Preventivka

Zpráva

oky.2 · #16 Příspěvek od **oky.2** » 22 lis 2011 21:20

21:19:08.0406 0888 TDSS rootkit removing tool 2.6.20.0 Nov 22 2011 12:05:55
21:19:08.0578 0888 ============================================================
21:19:08.0578 0888 Current date / time: 2011/11/22 21:19:08.0578
21:19:08.0578 0888 SystemInfo:
21:19:08.0578 0888
21:19:08.0578 0888 OS Version: 5.1.2600 ServicePack: 3.0
21:19:08.0578 0888 Product type: Workstation
21:19:08.0578 0888 ComputerName: MARTINS
21:19:08.0578 0888 UserName: Martin
21:19:08.0578 0888 Windows directory: C:\WINDOWS
21:19:08.0578 0888 System windows directory: C:\WINDOWS
21:19:08.0578 0888 Processor architecture: Intel x86
21:19:08.0578 0888 Number of processors: 1
21:19:08.0578 0888 Page size: 0x1000
21:19:08.0578 0888 Boot type: Normal boot
21:19:08.0578 0888 ============================================================
21:19:09.0140 0888 Initialize success
21:19:12.0062 2432 ============================================================
21:19:12.0062 2432 Scan started
21:19:12.0062 2432 Mode: Manual;
21:19:12.0062 2432 ============================================================
21:19:12.0406 2432 Abiosdsk - ok
21:19:12.0421 2432 abp480n5 - ok
21:19:12.0468 2432 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:19:12.0468 2432 ACPI - ok
21:19:12.0515 2432 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
21:19:12.0515 2432 ACPIEC - ok
21:19:12.0546 2432 adpu160m - ok
21:19:12.0593 2432 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
21:19:12.0593 2432 aec - ok
21:19:12.0656 2432 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
21:19:12.0671 2432 AFD - ok
21:19:12.0734 2432 Aha154x - ok
21:19:12.0750 2432 aic78u2 - ok
21:19:12.0765 2432 aic78xx - ok
21:19:12.0906 2432 ALCXWDM (dd8520280304b6145a6be31008748c7c) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
21:19:13.0015 2432 ALCXWDM - ok
21:19:13.0031 2432 AliIde - ok
21:19:13.0046 2432 amsint - ok
21:19:13.0078 2432 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
21:19:13.0093 2432 Arp1394 - ok
21:19:13.0109 2432 asc - ok
21:19:13.0125 2432 asc3350p - ok
21:19:13.0140 2432 asc3550 - ok
21:19:13.0203 2432 Aspi32 (b979979ab8027f7f53fb16ec4229b7db) C:\WINDOWS\system32\drivers\Aspi32.sys
21:19:13.0265 2432 Aspi32 - ok
21:19:13.0296 2432 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:19:13.0296 2432 AsyncMac - ok
21:19:13.0328 2432 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
21:19:13.0343 2432 atapi - ok
21:19:13.0343 2432 Atdisk - ok
21:19:13.0359 2432 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:19:13.0375 2432 Atmarpc - ok
21:19:13.0421 2432 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
21:19:13.0421 2432 audstub - ok
21:19:13.0453 2432 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
21:19:13.0453 2432 Beep - ok
21:19:13.0468 2432 catchme - ok
21:19:13.0500 2432 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
21:19:13.0515 2432 cbidf2k - ok
21:19:13.0515 2432 cd20xrnt - ok
21:19:13.0562 2432 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
21:19:13.0562 2432 Cdaudio - ok
21:19:13.0593 2432 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
21:19:13.0593 2432 Cdfs - ok
21:19:13.0625 2432 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:19:13.0625 2432 Cdrom - ok
21:19:13.0656 2432 Changer - ok
21:19:13.0671 2432 CmdIde - ok
21:19:13.0703 2432 Cpqarray - ok
21:19:13.0843 2432 cpuz130 - ok
21:19:13.0906 2432 cpuz135 (c2eb4539a4f6ab6edd01bdc191619975) C:\WINDOWS\system32\drivers\cpuz135_x32.sys
21:19:13.0906 2432 cpuz135 - ok
21:19:13.0937 2432 dac2w2k - ok
21:19:13.0953 2432 dac960nt - ok
21:19:13.0984 2432 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
21:19:13.0984 2432 Disk - ok
21:19:14.0031 2432 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
21:19:14.0046 2432 dmboot - ok
21:19:14.0109 2432 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
21:19:14.0125 2432 dmio - ok
21:19:14.0156 2432 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
21:19:14.0156 2432 dmload - ok
21:19:14.0187 2432 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
21:19:14.0187 2432 DMusic - ok
21:19:14.0203 2432 dpti2o - ok
21:19:14.0218 2432 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
21:19:14.0218 2432 drmkaud - ok
21:19:14.0250 2432 ElbyCDFL (c61c83501268b0110b5c5db7e63dee0c) C:\WINDOWS\system32\Drivers\ElbyCDFL.sys
21:19:14.0250 2432 ElbyCDFL - ok
21:19:14.0281 2432 ElbyCDIO (aaa8999a169e39fb8b48ae49cd6ac30a) C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
21:19:14.0281 2432 ElbyCDIO - ok
21:19:14.0328 2432 ENTECH (16ebd8bf1d5090923694cc972c7ce1b4) C:\WINDOWS\system32\DRIVERS\ENTECH.sys
21:19:14.0328 2432 ENTECH - ok
21:19:14.0375 2432 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
21:19:14.0390 2432 Fastfat - ok
21:19:14.0421 2432 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
21:19:14.0437 2432 Fdc - ok
21:19:14.0484 2432 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
21:19:14.0484 2432 Fips - ok
21:19:14.0515 2432 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
21:19:14.0531 2432 Flpydisk - ok
21:19:14.0578 2432 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
21:19:14.0578 2432 FltMgr - ok
21:19:14.0593 2432 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:19:14.0593 2432 Fs_Rec - ok
21:19:14.0625 2432 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:19:14.0625 2432 Ftdisk - ok
21:19:14.0656 2432 ggflt (007aea2e06e7cef7372e40c277163959) C:\WINDOWS\system32\DRIVERS\ggflt.sys
21:19:14.0656 2432 ggflt - ok
21:19:14.0671 2432 ggsemc (c73de35960ca75c5ab4ae636b127c64e) C:\WINDOWS\system32\DRIVERS\ggsemc.sys
21:19:14.0671 2432 ggsemc - ok
21:19:14.0718 2432 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:19:14.0718 2432 Gpc - ok
21:19:14.0812 2432 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:19:14.0812 2432 hidusb - ok
21:19:14.0843 2432 hpn - ok
21:19:14.0875 2432 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
21:19:14.0890 2432 HTTP - ok
21:19:14.0937 2432 i2omgmt - ok
21:19:14.0953 2432 i2omp - ok
21:19:14.0984 2432 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
21:19:14.0984 2432 i8042prt - ok
21:19:15.0015 2432 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
21:19:15.0015 2432 Imapi - ok
21:19:15.0062 2432 InCDfs (b7087e20a32a87d3830ecf8fc7fa3ffb) C:\WINDOWS\system32\drivers\InCDFs.sys
21:19:15.0062 2432 InCDfs - ok
21:19:15.0093 2432 InCDPass (e5beb5e6129656bdc747e729d3402d36) C:\WINDOWS\system32\drivers\InCDPass.sys
21:19:15.0093 2432 InCDPass - ok
21:19:15.0156 2432 InCDRec (2e7e1f9d6567da65bf872ccea5ae51d9) C:\WINDOWS\system32\drivers\InCDRec.sys
21:19:15.0171 2432 InCDRec - ok
21:19:15.0187 2432 incdrm (9d1c434319a19a4712c25e662ca92ab7) C:\WINDOWS\system32\drivers\InCDRm.sys
21:19:15.0203 2432 incdrm - ok
21:19:15.0218 2432 ini910u - ok
21:19:15.0234 2432 IntelIde - ok
21:19:15.0281 2432 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
21:19:15.0281 2432 Ip6Fw - ok
21:19:15.0312 2432 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:19:15.0312 2432 IpFilterDriver - ok
21:19:15.0343 2432 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:19:15.0343 2432 IpInIp - ok
21:19:15.0375 2432 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:19:15.0375 2432 IpNat - ok
21:19:15.0390 2432 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:19:15.0390 2432 IPSec - ok
21:19:15.0421 2432 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
21:19:15.0421 2432 irda - ok
21:19:15.0453 2432 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
21:19:15.0453 2432 IRENUM - ok
21:19:15.0484 2432 irsir (0501f0b9ab08425f8c0eacbdcc04aa32) C:\WINDOWS\system32\DRIVERS\irsir.sys
21:19:15.0484 2432 irsir - ok
21:19:15.0500 2432 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:19:15.0500 2432 isapnp - ok
21:19:15.0531 2432 k510bus (b1fe6feac5a501c89057a69c9f5e9d1f) C:\WINDOWS\system32\DRIVERS\k510bus.sys
21:19:15.0546 2432 k510bus - ok
21:19:15.0562 2432 k510mdfl (7a4ecca08560e8ff330acaa4128af7b0) C:\WINDOWS\system32\DRIVERS\k510mdfl.sys
21:19:15.0562 2432 k510mdfl - ok
21:19:15.0593 2432 k510mdm (094d532b727030c3b8b6bd3b743d9526) C:\WINDOWS\system32\DRIVERS\k510mdm.sys
21:19:15.0593 2432 k510mdm - ok
21:19:15.0625 2432 k510mgmt (ad67bfa00ba39c65551338ee001cdddd) C:\WINDOWS\system32\DRIVERS\k510mgmt.sys
21:19:15.0625 2432 k510mgmt - ok
21:19:15.0671 2432 k510obex (7d5094b00a47d871a48d035beb3a0922) C:\WINDOWS\system32\DRIVERS\k510obex.sys
21:19:15.0671 2432 k510obex - ok
21:19:15.0750 2432 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:19:15.0750 2432 Kbdclass - ok
21:19:15.0812 2432 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
21:19:15.0812 2432 kbdhid - ok
21:19:15.0859 2432 KL1 (94d67d49bd9503bb1d838405d80f2058) C:\WINDOWS\system32\DRIVERS\kl1.sys
21:19:15.0859 2432 KL1 - ok
21:19:15.0890 2432 kl2 (713576569667ac9e0f8556076004a96b) C:\WINDOWS\system32\DRIVERS\kl2.sys
21:19:15.0890 2432 kl2 - ok
21:19:15.0953 2432 KLIF (44ec6b3dbe167c7fa818f9918d2cbf22) C:\WINDOWS\system32\DRIVERS\klif.sys
21:19:16.0000 2432 KLIF - ok
21:19:16.0046 2432 klim5 (8d6e11bfa9927978d25b1b8029554f07) C:\WINDOWS\system32\DRIVERS\klim5.sys
21:19:16.0046 2432 klim5 - ok
21:19:16.0062 2432 klmouflt (3959530f69e19da56f1f24f2c89f1e2c) C:\WINDOWS\system32\DRIVERS\klmouflt.sys
21:19:16.0062 2432 klmouflt - ok
21:19:16.0093 2432 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
21:19:16.0093 2432 kmixer - ok
21:19:16.0140 2432 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
21:19:16.0140 2432 KSecDD - ok
21:19:16.0171 2432 lbrtfdc - ok
21:19:16.0203 2432 MBAMSwissArmy - ok
21:19:16.0234 2432 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
21:19:16.0234 2432 mnmdd - ok
21:19:16.0281 2432 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
21:19:16.0281 2432 Modem - ok
21:19:16.0312 2432 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:19:16.0312 2432 Mouclass - ok
21:19:16.0343 2432 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:19:16.0359 2432 mouhid - ok
21:19:16.0359 2432 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
21:19:16.0375 2432 MountMgr - ok
21:19:16.0390 2432 mraid35x - ok
21:19:16.0421 2432 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:19:16.0421 2432 MRxDAV - ok
21:19:16.0468 2432 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:19:16.0484 2432 MRxSmb - ok
21:19:16.0546 2432 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
21:19:16.0546 2432 Msfs - ok
21:19:16.0578 2432 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:19:16.0578 2432 MSKSSRV - ok
21:19:16.0656 2432 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:19:16.0656 2432 MSPCLOCK - ok
21:19:16.0671 2432 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
21:19:16.0671 2432 MSPQM - ok
21:19:16.0703 2432 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:19:16.0718 2432 mssmbios - ok
21:19:16.0750 2432 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
21:19:16.0750 2432 Mup - ok
21:19:16.0781 2432 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
21:19:16.0781 2432 NDIS - ok
21:19:16.0812 2432 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:19:16.0828 2432 NdisTapi - ok
21:19:16.0859 2432 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:19:16.0859 2432 Ndisuio - ok
21:19:16.0890 2432 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:19:16.0890 2432 NdisWan - ok
21:19:16.0921 2432 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
21:19:16.0921 2432 NDProxy - ok
21:19:16.0937 2432 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
21:19:16.0937 2432 NetBIOS - ok
21:19:16.0968 2432 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
21:19:16.0968 2432 NetBT - ok
21:19:17.0015 2432 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
21:19:17.0015 2432 NIC1394 - ok
21:19:17.0046 2432 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
21:19:17.0062 2432 Npfs - ok
21:19:17.0093 2432 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
21:19:17.0140 2432 Ntfs - ok
21:19:17.0171 2432 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
21:19:17.0171 2432 Null - ok
21:19:17.0531 2432 nv (6733e80a193fc36f41c24142b0c45c0e) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
21:19:17.0828 2432 nv - ok
21:19:17.0875 2432 NVENETFD (7d275ecda4628318912f6c945d5cf963) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
21:19:17.0875 2432 NVENETFD - ok
21:19:17.0890 2432 nvgts (75e2e77c5497f34e60491d27bf03f1cb) C:\WINDOWS\system32\DRIVERS\nvgts.sys
21:19:17.0906 2432 nvgts - ok
21:19:17.0921 2432 nvnetbus (b64aacefad2be5bff5353fe681253c67) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
21:19:17.0921 2432 nvnetbus - ok
21:19:17.0968 2432 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:19:17.0968 2432 NwlnkFlt - ok
21:19:18.0031 2432 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:19:18.0031 2432 NwlnkFwd - ok
21:19:18.0046 2432 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
21:19:18.0062 2432 ohci1394 - ok
21:19:18.0109 2432 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
21:19:18.0109 2432 Parport - ok
21:19:18.0125 2432 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
21:19:18.0140 2432 PartMgr - ok
21:19:18.0156 2432 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
21:19:18.0171 2432 ParVdm - ok
21:19:18.0171 2432 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
21:19:18.0187 2432 PCI - ok
21:19:18.0203 2432 PCIDump - ok
21:19:18.0218 2432 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
21:19:18.0234 2432 PCIIde - ok
21:19:18.0265 2432 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
21:19:18.0265 2432 Pcmcia - ok
21:19:18.0296 2432 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\WINDOWS\system32\Drivers\pcouffin.sys
21:19:18.0296 2432 pcouffin - ok
21:19:18.0312 2432 PDCOMP - ok
21:19:18.0328 2432 PDFRAME - ok
21:19:18.0343 2432 PDRELI - ok
21:19:18.0359 2432 PDRFRAME - ok
21:19:18.0375 2432 perc2 - ok
21:19:18.0390 2432 perc2hib - ok
21:19:18.0437 2432 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:19:18.0453 2432 PptpMiniport - ok
21:19:18.0468 2432 Processor (7eb15dce4ec3a0220bd796a15c18186e) C:\WINDOWS\system32\DRIVERS\processr.sys
21:19:18.0468 2432 Processor - ok
21:19:18.0500 2432 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
21:19:18.0500 2432 PSched - ok
21:19:18.0515 2432 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:19:18.0531 2432 Ptilink - ok
21:19:18.0531 2432 ql1080 - ok
21:19:18.0546 2432 Ql10wnt - ok
21:19:18.0562 2432 ql12160 - ok
21:19:18.0578 2432 ql1240 - ok
21:19:18.0593 2432 ql1280 - ok
21:19:18.0625 2432 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:19:18.0625 2432 RasAcd - ok
21:19:18.0671 2432 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
21:19:18.0687 2432 Rasirda - ok
21:19:18.0703 2432 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:19:18.0718 2432 Rasl2tp - ok
21:19:18.0750 2432 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:19:18.0750 2432 RasPppoe - ok
21:19:18.0765 2432 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
21:19:18.0765 2432 Raspti - ok
21:19:18.0812 2432 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:19:18.0812 2432 Rdbss - ok
21:19:18.0828 2432 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:19:18.0828 2432 RDPCDD - ok
21:19:18.0875 2432 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
21:19:18.0875 2432 RDPWD - ok
21:19:18.0906 2432 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
21:19:18.0906 2432 redbook - ok
21:19:18.0968 2432 RSUSBSTOR (6b065c88a4c05cf44793ac2bfc331ac5) C:\WINDOWS\system32\Drivers\RtsUStor.sys
21:19:18.0968 2432 RSUSBSTOR - ok
21:19:19.0046 2432 se45bus (531ebc57db331c8500c042d9f8a6aef2) C:\WINDOWS\system32\DRIVERS\se45bus.sys
21:19:19.0046 2432 se45bus - ok
21:19:19.0093 2432 se45mdfl (148e7e813681d3a0a05f09826080cc2b) C:\WINDOWS\system32\DRIVERS\se45mdfl.sys
21:19:19.0093 2432 se45mdfl - ok
21:19:19.0171 2432 se45mdm (b4ce022564d0d3fd7b0e5459aa12aa72) C:\WINDOWS\system32\DRIVERS\se45mdm.sys
21:19:19.0171 2432 se45mdm - ok
21:19:19.0203 2432 se45mgmt (6d04ea9c049ebd78d64ade447de3f7eb) C:\WINDOWS\system32\DRIVERS\se45mgmt.sys
21:19:19.0203 2432 se45mgmt - ok
21:19:19.0234 2432 se45nd5 (fdc74beaa13a801fac574bc7af1450c4) C:\WINDOWS\system32\DRIVERS\se45nd5.sys
21:19:19.0234 2432 se45nd5 - ok
21:19:19.0265 2432 se45obex (5e003693822460d37516d9a262de9e11) C:\WINDOWS\system32\DRIVERS\se45obex.sys
21:19:19.0265 2432 se45obex - ok
21:19:19.0296 2432 se45unic (fc7021adb632200da591a55a35a78acc) C:\WINDOWS\system32\DRIVERS\se45unic.sys
21:19:19.0296 2432 se45unic - ok
21:19:19.0328 2432 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:19:19.0328 2432 Secdrv - ok
21:19:19.0359 2432 seehcri (e5b56569a9f79b70314fede6c953641e) C:\WINDOWS\system32\DRIVERS\seehcri.sys
21:19:19.0375 2432 seehcri - ok
21:19:19.0390 2432 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
21:19:19.0390 2432 serenum - ok
21:19:19.0406 2432 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
21:19:19.0421 2432 Serial - ok
21:19:19.0468 2432 sfdrv01 (4c0d673281178cb496011a2e28571fc8) C:\WINDOWS\system32\drivers\sfdrv01.sys
21:19:19.0484 2432 sfdrv01 - ok
21:19:19.0515 2432 sfhlp02 (15be2b5e4dc5b8623cf167720682abc9) C:\WINDOWS\system32\drivers\sfhlp02.sys
21:19:19.0515 2432 sfhlp02 - ok
21:19:19.0531 2432 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
21:19:19.0546 2432 Sfloppy - ok
21:19:19.0562 2432 sfvfs02 (9ef50060cc7e6953bab83f2a42ccc421) C:\WINDOWS\system32\drivers\sfvfs02.sys
21:19:19.0578 2432 sfvfs02 - ok
21:19:19.0593 2432 Simbad - ok
21:19:19.0625 2432 Sparrow - ok
21:19:19.0640 2432 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
21:19:19.0640 2432 splitter - ok
21:19:19.0687 2432 sptd (d15da1ba189770d93eea2d7e18f95af9) C:\WINDOWS\system32\Drivers\sptd.sys
21:19:19.0718 2432 sptd - ok
21:19:19.0765 2432 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
21:19:19.0781 2432 sr - ok
21:19:19.0828 2432 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
21:19:19.0828 2432 Srv - ok
21:19:19.0859 2432 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
21:19:19.0859 2432 swenum - ok
21:19:19.0890 2432 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
21:19:19.0890 2432 swmidi - ok
21:19:19.0906 2432 symc810 - ok
21:19:19.0921 2432 symc8xx - ok
21:19:19.0937 2432 sym_hi - ok
21:19:19.0953 2432 sym_u3 - ok
21:19:19.0968 2432 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
21:19:19.0968 2432 sysaudio - ok
21:19:20.0031 2432 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:19:20.0046 2432 Tcpip - ok
21:19:20.0109 2432 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
21:19:20.0109 2432 TDPIPE - ok
21:19:20.0125 2432 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
21:19:20.0125 2432 TDTCP - ok
21:19:20.0140 2432 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
21:19:20.0140 2432 TermDD - ok
21:19:20.0171 2432 TosIde - ok
21:19:20.0218 2432 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
21:19:20.0234 2432 Udfs - ok
21:19:20.0250 2432 ultra - ok
21:19:20.0281 2432 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
21:19:20.0296 2432 Update - ok
21:19:20.0328 2432 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:19:20.0328 2432 usbccgp - ok
21:19:20.0359 2432 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:19:20.0359 2432 usbehci - ok
21:19:20.0390 2432 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:19:20.0390 2432 usbhub - ok
21:19:20.0421 2432 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
21:19:20.0437 2432 usbohci - ok
21:19:20.0453 2432 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
21:19:20.0468 2432 usbprint - ok
21:19:20.0484 2432 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:19:20.0484 2432 usbscan - ok
21:19:20.0500 2432 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:19:20.0500 2432 usbstor - ok
21:19:20.0531 2432 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
21:19:20.0531 2432 VgaSave - ok
21:19:20.0546 2432 ViaIde - ok
21:19:20.0562 2432 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
21:19:20.0562 2432 VolSnap - ok
21:19:20.0609 2432 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:19:20.0609 2432 Wanarp - ok
21:19:20.0656 2432 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
21:19:20.0671 2432 Wdf01000 - ok
21:19:20.0718 2432 WDICA - ok
21:19:20.0734 2432 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
21:19:20.0750 2432 wdmaud - ok
21:19:20.0828 2432 WpdUsb (c60dc16d4e406810fad54b98dc92d5ec) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
21:19:20.0843 2432 WpdUsb - ok
21:19:20.0875 2432 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
21:19:20.0875 2432 WS2IFSL - ok
21:19:20.0890 2432 WsAudioDevice_383 (85ece26f326c2d07ba77a60343468272) C:\WINDOWS\system32\drivers\WsAudioDevice_383.sys
21:19:20.0906 2432 WsAudioDevice_383 - ok
21:19:20.0953 2432 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
21:19:20.0953 2432 WudfPf - ok
21:19:21.0015 2432 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
21:19:21.0015 2432 WudfRd - ok
21:19:21.0062 2432 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} - ok
21:19:21.0093 2432 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
21:19:21.0093 2432 \Device\Harddisk0\DR0 - ok
21:19:21.0109 2432 Boot (0x1200) (4121ae2b48eb7b12fd4cb517b22d44ec) \Device\Harddisk0\DR0\Partition0
21:19:21.0109 2432 \Device\Harddisk0\DR0\Partition0 - ok
21:19:21.0125 2432 Boot (0x1200) (d710b7ae6e8aedaee060017cb77ab8cb) \Device\Harddisk0\DR0\Partition1
21:19:21.0125 2432 \Device\Harddisk0\DR0\Partition1 - ok
21:19:21.0156 2432 Boot (0x1200) (eb136d95985401a7bf70208c6c3d57b5) \Device\Harddisk0\DR0\Partition2
21:19:21.0156 2432 \Device\Harddisk0\DR0\Partition2 - ok
21:19:21.0156 2432 ============================================================
21:19:21.0156 2432 Scan finished
21:19:21.0156 2432 ============================================================
21:19:21.0171 2076 Detected object count: 0
21:19:21.0171 2076 Actual detected object count: 0
21:20:04.0468 0456 ============================================================
21:20:04.0468 0456 Scan started
21:20:04.0468 0456 Mode: Manual;
21:20:04.0468 0456 ============================================================
21:20:04.0625 0456 Abiosdsk - ok
21:20:04.0656 0456 abp480n5 - ok
21:20:04.0687 0456 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:20:04.0687 0456 ACPI - ok
21:20:04.0750 0456 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
21:20:04.0750 0456 ACPIEC - ok
21:20:04.0781 0456 adpu160m - ok
21:20:04.0812 0456 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
21:20:04.0812 0456 aec - ok
21:20:04.0859 0456 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
21:20:04.0859 0456 AFD - ok
21:20:04.0890 0456 Aha154x - ok
21:20:04.0906 0456 aic78u2 - ok
21:20:04.0921 0456 aic78xx - ok
21:20:05.0062 0456 ALCXWDM (dd8520280304b6145a6be31008748c7c) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
21:20:05.0109 0456 ALCXWDM - ok
21:20:05.0125 0456 AliIde - ok
21:20:05.0156 0456 amsint - ok
21:20:05.0187 0456 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
21:20:05.0187 0456 Arp1394 - ok
21:20:05.0203 0456 asc - ok
21:20:05.0234 0456 asc3350p - ok
21:20:05.0250 0456 asc3550 - ok
21:20:05.0296 0456 Aspi32 (b979979ab8027f7f53fb16ec4229b7db) C:\WINDOWS\system32\drivers\Aspi32.sys
21:20:05.0296 0456 Aspi32 - ok
21:20:05.0312 0456 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:20:05.0328 0456 AsyncMac - ok
21:20:05.0343 0456 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
21:20:05.0343 0456 atapi - ok
21:20:05.0359 0456 Atdisk - ok
21:20:05.0375 0456 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:20:05.0375 0456 Atmarpc - ok
21:20:05.0421 0456 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
21:20:05.0421 0456 audstub - ok
21:20:05.0453 0456 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
21:20:05.0453 0456 Beep - ok
21:20:05.0484 0456 catchme - ok
21:20:05.0515 0456 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
21:20:05.0515 0456 cbidf2k - ok
21:20:05.0515 0456 cd20xrnt - ok
21:20:05.0531 0456 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
21:20:05.0546 0456 Cdaudio - ok
21:20:05.0609 0456 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
21:20:05.0609 0456 Cdfs - ok
21:20:05.0625 0456 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:20:05.0625 0456 Cdrom - ok
21:20:05.0640 0456 Changer - ok
21:20:05.0656 0456 CmdIde - ok
21:20:05.0671 0456 Cpqarray - ok
21:20:05.0796 0456 cpuz130 - ok
21:20:05.0875 0456 cpuz135 (c2eb4539a4f6ab6edd01bdc191619975) C:\WINDOWS\system32\drivers\cpuz135_x32.sys
21:20:05.0875 0456 cpuz135 - ok
21:20:05.0937 0456 dac2w2k - ok
21:20:05.0937 0456 dac960nt - ok
21:20:05.0968 0456 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
21:20:05.0968 0456 Disk - ok
21:20:06.0015 0456 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
21:20:06.0015 0456 dmboot - ok
21:20:06.0031 0456 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
21:20:06.0046 0456 dmio - ok
21:20:06.0062 0456 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
21:20:06.0062 0456 dmload - ok
21:20:06.0078 0456 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
21:20:06.0078 0456 DMusic - ok
21:20:06.0093 0456 dpti2o - ok
21:20:06.0109 0456 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
21:20:06.0109 0456 drmkaud - ok
21:20:06.0140 0456 ElbyCDFL (c61c83501268b0110b5c5db7e63dee0c) C:\WINDOWS\system32\Drivers\ElbyCDFL.sys
21:20:06.0140 0456 ElbyCDFL - ok
21:20:06.0171 0456 ElbyCDIO (aaa8999a169e39fb8b48ae49cd6ac30a) C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
21:20:06.0171 0456 ElbyCDIO - ok
21:20:06.0203 0456 ENTECH (16ebd8bf1d5090923694cc972c7ce1b4) C:\WINDOWS\system32\DRIVERS\ENTECH.sys
21:20:06.0203 0456 ENTECH - ok
21:20:06.0250 0456 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
21:20:06.0250 0456 Fastfat - ok
21:20:06.0281 0456 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
21:20:06.0281 0456 Fdc - ok
21:20:06.0312 0456 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
21:20:06.0312 0456 Fips - ok
21:20:06.0328 0456 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
21:20:06.0328 0456 Flpydisk - ok
21:20:06.0343 0456 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
21:20:06.0343 0456 FltMgr - ok
21:20:06.0390 0456 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:20:06.0390 0456 Fs_Rec - ok
21:20:06.0406 0456 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:20:06.0406 0456 Ftdisk - ok
21:20:06.0437 0456 ggflt (007aea2e06e7cef7372e40c277163959) C:\WINDOWS\system32\DRIVERS\ggflt.sys
21:20:06.0437 0456 ggflt - ok
21:20:06.0453 0456 ggsemc (c73de35960ca75c5ab4ae636b127c64e) C:\WINDOWS\system32\DRIVERS\ggsemc.sys
21:20:06.0453 0456 ggsemc - ok
21:20:06.0484 0456 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:20:06.0484 0456 Gpc - ok
21:20:06.0515 0456 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:20:06.0515 0456 hidusb - ok
21:20:06.0531 0456 hpn - ok
21:20:06.0562 0456 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
21:20:06.0578 0456 HTTP - ok
21:20:06.0625 0456 i2omgmt - ok
21:20:06.0671 0456 i2omp - ok
21:20:06.0703 0456 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
21:20:06.0703 0456 i8042prt - ok
21:20:06.0750 0456 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
21:20:06.0750 0456 Imapi - ok
21:20:06.0781 0456 InCDfs (b7087e20a32a87d3830ecf8fc7fa3ffb) C:\WINDOWS\system32\drivers\InCDFs.sys
21:20:06.0781 0456 InCDfs - ok
21:20:06.0828 0456 InCDPass (e5beb5e6129656bdc747e729d3402d36) C:\WINDOWS\system32\drivers\InCDPass.sys
21:20:06.0828 0456 InCDPass - ok
21:20:06.0843 0456 InCDRec (2e7e1f9d6567da65bf872ccea5ae51d9) C:\WINDOWS\system32\drivers\InCDRec.sys
21:20:06.0843 0456 InCDRec - ok
21:20:06.0859 0456 incdrm (9d1c434319a19a4712c25e662ca92ab7) C:\WINDOWS\system32\drivers\InCDRm.sys
21:20:06.0859 0456 incdrm - ok
21:20:06.0875 0456 ini910u - ok
21:20:06.0890 0456 IntelIde - ok
21:20:06.0921 0456 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
21:20:06.0921 0456 Ip6Fw - ok
21:20:06.0953 0456 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:20:06.0953 0456 IpFilterDriver - ok
21:20:06.0984 0456 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:20:06.0984 0456 IpInIp - ok
21:20:07.0000 0456 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:20:07.0000 0456 IpNat - ok
21:20:07.0015 0456 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:20:07.0015 0456 IPSec - ok
21:20:07.0046 0456 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
21:20:07.0046 0456 irda - ok
21:20:07.0062 0456 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
21:20:07.0062 0456 IRENUM - ok
21:20:07.0093 0456 irsir (0501f0b9ab08425f8c0eacbdcc04aa32) C:\WINDOWS\system32\DRIVERS\irsir.sys
21:20:07.0093 0456 irsir - ok
21:20:07.0109 0456 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:20:07.0109 0456 isapnp - ok
21:20:07.0156 0456 k510bus (b1fe6feac5a501c89057a69c9f5e9d1f) C:\WINDOWS\system32\DRIVERS\k510bus.sys
21:20:07.0156 0456 k510bus - ok
21:20:07.0171 0456 k510mdfl (7a4ecca08560e8ff330acaa4128af7b0) C:\WINDOWS\system32\DRIVERS\k510mdfl.sys
21:20:07.0171 0456 k510mdfl - ok
21:20:07.0203 0456 k510mdm (094d532b727030c3b8b6bd3b743d9526) C:\WINDOWS\system32\DRIVERS\k510mdm.sys
21:20:07.0203 0456 k510mdm - ok
21:20:07.0234 0456 k510mgmt (ad67bfa00ba39c65551338ee001cdddd) C:\WINDOWS\system32\DRIVERS\k510mgmt.sys
21:20:07.0234 0456 k510mgmt - ok
21:20:07.0265 0456 k510obex (7d5094b00a47d871a48d035beb3a0922) C:\WINDOWS\system32\DRIVERS\k510obex.sys
21:20:07.0265 0456 k510obex - ok
21:20:07.0281 0456 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:20:07.0281 0456 Kbdclass - ok
21:20:07.0296 0456 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
21:20:07.0296 0456 kbdhid - ok
21:20:07.0343 0456 KL1 (94d67d49bd9503bb1d838405d80f2058) C:\WINDOWS\system32\DRIVERS\kl1.sys
21:20:07.0343 0456 KL1 - ok
21:20:07.0359 0456 kl2 (713576569667ac9e0f8556076004a96b) C:\WINDOWS\system32\DRIVERS\kl2.sys
21:20:07.0375 0456 kl2 - ok
21:20:07.0421 0456 KLIF (44ec6b3dbe167c7fa818f9918d2cbf22) C:\WINDOWS\system32\DRIVERS\klif.sys
21:20:07.0437 0456 KLIF - ok
21:20:07.0500 0456 klim5 (8d6e11bfa9927978d25b1b8029554f07) C:\WINDOWS\system32\DRIVERS\klim5.sys
21:20:07.0500 0456 klim5 - ok
21:20:07.0546 0456 klmouflt (3959530f69e19da56f1f24f2c89f1e2c) C:\WINDOWS\system32\DRIVERS\klmouflt.sys
21:20:07.0546 0456 klmouflt - ok
21:20:07.0578 0456 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
21:20:07.0578 0456 kmixer - ok
21:20:07.0609 0456 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
21:20:07.0609 0456 KSecDD - ok
21:20:07.0625 0456 lbrtfdc - ok
21:20:07.0640 0456 MBAMSwissArmy - ok
21:20:07.0671 0456 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
21:20:07.0671 0456 mnmdd - ok
21:20:07.0703 0456 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
21:20:07.0703 0456 Modem - ok
21:20:07.0750 0456 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:20:07.0750 0456 Mouclass - ok
21:20:07.0796 0456 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:20:07.0796 0456 mouhid - ok
21:20:07.0812 0456 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
21:20:07.0812 0456 MountMgr - ok
21:20:07.0828 0456 mraid35x - ok
21:20:07.0859 0456 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:20:07.0859 0456 MRxDAV - ok
21:20:07.0906 0456 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:20:07.0906 0456 MRxSmb - ok
21:20:07.0937 0456 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
21:20:07.0937 0456 Msfs - ok
21:20:07.0953 0456 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:20:07.0953 0456 MSKSSRV - ok
21:20:07.0984 0456 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:20:07.0984 0456 MSPCLOCK - ok
21:20:08.0015 0456 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
21:20:08.0015 0456 MSPQM - ok
21:20:08.0046 0456 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:20:08.0046 0456 mssmbios - ok
21:20:08.0062 0456 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
21:20:08.0078 0456 Mup - ok
21:20:08.0093 0456 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
21:20:08.0093 0456 NDIS - ok
21:20:08.0109 0456 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:20:08.0109 0456 NdisTapi - ok
21:20:08.0140 0456 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:20:08.0140 0456 Ndisuio - ok
21:20:08.0218 0456 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:20:08.0218 0456 NdisWan - ok
21:20:08.0265 0456 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
21:20:08.0265 0456 NDProxy - ok
21:20:08.0281 0456 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
21:20:08.0281 0456 NetBIOS - ok
21:20:08.0312 0456 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
21:20:08.0312 0456 NetBT - ok
21:20:08.0343 0456 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
21:20:08.0359 0456 NIC1394 - ok
21:20:08.0375 0456 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
21:20:08.0375 0456 Npfs - ok
21:20:08.0421 0456 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
21:20:08.0421 0456 Ntfs - ok
21:20:08.0437 0456 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
21:20:08.0437 0456 Null - ok
21:20:08.0796 0456 nv (6733e80a193fc36f41c24142b0c45c0e) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
21:20:08.0906 0456 nv - ok
21:20:08.0937 0456 NVENETFD (7d275ecda4628318912f6c945d5cf963) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
21:20:08.0937 0456 NVENETFD - ok
21:20:08.0953 0456 nvgts (75e2e77c5497f34e60491d27bf03f1cb) C:\WINDOWS\system32\DRIVERS\nvgts.sys
21:20:08.0953 0456 nvgts - ok
21:20:08.0984 0456 nvnetbus (b64aacefad2be5bff5353fe681253c67) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
21:20:08.0984 0456 nvnetbus - ok
21:20:09.0031 0456 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:20:09.0031 0456 NwlnkFlt - ok
21:20:09.0062 0456 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:20:09.0062 0456 NwlnkFwd - ok
21:20:09.0078 0456 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
21:20:09.0078 0456 ohci1394 - ok
21:20:09.0109 0456 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
21:20:09.0109 0456 Parport - ok
21:20:09.0125 0456 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
21:20:09.0125 0456 PartMgr - ok
21:20:09.0171 0456 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
21:20:09.0171 0456 ParVdm - ok
21:20:09.0187 0456 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
21:20:09.0187 0456 PCI - ok
21:20:09.0203 0456 PCIDump - ok
21:20:09.0218 0456 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
21:20:09.0218 0456 PCIIde - ok
21:20:09.0250 0456 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
21:20:09.0250 0456 Pcmcia - ok
21:20:09.0328 0456 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\WINDOWS\system32\Drivers\pcouffin.sys
21:20:09.0328 0456 pcouffin - ok
21:20:09.0343 0456 PDCOMP - ok
21:20:09.0359 0456 PDFRAME - ok
21:20:09.0375 0456 PDRELI - ok
21:20:09.0390 0456 PDRFRAME - ok
21:20:09.0390 0456 perc2 - ok
21:20:09.0406 0456 perc2hib - ok
21:20:09.0453 0456 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:20:09.0453 0456 PptpMiniport - ok
21:20:09.0484 0456 Processor (7eb15dce4ec3a0220bd796a15c18186e) C:\WINDOWS\system32\DRIVERS\processr.sys
21:20:09.0484 0456 Processor - ok
21:20:09.0531 0456 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
21:20:09.0531 0456 PSched - ok
21:20:09.0562 0456 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:20:09.0562 0456 Ptilink - ok
21:20:09.0578 0456 ql1080 - ok
21:20:09.0578 0456 Ql10wnt - ok
21:20:09.0593 0456 ql12160 - ok
21:20:09.0609 0456 ql1240 - ok
21:20:09.0625 0456 ql1280 - ok
21:20:09.0640 0456 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:20:09.0640 0456 RasAcd - ok
21:20:09.0656 0456 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
21:20:09.0671 0456 Rasirda - ok
21:20:09.0687 0456 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:20:09.0687 0456 Rasl2tp - ok
21:20:09.0734 0456 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:20:09.0734 0456 RasPppoe - ok
21:20:09.0750 0456 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
21:20:09.0750 0456 Raspti - ok
21:20:09.0796 0456 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:20:09.0796 0456 Rdbss - ok
21:20:09.0812 0456 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:20:09.0812 0456 RDPCDD - ok
21:20:09.0859 0456 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
21:20:09.0859 0456 RDPWD - ok
21:20:09.0890 0456 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
21:20:09.0890 0456 redbook - ok
21:20:09.0953 0456 RSUSBSTOR (6b065c88a4c05cf44793ac2bfc331ac5) C:\WINDOWS\system32\Drivers\RtsUStor.sys
21:20:09.0953 0456 RSUSBSTOR - ok
21:20:10.0000 0456 se45bus (531ebc57db331c8500c042d9f8a6aef2) C:\WINDOWS\system32\DRIVERS\se45bus.sys
21:20:10.0000 0456 se45bus - ok
21:20:10.0046 0456 se45mdfl (148e7e813681d3a0a05f09826080cc2b) C:\WINDOWS\system32\DRIVERS\se45mdfl.sys
21:20:10.0046 0456 se45mdfl - ok
21:20:10.0093 0456 se45mdm (b4ce022564d0d3fd7b0e5459aa12aa72) C:\WINDOWS\system32\DRIVERS\se45mdm.sys
21:20:10.0093 0456 se45mdm - ok
21:20:10.0125 0456 se45mgmt (6d04ea9c049ebd78d64ade447de3f7eb) C:\WINDOWS\system32\DRIVERS\se45mgmt.sys
21:20:10.0125 0456 se45mgmt - ok
21:20:10.0140 0456 se45nd5 (fdc74beaa13a801fac574bc7af1450c4) C:\WINDOWS\system32\DRIVERS\se45nd5.sys
21:20:10.0156 0456 se45nd5 - ok
21:20:10.0171 0456 se45obex (5e003693822460d37516d9a262de9e11) C:\WINDOWS\system32\DRIVERS\se45obex.sys
21:20:10.0171 0456 se45obex - ok
21:20:10.0203 0456 se45unic (fc7021adb632200da591a55a35a78acc) C:\WINDOWS\system32\DRIVERS\se45unic.sys
21:20:10.0203 0456 se45unic - ok
21:20:10.0281 0456 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:20:10.0281 0456 Secdrv - ok
21:20:10.0312 0456 seehcri (e5b56569a9f79b70314fede6c953641e) C:\WINDOWS\system32\DRIVERS\seehcri.sys
21:20:10.0312 0456 seehcri - ok
21:20:10.0343 0456 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
21:20:10.0343 0456 serenum - ok
21:20:10.0375 0456 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
21:20:10.0390 0456 Serial - ok
21:20:10.0453 0456 sfdrv01 (4c0d673281178cb496011a2e28571fc8) C:\WINDOWS\system32\drivers\sfdrv01.sys
21:20:10.0453 0456 sfdrv01 - ok
21:20:10.0468 0456 sfhlp02 (15be2b5e4dc5b8623cf167720682abc9) C:\WINDOWS\system32\drivers\sfhlp02.sys
21:20:10.0468 0456 sfhlp02 - ok
21:20:10.0500 0456 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
21:20:10.0500 0456 Sfloppy - ok
21:20:10.0531 0456 sfvfs02 (9ef50060cc7e6953bab83f2a42ccc421) C:\WINDOWS\system32\drivers\sfvfs02.sys
21:20:10.0531 0456 sfvfs02 - ok
21:20:10.0546 0456 Simbad - ok
21:20:10.0562 0456 Sparrow - ok
21:20:10.0578 0456 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
21:20:10.0593 0456 splitter - ok
21:20:10.0640 0456 sptd (d15da1ba189770d93eea2d7e18f95af9) C:\WINDOWS\system32\Drivers\sptd.sys
21:20:10.0640 0456 sptd - ok
21:20:10.0656 0456 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
21:20:10.0656 0456 sr - ok
21:20:10.0718 0456 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
21:20:10.0718 0456 Srv - ok
21:20:10.0734 0456 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
21:20:10.0734 0456 swenum - ok
21:20:10.0781 0456 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
21:20:10.0781 0456 swmidi - ok
21:20:10.0796 0456 symc810 - ok
21:20:10.0812 0456 symc8xx - ok
21:20:10.0828 0456 sym_hi - ok
21:20:10.0843 0456 sym_u3 - ok
21:20:10.0859 0456 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
21:20:10.0859 0456 sysaudio - ok
21:20:10.0906 0456 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:20:10.0906 0456 Tcpip - ok
21:20:10.0937 0456 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
21:20:10.0937 0456 TDPIPE - ok
21:20:10.0968 0456 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
21:20:10.0968 0456 TDTCP - ok
21:20:10.0984 0456 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
21:20:10.0984 0456 TermDD - ok
21:20:11.0015 0456 TosIde - ok
21:20:11.0046 0456 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
21:20:11.0046 0456 Udfs - ok
21:20:11.0062 0456 ultra - ok
21:20:11.0109 0456 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
21:20:11.0109 0456 Update - ok
21:20:11.0140 0456 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:20:11.0140 0456 usbccgp - ok
21:20:11.0250 0456 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:20:11.0250 0456 usbehci - ok
21:20:11.0265 0456 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:20:11.0265 0456 usbhub - ok
21:20:11.0296 0456 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
21:20:11.0296 0456 usbohci - ok
21:20:11.0328 0456 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
21:20:11.0328 0456 usbprint - ok
21:20:11.0359 0456 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:20:11.0359 0456 usbscan - ok
21:20:11.0375 0456 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:20:11.0375 0456 usbstor - ok
21:20:11.0406 0456 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
21:20:11.0406 0456 VgaSave - ok
21:20:11.0421 0456 ViaIde - ok
21:20:11.0453 0456 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
21:20:11.0453 0456 VolSnap - ok
21:20:11.0484 0456 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:20:11.0484 0456 Wanarp - ok
21:20:11.0531 0456 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
21:20:11.0546 0456 Wdf01000 - ok
21:20:11.0562 0456 WDICA - ok
21:20:11.0593 0456 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
21:20:11.0609 0456 wdmaud - ok
21:20:11.0671 0456 WpdUsb (c60dc16d4e406810fad54b98dc92d5ec) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
21:20:11.0687 0456 WpdUsb - ok
21:20:11.0703 0456 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
21:20:11.0703 0456 WS2IFSL - ok
21:20:11.0765 0456 WsAudioDevice_383 (85ece26f326c2d07ba77a60343468272) C:\WINDOWS\system32\drivers\WsAudioDevice_383.sys
21:20:11.0765 0456 WsAudioDevice_383 - ok
21:20:11.0796 0456 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
21:20:11.0796 0456 WudfPf - ok
21:20:11.0828 0456 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
21:20:11.0828 0456 WudfRd - ok
21:20:11.0875 0456 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} - ok
21:20:11.0906 0456 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
21:20:11.0906 0456 \Device\Harddisk0\DR0 - ok
21:20:11.0921 0456 Boot (0x1200) (4121ae2b48eb7b12fd4cb517b22d44ec) \Device\Harddisk0\DR0\Partition0
21:20:11.0921 0456 \Device\Harddisk0\DR0\Partition0 - ok
21:20:11.0937 0456 Boot (0x1200) (d710b7ae6e8aedaee060017cb77ab8cb) \Device\Harddisk0\DR0\Partition1
21:20:11.0937 0456 \Device\Harddisk0\DR0\Partition1 - ok
21:20:11.0953 0456 Boot (0x1200) (eb136d95985401a7bf70208c6c3d57b5) \Device\Harddisk0\DR0\Partition2
21:20:11.0953 0456 \Device\Harddisk0\DR0\Partition2 - ok
21:20:11.0953 0456 ============================================================
21:20:11.0953 0456 Scan finished
21:20:11.0953 0456 ============================================================
21:20:11.0968 1264 Detected object count: 0
21:20:11.0968 1264 Actual detected object count: 0

oky.2 · #17 Příspěvek od **oky.2** » 22 lis 2011 21:21

jinač žádná infekce nenalezena

#18 Příspěvek od **motji** » 22 lis 2011 21:36

Fajn, spustte znovu combofix, log vložte zde.

oky.2 · #19 Příspěvek od **oky.2** » 23 lis 2011 20:37

ComboFix 11-11-22.01 - Martin 23.11.2011 20:14:02.2.1 - x86
Spuštěný z: c:\documents and settings\Martin\Plocha\ComboFix.exe
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
Nakažená kopie c:\windows\system32\drivers\ntfs.sys byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ERDNT\cache\ntfs.sys
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-10-23 do 2011-11-23 )))))))))))))))))))))))))))))))
.
.
2011-11-18 18:01 . 2011-11-18 18:13 -------- d-----w- c:\program files\trend micro
2011-11-18 18:01 . 2011-11-18 18:02 -------- d-----w- C:\rsit
2011-11-15 17:15 . 2011-11-22 16:52 486360 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll
2011-11-15 17:15 . 2011-11-22 16:52 43992 ----a-w- c:\program files\Mozilla Firefox\mozutils.dll
2011-11-15 17:15 . 2011-11-22 16:52 633816 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll
2011-11-15 17:15 . 2011-11-22 16:52 555992 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll
2011-11-13 16:45 . 2011-11-13 16:45 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AltrixSoft
2011-11-13 16:45 . 2011-11-13 16:48 -------- d-----w- c:\program files\Common Files\AltrixSoft
2011-11-13 15:01 . 2011-11-13 15:01 -------- d-sh--w- c:\documents and settings\All Users\Data aplikací\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2011-11-12 22:43 . 2011-11-12 22:43 119808 ----a-w- c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll
2011-11-11 17:25 . 2011-11-11 17:31 -------- d-----w- c:\program files\Yahoo!
2011-11-08 19:50 . 2010-10-05 19:26 109240 ----a-w- c:\program files\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru\components\abhelperxpcom.dll
2011-11-08 19:50 . 2010-10-05 19:27 150200 ----a-w- c:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\kavlinkfilter.dll
2011-11-08 19:50 . 2011-11-08 20:00 97961 ----a-w- c:\windows\system32\drivers\klick.dat
2011-11-08 19:50 . 2011-11-08 20:00 115369 ----a-w- c:\windows\system32\drivers\klin.dat
2011-11-08 19:49 . 2011-11-08 19:49 -------- d-----w- c:\program files\Kaspersky Lab
2011-11-08 19:49 . 2011-11-23 19:25 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Kaspersky Lab
2011-11-08 19:03 . 2010-10-05 19:26 109240 ----a-w- c:\program files\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak\components\abhelperxpcom.dll
2011-11-08 18:54 . 2011-11-09 14:48 -------- d-----w- C:\kleaner.tmp
2011-11-08 18:21 . 2011-11-08 18:21 -------- d--h--we c:\documents and settings\All Users\AVP11
2011-11-08 18:21 . 2010-10-05 19:27 150200 ----a-w- c:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak\components\kavlinkfilter.dll
2011-11-08 18:18 . 2011-11-08 19:42 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Kaspersky Lab Setup Files
2011-11-08 12:07 . 2011-11-16 16:38 -------- d-----w- c:\program files\AIMP3
2011-11-06 14:46 . 2011-11-06 14:46 -------- d-----w- c:\program files\Windows Sidebar
2011-11-06 13:36 . 2011-11-06 13:36 -------- d-----w- c:\program files\ESET
2011-11-06 12:25 . 2011-11-06 13:33 -------- d-----w- c:\documents and settings\Martin\Data aplikací\ESET
2011-10-30 16:08 . 2011-10-30 16:08 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-10-30 16:08 . 2011-10-30 16:07 103736 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-10-30 16:07 . 2011-10-30 16:07 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-10-27 19:01 . 2011-10-27 19:01 -------- d-----w- c:\documents and settings\Martin\Local Settings\Data aplikací\SubtitleCreator
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-16 18:24 . 2011-04-29 19:03 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-10 14:22 . 2008-09-30 17:02 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-09-28 07:06 . 2004-08-18 12:00 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-09-26 09:41 . 2008-07-29 17:59 613376 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 09:41 . 2004-08-18 12:00 22528 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 09:41 . 2004-08-18 12:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-06 14:10 . 2004-08-18 12:00 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-08-31 16:00 . 2010-08-18 12:56 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-29 08:00 . 2011-05-07 16:24 74752 ----a-w- c:\windows\system32\ff_vfw.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2011-11-22 16:52 . 2011-08-19 19:41 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2011-11-12 22:43 . 2011-11-12 22:43 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2008-04-14 06:51 . E7B375DFFB68A16659CA66474A280C47 . 806912 . . [2001.12.4414.700] . . c:\windows\NiwradSoft Shell Pack\Backup\comres.dll
[-] 2008-04-14 06:51 . 9BBABCB691B887769048255FA7047C05 . 1508864 . . [2001.12.4414.700] . . c:\windows\ServicePackFiles\i386\comres.dll
[-] 2008-04-14 06:51 . 9BBABCB691B887769048255FA7047C05 . 1508864 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll
.
[7] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\winlogon.exe
[-] 2008-04-14 . 471341D353962A35DA3C6324D59D09C4 . 547328 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2008-04-14 . 471341D353962A35DA3C6324D59D09C4 . 547328 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
.
[7] 2010-08-23 . E145ADD7DAEF759C4F5FB80A180A9C30 . 617472 . . [5.82] . . c:\windows\NiwradSoft Shell Pack\Backup\comctl32.dll
[-] 2010-08-23 . 157577AE3ED2862091111184966FAB66 . 643072 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll
[-] 2010-08-23 . 157577AE3ED2862091111184966FAB66 . 643072 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2010-08-23 . 157577AE3ED2862091111184966FAB66 . 643072 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll
[7] 2010-08-23 . 8A72A30FDC803DC06755D3B36D966F31 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
[7] 2008-04-14 . D7B7AE36A2EBA312AC4B53862019B3F5 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
[7] 2004-08-18 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
[7] 2004-08-18 . F76B3003366A205E05AFC0D034C7D3E9 . 1050624 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
.
[7] 2008-04-14 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\user32.dll
[-] 2008-04-14 . CCB32D10C69A89822E9134C0C4894BE1 . 578560 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll
[-] 2008-04-14 . CCB32D10C69A89822E9134C0C4894BE1 . 578560 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
.
[-] 2008-04-14 . D63C59BB0CA2F83B62D003FD52863090 . 1541120 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[7] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\explorer.exe
[-] 2008-04-14 . D63C59BB0CA2F83B62D003FD52863090 . 1541120 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
.
[-] 2008-04-14 . 6915639F41228891A883B2DA59AA7429 . 277504 . . [5.1.2600.5512] . . c:\windows\regedit.exe
[7] 2008-04-14 . FDEB1D02CAE38665CBF114F44E6B997E . 147968 . . [5.1.2600.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\regedit.exe
[-] 2008-04-14 . 6915639F41228891A883B2DA59AA7429 . 277504 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regedit.exe
.
[7] 2010-07-16 . 6D1A3A355CA2AC64D2D5BAEC25C16427 . 1287680 . . [5.1.2600.6010] . . c:\windows\NiwradSoft Shell Pack\Backup\ole32.dll
[-] 2010-07-16 . 81206718E930BEF6D92A64725907D973 . 1312768 . . [5.1.2600.6010] . . c:\windows\ServicePackFiles\i386\ole32.dll
[-] 2010-07-16 . 81206718E930BEF6D92A64725907D973 . 1312768 . . [5.1.2600.6010] . . c:\windows\system32\ole32.dll
[-] 2010-07-16 . 81206718E930BEF6D92A64725907D973 . 1312768 . . [5.1.2600.6010] . . c:\windows\system32\dllcache\ole32.dll
[7] 2010-07-16 . C85BE0CF9C91EB64CECA1D639D71D4CC . 1288704 . . [5.1.2600.6010] . . c:\windows\$hf_mig$\KB979687\SP3QFE\ole32.dll
.
[7] 2008-04-14 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\ctfmon.exe
[-] 2008-04-14 . 0415E09C0BCCBF8B5CD5A05889EFB962 . 40448 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2008-04-14 . 0415E09C0BCCBF8B5CD5A05889EFB962 . 40448 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
.
[7] 2008-04-14 . ED18ADEE4AA21EB26977260152D7241A . 345088 . . [5.1.2600.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\hnetcfg.dll
[-] 2008-04-14 . FDE84E2C6D0E1F75D61D7CC111A1DA5A . 369152 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\hnetcfg.dll
[-] 2008-04-14 . FDE84E2C6D0E1F75D61D7CC111A1DA5A . 369152 . . [5.1.2600.5512] . . c:\windows\system32\hnetcfg.dll
.
[7] 2010-12-09 . 40D176442F70573DBA0E05A7E40D3EBB . 2071552 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrnlpa.exe
[7] 2010-12-09 . 4FE7B81BEDE8D37C9E3D95C99A56A34E . 2071552 . . [5.1.2600.6055] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe
[7] 2010-12-09 . 4FE7B81BEDE8D37C9E3D95C99A56A34E . 2071552 . . [5.1.2600.6055] . . c:\windows\NiwradSoft Shell Pack\Backup\ntkrnlpa.exe
[-] 2010-12-09 . 3E500054792EA59F7D79B888C67AB669 . 2232704 . . [5.1.2600.6055] . . c:\windows\ServicePackFiles\i386\ntkrnlpa.exe
[-] 2010-12-09 . 3E500054792EA59F7D79B888C67AB669 . 2232704 . . [5.1.2600.6055] . . c:\windows\system32\ntkrnlpa.exe
[-] 2010-12-09 . 3E500054792EA59F7D79B888C67AB669 . 2232704 . . [5.1.2600.6055] . . c:\windows\system32\dllcache\ntkrnlpa.exe
[7] 2010-04-28 . 2FA1EF498F026847CF276DF9099ABE79 . 2069120 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlpa.exe
[7] 2010-02-16 . DCC3D91A3DEDBBA9ECFFA6028D872CF5 . 2069120 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe
[7] 2009-12-09 . 58516936F00D10D4B615C458A8A4AB71 . 2068352 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrnlpa.exe
[7] 2009-08-04 . 97815C93200676C727CE951AE5C78137 . 2068352 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe
[7] 2009-02-09 . FF8A3F180A224AA27EBAB937CA027F4D . 2068352 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[7] 2008-08-14 . 5495B7902AE2EEE3A98D889E9A679724 . 2068224 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe
.
[7] 2009-03-08 . B60DDDD2D63CE41CB8C487FCFBB6419E . 638816 . . [8.00.6001.18702] . . c:\windows\NiwradSoft Shell Pack\Backup\iexplore.exe
[-] 2009-03-08 . F68C1BAC147227B86FFB36828FF8BEDF . 510816 . . [8.00.6001.18702] . . c:\windows\ServicePackFiles\i386\iexplore.exe
[-] 2009-03-08 . F68C1BAC147227B86FFB36828FF8BEDF . 510816 . . [8.00.6001.18702] . . c:\windows\system32\dllcache\iexplore.exe
[7] 2008-12-19 . 15E8A89499741D5CF59A9CF6463A4339 . 634024 . . [7.00.6000.20978] . . c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\iexplore.exe
[7] 2008-12-19 . 030D78FE84A086ED376EFCBD2D72C522 . 634024 . . [7.00.6000.16791] . . c:\windows\ie8\iexplore.exe
[7] 2008-10-15 . 9D3DB9ADFABD2F0BC778EC03250A3ABB . 633632 . . [7.00.6000.16762] . . c:\windows\ie7updates\KB961260-IE7\iexplore.exe
[7] 2008-10-15 . 056C927CF7207857E8B34F7A8FFD9B9E . 633632 . . [7.00.6000.20935] . . c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\iexplore.exe
[7] 2008-04-14 . 414AFE6E8CCDE984E16D5ED08624CEC6 . 93184 . . [6.00.2900.5512] . . c:\windows\ie7\iexplore.exe
[7] 2007-08-13 . DE49B348A18369B4626FBA1D49B07FB4 . 622080 . . [7.00.5730.13] . . c:\windows\ie7updates\KB958215-IE7\iexplore.exe
.
[7] 2010-12-09 . 8D222D8EF9B1951296F822583A044542 . 2194944 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntoskrnl.exe
[7] 2010-12-09 . B6C5D4CBB22EEF31FAFBB76C2C6F3D99 . 2194944 . . [5.1.2600.6055] . . c:\windows\Driver Cache\i386\ntoskrnl.exe
[7] 2010-12-09 . B6C5D4CBB22EEF31FAFBB76C2C6F3D99 . 2194944 . . [5.1.2600.6055] . . c:\windows\NiwradSoft Shell Pack\Backup\ntoskrnl.exe
[-] 2010-12-09 . 5C09C92D01E24786F1156E0512A488FF . 2356096 . . [5.1.2600.6055] . . c:\windows\ServicePackFiles\i386\ntoskrnl.exe
[-] 2010-12-09 . 5C09C92D01E24786F1156E0512A488FF . 2356096 . . [5.1.2600.6055] . . c:\windows\system32\ntoskrnl.exe
[-] 2010-12-09 . 5C09C92D01E24786F1156E0512A488FF . 2356096 . . [5.1.2600.6055] . . c:\windows\system32\dllcache\ntoskrnl.exe
[7] 2010-04-28 . 91FE668957FF51A2DBCEE0D8637BA77E . 2192256 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe
[7] 2010-02-16 . 6B2312D847BA95F4E858CB4C3B5F51E1 . 2192256 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe
[7] 2009-12-09 . 7782F11AE957B736585870CD2671227B . 2191488 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntoskrnl.exe
[7] 2009-08-04 . 3502DBBC657001D7A2A2768BD7DE1483 . 2191488 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe
[7] 2009-02-10 . 97480EBFE1D4B547657BAD75AAAB1325 . 2191360 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[7] 2008-08-14 . 2BCBCE27A946C057051A85CB032F49FF . 2191360 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\NBHShellExt]
@="{8D2223A2-B3C6-4e32-B096-CDD11F628C60}"
[HKEY_CLASSES_ROOT\CLSID\{8D2223A2-B3C6-4e32-B096-CDD11F628C60}]
2008-06-10 10:29 97064 ----a-w- d:\program files\Nero\Nero8\InCD\NBHShx.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 577536]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-08-03 13892200]
"NvMediaCenter"="NvMCTray.dll" [2011-08-03 111208]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2011-07-05 1632360]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe" [2010-11-02 365336]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2011-11-12 30192]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 40448]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
.
[HKLM\~\startupfolder\C:^Documents and Settings^Martin^Nabídka Start^Programy^Po spuštění^Free Music Zilla.lnk]
backup=c:\windows\pss\Free Music Zilla.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-06-06 10:55 937920 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"TuneUp.UtilitiesSvc"=2 (0x2)
"UxTuneUp"=2 (0x2)
"MDM"=2 (0x2)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ICQ"="d:\program files\ICQ7.2\ICQ.exe" silent loginmode=4
"DAEMON Tools Lite"="d:\program files\DAEMON Tools Lite\DTLite.exe" -autorun
"WMPNSCFG"=c:\program files\Windows Media Player\WMPNSCFG.exe
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"OODefragTray"=c:\windows\system32\oodtray.exe
"QuickTime Task"="d:\program files\QuickTime\qttask.exe" -atboottime
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"CanonSolutionMenu"=c:\program files\Canon\SolutionMenu\CNSLMAIN.exe /logon
"CanonMyPrinter"=c:\program files\Canon\MyPrinter\BJMyPrt.exe /logon
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"BDRegion"=c:\program files\Cyberlink\Shared files\brs.exe
"BCSSync"="d:\program files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
"NiwradSoft Welcome"=c:\windows\NiwradSoft Shell Pack\Tools\NS Welcome.exe
"NeroFilterCheck"=c:\program files\Common Files\Nero\Lib\NeroCheck.exe
"SecurDisc"=d:\program files\Nero\Nero8\InCD\NBHGui.exe
"InCD"=d:\program files\Nero\Nero8\InCD\InCD.exe
"AutoKMS"=c:\windows\AutoKMS.exe
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Free Music Zilla\\FMZilla.exe"=
"d:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"d:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Opera Next\\opera.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
"d:\\Program Files\\ICQ7.2\\ICQ7.5\\ICQ.exe"=
"c:\\squid\\sbin\\squid.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"24956:TCP"= 24956:TCP:BitComet 24956 TCP
"24956:UDP"= 24956:UDP:BitComet 24956 UDP
.
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2011/01/08 19:00];d:\program files\CyberLink\PowerDVD10\PowerDVD10\NavFilter\000.fcl [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-07-04 136176]
R2 KMService;KMService;c:\windows\system32\srvany.exe [2010-09-26 8192]
R3 cpuz130;cpuz130;c:\docume~1\Martin\LOCALS~1\Temp\cpuz130\cpuz_x32.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2010-08-28 13224]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2011-11-12 30192]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-07-04 136176]
R3 k510bus;Sony Ericsson K510 Driver driver (WDM);c:\windows\system32\DRIVERS\k510bus.sys [2006-02-17 58288]
R3 k510mdfl;Sony Ericsson K510 USB WMC Modem Filter;c:\windows\system32\DRIVERS\k510mdfl.sys [2006-02-17 8336]
R3 k510mdm;Sony Ericsson K510 USB WMC Modem Driver;c:\windows\system32\DRIVERS\k510mdm.sys [2006-02-17 94064]
R3 k510mgmt;Sony Ericsson K510 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\k510mgmt.sys [2006-02-17 85408]
R3 k510obex;Sony Ericsson K510 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\k510obex.sys [2006-02-17 83344]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2011-06-10 181792]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R3 WsAudioDevice_383;WsAudioDevice_383;c:\windows\system32\drivers\WsAudioDevice_383.sys [2008-11-19 16640]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2009-06-30 721904]
S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [2010-06-09 11352]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [2010-11-09 21992]
S2 NeroRegInCDSrv;Nero Registry InCD Service;d:\program files\Nero\Nero8\InCD\NBHRegInCDSrv.exe [2008-06-10 53032]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-03 2255464]
S3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\DRIVERS\klim5.sys [2010-05-07 32856]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-11-02 19472]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2010-08-14 47360]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [2010-08-28 27632]
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
.
2011-11-23 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2009-04-27 13:37]
.
2011-11-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-04 08:30]
.
2011-11-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-04 08:30]
.
.
------- Doplňkový sken -------
.
uDefault_Search_URL = hxxp://search.qip.ru
uStart Page = hxxp://search.freemusiczilla.com
mStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = 127.0.0.1:3128
uCustomizeSearch = hxxp://www.Google.com/
uSearchAssistant = hxxp://search.qip.ru/ie
IE: Add to Anti-Banner - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm
IE: E&xportovat do aplikace Microsoft Excel - d:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - d:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - d:\program files\ICQ7.2\ICQ7.5\ICQ.exe
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
TCP: DhcpNameServer = 84.16.122.105 84.16.96.2
FF - ProfilePath - c:\documents and settings\Martin\Data aplikací\Mozilla\Firefox\Profiles\6tjkss3s.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.google.cz
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q=
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-23 20:25
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\d:\program files\CyberLink\PowerDVD10\PowerDVD10\NavFilter\000.fcl"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1804)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\cscui.dll
c:\windows\system32\COMRes.dll
.
- - - - - - - > 'lsass.exe'(1916)
c:\windows\system32\SETUPAPI.dll
.
- - - - - - - > 'explorer.exe'(3300)
c:\windows\system32\COMRes.dll
d:\program files\Nero\Nero8\InCD\NBHShx.dll
d:\program files\Nero\Nero8\InCD\NBHStr.dll
c:\program files\Common Files\Nero\Shared\NL3\AdvrCntr3.dll
c:\windows\system32\SETUPAPI.dll
c:\windows\System32\cscui.dll
c:\windows\system32\msi.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
c:\windows\system32\wpdshext.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\MSGINA.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\Audiodev.dll
c:\windows\system32\WMVCore.DLL
c:\windows\system32\WMASF.DLL
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Google\Update\1.3.21.79\GoogleCrashHandler.exe
d:\program files\Nero\Nero8\InCD\InCDsrv.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\oodag.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\System32\TUProgSt.exe
c:\windows\system32\wscntfy.exe
c:\windows\SOUNDMAN.EXE
c:\windows\system32\RunDLL32.exe
c:\windows\system32\taskmgr.exe
c:\windows\system32\rundll32.exe
.
**************************************************************************
.
Celkový čas: 2011-11-23 20:36:47 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-11-23 19:36
ComboFix2.txt 2011-11-21 18:09
.
Před spuštěním: Volných bajtů: 15 305 674 752
Po spuštění: Volných bajtů: 15 320 801 280
.
- - End Of File - - 24E6B05CB09DED2C6D3A58FB727D07CE

#20 Příspěvek od **motji** » 24 lis 2011 09:01

Pokud combofix nekecá, tak opět měnil nějaký systémový soubor z důvodu zavirování. Raději ještě pc proěvříme na rootkity.

odinstalujte všechny virtuální jednotky (Daemon nebo alcohol)

Stáhněte SPTD http://www.duplexsecure.com/en/downloads
-vyberte verzi podle svého operačního systému. SPTD for Windows (32 bit) nebo (64b)
-uložte na plochu a spusťte
- zvolte možnost Uninstall
- restart PC

Stahněte http://www.jpshortstuff.247fixes.com/Defogger.exe
- spustte,
- potvrdte disabled
-log vložte zde

Stáhněte Gmer http://www.viry.cz/forum/viewtopic.php?f=29&t=62878
- rozbalte a spusťte
-proběhne sken, po skončení se otevře okno s výsledky, kliknete na Save a tím si uložíte log,který sem vložíte

-Podle návodu v odkazu proveďte druhý sken a log sem také vložte.

oky.2 · #21 Příspěvek od **oky.2** » 26 lis 2011 21:06

Dobrý večír

, omlouvám se za pozdní dodání logu, ale v poslední době jsem byl pracovně vytížen. Viz. níže posílám logy.

Defogger log
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 18:40 on 25/11/2011 (Martin)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...
SPTD -> Already disabled

-=E.O.F=-

oky.2 · #22 Příspěvek od **oky.2** » 26 lis 2011 21:06

gmer log 1

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2011-11-26 17:36:28
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Scsi\nvgts1Port2Path0Target0Lun0 WDC_WD16 rev.02.0
Running: gmer.exe; Driver: C:\DOCUME~1\Martin\LOCALS~1\Temp\pxldypow.sys

---- System - GMER 1.0.15 ----

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwEnumerateKey [0xAE9F3F74]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwEnumerateValueKey [0xAE9F400C]

Code \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) FsRtlCheckLockForReadAccess
Code \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) IoIsOperationSynchronous

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Tcpip \Device\Ip kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
AttachedDevice \Driver\Tcpip \Device\Tcp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
AttachedDevice \Driver\Tcpip \Device\Udp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
AttachedDevice \Driver\Tcpip \Device\RawIp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)

---- EOF - GMER 1.0.15 ----

oky.2 · #23 Příspěvek od **oky.2** » 26 lis 2011 21:07

gmer log 2

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-11-26 21:03:08
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Scsi\nvgts1Port2Path0Target0Lun0 WDC_WD16 rev.02.0
Running: gmer.exe; Driver: C:\DOCUME~1\Martin\LOCALS~1\Temp\pxldypow.sys

---- System - GMER 1.0.15 ----

SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwAdjustPrivilegesToken [0xAE9F45FA]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwClose [0xAE9F4EFE]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwConnectPort [0xAE9F5D32]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateEvent [0xAE9F627C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateFile [0xAE9F51DA]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateKey [0xAE9F346A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateMutant [0xAE9F6162]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateNamedPipeFile [0xAE9F41E8]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreatePort [0xAE9F6036]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateSection [0xAE9F4390]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateSemaphore [0xAE9F639C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateSymbolicLinkObject [0xAEA0B6C0]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateThread [0xAE9F4B86]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwCreateWaitablePort [0xAE9F60CC]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDebugActiveProcess [0xAE9F7A84]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDeleteKey [0xAE9F3A74]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDeleteValueKey [0xAE9F3E28]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDeviceIoControlFile [0xAE9F565C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwDuplicateObject [0xAE9F8C90]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwEnumerateKey [0xAE9F3F74]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwEnumerateValueKey [0xAE9F400C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwFsControlFile [0xAE9F546A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwLoadDriver [0xAE9F7B76]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwLoadKey [0xAE9F3446]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwLoadKey2 [0xAE9F3458]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwMapViewOfSection [0xAEA0B6E0]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwNotifyChangeKey [0xAE9F4138]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenEvent [0xAE9F6312]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenFile [0xAE9F4F80]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenKey [0xAE9F362A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenMutant [0xAE9F61F2]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenProcess [0xAE9F4836]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenSection [0xAE9F8078]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenSemaphore [0xAE9F6432]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwOpenThread [0xAE9F4728]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwPlugPlayControl [0xAEA0B6D0]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueryKey [0xAE9F40A4]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueryMultipleValueKey [0xAE9F3CDC]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQuerySection [0xAE9F8618]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueryValueKey [0xAE9F3906]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwQueueApcThread [0xAE9F7F0A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwRenameKey [0xAE9F3B96]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwReplaceKey [0xAE9F2E80]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwReplyPort [0xAE9F6796]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwReplyWaitReceivePort [0xAE9F665C]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwRequestWaitReplyPort [0xAE9F781E]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwRestoreKey [0xAE9F31F8]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwResumeThread [0xAE9F8B32]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSaveKey [0xAE9F2E18]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSecureConnectPort [0xAE9F5A78]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetContextThread [0xAE9F4DA2]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetInformationToken [0xAE9F70BE]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetSecurityObject [0xAE9F7D14]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetSystemInformation [0xAE9F8768]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSetValueKey [0xAE9F3780]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSuspendProcess [0xAE9F885A]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSuspendThread [0xAE9F8994]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwSystemDebugControl [0xAE9F79A8]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwTerminateProcess [0xAE9F49D2]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwTerminateThread [0xAE9F4932]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwUnmapViewOfSection [0xAE9F84BC]
SSDT \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) ZwWriteVirtualMemory [0xAE9F4ABC]

Code \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) FsRtlCheckLockForReadAccess
Code \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab) IoIsOperationSynchronous

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!FsRtlCheckLockForReadAccess 804E9FA0 5 Bytes JMP AE9E6FEC \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)
.text ntkrnlpa.exe!IoIsOperationSynchronous 804EE87E 5 Bytes JMP AE9E73C8 \SystemRoot\system32\DRIVERS\klif.sys (Klif Mini-Filter [fre_wnet_x86]/Kaspersky Lab)
.text ntkrnlpa.exe!ZwCallbackReturn + 244C 80501C84 16 Bytes [90, 43, 9F, AE, 9C, 63, 9F, ...] {NOP ; INC EBX; LAHF ; SCASB ; PUSHF ; ARPL [EDI-0x5f493f52], BX; SCASB ; XCHG [EBX-0x61], CL; SCASB }
.text ntkrnlpa.exe!ZwCallbackReturn + 2508 80501D40 12 Bytes [76, 7B, 9F, AE, 46, 34, 9F, ...] {JBE 0x7d; LAHF ; SCASB ; INC ESI; XOR AL, 0x9f; SCASB ; POP EAX; XOR AL, 0x9f; SCASB }
.text ntkrnlpa.exe!ZwCallbackReturn + 2684 80501EBC 16 Bytes [96, 3B, 9F, AE, 80, 2E, 9F, ...]
.text ntkrnlpa.exe!ZwCallbackReturn + 2778 80501FB0 12 Bytes [5A, 88, 9F, AE, 94, 89, 9F, ...] {POP EDX; MOV [EDI-0x60766b52], BL; SCASB ; TEST AL, 0x79; LAHF ; SCASB }
.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB4DAD3A0, 0x8A1A15, 0xE8000020]

---- User code sections - GMER 1.0.15 ----

? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] C:\WINDOWS\system32\ntdll.dll time/date stamp mismatch;
? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] C:\WINDOWS\system32\kernel32.dll time/date stamp mismatch;
.text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] USER32.dll!AlignRects 7E362A78 4 Bytes [E0, 13, 48, 6C] {LOOPNZ 0x15; DEC EAX; INSB }
? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] C:\WINDOWS\system32\ntdll.dll time/date stamp mismatch;
? C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] C:\WINDOWS\system32\kernel32.dll time/date stamp mismatch;
.text C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] USER32.dll!AlignRects 7E362A78 4 Bytes [E0, 13, 48, 6C] {LOOPNZ 0x15; DEC EAX; INSB }
.text C:\Program Files\Minefield\firefox.exe[3784] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 01227380 C:\Program Files\Minefield\xul.dll (Mozilla Foundation)
.text C:\Program Files\Minefield\firefox.exe[3784] USER32.dll!GetWindowInfo 7E37C49C 5 Bytes JMP 013ADE8B C:\Program Files\Minefield\xul.dll (Mozilla Foundation)

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT \SystemRoot\system32\DRIVERS\tcpip.sys[TDI.SYS!TdiRegisterDeviceObject] [B78BEDC0] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
IAT \SystemRoot\system32\DRIVERS\netbt.sys[TDI.SYS!TdiRegisterDeviceObject] [B78BEDC0] kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlAllocateHeap] 01310240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlFreeHeap] 013102B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlSizeHeap] 01310320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlReAllocateHeap] 01310390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetErrorMode] 014F04E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 014F0550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] 014F05C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] 014F0630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetModuleHandleA] 014F06A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!HeapDestroy] 01310940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!HeapCreate] 013109B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!VirtualFree] 01310A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!VirtualAlloc] 01310A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateThread] 01310B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetErrorMode] 014F08D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!CreateThread] 01310CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleW] 014F0940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 014F09B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleA] 014F0A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] 014F0A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] 014F0B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!VirtualAlloc] 01310E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!VirtualFree] 01310E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlFreeHeap] 01310EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlAllocateHeap] 01310F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlReAllocateHeap] 7D830400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] 014F0B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] 014F0BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 014F0C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateThread] 7D830550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetModuleHandleW] 014F0CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!VirtualAlloc] 7D8305C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!VirtualFree] 7D830630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!RtlFreeHeap] 7D8306A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!RtlAllocateHeap] 7D830710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 014F0D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetModuleHandleW] 014F0DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] 014F0E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] 014F0E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!RtlFreeHeap] 7D830780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!RtlAllocateHeap] 7D8307F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] 014F0EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] 014F0F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D8402B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!CreateThread] 7D830860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetModuleHandleA] 7D840320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleHandleW] 7D8404E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateThread] 7D8308D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleHandleA] 7D840550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D8405C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] 7D840630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] 7D8406A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!RtlAllocateHeap] 7D830B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!RtlFreeHeap] 7D830B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D840710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] 7D840780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] 7D8407F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!RtlAllocateHeap] 7D830BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!RtlFreeHeap] 7D830C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetErrorMode] 7D840EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!CreateThread] 01320470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!GetProcAddress] 7D840F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!FreeLibrary] 01500010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01500080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\userenv.dll [ntdll.dll!RtlFreeHeap] 013204E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 015002B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!FreeLibrary] 01500320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!GetProcAddress] 01500390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!CreateThread] 013205C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\netapi32.dll [ntdll.dll!RtlAllocateHeap] 01320710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\netapi32.dll [ntdll.dll!RtlFreeHeap] 01320780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] 01500550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] 015005C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 01500630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 015006A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetErrorMode] 01500710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleA] 01500780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleW] 015007F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] 01500860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] 01320A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!HeapDestroy] 01320A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!HeapCreate] 01320B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] 015008D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!VirtualAlloc] 01330080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleHandleA] 01500D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!HeapCreate] 013300F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!VirtualFree] 01330160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!HeapDestroy] 01330320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01500DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleHandleW] 01500E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetErrorMode] 01500E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] 01500EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateThread] 01330390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] 01500F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!RtlFreeHeap] 01330400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] 01510010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetModuleHandleW] 01510080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] 015100F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateThread] 01330630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!VirtualAlloc] 013306A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01510160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!RtlFreeHeap] 01330710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!HeapCreate] 7D830240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!HeapDestroy] 7D8302B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] 7D840160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!CreateThread] 7D8301D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] 7D840010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D840240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] 7D840010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D840240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetModuleHandleA] 7D840080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!CreateThread] 7D8301D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1772] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] 7D840160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlAllocateHeap] 01030240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlFreeHeap] 010302B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlSizeHeap] 01030320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!RtlReAllocateHeap] 01030390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetErrorMode] 013004E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01300550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] 013005C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] 01300630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetModuleHandleA] 013006A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!HeapDestroy] 01030940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!HeapCreate] 010309B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!VirtualFree] 01030A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!VirtualAlloc] 01030A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateThread] 01030B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetErrorMode] 013008D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!CreateThread] 01030CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleW] 01300940
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 013009B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetModuleHandleA] 01300A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] 01300A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] 01300B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!VirtualAlloc] 01030E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!VirtualFree] 01030E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlFreeHeap] 01030EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlAllocateHeap] 01030F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\ADVAPI32.dll [ntdll.dll!RtlReAllocateHeap] 7D830400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] 01300B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] 01300BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01300C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateThread] 7D830550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetModuleHandleW] 01300CC0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!VirtualAlloc] 7D8305C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!VirtualFree] 7D830630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!RtlFreeHeap] 7D8306A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\RPCRT4.dll [ntdll.dll!RtlAllocateHeap] 7D830710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01300D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetModuleHandleW] 01300DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] 01300E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] 01300E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!RtlFreeHeap] 7D830780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\Secur32.dll [ntdll.dll!RtlAllocateHeap] 7D8307F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] 01300EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] 01300F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D8402B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!CreateThread] 7D830860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetModuleHandleA] 7D840320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleHandleW] 7D8404E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateThread] 7D8308D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetModuleHandleA] 7D840550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D8405C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] 7D840630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] 7D8406A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!RtlAllocateHeap] 7D830B00
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\USER32.dll [ntdll.dll!RtlFreeHeap] 7D830B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D840710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] 7D840780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] 7D8407F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!RtlAllocateHeap] 7D830BE0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\GDI32.dll [ntdll.dll!RtlFreeHeap] 7D830C50
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetErrorMode] 7D840EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!CreateThread] 01040470
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!GetProcAddress] 7D840F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!FreeLibrary] 01310010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01310080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\userenv.dll [ntdll.dll!RtlFreeHeap] 010404E0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 013102B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!FreeLibrary] 01310320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!GetProcAddress] 01310390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!CreateThread] 010405C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\netapi32.dll [ntdll.dll!RtlAllocateHeap] 01040710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\netapi32.dll [ntdll.dll!RtlFreeHeap] 01040780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] 01310550
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] 013105C0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] 01310630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 013106A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetErrorMode] 01310710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleA] 01310780
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetModuleHandleW] 013107F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] 01310860
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] 01040A20
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!HeapDestroy] 01040A90
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!HeapCreate] 01040B70
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] 013108D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!VirtualAlloc] 01050080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleHandleA] 01310D30
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!HeapCreate] 010500F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!VirtualFree] 01050160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!HeapDestroy] 01050320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01310DA0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetModuleHandleW] 01310E10
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetErrorMode] 01310E80
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] 01310EF0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateThread] 01050390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] 01310F60
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\SHELL32.dll [ntdll.dll!RtlFreeHeap] 01050400
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] 01320010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetModuleHandleW] 01320080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] 013200F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateThread] 01050630
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!VirtualAlloc] 010506A0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 01320160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\ole32.dll [ntdll.dll!RtlFreeHeap] 01050710
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!HeapCreate] 7D830240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!HeapDestroy] 7D8302B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] 7D840160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!CreateThread] 7D8301D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] 7D840010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D840240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] 7D840010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D840240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetModuleHandleA] 7D840080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!CreateThread] 7D8301D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] 7D840160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D840240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!FreeLibrary] 7D840010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!HeapCreate] 7D830240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!HeapDestroy] 7D8302B0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] 7D840160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\iphlpapi.dll [ntdll.dll!RtlFreeHeap] 7D830080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\iphlpapi.dll [ntdll.dll!RtlAllocateHeap] 7D830010
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\SAMLIB.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D840240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\SAMLIB.dll [KERNEL32.dll!VirtualFree] 7D830390
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\SAMLIB.dll [KERNEL32.dll!VirtualAlloc] 7D830320
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!CreateThread] 7D8301D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!SetErrorMode] 7D8401D0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetModuleHandleA] 7D840080
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetModuleHandleW] 7D8400F0
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!SetUnhandledExceptionFilter] 7D840240
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] 7D840160
IAT C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe[1792] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!FreeLibrary] 7D840010

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Tcpip \Device\Ip kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
AttachedDevice \Driver\Tcpip \Device\Tcp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
AttachedDevice \Driver\Tcpip \Device\Udp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)
AttachedDevice \Driver\Tcpip \Device\RawIp kl1.sys (Kaspersky Unified Driver/Kaspersky Lab ZAO)

Device mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 D:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x72 0xB2 0xAD 0xFA ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x7B 0x9B 0x8E 0xC5 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x78 0x7C 0x1B 0x89 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 D:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x72 0xB2 0xAD 0xFA ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x7B 0x9B 0x8E 0xC5 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x78 0x7C 0x1B 0x89 ...
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System@OODEFRAG11.00.00.01WORKSTATION D3CE9DBF956CE807F872C0F1DB6A490C727724FECD828A9EC1DA65DF93800B7DA37069418C183351E75E6AE2ACCE4D365B6C90496D2F6391B9221F3CC74A36BA382AAB1B48123BF5181B697629F8B0B94FFA048A02E8C54AC01F8CF58787C19F7ED96E505A48CF20A4F2808761D34FA6BB789992BD3CB35EB3D8BE714600F8E5E550DD7A155F28CF2FA49482AB0065E214B08FC496649537F6C5EFA53AAC0E1E62D1CA4993AD5ED95CE0316C9FD21727CAE34917485536146F53FAA05EBE1529EB1AAA7C2FC06D65D34E03599CD3E87F5B42FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A6A0AC4980AC79339DB7CE019D40AA5CFEBC9E127BECC74CA6274D0D7D094F861FC2E0D0C46F2638F9BDCE5A40728211C4FCC32BE3CE7037B2884BB1ABB75A46E12DEFF12BA9AF593DEFEAF133791AED60CA60858141C58A153FB05F041B37C05B37D4F730A42EF18AB3CE3E5DD8247571CC24203D3C4A7C1B0870DA5B52265413EE8524B063356EBE8A909DC71CA2C1D01B6693EAEE907337AC441A6A516D53307638EA6FC1592DDE8D0D9F5B219CDDF761C22F3C5BB046FB10A7C84F6055840284EDF492E9B3001067DE0B69191CC909611976CB5846C3A4285AC68A9AA9A07AE2651EA4DDE3309E576BD9A40931F9C7EC8A1D931
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System@OODEFRAG10.00.00.01WORKSTATION 341C9517F4DC6584CCDA353B439672522A86B26B43390EA4320E4DB200B7B7F039EC407C6A14593972CEB1B8FC11A1FDAC557F8C1DFB3534E8E8CA175401A9D0368CE342DA144C636457FBA46F65474082EEA77800E88A3C3392349822EC0675473F5294D83F3830B5DC00D5B2668BBED3F655CE2DE381FBED9494BF6E0FB0D9201090074FFA0DF40E07E10734E80A46DD5BE71434D205DA0B3C247A8E01001A074BD5107AB02D282A46F3573748D3C8EFC872B07EA2F1608F97541A305FFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A6A0AC4980AC79339DB7CE019D40AA5CFEBC9E127BECC74CDCA027A4A301584418CFEB840CE2BEDA3980E3AFBC84EB993F730BF37C7AE80D81B68D64545F3F1A5A9954A5A7952B57233EE8CE931BA7EE04B02858276EC51B8C123994E47AD5A7A05369471D1FDE0B3980C53B8843690CEB180E7948F112F9C679737FA013FBEE035D2A13922B7F2BFD604C9E41AE3877039D0622A261DB20EAD917AD05CDE3780A3CA7F3664603EE679CE1E417F2F13ACE58695F2B7B040AABC29670C534134FB11A869BA661B5945F170340938CC6E146032A058AE4C1B32AE7F359C6B06604EA42017C955237DB4355BBA47958BB00D27D49A89FA31DA200A148BFA5158B291BA6E250AC527C0A650

---- EOF - GMER 1.0.15 ----

#24 Příspěvek od **motji** » 27 lis 2011 02:03

Fajn, spustte znovu combofix, jestli už je vše ok

. Jak se chová počítač?

oky.2 · #25 Příspěvek od **oky.2** » 27 lis 2011 18:33

Tak jsem to projel Combem, ale problem je nevyřešen

oky.2 · #26 Příspěvek od **oky.2** » 28 lis 2011 16:18

Ještě mám takový menší postřeh, otévírání některých programů (Zoner, nero,..) trvá nechutně dlouhou dobu.

Zoner naběhne až po opětovným rozkliknutím a nero to preventivně vůbec

#27 Příspěvek od **motji** » 28 lis 2011 22:02

Poprosím o ten log z combofixu.

oky.2 · #28 Příspěvek od **oky.2** » 29 lis 2011 09:02

ComboFix 11-11-27.02 - Martin 27.11.2011 18:17:12.3.1 - x86
Spuštěný z: c:\documents and settings\Martin\Plocha\ComboFix.exe
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-10-27 do 2011-11-27 )))))))))))))))))))))))))))))))
.
.
2011-11-18 18:01 . 2011-11-18 18:13 -------- d-----w- c:\program files\trend micro
2011-11-18 18:01 . 2011-11-18 18:02 -------- d-----w- C:\rsit
2011-11-15 17:15 . 2011-11-22 16:52 486360 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll
2011-11-15 17:15 . 2011-11-22 16:52 43992 ----a-w- c:\program files\Mozilla Firefox\mozutils.dll
2011-11-15 17:15 . 2011-11-22 16:52 633816 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll
2011-11-15 17:15 . 2011-11-22 16:52 555992 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll
2011-11-13 16:45 . 2011-11-13 16:45 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AltrixSoft
2011-11-13 16:45 . 2011-11-13 16:48 -------- d-----w- c:\program files\Common Files\AltrixSoft
2011-11-13 15:01 . 2011-11-13 15:01 -------- d-sh--w- c:\documents and settings\All Users\Data aplikací\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2011-11-12 22:43 . 2011-11-12 22:43 119808 ----a-w- c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll
2011-11-11 17:25 . 2011-11-11 17:31 -------- d-----w- c:\program files\Yahoo!
2011-11-08 19:50 . 2010-10-05 19:26 109240 ----a-w- c:\program files\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru\components\abhelperxpcom.dll
2011-11-08 19:50 . 2010-10-05 19:27 150200 ----a-w- c:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\kavlinkfilter.dll
2011-11-08 19:50 . 2011-11-08 20:00 97961 ----a-w- c:\windows\system32\drivers\klick.dat
2011-11-08 19:50 . 2011-11-08 20:00 115369 ----a-w- c:\windows\system32\drivers\klin.dat
2011-11-08 19:49 . 2011-11-08 19:49 -------- d-----w- c:\program files\Kaspersky Lab
2011-11-08 19:49 . 2011-11-27 15:39 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Kaspersky Lab
2011-11-08 19:03 . 2010-10-05 19:26 109240 ----a-w- c:\program files\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak\components\abhelperxpcom.dll
2011-11-08 18:54 . 2011-11-09 14:48 -------- d-----w- C:\kleaner.tmp
2011-11-08 18:21 . 2011-11-08 18:21 -------- d--h--we c:\documents and settings\All Users\AVP11
2011-11-08 18:21 . 2010-10-05 19:27 150200 ----a-w- c:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak\components\kavlinkfilter.dll
2011-11-08 18:18 . 2011-11-08 19:42 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Kaspersky Lab Setup Files
2011-11-08 12:07 . 2011-11-16 16:38 -------- d-----w- c:\program files\AIMP3
2011-11-06 14:46 . 2011-11-06 14:46 -------- d-----w- c:\program files\Windows Sidebar
2011-11-06 13:36 . 2011-11-06 13:36 -------- d-----w- c:\program files\ESET
2011-11-06 12:25 . 2011-11-06 13:33 -------- d-----w- c:\documents and settings\Martin\Data aplikací\ESET
2011-10-30 16:08 . 2011-10-30 16:08 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-10-30 16:08 . 2011-10-30 16:07 103736 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-10-30 16:07 . 2011-10-30 16:07 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-16 18:24 . 2011-04-29 19:03 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-10 14:22 . 2008-09-30 17:02 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-09-28 07:06 . 2004-08-18 12:00 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-09-26 09:41 . 2008-07-29 17:59 613376 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 09:41 . 2004-08-18 12:00 22528 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 09:41 . 2004-08-18 12:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-06 14:10 . 2004-08-18 12:00 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-08-31 16:00 . 2010-08-18 12:56 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2011-11-22 16:52 . 2011-08-19 19:41 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2011-11-12 22:43 . 2011-11-12 22:43 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2008-04-14 06:51 . E7B375DFFB68A16659CA66474A280C47 . 806912 . . [2001.12.4414.700] . . c:\windows\NiwradSoft Shell Pack\Backup\comres.dll
[-] 2008-04-14 06:51 . 9BBABCB691B887769048255FA7047C05 . 1508864 . . [2001.12.4414.700] . . c:\windows\ServicePackFiles\i386\comres.dll
[-] 2008-04-14 06:51 . 9BBABCB691B887769048255FA7047C05 . 1508864 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll
.
[7] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\winlogon.exe
[-] 2008-04-14 . 471341D353962A35DA3C6324D59D09C4 . 547328 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2008-04-14 . 471341D353962A35DA3C6324D59D09C4 . 547328 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
.
[7] 2010-08-23 . E145ADD7DAEF759C4F5FB80A180A9C30 . 617472 . . [5.82] . . c:\windows\NiwradSoft Shell Pack\Backup\comctl32.dll
[-] 2010-08-23 . 157577AE3ED2862091111184966FAB66 . 643072 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll
[-] 2010-08-23 . 157577AE3ED2862091111184966FAB66 . 643072 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2010-08-23 . 157577AE3ED2862091111184966FAB66 . 643072 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll
[7] 2010-08-23 . 8A72A30FDC803DC06755D3B36D966F31 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
[7] 2008-04-14 . D7B7AE36A2EBA312AC4B53862019B3F5 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
[7] 2004-08-18 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
[7] 2004-08-18 . F76B3003366A205E05AFC0D034C7D3E9 . 1050624 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
.
[7] 2008-04-14 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\user32.dll
[-] 2008-04-14 . CCB32D10C69A89822E9134C0C4894BE1 . 578560 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll
[-] 2008-04-14 . CCB32D10C69A89822E9134C0C4894BE1 . 578560 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
.
[-] 2008-04-14 . D63C59BB0CA2F83B62D003FD52863090 . 1541120 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[7] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\explorer.exe
[-] 2008-04-14 . D63C59BB0CA2F83B62D003FD52863090 . 1541120 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
.
[-] 2008-04-14 . 6915639F41228891A883B2DA59AA7429 . 277504 . . [5.1.2600.5512] . . c:\windows\regedit.exe
[7] 2008-04-14 . FDEB1D02CAE38665CBF114F44E6B997E . 147968 . . [5.1.2600.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\regedit.exe
[-] 2008-04-14 . 6915639F41228891A883B2DA59AA7429 . 277504 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regedit.exe
.
[7] 2010-07-16 . 6D1A3A355CA2AC64D2D5BAEC25C16427 . 1287680 . . [5.1.2600.6010] . . c:\windows\NiwradSoft Shell Pack\Backup\ole32.dll
[-] 2010-07-16 . 81206718E930BEF6D92A64725907D973 . 1312768 . . [5.1.2600.6010] . . c:\windows\ServicePackFiles\i386\ole32.dll
[-] 2010-07-16 . 81206718E930BEF6D92A64725907D973 . 1312768 . . [5.1.2600.6010] . . c:\windows\system32\ole32.dll
[-] 2010-07-16 . 81206718E930BEF6D92A64725907D973 . 1312768 . . [5.1.2600.6010] . . c:\windows\system32\dllcache\ole32.dll
[7] 2010-07-16 . C85BE0CF9C91EB64CECA1D639D71D4CC . 1288704 . . [5.1.2600.6010] . . c:\windows\$hf_mig$\KB979687\SP3QFE\ole32.dll
.
[7] 2008-04-14 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\ctfmon.exe
[-] 2008-04-14 . 0415E09C0BCCBF8B5CD5A05889EFB962 . 40448 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2008-04-14 . 0415E09C0BCCBF8B5CD5A05889EFB962 . 40448 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
.
[7] 2008-04-14 . ED18ADEE4AA21EB26977260152D7241A . 345088 . . [5.1.2600.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\hnetcfg.dll
[-] 2008-04-14 . FDE84E2C6D0E1F75D61D7CC111A1DA5A . 369152 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\hnetcfg.dll
[-] 2008-04-14 . FDE84E2C6D0E1F75D61D7CC111A1DA5A . 369152 . . [5.1.2600.5512] . . c:\windows\system32\hnetcfg.dll
.
[7] 2010-12-09 . 40D176442F70573DBA0E05A7E40D3EBB . 2071552 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrnlpa.exe
[7] 2010-12-09 . 4FE7B81BEDE8D37C9E3D95C99A56A34E . 2071552 . . [5.1.2600.6055] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe
[7] 2010-12-09 . 4FE7B81BEDE8D37C9E3D95C99A56A34E . 2071552 . . [5.1.2600.6055] . . c:\windows\NiwradSoft Shell Pack\Backup\ntkrnlpa.exe
[-] 2010-12-09 . 3E500054792EA59F7D79B888C67AB669 . 2232704 . . [5.1.2600.6055] . . c:\windows\ServicePackFiles\i386\ntkrnlpa.exe
[-] 2010-12-09 . 3E500054792EA59F7D79B888C67AB669 . 2232704 . . [5.1.2600.6055] . . c:\windows\system32\ntkrnlpa.exe
[-] 2010-12-09 . 3E500054792EA59F7D79B888C67AB669 . 2232704 . . [5.1.2600.6055] . . c:\windows\system32\dllcache\ntkrnlpa.exe
[7] 2010-04-28 . 2FA1EF498F026847CF276DF9099ABE79 . 2069120 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlpa.exe
[7] 2010-02-16 . DCC3D91A3DEDBBA9ECFFA6028D872CF5 . 2069120 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe
[7] 2009-12-09 . 58516936F00D10D4B615C458A8A4AB71 . 2068352 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrnlpa.exe
[7] 2009-08-04 . 97815C93200676C727CE951AE5C78137 . 2068352 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe
[7] 2009-02-09 . FF8A3F180A224AA27EBAB937CA027F4D . 2068352 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[7] 2008-08-14 . 5495B7902AE2EEE3A98D889E9A679724 . 2068224 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe
.
[7] 2009-03-08 . B60DDDD2D63CE41CB8C487FCFBB6419E . 638816 . . [8.00.6001.18702] . . c:\windows\NiwradSoft Shell Pack\Backup\iexplore.exe
[-] 2009-03-08 . F68C1BAC147227B86FFB36828FF8BEDF . 510816 . . [8.00.6001.18702] . . c:\windows\ServicePackFiles\i386\iexplore.exe
[-] 2009-03-08 . F68C1BAC147227B86FFB36828FF8BEDF . 510816 . . [8.00.6001.18702] . . c:\windows\system32\dllcache\iexplore.exe
[7] 2008-12-19 . 15E8A89499741D5CF59A9CF6463A4339 . 634024 . . [7.00.6000.20978] . . c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\iexplore.exe
[7] 2008-12-19 . 030D78FE84A086ED376EFCBD2D72C522 . 634024 . . [7.00.6000.16791] . . c:\windows\ie8\iexplore.exe
[7] 2008-10-15 . 9D3DB9ADFABD2F0BC778EC03250A3ABB . 633632 . . [7.00.6000.16762] . . c:\windows\ie7updates\KB961260-IE7\iexplore.exe
[7] 2008-10-15 . 056C927CF7207857E8B34F7A8FFD9B9E . 633632 . . [7.00.6000.20935] . . c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\iexplore.exe
[7] 2008-04-14 . 414AFE6E8CCDE984E16D5ED08624CEC6 . 93184 . . [6.00.2900.5512] . . c:\windows\ie7\iexplore.exe
[7] 2007-08-13 . DE49B348A18369B4626FBA1D49B07FB4 . 622080 . . [7.00.5730.13] . . c:\windows\ie7updates\KB958215-IE7\iexplore.exe
.
[7] 2010-12-09 . 8D222D8EF9B1951296F822583A044542 . 2194944 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntoskrnl.exe
[7] 2010-12-09 . B6C5D4CBB22EEF31FAFBB76C2C6F3D99 . 2194944 . . [5.1.2600.6055] . . c:\windows\Driver Cache\i386\ntoskrnl.exe
[7] 2010-12-09 . B6C5D4CBB22EEF31FAFBB76C2C6F3D99 . 2194944 . . [5.1.2600.6055] . . c:\windows\NiwradSoft Shell Pack\Backup\ntoskrnl.exe
[-] 2010-12-09 . 5C09C92D01E24786F1156E0512A488FF . 2356096 . . [5.1.2600.6055] . . c:\windows\ServicePackFiles\i386\ntoskrnl.exe
[-] 2010-12-09 . 5C09C92D01E24786F1156E0512A488FF . 2356096 . . [5.1.2600.6055] . . c:\windows\system32\ntoskrnl.exe
[-] 2010-12-09 . 5C09C92D01E24786F1156E0512A488FF . 2356096 . . [5.1.2600.6055] . . c:\windows\system32\dllcache\ntoskrnl.exe
[7] 2010-04-28 . 91FE668957FF51A2DBCEE0D8637BA77E . 2192256 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe
[7] 2010-02-16 . 6B2312D847BA95F4E858CB4C3B5F51E1 . 2192256 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe
[7] 2009-12-09 . 7782F11AE957B736585870CD2671227B . 2191488 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntoskrnl.exe
[7] 2009-08-04 . 3502DBBC657001D7A2A2768BD7DE1483 . 2191488 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe
[7] 2009-02-10 . 97480EBFE1D4B547657BAD75AAAB1325 . 2191360 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[7] 2008-08-14 . 2BCBCE27A946C057051A85CB032F49FF . 2191360 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\NBHShellExt]
@="{8D2223A2-B3C6-4e32-B096-CDD11F628C60}"
[HKEY_CLASSES_ROOT\CLSID\{8D2223A2-B3C6-4e32-B096-CDD11F628C60}]
2008-06-10 10:29 97064 ----a-w- d:\program files\Nero\Nero8\InCD\NBHShx.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 577536]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-08-03 13892200]
"NvMediaCenter"="NvMCTray.dll" [2011-08-03 111208]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2011-07-05 1632360]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe" [2010-11-02 365336]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2011-11-12 30192]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 40448]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
.
[HKLM\~\startupfolder\C:^Documents and Settings^Martin^Nabídka Start^Programy^Po spuštění^Free Music Zilla.lnk]
backup=c:\windows\pss\Free Music Zilla.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-06-06 10:55 937920 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"TuneUp.UtilitiesSvc"=2 (0x2)
"UxTuneUp"=2 (0x2)
"MDM"=2 (0x2)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ICQ"="d:\program files\ICQ7.2\ICQ.exe" silent loginmode=4
"DAEMON Tools Lite"="d:\program files\DAEMON Tools Lite\DTLite.exe" -autorun
"WMPNSCFG"=c:\program files\Windows Media Player\WMPNSCFG.exe
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"OODefragTray"=c:\windows\system32\oodtray.exe
"QuickTime Task"="d:\program files\QuickTime\qttask.exe" -atboottime
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"CanonSolutionMenu"=c:\program files\Canon\SolutionMenu\CNSLMAIN.exe /logon
"CanonMyPrinter"=c:\program files\Canon\MyPrinter\BJMyPrt.exe /logon
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"BDRegion"=c:\program files\Cyberlink\Shared files\brs.exe
"BCSSync"="d:\program files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
"NiwradSoft Welcome"=c:\windows\NiwradSoft Shell Pack\Tools\NS Welcome.exe
"NeroFilterCheck"=c:\program files\Common Files\Nero\Lib\NeroCheck.exe
"SecurDisc"=d:\program files\Nero\Nero8\InCD\NBHGui.exe
"InCD"=d:\program files\Nero\Nero8\InCD\InCD.exe
"AutoKMS"=c:\windows\AutoKMS.exe
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Free Music Zilla\\FMZilla.exe"=
"d:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"d:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Opera Next\\opera.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
"d:\\Program Files\\ICQ7.2\\ICQ7.5\\ICQ.exe"=
"c:\\squid\\sbin\\squid.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"24956:TCP"= 24956:TCP:BitComet 24956 TCP
"24956:UDP"= 24956:UDP:BitComet 24956 UDP
.
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2011/01/08 19:00];d:\program files\CyberLink\PowerDVD10\PowerDVD10\NavFilter\000.fcl [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-07-04 136176]
R2 KMService;KMService;c:\windows\system32\srvany.exe [2010-09-26 8192]
R3 cpuz130;cpuz130;c:\docume~1\Martin\LOCALS~1\Temp\cpuz130\cpuz_x32.sys [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2010-08-28 13224]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2011-11-12 30192]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-07-04 136176]
R3 k510bus;Sony Ericsson K510 Driver driver (WDM);c:\windows\system32\DRIVERS\k510bus.sys [2006-02-17 58288]
R3 k510mdfl;Sony Ericsson K510 USB WMC Modem Filter;c:\windows\system32\DRIVERS\k510mdfl.sys [2006-02-17 8336]
R3 k510mdm;Sony Ericsson K510 USB WMC Modem Driver;c:\windows\system32\DRIVERS\k510mdm.sys [2006-02-17 94064]
R3 k510mgmt;Sony Ericsson K510 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\k510mgmt.sys [2006-02-17 85408]
R3 k510obex;Sony Ericsson K510 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\k510obex.sys [2006-02-17 83344]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2011-06-10 181792]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R3 WsAudioDevice_383;WsAudioDevice_383;c:\windows\system32\drivers\WsAudioDevice_383.sys [2008-11-19 16640]
R4 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [2010-06-09 11352]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [2010-11-09 21992]
S2 NeroRegInCDSrv;Nero Registry InCD Service;d:\program files\Nero\Nero8\InCD\NBHRegInCDSrv.exe [2008-06-10 53032]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-03 2255464]
S3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\DRIVERS\klim5.sys [2010-05-07 32856]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-11-02 19472]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2010-08-14 47360]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [2010-08-28 27632]
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
.
2011-11-27 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2009-04-27 13:37]
.
2011-11-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-04 08:30]
.
2011-11-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-04 08:30]
.
.
------- Doplňkový sken -------
.
uDefault_Search_URL = hxxp://search.qip.ru
uStart Page = hxxp://search.freemusiczilla.com
mStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = 127.0.0.1:3128
uCustomizeSearch = hxxp://www.Google.com/
uSearchAssistant = hxxp://search.qip.ru/ie
IE: E&xportovat do aplikace Microsoft Excel - d:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - d:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - d:\program files\ICQ7.2\ICQ7.5\ICQ.exe
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
TCP: DhcpNameServer = 84.16.122.105 84.16.96.2
FF - ProfilePath - c:\documents and settings\Martin\Data aplikací\Mozilla\Firefox\Profiles\6tjkss3s.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.google.cz
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q=
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-27 18:28
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\d:\program files\CyberLink\PowerDVD10\PowerDVD10\NavFilter\000.fcl"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1768)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\cscui.dll
c:\windows\system32\COMRes.dll
.
- - - - - - - > 'lsass.exe'(1884)
c:\windows\system32\setupapi.dll
.
- - - - - - - > 'explorer.exe'(232)
c:\windows\system32\COMRes.dll
d:\program files\Nero\Nero8\InCD\NBHShx.dll
d:\program files\Nero\Nero8\InCD\NBHStr.dll
c:\program files\Common Files\Nero\Shared\NL3\AdvrCntr3.dll
c:\windows\system32\SETUPAPI.dll
c:\windows\System32\cscui.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
.
Celkový čas: 2011-11-27 18:30:33
ComboFix-quarantined-files.txt 2011-11-27 17:30
ComboFix2.txt 2011-11-23 19:36
ComboFix3.txt 2011-11-21 18:09
.
Před spuštěním: Volných bajtů: 10 107 809 792
Po spuštění: Volných bajtů: 10 064 510 976
.
- - End Of File - - DA18B935AE9344A4A497FD50BD6ABE8B

#29 Příspěvek od **motji** » 29 lis 2011 14:12

LOg je ok. Ted jsou konrkétně jaké problémy?

oky.2 · #30 Příspěvek od **oky.2** » 29 lis 2011 16:13

Když rozkliknu tento počítač tak se zobrazuje animace s lupou více než je zdrávo něco přes 10s. Dále v síťových připojeních se nezobrazuje nic, před tím tam bylo že pc je připojen (ale internet jede). V poslední době když rozkliknu nějaký program tak načítá dlouho, nero načetlo až po 10 min. (ale ne u všech), některý se otevře až po kolikátým rozkliknutím. U těch programu potom zapravidla vyskočí hláška, pokusím se ju připojit do přílohy pokud se mně to povede. Počítač by neměl být zahlcen, pravidelně ho čistím a programy které se spouštějí při startu mám stlačeny na minimum.

VIRY.CZ

Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka