Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

sirefef v ipsec.sys

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
looker
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 22 čer 2009 12:35

sirefef v ipsec.sys

#1 Příspěvek od looker »

Prosím o pomoc, Eset detekoval sirefef ale nedokáže ho odstranit.

Pustil jsem prozatím combofixe, detekoval rootkit činnost a restartoval se, log přikládám.
Pod něj i HJT log.

Díky za asistenci ;-)

ComboFix 12-03-30.06 - Administrator 30.03.2012 14:14:36.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.511.278 [GMT 2:00]
Spuštěný z: c:\documents and settings\Administrator\Plocha\AV\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Rezidentní štít AV je zapnutý
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Administrator\Local Settings\Data aplikací\21dcc058\U\800000cb.@
c:\documents and settings\Administrator\WINDOWS
c:\documents and settings\Default User\WINDOWS
c:\documents and settings\Standard\WINDOWS
c:\windows\$NtUninstallKB7803$\3489856048
c:\windows\$NtUninstallKB7803$\568115288\@
c:\windows\$NtUninstallKB7803$\568115288\L\sbcnbzxb
c:\windows\$NtUninstallKB7803$\568115288\loader.tlb
c:\windows\$NtUninstallKB7803$\568115288\U\@00000001
c:\windows\$NtUninstallKB7803$\568115288\U\@000000c0
c:\windows\$NtUninstallKB7803$\568115288\U\@000000cb
c:\windows\$NtUninstallKB7803$\568115288\U\@000000cf
c:\windows\$NtUninstallKB7803$\568115288\U\@80000000
c:\windows\$NtUninstallKB7803$\568115288\U\@800000c0
c:\windows\$NtUninstallKB7803$\568115288\U\@800000cb
c:\windows\$NtUninstallKB7803$\568115288\U\@800000cf
c:\windows\Downloaded Program Files\netpe32.inf
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\config\systemprofile\WINDOWS
c:\windows\system32\dds_log_ad13.cmd
c:\windows\system32\dds_log_trash.cmd
c:\windows\system32\dllcache\dlimport.exe
c:\windows\system32\msegcompid.dll
c:\windows\$NtUninstallKB7803$ . . . . nemohl být smazán
.
c:\windows\system32\drivers\ipsec.sys . . . je infikován!! . . . Failed to find a valid replacement.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-02-28 do 2012-03-30 )))))))))))))))))))))))))))))))
.
.
2012-03-30 10:53 . 2012-03-30 10:53 -------- d-sh--w- c:\documents and settings\Administrator\IECompatCache
2012-03-15 14:36 . 2008-04-13 19:39 5504 ----a-w- c:\windows\system32\drivers\MSTEE.sys
2012-03-15 14:35 . 2008-04-13 19:46 10880 ----a-w- c:\windows\system32\drivers\NdisIP.sys
2012-03-15 14:35 . 2008-04-13 19:46 15232 ----a-w- c:\windows\system32\drivers\StreamIP.sys
2012-03-15 14:35 . 2008-04-14 04:22 16384 ----a-w- c:\windows\system32\ipsink.ax
2012-03-15 14:35 . 2008-04-13 19:46 11136 ----a-w- c:\windows\system32\drivers\SLIP.sys
2012-03-15 14:35 . 2008-04-13 19:46 19200 ----a-w- c:\windows\system32\drivers\WSTCODEC.SYS
2012-03-15 14:35 . 2008-04-13 19:46 85248 ----a-w- c:\windows\system32\drivers\NABTSFEC.sys
2012-03-15 14:34 . 2008-04-13 19:46 17024 ----a-w- c:\windows\system32\drivers\CCDECODE.sys
2012-03-15 14:34 . 2008-04-13 19:45 60032 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys
2012-03-15 14:33 . 2008-04-14 04:22 54272 ----a-w- c:\windows\system32\vfwwdm32.dll
2012-03-15 14:33 . 2008-04-14 04:22 91648 ----a-w- c:\windows\system32\kswdmcap.ax
2012-03-15 14:33 . 2008-04-14 04:22 43008 ----a-w- c:\windows\system32\ksxbar.ax
2012-03-15 14:33 . 2008-04-14 04:22 61952 ----a-w- c:\windows\system32\kstvtune.ax
2012-03-15 14:33 . 2008-04-14 04:22 20992 ----a-w- c:\windows\system32\dshowext.ax
2012-03-08 13:46 . 2012-03-08 13:46 -------- d-----r- c:\documents and settings\LocalService\Oblíbené položky
2012-03-02 12:07 . 2012-03-02 12:07 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2012-03-02 11:53 . 2012-03-02 11:53 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\ESET
2012-03-02 11:52 . 2012-03-02 11:53 -------- d-sh--w- c:\documents and settings\Administrator\Local Settings\Data aplikací\21dcc058
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-03 09:57 . 1979-12-31 23:00 1860096 ----a-w- c:\windows\system32\win32k.sys
2012-01-11 19:07 . 2012-02-16 15:13 3072 ------w- c:\windows\system32\iacenc.dll
2012-01-09 16:20 . 2002-10-22 15:32 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
.
[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\asyncmac.sys
[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys
[-] 2004-08-04 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\asyncmac.sys
[-] 2004-08-03 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\asyncmac.sys
.
[-] 2002-09-23 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys
.
[-] 2008-04-14 . 1B6162FE7F66B1A71A4B70F941C4AA9B . 24576 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kbdclass.sys
[-] 2008-04-14 . 1B6162FE7F66B1A71A4B70F941C4AA9B . 24576 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys
[-] 2004-08-17 . 6F877BF8DC01A550CD666F3BEDB2213C . 24576 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\kbdclass.sys
[-] 2004-08-17 . 6F877BF8DC01A550CD666F3BEDB2213C . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\kbdclass.sys
.
[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ndis.sys
[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys
[-] 2004-08-04 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\ndis.sys
[-] 2004-08-03 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ndis.sys
.
[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntfs.sys
[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys
[-] 2007-02-09 . 05AB81909514BFD69CBB1F2C147CF6B9 . 574976 . . [5.1.2600.3081] . . c:\windows\$hf_mig$\KB930916\SP2QFE\ntfs.sys
[-] 2007-02-09 . 19A811EF5F1ED5C926A028CE107FF1AF . 574464 . . [5.1.2600.3081] . . c:\windows\$NtServicePackUninstall$\ntfs.sys
[-] 2004-08-04 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\ntfs.sys
[-] 2004-08-03 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB930916$\ntfs.sys
.
[-] 2002-09-23 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys
.
[-] 2008-04-14 . 249276D3EF1E74B992299CB96099E4D7 . 77824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\browser.dll
[-] 2008-04-14 . 249276D3EF1E74B992299CB96099E4D7 . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll
[-] 2004-08-17 . F219E27E88107A50544153898DD8178E . 77312 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\browser.dll
[-] 2004-08-17 . F219E27E88107A50544153898DD8178E . 77312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\browser.dll
.
[-] 2008-04-14 . ED0A176354487CEED65B80A7148AB739 . 13312 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lsass.exe
[-] 2008-04-14 . ED0A176354487CEED65B80A7148AB739 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe
[-] 2004-08-17 . 82A362FE1D4980B71B588D9C10748511 . 13312 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\lsass.exe
[-] 2004-08-17 . 82A362FE1D4980B71B588D9C10748511 . 13312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lsass.exe
.
[-] 2008-04-14 . 72E1E9E2977BE08BDEEDB6D8FD9D4D40 . 198144 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netman.dll
[-] 2008-04-14 . 72E1E9E2977BE08BDEEDB6D8FD9D4D40 . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll
[-] 2005-08-22 . 86AD5B0E02F2C968FBB096AB4C555C9C . 197632 . . [5.1.2600.2743] . . c:\windows\$NtServicePackUninstall$\netman.dll
[-] 2005-08-22 . BB0557B62B95F366464C3C60A0BD6BDF . 197632 . . [5.1.2600.2743] . . c:\windows\$hf_mig$\KB905414\SP2QFE\netman.dll
[-] 2004-08-17 . AF342D2781225A8769686E0D47E3123E . 198144 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\netman.dll
[-] 2004-08-17 . AF342D2781225A8769686E0D47E3123E . 198144 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB905414$\netman.dll
.
[-] 2008-04-14 03:21 . E7B375DFFB68A16659CA66474A280C47 . 806912 . . [2001.12.4414.700] . . c:\windows\ServicePackFiles\i386\comres.dll
[-] 2008-04-14 03:21 . E7B375DFFB68A16659CA66474A280C47 . 806912 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll
[-] 2004-08-17 22:49 . B44F68274AB7B8A54E9AD74AFF0EFAAC . 806912 . . [2001.12.4414.258] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\comres.dll
[-] 2004-08-17 13:49 . B44F68274AB7B8A54E9AD74AFF0EFAAC . 806912 . . [2001.12.4414.258] . . c:\windows\$NtServicePackUninstall$\comres.dll
.
[-] 2008-04-14 . 19395D092FD85DDC2D9C7729CF5A2AC8 . 409088 . . [6.7.2600.5512] . . c:\windows\ServicePackFiles\i386\qmgr.dll
[-] 2008-04-14 . 19395D092FD85DDC2D9C7729CF5A2AC8 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll
[-] 2008-04-14 . 19395D092FD85DDC2D9C7729CF5A2AC8 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\bits\qmgr.dll
[-] 2004-08-17 . E774A26610EC92674273486612C11CFC . 382464 . . [6.6.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\qmgr.dll
[-] 2004-08-17 . E774A26610EC92674273486612C11CFC . 382464 . . [6.6.2600.2180] . . c:\windows\$NtServicePackUninstall$\qmgr.dll
[-] 2002-09-23 . D8681F65568AC0C6C7ED11E028EE3503 . 221184 . . [6.2.2600.1106] . . c:\windows\$NtUninstallKB842773$\qmgr.dll
.
[-] 2009-02-09 . C0BD34A62508BA68F146E22CE45919F9 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[-] 2009-02-09 . BE27674D1CBC3214AEC84B4336A38BBF . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\rpcss.dll
[-] 2009-02-09 . BE27674D1CBC3214AEC84B4336A38BBF . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll
[-] 2009-02-09 . BE27674D1CBC3214AEC84B4336A38BBF . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll
[-] 2009-02-09 . 2B269C916766BDB43404F043B763427D . 399360 . . [5.1.2600.3520] . . c:\windows\$NtServicePackUninstall$\rpcss.dll
[-] 2009-02-09 . BEF7BB41E666EAA34BE7E99C2B107DB8 . 401408 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\rpcss.dll
[-] 2008-04-14 . C868F3AE15CF71A93F2AA3A32856D839 . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\rpcss.dll
[-] 2008-04-14 . C868F3AE15CF71A93F2AA3A32856D839 . 399360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rpcss.dll
[-] 2005-07-26 . DBDE980506B54AE928D151D12419B425 . 397824 . . [5.1.2600.2726] . . c:\windows\$NtUninstallKB956572_0$\rpcss.dll
[-] 2005-07-26 . 46C3197AAC32EBA82453ACDD84114DC2 . 398336 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\rpcss.dll
[-] 2005-04-28 . 5DE239E9CC9DB7430233EA7BE10EAD32 . 396288 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\rpcss.dll
[-] 2005-04-28 . 676E6C3C8F3B4F8B64BE33FD20ADFCE2 . 395776 . . [5.1.2600.2665] . . c:\windows\$NtUninstallKB902400$\rpcss.dll
[-] 2005-01-14 . F6A9A9EF24527C69DDAA576D965EBC39 . 395776 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2GDR\rpcss.dll
[-] 2005-01-14 . F6A9A9EF24527C69DDAA576D965EBC39 . 395776 . . [5.1.2600.2595] . . c:\windows\$NtUninstallKB894391$\rpcss.dll
[-] 2005-01-14 . EB83A54CC8C1F0DF70EA67199747BCA0 . 395776 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\rpcss.dll
[-] 2004-08-17 . C72C15EE57E248C66E57C76CAB086CF2 . 395776 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\rpcss.dll
[-] 2004-08-17 . C72C15EE57E248C66E57C76CAB086CF2 . 395776 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB873333$\rpcss.dll
[-] 2004-03-06 . 8B48B080B8B3BD5349300C8FE361CEB5 . 263680 . . [5.1.2600.1361] . . c:\windows\$NtUninstallKB873333_0$\rpcss.dll
[-] 2003-08-25 . 445DEF4E2471AE45B0AD965E709F5974 . 260608 . . [5.1.2600.1263] . . c:\windows\$NtUninstallKB828741$\rpcss.dll
.
[-] 2009-02-09 . 9EF697AF07BB8DD82C3B02CA953A95B7 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\services.exe
[-] 2009-02-09 . 9EF697AF07BB8DD82C3B02CA953A95B7 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\services.exe
[-] 2009-02-09 . 9EF697AF07BB8DD82C3B02CA953A95B7 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe
[-] 2009-02-09 . 3D107D45CCFDB266E91D84B52CD7F430 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[-] 2009-02-09 . 4F9F7B567970B524F31D9970A23F7C24 . 111104 . . [5.1.2600.3520] . . c:\windows\$NtServicePackUninstall$\services.exe
[-] 2009-02-09 . 33081FED75032291EE0E008D5385E86F . 111104 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\services.exe
[-] 2008-04-14 . F0D2AE69035092BF22DAD6B50FAB85C2 . 108544 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe
[-] 2008-04-14 . F0D2AE69035092BF22DAD6B50FAB85C2 . 108544 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe
[-] 2004-08-17 . 6E401E61F952FBBF708AFBECEFAFAE81 . 108544 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\services.exe
[-] 2004-08-17 . 6E401E61F952FBBF708AFBECEFAFAE81 . 108544 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB956572_0$\services.exe
.
[-] 2010-08-17 . 258DD5D4283FD9F9A7166BE9AE45CE73 . 58880 . . [5.1.2600.6024] . . c:\windows\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
[-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\spoolsv.exe
[-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\dllcache\spoolsv.exe
[-] 2008-04-14 . CB1090BCA0E7B40D0B5B4E4D66531809 . 57856 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB2347290$\spoolsv.exe
[-] 2008-04-14 . CB1090BCA0E7B40D0B5B4E4D66531809 . 57856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\spoolsv.exe
[-] 2005-06-11 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696] . . c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
[-] 2005-06-10 . DA81EC57ACD4CDC3D4C51CF3D409AF9F . 57856 . . [5.1.2600.2696] . . c:\windows\$NtServicePackUninstall$\spoolsv.exe
[-] 2004-08-17 . 21B6FAA88044A41640E03EBB68BE93E8 . 57856 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\spoolsv.exe
[-] 2004-08-17 . 21B6FAA88044A41640E03EBB68BE93E8 . 57856 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB896423$\spoolsv.exe
.
[-] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[-] 2004-08-17 . 221C29AE1B4CC61D11D8B27DE78B2307 . 502272 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\winlogon.exe
[-] 2004-08-17 . 221C29AE1B4CC61D11D8B27DE78B2307 . 502272 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\winlogon.exe
[-] 2002-09-23 . FF8857D1AF59071F172C0FAD0FD33E87 . 516608 . . [5.1.2600.1106] . . c:\windows\$NtUninstallKB840987$\winlogon.exe
.
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ipsec.sys
[-] 2008-04-13 19:19 . 28B1D2D157F793CB857DEBBC36AE1D67 . 75264 . . [------] . . c:\windows\system32\drivers\ipsec.sys
[-] 2004-08-04 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\ipsec.sys
[-] 2004-08-03 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ipsec.sys
.
[-] 2010-08-23 . E145ADD7DAEF759C4F5FB80A180A9C30 . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2010-08-23 . E145ADD7DAEF759C4F5FB80A180A9C30 . 617472 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll
[-] 2010-08-23 . 8A72A30FDC803DC06755D3B36D966F31 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
[-] 2008-04-14 . 4F993463DC5F3F80D77A3D34D7BFBFED . 617472 . . [5.82] . . c:\windows\$NtUninstallKB2296011$\comctl32.dll
[-] 2008-04-14 . 4F993463DC5F3F80D77A3D34D7BFBFED . 617472 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll
[-] 2008-04-14 . D7B7AE36A2EBA312AC4B53862019B3F5 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
[-] 2006-08-25 . E26B26189B786E6B092F002041D5A1E2 . 617472 . . [5.82] . . c:\windows\$NtServicePackUninstall$\comctl32.dll
[-] 2006-08-25 . 6CB1BAC5FA7E692B63C3D5AAA348E76A . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
[-] 2004-12-21 . 1F0AB9BEA7916983D632B42B606C38BD . 921600 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1612_x-ww_7c379b08\comctl32.dll
[-] 2004-08-20 . 20B56FBA1E5B9DD81C9BBF9B65C471CE . 921600 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1579_x-ww_7bbf8d08\comctl32.dll
[-] 2004-08-17 . 876C658C44F2BF4AF050E5534A9F066F . 611328 . . [5.82] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\comctl32.dll
[-] 2004-08-17 . F76B3003366A205E05AFC0D034C7D3E9 . 1050624 . . [6.0] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\asms\60\msft\windows\common\controls\comctl32.dll
[-] 2004-08-17 . 876C658C44F2BF4AF050E5534A9F066F . 611328 . . [5.82] . . c:\windows\$NtUninstallKB923191$\comctl32.dll
[-] 2004-08-17 . F76B3003366A205E05AFC0D034C7D3E9 . 1050624 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
[-] 2004-04-16 . A7B3F3FB365B8B3B29C7C7322392C765 . 921600 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1515_x-ww_7bb98b8a\comctl32.dll
[-] 2002-09-23 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
[-] 2002-09-23 . D12F83B2037A01BB97A97F3EA54DD71F . 921600 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805\comctl32.dll
.
[-] 2008-04-14 . F3AB0933CBD166D271992F411C27CCAF . 62464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\cryptsvc.dll
[-] 2008-04-14 . F3AB0933CBD166D271992F411C27CCAF . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll
[-] 2004-08-17 . 70D2A1756F4B2067658A186C963FCABD . 60416 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\cryptsvc.dll
[-] 2004-08-17 . 70D2A1756F4B2067658A186C963FCABD . 60416 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\cryptsvc.dll
.
[-] 2008-07-07 20:32 . 398314DF0B21338C4996B469101750D1 . 253952 . . [2001.12.4414.320] . . c:\windows\$NtServicePackUninstall$\es.dll
[-] 2008-07-07 20:29 . A371F11EF07653591C8DE26AFB13CE7F . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll
[-] 2008-07-07 20:29 . A371F11EF07653591C8DE26AFB13CE7F . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll
[-] 2008-07-07 20:29 . A371F11EF07653591C8DE26AFB13CE7F . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll
[-] 2008-07-07 20:25 . BE68EA4457E2E5717231CF91BE5448E0 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[-] 2008-07-07 20:19 . 3440C414044935B124B5821C0994B37F . 253952 . . [2001.12.4414.320] . . c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll
[-] 2008-04-14 03:21 . 260C69FD67687B0DC062FC3D31655857 . 246272 . . [2001.12.4414.701] . . c:\windows\$NtUninstallKB950974$\es.dll
[-] 2008-04-14 03:21 . 260C69FD67687B0DC062FC3D31655857 . 246272 . . [2001.12.4414.701] . . c:\windows\ServicePackFiles\i386\es.dll
[-] 2005-07-26 04:42 . 8B1B932554B6317E97AE3B9D05344470 . 243200 . . [2001.12.4414.308] . . c:\windows\$NtUninstallKB950974_0$\es.dll
[-] 2005-07-26 04:30 . 7B9199B6809586DC2CF30D411CECBD33 . 243200 . . [2001.12.4414.308] . . c:\windows\$hf_mig$\KB902400\SP2QFE\es.dll
[-] 2004-08-17 22:49 . 972378B907070F64932A87C90A035487 . 243200 . . [2001.12.4414.258] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\es.dll
[-] 2004-08-17 13:49 . 972378B907070F64932A87C90A035487 . 243200 . . [2001.12.4414.258] . . c:\windows\$NtUninstallKB902400$\es.dll
[-] 2002-09-23 04:00 . CBB06A35D660E6B1F513160CE2A11A20 . 225280 . . [2001.12.4414.46] . . c:\windows\$NtUninstallKB828741$\es.dll
.
[-] 2008-04-14 . 6C60CA8AC7470AC01CFD3D24C7283CD1 . 110080 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\imm32.dll
[-] 2008-04-14 . 6C60CA8AC7470AC01CFD3D24C7283CD1 . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll
[-] 2004-08-17 . 2413635113361E54B62F0C40E4E4DAE6 . 110080 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\imm32.dll
[-] 2004-08-17 . 2413635113361E54B62F0C40E4E4DAE6 . 110080 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\imm32.dll
.
[-] 2009-03-21 . 9A4D2A6C4B7BD60851553C095CD71AF8 . 984576 . . [5.1.2600.3541] . . c:\windows\$NtServicePackUninstall$\kernel32.dll
[-] 2009-03-21 . 545C653E8FE241CA6200798AA94FE5C7 . 988160 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3GDR\kernel32.dll
[-] 2009-03-21 . 545C653E8FE241CA6200798AA94FE5C7 . 988160 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll
[-] 2009-03-21 . 545C653E8FE241CA6200798AA94FE5C7 . 988160 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll
[-] 2009-03-21 . 0D8F61460F84139BBE5E391D8DE18D9A . 990208 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[-] 2009-03-21 . 8D18BA8E854890074B6FB92D7D0C02FA . 987648 . . [5.1.2600.3541] . . c:\windows\$hf_mig$\KB959426\SP2QFE\kernel32.dll
[-] 2008-04-14 . FD91CD95A1C663DF54DD371CC8A234DE . 988160 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll
[-] 2008-04-14 . FD91CD95A1C663DF54DD371CC8A234DE . 988160 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kernel32.dll
[-] 2007-04-16 . 2B33979FDE5D1B9293ADB025F323B0D9 . 984576 . . [5.1.2600.3119] . . c:\windows\$hf_mig$\KB935839\SP2QFE\kernel32.dll
[-] 2007-04-16 . C23A84D7AB99678B2F1A52080280E4ED . 983040 . . [5.1.2600.3119] . . c:\windows\$NtUninstallKB959426_0$\kernel32.dll
[-] 2006-07-05 . A0B58CBB3ADCD79F1414A8E62D2F719F . 983552 . . [5.1.2600.2945] . . c:\windows\$hf_mig$\KB917422\SP2QFE\kernel32.dll
[-] 2006-07-05 . 72FB9AA607A21FD2485286C478FB9B01 . 982528 . . [5.1.2600.2945] . . c:\windows\$NtUninstallKB935839$\kernel32.dll
[-] 2004-08-17 . 98DA079F61265BC26D4587E280B79F30 . 982016 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\kernel32.dll
[-] 2004-08-17 . 98DA079F61265BC26D4587E280B79F30 . 982016 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB917422$\kernel32.dll
[-] 2002-09-23 . B977278E24481FB1F0C11A1BD6B8F762 . 928768 . . [5.1.2600.1106] . . c:\windows\$NtUninstallKB840987$\kernel32.dll
.
[-] 2008-04-14 . 7FDE9FC15765E02B23E1756930165AD1 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\linkinfo.dll
[-] 2008-04-14 . 7FDE9FC15765E02B23E1756930165AD1 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll
[-] 2005-09-01 . 3E611531CC70649635FC890B421AECD0 . 19968 . . [5.1.2600.2751] . . c:\windows\$hf_mig$\KB900725\SP2QFE\linkinfo.dll
[-] 2005-09-01 . B5DE324E0F9AEBEC885ABF5DB6B2F73D . 19968 . . [5.1.2600.2751] . . c:\windows\$NtServicePackUninstall$\linkinfo.dll
[-] 2004-08-17 . EE1F842DB2AE412136643B0814D770A6 . 18944 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\linkinfo.dll
[-] 2004-08-17 . EE1F842DB2AE412136643B0814D770A6 . 18944 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB900725$\linkinfo.dll
[-] 2002-09-23 . 1D42E5A5211753D568921B97B4705EB3 . 15360 . . [5.1.2600.0] . . c:\windows\$NtUninstallKB841356$\linkinfo.dll
.
[-] 2008-04-14 . C66BA7BD13C8FB8BEC4863B88641C763 . 22016 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lpk.dll
[-] 2008-04-14 . C66BA7BD13C8FB8BEC4863B88641C763 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll
[-] 2004-08-17 . BFE8DC7AAE7CB1C86243D77B340DC304 . 22016 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\lpk.dll
[-] 2004-08-17 . BFE8DC7AAE7CB1C86243D77B340DC304 . 22016 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lpk.dll
.
[-] 2008-04-14 . D165DFCB4EA452510E53416F573018BB . 343040 . . [7.0.2600.5512] . . c:\windows\ServicePackFiles\i386\msvcrt.dll
[-] 2008-04-14 . D165DFCB4EA452510E53416F573018BB . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll
[-] 2008-04-14 . EC8D5E09C6CA5F52858A5EB71F308FDF . 343040 . . [7.0.2600.5512] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
[-] 2004-08-17 . 91CC3E4CCDBBF8E224182C76C87E454F . 343040 . . [7.0.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\msvcrt.dll
[-] 2004-08-17 . AB47015B67531572BE46C0C08222C84C . 343040 . . [7.0.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\asms\70\msft\windows\mswincrt\msvcrt.dll
[-] 2004-08-17 . 91CC3E4CCDBBF8E224182C76C87E454F . 343040 . . [7.0.2600.2180] . . c:\windows\$NtServicePackUninstall$\msvcrt.dll
[-] 2004-08-17 . AB47015B67531572BE46C0C08222C84C . 343040 . . [7.0.2600.2180] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll
[-] 2002-09-23 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll
[-] 2002-09-23 . 1B2C477D8847E4123DD8761D2E9008F7 . 323072 . . [7.0.2600.1106] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.10.0_x-ww_d8862ba3\msvcrt.dll
.
[-] 2008-04-14 . C2ED0E3408F50BBC149D4F0936E67832 . 407040 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netlogon.dll
[-] 2008-04-14 . C2ED0E3408F50BBC149D4F0936E67832 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll
[-] 2004-08-17 . 2591CADAEF7D2242039255028E577688 . 407040 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\netlogon.dll
[-] 2004-08-17 . 2591CADAEF7D2242039255028E577688 . 407040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netlogon.dll
.
[-] 2008-04-14 . 9FA69781CAA7A1DA981A24F240A61A60 . 17408 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\powrprof.dll
[-] 2008-04-14 . 9FA69781CAA7A1DA981A24F240A61A60 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll
[-] 2004-08-17 . 134B95A1D8FAFD74A68E4B2116DEFA7D . 17408 . . [6.00.2900.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\powrprof.dll
[-] 2004-08-17 . 134B95A1D8FAFD74A68E4B2116DEFA7D . 17408 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\powrprof.dll
.
[-] 2008-04-14 . 830CE8951C71F361D7D2F38416CC8BC1 . 185856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\scecli.dll
[-] 2008-04-14 . 830CE8951C71F361D7D2F38416CC8BC1 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll
[-] 2004-08-17 . 07119058D451CB7EA4317BCFDA8599A6 . 184832 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\scecli.dll
[-] 2004-08-17 . 07119058D451CB7EA4317BCFDA8599A6 . 184832 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\scecli.dll
.
[-] 2008-04-14 . 5EE949255BABC0B17C09DDB2E59E3878 . 5120 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfc.dll
[-] 2008-04-14 . 5EE949255BABC0B17C09DDB2E59E3878 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll
[-] 2004-08-17 . 6CC2D21488333133AE0C9F44F6051CB7 . 5120 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\sfc.dll
[-] 2004-08-17 . 6CC2D21488333133AE0C9F44F6051CB7 . 5120 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfc.dll
.
[-] 2008-04-14 . BE4A520E29B6391F49E79CCC52044D93 . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\svchost.exe
[-] 2008-04-14 . BE4A520E29B6391F49E79CCC52044D93 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe
[-] 2004-08-17 . DFBA2915B0BF58ABB288CD4C9318CB3F . 14336 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\svchost.exe
[-] 2004-08-17 . DFBA2915B0BF58ABB288CD4C9318CB3F . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\svchost.exe
.
[-] 2008-04-14 . C2546CD7A398476F9DF5614B2AE160E8 . 249856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tapisrv.dll
[-] 2008-04-14 . C2546CD7A398476F9DF5614B2AE160E8 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll
[-] 2005-07-08 . 2EB5536278D697C5895A48514682BF64 . 249344 . . [5.1.2600.2716] . . c:\windows\$hf_mig$\KB893756\SP2QFE\tapisrv.dll
[-] 2005-07-08 . 250241D65CCF692AEACC318A266413C2 . 249344 . . [5.1.2600.2716] . . c:\windows\$NtServicePackUninstall$\tapisrv.dll
[-] 2004-08-17 . 37162D29CD61519E6F5EA0DE99786FF6 . 246272 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\tapisrv.dll
[-] 2004-08-17 . 37162D29CD61519E6F5EA0DE99786FF6 . 246272 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB893756$\tapisrv.dll
.
[-] 2008-04-14 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll
[-] 2008-04-14 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[-] 2007-03-08 . 5393076FDCD6DAEB82814688DDE3E9A2 . 578048 . . [5.1.2600.3099] . . c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll
[-] 2007-03-08 . 43240B12D220F30C7C75EA69B2E806B0 . 577536 . . [5.1.2600.3099] . . c:\windows\$NtServicePackUninstall$\user32.dll
[-] 2005-03-02 . 3EF380290CE2CA8598E475CEAC4ADB13 . 577024 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll
[-] 2005-03-02 . 9267BC598E271BC3FA69F36CF1C8BD36 . 577024 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB925902$\user32.dll
[-] 2004-08-17 . 1B4CCC59980DA34E75F20E42B283B027 . 577024 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\user32.dll
[-] 2004-08-17 . 1B4CCC59980DA34E75F20E42B283B027 . 577024 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\user32.dll
[-] 2004-06-17 . EDA6F9B309CC19567D7727A4992ADEF0 . 560128 . . [5.1.2600.1561] . . c:\windows\$NtUninstallKB891711$\user32.dll
[-] 2003-09-25 . 9120F1C8C8C5C186D69E65F86C188E93 . 560128 . . [5.1.2600.1255] . . c:\windows\$NtUninstallKB840987$\user32.dll
[-] 2002-11-22 . E377365242E87C4F3345DEDFBCC46D38 . 528896 . . [5.1.2600.1134] . . c:\windows\$NtUninstallKB824141$\user32.dll
.
[-] 2008-04-14 . 7DC1830F22E7D275B438127B68030239 . 26112 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\userinit.exe
[-] 2008-04-14 . 7DC1830F22E7D275B438127B68030239 . 26112 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe
[-] 2004-08-17 . 836F7960362FF95C5D49E40B891F2CFC . 24576 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\userinit.exe
[-] 2004-08-17 . 836F7960362FF95C5D49E40B891F2CFC . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\userinit.exe
.
[-] 2008-04-14 . 951D473917C51F21496D914CF6E5DDD1 . 82432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2_32.dll
[-] 2008-04-14 . 951D473917C51F21496D914CF6E5DDD1 . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll
[-] 2004-08-17 . 382E9B87F1282E697C67AF84E34E35E2 . 82944 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\ws2_32.dll
[-] 2004-08-17 . 382E9B87F1282E697C67AF84E34E35E2 . 82944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2_32.dll
[-] 2002-09-23 . 748494B94A871A828C64D1D5C738D2B7 . 75264 . . [5.1.2600.0] . . c:\windows\$NtUninstallKB817778$\ws2_32.dll
.
[-] 2008-04-14 . 859F7735F199C90403340183A3DDFB78 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2help.dll
[-] 2008-04-14 . 859F7735F199C90403340183A3DDFB78 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll
[-] 2004-08-17 . C2B86666FC44B48903AD6016D15A23DF . 19968 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\ws2help.dll
[-] 2004-08-17 . C2B86666FC44B48903AD6016D15A23DF . 19968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2help.dll
.
[-] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2007-06-13 . ED7B460B142A32097B8A8F6ECC941815 . 1033728 . . [6.00.2900.3156] . . c:\windows\$NtServicePackUninstall$\explorer.exe
[-] 2007-06-13 . 9B32416BD5988C97B6397CE0B02CAF97 . 1033728 . . [6.00.2900.3156] . . c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
[-] 2004-08-17 . 53114D57AB73A406AC7F602227781A99 . 1032704 . . [6.00.2900.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\explorer.exe
[-] 2004-08-17 . 53114D57AB73A406AC7F602227781A99 . 1032704 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB938828$\explorer.exe
[-] 2002-09-23 . 11D80755545CFB5EB9659EE88440EAE2 . 1004544 . . [6.00.2800.1106] . . c:\windows\$NtUninstallKB820291$\explorer.exe
.
[-] 2008-04-14 . FDEB1D02CAE38665CBF114F44E6B997E . 147968 . . [5.1.2600.5512] . . c:\windows\regedit.exe
[-] 2008-04-14 . FDEB1D02CAE38665CBF114F44E6B997E . 147968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regedit.exe
[-] 2004-08-17 . CB5A91928D94224E7E30EE277B45E8A3 . 147968 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\regedit.exe
[-] 2004-08-17 . CB5A91928D94224E7E30EE277B45E8A3 . 147968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regedit.exe
.
[-] 2010-04-16 . A0C90E01D288A618AE6B99E92B7E0115 . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\usp10.dll
[-] 2010-04-16 . A0C90E01D288A618AE6B99E92B7E0115 . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\dllcache\usp10.dll
[-] 2010-04-16 . 6BE004F9FCEECA6536385D5CB59BFD37 . 406016 . . [1.0420.2600.5969] . . c:\windows\$hf_mig$\KB981322\SP3QFE\usp10.dll
[-] 2008-04-14 . F5B6A143739B894BF4F488CFFC3D3015 . 406016 . . [1.0420.2600.5512] . . c:\windows\$NtUninstallKB981322$\usp10.dll
[-] 2008-04-14 . F5B6A143739B894BF4F488CFFC3D3015 . 406016 . . [1.0420.2600.5512] . . c:\windows\ServicePackFiles\i386\usp10.dll
[-] 2004-08-17 . E28340F6CB7BAC3EACDA9C74A0BE42BE . 406528 . . [1.0420.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\usp10.dll
[-] 2004-08-17 . E28340F6CB7BAC3EACDA9C74A0BE42BE . 406528 . . [1.0420.2600.2180] . . c:\windows\$NtServicePackUninstall$\usp10.dll
.
[-] 2008-04-14 . AF6A4BCDE2343E8562D3003A1740CC96 . 4096 . . [5.3.2600.5512] . . c:\windows\system32\ksuser.dll
[-] 2008-04-14 . AF6A4BCDE2343E8562D3003A1740CC96 . 4096 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\ksuser.dll
[-] 2004-08-17 . FC727882241CD48E243868DD8401AB60 . 4096 . . [5.3.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\ksuser.dll
[-] 2004-08-17 . FC727882241CD48E243868DD8401AB60 . 4096 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\ksuser.dll
.
[-] 2008-04-14 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2008-04-14 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[-] 2004-08-17 . A5BAA91475167161DEA02BA3C4CA4F59 . 15360 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\ctfmon.exe
[-] 2004-08-17 . A5BAA91475167161DEA02BA3C4CA4F59 . 15360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe
.
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2004-08-17 . 3CD57F31A64D32FDB28918B16D1E6AAC . 170496 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\srsvc.dll
[-] 2004-08-17 . 3CD57F31A64D32FDB28918B16D1E6AAC . 170496 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll
.
[-] 2008-04-14 . 278A14BEDEF58687EAF8BEC056A78D8B . 13824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wscntfy.exe
[-] 2008-04-14 . 278A14BEDEF58687EAF8BEC056A78D8B . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe
[-] 2004-08-17 . 93F75FF033BAA186D08115D73BFE3D32 . 13824 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\wscntfy.exe
[-] 2004-08-17 . 93F75FF033BAA186D08115D73BFE3D32 . 13824 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wscntfy.exe
.
[-] 2008-04-14 . EAA4BB9EDB3FB10CF8979FE65E63658F . 129024 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\xmlprov.dll
[-] 2008-04-14 . EAA4BB9EDB3FB10CF8979FE65E63658F . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll
[-] 2004-08-17 . 9B835D4C64860B155A1701D5092EC9E4 . 129536 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\xmlprov.dll
[-] 2004-08-17 . 9B835D4C64860B155A1701D5092EC9E4 . 129536 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\xmlprov.dll
.
[-] 2008-04-14 . 2EE99F67C930931EB404DADCE57E976E . 56320 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\eventlog.dll
[-] 2008-04-14 . 2EE99F67C930931EB404DADCE57E976E . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll
[-] 2004-08-17 . 6EB66066D5C0175320CFEA0A4C74C88F . 55808 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\eventlog.dll
[-] 2004-08-17 . 6EB66066D5C0175320CFEA0A4C74C88F . 55808 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\eventlog.dll
.
[-] 2008-04-14 . 56A6034E7764E23D9114223EB3523925 . 1571840 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfcfiles.dll
[-] 2008-04-14 . 56A6034E7764E23D9114223EB3523925 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
[-] 2004-08-17 . 5CA2E2BA624D6F2C7A581C91E70394CB . 1548288 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\sfcfiles.dll
[-] 2004-08-17 . 5CA2E2BA624D6F2C7A581C91E70394CB . 1548288 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfcfiles.dll
.
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ipsec.sys
[-] 2008-04-13 19:19 . 28B1D2D157F793CB857DEBBC36AE1D67 . 75264 . . [------] . . c:\windows\system32\drivers\ipsec.sys
[-] 2004-08-04 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\ipsec.sys
[-] 2004-08-03 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ipsec.sys
.
[-] 2008-04-14 . 8F31505484A190D5B22274708799F4EC . 59904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regsvc.dll
[-] 2008-04-14 . 8F31505484A190D5B22274708799F4EC . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll
[-] 2004-08-17 . 5B21208FCF8970BB61FE98E19D828714 . 59904 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\regsvc.dll
[-] 2004-08-17 . 5B21208FCF8970BB61FE98E19D828714 . 59904 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regsvc.dll
.
[-] 2008-04-14 . 3FF232A7731621B8902D81D42418C93C . 192512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\schedsvc.dll
[-] 2008-04-14 . 3FF232A7731621B8902D81D42418C93C . 192512 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll
[-] 2004-08-17 . 29AC93307C6182DBE336BCA314947F28 . 190976 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\schedsvc.dll
[-] 2004-08-17 . 29AC93307C6182DBE336BCA314947F28 . 190976 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\schedsvc.dll
[-] 2002-09-23 . 426D5FC7DD903DFA12123C8C9B818CD5 . 159232 . . [5.1.2600.1106] . . c:\windows\$NtUninstallKB841873$\schedsvc.dll
.
[-] 2008-04-14 . BECD5271DC4E3B7C3D035F790FCBC1E5 . 71680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ssdpsrv.dll
[-] 2008-04-14 . BECD5271DC4E3B7C3D035F790FCBC1E5 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll
[-] 2004-08-17 . 88C28F53F53438DAFCD95E99C837C61E . 71680 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\ssdpsrv.dll
[-] 2004-08-17 . 88C28F53F53438DAFCD95E99C837C61E . 71680 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ssdpsrv.dll
.
[-] 2008-04-14 . A75DD6FC3DBEE4FFF5EBC9F2C28BB66E . 295936 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\termsrv.dll
[-] 2008-04-14 . A75DD6FC3DBEE4FFF5EBC9F2C28BB66E . 295936 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll
[-] 2004-08-17 . 2F5919F2F6EE7A845893D9C3AA2BC56A . 295936 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\termsrv.dll
[-] 2004-08-17 . 2F5919F2F6EE7A845893D9C3AA2BC56A . 295936 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\termsrv.dll
.
[-] 2008-04-14 . ED18ADEE4AA21EB26977260152D7241A . 345088 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\hnetcfg.dll
[-] 2008-04-14 . ED18ADEE4AA21EB26977260152D7241A . 345088 . . [5.1.2600.5512] . . c:\windows\system32\hnetcfg.dll
[-] 2004-08-17 . FAABA83BE47C5B15F620FAA53267A9B8 . 345088 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\hnetcfg.dll
[-] 2004-08-17 . FAABA83BE47C5B15F620FAA53267A9B8 . 345088 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\hnetcfg.dll
.
[-] 2008-04-14 . 6B8E7A90E576D4FE308F97C69060A171 . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\appmgmts.dll
[-] 2008-04-14 . 6B8E7A90E576D4FE308F97C69060A171 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\appmgmts.dll
[-] 2004-08-17 . 421184F91EAE5C6E78E653C6B32AAE84 . 171008 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\appmgmts.dll
[-] 2004-08-17 . 421184F91EAE5C6E78E653C6B32AAE84 . 171008 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\appmgmts.dll
.
[-] 2002-09-23 . AFDFF022A01F0B11C776F0860C3B282F . 11776 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys
.
[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ServicePackFiles\i386\aec.sys
[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys
[-] 2006-02-15 00:30 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\$hf_mig$\KB900485\SP2QFE\aec.sys
[-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\$NtServicePackUninstall$\aec.sys
[-] 2004-08-04 05:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\aec.sys
[-] 2004-08-03 20:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\$NtUninstallKB900485$\aec.sys
.
[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\agp440.sys
[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\drivers\agp440.sys
[-] 2004-08-04 . 2C428FA0C3E3A01ED93C9B2A27D8D4BB . 42368 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\agp440.sys
[-] 2004-08-03 . 2C428FA0C3E3A01ED93C9B2A27D8D4BB . 42368 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\agp440.sys
.
[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ip6fw.sys
[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys
[-] 2004-08-04 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\ip6fw.sys
[-] 2004-08-03 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ip6fw.sys
.
[-] 2010-09-18 07:18 . 2BC3ED47ACB42F664D5D1D247F2553AA . 953856 . . [4.1.6151] . . c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll
[-] 2010-09-18 06:53 . 9BB005DF755C4EDE048221DFD4A28A87 . 953856 . . [4.1.6151] . . c:\windows\system32\mfc40u.dll
[-] 2010-09-18 06:53 . 9BB005DF755C4EDE048221DFD4A28A87 . 953856 . . [4.1.6151] . . c:\windows\system32\dllcache\mfc40u.dll
[-] 2008-04-14 03:21 . 7C3351F60B759D5D917E68342AE3307C . 927504 . . [4.1.0.61] . . c:\windows\$NtUninstallKB2387149$\mfc40u.dll
[-] 2008-04-14 03:21 . 7C3351F60B759D5D917E68342AE3307C . 927504 . . [4.1.0.61] . . c:\windows\ServicePackFiles\i386\mfc40u.dll
[-] 2006-11-01 19:19 . 6C44E5766939B7552BFF75B2B6FF1161 . 927504 . . [4.1.0.61] . . c:\windows\$NtServicePackUninstall$\mfc40u.dll
[-] 2002-09-23 04:00 . A9D81C87BEF253D4CE3A5F8CEE2526C4 . 924432 . . [4.1.6140] . . c:\windows\$NtUninstallKB924667$\mfc40u.dll
.
[-] 2008-04-14 . 221CD1C815B8A6B79389C3F5D1018DE8 . 33792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msgsvc.dll
[-] 2008-04-14 . 221CD1C815B8A6B79389C3F5D1018DE8 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll
[-] 2004-08-17 . 8B2FCBD881879B55BE40B41F12FFC431 . 33792 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\msgsvc.dll
[-] 2004-08-17 . 8B2FCBD881879B55BE40B41F12FFC431 . 33792 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msgsvc.dll
[-] 2002-09-23 . 8CC9BD65B8C4D26CC74A4681219B07CE . 34304 . . [5.1.2600.0] . . c:\windows\$NtUninstallKB828035$\msgsvc.dll
.
[-] 2008-04-14 03:21 . 6199B2AE3F9DB9CB6DB230471A1DC601 . 52224 . . [9.0.1.56] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
[-] 2006-10-18 19:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll
[-] 2006-10-18 19:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\dllcache\mspmsnsv.dll
[-] 2004-08-17 22:49 . E02E913B3841717A890A644EE167B9A5 . 52224 . . [9.0.1.56] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\mspmsnsv.dll
[-] 2004-08-17 13:49 . E02E913B3841717A890A644EE167B9A5 . 52224 . . [9.0.1.56] . . c:\windows\$NtServicePackUninstall$\mspmsnsv.dll
[-] 2004-08-17 13:49 . E02E913B3841717A890A644EE167B9A5 . 52224 . . [9.0.1.56] . . c:\windows\ServicePackFiles\i386\mspmsnsv.dll
.
[-] 2008-04-14 03:21 . 023DD70573D644F3D9C8B1258A7BFD08 . 435712 . . [5.1.2400.5512] . . c:\windows\ServicePackFiles\i386\ntmssvc.dll
[-] 2008-04-14 03:21 . 023DD70573D644F3D9C8B1258A7BFD08 . 435712 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll
[-] 2004-08-17 22:49 . D8D2B13BA93AE830B1A637DF571D1195 . 435712 . . [5.1.2400.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\ntmssvc.dll
[-] 2004-08-17 13:49 . D8D2B13BA93AE830B1A637DF571D1195 . 435712 . . [5.1.2400.2180] . . c:\windows\$NtServicePackUninstall$\ntmssvc.dll
.
[-] 2008-04-14 . 651BD90DCEE5B7BDC74A2EB7C9266F9E . 186368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\upnphost.dll
[-] 2008-04-14 . 651BD90DCEE5B7BDC74A2EB7C9266F9E . 186368 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll
[-] 2007-02-05 . 6FD45FDC0C32BC4E81F718B671A3E017 . 185344 . . [5.1.2600.3077] . . c:\windows\$hf_mig$\KB931261\SP2QFE\upnphost.dll
[-] 2007-02-05 . 0C0C2C77C6B52181369594F2AA36AF40 . 185344 . . [5.1.2600.3077] . . c:\windows\$NtServicePackUninstall$\upnphost.dll
[-] 2004-08-17 . 984FC1518B0D5B31D76F0E63608E0500 . 185344 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\upnphost.dll
[-] 2004-08-17 . 984FC1518B0D5B31D76F0E63608E0500 . 185344 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB931261$\upnphost.dll
.
[-] 2008-04-14 . 8E009E7AC012823845D5F39A77F4A27F . 367616 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\dsound.dll
[-] 2008-04-14 . 8E009E7AC012823845D5F39A77F4A27F . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll
[-] 2004-08-17 . 8ECC475F5BAD26DB85943F888D62E364 . 367616 . . [5.3.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\dsound.dll
[-] 2004-08-17 . 8ECC475F5BAD26DB85943F888D62E364 . 367616 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\dsound.dll
.
[-] 2008-04-14 . 3B8AE11A3419DF8239183E94888702FA . 1689088 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\d3d9.dll
[-] 2008-04-14 . 3B8AE11A3419DF8239183E94888702FA . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll
[-] 2004-08-17 . A19F5837E52D57DB66D9DB55BFCC7796 . 1689088 . . [5.03.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\d3d9.dll
[-] 2004-08-17 . A19F5837E52D57DB66D9DB55BFCC7796 . 1689088 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\d3d9.dll
.
[-] 2008-04-14 . EDAD701F01FFD9B5799B8FCF1CF6BDA7 . 279552 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\ddraw.dll
[-] 2008-04-14 . EDAD701F01FFD9B5799B8FCF1CF6BDA7 . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll
[-] 2004-08-17 . 0F9A5DD4503E82B085D8B1336B961A81 . 266240 . . [5.03.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\ddraw.dll
[-] 2004-08-17 . 0F9A5DD4503E82B085D8B1336B961A81 . 266240 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\ddraw.dll
.
[-] 2008-04-14 03:21 . 16C195EBC0A3EC35C48D0C2D9A346BAB . 84992 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\olepro32.dll
[-] 2008-04-14 03:21 . 16C195EBC0A3EC35C48D0C2D9A346BAB . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll
[-] 2004-08-17 22:49 . 33F14F23DFAE4B43CDD4E535CD7C1963 . 83456 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\olepro32.dll
[-] 2004-08-17 13:49 . 33F14F23DFAE4B43CDD4E535CD7C1963 . 83456 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\olepro32.dll
.
[-] 2008-04-14 . 1682285F7C0934C764A0EBBC568153CA . 39936 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\perfctrs.dll
[-] 2008-04-14 . 1682285F7C0934C764A0EBBC568153CA . 39936 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll
[-] 2004-08-17 . 6C08FF4B76506676617E03C34ECCFB11 . 39936 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\perfctrs.dll
[-] 2004-08-17 . 6C08FF4B76506676617E03C34ECCFB11 . 39936 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\perfctrs.dll
.
[-] 2008-04-14 . 614F8186BDAB926E3B1D8927A4161B54 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\version.dll
[-] 2008-04-14 . 614F8186BDAB926E3B1D8927A4161B54 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\version.dll
[-] 2004-08-17 . E472BDA53A4DCD2142143AF9FD25C99A . 18944 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\version.dll
[-] 2004-08-17 . E472BDA53A4DCD2142143AF9FD25C99A . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\version.dll
.
[7] 2011-10-26 . 702435ABA81209767F8AADD8813A1A73 . 2194944 . . [5.1.2600.6165] . . c:\windows\Driver Cache\i386\ntoskrnl.exe
[7] 2011-10-26 . 702435ABA81209767F8AADD8813A1A73 . 2194944 . . [5.1.2600.6165] . . c:\windows\system32\ntoskrnl.exe
[7] 2011-10-26 . 702435ABA81209767F8AADD8813A1A73 . 2194944 . . [5.1.2600.6165] . . c:\windows\system32\dllcache\ntoskrnl.exe
[7] 2011-10-26 . BCA329B5A39AB25CC2DCCB3549EE30BF . 2194944 . . [5.1.2600.6165] . . c:\windows\$hf_mig$\KB2633171\SP3QFE\ntoskrnl.exe
[-] 2010-12-09 . 8D222D8EF9B1951296F822583A044542 . 2194944 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntoskrnl.exe
[-] 2010-12-09 . B6C5D4CBB22EEF31FAFBB76C2C6F3D99 . 2194944 . . [5.1.2600.6055] . . c:\windows\$NtUninstallKB2633171$\ntoskrnl.exe
[-] 2010-04-28 . EF1542C4875CAA34484A7BCB998B6BC4 . 2192128 . . [5.1.2600.5973] . . c:\windows\$NtUninstallKB2393802$\ntoskrnl.exe
[-] 2010-04-28 . 91FE668957FF51A2DBCEE0D8637BA77E . 2192256 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe
[-] 2010-02-17 . 4E8268B816B2D27E711A688D6FD0E319 . 2192128 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB981852$\ntoskrnl.exe
[-] 2010-02-16 . 6B2312D847BA95F4E858CB4C3B5F51E1 . 2192256 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe
[-] 2009-12-10 . 7782F11AE957B736585870CD2671227B . 2191488 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165-v2\SP3QFE\ntoskrnl.exe
[-] 2009-12-09 . 3B0DC252A20C8A938ED21073EE736AEA . 2191360 . . [5.1.2600.5913] . . c:\windows\$NtUninstallKB979683$\ntoskrnl.exe
[-] 2009-08-04 . F61EB18DA0AA630E2F8A944ED6BD3BF9 . 2191360 . . [5.1.2600.5857] . . c:\windows\$NtUninstallKB977165-v2$\ntoskrnl.exe
[-] 2009-08-04 . 3502DBBC657001D7A2A2768BD7DE1483 . 2191488 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe
[-] 2009-02-10 . 97480EBFE1D4B547657BAD75AAAB1325 . 2191360 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[-] 2009-02-09 . DF530FCAD41349C92945DF52EBA9F3E4 . 2182656 . . [5.1.2600.3520] . . c:\windows\$NtServicePackUninstall$\ntoskrnl.exe
[-] 2009-02-09 . C424407DDD99223BF3248044CBBE91F6 . 2188288 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\ntoskrnl.exe
[-] 2009-02-09 . F48662F55CD8DDD4DBBBCB69DE197725 . 2191232 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntoskrnl.exe
[-] 2009-02-09 . F48662F55CD8DDD4DBBBCB69DE197725 . 2191232 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB971486$\ntoskrnl.exe
[-] 2008-08-14 . 2BCBCE27A946C057051A85CB032F49FF . 2191360 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe
[-] 2008-08-14 . 7BBDCD1F5F60ED0B18D2F535763588A2 . 2182528 . . [5.1.2600.3427] . . c:\windows\$NtUninstallKB956572_0$\ntoskrnl.exe
[-] 2008-08-14 . C45C335F78C90DC75C05D5260B6888C7 . 2188160 . . [5.1.2600.3427] . . c:\windows\$hf_mig$\KB956841\SP2QFE\ntoskrnl.exe
[-] 2008-08-14 . 91F18AB1E9ACBF6E27A5545A8F57C89B . 2191360 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3GDR\ntoskrnl.exe
[-] 2008-04-14 . C1536014AC1CB1D5397E31D9735E6571 . 2191104 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntoskrnl.exe
[-] 2008-04-14 . C1536014AC1CB1D5397E31D9735E6571 . 2191104 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntoskrnl.exe
[-] 2007-02-28 . D40B4F66D877802EC5E655B91B5490FA . 2184320 . . [5.1.2600.3093] . . c:\windows\$hf_mig$\KB931784\SP2QFE\ntoskrnl.exe
[-] 2007-02-28 . C09CA7FAFFC40BBFACEEB9F0F429F673 . 2182528 . . [5.1.2600.3093] . . c:\windows\$NtUninstallKB956841_0$\ntoskrnl.exe
[-] 2006-12-19 . 1414C27CCDB54974C1C51D4236FC6FF1 . 2184192 . . [5.1.2600.3051] . . c:\windows\$hf_mig$\KB929338\SP2QFE\ntoskrnl.exe
[-] 2006-12-19 . 57423A0AEEBA3AA16712BCA2FFF027B7 . 2182528 . . [5.1.2600.3051] . . c:\windows\$NtUninstallKB931784$\ntoskrnl.exe
[-] 2005-03-02 . 7FABE135EAC02A4BC8094B831ADC0CC3 . 2181632 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe
[-] 2005-03-02 . B0DAE70164CC79D1289EF3530A3646F1 . 2181504 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB929338$\ntoskrnl.exe
[-] 2004-10-28 . 0540CDA8678152991057FB9DDE1C8257 . 2088320 . . [5.1.2600.1605] . . c:\windows\SoftwareDistribution\Download\5dc9020c39125000bb88679b0fa62c50\sp1qfe\ntoskrnl.exe
[-] 2004-08-17 . 12C80E46DCEC9B82473D1B1B9DA1F16B . 2183168 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\ntoskrnl.exe
[-] 2004-08-17 . 12C80E46DCEC9B82473D1B1B9DA1F16B . 2183168 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\ntoskrnl.exe
[-] 2004-06-17 . 447446AA4D17C6247F33FA68AE3C3C1D . 2051456 . . [5.1.2600.1568] . . c:\windows\$NtUninstallKB885835_0$\ntoskrnl.exe
[-] 2003-04-24 . 68B0A8582488FF88D60A896AE5FEB812 . 1925760 . . [5.1.2600.1151] . . c:\windows\$NtUninstallKB840987$\ntoskrnl.exe
.
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2004-08-17 . 3CD57F31A64D32FDB28918B16D1E6AAC . 170496 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\srsvc.dll
[-] 2004-08-17 . 3CD57F31A64D32FDB28918B16D1E6AAC . 170496 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll
.
[-] 2008-04-14 . FA4E1CDBA256787F2149F4AAD07BC91F . 176640 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\w32time.dll
[-] 2008-04-14 . FA4E1CDBA256787F2149F4AAD07BC91F . 176640 . . [5.1.2600.5512] . . c:\windows\system32\w32time.dll
[-] 2004-08-17 . 2CEEBB402187AE56B585701F3D191FB3 . 176128 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\w32time.dll
[-] 2004-08-17 . 2CEEBB402187AE56B585701F3D191FB3 . 176128 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\w32time.dll
.
[-] 2008-04-14 . C1CDD9275F6A115BB0AE1D55D8D27BA6 . 334336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wiaservc.dll
[-] 2008-04-14 . C1CDD9275F6A115BB0AE1D55D8D27BA6 . 334336 . . [5.1.2600.5512] . . c:\windows\system32\wiaservc.dll
[-] 2006-12-19 . 1F3BB7CB8064B3EC143D291F7222DF4B . 334336 . . [5.1.2600.3051] . . c:\windows\$hf_mig$\KB927802\SP2QFE\wiaservc.dll
[-] 2006-12-19 . B824215A934A24928CDDD1EF7E113035 . 334336 . . [5.1.2600.3051] . . c:\windows\$NtServicePackUninstall$\wiaservc.dll
[-] 2004-08-17 . 0645CCDDDD27F96EEA3534C1DEF736D9 . 333824 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\wiaservc.dll
[-] 2004-08-17 . 0645CCDDDD27F96EEA3534C1DEF736D9 . 333824 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB927802$\wiaservc.dll
.
[-] 2008-04-14 . 160A1500DDBE42F8793E3AD341E4BEC4 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\midimap.dll
[-] 2008-04-14 . 160A1500DDBE42F8793E3AD341E4BEC4 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\midimap.dll
[-] 2004-08-17 . B356DD67178B22A8C2FBD47316CCB43B . 18944 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\midimap.dll
[-] 2004-08-17 . B356DD67178B22A8C2FBD47316CCB43B . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\midimap.dll
.
[-] 2008-04-14 . B26098F3DC08D841DE3D79C38ACCB807 . 7680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rasadhlp.dll
[-] 2008-04-14 . B26098F3DC08D841DE3D79C38ACCB807 . 7680 . . [5.1.2600.5512] . . c:\windows\system32\rasadhlp.dll
[-] 2006-06-26 . 907E7787538EDDAAA2EA88A01B4E2F53 . 7680 . . [5.1.2600.2938] . . c:\windows\$hf_mig$\KB920683\SP2QFE\rasadhlp.dll
[-] 2006-06-26 . 408B05D8104FB3C19403450FDA953C7C . 8192 . . [5.1.2600.2938] . . c:\windows\$NtServicePackUninstall$\rasadhlp.dll
[-] 2004-08-17 . 630A1012AF129918D2E2D70727D69351 . 8192 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\1580131573eb2774b0c4b3815bd9664d\rasadhlp.dll
[-] 2004-08-17 . 630A1012AF129918D2E2D70727D69351 . 8192 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB920683$\rasadhlp.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTEGPRS"="c:\program files\Common Files\RTE\RTEGPRS.exe" [2004-03-02 1040384]
"T-Mobile Communication Centre"="c:\program files\T-Mobile\Web'n'walk Manager\Manager.exe" [2007-10-25 956296]
"GameXN (update)"="c:\documents and settings\All Users\Data aplikací\GameXN\GameXNGO.exe" [2011-09-02 347008]
"GameXN (news)"="c:\documents and settings\All Users\Data aplikací\GameXN\GameXNGO.exe" [2011-09-02 347008]
"GameXN"="c:\documents and settings\All Users\Data aplikací\GameXN\GameXNGO.exe" [2011-09-02 347008]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"S3TRAY2"="S3Tray2.exe" [2001-10-11 69632]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2010-04-22 128296]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-04-22 1725736]
"ATIModeChange"="Ati2mdxx.exe" [2001-09-04 28672]
"BluetoothAuthenticationAgent"="irprops.cpl" [2008-04-14 380928]
"TPHOTKEY"="c:\progra~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe" [2003-08-07 94208]
"BMMGAG"="c:\progra~1\ThinkPad\UTILIT~1\pwrmonit.dll" [2002-11-01 64000]
"TPTRAY"="c:\progra~1\ThinkPad\UTILIT~1\TP98TRAY.EXE" [2002-11-01 48640]
"TPKMAPHELPER"="c:\program files\ThinkPad\Utilities\TpKmapAp.exe" [2003-08-08 897024]
"TP4EX"="tp4ex.exe" [2002-09-04 53248]
"NPDTray"="c:\progra~1\ThinkPad\UTILIT~1\NPDTray.exe" [2002-10-30 204800]
"EZEJMNAP"="c:\progra~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe" [2002-11-01 204800]
"AGRSMMSG"="AGRSMMSG.exe" [2002-10-18 87751]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2003-04-29 315392]
"Smapp"="c:\program files\Analog Devices\SoundMAX\Smtray.exe" [2002-06-26 90112]
"PRONoMgr.exe"="c:\program files\Intel\NCS\PROSet\PRONoMgr.exe" [2002-10-23 86016]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-05-14 2029640]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QCWLICON]
2003-03-27 01:06 53248 ----a-w- c:\program files\ThinkPad\ConnectUtilities\QCWLICON.EXE
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\GameXN\\GameXNGO.exe"=
"c:\\Program Files\\Adobe\\Acrobat 6.0 CE\\Reader\\AcroRd32.exe"=
"c:\\Program Files\\Google\\Update\\GoogleUpdate.exe"=
"c:\\Program Files\\Windows Media Player\\wmplayer.exe"=
"c:\\Program Files\\Outlook Express\\msimn.exe"=
.
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [14.5.2009 15:47 107256]
R1 oxser;OX16C95x Serial port driver;c:\windows\system32\drivers\gccoxser.sys [11.2.2004 11:21 116603]
R1 TPPWR;TPPWR;c:\windows\system32\drivers\TPPWR.SYS [27.2.2004 16:39 12288]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [14.5.2009 15:47 731840]
R2 Ethpdrv;Ethernet Packet Driver;c:\windows\system32\drivers\ethpdrv.sys [11.8.2008 8:06 9728]
S1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [14.5.2009 15:49 94360]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [5.4.2011 20:09 136176]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\drivers\adusbser.sys [9.10.2007 7:53 93440]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [5.4.2011 20:09 136176]
S3 IpwP;IPWireless 3G PCMCIA Network Adapter;c:\windows\system32\drivers\ipwpnet.sys [11.8.2008 8:06 43184]
S3 LucentSoftModem;Lucent Technologies Soft Modem;c:\windows\system32\drivers\LTSM.sys [22.10.2002 17:29 802683]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
iisadmin
zdeviceservice
inotask
SRTSPL
Wpsnuio
NsTrcNT
x10nets
mssqlserveradhelper
w800mdfl
ghoststartservice
EMCFILT
wdelmgr20
tsmservice
wlsetupsvc
StkScan
StickyMesger
wmccdsls
3comtftp
vproeventmonitor
3dkeybd
BsHelpCS
susbser
nvenetfd
dbustrcm
deckzpsx
aalogger
.
Obsah adresáře 'Naplánované úlohy'
.
2004-02-27 c:\windows\Tasks\BMMTask.job
- c:\progra~1\ThinkPad\UTILIT~1\BMMTASK.EXE [2004-02-27 00:31]
.
2012-03-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-04-05 18:09]
.
2012-03-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-04-05 18:09]
.
2004-03-16 c:\windows\Tasks\Připomenutí registrace 1.job
- c:\windows\System32\OOBE\oobebaln.exe [2002-10-22 03:22]
.
2004-03-16 c:\windows\Tasks\Připomenutí registrace 3.job
- c:\windows\System32\OOBE\oobebaln.exe [2002-10-22 03:22]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.130.111
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {37B7C7C6-BCD8-11D7-BD5C-00C026104E7F} - hxxp://jav.webreport.cz/sdp/dload/10031_6_CZ_dload.exe
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-03-30 14:30
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-16490560-2573936550-1501348290-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2a,b9,de,d1,dd,53,aa,41,b9,74,9a,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2a,b9,de,d1,dd,53,aa,41,b9,74,9a,\
.
[HKEY_USERS\S-1-5-21-16490560-2573936550-1501348290-500\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(592)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(284)
c:\progra~1\ThinkPad\UTILIT~1\pwrmonit.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\ibmpmsvc.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\System32\S24EvMon.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\RunDll32.exe
c:\program files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe
c:\program files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe
c:\windows\AGRSMMSG.exe
c:\windows\System32\QCONSVC.EXE
c:\windows\System32\RegSrvc.exe
c:\program files\Analog Devices\SoundMAX\SMAgent.exe
c:\windows\system32\TpKmpSVC.exe
c:\windows\system32\wscntfy.exe
c:\windows\System32\sstext3d.scr
.
**************************************************************************
.
Celkový čas: 2012-03-30 14:45:48 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-03-30 12:45
.
Před spuštěním: Volných bajtů: 20 204 146 688
Po spuštění: Volných bajtů: 21 203 533 824
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
.
- - End Of File - - DA43D359705FAC31B79B5AB35C1A9BDB

***********************
TADY JE HJT log po projetí CF
***********************

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:56:57, on 30.3.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
C:\WINDOWS\system32\RunDll32.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\TP98TRAY.EXE
C:\PROGRA~1\ThinkPad\UTILIT~1\NPDTray.exe
C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Common Files\RTE\RTEGPRS.exe
C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe
C:\Documents and Settings\All Users\Data aplikací\GameXN\GameXNGO.exe
C:\Documents and Settings\All Users\Data aplikací\GameXN\GameXNGO.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\System32\QCONSVC.EXE
C:\WINDOWS\System32\RegSrvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\TpKmpSVC.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Administrator\Plocha\AV\HijackThis(2).exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O4 - HKLM\..\Run: [S3TRAY2] S3Tray2.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [BMMGAG] RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor
O4 - HKLM\..\Run: [TPTRAY] C:\PROGRA~1\ThinkPad\UTILIT~1\TP98TRAY.EXE
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [NPDTray] C:\PROGRA~1\ThinkPad\UTILIT~1\NPDTray.exe
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [RTEGPRS] "C:\Program Files\Common Files\RTE\RTEGPRS.exe" tray
O4 - HKCU\..\Run: [T-Mobile Communication Centre] "C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe"
O4 - HKCU\..\Run: [GameXN (update)] "C:\Documents and Settings\All Users\Data aplikací\GameXN\GameXNGO.exe" /u
O4 - HKCU\..\Run: [GameXN (news)] "C:\Documents and Settings\All Users\Data aplikací\GameXN\GameXNGO.exe" /n
O4 - HKCU\..\Run: [GameXN] "C:\Documents and Settings\All Users\Data aplikací\GameXN\GameXNGO.exe" /silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {37B7C7C6-BCD8-11D7-BD5C-00C026104E7F} - http://jav.webreport.cz/sdp/dload/10031_6_CZ_dload.exe
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: QCONSVC - Unknown owner - C:\WINDOWS\System32\QCONSVC.EXE
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe

--
End of file - 7754 bytes
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: sirefef v ipsec.sys

#2 Příspěvek od vyosek »

Zdravim a pekny den preji :)

:arrow: Vy umite pouzivat ComboFix? Ten se pouziva jen na doporuceni jelikoz umi pekne zbourat system - nota bene v pripade Sirefeva :?:

:arrow: HJT je mi na nic, je slaby, navic po CF je uplne na nic...

:arrow: Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
  • Ukoncete vsechny programy
  • Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
  • Pockejte na dokonceni PreScanu
  • Zvolte moznost Prohledat (scan)
  • Po dokonceni skenu kliknete na Zpráva (Report)- otevre se log, ten sem vlozte
:arrow: Stahnete MBRScan http://eric71.geekstogo.com/tools/MbrScan.exe
  • Ulozte nejlepe na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na MBRScan pravym a dejte Run As Administrator ci Spustit jako spravce
  • Kliknete na Report
  • Po chvilce se objevi log do souboru MBRScan.txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
looker
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 22 čer 2009 12:35

Re: sirefef v ipsec.sys

#3 Příspěvek od looker »

Děkuji, trošku jsem se nechal unést inspirací z jiného příběhu s dolováním sirefefu ;-)

tady je roque log:

RogueKiller V7.3.2 [03/20/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Operační systém: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v: Normální režim
Uživatel: Administrator [Práva správce]
Mód: Kontrola -- Datum: 03/30/2012 15:36:06

¤¤¤ Škodlivé procesy: 0 ¤¤¤

¤¤¤ Záznamy Registrů: 2 ¤¤¤
[BLACKLIST DLL] HKLM\[...]\Run : BluetoothAuthenticationAgent (rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač: [NAHRÁNO] ¤¤¤
SSDT[19] : NtAssignProcessToJobObject @ 0x805A2C27 -> HOOKED (Unknown @ 0x82392C90)
SSDT[57] : NtDebugActiveProcess @ 0x8065BF7D -> HOOKED (Unknown @ 0x82393200)
SSDT[68] : NtDuplicateObject @ 0x805748C2 -> HOOKED (Unknown @ 0x823932F0)
SSDT[122] : NtOpenProcess @ 0x80574AA9 -> HOOKED (Unknown @ 0x82392590)
SSDT[128] : NtOpenThread @ 0x8059323B -> HOOKED (Unknown @ 0x82392800)
SSDT[137] : NtProtectVirtualMemory @ 0x80574E58 -> HOOKED (Unknown @ 0x82392FD0)
SSDT[180] : NtQueueApcThread @ 0x8058F954 -> HOOKED (Unknown @ 0x823930E0)
SSDT[213] : NtSetContextThread @ 0x8062E33F -> HOOKED (Unknown @ 0x82392EC0)
SSDT[229] : NtSetInformationThread @ 0x8056C516 -> HOOKED (Unknown @ 0x82392D90)
SSDT[237] : NtSetSecurityObject @ 0x8059D2BD -> HOOKED (Unknown @ 0x8238FDA0)
SSDT[253] : NtSuspendProcess @ 0x8062FF21 -> HOOKED (Unknown @ 0x82392B90)
SSDT[254] : NtSuspendThread @ 0x805E05AB -> HOOKED (Unknown @ 0x82392A80)
SSDT[257] : NtTerminateProcess @ 0x805839B9 -> HOOKED (Unknown @ 0x823926E0)
SSDT[258] : NtTerminateThread @ 0x80577F1F -> HOOKED (Unknown @ 0x82392A50)
SSDT[277] : NtWriteVirtualMemory @ 0x8057F712 -> HOOKED (Unknown @ 0x823936D0)
IRP[IRP_MJ_INTERNAL_DEVICE_CONTROL] : atapi.sys -> HOOKED ([MAJOR] sfsync02.sys @ 0xF8945D60)

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: IC25N040ATMR04-0 +++++
--- User ---
[MBR] e663bbc9bb3ec0bb5af327919ed65f69
[BSP] 6f4f778c878738c4f6da4c8c4b14e887 : Windows Vista/7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 35208 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[1].txt >>
RKreport[1].txt


a tady mbrscal log

Kód: Vybrat vše

MBRScan v1.1.1

OS             : Windows XP Home Service Pack 3 (32 bit)
PROCESSOR      : x86 Family 6 Model 9 Stepping 5, GenuineIntel
BOOT           : Normal Boot
DATE           : 2012/03/30 (ISO 8601) at 15:39:57
________________________________________________________________________________

DISK           : Device\Harddisk0\DR0 __IC25N040ATMR04-0 (MO2OAD4A)
BUS_TYPE       : (0x03)  P-ATA
USE_PIO        : YES
MAX_TRANSFER   : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________

Device\Harddisk0\DR0	34.39 Go  [Fixed] ==> Unknown MBR Code

MBR_MD5   : E663BBC9BB3EC0BB5AF327919ED65F69
MBR_SHA1  : AB58F5D125D3ED14CE8FE27AE4603CC34E69C1E0

Device\Harddisk0\Partition1	34.38 Go  	0x07 NTFS / HPFS __ BOOTABLE __
________________________________________________________________________________

############################### Additional scan ################################

DRIVER  : C:\WINDOWS\System32\Drivers\dump_atapi.sys => Invisible on the disk
ADDRESS : 0xEDC1D000
SIZE    : 96.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS => Invisible on the disk
ADDRESS : 0xF8BDF000
SIZE    : 8.0 Ko

SystemStartOptions : FASTDETECT  NOEXECUTE=OPTIN

________________________________________________________________________________

_______MBR   \Device\Harddisk0\DR0  

0x00000000   FA 33 C0 8E C0 8E D8 8E D0 BC 00 7C 8B F4 FB FC   ú3À.À.Ø.м.|.ôûü
0x00000010   BF 00 06 B9 00 01 F3 A5 B8 DF 06 50 C3 00 0F 00   ¿..¹..ó¥¸ß.PÃ...
0x00000020   01 0A 45 72 72 6F 72 20 6C 6F 61 64 69 6E 67 20   ..Error loading 
0x00000030   6F 70 65 72 61 74 69 6E 67 20 73 79 73 74 65 6D   operating system
0x00000040   0A 0D 00 0A 49 6E 76 61 6C 69 64 20 70 61 72 74   ....Invalid part
0x00000050   69 74 69 6F 6E 20 74 61 62 6C 65 0A 0D 00 50 72   ition table...Pr
0x00000060   65 73 73 20 6B 65 79 20 74 6F 20 72 65 62 6F 6F   ess key to reboo
0x00000070   74 20 0A 0D 00 80 7C 04 0C 74 1A 80 7C 04 0E 74   t ....|..t..|..t
0x00000080   14 81 7C 0A FA 00 73 0D 8B 4C 02 8B 14 B2 80 B8   ..|.ú.s..L...².¸
0x00000090   01 02 CD 13 C3 56 8B C3 87 DE BE 00 06 C7 04 10   ..Í.ÃV.Ã.Þ¾..Ç..
0x000000A0   00 C7 44 02 01 00 89 44 04 8C 5C 06 8B 47 08 89   .ÇD....D..\..G..
0x000000B0   44 08 8B 47 0A 89 44 0A C7 44 0C 00 00 C7 44 0E   D..G..D.ÇD...ÇD.
0x000000C0   00 00 B2 80 BB AA 55 B8 00 42 CD 13 5E C3 B9 04   ..².»ªU¸.BÍ.^ù.
0x000000D0   00 BE BE 07 F6 04 80 75 05 83 C6 10 E2 F6 C3 80   .¾¾.ö..u..Æ.âöÃ.
0x000000E0   3E 1D 06 FE 75 23 B8 01 03 BB B8 07 BA 80 00 C7   >..þu#¸..»¸.º..Ç
0x000000F0   47 02 00 00 C7 07 00 00 81 EB B8 01 B9 01 00 C6   G...Ç....ë¸.¹..Æ
0x00000100   06 1D 06 00 CD 13 E9 99 00 B8 02 02 8B DF B9 02   ....Í.é..¸...ß¹.
0x00000110   00 BA 80 00 CD 13 72 49 8B FE 8B F3 B9 00 02 F3   .º..Í.rI.þ.ó¹..ó
0x00000120   A5 BE 00 08 81 BC FE 01 AA 55 75 35 81 BC FE 03   ¥¾...¼þ.ªUu5.¼þ.
0x00000130   55 AA 75 2D B9 00 02 BB 00 00 AD 03 D8 E2 FB 83   Uªu-¹..»..­.Øâû.
0x00000140   FB 00 75 1D E8 19 02 74 18 A0 1D 06 3C FF 75 05   û.u.è..t....<.u.
0x00000150   E8 8F 01 EB 04 3C 00 77 0F E9 C4 02 E8 CD 00 73   è..ë.<.w.éÄ.èÍ.s
0x00000160   12 E8 6A FF 74 2C EB 10 2C 10 3C 04 73 EE E8 8F   .èj.t,ë.,.<.sîè.
0x00000170   00 74 E9 56 E8 A2 01 5E BB 00 7C E8 F7 FE 72 0D   .téVè¢.^».|è÷þr.
0x00000180   81 3E FE 7D 55 AA 75 05 B8 00 7C 50 C3 BE 21 06   .>þ}Uªu.¸.|Pþ!.
0x00000190   EB 03 BE 43 06 E8 14 00 BE 5E 06 E8 0E 00 B4 10   ë.¾C.è..¾^.è..´.
0x000001A0   CD 16 CD 19 BB 07 00 B4 0E CD 10 C3 AC 3C 00 74   Í.Í.»..´.Í.ì<.t
0x000001B0   05 E8 F0 FF EB F6 C3 00 CD CC CD CC 00 00 80 01   .èð.ëöÃ.ÍÌÍÌ....
0x000001C0   01 00 07 EF FF FF 3F 00 00 00 D1 44 4C 04 00 00   ...ï..?...ÑDL...
0x000001D0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: sirefef v ipsec.sys

#4 Příspěvek od vyosek »

:arrow: Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe
  • Kliknete na volbu Change parametrs
  • V obou oknech (Objects to scan i Additional Option) zakliknete vsechny moznosti - ve vsech ctvereccich musi mit fajecka
  • Kliknete na OK
  • Utilite prikazte, at skenuje - klik na Start Scan
  • Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip
  • Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip
  • Pokud mate vsude Skip, kliknete na Continue
  • Na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt bude log - jeho obsah sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
looker
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 22 čer 2009 12:35

Re: sirefef v ipsec.sys

#5 Příspěvek od looker »

Provedeno, akorát na to stroji nebylo možné scrolovat v těch výsledcích, musel jsem se posouvat skokově a bohužel jsem přehlíd akci Cure u toho ipsec, stejně to ale nešlo. Tak se omlouvám, to mi uteklo. :-(

16:24:02.0099 2688 TDSS rootkit removing tool 2.7.23.0 Mar 26 2012 13:40:18
16:24:02.0119 2688 ============================================================
16:24:02.0119 2688 Current date / time: 2012/03/30 16:24:02.0119
16:24:02.0119 2688 SystemInfo:
16:24:02.0119 2688
16:24:02.0119 2688 OS Version: 5.1.2600 ServicePack: 3.0
16:24:02.0119 2688 Product type: Workstation
16:24:02.0139 2688 ComputerName: OPPCBOOKREDITEL
16:24:02.0139 2688 UserName: Administrator
16:24:02.0139 2688 Windows directory: C:\WINDOWS
16:24:02.0139 2688 System windows directory: C:\WINDOWS
16:24:02.0139 2688 Processor architecture: Intel x86
16:24:02.0139 2688 Number of processors: 1
16:24:02.0139 2688 Page size: 0x1000
16:24:02.0139 2688 Boot type: Normal boot
16:24:02.0139 2688 ============================================================
16:24:04.0512 2688 Drive \Device\Harddisk0\DR0 - Size: 0x898B7EA00 (34.39 Gb), SectorSize: 0x200, Cylinders: 0x12A1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054
16:24:04.0512 2688 \Device\Harddisk0\DR0:
16:24:04.0512 2688 MBR used
16:24:04.0512 2688 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x44C44D1
16:24:04.0762 2688 Initialize success
16:24:04.0762 2688 ============================================================
16:24:53.0172 2152 ============================================================
16:24:53.0172 2152 Scan started
16:24:53.0172 2152 Mode: Manual; SigCheck; TDLFS;
16:24:53.0172 2152 ============================================================
16:24:53.0743 2152 3comtftp - ok
16:24:53.0893 2152 3dkeybd - ok
16:24:54.0003 2152 aalogger - ok
16:24:54.0184 2152 Abiosdsk - ok
16:24:54.0334 2152 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\System32\DRIVERS\ABP480N5.SYS
16:24:55.0766 2152 abp480n5 ( UnsignedFile.Multi.Generic ) - warning
16:24:55.0766 2152 abp480n5 - detected UnsignedFile.Multi.Generic (1)
16:24:55.0956 2152 ac97intc (0f2d66d5f08ebe2f77bb904288dcf6f0) C:\WINDOWS\system32\drivers\ac97intc.sys
16:24:56.0076 2152 ac97intc ( UnsignedFile.Multi.Generic ) - warning
16:24:56.0076 2152 ac97intc - detected UnsignedFile.Multi.Generic (1)
16:24:56.0267 2152 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
16:24:56.0357 2152 ACPI ( UnsignedFile.Multi.Generic ) - warning
16:24:56.0357 2152 ACPI - detected UnsignedFile.Multi.Generic (1)
16:24:56.0557 2152 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
16:24:56.0657 2152 ACPIEC ( UnsignedFile.Multi.Generic ) - warning
16:24:56.0657 2152 ACPIEC - detected UnsignedFile.Multi.Generic (1)
16:24:56.0837 2152 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\System32\DRIVERS\adpu160m.sys
16:24:56.0907 2152 adpu160m ( UnsignedFile.Multi.Generic ) - warning
16:24:56.0907 2152 adpu160m - detected UnsignedFile.Multi.Generic (1)
16:24:57.0098 2152 adusbser (b49ddd6196584aaded16ee11aa72e1e2) C:\WINDOWS\system32\DRIVERS\adusbser.sys
16:24:57.0188 2152 adusbser ( UnsignedFile.Multi.Generic ) - warning
16:24:57.0188 2152 adusbser - detected UnsignedFile.Multi.Generic (1)
16:24:57.0378 2152 aeaudio (b2886807ac2543da273765cef4d82d68) C:\WINDOWS\system32\drivers\aeaudio.sys
16:24:57.0508 2152 aeaudio ( UnsignedFile.Multi.Generic ) - warning
16:24:57.0508 2152 aeaudio - detected UnsignedFile.Multi.Generic (1)
16:24:57.0729 2152 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
16:24:57.0799 2152 aec ( UnsignedFile.Multi.Generic ) - warning
16:24:57.0819 2152 aec - detected UnsignedFile.Multi.Generic (1)
16:24:58.0019 2152 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
16:24:58.0430 2152 AFD - ok
16:24:58.0710 2152 AgereSoftModem (ed5c8b22de2021339a7c7fccfe5c5d7e) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
16:24:58.0930 2152 AgereSoftModem ( UnsignedFile.Multi.Generic ) - warning
16:24:58.0930 2152 AgereSoftModem - detected UnsignedFile.Multi.Generic (1)
16:24:59.0111 2152 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
16:24:59.0211 2152 agp440 ( UnsignedFile.Multi.Generic ) - warning
16:24:59.0211 2152 agp440 - detected UnsignedFile.Multi.Generic (1)
16:24:59.0391 2152 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\System32\DRIVERS\agpCPQ.sys
16:24:59.0501 2152 agpCPQ ( UnsignedFile.Multi.Generic ) - warning
16:24:59.0501 2152 agpCPQ - detected UnsignedFile.Multi.Generic (1)
16:24:59.0691 2152 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\System32\DRIVERS\aha154x.sys
16:24:59.0752 2152 Aha154x ( UnsignedFile.Multi.Generic ) - warning
16:24:59.0752 2152 Aha154x - detected UnsignedFile.Multi.Generic (1)
16:24:59.0922 2152 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\System32\DRIVERS\aic78u2.sys
16:25:00.0012 2152 aic78u2 ( UnsignedFile.Multi.Generic ) - warning
16:25:00.0012 2152 aic78u2 - detected UnsignedFile.Multi.Generic (1)
16:25:00.0182 2152 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\System32\DRIVERS\aic78xx.sys
16:25:00.0272 2152 aic78xx ( UnsignedFile.Multi.Generic ) - warning
16:25:00.0272 2152 aic78xx - detected UnsignedFile.Multi.Generic (1)
16:25:00.0382 2152 Alerter (e0a6fa244b8624d78fe5ff6f56a33bae) C:\WINDOWS\system32\alrsvc.dll
16:25:00.0483 2152 Alerter ( UnsignedFile.Multi.Generic ) - warning
16:25:00.0483 2152 Alerter - detected UnsignedFile.Multi.Generic (1)
16:25:00.0663 2152 ALG (88842de939a827577bf24243699ac80a) C:\WINDOWS\System32\alg.exe
16:25:00.0733 2152 ALG ( UnsignedFile.Multi.Generic ) - warning
16:25:00.0733 2152 ALG - detected UnsignedFile.Multi.Generic (1)
16:25:00.0903 2152 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\System32\DRIVERS\aliide.sys
16:25:01.0003 2152 AliIde ( UnsignedFile.Multi.Generic ) - warning
16:25:01.0003 2152 AliIde - detected UnsignedFile.Multi.Generic (1)
16:25:01.0184 2152 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\System32\DRIVERS\alim1541.sys
16:25:01.0264 2152 alim1541 ( UnsignedFile.Multi.Generic ) - warning
16:25:01.0264 2152 alim1541 - detected UnsignedFile.Multi.Generic (1)
16:25:01.0464 2152 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\System32\DRIVERS\amdagp.sys
16:25:01.0554 2152 amdagp ( UnsignedFile.Multi.Generic ) - warning
16:25:01.0554 2152 amdagp - detected UnsignedFile.Multi.Generic (1)
16:25:01.0734 2152 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\System32\DRIVERS\amsint.sys
16:25:01.0815 2152 amsint ( UnsignedFile.Multi.Generic ) - warning
16:25:01.0815 2152 amsint - detected UnsignedFile.Multi.Generic (1)
16:25:01.0965 2152 AppMgmt (6b8e7a90e576d4fe308f97c69060a171) C:\WINDOWS\System32\appmgmts.dll
16:25:02.0055 2152 AppMgmt ( UnsignedFile.Multi.Generic ) - warning
16:25:02.0055 2152 AppMgmt - detected UnsignedFile.Multi.Generic (1)
16:25:02.0235 2152 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
16:25:02.0315 2152 Arp1394 ( UnsignedFile.Multi.Generic ) - warning
16:25:02.0335 2152 Arp1394 - detected UnsignedFile.Multi.Generic (1)
16:25:02.0546 2152 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\System32\DRIVERS\asc.sys
16:25:02.0646 2152 asc ( UnsignedFile.Multi.Generic ) - warning
16:25:02.0646 2152 asc - detected UnsignedFile.Multi.Generic (1)
16:25:02.0836 2152 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\System32\DRIVERS\asc3350p.sys
16:25:02.0896 2152 asc3350p ( UnsignedFile.Multi.Generic ) - warning
16:25:02.0896 2152 asc3350p - detected UnsignedFile.Multi.Generic (1)
16:25:03.0086 2152 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\System32\DRIVERS\asc3550.sys
16:25:03.0166 2152 asc3550 ( UnsignedFile.Multi.Generic ) - warning
16:25:03.0166 2152 asc3550 - detected UnsignedFile.Multi.Generic (1)
16:25:03.0377 2152 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
16:25:03.0457 2152 AsyncMac ( UnsignedFile.Multi.Generic ) - warning
16:25:03.0457 2152 AsyncMac - detected UnsignedFile.Multi.Generic (1)
16:25:03.0657 2152 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
16:25:03.0737 2152 atapi ( UnsignedFile.Multi.Generic ) - warning
16:25:03.0737 2152 atapi - detected UnsignedFile.Multi.Generic (1)
16:25:03.0898 2152 Atdisk - ok
16:25:04.0038 2152 Ati HotKey Poller (09980edfd86c00d287680082459347e6) C:\WINDOWS\system32\Ati2evxx.exe
16:25:04.0248 2152 Ati HotKey Poller - ok
16:25:04.0508 2152 ati2mtag (ac3f2994b91839a1096565211b81bd4a) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
16:25:04.0679 2152 ati2mtag - ok
16:25:04.0859 2152 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
16:25:05.0009 2152 Atmarpc ( UnsignedFile.Multi.Generic ) - warning
16:25:05.0009 2152 Atmarpc - detected UnsignedFile.Multi.Generic (1)
16:25:05.0189 2152 AudioSrv (de31b88962a8645dba5a37b993e7b0f1) C:\WINDOWS\System32\audiosrv.dll
16:25:05.0280 2152 AudioSrv ( UnsignedFile.Multi.Generic ) - warning
16:25:05.0300 2152 AudioSrv - detected UnsignedFile.Multi.Generic (1)
16:25:05.0540 2152 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
16:25:05.0600 2152 audstub ( UnsignedFile.Multi.Generic ) - warning
16:25:05.0600 2152 audstub - detected UnsignedFile.Multi.Generic (1)
16:25:05.0800 2152 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
16:25:05.0860 2152 Beep ( UnsignedFile.Multi.Generic ) - warning
16:25:05.0860 2152 Beep - detected UnsignedFile.Multi.Generic (1)
16:25:06.0001 2152 BITS (19395d092fd85ddc2d9c7729cf5a2ac8) C:\WINDOWS\system32\qmgr.dll
16:25:06.0141 2152 BITS ( UnsignedFile.Multi.Generic ) - warning
16:25:06.0141 2152 BITS - detected UnsignedFile.Multi.Generic (1)
16:25:06.0301 2152 Browser (249276d3ef1e74b992299cb96099e4d7) C:\WINDOWS\System32\browser.dll
16:25:06.0381 2152 Browser ( UnsignedFile.Multi.Generic ) - warning
16:25:06.0381 2152 Browser - detected UnsignedFile.Multi.Generic (1)
16:25:06.0501 2152 BsHelpCS - ok
16:25:06.0511 2152 catchme - ok
16:25:06.0662 2152 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\System32\DRIVERS\cbidf2k.sys
16:25:06.0762 2152 cbidf ( UnsignedFile.Multi.Generic ) - warning
16:25:06.0762 2152 cbidf - detected UnsignedFile.Multi.Generic (1)
16:25:06.0892 2152 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
16:25:06.0942 2152 cbidf2k ( UnsignedFile.Multi.Generic ) - warning
16:25:06.0942 2152 cbidf2k - detected UnsignedFile.Multi.Generic (1)
16:25:07.0122 2152 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
16:25:07.0212 2152 CCDECODE ( UnsignedFile.Multi.Generic ) - warning
16:25:07.0212 2152 CCDECODE - detected UnsignedFile.Multi.Generic (1)
16:25:07.0383 2152 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\System32\DRIVERS\cd20xrnt.sys
16:25:07.0513 2152 cd20xrnt ( UnsignedFile.Multi.Generic ) - warning
16:25:07.0513 2152 cd20xrnt - detected UnsignedFile.Multi.Generic (1)
16:25:07.0703 2152 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
16:25:07.0783 2152 Cdaudio ( UnsignedFile.Multi.Generic ) - warning
16:25:07.0783 2152 Cdaudio - detected UnsignedFile.Multi.Generic (1)
16:25:07.0983 2152 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
16:25:08.0084 2152 Cdfs ( UnsignedFile.Multi.Generic ) - warning
16:25:08.0084 2152 Cdfs - detected UnsignedFile.Multi.Generic (1)
16:25:08.0254 2152 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
16:25:08.0364 2152 Cdrom ( UnsignedFile.Multi.Generic ) - warning
16:25:08.0364 2152 Cdrom - detected UnsignedFile.Multi.Generic (1)
16:25:08.0524 2152 Changer - ok
16:25:08.0654 2152 CiSvc (e390dc1d7c461d7d56ec53402f329928) C:\WINDOWS\system32\cisvc.exe
16:25:08.0704 2152 CiSvc ( UnsignedFile.Multi.Generic ) - warning
16:25:08.0704 2152 CiSvc - detected UnsignedFile.Multi.Generic (1)
16:25:08.0855 2152 ClipSrv (064507a8dfa8c5c7e2ffddd3e6f424fa) C:\WINDOWS\system32\clipsrv.exe
16:25:08.0945 2152 ClipSrv ( UnsignedFile.Multi.Generic ) - warning
16:25:08.0945 2152 ClipSrv - detected UnsignedFile.Multi.Generic (1)
16:25:09.0115 2152 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
16:25:09.0195 2152 CmBatt ( UnsignedFile.Multi.Generic ) - warning
16:25:09.0195 2152 CmBatt - detected UnsignedFile.Multi.Generic (1)
16:25:09.0375 2152 CmdIde (964d0f042aca51d5644779eb9d9ee40f) C:\WINDOWS\System32\DRIVERS\cmdide.sys
16:25:09.0466 2152 CmdIde ( UnsignedFile.Multi.Generic ) - warning
16:25:09.0466 2152 CmdIde - detected UnsignedFile.Multi.Generic (1)
16:25:09.0646 2152 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
16:25:09.0726 2152 Compbatt ( UnsignedFile.Multi.Generic ) - warning
16:25:09.0726 2152 Compbatt - detected UnsignedFile.Multi.Generic (1)
16:25:09.0826 2152 COMSysApp - ok
16:25:09.0906 2152 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\System32\DRIVERS\cpqarray.sys
16:25:10.0016 2152 Cpqarray ( UnsignedFile.Multi.Generic ) - warning
16:25:10.0016 2152 Cpqarray - detected UnsignedFile.Multi.Generic (1)
16:25:10.0147 2152 CryptSvc (f3ab0933cbd166d271992f411c27ccaf) C:\WINDOWS\System32\cryptsvc.dll
16:25:10.0237 2152 CryptSvc ( UnsignedFile.Multi.Generic ) - warning
16:25:10.0237 2152 CryptSvc - detected UnsignedFile.Multi.Generic (1)
16:25:10.0427 2152 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\System32\DRIVERS\dac2w2k.sys
16:25:10.0537 2152 dac2w2k ( UnsignedFile.Multi.Generic ) - warning
16:25:10.0537 2152 dac2w2k - detected UnsignedFile.Multi.Generic (1)
16:25:10.0727 2152 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\System32\DRIVERS\dac960nt.sys
16:25:10.0807 2152 dac960nt ( UnsignedFile.Multi.Generic ) - warning
16:25:10.0807 2152 dac960nt - detected UnsignedFile.Multi.Generic (1)
16:25:10.0888 2152 dbustrcm - ok
16:25:11.0068 2152 DcomLaunch (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\system32\rpcss.dll
16:25:11.0158 2152 DcomLaunch ( UnsignedFile.Multi.Generic ) - warning
16:25:11.0158 2152 DcomLaunch - detected UnsignedFile.Multi.Generic (1)
16:25:11.0278 2152 deckzpsx - ok
16:25:11.0418 2152 Dhcp (8c9a53e285ac5e6704844d0459ec85be) C:\WINDOWS\System32\dhcpcsvc.dll
16:25:11.0498 2152 Dhcp ( UnsignedFile.Multi.Generic ) - warning
16:25:11.0498 2152 Dhcp - detected UnsignedFile.Multi.Generic (1)
16:25:11.0699 2152 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
16:25:11.0799 2152 Disk ( UnsignedFile.Multi.Generic ) - warning
16:25:11.0799 2152 Disk - detected UnsignedFile.Multi.Generic (1)
16:25:11.0899 2152 dmadmin - ok
16:25:12.0169 2152 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
16:25:12.0300 2152 dmboot ( UnsignedFile.Multi.Generic ) - warning
16:25:12.0300 2152 dmboot - detected UnsignedFile.Multi.Generic (1)
16:25:12.0520 2152 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
16:25:12.0590 2152 dmio ( UnsignedFile.Multi.Generic ) - warning
16:25:12.0590 2152 dmio - detected UnsignedFile.Multi.Generic (1)
16:25:12.0760 2152 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
16:25:12.0890 2152 dmload ( UnsignedFile.Multi.Generic ) - warning
16:25:12.0890 2152 dmload - detected UnsignedFile.Multi.Generic (1)
16:25:13.0011 2152 dmserver (2bfefe9e865655a76982f050450b9591) C:\WINDOWS\System32\dmserver.dll
16:25:13.0111 2152 dmserver ( UnsignedFile.Multi.Generic ) - warning
16:25:13.0111 2152 dmserver - detected UnsignedFile.Multi.Generic (1)
16:25:13.0331 2152 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
16:25:13.0401 2152 DMusic ( UnsignedFile.Multi.Generic ) - warning
16:25:13.0401 2152 DMusic - detected UnsignedFile.Multi.Generic (1)
16:25:13.0662 2152 Dnscache (dfaa406bf19f4ee806a6f8d4342137f7) C:\WINDOWS\System32\dnsrslvr.dll
16:25:13.0762 2152 Dnscache - ok
16:25:13.0922 2152 Dot3svc (4a3e2bd20157a0946751229e92eb8621) C:\WINDOWS\System32\dot3svc.dll
16:25:14.0022 2152 Dot3svc ( UnsignedFile.Multi.Generic ) - warning
16:25:14.0022 2152 Dot3svc - detected UnsignedFile.Multi.Generic (1)
16:25:14.0212 2152 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\System32\DRIVERS\dpti2o.sys
16:25:14.0313 2152 dpti2o ( UnsignedFile.Multi.Generic ) - warning
16:25:14.0313 2152 dpti2o - detected UnsignedFile.Multi.Generic (1)
16:25:14.0633 2152 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
16:25:14.0723 2152 drmkaud ( UnsignedFile.Multi.Generic ) - warning
16:25:14.0723 2152 drmkaud - detected UnsignedFile.Multi.Generic (1)
16:25:14.0973 2152 E100B (01e9cbf441800228391bdeaa41449430) C:\WINDOWS\system32\DRIVERS\e100b325.sys
16:25:15.0044 2152 E100B ( UnsignedFile.Multi.Generic ) - warning
16:25:15.0044 2152 E100B - detected UnsignedFile.Multi.Generic (1)
16:25:15.0244 2152 eamon (e31464ce787e3a0ffea55baa591897f0) C:\WINDOWS\system32\DRIVERS\eamon.sys
16:25:15.0364 2152 eamon - ok
16:25:15.0524 2152 EapHost (0887d9c2be8d940778cad1e3b85f2a41) C:\WINDOWS\System32\eapsvc.dll
16:25:15.0614 2152 EapHost ( UnsignedFile.Multi.Generic ) - warning
16:25:15.0614 2152 EapHost - detected UnsignedFile.Multi.Generic (1)
16:25:15.0825 2152 ehdrv (2c95a7a87e4272c1fff9baf579677db3) C:\WINDOWS\system32\DRIVERS\ehdrv.sys
16:25:15.0845 2152 ehdrv - ok
16:25:15.0955 2152 EhttpSrv (5e245b6c66122614000addfcd41cedce) C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
16:25:15.0985 2152 EhttpSrv - ok
16:25:16.0065 2152 ekrn (a5f63285c1b6c4b396d9ace0dffc88ef) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
16:25:16.0135 2152 ekrn - ok
16:25:16.0245 2152 EMCFILT - ok
16:25:16.0496 2152 epfwtdir (4699a50183b792d994be657c68f18e9e) C:\WINDOWS\system32\DRIVERS\epfwtdir.sys
16:25:16.0516 2152 epfwtdir - ok
16:25:16.0646 2152 ERSvc (a2a4912798f2be706abadd3d30800d16) C:\WINDOWS\System32\ersvc.dll
16:25:16.0766 2152 ERSvc ( UnsignedFile.Multi.Generic ) - warning
16:25:16.0766 2152 ERSvc - detected UnsignedFile.Multi.Generic (1)
16:25:17.0016 2152 Ethpdrv (076b1a923259f7a10998fa234a01d629) C:\WINDOWS\system32\DRIVERS\ethpdrv.sys
16:25:17.0086 2152 Ethpdrv ( UnsignedFile.Multi.Generic ) - warning
16:25:17.0086 2152 Ethpdrv - detected UnsignedFile.Multi.Generic (1)
16:25:17.0207 2152 Eventlog (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
16:25:17.0307 2152 Eventlog ( UnsignedFile.Multi.Generic ) - warning
16:25:17.0307 2152 Eventlog - detected UnsignedFile.Multi.Generic (1)
16:25:17.0507 2152 EventSystem (a371f11ef07653591c8de26afb13ce7f) C:\WINDOWS\System32\es.dll
16:25:17.0587 2152 EventSystem ( UnsignedFile.Multi.Generic ) - warning
16:25:17.0587 2152 EventSystem - detected UnsignedFile.Multi.Generic (1)
16:25:17.0798 2152 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
16:25:17.0858 2152 Fastfat ( UnsignedFile.Multi.Generic ) - warning
16:25:17.0858 2152 Fastfat - detected UnsignedFile.Multi.Generic (1)
16:25:17.0988 2152 FastUserSwitchingCompatibility (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
16:25:18.0148 2152 FastUserSwitchingCompatibility - ok
16:25:18.0358 2152 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
16:25:18.0418 2152 Fdc ( UnsignedFile.Multi.Generic ) - warning
16:25:18.0438 2152 Fdc - detected UnsignedFile.Multi.Generic (1)
16:25:18.0659 2152 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
16:25:18.0759 2152 Fips ( UnsignedFile.Multi.Generic ) - warning
16:25:18.0759 2152 Fips - detected UnsignedFile.Multi.Generic (1)
16:25:18.0949 2152 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
16:25:19.0059 2152 Flpydisk ( UnsignedFile.Multi.Generic ) - warning
16:25:19.0059 2152 Flpydisk - detected UnsignedFile.Multi.Generic (1)
16:25:19.0260 2152 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
16:25:19.0350 2152 FltMgr ( UnsignedFile.Multi.Generic ) - warning
16:25:19.0350 2152 FltMgr - detected UnsignedFile.Multi.Generic (1)
16:25:19.0520 2152 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:25:19.0590 2152 Fs_Rec ( UnsignedFile.Multi.Generic ) - warning
16:25:19.0590 2152 Fs_Rec - detected UnsignedFile.Multi.Generic (1)
16:25:19.0800 2152 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
16:25:19.0901 2152 Ftdisk ( UnsignedFile.Multi.Generic ) - warning
16:25:19.0901 2152 Ftdisk - detected UnsignedFile.Multi.Generic (1)
16:25:20.0001 2152 ghoststartservice - ok
16:25:20.0191 2152 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
16:25:20.0271 2152 Gpc ( UnsignedFile.Multi.Generic ) - warning
16:25:20.0271 2152 Gpc - detected UnsignedFile.Multi.Generic (1)
16:25:20.0371 2152 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
16:25:20.0391 2152 gupdate - ok
16:25:20.0401 2152 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
16:25:20.0461 2152 gupdatem - ok
16:25:20.0632 2152 gv3 (c7834ac238a4e8fdb8517ce16895f245) C:\WINDOWS\system32\DRIVERS\gv3.sys
16:25:20.0672 2152 gv3 ( UnsignedFile.Multi.Generic ) - warning
16:25:20.0672 2152 gv3 - detected UnsignedFile.Multi.Generic (1)
16:25:20.0792 2152 helpsvc (fcfe31fb75f8a6295b6b0af87a626282) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
16:25:20.0912 2152 helpsvc ( UnsignedFile.Multi.Generic ) - warning
16:25:20.0912 2152 helpsvc - detected UnsignedFile.Multi.Generic (1)
16:25:21.0022 2152 HidServ - ok
16:25:21.0202 2152 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
16:25:21.0273 2152 HidUsb ( UnsignedFile.Multi.Generic ) - warning
16:25:21.0273 2152 HidUsb - detected UnsignedFile.Multi.Generic (1)
16:25:21.0403 2152 hkmsvc (7a6b320928f86bc851530d63c82965d9) C:\WINDOWS\System32\kmsvc.dll
16:25:21.0503 2152 hkmsvc ( UnsignedFile.Multi.Generic ) - warning
16:25:21.0503 2152 hkmsvc - detected UnsignedFile.Multi.Generic (1)
16:25:21.0703 2152 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\System32\DRIVERS\hpn.sys
16:25:21.0773 2152 hpn ( UnsignedFile.Multi.Generic ) - warning
16:25:21.0773 2152 hpn - detected UnsignedFile.Multi.Generic (1)
16:25:21.0964 2152 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
16:25:22.0054 2152 HTTP ( UnsignedFile.Multi.Generic ) - warning
16:25:22.0054 2152 HTTP - detected UnsignedFile.Multi.Generic (1)
16:25:22.0174 2152 HTTPFilter (58fe2f2da3bc5573f4a35b3760d3125f) C:\WINDOWS\System32\w3ssl.dll
16:25:22.0254 2152 HTTPFilter ( UnsignedFile.Multi.Generic ) - warning
16:25:22.0254 2152 HTTPFilter - detected UnsignedFile.Multi.Generic (1)
16:25:22.0444 2152 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
16:25:22.0504 2152 i2omgmt ( UnsignedFile.Multi.Generic ) - warning
16:25:22.0504 2152 i2omgmt - detected UnsignedFile.Multi.Generic (1)
16:25:22.0655 2152 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\System32\DRIVERS\i2omp.sys
16:25:22.0735 2152 i2omp ( UnsignedFile.Multi.Generic ) - warning
16:25:22.0735 2152 i2omp - detected UnsignedFile.Multi.Generic (1)
16:25:22.0925 2152 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
16:25:23.0025 2152 i8042prt ( UnsignedFile.Multi.Generic ) - warning
16:25:23.0025 2152 i8042prt - detected UnsignedFile.Multi.Generic (1)
16:25:23.0155 2152 IBMPMDRV (bf648877413f6160e480814a24942b65) C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys
16:25:23.0195 2152 IBMPMDRV - ok
16:25:23.0366 2152 IBMPMSVC (a75ce11915e4ecc5e1597d6e0f7bb2db) C:\WINDOWS\system32\ibmpmsvc.exe
16:25:23.0386 2152 IBMPMSVC - ok
16:25:23.0596 2152 IBMTPCHK (28deeba2e29cb0e91b641ca95f7740fd) C:\WINDOWS\system32\drivers\IBMBLDID.SYS
16:25:23.0686 2152 IBMTPCHK ( UnsignedFile.Multi.Generic ) - warning
16:25:23.0686 2152 IBMTPCHK - detected UnsignedFile.Multi.Generic (1)
16:25:23.0786 2152 iisadmin - ok
16:25:23.0886 2152 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
16:25:23.0946 2152 Imapi ( UnsignedFile.Multi.Generic ) - warning
16:25:23.0946 2152 Imapi - detected UnsignedFile.Multi.Generic (1)
16:25:24.0097 2152 ImapiService (f7b93aafad33b2320954c17e26c8d361) C:\WINDOWS\system32\imapi.exe
16:25:24.0217 2152 ImapiService ( UnsignedFile.Multi.Generic ) - warning
16:25:24.0217 2152 ImapiService - detected UnsignedFile.Multi.Generic (1)
16:25:24.0407 2152 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\System32\DRIVERS\ini910u.sys
16:25:24.0487 2152 ini910u ( UnsignedFile.Multi.Generic ) - warning
16:25:24.0487 2152 ini910u - detected UnsignedFile.Multi.Generic (1)
16:25:24.0587 2152 inotask - ok
16:25:24.0707 2152 IntelIde (57d928e548b38502abba7a77a6eb7312) C:\WINDOWS\System32\DRIVERS\intelide.sys
16:25:24.0818 2152 IntelIde ( UnsignedFile.Multi.Generic ) - warning
16:25:24.0818 2152 IntelIde - detected UnsignedFile.Multi.Generic (1)
16:25:24.0988 2152 intelppm (27b290d632af2cf3cf40bfddb7370985) C:\WINDOWS\system32\DRIVERS\intelppm.sys
16:25:25.0068 2152 intelppm ( UnsignedFile.Multi.Generic ) - warning
16:25:25.0068 2152 intelppm - detected UnsignedFile.Multi.Generic (1)
16:25:25.0248 2152 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
16:25:25.0328 2152 Ip6Fw ( UnsignedFile.Multi.Generic ) - warning
16:25:25.0328 2152 Ip6Fw - detected UnsignedFile.Multi.Generic (1)
16:25:25.0539 2152 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:25:25.0599 2152 IpFilterDriver ( UnsignedFile.Multi.Generic ) - warning
16:25:25.0599 2152 IpFilterDriver - detected UnsignedFile.Multi.Generic (1)
16:25:25.0799 2152 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
16:25:25.0859 2152 IpInIp ( UnsignedFile.Multi.Generic ) - warning
16:25:25.0859 2152 IpInIp - detected UnsignedFile.Multi.Generic (1)
16:25:26.0089 2152 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
16:25:26.0200 2152 IpNat ( UnsignedFile.Multi.Generic ) - warning
16:25:26.0200 2152 IpNat - detected UnsignedFile.Multi.Generic (1)
16:25:26.0420 2152 IPSec (28b1d2d157f793cb857debbc36ae1d67) C:\WINDOWS\system32\DRIVERS\ipsec.sys
16:25:26.0420 2152 IPSec ( Virus.Win32.ZAccess.g ) - infected
16:25:26.0420 2152 IPSec - detected Virus.Win32.ZAccess.g (0)
16:25:26.0600 2152 IpwP (a2c9e03fbc87b6ea82db90407273dc01) C:\WINDOWS\system32\DRIVERS\ipwpnet.sys
16:25:26.0710 2152 IpwP ( UnsignedFile.Multi.Generic ) - warning
16:25:26.0710 2152 IpwP - detected UnsignedFile.Multi.Generic (1)
16:25:26.0871 2152 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
16:25:26.0971 2152 irda ( UnsignedFile.Multi.Generic ) - warning
16:25:26.0971 2152 irda - detected UnsignedFile.Multi.Generic (1)
16:25:27.0131 2152 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
16:25:27.0211 2152 IRENUM ( UnsignedFile.Multi.Generic ) - warning
16:25:27.0211 2152 IRENUM - detected UnsignedFile.Multi.Generic (1)
16:25:27.0341 2152 Irmon (8024ea8c5b2d2a4d201f418b0aadb804) C:\WINDOWS\System32\irmon.dll
16:25:27.0421 2152 Irmon ( UnsignedFile.Multi.Generic ) - warning
16:25:27.0421 2152 Irmon - detected UnsignedFile.Multi.Generic (1)
16:25:27.0612 2152 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
16:25:27.0692 2152 isapnp ( UnsignedFile.Multi.Generic ) - warning
16:25:27.0692 2152 isapnp - detected UnsignedFile.Multi.Generic (1)
16:25:27.0882 2152 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
16:25:27.0942 2152 Kbdclass ( UnsignedFile.Multi.Generic ) - warning
16:25:27.0942 2152 Kbdclass - detected UnsignedFile.Multi.Generic (1)
16:25:28.0092 2152 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
16:25:28.0182 2152 kmixer ( UnsignedFile.Multi.Generic ) - warning
16:25:28.0182 2152 kmixer - detected UnsignedFile.Multi.Generic (1)
16:25:28.0433 2152 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
16:25:28.0533 2152 KSecDD ( UnsignedFile.Multi.Generic ) - warning
16:25:28.0533 2152 KSecDD - detected UnsignedFile.Multi.Generic (1)
16:25:28.0663 2152 lanmanserver (3428e8f86f8add36b42fb23542c7b3e4) C:\WINDOWS\System32\srvsvc.dll
16:25:28.0773 2152 lanmanserver ( UnsignedFile.Multi.Generic ) - warning
16:25:28.0773 2152 lanmanserver - detected UnsignedFile.Multi.Generic (1)
16:25:28.0903 2152 lanmanworkstation (936c1d110232d23b621cb0196e4f80f0) C:\WINDOWS\System32\wkssvc.dll
16:25:29.0004 2152 lanmanworkstation ( UnsignedFile.Multi.Generic ) - warning
16:25:29.0004 2152 lanmanworkstation - detected UnsignedFile.Multi.Generic (1)
16:25:29.0154 2152 lbrtfdc - ok
16:25:29.0334 2152 LmHosts (0ab159f536e3e8f7f07113702a07cca5) C:\WINDOWS\System32\lmhsvc.dll
16:25:29.0404 2152 LmHosts ( UnsignedFile.Multi.Generic ) - warning
16:25:29.0404 2152 LmHosts - detected UnsignedFile.Multi.Generic (1)
16:25:29.0685 2152 LucentSoftModem (dd226891303d5118648ad4b911f37822) C:\WINDOWS\system32\DRIVERS\LTSM.sys
16:25:29.0795 2152 LucentSoftModem ( UnsignedFile.Multi.Generic ) - warning
16:25:29.0795 2152 LucentSoftModem - detected UnsignedFile.Multi.Generic (1)
16:25:29.0915 2152 Messenger (221cd1c815b8a6b79389c3f5d1018de8) C:\WINDOWS\System32\msgsvc.dll
16:25:30.0015 2152 Messenger ( UnsignedFile.Multi.Generic ) - warning
16:25:30.0015 2152 Messenger - detected UnsignedFile.Multi.Generic (1)
16:25:30.0215 2152 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
16:25:30.0285 2152 mnmdd ( UnsignedFile.Multi.Generic ) - warning
16:25:30.0285 2152 mnmdd - detected UnsignedFile.Multi.Generic (1)
16:25:30.0436 2152 mnmsrvc (9a57d046f88f4b69751b11fd40088a61) C:\WINDOWS\System32\mnmsrvc.exe
16:25:30.0516 2152 mnmsrvc ( UnsignedFile.Multi.Generic ) - warning
16:25:30.0516 2152 mnmsrvc - detected UnsignedFile.Multi.Generic (1)
16:25:30.0656 2152 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
16:25:30.0736 2152 Modem ( UnsignedFile.Multi.Generic ) - warning
16:25:30.0756 2152 Modem - detected UnsignedFile.Multi.Generic (1)
16:25:30.0936 2152 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
16:25:31.0027 2152 Mouclass ( UnsignedFile.Multi.Generic ) - warning
16:25:31.0027 2152 Mouclass - detected UnsignedFile.Multi.Generic (1)
16:25:31.0187 2152 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
16:25:31.0237 2152 mouhid ( UnsignedFile.Multi.Generic ) - warning
16:25:31.0237 2152 mouhid - detected UnsignedFile.Multi.Generic (1)
16:25:31.0407 2152 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
16:25:31.0497 2152 MountMgr ( UnsignedFile.Multi.Generic ) - warning
16:25:31.0497 2152 MountMgr - detected UnsignedFile.Multi.Generic (1)
16:25:31.0667 2152 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\System32\DRIVERS\mraid35x.sys
16:25:31.0768 2152 mraid35x ( UnsignedFile.Multi.Generic ) - warning
16:25:31.0768 2152 mraid35x - detected UnsignedFile.Multi.Generic (1)
16:25:31.0948 2152 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
16:25:32.0068 2152 MRxDAV ( UnsignedFile.Multi.Generic ) - warning
16:25:32.0068 2152 MRxDAV - detected UnsignedFile.Multi.Generic (1)
16:25:32.0268 2152 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:25:32.0589 2152 MRxSmb - ok
16:25:32.0729 2152 MSDTC (6db4d1521caba9a5ffab54ade0ae867d) C:\WINDOWS\System32\msdtc.exe
16:25:32.0799 2152 MSDTC ( UnsignedFile.Multi.Generic ) - warning
16:25:32.0799 2152 MSDTC - detected UnsignedFile.Multi.Generic (1)
16:25:32.0999 2152 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
16:25:33.0049 2152 Msfs ( UnsignedFile.Multi.Generic ) - warning
16:25:33.0049 2152 Msfs - detected UnsignedFile.Multi.Generic (1)
16:25:33.0140 2152 MSIServer - ok
16:25:33.0200 2152 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
16:25:33.0280 2152 MSKSSRV ( UnsignedFile.Multi.Generic ) - warning
16:25:33.0280 2152 MSKSSRV - detected UnsignedFile.Multi.Generic (1)
16:25:33.0510 2152 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:25:33.0600 2152 MSPCLOCK ( UnsignedFile.Multi.Generic ) - warning
16:25:33.0600 2152 MSPCLOCK - detected UnsignedFile.Multi.Generic (1)
16:25:33.0791 2152 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
16:25:33.0861 2152 MSPQM ( UnsignedFile.Multi.Generic ) - warning
16:25:33.0861 2152 MSPQM - detected UnsignedFile.Multi.Generic (1)
16:25:34.0031 2152 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
16:25:34.0111 2152 mssmbios ( UnsignedFile.Multi.Generic ) - warning
16:25:34.0111 2152 mssmbios - detected UnsignedFile.Multi.Generic (1)
16:25:34.0211 2152 mssqlserveradhelper - ok
16:25:34.0321 2152 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
16:25:34.0401 2152 MSTEE ( UnsignedFile.Multi.Generic ) - warning
16:25:34.0401 2152 MSTEE - detected UnsignedFile.Multi.Generic (1)
16:25:34.0592 2152 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
16:25:34.0682 2152 Mup - ok
16:25:34.0902 2152 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
16:25:34.0982 2152 NABTSFEC ( UnsignedFile.Multi.Generic ) - warning
16:25:34.0982 2152 NABTSFEC - detected UnsignedFile.Multi.Generic (1)
16:25:35.0162 2152 NAL (ab7cc5ddfa1557bab312e12abb6a5158) C:\WINDOWS\system32\Drivers\iqvw32.sys
16:25:35.0283 2152 NAL ( UnsignedFile.Multi.Generic ) - warning
16:25:35.0303 2152 NAL - detected UnsignedFile.Multi.Generic (1)
16:25:35.0453 2152 napagent (6ea362e9db03d44f6b996f4d8be237e9) C:\WINDOWS\System32\qagentrt.dll
16:25:35.0533 2152 napagent ( UnsignedFile.Multi.Generic ) - warning
16:25:35.0553 2152 napagent - detected UnsignedFile.Multi.Generic (1)
16:25:35.0743 2152 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
16:25:35.0823 2152 NDIS ( UnsignedFile.Multi.Generic ) - warning
16:25:35.0823 2152 NDIS - detected UnsignedFile.Multi.Generic (1)
16:25:36.0014 2152 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
16:25:36.0084 2152 NdisIP ( UnsignedFile.Multi.Generic ) - warning
16:25:36.0084 2152 NdisIP - detected UnsignedFile.Multi.Generic (1)
16:25:36.0254 2152 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:25:36.0354 2152 NdisTapi - ok
16:25:36.0534 2152 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:25:36.0645 2152 Ndisuio ( UnsignedFile.Multi.Generic ) - warning
16:25:36.0645 2152 Ndisuio - detected UnsignedFile.Multi.Generic (1)
16:25:36.0845 2152 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:25:36.0955 2152 NdisWan ( UnsignedFile.Multi.Generic ) - warning
16:25:36.0955 2152 NdisWan - detected UnsignedFile.Multi.Generic (1)
16:25:37.0125 2152 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
16:25:37.0215 2152 NDProxy ( UnsignedFile.Multi.Generic ) - warning
16:25:37.0215 2152 NDProxy - detected UnsignedFile.Multi.Generic (1)
16:25:37.0396 2152 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
16:25:37.0466 2152 NetBIOS ( UnsignedFile.Multi.Generic ) - warning
16:25:37.0466 2152 NetBIOS - detected UnsignedFile.Multi.Generic (1)
16:25:37.0676 2152 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
16:25:37.0756 2152 NetBT ( UnsignedFile.Multi.Generic ) - warning
16:25:37.0756 2152 NetBT - detected UnsignedFile.Multi.Generic (1)
16:25:37.0886 2152 NetDDE (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
16:25:37.0957 2152 NetDDE ( UnsignedFile.Multi.Generic ) - warning
16:25:37.0957 2152 NetDDE - detected UnsignedFile.Multi.Generic (1)
16:25:37.0967 2152 NetDDEdsdm (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
16:25:38.0077 2152 NetDDEdsdm ( UnsignedFile.Multi.Generic ) - warning
16:25:38.0077 2152 NetDDEdsdm - detected UnsignedFile.Multi.Generic (1)
16:25:38.0207 2152 Netlogon (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
16:25:38.0297 2152 Netlogon ( UnsignedFile.Multi.Generic ) - warning
16:25:38.0297 2152 Netlogon - detected UnsignedFile.Multi.Generic (1)
16:25:38.0477 2152 Netman (72e1e9e2977be08bdeedb6d8fd9d4d40) C:\WINDOWS\System32\netman.dll
16:25:38.0577 2152 Netman ( UnsignedFile.Multi.Generic ) - warning
16:25:38.0577 2152 Netman - detected UnsignedFile.Multi.Generic (1)
16:25:38.0718 2152 NetSvc (d3376ecfdde375d86554074d5645d38e) C:\Program Files\Intel\NCS\Sync\NetSvc.exe
16:25:38.0808 2152 NetSvc ( UnsignedFile.Multi.Generic ) - warning
16:25:38.0808 2152 NetSvc - detected UnsignedFile.Multi.Generic (1)
16:25:38.0998 2152 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
16:25:39.0088 2152 NIC1394 ( UnsignedFile.Multi.Generic ) - warning
16:25:39.0088 2152 NIC1394 - detected UnsignedFile.Multi.Generic (1)
16:25:39.0228 2152 Nla (39ee7c3bfbc64ba87cc8cf67386e814c) C:\WINDOWS\System32\mswsock.dll
16:25:39.0359 2152 Nla - ok
16:25:39.0589 2152 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
16:25:39.0699 2152 Npfs ( UnsignedFile.Multi.Generic ) - warning
16:25:39.0699 2152 Npfs - detected UnsignedFile.Multi.Generic (1)
16:25:39.0879 2152 NSCIRDA (2adc0ca9945c65284b3d19bc18765974) C:\WINDOWS\system32\DRIVERS\nscirda.sys
16:25:39.0959 2152 NSCIRDA ( UnsignedFile.Multi.Generic ) - warning
16:25:39.0959 2152 NSCIRDA - detected UnsignedFile.Multi.Generic (1)
16:25:40.0080 2152 NsTrcNT - ok
16:25:40.0290 2152 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
16:25:40.0410 2152 Ntfs ( UnsignedFile.Multi.Generic ) - warning
16:25:40.0410 2152 Ntfs - detected UnsignedFile.Multi.Generic (1)
16:25:40.0700 2152 NtLmSsp (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\System32\lsass.exe
16:25:40.0801 2152 NtLmSsp ( UnsignedFile.Multi.Generic ) - warning
16:25:40.0801 2152 NtLmSsp - detected UnsignedFile.Multi.Generic (1)
16:25:40.0961 2152 NtmsSvc (023dd70573d644f3d9c8b1258a7bfd08) C:\WINDOWS\system32\ntmssvc.dll
16:25:41.0081 2152 NtmsSvc ( UnsignedFile.Multi.Generic ) - warning
16:25:41.0081 2152 NtmsSvc - detected UnsignedFile.Multi.Generic (1)
16:25:41.0261 2152 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
16:25:41.0351 2152 Null ( UnsignedFile.Multi.Generic ) - warning
16:25:41.0351 2152 Null - detected UnsignedFile.Multi.Generic (1)
16:25:41.0442 2152 nvenetfd - ok
16:25:41.0622 2152 NWCWorkstation (adb82fbc435ae7504082b3c714c3885d) C:\WINDOWS\System32\nwwks.dll
16:25:41.0712 2152 NWCWorkstation ( UnsignedFile.Multi.Generic ) - warning
16:25:41.0712 2152 NWCWorkstation - detected UnsignedFile.Multi.Generic (1)
16:25:41.0932 2152 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
16:25:41.0992 2152 NwlnkFlt ( UnsignedFile.Multi.Generic ) - warning
16:25:41.0992 2152 NwlnkFlt - detected UnsignedFile.Multi.Generic (1)
16:25:42.0173 2152 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
16:25:42.0253 2152 NwlnkFwd ( UnsignedFile.Multi.Generic ) - warning
16:25:42.0253 2152 NwlnkFwd - detected UnsignedFile.Multi.Generic (1)
16:25:42.0453 2152 NwlnkIpx (8b8b1be2dba4025da6786c645f77f123) C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
16:25:42.0543 2152 NwlnkIpx ( UnsignedFile.Multi.Generic ) - warning
16:25:42.0543 2152 NwlnkIpx - detected UnsignedFile.Multi.Generic (1)
16:25:42.0723 2152 NwlnkNb (56d34a67c05e94e16377c60609741ff8) C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
16:25:42.0834 2152 NwlnkNb ( UnsignedFile.Multi.Generic ) - warning
16:25:42.0834 2152 NwlnkNb - detected UnsignedFile.Multi.Generic (1)
16:25:43.0024 2152 NwlnkSpx (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
16:25:43.0124 2152 NwlnkSpx ( UnsignedFile.Multi.Generic ) - warning
16:25:43.0124 2152 NwlnkSpx - detected UnsignedFile.Multi.Generic (1)
16:25:43.0294 2152 NWRDR (36b9b950e3d2e100970a48d8bad86740) C:\WINDOWS\system32\DRIVERS\nwrdr.sys
16:25:43.0364 2152 NWRDR ( UnsignedFile.Multi.Generic ) - warning
16:25:43.0364 2152 NWRDR - detected UnsignedFile.Multi.Generic (1)
16:25:43.0585 2152 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
16:25:43.0655 2152 ohci1394 ( UnsignedFile.Multi.Generic ) - warning
16:25:43.0655 2152 ohci1394 - detected UnsignedFile.Multi.Generic (1)
16:25:43.0825 2152 oxser (f364c6e363f41dc4f6e4b2b08e21bdf7) C:\WINDOWS\system32\DRIVERS\gccoxser.sys
16:25:43.0905 2152 oxser ( UnsignedFile.Multi.Generic ) - warning
16:25:43.0905 2152 oxser - detected UnsignedFile.Multi.Generic (1)
16:25:44.0075 2152 P3 (3fc38e7fbe91db40c34731195f4116c2) C:\WINDOWS\system32\DRIVERS\p3.sys
16:25:44.0175 2152 P3 ( UnsignedFile.Multi.Generic ) - warning
16:25:44.0175 2152 P3 - detected UnsignedFile.Multi.Generic (1)
16:25:44.0386 2152 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
16:25:44.0416 2152 Parport ( UnsignedFile.Multi.Generic ) - warning
16:25:44.0416 2152 Parport - detected UnsignedFile.Multi.Generic (1)
16:25:44.0626 2152 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
16:25:44.0696 2152 PartMgr ( UnsignedFile.Multi.Generic ) - warning
16:25:44.0696 2152 PartMgr - detected UnsignedFile.Multi.Generic (1)
16:25:44.0876 2152 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
16:25:44.0977 2152 ParVdm ( UnsignedFile.Multi.Generic ) - warning
16:25:44.0977 2152 ParVdm - detected UnsignedFile.Multi.Generic (1)
16:25:45.0167 2152 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
16:25:45.0247 2152 PCI ( UnsignedFile.Multi.Generic ) - warning
16:25:45.0247 2152 PCI - detected UnsignedFile.Multi.Generic (1)
16:25:45.0407 2152 PCIDump - ok
16:25:45.0557 2152 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
16:25:45.0628 2152 PCIIde ( UnsignedFile.Multi.Generic ) - warning
16:25:45.0628 2152 PCIIde - detected UnsignedFile.Multi.Generic (1)
16:25:45.0838 2152 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
16:25:45.0908 2152 Pcmcia ( UnsignedFile.Multi.Generic ) - warning
16:25:45.0908 2152 Pcmcia - detected UnsignedFile.Multi.Generic (1)
16:25:46.0018 2152 PDCOMP - ok
16:25:46.0138 2152 PDFRAME - ok
16:25:46.0248 2152 PDRELI - ok
16:25:46.0359 2152 PDRFRAME - ok
16:25:46.0529 2152 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\System32\DRIVERS\perc2.sys
16:25:46.0589 2152 perc2 ( UnsignedFile.Multi.Generic ) - warning
16:25:46.0589 2152 perc2 - detected UnsignedFile.Multi.Generic (1)
16:25:46.0759 2152 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\System32\DRIVERS\perc2hib.sys
16:25:46.0849 2152 perc2hib ( UnsignedFile.Multi.Generic ) - warning
16:25:46.0849 2152 perc2hib - detected UnsignedFile.Multi.Generic (1)
16:25:47.0050 2152 PlugPlay (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
16:25:47.0130 2152 PlugPlay ( UnsignedFile.Multi.Generic ) - warning
16:25:47.0130 2152 PlugPlay - detected UnsignedFile.Multi.Generic (1)
16:25:47.0310 2152 PMEM (fa292805788528c083f416e151b60ab6) C:\WINDOWS\system32\drivers\PMEMNT.SYS
16:25:47.0380 2152 PMEM ( UnsignedFile.Multi.Generic ) - warning
16:25:47.0380 2152 PMEM - detected UnsignedFile.Multi.Generic (1)
16:25:47.0550 2152 PolicyAgent (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
16:25:47.0670 2152 PolicyAgent ( UnsignedFile.Multi.Generic ) - warning
16:25:47.0670 2152 PolicyAgent - detected UnsignedFile.Multi.Generic (1)
16:25:47.0861 2152 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
16:25:47.0961 2152 PptpMiniport ( UnsignedFile.Multi.Generic ) - warning
16:25:47.0961 2152 PptpMiniport - detected UnsignedFile.Multi.Generic (1)
16:25:48.0091 2152 ProtectedStorage (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
16:25:48.0171 2152 ProtectedStorage ( UnsignedFile.Multi.Generic ) - warning
16:25:48.0171 2152 ProtectedStorage - detected UnsignedFile.Multi.Generic (1)
16:25:48.0361 2152 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
16:25:48.0472 2152 PSched ( UnsignedFile.Multi.Generic ) - warning
16:25:48.0472 2152 PSched - detected UnsignedFile.Multi.Generic (1)
16:25:48.0682 2152 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
16:25:48.0712 2152 Ptilink ( UnsignedFile.Multi.Generic ) - warning
16:25:48.0712 2152 Ptilink - detected UnsignedFile.Multi.Generic (1)
16:25:48.0862 2152 QCONSVC (cca272fc46330ee13cc462e46ad4ec20) C:\WINDOWS\system32\QCONSVC.EXE
16:25:48.0962 2152 QCONSVC ( UnsignedFile.Multi.Generic ) - warning
16:25:48.0962 2152 QCONSVC - detected UnsignedFile.Multi.Generic (1)
16:25:49.0153 2152 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\System32\DRIVERS\ql1080.sys
16:25:49.0263 2152 ql1080 ( UnsignedFile.Multi.Generic ) - warning
16:25:49.0263 2152 ql1080 - detected UnsignedFile.Multi.Generic (1)
16:25:49.0453 2152 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\System32\DRIVERS\ql10wnt.sys
16:25:49.0563 2152 Ql10wnt ( UnsignedFile.Multi.Generic ) - warning
16:25:49.0563 2152 Ql10wnt - detected UnsignedFile.Multi.Generic (1)
16:25:49.0743 2152 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\System32\DRIVERS\ql12160.sys
16:25:49.0824 2152 ql12160 ( UnsignedFile.Multi.Generic ) - warning
16:25:49.0824 2152 ql12160 - detected UnsignedFile.Multi.Generic (1)
16:25:49.0994 2152 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\System32\DRIVERS\ql1240.sys
16:25:50.0044 2152 ql1240 ( UnsignedFile.Multi.Generic ) - warning
16:25:50.0044 2152 ql1240 - detected UnsignedFile.Multi.Generic (1)
16:25:50.0274 2152 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\System32\DRIVERS\ql1280.sys
16:25:50.0324 2152 ql1280 ( UnsignedFile.Multi.Generic ) - warning
16:25:50.0324 2152 ql1280 - detected UnsignedFile.Multi.Generic (1)
16:25:50.0535 2152 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:25:50.0615 2152 RasAcd ( UnsignedFile.Multi.Generic ) - warning
16:25:50.0615 2152 RasAcd - detected UnsignedFile.Multi.Generic (1)
16:25:50.0735 2152 RasAuto (2b5e44ea009f2f374b980e1e9a70635d) C:\WINDOWS\System32\rasauto.dll
16:25:50.0875 2152 RasAuto ( UnsignedFile.Multi.Generic ) - warning
16:25:50.0875 2152 RasAuto - detected UnsignedFile.Multi.Generic (1)
16:25:51.0065 2152 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
16:25:51.0155 2152 Rasirda ( UnsignedFile.Multi.Generic ) - warning
16:25:51.0155 2152 Rasirda - detected UnsignedFile.Multi.Generic (1)
16:25:51.0336 2152 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
16:25:51.0426 2152 Rasl2tp ( UnsignedFile.Multi.Generic ) - warning
16:25:51.0426 2152 Rasl2tp - detected UnsignedFile.Multi.Generic (1)
16:25:51.0586 2152 RasMan (d57554c664b64604bd1ee13ea2c07e77) C:\WINDOWS\System32\rasmans.dll
16:25:51.0666 2152 RasMan ( UnsignedFile.Multi.Generic ) - warning
16:25:51.0666 2152 RasMan - detected UnsignedFile.Multi.Generic (1)
16:25:51.0856 2152 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:25:51.0917 2152 RasPppoe ( UnsignedFile.Multi.Generic ) - warning
16:25:51.0917 2152 RasPppoe - detected UnsignedFile.Multi.Generic (1)
16:25:52.0117 2152 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
16:25:52.0207 2152 Raspti ( UnsignedFile.Multi.Generic ) - warning
16:25:52.0207 2152 Raspti - detected UnsignedFile.Multi.Generic (1)
16:25:52.0387 2152 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:25:52.0477 2152 Rdbss ( UnsignedFile.Multi.Generic ) - warning
16:25:52.0477 2152 Rdbss - detected UnsignedFile.Multi.Generic (1)
16:25:52.0748 2152 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
16:25:52.0838 2152 RDPCDD ( UnsignedFile.Multi.Generic ) - warning
16:25:52.0838 2152 RDPCDD - detected UnsignedFile.Multi.Generic (1)
16:25:53.0018 2152 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
16:25:53.0078 2152 rdpdr ( UnsignedFile.Multi.Generic ) - warning
16:25:53.0078 2152 rdpdr - detected UnsignedFile.Multi.Generic (1)
16:25:53.0269 2152 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
16:25:53.0419 2152 RDPWD - ok
16:25:53.0569 2152 RDSessMgr (c0d9d9711cb74ee9bc66353d8cbdab0e) C:\WINDOWS\system32\sessmgr.exe
16:25:53.0689 2152 RDSessMgr ( UnsignedFile.Multi.Generic ) - warning
16:25:53.0689 2152 RDSessMgr - detected UnsignedFile.Multi.Generic (1)
16:25:53.0859 2152 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
16:25:53.0990 2152 redbook ( UnsignedFile.Multi.Generic ) - warning
16:25:53.0990 2152 redbook - detected UnsignedFile.Multi.Generic (1)
16:25:54.0110 2152 RegSrvc (f3fd3182d34df48d9025cef3cfc5e3b9) C:\WINDOWS\System32\RegSrvc.exe
16:25:54.0210 2152 RegSrvc ( UnsignedFile.Multi.Generic ) - warning
16:25:54.0210 2152 RegSrvc - detected UnsignedFile.Multi.Generic (1)
16:25:54.0360 2152 RemoteAccess (127c26b5371651043450e52542099aba) C:\WINDOWS\System32\mprdim.dll
16:25:54.0460 2152 RemoteAccess ( UnsignedFile.Multi.Generic ) - warning
16:25:54.0460 2152 RemoteAccess - detected UnsignedFile.Multi.Generic (1)
16:25:54.0620 2152 RemoteRegistry (8f31505484a190d5b22274708799f4ec) C:\WINDOWS\system32\regsvc.dll
16:25:54.0731 2152 RemoteRegistry ( UnsignedFile.Multi.Generic ) - warning
16:25:54.0731 2152 RemoteRegistry - detected UnsignedFile.Multi.Generic (1)
16:25:54.0931 2152 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
16:25:55.0041 2152 ROOTMODEM ( UnsignedFile.Multi.Generic ) - warning
16:25:55.0041 2152 ROOTMODEM - detected UnsignedFile.Multi.Generic (1)
16:25:55.0191 2152 RpcLocator (718b3bdc0bc3c2f7d065a53d26202af9) C:\WINDOWS\System32\locator.exe
16:25:55.0271 2152 RpcLocator ( UnsignedFile.Multi.Generic ) - warning
16:25:55.0271 2152 RpcLocator - detected UnsignedFile.Multi.Generic (1)
16:25:55.0422 2152 RpcSs (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\System32\rpcss.dll
16:25:55.0552 2152 RpcSs ( UnsignedFile.Multi.Generic ) - warning
16:25:55.0552 2152 RpcSs - detected UnsignedFile.Multi.Generic (1)
16:25:55.0742 2152 RSVP (09ab2e71e58b078038e3bfdba7ffc984) C:\WINDOWS\System32\rsvp.exe
16:25:55.0822 2152 RSVP ( UnsignedFile.Multi.Generic ) - warning
16:25:55.0822 2152 RSVP - detected UnsignedFile.Multi.Generic (1)
16:25:56.0012 2152 S24EventMonitor (723cea35ff32bb9366540979bcfe9580) C:\WINDOWS\System32\S24EvMon.exe
16:25:56.0143 2152 S24EventMonitor ( UnsignedFile.Multi.Generic ) - warning
16:25:56.0143 2152 S24EventMonitor - detected UnsignedFile.Multi.Generic (1)
16:25:56.0343 2152 s24trans (3d99ba73cee82e665948415ae1c6104b) C:\WINDOWS\system32\DRIVERS\s24trans.sys
16:25:56.0453 2152 s24trans ( UnsignedFile.Multi.Generic ) - warning
16:25:56.0453 2152 s24trans - detected UnsignedFile.Multi.Generic (1)
16:25:56.0643 2152 S3SSavage (a94aa8161dd4711bc6f732f21d6407d6) C:\WINDOWS\system32\DRIVERS\s3ssavm.sys
16:25:56.0723 2152 S3SSavage ( UnsignedFile.Multi.Generic ) - warning
16:25:56.0723 2152 S3SSavage - detected UnsignedFile.Multi.Generic (1)
16:25:56.0844 2152 SamSs (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
16:25:56.0924 2152 SamSs ( UnsignedFile.Multi.Generic ) - warning
16:25:56.0924 2152 SamSs - detected UnsignedFile.Multi.Generic (1)
16:25:57.0054 2152 SCardSvr (410046e401eb11e1e6749e9deea41d4a) C:\WINDOWS\System32\SCardSvr.exe
16:25:57.0124 2152 SCardSvr ( UnsignedFile.Multi.Generic ) - warning
16:25:57.0124 2152 SCardSvr - detected UnsignedFile.Multi.Generic (1)
16:25:57.0264 2152 Schedule (3ff232a7731621b8902d81d42418c93c) C:\WINDOWS\system32\schedsvc.dll
16:25:57.0344 2152 Schedule ( UnsignedFile.Multi.Generic ) - warning
16:25:57.0344 2152 Schedule - detected UnsignedFile.Multi.Generic (1)
16:25:57.0555 2152 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
16:25:57.0645 2152 Secdrv ( UnsignedFile.Multi.Generic ) - warning
16:25:57.0645 2152 Secdrv - detected UnsignedFile.Multi.Generic (1)
16:25:57.0785 2152 seclogon (477e2c3cc5e4a0d635bcb0ea8dcac3c6) C:\WINDOWS\System32\seclogon.dll
16:25:57.0865 2152 seclogon ( UnsignedFile.Multi.Generic ) - warning
16:25:57.0865 2152 seclogon - detected UnsignedFile.Multi.Generic (1)
16:25:57.0975 2152 SENS (a530b75c10c23c9ab28fdb6ce719e21f) C:\WINDOWS\system32\sens.dll
16:25:58.0065 2152 SENS ( UnsignedFile.Multi.Generic ) - warning
16:25:58.0065 2152 SENS - detected UnsignedFile.Multi.Generic (1)
16:25:58.0246 2152 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
16:25:58.0316 2152 serenum ( UnsignedFile.Multi.Generic ) - warning
16:25:58.0316 2152 serenum - detected UnsignedFile.Multi.Generic (1)
16:25:58.0586 2152 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
16:25:58.0686 2152 Serial ( UnsignedFile.Multi.Generic ) - warning
16:25:58.0686 2152 Serial - detected UnsignedFile.Multi.Generic (1)
16:25:58.0847 2152 sfdrv01 (00de597b81b381053cb5b21a7f20e365) C:\WINDOWS\system32\drivers\sfdrv01.sys
16:25:58.0947 2152 sfdrv01 ( UnsignedFile.Multi.Generic ) - warning
16:25:58.0947 2152 sfdrv01 - detected UnsignedFile.Multi.Generic (1)
16:25:59.0117 2152 sfhlp02 (64b9ab76f1b16eb059cb6cdd906c067a) C:\WINDOWS\system32\drivers\sfhlp02.sys
16:25:59.0187 2152 sfhlp02 ( UnsignedFile.Multi.Generic ) - warning
16:25:59.0187 2152 sfhlp02 - detected UnsignedFile.Multi.Generic (1)
16:25:59.0357 2152 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys
16:25:59.0427 2152 Sfloppy ( UnsignedFile.Multi.Generic ) - warning
16:25:59.0427 2152 Sfloppy - detected UnsignedFile.Multi.Generic (1)
16:25:59.0608 2152 sfsync02 (798d918d8f20380008277ce3ce5319d1) C:\WINDOWS\system32\drivers\sfsync02.sys
16:25:59.0698 2152 sfsync02 ( UnsignedFile.Multi.Generic ) - warning
16:25:59.0698 2152 sfsync02 - detected UnsignedFile.Multi.Generic (1)
16:25:59.0858 2152 SharedAccess (f58faca9621d2db01bd0927d9a0a208e) C:\WINDOWS\System32\ipnathlp.dll
16:25:59.0998 2152 SharedAccess ( UnsignedFile.Multi.Generic ) - warning
16:25:59.0998 2152 SharedAccess - detected UnsignedFile.Multi.Generic (1)
16:26:00.0168 2152 ShellHWDetection (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
16:26:00.0279 2152 ShellHWDetection - ok
16:26:00.0439 2152 Simbad - ok
16:26:00.0689 2152 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\System32\DRIVERS\sisagp.sys
16:26:00.0769 2152 sisagp ( UnsignedFile.Multi.Generic ) - warning
16:26:00.0769 2152 sisagp - detected UnsignedFile.Multi.Generic (1)
16:26:00.0930 2152 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
16:26:00.0980 2152 SLIP ( UnsignedFile.Multi.Generic ) - warning
16:26:00.0980 2152 SLIP - detected UnsignedFile.Multi.Generic (1)
16:26:01.0120 2152 Smapint (e061a9a43c80be5aa5d94f1ef4a713c1) C:\WINDOWS\system32\drivers\Smapint.sys
16:26:01.0200 2152 Smapint ( UnsignedFile.Multi.Generic ) - warning
16:26:01.0200 2152 Smapint - detected UnsignedFile.Multi.Generic (1)
16:26:01.0370 2152 smwdm (675c3c4d6da71e6be31548150521b561) C:\WINDOWS\system32\drivers\smwdm.sys
16:26:01.0480 2152 smwdm ( UnsignedFile.Multi.Generic ) - warning
16:26:01.0480 2152 smwdm - detected UnsignedFile.Multi.Generic (1)
16:26:01.0621 2152 SoundMAX Agent Service (default) (6723c9e89f7186333cb55f9c7c860fa0) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
16:26:01.0731 2152 SoundMAX Agent Service (default) ( UnsignedFile.Multi.Generic ) - warning
16:26:01.0731 2152 SoundMAX Agent Service (default) - detected UnsignedFile.Multi.Generic (1)
16:26:01.0931 2152 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\System32\DRIVERS\sparrow.sys
16:26:02.0001 2152 Sparrow ( UnsignedFile.Multi.Generic ) - warning
16:26:02.0001 2152 Sparrow - detected UnsignedFile.Multi.Generic (1)
16:26:02.0191 2152 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
16:26:02.0271 2152 splitter ( UnsignedFile.Multi.Generic ) - warning
16:26:02.0271 2152 splitter - detected UnsignedFile.Multi.Generic (1)
16:26:02.0402 2152 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
16:26:02.0492 2152 Spooler ( UnsignedFile.Multi.Generic ) - warning
16:26:02.0492 2152 Spooler - detected UnsignedFile.Multi.Generic (1)
16:26:02.0702 2152 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
16:26:02.0762 2152 sr ( UnsignedFile.Multi.Generic ) - warning
16:26:02.0762 2152 sr - detected UnsignedFile.Multi.Generic (1)
16:26:02.0902 2152 srservice (35b91147124f64ac8081a2edb9ea4dee) C:\WINDOWS\system32\srsvc.dll
16:26:02.0982 2152 srservice ( UnsignedFile.Multi.Generic ) - warning
16:26:02.0982 2152 srservice - detected UnsignedFile.Multi.Generic (1)
16:26:03.0093 2152 SRTSPL - ok
16:26:03.0283 2152 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
16:26:03.0403 2152 Srv - ok
16:26:03.0603 2152 SSDPSRV (becd5271dc4e3b7c3d035f790fcbc1e5) C:\WINDOWS\System32\ssdpsrv.dll
16:26:03.0673 2152 SSDPSRV ( UnsignedFile.Multi.Generic ) - warning
16:26:03.0694 2152 SSDPSRV - detected UnsignedFile.Multi.Generic (1)
16:26:03.0804 2152 StickyMesger - ok
16:26:03.0994 2152 stisvc (c1cdd9275f6a115bb0ae1d55d8d27ba6) C:\WINDOWS\system32\wiaservc.dll
16:26:04.0104 2152 stisvc ( UnsignedFile.Multi.Generic ) - warning
16:26:04.0104 2152 stisvc - detected UnsignedFile.Multi.Generic (1)
16:26:04.0204 2152 StkScan - ok
16:26:04.0385 2152 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
16:26:04.0475 2152 streamip ( UnsignedFile.Multi.Generic ) - warning
16:26:04.0475 2152 streamip - detected UnsignedFile.Multi.Generic (1)
16:26:04.0575 2152 susbser - ok
16:26:04.0685 2152 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
16:26:04.0765 2152 swenum ( UnsignedFile.Multi.Generic ) - warning
16:26:04.0765 2152 swenum - detected UnsignedFile.Multi.Generic (1)
16:26:04.0935 2152 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
16:26:05.0005 2152 swmidi ( UnsignedFile.Multi.Generic ) - warning
16:26:05.0005 2152 swmidi - detected UnsignedFile.Multi.Generic (1)
16:26:05.0116 2152 SwPrv - ok
16:26:05.0206 2152 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\System32\DRIVERS\symc810.sys
16:26:05.0266 2152 symc810 ( UnsignedFile.Multi.Generic ) - warning
16:26:05.0266 2152 symc810 - detected UnsignedFile.Multi.Generic (1)
16:26:05.0456 2152 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\System32\DRIVERS\symc8xx.sys
16:26:05.0526 2152 symc8xx ( UnsignedFile.Multi.Generic ) - warning
16:26:05.0526 2152 symc8xx - detected UnsignedFile.Multi.Generic (1)
16:26:05.0716 2152 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\System32\DRIVERS\sym_hi.sys
16:26:05.0807 2152 sym_hi ( UnsignedFile.Multi.Generic ) - warning
16:26:05.0807 2152 sym_hi - detected UnsignedFile.Multi.Generic (1)
16:26:05.0987 2152 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\System32\DRIVERS\sym_u3.sys
16:26:06.0097 2152 sym_u3 ( UnsignedFile.Multi.Generic ) - warning
16:26:06.0097 2152 sym_u3 - detected UnsignedFile.Multi.Generic (1)
16:26:06.0257 2152 SynTP (d7dc30b8b41e7a913c3fccc0631e72ec) C:\WINDOWS\system32\DRIVERS\SynTP.sys
16:26:06.0317 2152 SynTP - ok
Nahoru
looker
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 22 čer 2009 12:35

Re: sirefef v ipsec.sys

#6 Příspěvek od looker »

a tady zbytek
16:26:06.0518 2152 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
16:26:06.0648 2152 sysaudio ( UnsignedFile.Multi.Generic ) - warning
16:26:06.0648 2152 sysaudio - detected UnsignedFile.Multi.Generic (1)
16:26:06.0778 2152 SysmonLog (ce06f01b88ace199a1bf460cac29c110) C:\WINDOWS\system32\smlogsvc.exe
16:26:06.0858 2152 SysmonLog ( UnsignedFile.Multi.Generic ) - warning
16:26:06.0858 2152 SysmonLog - detected UnsignedFile.Multi.Generic (1)
16:26:07.0008 2152 TapiSrv (c2546cd7a398476f9df5614b2ae160e8) C:\WINDOWS\System32\tapisrv.dll
16:26:07.0088 2152 TapiSrv ( UnsignedFile.Multi.Generic ) - warning
16:26:07.0088 2152 TapiSrv - detected UnsignedFile.Multi.Generic (1)
16:26:07.0289 2152 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
16:26:07.0399 2152 Tcpip - ok
16:26:07.0599 2152 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
16:26:07.0689 2152 TDPIPE ( UnsignedFile.Multi.Generic ) - warning
16:26:07.0689 2152 TDPIPE - detected UnsignedFile.Multi.Generic (1)
16:26:07.0880 2152 TDSMAPI (5c8a52c716b5d886ba22248ad8f95a93) C:\WINDOWS\system32\drivers\TDSMAPI.SYS
16:26:07.0960 2152 TDSMAPI ( UnsignedFile.Multi.Generic ) - warning
16:26:07.0960 2152 TDSMAPI - detected UnsignedFile.Multi.Generic (1)
16:26:08.0150 2152 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
16:26:08.0270 2152 TDTCP ( UnsignedFile.Multi.Generic ) - warning
16:26:08.0270 2152 TDTCP - detected UnsignedFile.Multi.Generic (1)
16:26:08.0470 2152 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
16:26:08.0561 2152 TermDD ( UnsignedFile.Multi.Generic ) - warning
16:26:08.0561 2152 TermDD - detected UnsignedFile.Multi.Generic (1)
16:26:08.0701 2152 TermService (a75dd6fc3dbee4fff5ebc9f2c28bb66e) C:\WINDOWS\System32\termsrv.dll
16:26:08.0811 2152 TermService ( UnsignedFile.Multi.Generic ) - warning
16:26:08.0811 2152 TermService - detected UnsignedFile.Multi.Generic (1)
16:26:08.0981 2152 Themes (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
16:26:09.0091 2152 Themes - ok
16:26:09.0231 2152 TlntSvr (cd0cc7b167d78043a41c98d4921efb54) C:\WINDOWS\System32\tlntsvr.exe
16:26:09.0332 2152 TlntSvr ( UnsignedFile.Multi.Generic ) - warning
16:26:09.0332 2152 TlntSvr - detected UnsignedFile.Multi.Generic (1)
16:26:09.0512 2152 TosIde (fd4fd7d6fda5c019ed86025d7be1510f) C:\WINDOWS\System32\DRIVERS\toside.sys
16:26:09.0582 2152 TosIde ( UnsignedFile.Multi.Generic ) - warning
16:26:09.0582 2152 TosIde - detected UnsignedFile.Multi.Generic (1)
16:26:09.0752 2152 TPHKDRV (9328933b47b9b52b673b8aed8489bd0a) C:\WINDOWS\system32\drivers\TPHKDRV.sys
16:26:09.0822 2152 TPHKDRV ( UnsignedFile.Multi.Generic ) - warning
16:26:09.0822 2152 TPHKDRV - detected UnsignedFile.Multi.Generic (1)
16:26:09.0942 2152 TpKmpSVC (dfb268ff0a6dcb9280015ff527f892ff) C:\WINDOWS\system32\TpKmpSVC.exe
16:26:10.0003 2152 TpKmpSVC ( UnsignedFile.Multi.Generic ) - warning
16:26:10.0003 2152 TpKmpSVC - detected UnsignedFile.Multi.Generic (1)
16:26:10.0153 2152 TPPWR (c10b74cf569d39594e170734db590661) C:\WINDOWS\system32\drivers\Tppwr.sys
16:26:10.0253 2152 TPPWR ( UnsignedFile.Multi.Generic ) - warning
16:26:10.0253 2152 TPPWR - detected UnsignedFile.Multi.Generic (1)
16:26:10.0393 2152 TrkWks (38853304ccb938d30e0c4cde8d2c2a8a) C:\WINDOWS\system32\trkwks.dll
16:26:10.0483 2152 TrkWks ( UnsignedFile.Multi.Generic ) - warning
16:26:10.0483 2152 TrkWks - detected UnsignedFile.Multi.Generic (1)
16:26:10.0674 2152 TSMAPIP (f2aba3066d7921d7fcdbd66dea88be11) C:\WINDOWS\system32\drivers\TSMAPIP.SYS
16:26:10.0774 2152 TSMAPIP ( UnsignedFile.Multi.Generic ) - warning
16:26:10.0774 2152 TSMAPIP - detected UnsignedFile.Multi.Generic (1)
16:26:10.0884 2152 tsmservice - ok
16:26:11.0054 2152 TwoTrack (17687545f77a648af7f9f1064eb61191) C:\WINDOWS\system32\DRIVERS\TwoTrack.sys
16:26:11.0154 2152 TwoTrack ( UnsignedFile.Multi.Generic ) - warning
16:26:11.0154 2152 TwoTrack - detected UnsignedFile.Multi.Generic (1)
16:26:11.0355 2152 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
16:26:11.0415 2152 Udfs ( UnsignedFile.Multi.Generic ) - warning
16:26:11.0415 2152 Udfs - detected UnsignedFile.Multi.Generic (1)
16:26:11.0595 2152 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\System32\DRIVERS\ultra.sys
16:26:11.0685 2152 ultra ( UnsignedFile.Multi.Generic ) - warning
16:26:11.0685 2152 ultra - detected UnsignedFile.Multi.Generic (1)
16:26:11.0895 2152 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
16:26:11.0985 2152 Update ( UnsignedFile.Multi.Generic ) - warning
16:26:11.0985 2152 Update - detected UnsignedFile.Multi.Generic (1)
16:26:12.0156 2152 upnphost (651bd90dcee5b7bdc74a2eb7c9266f9e) C:\WINDOWS\System32\upnphost.dll
16:26:12.0216 2152 upnphost ( UnsignedFile.Multi.Generic ) - warning
16:26:12.0216 2152 upnphost - detected UnsignedFile.Multi.Generic (1)
16:26:12.0346 2152 UPS (20a0f6a11959e92908717d09e87d670d) C:\WINDOWS\System32\ups.exe
16:26:12.0416 2152 UPS ( UnsignedFile.Multi.Generic ) - warning
16:26:12.0416 2152 UPS - detected UnsignedFile.Multi.Generic (1)
16:26:12.0596 2152 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
16:26:12.0706 2152 usbaudio ( UnsignedFile.Multi.Generic ) - warning
16:26:12.0706 2152 usbaudio - detected UnsignedFile.Multi.Generic (1)
16:26:12.0877 2152 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
16:26:12.0957 2152 usbccgp ( UnsignedFile.Multi.Generic ) - warning
16:26:12.0957 2152 usbccgp - detected UnsignedFile.Multi.Generic (1)
16:26:13.0107 2152 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
16:26:13.0137 2152 usbehci ( UnsignedFile.Multi.Generic ) - warning
16:26:13.0137 2152 usbehci - detected UnsignedFile.Multi.Generic (1)
16:26:13.0367 2152 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
16:26:13.0468 2152 usbhub ( UnsignedFile.Multi.Generic ) - warning
16:26:13.0468 2152 usbhub - detected UnsignedFile.Multi.Generic (1)
16:26:13.0668 2152 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
16:26:13.0768 2152 usbscan ( UnsignedFile.Multi.Generic ) - warning
16:26:13.0768 2152 usbscan - detected UnsignedFile.Multi.Generic (1)
16:26:13.0948 2152 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
16:26:14.0028 2152 USBSTOR ( UnsignedFile.Multi.Generic ) - warning
16:26:14.0028 2152 USBSTOR - detected UnsignedFile.Multi.Generic (1)
16:26:14.0179 2152 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
16:26:14.0239 2152 usbuhci ( UnsignedFile.Multi.Generic ) - warning
16:26:14.0239 2152 usbuhci - detected UnsignedFile.Multi.Generic (1)
16:26:14.0439 2152 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
16:26:14.0499 2152 usbvideo ( UnsignedFile.Multi.Generic ) - warning
16:26:14.0499 2152 usbvideo - detected UnsignedFile.Multi.Generic (1)
16:26:14.0709 2152 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
16:26:14.0789 2152 VgaSave ( UnsignedFile.Multi.Generic ) - warning
16:26:14.0789 2152 VgaSave - detected UnsignedFile.Multi.Generic (1)
16:26:14.0960 2152 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\System32\DRIVERS\viaagp.sys
16:26:15.0020 2152 viaagp ( UnsignedFile.Multi.Generic ) - warning
16:26:15.0020 2152 viaagp - detected UnsignedFile.Multi.Generic (1)
16:26:15.0180 2152 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\System32\DRIVERS\viaide.sys
16:26:15.0250 2152 ViaIde ( UnsignedFile.Multi.Generic ) - warning
16:26:15.0250 2152 ViaIde - detected UnsignedFile.Multi.Generic (1)
16:26:15.0460 2152 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
16:26:15.0561 2152 VolSnap ( UnsignedFile.Multi.Generic ) - warning
16:26:15.0561 2152 VolSnap - detected UnsignedFile.Multi.Generic (1)
16:26:15.0681 2152 vproeventmonitor - ok
16:26:15.0751 2152 VSS (d6ba1a63d9e00933f1cd2a885573afb2) C:\WINDOWS\System32\vssvc.exe
16:26:15.0861 2152 VSS ( UnsignedFile.Multi.Generic ) - warning
16:26:15.0861 2152 VSS - detected UnsignedFile.Multi.Generic (1)
16:26:16.0011 2152 W32Time (fa4e1cdba256787f2149f4aad07bc91f) C:\WINDOWS\system32\w32time.dll
16:26:16.0091 2152 W32Time ( UnsignedFile.Multi.Generic ) - warning
16:26:16.0091 2152 W32Time - detected UnsignedFile.Multi.Generic (1)
16:26:16.0312 2152 w70n51 (677ad85e3058c821f5a73cdf7e5b5478) C:\WINDOWS\system32\DRIVERS\w70n51.sys
16:26:16.0512 2152 w70n51 - ok
16:26:16.0632 2152 w800mdfl - ok
16:26:16.0822 2152 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:26:16.0933 2152 Wanarp ( UnsignedFile.Multi.Generic ) - warning
16:26:16.0933 2152 Wanarp - detected UnsignedFile.Multi.Generic (1)
16:26:17.0053 2152 wdelmgr20 - ok
16:26:17.0173 2152 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
16:26:17.0253 2152 Wdf01000 - ok
16:26:17.0403 2152 WDICA - ok
16:26:17.0614 2152 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
16:26:17.0694 2152 wdmaud ( UnsignedFile.Multi.Generic ) - warning
16:26:17.0694 2152 wdmaud - detected UnsignedFile.Multi.Generic (1)
16:26:17.0844 2152 WebClient (47ae51048a82dfa1cd6b51d369f7e169) C:\WINDOWS\System32\webclnt.dll
16:26:17.0944 2152 WebClient ( UnsignedFile.Multi.Generic ) - warning
16:26:17.0944 2152 WebClient - detected UnsignedFile.Multi.Generic (1)
16:26:18.0134 2152 winmgmt (e488332126e3b1182d2b8a0c35408ec6) C:\WINDOWS\system32\wbem\WMIsvc.dll
16:26:18.0214 2152 winmgmt ( UnsignedFile.Multi.Generic ) - warning
16:26:18.0214 2152 winmgmt - detected UnsignedFile.Multi.Generic (1)
16:26:18.0355 2152 wlsetupsvc - ok
16:26:18.0515 2152 wmccdsls - ok
16:26:18.0685 2152 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
16:26:18.0755 2152 WmdmPmSN ( UnsignedFile.Multi.Generic ) - warning
16:26:18.0755 2152 WmdmPmSN - detected UnsignedFile.Multi.Generic (1)
16:26:18.0945 2152 Wmi (0171cff34bba8c5977f18c48d8aef8c6) C:\WINDOWS\System32\advapi32.dll
16:26:19.0086 2152 Wmi ( UnsignedFile.Multi.Generic ) - warning
16:26:19.0086 2152 Wmi - detected UnsignedFile.Multi.Generic (1)
16:26:19.0276 2152 WmiApSrv (23f6f03272f7e5679f1f050aed5acee6) C:\WINDOWS\System32\wbem\wmiapsrv.exe
16:26:19.0326 2152 WmiApSrv ( UnsignedFile.Multi.Generic ) - warning
16:26:19.0326 2152 WmiApSrv - detected UnsignedFile.Multi.Generic (1)
16:26:19.0486 2152 WMPNetworkSvc (3739866d20abd42f26a7b85f9e2560af) C:\Program Files\Windows Media Player\WMPNetwk.exe
16:26:19.0636 2152 WMPNetworkSvc ( UnsignedFile.Multi.Generic ) - warning
16:26:19.0656 2152 WMPNetworkSvc - detected UnsignedFile.Multi.Generic (1)
16:26:19.0797 2152 Wpsnuio - ok
16:26:20.0027 2152 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
16:26:20.0147 2152 WS2IFSL ( UnsignedFile.Multi.Generic ) - warning
16:26:20.0147 2152 WS2IFSL - detected UnsignedFile.Multi.Generic (1)
16:26:20.0257 2152 wscsvc (4c86d5faf78194995af9cc1075f65dd3) C:\WINDOWS\system32\wscsvc.dll
16:26:20.0367 2152 wscsvc ( UnsignedFile.Multi.Generic ) - warning
16:26:20.0367 2152 wscsvc - detected UnsignedFile.Multi.Generic (1)
16:26:20.0538 2152 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
16:26:20.0628 2152 WSTCODEC ( UnsignedFile.Multi.Generic ) - warning
16:26:20.0628 2152 WSTCODEC - detected UnsignedFile.Multi.Generic (1)
16:26:20.0748 2152 wuauserv (c1364564800ee9784192145324a23308) C:\WINDOWS\system32\wuauserv.dll
16:26:20.0838 2152 wuauserv ( UnsignedFile.Multi.Generic ) - warning
16:26:20.0838 2152 wuauserv - detected UnsignedFile.Multi.Generic (1)
16:26:21.0018 2152 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
16:26:21.0119 2152 WudfPf ( UnsignedFile.Multi.Generic ) - warning
16:26:21.0119 2152 WudfPf - detected UnsignedFile.Multi.Generic (1)
16:26:21.0279 2152 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
16:26:21.0359 2152 WudfRd ( UnsignedFile.Multi.Generic ) - warning
16:26:21.0359 2152 WudfRd - detected UnsignedFile.Multi.Generic (1)
16:26:21.0519 2152 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
16:26:21.0589 2152 WudfSvc ( UnsignedFile.Multi.Generic ) - warning
16:26:21.0589 2152 WudfSvc - detected UnsignedFile.Multi.Generic (1)
16:26:21.0800 2152 WZCSVC (a27d4ba7264c0bf52f32d10405bea1d4) C:\WINDOWS\System32\wzcsvc.dll
16:26:21.0930 2152 WZCSVC ( UnsignedFile.Multi.Generic ) - warning
16:26:21.0930 2152 WZCSVC - detected UnsignedFile.Multi.Generic (1)
16:26:22.0030 2152 x10nets - ok
16:26:22.0200 2152 xmlprov (eaa4bb9edb3fb10cf8979fe65e63658f) C:\WINDOWS\System32\xmlprov.dll
16:26:22.0280 2152 xmlprov ( UnsignedFile.Multi.Generic ) - warning
16:26:22.0300 2152 xmlprov - detected UnsignedFile.Multi.Generic (1)
16:26:22.0400 2152 zdeviceservice - ok
16:26:22.0491 2152 MBR (0x1B8) (ab67d479e4ee1ccad757294b60ddb98f) \Device\Harddisk0\DR0
16:26:23.0532 2152 \Device\Harddisk0\DR0 - ok
16:26:23.0542 2152 Boot (0x1200) (ddcf5be173dd64c279b783385263e6c8) \Device\Harddisk0\DR0\Partition0
16:26:23.0552 2152 \Device\Harddisk0\DR0\Partition0 - ok
16:26:23.0552 2152 ============================================================
16:26:23.0562 2152 Scan finished
16:26:23.0562 2152 ============================================================
16:26:23.0702 1800 Detected object count: 282
16:26:23.0702 1800 Actual detected object count: 282
16:30:50.0296 1800 abp480n5 ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0296 1800 abp480n5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0296 1800 ac97intc ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0296 1800 ac97intc ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0306 1800 ACPI ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0306 1800 ACPI ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0316 1800 ACPIEC ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0316 1800 ACPIEC ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0346 1800 adpu160m ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0346 1800 adpu160m ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0346 1800 adusbser ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0346 1800 adusbser ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0356 1800 aeaudio ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0356 1800 aeaudio ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0366 1800 aec ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0366 1800 aec ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0366 1800 AgereSoftModem ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0366 1800 AgereSoftModem ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0376 1800 agp440 ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0376 1800 agp440 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0396 1800 agpCPQ ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0396 1800 agpCPQ ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0406 1800 Aha154x ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0406 1800 Aha154x ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0406 1800 aic78u2 ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0406 1800 aic78u2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0416 1800 aic78xx ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0416 1800 aic78xx ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0426 1800 Alerter ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0426 1800 Alerter ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0426 1800 ALG ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0426 1800 ALG ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0446 1800 AliIde ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0446 1800 AliIde ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0456 1800 alim1541 ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0456 1800 alim1541 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0456 1800 amdagp ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0456 1800 amdagp ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0466 1800 amsint ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0466 1800 amsint ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0466 1800 AppMgmt ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0476 1800 AppMgmt ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0496 1800 Arp1394 ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0496 1800 Arp1394 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0506 1800 asc ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0506 1800 asc ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0506 1800 asc3350p ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0506 1800 asc3350p ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0516 1800 asc3550 ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0516 1800 asc3550 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0526 1800 AsyncMac ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0526 1800 AsyncMac ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0526 1800 atapi ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0526 1800 atapi ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0546 1800 Atmarpc ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0546 1800 Atmarpc ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0556 1800 AudioSrv ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0556 1800 AudioSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0556 1800 audstub ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0556 1800 audstub ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0566 1800 Beep ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0566 1800 Beep ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0566 1800 BITS ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0566 1800 BITS ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0596 1800 Browser ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0596 1800 Browser ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0606 1800 cbidf ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0606 1800 cbidf ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0606 1800 cbidf2k ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0606 1800 cbidf2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0616 1800 CCDECODE ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0616 1800 CCDECODE ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0626 1800 cd20xrnt ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0626 1800 cd20xrnt ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0626 1800 Cdaudio ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0626 1800 Cdaudio ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0646 1800 Cdfs ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0646 1800 Cdfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0656 1800 Cdrom ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0656 1800 Cdrom ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0656 1800 CiSvc ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0656 1800 CiSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0666 1800 ClipSrv ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0666 1800 ClipSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0666 1800 CmBatt ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0666 1800 CmBatt ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0676 1800 CmdIde ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0676 1800 CmdIde ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0696 1800 Compbatt ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0696 1800 Compbatt ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0706 1800 Cpqarray ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0706 1800 Cpqarray ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0706 1800 CryptSvc ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0706 1800 CryptSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0716 1800 dac2w2k ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0716 1800 dac2w2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0716 1800 dac960nt ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0716 1800 dac960nt ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0726 1800 DcomLaunch ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0726 1800 DcomLaunch ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0746 1800 Dhcp ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0746 1800 Dhcp ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0756 1800 Disk ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0756 1800 Disk ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0756 1800 dmboot ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0756 1800 dmboot ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0766 1800 dmio ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0766 1800 dmio ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0766 1800 dmload ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0766 1800 dmload ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0776 1800 dmserver ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0776 1800 dmserver ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0796 1800 DMusic ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0796 1800 DMusic ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0806 1800 Dot3svc ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0806 1800 Dot3svc ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0806 1800 dpti2o ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0806 1800 dpti2o ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0816 1800 drmkaud ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0816 1800 drmkaud ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0816 1800 E100B ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0816 1800 E100B ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0826 1800 EapHost ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0826 1800 EapHost ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0846 1800 ERSvc ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0846 1800 ERSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0856 1800 Ethpdrv ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0856 1800 Ethpdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0856 1800 Eventlog ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0856 1800 Eventlog ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0866 1800 EventSystem ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0866 1800 EventSystem ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0866 1800 Fastfat ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0866 1800 Fastfat ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0876 1800 Fdc ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0876 1800 Fdc ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0896 1800 Fips ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0896 1800 Fips ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0907 1800 Flpydisk ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0907 1800 Flpydisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0907 1800 FltMgr ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0907 1800 FltMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0917 1800 Fs_Rec ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0917 1800 Fs_Rec ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0927 1800 Ftdisk ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0927 1800 Ftdisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0927 1800 Gpc ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0927 1800 Gpc ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0947 1800 gv3 ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0947 1800 gv3 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0957 1800 helpsvc ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0957 1800 helpsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0957 1800 HidUsb ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0957 1800 HidUsb ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0967 1800 hkmsvc ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0967 1800 hkmsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0967 1800 hpn ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0967 1800 hpn ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0977 1800 HTTP ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0977 1800 HTTP ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:50.0997 1800 HTTPFilter ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:50.0997 1800 HTTPFilter ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:51.0007 1800 i2omgmt ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:51.0007 1800 i2omgmt ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:51.0007 1800 i2omp ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:51.0007 1800 i2omp ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:51.0017 1800 i8042prt ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:51.0017 1800 i8042prt ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:51.0017 1800 IBMTPCHK ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:51.0017 1800 IBMTPCHK ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:51.0027 1800 Imapi ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:51.0027 1800 Imapi ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:51.0047 1800 ImapiService ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:51.0047 1800 ImapiService ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:51.0057 1800 ini910u ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:51.0057 1800 ini910u ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:51.0057 1800 IntelIde ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:51.0057 1800 IntelIde ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:51.0067 1800 intelppm ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:51.0067 1800 intelppm ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:51.0067 1800 Ip6Fw ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:51.0067 1800 Ip6Fw ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:51.0077 1800 IpFilterDriver ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:51.0077 1800 IpFilterDriver ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:51.0097 1800 IpInIp ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:51.0097 1800 IpInIp ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:51.0107 1800 IpNat ( UnsignedFile.Multi.Generic ) - skipped by user
16:30:51.0107 1800 IpNat ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:30:51.0618 1800 C:\WINDOWS\system32\DRIVERS\ipsec.sys - copied to quarantine
16:30:51.0638 1800 VerifyFileNameVersionInfo: GetFileVersionInfoSizeW(C:\WINDOWS\system32\drivers\ipsec.sys) error 1813
16:30:56.0154 1800 Backup copy not found, trying to cure infected file..
16:30:56.0154 1800 C:\WINDOWS\system32\DRIVERS\ipsec.sys - Cure failed (FFFFFFFF)
16:30:56.0154 1800 C:\WINDOWS\system32\DRIVERS\ipsec.sys - processing error
16:31:08.0722 1800 IPSec ( Virus.Win32.ZAccess.g ) - User select action: Cure
16:31:08.0732 1800 IpwP ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:08.0732 1800 IpwP ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:08.0732 1800 irda ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:08.0732 1800 irda ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:08.0742 1800 IRENUM ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:08.0742 1800 IRENUM ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:08.0752 1800 Irmon ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:08.0752 1800 Irmon ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:08.0762 1800 isapnp ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:08.0762 1800 isapnp ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:08.0762 1800 Kbdclass ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:08.0762 1800 Kbdclass ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:08.0772 1800 kmixer ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:08.0772 1800 kmixer ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:08.0782 1800 KSecDD ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:08.0782 1800 KSecDD ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:08.0782 1800 lanmanserver ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:08.0782 1800 lanmanserver ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:08.0802 1800 lanmanworkstation ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:08.0802 1800 lanmanworkstation ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:08.0812 1800 LmHosts ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:08.0812 1800 LmHosts ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:08.0822 1800 LucentSoftModem ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:08.0822 1800 LucentSoftModem ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:08.0822 1800 Messenger ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:08.0822 1800 Messenger ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:08.0832 1800 mnmdd ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:08.0832 1800 mnmdd ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:08.0832 1800 mnmsrvc ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:08.0832 1800 mnmsrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:08.0862 1800 Modem ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:08.0862 1800 Modem ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:08.0862 1800 Mouclass ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:08.0862 1800 Mouclass ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:08.0872 1800 mouhid ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:08.0872 1800 mouhid ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:08.0882 1800 MountMgr ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:08.0882 1800 MountMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:08.0882 1800 mraid35x ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:08.0882 1800 mraid35x ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:08.0892 1800 MRxDAV ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:08.0892 1800 MRxDAV ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:08.0912 1800 MSDTC ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:08.0912 1800 MSDTC ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:08.0922 1800 Msfs ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:08.0922 1800 Msfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:08.0932 1800 MSKSSRV ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:08.0932 1800 MSKSSRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:08.0932 1800 MSPCLOCK ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:08.0932 1800 MSPCLOCK ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:08.0942 1800 MSPQM ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:08.0942 1800 MSPQM ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:08.0952 1800 mssmbios ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:08.0952 1800 mssmbios ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:08.0972 1800 MSTEE ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:08.0972 1800 MSTEE ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:08.0982 1800 NABTSFEC ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:08.0982 1800 NABTSFEC ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:08.0982 1800 NAL ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:08.0982 1800 NAL ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:08.0993 1800 napagent ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:08.0993 1800 napagent ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0003 1800 NDIS ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0003 1800 NDIS ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0003 1800 NdisIP ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0003 1800 NdisIP ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0023 1800 Ndisuio ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0023 1800 Ndisuio ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0033 1800 NdisWan ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0033 1800 NdisWan ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0033 1800 NDProxy ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0033 1800 NDProxy ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0043 1800 NetBIOS ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0043 1800 NetBIOS ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0053 1800 NetBT ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0053 1800 NetBT ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0053 1800 NetDDE ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0053 1800 NetDDE ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0073 1800 NetDDEdsdm ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0073 1800 NetDDEdsdm ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0083 1800 Netlogon ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0083 1800 Netlogon ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0083 1800 Netman ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0083 1800 Netman ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0093 1800 NetSvc ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0093 1800 NetSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0103 1800 NIC1394 ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0103 1800 NIC1394 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0123 1800 Npfs ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0123 1800 Npfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0143 1800 NSCIRDA ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0143 1800 NSCIRDA ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0143 1800 Ntfs ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0143 1800 Ntfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0163 1800 NtLmSsp ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0163 1800 NtLmSsp ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0183 1800 NtmsSvc ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0183 1800 NtmsSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0203 1800 Null ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0203 1800 Null ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0223 1800 NWCWorkstation ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0223 1800 NWCWorkstation ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0243 1800 NwlnkFlt ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0243 1800 NwlnkFlt ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0243 1800 NwlnkFwd ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0243 1800 NwlnkFwd ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0263 1800 NwlnkIpx ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0263 1800 NwlnkIpx ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0283 1800 NwlnkNb ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0283 1800 NwlnkNb ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0303 1800 NwlnkSpx ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0303 1800 NwlnkSpx ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0323 1800 NWRDR ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0323 1800 NWRDR ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0343 1800 ohci1394 ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0343 1800 ohci1394 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0343 1800 oxser ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0343 1800 oxser ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0363 1800 P3 ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0363 1800 P3 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0383 1800 Parport ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0383 1800 Parport ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0403 1800 PartMgr ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0403 1800 PartMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0403 1800 ParVdm ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0403 1800 ParVdm ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0423 1800 PCI ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0423 1800 PCI ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0443 1800 PCIIde ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0443 1800 PCIIde ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0463 1800 Pcmcia ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0463 1800 Pcmcia ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0483 1800 perc2 ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0483 1800 perc2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0503 1800 perc2hib ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0503 1800 perc2hib ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0503 1800 PlugPlay ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0503 1800 PlugPlay ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0523 1800 PMEM ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0523 1800 PMEM ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0543 1800 PolicyAgent ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0543 1800 PolicyAgent ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0563 1800 PptpMiniport ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0563 1800 PptpMiniport ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0583 1800 ProtectedStorage ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0583 1800 ProtectedStorage ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0603 1800 PSched ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0603 1800 PSched ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0603 1800 Ptilink ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0603 1800 Ptilink ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0623 1800 QCONSVC ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0623 1800 QCONSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0643 1800 ql1080 ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0643 1800 ql1080 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0663 1800 Ql10wnt ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0663 1800 Ql10wnt ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0663 1800 ql12160 ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0663 1800 ql12160 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0684 1800 ql1240 ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0684 1800 ql1240 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0704 1800 ql1280 ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0704 1800 ql1280 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0724 1800 RasAcd ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0724 1800 RasAcd ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0744 1800 RasAuto ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0744 1800 RasAuto ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0764 1800 Rasirda ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0764 1800 Rasirda ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0764 1800 Rasl2tp ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0764 1800 Rasl2tp ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0784 1800 RasMan ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0784 1800 RasMan ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0804 1800 RasPppoe ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0804 1800 RasPppoe ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0824 1800 Raspti ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0824 1800 Raspti ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0844 1800 Rdbss ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0844 1800 Rdbss ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0864 1800 RDPCDD ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0864 1800 RDPCDD ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0864 1800 rdpdr ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0864 1800 rdpdr ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0884 1800 RDSessMgr ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0884 1800 RDSessMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0904 1800 redbook ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0904 1800 redbook ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0924 1800 RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0924 1800 RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0924 1800 RemoteAccess ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0924 1800 RemoteAccess ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0944 1800 RemoteRegistry ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0944 1800 RemoteRegistry ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0964 1800 ROOTMODEM ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0964 1800 ROOTMODEM ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:09.0984 1800 RpcLocator ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:09.0984 1800 RpcLocator ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0014 1800 RpcSs ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0014 1800 RpcSs ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0034 1800 RSVP ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0034 1800 RSVP ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0034 1800 S24EventMonitor ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0034 1800 S24EventMonitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0054 1800 s24trans ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0054 1800 s24trans ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0074 1800 S3SSavage ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0074 1800 S3SSavage ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0094 1800 SamSs ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0094 1800 SamSs ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0114 1800 SCardSvr ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0114 1800 SCardSvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0134 1800 Schedule ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0134 1800 Schedule ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0134 1800 Secdrv ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0134 1800 Secdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0154 1800 seclogon ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0154 1800 seclogon ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0174 1800 SENS ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0174 1800 SENS ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0194 1800 serenum ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0194 1800 serenum ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0194 1800 Serial ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0194 1800 Serial ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0214 1800 sfdrv01 ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0214 1800 sfdrv01 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0234 1800 sfhlp02 ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0234 1800 sfhlp02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0254 1800 Sfloppy ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0254 1800 Sfloppy ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0274 1800 sfsync02 ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0274 1800 sfsync02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0294 1800 SharedAccess ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0294 1800 SharedAccess ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0294 1800 sisagp ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0294 1800 sisagp ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0314 1800 SLIP ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0314 1800 SLIP ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0334 1800 Smapint ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0334 1800 Smapint ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0354 1800 smwdm ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0354 1800 smwdm ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0374 1800 SoundMAX Agent Service (default) ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0374 1800 SoundMAX Agent Service (default) ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0395 1800 Sparrow ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0395 1800 Sparrow ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0395 1800 splitter ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0395 1800 splitter ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0415 1800 Spooler ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0415 1800 Spooler ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0435 1800 sr ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0435 1800 sr ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0435 1800 srservice ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0435 1800 srservice ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0455 1800 SSDPSRV ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0455 1800 SSDPSRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0475 1800 stisvc ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0475 1800 stisvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0495 1800 streamip ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0495 1800 streamip ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0515 1800 swenum ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0515 1800 swenum ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0535 1800 swmidi ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0535 1800 swmidi ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0535 1800 symc810 ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0535 1800 symc810 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0555 1800 symc8xx ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0555 1800 symc8xx ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0575 1800 sym_hi ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0575 1800 sym_hi ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0595 1800 sym_u3 ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0595 1800 sym_u3 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0615 1800 sysaudio ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0615 1800 sysaudio ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0635 1800 SysmonLog ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0635 1800 SysmonLog ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0635 1800 TapiSrv ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0635 1800 TapiSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0655 1800 TDPIPE ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0655 1800 TDPIPE ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0675 1800 TDSMAPI ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0675 1800 TDSMAPI ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0695 1800 TDTCP ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0695 1800 TDTCP ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0695 1800 TermDD ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0695 1800 TermDD ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0715 1800 TermService ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0715 1800 TermService ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0735 1800 TlntSvr ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0735 1800 TlntSvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0755 1800 TosIde ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0755 1800 TosIde ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0775 1800 TPHKDRV ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0775 1800 TPHKDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0795 1800 TpKmpSVC ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0795 1800 TpKmpSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0795 1800 TPPWR ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0795 1800 TPPWR ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0815 1800 TrkWks ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0815 1800 TrkWks ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0835 1800 TSMAPIP ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0835 1800 TSMAPIP ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0855 1800 TwoTrack ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0855 1800 TwoTrack ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0875 1800 Udfs ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0875 1800 Udfs ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0895 1800 ultra ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0895 1800 ultra ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0895 1800 Update ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0895 1800 Update ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0915 1800 upnphost ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0915 1800 upnphost ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0935 1800 UPS ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0935 1800 UPS ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0955 1800 usbaudio ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0955 1800 usbaudio ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0955 1800 usbccgp ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0955 1800 usbccgp ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:10.0985 1800 usbehci ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:10.0985 1800 usbehci ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:11.0005 1800 usbhub ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:11.0005 1800 usbhub ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:11.0025 1800 usbscan ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:11.0025 1800 usbscan ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:11.0045 1800 USBSTOR ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:11.0045 1800 USBSTOR ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:11.0065 1800 usbuhci ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:11.0065 1800 usbuhci ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:11.0065 1800 usbvideo ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:11.0065 1800 usbvideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:11.0086 1800 VgaSave ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:11.0086 1800 VgaSave ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:11.0106 1800 viaagp ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:11.0106 1800 viaagp ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:11.0126 1800 ViaIde ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:11.0126 1800 ViaIde ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:11.0146 1800 VolSnap ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:11.0146 1800 VolSnap ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:11.0166 1800 VSS ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:11.0166 1800 VSS ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:11.0166 1800 W32Time ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:11.0166 1800 W32Time ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:11.0186 1800 Wanarp ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:11.0186 1800 Wanarp ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:11.0206 1800 wdmaud ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:11.0206 1800 wdmaud ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:11.0226 1800 WebClient ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:11.0226 1800 WebClient ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:11.0246 1800 winmgmt ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:11.0246 1800 winmgmt ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:11.0246 1800 WmdmPmSN ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:11.0246 1800 WmdmPmSN ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:11.0266 1800 Wmi ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:11.0266 1800 Wmi ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:11.0286 1800 WmiApSrv ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:11.0286 1800 WmiApSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:11.0306 1800 WMPNetworkSvc ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:11.0306 1800 WMPNetworkSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:11.0326 1800 WS2IFSL ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:11.0326 1800 WS2IFSL ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:11.0326 1800 wscsvc ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:11.0326 1800 wscsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:11.0346 1800 WSTCODEC ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:11.0346 1800 WSTCODEC ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:11.0366 1800 wuauserv ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:11.0366 1800 wuauserv ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:11.0386 1800 WudfPf ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:11.0386 1800 WudfPf ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:11.0406 1800 WudfRd ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:11.0406 1800 WudfRd ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:11.0426 1800 WudfSvc ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:11.0426 1800 WudfSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:11.0426 1800 WZCSVC ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:11.0426 1800 WZCSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:31:11.0446 1800 xmlprov ( UnsignedFile.Multi.Generic ) - skipped by user
16:31:11.0446 1800 xmlprov ( UnsignedFile.Multi.Generic ) - User select action: Skip
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: sirefef v ipsec.sys

#7 Příspěvek od vyosek »

Nebudu nic zastitrat, PC je silne zaneseno, Sirefef se rozlezl kde mohl a naboril co mohl :boxed:

Muzem se s tim trapit, ale jsou poskozene ovladace, napadene systemove soubory :boxed: pokud se povede vylecit, nebude to stejne OK :(
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
looker
Návštěvník
Návštěvník
Příspěvky: 5
Registrován: 22 čer 2009 12:35

Re: sirefef v ipsec.sys

#8 Příspěvek od looker »

oki, díky. Měl bych ještě dotaz, jak se sirefef šíří? Je to z webu, nebo se umí procpat i přes LAN či poštu?
Až to budu přeinstalovávat, abych nezálohoval i toho šmejda ;-)
zvláštní je, že se procpal přes NODa asi docela vklidu. Mám někde seznam zachycených hrozeb přímo z NODu a že toho je :-(

Ještě jednou díky, a příspěvek za snahu posílám :-)
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: sirefef v ipsec.sys

#9 Příspěvek od vyosek »

Sirefef je pekna mrcha, jak jste sam zjistil :?: Napada systemove soubory, ovladace a modifikuje je ku prospechu svemu - do kodu souboru pridava i svuj kod cim je zajisteno vdzy jeho spusteni a sireni...

Tyhle fileinfectory projdou vetsinou pres bezpecnostni SW a pokud je antivir uz umi detekovat, tak je v 95% neumi lecit...Pokud je odhalen vcas, tak se da nekdy vylecit, ale pokud pozde tak je snazsi reinstal...

Zdrojem tehle potvro jsou vetsinou cracky, keygeny a pochybne weby...

Jinak neni zac a za podporu fora jmenem celeho tymu dekuji :worship:
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“