sys 163840 bytes (Microsoft Corporation, MBT Transport driver)
0xBA174000 C:\WINDOWS\system32\DRIVERS\nwrdr.sys 163840 bytes (Microsoft Corporation, NetWare Redirector File System Driver)
0xF4508000 C:\WINDOWS\system32\drivers\ADIHdAud.sys 159744 bytes (Analog Devices, Inc., High Definition Audio Function Driver(Release Candidate 1))
0xF7457000 dmio.sys 155648 bytes (Microsoft Corp., Veritas Software, NT Disk Manager I/O Driver)
0xB942E000 C:\WINDOWS\system32\DRIVERS\ipnat.sys 155648 bytes (Microsoft Corporation, IP Network Address Translator)
0xB80F6000 C:\WINDOWS\System32\Drivers\Fastfat.SYS 147456 bytes (Microsoft Corporation, Fast FAT File System Driver)
0xF44E4000 C:\WINDOWS\system32\drivers\portcls.sys 147456 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))
0xF679B000 C:\WINDOWS\system32\DRIVERS\USBPORT.SYS 147456 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)
0xF6718000 C:\WINDOWS\system32\DRIVERS\ks.sys 143360 bytes (Microsoft Corporation, Kernel CSA Library)
0xF43E7000 C:\WINDOWS\System32\drivers\afd.sys 139264 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)
0x806E5000 ACPI_HAL 134400 bytes
0x806E5000 C:\WINDOWS\system32\hal.dll 134400 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)
0xF741F000 fltmgr.sys 131072 bytes (Microsoft Corporation, Microsoft Filesystem Filter Manager)
0xF747D000 ftdisk.sys 126976 bytes (Microsoft Corporation, FT Disk Driver)
0xF422C000 C:\WINDOWS\System32\Drivers\tosrfbd.sys 114688 bytes (TOSHIBA CORPORATION, Bluetooth RF Bus Driver)
0xF7322000 Mup.sys 106496 bytes (Microsoft Corporation, Multiple UNC Provider driver)
0xF743F000 atapi.sys 98304 bytes (Microsoft Corporation, IDE/ATAPI Port Driver)
0xF41C4000 C:\WINDOWS\System32\Drivers\dump_atapi.sys 98304 bytes
0xF73F6000 KSecDD.sys 94208 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)
0xF66D9000 C:\WINDOWS\system32\DRIVERS\ndiswan.sys 94208 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))
0xBA482000 C:\WINDOWS\system32\DRIVERS\irda.sys 90112 bytes (Microsoft Corporation, IRDA Protocol Driver)
0xBA46C000 C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys 90112 bytes (Microsoft Corporation, NWLINK2 IPX Protocol Driver)
0xB990A000 C:\WINDOWS\system32\drivers\wdmaud.sys 86016 bytes (Microsoft Corporation, MMSYSTEM Wave/Midi API mapper)
0xF67BF000 C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys 81920 bytes (Realtek Semiconductor Corporation , Realtek 10/100/1000 NDIS 5.1 Driver )
0xF6787000 C:\WINDOWS\system32\DRIVERS\sdbus.sys 81920 bytes (Microsoft Corporation, SecureDigital Bus Driver)
0xF67FB000 C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS 81920 bytes (Microsoft Corporation, Video Port Driver)
0xBF000000 C:\WINDOWS\System32\drivers\dxg.sys 73728 bytes (Microsoft Corporation, DirectX Graphics Driver)
0xF740D000 sr.sys 73728 bytes (Microsoft Corporation, System Restore Filesystem Filter Driver)
0xF749C000 pci.sys 69632 bytes (Microsoft Corporation, NT Plug and Play PCI Enumerator)
0xF6628000 C:\WINDOWS\system32\DRIVERS\psched.sys 69632 bytes (Microsoft Corporation, MS QoS Packet Scheduler)
0xF771C000 C:\WINDOWS\System32\Drivers\Cdfs.SYS 65536 bytes (Microsoft Corporation, CD-ROM File System Driver)
0xF77CC000 C:\WINDOWS\system32\DRIVERS\cdrom.sys 65536 bytes (Microsoft Corporation, SCSI CD-ROM Driver)
0xF430C000 C:\WINDOWS\system32\DRIVERS\nwlnknb.sys 65536 bytes (Microsoft Corporation, NWLINK2 IPX Netbios Protocol Driver)
0xF75EC000 ohci1394.sys 65536 bytes (Microsoft Corporation, 1394 OpenHCI Port Driver)
0xF77EC000 C:\WINDOWS\System32\Drivers\tosrfcom.sys 65536 bytes (TOSHIBA Corporation, Bluetooth RFCOMM Driver)
0xF772C000 C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys 65536 bytes (TOSHIBA Corporation., Bluetooth HID Driver from TOSHIBA)
0xF768C000 C:\WINDOWS\system32\drivers\drmk.sys 61440 bytes (Microsoft Corporation, Microsoft Kernel DRM Descrambler Filter)
0xF77DC000 C:\WINDOWS\system32\DRIVERS\redbook.sys 61440 bytes (Microsoft Corporation, Redbook Audio Filter Driver)
0xBA2C4000 C:\WINDOWS\system32\drivers\sysaudio.sys 61440 bytes (Microsoft Corporation, System Audio WDM Filter)
0xF769C000 C:\WINDOWS\system32\DRIVERS\usbhub.sys 61440 bytes (Microsoft Corporation, Default Hub Driver for USB)
0xF75FC000 C:\WINDOWS\system32\DRIVERS\1394BUS.SYS 57344 bytes (Microsoft Corporation, 1394 Bus Device Driver)
0xF42DC000 C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys 57344 bytes (Microsoft Corporation, NWLINK2 SPX Protocol Driver)
0xF763C000 C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS 53248 bytes (Microsoft Corporation, SCSI Class System Dll)
0xF779C000 C:\WINDOWS\system32\DRIVERS\i8042prt.sys 53248 bytes (Microsoft Corporation, i8042 Port Driver)
0xF77FC000 C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 53248 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)
0xF778C000 C:\WINDOWS\system32\DRIVERS\rimsptsk.sys 53248 bytes (REDC, RICOH MS Driver)
0xF76FC000 C:\WINDOWS\System32\Drivers\STREAM.SYS 53248 bytes (Microsoft Corporation, WDM CODEC Class Device Driver 2.0)
0xF761C000 VolSnap.sys 53248 bytes (Microsoft Corporation, Volume Shadow Copy Driver)
0xF781C000 C:\WINDOWS\system32\DRIVERS\raspptp.sys 49152 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)
0xF77AC000 C:\WINDOWS\system32\DRIVERS\smcirda.sys 49152 bytes (SMSC, SMSC IrCC NDIS 5.0 IrDA FIR Device Driver)
0xF784C000 C:\WINDOWS\system32\DRIVERS\tosporte.sys 49152 bytes (TOSHIBA Corporation, TOSHIBA Bluetooth Port Emulation Driver)
0xF76DC000 C:\WINDOWS\System32\Drivers\Fips.SYS 45056 bytes (Microsoft Corporation, FIPS Crypto Driver)
0xF77BC000 C:\WINDOWS\system32\DRIVERS\imapi.sys 45056 bytes (Microsoft Corporation, IMAPI Kernel Driver)
0xF760C000 MountMgr.sys 45056 bytes (Microsoft Corporation, Mount Manager)
0xF780C000 C:\WINDOWS\system32\DRIVERS\raspppoe.sys 45056 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)
0xF777C000 C:\WINDOWS\system32\DRIVERS\intelppm.sys 40960 bytes (Microsoft Corporation, Processor Device Driver)
0xF75DC000 isapnp.sys 40960 bytes (Microsoft Corporation, PNP ISA Bus Driver)
0xF767C000 C:\WINDOWS\System32\Drivers\NDProxy.SYS 40960 bytes (Microsoft Corporation, NDIS Proxy)
0xF783C000 C:\WINDOWS\system32\DRIVERS\termdd.sys 40960 bytes (Microsoft Corporation, Terminal Server Driver)
0xF773C000 C:\WINDOWS\System32\Drivers\tosrfbnp.sys 40960 bytes (TOSHIBA Corporation, Bluetooth RFBNEP Driver)
0xF76CC000 C:\WINDOWS\System32\Drivers\tosrfusb.sys 40960 bytes (TOSHIBA CORPORATION, Bluetooth USB Miniport Driver)
0xB924E000 C:\WINDOWS\System32\Drivers\BlackBox.SYS 36864 bytes (RKU Driver)
0xF762C000 disk.sys 36864 bytes (Microsoft Corporation, PnP Disk Driver)
0xF76EC000 C:\WINDOWS\system32\DRIVERS\HIDCLASS.SYS 36864 bytes (Microsoft Corporation, Hid Class Library)
0xF782C000 C:\WINDOWS\system32\DRIVERS\msgpc.sys 36864 bytes (Microsoft Corporation, MS General Packet Classifier)
0xF76BC000 C:\WINDOWS\system32\DRIVERS\netbios.sys 36864 bytes (Microsoft Corporation, NetBIOS interface driver)
!!!!!!!!!!!Hidden driver: 0xF448A000 IPSec 32896 bytes
0xF7974000 C:\WINDOWS\System32\Drivers\Npfs.SYS 32768 bytes (Microsoft Corporation, NPFS Driver)
0xF78FC000 C:\WINDOWS\system32\DRIVERS\usbehci.sys 32768 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver)
0xF797C000 C:\WINDOWS\system32\DRIVERS\HIDPARSE.SYS 28672 bytes (Microsoft Corporation, Hid Parsing Library)
0xF785C000 C:\WINDOWS\system32\DRIVERS\PCIIDEX.SYS 28672 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension)
0xF7904000 C:\WINDOWS\system32\DRIVERS\rimmptsk.sys 28672 bytes (REDC, RICOH MMC Driver)
0xF7984000 C:\WINDOWS\System32\Drivers\USBCAMD2.SYS 28672 bytes (Microsoft Corporation, Universal Serial Bus Camera Driver)
0xF79B4000 C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 28672 bytes (Microsoft Corporation, USB Mass Storage Class Driver)
0xF790C000 C:\WINDOWS\system32\DRIVERS\kbdclass.sys 24576 bytes (Microsoft Corporation, Keyboard Class Driver)
0xF7914000 C:\WINDOWS\system32\DRIVERS\mouclass.sys 24576 bytes (Microsoft Corporation, Mouse Class Driver)
0xF78F4000 C:\WINDOWS\system32\DRIVERS\usbuhci.sys 24576 bytes (Microsoft Corporation, UHCI USB Miniport Driver)
0xF7964000 C:\WINDOWS\System32\drivers\vga.sys 24576 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)
0xF796C000 C:\WINDOWS\System32\Drivers\Msfs.SYS 20480 bytes (Microsoft Corporation, Mailslot driver)
0xF7864000 PartMgr.sys 20480 bytes (Microsoft Corporation, Partition Manager)
0xF792C000 C:\WINDOWS\system32\DRIVERS\ptilink.sys 20480 bytes (Parallel Technologies, Inc., Parallel Technologies DirectParallel IO Library)
0xF791C000 C:\WINDOWS\system32\DRIVERS\rasirda.sys 20480 bytes (Microsoft Corporation, IrDA WAN Miniport Driver)
0xF7934000 C:\WINDOWS\system32\DRIVERS\raspti.sys 20480 bytes (Microsoft Corporation, PTI DirectParallel(R) mini-port/call-manager driver)
0xF7924000 C:\WINDOWS\system32\DRIVERS\TDI.SYS 20480 bytes (Microsoft Corporation, TDI Wrapper)
0xF798C000 C:\WINDOWS\System32\watchdog.sys 20480 bytes (Microsoft Corporation, Watchdog Driver)
0xF79F4000 C:\WINDOWS\system32\DRIVERS\BATTC.SYS 16384 bytes (Microsoft Corporation, Battery Class Driver)
0xF7ACC000 C:\WINDOWS\system32\DRIVERS\CmBatt.sys 16384 bytes (Microsoft Corporation, Control Method Battery Driver)
0xF72EA000 C:\WINDOWS\system32\DRIVERS\mssmbios.sys 16384 bytes (Microsoft Corporation, System Management BIOS Driver)
0xBA500000 C:\WINDOWS\system32\DRIVERS\ndisuio.sys 16384 bytes (Microsoft Corporation, NDIS User mode I/O Driver)
0xF79F8000 ACPIEC.sys 12288 bytes (Microsoft Corporation, Ovladač vloženého řadiče ACPI)
0xF7AD0000 C:\WINDOWS\system32\drivers\atkkbnt.sys 12288 bytes (ASUSTeK COMPUTER INC., ASUS Help driver For Keyboard Service.)
0xF79EC000 C:\WINDOWS\system32\BOOTVID.dll 12288 bytes (Microsoft Corporation, VGA Boot Driver)
0xF79F0000 compbatt.sys 12288 bytes (Microsoft Corporation, Composite Battery Driver)
0xF424C000 C:\WINDOWS\System32\drivers\Dxapi.sys 12288 bytes (Microsoft Corporation, DirectX API Driver)
0xF7AA0000 C:\WINDOWS\system32\DRIVERS\hidusb.sys 12288 bytes (Microsoft Corporation, USB Miniport Driver for Input Devices)
0xF7AC0000 C:\WINDOWS\system32\DRIVERS\irenum.sys 12288 bytes (Microsoft Corporation, Infra-Red Bus Enumerator)
0xF66FC000 C:\WINDOWS\system32\DRIVERS\mouhid.sys 12288 bytes (Microsoft Corporation, HID Mouse Filter Driver)
0xF7AD8000 C:\WINDOWS\system32\DRIVERS\ndistapi.sys 12288 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)
0xF7A88000 C:\WINDOWS\system32\DRIVERS\rasacd.sys 12288 bytes (Microsoft Corporation, RAS Automatic Connection Driver)
0xF7AFE000 C:\WINDOWS\System32\Drivers\Beep.SYS 8192 bytes (Microsoft Corporation, BEEP Driver)
0xF7AE0000 dmload.sys 8192 bytes (Microsoft Corp., Veritas Software., NT Disk Manager Startup Driver)
0xF7B06000 C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS 8192 bytes
0xF7AFC000 C:\WINDOWS\System32\Drivers\Fs_Rec.SYS 8192 bytes (Microsoft Corporation, File System Recognizer Driver)
0xF7ADC000 C:\WINDOWS\system32\KDCOM.DLL 8192 bytes (Microsoft Corporation, Kernel Debugger HW Extension DLL)
0xF7B00000 C:\WINDOWS\System32\Drivers\mnmdd.SYS 8192 bytes (Microsoft Corporation, Frame buffer simulator)
0xF7B02000 C:\WINDOWS\System32\DRIVERS\RDPCDD.sys 8192 bytes (Microsoft Corporation, RDP Miniport)
0xF7AF6000 C:\WINDOWS\system32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)
0xF7AFA000 C:\WINDOWS\system32\DRIVERS\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver)
0xF7ADE000 C:\WINDOWS\system32\DRIVERS\WMILIB.SYS 8192 bytes (Microsoft Corporation, WMILIB WMI support library Dll)
0xF7D0F000 C:\WINDOWS\system32\DRIVERS\audstub.sys 4096 bytes (Microsoft Corporation, AudStub Driver)
0xF7CE2000 C:\WINDOWS\System32\drivers\dxgthk.sys 4096 bytes (Microsoft Corporation, DirectX Graphics Driver Thunk)
0xF7C4D000 C:\WINDOWS\System32\Drivers\Null.SYS 4096 bytes (Microsoft Corporation, NULL Driver)
0xF7BA5000 C:\WINDOWS\system32\DRIVERS\OPRGHDLR.SYS 4096 bytes (Microsoft Corporation, ACPI Operation Registration Driver)
0xF7BA4000 pciide.sys 4096 bytes (Microsoft Corporation, Generic PCI IDE Bus Driver)
==============================================
>Stealth
==============================================
==============================================
>Files
==============================================
!-->[Hidden] C:\Documents and Settings\All Users\Data aplikací\Real\setup\config.ini::$DATA
!-->[Hidden] C:\Unreal Commander\ini backup.txt:bak:$DATA
!-->[Hidden] C:\Unreal Commander\ini backup.txt:Uncom.bar 146:$DATA
!-->[Hidden] C:\Unreal Commander\ini backup.txt:Uncom.ini 179:$DATA
!-->[Hidden] C:\Unreal Commander\ini backup.txt:Uncomstyles.ini 60:$DATA
==============================================
>Hooks
==============================================
ntkrnlpa.exe+0x0006ECEE, Type: Inline - RelativeJump 0x80545CEE-->80545CF5 [ntkrnlpa.exe]
[1864]explorer.exe-->advapi32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77DC1218-->5D067774 [shimeng.dll]
[1864]explorer.exe-->crypt32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77A71188-->5D067774 [shimeng.dll]
[1864]explorer.exe-->gdi32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77F110B4-->5D067774 [shimeng.dll]
[1864]explorer.exe-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x01001268-->5D067774 [shimeng.dll]
[1864]explorer.exe-->shell32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x7C9C15A4-->5D067774 [shimeng.dll]
[1864]explorer.exe-->user32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x7E36133C-->5D067774 [shimeng.dll]
[1864]explorer.exe-->wininet.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x40C014B0-->5D067774 [shimeng.dll]
[1864]explorer.exe-->ws2_32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x71A9109C-->5D067774 [shimeng.dll]
!!POSSIBLE ROOTKIT ACTIVITY DETECTED!! =)
RkU Version: 3.8.389.593, Type LE (SR2)
==============================================
OS Name: Windows XP
Version 5.1.2600 (Service Pack 3)
Number of processors #2
==============================================
>SSDT State
==============================================
==============================================
>Shadow
==============================================
==============================================
>Processes
==============================================
0x867C4830 [4] System
0x8649B938 [200] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation, GrooveMonitor Utility)
0x866E0C08 [468] C:\WINDOWS\system32\smss.exe (Microsoft Corporation, Správce relací systému Windows NT)
0x86659970 [632] C:\WINDOWS\system32\csrss.exe (Microsoft Corporation, Client Server Runtime Process)
0x864FC700 [660] C:\WINDOWS\system32\winlogon.exe (Microsoft Corporation, Windows NT Logon Application)
0x864A15E0 [704] C:\WINDOWS\system32\services.exe (Microsoft Corporation, Services and Controller app)
0x8656BDA0 [716] C:\WINDOWS\system32\lsass.exe (Microsoft Corporation, LSA Shell (Export Version))
0x860C8800 [884] C:\WINDOWS\system32\svchost.exe (Microsoft Corporation, Generic Host Process for Win32 Services)
0x866786D8 [912] C:\WINDOWS\ATKKBService.exe (ASUSTeK COMPUTER INC., ASUS Keyboard Service )
0x8648BDA0 [948] C:\WINDOWS\system32\svchost.exe (Microsoft Corporation, Generic Host Process for Win32 Services)
0x864AE978 [980] C:\WINDOWS\system32\svchost.exe (Microsoft Corporation, Generic Host Process for Win32 Services)
0x8529C610 [1072] C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc., Java(TM) Quick Starter Service)
0x864ABC88 [1140] C:\WINDOWS\system32\svchost.exe (Microsoft Corporation, Generic Host Process for Win32 Services)
0x85307DA0 [1332] C:\WINDOWS\system32\LEXBCES.EXE (Lexmark International, Inc., LexBce Service)
0x852F0020 [1352] C:\WINDOWS\system32\spoolsv.exe (Microsoft Corporation, Spooler SubSystem App)
0x864C9708 [1376] C:\WINDOWS\system32\LEXPPS.EXE (Lexmark International, Inc., LEXPPS.EXE)
0x852C1BC0 [1508] C:\WINDOWS\system32\svchost.exe (Microsoft Corporation, Generic Host Process for Win32 Services)
0x864F8BC8 [1524] C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation, NVIDIA Driver Helper Service, Version 86.02)
0x86686608 [1576] C:\WINDOWS\system32\svchost.exe (Microsoft Corporation, Generic Host Process for Win32 Services)
0x866D83A8 [1848] C:\WINDOWS\system32\wscntfy.exe (Microsoft Corporation, Windows Security Center Notification App)
0x85289BC0 [1864] C:\WINDOWS\explorer.exe (Microsoft Corporation, Průzkumník Windows)
0x852F4DA0 [2988] C:\WINDOWS\system32\notepad.exe (Microsoft Corporation, Poznámkový blok)
0x864C29F0 [3448] C:\Documents and Settings\Lucka\Plocha\RKUnhookerLE.EXE (UG North, RKULE, SR2 Overlord)
==============================================
>Drivers
==============================================
0xBF04C000 C:\WINDOWS\System32\nv4_disp.dll 3989504 bytes (NVIDIA Corporation, NVIDIA Compatible Windows 2000 Display driver, Version 86.02 )
0xF680F000 C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 3686400 bytes (NVIDIA Corporation, NVIDIA Compatible Windows 2000 Miniport Driver, Version 86.02 )
0x804D7000 C:\WINDOWS\system32\ntkrnlpa.exe 2154496 bytes (Microsoft Corporation, NT Kernel & System)
0x804D7000 PnpManager 2154496 bytes
0x804D7000 RAW 2154496 bytes
0x804D7000 WMIxWDM 2154496 bytes
0xBF800000 Win32k 1859584 bytes
0xBF800000 C:\WINDOWS\System32\win32k.sys 1859584 bytes (Microsoft Corporation, Multi-User Win32 Driver)
0xF7369000 Ntfs.sys 577536 bytes (Microsoft Corporation, NT File System Driver)
0xF434C000 C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 458752 bytes (Microsoft Corporation, Windows NT SMB Minirdr)
0xF659A000 C:\WINDOWS\system32\DRIVERS\update.sys 385024 bytes (Microsoft Corporation, Update Driver)
0xF4431000 C:\WINDOWS\system32\DRIVERS\tcpip.sys 364544 bytes (Microsoft Corporation, TCP/IP Protocol Driver)
0xB947C000 C:\WINDOWS\system32\DRIVERS\srv.sys 360448 bytes (Microsoft Corporation, Server driver)
0xF673B000 C:\WINDOWS\system32\DRIVERS\rixdptsk.sys 311296 bytes (REDC, RICOH XD SM Driver)
0xBF41A000 C:\WINDOWS\System32\ATMFD.DLL 290816 bytes (Adobe Systems Incorporated, Windows NT OpenType/Type 1 Font Driver)
0xB91BD000 C:\WINDOWS\System32\Drivers\HTTP.sys 266240 bytes (Microsoft Corporation, HTTP Protocol Stack)
0xF4270000 C:\WINDOWS\System32\Drivers\usbvm321.sys 245760 bytes (Vimicro Corporation, VM321 Video Driver)
0xBF012000 C:\WINDOWS\System32\atkdisp.dll 225280 bytes (ASUSTeK Computer Inc., ASUS Windows 2000/XP Display Driver)
0xF65F8000 C:\WINDOWS\system32\DRIVERS\rdpdr.sys 196608 bytes (Microsoft Corporation, Microsoft RDP Device redirector)
0xF74AD000 ACPI.sys 188416 bytes (Microsoft Corporation, ACPI Driver for NT)
0xBA147000 C:\WINDOWS\system32\DRIVERS\mrxdav.sys 184320 bytes (Microsoft Corporation, Windows NT WebDav Minirdr)
0xF733C000 NDIS.sys 184320 bytes (Microsoft Corporation, NDIS 5.1 wrapper driver)
0xB811A000 C:\WINDOWS\system32\drivers\kmixer.sys 176128 bytes (Microsoft Corporation, Kernel Mode Audio Mixer)
0xF43BC000 C:\WINDOWS\system32\DRIVERS\rdbss.sys 176128 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)
0xF67D3000 C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 163840 bytes (Windows (R) Server 2003 DDK provider, High Definition Audio Bus Driver v1.0a)
0xF4409000 C:\WINDOWS\system32\DRIVERS\netbt.sys 163840 bytes (Microsoft Corporation, MBT Transport driver)
0xBA174000 C:\WINDOWS\system32\DRIVERS\nwrdr.sys 163840 bytes (Microsoft Corporation, NetWare Redirector File System Driver)
0xF4508000 C:\WINDOWS\system32\drivers\ADIHdAud.sys 159744 bytes (Analog Devices, Inc., High Definition Audio Function Driver(Release Candidate 1))
0xF7457000 dmio.sys 155648 bytes (Microsoft Corp., Veritas Software, NT Disk Manager I/O Driver)
0xB942E000 C:\WINDOWS\system32\DRIVERS\ipnat.sys 155648 bytes (Microsoft Corporation, IP Network Address Translator)
0xB80F6000 C:\WINDOWS\System32\Drivers\Fastfat.SYS 147456 bytes (Microsoft Corporation, Fast FAT File System Driver)
0xF44E4000 C:\WINDOWS\system32\drivers\portcls.sys 147456 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))
0xF679B000 C:\WINDOWS\system32\DRIVERS\USBPORT.SYS 147456 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)
0xF6718000 C:\WINDOWS\system32\DRIVERS\ks.sys 143360 bytes (Microsoft Corporation, Kernel CSA Library)
0xF43E7000 C:\WINDOWS\System32\drivers\afd.sys 139264 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)
0x806E5000 ACPI_HAL 134400 bytes
0x806E5000 C:\WINDOWS\system32\hal.dll 134400 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)
0xF741F000 fltmgr.sys 131072 bytes (Microsoft Corporation, Microsoft Filesystem Filter Manager)
0xF747D000 ftdisk.sys 126976 bytes (Microsoft Corporation, FT Disk Driver)
0xF422C000 C:\WINDOWS\System32\Drivers\tosrfbd.sys 114688 bytes (TOSHIBA CORPORATION, Bluetooth RF Bus Driver)
0xF7322000 Mup.sys 106496 bytes (Microsoft Corporation, Multiple UNC Provider driver)
0xF743F000 atapi.sys 98304 bytes (Microsoft Corporation, IDE/ATAPI Port Driver)
0xF41C4000 C:\WINDOWS\System32\Drivers\dump_atapi.sys 98304 bytes
0xF73F6000 KSecDD.sys 94208 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)
0xF66D9000 C:\WINDOWS\system32\DRIVERS\ndiswan.sys 94208 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))
0xBA482000 C:\WINDOWS\system32\DRIVERS\irda.sys 90112 bytes (Microsoft Corporation, IRDA Protocol Driver)
0xBA46C000 C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys 90112 bytes (Microsoft Corporation, NWLINK2 IPX Protocol Driver)
0xB990A000 C:\WINDOWS\system32\drivers\wdmaud.sys 86016 bytes (Microsoft Corporation, MMSYSTEM Wave/Midi API mapper)
0xF67BF000 C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys 81920 bytes (Realtek Semiconductor Corporation , Realtek 10/100/1000 NDIS 5.1 Driver )
0xF6787000 C:\WINDOWS\system32\DRIVERS\sdbus.sys 81920 bytes (Microsoft Corporation, SecureDigital Bus Driver)
0xF67FB000 C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS 81920 bytes (Microsoft Corporation, Video Port Driver)
0xBF000000 C:\WINDOWS\System32\drivers\dxg.sys 73728 bytes (Microsoft Corporation, DirectX Graphics Driver)
0xF740D000 sr.sys 73728 bytes (Microsoft Corporation, System Restore Filesystem Filter Driver)
0xF749C000 pci.sys 69632 bytes (Microsoft Corporation, NT Plug and Play PCI Enumerator)
0xF6628000 C:\WINDOWS\system32\DRIVERS\psched.sys 69632 bytes (Microsoft Corporation, MS QoS Packet Scheduler)
0xF771C000 C:\WINDOWS\System32\Drivers\Cdfs.SYS 65536 bytes (Microsoft Corporation, CD-ROM File System Driver)
0xF77CC000 C:\WINDOWS\system32\DRIVERS\cdrom.sys 65536 bytes (Microsoft Corporation, SCSI CD-ROM Driver)
0xF430C000 C:\WINDOWS\system32\DRIVERS\nwlnknb.sys 65536 bytes (Microsoft Corporation, NWLINK2 IPX Netbios Protocol Driver)
0xF75EC000 ohci1394.sys 65536 bytes (Microsoft Corporation, 1394 OpenHCI Port Driver)
0xF77EC000 C:\WINDOWS\System32\Drivers\tosrfcom.sys 65536 bytes (TOSHIBA Corporation, Bluetooth RFCOMM Driver)
0xF772C000 C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys 65536 bytes (TOSHIBA Corporation., Bluetooth HID Driver from TOSHIBA)
0xF768C000 C:\WINDOWS\system32\drivers\drmk.sys 61440 bytes (Microsoft Corporation, Microsoft Kernel DRM Descrambler Filter)
0xF77DC000 C:\WINDOWS\system32\DRIVERS\redbook.sys 61440 bytes (Microsoft Corporation, Redbook Audio Filter Driver)
0xBA2C4000 C:\WINDOWS\system32\drivers\sysaudio.sys 61440 bytes (Microsoft Corporation, System Audio WDM Filter)
0xF769C000 C:\WINDOWS\system32\DRIVERS\usbhub.sys 61440 bytes (Microsoft Corporation, Default Hub Driver for USB)
0xF75FC000 C:\WINDOWS\system32\DRIVERS\1394BUS.SYS 57344 bytes (Microsoft Corporation, 1394 Bus Device Driver)
0xF42DC000 C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys 57344 bytes (Microsoft Corporation, NWLINK2 SPX Protocol Driver)
0xF763C000 C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS 53248 bytes (Microsoft Corporation, SCSI Class System Dll)
0xF779C000 C:\WINDOWS\system32\DRIVERS\i8042prt.sys 53248 bytes (Microsoft Corporation, i8042 Port Driver)
0xF77FC000 C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 53248 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)
0xF778C000 C:\WINDOWS\system32\DRIVERS\rimsptsk.sys 53248 bytes (REDC, RICOH MS Driver)
0xF76FC000 C:\WINDOWS\System32\Drivers\STREAM.SYS 53248 bytes (Microsoft Corporation, WDM CODEC Class Device Driver 2.0)
0xF761C000 VolSnap.sys 53248 bytes (Microsoft Corporation, Volume Shadow Copy Driver)
0xF781C000 C:\WINDOWS\system32\DRIVERS\raspptp.sys 49152 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)
0xF77AC000 C:\WINDOWS\system32\DRIVERS\smcirda.sys 49152 bytes (SMSC, SMSC IrCC NDIS 5.0 IrDA FIR Device Driver)
0xF784C000 C:\WINDOWS\system32\DRIVERS\tosporte.sys 49152 bytes (TOSHIBA Corporation, TOSHIBA Bluetooth Port Emulation Driver)
0xF76DC000 C:\WINDOWS\System32\Drivers\Fips.SYS 45056 bytes (Microsoft Corporation, FIPS Crypto Driver)
0xF77BC000 C:\WINDOWS\system32\DRIVERS\imapi.sys 45056 bytes (Microsoft Corporation, IMAPI Kernel Driver)
0xF760C000 MountMgr.sys 45056 bytes (Microsoft Corporation, Mount Manager)
0xF780C000 C:\WINDOWS\system32\DRIVERS\raspppoe.sys 45056 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)
0xF777C000 C:\WINDOWS\system32\DRIVERS\intelppm.sys 40960 bytes (Microsoft Corporation, Processor Device Driver)
0xF75DC000 isapnp.sys 40960 bytes (Microsoft Corporation, PNP ISA Bus Driver)
0xF767C000 C:\WINDOWS\System32\Drivers\NDProxy.SYS 40960 bytes (Microsoft Corporation, NDIS Proxy)
0xF783C000 C:\WINDOWS\system32\DRIVERS\termdd.sys 40960 bytes (Microsoft Corporation, Terminal Server Driver)
0xF773C000 C:\WINDOWS\System32\Drivers\tosrfbnp.sys 40960 bytes (TOSHIBA Corporation, Bluetooth RFBNEP Driver)
0xF76CC000 C:\WINDOWS\System32\Drivers\tosrfusb.sys 40960 bytes (TOSHIBA CORPORATION, Bluetooth USB Miniport Driver)
0xB924E000 C:\WINDOWS\System32\Drivers\BlackBox.SYS 36864 bytes (RKU Driver)
0xF762C000 disk.sys 36864 bytes (Microsoft Corporation, PnP Disk Driver)
0xF76EC000 C:\WINDOWS\system32\DRIVERS\HIDCLASS.SYS 36864 bytes (Microsoft Corporation, Hid Class Library)
0xF782C000 C:\WINDOWS\system32\DRIVERS\msgpc.sys 36864 bytes (Microsoft Corporation, MS General Packet Classifier)
0xF76BC000 C:\WINDOWS\system32\DRIVERS\netbios.sys 36864 bytes (Microsoft Corporation, NetBIOS interface driver)
!!!!!!!!!!!Hidden driver: 0xF448A000 IPSec 32896 bytes
0xF7974000 C:\WINDOWS\System32\Drivers\Npfs.SYS 32768 bytes (Microsoft Corporation, NPFS Driver)
0xF78FC000 C:\WINDOWS\system32\DRIVERS\usbehci.sys 32768 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver)
0xF797C000 C:\WINDOWS\system32\DRIVERS\HIDPARSE.SYS 28672 bytes (Microsoft Corporation, Hid Parsing Library)
0xF785C000 C:\WINDOWS\system32\DRIVERS\PCIIDEX.SYS 28672 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension)
0xF7904000 C:\WINDOWS\system32\DRIVERS\rimmptsk.sys 28672 bytes (REDC, RICOH MMC Driver)
0xF7984000 C:\WINDOWS\System32\Drivers\USBCAMD2.SYS 28672 bytes (Microsoft Corporation, Universal Serial Bus Camera Driver)
0xF79B4000 C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 28672 bytes (Microsoft Corporation, USB Mass Storage Class Driver)
0xF790C000 C:\WINDOWS\system32\DRIVERS\kbdclass.sys 24576 bytes (Microsoft Corporation, Keyboard Class Driver)
0xF7914000 C:\WINDOWS\system32\DRIVERS\mouclass.sys 24576 bytes (Microsoft Corporation, Mouse Class Driver)
0xF78F4000 C:\WINDOWS\system32\DRIVERS\usbuhci.sys 24576 bytes (Microsoft Corporation, UHCI USB Miniport Driver)
0xF7964000 C:\WINDOWS\System32\drivers\vga.sys 24576 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)
0xF796C000 C:\WINDOWS\System32\Drivers\Msfs.SYS 20480 bytes (Microsoft Corporation, Mailslot driver)
0xF7864000 PartMgr.sys 20480 bytes (Microsoft Corporation, Partition Manager)
0xF792C000 C:\WINDOWS\system32\DRIVERS\ptilink.sys 20480 bytes (Parallel Technologies, Inc., Parallel Technologies DirectParallel IO Library)
0xF791C000 C:\WINDOWS\system32\DRIVERS\rasirda.sys 20480 bytes (Microsoft Corporation, IrDA WAN Miniport Driver)
0xF7934000 C:\WINDOWS\system32\DRIVERS\raspti.sys 20480 bytes (Microsoft Corporation, PTI DirectParallel(R) mini-port/call-manager driver)
0xF7924000 C:\WINDOWS\system32\DRIVERS\TDI.SYS 20480 bytes (Microsoft Corporation, TDI Wrapper)
0xF798C000 C:\WINDOWS\System32\watchdog.sys 20480 bytes (Microsoft Corporation, Watchdog Driver)
0xF79F4000 C:\WINDOWS\system32\DRIVERS\BATTC.SYS 16384 bytes (Microsoft Corporation, Battery Class Driver)
0xF7ACC000 C:\WINDOWS\system32\DRIVERS\CmBatt.sys 16384 bytes (Microsoft Corporation, Control Method Battery Driver)
0xF72EA000 C:\WINDOWS\system32\DRIVERS\mssmbios.sys 16384 bytes (Microsoft Corporation, System Management BIOS Driver)
0xBA500000 C:\WINDOWS\system32\DRIVERS\ndisuio.sys 16384 bytes (Microsoft Corporation, NDIS User mode I/O Driver)
0xF79F8000 ACPIEC.sys 12288 bytes (Microsoft Corporation, Ovladač vloženého řadiče ACPI)
0xF7AD0000 C:\WINDOWS\system32\drivers\atkkbnt.sys 12288 bytes (ASUSTeK COMPUTER INC., ASUS Help driver For Keyboard Service.)
0xF79EC000 C:\WINDOWS\system32\BOOTVID.dll 12288 bytes (Microsoft Corporation, VGA Boot Driver)
0xF79F0000 compbatt.sys 12288 bytes (Microsoft Corporation, Composite Battery Driver)
0xF424C000 C:\WINDOWS\System32\drivers\Dxapi.sys 12288 bytes (Microsoft Corporation, DirectX API Driver)
0xF7AA0000 C:\WINDOWS\system32\DRIVERS\hidusb.sys 12288 bytes (Microsoft Corporation, USB Miniport Driver for Input Devices)
0xF7AC0000 C:\WINDOWS\system32\DRIVERS\irenum.sys 12288 bytes (Microsoft Corporation, Infra-Red Bus Enumerator)
0xF66FC000 C:\WINDOWS\system32\DRIVERS\mouhid.sys 12288 bytes (Microsoft Corporation, HID Mouse Filter Driver)
0xF7AD8000 C:\WINDOWS\system32\DRIVERS\ndistapi.sys 12288 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)
0xF7A88000 C:\WINDOWS\system32\DRIVERS\rasacd.sys 12288 bytes (Microsoft Corporation, RAS Automatic Connection Driver)
0xF7AFE000 C:\WINDOWS\System32\Drivers\Beep.SYS 8192 bytes (Microsoft Corporation, BEEP Driver)
0xF7AE0000 dmload.sys 8192 bytes (Microsoft Corp., Veritas Software., NT Disk Manager Startup Driver)
0xF7B06000 C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS 8192 bytes
0xF7AFC000 C:\WINDOWS\System32\Drivers\Fs_Rec.SYS 8192 bytes (Microsoft Corporation, File System Recognizer Driver)
0xF7ADC000 C:\WINDOWS\system32\KDCOM.DLL 8192 bytes (Microsoft Corporation, Kernel Debugger HW Extension DLL)
0xF7B00000 C:\WINDOWS\System32\Drivers\mnmdd.SYS 8192 bytes (Microsoft Corporation, Frame buffer simulator)
0xF7B02000 C:\WINDOWS\System32\DRIVERS\RDPCDD.sys 8192 bytes (Microsoft Corporation, RDP Miniport)
0xF7AF6000 C:\WINDOWS\system32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)
0xF7AFA000 C:\WINDOWS\system32\DRIVERS\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver)
0xF7ADE000 C:\WINDOWS\system32\DRIVERS\WMILIB.SYS 8192 bytes (Microsoft Corporation, WMILIB WMI support library Dll)
0xF7D0F000 C:\WINDOWS\system32\DRIVERS\audstub.sys 4096 bytes (Microsoft Corporation, AudStub Driver)
0xF7CE2000 C:\WINDOWS\System32\drivers\dxgthk.sys 4096 bytes (Microsoft Corporation, DirectX Graphics Driver Thunk)
0xF7C4D000 C:\WINDOWS\System32\Drivers\Null.SYS 4096 bytes (Microsoft Corporation, NULL Driver)
0xF7BA5000 C:\WINDOWS\system32\DRIVERS\OPRGHDLR.SYS 4096 bytes (Microsoft Corporation, ACPI Operation Registration Driver)
0xF7BA4000 pciide.sys 4096 bytes (Microsoft Corporation, Generic PCI IDE Bus Driver)
==============================================
>Stealth
==============================================
==============================================
>Files
==============================================
!-->[Hidden] C:\Documents and Settings\All Users\Data aplikací\Real\setup\config.ini::$DATA
!-->[Hidden] C:\Unreal Commander\ini backup.txt:bak:$DATA
!-->[Hidden] C:\Unreal Commander\ini backup.txt:Uncom.bar 146:$DATA
!-->[Hidden] C:\Unreal Commander\ini backup.txt:Uncom.ini 179:$DATA
!-->[Hidden] C:\Unreal Commander\ini backup.txt:Uncomstyles.ini 60:$DATA
==============================================
>Hooks
==============================================
ntkrnlpa.exe+0x0006ECEE, Type: Inline - RelativeJump 0x80545CEE-->80545CF5 [ntkrnlpa.exe]
[1864]explorer.exe-->advapi32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77DC1218-->5D067774 [shimeng.dll]
[1864]explorer.exe-->crypt32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77A71188-->5D067774 [shimeng.dll]
[1864]explorer.exe-->gdi32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x77F110B4-->5D067774 [shimeng.dll]
[1864]explorer.exe-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x01001268-->5D067774 [shimeng.dll]
[1864]explorer.exe-->shell32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x7C9C15A4-->5D067774 [shimeng.dll]
[1864]explorer.exe-->user32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x7E36133C-->5D067774 [shimeng.dll]
[1864]explorer.exe-->wininet.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x40C014B0-->5D067774 [shimeng.dll]
[1864]explorer.exe-->ws2_32.dll-->kernel32.dll-->GetProcAddress, Type: IAT modification 0x71A9109C-->5D067774 [shimeng.dll]
!!POSSIBLE ROOTKIT ACTIVITY DETECTED!! =)
Přispějete na provoz fóra?