Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Zavirování - proces: "cislo:cislo.exe"

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
honnza
Návštěvník
Návštěvník
Příspěvky: 29
Registrován: 06 bře 2005 10:18
Bydliště: Nový Jičín
Kontaktovat uživatele:

Zavirování - proces: "cislo:cislo.exe"

#1 Příspěvek od honnza »

Dobrý den,
Chtěl bych někoho zkušenějšího poprosit o radu...

snažím se odvirovat kolegovi NB. Byl celý zpomalený a zasekaný.

Jakýkoliv antivir nebo RSIT i antirootkit se pri běhu sekl a vypl a pak uz nešel spustit ...(pracoval jsem v nouzovem rezimu)...

Trochu jsem googlil neznámý proces "čislo:čislo.exe" nasel jsem návod http://forums.majorgeeks.com/showthread.php?t=222773. Po tomto "removeru" se mi podařilo zpustit RSIT. Přiložím oba logy.


Děkuju.


14:01:54.0125 0948 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
14:01:54.0187 0948 ============================================================
14:01:54.0187 0948 Current date / time: 2012/01/04 14:01:54.0187
14:01:54.0187 0948 SystemInfo:
14:01:54.0187 0948
14:01:54.0187 0948 OS Version: 5.1.2600 ServicePack: 3.0
14:01:54.0187 0948 Product type: Workstation
14:01:54.0187 0948 ComputerName: NB-BOREK
14:01:54.0187 0948 UserName: autocont
14:01:54.0187 0948 Windows directory: C:\WINDOWS
14:01:54.0187 0948 System windows directory: C:\WINDOWS
14:01:54.0187 0948 Processor architecture: Intel x86
14:01:54.0187 0948 Number of processors: 1
14:01:54.0187 0948 Page size: 0x1000
14:01:54.0187 0948 Boot type: Safe boot with network
14:01:54.0187 0948 ============================================================
14:01:57.0546 0948 Initialize success
14:02:25.0656 1140 ============================================================
14:02:25.0656 1140 Scan started
14:02:25.0656 1140 Mode: Manual; SigCheck; TDLFS;
14:02:25.0656 1140 ============================================================
14:02:26.0578 1140 148cbe8e (8f2bb1827cac01aee6a16e30a1260199) C:\WINDOWS\2394852372:3950199153.exe
14:02:26.0578 1140 Suspicious file (Hidden): C:\WINDOWS\2394852372:3950199153.exe. md5: 8f2bb1827cac01aee6a16e30a1260199
14:02:26.0578 1140 148cbe8e ( Rootkit.Win32.PMax.gen ) - infected
14:02:26.0578 1140 148cbe8e - detected Rootkit.Win32.PMax.gen (0)
14:02:26.0671 1140 Abiosdsk - ok
14:02:26.0734 1140 abp480n5 - ok
14:02:26.0843 1140 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:02:29.0109 1140 ACPI - ok
14:02:29.0234 1140 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
14:02:29.0437 1140 ACPIEC - ok
14:02:29.0500 1140 adpu160m - ok
14:02:29.0593 1140 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
14:02:29.0734 1140 aec - ok
14:02:29.0828 1140 Afc (fe3ea6e9afc1a78e6edca121e006afb7) C:\WINDOWS\system32\drivers\Afc.sys
14:02:29.0937 1140 Afc - ok
14:02:30.0078 1140 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
14:02:30.0140 1140 AFD - ok
14:02:30.0203 1140 Aha154x - ok
14:02:30.0250 1140 aic78u2 - ok
14:02:30.0296 1140 aic78xx - ok
14:02:30.0406 1140 aksfridge (cb5a5079744a0535416d3a5e462c5efe) C:\WINDOWS\system32\DRIVERS\aksfridge.sys
14:02:30.0500 1140 aksfridge - ok
14:02:30.0609 1140 akshasp (1a27f5555448cc2d29d281b11f39177e) C:\WINDOWS\system32\DRIVERS\akshasp.sys
14:02:30.0671 1140 akshasp - ok
14:02:30.0750 1140 akshhl (147b61b81be1ffc38939ea47e5cfb51f) C:\WINDOWS\system32\DRIVERS\akshhl.sys
14:02:30.0796 1140 akshhl - ok
14:02:30.0859 1140 aksusb (b4ad9f5d78f27e0c6994e0cb05c60e21) C:\WINDOWS\system32\DRIVERS\aksusb.sys
14:02:30.0890 1140 aksusb - ok
14:02:30.0953 1140 AliIde - ok
14:02:31.0031 1140 amsint - ok
14:02:31.0109 1140 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
14:02:31.0234 1140 Arp1394 - ok
14:02:31.0312 1140 asc - ok
14:02:31.0375 1140 asc3350p - ok
14:02:31.0421 1140 asc3550 - ok
14:02:31.0562 1140 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:02:31.0687 1140 AsyncMac - ok
14:02:31.0781 1140 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
14:02:31.0906 1140 atapi - ok
14:02:31.0968 1140 Atdisk - ok
14:02:32.0062 1140 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:02:32.0187 1140 Atmarpc - ok
14:02:32.0343 1140 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
14:02:32.0468 1140 audstub - ok
14:02:32.0734 1140 AvgLdx86 (b8c187439d27aba430dd69fdcf1fa657) C:\WINDOWS\system32\Drivers\avgldx86.sys
14:02:32.0765 1140 AvgLdx86 - ok
14:02:32.0828 1140 AvgMfx86 (80ff2b1b7eeda966394f0baa895bbf4b) C:\WINDOWS\system32\Drivers\avgmfx86.sys
14:02:32.0843 1140 AvgMfx86 - ok
14:02:32.0984 1140 AvgRkx86 (5bbcd8646074a3af4ee9b321d12c2b64) C:\WINDOWS\system32\Drivers\avgrkx86.sys
14:02:33.0015 1140 AvgRkx86 - ok
14:02:33.0109 1140 AvgTdiX (9a7a93388f503a34e7339ae7f9997449) C:\WINDOWS\system32\Drivers\avgtdix.sys
14:02:33.0125 1140 AvgTdiX - ok
14:02:33.0203 1140 b57w2k (f96038aa1ec4013a93d2420fc689d1e9) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
14:02:33.0281 1140 b57w2k - ok
14:02:33.0406 1140 BCM43XX (b89bcf0a25aeb3b47030ac83287f894a) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
14:02:33.0500 1140 BCM43XX - ok
14:02:33.0562 1140 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
14:02:33.0671 1140 Beep - ok
14:02:33.0796 1140 C-Dilla - ok
14:02:33.0906 1140 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
14:02:34.0062 1140 cbidf2k - ok
14:02:34.0156 1140 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
14:02:34.0312 1140 CCDECODE - ok
14:02:34.0375 1140 cd20xrnt - ok
14:02:34.0437 1140 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
14:02:34.0578 1140 Cdaudio - ok
14:02:34.0671 1140 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
14:02:34.0812 1140 Cdfs - ok
14:02:34.0906 1140 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:02:35.0031 1140 Cdrom - ok
14:02:35.0109 1140 Changer - ok
14:02:35.0234 1140 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
14:02:35.0359 1140 CmBatt - ok
14:02:35.0437 1140 CmdIde - ok
14:02:35.0500 1140 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
14:02:35.0625 1140 Compbatt - ok
14:02:35.0703 1140 Cpqarray - ok
14:02:35.0765 1140 dac2w2k - ok
14:02:35.0812 1140 dac960nt - ok
14:02:35.0921 1140 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
14:02:36.0046 1140 Disk - ok
14:02:36.0156 1140 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
14:02:36.0328 1140 dmboot - ok
14:02:36.0421 1140 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
14:02:36.0531 1140 dmio - ok
14:02:36.0656 1140 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
14:02:36.0781 1140 dmload - ok
14:02:36.0890 1140 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
14:02:37.0015 1140 DMusic - ok
14:02:37.0140 1140 dpti2o - ok
14:02:37.0218 1140 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
14:02:37.0328 1140 drmkaud - ok
14:02:37.0484 1140 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
14:02:37.0609 1140 Fastfat - ok
14:02:37.0718 1140 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
14:02:37.0828 1140 Fdc - ok
14:02:37.0890 1140 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
14:02:38.0015 1140 Fips - ok
14:02:38.0109 1140 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
14:02:38.0234 1140 Flpydisk - ok
14:02:38.0312 1140 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
14:02:38.0453 1140 FltMgr - ok
14:02:38.0578 1140 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:02:38.0703 1140 Fs_Rec - ok
14:02:38.0828 1140 FTDIBUS (a36e8beedb3aaca09bf55a1d17904bc8) C:\WINDOWS\system32\drivers\ftdibus.sys
14:02:38.0843 1140 FTDIBUS - ok
14:02:38.0906 1140 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:02:39.0046 1140 Ftdisk - ok
14:02:39.0125 1140 FTSER2K (a14a1f4bb391df9c233cb5dbd05feb70) C:\WINDOWS\system32\drivers\ftser2k.sys
14:02:39.0140 1140 FTSER2K - ok
14:02:39.0187 1140 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:02:39.0328 1140 Gpc - ok
14:02:39.0390 1140 grmnusb (6003bc70f1a8307262bd3c941bda0b7e) C:\WINDOWS\system32\drivers\grmnusb.sys
14:02:39.0453 1140 grmnusb - ok
14:02:39.0656 1140 hardlock (9de9a7a19195c57ef38b4ee25422f2d7) C:\WINDOWS\system32\drivers\hardlock.sys
14:02:39.0703 1140 hardlock - ok
14:02:39.0781 1140 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
14:02:39.0906 1140 HDAudBus - ok
14:02:40.0000 1140 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:02:40.0125 1140 HidUsb - ok
14:02:40.0187 1140 hpn - ok
14:02:40.0265 1140 HSFHWAZL (7d33d2b81bd8b4bc51b536b113295d51) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
14:02:40.0343 1140 HSFHWAZL - ok
14:02:40.0421 1140 HSF_DPV (fb6ad8a16e22c91d5978b26e0300a331) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
14:02:40.0515 1140 HSF_DPV - ok
14:02:40.0625 1140 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
14:02:40.0671 1140 HTTP - ok
14:02:40.0750 1140 i2omgmt - ok
14:02:40.0781 1140 i2omp - ok
14:02:40.0859 1140 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
14:02:40.0968 1140 i8042prt - ok
14:02:41.0281 1140 ialm (28423512370705aeda6a652fedb25468) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
14:02:41.0718 1140 ialm - ok
14:02:41.0812 1140 igfx - ok
14:02:41.0953 1140 imagedrv (0a7c49b48c772591a2d362daa00246c8) C:\WINDOWS\system32\Drivers\imagedrv.sys
14:02:41.0968 1140 imagedrv ( UnsignedFile.Multi.Generic ) - warning
14:02:41.0968 1140 imagedrv - detected UnsignedFile.Multi.Generic (1)
14:02:42.0031 1140 imagesrv (549ba4f539e7b8d8129500b96dd7b27a) C:\WINDOWS\system32\DRIVERS\imagesrv.sys
14:02:42.0046 1140 imagesrv ( UnsignedFile.Multi.Generic ) - warning
14:02:42.0046 1140 imagesrv - detected UnsignedFile.Multi.Generic (1)
14:02:42.0140 1140 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
14:02:42.0265 1140 Imapi - ok
14:02:42.0343 1140 ini910u - ok
14:02:42.0609 1140 IntcAzAudAddService (cbddab14249b2f05407fc09ab8fffb88) C:\WINDOWS\system32\drivers\RtkHDAud.sys
14:02:42.0984 1140 IntcAzAudAddService - ok
14:02:43.0062 1140 IntelIde - ok
14:02:43.0140 1140 intelppm (27b290d632af2cf3cf40bfddb7370985) C:\WINDOWS\system32\DRIVERS\intelppm.sys
14:02:43.0250 1140 intelppm - ok
14:02:43.0390 1140 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
14:02:43.0515 1140 Ip6Fw - ok
14:02:43.0593 1140 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:02:43.0734 1140 IpFilterDriver - ok
14:02:43.0812 1140 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:02:43.0937 1140 IpInIp - ok
14:02:43.0984 1140 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:02:44.0109 1140 IpNat - ok
14:02:44.0203 1140 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:02:44.0328 1140 IPSec - ok
14:02:44.0406 1140 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
14:02:44.0531 1140 irda - ok
14:02:44.0609 1140 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
14:02:44.0734 1140 IRENUM - ok
14:02:44.0828 1140 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:02:44.0968 1140 isapnp - ok
14:02:45.0093 1140 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:02:45.0218 1140 Kbdclass - ok
14:02:45.0296 1140 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
14:02:45.0421 1140 kbdhid - ok
14:02:45.0515 1140 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
14:02:45.0640 1140 kmixer - ok
14:02:45.0765 1140 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
14:02:45.0859 1140 KSecDD - ok
14:02:45.0937 1140 lbrtfdc - ok
14:02:46.0078 1140 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\WINDOWS\system32\drivers\mbam.sys
14:02:46.0093 1140 MBAMProtector - ok
14:02:46.0171 1140 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
14:02:46.0203 1140 MBAMSwissArmy - ok
14:02:46.0296 1140 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
14:02:46.0328 1140 mdmxsdk - ok
14:02:46.0390 1140 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
14:02:46.0531 1140 mnmdd - ok
14:02:46.0609 1140 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
14:02:46.0718 1140 Modem - ok
14:02:46.0828 1140 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:02:46.0953 1140 Mouclass - ok
14:02:46.0984 1140 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:02:47.0109 1140 mouhid - ok
14:02:47.0218 1140 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
14:02:47.0343 1140 MountMgr - ok
14:02:47.0390 1140 MPE (c0f8e0c2c3c0437cf37c6781896dc3ec) C:\WINDOWS\system32\DRIVERS\MPE.sys
14:02:47.0500 1140 MPE - ok
14:02:47.0546 1140 mraid35x - ok
14:02:47.0609 1140 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:02:47.0734 1140 MRxDAV - ok
14:02:47.0875 1140 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:02:47.0937 1140 MRxSmb - ok
14:02:48.0015 1140 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
14:02:48.0140 1140 Msfs - ok
14:02:48.0203 1140 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:02:48.0328 1140 MSKSSRV - ok
14:02:48.0375 1140 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:02:48.0500 1140 MSPCLOCK - ok
14:02:48.0546 1140 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
14:02:48.0687 1140 MSPQM - ok
14:02:48.0765 1140 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:02:48.0875 1140 mssmbios - ok
14:02:48.0953 1140 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
14:02:49.0078 1140 MSTEE - ok
14:02:49.0171 1140 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
14:02:49.0203 1140 Mup - ok
14:02:49.0328 1140 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
14:02:49.0453 1140 NABTSFEC - ok
14:02:49.0562 1140 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
14:02:49.0703 1140 NDIS - ok
14:02:49.0828 1140 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
14:02:49.0968 1140 NdisIP - ok
14:02:50.0062 1140 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:02:50.0125 1140 NdisTapi - ok
14:02:50.0187 1140 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:02:50.0312 1140 Ndisuio - ok
14:02:50.0390 1140 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:02:50.0531 1140 NdisWan - ok
14:02:50.0656 1140 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
14:02:50.0734 1140 NDProxy - ok
14:02:50.0828 1140 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
14:02:50.0953 1140 NetBIOS - ok
14:02:51.0015 1140 NetBT (180bd024b6bbf9d36e918aa7d246cf96) C:\WINDOWS\system32\DRIVERS\netbt.sys
14:02:51.0015 1140 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\netbt.sys. Real md5: 180bd024b6bbf9d36e918aa7d246cf96, Fake md5: 74b2b2f5bea5e9a3dc021d685551bd3d
14:02:51.0015 1140 NetBT ( Rootkit.Win32.ZAccess.e ) - infected
14:02:51.0015 1140 NetBT - detected Rootkit.Win32.ZAccess.e (0)
14:02:51.0156 1140 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
14:02:51.0281 1140 NIC1394 - ok
14:02:51.0359 1140 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
14:02:51.0500 1140 Npfs - ok
14:02:51.0562 1140 NSCIRDA (2adc0ca9945c65284b3d19bc18765974) C:\WINDOWS\system32\DRIVERS\nscirda.sys
14:02:51.0703 1140 NSCIRDA - ok
14:02:51.0812 1140 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
14:02:51.0968 1140 Ntfs - ok
14:02:52.0109 1140 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
14:02:52.0234 1140 Null - ok
14:02:52.0359 1140 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:02:52.0500 1140 NwlnkFlt - ok
14:02:52.0593 1140 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:02:52.0703 1140 NwlnkFwd - ok
14:02:52.0859 1140 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
14:02:52.0984 1140 ohci1394 - ok
14:02:53.0156 1140 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\drivers\Parport.sys
14:02:53.0281 1140 Parport - ok
14:02:53.0343 1140 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
14:02:53.0453 1140 PartMgr - ok
14:02:53.0546 1140 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
14:02:53.0656 1140 ParVdm - ok
14:02:53.0796 1140 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
14:02:53.0921 1140 PCI - ok
14:02:53.0984 1140 PCIDump - ok
14:02:54.0078 1140 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
14:02:54.0234 1140 PCIIde - ok
14:02:54.0328 1140 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
14:02:54.0468 1140 Pcmcia - ok
14:02:54.0531 1140 PDCOMP - ok
14:02:54.0578 1140 PDFRAME - ok
14:02:54.0625 1140 PDRELI - ok
14:02:54.0671 1140 PDRFRAME - ok
14:02:54.0718 1140 perc2 - ok
14:02:54.0765 1140 perc2hib - ok
14:02:54.0906 1140 pfc (957b82ec80ad7ead64e5e47df6b0dc40) C:\WINDOWS\system32\drivers\pfc.sys
14:02:54.0921 1140 pfc ( UnsignedFile.Multi.Generic ) - warning
14:02:54.0921 1140 pfc - detected UnsignedFile.Multi.Generic (1)
14:02:55.0031 1140 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:02:55.0140 1140 PptpMiniport - ok
14:02:55.0187 1140 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
14:02:55.0312 1140 PSched - ok
14:02:55.0390 1140 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:02:55.0515 1140 Ptilink - ok
14:02:55.0625 1140 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
14:02:55.0640 1140 PxHelp20 - ok
14:02:55.0718 1140 ql1080 - ok
14:02:55.0750 1140 Ql10wnt - ok
14:02:55.0796 1140 ql12160 - ok
14:02:55.0828 1140 ql1240 - ok
14:02:55.0906 1140 ql1280 - ok
14:02:55.0937 1140 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:02:56.0078 1140 RasAcd - ok
14:02:56.0203 1140 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
14:02:56.0281 1140 Rasirda - ok
14:02:56.0375 1140 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:02:56.0500 1140 Rasl2tp - ok
14:02:56.0609 1140 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:02:56.0718 1140 RasPppoe - ok
14:02:56.0812 1140 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
14:02:56.0937 1140 Raspti - ok
14:02:57.0031 1140 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:02:57.0156 1140 Rdbss - ok
14:02:57.0234 1140 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:02:57.0375 1140 RDPCDD - ok
14:02:57.0515 1140 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
14:02:57.0640 1140 rdpdr - ok
14:02:57.0750 1140 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
14:02:57.0796 1140 RDPWD - ok
14:02:57.0875 1140 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
14:02:58.0000 1140 redbook - ok
14:02:58.0140 1140 rootrepeal - ok
14:02:58.0296 1140 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
14:02:58.0468 1140 sdbus - ok
14:02:58.0593 1140 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:02:58.0734 1140 Secdrv - ok
14:02:58.0875 1140 Serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
14:02:59.0000 1140 Serenum - ok
14:02:59.0093 1140 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\drivers\Serial.sys
14:02:59.0218 1140 Serial - ok
14:02:59.0375 1140 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
14:02:59.0500 1140 Sfloppy - ok
14:02:59.0593 1140 Simbad - ok
14:02:59.0656 1140 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
14:02:59.0796 1140 SLIP - ok
14:02:59.0875 1140 Sparrow - ok
14:02:59.0953 1140 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
14:03:00.0093 1140 splitter - ok
14:03:00.0187 1140 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
14:03:00.0328 1140 sr - ok
14:03:00.0453 1140 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
14:03:00.0484 1140 Srv - ok
14:03:00.0593 1140 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
14:03:00.0703 1140 streamip - ok
14:03:00.0750 1140 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
14:03:00.0875 1140 swenum - ok
14:03:00.0968 1140 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
14:03:01.0125 1140 swmidi - ok
14:03:01.0203 1140 symc810 - ok
14:03:01.0265 1140 symc8xx - ok
14:03:01.0312 1140 sym_hi - ok
14:03:01.0343 1140 sym_u3 - ok
14:03:01.0453 1140 SynTP (cc5da243cfdac58fc0408f7ce24084c5) C:\WINDOWS\system32\DRIVERS\SynTP.sys
14:03:01.0500 1140 SynTP - ok
14:03:01.0562 1140 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
14:03:01.0687 1140 sysaudio - ok
14:03:01.0765 1140 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:03:01.0843 1140 Tcpip - ok
14:03:01.0921 1140 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
14:03:02.0046 1140 TDPIPE - ok
14:03:02.0125 1140 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
14:03:02.0234 1140 TDTCP - ok
14:03:02.0312 1140 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
14:03:02.0453 1140 TermDD - ok
14:03:02.0578 1140 tifm21 (e4c85c291ddb3dc5e4a2f227ca465ba6) C:\WINDOWS\system32\drivers\tifm21.sys
14:03:02.0640 1140 tifm21 - ok
14:03:02.0703 1140 TosIde - ok
14:03:02.0828 1140 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
14:03:02.0953 1140 Udfs - ok
14:03:03.0015 1140 ultra - ok
14:03:03.0109 1140 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
14:03:03.0250 1140 Update - ok
14:03:03.0390 1140 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
14:03:03.0515 1140 usbccgp - ok
14:03:03.0609 1140 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:03:03.0734 1140 usbehci - ok
14:03:03.0828 1140 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:03:03.0937 1140 usbhub - ok
14:03:04.0046 1140 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
14:03:04.0156 1140 usbscan - ok
14:03:04.0250 1140 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:03:04.0359 1140 USBSTOR - ok
14:03:04.0484 1140 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
14:03:04.0593 1140 usbuhci - ok
14:03:04.0718 1140 uxkx1 (c085eebdb5824f7ee08c2a57c809db72) C:\WINDOWS\system32\DRIVERS\uxkx1.sys
14:03:04.0796 1140 uxkx1 - ok
14:03:04.0875 1140 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
14:03:05.0015 1140 VgaSave - ok
14:03:05.0078 1140 ViaIde - ok
14:03:05.0156 1140 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
14:03:05.0281 1140 VolSnap - ok
14:03:05.0421 1140 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:03:05.0546 1140 Wanarp - ok
14:03:05.0625 1140 WDICA - ok
14:03:05.0718 1140 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
14:03:05.0843 1140 wdmaud - ok
14:03:05.0968 1140 winachsf (9692ab8ba2dcd649a86b1b9b81154278) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
14:03:06.0062 1140 winachsf - ok
14:03:06.0281 1140 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
14:03:06.0390 1140 WmiAcpi - ok
14:03:06.0578 1140 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
14:03:06.0703 1140 WSTCODEC - ok
14:03:06.0843 1140 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
14:03:06.0890 1140 WudfPf - ok
14:03:06.0953 1140 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
14:03:06.0984 1140 WudfRd - ok
14:03:07.0093 1140 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
14:03:07.0421 1140 \Device\Harddisk0\DR0 - ok
14:03:07.0453 1140 MBR (0x1B8) (0645814d4d8226505738304a7a3f3440) \Device\Harddisk1\DR2
14:03:07.0984 1140 \Device\Harddisk1\DR2 - ok
14:03:08.0031 1140 Boot (0x1200) (ad6e4e26669456032452fb55a5dbf45e) \Device\Harddisk0\DR0\Partition0
14:03:08.0031 1140 \Device\Harddisk0\DR0\Partition0 - ok
14:03:08.0062 1140 ============================================================
14:03:08.0062 1140 Scan finished
14:03:08.0062 1140 ============================================================
14:03:08.0203 1120 Detected object count: 5
14:03:08.0203 1120 Actual detected object count: 5
14:14:44.0312 1120 HKLM\SYSTEM\ControlSet001\services\148cbe8e - will be deleted on reboot
14:14:44.0390 1120 HKLM\SYSTEM\ControlSet003\services\148cbe8e - will be deleted on reboot
14:14:44.0421 1120 C:\WINDOWS\2394852372:3950199153.exe - will be deleted on reboot
14:14:44.0421 1120 148cbe8e ( Rootkit.Win32.PMax.gen ) - User select action: Delete
14:14:44.0421 1120 imagedrv ( UnsignedFile.Multi.Generic ) - skipped by user
14:14:44.0421 1120 imagedrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:14:44.0437 1120 imagesrv ( UnsignedFile.Multi.Generic ) - skipped by user
14:14:44.0437 1120 imagesrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:14:44.0828 1120 Backup copy found, using it..
14:14:44.0843 1120 C:\WINDOWS\system32\DRIVERS\netbt.sys - will be cured on reboot
14:14:45.0578 1120 C:\WINDOWS\system32\c_17755.nls - will be deleted on reboot
14:14:45.0593 1120 C:\WINDOWS\system32\c_17755.nl_ - will be deleted on reboot
14:14:47.0250 1120 NetBT ( Rootkit.Win32.ZAccess.e ) - User select action: Cure
14:14:47.0265 1120 pfc ( UnsignedFile.Multi.Generic ) - skipped by user
14:14:47.0265 1120 pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:15:13.0484 0632 Deinitialize success
Obrázek

honnza
Návštěvník
Návštěvník
Příspěvky: 29
Registrován: 06 bře 2005 10:18
Bydliště: Nový Jičín
Kontaktovat uživatele:

Re: Zavirování - proces: "cislo:cislo.exe"

#2 Příspěvek od honnza »

Přikládám log RSIT:



Logfile of random's system information tool 1.09 (written by random/random)
Run by autocont at 2012-01-04 15:17:16
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 26 GB (23%) free of 114 GB
Total RAM: 1014 MB (73% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2119669116-2072395555-1277150550-1142.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2119669116-2072395555-1277150550-1157.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2119669116-2072395555-1277150550-1142.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2119669116-2072395555-1277150550-1157.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\autocont.NB-BOREK\Data aplikací\Mozilla\Firefox\Profiles\aatamr35.default

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video
"{6904342A-8307-11DF-A508-4AE2DFD72085}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"{3f963a5b-e555-4543-90e2-c3908898db71}"=C:\Program Files\AVG\AVG9\Firefox


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe Flash Player 9.0
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0]
"Description"=DivX OVS Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.732]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files\real\realplayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=1.0.3.732]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files\real\realplayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.732]
"Description"=6.0.12.732
"Path"=c:\program files\real\realplayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
xmlfiller@software602.cz
{800b5000-a755-47e1-992b-48a1c1357f07}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{B13721C7-F507-4982-B2E5-502A71474FED}
{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nppl3260.xpt
nsIFillerPlugin.xpt
nsJSRealPlayerPlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
flashplayer.xpt
npdeployJava1.dll
npEModelPlugin.dll
npfiller.dll
NPOFF12.DLL
NPOFFICE.DLL
nppdf32.dll
nppl3260.dll
nprjplug.dll
nprpjplug.dll
NPSWF32.dll
NPSWF32_FlashUtil.exe
nsEModelPlugin.xpt

C:\Program Files\Mozilla Firefox\searchplugins\
crawlersrch.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2011-09-05 64928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader - C:\Program Files\Winamp Toolbar\winamptb.dll [2010-07-28 1267024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-03-21 341600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08 3123072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2012-01-02 1623392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08 3123072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-12-04 342192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll [2011-11-22 1003576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}]
Inbox Toolbar - C:\PROGRA~1\INBOXT~1\Inbox.dll [2010-06-15 848376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-11 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-10-11 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D7E97865-918F-41E4-9CD0-25AB1C574CE8} - &Inbox Toolbar - C:\PROGRA~1\INBOXT~1\Inbox.dll [2010-06-15 848376]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files\Winamp Toolbar\winamptb.dll [2010-07-28 1267024]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-12-04 342192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-03-21 16126464]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2007-09-07 102400]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-04-21 142104]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-04-21 162584]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-04-21 138008]
"SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-09-28 185896]
"OpwareSE4"=C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [2006-10-11 75304]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [2005-02-17 221184]
"POPUPTV"=C:\Program Files\ASUS\PopupTV\ExpressTV.exe [2009-02-20 708608]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2010-12-09 74752]
"DivX Download Manager"=C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe [2010-12-08 63360]
"Google Quick Search Box"=C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe [2011-02-26 126976]
"USB Storage Toolbox"=C:\WINDOWS\UMStor\Res.EXE [2005-09-14 65536]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2012-01-02 2078048]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-02-17 81920]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-03-21 202256]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"mshtune"=C:\Documents and Settings\All Users\mshtune.exe []
"jusched"=C:\Documents and Settings\All Users\defragcs.exe []
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-12-09 1226608]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2011-12-24 460872]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Action Manager 32.lnk - C:\Program Files\ScannerU\AM32.exe
Akcelerátor spuštění AutoCADu.lnk - C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
AutoCAD Startup Accelerator.lnk - C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
Místní vyhledávání.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe
TMMonitor.lnk - C:\Program Files\ArcSoft\TotalMedia 3.5\TMMonitor.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2012-01-02 12536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-04-17 204800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 294400]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\46631845.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\46631845.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rootrepeal.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"RunStartupScriptSync"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Grisoft\AVG7\avginet.exe"="C:\Program Files\Grisoft\AVG7\avginet.exe:*:Enabled:avginet.exe"
"C:\Program Files\Grisoft\AVG7\avgamsvr.exe"="C:\Program Files\Grisoft\AVG7\avgamsvr.exe:*:Enabled:avgamsvr.exe"
"C:\Program Files\Grisoft\AVG7\avgcc.exe"="C:\Program Files\Grisoft\AVG7\avgcc.exe:*:Enabled:avgcc.exe"
"C:\Program Files\Grisoft\AVG7\avgemc.exe"="C:\Program Files\Grisoft\AVG7\avgemc.exe:*:Enabled:avgemc.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQLite\ICQLite.exe"="C:\Program Files\ICQLite\ICQLite.exe:*:Enabled:ICQ Lite"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ Library"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\ArcSoft\TotalMedia 3.5\TotalMedia.exe"="C:\Program Files\ArcSoft\TotalMedia 3.5\TotalMedia.exe:LocalSubNet:Enabled:ArcSoft TotalMedia 3.5"
"C:\Program Files\Google\Google SketchUp 7\SketchUp.exe"="C:\Program Files\Google\Google SketchUp 7\SketchUp.exe:*:Enabled:SketchUp Application"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQLite\ICQLite.exe"="C:\Program Files\ICQLite\ICQLite.exe:*:Enabled:ICQ Lite"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Miranda IM\miranda32.exe"="C:\Program Files\Miranda IM\miranda32.exe:*:Enabled:Miranda IM"
"C:\Program Files\Panasonic\Wireless Manager ME2\WM.exe"="C:\Program Files\Panasonic\Wireless Manager ME2\WM.exe:*:Enabled:Wireless Manager GUI"
"C:\Program Files\RealVNC\VNC4\winvnc4.exe"="C:\Program Files\RealVNC\VNC4\winvnc4.exe:*:Enabled:winvnc4"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "
"C:\WINDOWS\explorer.exe"="C:\WINDOWS\explorer.exe:*:Enabled:Průzkumník Windows"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Program Files\Wolfenstein - Enemy Territory\ET.exe"="C:\Program Files\Wolfenstein - Enemy Territory\ET.exe:*:Enabled:ET"
"C:\Program Files\AVG\AVG8\avgam.exe"="C:\Program Files\AVG\AVG8\avgam.exe:*:Enabled:avgam.exe"
"C:\Program Files\AVG\AVG8\avgdiag.exe"="C:\Program Files\AVG\AVG8\avgdiag.exe:*:Enabled:avgdiag.exe"
"C:\Program Files\AVG\AVG8\avgdiagex.exe"="C:\Program Files\AVG\AVG8\avgdiagex.exe:*:Enabled:avgdiagex.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\Mozilla Thunderbird\thunderbird.exe"="C:\Program Files\Mozilla Thunderbird\thunderbird.exe:*:Enabled:Mozilla Thunderbird"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer"
"C:\Program Files\Winamp\winamp.exe"="C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\TeamViewer\Version6\TeamViewer.exe"="C:\Program Files\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\Program Files\Common Files\Java\Java Update\jucheck.exe"="C:\Program Files\Common Files\Java\Java Update\jucheck.exe:*:Enabled:Java(TM) Update Checker"
"C:\Program Files\Common Files\Java\Java Update\jusched.exe"="C:\Program Files\Common Files\Java\Java Update\jusched.exe:*:Enabled:Java(TM) Update Scheduler"
"C:\Program Files\Google\Update\GoogleUpdate.exe"="C:\Program Files\Google\Update\GoogleUpdate.exe:*:Enabled:Instalační program Google"
"C:\Program Files\AVG\AVG9\avgdiagex.exe"="C:\Program Files\AVG\AVG9\avgdiagex.exe:*:Enabled:avgdiagex.exe"
"C:\Program Files\AVG\AVG9\avgam.exe"="C:\Program Files\AVG\AVG9\avgam.exe:*:Enabled:avgam.exe"
"C:\Program Files\AVG\AVG9\avgemc.exe"="C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\AVG\AVG9\avgcmgr.exe"="C:\Program Files\AVG\AVG9\avgcmgr.exe:*:Enabled:Prevalence reporter"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=L3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.ACDV"=ACDV.dll
"vidc.div4"=DivXc32f.dll
"vidc.div3"=DivXc32.dll
"vidc.xvid"=xvidvfw.dll
"vidc.mp43"=mpg4c32.dll
"msacm.l3radius"=l3codecp.acm
"msacm.divxa"=divxa32.acm
"msacm.vorbis"=Vorbis.acm
"msacm.a3d"=a3d.dll
"VIDC.YV12"=DivX.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"MSVideo8"=VfWWDM32.dll
"vidc.asv2"=asusasv2.dll
"vidc.DIVX"=DivX.dll

======File associations======

.js - open - %SystemRoot%\System32\CScript.exe "%1" %*
.scr - open -
.scr - install -
.scr - config -
.vbs - open - %SystemRoot%\System32\CScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-01-04 15:05:14 ----D---- C:\rsit
2012-01-04 15:05:14 ----D---- C:\Program Files\trend micro
2012-01-04 14:51:39 ----A---- C:\TDSSKiller.2.6.25.0_04.01.2012_14.51.39_log.txt
2012-01-04 14:46:30 ----D---- C:\Documents and Settings\autocont.NB-BOREK\Data aplikací\ArcSoft
2012-01-04 14:46:29 ----D---- C:\Documents and Settings\autocont.NB-BOREK\Data aplikací\Windows Desktop Search
2012-01-04 14:45:46 ----D---- C:\Documents and Settings\autocont.NB-BOREK\Data aplikací\Real
2012-01-04 14:45:32 ----A---- C:\TDSSKiller.2.6.25.0_04.01.2012_14.45.32_log.txt
2012-01-04 14:44:23 ----D---- C:\Documents and Settings\autocont.NB-BOREK\Data aplikací\Identities
2012-01-04 14:44:23 ----A---- C:\WINDOWS\OEWABLog.txt
2012-01-04 14:16:22 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-01-04 14:01:54 ----A---- C:\TDSSKiller.2.6.25.0_04.01.2012_14.01.54_log.txt
2012-01-04 14:01:46 ----D---- C:\Documents and Settings\autocont.NB-BOREK\Data aplikací\Zoner
2012-01-04 13:56:39 ----D---- C:\Documents and Settings\autocont.NB-BOREK\Data aplikací\Adobe
2012-01-04 10:47:28 ----A---- C:\WINDOWS\ntbtlog.txt
2012-01-04 10:47:08 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2012-01-04 10:47:07 ----D---- C:\Documents and Settings\autocont.NB-BOREK\Data aplikací\Malwarebytes
2012-01-04 10:46:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2012-01-04 10:46:51 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2012-01-04 10:46:51 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2012-01-04 10:44:52 ----D---- C:\Program Files\CCleaner
2012-01-04 10:33:30 ----D---- C:\Documents and Settings\autocont.NB-BOREK\Data aplikací\Mozilla
2012-01-04 10:32:02 ----ASH---- C:\Documents and Settings\autocont.NB-BOREK\Data aplikací\desktop.ini
2012-01-04 10:32:01 ----SD---- C:\Documents and Settings\autocont.NB-BOREK\Data aplikací\Microsoft
2012-01-04 10:32:01 ----D---- C:\Documents and Settings\autocont.NB-BOREK\Data aplikací\Macromedia
2012-01-03 11:56:25 ----A---- C:\WINDOWS\wininit.ini
2012-01-03 11:35:04 ----D---- C:\Program Files\ESET
2012-01-03 11:20:12 ----D---- C:\Program Files\Spybot - Search & Destroy
2012-01-03 11:20:12 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2012-01-02 19:05:33 ----HD---- C:\Documents and Settings\All Users\Data aplikací\Common Files
2012-01-02 15:39:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2619339$
2012-01-02 15:38:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2618451$
2012-01-02 15:36:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2620712$
2012-01-02 15:34:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2633171$
2012-01-02 14:48:33 ----HD---- C:\$AVG
2012-01-02 14:43:55 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2012-01-02 14:27:56 ----A---- C:\WINDOWS\system32\drivers\avgtdix.sys
2012-01-02 14:27:56 ----A---- C:\WINDOWS\system32\drivers\avgrkx86.sys
2012-01-02 14:27:49 ----A---- C:\WINDOWS\system32\drivers\avgldx86.sys
2012-01-02 14:27:48 ----A---- C:\WINDOWS\system32\drivers\avgmfx86.sys
2012-01-02 14:27:10 ----D---- C:\WINDOWS\system32\drivers\Avg
2012-01-02 14:26:29 ----D---- C:\Documents and Settings\All Users\Data aplikací\avg9
2012-01-02 14:04:01 ----D---- C:\WINDOWS\pss
2011-12-25 15:50:23 ----A---- C:\WINDOWS\system32\XAudio2_7.dll
2011-12-25 15:50:23 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll
2011-12-25 15:50:18 ----A---- C:\WINDOWS\system32\xactengine3_7.dll
2011-12-25 15:50:17 ----A---- C:\WINDOWS\system32\d3dcsx_43.dll
2011-12-25 15:50:17 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll
2011-12-25 15:50:16 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2011-12-25 15:50:15 ----A---- C:\WINDOWS\system32\d3dx10_43.dll
2011-12-25 15:50:14 ----A---- C:\WINDOWS\system32\D3DX9_43.dll
2011-12-25 15:50:13 ----A---- C:\WINDOWS\system32\XAudio2_6.dll
2011-12-25 15:50:13 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll
2011-12-25 15:50:13 ----A---- C:\WINDOWS\system32\xactengine3_6.dll
2011-12-25 15:50:12 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll
2011-12-25 15:50:10 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
2011-12-25 15:50:10 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
2011-12-25 15:48:30 ----HD---- C:\WINDOWS\msdownld.tmp
2011-12-25 15:32:14 ----D---- C:\Documents and Settings\All Users\Data aplikací\Solidshield
2011-12-25 15:24:27 ----D---- C:\Documents and Settings\All Users\Data aplikací\Electronic Arts
2011-12-25 15:24:26 ----D---- C:\Documents and Settings\All Users\Data aplikací\EA Core
2011-12-25 15:02:11 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
2011-12-25 15:02:03 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
2011-12-25 15:01:51 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
2011-12-25 15:01:48 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2011-12-25 15:01:46 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2011-12-25 15:01:25 ----D---- C:\Program Files\Electronic Arts
2011-12-25 14:48:39 ----N---- C:\WINDOWS\system32\drivers\UMSTOR.sys
2011-12-25 14:48:39 ----D---- C:\WINDOWS\UMStor
2011-12-25 14:48:32 ----D---- C:\Program Files\USB Disk Win98 Driver
2011-12-25 14:44:55 ----D---- C:\MTV_OUTPUT

======List of files/folders modified in the last 1 month======

2012-01-04 15:05:14 ----D---- C:\Program Files
2012-01-04 14:51:50 ----D---- C:\WINDOWS\system32\CatRoot2
2012-01-04 14:51:41 ----D---- C:\WINDOWS\system32\drivers
2012-01-04 14:50:55 ----SHD---- C:\WINDOWS\CSC
2012-01-04 14:46:13 ----D---- C:\WINDOWS
2012-01-04 14:45:04 ----D---- C:\WINDOWS\Temp
2012-01-04 14:44:35 ----SHD---- C:\WINDOWS\Installer
2012-01-04 14:44:35 ----SHD---- C:\Config.Msi
2012-01-04 14:33:07 ----D---- C:\WINDOWS\Prefetch
2012-01-04 14:17:21 ----D---- C:\WINDOWS\SoftwareDistribution
2012-01-04 14:15:44 ----D---- C:\WINDOWS\system32
2012-01-04 10:45:44 ----D---- C:\WINDOWS\Logs
2012-01-04 10:45:44 ----D---- C:\WINDOWS\Debug
2012-01-04 10:45:41 ----SHD---- C:\RECYCLER
2012-01-04 10:45:41 ----D---- C:\WINDOWS\Minidump
2012-01-04 10:44:17 ----HD---- C:\WINDOWS\inf
2012-01-04 10:32:00 ----D---- C:\Documents and Settings
2012-01-03 11:58:12 ----D---- C:\Program Files\MyWebSearch
2012-01-03 11:54:43 ----SD---- C:\WINDOWS\Downloaded Program Files
2012-01-03 11:54:43 ----D---- C:\Program Files\Internet Explorer
2012-01-03 11:33:20 ----SD---- C:\WINDOWS\Tasks
2012-01-03 10:51:01 ----SH---- C:\boot.ini
2012-01-03 10:51:01 ----A---- C:\WINDOWS\win.ini
2012-01-03 10:51:01 ----A---- C:\WINDOWS\system.ini
2012-01-02 15:44:10 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2012-01-02 15:39:45 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-01-02 15:39:37 ----HD---- C:\WINDOWS\$hf_mig$
2012-01-02 15:23:10 ----A---- C:\WINDOWS\wincmd.ini
2012-01-02 14:26:33 ----D---- C:\Program Files\AVG
2012-01-02 14:25:58 ----D---- C:\WINDOWS\WinSxS
2012-01-02 14:07:10 ----D---- C:\WINDOWS\security
2011-12-25 15:59:39 ----D---- C:\Program Files\Microsoft Silverlight
2011-12-25 15:50:25 ----D---- C:\WINDOWS\system32\DirectX
2011-12-25 15:48:20 ----D---- C:\Temp
2011-12-25 15:23:51 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2011-12-25 14:48:39 ----SHDC---- C:\WINDOWS\$NtUninstallKB22013$
2011-12-25 14:48:39 ----D---- C:\WINDOWS\system
2011-12-25 14:48:34 ----HD---- C:\Program Files\InstallShield Installation Information
2011-12-25 14:47:53 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-12-25 14:47:28 ----A---- C:\WINDOWS\NeroDigital.ini
2011-12-16 09:16:45 ----D---- C:\WINDOWS\system32\drivers\etc
2011-12-05 09:36:56 ----D---- C:\Program Files\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AvgRkx86;avgrkx86.sys; C:\WINDOWS\System32\Drivers\avgrkx86.sys [2012-01-02 52872]
R0 imagedrv;imagedrv; C:\WINDOWS\System32\Drivers\imagedrv.sys [2004-03-02 5504]
R0 imagesrv;imagesrv; C:\WINDOWS\system32\DRIVERS\imagesrv.sys [2004-03-02 125184]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-07-12 45648]
R1 AvgTdiX;AVG Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2012-01-02 243152]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2006-11-10 18688]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2007-02-16 160256]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2007-10-29 10368]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2007-09-07 215904]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2012-01-02 216400]
S1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2012-01-02 29712]
S1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S2 aksfridge;HASP Fridge; C:\WINDOWS\system32\DRIVERS\aksfridge.sys [2008-03-18 350720]
S2 hardlock;hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
S2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
S2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
S3 akshasp;Aladdin HASP Key; C:\WINDOWS\system32\DRIVERS\akshasp.sys [2007-09-11 238976]
S3 akshhl;Aladdin HASP HL Key; C:\WINDOWS\system32\DRIVERS\akshhl.sys [2007-09-11 46336]
S3 aksusb;Aladdin USB Key; C:\WINDOWS\system32\DRIVERS\aksusb.sys [2007-09-11 14976]
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2006-10-12 604928]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 C-Dilla;C-Dilla; \??\C:\WINDOWS\system32\drivers\CDANT.SYS []
S3 FTDIBUS;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2007-06-27 53184]
S3 FTSER2K;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2007-06-27 71488]
S3 grmnusb;Garmin USB Driver; C:\WINDOWS\system32\drivers\grmnusb.sys [2009-04-17 9344]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2007-03-01 988032]
S3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2007-03-01 210688]
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-04-17 5760096]
S3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd32.sys []
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-03-26 4395008]
S3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 NSCIRDA;NSC Infrared Device Driver; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2008-04-13 28672]
S3 rootrepeal;rootrepeal; \??\C:\WINDOWS\system32\drivers\rootrepeal.sys []
S3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2007-01-25 290304]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 uxkx1;ASUS MyCinema DiBcom based digital tuner device; C:\WINDOWS\system32\DRIVERS\uxkx1.sys [2008-10-28 609280]
S3 uxloqpoc;uxloqpoc; \??\C:\DOCUME~1\AUTOCO~1.NB-\LOCALS~1\Temp\uxloqpoc.sys []
S3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2007-03-01 731136]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2012-01-04 106496]
S2 avg9emc;AVG E-mail Scanner; C:\Program Files\AVG\AVG9\avgemc.exe [2012-01-02 916480]
S2 avg9wd;AVG WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2012-01-02 299520]
S2 avgagent;AVG7 Remote Support Service (AvgAgent); avgagent.exe /srvfsys []
S2 hasplms;HASP License Manager; C:\WINDOWS\system32\hasplms.exe -run []
S2 InterBaseGuardian;InterBase Guardian; C:\PROGRA~1\borland\INTERB~1\Bin\ibguard.exe -s []
S2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-10-11 147456]
S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-24 652872]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
S2 WinVNC4;VNC Server Version 4; C:\Program Files\RealVNC\VNC4\WinVNC4.exe -service []
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2009-03-18 77944]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdate1c99da3dd552baa;Google Update Service (gupdate1c99da3dd552baa); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-03-05 133104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-03-05 133104]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 InterBaseServer;InterBase Server; C:\PROGRA~1\borland\INTERB~1\Bin\ibserver.exe -s -g []
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2008-10-24 138240]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-10-16 182768]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
Obrázek

Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Zavirování - proces: "cislo:cislo.exe"

#3 Příspěvek od motji »

Zdravím :)

:arrow: Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.

honnza
Návštěvník
Návštěvník
Příspěvky: 29
Registrován: 06 bře 2005 10:18
Bydliště: Nový Jičín
Kontaktovat uživatele:

Re: Zavirování - proces: "cislo:cislo.exe"

#4 Příspěvek od honnza »

Dobrý den, Děkuju Vám za rychlou odpověď !!!

Přikládam log CF:

ComboFix 12-01-03.08 - autocont 04.01.2012 15:39:25.1.1 - x86 NETWORK
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1014.800 [GMT 1:00]
Spuštěný z: c:\documents and settings\autocont.NB-BOREK\Plocha\ComboFix.exe
AV: AVG Anti-Virus Business Edition *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\borek.old\WINDOWS
c:\program files\MyWebSearch
c:\program files\MyWebSearch\bar\firefox\chrome\M3FFXTBR.JAR
c:\windows\$NtUninstallKB22013$
c:\windows\$NtUninstallKB22013$\344768142\{1B372133-BFFA-4dba-9CCF-5474BED6A9F6}
c:\windows\$NtUninstallKB22013$\344768142\L\aaaesuur
c:\windows\$NtUninstallKB22013$\344768142\loader.tlb
c:\windows\$NtUninstallKB22013$\344768142\U\@00000001
c:\windows\$NtUninstallKB22013$\344768142\U\@000000c0
c:\windows\$NtUninstallKB22013$\344768142\U\@000000cb
c:\windows\$NtUninstallKB22013$\344768142\U\@000000cf
c:\windows\$NtUninstallKB22013$\344768142\U\@80000000
c:\windows\$NtUninstallKB22013$\344768142\U\@800000c0
c:\windows\$NtUninstallKB22013$\344768142\U\@800000cb
c:\windows\$NtUninstallKB22013$\344768142\U\@800000cf
c:\windows\$NtUninstallKB22013$\4115336003
c:\windows\2394852372
.
Nakažená kopie c:\windows\system32\drivers\mqac.sys byla nalezena a vyléčena.
Obnovena kopie z - The cat found it :)
Nakažená kopie c:\windows\system32\wuauclt.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ServicePackFiles\i386\wuauclt.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-04 do 2012-01-04 )))))))))))))))))))))))))))))))
.
.
2012-01-04 14:05 . 2012-01-04 14:05 -------- d-----w- C:\rsit
2012-01-04 14:05 . 2012-01-04 14:05 -------- d-----w- c:\program files\trend micro
2012-01-04 09:47 . 2012-01-04 09:49 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2012-01-04 09:46 . 2012-01-04 09:46 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2012-01-04 09:44 . 2012-01-04 09:44 -------- d-----w- c:\program files\CCleaner
2012-01-04 09:32 . 2012-01-04 09:46 -------- d-----w- c:\documents and settings\autocont.NB-BOREK
2012-01-04 08:26 . 2012-01-04 08:26 -------- d-----r- c:\documents and settings\LocalService\Oblíbené položky
2012-01-03 10:35 . 2012-01-03 10:35 -------- d-----w- c:\program files\ESET
2012-01-03 10:30 . 2012-01-03 10:30 -------- d-----w- c:\documents and settings\autocont\Local Settings\Data aplikací\Mozilla
2012-01-03 10:20 . 2012-01-03 13:33 -------- d-----w- c:\program files\Spybot - Search & Destroy
2012-01-03 10:20 . 2012-01-03 11:17 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Spybot - Search & Destroy
2012-01-03 10:14 . 2012-01-03 10:17 -------- d-----w- c:\documents and settings\autocont\Data aplikací\Inbox Toolbar
2012-01-03 10:13 . 2012-01-03 10:14 -------- d-----w- c:\documents and settings\autocont\Local Settings\Data aplikací\ConduitEngine
2012-01-03 10:13 . 2012-01-03 10:13 -------- d-----w- c:\documents and settings\autocont\Local Settings\Data aplikací\Winamp Toolbar
2012-01-02 18:05 . 2012-01-02 18:05 -------- d--h--w- c:\documents and settings\All Users\Data aplikací\Common Files
2012-01-02 14:35 . 2012-01-02 14:35 -------- d-----w- c:\documents and settings\autocont\Local Settings\Data aplikací\PCHealth
2012-01-02 13:57 . 2012-01-02 13:57 -------- d-----w- c:\documents and settings\autocont\Local Settings\Data aplikací\GHISLER
2012-01-02 13:48 . 2012-01-02 13:48 -------- d-----w- C:\$AVG
2012-01-02 13:43 . 2012-01-02 13:43 12536 ----a-w- c:\windows\system32\avgrsstx.dll
2012-01-02 13:27 . 2012-01-02 13:44 243152 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2012-01-02 13:27 . 2012-01-02 13:27 52872 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2012-01-02 13:27 . 2012-01-02 13:27 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2012-01-02 13:27 . 2012-01-02 13:43 29712 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2012-01-02 13:27 . 2012-01-04 07:58 -------- d-----w- c:\windows\system32\drivers\Avg
2012-01-02 13:26 . 2012-01-04 09:29 -------- d-----w- c:\documents and settings\All Users\Data aplikací\avg9
2012-01-02 13:02 . 2012-01-02 13:02 -------- d-----w- c:\documents and settings\autocont\Local Settings\Data aplikací\Temp
2012-01-02 13:02 . 2012-01-02 13:02 -------- d-----w- c:\documents and settings\autocont\Local Settings\Data aplikací\Adobe
2011-12-30 18:06 . 2011-12-30 18:06 56200 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\{CAA4994E-3C65-4DFB-9D44-E7BD6431EA69}\offreg.dll
2011-12-25 14:48 . 2011-12-25 14:49 -------- d--h--w- c:\windows\msdownld.tmp
2011-12-25 14:32 . 2011-12-25 14:33 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Solidshield
2011-12-25 14:24 . 2011-12-25 14:24 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Electronic Arts
2011-12-25 14:24 . 2011-12-25 14:24 -------- d-----w- c:\documents and settings\All Users\Data aplikací\EA Core
2011-12-25 14:02 . 2009-09-04 16:29 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2011-12-25 14:02 . 2009-09-04 16:29 5501792 ----a-w- c:\windows\system32\d3dcsx_42.dll
2011-12-25 14:01 . 2009-09-04 16:29 235344 ----a-w- c:\windows\system32\d3dx11_42.dll
2011-12-25 14:01 . 2009-09-04 16:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2011-12-25 14:01 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2011-12-25 14:01 . 2011-12-25 14:01 -------- d-----w- c:\program files\Electronic Arts
2011-12-25 13:48 . 2011-12-25 13:48 -------- d-----w- c:\windows\UMStor
2011-12-25 13:48 . 2011-12-25 13:48 -------- d-----w- c:\windows\system\iosubsys
2011-12-25 13:48 . 2003-11-21 17:09 201736 ------w- c:\windows\system32\drivers\UMSTOR.sys
2011-12-25 13:48 . 2011-12-25 13:48 -------- d-----w- c:\program files\USB Disk Win98 Driver
2011-12-25 13:44 . 2011-12-25 13:44 -------- d-----w- C:\MTV_OUTPUT
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-04 13:15 . 2007-08-02 12:00 162816 ----a-w- c:\windows\system32\drivers\netbt.sys
2011-12-01 18:52 . 2011-12-01 18:52 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-28 05:32 . 2007-08-02 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-26 10:50 . 2007-08-02 12:00 2194944 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-26 10:50 . 2004-08-17 15:45 2071552 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-18 11:13 . 2007-08-02 12:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-10-11 11:47 . 2007-10-29 17:09 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-10-11 11:47 . 2011-10-11 11:48 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-10-07 03:48 . 2011-11-29 23:33 6668624 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\{CAA4994E-3C65-4DFB-9D44-E7BD6431EA69}\mpengine.dll
2011-10-07 03:48 . 2007-10-29 16:56 6668624 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2011-08-30 09:23 . 2011-08-10 23:08 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-17 14:54 175912 ----a-w- c:\program files\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\prxConduitEngine.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-03-21 16126464]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-07 102400]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-04-21 142104]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-04-21 162584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-04-21 138008]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 185896]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 75304]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2005-02-17 221184]
"POPUPTV"="c:\program files\ASUS\PopupTV\ExpressTV.exe" [2009-02-20 708608]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2010-12-09 74752]
"DivX Download Manager"="c:\program files\DivX\DivX Plus Web Player\DDmService.exe" [2010-12-08 63360]
"Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2011-02-26 126976]
"USB Storage Toolbox"="c:\windows\UMStor\Res.EXE" [2005-09-14 65536]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2012-01-02 2078048]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-17 81920]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-03-21 202256]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-12-09 1226608]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-04 435096]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Action Manager 32.lnk - c:\program files\ScannerU\AM32.exe [2007-11-14 69632]
Akcelerátor spuštění AutoCADu.lnk - c:\program files\Common Files\Autodesk Shared\acstart17.exe [2006-3-5 11000]
AutoCAD Startup Accelerator.lnk - c:\program files\Common Files\Autodesk Shared\acstart16.exe [2006-9-23 10872]
Místní vyhledávání.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2007-2-5 118784]
TMMonitor.lnk - c:\program files\ArcSoft\TotalMedia 3.5\TMMonitor.exe [2009-12-23 258048]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2007-02-05 294400]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2012-01-02 13:43 12536 ----a-w- c:\windows\system32\avgrsstx.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Google\\Google SketchUp 7\\SketchUp.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2.1.2012 14:27 52872]
R1 AvgTdiX;AVG Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2.1.2012 14:27 243152]
S1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2.1.2012 14:27 216400]
S2 avg9emc;AVG E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [2.1.2012 14:26 916480]
S2 avg9wd;AVG WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2.1.2012 14:43 299520]
S2 avgagent;AVG7 Remote Support Service (AvgAgent);avgagent.exe /srvfsys --> avgagent.exe [?]
S2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run --> c:\windows\system32\hasplms.exe -run [?]
S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 19:19 13592]
S3 gupdate1c99da3dd552baa;Google Update Service (gupdate1c99da3dd552baa);c:\program files\Google\Update\GoogleUpdate.exe [5.3.2009 16:05 133104]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [5.3.2009 16:05 133104]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [4.1.2012 10:47 40776]
S3 uxkx1;ASUS MyCinema DiBcom based digital tuner device;c:\windows\system32\drivers\uxkx1.sys [23.12.2009 20:07 609280]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Obsah adresáře 'Naplánované úlohy'
.
2012-01-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-05 15:05]
.
2012-01-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-05 15:05]
.
2011-12-30 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 18:20]
.
2012-01-04 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2119669116-2072395555-1277150550-1142.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]
.
2012-01-04 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2119669116-2072395555-1277150550-1157.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]
.
2012-01-03 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2119669116-2072395555-1277150550-1142.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]
.
2012-01-02 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2119669116-2072395555-1277150550-1157.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]
.
.
------- Doplňkový sken -------
.
TCP: DhcpNameServer = 192.168.1.10
DPF: Garmin Communicator Plug-In - hxxps://my.garmin.com/mygarmin/m/GarminAxControl.CAB
DPF: {1F831FA2-42FC-11D4-95A6-0080AD30DCE1} - file:///C:/Program%20Files/AutoCAD%20LT%202000i%20Cz/InstFred.ocx
DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://85.207.254.4/activex/AMC.cab
FF - ProfilePath - c:\documents and settings\autocont.NB-BOREK\Data aplikací\Mozilla\Firefox\Profiles\aatamr35.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-mshtune - c:\documents and settings\All Users\mshtune.exe
SafeBoot-46631845.sys
AddRemove-Autodesk DWF Viewer - c:\progra~1\Autodesk\AUTODE~1\Setup.exe
AddRemove-Datalogger_is1 - c:\program files\Comet\Logger\unins000.exe
AddRemove-HDMI - c:\windows\system32\igxpun.exe
AddRemove-HijackThis - c:\documents and settings\borek\Plocha\HijackThis.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-01-04 15:52
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVG\AVG9\avgchsvx.exe
.
**************************************************************************
.
Celkový čas: 2012-01-04 15:57:53 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-01-04 14:57
.
Před spuštěním: Volných bajtů: 27 429 220 352
Po spuštění: Volných bajtů: 28 120 125 440
.
- - End Of File - - DC6897352F425C5C41A0862D6E8E355D
Obrázek

Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Zavirování - proces: "cislo:cislo.exe"

#5 Příspěvek od motji »

Máte tam nějakej mišmqš v antivirech, zítra bych vám napsala opravný skript.
Ted poprosím o nový log z TDSS killer.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.

honnza
Návštěvník
Návštěvník
Příspěvky: 29
Registrován: 06 bře 2005 10:18
Bydliště: Nový Jičín
Kontaktovat uživatele:

Re: Zavirování - proces: "cislo:cislo.exe"

#6 Příspěvek od honnza »

Diky, ty antivyry si pořeším sám, zůstane jen AVG, zbytek odinstaluju a povypinam rezidentni stity.

16:23:30.0687 3760 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
16:23:30.0843 3760 ============================================================
16:23:30.0843 3760 Current date / time: 2012/01/04 16:23:30.0843
16:23:30.0843 3760 SystemInfo:
16:23:30.0843 3760
16:23:30.0843 3760 OS Version: 5.1.2600 ServicePack: 3.0
16:23:30.0843 3760 Product type: Workstation
16:23:30.0843 3760 ComputerName: NB-BOREK
16:23:30.0843 3760 UserName: autocont
16:23:30.0843 3760 Windows directory: C:\WINDOWS
16:23:30.0843 3760 System windows directory: C:\WINDOWS
16:23:30.0843 3760 Processor architecture: Intel x86
16:23:30.0843 3760 Number of processors: 1
16:23:30.0843 3760 Page size: 0x1000
16:23:30.0843 3760 Boot type: Normal boot
16:23:30.0843 3760 ============================================================
16:23:32.0125 3760 Initialize success
16:23:39.0828 3080 ============================================================
16:23:39.0828 3080 Scan started
16:23:39.0828 3080 Mode: Manual; SigCheck; TDLFS;
16:23:39.0828 3080 ============================================================
16:23:41.0046 3080 Abiosdsk - ok
16:23:41.0062 3080 abp480n5 - ok
16:23:41.0250 3080 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
16:23:44.0671 3080 ACPI ( UnsignedFile.Multi.Generic ) - warning
16:23:44.0671 3080 ACPI - detected UnsignedFile.Multi.Generic (1)
16:23:45.0515 3080 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
16:23:45.0593 3080 ACPIEC ( UnsignedFile.Multi.Generic ) - warning
16:23:45.0593 3080 ACPIEC - detected UnsignedFile.Multi.Generic (1)
16:23:46.0062 3080 adpu160m - ok
16:23:46.0812 3080 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
16:23:47.0015 3080 aec ( UnsignedFile.Multi.Generic ) - warning
16:23:47.0015 3080 aec - detected UnsignedFile.Multi.Generic (1)
16:23:47.0765 3080 Afc (fe3ea6e9afc1a78e6edca121e006afb7) C:\WINDOWS\system32\drivers\Afc.sys
16:23:48.0078 3080 Afc - ok
16:23:49.0156 3080 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
16:23:49.0468 3080 AFD ( UnsignedFile.Multi.Generic ) - warning
16:23:49.0468 3080 AFD - detected UnsignedFile.Multi.Generic (1)
16:23:50.0437 3080 Aha154x - ok
16:23:51.0109 3080 aic78u2 - ok
16:23:51.0281 3080 aic78xx - ok
16:23:51.0531 3080 aksfridge (cb5a5079744a0535416d3a5e462c5efe) C:\WINDOWS\system32\DRIVERS\aksfridge.sys
16:23:51.0578 3080 aksfridge ( UnsignedFile.Multi.Generic ) - warning
16:23:51.0578 3080 aksfridge - detected UnsignedFile.Multi.Generic (1)
16:23:51.0812 3080 akshasp (1a27f5555448cc2d29d281b11f39177e) C:\WINDOWS\system32\DRIVERS\akshasp.sys
16:23:51.0968 3080 akshasp ( UnsignedFile.Multi.Generic ) - warning
16:23:51.0968 3080 akshasp - detected UnsignedFile.Multi.Generic (1)
16:23:52.0515 3080 akshhl (147b61b81be1ffc38939ea47e5cfb51f) C:\WINDOWS\system32\DRIVERS\akshhl.sys
16:23:52.0625 3080 akshhl ( UnsignedFile.Multi.Generic ) - warning
16:23:52.0625 3080 akshhl - detected UnsignedFile.Multi.Generic (1)
16:23:52.0984 3080 aksusb (b4ad9f5d78f27e0c6994e0cb05c60e21) C:\WINDOWS\system32\DRIVERS\aksusb.sys
16:23:53.0015 3080 aksusb ( UnsignedFile.Multi.Generic ) - warning
16:23:53.0015 3080 aksusb - detected UnsignedFile.Multi.Generic (1)
16:23:53.0125 3080 AliIde - ok
16:23:53.0203 3080 amsint - ok
16:23:53.0453 3080 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
16:23:53.0500 3080 Arp1394 ( UnsignedFile.Multi.Generic ) - warning
16:23:53.0500 3080 Arp1394 - detected UnsignedFile.Multi.Generic (1)
16:23:53.0703 3080 asc - ok
16:23:53.0937 3080 asc3350p - ok
16:23:54.0156 3080 asc3550 - ok
16:23:54.0625 3080 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
16:23:54.0656 3080 AsyncMac ( UnsignedFile.Multi.Generic ) - warning
16:23:54.0656 3080 AsyncMac - detected UnsignedFile.Multi.Generic (1)
16:23:55.0250 3080 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
16:23:55.0250 3080 atapi ( UnsignedFile.Multi.Generic ) - warning
16:23:55.0250 3080 atapi - detected UnsignedFile.Multi.Generic (1)
16:23:55.0421 3080 Atdisk - ok
16:23:55.0484 3080 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
16:23:55.0500 3080 Atmarpc ( UnsignedFile.Multi.Generic ) - warning
16:23:55.0500 3080 Atmarpc - detected UnsignedFile.Multi.Generic (1)
16:23:55.0546 3080 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
16:23:55.0546 3080 audstub ( UnsignedFile.Multi.Generic ) - warning
16:23:55.0546 3080 audstub - detected UnsignedFile.Multi.Generic (1)
16:23:55.0625 3080 AvgLdx86 (b8c187439d27aba430dd69fdcf1fa657) C:\WINDOWS\system32\Drivers\avgldx86.sys
16:23:55.0687 3080 AvgLdx86 - ok
16:23:55.0734 3080 AvgMfx86 (80ff2b1b7eeda966394f0baa895bbf4b) C:\WINDOWS\system32\Drivers\avgmfx86.sys
16:23:55.0734 3080 AvgMfx86 - ok
16:23:55.0781 3080 AvgRkx86 (5bbcd8646074a3af4ee9b321d12c2b64) C:\WINDOWS\system32\Drivers\avgrkx86.sys
16:23:55.0796 3080 AvgRkx86 - ok
16:23:55.0843 3080 AvgTdiX (9a7a93388f503a34e7339ae7f9997449) C:\WINDOWS\system32\Drivers\avgtdix.sys
16:23:55.0890 3080 AvgTdiX - ok
16:23:55.0953 3080 b57w2k (f96038aa1ec4013a93d2420fc689d1e9) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
16:23:55.0968 3080 b57w2k ( UnsignedFile.Multi.Generic ) - warning
16:23:55.0968 3080 b57w2k - detected UnsignedFile.Multi.Generic (1)
16:23:56.0031 3080 BCM43XX (b89bcf0a25aeb3b47030ac83287f894a) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
16:23:56.0140 3080 BCM43XX ( UnsignedFile.Multi.Generic ) - warning
16:23:56.0140 3080 BCM43XX - detected UnsignedFile.Multi.Generic (1)
16:23:56.0187 3080 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
16:23:56.0203 3080 Beep ( UnsignedFile.Multi.Generic ) - warning
16:23:56.0203 3080 Beep - detected UnsignedFile.Multi.Generic (1)
16:23:56.0265 3080 C-Dilla - ok
16:23:56.0265 3080 catchme - ok
16:23:56.0312 3080 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
16:23:56.0328 3080 cbidf2k ( UnsignedFile.Multi.Generic ) - warning
16:23:56.0328 3080 cbidf2k - detected UnsignedFile.Multi.Generic (1)
16:23:56.0421 3080 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
16:23:56.0453 3080 CCDECODE ( UnsignedFile.Multi.Generic ) - warning
16:23:56.0453 3080 CCDECODE - detected UnsignedFile.Multi.Generic (1)
16:23:56.0468 3080 cd20xrnt - ok
16:23:56.0500 3080 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
16:23:56.0515 3080 Cdaudio ( UnsignedFile.Multi.Generic ) - warning
16:23:56.0515 3080 Cdaudio - detected UnsignedFile.Multi.Generic (1)
16:23:56.0562 3080 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
16:23:56.0578 3080 Cdfs ( UnsignedFile.Multi.Generic ) - warning
16:23:56.0578 3080 Cdfs - detected UnsignedFile.Multi.Generic (1)
16:23:56.0609 3080 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
16:23:56.0625 3080 Cdrom ( UnsignedFile.Multi.Generic ) - warning
16:23:56.0625 3080 Cdrom - detected UnsignedFile.Multi.Generic (1)
16:23:56.0640 3080 Changer - ok
16:23:56.0671 3080 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
16:23:56.0671 3080 CmBatt ( UnsignedFile.Multi.Generic ) - warning
16:23:56.0671 3080 CmBatt - detected UnsignedFile.Multi.Generic (1)
16:23:56.0687 3080 CmdIde - ok
16:23:56.0734 3080 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
16:23:56.0734 3080 Compbatt ( UnsignedFile.Multi.Generic ) - warning
16:23:56.0734 3080 Compbatt - detected UnsignedFile.Multi.Generic (1)
16:23:56.0750 3080 Cpqarray - ok
16:23:56.0765 3080 dac2w2k - ok
16:23:56.0796 3080 dac960nt - ok
16:23:56.0828 3080 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
16:23:56.0828 3080 Disk ( UnsignedFile.Multi.Generic ) - warning
16:23:56.0828 3080 Disk - detected UnsignedFile.Multi.Generic (1)
16:23:56.0906 3080 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
16:23:57.0015 3080 dmboot ( UnsignedFile.Multi.Generic ) - warning
16:23:57.0015 3080 dmboot - detected UnsignedFile.Multi.Generic (1)
16:23:57.0046 3080 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
16:23:57.0062 3080 dmio ( UnsignedFile.Multi.Generic ) - warning
16:23:57.0062 3080 dmio - detected UnsignedFile.Multi.Generic (1)
16:23:57.0125 3080 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
16:23:57.0140 3080 dmload ( UnsignedFile.Multi.Generic ) - warning
16:23:57.0140 3080 dmload - detected UnsignedFile.Multi.Generic (1)
16:23:57.0187 3080 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
16:23:57.0203 3080 DMusic ( UnsignedFile.Multi.Generic ) - warning
16:23:57.0203 3080 DMusic - detected UnsignedFile.Multi.Generic (1)
16:23:57.0218 3080 dpti2o - ok
16:23:57.0250 3080 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
16:23:57.0250 3080 drmkaud ( UnsignedFile.Multi.Generic ) - warning
16:23:57.0250 3080 drmkaud - detected UnsignedFile.Multi.Generic (1)
16:23:57.0296 3080 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
16:23:57.0312 3080 Fastfat ( UnsignedFile.Multi.Generic ) - warning
16:23:57.0312 3080 Fastfat - detected UnsignedFile.Multi.Generic (1)
16:23:57.0343 3080 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
16:23:57.0359 3080 Fdc ( UnsignedFile.Multi.Generic ) - warning
16:23:57.0359 3080 Fdc - detected UnsignedFile.Multi.Generic (1)
16:23:57.0390 3080 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
16:23:57.0421 3080 Fips ( UnsignedFile.Multi.Generic ) - warning
16:23:57.0421 3080 Fips - detected UnsignedFile.Multi.Generic (1)
16:23:57.0515 3080 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
16:23:57.0531 3080 Flpydisk ( UnsignedFile.Multi.Generic ) - warning
16:23:57.0531 3080 Flpydisk - detected UnsignedFile.Multi.Generic (1)
16:23:57.0578 3080 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
16:23:57.0593 3080 FltMgr ( UnsignedFile.Multi.Generic ) - warning
16:23:57.0593 3080 FltMgr - detected UnsignedFile.Multi.Generic (1)
16:23:57.0640 3080 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:23:57.0671 3080 Fs_Rec ( UnsignedFile.Multi.Generic ) - warning
16:23:57.0671 3080 Fs_Rec - detected UnsignedFile.Multi.Generic (1)
16:23:57.0718 3080 FTDIBUS (a36e8beedb3aaca09bf55a1d17904bc8) C:\WINDOWS\system32\drivers\ftdibus.sys
16:23:57.0750 3080 FTDIBUS - ok
16:23:57.0796 3080 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
16:23:57.0812 3080 Ftdisk ( UnsignedFile.Multi.Generic ) - warning
16:23:57.0812 3080 Ftdisk - detected UnsignedFile.Multi.Generic (1)
16:23:57.0843 3080 FTSER2K (a14a1f4bb391df9c233cb5dbd05feb70) C:\WINDOWS\system32\drivers\ftser2k.sys
16:23:57.0859 3080 FTSER2K - ok
16:23:57.0921 3080 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
16:23:57.0937 3080 Gpc ( UnsignedFile.Multi.Generic ) - warning
16:23:57.0937 3080 Gpc - detected UnsignedFile.Multi.Generic (1)
16:23:57.0984 3080 grmnusb (6003bc70f1a8307262bd3c941bda0b7e) C:\WINDOWS\system32\drivers\grmnusb.sys
16:23:58.0000 3080 grmnusb ( UnsignedFile.Multi.Generic ) - warning
16:23:58.0000 3080 grmnusb - detected UnsignedFile.Multi.Generic (1)
16:23:58.0234 3080 hardlock (9de9a7a19195c57ef38b4ee25422f2d7) C:\WINDOWS\system32\drivers\hardlock.sys
16:23:58.0515 3080 hardlock ( UnsignedFile.Multi.Generic ) - warning
16:23:58.0515 3080 hardlock - detected UnsignedFile.Multi.Generic (1)
16:23:58.0906 3080 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
16:23:59.0000 3080 HDAudBus ( UnsignedFile.Multi.Generic ) - warning
16:23:59.0000 3080 HDAudBus - detected UnsignedFile.Multi.Generic (1)
16:23:59.0234 3080 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
16:23:59.0250 3080 HidUsb ( UnsignedFile.Multi.Generic ) - warning
16:23:59.0250 3080 HidUsb - detected UnsignedFile.Multi.Generic (1)
16:23:59.0296 3080 hpn - ok
16:23:59.0359 3080 HSFHWAZL (7d33d2b81bd8b4bc51b536b113295d51) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
16:23:59.0375 3080 HSFHWAZL ( UnsignedFile.Multi.Generic ) - warning
16:23:59.0375 3080 HSFHWAZL - detected UnsignedFile.Multi.Generic (1)
16:23:59.0468 3080 HSF_DPV (fb6ad8a16e22c91d5978b26e0300a331) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
16:23:59.0640 3080 HSF_DPV ( UnsignedFile.Multi.Generic ) - warning
16:23:59.0640 3080 HSF_DPV - detected UnsignedFile.Multi.Generic (1)
16:23:59.0718 3080 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
16:23:59.0734 3080 HTTP ( UnsignedFile.Multi.Generic ) - warning
16:23:59.0734 3080 HTTP - detected UnsignedFile.Multi.Generic (1)
16:23:59.0750 3080 i2omgmt - ok
16:23:59.0765 3080 i2omp - ok
16:23:59.0796 3080 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
16:23:59.0812 3080 i8042prt ( UnsignedFile.Multi.Generic ) - warning
16:23:59.0812 3080 i8042prt - detected UnsignedFile.Multi.Generic (1)
16:24:00.0265 3080 ialm (28423512370705aeda6a652fedb25468) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
16:24:01.0625 3080 ialm ( UnsignedFile.Multi.Generic ) - warning
16:24:01.0625 3080 ialm - detected UnsignedFile.Multi.Generic (1)
16:24:01.0906 3080 igfx - ok
16:24:02.0218 3080 imagedrv (0a7c49b48c772591a2d362daa00246c8) C:\WINDOWS\system32\Drivers\imagedrv.sys
16:24:02.0265 3080 imagedrv ( UnsignedFile.Multi.Generic ) - warning
16:24:02.0265 3080 imagedrv - detected UnsignedFile.Multi.Generic (1)
16:24:02.0375 3080 imagesrv (549ba4f539e7b8d8129500b96dd7b27a) C:\WINDOWS\system32\DRIVERS\imagesrv.sys
16:24:02.0500 3080 imagesrv ( UnsignedFile.Multi.Generic ) - warning
16:24:02.0500 3080 imagesrv - detected UnsignedFile.Multi.Generic (1)
16:24:02.0671 3080 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
16:24:02.0718 3080 Imapi ( UnsignedFile.Multi.Generic ) - warning
16:24:02.0718 3080 Imapi - detected UnsignedFile.Multi.Generic (1)
16:24:02.0828 3080 ini910u - ok
16:24:03.0562 3080 IntcAzAudAddService (cbddab14249b2f05407fc09ab8fffb88) C:\WINDOWS\system32\drivers\RtkHDAud.sys
16:24:04.0281 3080 IntcAzAudAddService ( UnsignedFile.Multi.Generic ) - warning
16:24:04.0281 3080 IntcAzAudAddService - detected UnsignedFile.Multi.Generic (1)
16:24:04.0500 3080 IntelIde - ok
16:24:04.0609 3080 intelppm (27b290d632af2cf3cf40bfddb7370985) C:\WINDOWS\system32\DRIVERS\intelppm.sys
16:24:04.0640 3080 intelppm ( UnsignedFile.Multi.Generic ) - warning
16:24:04.0640 3080 intelppm - detected UnsignedFile.Multi.Generic (1)
16:24:04.0812 3080 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
16:24:04.0843 3080 Ip6Fw ( UnsignedFile.Multi.Generic ) - warning
16:24:04.0843 3080 Ip6Fw - detected UnsignedFile.Multi.Generic (1)
16:24:04.0968 3080 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:24:05.0093 3080 IpFilterDriver ( UnsignedFile.Multi.Generic ) - warning
16:24:05.0093 3080 IpFilterDriver - detected UnsignedFile.Multi.Generic (1)
16:24:05.0187 3080 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
16:24:05.0218 3080 IpInIp ( UnsignedFile.Multi.Generic ) - warning
16:24:05.0218 3080 IpInIp - detected UnsignedFile.Multi.Generic (1)
16:24:05.0421 3080 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
16:24:05.0453 3080 IpNat ( UnsignedFile.Multi.Generic ) - warning
16:24:05.0453 3080 IpNat - detected UnsignedFile.Multi.Generic (1)
16:24:05.0671 3080 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
16:24:05.0734 3080 IPSec ( UnsignedFile.Multi.Generic ) - warning
16:24:05.0734 3080 IPSec - detected UnsignedFile.Multi.Generic (1)
16:24:05.0812 3080 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
16:24:05.0875 3080 irda ( UnsignedFile.Multi.Generic ) - warning
16:24:05.0875 3080 irda - detected UnsignedFile.Multi.Generic (1)
16:24:06.0062 3080 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
16:24:06.0093 3080 IRENUM ( UnsignedFile.Multi.Generic ) - warning
16:24:06.0093 3080 IRENUM - detected UnsignedFile.Multi.Generic (1)
16:24:06.0250 3080 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
16:24:06.0265 3080 isapnp ( UnsignedFile.Multi.Generic ) - warning
16:24:06.0265 3080 isapnp - detected UnsignedFile.Multi.Generic (1)
16:24:06.0359 3080 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
16:24:06.0390 3080 Kbdclass ( UnsignedFile.Multi.Generic ) - warning
16:24:06.0390 3080 Kbdclass - detected UnsignedFile.Multi.Generic (1)
16:24:06.0578 3080 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
16:24:06.0593 3080 kbdhid ( UnsignedFile.Multi.Generic ) - warning
16:24:06.0593 3080 kbdhid - detected UnsignedFile.Multi.Generic (1)
16:24:06.0734 3080 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
16:24:06.0796 3080 kmixer ( UnsignedFile.Multi.Generic ) - warning
16:24:06.0796 3080 kmixer - detected UnsignedFile.Multi.Generic (1)
16:24:06.0890 3080 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
16:24:06.0921 3080 KSecDD ( UnsignedFile.Multi.Generic ) - warning
16:24:06.0921 3080 KSecDD - detected UnsignedFile.Multi.Generic (1)
16:24:06.0968 3080 lbrtfdc - ok
16:24:07.0093 3080 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
16:24:07.0218 3080 MBAMSwissArmy - ok
16:24:07.0328 3080 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
16:24:07.0375 3080 mdmxsdk ( UnsignedFile.Multi.Generic ) - warning
16:24:07.0375 3080 mdmxsdk - detected UnsignedFile.Multi.Generic (1)
16:24:07.0484 3080 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
16:24:07.0500 3080 mnmdd ( UnsignedFile.Multi.Generic ) - warning
16:24:07.0500 3080 mnmdd - detected UnsignedFile.Multi.Generic (1)
16:24:07.0687 3080 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
16:24:07.0703 3080 Modem ( UnsignedFile.Multi.Generic ) - warning
16:24:07.0703 3080 Modem - detected UnsignedFile.Multi.Generic (1)
16:24:07.0781 3080 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
16:24:07.0796 3080 Mouclass ( UnsignedFile.Multi.Generic ) - warning
16:24:07.0796 3080 Mouclass - detected UnsignedFile.Multi.Generic (1)
16:24:08.0000 3080 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
16:24:08.0015 3080 mouhid ( UnsignedFile.Multi.Generic ) - warning
16:24:08.0015 3080 mouhid - detected UnsignedFile.Multi.Generic (1)
16:24:08.0265 3080 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
16:24:08.0281 3080 MountMgr ( UnsignedFile.Multi.Generic ) - warning
16:24:08.0281 3080 MountMgr - detected UnsignedFile.Multi.Generic (1)
16:24:08.0531 3080 MPE (c0f8e0c2c3c0437cf37c6781896dc3ec) C:\WINDOWS\system32\DRIVERS\MPE.sys
16:24:08.0546 3080 MPE ( UnsignedFile.Multi.Generic ) - warning
16:24:08.0546 3080 MPE - detected UnsignedFile.Multi.Generic (1)
16:24:08.0703 3080 mraid35x - ok
16:24:08.0781 3080 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
16:24:08.0859 3080 MRxDAV ( UnsignedFile.Multi.Generic ) - warning
16:24:08.0859 3080 MRxDAV - detected UnsignedFile.Multi.Generic (1)
16:24:09.0078 3080 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:24:09.0218 3080 MRxSmb ( UnsignedFile.Multi.Generic ) - warning
16:24:09.0218 3080 MRxSmb - detected UnsignedFile.Multi.Generic (1)
16:24:09.0546 3080 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
16:24:09.0593 3080 Msfs ( UnsignedFile.Multi.Generic ) - warning
16:24:09.0593 3080 Msfs - detected UnsignedFile.Multi.Generic (1)
16:24:09.0734 3080 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
16:24:09.0734 3080 MSKSSRV ( UnsignedFile.Multi.Generic ) - warning
16:24:09.0734 3080 MSKSSRV - detected UnsignedFile.Multi.Generic (1)
16:24:09.0984 3080 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:24:10.0015 3080 MSPCLOCK ( UnsignedFile.Multi.Generic ) - warning
16:24:10.0015 3080 MSPCLOCK - detected UnsignedFile.Multi.Generic (1)
16:24:10.0843 3080 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
16:24:10.0875 3080 MSPQM ( UnsignedFile.Multi.Generic ) - warning
16:24:10.0875 3080 MSPQM - detected UnsignedFile.Multi.Generic (1)
16:24:11.0562 3080 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
16:24:11.0578 3080 mssmbios ( UnsignedFile.Multi.Generic ) - warning
16:24:11.0578 3080 mssmbios - detected UnsignedFile.Multi.Generic (1)
16:24:12.0078 3080 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
16:24:12.0140 3080 MSTEE ( UnsignedFile.Multi.Generic ) - warning
16:24:12.0140 3080 MSTEE - detected UnsignedFile.Multi.Generic (1)
16:24:12.0406 3080 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
16:24:12.0421 3080 Mup ( UnsignedFile.Multi.Generic ) - warning
16:24:12.0421 3080 Mup - detected UnsignedFile.Multi.Generic (1)
16:24:12.0531 3080 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
16:24:12.0562 3080 NABTSFEC ( UnsignedFile.Multi.Generic ) - warning
16:24:12.0562 3080 NABTSFEC - detected UnsignedFile.Multi.Generic (1)
16:24:12.0609 3080 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
16:24:12.0625 3080 NDIS ( UnsignedFile.Multi.Generic ) - warning
16:24:12.0625 3080 NDIS - detected UnsignedFile.Multi.Generic (1)
16:24:12.0765 3080 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
16:24:12.0781 3080 NdisIP ( UnsignedFile.Multi.Generic ) - warning
16:24:12.0781 3080 NdisIP - detected UnsignedFile.Multi.Generic (1)
16:24:12.0859 3080 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:24:12.0937 3080 NdisTapi ( UnsignedFile.Multi.Generic ) - warning
16:24:12.0937 3080 NdisTapi - detected UnsignedFile.Multi.Generic (1)
16:24:13.0062 3080 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:24:13.0109 3080 Ndisuio ( UnsignedFile.Multi.Generic ) - warning
16:24:13.0109 3080 Ndisuio - detected UnsignedFile.Multi.Generic (1)
16:24:13.0187 3080 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:24:13.0203 3080 NdisWan ( UnsignedFile.Multi.Generic ) - warning
16:24:13.0203 3080 NdisWan - detected UnsignedFile.Multi.Generic (1)
16:24:13.0312 3080 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
16:24:13.0375 3080 NDProxy ( UnsignedFile.Multi.Generic ) - warning
16:24:13.0375 3080 NDProxy - detected UnsignedFile.Multi.Generic (1)
16:24:13.0468 3080 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
16:24:13.0500 3080 NetBIOS ( UnsignedFile.Multi.Generic ) - warning
16:24:13.0500 3080 NetBIOS - detected UnsignedFile.Multi.Generic (1)
16:24:13.0578 3080 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
16:24:13.0687 3080 NetBT ( UnsignedFile.Multi.Generic ) - warning
16:24:13.0687 3080 NetBT - detected UnsignedFile.Multi.Generic (1)
16:24:13.0765 3080 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
16:24:13.0796 3080 NIC1394 ( UnsignedFile.Multi.Generic ) - warning
16:24:13.0796 3080 NIC1394 - detected UnsignedFile.Multi.Generic (1)
16:24:13.0843 3080 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
16:24:13.0859 3080 Npfs ( UnsignedFile.Multi.Generic ) - warning
16:24:13.0859 3080 Npfs - detected UnsignedFile.Multi.Generic (1)
16:24:14.0125 3080 NSCIRDA (2adc0ca9945c65284b3d19bc18765974) C:\WINDOWS\system32\DRIVERS\nscirda.sys
16:24:14.0140 3080 NSCIRDA ( UnsignedFile.Multi.Generic ) - warning
16:24:14.0140 3080 NSCIRDA - detected UnsignedFile.Multi.Generic (1)
16:24:14.0390 3080 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
16:24:14.0765 3080 Ntfs ( UnsignedFile.Multi.Generic ) - warning
16:24:14.0765 3080 Ntfs - detected UnsignedFile.Multi.Generic (1)
16:24:14.0875 3080 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
16:24:14.0890 3080 Null ( UnsignedFile.Multi.Generic ) - warning
16:24:14.0890 3080 Null - detected UnsignedFile.Multi.Generic (1)
16:24:15.0046 3080 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
16:24:15.0093 3080 NwlnkFlt ( UnsignedFile.Multi.Generic ) - warning
16:24:15.0093 3080 NwlnkFlt - detected UnsignedFile.Multi.Generic (1)
16:24:15.0109 3080 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
16:24:15.0187 3080 NwlnkFwd ( UnsignedFile.Multi.Generic ) - warning
16:24:15.0187 3080 NwlnkFwd - detected UnsignedFile.Multi.Generic (1)
16:24:15.0375 3080 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
16:24:15.0406 3080 ohci1394 ( UnsignedFile.Multi.Generic ) - warning
16:24:15.0406 3080 ohci1394 - detected UnsignedFile.Multi.Generic (1)
16:24:15.0484 3080 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\drivers\Parport.sys
16:24:15.0484 3080 Parport ( UnsignedFile.Multi.Generic ) - warning
16:24:15.0484 3080 Parport - detected UnsignedFile.Multi.Generic (1)
16:24:15.0578 3080 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
16:24:15.0593 3080 PartMgr ( UnsignedFile.Multi.Generic ) - warning
16:24:15.0593 3080 PartMgr - detected UnsignedFile.Multi.Generic (1)
16:24:15.0671 3080 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
16:24:15.0718 3080 ParVdm ( UnsignedFile.Multi.Generic ) - warning
16:24:15.0718 3080 ParVdm - detected UnsignedFile.Multi.Generic (1)
16:24:15.0921 3080 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
16:24:15.0953 3080 PCI ( UnsignedFile.Multi.Generic ) - warning
16:24:15.0953 3080 PCI - detected UnsignedFile.Multi.Generic (1)
16:24:15.0984 3080 PCIDump - ok
16:24:16.0406 3080 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
16:24:16.0421 3080 PCIIde ( UnsignedFile.Multi.Generic ) - warning
16:24:16.0421 3080 PCIIde - detected UnsignedFile.Multi.Generic (1)
16:24:16.0562 3080 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
16:24:16.0609 3080 Pcmcia ( UnsignedFile.Multi.Generic ) - warning
16:24:16.0609 3080 Pcmcia - detected UnsignedFile.Multi.Generic (1)
16:24:16.0640 3080 PDCOMP - ok
16:24:16.0671 3080 PDFRAME - ok
16:24:16.0718 3080 PDRELI - ok
16:24:16.0765 3080 PDRFRAME - ok
16:24:16.0843 3080 perc2 - ok
16:24:16.0953 3080 perc2hib - ok
16:24:17.0171 3080 pfc (957b82ec80ad7ead64e5e47df6b0dc40) C:\WINDOWS\system32\drivers\pfc.sys
16:24:17.0187 3080 pfc ( UnsignedFile.Multi.Generic ) - warning
16:24:17.0187 3080 pfc - detected UnsignedFile.Multi.Generic (1)
16:24:17.0406 3080 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
16:24:17.0500 3080 PptpMiniport ( UnsignedFile.Multi.Generic ) - warning
16:24:17.0500 3080 PptpMiniport - detected UnsignedFile.Multi.Generic (1)
16:24:17.0578 3080 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
16:24:17.0609 3080 PSched ( UnsignedFile.Multi.Generic ) - warning
16:24:17.0609 3080 PSched - detected UnsignedFile.Multi.Generic (1)
16:24:17.0640 3080 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
16:24:17.0671 3080 Ptilink ( UnsignedFile.Multi.Generic ) - warning
16:24:17.0671 3080 Ptilink - detected UnsignedFile.Multi.Generic (1)
16:24:17.0781 3080 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
16:24:17.0812 3080 PxHelp20 - ok
16:24:17.0843 3080 ql1080 - ok
16:24:17.0875 3080 Ql10wnt - ok
16:24:17.0890 3080 ql12160 - ok
16:24:17.0921 3080 ql1240 - ok
16:24:17.0953 3080 ql1280 - ok
16:24:18.0093 3080 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:24:18.0156 3080 RasAcd ( UnsignedFile.Multi.Generic ) - warning
16:24:18.0156 3080 RasAcd - detected UnsignedFile.Multi.Generic (1)
16:24:18.0296 3080 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
16:24:18.0312 3080 Rasirda ( UnsignedFile.Multi.Generic ) - warning
16:24:18.0312 3080 Rasirda - detected UnsignedFile.Multi.Generic (1)
16:24:18.0390 3080 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
16:24:18.0406 3080 Rasl2tp ( UnsignedFile.Multi.Generic ) - warning
16:24:18.0406 3080 Rasl2tp - detected UnsignedFile.Multi.Generic (1)
16:24:18.0468 3080 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:24:18.0500 3080 RasPppoe ( UnsignedFile.Multi.Generic ) - warning
16:24:18.0500 3080 RasPppoe - detected UnsignedFile.Multi.Generic (1)
16:24:18.0578 3080 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
16:24:18.0593 3080 Raspti ( UnsignedFile.Multi.Generic ) - warning
16:24:18.0593 3080 Raspti - detected UnsignedFile.Multi.Generic (1)
16:24:18.0750 3080 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:24:18.0781 3080 Rdbss ( UnsignedFile.Multi.Generic ) - warning
16:24:18.0781 3080 Rdbss - detected UnsignedFile.Multi.Generic (1)
16:24:18.0843 3080 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
16:24:18.0859 3080 RDPCDD ( UnsignedFile.Multi.Generic ) - warning
16:24:18.0859 3080 RDPCDD - detected UnsignedFile.Multi.Generic (1)
16:24:19.0046 3080 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
16:24:19.0109 3080 rdpdr ( UnsignedFile.Multi.Generic ) - warning
16:24:19.0109 3080 rdpdr - detected UnsignedFile.Multi.Generic (1)
16:24:19.0250 3080 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
16:24:19.0312 3080 RDPWD ( UnsignedFile.Multi.Generic ) - warning
16:24:19.0312 3080 RDPWD - detected UnsignedFile.Multi.Generic (1)
16:24:19.0375 3080 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
16:24:19.0375 3080 redbook ( UnsignedFile.Multi.Generic ) - warning
16:24:19.0375 3080 redbook - detected UnsignedFile.Multi.Generic (1)
16:24:19.0546 3080 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
16:24:19.0562 3080 sdbus ( UnsignedFile.Multi.Generic ) - warning
16:24:19.0562 3080 sdbus - detected UnsignedFile.Multi.Generic (1)
16:24:19.0671 3080 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
16:24:19.0718 3080 Secdrv ( UnsignedFile.Multi.Generic ) - warning
16:24:19.0718 3080 Secdrv - detected UnsignedFile.Multi.Generic (1)
16:24:19.0953 3080 Serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
16:24:19.0968 3080 Serenum ( UnsignedFile.Multi.Generic ) - warning
16:24:19.0968 3080 Serenum - detected UnsignedFile.Multi.Generic (1)
16:24:20.0078 3080 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\drivers\Serial.sys
16:24:20.0093 3080 Serial ( UnsignedFile.Multi.Generic ) - warning
16:24:20.0093 3080 Serial - detected UnsignedFile.Multi.Generic (1)
16:24:20.0125 3080 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
16:24:20.0171 3080 Sfloppy ( UnsignedFile.Multi.Generic ) - warning
16:24:20.0171 3080 Sfloppy - detected UnsignedFile.Multi.Generic (1)
16:24:20.0218 3080 Simbad - ok
16:24:20.0265 3080 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
16:24:20.0296 3080 SLIP ( UnsignedFile.Multi.Generic ) - warning
16:24:20.0296 3080 SLIP - detected UnsignedFile.Multi.Generic (1)
16:24:20.0531 3080 Sparrow - ok
16:24:20.0671 3080 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
16:24:20.0687 3080 splitter ( UnsignedFile.Multi.Generic ) - warning
16:24:20.0687 3080 splitter - detected UnsignedFile.Multi.Generic (1)
16:24:20.0734 3080 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
16:24:20.0781 3080 sr ( UnsignedFile.Multi.Generic ) - warning
16:24:20.0781 3080 sr - detected UnsignedFile.Multi.Generic (1)
16:24:20.0906 3080 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
16:24:20.0984 3080 Srv ( UnsignedFile.Multi.Generic ) - warning
16:24:20.0984 3080 Srv - detected UnsignedFile.Multi.Generic (1)
16:24:21.0031 3080 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
16:24:21.0093 3080 streamip ( UnsignedFile.Multi.Generic ) - warning
16:24:21.0093 3080 streamip - detected UnsignedFile.Multi.Generic (1)
16:24:21.0171 3080 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
16:24:21.0234 3080 swenum ( UnsignedFile.Multi.Generic ) - warning
16:24:21.0234 3080 swenum - detected UnsignedFile.Multi.Generic (1)
16:24:21.0546 3080 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
16:24:21.0578 3080 swmidi ( UnsignedFile.Multi.Generic ) - warning
16:24:21.0578 3080 swmidi - detected UnsignedFile.Multi.Generic (1)
16:24:21.0734 3080 symc810 - ok
16:24:22.0078 3080 symc8xx - ok
16:24:22.0406 3080 sym_hi - ok
16:24:22.0734 3080 sym_u3 - ok
16:24:23.0343 3080 SynTP (cc5da243cfdac58fc0408f7ce24084c5) C:\WINDOWS\system32\DRIVERS\SynTP.sys
16:24:23.0609 3080 SynTP ( UnsignedFile.Multi.Generic ) - warning
16:24:23.0609 3080 SynTP - detected UnsignedFile.Multi.Generic (1)
16:24:24.0109 3080 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
16:24:24.0234 3080 sysaudio ( UnsignedFile.Multi.Generic ) - warning
16:24:24.0234 3080 sysaudio - detected UnsignedFile.Multi.Generic (1)
16:24:24.0703 3080 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
16:24:25.0093 3080 Tcpip ( UnsignedFile.Multi.Generic ) - warning
16:24:25.0093 3080 Tcpip - detected UnsignedFile.Multi.Generic (1)
16:24:25.0843 3080 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
16:24:26.0000 3080 TDPIPE ( UnsignedFile.Multi.Generic ) - warning
16:24:26.0000 3080 TDPIPE - detected UnsignedFile.Multi.Generic (1)
16:24:26.0390 3080 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
16:24:26.0390 3080 TDTCP ( UnsignedFile.Multi.Generic ) - warning
16:24:26.0390 3080 TDTCP - detected UnsignedFile.Multi.Generic (1)
16:24:26.0531 3080 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
16:24:26.0578 3080 TermDD ( UnsignedFile.Multi.Generic ) - warning
16:24:26.0578 3080 TermDD - detected UnsignedFile.Multi.Generic (1)
16:24:26.0687 3080 tifm21 (e4c85c291ddb3dc5e4a2f227ca465ba6) C:\WINDOWS\system32\drivers\tifm21.sys
16:24:26.0765 3080 tifm21 ( UnsignedFile.Multi.Generic ) - warning
16:24:26.0765 3080 tifm21 - detected UnsignedFile.Multi.Generic (1)
16:24:26.0796 3080 TosIde - ok
16:24:26.0859 3080 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
16:24:26.0890 3080 Udfs ( UnsignedFile.Multi.Generic ) - warning
16:24:26.0890 3080 Udfs - detected UnsignedFile.Multi.Generic (1)
16:24:26.0984 3080 ultra - ok
16:24:27.0031 3080 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
16:24:27.0203 3080 Update ( UnsignedFile.Multi.Generic ) - warning
16:24:27.0203 3080 Update - detected UnsignedFile.Multi.Generic (1)
16:24:27.0328 3080 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
16:24:27.0343 3080 usbccgp ( UnsignedFile.Multi.Generic ) - warning
16:24:27.0343 3080 usbccgp - detected UnsignedFile.Multi.Generic (1)
16:24:27.0406 3080 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
16:24:27.0703 3080 usbehci ( UnsignedFile.Multi.Generic ) - warning
16:24:27.0703 3080 usbehci - detected UnsignedFile.Multi.Generic (1)
16:24:27.0765 3080 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
16:24:28.0046 3080 usbhub ( UnsignedFile.Multi.Generic ) - warning
16:24:28.0046 3080 usbhub - detected UnsignedFile.Multi.Generic (1)
16:24:28.0109 3080 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
16:24:28.0421 3080 usbscan ( UnsignedFile.Multi.Generic ) - warning
16:24:28.0421 3080 usbscan - detected UnsignedFile.Multi.Generic (1)
16:24:28.0484 3080 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
16:24:28.0765 3080 USBSTOR ( UnsignedFile.Multi.Generic ) - warning
16:24:28.0765 3080 USBSTOR - detected UnsignedFile.Multi.Generic (1)
16:24:28.0859 3080 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
16:24:29.0140 3080 usbuhci ( UnsignedFile.Multi.Generic ) - warning
16:24:29.0140 3080 usbuhci - detected UnsignedFile.Multi.Generic (1)
16:24:29.0265 3080 uxkx1 (c085eebdb5824f7ee08c2a57c809db72) C:\WINDOWS\system32\DRIVERS\uxkx1.sys
16:24:29.0703 3080 uxkx1 ( UnsignedFile.Multi.Generic ) - warning
16:24:29.0703 3080 uxkx1 - detected UnsignedFile.Multi.Generic (1)
16:24:29.0828 3080 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
16:24:30.0234 3080 VgaSave ( UnsignedFile.Multi.Generic ) - warning
16:24:30.0234 3080 VgaSave - detected UnsignedFile.Multi.Generic (1)
16:24:30.0312 3080 ViaIde - ok
16:24:30.0375 3080 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
16:24:30.0687 3080 VolSnap ( UnsignedFile.Multi.Generic ) - warning
16:24:30.0687 3080 VolSnap - detected UnsignedFile.Multi.Generic (1)
16:24:30.0875 3080 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:24:31.0203 3080 Wanarp ( UnsignedFile.Multi.Generic ) - warning
16:24:31.0203 3080 Wanarp - detected UnsignedFile.Multi.Generic (1)
16:24:31.0265 3080 WDICA - ok
16:24:31.0328 3080 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
16:24:31.0625 3080 wdmaud ( UnsignedFile.Multi.Generic ) - warning
16:24:31.0625 3080 wdmaud - detected UnsignedFile.Multi.Generic (1)
16:24:31.0765 3080 winachsf (9692ab8ba2dcd649a86b1b9b81154278) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
16:24:32.0250 3080 winachsf ( UnsignedFile.Multi.Generic ) - warning
16:24:32.0250 3080 winachsf - detected UnsignedFile.Multi.Generic (1)
16:24:32.0421 3080 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
16:24:32.0640 3080 WmiAcpi ( UnsignedFile.Multi.Generic ) - warning
16:24:32.0640 3080 WmiAcpi - detected UnsignedFile.Multi.Generic (1)
16:24:32.0796 3080 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
16:24:33.0187 3080 WSTCODEC ( UnsignedFile.Multi.Generic ) - warning
16:24:33.0187 3080 WSTCODEC - detected UnsignedFile.Multi.Generic (1)
16:24:33.0281 3080 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
16:24:33.0593 3080 WudfPf ( UnsignedFile.Multi.Generic ) - warning
16:24:33.0593 3080 WudfPf - detected UnsignedFile.Multi.Generic (1)
16:24:33.0781 3080 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
16:24:34.0109 3080 WudfRd ( UnsignedFile.Multi.Generic ) - warning
16:24:34.0109 3080 WudfRd - detected UnsignedFile.Multi.Generic (1)
16:24:34.0281 3080 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
16:24:35.0562 3080 \Device\Harddisk0\DR0 - ok
16:24:35.0625 3080 Boot (0x1200) (ad6e4e26669456032452fb55a5dbf45e) \Device\Harddisk0\DR0\Partition0
16:24:35.0640 3080 \Device\Harddisk0\DR0\Partition0 - ok
16:24:35.0640 3080 ============================================================
16:24:35.0640 3080 Scan finished
16:24:35.0640 3080 ============================================================
16:24:35.0828 3360 Detected object count: 153
16:24:35.0828 3360 Actual detected object count: 153
16:24:57.0656 3360 ACPI ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:57.0687 3360 ACPI ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:57.0687 3360 ACPIEC ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:57.0687 3360 ACPIEC ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:57.0687 3360 aec ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:57.0687 3360 aec ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:57.0687 3360 AFD ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:57.0687 3360 AFD ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:57.0703 3360 aksfridge ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:57.0703 3360 aksfridge ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:57.0703 3360 akshasp ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:57.0703 3360 akshasp ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:57.0703 3360 akshhl ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:57.0734 3360 akshhl ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:57.0734 3360 aksusb ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:57.0734 3360 aksusb ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:57.0734 3360 Arp1394 ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:57.0734 3360 Arp1394 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:57.0734 3360 AsyncMac ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:57.0734 3360 AsyncMac ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:57.0734 3360 atapi ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:57.0734 3360 atapi ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:57.0750 3360 Atmarpc ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:57.0750 3360 Atmarpc ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:57.0750 3360 audstub ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:57.0781 3360 audstub ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:57.0781 3360 b57w2k ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:57.0781 3360 b57w2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:57.0781 3360 BCM43XX ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:57.0781 3360 BCM43XX ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:57.0781 3360 Beep ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:57.0781 3360 Beep ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:57.0781 3360 cbidf2k ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:57.0781 3360 cbidf2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:57.0796 3360 CCDECODE ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:57.0796 3360 CCDECODE ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:57.0796 3360 Cdaudio ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:57.0828 3360 Cdaudio ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:57.0828 3360 Cdfs ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:57.0828 3360 Cdfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:57.0828 3360 Cdrom ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:57.0828 3360 Cdrom ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:57.0828 3360 CmBatt ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:57.0828 3360 CmBatt ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:57.0828 3360 Compbatt ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:57.0828 3360 Compbatt ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:57.0843 3360 Disk ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:57.0843 3360 Disk ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:57.0843 3360 dmboot ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:57.0875 3360 dmboot ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:57.0875 3360 dmio ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:57.0875 3360 dmio ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:57.0875 3360 dmload ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:57.0875 3360 dmload ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:57.0875 3360 DMusic ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:57.0875 3360 DMusic ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:57.0875 3360 drmkaud ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:57.0875 3360 drmkaud ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:57.0890 3360 Fastfat ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:57.0890 3360 Fastfat ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:57.0890 3360 Fdc ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:57.0921 3360 Fdc ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:57.0921 3360 Fips ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:57.0921 3360 Fips ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:57.0921 3360 Flpydisk ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:57.0921 3360 Flpydisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:57.0921 3360 FltMgr ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:57.0921 3360 FltMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:57.0921 3360 Fs_Rec ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:57.0921 3360 Fs_Rec ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:57.0937 3360 Ftdisk ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:57.0937 3360 Ftdisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:57.0937 3360 Gpc ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:57.0968 3360 Gpc ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:57.0968 3360 grmnusb ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:57.0968 3360 grmnusb ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:57.0968 3360 hardlock ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:57.0968 3360 hardlock ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:57.0968 3360 HDAudBus ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:57.0968 3360 HDAudBus ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:57.0968 3360 HidUsb ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:57.0968 3360 HidUsb ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:57.0984 3360 HSFHWAZL ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:57.0984 3360 HSFHWAZL ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:57.0984 3360 HSF_DPV ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0015 3360 HSF_DPV ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0015 3360 HTTP ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0015 3360 HTTP ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0015 3360 i8042prt ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0015 3360 i8042prt ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0015 3360 ialm ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0015 3360 ialm ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0015 3360 imagedrv ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0015 3360 imagedrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0031 3360 imagesrv ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0031 3360 imagesrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0031 3360 Imapi ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0062 3360 Imapi ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0062 3360 IntcAzAudAddService ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0062 3360 IntcAzAudAddService ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0062 3360 intelppm ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0062 3360 intelppm ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0062 3360 Ip6Fw ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0062 3360 Ip6Fw ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0062 3360 IpFilterDriver ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0062 3360 IpFilterDriver ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0078 3360 IpInIp ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0078 3360 IpInIp ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0078 3360 IpNat ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0109 3360 IpNat ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0109 3360 IPSec ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0109 3360 IPSec ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0109 3360 irda ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0109 3360 irda ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0109 3360 IRENUM ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0109 3360 IRENUM ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0109 3360 isapnp ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0109 3360 isapnp ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0125 3360 Kbdclass ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0125 3360 Kbdclass ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0125 3360 kbdhid ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0156 3360 kbdhid ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0156 3360 kmixer ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0156 3360 kmixer ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0156 3360 KSecDD ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0156 3360 KSecDD ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0156 3360 mdmxsdk ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0156 3360 mdmxsdk ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0156 3360 mnmdd ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0156 3360 mnmdd ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0171 3360 Modem ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0171 3360 Modem ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0171 3360 Mouclass ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0203 3360 Mouclass ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0203 3360 mouhid ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0203 3360 mouhid ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0203 3360 MountMgr ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0203 3360 MountMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0203 3360 MPE ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0203 3360 MPE ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0203 3360 MRxDAV ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0203 3360 MRxDAV ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0218 3360 MRxSmb ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0218 3360 MRxSmb ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0218 3360 Msfs ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0250 3360 Msfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0250 3360 MSKSSRV ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0250 3360 MSKSSRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0250 3360 MSPCLOCK ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0250 3360 MSPCLOCK ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0250 3360 MSPQM ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0250 3360 MSPQM ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0250 3360 mssmbios ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0250 3360 mssmbios ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0265 3360 MSTEE ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0265 3360 MSTEE ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0265 3360 Mup ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0296 3360 Mup ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0296 3360 NABTSFEC ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0296 3360 NABTSFEC ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0296 3360 NDIS ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0296 3360 NDIS ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0296 3360 NdisIP ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0296 3360 NdisIP ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0296 3360 NdisTapi ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0296 3360 NdisTapi ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0312 3360 Ndisuio ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0312 3360 Ndisuio ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0312 3360 NdisWan ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0343 3360 NdisWan ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0343 3360 NDProxy ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0343 3360 NDProxy ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0343 3360 NetBIOS ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0343 3360 NetBIOS ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0343 3360 NetBT ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0343 3360 NetBT ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0343 3360 NIC1394 ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0343 3360 NIC1394 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0359 3360 Npfs ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0359 3360 Npfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0359 3360 NSCIRDA ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0390 3360 NSCIRDA ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0390 3360 Ntfs ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0390 3360 Ntfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0390 3360 Null ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0390 3360 Null ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0390 3360 NwlnkFlt ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0390 3360 NwlnkFlt ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0390 3360 NwlnkFwd ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0390 3360 NwlnkFwd ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0406 3360 ohci1394 ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0406 3360 ohci1394 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0406 3360 Parport ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0437 3360 Parport ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0437 3360 PartMgr ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0437 3360 PartMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0437 3360 ParVdm ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0437 3360 ParVdm ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0437 3360 PCI ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0437 3360 PCI ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0453 3360 PCIIde ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0453 3360 PCIIde ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0453 3360 Pcmcia ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0453 3360 Pcmcia ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0453 3360 pfc ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0484 3360 pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0484 3360 PptpMiniport ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0484 3360 PptpMiniport ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0484 3360 PSched ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0484 3360 PSched ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0484 3360 Ptilink ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0484 3360 Ptilink ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0484 3360 RasAcd ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0484 3360 RasAcd ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0500 3360 Rasirda ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0500 3360 Rasirda ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0500 3360 Rasl2tp ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0531 3360 Rasl2tp ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0531 3360 RasPppoe ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0531 3360 RasPppoe ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0531 3360 Raspti ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0531 3360 Raspti ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0531 3360 Rdbss ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0531 3360 Rdbss ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0531 3360 RDPCDD ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0531 3360 RDPCDD ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0546 3360 rdpdr ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0546 3360 rdpdr ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0546 3360 RDPWD ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0578 3360 RDPWD ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0578 3360 redbook ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0578 3360 redbook ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0578 3360 sdbus ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0578 3360 sdbus ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0578 3360 Secdrv ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0578 3360 Secdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0578 3360 Serenum ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0578 3360 Serenum ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0593 3360 Serial ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0593 3360 Serial ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0593 3360 Sfloppy ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0625 3360 Sfloppy ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0625 3360 SLIP ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0625 3360 SLIP ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0625 3360 splitter ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0625 3360 splitter ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0625 3360 sr ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0625 3360 sr ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0625 3360 Srv ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0625 3360 Srv ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0640 3360 streamip ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0640 3360 streamip ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0640 3360 swenum ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0671 3360 swenum ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0671 3360 swmidi ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0671 3360 swmidi ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0671 3360 SynTP ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0671 3360 SynTP ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0671 3360 sysaudio ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0671 3360 sysaudio ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0671 3360 Tcpip ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0671 3360 Tcpip ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0687 3360 TDPIPE ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0687 3360 TDPIPE ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0687 3360 TDTCP ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0718 3360 TDTCP ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0718 3360 TermDD ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0718 3360 TermDD ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0718 3360 tifm21 ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0718 3360 tifm21 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0718 3360 Udfs ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0718 3360 Udfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0718 3360 Update ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0718 3360 Update ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0734 3360 usbccgp ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0734 3360 usbccgp ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0765 3360 usbehci ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0765 3360 usbehci ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0765 3360 usbhub ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0765 3360 usbhub ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0765 3360 usbscan ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0765 3360 usbscan ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0765 3360 USBSTOR ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0765 3360 USBSTOR ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0765 3360 usbuhci ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0765 3360 usbuhci ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0781 3360 uxkx1 ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0781 3360 uxkx1 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0812 3360 VgaSave ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0812 3360 VgaSave ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0812 3360 VolSnap ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0812 3360 VolSnap ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0812 3360 Wanarp ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0812 3360 Wanarp ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0812 3360 wdmaud ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0812 3360 wdmaud ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0812 3360 winachsf ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0812 3360 winachsf ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0828 3360 WmiAcpi ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0828 3360 WmiAcpi ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0859 3360 WSTCODEC ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0859 3360 WSTCODEC ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0859 3360 WudfPf ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0859 3360 WudfPf ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:24:58.0859 3360 WudfRd ( UnsignedFile.Multi.Generic ) - skipped by user
16:24:58.0859 3360 WudfRd ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:25:05.0421 3248 Deinitialize success
Obrázek

honnza
Návštěvník
Návštěvník
Příspěvky: 29
Registrován: 06 bře 2005 10:18
Bydliště: Nový Jičín
Kontaktovat uživatele:

Re: Zavirování - proces: "cislo:cislo.exe"

#7 Příspěvek od honnza »

Ještě se zeptám,..

zapnul jsem si normální režim a neustále vyskakuje hláška "Omezení spouštění dat" u aplikace "windows update" ... nejprvew jsem zkoušel vypnout aktualizace, to se mi nepovedlo... mužu vypnout funkci obnoveni?
Obrázek

Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Zavirování - proces: "cislo:cislo.exe"

#8 Příspěvek od motji »

Prosím spustte znovu combofix.
Já tu už asi dnes nebudu, až zítra večer :)
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.

honnza
Návštěvník
Návštěvník
Příspěvky: 29
Registrován: 06 bře 2005 10:18
Bydliště: Nový Jičín
Kontaktovat uživatele:

Re: Zavirování - proces: "cislo:cislo.exe"

#9 Příspěvek od honnza »

Nevadi, stejne děkuji. Přiložím LOG a ted pustím nějaký sken, přes noc. Děkuju, Mějte se.

ComboFix 12-01-04.02 - autocont 04.01.2012 17:12:52.2.1 - x86 NETWORK
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1014.770 [GMT 1:00]
Spuštěný z: c:\documents and settings\autocont.NB-BOREK\Plocha\ComboFix.exe
AV: AVG Anti-Virus Business Edition *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-04 do 2012-01-04 )))))))))))))))))))))))))))))))
.
.
2012-01-04 14:05 . 2012-01-04 14:05 -------- d-----w- C:\rsit
2012-01-04 14:05 . 2012-01-04 14:05 -------- d-----w- c:\program files\trend micro
2012-01-04 09:47 . 2012-01-04 09:49 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2012-01-04 09:46 . 2012-01-04 09:46 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2012-01-04 09:44 . 2012-01-04 09:44 -------- d-----w- c:\program files\CCleaner
2012-01-04 09:32 . 2012-01-04 15:30 -------- d-----w- c:\documents and settings\autocont.NB-BOREK
2012-01-04 08:26 . 2012-01-04 08:26 -------- d-----r- c:\documents and settings\LocalService\Oblíbené položky
2012-01-03 10:35 . 2012-01-03 10:35 -------- d-----w- c:\program files\ESET
2012-01-03 10:30 . 2012-01-03 10:30 -------- d-----w- c:\documents and settings\autocont\Local Settings\Data aplikací\Mozilla
2012-01-03 10:20 . 2012-01-03 13:33 -------- d-----w- c:\program files\Spybot - Search & Destroy
2012-01-03 10:20 . 2012-01-03 11:17 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Spybot - Search & Destroy
2012-01-03 10:14 . 2012-01-03 10:17 -------- d-----w- c:\documents and settings\autocont\Data aplikací\Inbox Toolbar
2012-01-03 10:13 . 2012-01-03 10:14 -------- d-----w- c:\documents and settings\autocont\Local Settings\Data aplikací\ConduitEngine
2012-01-03 10:13 . 2012-01-03 10:13 -------- d-----w- c:\documents and settings\autocont\Local Settings\Data aplikací\Winamp Toolbar
2012-01-02 18:05 . 2012-01-02 18:05 -------- d--h--w- c:\documents and settings\All Users\Data aplikací\Common Files
2012-01-02 14:35 . 2012-01-02 14:35 -------- d-----w- c:\documents and settings\autocont\Local Settings\Data aplikací\PCHealth
2012-01-02 13:57 . 2012-01-02 13:57 -------- d-----w- c:\documents and settings\autocont\Local Settings\Data aplikací\GHISLER
2012-01-02 13:48 . 2012-01-02 13:48 -------- d-----w- C:\$AVG
2012-01-02 13:43 . 2012-01-02 13:43 12536 ----a-w- c:\windows\system32\avgrsstx.dll
2012-01-02 13:27 . 2012-01-02 13:44 243152 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2012-01-02 13:27 . 2012-01-02 13:27 52872 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2012-01-02 13:27 . 2012-01-02 13:27 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2012-01-02 13:27 . 2012-01-02 13:43 29712 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2012-01-02 13:27 . 2012-01-04 15:25 -------- d-----w- c:\windows\system32\drivers\Avg
2012-01-02 13:26 . 2012-01-04 09:29 -------- d-----w- c:\documents and settings\All Users\Data aplikací\avg9
2012-01-02 13:02 . 2012-01-02 13:02 -------- d-----w- c:\documents and settings\autocont\Local Settings\Data aplikací\Temp
2012-01-02 13:02 . 2012-01-02 13:02 -------- d-----w- c:\documents and settings\autocont\Local Settings\Data aplikací\Adobe
2011-12-25 14:48 . 2011-12-25 14:49 -------- d--h--w- c:\windows\msdownld.tmp
2011-12-25 14:32 . 2011-12-25 14:33 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Solidshield
2011-12-25 14:24 . 2011-12-25 14:24 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Electronic Arts
2011-12-25 14:24 . 2011-12-25 14:24 -------- d-----w- c:\documents and settings\All Users\Data aplikací\EA Core
2011-12-25 14:02 . 2009-09-04 16:29 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2011-12-25 14:02 . 2009-09-04 16:29 5501792 ----a-w- c:\windows\system32\d3dcsx_42.dll
2011-12-25 14:01 . 2009-09-04 16:29 235344 ----a-w- c:\windows\system32\d3dx11_42.dll
2011-12-25 14:01 . 2009-09-04 16:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2011-12-25 14:01 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2011-12-25 14:01 . 2011-12-25 14:01 -------- d-----w- c:\program files\Electronic Arts
2011-12-25 13:48 . 2011-12-25 13:48 -------- d-----w- c:\windows\UMStor
2011-12-25 13:48 . 2011-12-25 13:48 -------- d-----w- c:\windows\system\iosubsys
2011-12-25 13:48 . 2003-11-21 17:09 201736 ------w- c:\windows\system32\drivers\UMSTOR.sys
2011-12-25 13:48 . 2011-12-25 13:48 -------- d-----w- c:\program files\USB Disk Win98 Driver
2011-12-25 13:44 . 2011-12-25 13:44 -------- d-----w- C:\MTV_OUTPUT
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-04 13:15 . 2007-08-02 12:00 162816 ----a-w- c:\windows\system32\drivers\netbt.sys
2011-12-01 18:52 . 2011-12-01 18:52 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-28 05:32 . 2007-08-02 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-26 10:50 . 2007-08-02 12:00 2194944 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-26 10:50 . 2004-08-17 15:45 2071552 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-18 11:13 . 2007-08-02 12:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-10-11 11:47 . 2007-10-29 17:09 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-10-11 11:47 . 2011-10-11 11:48 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-08-30 09:23 . 2011-08-10 23:08 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-17 14:54 175912 ----a-w- c:\program files\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\prxConduitEngine.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\prxConduitEngine.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-03-21 16126464]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-07 102400]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-04-21 142104]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-04-21 162584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-04-21 138008]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 185896]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 75304]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2005-02-17 221184]
"POPUPTV"="c:\program files\ASUS\PopupTV\ExpressTV.exe" [2009-02-20 708608]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2010-12-09 74752]
"DivX Download Manager"="c:\program files\DivX\DivX Plus Web Player\DDmService.exe" [2010-12-08 63360]
"Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2011-02-26 126976]
"USB Storage Toolbox"="c:\windows\UMStor\Res.EXE" [2005-09-14 65536]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2012-01-02 2078048]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-17 81920]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-03-21 202256]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-12-09 1226608]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-04 435096]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Action Manager 32.lnk - c:\program files\ScannerU\AM32.exe [2007-11-14 69632]
Akcelerátor spuštění AutoCADu.lnk - c:\program files\Common Files\Autodesk Shared\acstart17.exe [2006-3-5 11000]
AutoCAD Startup Accelerator.lnk - c:\program files\Common Files\Autodesk Shared\acstart16.exe [2006-9-23 10872]
Místní vyhledávání.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2007-2-5 118784]
TMMonitor.lnk - c:\program files\ArcSoft\TotalMedia 3.5\TMMonitor.exe [2009-12-23 258048]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2007-02-05 294400]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2012-01-02 13:43 12536 ----a-w- c:\windows\system32\avgrsstx.dll
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Google\\Google SketchUp 7\\SketchUp.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2.1.2012 14:27 52872]
R1 AvgTdiX;AVG Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2.1.2012 14:27 243152]
S1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2.1.2012 14:27 216400]
S2 avg9emc;AVG E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [2.1.2012 14:26 916480]
S2 avg9wd;AVG WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2.1.2012 14:43 299520]
S2 avgagent;AVG7 Remote Support Service (AvgAgent);avgagent.exe /srvfsys --> avgagent.exe [?]
S2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run --> c:\windows\system32\hasplms.exe -run [?]
S3 gupdate1c99da3dd552baa;Google Update Service (gupdate1c99da3dd552baa);c:\program files\Google\Update\GoogleUpdate.exe [5.3.2009 16:05 133104]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [5.3.2009 16:05 133104]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [4.1.2012 10:47 40776]
S3 uxkx1;ASUS MyCinema DiBcom based digital tuner device;c:\windows\system32\drivers\uxkx1.sys [23.12.2009 20:07 609280]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MDMXSDK
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Obsah adresáře 'Naplánované úlohy'
.
2012-01-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-05 15:05]
.
2012-01-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-05 15:05]
.
2012-01-04 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2119669116-2072395555-1277150550-1142.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]
.
2012-01-04 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2119669116-2072395555-1277150550-1157.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]
.
2012-01-03 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2119669116-2072395555-1277150550-1142.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]
.
2012-01-02 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2119669116-2072395555-1277150550-1157.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]
.
.
------- Doplňkový sken -------
.
TCP: DhcpNameServer = 192.168.0.1
DPF: Garmin Communicator Plug-In - hxxps://my.garmin.com/mygarmin/m/GarminAxControl.CAB
DPF: {1F831FA2-42FC-11D4-95A6-0080AD30DCE1} - file:///C:/Program%20Files/AutoCAD%20LT%202000i%20Cz/InstFred.ocx
DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://85.207.254.4/activex/AMC.cab
FF - ProfilePath - c:\documents and settings\autocont.NB-BOREK\Data aplikací\Mozilla\Firefox\Profiles\aatamr35.default\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-01-04 17:19
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(392)
c:\program files\Windows Desktop Search\deskbar.dll
c:\program files\Windows Desktop Search\cs-cz\dbres.dll.mui
c:\program files\Windows Desktop Search\dbres.dll
c:\program files\Windows Desktop Search\wordwheel.dll
c:\program files\Windows Desktop Search\cs-cz\msnlExtRes.dll.mui
c:\program files\Windows Desktop Search\msnlExtRes.dll
.
Celkový čas: 2012-01-04 17:22:19
ComboFix-quarantined-files.txt 2012-01-04 16:22
ComboFix2.txt 2012-01-04 14:57
.
Před spuštěním: Volných bajtů: 34 774 769 664
Po spuštění: Volných bajtů: 34 793 054 208
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - A7F7E21674AB87E7F8666DAFA7441066
Obrázek

Uživatelský avatar
Mc_Murphy
VIP in memoriam
VIP in memoriam
Příspěvky: 6706
Registrován: 03 lis 2008 15:55
Bydliště: Plzeň [ZČ]
Kontaktovat uživatele:

Re: Zavirování - proces: "cislo:cislo.exe"

#10 Příspěvek od Mc_Murphy »

Zdravím. :162:

Na žádost kolegyňky sem na chvilku zaskočím. Ona si to pak zase převezme. ;)

:arrow: Doporučuji odinstalovat Spybot - Search & Destroy. Program má svá nejlepší léta již dávno za sebou a není schopen čelit aktuálním hrozbám.

:arrow: Pokud jsi tak ještě neučinil, přesuň ComboFix na Plochu.
  • Otevři si Poznámkový blok (Start >> Spustit... (nebo Win+R) >> do okénka napiš notepad >> [Enter]).
  • Zkopíruj do něj tento script:

Kód: Vybrat vše

KillAll::

Driver::
gupdate1c99da3dd552baa
gupdatem

File::
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Action Manager 32.lnk
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2119669116-2072395555-1277150550-1142.job
c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2119669116-2072395555-1277150550-1157.job
c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2119669116-2072395555-1277150550-1142.job
c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2119669116-2072395555-1277150550-1157.job

Folder::
c:\program files\ESET
c:\documents and settings\autocont\Local Settings\Data aplikací\ConduitEngine
c:\documents and settings\autocont\Local Settings\Data aplikací\Winamp Toolbar
c:\program files\ConduitEngine

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"=-
[-HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"=-
[-HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=-
"Persistence"=-
"SSBkgdUpdate"=-
"ISUSPM Startup"=-
"WinampAgent"=-
"DivX Download Manager"=-
"Google Quick Search Box"=-
"ISUSScheduler"=-
"TkBellExe"=-
"SunJavaUpdateSched"=-
"NeroFilterCheck"=-
"DivXUpdate"="-
"Adobe ARM"=-

Reboot::
  • Ulož vytvořený TXT jako CFScript.txt
  • Přetáhni vytvořený CFScript.txt nad ComboFix a pusť (viz obrázek).
    Obrázek
  • Po aplikaci scriptu (a případném restartu PC) na Tebe vyskočí log. Jeho obsah mi sem vlož.
:!: Může se stát, že po aplikaci scriptu nenaběhnou Windows. V tom případě restartuj PC, hned při náběhu mačkej klávesu F8 a zvol Poslední známou konfiguraci.
Obrázek-Obrázek
Obrázek-Obrázek

  • ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
    • You gave me love, I've found my identity, found my identity.

    I'm moving on, I'm moving on, I'm moving on by the Spirit.
    • You gave me hope, I've found my identity in Christ...

honnza
Návštěvník
Návštěvník
Příspěvky: 29
Registrován: 06 bře 2005 10:18
Bydliště: Nový Jičín
Kontaktovat uživatele:

Re: Zavirování - proces: "cislo:cislo.exe"

#11 Příspěvek od honnza »

Dobré ráno, děkuju...
spybot odinstalovaný...
ze včerejška Kaspersky Virus Rem. Tool log:

Status: Disinfected (events: 2)
4.1.2012 19:35:08 Disinfected Trojan program Trojan.Win32.Patched.mf C:\Qoobox\Quarantine\C\WINDOWS\system32\wuauclt.exe.vir High
4.1.2012 19:57:07 Disinfected Trojan program Trojan.Win32.Patched.mf C:\WINDOWS\system32\searchprotocolhost.exe High
Status: Deleted (events: 1)
4.1.2012 19:38:45 Deleted Trojan program Backdoor.Win32.ZAccess.avy C:\Qoobox\Quarantine\C\WINDOWS\assembly\GAC_MSIL\desktop.ini.vir High

Combofix log:
ComboFix 12-01-04.02 - autocont 05.01.2012 8:50.3.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1014.452 [GMT 1:00]
Spuštěný z: c:\documents and settings\autocont.NB-BOREK\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\autocont.NB-BOREK\Plocha\CFScript.txt.txt
AV: AVG Anti-Virus Business Edition *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
FILE ::
"c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Action Manager 32.lnk"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2119669116-2072395555-1277150550-1142.job"
"c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2119669116-2072395555-1277150550-1157.job"
"c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2119669116-2072395555-1277150550-1142.job"
"c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2119669116-2072395555-1277150550-1157.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\ConduitEngine
c:\program files\ConduitEngine\appContextMenu.xml
c:\program files\ConduitEngine\ConduitEngin0.dll
c:\program files\ConduitEngine\ConduitEngine.dll
c:\program files\ConduitEngine\ConduitEngineHelper.exe
c:\program files\ConduitEngine\ConduitEngineUninstall.exe
c:\program files\ConduitEngine\engineContextMenu.xml
c:\program files\ConduitEngine\EngineSettings.json
c:\program files\ConduitEngine\INSTALL.LOG
c:\program files\ConduitEngine\prxConduitEngine.dll
c:\program files\ConduitEngine\toolbar.cfg
c:\program files\ESET
c:\program files\ESET\ESET Online Scanner\esets_apiA.dll
c:\program files\ESET\ESET Online Scanner\esets_apiW.dll
c:\program files\ESET\ESET Online Scanner\esets_apiW_a.dll
c:\program files\ESET\ESET Online Scanner\ESETSmartInstaller.exe
c:\program files\ESET\ESET Online Scanner\log.txt
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\http_update.eset.com\update.ver
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\lastupd.ver
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod01E3.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod0C2F.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod1B8E.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod2BC0.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod3400.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod3797.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod3889.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod470B.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod60AB.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod6447.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod6498.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod6532.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod6622.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod6EBC.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod70CB.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod7B22.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em000_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em001_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em002_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em003_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em004_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em005_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em006_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\upd.ver
c:\program files\ESET\ESET Online Scanner\Modules\em000_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\em001_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\em002_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\em003_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\em004_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\em005_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\em006_32.dat
c:\program files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
c:\program files\ESET\ESET Online Scanner\OnlineCmdLineScannerA.exe
c:\program files\ESET\ESET Online Scanner\OnlineScanner.cab
c:\program files\ESET\ESET Online Scanner\OnlineScanner.inf
c:\program files\ESET\ESET Online Scanner\OnlineScanner.ocx
c:\program files\ESET\ESET Online Scanner\OnlineScanner64.ocx
c:\program files\ESET\ESET Online Scanner\OnlineScannerApp.exe
c:\program files\ESET\ESET Online Scanner\OnlineScannerLang.dll
c:\program files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
c:\program files\ESET\ESET Online Scanner\unicows.dll
c:\windows\iun6002.exe
c:\windows\msmqinst.log
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_GUPDATE1C99DA3DD552BAA
-------\Legacy_GUPDATEM
-------\Service_gupdate1c99da3dd552baa
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-05 do 2012-01-05 )))))))))))))))))))))))))))))))
.
.
2012-01-04 14:05 . 2012-01-04 14:05 -------- d-----w- C:\rsit
2012-01-04 14:05 . 2012-01-04 14:05 -------- d-----w- c:\program files\trend micro
2012-01-04 09:47 . 2012-01-04 09:49 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2012-01-04 09:46 . 2012-01-04 09:46 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2012-01-04 09:44 . 2012-01-04 09:44 -------- d-----w- c:\program files\CCleaner
2012-01-04 09:32 . 2012-01-04 15:30 -------- d-----w- c:\documents and settings\autocont.NB-BOREK
2012-01-04 08:26 . 2012-01-04 08:26 -------- d-----r- c:\documents and settings\LocalService\Oblíbené položky
2012-01-03 10:30 . 2012-01-03 10:30 -------- d-----w- c:\documents and settings\autocont\Local Settings\Data aplikací\Mozilla
2012-01-03 10:20 . 2012-01-05 08:06 -------- d-----w- c:\program files\Spybot - Search & Destroy
2012-01-03 10:20 . 2012-01-05 07:41 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Spybot - Search & Destroy
2012-01-03 10:14 . 2012-01-03 10:17 -------- d-----w- c:\documents and settings\autocont\Data aplikací\Inbox Toolbar
2012-01-03 10:13 . 2012-01-03 10:14 -------- d-----w- c:\documents and settings\autocont\Local Settings\Data aplikací\ConduitEngine
2012-01-03 10:13 . 2012-01-03 10:13 -------- d-----w- c:\documents and settings\autocont\Local Settings\Data aplikací\Winamp Toolbar
2012-01-02 18:05 . 2012-01-02 18:05 -------- d--h--w- c:\documents and settings\All Users\Data aplikací\Common Files
2012-01-02 14:35 . 2012-01-02 14:35 -------- d-----w- c:\documents and settings\autocont\Local Settings\Data aplikací\PCHealth
2012-01-02 13:57 . 2012-01-02 13:57 -------- d-----w- c:\documents and settings\autocont\Local Settings\Data aplikací\GHISLER
2012-01-02 13:48 . 2012-01-02 13:48 -------- d-----w- C:\$AVG
2012-01-02 13:43 . 2012-01-02 13:43 12536 ----a-w- c:\windows\system32\avgrsstx.dll
2012-01-02 13:27 . 2012-01-02 13:44 243152 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2012-01-02 13:27 . 2012-01-02 13:27 52872 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2012-01-02 13:27 . 2012-01-02 13:27 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2012-01-02 13:27 . 2012-01-02 13:43 29712 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2012-01-02 13:27 . 2012-01-04 15:25 -------- d-----w- c:\windows\system32\drivers\Avg
2012-01-02 13:26 . 2012-01-04 09:29 -------- d-----w- c:\documents and settings\All Users\Data aplikací\avg9
2012-01-02 13:02 . 2012-01-02 13:02 -------- d-----w- c:\documents and settings\autocont\Local Settings\Data aplikací\Temp
2012-01-02 13:02 . 2012-01-02 13:02 -------- d-----w- c:\documents and settings\autocont\Local Settings\Data aplikací\Adobe
2011-12-25 14:48 . 2011-12-25 14:49 -------- d--h--w- c:\windows\msdownld.tmp
2011-12-25 14:32 . 2011-12-25 14:33 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Solidshield
2011-12-25 14:24 . 2011-12-25 14:24 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Electronic Arts
2011-12-25 14:24 . 2011-12-25 14:24 -------- d-----w- c:\documents and settings\All Users\Data aplikací\EA Core
2011-12-25 14:02 . 2009-09-04 16:29 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2011-12-25 14:02 . 2009-09-04 16:29 5501792 ----a-w- c:\windows\system32\d3dcsx_42.dll
2011-12-25 14:01 . 2009-09-04 16:29 235344 ----a-w- c:\windows\system32\d3dx11_42.dll
2011-12-25 14:01 . 2009-09-04 16:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2011-12-25 14:01 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2011-12-25 14:01 . 2011-12-25 14:01 -------- d-----w- c:\program files\Electronic Arts
2011-12-25 13:48 . 2011-12-25 13:48 -------- d-----w- c:\windows\UMStor
2011-12-25 13:48 . 2011-12-25 13:48 -------- d-----w- c:\windows\system\iosubsys
2011-12-25 13:48 . 2003-11-21 17:09 201736 ------w- c:\windows\system32\drivers\UMSTOR.sys
2011-12-25 13:48 . 2011-12-25 13:48 -------- d-----w- c:\program files\USB Disk Win98 Driver
2011-12-25 13:44 . 2011-12-25 13:44 -------- d-----w- C:\MTV_OUTPUT
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-04 18:57 . 2007-02-05 13:32 182784 ----a-w- c:\windows\system32\searchprotocolhost.exe
2012-01-04 13:15 . 2007-08-02 12:00 162816 ----a-w- c:\windows\system32\drivers\netbt.sys
2011-12-01 18:52 . 2011-12-01 18:52 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-23 14:40 . 2007-08-02 12:00 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-04 19:13 . 2007-08-02 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2011-11-04 19:13 . 2007-08-02 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-11-04 19:13 . 2007-08-02 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-11-04 11:23 . 2007-08-02 12:00 385024 ----a-w- c:\windows\system32\html.iec
2011-11-01 16:07 . 2007-08-02 12:00 1288192 ----a-w- c:\windows\system32\ole32.dll
2011-10-28 05:32 . 2007-08-02 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-26 10:50 . 2007-08-02 12:00 2194944 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-26 10:50 . 2004-08-17 15:45 2071552 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-18 11:13 . 2007-08-02 12:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-10-11 11:47 . 2007-10-29 17:09 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-10-11 11:47 . 2011-10-11 11:48 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-10-10 14:22 . 2007-10-24 22:35 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-08-30 09:23 . 2011-08-10 23:08 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-01-04_14.52.27 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-01-05 08:06 . 2012-01-05 08:06 16384 c:\windows\temp\Perflib_Perfdata_574.dat
- 2007-08-02 12:00 . 2011-08-22 23:41 66560 c:\windows\system32\mshtmled.dll
+ 2007-08-02 12:00 . 2011-11-04 19:13 66560 c:\windows\system32\mshtmled.dll
+ 2007-08-13 17:54 . 2011-11-04 19:13 55296 c:\windows\system32\msfeedsbs.dll
- 2007-08-13 17:54 . 2011-08-22 23:41 55296 c:\windows\system32\msfeedsbs.dll
+ 2007-08-02 12:00 . 2011-11-04 19:13 25600 c:\windows\system32\jsproxy.dll
- 2007-08-02 12:00 . 2011-08-22 23:41 25600 c:\windows\system32\jsproxy.dll
+ 2009-07-02 12:58 . 2011-11-04 19:13 12800 c:\windows\system32\dllcache\xpshims.dll
- 2009-07-02 12:58 . 2011-08-22 23:41 12800 c:\windows\system32\dllcache\xpshims.dll
- 2007-08-02 12:00 . 2011-08-22 23:41 66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2007-08-02 12:00 . 2011-11-04 19:13 66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2007-10-29 16:31 . 2011-11-04 19:13 55296 c:\windows\system32\dllcache\msfeedsbs.dll
- 2007-10-29 16:31 . 2011-08-22 23:41 55296 c:\windows\system32\dllcache\msfeedsbs.dll
- 2007-08-02 12:00 . 2011-08-22 23:41 43520 c:\windows\system32\dllcache\licmgr10.dll
+ 2007-08-02 12:00 . 2011-11-04 19:13 43520 c:\windows\system32\dllcache\licmgr10.dll
- 2007-08-02 12:00 . 2011-08-22 23:41 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2007-08-02 12:00 . 2011-11-04 19:13 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2011-12-25 02:49 . 2011-12-25 02:49 31504 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2011-12-25 10:07 . 2011-12-25 10:07 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
- 2011-07-08 12:00 . 2011-07-08 12:00 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
+ 2011-12-24 21:55 . 2011-12-24 21:55 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2011-07-07 10:04 . 2011-07-07 10:04 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2011-07-07 10:04 . 2011-07-07 10:04 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2011-12-24 21:55 . 2011-12-24 21:55 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2011-12-24 21:55 . 2011-12-24 21:55 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2011-07-07 10:03 . 2011-07-07 10:03 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2011-12-24 22:49 . 2011-12-24 22:49 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2011-07-07 11:09 . 2011-07-07 11:09 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2011-07-07 11:09 . 2011-07-07 11:09 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
+ 2011-12-24 22:49 . 2011-12-24 22:49 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
- 2007-12-14 06:55 . 2012-01-02 14:44 35088 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\oisicon.exe
+ 2007-12-14 06:55 . 2012-01-04 16:48 35088 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\oisicon.exe
- 2007-12-14 06:55 . 2012-01-02 14:44 18704 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\mspicons.exe
+ 2007-12-14 06:55 . 2012-01-04 16:48 18704 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\mspicons.exe
+ 2007-12-14 06:55 . 2012-01-04 16:48 20240 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\cagicon.exe
- 2007-12-14 06:55 . 2012-01-02 14:44 20240 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\cagicon.exe
+ 2007-10-29 16:40 . 2012-01-04 16:35 23040 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2007-10-29 16:40 . 2012-01-02 14:46 23040 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2007-10-29 16:40 . 2012-01-04 16:35 61440 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2007-10-29 16:40 . 2012-01-02 14:46 61440 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2007-10-29 16:40 . 2012-01-02 14:46 27136 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2007-10-29 16:40 . 2012-01-04 16:35 27136 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2007-10-29 16:40 . 2012-01-04 16:35 11264 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2007-10-29 16:40 . 2012-01-02 14:46 11264 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2007-10-29 16:40 . 2012-01-04 16:35 86016 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2007-10-29 16:40 . 2012-01-02 14:46 86016 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2007-10-29 16:40 . 2012-01-02 14:46 12288 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2007-10-29 16:40 . 2012-01-04 16:35 12288 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2012-01-04 16:43 . 2011-08-22 23:41 12800 c:\windows\ie8updates\KB2618444-IE8\xpshims.dll
+ 2012-01-04 16:43 . 2011-08-22 23:41 66560 c:\windows\ie8updates\KB2618444-IE8\mshtmled.dll
+ 2012-01-04 16:43 . 2011-08-22 23:41 55296 c:\windows\ie8updates\KB2618444-IE8\msfeedsbs.dll
+ 2012-01-04 16:43 . 2011-08-22 23:41 43520 c:\windows\ie8updates\KB2618444-IE8\licmgr10.dll
+ 2012-01-04 16:43 . 2011-08-22 23:41 25600 c:\windows\ie8updates\KB2618444-IE8\jsproxy.dll
+ 2012-01-04 16:45 . 2012-01-04 16:45 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_c34113ff\System.Drawing.Design.dll
+ 2012-01-04 16:44 . 2012-01-04 16:44 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_fc426584\CustomMarshalers.dll
+ 2012-01-04 16:47 . 2012-01-04 16:47 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\750de53f30e516eb2c62de9bab7954e9\System.Web.DynamicData.Design.ni.dll
+ 2012-01-04 16:39 . 2012-01-04 16:39 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2011-10-12 13:33 . 2011-10-12 13:33 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2011-10-12 13:33 . 2011-10-12 13:33 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2012-01-04 16:39 . 2012-01-04 16:39 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2012-01-04 16:39 . 2012-01-04 16:39 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2011-10-12 13:33 . 2011-10-12 13:33 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2012-01-04 16:39 . 2012-01-04 16:39 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2011-10-12 13:33 . 2011-10-12 13:33 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2012-01-04 16:39 . 2012-01-04 16:39 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2011-10-12 13:33 . 2011-10-12 13:33 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2012-01-04 16:39 . 2012-01-04 16:39 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2011-10-12 13:33 . 2011-10-12 13:33 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2012-01-04 16:39 . 2012-01-04 16:39 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2011-10-12 13:33 . 2011-10-12 13:33 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2011-10-12 13:33 . 2011-10-12 13:33 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2012-01-04 16:39 . 2012-01-04 16:39 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2012-01-04 16:39 . 2012-01-04 16:39 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2011-10-12 13:33 . 2011-10-12 13:33 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2012-01-04 16:39 . 2012-01-04 16:39 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2011-10-12 13:33 . 2011-10-12 13:33 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2011-10-12 13:33 . 2011-10-12 13:33 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2012-01-04 16:39 . 2012-01-04 16:39 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2012-01-04 16:39 . 2012-01-04 16:39 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2011-10-12 13:33 . 2011-10-12 13:33 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-01-04 16:39 . 2012-01-04 16:39 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2011-10-12 13:33 . 2011-10-12 13:33 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2011-10-12 12:58 . 2011-10-12 12:58 81920 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
+ 2012-01-04 16:44 . 2012-01-04 16:44 81920 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
- 2011-10-12 13:33 . 2011-10-12 13:33 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2012-01-04 16:39 . 2012-01-04 16:39 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2012-01-04 16:45 . 2012-01-04 16:49 4610 c:\windows\SoftwareDistribution\EventCache\{7118B9C0-F0CD-48C2-BC79-4F00527C764D}.bin
+ 2012-01-04 16:35 . 2012-01-04 16:44 4172 c:\windows\SoftwareDistribution\EventCache\{20AF7142-032F-46D6-9E9E-36C86363C805}.bin
+ 2007-10-29 16:40 . 2012-01-04 16:35 4096 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2007-10-29 16:40 . 2012-01-02 14:46 4096 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2012-01-04 16:39 . 2012-01-04 16:39 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2011-10-12 13:33 . 2011-10-12 13:33 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2012-01-04 16:39 . 2012-01-04 16:39 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2011-10-12 13:33 . 2011-10-12 13:33 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2011-10-12 13:33 . 2011-10-12 13:33 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2012-01-04 16:39 . 2012-01-04 16:39 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2011-10-12 13:33 . 2011-10-12 13:33 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2012-01-04 16:39 . 2012-01-04 16:39 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2012-01-04 16:39 . 2012-01-04 16:39 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2011-10-12 13:33 . 2011-10-12 13:33 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2012-01-04 16:39 . 2012-01-04 16:39 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2011-10-12 13:33 . 2011-10-12 13:33 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2007-08-02 12:00 . 2011-08-22 23:41 105984 c:\windows\system32\url.dll
+ 2007-08-02 12:00 . 2011-11-04 19:13 105984 c:\windows\system32\url.dll
+ 2007-08-02 12:00 . 2012-01-04 16:40 922410 c:\windows\system32\perfh009.dat
+ 2007-08-02 12:00 . 2012-01-04 16:40 965342 c:\windows\system32\perfh005.dat
+ 2007-08-02 12:00 . 2012-01-04 16:40 329508 c:\windows\system32\perfc009.dat
+ 2007-08-02 12:00 . 2012-01-04 16:40 366580 c:\windows\system32\perfc005.dat
+ 2007-08-02 12:00 . 2011-11-04 19:13 206848 c:\windows\system32\occache.dll
- 2007-08-02 12:00 . 2011-08-22 23:41 206848 c:\windows\system32\occache.dll
+ 2007-08-02 12:00 . 2011-11-04 19:13 611840 c:\windows\system32\mstime.dll
- 2007-08-02 12:00 . 2011-08-22 23:41 611840 c:\windows\system32\mstime.dll
- 2007-08-13 17:54 . 2011-08-22 23:41 602112 c:\windows\system32\msfeeds.dll
+ 2007-08-13 17:54 . 2011-11-04 19:13 602112 c:\windows\system32\msfeeds.dll
- 2007-08-02 12:00 . 2011-08-22 23:41 184320 c:\windows\system32\iepeers.dll
+ 2007-08-02 12:00 . 2011-11-04 19:13 184320 c:\windows\system32\iepeers.dll
+ 2007-08-02 12:00 . 2011-11-04 19:13 387584 c:\windows\system32\iedkcs32.dll
- 2007-08-02 12:00 . 2011-08-22 23:41 387584 c:\windows\system32\iedkcs32.dll
+ 2007-08-02 12:00 . 2011-11-04 11:24 174080 c:\windows\system32\ie4uinit.exe
- 2007-08-02 12:00 . 2011-08-22 11:56 174080 c:\windows\system32\ie4uinit.exe
- 2007-10-24 23:46 . 2011-11-21 18:27 353768 c:\windows\system32\FNTCACHE.DAT
+ 2007-10-24 23:46 . 2012-01-04 16:51 353768 c:\windows\system32\FNTCACHE.DAT
+ 2007-08-02 12:00 . 2011-11-04 19:13 916992 c:\windows\system32\dllcache\wininet.dll
+ 2007-08-02 12:00 . 2011-11-04 19:13 105984 c:\windows\system32\dllcache\url.dll
- 2007-08-02 12:00 . 2011-08-22 23:41 105984 c:\windows\system32\dllcache\url.dll
- 2007-08-02 12:00 . 2011-08-22 23:41 206848 c:\windows\system32\dllcache\occache.dll
+ 2007-08-02 12:00 . 2011-11-04 19:13 206848 c:\windows\system32\dllcache\occache.dll
+ 2007-08-02 12:00 . 2011-11-04 19:13 611840 c:\windows\system32\dllcache\mstime.dll
- 2007-08-02 12:00 . 2011-08-22 23:41 611840 c:\windows\system32\dllcache\mstime.dll
- 2007-10-29 16:31 . 2011-08-22 23:41 602112 c:\windows\system32\dllcache\msfeeds.dll
+ 2007-10-29 16:31 . 2011-11-04 19:13 602112 c:\windows\system32\dllcache\msfeeds.dll
+ 2008-08-14 07:28 . 2011-10-10 14:22 692736 c:\windows\system32\dllcache\inetcomm.dll
- 2008-08-14 07:28 . 2011-05-02 15:32 692736 c:\windows\system32\dllcache\inetcomm.dll
+ 2009-07-02 12:58 . 2011-11-04 19:13 247808 c:\windows\system32\dllcache\ieproxy.dll
- 2009-07-02 12:58 . 2011-08-22 23:41 247808 c:\windows\system32\dllcache\ieproxy.dll
+ 2007-08-02 12:00 . 2011-11-04 19:13 184320 c:\windows\system32\dllcache\iepeers.dll
- 2007-08-02 12:00 . 2011-08-22 23:41 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2010-12-02 13:54 . 2011-11-04 19:13 743424 c:\windows\system32\dllcache\iedvtool.dll
- 2010-12-02 13:54 . 2011-08-22 23:41 743424 c:\windows\system32\dllcache\iedvtool.dll
+ 2007-08-02 12:00 . 2011-11-04 19:13 387584 c:\windows\system32\dllcache\iedkcs32.dll
- 2007-08-02 12:00 . 2011-08-22 23:41 387584 c:\windows\system32\dllcache\iedkcs32.dll
- 2007-08-02 12:00 . 2011-08-22 11:56 174080 c:\windows\system32\dllcache\ie4uinit.exe
+ 2007-08-02 12:00 . 2011-11-04 11:24 174080 c:\windows\system32\dllcache\ie4uinit.exe
+ 2011-10-12 12:50 . 2011-09-28 07:06 602112 c:\windows\system32\dllcache\crypt32.dll
- 2011-10-12 12:50 . 2011-09-09 09:12 602112 c:\windows\system32\dllcache\crypt32.dll
+ 2007-08-02 12:00 . 2011-09-28 07:06 602112 c:\windows\system32\crypt32.dll
- 2007-08-02 12:00 . 2011-09-09 09:12 602112 c:\windows\system32\crypt32.dll
+ 2011-12-25 02:49 . 2011-12-25 02:49 436496 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
- 2011-07-07 10:04 . 2011-07-07 10:04 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2011-12-24 21:55 . 2011-12-24 21:55 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2011-12-24 21:53 . 2011-12-24 21:53 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2011-07-07 10:01 . 2011-07-07 10:01 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2011-12-24 22:49 . 2011-12-24 22:49 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
- 2011-07-07 11:09 . 2011-07-07 11:09 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2011-12-25 04:40 . 2011-12-25 04:40 819200 c:\windows\Installer\6f34b.msp
+ 2007-12-14 06:55 . 2012-01-04 16:48 888080 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\wordicon.exe
- 2007-12-14 06:55 . 2012-01-02 14:44 888080 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\wordicon.exe
+ 2007-12-14 06:55 . 2012-01-04 16:48 272648 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\pubs.exe
- 2007-12-14 06:55 . 2012-01-02 14:44 272648 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\pubs.exe
+ 2007-12-14 06:55 . 2012-01-04 16:48 922384 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\pptico.exe
- 2007-12-14 06:55 . 2012-01-02 14:44 922384 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\pptico.exe
+ 2007-12-14 06:55 . 2012-01-04 16:48 845584 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\outicon.exe
- 2007-12-14 06:55 . 2012-01-02 14:44 845584 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\outicon.exe
+ 2007-12-14 06:55 . 2012-01-04 16:48 217864 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\misc.exe
- 2007-12-14 06:55 . 2012-01-02 14:44 217864 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\misc.exe
- 2007-10-29 16:40 . 2012-01-02 14:46 409600 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2007-10-29 16:40 . 2012-01-04 16:35 409600 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2007-10-29 16:40 . 2012-01-04 16:35 286720 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2007-10-29 16:40 . 2012-01-02 14:46 286720 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2007-10-29 16:40 . 2012-01-02 14:46 249856 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2007-10-29 16:40 . 2012-01-04 16:35 249856 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2007-10-29 16:40 . 2012-01-04 16:35 794624 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2007-10-29 16:40 . 2012-01-02 14:46 794624 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2007-10-29 16:40 . 2012-01-02 14:46 135168 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2007-10-29 16:40 . 2012-01-04 16:35 135168 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2007-10-29 16:40 . 2012-01-04 16:35 593920 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2007-10-29 16:40 . 2012-01-02 14:46 593920 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2011-10-12 13:09 . 2011-10-12 13:09 217864 c:\windows\Installer\{50120000-1105-0000-0000-0000000FF1CE}\misc.exe
+ 2012-01-04 16:48 . 2012-01-04 16:48 217864 c:\windows\Installer\{50120000-1105-0000-0000-0000000FF1CE}\misc.exe
+ 2012-01-04 16:43 . 2011-08-22 23:41 916480 c:\windows\ie8updates\KB2618444-IE8\wininet.dll
+ 2012-01-04 16:43 . 2011-08-22 23:41 105984 c:\windows\ie8updates\KB2618444-IE8\url.dll
+ 2012-01-04 16:43 . 2010-07-05 13:13 391032 c:\windows\ie8updates\KB2618444-IE8\spuninst\updspapi.dll
+ 2012-01-04 16:43 . 2010-07-05 13:13 233848 c:\windows\ie8updates\KB2618444-IE8\spuninst\spuninst.exe
+ 2012-01-04 16:43 . 2011-08-22 23:41 206848 c:\windows\ie8updates\KB2618444-IE8\occache.dll
+ 2012-01-04 16:43 . 2011-08-22 23:41 611840 c:\windows\ie8updates\KB2618444-IE8\mstime.dll
+ 2012-01-04 16:43 . 2011-08-22 23:41 602112 c:\windows\ie8updates\KB2618444-IE8\msfeeds.dll
+ 2012-01-04 16:43 . 2011-08-22 23:41 247808 c:\windows\ie8updates\KB2618444-IE8\ieproxy.dll
+ 2012-01-04 16:43 . 2011-08-22 23:41 184320 c:\windows\ie8updates\KB2618444-IE8\iepeers.dll
+ 2012-01-04 16:43 . 2011-08-22 23:41 743424 c:\windows\ie8updates\KB2618444-IE8\iedvtool.dll
+ 2012-01-04 16:43 . 2011-08-22 23:41 387584 c:\windows\ie8updates\KB2618444-IE8\iedkcs32.dll
+ 2012-01-04 16:43 . 2011-08-22 11:56 174080 c:\windows\ie8updates\KB2618444-IE8\ie4uinit.exe
+ 2012-01-04 16:45 . 2012-01-04 16:45 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_5b221387\System.Drawing.dll
+ 2012-01-04 16:45 . 2012-01-04 16:45 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_7305fdf7\System.Drawing.Design.dll
+ 2012-01-04 16:45 . 2012-01-04 16:45 118784 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_b6f893c6\CustomMarshalers.dll
+ 2012-01-04 16:47 . 2012-01-04 16:47 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\0bda7bdfaf440d5dd4bc6a1dea7ffa39\System.Web.Routing.ni.dll
+ 2012-01-05 07:56 . 2012-01-05 07:56 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\6e29f9faa74a48b83a13a3413b826295\System.Web.Extensions.Design.ni.dll
+ 2012-01-05 07:56 . 2012-01-05 07:56 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\be8965fe859bc53dff61579bf626858b\System.Web.Entity.ni.dll
+ 2012-01-04 16:47 . 2012-01-04 16:47 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\316c8b32ae76922e08278fc5675c7f67\System.Web.Entity.ni.dll
+ 2012-01-04 16:47 . 2012-01-04 16:47 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\90dc9d07db731898037e249b5d8af0ca\System.Web.Entity.Design.ni.dll
+ 2012-01-05 07:56 . 2012-01-05 07:56 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\8441b3eb247e0344fede848337ee911c\System.Web.Entity.Design.ni.dll
+ 2012-01-04 16:47 . 2012-01-04 16:47 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\506619be1ab8976c034ec8b0c3a7c5df\System.Web.DynamicData.ni.dll
+ 2012-01-05 07:56 . 2012-01-05 07:56 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\09c6a41f187ba483486cdb92dad714a1\System.Web.DynamicData.ni.dll
+ 2012-01-04 16:47 . 2012-01-04 16:47 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\5efb726d424b9712632eff749411fa89\System.Web.Abstractions.ni.dll
+ 2012-01-04 16:41 . 2012-01-04 16:41 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\3c272cad7afb127e2a2bdb8a5a808512\System.Runtime.Remoting.ni.dll
+ 2012-01-04 16:47 . 2012-01-04 16:47 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\f374e8e7849a72d1470b4a6a0771a137\System.Data.Entity.Design.ni.dll
+ 2012-01-04 16:46 . 2012-01-04 16:46 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\439732479756e0f6df88d29e50a402bf\ServiceModelReg.ni.exe
+ 2012-01-04 16:46 . 2012-01-04 16:46 302592 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\ac2082a41a02e779067ba468d84ee773\Microsoft.VisualStudio.Tools.Office.AppInfoDocument.v9.0.ni.dll
+ 2012-01-04 16:44 . 2012-01-04 16:44 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\bfcea15c95909860c4f4ac19bd7a2d6c\AspNetMMCExt.ni.dll
+ 2012-01-04 16:39 . 2012-01-04 16:39 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2011-10-12 13:33 . 2011-10-12 13:33 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2011-10-12 13:33 . 2011-10-12 13:33 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2012-01-04 16:39 . 2012-01-04 16:39 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2012-01-04 16:39 . 2012-01-04 16:39 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2011-10-12 13:33 . 2011-10-12 13:33 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2011-10-12 13:33 . 2011-10-12 13:33 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2012-01-04 16:39 . 2012-01-04 16:39 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2012-01-04 16:39 . 2012-01-04 16:39 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2011-10-12 13:33 . 2011-10-12 13:33 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2012-01-04 16:39 . 2012-01-04 16:39 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2011-10-12 13:33 . 2011-10-12 13:33 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2012-01-04 16:39 . 2012-01-04 16:39 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2011-10-12 13:33 . 2011-10-12 13:33 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2011-10-12 13:33 . 2011-10-12 13:33 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2012-01-04 16:39 . 2012-01-04 16:39 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2011-10-12 13:33 . 2011-10-12 13:33 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2012-01-04 16:39 . 2012-01-04 16:39 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2012-01-04 16:39 . 2012-01-04 16:39 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2011-10-12 13:33 . 2011-10-12 13:33 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2011-10-12 13:33 . 2011-10-12 13:33 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2012-01-04 16:39 . 2012-01-04 16:39 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2011-10-12 13:33 . 2011-10-12 13:33 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2012-01-04 16:39 . 2012-01-04 16:39 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2012-01-04 16:39 . 2012-01-04 16:39 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2011-10-12 13:33 . 2011-10-12 13:33 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2012-01-04 16:39 . 2012-01-04 16:39 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2011-10-12 13:33 . 2011-10-12 13:33 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2012-01-04 16:39 . 2012-01-04 16:39 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2011-10-12 13:33 . 2011-10-12 13:33 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2011-10-12 13:33 . 2011-10-12 13:33 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2012-01-04 16:39 . 2012-01-04 16:39 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2012-01-04 16:39 . 2012-01-04 16:39 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2011-10-12 13:33 . 2011-10-12 13:33 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2012-01-04 16:39 . 2012-01-04 16:39 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2011-10-12 13:33 . 2011-10-12 13:33 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2012-01-04 16:39 . 2012-01-04 16:39 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2011-10-12 13:33 . 2011-10-12 13:33 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2011-10-12 13:33 . 2011-10-12 13:33 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2012-01-04 16:39 . 2012-01-04 16:39 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2012-01-04 16:39 . 2012-01-04 16:39 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2011-10-12 13:33 . 2011-10-12 13:33 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2012-01-04 16:39 . 2012-01-04 16:39 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2011-10-12 13:33 . 2011-10-12 13:33 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2011-10-12 13:33 . 2011-10-12 13:33 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2012-01-04 16:39 . 2012-01-04 16:39 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2012-01-04 16:39 . 2012-01-04 16:39 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2011-10-12 13:33 . 2011-10-12 13:33 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2011-10-12 13:33 . 2011-10-12 13:33 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2012-01-04 16:39 . 2012-01-04 16:39 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2012-01-04 16:39 . 2012-01-04 16:39 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2011-10-12 13:33 . 2011-10-12 13:33 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2012-01-04 16:48 . 2012-01-04 16:48 350080 c:\windows\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll
+ 2007-08-02 12:00 . 2011-11-04 19:13 1212416 c:\windows\system32\urlmon.dll
- 2007-08-02 12:00 . 2011-08-22 23:41 1212416 c:\windows\system32\urlmon.dll
+ 2007-08-02 12:00 . 2011-11-04 19:13 5978112 c:\windows\system32\mshtml.dll
+ 2007-08-13 17:34 . 2011-11-04 19:13 2000384 c:\windows\system32\iertutil.dll
- 2007-08-13 17:34 . 2011-08-22 23:41 2000384 c:\windows\system32\iertutil.dll
+ 2008-10-15 10:21 . 2011-11-23 14:40 1859584 c:\windows\system32\dllcache\win32k.sys
- 2007-08-02 12:00 . 2011-08-22 23:41 1212416 c:\windows\system32\dllcache\urlmon.dll
+ 2007-08-02 12:00 . 2011-11-04 19:13 1212416 c:\windows\system32\dllcache\urlmon.dll
+ 2010-12-02 13:55 . 2011-11-01 16:07 1288192 c:\windows\system32\dllcache\ole32.dll
+ 2007-08-02 12:00 . 2011-11-04 19:13 5978112 c:\windows\system32\dllcache\mshtml.dll
+ 2007-10-29 16:31 . 2011-11-04 19:13 2000384 c:\windows\system32\dllcache\iertutil.dll
- 2007-10-29 16:31 . 2011-08-22 23:41 2000384 c:\windows\system32\dllcache\iertutil.dll
+ 2011-12-25 02:50 . 2011-12-25 02:50 5246976 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2011-12-25 10:07 . 2011-12-25 10:07 2064384 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Windows.Forms.dll
+ 2011-12-25 10:06 . 2011-12-25 10:06 1269760 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2011-12-25 10:06 . 2011-12-25 10:06 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2011-07-08 11:59 . 2011-07-08 11:59 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2011-12-24 21:54 . 2011-12-24 21:54 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
- 2011-07-07 10:02 . 2011-07-07 10:02 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
- 2011-07-07 10:02 . 2011-07-07 10:02 2527232 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
+ 2011-12-24 21:53 . 2011-12-24 21:53 2527232 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
- 2011-07-08 11:59 . 2011-07-08 11:59 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2011-12-25 10:06 . 2011-12-25 10:06 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2011-11-01 12:34 . 2011-11-01 12:34 4250112 c:\windows\Installer\6f352.msp
+ 2011-12-26 08:59 . 2011-12-26 08:59 4368896 c:\windows\Installer\6f32c.msp
+ 2011-11-01 12:34 . 2011-11-01 12:34 2247168 c:\windows\Installer\6f322.msp
+ 2011-10-29 22:10 . 2011-10-29 22:10 6824960 c:\windows\Installer\6f30f.msp
- 2007-12-14 06:55 . 2012-01-02 14:44 1172240 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\xlicons.exe
+ 2007-12-14 06:55 . 2012-01-04 16:48 1172240 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\xlicons.exe
+ 2007-12-14 06:55 . 2012-01-04 16:48 1165584 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\accicons.exe
- 2007-12-14 06:55 . 2012-01-02 14:44 1165584 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\accicons.exe
+ 2012-01-04 16:43 . 2011-08-22 23:41 1212416 c:\windows\ie8updates\KB2618444-IE8\urlmon.dll
+ 2012-01-04 16:43 . 2011-10-03 08:31 5971456 c:\windows\ie8updates\KB2618444-IE8\mshtml.dll
+ 2012-01-04 16:43 . 2011-08-22 23:41 2000384 c:\windows\ie8updates\KB2618444-IE8\iertutil.dll
+ 2012-01-04 16:44 . 2012-01-04 16:44 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_4deff74c\System.dll
+ 2012-01-04 16:45 . 2012-01-04 16:45 4792320 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_328c759c\System.dll
+ 2012-01-04 16:45 . 2012-01-04 16:45 5513216 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_ef22a711\System.Xml.dll
+ 2012-01-04 16:45 . 2012-01-04 16:45 2088960 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_a02f5d44\System.Xml.dll
+ 2012-01-04 16:45 . 2012-01-04 16:45 3035136 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_d3821ed3\System.Windows.Forms.dll
+ 2012-01-04 16:45 . 2012-01-04 16:45 7917568 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_0f90e57a\System.Windows.Forms.dll
+ 2012-01-04 16:45 . 2012-01-04 16:45 2244608 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_7b85628a\System.Drawing.dll
+ 2012-01-04 16:45 . 2012-01-04 16:45 1466368 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_88076238\System.Design.dll
+ 2012-01-04 16:45 . 2012-01-04 16:45 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_2cc918a8\System.Design.dll
+ 2012-01-04 16:45 . 2012-01-04 16:45 3391488 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_f3609f6e\mscorlib.dll
+ 2012-01-04 16:45 . 2012-01-04 16:45 8908800 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_66453d64\mscorlib.dll
+ 2012-01-05 07:57 . 2012-01-05 07:57 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\05c29118462056cf810df0b6aa660d05\System.WorkflowServices.ni.dll
+ 2012-01-05 07:57 . 2012-01-05 07:57 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\26b3258c559dc0ab6bdce481ffd458b3\System.Workflow.Runtime.ni.dll
+ 2012-01-05 07:57 . 2012-01-05 07:57 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\1642d1b72cd84caf24cbe7c5e8fd8368\System.Workflow.ComponentModel.ni.dll
+ 2012-01-05 07:57 . 2012-01-05 07:57 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\32ce12c3c2049f2df94c44c94b052e16\System.Workflow.Activities.ni.dll
+ 2012-01-04 16:42 . 2012-01-04 16:42 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\f63ae1310e004777e880f28377bcddd2\System.Web.Services.ni.dll
+ 2012-01-05 07:56 . 2012-01-05 07:56 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\c99b02434e71ca9898bebbc08d63e885\System.Web.Mobile.ni.dll
+ 2012-01-05 07:56 . 2012-01-05 07:56 2405888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\c8f78b9e94857fdf6c2a378dd1629ee0\System.Web.Extensions.ni.dll
+ 2012-01-04 16:47 . 2012-01-04 16:47 2405376 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\8f99ddc1af0e50ac410158b243ce253d\System.Web.Extensions.ni.dll
+ 2012-01-05 07:56 . 2012-01-05 07:56 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\ae749b024162e9ac79110c633b5ce6be\System.ServiceModel.Web.ni.dll
+ 2012-01-04 16:47 . 2012-01-04 16:47 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\2fd3f0c5a40653917000e251cd3fc7bb\System.ServiceModel.Web.ni.dll
+ 2012-01-04 16:44 . 2012-01-04 16:44 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\23eb4618c9d171be9fb551a13a475a32\System.IdentityModel.ni.dll
+ 2012-01-04 16:47 . 2012-01-04 16:47 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\f35064c125799df650c1a959d8fa450b\System.Data.Services.ni.dll
+ 2012-01-04 16:46 . 2012-01-04 16:46 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\a86c12788293105a0d9fda1bc90c90bc\Microsoft.VisualBasic.ni.dll
- 2011-10-12 13:33 . 2011-10-12 13:33 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2011-10-12 13:33 . 2012-01-04 16:39 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2011-10-12 13:33 . 2011-10-12 13:33 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2012-01-04 16:39 . 2012-01-04 16:39 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2011-10-12 13:33 . 2011-10-12 13:33 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-01-04 16:39 . 2012-01-04 16:39 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2010-12-04 03:52 . 2010-12-04 03:52 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2010-12-04 03:52 . 2012-01-04 16:47 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
- 2011-10-12 13:33 . 2011-10-12 13:33 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2011-10-12 13:33 . 2012-01-04 16:39 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2011-10-12 13:33 . 2012-01-04 16:39 5246976 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2011-10-12 13:33 . 2012-01-04 16:39 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2011-10-12 13:33 . 2011-10-12 13:33 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2011-10-12 13:33 . 2012-01-04 16:39 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2011-10-12 13:33 . 2011-10-12 13:33 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2012-01-04 16:44 . 2012-01-04 16:44 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
- 2011-10-12 12:58 . 2011-10-12 12:58 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2012-01-04 16:44 . 2012-01-04 16:44 2064384 c:\windows\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-01-04 16:44 . 2012-01-04 16:44 1269760 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2007-08-13 17:54 . 2011-11-05 13:13 11081728 c:\windows\system32\ieframe.dll
- 2007-08-13 17:54 . 2011-08-23 15:41 11081728 c:\windows\system32\ieframe.dll
- 2007-10-29 16:31 . 2011-08-23 15:41 11081728 c:\windows\system32\dllcache\ieframe.dll
+ 2007-10-29 16:31 . 2011-11-05 13:13 11081728 c:\windows\system32\dllcache\ieframe.dll
+ 2011-12-26 16:02 . 2011-12-26 16:02 12482048 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M2656353\M2656353Uninstall.msp
+ 2011-12-26 08:02 . 2011-12-26 08:02 19677184 c:\windows\Installer\6f345.msp
+ 2012-01-04 16:43 . 2011-08-23 15:41 11081728 c:\windows\ie8updates\KB2618444-IE8\ieframe.dll
+ 2012-01-04 16:42 . 2012-01-04 16:42 11817472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\62e34cfb5a8b233667c7c5a47a32ad93\System.Web.ni.dll
+ 2012-01-04 16:46 . 2012-01-04 16:46 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\2dac4fc006596760cd4988d0bfd52ff0\System.ServiceModel.ni.dll
+ 2012-01-04 16:42 . 2012-01-04 16:42 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\9e15d80ffb037e9171fa4bd2e0233497\System.Design.ni.dll
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-03-21 16126464]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-07 102400]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-04-21 162584]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 75304]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"POPUPTV"="c:\program files\ASUS\PopupTV\ExpressTV.exe" [2009-02-20 708608]
"USB Storage Toolbox"="c:\windows\UMStor\Res.EXE" [2005-09-14 65536]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2012-01-02 2078048]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-12-09 1226608]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-04 435096]
.
c:\documents and settings\autocont.NB-BOREK\Nabídka Start\Programy\Po spuštění\
_uninst_.lnk - c:\documents and settings\autocont.NB-BOREK\Local Settings\temp\_uninst_.bat [N/A]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Action Manager 32.lnk - c:\program files\ScannerU\AM32.exe [2007-11-14 69632]
Akcelerátor spuštění AutoCADu.lnk - c:\program files\Common Files\Autodesk Shared\acstart17.exe [2006-3-5 11000]
AutoCAD Startup Accelerator.lnk - c:\program files\Common Files\Autodesk Shared\acstart16.exe [2006-9-23 10872]
Místní vyhledávání.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2007-2-5 118784]
TMMonitor.lnk - c:\program files\ArcSoft\TotalMedia 3.5\TMMonitor.exe [2009-12-23 258048]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2007-02-05 294400]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2012-01-02 13:43 12536 ----a-w- c:\windows\system32\avgrsstx.dll
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Google\\Google SketchUp 7\\SketchUp.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2.1.2012 14:27 52872]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2.1.2012 14:27 216400]
R1 AvgTdiX;AVG Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2.1.2012 14:27 243152]
R2 avg9emc;AVG E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [2.1.2012 14:26 916480]
R2 avg9wd;AVG WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2.1.2012 14:43 299520]
S2 avgagent;AVG7 Remote Support Service (AvgAgent);avgagent.exe /srvfsys --> avgagent.exe [?]
S2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run --> c:\windows\system32\hasplms.exe -run [?]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [4.1.2012 10:47 40776]
S3 uxkx1;ASUS MyCinema DiBcom based digital tuner device;c:\windows\system32\drivers\uxkx1.sys [23.12.2009 20:07 609280]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Obsah adresáře 'Naplánované úlohy'
.
2012-01-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-05 15:05]
.
2012-01-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-05 15:05]
.
2012-01-05 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2119669116-2072395555-1277150550-1142.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]
.
2012-01-05 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2119669116-2072395555-1277150550-1157.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]
.
2012-01-03 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2119669116-2072395555-1277150550-1142.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]
.
2012-01-02 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2119669116-2072395555-1277150550-1157.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]
.
.
------- Doplňkový sken -------
.
TCP: DhcpNameServer = 192.168.0.1
DPF: Garmin Communicator Plug-In - hxxps://my.garmin.com/mygarmin/m/GarminAxControl.CAB
DPF: {1F831FA2-42FC-11D4-95A6-0080AD30DCE1} - file:///C:/Program%20Files/AutoCAD%20LT%202000i%20Cz/InstFred.ocx
DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://85.207.254.4/activex/AMC.cab
FF - ProfilePath - c:\documents and settings\autocont.NB-BOREK\Data aplikací\Mozilla\Firefox\Profiles\aatamr35.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-conduitEngine - c:\program files\ConduitEngine\ConduitEngineUninstall.exe
AddRemove-ESET Online Scanner - c:\program files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-01-05 09:07
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(1888)
c:\program files\ScanSoft\OmniPageSE4.0\OpHookSE4.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVG\AVG9\avgchsvx.exe
c:\program files\AVG\AVG9\avgrsx.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\AVG\AVG9\avgam.exe
c:\program files\AVG\AVG9\avgnsx.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\windows\system32\wscntfy.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\windows\RTHDCPL.EXE
c:\program files\Synaptics\SynTP\SynTPEnh.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\docume~1\AUTOCO~1.NB-\LOCALS~1\Temp\RtkBtMnt.exe
.
**************************************************************************
.
Celkový čas: 2012-01-05 09:13:31 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-01-05 08:13
ComboFix2.txt 2012-01-04 16:22
ComboFix3.txt 2012-01-04 14:57
.
Před spuštěním: Volných bajtů: 34 239 803 392
Po spuštění: Volných bajtů: 34 525 696 000
.
- - End Of File - - 6DD7095F3C05703383ED0D36A7ACDD89
Obrázek

Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Zavirování - proces: "cislo:cislo.exe"

#12 Příspěvek od motji »

Já tu budu večer asi od 20.hodin :) . Pořád se mi tam něco nezdá, můžu znovu poprosit o log z TDSS killeru?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.

honnza
Návštěvník
Návštěvník
Příspěvky: 29
Registrován: 06 bře 2005 10:18
Bydliště: Nový Jičín
Kontaktovat uživatele:

Re: Zavirování - proces: "cislo:cislo.exe"

#13 Příspěvek od honnza »

Dobrý ráno, přikládám log:

09:24:57.0937 0876 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
09:24:57.0953 0876 ============================================================
09:24:57.0953 0876 Current date / time: 2012/01/05 09:24:57.0953
09:24:57.0953 0876 SystemInfo:
09:24:57.0953 0876
09:24:57.0953 0876 OS Version: 5.1.2600 ServicePack: 3.0
09:24:57.0953 0876 Product type: Workstation
09:24:57.0953 0876 ComputerName: NB-BOREK
09:24:57.0953 0876 UserName: autocont
09:24:57.0953 0876 Windows directory: C:\WINDOWS
09:24:57.0953 0876 System windows directory: C:\WINDOWS
09:24:57.0953 0876 Processor architecture: Intel x86
09:24:57.0953 0876 Number of processors: 1
09:24:57.0953 0876 Page size: 0x1000
09:24:57.0953 0876 Boot type: Normal boot
09:24:57.0953 0876 ============================================================
09:24:58.0765 0876 Initialize success
09:25:15.0906 1476 ============================================================
09:25:15.0906 1476 Scan started
09:25:15.0906 1476 Mode: Manual; SigCheck; TDLFS;
09:25:15.0906 1476 ============================================================
09:25:17.0234 1476 Abiosdsk - ok
09:25:17.0265 1476 abp480n5 - ok
09:25:17.0343 1476 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
09:25:18.0250 1476 ACPI - ok
09:25:18.0343 1476 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
09:25:18.0531 1476 ACPIEC - ok
09:25:18.0609 1476 adpu160m - ok
09:25:18.0656 1476 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
09:25:18.0781 1476 aec - ok
09:25:18.0843 1476 Afc (fe3ea6e9afc1a78e6edca121e006afb7) C:\WINDOWS\system32\drivers\Afc.sys
09:25:18.0875 1476 Afc - ok
09:25:18.0921 1476 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
09:25:18.0968 1476 AFD - ok
09:25:19.0015 1476 Aha154x - ok
09:25:19.0046 1476 aic78u2 - ok
09:25:19.0062 1476 aic78xx - ok
09:25:19.0140 1476 aksfridge (cb5a5079744a0535416d3a5e462c5efe) C:\WINDOWS\system32\DRIVERS\aksfridge.sys
09:25:19.0234 1476 aksfridge - ok
09:25:19.0343 1476 akshasp (1a27f5555448cc2d29d281b11f39177e) C:\WINDOWS\system32\DRIVERS\akshasp.sys
09:25:19.0390 1476 akshasp - ok
09:25:19.0421 1476 akshhl (147b61b81be1ffc38939ea47e5cfb51f) C:\WINDOWS\system32\DRIVERS\akshhl.sys
09:25:19.0453 1476 akshhl - ok
09:25:19.0484 1476 aksusb (b4ad9f5d78f27e0c6994e0cb05c60e21) C:\WINDOWS\system32\DRIVERS\aksusb.sys
09:25:19.0515 1476 aksusb - ok
09:25:19.0531 1476 AliIde - ok
09:25:19.0546 1476 amsint - ok
09:25:19.0609 1476 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
09:25:19.0734 1476 Arp1394 - ok
09:25:19.0750 1476 asc - ok
09:25:19.0765 1476 asc3350p - ok
09:25:19.0781 1476 asc3550 - ok
09:25:19.0859 1476 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
09:25:20.0000 1476 AsyncMac - ok
09:25:20.0046 1476 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
09:25:20.0171 1476 atapi - ok
09:25:20.0234 1476 Atdisk - ok
09:25:20.0296 1476 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
09:25:20.0437 1476 Atmarpc - ok
09:25:20.0500 1476 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
09:25:20.0640 1476 audstub - ok
09:25:20.0718 1476 AvgLdx86 (b8c187439d27aba430dd69fdcf1fa657) C:\WINDOWS\system32\Drivers\avgldx86.sys
09:25:20.0734 1476 AvgLdx86 - ok
09:25:20.0765 1476 AvgMfx86 (80ff2b1b7eeda966394f0baa895bbf4b) C:\WINDOWS\system32\Drivers\avgmfx86.sys
09:25:20.0781 1476 AvgMfx86 - ok
09:25:20.0812 1476 AvgRkx86 (5bbcd8646074a3af4ee9b321d12c2b64) C:\WINDOWS\system32\Drivers\avgrkx86.sys
09:25:20.0828 1476 AvgRkx86 - ok
09:25:20.0890 1476 AvgTdiX (9a7a93388f503a34e7339ae7f9997449) C:\WINDOWS\system32\Drivers\avgtdix.sys
09:25:20.0906 1476 AvgTdiX - ok
09:25:20.0984 1476 b57w2k (f96038aa1ec4013a93d2420fc689d1e9) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
09:25:21.0031 1476 b57w2k - ok
09:25:21.0109 1476 BCM43XX (b89bcf0a25aeb3b47030ac83287f894a) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
09:25:21.0171 1476 BCM43XX - ok
09:25:21.0203 1476 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
09:25:21.0343 1476 Beep - ok
09:25:21.0375 1476 C-Dilla - ok
09:25:21.0375 1476 catchme - ok
09:25:21.0406 1476 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
09:25:21.0562 1476 cbidf2k - ok
09:25:21.0656 1476 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
09:25:21.0796 1476 CCDECODE - ok
09:25:21.0843 1476 cd20xrnt - ok
09:25:21.0921 1476 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
09:25:22.0062 1476 Cdaudio - ok
09:25:22.0140 1476 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
09:25:22.0281 1476 Cdfs - ok
09:25:22.0359 1476 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
09:25:22.0515 1476 Cdrom - ok
09:25:22.0546 1476 Changer - ok
09:25:22.0609 1476 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
09:25:22.0734 1476 CmBatt - ok
09:25:22.0781 1476 CmdIde - ok
09:25:22.0828 1476 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
09:25:22.0953 1476 Compbatt - ok
09:25:23.0000 1476 Cpqarray - ok
09:25:23.0031 1476 dac2w2k - ok
09:25:23.0078 1476 dac960nt - ok
09:25:23.0125 1476 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
09:25:23.0265 1476 Disk - ok
09:25:23.0375 1476 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
09:25:23.0546 1476 dmboot - ok
09:25:23.0656 1476 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
09:25:23.0765 1476 dmio - ok
09:25:23.0875 1476 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
09:25:24.0015 1476 dmload - ok
09:25:24.0093 1476 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
09:25:24.0218 1476 DMusic - ok
09:25:24.0296 1476 dpti2o - ok
09:25:24.0328 1476 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
09:25:24.0453 1476 drmkaud - ok
09:25:24.0500 1476 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
09:25:24.0625 1476 Fastfat - ok
09:25:24.0718 1476 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
09:25:24.0843 1476 Fdc - ok
09:25:24.0921 1476 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
09:25:25.0046 1476 Fips - ok
09:25:25.0125 1476 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
09:25:25.0250 1476 Flpydisk - ok
09:25:25.0328 1476 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
09:25:25.0468 1476 FltMgr - ok
09:25:25.0515 1476 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:25:25.0640 1476 Fs_Rec - ok
09:25:25.0750 1476 FTDIBUS (a36e8beedb3aaca09bf55a1d17904bc8) C:\WINDOWS\system32\drivers\ftdibus.sys
09:25:25.0750 1476 FTDIBUS - ok
09:25:25.0796 1476 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
09:25:25.0937 1476 Ftdisk - ok
09:25:26.0046 1476 FTSER2K (a14a1f4bb391df9c233cb5dbd05feb70) C:\WINDOWS\system32\drivers\ftser2k.sys
09:25:26.0062 1476 FTSER2K - ok
09:25:26.0093 1476 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
09:25:26.0234 1476 Gpc - ok
09:25:26.0281 1476 grmnusb (6003bc70f1a8307262bd3c941bda0b7e) C:\WINDOWS\system32\drivers\grmnusb.sys
09:25:26.0328 1476 grmnusb - ok
09:25:26.0437 1476 hardlock (9de9a7a19195c57ef38b4ee25422f2d7) C:\WINDOWS\system32\drivers\hardlock.sys
09:25:26.0500 1476 hardlock - ok
09:25:26.0562 1476 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
09:25:26.0687 1476 HDAudBus - ok
09:25:26.0718 1476 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
09:25:26.0843 1476 HidUsb - ok
09:25:26.0890 1476 hpn - ok
09:25:26.0968 1476 HSFHWAZL (7d33d2b81bd8b4bc51b536b113295d51) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
09:25:27.0015 1476 HSFHWAZL - ok
09:25:27.0093 1476 HSF_DPV (fb6ad8a16e22c91d5978b26e0300a331) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
09:25:27.0187 1476 HSF_DPV - ok
09:25:27.0250 1476 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
09:25:27.0296 1476 HTTP - ok
09:25:27.0375 1476 i2omgmt - ok
09:25:27.0390 1476 i2omp - ok
09:25:27.0421 1476 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
09:25:27.0562 1476 i8042prt - ok
09:25:27.0828 1476 ialm (28423512370705aeda6a652fedb25468) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
09:25:28.0250 1476 ialm - ok
09:25:28.0328 1476 igfx - ok
09:25:28.0390 1476 imagedrv (0a7c49b48c772591a2d362daa00246c8) C:\WINDOWS\system32\Drivers\imagedrv.sys
09:25:28.0406 1476 imagedrv ( UnsignedFile.Multi.Generic ) - warning
09:25:28.0406 1476 imagedrv - detected UnsignedFile.Multi.Generic (1)
09:25:28.0437 1476 imagesrv (549ba4f539e7b8d8129500b96dd7b27a) C:\WINDOWS\system32\DRIVERS\imagesrv.sys
09:25:28.0453 1476 imagesrv ( UnsignedFile.Multi.Generic ) - warning
09:25:28.0453 1476 imagesrv - detected UnsignedFile.Multi.Generic (1)
09:25:28.0500 1476 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
09:25:28.0625 1476 Imapi - ok
09:25:28.0687 1476 ini910u - ok
09:25:28.0890 1476 IntcAzAudAddService (cbddab14249b2f05407fc09ab8fffb88) C:\WINDOWS\system32\drivers\RtkHDAud.sys
09:25:29.0250 1476 IntcAzAudAddService - ok
09:25:29.0281 1476 IntelIde - ok
09:25:29.0328 1476 intelppm (27b290d632af2cf3cf40bfddb7370985) C:\WINDOWS\system32\DRIVERS\intelppm.sys
09:25:29.0453 1476 intelppm - ok
09:25:29.0531 1476 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
09:25:29.0656 1476 Ip6Fw - ok
09:25:29.0734 1476 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:25:29.0875 1476 IpFilterDriver - ok
09:25:29.0937 1476 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
09:25:30.0062 1476 IpInIp - ok
09:25:30.0125 1476 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
09:25:30.0265 1476 IpNat - ok
09:25:30.0343 1476 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
09:25:30.0468 1476 IPSec - ok
09:25:30.0484 1476 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
09:25:30.0625 1476 irda - ok
09:25:30.0687 1476 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
09:25:30.0796 1476 IRENUM - ok
09:25:30.0875 1476 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
09:25:30.0984 1476 isapnp - ok
09:25:31.0046 1476 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
09:25:31.0171 1476 Kbdclass - ok
09:25:31.0250 1476 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
09:25:31.0375 1476 kbdhid - ok
09:25:31.0421 1476 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
09:25:31.0562 1476 kmixer - ok
09:25:31.0640 1476 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
09:25:31.0687 1476 KSecDD - ok
09:25:31.0734 1476 lbrtfdc - ok
09:25:31.0796 1476 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
09:25:31.0812 1476 MBAMSwissArmy - ok
09:25:31.0890 1476 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
09:25:31.0921 1476 mdmxsdk - ok
09:25:31.0968 1476 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
09:25:32.0109 1476 mnmdd - ok
09:25:32.0140 1476 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
09:25:32.0265 1476 Modem - ok
09:25:32.0359 1476 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
09:25:32.0484 1476 Mouclass - ok
09:25:32.0562 1476 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
09:25:32.0671 1476 mouhid - ok
09:25:32.0765 1476 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
09:25:32.0890 1476 MountMgr - ok
09:25:32.0968 1476 MPE (c0f8e0c2c3c0437cf37c6781896dc3ec) C:\WINDOWS\system32\DRIVERS\MPE.sys
09:25:33.0093 1476 MPE - ok
09:25:33.0140 1476 mraid35x - ok
09:25:33.0187 1476 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
09:25:33.0312 1476 MRxDAV - ok
09:25:33.0406 1476 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
09:25:33.0484 1476 MRxSmb - ok
09:25:33.0593 1476 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
09:25:33.0703 1476 Msfs - ok
09:25:33.0781 1476 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
09:25:33.0906 1476 MSKSSRV - ok
09:25:34.0000 1476 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
09:25:34.0140 1476 MSPCLOCK - ok
09:25:34.0203 1476 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
09:25:34.0359 1476 MSPQM - ok
09:25:34.0453 1476 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
09:25:34.0578 1476 mssmbios - ok
09:25:34.0734 1476 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
09:25:34.0906 1476 MSTEE - ok
09:25:35.0000 1476 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
09:25:35.0031 1476 Mup - ok
09:25:35.0093 1476 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
09:25:35.0234 1476 NABTSFEC - ok
09:25:35.0328 1476 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
09:25:35.0468 1476 NDIS - ok
09:25:35.0515 1476 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
09:25:35.0656 1476 NdisIP - ok
09:25:35.0718 1476 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:25:35.0765 1476 NdisTapi - ok
09:25:35.0812 1476 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
09:25:35.0937 1476 Ndisuio - ok
09:25:35.0953 1476 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:25:36.0093 1476 NdisWan - ok
09:25:36.0156 1476 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
09:25:36.0187 1476 NDProxy - ok
09:25:36.0218 1476 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
09:25:36.0343 1476 NetBIOS - ok
09:25:36.0390 1476 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
09:25:36.0546 1476 NetBT - ok
09:25:36.0625 1476 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
09:25:36.0734 1476 NIC1394 - ok
09:25:36.0843 1476 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
09:25:36.0968 1476 Npfs - ok
09:25:37.0031 1476 NSCIRDA (2adc0ca9945c65284b3d19bc18765974) C:\WINDOWS\system32\DRIVERS\nscirda.sys
09:25:37.0156 1476 NSCIRDA - ok
09:25:37.0265 1476 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
09:25:37.0390 1476 Ntfs - ok
09:25:37.0453 1476 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
09:25:37.0593 1476 Null - ok
09:25:37.0671 1476 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
09:25:37.0812 1476 NwlnkFlt - ok
09:25:37.0906 1476 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
09:25:38.0031 1476 NwlnkFwd - ok
09:25:38.0109 1476 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
09:25:38.0234 1476 ohci1394 - ok
09:25:38.0312 1476 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\drivers\Parport.sys
09:25:38.0437 1476 Parport - ok
09:25:38.0515 1476 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
09:25:38.0640 1476 PartMgr - ok
09:25:38.0718 1476 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
09:25:38.0859 1476 ParVdm - ok
09:25:38.0953 1476 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
09:25:39.0078 1476 PCI - ok
09:25:39.0156 1476 PCIDump - ok
09:25:39.0218 1476 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
09:25:39.0343 1476 PCIIde - ok
09:25:39.0406 1476 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
09:25:39.0531 1476 Pcmcia - ok
09:25:39.0578 1476 PDCOMP - ok
09:25:39.0593 1476 PDFRAME - ok
09:25:39.0609 1476 PDRELI - ok
09:25:39.0625 1476 PDRFRAME - ok
09:25:39.0640 1476 perc2 - ok
09:25:39.0671 1476 perc2hib - ok
09:25:39.0937 1476 pfc (957b82ec80ad7ead64e5e47df6b0dc40) C:\WINDOWS\system32\drivers\pfc.sys
09:25:39.0968 1476 pfc ( UnsignedFile.Multi.Generic ) - warning
09:25:39.0968 1476 pfc - detected UnsignedFile.Multi.Generic (1)
09:25:40.0046 1476 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
09:25:40.0187 1476 PptpMiniport - ok
09:25:40.0265 1476 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
09:25:40.0390 1476 PSched - ok
09:25:40.0453 1476 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
09:25:40.0578 1476 Ptilink - ok
09:25:40.0671 1476 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
09:25:40.0687 1476 PxHelp20 - ok
09:25:40.0703 1476 ql1080 - ok
09:25:40.0734 1476 Ql10wnt - ok
09:25:40.0765 1476 ql12160 - ok
09:25:40.0796 1476 ql1240 - ok
09:25:40.0828 1476 ql1280 - ok
09:25:40.0859 1476 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:25:41.0000 1476 RasAcd - ok
09:25:41.0109 1476 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
09:25:41.0171 1476 Rasirda - ok
09:25:41.0265 1476 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
09:25:41.0390 1476 Rasl2tp - ok
09:25:41.0468 1476 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
09:25:41.0593 1476 RasPppoe - ok
09:25:41.0656 1476 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
09:25:41.0781 1476 Raspti - ok
09:25:41.0859 1476 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:25:41.0984 1476 Rdbss - ok
09:25:42.0062 1476 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
09:25:42.0187 1476 RDPCDD - ok
09:25:42.0265 1476 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
09:25:42.0406 1476 rdpdr - ok
09:25:42.0484 1476 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
09:25:42.0531 1476 RDPWD - ok
09:25:42.0578 1476 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
09:25:42.0703 1476 redbook - ok
09:25:42.0812 1476 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
09:25:42.0937 1476 sdbus - ok
09:25:43.0031 1476 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
09:25:43.0156 1476 Secdrv - ok
09:25:43.0250 1476 Serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
09:25:43.0375 1476 Serenum - ok
09:25:43.0437 1476 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\drivers\Serial.sys
09:25:43.0562 1476 Serial - ok
09:25:43.0609 1476 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
09:25:43.0734 1476 Sfloppy - ok
09:25:43.0750 1476 Simbad - ok
09:25:43.0796 1476 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
09:25:43.0937 1476 SLIP - ok
09:25:44.0000 1476 Sparrow - ok
09:25:44.0046 1476 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
09:25:44.0187 1476 splitter - ok
09:25:44.0250 1476 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
09:25:44.0375 1476 sr - ok
09:25:44.0437 1476 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
09:25:44.0468 1476 Srv - ok
09:25:44.0531 1476 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
09:25:44.0656 1476 streamip - ok
09:25:44.0718 1476 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
09:25:44.0828 1476 swenum - ok
09:25:44.0906 1476 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
09:25:45.0015 1476 swmidi - ok
09:25:45.0093 1476 symc810 - ok
09:25:45.0140 1476 symc8xx - ok
09:25:45.0171 1476 sym_hi - ok
09:25:45.0203 1476 sym_u3 - ok
09:25:45.0265 1476 SynTP (cc5da243cfdac58fc0408f7ce24084c5) C:\WINDOWS\system32\DRIVERS\SynTP.sys
09:25:45.0312 1476 SynTP - ok
09:25:45.0359 1476 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
09:25:45.0484 1476 sysaudio - ok
09:25:45.0562 1476 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
09:25:45.0593 1476 Tcpip - ok
09:25:45.0625 1476 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
09:25:45.0750 1476 TDPIPE - ok
09:25:45.0828 1476 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
09:25:45.0937 1476 TDTCP - ok
09:25:46.0015 1476 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
09:25:46.0140 1476 TermDD - ok
09:25:46.0265 1476 tifm21 (e4c85c291ddb3dc5e4a2f227ca465ba6) C:\WINDOWS\system32\drivers\tifm21.sys
09:25:46.0296 1476 tifm21 - ok
09:25:46.0328 1476 TosIde - ok
09:25:46.0390 1476 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
09:25:46.0515 1476 Udfs - ok
09:25:46.0578 1476 ultra - ok
09:25:46.0656 1476 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
09:25:46.0796 1476 Update - ok
09:25:46.0875 1476 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
09:25:47.0000 1476 usbccgp - ok
09:25:47.0078 1476 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
09:25:47.0203 1476 usbehci - ok
09:25:47.0296 1476 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
09:25:47.0406 1476 usbhub - ok
09:25:47.0515 1476 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
09:25:47.0625 1476 usbscan - ok
09:25:47.0687 1476 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
09:25:47.0812 1476 USBSTOR - ok
09:25:47.0875 1476 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
09:25:48.0015 1476 usbuhci - ok
09:25:48.0109 1476 uxkx1 (c085eebdb5824f7ee08c2a57c809db72) C:\WINDOWS\system32\DRIVERS\uxkx1.sys
09:25:48.0171 1476 uxkx1 - ok
09:25:48.0250 1476 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
09:25:48.0375 1476 VgaSave - ok
09:25:48.0421 1476 ViaIde - ok
09:25:48.0484 1476 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
09:25:48.0609 1476 VolSnap - ok
09:25:48.0718 1476 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:25:48.0828 1476 Wanarp - ok
09:25:48.0890 1476 WDICA - ok
09:25:48.0953 1476 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
09:25:49.0078 1476 wdmaud - ok
09:25:49.0203 1476 winachsf (9692ab8ba2dcd649a86b1b9b81154278) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
09:25:49.0250 1476 winachsf - ok
09:25:49.0328 1476 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
09:25:49.0453 1476 WmiAcpi - ok
09:25:49.0531 1476 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
09:25:49.0640 1476 WS2IFSL - ok
09:25:49.0734 1476 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
09:25:49.0859 1476 WSTCODEC - ok
09:25:49.0953 1476 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
09:25:49.0984 1476 WudfPf - ok
09:25:50.0015 1476 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
09:25:50.0046 1476 WudfRd - ok
09:25:50.0109 1476 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
09:25:50.0312 1476 \Device\Harddisk0\DR0 - ok
09:25:50.0328 1476 Boot (0x1200) (ad6e4e26669456032452fb55a5dbf45e) \Device\Harddisk0\DR0\Partition0
09:25:50.0328 1476 \Device\Harddisk0\DR0\Partition0 - ok
09:25:50.0328 1476 ============================================================
09:25:50.0328 1476 Scan finished
09:25:50.0328 1476 ============================================================
09:25:50.0468 3540 Detected object count: 3
09:25:50.0468 3540 Actual detected object count: 3
09:25:57.0546 3540 imagedrv ( UnsignedFile.Multi.Generic ) - skipped by user
09:25:57.0546 3540 imagedrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:25:57.0546 3540 imagesrv ( UnsignedFile.Multi.Generic ) - skipped by user
09:25:57.0546 3540 imagesrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:25:57.0546 3540 pfc ( UnsignedFile.Multi.Generic ) - skipped by user
09:25:57.0546 3540 pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:26:01.0828 2884 Deinitialize success
Obrázek

Uživatelský avatar
cernohous13
VIP in memoriam
VIP in memoriam
Příspěvky: 8721
Registrován: 09 pro 2006 06:19
Bydliště: Jablonec nad Nisou
Kontaktovat uživatele:

Re: Zavirování - proces: "cislo:cislo.exe"

#14 Příspěvek od cernohous13 »

Než se dostaví motji proveď
Klikni na https://www.virustotal.com/cs/
klik "Procházet" > do zadávacího pole "Název souboru" jen zkopíruj:

C:\WINDOWS\system32\drivers\pfc.sys

"Send file" (pokud byl již testován, nech testovat znovu - Reanalyse)
Trpělivě vyčkej dokončení scanu dokud se neobjeví konečný výsledek např.0/41
Do fóra zkopíruj výsledný log. nebo odkaz z adresního řádku na stránku.
Pokud nebude nález stačí jen oznámit
totéž se soubory:
C:\WINDOWS\system32\Drivers\imagedrv.sys
C:\WINDOWS\system32\DRIVERS\imagesrv.sys
Doporučení:
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím Obrázek

-------------------------------------------------------------------------------------------------
> Podpora fóra <

Odpovědět