Security shield - rostaVR6

[rostaVR6]

Ahoj,

mám stejný problém. Úřaduje mi v kompu Security Shield, bohužel dle návodu se nic nezměnilo. Nenašel jsem žádný soubor ucbsv.exe ... zkusil jsem i trojan killer,CCleaner, bohužel taky žádná změna. Prosím o pomoc, zrovna když potřebuju pracovat tak se to zesype, do cypa!

[rostaVR6]

Logfile of random's system information tool 1.09 (written by random/random)
Run by rostik at 2012-04-21 11:47:58
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 740 MB (15%) free of 5 GB
Total RAM: 895 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:48:07, on 21.4.2012
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
D:\ŠYSTÉM\Miranda IM\miranda32.exe
D:\ŠYSTÉM\RSIT.exe
C:\Program Files\trend micro\rostik.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.avg.com/?cid={55D59794-F ... 2012-04-08 21:28:22&v=10.2.0.3&sap=hp
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: 88.208.121.58 grower.cz
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [VirtualCloneDrive] "D:\ŠYSTÉM\virtualclone\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PeerBlock] G:\PeerBlock\peerblock.exe
O4 - HKCU\..\RunOnce: [gvbhxvilw] C:\DOCUME~1\rostik\LOCALS~1\DATAAP~1\gvbhxvilw.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (file missing) (HKCU)
O11 - Options group: [java_sun] Java (Sun)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Služba inteligentního přenosu na pozadí (BITS) - Unknown owner - C:\WINDOWS\
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (javaquickstarterservice) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe
O23 - Service: vToolbarUpdater10.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
O23 - Service: Automatické aktualizace (wuauserv) - Unknown owner - C:\WINDOWS\

--
End of file - 6448 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\rostik\Data aplikací\Mozilla\Firefox\Profiles\l2vd61ks.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}:6.0.14, {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}:6.0.19, jqs@sun.com:1.0, {25A1388B-6B18-46c3-BEBA-A81915D0DE8F}:1.7.4, personas@christopher.beard:1.6.2, onair_FM@marek.chrenko.net:3.5.1, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16, {a02c0c70-605c-11da-8cd6-0800200c9a66}:4.22"
prefs.js - "keyword.URL" - "http://isearch.avg.com/search?cid=%7B62 ... &sap=ku&q="

"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"avg@toolbar"=C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search\10.2.0.3\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.2.202.233 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/shockwaveplayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
avg-secure-search.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\rostik\Data aplikací\Mozilla\Firefox\Profiles\l2vd61ks.default\extensions\
personas@christopher.beard
{a02c0c70-605c-11da-8cd6-0800200c9a66}

C:\Documents and Settings\rostik\Data aplikací\Mozilla\Firefox\Profiles\l2vd61ks.default\searchplugins\
qipsearch.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - C:\Program Files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll [2012-04-08 1869152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{dbc80044-a445-435b-bc74-9c25c1c588a9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e7e6f031-17ce-4c07-bc86-eabfe594f69c}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-03-09 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll [2012-04-08 1869152]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-10-31 7634944]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-10-31 86016]
"C-Media Mixer"=Mixer.exe /startup []
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-05-26 413696]
"VirtualCloneDrive"=D:\ŠYSTÉM\virtualclone\VirtualCloneDrive\VCDDaemon.exe [2011-03-07 89456]
"vProt"=C:\Program Files\AVG Secure Search\vprot.exe [2012-04-08 982880]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
"PeerBlock"=G:\PeerBlock\peerblock.exe [2010-11-06 1867888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"gvbhxvilw"=C:\DOCUME~1\rostik\LOCALS~1\DATAAP~1\gvbhxvilw.exe []

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

C:\Documents and Settings\rostik\Nabídka Start\Programy\Po spuštění
RocketDock.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"D:\HRY\NBA\nba2005.exe"="D:\HRY\NBA\nba2005.exe:*:Enabled:NBA LIVE 2005"
"D:\ŠYSTÉM\QIP\qip.exe"="D:\ŠYSTÉM\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"D:\HRY\LieroX v0.56b Pack 1.7\LieroX.exe"="D:\HRY\LieroX v0.56b Pack 1.7\LieroX.exe:*:Enabled:LieroX"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Miranda IM\miranda32.exe"="C:\Program Files\Miranda IM\miranda32.exe:*:Enabled:Miranda IM"
"E:\HRY\CS\hl.exe"="E:\HRY\CS\hl.exe:*:Enabled:Half-Life Launcher"
"D:\Program Files\Microsoft Games\Rise of Nations\rise.exe"="D:\Program Files\Microsoft Games\Rise of Nations\rise.exe:*:Enabled:Rise of Nations"
"D:\ŠYSTÉM\Miranda IM\miranda32.exe"="D:\ŠYSTÉM\Miranda IM\miranda32.exe:*:Enabled:Miranda IM"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"E:\Program Files\Microsoft Games\Rise of Nations\rise.exe"="E:\Program Files\Microsoft Games\Rise of Nations\rise.exe:*:Enabled:Rise of Nations"
"G:\Smokin_Guns_1.0\Smokin' Guns\smokinguns.exe"="G:\Smokin_Guns_1.0\Smokin' Guns\smokinguns.exe:*:Enabled:smokinguns"
"C:\Program Files\Mozilla Firefox\plugin-container.exe"="C:\Program Files\Mozilla Firefox\plugin-container.exe:*:Enabled:Plugin Container for Firefox"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll

======List of files/folders created in the last 1 month======

2012-04-21 11:47:59 ----D---- C:\Program Files\trend micro
2012-04-21 11:47:58 ----D---- C:\rsit
2012-04-21 11:44:39 ----A---- C:\WINDOWS\system32\d3d9caps.dat
2012-04-21 11:04:14 ----D---- C:\Program Files\GridinSoft Trojan Killer
2012-04-21 11:03:08 ----A---- C:\WINDOWS\ntbtlog.txt
2012-04-21 10:49:27 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-04-21 10:36:27 ----SHD---- C:\WINDOWS\CSC
2012-04-08 21:28:23 ----D---- C:\Documents and Settings\rostik\Data aplikací\AVG Secure Search
2012-04-08 21:28:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search
2012-04-08 21:28:19 ----D---- C:\Program Files\Common Files\AVG Secure Search
2012-04-08 21:28:17 ----D---- C:\Program Files\AVG Secure Search
2012-04-08 21:27:43 ----HD---- C:\Documents and Settings\All Users\Data aplikací\Common Files
2012-04-07 08:41:18 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-04-01 12:03:41 ----D---- C:\Program Files\CCleaner
2012-03-23 19:09:28 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft

======List of files/folders modified in the last 1 month======

2012-04-21 11:47:59 ----RD---- C:\Program Files
2012-04-21 11:44:52 ----D---- C:\WINDOWS\system32
2012-04-21 11:27:52 ----D---- C:\WINDOWS\system32\CatRoot2
2012-04-21 11:16:40 ----D---- C:\WINDOWS\Temp
2012-04-21 11:16:39 ----HD---- C:\WINDOWS\inf
2012-04-21 11:16:37 ----D---- C:\WINDOWS
2012-04-21 11:13:10 ----D---- C:\WINDOWS\system32\drivers
2012-04-21 10:52:17 ----D---- C:\Documents and Settings\rostik\Data aplikací\uTorrent
2012-04-21 10:37:37 ----D---- C:\WINDOWS\Minidump
2012-04-21 10:37:36 ----SHD---- C:\RECYCLER
2012-04-21 10:36:59 ----D---- C:\Documents and Settings
2012-04-21 10:21:47 ----D---- C:\WINDOWS\Prefetch
2012-04-21 09:10:49 ----A---- C:\WINDOWS\ModemLog_Sériový kabel mezi dvěma počítači.txt
2012-04-17 15:59:33 ----SHD---- C:\WINDOWS\Installer
2012-04-15 09:00:49 ----D---- C:\Documents and Settings\rostik\Data aplikací\Skype
2012-04-15 08:31:15 ----D---- C:\Documents and Settings\rostik\Data aplikací\skypePM
2012-04-09 08:41:28 ----D---- C:\Program Files\Common Files\Pointstone
2012-04-08 21:28:19 ----D---- C:\Program Files\Common Files
2012-04-07 08:41:19 ----SD---- C:\WINDOWS\Tasks
2012-04-01 12:05:58 ----D---- C:\Documents and Settings\rostik\Data aplikací\Miranda
2012-04-01 12:05:49 ----D---- C:\WINDOWS\SoftwareDistribution
2012-03-31 08:07:09 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-03-08 43528]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x); C:\WINDOWS\System32\drivers\sfsync03.sys [2005-12-06 35328]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2008-07-01 716272]
R3 AR5211;TP-LINK Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2005-12-21 470048]
R3 hdaudbus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-10-25 9600]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2011-01-15 30208]
S1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-18 43008]
S1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2010-12-17 31088]
S1 f22439f7;f22439f7; C:\WINDOWS\System32\drivers\f22439f7.sys []
S3 cmpci;C-Media PCI Audio Driver (WDM); C:\WINDOWS\system32\drivers\cmaudio.sys [2002-03-01 373518]
S3 cpuz131;cpuz131; \??\C:\DOCUME~1\rostik\LOCALS~1\Temp\cpuz131\cpuz_x32.sys []
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 gmsipci;GMSIPCI; \??\H:\INSTALL\GMSIPCI.SYS []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2008-12-25 25280]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-10-31 3964256]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
S3 TrojanKillerDriver;GridinSoft Trojan Killer Driver; C:\WINDOWS\system32\DRIVERS\gtkdrv.sys [2012-01-04 16128]
S3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2004-08-17 12416]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 wpdusb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2007-07-24 229376]
S2 javaquickstarterservice;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-03-09 153376]
S2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-10-31 155715]
S2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S2 UserAccess7;SecuROM User Access Service (V7); C:\WINDOWS\system32\UAService7.exe [2008-04-17 221184]
S2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2004-08-17 14336]
S2 vToolbarUpdater10.2.0;vToolbarUpdater10.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe [2012-04-08 918880]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-14 253088]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]

-----------------EOF-----------------

[vyosek]

Zdravim a pekny den preji

Oddelil jsem vase prispevky od predchoziho tematu, at se nam to nemota

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

• Ukoncete vsechny programy
• Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
• Pockejte na dokonceni PreScanu
• Zvolte moznost Prohledat (scan)
• Po dokonceni skenu kliknete na Zpráva (Report)- otevre se log, ten sem vlozte

[rostaVR6]

RogueKiller V7.3.2 [03/20/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Operační systém: Windows XP (5.1.2600 Service Pack 2) 32 bits version
Spuštěno v: Nouzový režim s prací v síti
Uživatel: rostik [Práva správce]
Mód: Kontrola -- Datum: 04/21/2012 11:55:42

¤¤¤ Škodlivé procesy: 0 ¤¤¤

¤¤¤ Záznamy Registrů: 4 ¤¤¤
[HJ] HKLM\[...]\Security Center : UpdatesDisableNotify (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Zvláštní soubory / Složky: ¤¤¤
[FAKED] mf.sys : c:\windows\system32\drivers\mf.sys --> CANNOT FIX
[FAKED] nic1394.sys : c:\windows\system32\drivers\nic1394.sys --> CANNOT FIX
[FAKED] nwlnknb.sys : c:\windows\system32\drivers\nwlnknb.sys --> CANNOT FIX

¤¤¤ Ovladač: [NENAHRÁNO] ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
127.0.0.1 localhost
88.208.121.58 grower.cz


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ST380011A +++++
--- User ---
[MBR] 9130c66652b3da8f4abd2c965a55581d
[BSP] 01edada2fb75459820ef80f26b2a1e07 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 4996 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 10233405 | Size: 71311 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[1].txt >>
RKreport[1].txt

[vyosek]

Spustte znovu RogueKiller

• Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
• Zvolte moznost Prohledat a pote Smazat a nasledne Zprava - otevre se log, ten sem vlozte
• Pak kliknete na Oprava Host a Zprava - otevre se log, ten sem vlozte
• Pak kliknete na Oprava zastupcu

[rostaVR6]

Vistu ani Win7 nepoužívám, pouze mám skin Vista. To nemá vliv ne?

[vyosek]

Ne nema...Jen vas pred temi skiny varuji, obcas tak solidne rozhodi system ze to da do kupy jen format a cista instalace

[rostaVR6]

Aha, děkuju, klidně mi tykejte, páč jsem v tomhle opravdu amatér . Log po smazání:

RogueKiller V7.3.2 [03/20/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Operační systém: Windows XP (5.1.2600 Service Pack 2) 32 bits version
Spuštěno v: Nouzový režim s prací v síti
Uživatel: rostik [Práva správce]
Mód: Odebrat -- Datum: 04/21/2012 12:06:50

¤¤¤ Škodlivé procesy: 0 ¤¤¤

¤¤¤ Záznamy Registrů: 4 ¤¤¤
[HJ] HKLM\[...]\Security Center : UpdatesDisableNotify (1) -> REPLACED (0)
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Zvláštní soubory / Složky: ¤¤¤
[FAKED] mf.sys : c:\windows\system32\drivers\mf.sys --> CANNOT FIX
[FAKED] nic1394.sys : c:\windows\system32\drivers\nic1394.sys --> CANNOT FIX
[FAKED] nwlnknb.sys : c:\windows\system32\drivers\nwlnknb.sys --> CANNOT FIX

¤¤¤ Ovladač: [NENAHRÁNO] ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
127.0.0.1 localhost
88.208.121.58 grower.cz


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ST380011A +++++
--- User ---
[MBR] 9130c66652b3da8f4abd2c965a55581d
[BSP] 01edada2fb75459820ef80f26b2a1e07 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 4996 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 10233405 | Size: 71311 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt

[rostaVR6]

log po oprava host:

RogueKiller V7.3.2 [03/20/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Operační systém: Windows XP (5.1.2600 Service Pack 2) 32 bits version
Spuštěno v: Nouzový režim s prací v síti
Uživatel: rostik [Práva správce]
Mód: Oprava HOSTS -- Datum: 04/21/2012 12:08:34

¤¤¤ Škodlivé procesy: 0 ¤¤¤

¤¤¤ Ovladač: [NENAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
127.0.0.1 localhost
88.208.121.58 grower.cz


¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost

Dokončeno : << RKreport[4].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt

[rostaVR6]

Oprava zástupců dokončena...

[vyosek]

Mam navody napsane ve vykani, takze to budes muset prezit

Udelej novy sken RogueKillerem - volba Prohledat - pak Zprava a log sup sem...

Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe

• Kliknete na volbu Change parametrs
• V obou oknech (Objects to scan i Additional Option) zakliknete vsechny moznosti - ve vsech ctvereccich musi mit fajecka
• Kliknete na OK
• Utilite prikazte, at skenuje - klik na Start Scan
• Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip
• Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip
• Pokud mate vsude Skip, kliknete na Continue
• Na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt bude log - jeho obsah sem vlozte

[rostaVR6]

RogueKiller V7.3.2 [03/20/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Operační systém: Windows XP (5.1.2600 Service Pack 2) 32 bits version
Spuštěno v: Nouzový režim s prací v síti
Uživatel: rostik [Práva správce]
Mód: Kontrola -- Datum: 04/21/2012 12:15:01

¤¤¤ Škodlivé procesy: 0 ¤¤¤

¤¤¤ Záznamy Registrů: 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤
[FAKED] mf.sys : c:\windows\system32\drivers\mf.sys --> CANNOT FIX
[FAKED] nic1394.sys : c:\windows\system32\drivers\nic1394.sys --> CANNOT FIX
[FAKED] nwlnknb.sys : c:\windows\system32\drivers\nwlnknb.sys --> CANNOT FIX

¤¤¤ Ovladač: [NENAHRÁNO] ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ST380011A +++++
--- User ---
[MBR] 9130c66652b3da8f4abd2c965a55581d
[BSP] 01edada2fb75459820ef80f26b2a1e07 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 4996 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 10233405 | Size: 71311 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[6].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt ;
RKreport[6].txt



a jdu na tu instalačku TDSkill...

[vyosek]

Fajn, pockam na log z nej...

[rostaVR6]

12:16:23.0671 0232 TDSS rootkit removing tool 2.7.31.0 Apr 20 2012 19:49:47
12:16:24.0828 0232 ============================================================
12:16:24.0828 0232 Current date / time: 2012/04/21 12:16:24.0828
12:16:24.0828 0232 SystemInfo:
12:16:24.0828 0232
12:16:24.0828 0232 OS Version: 5.1.2600 ServicePack: 2.0
12:16:24.0828 0232 Product type: Workstation
12:16:24.0828 0232 ComputerName: ROSTIK-F500172C
12:16:24.0828 0232 UserName: rostik
12:16:24.0828 0232 Windows directory: C:\WINDOWS
12:16:24.0828 0232 System windows directory: C:\WINDOWS
12:16:24.0828 0232 Processor architecture: Intel x86
12:16:24.0828 0232 Number of processors: 1
12:16:24.0828 0232 Page size: 0x1000
12:16:24.0828 0232 Boot type: Safe boot with network
12:16:24.0828 0232 ============================================================
12:16:27.0140 0232 Drive \Device\Harddisk0\DR0 - Size: 0x12A1E0DE00 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
12:16:27.0140 0232 \Device\Harddisk0\DR0:
12:16:27.0140 0232 MBR partitions:
12:16:27.0140 0232 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x9C25FE
12:16:27.0156 0232 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x9C267C, BlocksNum 0x2711637
12:16:27.0171 0232 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x30D3CF2, BlocksNum 0x1F411B9
12:16:27.0187 0232 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x5014EEA, BlocksNum 0x2711637
12:16:27.0187 0232 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x7726560, BlocksNum 0x1DE40A0
12:16:27.0234 0232 D: <-> \Device\Harddisk0\DR0\Partition1
12:16:27.0265 0232 E: <-> \Device\Harddisk0\DR0\Partition2
12:16:27.0296 0232 F: <-> \Device\Harddisk0\DR0\Partition3
12:16:27.0343 0232 G: <-> \Device\Harddisk0\DR0\Partition4
12:16:27.0406 0232 C: <-> \Device\Harddisk0\DR0\Partition0
12:16:27.0406 0232 Initialize success
12:16:27.0406 0232 ============================================================
12:16:58.0953 1532 ============================================================
12:16:58.0953 1532 Scan started
12:16:58.0953 1532 Mode: Manual; SigCheck; TDLFS;
12:16:58.0953 1532 ============================================================
12:16:59.0812 1532 Abiosdsk - ok
12:16:59.0828 1532 abp480n5 - ok
12:16:59.0906 1532 ACPI (fa2fbcda96d2385f773b059fe5a125a6) C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:17:00.0125 1532 ACPI - ok
12:17:00.0218 1532 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
12:17:00.0343 1532 ACPIEC - ok
12:17:00.0453 1532 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:17:00.0468 1532 AdobeFlashPlayerUpdateSvc - ok
12:17:00.0546 1532 adpu160m - ok
12:17:00.0640 1532 aec (841f385c6cfaf66b58fbd898722bb4f0) C:\WINDOWS\system32\drivers\aec.sys
12:17:00.0796 1532 aec - ok
12:17:00.0890 1532 AFD (5ac495f4cb807b2b98ad2ad591e6d92e) C:\WINDOWS\System32\drivers\afd.sys
12:17:01.0062 1532 AFD - ok
12:17:01.0125 1532 Aha154x - ok
12:17:01.0250 1532 aic78u2 - ok
12:17:01.0328 1532 aic78xx - ok
12:17:01.0359 1532 Alerter (026ddaa7e6f8d49df82c7a98bae5d0d1) C:\WINDOWS\system32\alrsvc.dll
12:17:01.0484 1532 Alerter - ok
12:17:01.0578 1532 ALG (b3f690bf43f93a012a52f28f234faa1b) C:\WINDOWS\System32\alg.exe
12:17:01.0640 1532 ALG - ok
12:17:01.0687 1532 AliIde - ok
12:17:01.0718 1532 AmdK8 (f6f5e047369784e607f3a636ac576148) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
12:17:01.0734 1532 AmdK8 ( UnsignedFile.Multi.Generic ) - warning
12:17:01.0734 1532 AmdK8 - detected UnsignedFile.Multi.Generic (1)
12:17:01.0796 1532 amsint - ok
12:17:01.0859 1532 AppMgmt (421184f91eae5c6e78e653c6b32aae84) C:\WINDOWS\System32\appmgmts.dll
12:17:01.0921 1532 AppMgmt - ok
12:17:02.0015 1532 AR5211 (3cb8e72b7c9887b42b90000e8cb1e7be) C:\WINDOWS\system32\DRIVERS\ar5211.sys
12:17:02.0046 1532 AR5211 ( UnsignedFile.Multi.Generic ) - warning
12:17:02.0046 1532 AR5211 - detected UnsignedFile.Multi.Generic (1)
12:17:02.0093 1532 asc - ok
12:17:02.0125 1532 asc3350p - ok
12:17:02.0156 1532 asc3550 - ok
12:17:02.0187 1532 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:17:02.0312 1532 AsyncMac - ok
12:17:02.0390 1532 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
12:17:02.0531 1532 atapi - ok
12:17:02.0593 1532 Atdisk - ok
12:17:02.0640 1532 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:17:02.0781 1532 Atmarpc - ok
12:17:02.0843 1532 AudioSrv (40d78f514c8588ef12ec718d2af0fc4e) C:\WINDOWS\System32\audiosrv.dll
12:17:03.0000 1532 AudioSrv - ok
12:17:03.0078 1532 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
12:17:03.0187 1532 audstub - ok
12:17:03.0281 1532 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
12:17:03.0406 1532 Beep - ok
12:17:03.0484 1532 BITS (e774a26610ec92674273486612c11cfc) C:\WINDOWS\system32\qmgr.dll
12:17:03.0656 1532 BITS - ok
12:17:03.0703 1532 Bonjour Service (cfd4c3352e29a8b729536648466e8df5) C:\Program Files\Bonjour\mDNSResponder.exe
12:17:03.0734 1532 Bonjour Service ( UnsignedFile.Multi.Generic ) - warning
12:17:03.0734 1532 Bonjour Service - detected UnsignedFile.Multi.Generic (1)
12:17:03.0796 1532 Browser (f219e27e88107a50544153898dd8178e) C:\WINDOWS\System32\browser.dll
12:17:03.0906 1532 Browser - ok
12:17:03.0984 1532 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
12:17:04.0109 1532 cbidf2k - ok
12:17:04.0171 1532 cd20xrnt - ok
12:17:04.0203 1532 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
12:17:04.0343 1532 Cdaudio - ok
12:17:04.0406 1532 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
12:17:04.0546 1532 Cdfs - ok
12:17:04.0640 1532 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:17:04.0781 1532 Cdrom - ok
12:17:04.0812 1532 Changer - ok
12:17:04.0859 1532 CiSvc (9e21229e04e1d301bb40222fe4641cb2) C:\WINDOWS\system32\cisvc.exe
12:17:04.0984 1532 CiSvc - ok
12:17:05.0046 1532 ClipSrv (d3dc45553c8025338e08a60e95b1b91d) C:\WINDOWS\system32\clipsrv.exe
12:17:05.0187 1532 ClipSrv - ok
12:17:05.0234 1532 CmdIde - ok
12:17:05.0312 1532 cmpci (911967964ecddc4adaa37d2955f6876b) C:\WINDOWS\system32\drivers\cmaudio.sys
12:17:05.0343 1532 cmpci ( UnsignedFile.Multi.Generic ) - warning
12:17:05.0343 1532 cmpci - detected UnsignedFile.Multi.Generic (1)
12:17:05.0406 1532 COMSysApp - ok
12:17:05.0453 1532 Cpqarray - ok
12:17:05.0515 1532 cpuz131 - ok
12:17:05.0593 1532 CryptSvc (70d2a1756f4b2067658a186c963fcabd) C:\WINDOWS\System32\cryptsvc.dll
12:17:05.0734 1532 CryptSvc - ok
12:17:05.0796 1532 dac2w2k - ok
12:17:05.0843 1532 dac960nt - ok
12:17:05.0921 1532 DcomLaunch (c72c15ee57e248c66e57c76cab086cf2) C:\WINDOWS\system32\rpcss.dll
12:17:06.0093 1532 DcomLaunch - ok
12:17:06.0171 1532 Dhcp (562830efb7cf367fb773fea5256e67c8) C:\WINDOWS\System32\dhcpcsvc.dll
12:17:06.0296 1532 Dhcp - ok
12:17:06.0375 1532 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
12:17:06.0531 1532 Disk - ok
12:17:06.0562 1532 dmadmin - ok
12:17:06.0640 1532 dmboot (e1968edec81c430108feb23ab07bdb14) C:\WINDOWS\system32\drivers\dmboot.sys
12:17:06.0781 1532 dmboot - ok
12:17:06.0859 1532 dmio (1b1520a82e396e46b9ae9fa6b03ff6c6) C:\WINDOWS\system32\drivers\dmio.sys
12:17:06.0984 1532 dmio - ok
12:17:07.0062 1532 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
12:17:07.0187 1532 dmload - ok
12:17:07.0265 1532 dmserver (7b3ca72885923eb947221f17f3e3ac59) C:\WINDOWS\System32\dmserver.dll
12:17:07.0390 1532 dmserver - ok
12:17:07.0468 1532 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
12:17:07.0593 1532 DMusic - ok
12:17:07.0687 1532 Dnscache (f605b3f5674d67587c4b6c9e92a3e025) C:\WINDOWS\System32\dnsrslvr.dll
12:17:07.0828 1532 Dnscache - ok
12:17:07.0890 1532 dpti2o - ok
12:17:07.0953 1532 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
12:17:08.0078 1532 drmkaud - ok
12:17:08.0140 1532 ElbyCDIO (d71233d7ccc2e64f8715a20428d5a33b) C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
12:17:30.0953 1532 ElbyCDIO - ok
12:17:31.0015 1532 ERSvc (d6f7428b201e33bc80066b47144cb568) C:\WINDOWS\System32\ersvc.dll
12:17:31.0140 1532 ERSvc - ok
12:17:31.0234 1532 Eventlog (6e401e61f952fbbf708afbecefafae81) C:\WINDOWS\system32\services.exe
12:17:31.0359 1532 Eventlog - ok
12:17:31.0453 1532 EventSystem (972378b907070f64932a87c90a035487) C:\WINDOWS\system32\es.dll
12:17:31.0578 1532 EventSystem - ok
12:17:31.0671 1532 f22439f7 - ok
12:17:31.0750 1532 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
12:17:31.0890 1532 Fastfat - ok
12:17:31.0968 1532 FastUserSwitchingCompatibility (8ba76bd2a943f642f267a296a15776d2) C:\WINDOWS\System32\shsvcs.dll
12:17:32.0109 1532 FastUserSwitchingCompatibility - ok
12:17:32.0187 1532 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\drivers\Fdc.sys
12:17:32.0312 1532 Fdc - ok
12:17:32.0375 1532 Fips (266dab58619b17bdf37fabbd48d875ca) C:\WINDOWS\system32\drivers\Fips.sys
12:17:32.0515 1532 Fips - ok
12:17:32.0593 1532 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\drivers\Flpydisk.sys
12:17:32.0734 1532 Flpydisk - ok
12:17:32.0828 1532 FltMgr (157754f0df355a9e0a6f54721914f9c6) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
12:17:32.0953 1532 FltMgr - ok
12:17:33.0031 1532 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:17:33.0171 1532 Fs_Rec - ok
12:17:33.0234 1532 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:17:33.0343 1532 Ftdisk - ok
12:17:33.0421 1532 gameenum (5f92fd09e5610a5995da7d775eadcd12) C:\WINDOWS\system32\DRIVERS\gameenum.sys
12:17:33.0546 1532 gameenum - ok
12:17:33.0578 1532 gdrv (54789f9ba0d59072cdd4e7c200e122c4) C:\WINDOWS\gdrv.sys
12:17:33.0593 1532 gdrv - ok
12:17:33.0609 1532 gmsipci - ok
12:17:33.0687 1532 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:17:33.0812 1532 Gpc - ok
12:17:33.0890 1532 hamachi (7929a161f9951d173ca9900fe7067391) C:\WINDOWS\system32\DRIVERS\hamachi.sys
12:17:33.0906 1532 hamachi - ok
12:17:34.0000 1532 hdaudbus (3fcc124b6e08ee0e9351f717dd136939) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
12:17:34.0031 1532 hdaudbus - ok
12:17:34.0109 1532 helpsvc (f59152272782fed8a8197fa788287f68) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
12:17:34.0250 1532 helpsvc - ok
12:17:34.0296 1532 HidServ - ok
12:17:34.0359 1532 hidusb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
12:17:34.0484 1532 hidusb - ok
12:17:34.0531 1532 hpn - ok
12:17:34.0578 1532 HTTP (c19b522a9ae0bbc3293397f3055e80a1) C:\WINDOWS\system32\Drivers\HTTP.sys
12:17:34.0718 1532 HTTP - ok
12:17:34.0796 1532 HTTPFilter (da826826c5c9116f47e0cd0ca8cc7c11) C:\WINDOWS\System32\w3ssl.dll
12:17:34.0921 1532 HTTPFilter - ok
12:17:34.0984 1532 i2omgmt - ok
12:17:35.0015 1532 i2omp - ok
12:17:35.0109 1532 i8042prt (0f42de9909b5dbf2c48dd1a79d491af5) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
12:17:35.0234 1532 i8042prt - ok
12:17:35.0296 1532 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
12:17:35.0312 1532 IDriverT ( UnsignedFile.Multi.Generic ) - warning
12:17:35.0312 1532 IDriverT - detected UnsignedFile.Multi.Generic (1)
12:17:35.0406 1532 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
12:17:35.0531 1532 Imapi - ok
12:17:35.0625 1532 ImapiService (cf9d286b34cb4912f3b28b4972d5cb33) C:\WINDOWS\system32\imapi.exe
12:17:35.0750 1532 ImapiService - ok
12:17:35.0812 1532 ini910u - ok
12:17:35.0875 1532 IntelIde - ok
12:17:35.0937 1532 Ip6Fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
12:17:36.0062 1532 Ip6Fw - ok
12:17:36.0156 1532 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:17:36.0265 1532 IpFilterDriver - ok
12:17:36.0343 1532 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:17:36.0468 1532 IpInIp - ok
12:17:36.0546 1532 IpNat (b5a8e215ac29d24d60b4d1250ef05ace) C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:17:36.0671 1532 IpNat - ok
12:17:36.0750 1532 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:17:36.0859 1532 IPSec - ok
12:17:36.0953 1532 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
12:17:37.0000 1532 IRENUM - ok
12:17:37.0078 1532 isapnp (1091528512e4dd7ed5fddcc4df1c53d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:17:37.0203 1532 isapnp - ok
12:17:37.0281 1532 javaquickstarterservice (74e30a41cdcf331c74bc4d97be40cc5b) C:\Program Files\Java\jre6\bin\jqs.exe
12:17:37.0296 1532 javaquickstarterservice - ok
12:17:37.0359 1532 Kbdclass (6f877bf8dc01a550cd666f3bedb2213c) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:17:37.0500 1532 Kbdclass - ok
12:17:37.0593 1532 kmixer (d93cad07c5683db066b0b2d2d3790ead) C:\WINDOWS\system32\drivers\kmixer.sys
12:17:37.0718 1532 kmixer - ok
12:17:37.0796 1532 KSecDD (eb7ffe87fd367ea8fca0506f74a87fbb) C:\WINDOWS\system32\drivers\KSecDD.sys
12:17:37.0921 1532 KSecDD - ok
12:17:38.0015 1532 lanmanserver (6d6bdd68b775986577c48a8df961a05c) C:\WINDOWS\System32\srvsvc.dll
12:17:38.0125 1532 lanmanserver - ok
12:17:38.0203 1532 lanmanworkstation (69b0569aae33f0d5057ca0e8577aaf07) C:\WINDOWS\System32\wkssvc.dll
12:17:38.0312 1532 lanmanworkstation - ok
12:17:38.0359 1532 lbrtfdc - ok
12:17:38.0453 1532 LmHosts (f9ee6d2aab0690b34ae35ba9921a1414) C:\WINDOWS\System32\lmhsvc.dll
12:17:38.0578 1532 LmHosts - ok
12:17:38.0656 1532 Messenger (8b2fcbd881879b55be40b41f12ffc431) C:\WINDOWS\System32\msgsvc.dll
12:17:38.0750 1532 Messenger - ok
12:17:38.0843 1532 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
12:17:38.0953 1532 mnmdd - ok
12:17:39.0015 1532 mnmsrvc (7d137132d6a9b41ef800e59a771ed48c) C:\WINDOWS\system32\mnmsrvc.exe
12:17:39.0140 1532 mnmsrvc - ok
12:17:39.0218 1532 Modem (60210deb037846afe521ebf349964f6b) C:\WINDOWS\system32\drivers\Modem.sys
12:17:39.0328 1532 Modem - ok
12:17:39.0406 1532 Mouclass (b160ec94114715675509115986400fd9) C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:17:39.0531 1532 Mouclass - ok
12:17:39.0593 1532 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
12:17:39.0703 1532 mouhid - ok
12:17:39.0734 1532 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
12:17:39.0843 1532 MountMgr - ok
12:17:39.0906 1532 mraid35x - ok
12:17:39.0968 1532 MRxDAV (46edcc8f2db2f322c24f48785cb46366) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:17:40.0093 1532 MRxDAV - ok
12:17:40.0187 1532 MRxSmb (1fd607fc67f7f7c633c3da65bfc53d18) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:17:40.0312 1532 MRxSmb - ok
12:17:40.0406 1532 MSDTC (944a24032aed84c59455b981f6ca1c1a) C:\WINDOWS\system32\msdtc.exe
12:17:40.0531 1532 MSDTC - ok
12:17:40.0625 1532 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
12:17:40.0750 1532 Msfs - ok
12:17:40.0796 1532 MSIServer - ok
12:17:40.0859 1532 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:17:40.0953 1532 MSKSSRV - ok
12:17:41.0046 1532 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:17:41.0156 1532 MSPCLOCK - ok
12:17:41.0234 1532 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
12:17:41.0343 1532 MSPQM - ok
12:17:41.0406 1532 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:17:41.0531 1532 mssmbios - ok
12:17:41.0625 1532 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
12:17:41.0718 1532 Mup - ok
12:17:41.0812 1532 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
12:17:41.0921 1532 NDIS - ok
12:17:42.0000 1532 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:17:42.0109 1532 NdisTapi - ok
12:17:42.0203 1532 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:17:42.0296 1532 Ndisuio - ok
12:17:42.0390 1532 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:17:42.0500 1532 NdisWan - ok
12:17:42.0593 1532 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
12:17:42.0718 1532 NDProxy - ok
12:17:42.0796 1532 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
12:17:42.0890 1532 NetBIOS - ok
12:17:42.0984 1532 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
12:17:43.0093 1532 NetBT - ok
12:17:43.0203 1532 NetDDE (818053225bf4aac5f0f718001e492f70) C:\WINDOWS\system32\netdde.exe
12:17:43.0296 1532 NetDDE - ok
12:17:43.0312 1532 NetDDEdsdm (818053225bf4aac5f0f718001e492f70) C:\WINDOWS\system32\netdde.exe
12:17:43.0421 1532 NetDDEdsdm - ok
12:17:43.0484 1532 Netlogon (82a362fe1d4980b71b588d9c10748511) C:\WINDOWS\system32\lsass.exe
12:17:43.0593 1532 Netlogon - ok
12:17:43.0687 1532 Netman (af342d2781225a8769686e0d47e3123e) C:\WINDOWS\System32\netman.dll
12:17:43.0796 1532 Netman - ok
12:17:43.0906 1532 Nla (64c078bd4efd441c3f159edc5ea4420a) C:\WINDOWS\System32\mswsock.dll
12:17:44.0015 1532 Nla - ok
12:17:44.0109 1532 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
12:17:44.0203 1532 Npfs - ok
12:17:44.0312 1532 Ntfs (b78be402c3f63dd55521f73876951cdd) C:\WINDOWS\system32\drivers\Ntfs.sys
12:17:44.0421 1532 Ntfs - ok
12:17:44.0500 1532 NtLmSsp (82a362fe1d4980b71b588d9c10748511) C:\WINDOWS\system32\lsass.exe
12:17:44.0609 1532 NtLmSsp - ok
12:17:44.0718 1532 NtmsSvc (d8d2b13ba93ae830b1a637df571d1195) C:\WINDOWS\system32\ntmssvc.dll
12:17:44.0859 1532 NtmsSvc - ok
12:17:44.0968 1532 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
12:17:45.0062 1532 Null - ok
12:17:45.0234 1532 nv (eb2858f920b8135b807b5ccaa3ed73dc) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
12:17:45.0453 1532 nv ( UnsignedFile.Multi.Generic ) - warning
12:17:45.0453 1532 nv - detected UnsignedFile.Multi.Generic (1)
12:17:45.0531 1532 NVSvc (36032035fa55f030d55237d5c639a81d) C:\WINDOWS\system32\nvsvc32.exe
12:17:45.0546 1532 NVSvc ( UnsignedFile.Multi.Generic ) - warning
12:17:45.0546 1532 NVSvc - detected UnsignedFile.Multi.Generic (1)
12:17:45.0640 1532 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:17:45.0750 1532 NwlnkFlt - ok
12:17:45.0828 1532 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:17:45.0937 1532 NwlnkFwd - ok
12:17:46.0015 1532 Parport (76a18caa2fefb28a4ced38d76837e86e) C:\WINDOWS\system32\DRIVERS\parport.sys
12:17:46.0125 1532 Parport - ok
12:17:46.0203 1532 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
12:17:46.0312 1532 PartMgr - ok
12:17:46.0375 1532 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
12:17:46.0468 1532 ParVdm - ok
12:17:46.0546 1532 PCI (b7979f37bb7b9df2230046134955e6e7) C:\WINDOWS\system32\DRIVERS\pci.sys
12:17:46.0671 1532 PCI - ok
12:17:46.0734 1532 PCIDump - ok
12:17:46.0781 1532 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
12:17:46.0875 1532 PCIIde - ok
12:17:47.0015 1532 Pcmcia (90505755634407d4ef4c6dea60fc1df9) C:\WINDOWS\system32\drivers\Pcmcia.sys
12:17:47.0140 1532 Pcmcia - ok
12:17:47.0187 1532 PDCOMP - ok
12:17:47.0218 1532 PDFRAME - ok
12:17:47.0250 1532 PDRELI - ok
12:17:47.0281 1532 PDRFRAME - ok
12:17:47.0312 1532 perc2 - ok
12:17:47.0343 1532 perc2hib - ok
12:17:47.0437 1532 PlugPlay (6e401e61f952fbbf708afbecefafae81) C:\WINDOWS\system32\services.exe
12:17:47.0531 1532 PlugPlay - ok
12:17:47.0609 1532 PolicyAgent (82a362fe1d4980b71b588d9c10748511) C:\WINDOWS\system32\lsass.exe
12:17:47.0718 1532 PolicyAgent - ok
12:17:47.0812 1532 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:17:47.0921 1532 PptpMiniport - ok
12:17:48.0000 1532 Processor (9a10e4fd13824823da50d4758bd0a645) C:\WINDOWS\system32\DRIVERS\processr.sys
12:17:48.0093 1532 Processor - ok
12:17:48.0171 1532 ProtectedStorage (82a362fe1d4980b71b588d9c10748511) C:\WINDOWS\system32\lsass.exe
12:17:48.0265 1532 ProtectedStorage - ok
12:17:48.0343 1532 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
12:17:48.0453 1532 PSched - ok
12:17:48.0531 1532 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:17:48.0640 1532 Ptilink - ok
12:17:48.0718 1532 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
12:17:48.0718 1532 PxHelp20 - ok
12:17:48.0796 1532 ql1080 - ok
12:17:48.0843 1532 Ql10wnt - ok
12:17:48.0890 1532 ql12160 - ok
12:17:48.0937 1532 ql1240 - ok
12:17:49.0000 1532 ql1280 - ok
12:17:49.0062 1532 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:17:49.0187 1532 RasAcd - ok
12:17:49.0265 1532 RasAuto (e68b6f9a726a444059705ab43b5656d1) C:\WINDOWS\System32\rasauto.dll
12:17:49.0375 1532 RasAuto - ok
12:17:49.0468 1532 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:17:49.0562 1532 Rasl2tp - ok
12:17:49.0640 1532 RasMan (6e519d777c91e90592403c9f981fdf03) C:\WINDOWS\System32\rasmans.dll
12:17:49.0765 1532 RasMan - ok
12:17:49.0859 1532 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:17:49.0984 1532 RasPppoe - ok
12:17:50.0078 1532 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
12:17:50.0203 1532 Raspti - ok
12:17:50.0281 1532 Rdbss (29d66245adba878fff574cd66abd2884) C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:17:50.0375 1532 Rdbss - ok
12:17:50.0468 1532 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:17:50.0562 1532 RDPCDD - ok
12:17:50.0656 1532 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
12:17:50.0781 1532 rdpdr - ok
12:17:50.0859 1532 RDPWD (d4f5643d7714ef499ae9527fdcd50894) C:\WINDOWS\system32\drivers\RDPWD.sys
12:17:50.0968 1532 RDPWD - ok
12:17:51.0062 1532 RDSessMgr (125acf258da9633f748131a0e0185af3) C:\WINDOWS\system32\sessmgr.exe
12:17:51.0171 1532 RDSessMgr - ok
12:17:51.0250 1532 redbook (aba13d33e1f888c9a68599a48a8840d6) C:\WINDOWS\system32\DRIVERS\redbook.sys
12:17:51.0343 1532 redbook - ok
12:17:51.0421 1532 RemoteAccess (eb5e1a601e5a1908a87e4d5a41803d98) C:\WINDOWS\System32\mprdim.dll
12:17:51.0515 1532 RemoteAccess - ok
12:17:51.0609 1532 RemoteRegistry (5b21208fcf8970bb61fe98e19d828714) C:\WINDOWS\system32\regsvc.dll
12:17:51.0718 1532 RemoteRegistry - ok
12:17:51.0812 1532 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
12:17:51.0906 1532 ROOTMODEM - ok
12:17:51.0984 1532 RpcLocator (c8a3b668985d61249f2dc71716c58de8) C:\WINDOWS\system32\locator.exe
12:17:52.0093 1532 RpcLocator - ok
12:17:52.0187 1532 RpcSs (c72c15ee57e248c66e57c76cab086cf2) C:\WINDOWS\system32\rpcss.dll
12:17:52.0328 1532 RpcSs - ok
12:17:52.0421 1532 RSVP (09ab2e71e58b078038e3bfdba7ffc984) C:\WINDOWS\system32\rsvp.exe
12:17:52.0531 1532 RSVP - ok
12:17:52.0593 1532 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
12:17:52.0687 1532 rtl8139 - ok
12:17:52.0750 1532 SamSs (82a362fe1d4980b71b588d9c10748511) C:\WINDOWS\system32\lsass.exe
12:17:52.0843 1532 SamSs - ok
12:17:52.0906 1532 SCardSvr (c177354e995cc1aa1f767bcd9980434a) C:\WINDOWS\System32\SCardSvr.exe
12:17:53.0015 1532 SCardSvr - ok
12:17:53.0109 1532 Schedule (29ac93307c6182dbe336bca314947f28) C:\WINDOWS\system32\schedsvc.dll
12:17:53.0203 1532 Schedule - ok
12:17:53.0281 1532 seclogon (c76cb8a133374fac6805f83ff7b7da03) C:\WINDOWS\System32\seclogon.dll
12:17:53.0390 1532 seclogon - ok
12:17:53.0468 1532 SENS (220ad85ba9c5b3011296354011b901cc) C:\WINDOWS\system32\sens.dll
12:17:53.0578 1532 SENS - ok
12:17:53.0671 1532 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys
12:17:53.0781 1532 serenum - ok
12:17:53.0875 1532 Serial (c1ddbc85251551a840212999da3d95f3) C:\WINDOWS\system32\DRIVERS\serial.sys
12:17:53.0968 1532 Serial - ok
12:17:54.0031 1532 sfdrv01 (4c0d673281178cb496011a2e28571fc8) C:\WINDOWS\system32\drivers\sfdrv01.sys
12:17:54.0031 1532 sfdrv01 ( UnsignedFile.Multi.Generic ) - warning
12:17:54.0031 1532 sfdrv01 - detected UnsignedFile.Multi.Generic (1)
12:17:54.0093 1532 sfhlp02 (15be2b5e4dc5b8623cf167720682abc9) C:\WINDOWS\system32\drivers\sfhlp02.sys
12:17:54.0109 1532 sfhlp02 ( UnsignedFile.Multi.Generic ) - warning
12:17:54.0109 1532 sfhlp02 - detected UnsignedFile.Multi.Generic (1)
12:17:54.0187 1532 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys
12:17:54.0296 1532 Sfloppy - ok
12:17:54.0359 1532 sfsync03 (b27f70092a84b2a381d1fcdbbb82f876) C:\WINDOWS\system32\drivers\sfsync03.sys
12:17:54.0390 1532 sfsync03 ( UnsignedFile.Multi.Generic ) - warning
12:17:54.0390 1532 sfsync03 - detected UnsignedFile.Multi.Generic (1)
12:17:54.0468 1532 SharedAccess (6a93501bcdebf159109429b022c0ff83) C:\WINDOWS\System32\ipnathlp.dll
12:17:54.0609 1532 SharedAccess - ok
12:17:54.0687 1532 ShellHWDetection (8ba76bd2a943f642f267a296a15776d2) C:\WINDOWS\System32\shsvcs.dll
12:17:54.0796 1532 ShellHWDetection - ok
12:17:54.0875 1532 Simbad - ok
12:17:54.0937 1532 Sparrow - ok
12:17:55.0031 1532 splitter (8e186b8f23295d1e42c573b82b80d548) C:\WINDOWS\system32\drivers\splitter.sys
12:17:55.0125 1532 splitter - ok
12:17:55.0218 1532 Spooler (21b6faa88044a41640e03ebb68be93e8) C:\WINDOWS\system32\spoolsv.exe
12:17:55.0312 1532 Spooler - ok
12:17:55.0421 1532 sptd (7f1b7c4d446cd3f926af45b8c48bd593) C:\WINDOWS\system32\Drivers\sptd.sys
12:17:55.0421 1532 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: 7f1b7c4d446cd3f926af45b8c48bd593
12:17:55.0421 1532 sptd ( LockedFile.Multi.Generic ) - warning
12:17:55.0421 1532 sptd - detected LockedFile.Multi.Generic (1)
12:17:55.0515 1532 sr (a74035ea526db97d9d50d2143a55f5cf) C:\WINDOWS\system32\DRIVERS\sr.sys
12:17:55.0578 1532 sr - ok
12:17:55.0671 1532 srservice (3cd57f31a64d32fdb28918b16d1e6aac) C:\WINDOWS\system32\srsvc.dll
12:17:55.0718 1532 srservice - ok
12:17:55.0828 1532 Srv (20b7e396720353e4117d64d9dcb926ca) C:\WINDOWS\system32\DRIVERS\srv.sys
12:17:55.0921 1532 Srv - ok
12:17:56.0000 1532 SSDPSRV (88c28f53f53438dafcd95e99c837c61e) C:\WINDOWS\System32\ssdpsrv.dll
12:17:56.0062 1532 SSDPSRV - ok
12:17:56.0140 1532 stisvc (0645ccdddd27f96eea3534c1def736d9) C:\WINDOWS\system32\wiaservc.dll
12:17:56.0265 1532 stisvc - ok
12:17:56.0359 1532 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
12:17:56.0453 1532 swenum - ok
12:17:56.0546 1532 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
12:17:56.0625 1532 swmidi - ok
12:17:56.0687 1532 SwPrv - ok
12:17:56.0718 1532 symc810 - ok
12:17:56.0765 1532 symc8xx - ok
12:17:56.0796 1532 sym_hi - ok
12:17:56.0828 1532 sym_u3 - ok
12:17:56.0890 1532 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
12:17:56.0984 1532 sysaudio - ok
12:17:57.0078 1532 SysmonLog (d9c9ecff4904e6151525c533aeedf8f4) C:\WINDOWS\system32\smlogsvc.exe
12:17:57.0171 1532 SysmonLog - ok
12:17:57.0250 1532 TapiSrv (37162d29cd61519e6f5ea0de99786ff6) C:\WINDOWS\System32\tapisrv.dll
12:17:57.0359 1532 TapiSrv - ok
12:17:57.0437 1532 Tcpip (c81d6a930a7805f6daa0c7902b99037e) C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:17:57.0484 1532 Tcpip ( UnsignedFile.Multi.Generic ) - warning
12:17:57.0484 1532 Tcpip - detected UnsignedFile.Multi.Generic (1)
12:17:57.0562 1532 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
12:17:57.0671 1532 TDPIPE - ok
12:17:57.0734 1532 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
12:17:57.0843 1532 TDTCP - ok
12:17:57.0953 1532 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
12:17:58.0062 1532 TermDD - ok
12:17:58.0140 1532 TermService (2f5919f2f6ee7a845893d9c3aa2bc56a) C:\WINDOWS\System32\termsrv.dll
12:17:58.0250 1532 TermService - ok
12:17:58.0312 1532 Themes (8ba76bd2a943f642f267a296a15776d2) C:\WINDOWS\System32\shsvcs.dll
12:17:58.0406 1532 Themes - ok
12:17:58.0500 1532 TlntSvr (535c2fb97336bafa509f4783dd1e5746) C:\WINDOWS\system32\tlntsvr.exe
12:17:58.0562 1532 TlntSvr - ok
12:17:58.0656 1532 TosIde - ok
12:17:58.0718 1532 TrkWks (4dce17221b1a87fb47e36842f3e38753) C:\WINDOWS\system32\trkwks.dll
12:17:58.0828 1532 TrkWks - ok
12:17:58.0921 1532 TrojanKillerDriver (113384367c3999e084fe156b18c7625e) C:\WINDOWS\system32\DRIVERS\gtkdrv.sys
12:17:58.0921 1532 TrojanKillerDriver - ok
12:17:59.0031 1532 TrueSight (1512d11c1e1e37a4ae2e2b62794f0d2e) c:\windows\system32\drivers\TrueSight.sys
12:17:59.0046 1532 TrueSight ( UnsignedFile.Multi.Generic ) - warning
12:17:59.0046 1532 TrueSight - detected UnsignedFile.Multi.Generic (1)
12:17:59.0140 1532 tunmp (87a0e9e18c10a9e454238e3330e2a26d) C:\WINDOWS\system32\DRIVERS\tunmp.sys
12:17:59.0250 1532 tunmp - ok
12:17:59.0328 1532 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
12:17:59.0437 1532 Udfs - ok
12:17:59.0515 1532 ultra - ok
12:17:59.0578 1532 UMWdf (ab0a7ca90d9e3d6a193905dc1715ded0) C:\WINDOWS\system32\wdfmgr.exe
12:17:59.0609 1532 UMWdf - ok
12:17:59.0687 1532 Update (aff2e5045961bbc0a602bb6f95eb1345) C:\WINDOWS\system32\DRIVERS\update.sys
12:17:59.0796 1532 Update - ok
12:17:59.0875 1532 upnphost (984fc1518b0d5b31d76f0e63608e0500) C:\WINDOWS\System32\upnphost.dll
12:17:59.0937 1532 upnphost - ok
12:18:00.0015 1532 UPS (6148a3ba4d9cc628357fc92014fea30e) C:\WINDOWS\System32\ups.exe
12:18:00.0125 1532 UPS - ok
12:18:00.0218 1532 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
12:18:00.0312 1532 usbccgp - ok
12:18:00.0390 1532 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:18:00.0484 1532 usbehci - ok
12:18:00.0562 1532 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:18:00.0671 1532 usbhub - ok
12:18:00.0765 1532 usbohci (bdfe799a8531bad8a5a985821fe78760) C:\WINDOWS\system32\DRIVERS\usbohci.sys
12:18:00.0859 1532 usbohci - ok
12:18:00.0953 1532 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys
12:18:01.0046 1532 usbscan - ok
12:18:01.0140 1532 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:18:01.0234 1532 USBSTOR - ok
12:18:01.0312 1532 UserAccess7 (d40a2f00da5a23a254c7b9c1678043c1) C:\WINDOWS\system32\UAService7.exe
12:18:01.0328 1532 UserAccess7 ( UnsignedFile.Multi.Generic ) - warning
12:18:01.0328 1532 UserAccess7 - detected UnsignedFile.Multi.Generic (1)
12:18:01.0406 1532 UxTuneUp (d3986793dedc6bb93db4da5a793e42ce) C:\WINDOWS\System32\uxtuneup.dll
12:18:01.0406 1532 UxTuneUp - ok
12:18:01.0500 1532 VClone (fce98c43b5c5db8e0da8ea0e2b45e044) C:\WINDOWS\system32\DRIVERS\VClone.sys
12:18:01.0500 1532 VClone ( UnsignedFile.Multi.Generic ) - warning
12:18:01.0500 1532 VClone - detected UnsignedFile.Multi.Generic (1)
12:18:01.0578 1532 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
12:18:01.0703 1532 VgaSave - ok
12:18:01.0750 1532 ViaIde - ok
12:18:01.0796 1532 VolSnap (cd8cce067f7e9cbd762c00bdddecaa34) C:\WINDOWS\system32\drivers\VolSnap.sys
12:18:01.0906 1532 VolSnap - ok
12:18:02.0015 1532 VSS (043539881667bb37b07524032d6ffc3e) C:\WINDOWS\System32\vssvc.exe
12:18:02.0093 1532 VSS - ok
12:18:02.0187 1532 vToolbarUpdater10.2.0 (3080f1f093869a19fb3d1f0226c73809) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
12:18:02.0250 1532 vToolbarUpdater10.2.0 - ok
12:18:02.0328 1532 W32Time (2ceebb402187ae56b585701f3d191fb3) C:\WINDOWS\system32\w32time.dll
12:18:02.0453 1532 W32Time - ok
12:18:02.0546 1532 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:18:02.0656 1532 Wanarp - ok
12:18:02.0718 1532 WDICA - ok
12:18:02.0796 1532 wdmaud (2797f33ebf50466020c430ee4f037933) C:\WINDOWS\system32\drivers\wdmaud.sys
12:18:02.0890 1532 wdmaud - ok
12:18:02.0968 1532 WebClient (3791adf1d3466ac6b4b662d3f79cbfec) C:\WINDOWS\System32\webclnt.dll
12:18:03.0078 1532 WebClient - ok
12:18:03.0171 1532 winmgmt (e12084ea622bdf2262c637bef15dd85c) C:\WINDOWS\system32\wbem\WMIsvc.dll
12:18:03.0281 1532 winmgmt - ok
12:18:03.0390 1532 WmdmPmSN (140ef97b64f560fd78643cae2cdad838) C:\WINDOWS\system32\MsPMSNSv.dll
12:18:03.0406 1532 WmdmPmSN - ok
12:18:03.0500 1532 Wmi (0cdc4a0c6b820fad99fb4ca74cd0c476) C:\WINDOWS\System32\advapi32.dll
12:18:03.0656 1532 Wmi - ok
12:18:03.0750 1532 WmiApSrv (bcd21b989f0fd4ace78287fc01b4693d) C:\WINDOWS\system32\wbem\wmiapsrv.exe
12:18:03.0859 1532 WmiApSrv - ok
12:18:03.0937 1532 wpdusb (1385e5aa9c9821790d33a9563b8d2dd0) C:\WINDOWS\system32\Drivers\wpdusb.sys
12:18:03.0953 1532 wpdusb - ok
12:18:04.0031 1532 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
12:18:04.0125 1532 WS2IFSL - ok
12:18:04.0203 1532 wscsvc (4aded1adef25041d9827f9a79c0fda13) C:\WINDOWS\system32\wscsvc.dll
12:18:04.0312 1532 wscsvc - ok
12:18:04.0390 1532 wuauserv (21f5169ca14e0b25c757644456f637df) C:\WINDOWS\system32\wuauserv.dll
12:18:04.0484 1532 wuauserv - ok
12:18:04.0578 1532 WZCSVC (325cedef696ef4b649ddcd3968d085c9) C:\WINDOWS\System32\wzcsvc.dll
12:18:04.0734 1532 WZCSVC - ok
12:18:04.0812 1532 xmlprov (9b835d4c64860b155a1701d5092ec9e4) C:\WINDOWS\System32\xmlprov.dll
12:18:04.0937 1532 xmlprov - ok
12:18:04.0968 1532 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
12:18:05.0203 1532 \Device\Harddisk0\DR0 - ok
12:18:05.0234 1532 Boot (0x1200) (9760f9bc4a7d4481c631bd08256bd866) \Device\Harddisk0\DR0\Partition0
12:18:05.0234 1532 \Device\Harddisk0\DR0\Partition0 - ok
12:18:05.0250 1532 Boot (0x1200) (d935f583fb5da001f75994170ffa8457) \Device\Harddisk0\DR0\Partition1
12:18:05.0250 1532 \Device\Harddisk0\DR0\Partition1 - ok
12:18:05.0281 1532 Boot (0x1200) (735330d7c112c6921934822986f41703) \Device\Harddisk0\DR0\Partition2
12:18:05.0281 1532 \Device\Harddisk0\DR0\Partition2 - ok
12:18:05.0296 1532 Boot (0x1200) (8b324db7135abb313ed82ee2549a83db) \Device\Harddisk0\DR0\Partition3
12:18:05.0296 1532 \Device\Harddisk0\DR0\Partition3 - ok
12:18:05.0328 1532 Boot (0x1200) (97c39299be27e52f5695e927f3a21f13) \Device\Harddisk0\DR0\Partition4
12:18:05.0328 1532 \Device\Harddisk0\DR0\Partition4 - ok
12:18:05.0343 1532 ============================================================
12:18:05.0343 1532 Scan finished
12:18:05.0343 1532 ============================================================
12:18:05.0468 1412 Detected object count: 15
12:18:05.0468 1412 Actual detected object count: 15
12:19:45.0109 1412 AmdK8 ( UnsignedFile.Multi.Generic ) - skipped by user
12:19:45.0109 1412 AmdK8 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:19:45.0109 1412 AR5211 ( UnsignedFile.Multi.Generic ) - skipped by user
12:19:45.0109 1412 AR5211 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:19:45.0125 1412 Bonjour Service ( UnsignedFile.Multi.Generic ) - skipped by user
12:19:45.0125 1412 Bonjour Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:19:45.0125 1412 cmpci ( UnsignedFile.Multi.Generic ) - skipped by user
12:19:45.0125 1412 cmpci ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:19:45.0140 1412 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
12:19:45.0140 1412 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:19:45.0140 1412 nv ( UnsignedFile.Multi.Generic ) - skipped by user
12:19:45.0140 1412 nv ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:19:45.0140 1412 NVSvc ( UnsignedFile.Multi.Generic ) - skipped by user
12:19:45.0140 1412 NVSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:19:45.0156 1412 sfdrv01 ( UnsignedFile.Multi.Generic ) - skipped by user
12:19:45.0156 1412 sfdrv01 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:19:45.0156 1412 sfhlp02 ( UnsignedFile.Multi.Generic ) - skipped by user
12:19:45.0156 1412 sfhlp02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:19:45.0156 1412 sfsync03 ( UnsignedFile.Multi.Generic ) - skipped by user
12:19:45.0156 1412 sfsync03 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:19:45.0171 1412 sptd ( LockedFile.Multi.Generic ) - skipped by user
12:19:45.0171 1412 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
12:19:45.0171 1412 Tcpip ( UnsignedFile.Multi.Generic ) - skipped by user
12:19:45.0171 1412 Tcpip ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:19:45.0187 1412 TrueSight ( UnsignedFile.Multi.Generic ) - skipped by user
12:19:45.0187 1412 TrueSight ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:19:45.0187 1412 UserAccess7 ( UnsignedFile.Multi.Generic ) - skipped by user
12:19:45.0187 1412 UserAccess7 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:19:45.0187 1412 VClone ( UnsignedFile.Multi.Generic ) - skipped by user
12:19:45.0187 1412 VClone ( UnsignedFile.Multi.Generic ) - User select action: Skip

[vyosek]

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix