avd.sys

Zpráva

jpopelka · #1 Příspěvek od **jpopelka** » 01 pro 2011 09:49

Dobrý den,
Avira mi objevila vir v souboru afd.sys a wuauclt.exe a umístila tyto soubory do karantény.

Tato korekce způsobila nepřístupnost DNS. Po mnohahodinovém studiu toho problému a vyzkoušení všech možných i nemožných návodů jsem tento problém nevyřešil.

Oba soubory jsem tedy nahradil soubory z čistého druhého počítače se stejným OS WinXP Prof.
Zjistil jsem však, že soubor afd.sys, který měl datový atribut 16.10.2008 je vzápětí něčím přepsán na afd.sys s atributem 14.4.2008 a tím je opět po restartu vyřazen DNS.
Zkusil jsem tedy různé vyhledávací algoritmy na výskyt viru a antispyware (Malware, Combofix a spoustu dalších).
Tyto sice detekovaly několik trojanů ale situaci nezlepšily.
Zkusil jsem tedy přejmenovat afd.sys z čistého počítače na afd1.sys, ten jsem zkopíroval do system32/drivers a upravit záznam v registry ve službě AFD.
Počítač se bez problému nyní připojuje do internetu ale přesto se mi nechová zcela korektně.

Zkoušel jsem opět zkopírovat správný afd.sys do system32/drivers ale vždycky ho něco změní zpět na ten z 14.4.2008.

Bohužel se již delší dobu (ještě před nákazou) nemohu dostat do Safemodu i když jsem opět zkoušel veškerá doporučení co jsem nalezl. Program Bootsafe mi také nepomohl.

Problém se Safemodem je ten, že i když ho navolím a dostanu se na přihlašovací obrazovku, po snaze se přihlásit se počítač opět zrestartuje aniž bych se dostal dál (Safemode loop).

msconfig /safeboot mi způsobil velké starosti protože pak jsem se zas nedostal do normálního modu ale to jsem s pomocí technika pořešil.

Stále však Safemode loop trvá.

Může mi někdo poradit co s tím? Přeinstalace je pro mne až to úplně poslední, mám tam spoustu věcí o které bych nerad přišel a jak jsem se dočetl i na jiných forech, mnohdy ani to nepomohlo a bylo to tedy zbytečné.
Děkuji předem za laskavou pomoc

#2 Příspěvek od **JaRon** » 01 pro 2011 10:08

ahoj,
1. combofix sa ma pouzivat IBA po doporuceni radcu/moda

takto zmazes dostupne stopy po virusoch ,,,
2. daj vyhladat na disku VSETKY afd.sys a VSETKY ich skontroluj na http://www.virustotal.com - vysledky vloz
3. vloz log RSIT

jpopelka · #3 Příspěvek od **jpopelka** » 01 pro 2011 17:45

Dobrý večer, tak tady je ten log RSIT:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Jarda at 2011-12-01 17:43:02
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 38 GB (13%) free of 305 GB
Total RAM: 3327 MB (70% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:43:11, on 1.12.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17103)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\USB Safely Remove\USBSRService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\Program Files\Soluto\soluto.exe
C:\Program Files\Common Files\Speedbit\SbUpdate\SBUpdate.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Mouse\Amoumain.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\GFI Software\VIPRE\SBAMTray.exe
C:\Program Files\NiceCopier\NiceCopier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Documents and Settings\Jarda\Local Settings\Data aplikací\ChemTable Software\Handy Start Menu\HandyStartMenu.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\USB Safely Remove\USBSafelyRemove.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\GFI Software\VIPRE\SBAMSvc.exe
C:\Program Files\GFI Software\VIPRE\SBPIMSvc.exe
C:\Program Files\Soluto\SolutoService.exe
C:\Documents and Settings\Jarda\Local Settings\Data aplikací\ChemTable Software\Handy Start Menu\StartMenuService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\SRWare Iron\iron.exe
C:\Program Files\SRWare Iron\iron.exe
C:\Program Files\SRWare Iron\iron.exe
C:\Program Files\SRWare Iron\iron.exe
C:\Program Files\SRWare Iron\iron.exe
C:\Program Files\SRWare Iron\iron.exe
C:\Program Files\SRWare Iron\iron.exe
C:\Program Files\SRWare Iron\iron.exe
C:\Program Files\SpeedFan\speedfan.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Jarda\Plocha\downloads\RSIT.exe
C:\Program Files\trend micro\Jarda.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.speedbit.com/?aff=205
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\Program Files\Soluto\soluto.exe /userinit
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: SearchPredictObj Class - {389943B0-C3A2-4E69-82CB-8596A84CB3DC} - C:\Program Files\SearchPredict\SearchPredict.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SBCONVERT - {92A9ACF4-9333-43AE-9698-DB283326F87F} - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: GrabberObj Class - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\SpeedBit Video Downloader\Toolbar\grabber.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: SpeedBit Video Downloader - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll
O4 - HKLM\..\Run: [WheelMouse] "C:\Program Files\Mouse\Amoumain.exe"
O4 - HKLM\..\Run: [Creative KSRun Persistence Module] RunDll32 KSRun.dll,RunDLLEntry
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [SBAMTray] "C:\Program Files\GFI Software\VIPRE\SBAMTray.exe"
O4 - HKCU\..\Run: [NiceCopier] "C:\Program Files\NiceCopier/NiceCopier.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun
O4 - HKCU\..\Run: [Handy Start Menu] "C:\Documents and Settings\Jarda\Local Settings\Data aplikací\ChemTable Software\Handy Start Menu\HandyStartMenu.exe" /Enable
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [USB Safely Remove] C:\Program Files\USB Safely Remove\USBSafelyRemove.exe /startup
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: AutorunsDisabled
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Přečti to! - C:\WINDOWS\Speech\gbs\Precti_to.htm
O8 - Extra context menu item: Přizpůsobit Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: RF Nástrojová lišta - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video Free Download Managerem - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Uložit formuláře - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Vyplnit formulář - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Vyplnit formulář - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Vyplnit formulář - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Uložit - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Uložit formuláře - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RF Nástrojová lišta - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O15 - ESC Trusted IP range: http://192.168.1.254
O16 - DPF: {CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA} (Java Plug-in 1.4.2_06) -
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} (Java Plug-in 1.6.0_22) -
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: hddlife - {BD758015-47D9-477A-8873-4B688A2BC0E2} - "C:\Program Files\Common Files\BinarySense\hlAPP.dll" (file missing)
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BootlogService - Greatis Software (c) - C:\Program Files\Greatis\BootLog XP\BootLogService.exe
O23 - Service: Cepstral License Server - Unknown owner - C:\Program Files\Cepstral\bin\CepstralLicSrv.exe (file missing)
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: CT Device Query service (CTDevice_Srv) - Unknown owner - C:\Program Files\Creative\Shared Files\CTDevSrv.exe (file missing)
O23 - Service: Creative Centrale Media Server (CTUPnPSv) - Creative Technology Ltd - C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HDDlife HDD Access service - BinarySense, Inc. - C:\Program Files\Common Files\BinarySense\hldasvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IMF Service (IMFservice) - Unknown owner - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: MySQL - Unknown owner - C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe
O23 - Service: NitroPDFReaderDriverCreatorReadSpool2 (NitroReaderDriverReadSpool2) - Unknown owner - C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe (file missing)
O23 - Service: VIPRE Antivirus (SBAMSvc) - GFI Software - C:\Program Files\GFI Software\VIPRE\SBAMSvc.exe
O23 - Service: SB Recovery Service (SBPIMSvc) - GFI Software - C:\Program Files\GFI Software\VIPRE\SBPIMSvc.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\Spyware Doctor\pctsAuxs.exe (file missing)
O23 - Service: PC Tools Security Service (sdCoreService) - Unknown owner - C:\Program Files\Spyware Doctor\pctsSvc.exe (file missing)
O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Program Files\Soluto\SolutoService.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Text-to-Speech system Epos (ttscp) - Unknown owner - C:\Program Files\Epos\epos-2.4.85\src\epos.exe (file missing)
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: USB Safely Remove Assistant (USBSafelyRemoveService) - Unknown owner - C:\Program Files\USB Safely Remove\USBSRService.exe

--
End of file - 14016 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\ErrorEND.job
C:\WINDOWS\tasks\Game_Booster_Startup.job
C:\WINDOWS\tasks\GlaryInitialize.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\mixpadShakeIcon.job
C:\WINDOWS\tasks\ParetoLogic Registration3.job
C:\WINDOWS\tasks\ParetoLogic Update Version3.job
C:\WINDOWS\tasks\RegSERVO.job
C:\WINDOWS\tasks\SBWUpdateTask_Logon_41a5bc6-40618658C964.job
C:\WINDOWS\tasks\SBWUpdateTask_Time_41a5bc6-40618658C964.job
C:\WINDOWS\tasks\twelvekeysShakeIcon.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{389943B0-C3A2-4E69-82CB-8596A84CB3DC}]
SearchPredictObj Class - C:\Program Files\SearchPredict\SearchPredict.dll [2011-06-28 498840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [2011-01-18 14430712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92A9ACF4-9333-43AE-9698-DB283326F87F}]
SBCONVERT Class - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll [2011-11-20 2660016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2008-12-30 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-10-18 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF7C3CF0-4B15-11D1-ABED-709549C10000}]
GrabberObj Class - C:\Program Files\SpeedBit Video Downloader\Toolbar\grabber.dll [2011-11-20 356024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{724d43a0-0d85-11d4-9908-00400523e39a} - &RoboForm - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [2011-01-18 14430712]
{0329E7D6-6F54-462D-93F6-F5C3118BADF2} - SpeedBit Video Downloader - C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll [2011-11-20 2660016]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"WheelMouse"=C:\Program Files\Mouse\Amoumain.exe [2008-03-19 270336]
"Creative KSRun Persistence Module"=RunDll32 KSRun.dll,RunDLLEntry []
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2011-08-31 449608]
"SBAMTray"=C:\Program Files\GFI Software\VIPRE\SBAMTray.exe [2011-11-01 3045744]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"NiceCopier"=C:\Program Files\NiceCopier/NiceCopier.exe [2011-09-25 11402752]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"Free Download Manager"=C:\Program Files\Free Download Manager\fdm.exe [2010-04-28 3727411]
"Handy Start Menu"=C:\Documents and Settings\Jarda\Local Settings\Data aplikací\ChemTable Software\Handy Start Menu\HandyStartMenu.exe [2011-11-24 2914560]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-11-10 3514176]
"USB Safely Remove"=C:\Program Files\USB Safely Remove\USBSafelyRemove.exe [2011-08-04 1839448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTRegRun]
C:\WINDOWS\CTRegRun.EXE [2006-10-06 53248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Jarda^Nabídka Start^Programy^Po spuštění^SpeedFan.lnk]
C:\PROGRA~1\SpeedFan\speedfan.exe [2011-07-13 4615064]

C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění
AutorunsDisabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2011-05-04 551296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2010-08-26 159744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2011-07-19 113024]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBPIMSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro35]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro35.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SBAMSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SBPIMSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SolutoService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"undockwithoutlogon"=1
"SynchronousMachineGroupPolicy"=0
"SynchronousUserGroupPolicy"=0
"ShutdownWithoutLogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutorun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoStrCmpLogical"=1
"NoResolveTrack"=1
"NoFileAssociate"=0
"NoResolveSearch"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe"="C:\Program Files\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe:LocalSubNet:Enabled:Pinnacle Streaming Server"
"C:\Program Files\LIVE TV\LiveTV.exe"="C:\Program Files\LIVE TV\LiveTV.exe:*:Enabled:LIVE TV Application"
"C:\Program Files\Megacubo\megacubo.exe"="C:\Program Files\Megacubo\megacubo.exe:*:Enabled:MegaCubo"
"C:\Program Files\Free Download Manager\fdm.exe"="C:\Program Files\Free Download Manager\fdm.exe:*:Enabled:Free Download Manager"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\Steinberg\WaveLab 6.1\WaveLab-app.exe"="C:\Program Files\Steinberg\WaveLab 6.1\WaveLab-app.exe:*:Enabled:WaveLab"
"C:\Program Files\Cakewalk\Shared Utilities\VstScan.exe"="C:\Program Files\Cakewalk\Shared Utilities\VstScan.exe:*:Enabled:Cakewalk VST Scan"
"C:\Program Files\Daum\PotPlayer\PotPlayerMini.exe"="C:\Program Files\Daum\PotPlayer\PotPlayerMini.exe:*:Enabled:PotPlayer"
"C:\Documents and Settings\Jarda\Plocha\Downloads\SW\solutoinstaller.exe"="C:\Documents and Settings\Jarda\Plocha\Downloads\SW\solutoinstaller.exe:*:Enabled:SolutoInstaller"
"C:\Program Files\PCTV Systems\TVCenter\TVCenter.exe"="C:\Program Files\PCTV Systems\TVCenter\TVCenter.exe:*:Enabled:PCTV Systems TVCenter"
"C:\Program Files\Common Files\PCTV Systems\PVR\VideoControl.exe"="C:\Program Files\Common Files\PCTV Systems\PVR\VideoControl.exe:*:Enabled:PCTV Systems VideoControl"
"C:\Program Files\Common Files\PCTV Systems\StreamingServer\StrmServer.exe"="C:\Program Files\Common Files\PCTV Systems\StreamingServer\StrmServer.exe:*:Enabled:PCTV Systems DistanTV classic"
"C:\Program Files\Maxthon3\Modules\MxMiniThunder\ThunderMini.exe"="C:\Program Files\Maxthon3\Modules\MxMiniThunder\ThunderMini.exe:*:Enabled:?????????"
"C:\Program Files\DAP\DAP.exe"="C:\Program Files\DAP\DAP.exe:*:Enabled:Download Accelerator Plus (DAP)"
"C:\Documents and Settings\Jarda\Plocha\Downloads\solutoinstaller.exe"="C:\Documents and Settings\Jarda\Plocha\Downloads\solutoinstaller.exe:*:Enabled:SolutoInstaller"
"C:\Program Files\Soluto\Soluto.exe"="C:\Program Files\Soluto\Soluto.exe:*:Enabled:Soluto Tray"
"C:\Program Files\Soluto\SolutoService.exe"="C:\Program Files\Soluto\SolutoService.exe:*:Enabled:Soluto Service"
"C:\Program Files\Soluto\SolutoConsole.exe"="C:\Program Files\Soluto\SolutoConsole.exe:*:Enabled:Soluto Console"
"C:\Program Files\Soluto\SolutoUpdateService.exe"="C:\Program Files\Soluto\SolutoUpdateService.exe:*:Enabled:Soluto Update Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Daum\PotPlayer\PotPlayerMini.exe"="C:\Program Files\Daum\PotPlayer\PotPlayerMini.exe:*:Enabled:PotPlayer"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\\WINDOWS\\system32\\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"vidc.VP60"=vp6vfw.dll
"vidc.VP61"=vp6vfw.dll
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=MPG4C32.dll
"msacm.voxacm160"=vct3216.acm
"msacm.scg726"=scg726.acm
"msacm.alf2cd"=alf2cd.acm
"msacm.ac3acm"=ac3acm.acm
"vidc.mp43"=mpg4c32.dll
"VIDC.FFDS"=ffdshow.ax
"msacm.ac3filter"=ac3filter.acm
"msacm.avis"=ff_acm.acm
"MSVideo"=vfwwdm32.dll
"vidc.VP62"=vp6vfw.dll
"aux2"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux3"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.yv12"=DivX.dll
"vidc.XVID"=xvidvfw.dll
"msacm.lameacm"=lameACM.acm
"vidc.DIVX"=DivX.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux4"=wdmaud.drv

======File associations======

.bat - edit -
.cmd - edit -
.inf - open -
.ini - open - notepad.exe %1
.js - edit -
.reg - edit -
.txt - open - notepad.exe %1
.vbs - edit -

======List of files/folders created in the last 1 month======

2011-12-01 17:43:02 ----D---- C:\rsit
2011-12-01 17:31:41 ----D---- C:\WINDOWS\LastGood
2011-11-30 20:45:56 ----A---- C:\WINDOWS\system32\drivers\Soluto.sys
2011-11-30 18:17:00 ----A---- C:\WINDOWS\system32\drivers\sbapifs.sys
2011-11-30 18:16:59 ----A---- C:\WINDOWS\system32\drivers\sbaphd.sys
2011-11-30 18:16:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\GFI Software
2011-11-30 18:16:46 ----A---- C:\WINDOWS\system32\drivers\sbtis.sys
2011-11-30 18:16:43 ----D---- C:\WINDOWS\system32\drivers\VDD
2011-11-30 18:14:35 ----D---- C:\Program Files\GFI Software
2011-11-30 18:14:31 ----D---- C:\Documents and Settings\Jarda\Data aplikací\GFI Software
2011-11-30 17:56:32 ----A---- C:\WINDOWS\system32\accwiz.exe
2011-11-30 17:46:33 ----A---- C:\WINDOWS\system32\drivers\TrueSight.sys
2011-11-30 17:37:41 ----A---- C:\TDSSKiller.2.6.21.0_30.11.2011_17.37.41_log.txt
2011-11-30 15:52:47 ----ASH---- C:\pagefile.sys
2011-11-29 23:05:08 ----A---- C:\WINDOWS\system32\TASKMGR.COM
2011-11-29 23:05:08 ----A---- C:\WINDOWS\REGEDIT.COM
2011-11-29 20:17:58 ----A---- C:\WINDOWS\system32\drivers\dtsoftbus01.sys
2011-11-29 20:17:16 ----D---- C:\Documents and Settings\Jarda\Data aplikací\Yandex
2011-11-29 18:49:11 ----A---- C:\WINDOWS\system32\ctfmon.exe
2011-11-29 18:19:37 ----A---- C:\WINDOWS\system32\drivers\hitmanpro35.sys
2011-11-29 18:19:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\Hitman Pro
2011-11-29 17:55:19 ----D---- C:\Documents and Settings\All Users\Data aplikací\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}
2011-11-29 17:36:33 ----SHD---- C:\RECYCLER
2011-11-29 17:16:43 ----D---- C:\Program Files\Perfect Uninstaller
2011-11-29 17:05:42 ----D---- C:\WINDOWS\temp
2011-11-29 16:44:57 ----RASHD---- C:\cmdcons
2011-11-29 15:54:00 ----A---- C:\Boot.bak
2011-11-27 17:38:16 ----A---- C:\WINDOWS\system32\drivers\afd1.sys
2011-11-27 16:53:28 ----D---- C:\Program Files\DLLSuite
2011-11-27 14:49:52 ----D---- C:\Program Files\Trend Micro
2011-11-27 11:55:21 ----D---- C:\Program Files\Hit Malware
2011-11-27 11:18:12 ----D---- C:\Program Files\SpyDig
2011-11-26 18:16:17 ----D---- C:\WINDOWS\ERDNT
2011-11-26 17:47:50 ----AD---- C:\.Trash-1000
2011-11-26 15:45:44 ----D---- C:\Program Files\TeeSupport
2011-11-26 14:07:16 ----D---- C:\WINDOWS\system32\drivers\backup
2011-11-26 13:41:11 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2011-11-26 13:41:10 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-11-26 08:49:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\Autorun Eater
2011-11-26 08:49:36 ----D---- C:\Program Files\Autorun Eater
2011-11-25 22:52:04 ----D---- C:\Documents and Settings\Jarda\Data aplikací\PC Cleaners
2011-11-25 22:51:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\PC1Data
2011-11-25 21:44:47 ----A---- C:\WINDOWS\resetlog.txt
2011-11-25 21:44:00 ----D---- C:\ERDNT
2011-11-24 14:30:30 ----A---- C:\SAFEBOOT_REPAIR.TXT
2011-11-24 14:26:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\ErrorEND
2011-11-24 14:18:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\RegSERVO
2011-11-23 20:47:26 ----A---- C:\WINDOWS\ntbtlog.txt
2011-11-23 20:28:59 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2011-11-23 15:33:27 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sibelius Software
2011-11-23 15:21:27 ----RASH---- C:\WINDOWS\system32\TAKDSDecoder.dll
2011-11-23 15:21:27 ----RASH---- C:\WINDOWS\system32\nbDX.dll
2011-11-23 15:21:27 ----RASH---- C:\WINDOWS\system32\msfDX.dll
2011-11-23 15:21:27 ----RASH---- C:\WINDOWS\system32\flvDX.dll
2011-11-23 15:20:26 ----D---- C:\Program Files\eRightSoft
2011-11-22 22:31:42 ----A---- C:\WINDOWS\system32\devil.dll
2011-11-22 22:31:42 ----A---- C:\WINDOWS\system32\avisynth.dll
2011-11-22 22:20:39 ----D---- C:\Program Files\KillSoft
2011-11-22 16:53:21 ----D---- C:\Program Files\DevEject
2011-11-17 17:24:54 ----D---- C:\Program Files\Dooble
2011-11-11 18:26:51 ----D---- C:\Documents and Settings\Jarda\Data aplikací\keepnote
2011-11-11 18:26:39 ----D---- C:\Program Files\KeepNote
2011-11-11 18:24:02 ----D---- C:\Documents and Settings\Jarda\Data aplikací\TreeDBNotes 4
2011-11-08 20:49:24 ----D---- C:\Documents and Settings\Jarda\Data aplikací\.t4k_common
2011-11-08 20:43:05 ----D---- C:\Documents and Settings\Jarda\Data aplikací\klavaro
2011-11-08 20:42:22 ----D---- C:\Program Files\Klavaro-1.9.0
2011-11-08 20:38:24 ----D---- C:\Program Files\UPSANI
2011-11-08 20:30:10 ----D---- C:\Documents and Settings\Jarda\Data aplikací\RapidTyping
2011-11-08 20:30:10 ----D---- C:\Documents and Settings\All Users\Data aplikací\RapidTyping
2011-11-08 20:29:44 ----D---- C:\Program Files\RapidTyping
2011-11-08 20:25:22 ----D---- C:\Documents and Settings\Jarda\Data aplikací\USBSafelyRemove
2011-11-08 20:25:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\USBSRService
2011-11-08 20:25:17 ----D---- C:\Program Files\USB Safely Remove
2011-11-08 19:49:00 ----D---- C:\Documents and Settings\Jarda\Data aplikací\TuxType
2011-11-08 19:48:49 ----D---- C:\Program Files\TuxType
2011-11-08 17:09:14 ----D---- C:\tmp
2011-11-08 17:06:46 ----RA---- C:\WINDOWS\system32\drivers\wdcsam.sys
2011-11-08 17:05:35 ----D---- C:\Documents and Settings\Jarda\Data aplikací\Foxit Software

======List of files/folders modified in the last 1 month======

2011-12-01 17:43:12 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-12-01 17:42:54 ----D---- C:\Documents and Settings\Jarda\Data aplikací\Free Download Manager
2011-12-01 17:36:24 ----D---- C:\Program Files\SpeedFan
2011-12-01 17:36:23 ----D---- C:\WINDOWS\system32
2011-12-01 17:35:42 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-12-01 17:31:41 ----D---- C:\WINDOWS
2011-12-01 17:31:37 ----D---- C:\WINDOWS\system32\CatRoot2
2011-11-30 21:15:27 ----D---- C:\Program Files
2011-11-30 21:15:13 ----SHD---- C:\WINDOWS\Installer
2011-11-30 21:15:13 ----D---- C:\Config.Msi
2011-11-30 21:04:06 ----D---- C:\Documents and Settings\All Users\Data aplikací\Soluto
2011-11-30 21:03:49 ----D---- C:\WINDOWS\system32\drivers
2011-11-30 20:49:21 ----D---- C:\Documents and Settings\Jarda\Data aplikací\TeraCopy
2011-11-30 20:49:11 ----RSD---- C:\WINDOWS\assembly
2011-11-30 20:45:59 ----D---- C:\Program Files\Soluto
2011-11-30 20:45:56 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-11-29 23:01:12 ----D---- C:\Program Files\Free Download Manager
2011-11-29 22:39:08 ----D---- C:\WINDOWS\Prefetch
2011-11-29 22:08:40 ----D---- C:\Documents and Settings\All Users\Data aplikací\PCTV Systems
2011-11-29 22:08:33 ----HD---- C:\WINDOWS\inf
2011-11-29 21:51:53 ----SHD---- C:\WINDOWS\CSC
2011-11-29 20:30:13 ----A---- C:\WINDOWS\BBW_INFO.INI
2011-11-29 20:17:58 ----D---- C:\Program Files\DAEMON Tools Lite
2011-11-29 20:17:16 ----D---- C:\Documents and Settings\Jarda\Data aplikací\Mozilla
2011-11-29 19:44:18 ----D---- C:\Program Files\Flipping PDF Reader
2011-11-29 19:44:17 ----D---- C:\Documents and Settings\Jarda\Data aplikací\PDF Reader
2011-11-29 18:18:25 ----D---- C:\Program Files\Common Files\iS3
2011-11-29 17:55:17 ----SD---- C:\WINDOWS\Tasks
2011-11-29 17:54:47 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2011-11-29 17:54:45 ----A---- C:\WINDOWS\system32\TuneUpDefragService.exe
2011-11-29 17:51:12 ----D---- C:\Program Files\CDBurnerXP
2011-11-29 17:49:34 ----D---- C:\Program Files\bitRipper
2011-11-29 17:48:26 ----D---- C:\Program Files\Ashampoo
2011-11-29 17:39:08 ----SHD---- C:\System Volume Information
2011-11-29 17:39:08 ----D---- C:\WINDOWS\system32\Restore
2011-11-29 17:03:49 ----A---- C:\WINDOWS\system.ini
2011-11-29 17:00:55 ----D---- C:\WINDOWS\AppPatch
2011-11-29 17:00:51 ----D---- C:\Program Files\Common Files
2011-11-29 16:45:02 ----RASH---- C:\boot.ini
2011-11-29 16:26:22 ----D---- C:\WINDOWS\system32\config
2011-11-29 16:03:41 ----D---- C:\WINDOWS\system32\drivers\etc
2011-11-29 16:01:32 ----D---- C:\WINDOWS\system32\usmt
2011-11-27 18:23:34 ----A---- C:\WINDOWS\win.ini
2011-11-27 17:12:03 ----D---- C:\Program Files\DAEMON Tools Toolbar
2011-11-27 13:05:33 ----D---- C:\Program Files\TuneUp Utilities 2008
2011-11-27 13:05:33 ----D---- C:\Program Files\Spyware Doctor
2011-11-27 11:49:51 ----D---- C:\Documents and Settings\Jarda\Data aplikací\VOS
2011-11-27 08:54:02 ----D---- C:\WINDOWS\system32\NtmsData
2011-11-27 08:50:18 ----D---- C:\WINDOWS\Registration
2011-11-26 18:22:03 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2011-11-26 16:24:58 ----D---- C:\WINDOWS\network diagnostic
2011-11-26 15:49:20 ----D---- C:\WINDOWS\msagent
2011-11-26 15:47:53 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2011-11-26 15:41:30 ----D---- C:\Documents and Settings\All Users\Data aplikací\PC Tools
2011-11-26 14:15:41 ----SD---- C:\Documents and Settings\Jarda\Data aplikací\Microsoft
2011-11-26 13:42:39 ----D---- C:\Documents and Settings\Jarda\Data aplikací\Software Informer
2011-11-25 22:38:50 ----A---- C:\WINDOWS\uninst.exe
2011-11-25 22:31:38 ----D---- C:\Program Files\SUPERAntiSpyware
2011-11-25 18:51:49 ----D---- C:\WINDOWS\Debug
2011-11-25 17:32:44 ----A---- C:\WINDOWS\system32\wrap_oal.dll
2011-11-25 17:32:44 ----A---- C:\WINDOWS\system32\OpenAL32.dll
2011-11-25 17:11:33 ----HD---- C:\Program Files\Creative Installation Information
2011-11-25 17:06:38 ----D---- C:\Program Files\Creative
2011-11-25 16:36:59 ----D---- C:\Documents and Settings\Jarda\Data aplikací\PriceGong
2011-11-24 14:30:28 ----D---- C:\WINDOWS\repair
2011-11-23 22:02:24 ----D---- C:\Program Files\Sibelius Software
2011-11-23 17:06:55 ----D---- C:\Program Files\Registry Winner
2011-11-23 15:47:45 ----D---- C:\Program Files\SpeedBit Video Accelerator
2011-11-23 15:33:27 ----D---- C:\Documents and Settings\Jarda\Data aplikací\Sibelius Software
2011-11-23 15:14:57 ----D---- C:\temp
2011-11-22 22:41:31 ----D---- C:\Documents and Settings\All Users\Data aplikací\Thunder Network
2011-11-22 11:56:12 ----A---- C:\WINDOWS\system32\dopdfmn7.dll
2011-11-22 11:56:10 ----A---- C:\WINDOWS\system32\dopdfmi7.dll
2011-11-21 20:55:20 ----D---- C:\Documents and Settings\Jarda\Data aplikací\Sammsoft
2011-11-21 20:30:04 ----D---- C:\Program Files\SRWare Iron
2011-11-21 20:24:23 ----D---- C:\Program Files\TeraCopy
2011-11-20 08:12:34 ----D---- C:\Program Files\DAP
2011-11-20 08:11:51 ----D---- C:\Program Files\SpeedBit Video Downloader
2011-11-17 15:38:34 ----D---- C:\bb2
2011-11-13 18:04:32 ----D---- C:\Documents and Settings\Jarda\Data aplikací\DAEMON Tools Lite
2011-11-13 14:04:33 ----D---- C:\Documents and Settings\Jarda\Data aplikací\SoftMaker
2011-11-13 14:01:43 ----D---- C:\Program Files\Glary Utilities
2011-11-13 11:35:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
2011-11-11 20:36:59 ----A---- C:\WINDOWS\AviSplitter.INI
2011-11-11 18:52:22 ----D---- C:\Documents and Settings\Jarda\Data aplikací\gtk-2.0
2011-11-10 15:51:43 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-11-04 18:56:51 ----D---- C:\Documents and Settings\Jarda\Data aplikací\Nitro PDF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdide;amdide; C:\WINDOWS\system32\DRIVERS\amdide.sys [2007-10-11 9096]
R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 PCTCore;PCTools KDS; C:\WINDOWS\system32\drivers\PCTCore.sys [2011-08-08 218592]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-08-12 45648]
R0 SmartDefragDriver;SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [2010-11-26 14776]
R0 Soluto;Soluto; C:\WINDOWS\system32\DRIVERS\Soluto.sys [2011-11-27 51144]
R0 speedfan;speedfan; C:\WINDOWS\system32\speedfan.sys [2011-03-18 25240]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2011-11-13 428088]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 AmdPPM;Ovladač procesoru HwPState AMD; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 Amfilter;Compatible Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\Amfilter.sys [2007-04-06 8704]
R1 Asapi;Asapi; C:\WINDOWS\system32\drivers\Asapi.sys [2002-04-17 11264]
R1 Aspi32;Aspi32; C:\WINDOWS\System32\drivers\aspi32.sys [2002-07-17 16512]
R1 cpuidlep;CpuIdle Pro System Driver; C:\WINDOWS\system32\drivers\cpuidlep.sys [2010-03-15 4484]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-11-29 239168]
R1 ISODisk;ISODisk; C:\WINDOWS\system32\drivers\ISODisk.sys [2006-04-26 9600]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files\UltraISO\drivers\ISODrive.sys []
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R1 sbaphd;sbaphd; C:\WINDOWS\system32\drivers\sbaphd.sys [2011-09-09 21240]
R1 SBRE;SBRE; \??\C:\WINDOWS\system32\drivers\SBREdrv.sys []
R1 sbtis;sbtis; C:\WINDOWS\system32\drivers\sbtis.sys [2011-11-01 217976]
R1 SysTool;SysTool Overclocking Utility; C:\WINDOWS\system32\DRIVERS\SysTool.sys [2006-11-10 24064]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\System32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 RVIEGVST;VSC VST Engine; \??\C:\Program Files\Roland\Virtual Sound Canvas VST\RVIEg01VST.sys []
R2 sbapifs;sbapifs; C:\WINDOWS\system32\drivers\sbapifs.sys [2011-09-09 77816]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2006-11-10 18688]
R3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 Amusbprt;Compatible HID-compliant Mouse Driver; C:\WINDOWS\system32\DRIVERS\Amusbprt.sys [2007-04-06 14336]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-08-26 5386752]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2008-07-02 89600]
R3 cpuz135;cpuz135; \??\C:\WINDOWS\TEMP\cpuz135\cpuz135_x32.sys []
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-08-18 5884416]
R3 ksaud;Creative USB Audio Driver; C:\WINDOWS\system32\drivers\ksaud.sys [2009-06-04 772992]
R3 ksaudfl;ksaudfl; C:\WINDOWS\system32\drivers\ksaudfl.sys [2008-10-24 1830912]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-05-25 142336]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbfilter;AMD USB Filter Driver; C:\WINDOWS\system32\DRIVERS\usbfilter.sys [2009-02-09 22328]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 ASPI;Advanced SCSI Programming Interface Driver; \??\C:\WINDOWS\System32\DRIVERS\ASPI32.sys []
S3 at0qalyu;at0qalyu; C:\WINDOWS\system32\drivers\at0qalyu.sys []
S3 azmspf2l;azmspf2l; C:\WINDOWS\system32\drivers\azmspf2l.sys []
S3 azvusb;Virtual USB Hub; C:\WINDOWS\system32\DRIVERS\azvusb.sys [2009-08-24 44544]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]
S3 BTHMODEM;Ovladač komunikace modemu Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-14 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-14 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 mod7700;DiBcom DIB7700 based TV tuner device; C:\WINDOWS\System32\Drivers\mod7700.sys [2010-11-19 914816]
S3 MODRC;DiBcom Infrared Receiver; C:\WINDOWS\system32\DRIVERS\modrc.sys [2007-10-19 13824]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MovRVDrv32;MovRVDrv32; C:\WINDOWS\system32\DRIVERS\MovRVDrv32.sys [2008-04-17 3768]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-14 15232]
S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507; \??\C:\Program Files\MSI\Live Update 5\msibios32_100507.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 NTIOLib_1_0_4;NTIOLib_1_0_4; \??\C:\Program Files\MSI\Live Update 5\NTIOLib.sys []
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys []
S3 StMp3Rec;Player Recovery Device Control Driver; C:\WINDOWS\System32\Drivers\StMp3Rec.sys [2003-11-07 34297]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 tap0901;TAP-Win32 Adapter V9; C:\WINDOWS\system32\DRIVERS\tap0901.sys [2008-01-30 25216]
S3 TrueSight;TrueSight; \??\c:\windows\system32\drivers\TrueSight.sys []
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\WINDOWS\system32\DRIVERS\wdcsam.sys [2009-02-13 11520]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 AODDriver;AODDriver; C:\WINDOWS\system32\drivers\AODDriver.sys []
S4 DSDrv4;DSDrv4; C:\WINDOWS\system32\drivers\DSDrv4.sys []
S4 esihdrv;esihdrv; C:\WINDOWS\system32\drivers\esihdrv.sys []
S4 LgBttPort;LGE Bluetooth TransPort; C:\WINDOWS\system32\DRIVERS\lgbtport.sys [2009-09-29 12160]
S4 lgbusenum;LG Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\lgbtbus.sys [2009-09-29 10496]
S4 LGVMODEM;LGE Virtual Modem; C:\WINDOWS\system32\DRIVERS\lgvmodem.sys [2009-09-29 12928]
S4 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys [2008-05-27 96896]
S4 RushTopDevice_J;RushTopDevice_J; C:\WINDOWS\system32\drivers\RushTopDevice_J.sys []
S4 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2010-01-21 13056]
S4 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2010-01-21 20864]
S4 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2010-01-21 24960]
S4 w300bus;Sony Ericsson W300 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\w300bus.sys [2006-03-13 60800]
S4 w300mdfl;Sony Ericsson W300 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w300mdfl.sys [2006-03-13 9264]
S4 w300mdm;Sony Ericsson W300 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\w300mdm.sys [2006-03-13 96352]
S4 w300mgmt;Sony Ericsson W300 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\w300mgmt.sys [2006-03-13 87824]
S4 w300obex;Sony Ericsson W300 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\w300obex.sys [2006-03-13 85696]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2011-08-12 116608]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2010-08-26 606208]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [2009-02-23 307200]
R2 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
R2 SBAMSvc;VIPRE Antivirus; C:\Program Files\GFI Software\VIPRE\SBAMSvc.exe [2011-11-01 3287472]
R2 SBPIMSvc;SB Recovery Service; C:\Program Files\GFI Software\VIPRE\SBPIMSvc.exe [2011-11-01 173424]
R2 SolutoService;Soluto PCGenome Core Service; C:\Program Files\Soluto\SolutoService.exe [2011-11-27 487456]
R2 USBSafelyRemoveService;USB Safely Remove Assistant; C:\Program Files\USB Safely Remove\USBSRService.exe [2011-08-04 257880]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 CTDevice_Srv;CT Device Query service; C:\Program Files\Creative\Shared Files\CTDevSrv.exe []
S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S2 sdAuxService;PC Tools Auxiliary Service; C:\Program Files\Spyware Doctor\pctsAuxs.exe []
S2 ttscp;Text-to-Speech system Epos; C:\Program Files\Epos\epos-2.4.85\src\epos.exe []
S3 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2009-10-27 660504]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-10-07 345376]
S3 BootlogService;BootlogService; C:\Program Files\Greatis\BootLog XP\BootLogService.exe [2009-12-04 65248]
S3 Cepstral License Server;Cepstral License Server; C:\Program Files\Cepstral\bin\CepstralLicSrv.exe []
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-08-29 79360]
S3 CTUPnPSv;Creative Centrale Media Server; C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe [2008-05-21 64000]
S3 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-10-15 136176]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-10-15 136176]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-02-07 138168]
S3 HDDlife HDD Access service;HDDlife HDD Access service; C:\Program Files\Common Files\BinarySense\hldasvc.exe [2009-08-19 822936]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 IMFservice;IMF Service; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe []
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 MySQL;MySQL; C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe [2009-08-18 6041600]
S3 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S3 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2; C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe []
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 sdCoreService;PC Tools Security Service; C:\Program Files\Spyware Doctor\pctsSvc.exe []
S3 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2011-11-29 355584]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 Freemake Improver;Freemake Improver; C:\Documents and Settings\All Users\Data aplikací\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe []
S4 LGScsiCommandService;LG SCSI command service; C:\WINDOWS\system32\LGScsiCommandService.exe [2010-04-12 47616]
S4 NitroReaderDriverReadSpool;NitroPDFReaderDriverCreatorReadSpool; C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService.exe [2010-09-30 196912]
S4 NMSAccess;NMSAccess; C:\Program Files\CDBurnerXP\NMSAccessU.exe []
S4 VideoAcceleratorService;VideoAcceleratorService; C:\PROGRA~1\SpeedBit Video Accelerator\VideoAcceleratorService.exe -start -scm []

-----------------EOF-----------------

Teď ale musím na zkoušku orchestru takže se ozvu později.
Děkuji za pochopení.

#4 Příspěvek od **JaRon** » 02 pro 2011 07:32

odinstaluj SpyBot - vycisti PC s CCleanerom a vloz vysledky z virustotal

jpopelka · #5 Příspěvek od **jpopelka** » 02 pro 2011 07:54

Provedu jakmile budu doma tzn. odpoledne.
Ale virustotal chce soubor, jaký tam mám tedy vložit?
Nebo to mám řešit přes VirusTotal uploader v sekci Scan running processes http://www.virustotal.com/advanced.html?
Díky za trpělivost.

#6 Příspěvek od **JaRon** » 02 pro 2011 08:06

no das otestovat hlavne C:\WINDOWS\system32\drivers\afd.sys
a potom aj vsetky ine afd.sys umiestnene na disku v inych adresaroch (vcetne skrytych a systemovych)
kedze ja ich mam napr. spolu 12ks postaci ked otestujes uvedeny a este nejake 2 ine

jpopelka · #7 Příspěvek od **jpopelka** » 02 pro 2011 08:14

OK prohledam disk na vyskyt afd.sys a zariadim sa podla tvojych rad, dobre?

#8 Příspěvek od **JaRon** » 02 pro 2011 08:18

jasne

jpopelka · #9 Příspěvek od **jpopelka** » 02 pro 2011 17:55

Virus total pro afd.sys v adresáři C:\.Trash-1000\files:

Additional informationShow all
MD5 : 322d0e36693d6e24a2398bee62a268cd
SHA1 : 4a6bbaa8b5b1ba2e1c9c90a4a5de83d0cb6da4f7
SHA256: fb0bff5846e50dbcc2826639318a6a1de79ee7dea2719ed74a5f6f44454e13d0
ssdeep: 3072:SRMCC9dHY6XtkW7Odrg0jvX7H5LIyA40ESxgx:Sc9kW7O5gA7Hh10ETx
File size : 138112 bytes
First seen: 2009-05-14 05:30:51
Last seen : 2011-12-02 16:43:44
TrID:
Win64 Executable Generic (87.2%)
Win32 Executable Generic (8.6%)
Generic Win/DOS Executable (2.0%)
DOS Executable Generic (2.0%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
sigcheck:
publisher....: Microsoft Corporation
copyright....: (c) Microsoft Corporation. All rights reserved.
product......: Microsoft_ Windows_ Operating System
description..: Ancillary Function Driver for WinSock
original name: afd.sys
internal name: afd.sys
file version.: 5.1.2600.5512 (xpsp.080413-0852)
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
PEInfo: PE structure information

[[ basic data ]]
entrypointaddress: 0x1DE40
timedatestamp....: 0x48025CBA (Sun Apr 13 19:19:22 2008)
machinetype......: 0x14c (I386)

[[ 9 section(s) ]]
name, viradd, virsiz, rawdsiz, ntropy, md5
.text, 0x380, 0x1000, 0x1000, 6.37, 3cc7eaebc742fbb2a938c2ca8c2404f7
.rdata, 0x1380, 0xC2C, 0xC80, 4.45, 49739cea785eb6c8977ca80f5e66bc16
.data, 0x2000, 0x800, 0x800, 2.91, 348b980c27903eb630a296bcc411928f
PAGE, 0x2800, 0x897B, 0x8980, 6.53, 0281181f8ac68fce06eca636f145ef85
PAGEAFD, 0xB180, 0x10641, 0x10680, 6.59, df3d9735f6322dacda078ec62683f965
PAGESAN, 0x1B800, 0x2221, 0x2280, 6.38, d9f2ed984b92d9d3858ea7b8f82b9f35
INIT, 0x1DA80, 0x20D6, 0x2100, 6.16, afe633e5616575b791d52ea0f2725824
.rsrc, 0x1FB80, 0x3F8, 0x400, 3.42, eddf4f9417d65aa6d8bb4e13bd19d3a3
.reloc, 0x1FF80, 0x1BA4, 0x1C00, 6.75, d8d59fe9b07a7cd65b30a7d5473fb036

[[ 3 import(s) ]]
HAL.dll: KeAcquireQueuedSpinLock, KeAcquireInStackQueuedSpinLock, KfLowerIrql, KfRaiseIrql, KeGetCurrentIrql, KeReleaseQueuedSpinLock, KeReleaseInStackQueuedSpinLock
ntoskrnl.exe: IoFileObjectType, IoGetRelatedDeviceObject, IoBuildPartialMdl, KeQueryInterruptTime, MmMapLockedPages, IoAllocateMdl, InterlockedPopEntrySList, MmUnlockPages, MmProbeAndLockPages, ExRaiseAccessViolation, MmUserProbeAddress, ExRaiseDatatypeMisalignment, _except_handler3, MmIsThisAnNtAsSystem, MmQuerySystemSize, KeGetRecommendedSharedDataAlignment, KeInitializeSpinLock, DbgPrint, RtlCompareMemory, KeLeaveCriticalRegion, ExReleaseResourceLite, ExAcquireResourceSharedLite, KeEnterCriticalRegion, ExAcquireResourceExclusiveLite, ZwClose, ObOpenObjectByPointer, IoCreateFile, MmMapLockedPagesSpecifyCache, ExAllocatePoolWithQuotaTag, IoFreeIrp, PsReturnPoolQuota, ExAllocatePoolWithTagPriority, PsChargeProcessPoolQuota, RtlCopyUnicodeString, RtlCompareUnicodeString, MmResetDriverPaging, IoGetCurrentProcess, MmSizeOfMdl, MmBuildMdlForNonPagedPool, IoInitializeIrp, ExRaiseStatus, IoSetIoCompletion, PsGetProcessExitTime, SeUnlockSubjectContext, SeFreePrivileges, SeAppendPrivileges, SeAccessCheck, SeLockSubjectContext, RtlMapGenericMask, IoGetFileObjectGenericMapping, RtlEqualString, RtlInitString, PsGetCurrentThread, IoAllocateIrp, KeWaitForSingleObject, IoBuildDeviceIoControlRequest, KeInitializeEvent, KeSetEvent, ExEventObjectType, ProbeForWrite, KeResetEvent, IofCallDriver, ExInitializeResourceLite, ExDeleteResourceLite, ZwOpenKey, RtlInitUnicodeString, ZwCreateKey, ZwQueryValueKey, RtlAddAccessAllowedAce, RtlCreateAcl, RtlLengthSid, SeExports, ObReleaseObjectSecurity, SeSetSecurityDescriptorInfo, ExAllocatePoolWithTag, RtlLengthSecurityDescriptor, RtlSetDaclSecurityDescriptor, RtlCreateSecurityDescriptor, ObGetObjectSecurity, IoDeleteDevice, ExDeleteNPagedLookasideList, IoQueueWorkItem, ZwNotifyChangeKey, MmPageEntireDriver, IoFreeWorkItem, ExInitializeNPagedLookasideList, IoAllocateWorkItem, IoCreateDevice, DbgBreakPoint, KeReadStateEvent, KePulseEvent, MmAdvanceMdl, KeBugCheckEx, ExInterlockedFlushSList, KeSetTimerEx, KeInitializeDpc, KeInitializeTimer, MmLockPagableDataSection, KeSetTimer, MmUnlockPagableImageSection, KeRemoveQueueDpc, KeCancelTimer, _alldiv, RtlEqualUnicodeString, ExAllocatePoolWithQuota, MmUnmapLockedPages, IoCancelIrp, ExQueueWorkItem, FsRtlMdlReadComplete, KeDetachProcess, FsRtlMdlRead, KeAttachProcess, IoGetRequestorProcess, FsRtlCopyRead, IoQueryFileInformation, _aullrem, PsGetCurrentProcessId, ObFindHandleForObject, ObCloseHandle, ObOpenObjectByName, IoThreadToProcess, KeTickCount, KeInitializeApc, KeInsertQueueApc, KeAcquireInStackQueuedSpinLockAtDpcLevel, KeReleaseInStackQueuedSpinLockFromDpcLevel, ObfReferenceObject, IoAcquireCancelSpinLock, IoReleaseCancelSpinLock, memmove, ExFreePoolWithTag, IofCompleteRequest, IoFreeMdl, ObfDereferenceObject, ObReferenceObjectByHandle, ExGetPreviousMode, InterlockedPushEntrySList
TDI.SYS: TdiReturnChainedReceives, TdiMatchPdoWithChainedReceiveContext, TdiDeregisterPnPHandlers, TdiRegisterPnPHandlers, TdiCopyMdlToBuffer, TdiCopyBufferToMdl
ExifTool:
file metadata
CharacterSet: Unicode
CodeSize: 123776
CompanyName: Microsoft Corporation
EntryPoint: 0x1de40
FileDescription: Ancillary Function Driver for WinSock
FileFlagsMask: 0x003f
FileOS: Windows NT 32-bit
FileSize: 135 kB
FileSubtype: 7
FileType: Win32 EXE
FileVersion: 5.1.2600.5512 (xpsp.080413-0852)
FileVersionNumber: 5.1.2600.5512
ImageVersion: 5.1
InitializedDataSize: 13440
InternalName: afd.sys
LanguageCode: English (U.S.)
LegalCopyright: Microsoft Corporation. All rights reserved.
LinkerVersion: 7.1
MIMEType: application/octet-stream
MachineType: Intel 386 or later, and compatibles
OSVersion: 5.1
ObjectFileType: Driver
OriginalFilename: afd.sys
PEType: PE32
ProductName: Microsoft Windows Operating System
ProductVersion: 5.1.2600.5512
ProductVersionNumber: 5.1.2600.5512
Subsystem: Native
SubsystemVersion: 5.1
TimeStamp: 2008:04:13 21:19:22+02:00
UninitializedDataSize: 0

jpopelka · #10 Příspěvek od **jpopelka** » 02 pro 2011 18:05

A teď afd.sys ze složky system32/drivers, který je stále přepisován. Zajímavé je, že ho hledání nenašlo, divné! Žádné jiné jsem nenašel.
Antivirus Version Last Update Result
AhnLab-V3 2011.12.01.02 2011.12.01 -
AntiVir 7.11.18.204 2011.12.02 -
Antiy-AVL 2.0.3.7 2011.12.02 -
Avast 6.0.1289.0 2011.12.02 -
AVG 10.0.0.1190 2011.12.02 -
BitDefender 7.2 2011.12.02 -
ByteHero 1.0.0.1 2011.11.29 -
CAT-QuickHeal 12.00 2011.12.02 -
ClamAV 0.97.3.0 2011.12.02 -
Commtouch 5.3.2.6 2011.12.02 -
Comodo 10815 2011.12.02 -
DrWeb 5.0.2.03300 2011.12.02 -
Emsisoft 5.1.0.11 2011.12.02 -
eSafe 7.0.17.0 2011.12.01 -
eTrust-Vet 37.0.9599 2011.12.02 -
F-Prot 4.6.5.141 2011.11.29 -
F-Secure 9.0.16440.0 2011.12.02 -
Fortinet 4.3.388.0 2011.12.02 -
GData 22 2011.12.02 -
Ikarus T3.1.1.109.0 2011.12.02 -
Jiangmin 13.0.900 2011.12.02 -
K7AntiVirus 9.119.5586 2011.12.02 -
Kaspersky 9.0.0.837 2011.12.02 -
McAfee 5.400.0.1158 2011.12.02 -
McAfee-GW-Edition 2010.1D 2011.12.02 -
Microsoft 1.7903 2011.12.02 -
NOD32 6668 2011.12.01 -
Norman 6.07.13 2011.12.02 -
nProtect 2011-12-02.01 2011.12.02 -
Panda 10.0.3.5 2011.12.02 -
PCTools 8.0.0.5 2011.12.02 -
Prevx 3.0 2011.12.02 -
Rising 23.86.04.02 2011.12.02 -
Sophos 4.71.0 2011.12.02 -
SUPERAntiSpyware 4.40.0.1006 2011.12.02 -
Symantec 20111.2.0.82 2011.12.02 -
TheHacker 6.7.0.1.352 2011.12.01 -
TrendMicro 9.500.0.1008 2011.12.02 -
TrendMicro-HouseCall 9.500.0.1008 2011.12.02 -
VBA32 3.12.16.4 2011.12.01 -
VIPRE 11192 2011.12.02 -
ViRobot 2011.12.2.4805 2011.12.02 -
VirusBuster 14.1.96.0 2011.12.02 -
Additional informationShow all
MD5 : 322d0e36693d6e24a2398bee62a268cd
SHA1 : 4a6bbaa8b5b1ba2e1c9c90a4a5de83d0cb6da4f7
SHA256: fb0bff5846e50dbcc2826639318a6a1de79ee7dea2719ed74a5f6f44454e13d0
ssdeep: 3072:SRMCC9dHY6XtkW7Odrg0jvX7H5LIyA40ESxgx:Sc9kW7O5gA7Hh10ETx
File size : 138112 bytes
First seen: 2009-05-14 05:30:51
Last seen : 2011-12-02 16:53:58
TrID:
Win64 Executable Generic (87.2%)
Win32 Executable Generic (8.6%)
Generic Win/DOS Executable (2.0%)
DOS Executable Generic (2.0%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
sigcheck:
publisher....: Microsoft Corporation
copyright....: (c) Microsoft Corporation. All rights reserved.
product......: Microsoft_ Windows_ Operating System
description..: Ancillary Function Driver for WinSock
original name: afd.sys
internal name: afd.sys
file version.: 5.1.2600.5512 (xpsp.080413-0852)
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
PEInfo: PE structure information

[[ basic data ]]
entrypointaddress: 0x1DE40
timedatestamp....: 0x48025CBA (Sun Apr 13 19:19:22 2008)
machinetype......: 0x14c (I386)

[[ 9 section(s) ]]
name, viradd, virsiz, rawdsiz, ntropy, md5
.text, 0x380, 0x1000, 0x1000, 6.37, 3cc7eaebc742fbb2a938c2ca8c2404f7
.rdata, 0x1380, 0xC2C, 0xC80, 4.45, 49739cea785eb6c8977ca80f5e66bc16
.data, 0x2000, 0x800, 0x800, 2.91, 348b980c27903eb630a296bcc411928f
PAGE, 0x2800, 0x897B, 0x8980, 6.53, 0281181f8ac68fce06eca636f145ef85
PAGEAFD, 0xB180, 0x10641, 0x10680, 6.59, df3d9735f6322dacda078ec62683f965
PAGESAN, 0x1B800, 0x2221, 0x2280, 6.38, d9f2ed984b92d9d3858ea7b8f82b9f35
INIT, 0x1DA80, 0x20D6, 0x2100, 6.16, afe633e5616575b791d52ea0f2725824
.rsrc, 0x1FB80, 0x3F8, 0x400, 3.42, eddf4f9417d65aa6d8bb4e13bd19d3a3
.reloc, 0x1FF80, 0x1BA4, 0x1C00, 6.75, d8d59fe9b07a7cd65b30a7d5473fb036

[[ 3 import(s) ]]
HAL.dll: KeAcquireQueuedSpinLock, KeAcquireInStackQueuedSpinLock, KfLowerIrql, KfRaiseIrql, KeGetCurrentIrql, KeReleaseQueuedSpinLock, KeReleaseInStackQueuedSpinLock
ntoskrnl.exe: IoFileObjectType, IoGetRelatedDeviceObject, IoBuildPartialMdl, KeQueryInterruptTime, MmMapLockedPages, IoAllocateMdl, InterlockedPopEntrySList, MmUnlockPages, MmProbeAndLockPages, ExRaiseAccessViolation, MmUserProbeAddress, ExRaiseDatatypeMisalignment, _except_handler3, MmIsThisAnNtAsSystem, MmQuerySystemSize, KeGetRecommendedSharedDataAlignment, KeInitializeSpinLock, DbgPrint, RtlCompareMemory, KeLeaveCriticalRegion, ExReleaseResourceLite, ExAcquireResourceSharedLite, KeEnterCriticalRegion, ExAcquireResourceExclusiveLite, ZwClose, ObOpenObjectByPointer, IoCreateFile, MmMapLockedPagesSpecifyCache, ExAllocatePoolWithQuotaTag, IoFreeIrp, PsReturnPoolQuota, ExAllocatePoolWithTagPriority, PsChargeProcessPoolQuota, RtlCopyUnicodeString, RtlCompareUnicodeString, MmResetDriverPaging, IoGetCurrentProcess, MmSizeOfMdl, MmBuildMdlForNonPagedPool, IoInitializeIrp, ExRaiseStatus, IoSetIoCompletion, PsGetProcessExitTime, SeUnlockSubjectContext, SeFreePrivileges, SeAppendPrivileges, SeAccessCheck, SeLockSubjectContext, RtlMapGenericMask, IoGetFileObjectGenericMapping, RtlEqualString, RtlInitString, PsGetCurrentThread, IoAllocateIrp, KeWaitForSingleObject, IoBuildDeviceIoControlRequest, KeInitializeEvent, KeSetEvent, ExEventObjectType, ProbeForWrite, KeResetEvent, IofCallDriver, ExInitializeResourceLite, ExDeleteResourceLite, ZwOpenKey, RtlInitUnicodeString, ZwCreateKey, ZwQueryValueKey, RtlAddAccessAllowedAce, RtlCreateAcl, RtlLengthSid, SeExports, ObReleaseObjectSecurity, SeSetSecurityDescriptorInfo, ExAllocatePoolWithTag, RtlLengthSecurityDescriptor, RtlSetDaclSecurityDescriptor, RtlCreateSecurityDescriptor, ObGetObjectSecurity, IoDeleteDevice, ExDeleteNPagedLookasideList, IoQueueWorkItem, ZwNotifyChangeKey, MmPageEntireDriver, IoFreeWorkItem, ExInitializeNPagedLookasideList, IoAllocateWorkItem, IoCreateDevice, DbgBreakPoint, KeReadStateEvent, KePulseEvent, MmAdvanceMdl, KeBugCheckEx, ExInterlockedFlushSList, KeSetTimerEx, KeInitializeDpc, KeInitializeTimer, MmLockPagableDataSection, KeSetTimer, MmUnlockPagableImageSection, KeRemoveQueueDpc, KeCancelTimer, _alldiv, RtlEqualUnicodeString, ExAllocatePoolWithQuota, MmUnmapLockedPages, IoCancelIrp, ExQueueWorkItem, FsRtlMdlReadComplete, KeDetachProcess, FsRtlMdlRead, KeAttachProcess, IoGetRequestorProcess, FsRtlCopyRead, IoQueryFileInformation, _aullrem, PsGetCurrentProcessId, ObFindHandleForObject, ObCloseHandle, ObOpenObjectByName, IoThreadToProcess, KeTickCount, KeInitializeApc, KeInsertQueueApc, KeAcquireInStackQueuedSpinLockAtDpcLevel, KeReleaseInStackQueuedSpinLockFromDpcLevel, ObfReferenceObject, IoAcquireCancelSpinLock, IoReleaseCancelSpinLock, memmove, ExFreePoolWithTag, IofCompleteRequest, IoFreeMdl, ObfDereferenceObject, ObReferenceObjectByHandle, ExGetPreviousMode, InterlockedPushEntrySList
TDI.SYS: TdiReturnChainedReceives, TdiMatchPdoWithChainedReceiveContext, TdiDeregisterPnPHandlers, TdiRegisterPnPHandlers, TdiCopyMdlToBuffer, TdiCopyBufferToMdl
ExifTool:
file metadata
CharacterSet: Unicode
CodeSize: 123776
CompanyName: Microsoft Corporation
EntryPoint: 0x1de40
FileDescription: Ancillary Function Driver for WinSock
FileFlagsMask: 0x003f
FileOS: Windows NT 32-bit
FileSize: 135 kB
FileSubtype: 7
FileType: Win32 EXE
FileVersion: 5.1.2600.5512 (xpsp.080413-0852)
FileVersionNumber: 5.1.2600.5512
ImageVersion: 5.1
InitializedDataSize: 13440
InternalName: afd.sys
LanguageCode: English (U.S.)
LegalCopyright: Microsoft Corporation. All rights reserved.
LinkerVersion: 7.1
MIMEType: application/octet-stream
MachineType: Intel 386 or later, and compatibles
OSVersion: 5.1
ObjectFileType: Driver
OriginalFilename: afd.sys
PEType: PE32
ProductName: Microsoft Windows Operating System
ProductVersion: 5.1.2600.5512
ProductVersionNumber: 5.1.2600.5512
Subsystem: Native
SubsystemVersion: 5.1
TimeStamp: 2008:04:13 21:19:22+02:00
UninitializedDataSize: 0

#11 Příspěvek od **JaRon** » 03 pro 2011 20:08

no ak nie su problemy, bral by som to ako falosny poplach Aviry

jpopelka · #12 Příspěvek od **jpopelka** » 03 pro 2011 22:03

Tak TDSSKiller nehlásí nic ale můžu ho ještě spustit a přiložit ten log.
Na COmbofix už si po varování netroufám, potřeboval bych asistenci.
Stále mě štve, že se ten afd.sys přepisuje. Asi pořád něco není dobře.
Měl jsem nainstalované soluto a zničeho nic přestane fungovat, potplayer se zasekne tak, že pomůže jen HW reset.
Prostě se nemůžu zbavit dojmu, že není vše v pořádku i když zatím to chodí.
Nainstaloval jsem vipre antivir, a teď ho nemůžu odinstalovat i když vcleaner přímo od nich hlásí, že je odinstalovaný. V Přidat a ubrat programy ale stále je a když dám odinstalovat tak dostanu hlášku že driver nemohl být nainstalován a vše se vrátí zpět.
I když vipre antivir funkční již není tak je stále v počítači.
Panda Cloud Antivirus nehlásí žádnou infekci.
Už jsem z toho vyprahlej a nevím jak dál.
Díky za ochotu pomoci.

jpopelka · #13 Příspěvek od **jpopelka** » 03 pro 2011 22:05

Tady je ten report TDSSKilleru:

22:03:36.0484 1848 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44
22:03:36.0812 1848 ============================================================
22:03:36.0812 1848 Current date / time: 2011/12/03 22:03:36.0812
22:03:36.0812 1848 SystemInfo:
22:03:36.0812 1848
22:03:36.0812 1848 OS Version: 5.1.2600 ServicePack: 3.0
22:03:36.0812 1848 Product type: Workstation
22:03:36.0812 1848 ComputerName: NOVY
22:03:36.0812 1848 UserName: Jarda
22:03:36.0812 1848 Windows directory: C:\WINDOWS
22:03:36.0812 1848 System windows directory: C:\WINDOWS
22:03:36.0812 1848 Processor architecture: Intel x86
22:03:36.0812 1848 Number of processors: 2
22:03:36.0812 1848 Page size: 0x1000
22:03:36.0812 1848 Boot type: Normal boot
22:03:36.0812 1848 ============================================================
22:03:37.0828 1848 Initialize success
22:03:39.0421 1428 ============================================================
22:03:39.0421 1428 Scan started
22:03:39.0421 1428 Mode: Manual;
22:03:39.0421 1428 ============================================================
22:03:40.0562 1428 Abiosdsk - ok
22:03:40.0562 1428 abp480n5 - ok
22:03:40.0593 1428 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:03:40.0593 1428 ACPI - ok
22:03:40.0609 1428 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
22:03:40.0609 1428 ACPIEC - ok
22:03:40.0625 1428 adpu160m - ok
22:03:40.0656 1428 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
22:03:40.0656 1428 aec - ok
22:03:40.0687 1428 Afc (fe3ea6e9afc1a78e6edca121e006afb7) C:\WINDOWS\system32\drivers\Afc.sys
22:03:40.0687 1428 Afc - ok
22:03:40.0718 1428 AFD (885b2f107a071eebfc87d4cb16e2a6c3) C:\WINDOWS\System32\drivers\afd1.sys
22:03:40.0718 1428 AFD - ok
22:03:40.0734 1428 Aha154x - ok
22:03:40.0734 1428 aic78u2 - ok
22:03:40.0734 1428 aic78xx - ok
22:03:40.0750 1428 AliIde - ok
22:03:40.0796 1428 Ambfilt (f6af59d6eee5e1c304f7f73706ad11d8) C:\WINDOWS\system32\drivers\Ambfilt.sys
22:03:40.0812 1428 Ambfilt - ok
22:03:40.0843 1428 amdide (6e58654cb25730b2579e45e1fd116a47) C:\WINDOWS\system32\DRIVERS\amdide.sys
22:03:40.0843 1428 amdide - ok
22:03:40.0859 1428 AmdLLD (ad8fa28d8ed0d0a689a0559085ce0f18) C:\WINDOWS\system32\DRIVERS\AmdLLD.sys
22:03:40.0859 1428 AmdLLD - ok
22:03:40.0890 1428 AmdPPM (033448d435e65c4bd72e70521fd05c76) C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
22:03:40.0890 1428 AmdPPM - ok
22:03:40.0921 1428 Amfilter (6a1455f7c1f10820a9eb3c89880076ae) C:\WINDOWS\system32\DRIVERS\Amfilter.sys
22:03:40.0921 1428 Amfilter - ok
22:03:40.0921 1428 amsint - ok
22:03:40.0937 1428 Amusbprt (e3fe4628299ba176e3dcb99576ef922b) C:\WINDOWS\system32\DRIVERS\Amusbprt.sys
22:03:40.0937 1428 Amusbprt - ok
22:03:40.0937 1428 AODDriver - ok
22:03:40.0968 1428 Asapi (875f9079cabee679d34b49e466b61701) C:\WINDOWS\system32\drivers\Asapi.sys
22:03:40.0968 1428 Asapi - ok
22:03:40.0968 1428 asc - ok
22:03:40.0984 1428 asc3350p - ok
22:03:40.0984 1428 asc3550 - ok
22:03:41.0015 1428 ASPI (54ab078660e536da72b21a27f56b035b) C:\WINDOWS\System32\DRIVERS\ASPI32.sys
22:03:41.0015 1428 ASPI - ok
22:03:41.0031 1428 Aspi32 (54ab078660e536da72b21a27f56b035b) C:\WINDOWS\system32\drivers\aspi32.sys
22:03:41.0031 1428 Aspi32 - ok
22:03:41.0062 1428 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:03:41.0062 1428 AsyncMac - ok
22:03:41.0078 1428 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
22:03:41.0078 1428 atapi - ok
22:03:41.0078 1428 Atdisk - ok
22:03:41.0343 1428 ati2mtag (bde0f5d73c04b3f16672a7e6ea9d2392) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
22:03:41.0359 1428 ati2mtag - ok
22:03:41.0406 1428 AtiHdmiService (591a9eabb5ef5168e435c2f18b05dd76) C:\WINDOWS\system32\drivers\AtiHdmi.sys
22:03:41.0406 1428 AtiHdmiService - ok
22:03:41.0421 1428 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:03:41.0421 1428 Atmarpc - ok
22:03:41.0453 1428 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
22:03:41.0453 1428 audstub - ok
22:03:41.0468 1428 azvusb (0a5e8178eff1d8f109a95235aeb7d76f) C:\WINDOWS\system32\DRIVERS\azvusb.sys
22:03:41.0468 1428 azvusb - ok
22:03:41.0500 1428 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
22:03:41.0500 1428 Beep - ok
22:03:41.0531 1428 BthEnum (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys
22:03:41.0531 1428 BthEnum - ok
22:03:41.0546 1428 BTHMODEM (fca6f069597b62d42495191ace3fc6c1) C:\WINDOWS\system32\DRIVERS\bthmodem.sys
22:03:41.0546 1428 BTHMODEM - ok
22:03:41.0562 1428 BthPan (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys
22:03:41.0562 1428 BthPan - ok
22:03:41.0609 1428 BTHPORT (f338662a6c1fc11dd9508f6dff2c06a2) C:\WINDOWS\system32\Drivers\BTHport.sys
22:03:41.0609 1428 BTHPORT - ok
22:03:41.0609 1428 BTHUSB (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys
22:03:41.0609 1428 BTHUSB - ok
22:03:41.0640 1428 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
22:03:41.0640 1428 cbidf2k - ok
22:03:41.0687 1428 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
22:03:41.0687 1428 CCDECODE - ok
22:03:41.0687 1428 cd20xrnt - ok
22:03:41.0703 1428 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
22:03:41.0703 1428 Cdaudio - ok
22:03:41.0734 1428 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
22:03:41.0734 1428 Cdfs - ok
22:03:41.0750 1428 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:03:41.0750 1428 Cdrom - ok
22:03:41.0796 1428 CmdIde - ok
22:03:41.0812 1428 Cpqarray - ok
22:03:41.0828 1428 cpuidlep (3a1dc7c08ae1af450ffd753a0fd82f9d) C:\WINDOWS\system32\drivers\cpuidlep.sys
22:03:41.0828 1428 cpuidlep - ok
22:03:41.0875 1428 cpuz135 - ok
22:03:41.0890 1428 dac2w2k - ok
22:03:41.0890 1428 dac960nt - ok
22:03:41.0921 1428 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
22:03:41.0921 1428 Disk - ok
22:03:41.0953 1428 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
22:03:41.0953 1428 dmboot - ok
22:03:41.0968 1428 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
22:03:41.0968 1428 dmio - ok
22:03:41.0984 1428 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
22:03:41.0984 1428 dmload - ok
22:03:42.0015 1428 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
22:03:42.0015 1428 DMusic - ok
22:03:42.0015 1428 dpti2o - ok
22:03:42.0031 1428 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
22:03:42.0031 1428 drmkaud - ok
22:03:42.0046 1428 DSDrv4 - ok
22:03:42.0078 1428 dtsoftbus01 (fb38473835476a6fb272215a1d972af9) C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
22:03:42.0078 1428 dtsoftbus01 - ok
22:03:42.0078 1428 esihdrv - ok
22:03:42.0093 1428 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
22:03:42.0093 1428 Fastfat - ok
22:03:42.0125 1428 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
22:03:42.0125 1428 Fdc - ok
22:03:42.0140 1428 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
22:03:42.0140 1428 Fips - ok
22:03:42.0156 1428 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
22:03:42.0156 1428 Flpydisk - ok
22:03:42.0171 1428 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
22:03:42.0171 1428 FltMgr - ok
22:03:42.0187 1428 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:03:42.0187 1428 Fs_Rec - ok
22:03:42.0203 1428 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:03:42.0203 1428 Ftdisk - ok
22:03:42.0234 1428 giveio (77ebf3e9386daa51551af429052d88d0) C:\WINDOWS\system32\giveio.sys
22:03:42.0250 1428 giveio - ok
22:03:42.0265 1428 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:03:42.0265 1428 Gpc - ok
22:03:42.0296 1428 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
22:03:42.0296 1428 HDAudBus - ok
22:03:42.0328 1428 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:03:42.0328 1428 HidUsb - ok
22:03:42.0343 1428 hpn - ok
22:03:42.0343 1428 hpt3xx - ok
22:03:42.0375 1428 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
22:03:42.0375 1428 HTTP - ok
22:03:42.0390 1428 i2omp - ok
22:03:42.0406 1428 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:03:42.0406 1428 i8042prt - ok
22:03:42.0421 1428 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
22:03:42.0421 1428 Imapi - ok
22:03:42.0437 1428 ini910u - ok
22:03:42.0562 1428 IntcAzAudAddService (e8656858d8b2da7c9cf59fb4e5ce32ed) C:\WINDOWS\system32\drivers\RtkHDAud.sys
22:03:42.0578 1428 IntcAzAudAddService - ok
22:03:42.0593 1428 IntelIde - ok
22:03:42.0609 1428 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
22:03:42.0609 1428 ip6fw - ok
22:03:42.0640 1428 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:03:42.0640 1428 IpFilterDriver - ok
22:03:42.0671 1428 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:03:42.0671 1428 IpInIp - ok
22:03:42.0703 1428 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:03:42.0703 1428 IpNat - ok
22:03:42.0718 1428 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:03:42.0718 1428 IPSec - ok
22:03:42.0750 1428 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
22:03:42.0750 1428 IRENUM - ok
22:03:42.0765 1428 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:03:42.0765 1428 isapnp - ok
22:03:42.0828 1428 ISODisk (96f2f5884d02535e2d4dfc849836f4a6) C:\WINDOWS\system32\drivers\ISODisk.sys
22:03:42.0828 1428 ISODisk - ok
22:03:42.0859 1428 ISODrive (c53dd6a48d45d61e84bf8a069416b139) C:\Program Files\UltraISO\drivers\ISODrive.sys
22:03:42.0859 1428 ISODrive - ok
22:03:42.0890 1428 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:03:42.0890 1428 Kbdclass - ok
22:03:42.0906 1428 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
22:03:42.0906 1428 kbdhid - ok
22:03:42.0937 1428 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
22:03:42.0937 1428 kmixer - ok
22:03:42.0984 1428 ksaud (521e7ad734e152537f1573354c7fc3ff) C:\WINDOWS\system32\drivers\ksaud.sys
22:03:43.0000 1428 ksaud - ok
22:03:43.0046 1428 ksaudfl (deb94f7b8d2bc94dc68870c41da5ed26) C:\WINDOWS\system32\drivers\ksaudfl.sys
22:03:43.0062 1428 ksaudfl - ok
22:03:43.0109 1428 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
22:03:43.0109 1428 KSecDD - ok
22:03:43.0140 1428 LgBttPort (4dd47b5af0b24871ebb9efc012a7474e) C:\WINDOWS\system32\DRIVERS\lgbtport.sys
22:03:43.0140 1428 LgBttPort - ok
22:03:43.0156 1428 lgbusenum (1d038ca6c529203087a990e5e97887b4) C:\WINDOWS\system32\DRIVERS\lgbtbus.sys
22:03:43.0156 1428 lgbusenum - ok
22:03:43.0187 1428 LGVMODEM (26f1976a330195d62a6224c76968cf0d) C:\WINDOWS\system32\DRIVERS\lgvmodem.sys
22:03:43.0187 1428 LGVMODEM - ok
22:03:43.0218 1428 mcdbus (94f2f3e27f5a43ffe5e3166035e81176) C:\WINDOWS\system32\DRIVERS\mcdbus.sys
22:03:43.0218 1428 mcdbus - ok
22:03:43.0250 1428 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
22:03:43.0250 1428 mnmdd - ok
22:03:43.0281 1428 mod7700 (89684cf71d4aef8ac0732318cda2d9d2) C:\WINDOWS\system32\Drivers\mod7700.sys
22:03:43.0296 1428 mod7700 - ok
22:03:43.0328 1428 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
22:03:43.0328 1428 Modem - ok
22:03:43.0375 1428 MODRC (370e88453ec0d7bea6eb24be8d865dbe) C:\WINDOWS\system32\DRIVERS\modrc.sys
22:03:43.0375 1428 MODRC - ok
22:03:43.0406 1428 Monfilt (9fa7207d1b1adead88ae8eed9cdbbaa5) C:\WINDOWS\system32\drivers\Monfilt.sys
22:03:43.0421 1428 Monfilt - ok
22:03:43.0453 1428 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:03:43.0453 1428 Mouclass - ok
22:03:43.0468 1428 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:03:43.0468 1428 mouhid - ok
22:03:43.0500 1428 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
22:03:43.0500 1428 MountMgr - ok
22:03:43.0531 1428 MovRVDrv32 (cb48c23769c56977ec3de6df0c6dbb8c) C:\WINDOWS\system32\DRIVERS\MovRVDrv32.sys
22:03:43.0531 1428 MovRVDrv32 - ok
22:03:43.0578 1428 MPE (c0f8e0c2c3c0437cf37c6781896dc3ec) C:\WINDOWS\system32\DRIVERS\MPE.sys
22:03:43.0578 1428 MPE - ok
22:03:43.0578 1428 mraid35x - ok
22:03:43.0593 1428 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:03:43.0593 1428 MRxDAV - ok
22:03:43.0640 1428 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:03:43.0640 1428 MRxSmb - ok
22:03:43.0656 1428 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
22:03:43.0656 1428 Msfs - ok
22:03:43.0703 1428 MSI_MSIBIOS_010507 (3846c05a66a3f5cd1d33e1a323c1762c) C:\Program Files\MSI\Live Update 5\msibios32_100507.sys
22:03:43.0703 1428 MSI_MSIBIOS_010507 - ok
22:03:43.0734 1428 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:03:43.0734 1428 MSKSSRV - ok
22:03:43.0750 1428 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:03:43.0750 1428 MSPCLOCK - ok
22:03:43.0750 1428 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
22:03:43.0750 1428 MSPQM - ok
22:03:43.0796 1428 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:03:43.0796 1428 mssmbios - ok
22:03:43.0812 1428 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
22:03:43.0812 1428 MSTEE - ok
22:03:43.0843 1428 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
22:03:43.0843 1428 Mup - ok
22:03:43.0906 1428 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
22:03:43.0906 1428 NABTSFEC - ok
22:03:43.0921 1428 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
22:03:43.0921 1428 NDIS - ok
22:03:43.0953 1428 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
22:03:43.0953 1428 NdisIP - ok
22:03:43.0984 1428 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:03:43.0984 1428 NdisTapi - ok
22:03:44.0015 1428 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:03:44.0015 1428 Ndisuio - ok
22:03:44.0046 1428 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:03:44.0046 1428 NdisWan - ok
22:03:44.0062 1428 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
22:03:44.0062 1428 NDProxy - ok
22:03:44.0078 1428 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
22:03:44.0078 1428 NetBIOS - ok
22:03:44.0093 1428 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
22:03:44.0093 1428 NetBT - ok
22:03:44.0125 1428 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
22:03:44.0125 1428 Npfs - ok
22:03:44.0156 1428 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
22:03:44.0156 1428 Ntfs - ok
22:03:44.0203 1428 NTIOLib_1_0_4 (cd2166c9511d336a058cde91778aaa69) C:\Program Files\MSI\Live Update 5\NTIOLib.sys
22:03:44.0203 1428 NTIOLib_1_0_4 - ok
22:03:44.0218 1428 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
22:03:44.0218 1428 Null - ok
22:03:44.0234 1428 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:03:44.0234 1428 NwlnkFlt - ok
22:03:44.0250 1428 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:03:44.0250 1428 NwlnkFwd - ok
22:03:44.0281 1428 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\drivers\Parport.sys
22:03:44.0296 1428 Parport - ok
22:03:44.0312 1428 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
22:03:44.0312 1428 PartMgr - ok
22:03:44.0328 1428 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
22:03:44.0328 1428 ParVdm - ok
22:03:44.0359 1428 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
22:03:44.0359 1428 PCI - ok
22:03:44.0359 1428 PCIDump - ok
22:03:44.0375 1428 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
22:03:44.0375 1428 PCIIde - ok
22:03:44.0406 1428 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
22:03:44.0406 1428 Pcmcia - ok
22:03:44.0437 1428 PCTCore (807ff1dd6e1bdf8e7d2062fca0daecaf) C:\WINDOWS\system32\drivers\PCTCore.sys
22:03:44.0437 1428 PCTCore - ok
22:03:44.0453 1428 perc2 - ok
22:03:44.0453 1428 perc2hib - ok
22:03:44.0484 1428 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:03:44.0484 1428 PptpMiniport - ok
22:03:44.0484 1428 Processor (7eb15dce4ec3a0220bd796a15c18186e) C:\WINDOWS\system32\DRIVERS\processr.sys
22:03:44.0484 1428 Processor - ok
22:03:44.0515 1428 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
22:03:44.0515 1428 PSched - ok
22:03:44.0562 1428 PSINAflt (1a8e10025be59e7f0a2981a52c483fcd) C:\WINDOWS\system32\DRIVERS\PSINAflt.sys
22:03:44.0562 1428 PSINAflt - ok
22:03:44.0609 1428 PSINFile (5bab5fb4cb1963f643a1a8b4d816cf8f) C:\WINDOWS\system32\DRIVERS\PSINFile.sys
22:03:44.0609 1428 PSINFile - ok
22:03:44.0671 1428 PSINKNC (0518f472a69249e18612e29278bd58ec) C:\WINDOWS\system32\DRIVERS\psinknc.sys
22:03:44.0671 1428 PSINKNC - ok
22:03:44.0734 1428 PSINProc (87b2fe6d7b427947541360f48c302054) C:\WINDOWS\system32\DRIVERS\PSINProc.sys
22:03:44.0734 1428 PSINProc - ok
22:03:44.0781 1428 PSINProt (f4804beb5ff6741019b56a02ead4d3b7) C:\WINDOWS\system32\DRIVERS\PSINProt.sys
22:03:44.0781 1428 PSINProt - ok
22:03:44.0812 1428 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:03:44.0812 1428 Ptilink - ok
22:03:44.0859 1428 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
22:03:44.0859 1428 PxHelp20 - ok
22:03:44.0859 1428 ql1080 - ok
22:03:44.0875 1428 Ql10wnt - ok
22:03:44.0875 1428 ql12160 - ok
22:03:44.0875 1428 ql1240 - ok
22:03:44.0890 1428 ql1280 - ok
22:03:44.0906 1428 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:03:44.0906 1428 RasAcd - ok
22:03:44.0921 1428 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:03:44.0921 1428 Rasl2tp - ok
22:03:44.0953 1428 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:03:44.0953 1428 RasPppoe - ok
22:03:44.0968 1428 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
22:03:44.0968 1428 Raspti - ok
22:03:44.0984 1428 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:03:45.0000 1428 Rdbss - ok
22:03:45.0015 1428 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:03:45.0015 1428 RDPCDD - ok
22:03:45.0046 1428 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
22:03:45.0046 1428 rdpdr - ok
22:03:45.0062 1428 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
22:03:45.0062 1428 RDPWD - ok
22:03:45.0093 1428 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
22:03:45.0093 1428 redbook - ok
22:03:45.0125 1428 RFCOMM (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys
22:03:45.0125 1428 RFCOMM - ok
22:03:45.0265 1428 RTLE8023xp (b0e1648aae1e59bdd0854af07a605399) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
22:03:45.0312 1428 RTLE8023xp - ok
22:03:45.0421 1428 RushTopDevice_J - ok
22:03:45.0562 1428 RVIEGVST (3c74d9fdb1d9831ec932e89f3d874f00) C:\Program Files\Roland\Virtual Sound Canvas VST\RVIEg01VST.sys
22:03:45.0578 1428 RVIEGVST - ok
22:03:45.0671 1428 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
22:03:45.0671 1428 SASDIFSV - ok
22:03:45.0750 1428 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
22:03:45.0750 1428 SASKUTIL - ok
22:03:45.0781 1428 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:03:45.0781 1428 Secdrv - ok
22:03:45.0812 1428 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
22:03:45.0812 1428 serenum - ok
22:03:45.0828 1428 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
22:03:45.0828 1428 Serial - ok
22:03:45.0859 1428 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
22:03:45.0859 1428 Sfloppy - ok
22:03:45.0859 1428 Simbad - ok
22:03:45.0890 1428 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
22:03:45.0890 1428 SLIP - ok
22:03:45.0906 1428 SmartDefragDriver (14bb60a4f1c5291217a05d5728c403e6) C:\WINDOWS\system32\Drivers\SmartDefragDriver.sys
22:03:45.0906 1428 SmartDefragDriver - ok
22:03:45.0921 1428 Sparrow - ok
22:03:45.0937 1428 speedfan (3fa2e254bfbce52b3c6f1bf23aab6911) C:\WINDOWS\system32\speedfan.sys
22:03:45.0953 1428 speedfan - ok
22:03:45.0968 1428 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
22:03:45.0968 1428 splitter - ok
22:03:46.0015 1428 sptd (f42efefb765235f24b24e1d2b6f99f46) C:\WINDOWS\System32\Drivers\sptd.sys
22:03:46.0015 1428 Suspicious file (NoAccess): C:\WINDOWS\System32\Drivers\sptd.sys. md5: f42efefb765235f24b24e1d2b6f99f46
22:03:46.0015 1428 sptd ( LockedFile.Multi.Generic ) - warning
22:03:46.0015 1428 sptd - detected LockedFile.Multi.Generic (1)
22:03:46.0046 1428 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
22:03:46.0046 1428 sr - ok
22:03:46.0062 1428 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
22:03:46.0062 1428 Srv - ok
22:03:46.0093 1428 StarOpen (e57b778208c783d8debab320c16a1b82) C:\WINDOWS\system32\drivers\StarOpen.sys
22:03:46.0093 1428 StarOpen - ok
22:03:46.0125 1428 StMp3Rec (e4549a29d12535721a0a5a636eabfdc4) C:\WINDOWS\system32\Drivers\StMp3Rec.sys
22:03:46.0125 1428 StMp3Rec - ok
22:03:46.0140 1428 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
22:03:46.0140 1428 streamip - ok
22:03:46.0156 1428 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
22:03:46.0156 1428 swenum - ok
22:03:46.0171 1428 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
22:03:46.0171 1428 swmidi - ok
22:03:46.0187 1428 symc810 - ok
22:03:46.0187 1428 symc8xx - ok
22:03:46.0203 1428 sym_hi - ok
22:03:46.0203 1428 sym_u3 - ok
22:03:46.0218 1428 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
22:03:46.0218 1428 sysaudio - ok
22:03:46.0250 1428 SysTool (0e4bb35c5305099ac82053ac992e3e0e) C:\WINDOWS\system32\DRIVERS\SysTool.sys
22:03:46.0250 1428 SysTool - ok
22:03:46.0281 1428 tap0901 (d8c94d074fe516a8509dfa1d81f8ad17) C:\WINDOWS\system32\DRIVERS\tap0901.sys
22:03:46.0281 1428 tap0901 - ok
22:03:46.0328 1428 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:03:46.0328 1428 Tcpip - ok
22:03:46.0359 1428 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
22:03:46.0359 1428 TDPIPE - ok
22:03:46.0375 1428 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
22:03:46.0375 1428 TDTCP - ok
22:03:46.0390 1428 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
22:03:46.0390 1428 TermDD - ok
22:03:46.0390 1428 TosIde - ok
22:03:46.0421 1428 TrueSight (f69641efdb19acb4753b0155f7fdeed5) c:\windows\system32\drivers\TrueSight.sys
22:03:46.0421 1428 TrueSight - ok
22:03:46.0437 1428 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
22:03:46.0437 1428 Udfs - ok
22:03:46.0437 1428 ultra - ok
22:03:46.0468 1428 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
22:03:46.0468 1428 Update - ok
22:03:46.0500 1428 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
22:03:46.0500 1428 usbaudio - ok
22:03:46.0531 1428 usbbus (8ef48ff1c23b1ce6f96d09a45959eb20) C:\WINDOWS\system32\DRIVERS\lgusbbus.sys
22:03:46.0531 1428 usbbus - ok
22:03:46.0546 1428 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:03:46.0546 1428 usbccgp - ok
22:03:46.0562 1428 UsbDiag (a0e24c5c2d0cff04bbd3753a72fae80b) C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys
22:03:46.0578 1428 UsbDiag - ok
22:03:46.0578 1428 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:03:46.0593 1428 usbehci - ok
22:03:46.0609 1428 usbfilter (5294e3c91e723ecdbad9614ef02fd941) C:\WINDOWS\system32\DRIVERS\usbfilter.sys
22:03:46.0609 1428 usbfilter - ok
22:03:46.0687 1428 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:03:46.0687 1428 usbhub - ok
22:03:46.0718 1428 USBModem (cc09a1132b1f6a8362107cc134e90d0b) C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys
22:03:46.0718 1428 USBModem - ok
22:03:46.0734 1428 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
22:03:46.0734 1428 usbohci - ok
22:03:46.0765 1428 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:03:46.0765 1428 usbstor - ok
22:03:46.0781 1428 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
22:03:46.0781 1428 VgaSave - ok
22:03:46.0781 1428 ViaIde - ok
22:03:46.0796 1428 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
22:03:46.0796 1428 VolSnap - ok
22:03:46.0828 1428 w300bus (d4baa1ac8dcea1382e81aa6fe48cdd7c) C:\WINDOWS\system32\DRIVERS\w300bus.sys
22:03:46.0828 1428 w300bus - ok
22:03:46.0843 1428 w300mdfl (12d415ab0ddd86c42cdc5f120a381f24) C:\WINDOWS\system32\DRIVERS\w300mdfl.sys
22:03:46.0843 1428 w300mdfl - ok
22:03:46.0859 1428 w300mdm (f470d5e61ee7f951883f70d676551c89) C:\WINDOWS\system32\DRIVERS\w300mdm.sys
22:03:46.0875 1428 w300mdm - ok
22:03:46.0890 1428 w300mgmt (1b575b7384e22f5b278d3d7fc1bae682) C:\WINDOWS\system32\DRIVERS\w300mgmt.sys
22:03:46.0906 1428 w300mgmt - ok
22:03:46.0921 1428 w300obex (a2bc36924ae02ca1e01ec39c99afea09) C:\WINDOWS\system32\DRIVERS\w300obex.sys
22:03:46.0921 1428 w300obex - ok
22:03:46.0937 1428 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:03:46.0937 1428 Wanarp - ok
22:03:46.0968 1428 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\WINDOWS\system32\DRIVERS\wdcsam.sys
22:03:46.0968 1428 WDC_SAM - ok
22:03:47.0000 1428 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
22:03:47.0000 1428 wdmaud - ok
22:03:47.0031 1428 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
22:03:47.0031 1428 WmiAcpi - ok
22:03:47.0062 1428 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
22:03:47.0062 1428 WpdUsb - ok
22:03:47.0093 1428 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
22:03:47.0093 1428 WS2IFSL - ok
22:03:47.0125 1428 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
22:03:47.0125 1428 WSTCODEC - ok
22:03:47.0140 1428 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
22:03:47.0140 1428 WudfPf - ok
22:03:47.0171 1428 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
22:03:47.0171 1428 WudfRd - ok
22:03:47.0187 1428 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
22:03:47.0312 1428 \Device\Harddisk0\DR0 - ok
22:03:47.0312 1428 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk5\DR6
22:03:47.0312 1428 \Device\Harddisk5\DR6 - ok
22:03:47.0359 1428 MBR (0x1B8) (5fdf87052359115fa5743d194aaffd81) \Device\Harddisk6\DR7
22:03:56.0328 1428 \Device\Harddisk6\DR7 - ok
22:03:56.0328 1428 Boot (0x1200) (da32595cdf7ca6894ccbb87244617407) \Device\Harddisk0\DR0\Partition0
22:03:56.0328 1428 \Device\Harddisk0\DR0\Partition0 - ok
22:03:56.0343 1428 Boot (0x1200) (a8a9d48b51339860c40f046e2c5e5548) \Device\Harddisk5\DR6\Partition0
22:03:56.0343 1428 \Device\Harddisk5\DR6\Partition0 - ok
22:03:56.0343 1428 ============================================================
22:03:56.0343 1428 Scan finished
22:03:56.0343 1428 ============================================================
22:03:56.0343 3836 Detected object count: 1
22:03:56.0343 3836 Actual detected object count: 1
22:04:01.0500 3836 sptd ( LockedFile.Multi.Generic ) - skipped by user
22:04:01.0500 3836 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
22:04:09.0406 3380 ============================================================
22:04:09.0406 3380 Scan started
22:04:09.0406 3380 Mode: Manual; SigCheck; TDLFS;
22:04:09.0406 3380 ============================================================
22:04:09.0625 3380 Abiosdsk - ok
22:04:09.0625 3380 abp480n5 - ok
22:04:09.0656 3380 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:04:09.0812 3380 ACPI - ok
22:04:09.0828 3380 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
22:04:09.0921 3380 ACPIEC - ok
22:04:09.0921 3380 adpu160m - ok
22:04:09.0953 3380 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
22:04:10.0031 3380 aec - ok
22:04:10.0046 3380 Afc (fe3ea6e9afc1a78e6edca121e006afb7) C:\WINDOWS\system32\drivers\Afc.sys
22:04:10.0062 3380 Afc - ok
22:04:10.0093 3380 AFD (885b2f107a071eebfc87d4cb16e2a6c3) C:\WINDOWS\System32\drivers\afd1.sys
22:04:10.0093 3380 AFD ( UnsignedFile.Multi.Generic ) - warning
22:04:10.0093 3380 AFD - detected UnsignedFile.Multi.Generic (1)
22:04:10.0093 3380 Aha154x - ok
22:04:10.0109 3380 aic78u2 - ok
22:04:10.0109 3380 aic78xx - ok
22:04:10.0125 3380 AliIde - ok
22:04:10.0156 3380 Ambfilt (f6af59d6eee5e1c304f7f73706ad11d8) C:\WINDOWS\system32\drivers\Ambfilt.sys
22:04:10.0296 3380 Ambfilt - ok
22:04:10.0328 3380 amdide (6e58654cb25730b2579e45e1fd116a47) C:\WINDOWS\system32\DRIVERS\amdide.sys
22:04:10.0328 3380 amdide - ok
22:04:10.0359 3380 AmdLLD (ad8fa28d8ed0d0a689a0559085ce0f18) C:\WINDOWS\system32\DRIVERS\AmdLLD.sys
22:04:10.0390 3380 AmdLLD - ok
22:04:10.0421 3380 AmdPPM (033448d435e65c4bd72e70521fd05c76) C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
22:04:10.0437 3380 AmdPPM - ok
22:04:10.0453 3380 Amfilter (6a1455f7c1f10820a9eb3c89880076ae) C:\WINDOWS\system32\DRIVERS\Amfilter.sys
22:04:10.0484 3380 Amfilter ( UnsignedFile.Multi.Generic ) - warning
22:04:10.0484 3380 Amfilter - detected UnsignedFile.Multi.Generic (1)
22:04:10.0484 3380 amsint - ok
22:04:10.0500 3380 Amusbprt (e3fe4628299ba176e3dcb99576ef922b) C:\WINDOWS\system32\DRIVERS\Amusbprt.sys
22:04:10.0515 3380 Amusbprt ( UnsignedFile.Multi.Generic ) - warning
22:04:10.0515 3380 Amusbprt - detected UnsignedFile.Multi.Generic (1)
22:04:10.0515 3380 AODDriver - ok
22:04:10.0546 3380 Asapi (875f9079cabee679d34b49e466b61701) C:\WINDOWS\system32\drivers\Asapi.sys
22:04:10.0546 3380 Asapi ( UnsignedFile.Multi.Generic ) - warning
22:04:10.0546 3380 Asapi - detected UnsignedFile.Multi.Generic (1)
22:04:10.0562 3380 asc - ok
22:04:10.0562 3380 asc3350p - ok
22:04:10.0562 3380 asc3550 - ok
22:04:10.0593 3380 ASPI (54ab078660e536da72b21a27f56b035b) C:\WINDOWS\System32\DRIVERS\ASPI32.sys
22:04:10.0609 3380 ASPI ( UnsignedFile.Multi.Generic ) - warning
22:04:10.0609 3380 ASPI - detected UnsignedFile.Multi.Generic (1)
22:04:10.0609 3380 Aspi32 (54ab078660e536da72b21a27f56b035b) C:\WINDOWS\system32\drivers\aspi32.sys
22:04:10.0625 3380 Aspi32 ( UnsignedFile.Multi.Generic ) - warning
22:04:10.0625 3380 Aspi32 - detected UnsignedFile.Multi.Generic (1)
22:04:10.0640 3380 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:04:10.0718 3380 AsyncMac - ok
22:04:10.0750 3380 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
22:04:10.0828 3380 atapi - ok
22:04:10.0843 3380 Atdisk - ok
22:04:11.0093 3380 ati2mtag (bde0f5d73c04b3f16672a7e6ea9d2392) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
22:04:11.0234 3380 ati2mtag - ok
22:04:11.0265 3380 AtiHdmiService (591a9eabb5ef5168e435c2f18b05dd76) C:\WINDOWS\system32\drivers\AtiHdmi.sys
22:04:11.0296 3380 AtiHdmiService - ok
22:04:11.0312 3380 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:04:11.0390 3380 Atmarpc - ok
22:04:11.0406 3380 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
22:04:11.0484 3380 audstub - ok
22:04:11.0500 3380 azvusb (0a5e8178eff1d8f109a95235aeb7d76f) C:\WINDOWS\system32\DRIVERS\azvusb.sys
22:04:11.0531 3380 azvusb - ok
22:04:11.0546 3380 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
22:04:11.0640 3380 Beep - ok
22:04:11.0671 3380 BthEnum (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys
22:04:11.0765 3380 BthEnum - ok
22:04:11.0781 3380 BTHMODEM (fca6f069597b62d42495191ace3fc6c1) C:\WINDOWS\system32\DRIVERS\bthmodem.sys
22:04:11.0843 3380 BTHMODEM - ok
22:04:11.0875 3380 BthPan (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys
22:04:11.0953 3380 BthPan - ok
22:04:11.0968 3380 BTHPORT (f338662a6c1fc11dd9508f6dff2c06a2) C:\WINDOWS\system32\Drivers\BTHport.sys
22:04:11.0984 3380 BTHPORT - ok
22:04:12.0000 3380 BTHUSB (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys
22:04:12.0093 3380 BTHUSB - ok
22:04:12.0109 3380 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
22:04:12.0187 3380 cbidf2k - ok
22:04:12.0203 3380 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
22:04:12.0281 3380 CCDECODE - ok
22:04:12.0281 3380 cd20xrnt - ok
22:04:12.0312 3380 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
22:04:12.0375 3380 Cdaudio - ok
22:04:12.0406 3380 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
22:04:12.0484 3380 Cdfs - ok
22:04:12.0500 3380 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:04:12.0578 3380 Cdrom - ok
22:04:12.0578 3380 CmdIde - ok
22:04:12.0593 3380 Cpqarray - ok
22:04:12.0625 3380 cpuidlep (3a1dc7c08ae1af450ffd753a0fd82f9d) C:\WINDOWS\system32\drivers\cpuidlep.sys
22:04:12.0625 3380 cpuidlep ( UnsignedFile.Multi.Generic ) - warning
22:04:12.0625 3380 cpuidlep - detected UnsignedFile.Multi.Generic (1)
22:04:12.0671 3380 cpuz135 - ok
22:04:12.0687 3380 dac2w2k - ok
22:04:12.0687 3380 dac960nt - ok
22:04:12.0703 3380 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
22:04:12.0796 3380 Disk - ok
22:04:12.0843 3380 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
22:04:12.0953 3380 dmboot - ok
22:04:12.0984 3380 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
22:04:13.0046 3380 dmio - ok
22:04:13.0062 3380 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
22:04:13.0140 3380 dmload - ok
22:04:13.0156 3380 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
22:04:13.0250 3380 DMusic - ok
22:04:13.0250 3380 dpti2o - ok
22:04:13.0265 3380 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
22:04:13.0343 3380 drmkaud - ok
22:04:13.0343 3380 DSDrv4 - ok
22:04:13.0375 3380 dtsoftbus01 (fb38473835476a6fb272215a1d972af9) C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
22:04:13.0375 3380 dtsoftbus01 - ok
22:04:13.0390 3380 esihdrv - ok
22:04:13.0421 3380 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
22:04:13.0484 3380 Fastfat - ok
22:04:13.0515 3380 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
22:04:13.0609 3380 Fdc - ok
22:04:13.0625 3380 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
22:04:13.0703 3380 Fips - ok
22:04:13.0718 3380 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
22:04:13.0781 3380 Flpydisk - ok
22:04:13.0796 3380 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
22:04:13.0859 3380 FltMgr - ok
22:04:13.0875 3380 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:04:13.0953 3380 Fs_Rec - ok
22:04:13.0953 3380 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:04:14.0031 3380 Ftdisk - ok
22:04:14.0046 3380 giveio (77ebf3e9386daa51551af429052d88d0) C:\WINDOWS\system32\giveio.sys
22:04:14.0062 3380 giveio ( UnsignedFile.Multi.Generic ) - warning
22:04:14.0062 3380 giveio - detected UnsignedFile.Multi.Generic (1)
22:04:14.0078 3380 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:04:14.0156 3380 Gpc - ok
22:04:14.0171 3380 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
22:04:14.0250 3380 HDAudBus - ok
22:04:14.0281 3380 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:04:14.0359 3380 HidUsb - ok
22:04:14.0359 3380 hpn - ok
22:04:14.0375 3380 hpt3xx - ok
22:04:14.0406 3380 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
22:04:14.0421 3380 HTTP - ok
22:04:14.0421 3380 i2omp - ok
22:04:14.0453 3380 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:04:14.0531 3380 i8042prt - ok
22:04:14.0546 3380 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
22:04:14.0609 3380 Imapi - ok
22:04:14.0625 3380 ini910u - ok
22:04:14.0750 3380 IntcAzAudAddService (e8656858d8b2da7c9cf59fb4e5ce32ed) C:\WINDOWS\system32\drivers\RtkHDAud.sys
22:04:14.0890 3380 IntcAzAudAddService - ok
22:04:14.0906 3380 IntelIde - ok
22:04:14.0921 3380 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
22:04:15.0000 3380 ip6fw - ok
22:04:15.0015 3380 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:04:15.0078 3380 IpFilterDriver - ok
22:04:15.0093 3380 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:04:15.0171 3380 IpInIp - ok
22:04:15.0187 3380 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:04:15.0265 3380 IpNat - ok
22:04:15.0281 3380 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:04:15.0375 3380 IPSec - ok
22:04:15.0390 3380 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
22:04:15.0437 3380 IRENUM - ok
22:04:15.0453 3380 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:04:15.0515 3380 isapnp - ok
22:04:15.0546 3380 ISODisk (96f2f5884d02535e2d4dfc849836f4a6) C:\WINDOWS\system32\drivers\ISODisk.sys
22:04:15.0546 3380 ISODisk ( UnsignedFile.Multi.Generic ) - warning
22:04:15.0546 3380 ISODisk - detected UnsignedFile.Multi.Generic (1)
22:04:15.0578 3380 ISODrive (c53dd6a48d45d61e84bf8a069416b139) C:\Program Files\UltraISO\drivers\ISODrive.sys
22:04:15.0593 3380 ISODrive ( UnsignedFile.Multi.Generic ) - warning
22:04:15.0593 3380 ISODrive - detected UnsignedFile.Multi.Generic (1)
22:04:15.0609 3380 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:04:15.0703 3380 Kbdclass - ok
22:04:15.0734 3380 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
22:04:15.0812 3380 kbdhid - ok
22:04:15.0828 3380 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
22:04:15.0906 3380 kmixer - ok
22:04:15.0953 3380 ksaud (521e7ad734e152537f1573354c7fc3ff) C:\WINDOWS\system32\drivers\ksaud.sys
22:04:16.0046 3380 ksaud - ok
22:04:16.0093 3380 ksaudfl (deb94f7b8d2bc94dc68870c41da5ed26) C:\WINDOWS\system32\drivers\ksaudfl.sys
22:04:16.0140 3380 ksaudfl - ok
22:04:16.0171 3380 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
22:04:16.0187 3380 KSecDD - ok
22:04:16.0203 3380 LgBttPort (4dd47b5af0b24871ebb9efc012a7474e) C:\WINDOWS\system32\DRIVERS\lgbtport.sys
22:04:16.0265 3380 LgBttPort - ok
22:04:16.0281 3380 lgbusenum (1d038ca6c529203087a990e5e97887b4) C:\WINDOWS\system32\DRIVERS\lgbtbus.sys
22:04:16.0296 3380 lgbusenum - ok
22:04:16.0312 3380 LGVMODEM (26f1976a330195d62a6224c76968cf0d) C:\WINDOWS\system32\DRIVERS\lgvmodem.sys
22:04:16.0328 3380 LGVMODEM - ok
22:04:16.0359 3380 mcdbus (94f2f3e27f5a43ffe5e3166035e81176) C:\WINDOWS\system32\DRIVERS\mcdbus.sys
22:04:16.0359 3380 mcdbus ( UnsignedFile.Multi.Generic ) - warning
22:04:16.0359 3380 mcdbus - detected UnsignedFile.Multi.Generic (1)
22:04:16.0390 3380 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
22:04:16.0468 3380 mnmdd - ok
22:04:16.0515 3380 mod7700 (89684cf71d4aef8ac0732318cda2d9d2) C:\WINDOWS\system32\Drivers\mod7700.sys
22:04:16.0578 3380 mod7700 - ok
22:04:16.0609 3380 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
22:04:16.0687 3380 Modem - ok
22:04:16.0718 3380 MODRC (370e88453ec0d7bea6eb24be8d865dbe) C:\WINDOWS\system32\DRIVERS\modrc.sys
22:04:16.0765 3380 MODRC - ok
22:04:16.0812 3380 Monfilt (9fa7207d1b1adead88ae8eed9cdbbaa5) C:\WINDOWS\system32\drivers\Monfilt.sys
22:04:16.0859 3380 Monfilt - ok
22:04:16.0906 3380 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:04:16.0984 3380 Mouclass - ok
22:04:17.0015 3380 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:04:17.0078 3380 mouhid - ok
22:04:17.0093 3380 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
22:04:17.0171 3380 MountMgr - ok
22:04:17.0203 3380 MovRVDrv32 (cb48c23769c56977ec3de6df0c6dbb8c) C:\WINDOWS\system32\DRIVERS\MovRVDrv32.sys
22:04:17.0203 3380 MovRVDrv32 ( UnsignedFile.Multi.Generic ) - warning
22:04:17.0218 3380 MovRVDrv32 - detected UnsignedFile.Multi.Generic (1)
22:04:17.0234 3380 MPE (c0f8e0c2c3c0437cf37c6781896dc3ec) C:\WINDOWS\system32\DRIVERS\MPE.sys
22:04:17.0296 3380 MPE - ok
22:04:17.0296 3380 mraid35x - ok
22:04:17.0312 3380 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:04:17.0406 3380 MRxDAV - ok
22:04:17.0437 3380 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:04:17.0453 3380 MRxSmb - ok
22:04:17.0484 3380 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
22:04:17.0546 3380 Msfs - ok
22:04:17.0593 3380 MSI_MSIBIOS_010507 (3846c05a66a3f5cd1d33e1a323c1762c) C:\Program Files\MSI\Live Update 5\msibios32_100507.sys
22:04:17.0593 3380 MSI_MSIBIOS_010507 - ok
22:04:17.0625 3380 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:04:17.0703 3380 MSKSSRV - ok
22:04:17.0718 3380 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:04:17.0796 3380 MSPCLOCK - ok
22:04:17.0828 3380 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
22:04:17.0890 3380 MSPQM - ok
22:04:17.0906 3380 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:04:17.0984 3380 mssmbios - ok
22:04:18.0015 3380 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
22:04:18.0078 3380 MSTEE - ok
22:04:18.0109 3380 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
22:04:18.0125 3380 Mup - ok
22:04:18.0156 3380 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
22:04:18.0218 3380 NABTSFEC - ok
22:04:18.0250 3380 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
22:04:18.0312 3380 NDIS - ok
22:04:18.0328 3380 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
22:04:18.0406 3380 NdisIP - ok
22:04:18.0437 3380 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:04:18.0453 3380 NdisTapi - ok
22:04:18.0453 3380 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:04:18.0531 3380 Ndisuio - ok
22:04:18.0562 3380 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:04:18.0625 3380 NdisWan - ok
22:04:18.0656 3380 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
22:04:18.0687 3380 NDProxy - ok
22:04:18.0703 3380 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
22:04:18.0781 3380 NetBIOS - ok
22:04:18.0812 3380 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
22:04:18.0890 3380 NetBT - ok
22:04:18.0937 3380 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
22:04:19.0000 3380 Npfs - ok
22:04:19.0031 3380 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
22:04:19.0125 3380 Ntfs - ok
22:04:19.0156 3380 NTIOLib_1_0_4 (cd2166c9511d336a058cde91778aaa69) C:\Program Files\MSI\Live Update 5\NTIOLib.sys
22:04:19.0171 3380 NTIOLib_1_0_4 ( UnsignedFile.Multi.Generic ) - warning
22:04:19.0171 3380 NTIOLib_1_0_4 - detected UnsignedFile.Multi.Generic (1)
22:04:19.0187 3380 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
22:04:19.0250 3380 Null - ok
22:04:19.0265 3380 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:04:19.0343 3380 NwlnkFlt - ok
22:04:19.0359 3380 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:04:19.0421 3380 NwlnkFwd - ok
22:04:19.0453 3380 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\drivers\Parport.sys
22:04:19.0515 3380 Parport - ok
22:04:19.0531 3380 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
22:04:19.0593 3380 PartMgr - ok
22:04:19.0609 3380 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
22:04:19.0671 3380 ParVdm - ok
22:04:19.0703 3380 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
22:04:19.0765 3380 PCI - ok
22:04:19.0765 3380 PCIDump - ok
22:04:19.0796 3380 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
22:04:19.0859 3380 PCIIde - ok
22:04:19.0875 3380 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
22:04:19.0953 3380 Pcmcia - ok
22:04:19.0984 3380 PCTCore (807ff1dd6e1bdf8e7d2062fca0daecaf) C:\WINDOWS\system32\drivers\PCTCore.sys
22:04:20.0000 3380 PCTCore - ok
22:04:20.0000 3380 perc2 - ok
22:04:20.0015 3380 perc2hib - ok
22:04:20.0046 3380 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:04:20.0109 3380 PptpMiniport - ok
22:04:20.0156 3380 Processor (7eb15dce4ec3a0220bd796a15c18186e) C:\WINDOWS\system32\DRIVERS\processr.sys
22:04:20.0218 3380 Processor - ok
22:04:20.0234 3380 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
22:04:20.0296 3380 PSched - ok
22:04:20.0359 3380 PSINAflt (1a8e10025be59e7f0a2981a52c483fcd) C:\WINDOWS\system32\DRIVERS\PSINAflt.sys
22:04:20.0359 3380 PSINAflt - ok
22:04:20.0406 3380 PSINFile (5bab5fb4cb1963f643a1a8b4d816cf8f) C:\WINDOWS\system32\DRIVERS\PSINFile.sys
22:04:20.0421 3380 PSINFile - ok
22:04:20.0468 3380 PSINKNC (0518f472a69249e18612e29278bd58ec) C:\WINDOWS\system32\DRIVERS\psinknc.sys
22:04:20.0468 3380 PSINKNC - ok
22:04:20.0515 3380 PSINProc (87b2fe6d7b427947541360f48c302054) C:\WINDOWS\system32\DRIVERS\PSINProc.sys
22:04:20.0515 3380 PSINProc - ok
22:04:20.0562 3380 PSINProt (f4804beb5ff6741019b56a02ead4d3b7) C:\WINDOWS\system32\DRIVERS\PSINProt.sys
22:04:20.0578 3380 PSINProt - ok
22:04:20.0593 3380 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:04:20.0671 3380 Ptilink - ok
22:04:20.0703 3380 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
22:04:20.0703 3380 PxHelp20 - ok
22:04:20.0718 3380 ql1080 - ok
22:04:20.0718 3380 Ql10wnt - ok
22:04:20.0718 3380 ql12160 - ok
22:04:20.0734 3380 ql1240 - ok
22:04:20.0734 3380 ql1280 - ok
22:04:20.0750 3380 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:04:20.0828 3380 RasAcd - ok
22:04:20.0859 3380 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:04:20.0921 3380 Rasl2tp - ok
22:04:20.0968 3380 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:04:21.0031 3380 RasPppoe - ok
22:04:21.0046 3380 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
22:04:21.0109 3380 Raspti - ok
22:04:21.0140 3380 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:04:21.0218 3380 Rdbss - ok
22:04:21.0234 3380 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:04:21.0296 3380 RDPCDD - ok
22:04:21.0328 3380 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
22:04:21.0406 3380 rdpdr - ok
22:04:21.0421 3380 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
22:04:21.0437 3380 RDPWD - ok
22:04:21.0468 3380 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
22:04:21.0531 3380 redbook - ok
22:04:21.0546 3380 RFCOMM (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys
22:04:21.0609 3380 RFCOMM - ok
22:04:21.0656 3380 RTLE8023xp (b0e1648aae1e59bdd0854af07a605399) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
22:04:21.0703 3380 RTLE8023xp - ok
22:04:21.0703 3380 RushTopDevice_J - ok
22:04:21.0750 3380 RVIEGVST (3c74d9fdb1d9831ec932e89f3d874f00) C:\Program Files\Roland\Virtual Sound Canvas VST\RVIEg01VST.sys
22:04:21.0765 3380 RVIEGVST ( UnsignedFile.Multi.Generic ) - warning
22:04:21.0765 3380 RVIEGVST - detected UnsignedFile.Multi.Generic (1)
22:04:21.0812 3380 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
22:04:21.0812 3380 SASDIFSV - ok
22:04:21.0843 3380 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
22:04:21.0859 3380 SASKUTIL - ok
22:04:21.0890 3380 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:04:21.0937 3380 Secdrv - ok
22:04:21.0953 3380 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
22:04:22.0031 3380 serenum - ok
22:04:22.0046 3380 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
22:04:22.0109 3380 Serial - ok
22:04:22.0140 3380 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
22:04:22.0218 3380 Sfloppy - ok
22:04:22.0218 3380 Simbad - ok
22:04:22.0250 3380 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
22:04:22.0312 3380 SLIP - ok
22:04:22.0343 3380 SmartDefragDriver (14bb60a4f1c5291217a05d5728c403e6) C:\WINDOWS\system32\Drivers\SmartDefragDriver.sys
22:04:22.0343 3380 SmartDefragDriver - ok
22:04:22.0359 3380 Sparrow - ok
22:04:22.0375 3380 speedfan (3fa2e254bfbce52b3c6f1bf23aab6911) C:\WINDOWS\system32\speedfan.sys
22:04:22.0390 3380 speedfan - ok
22:04:22.0406 3380 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
22:04:22.0484 3380 splitter - ok
22:04:22.0531 3380 sptd (f42efefb765235f24b24e1d2b6f99f46) C:\WINDOWS\System32\Drivers\sptd.sys
22:04:22.0531 3380 Suspicious file (NoAccess): C:\WINDOWS\System32\Drivers\sptd.sys. md5: f42efefb765235f24b24e1d2b6f99f46
22:04:22.0531 3380 sptd ( LockedFile.Multi.Generic ) - warning
22:04:22.0531 3380 sptd - detected LockedFile.Multi.Generic (1)
22:04:22.0562 3380 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
22:04:22.0593 3380 sr - ok
22:04:22.0625 3380 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
22:04:22.0671 3380 Srv - ok
22:04:22.0687 3380 StarOpen (e57b778208c783d8debab320c16a1b82) C:\WINDOWS\system32\drivers\StarOpen.sys
22:04:22.0703 3380 StarOpen ( UnsignedFile.Multi.Generic ) - warning
22:04:22.0703 3380 StarOpen - detected UnsignedFile.Multi.Generic (1)
22:04:22.0765 3380 StMp3Rec (e4549a29d12535721a0a5a636eabfdc4) C:\WINDOWS\system32\Drivers\StMp3Rec.sys
22:04:22.0781 3380 StMp3Rec ( UnsignedFile.Multi.Generic ) - warning
22:04:22.0781 3380 StMp3Rec - detected UnsignedFile.Multi.Generic (1)
22:04:22.0812 3380 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
22:04:22.0890 3380 streamip - ok
22:04:22.0906 3380 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
22:04:22.0968 3380 swenum - ok
22:04:23.0000 3380 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
22:04:23.0078 3380 swmidi - ok
22:04:23.0093 3380 symc810 - ok
22:04:23.0093 3380 symc8xx - ok
22:04:23.0093 3380 sym_hi - ok
22:04:23.0109 3380 sym_u3 - ok
22:04:23.0125 3380 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
22:04:23.0203 3380 sysaudio - ok
22:04:23.0218 3380 SysTool (0e4bb35c5305099ac82053ac992e3e0e) C:\WINDOWS\system32\DRIVERS\SysTool.sys
22:04:23.0234 3380 SysTool ( UnsignedFile.Multi.Generic ) - warning
22:04:23.0234 3380 SysTool - detected UnsignedFile.Multi.Generic (1)
22:04:23.0265 3380 tap0901 (d8c94d074fe516a8509dfa1d81f8ad17) C:\WINDOWS\system32\DRIVERS\tap0901.sys
22:04:23.0281 3380 tap0901 ( UnsignedFile.Multi.Generic ) - warning
22:04:23.0281 3380 tap0901 - detected UnsignedFile.Multi.Generic (1)
22:04:23.0328 3380 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:04:23.0343 3380 Tcpip - ok
22:04:23.0390 3380 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
22:04:23.0453 3380 TDPIPE - ok
22:04:23.0468 3380 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
22:04:23.0531 3380 TDTCP - ok
22:04:23.0562 3380 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
22:04:23.0625 3380 TermDD - ok
22:04:23.0640 3380 TosIde - ok
22:04:23.0671 3380 TrueSight (f69641efdb19acb4753b0155f7fdeed5) c:\windows\system32\drivers\TrueSight.sys
22:04:23.0671 3380 TrueSight ( UnsignedFile.Multi.Generic ) - warning
22:04:23.0671 3380 TrueSight - detected UnsignedFile.Multi.Generic (1)
22:04:23.0703 3380 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
22:04:23.0796 3380 Udfs - ok
22:04:23.0796 3380 ultra - ok
22:04:23.0828 3380 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
22:04:23.0906 3380 Update - ok
22:04:23.0921 3380 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
22:04:24.0000 3380 usbaudio - ok
22:04:24.0031 3380 usbbus (8ef48ff1c23b1ce6f96d09a45959eb20) C:\WINDOWS\system32\DRIVERS\lgusbbus.sys
22:04:24.0109 3380 usbbus - ok
22:04:24.0140 3380 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:04:24.0203 3380 usbccgp - ok
22:04:24.0234 3380 UsbDiag (a0e24c5c2d0cff04bbd3753a72fae80b) C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys
22:04:24.0265 3380 UsbDiag - ok
22:04:24.0265 3380 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:04:24.0328 3380 usbehci - ok
22:04:24.0359 3380 usbfilter (5294e3c91e723ecdbad9614ef02fd941) C:\WINDOWS\system32\DRIVERS\usbfilter.sys
22:04:24.0359 3380 usbfilter - ok
22:04:24.0421 3380 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:04:24.0484 3380 usbhub - ok
22:04:24.0515 3380 USBModem (cc09a1132b1f6a8362107cc134e90d0b) C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys
22:04:24.0531 3380 USBModem - ok
22:04:24.0546 3380 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
22:04:24.0625 3380 usbohci - ok
22:04:24.0640 3380 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:04:24.0703 3380 usbstor - ok
22:04:24.0734 3380 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
22:04:24.0812 3380 VgaSave - ok
22:04:24.0828 3380 ViaIde - ok
22:04:24.0843 3380 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
22:04:24.0921 3380 VolSnap - ok
22:04:24.0953 3380 w300bus (d4baa1ac8dcea1382e81aa6fe48cdd7c) C:\WINDOWS\system32\DRIVERS\w300bus.sys
22:04:24.0968 3380 w300bus ( UnsignedFile.Multi.Generic ) - warning
22:04:24.0968 3380 w300bus - detected UnsignedFile.Multi.Generic (1)
22:04:24.0984 3380 w300mdfl (12d415ab0ddd86c42cdc5f120a381f24) C:\WINDOWS\system32\DRIVERS\w300mdfl.sys
22:04:24.0984 3380 w300mdfl ( UnsignedFile.Multi.Generic ) - warning
22:04:24.0984 3380 w300mdfl - detected UnsignedFile.Multi.Generic (1)
22:04:25.0015 3380 w300mdm (f470d5e61ee7f951883f70d676551c89) C:\WINDOWS\system32\DRIVERS\w300mdm.sys
22:04:25.0015 3380 w300mdm ( UnsignedFile.Multi.Generic ) - warning
22:04:25.0015 3380 w300mdm - detected UnsignedFile.Multi.Generic (1)
22:04:25.0046 3380 w300mgmt (1b575b7384e22f5b278d3d7fc1bae682) C:\WINDOWS\system32\DRIVERS\w300mgmt.sys
22:04:25.0046 3380 w300mgmt ( UnsignedFile.Multi.Generic ) - warning
22:04:25.0046 3380 w300mgmt - detected UnsignedFile.Multi.Generic (1)
22:04:25.0062 3380 w300obex (a2bc36924ae02ca1e01ec39c99afea09) C:\WINDOWS\system32\DRIVERS\w300obex.sys
22:04:25.0062 3380 w300obex ( UnsignedFile.Multi.Generic ) - warning
22:04:25.0062 3380 w300obex - detected UnsignedFile.Multi.Generic (1)
22:04:25.0093 3380 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:04:25.0171 3380 Wanarp - ok
22:04:25.0187 3380 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\WINDOWS\system32\DRIVERS\wdcsam.sys
22:04:25.0218 3380 WDC_SAM - ok
22:04:25.0250 3380 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
22:04:25.0312 3380 wdmaud - ok
22:04:25.0343 3380 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
22:04:25.0406 3380 WmiAcpi - ok
22:04:25.0437 3380 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
22:04:25.0453 3380 WpdUsb - ok
22:04:25.0484 3380 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
22:04:25.0546 3380 WS2IFSL - ok
22:04:25.0562 3380 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
22:04:25.0640 3380 WSTCODEC - ok
22:04:25.0671 3380 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
22:04:25.0703 3380 WudfPf - ok
22:04:25.0718 3380 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
22:04:25.0734 3380 WudfRd - ok
22:04:25.0750 3380 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
22:04:25.0937 3380 \Device\Harddisk0\DR0 - ok
22:04:25.0968 3380 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk5\DR6
22:04:26.0078 3380 \Device\Harddisk5\DR6 - ok
22:04:26.0109 3380 MBR (0x1B8) (5fdf87052359115fa5743d194aaffd81) \Device\Harddisk6\DR7
22:04:35.0765 3380 \Device\Harddisk6\DR7 - ok
22:04:35.0765 3380 Boot (0x1200) (da32595cdf7ca6894ccbb87244617407) \Device\Harddisk0\DR0\Partition0
22:04:35.0765 3380 \Device\Harddisk0\DR0\Partition0 - ok
22:04:35.0765 3380 Boot (0x1200) (a8a9d48b51339860c40f046e2c5e5548) \Device\Harddisk5\DR6\Partition0
22:04:35.0765 3380 \Device\Harddisk5\DR6\Partition0 - ok
22:04:35.0765 3380 ============================================================
22:04:35.0765 3380 Scan finished
22:04:35.0765 3380 ============================================================
22:04:35.0875 3856 Detected object count: 25
22:04:35.0875 3856 Actual detected object count: 25
22:04:39.0281 3856 AFD ( UnsignedFile.Multi.Generic ) - skipped by user
22:04:39.0281 3856 AFD ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:04:39.0281 3856 Amfilter ( UnsignedFile.Multi.Generic ) - skipped by user
22:04:39.0281 3856 Amfilter ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:04:39.0281 3856 Amusbprt ( UnsignedFile.Multi.Generic ) - skipped by user
22:04:39.0281 3856 Amusbprt ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:04:39.0281 3856 Asapi ( UnsignedFile.Multi.Generic ) - skipped by user
22:04:39.0281 3856 Asapi ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:04:39.0281 3856 ASPI ( UnsignedFile.Multi.Generic ) - skipped by user
22:04:39.0281 3856 ASPI ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:04:39.0281 3856 Aspi32 ( UnsignedFile.Multi.Generic ) - skipped by user
22:04:39.0281 3856 Aspi32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:04:39.0281 3856 cpuidlep ( UnsignedFile.Multi.Generic ) - skipped by user
22:04:39.0281 3856 cpuidlep ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:04:39.0281 3856 giveio ( UnsignedFile.Multi.Generic ) - skipped by user
22:04:39.0281 3856 giveio ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:04:39.0281 3856 ISODisk ( UnsignedFile.Multi.Generic ) - skipped by user
22:04:39.0281 3856 ISODisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:04:39.0281 3856 ISODrive ( UnsignedFile.Multi.Generic ) - skipped by user
22:04:39.0281 3856 ISODrive ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:04:39.0281 3856 mcdbus ( UnsignedFile.Multi.Generic ) - skipped by user
22:04:39.0296 3856 mcdbus ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:04:39.0296 3856 MovRVDrv32 ( UnsignedFile.Multi.Generic ) - skipped by user
22:04:39.0296 3856 MovRVDrv32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:04:39.0296 3856 NTIOLib_1_0_4 ( UnsignedFile.Multi.Generic ) - skipped by user
22:04:39.0296 3856 NTIOLib_1_0_4 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:04:39.0296 3856 RVIEGVST ( UnsignedFile.Multi.Generic ) - skipped by user
22:04:39.0296 3856 RVIEGVST ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:04:39.0296 3856 sptd ( LockedFile.Multi.Generic ) - skipped by user
22:04:39.0296 3856 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
22:04:39.0296 3856 StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
22:04:39.0296 3856 StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:04:39.0296 3856 StMp3Rec ( UnsignedFile.Multi.Generic ) - skipped by user
22:04:39.0296 3856 StMp3Rec ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:04:39.0296 3856 SysTool ( UnsignedFile.Multi.Generic ) - skipped by user
22:04:39.0296 3856 SysTool ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:04:39.0296 3856 tap0901 ( UnsignedFile.Multi.Generic ) - skipped by user
22:04:39.0296 3856 tap0901 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:04:39.0296 3856 TrueSight ( UnsignedFile.Multi.Generic ) - skipped by user
22:04:39.0296 3856 TrueSight ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:04:39.0296 3856 w300bus ( UnsignedFile.Multi.Generic ) - skipped by user
22:04:39.0296 3856 w300bus ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:04:39.0296 3856 w300mdfl ( UnsignedFile.Multi.Generic ) - skipped by user
22:04:39.0296 3856 w300mdfl ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:04:39.0296 3856 w300mdm ( UnsignedFile.Multi.Generic ) - skipped by user
22:04:39.0296 3856 w300mdm ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:04:39.0296 3856 w300mgmt ( UnsignedFile.Multi.Generic ) - skipped by user
22:04:39.0296 3856 w300mgmt ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:04:39.0296 3856 w300obex ( UnsignedFile.Multi.Generic ) - skipped by user
22:04:39.0296 3856 w300obex ( UnsignedFile.Multi.Generic ) - User select action: Skip

jpopelka · #14 Příspěvek od **jpopelka** » 03 pro 2011 22:13

Toto je ještě ten log Aviry po tom prvním ataku.

Type: File
Source: C:\System Volume Information\_restore{CB086C99-0B6F-49CE-A8A1-AAEFA97FE907}\RP734\A1495454.exe
Status: Infected
Quarantine object: 4dcf4e87.qua
Restored: NO
Uploaded to Avira: NO
Operating System: Windows XP/VISTA Workstation/Windows 7
Search engine: 8.02.06.120
Virus definition file: 7.11.18.78
Detection: W32/PatchLoad.A
Date/Time: 26.11.2011, 14:54

Type: File
Source: C:\System Volume Information\_restore{CB086C99-0B6F-49CE-A8A1-AAEFA97FE907}\RP732\A1492081.ini
Status: Infected
Quarantine object: 4dcf4f85.qua
Restored: NO
Uploaded to Avira: NO
Operating System: Windows XP/VISTA Workstation/Windows 7
Search engine: 8.02.06.120
Virus definition file: 7.11.18.78
Detection: TR/ATRAPS.Gen2
Date/Time: 26.11.2011, 14:50

Type: File
Source: C:\System Volume Information\_restore{CB086C99-0B6F-49CE-A8A1-AAEFA97FE907}\RP732\A1492080.sys
Status: Infected
Quarantine object: 4dcf4f81.qua
Restored: NO
Uploaded to Avira: NO
Operating System: Windows XP/VISTA Workstation/Windows 7
Search engine: 8.02.06.120
Virus definition file: 7.11.18.78
Detection: TR/Rootkit.Gen2
Date/Time: 26.11.2011, 14:50

Type: File
Source: C:\System Volume Information\_restore{CB086C99-0B6F-49CE-A8A1-AAEFA97FE907}\RP732\A1491081.ini
Status: Infected
Quarantine object: 5558603a.qua
Restored: NO
Uploaded to Avira: NO
Operating System: Windows XP/VISTA Workstation/Windows 7
Search engine: 8.02.06.120
Virus definition file: 7.11.18.78
Detection: TR/ATRAPS.Gen2
Date/Time: 26.11.2011, 14:49

Type: File
Source: C:\System Volume Information\_restore{CB086C99-0B6F-49CE-A8A1-AAEFA97FE907}\RP732\A1491080.sys
Status: Infected
Quarantine object: 4dcf4f9d.qua
Restored: NO
Uploaded to Avira: NO
Operating System: Windows XP/VISTA Workstation/Windows 7
Search engine: 8.02.06.120
Virus definition file: 7.11.18.78
Detection: TR/Rootkit.Gen2
Date/Time: 26.11.2011, 14:49

Type: File
Source: C:\System Volume Information\_restore{CB086C99-0B6F-49CE-A8A1-AAEFA97FE907}\RP732\A1490824.exe
Status: Infected
Quarantine object: 4dcf4faf.qua
Restored: NO
Uploaded to Avira: NO
Operating System: Windows XP/VISTA Workstation/Windows 7
Search engine: 8.02.06.120
Virus definition file: 7.11.18.78
Detection: TR/Spy.53472.4
Date/Time: 26.11.2011, 14:49

Type: File
Source: C:\System Volume Information\_restore{CB086C99-0B6F-49CE-A8A1-AAEFA97FE907}\RP732\A1490826.exe
Status: Infected
Quarantine object: 4dcf4f4d.qua
Restored: NO
Uploaded to Avira: NO
Operating System: Windows XP/VISTA Workstation/Windows 7
Search engine: 8.02.06.120
Virus definition file: 7.11.18.78
Detection: W32/PatchLoad.A
Date/Time: 26.11.2011, 14:48

Type: File
Source: C:\System Volume Information\_restore{CB086C99-0B6F-49CE-A8A1-AAEFA97FE907}\RP731\A1488365.ini
Status: Infected
Quarantine object: 55166085.qua
Restored: NO
Uploaded to Avira: NO
Operating System: Windows XP/VISTA Workstation/Windows 7
Search engine: 8.02.06.116
Virus definition file: 7.11.17.224
Detection: TR/ATRAPS.Gen2
Date/Time: 26.11.2011, 14:47

Type: File
Source: C:\System Volume Information\_restore{CB086C99-0B6F-49CE-A8A1-AAEFA97FE907}\RP731\A1488364.sys
Status: Infected
Quarantine object: 4d814f22.qua
Restored: NO
Uploaded to Avira: NO
Operating System: Windows XP/VISTA Workstation/Windows 7
Search engine: 8.02.06.116
Virus definition file: 7.11.17.224
Detection: TR/Rootkit.Gen2
Date/Time: 26.11.2011, 14:47

Type: File
Source: C:\WINDOWS\system32\drivers\afd.sys
Status: Infected
Quarantine object: 538a9736.qua
Restored: NO
Uploaded to Avira: NO
Operating System: Windows XP/VISTA Workstation/Windows 7
Search engine: 8.02.06.116
Virus definition file: 7.11.18.04
Detection: TR/Rootkit.Gen2
Date/Time: 23.11.2011, 22:13

Type: File
Source: C:\WINDOWS\system32\wuauclt.exe
Status: Infected
Quarantine object: 4b13a8e0.qua
Restored: NO
Uploaded to Avira: NO
Operating System: Windows XP/VISTA Workstation/Windows 7
Search engine: 8.02.06.116
Virus definition file: 7.11.18.04
Detection: TR/Spy.53472.4
Date/Time: 23.11.2011, 22:13

Tu navrhovanou analýzu udělám až zítra, už jsem fakt vyprahlej.

jpopelka · #15 Příspěvek od **jpopelka** » 03 pro 2011 22:45

Posílám ještě report z Kaspersky Virus Removal Tool:

VIRY.CZ

avd.sys

avd.sys

Re: avd.sys

Re: avd.sys

Re: avd.sys

Re: avd.sys

Re: avd.sys

Re: avd.sys

Re: avd.sys

Re: avd.sys

Re: avd.sys

Re: avd.sys

Re: avd.sys

Re: avd.sys

Re: avd.sys

Re: avd.sys