VIRY.CZ

poprosim niekoho ak bude taky dobry a najde si cas aby mi to pozrel. Dakujem, zde je log

Logfile of random's system information tool 1.09 (written by random/random)
Run by Gabriela at 2012-05-02 17:57:37
Microsoft Windows XP Professional Service Pack 2
System drive C: has 1 GB (7%) free of 15 GB
Total RAM: 511 MB (11% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:58:18, on 2.5.2012
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17055)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\ehome\ehSched.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Music\SSSvr.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Photo\appsrv\PhotoAppSrv.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Video\GPVSvr.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
C:\Program Files\Sony\Sony TV Tuner Library\RM_SV.exe
C:\WINDOWS\ehome\ehmsas.exe
C:\Documents and Settings\Gabriela\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Gabriela\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Gabriela\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Gabriela\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Gabriela\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\System32\ping.exe
C:\Documents and Settings\Gabriela\My Documents\Downloads\RSIT.exe
C:\Program Files\trend micro\Gabriela.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.bearshare.com/sidebar.html?src=ssb
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:57111
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\GABRIELA\Application Data\Mozilla\Profiles\default\ps2wkgw4.slt\prefs.js)
O1 - Hosts: ::1 localhost
O1 - Hosts: 216.240.133.193 www.google-analytics.com.
O1 - Hosts: 216.240.133.193 ad-emea.doubleclick.net.
O1 - Hosts: 216.240.133.193 www.statcounter.com.
O1 - Hosts: 69.72.252.254 www.google-analytics.com.
O1 - Hosts: 69.72.252.254 ad-emea.doubleclick.net.
O1 - Hosts: 69.72.252.254 www.statcounter.com.
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_01\bin\npjpi142_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_01\bin\npjpi142_01.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ESET Service (ekrn) - Unknown owner - C:\Program Files\ESET\ESET Smart Security\ekrn.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SonicStageMonitoring - Sony Corporation - C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
O23 - Service: Sony TV Tuner Controller - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\halsv.exe
O23 - Service: Sony TV Tuner Manager - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\RM_SV.exe
O23 - Service: Sony TVTA Manager - Sony Corporation - C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe
O23 - Service: VAIO Media Music Server (VAIOMediaPlatform-MusicServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Music\SSSvr.exe
O23 - Service: VAIO Media Music Server (HTTP) (VAIOMediaPlatform-MusicServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Music Server (UPnP) (VAIOMediaPlatform-MusicServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Photo Server (VAIOMediaPlatform-PhotoServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Photo\appsrv\PhotoAppSrv.exe
O23 - Service: VAIO Media Photo Server (HTTP) (VAIOMediaPlatform-PhotoServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Photo Server (UPnP) (VAIOMediaPlatform-PhotoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Video\GPVSvr.exe
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

--
End of file - 10488 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3772474029-3004294206-1312135618-1004Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3772474029-3004294206-1312135618-1004UA.job
C:\WINDOWS\tasks\Registration reminder 2.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Gabriela\Application Data\Mozilla\Firefox\Profiles\kmiutljb.default

prefs.js - "extensions.enabledItems" - "{E9A1DEE0-C623-4439-8932-001E7D17607D}:2.1.0.2, textlinks@epicplay.com:1.0.0, {20a82645-c095-46ed-80e3-08825760534b}:1.1, en-US@dictionaries.addons.mozilla.org:5.0.1, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.19"

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP]
"Description"=Viewpoint Media Player for Mozilla
"Path"=C:\Program Files\Viewpoint\Viewpoint Media Player\\npViewpoint.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
aboutRights.js
aboutRobots.js
AskSearch.js
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
compreg.dat
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
jsconsole-clhandler.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsHandlerService.js
nsHelperAppDlg.js
nsIQTScriptablePlugin.xpt
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesTransactionsService.js
nsPostUpdateWin.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
txEXSLTRegExFunctions.js
WebContentConverter.js
xpti.dat

C:\Program Files\Mozilla Firefox\plugins\
npnul32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
wikipedia-sk.xml
zoznam-sk.xml

C:\Documents and Settings\Gabriela\Application Data\Mozilla\Firefox\Profiles\kmiutljb.default\extensions\
en-US@dictionaries.addons.mozilla.org
{20a82645-c095-46ed-80e3-08825760534b}

C:\Documents and Settings\Gabriela\Application Data\Mozilla\Firefox\Profiles\kmiutljb.default\searchplugins\
bing-zugo.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-02-01 1377576]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2004-08-03 50176]
"NvCplDaemon"=C:\WINDOWS\System32\NvCpl.dll [2003-08-18 4841472]
"ezShieldProtector for Px"=C:\WINDOWS\System32\ezSP_Px.exe [2002-08-20 40960]
"UpdReg"=C:\WINDOWS\UpdReg.EXE [2000-05-10 90112]
"VAIO Recovery"=C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe [2003-04-19 28672]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-07-28 1259376]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-03 15360]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2004-08-03 239616]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\support.com\client\bin\tgcmd.exe"="C:\Program Files\support.com\client\bin\tgcmd.exe:*:Enabled:tgcmd Module"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Real\RealOne Player\realplay.exe"="C:\Program Files\Real\RealOne Player\realplay.exe:*:Enabled:RealOne Player"
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Sony\click to dvd\ctodvd-e.exe"="C:\Program Files\Sony\click to dvd\ctodvd-e.exe:*:Disabled:Click to DVD"
"C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader"
"C:\Program Files\AIM6\aim6.exe"="C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Documents and Settings\Gabriela\Local Settings\Temp\_tc1\NFS3.EXE"="C:\Documents and Settings\Gabriela\Local Settings\Temp\_tc1\NFS3.EXE:*:Enabled:Need For Speed III for Win32"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Documents and Settings\Gabriela\Local Settings\Application Data\Google\Chrome\Application\chrome.exe"="C:\Documents and Settings\Gabriela\Local Settings\Application Data\Google\Chrome\Application\chrome.exe:*:Disabled:Google Chrome"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"vidc.iv41"=ir41_32.ax
"msacm.iac2"=iac25_32.ax
"vidc.iv50"=ir50_32.dll
"VIDC.dvsd"=C:\PROGRA~1\COMMON~1\SONYSH~1\VideoLib\sonydv.dll
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll

======List of files/folders created in the last 1 month======

2012-05-02 17:57:47 ----D---- C:\Program Files\trend micro
2012-05-02 17:57:37 ----D---- C:\rsit
2012-05-01 19:14:53 ----D---- C:\Program Files\Common Files\DivX Shared
2012-05-01 19:12:36 ----D---- C:\Documents and Settings\All Users\Application Data\DivX
2012-05-01 18:45:28 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2012-05-01 17:59:42 ----AD---- C:\3590F75ABA9E485486C100C1A9D4FF06ZZZ..Z.....ZZZZZ
2012-05-01 17:13:04 ----D---- C:\Documents and Settings\Gabriela\Application Data\ESET
2012-05-01 16:59:24 ----D---- C:\Program Files\ESET
2012-05-01 16:59:24 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
2012-05-01 16:42:13 ----D---- C:\Program Files\CCleaner
2012-05-01 16:16:52 ----A---- C:\WINDOWS\system32\d3d9caps.dat
2012-05-01 16:13:44 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-05-01 16:10:03 ----D---- C:\Documents and Settings\Gabriela\Application Data\InstallShield
2012-05-01 15:41:49 ----SHD---- C:\Config.Msi

======List of files/folders modified in the last 1 month======

2012-05-02 17:57:47 ----RD---- C:\Program Files
2012-05-02 17:57:40 ----D---- C:\WINDOWS\Prefetch
2012-05-02 17:52:27 ----D---- C:\WINDOWS\system32
2012-05-02 17:51:20 ----D---- C:\WINDOWS\Temp
2012-05-02 17:37:10 ----D---- C:\WINDOWS
2012-05-02 17:36:52 ----ASH---- C:\WINDOWS\system32\dds_trash_log.cmd
2012-05-02 17:36:14 ----D---- C:\WINDOWS\system32\drivers
2012-05-01 23:01:30 ----D---- C:\WINDOWS\security
2012-05-01 23:01:19 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-05-01 22:08:33 ----HD---- C:\WINDOWS\inf
2012-05-01 22:08:23 ----D---- C:\WINDOWS\system32\CatRoot2
2012-05-01 19:17:33 ----D---- C:\Program Files\DivX
2012-05-01 19:17:16 ----SHD---- C:\WINDOWS\Installer
2012-05-01 19:17:15 ----D---- C:\WINDOWS\WinSxS
2012-05-01 19:14:53 ----D---- C:\Program Files\Common Files
2012-05-01 19:12:05 ----D---- C:\Documents and Settings\Gabriela\Application Data\Winamp
2012-05-01 18:07:33 ----D---- C:\WINDOWS\Debug
2012-05-01 16:44:58 ----D---- C:\WINDOWS\Minidump
2012-05-01 16:33:19 ----SD---- C:\WINDOWS\Tasks
2012-05-01 16:31:40 ----D---- C:\Program Files\Winamp
2012-05-01 16:31:40 ----D---- C:\Program Files\MoodLogic
2012-05-01 16:29:20 ----HD---- C:\Program Files\InstallShield Installation Information
2012-05-01 16:29:20 ----A---- C:\WINDOWS\disney.ini
2012-05-01 16:17:44 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2012-05-01 16:17:42 ----D---- C:\Program Files\Common Files\Symantec Shared
2012-05-01 16:12:17 ----D---- C:\Program Files\Google
2012-05-01 16:11:55 ----AHD---- C:\Documents and Settings\All Users\Application Data\GTek
2012-05-01 16:10:38 ----AC---- C:\WINDOWS\ka.ini
2012-05-01 15:59:54 ----D---- C:\Program Files\HP
2012-05-01 15:57:12 ----D---- C:\Documents and Settings\All Users\Application Data\HP
2012-05-01 15:55:04 ----DC---- C:\WINDOWS\system32\DRVSTORE
2012-05-01 15:55:04 ----D---- C:\WINDOWS\twain_32
2012-05-01 15:40:30 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2012-05-01 15:39:57 ----D---- C:\Program Files\Cosmi
2012-05-01 15:39:57 ----AC---- C:\WINDOWS\compedia.ini
2012-05-01 15:37:07 ----D---- C:\Program Files\DNA
2012-05-01 15:33:15 ----D---- C:\Program Files\Online Services
2012-05-01 15:22:03 ----D---- C:\Program Files\Mozilla Firefox
2012-05-01 15:16:01 ----D---- C:\Program Files\Common Files\Real
2012-05-01 15:15:50 ----D---- C:\Documents and Settings\Gabriela\Application Data\Real
2012-05-01 15:15:09 ----D---- C:\Program Files\Quicken
2012-05-01 15:15:09 ----A---- C:\WINDOWS\QUICKEN.INI
2012-05-01 15:13:43 ----D---- C:\Program Files\Screenblast
2012-05-01 15:11:12 ----D---- C:\Program Files\Infogrames Interactive
2012-05-01 15:08:57 ----D---- C:\Program Files\BearShare Applications
2012-05-01 15:08:20 ----D---- C:\Program Files\Common Files\Adobe
2012-05-01 15:07:46 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 agp440;Intel AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\agp440.sys [2004-08-03 42368]
R0 ohci1394;NEC FireWarden OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\System32\DRIVERS\ohci1394.sys [2004-08-03 61056]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\DRIVERS\PxHelp20.sys [2008-02-20 43528]
R0 SonyLSM;LED State Service; C:\WINDOWS\System32\Drivers\SonyLSM.sys [2003-07-24 4736]
R1 DMICall;Sony DMI Call service; C:\WINDOWS\System32\DRIVERS\DMICall.sys [2000-12-05 3952]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2011-08-04 61936]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2004-08-03 36096]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2011-08-04 147480]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2004-08-03 60800]
R3 E1000;Intel(R) PRO/1000 Adapter Driver; C:\WINDOWS\System32\DRIVERS\e1000325.sys [2003-03-11 121344]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2011-08-09 39824]
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2004-08-03 61824]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2003-08-18 1343803]
R3 P17;Creative SB Audigy LS; C:\WINDOWS\system32\drivers\P17.sys [2003-11-19 681344]
R3 smrt;Sony MPEG RealTime encoder board; C:\WINDOWS\System32\DRIVERS\smrt.sys [2003-12-02 772224]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [2003-08-27 33588]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2004-08-03 14848]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\System32\DRIVERS\AGRSM.sys []
S3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2003-11-15 621056]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2011-08-09 154136]
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-03-07 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-03-07 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-03-07 21568]
S3 HSF_DP;HSF_DP; C:\WINDOWS\System32\DRIVERS\HSF_DP.sys []
S3 HSFHWICH;HSFHWICH; C:\WINDOWS\System32\DRIVERS\HSFHWICH.sys []
S3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 NPF;WinPcap Packet Driver (NPF); C:\WINDOWS\system32\drivers\NPF.sys [2011-12-05 50704]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-02-18 30464]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 winachsf;winachsf; C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys []
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2007-09-06 110592]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2007-07-24 229376]
R2 dladresn;InCDsrvR; C:\WINDOWS\system32\svchost.exe [2004-08-03 14336]
R2 ehSched;Media Center Scheduler Service; C:\WINDOWS\ehome\ehSched.exe [2004-08-03 84992]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-03 14336]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\System32\nvsvc32.exe [2003-08-18 77824]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-03 14336]
R2 SonicStageMonitoring;SonicStageMonitoring; C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe [2003-09-12 135168]
R2 Sony TVTA Manager;Sony TVTA Manager; C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe [2003-08-13 106496]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 VAIOMediaPlatform-MusicServer-AppServer;VAIO Media Music Server; C:\Program Files\Sony\VAIO Media Integrated Server\Music\SSSvr.exe [2003-10-20 503897]
R2 VAIOMediaPlatform-MusicServer-HTTP;VAIO Media Music Server (HTTP); C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [2003-10-20 57344]
R2 VAIOMediaPlatform-MusicServer-UPnP;VAIO Media Music Server (UPnP); C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [2003-10-20 712704]
R2 VAIOMediaPlatform-PhotoServer-AppServer;VAIO Media Photo Server; C:\Program Files\Sony\VAIO Media Integrated Server\Photo\appsrv\PhotoAppSrv.exe [2003-10-20 925696]
R2 VAIOMediaPlatform-PhotoServer-HTTP;VAIO Media Photo Server (HTTP); C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [2003-10-20 57344]
R2 VAIOMediaPlatform-PhotoServer-UPnP;VAIO Media Photo Server (UPnP); C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [2003-10-20 712704]
R2 VAIOMediaPlatform-VideoServer-AppServer;VAIO Media Video Server; C:\Program Files\Sony\VAIO Media Integrated Server\Video\GPVSvr.exe [2003-10-20 1286144]
R2 VAIOMediaPlatform-VideoServer-HTTP;VAIO Media Video Server (HTTP); C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [2003-10-20 57344]
R2 VAIOMediaPlatform-VideoServer-UPnP;VAIO Media Video Server (UPnP); C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [2003-10-20 712704]
R2 Viewpoint Manager Service;Viewpoint Manager Service; C:\Program Files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]
R2 WANMiniportService;WAN Miniport (ATW) Service; C:\WINDOWS\wanmpsvc.exe [2003-08-27 65536]
R3 Sony TV Tuner Manager;Sony TV Tuner Manager; C:\Program Files\Sony\Sony TV Tuner Library\RM_SV.exe [2003-08-13 94208]
S2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-01 253088]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2007-09-14 503608]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Sony TV Tuner Controller;Sony TV Tuner Controller; C:\Program Files\Sony\Sony TV Tuner Library\halsv.exe [2003-08-13 118784]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

pouzi http://forum.viry.cz/viewtopic.php?f=24 ... 05#p981205 scan+hosts+proxy
logy vloz

RogueKiller V7.4.2 [05/03/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows XP (5.1.2600 Service Pack 2) 32 bits version
Started in : Normal mode
User: Gabriela [Admin rights]
Mode: Scan -- Date: 05/03/2012 18:56:54

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 4 ¤¤¤
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (hxxp=127.0.0.1:57111) -> FOUND
[PROXY FF] kmiutljb.default\ 127.0.0.1:57111 -> FOUND
[HJ] HKCU\[...]\Internet Settings : WarnOnHTTPSToHTTPRedirect (0) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [LOADED] ¤¤¤
IRP[IRP_MJ_INTERNAL_DEVICE_CONTROL] : atapi.sys -> HOOKED ([INLINE] atapi.sys @ 0xF863F7B4)

¤¤¤ Infection : ZeroAccess ¤¤¤
[ZeroAccess] (LOCKED) windir\NtUpdateKBxxxx present!

¤¤¤ HOSTS File: ¤¤¤
127.0.0.1 localhost
::1 localhost
216.240.133.193 www.google-analytics.com.
216.240.133.193 ad-emea.doubleclick.net.
216.240.133.193 www.statcounter.com.
69.72.252.254 www.google-analytics.com.
69.72.252.254 ad-emea.doubleclick.net.
69.72.252.254 www.statcounter.com.


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD800JB-00JJC0 +++++
--- User ---
[MBR] 6d93d11730f75b78a0f1bb15ce028948
[BSP] 3dac0b205a0d2f2528e8539c3b0d453e : Windows XP MBR Code
Partition table:
0 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): 63 | Size: 6149 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 12594960 | Size: 15366 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 44066295 | Size: 54799 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: WDC WD2500JB-00REA0 +++++
--- User ---
[MBR] 337bef6e126ea15fabdeb74e82207548
[BSP] cff08495224f5255172d93569800a310 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 238472 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1].txt >>
RKreport[1].txt

RogueKiller V7.4.2 [05/03/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows XP (5.1.2600 Service Pack 2) 32 bits version
Started in : Normal mode
User: Gabriela [Admin rights]
Mode: HOSTSFix -- Date: 05/03/2012 18:59:33

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Driver: [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
127.0.0.1 localhost
::1 localhost
216.240.133.193 www.google-analytics.com.
216.240.133.193 ad-emea.doubleclick.net.
216.240.133.193 www.statcounter.com.
69.72.252.254 www.google-analytics.com.
69.72.252.254 ad-emea.doubleclick.net.
69.72.252.254 www.statcounter.com.


¤¤¤ Resetted HOSTS: ¤¤¤
127.0.0.1 localhost

Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2]



RogueKiller V7.4.2 [05/03/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows XP (5.1.2600 Service Pack 2) 32 bits version
Started in : Normal mode
User: Gabriela [Admin rights]
Mode: ProxyFix -- Date: 05/03/2012 18:59:45

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Driver: [LOADED] ¤¤¤

¤¤¤ Registry Entries: 2 ¤¤¤
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (hxxp=127.0.0.1:57111) -> DELETED
[PROXY FF] kmiutljb.default\ 127.0.0.1:57111 -> DELETED

Finished : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt

fiiiha
pouzi http://anywhere.webrootcloudav.com/antizeroaccess.exe

fiiha veru. to som sa prestahoval do USA a spolubivajuci mi dali pocitac ze ide pomaly, ked to spravim mozem ho pouzivat, a predo mnou to pouzivalo asi 20 dalsich ludi. ok pouzil som to, LOG je tu: Webroot AntiZeroAccess 0.8 Log File
Execution time: 04/05/2012 - 18:38
Host operation System: Windows Xp X86 version 5.1.2600 Service Pack 2
18:39:05 - CheckSystem - Begin to check system...
18:39:05 - OpenRootDrive - Opening system root volume and physical drive....
18:39:05 - C Root Drive: Disk number: 0 Start sector: 0x00C02F10 Partition Size: 0x01E036E7 sectors.
18:39:05 - PrevX Main driver extracted in "C:\WINDOWS\system32\drivers\ZeroAccess.sys".
18:39:05 - InstallAndStartDriver - Main driver was installed and now is running.
18:39:05 - CheckSystem - Warning! Disk class driver is INFECTED.
18:39:05 - CheckFile - Internal consistence error: Sector buffer is not of a PE file!
18:39:06 - CheckFile - Internal consistence error: Sector buffer is not of a PE file!
18:39:06 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:06 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:06 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:06 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:06 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:06 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:06 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:06 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:06 - CheckFile - Internal consistence error: Sector buffer is not of a PE file!
18:39:06 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:06 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:06 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:06 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:06 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:06 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:06 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:06 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:06 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:06 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:06 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:06 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:06 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:06 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:06 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:06 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:06 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:06 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:06 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:06 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:06 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:06 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:06 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:06 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:06 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:06 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:06 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:06 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:06 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:06 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:06 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:06 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:06 - CheckFile - Internal consistence error: Sector buffer is not of a PE file!
18:39:06 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:06 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:06 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:07 - CheckFile - Internal consistence error: Sector buffer is not of a PE file!
18:39:07 - CheckFile - Internal consistence error: Sector buffer is not of a PE file!
18:39:07 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:07 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:07 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:07 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:07 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:07 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:07 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:07 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:07 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:07 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:07 - CheckFile - Unable to send FSCTL_GET_RETRIEVAL_POINTERS to file object. DeviceIoControl last error: 234
18:39:07 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:07 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:07 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:07 - CheckFile - Internal consistence error: Sector buffer is not of a PE file!
18:39:07 - CheckFile - Internal consistence error: Sector buffer is not of a PE file!
18:39:07 - CheckFile - Internal consistence error: Sector buffer is not of a PE file!
18:39:07 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:07 - CheckFile - Internal consistence error: Sector buffer is not of a PE file!
18:39:07 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:07 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:07 - CheckFile - Internal consistence error: Sector buffer is not of a PE file!
18:39:07 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:07 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:07 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:07 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:07 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:07 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:07 - CheckFile - Internal consistence error: Sector buffer is not of a PE file!
18:39:08 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:08 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:08 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:08 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:08 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:08 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:08 - CheckFile - Internal consistence error: Sector buffer is not of a PE file!
18:39:08 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:08 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:08 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:08 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:08 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:08 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:08 - CheckFile - Internal consistence error: Sector buffer is not of a PE file!
18:39:08 - CheckFile - Internal consistence error: Sector buffer is not of a PE file!
18:39:08 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:08 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:08 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:08 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:08 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:08 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:08 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:08 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:08 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:08 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:08 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:08 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:08 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:08 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:08 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:08 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:08 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:08 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:09 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:09 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:09 - CheckFile - Internal consistence error: Sector buffer is not of a PE file!
18:39:09 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:09 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:09 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:09 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:09 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:09 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:09 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:09 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:09 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:09 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:09 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:09 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:09 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:09 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:09 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:09 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:09 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:09 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:09 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:09 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:09 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:09 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:09 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:09 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:09 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:09 - CheckFile - Internal consistence error: Sector buffer is not of a PE file!
18:39:09 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
18:39:09 - StopAndRemoveDriver - AntiZeroAccess Driver is stopped and removed.
18:39:09 - StopAndRemoveDriver - File "ZeroAccess.sys" was deleted!
18:39:09 - Execution Ended!

pouzi TDSSKiller - log vloz
ZA je dost neprijemny smejd ,,,

20:40:13.0953 2716 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
20:40:14.0375 2716 ============================================================
20:40:14.0375 2716 Current date / time: 2012/05/05 20:40:14.0375
20:40:14.0375 2716 SystemInfo:
20:40:14.0375 2716
20:40:14.0375 2716 OS Version: 5.1.2600 ServicePack: 2.0
20:40:14.0375 2716 Product type: Workstation
20:40:14.0375 2716 ComputerName: VALUED-A4DE119D
20:40:14.0375 2716 UserName: Gabriela
20:40:14.0375 2716 Windows directory: C:\WINDOWS
20:40:14.0375 2716 System windows directory: C:\WINDOWS
20:40:14.0375 2716 Processor architecture: Intel x86
20:40:14.0375 2716 Number of processors: 2
20:40:14.0375 2716 Page size: 0x1000
20:40:14.0375 2716 Boot type: Normal boot
20:40:14.0375 2716 ============================================================
20:40:15.0375 2716 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:40:15.0390 2716 Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:40:15.0421 2716 ============================================================
20:40:15.0421 2716 \Device\Harddisk0\DR0:
20:40:15.0421 2716 MBR partitions:
20:40:15.0421 2716 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0xC02F10, BlocksNum 0x1E036E7
20:40:15.0421 2716 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2A06636, BlocksNum 0x6B07E8B
20:40:15.0421 2716 \Device\Harddisk1\DR1:
20:40:15.0421 2716 MBR partitions:
20:40:15.0421 2716 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C4542
20:40:15.0421 2716 ============================================================
20:40:15.0468 2716 C: <-> \Device\Harddisk0\DR0\Partition0
20:40:15.0515 2716 D: <-> \Device\Harddisk1\DR1\Partition0
20:40:15.0531 2716 E: <-> \Device\Harddisk0\DR0\Partition1
20:40:15.0531 2716 ============================================================
20:40:15.0531 2716 Initialize success
20:40:15.0531 2716 ============================================================
20:40:31.0984 3492 ============================================================
20:40:31.0984 3492 Scan started
20:40:31.0984 3492 Mode: Manual; SigCheck; TDLFS;
20:40:31.0984 3492 ============================================================
20:40:32.0218 3492 Abiosdsk - ok
20:40:32.0234 3492 abp480n5 - ok
20:40:32.0265 3492 ACPI (3b67b435fddf777c595f0ec736b03c37) C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:40:32.0265 3492 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\ACPI.sys. Real md5: 3b67b435fddf777c595f0ec736b03c37, Fake md5: a10c7534f7223f4a73a948967d00e69b
20:40:32.0265 3492 ACPI ( Virus.Win32.Rloader.a ) - infected
20:40:32.0265 3492 ACPI - detected Virus.Win32.Rloader.a (0)
20:40:32.0312 3492 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
20:40:36.0687 3492 ACPIEC - ok
20:40:36.0781 3492 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:40:36.0828 3492 AdobeFlashPlayerUpdateSvc - ok
20:40:36.0828 3492 adpu160m - ok
20:40:36.0859 3492 aec (1ee7b434ba961ef845de136224c30fec) C:\WINDOWS\system32\drivers\aec.sys
20:40:37.0406 3492 aec - ok
20:40:37.0437 3492 AFD (55e6e1c51b6d30e54335750955453702) C:\WINDOWS\System32\drivers\afd.sys
20:40:37.0515 3492 AFD - ok
20:40:37.0515 3492 AgereSoftModem - ok
20:40:37.0546 3492 agp440 (2c428fa0c3e3a01ed93c9b2a27d8d4bb) C:\WINDOWS\system32\DRIVERS\agp440.sys
20:40:37.0703 3492 agp440 - ok
20:40:37.0718 3492 Aha154x - ok
20:40:37.0718 3492 aic78u2 - ok
20:40:37.0734 3492 aic78xx - ok
20:40:37.0765 3492 Alerter (c7ae0fd3867db0d42b03b73c18f3d671) C:\WINDOWS\system32\alrsvc.dll
20:40:37.0937 3492 Alerter - ok
20:40:37.0953 3492 ALG (f1958fbf86d5c004cf19a5951a9514b7) C:\WINDOWS\System32\alg.exe
20:40:38.0062 3492 ALG - ok
20:40:38.0062 3492 AliIde - ok
20:40:38.0078 3492 amsint - ok
20:40:38.0156 3492 Apple Mobile Device (3a4982df893f198a2dfbccd4ce10f93a) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
20:40:38.0187 3492 Apple Mobile Device ( UnsignedFile.Multi.Generic ) - warning
20:40:38.0187 3492 Apple Mobile Device - detected UnsignedFile.Multi.Generic (1)
20:40:38.0218 3492 AppMgmt (9c3c12975c97119412802b181fbeeffe) C:\WINDOWS\System32\appmgmts.dll
20:40:38.0359 3492 AppMgmt - ok
20:40:38.0390 3492 Arp1394 (f0d692b0bffb46e30eb3cea168bbc49f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
20:40:38.0578 3492 Arp1394 - ok
20:40:38.0578 3492 asc - ok
20:40:38.0593 3492 asc3350p - ok
20:40:38.0593 3492 asc3550 - ok
20:40:38.0687 3492 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
20:40:38.0765 3492 aspnet_state - ok
20:40:38.0781 3492 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:40:38.0968 3492 AsyncMac - ok
20:40:38.0984 3492 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
20:40:39.0156 3492 atapi - ok
20:40:39.0156 3492 Atdisk - ok
20:40:39.0218 3492 ati2mtag (8a4bb7291606fba4eaafd7b5604255a4) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
20:40:39.0328 3492 ati2mtag - ok
20:40:39.0359 3492 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:40:39.0546 3492 Atmarpc - ok
20:40:39.0578 3492 AudioSrv (db66db626e4882ebef55f136f12c1829) C:\WINDOWS\System32\audiosrv.dll
20:40:39.0750 3492 AudioSrv - ok
20:40:39.0765 3492 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
20:40:39.0937 3492 audstub - ok
20:40:39.0968 3492 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
20:40:40.0140 3492 Beep - ok
20:40:40.0171 3492 BITS (2c69ec7e5a311334d10dd95f338fccea) C:\WINDOWS\System32\qmgr.dll
20:40:40.0406 3492 BITS - ok
20:40:40.0468 3492 Bonjour Service (cfd4c3352e29a8b729536648466e8df5) C:\Program Files\Bonjour\mDNSResponder.exe
20:40:40.0500 3492 Bonjour Service ( UnsignedFile.Multi.Generic ) - warning
20:40:40.0500 3492 Bonjour Service - detected UnsignedFile.Multi.Generic (1)
20:40:40.0531 3492 Browser (e3cfccdda4edd1d0dc9168b2e18f27b8) C:\WINDOWS\System32\browser.dll
20:40:40.0718 3492 Browser - ok
20:40:40.0750 3492 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
20:40:40.0921 3492 cbidf2k - ok
20:40:40.0937 3492 CCDECODE (6163ed60b684bab19d3352ab22fc48b2) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
20:40:41.0109 3492 CCDECODE - ok
20:40:41.0125 3492 cd20xrnt - ok
20:40:41.0140 3492 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
20:40:41.0296 3492 Cdaudio - ok
20:40:41.0312 3492 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
20:40:41.0500 3492 Cdfs - ok
20:40:41.0515 3492 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:40:41.0671 3492 Cdrom - ok
20:40:41.0671 3492 Changer - ok
20:40:41.0687 3492 CiSvc (3192bd04d032a9c4a85a3278c268a13a) C:\WINDOWS\system32\cisvc.exe
20:40:41.0859 3492 CiSvc - ok
20:40:41.0890 3492 ClipSrv (c8dec22c4137d7a90f8bdf41ca4b82ae) C:\WINDOWS\system32\clipsrv.exe
20:40:42.0062 3492 ClipSrv - ok
20:40:42.0109 3492 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:40:42.0203 3492 clr_optimization_v2.0.50727_32 - ok
20:40:42.0218 3492 CmdIde - ok
20:40:42.0218 3492 COMSysApp - ok
20:40:42.0234 3492 Cpqarray - ok
20:40:42.0265 3492 CryptSvc (10654f9ddcea9c46cfb77554231be73b) C:\WINDOWS\System32\cryptsvc.dll
20:40:42.0421 3492 CryptSvc - ok
20:40:42.0437 3492 dac2w2k - ok
20:40:42.0437 3492 dac960nt - ok
20:40:42.0484 3492 DcomLaunch (01095febf33beea00c2a0730b9b3ec28) C:\WINDOWS\system32\rpcss.dll
20:40:42.0593 3492 DcomLaunch - ok
20:40:42.0625 3492 Dhcp (ef545e1a4b043da4c84e230dd471c55f) C:\WINDOWS\System32\dhcpcsvc.dll
20:40:43.0125 3492 Dhcp - ok
20:40:43.0156 3492 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
20:40:43.0328 3492 Disk - ok
20:40:43.0343 3492 dladresn (11028c6a84a967070cb1286550f2058f) C:\WINDOWS\system32\atixsaudio.dll
20:40:43.0359 3492 dladresn ( Backdoor.Multi.ZAccess.gen ) - infected
20:40:43.0359 3492 dladresn - detected Backdoor.Multi.ZAccess.gen (0)
20:40:43.0359 3492 dmadmin - ok
20:40:43.0390 3492 dmboot (c0fbb516e06e243f0cf31f597e7ebf7d) C:\WINDOWS\system32\drivers\dmboot.sys
20:40:43.0625 3492 dmboot - ok
20:40:43.0656 3492 DMICall (526192bf7696f72e29777bf4a180513a) C:\WINDOWS\system32\DRIVERS\DMICall.sys
20:40:43.0796 3492 DMICall - ok
20:40:43.0828 3492 dmio (f5e7b358a732d09f4bcf2824b88b9e28) C:\WINDOWS\system32\drivers\dmio.sys
20:40:44.0000 3492 dmio - ok
20:40:44.0015 3492 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
20:40:44.0171 3492 dmload - ok
20:40:44.0203 3492 dmserver (1639d9964c9e1b2ecca95c8217d3e70d) C:\WINDOWS\System32\dmserver.dll
20:40:44.0359 3492 dmserver - ok
20:40:44.0390 3492 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
20:40:44.0531 3492 DMusic - ok
20:40:44.0562 3492 Dnscache (aac8ffbfd61e784fa3bac851d4a0bd5f) C:\WINDOWS\System32\dnsrslvr.dll
20:40:45.0031 3492 Dnscache - ok
20:40:45.0046 3492 dpti2o - ok
20:40:45.0062 3492 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
20:40:45.0218 3492 drmkaud - ok
20:40:45.0234 3492 E1000 (2476936f4994e9084ccfe75ed4f6226a) C:\WINDOWS\system32\DRIVERS\e1000325.sys
20:40:45.0281 3492 E1000 - ok
20:40:45.0328 3492 eamon (9309c5c9831203436e64cf2ae605c5d7) C:\WINDOWS\system32\DRIVERS\eamon.sys
20:40:45.0390 3492 eamon - ok
20:40:45.0468 3492 eeCtrl (e89cc1363cb7f5320ae3b41c1333d0c3) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
20:40:45.0515 3492 eeCtrl - ok
20:40:45.0546 3492 ehSched (ad0724317173a432e7f4ea8822a329c7) C:\WINDOWS\ehome\ehSched.exe
20:40:45.0625 3492 ehSched - ok
20:40:45.0687 3492 ekrn - ok
20:40:45.0718 3492 epfw (5ba193ca0ae31209aaa39939ce6736b2) C:\WINDOWS\system32\DRIVERS\epfw.sys
20:40:45.0734 3492 epfw - ok
20:40:45.0750 3492 Epfwndis (75d3bcd3e0eded0ab0f96d9a10ff01c9) C:\WINDOWS\system32\DRIVERS\Epfwndis.sys
20:40:45.0765 3492 Epfwndis - ok
20:40:45.0781 3492 epfwtdi (dc64f26f35e32c9472bbf8acd84060d3) C:\WINDOWS\system32\DRIVERS\epfwtdi.sys
20:40:45.0781 3492 epfwtdi - ok
20:40:45.0812 3492 ERSvc (67dff7bbbd0e80aab7b3cf061448db8a) C:\WINDOWS\System32\ersvc.dll
20:40:45.0984 3492 ERSvc - ok
20:40:46.0000 3492 Eventlog (37561f8d4160d62da86d24ae41fae8de) C:\WINDOWS\system32\services.exe
20:40:46.0078 3492 Eventlog - ok
20:40:46.0109 3492 EventSystem (60d1a6342238378bfb7545c81ee3606c) C:\WINDOWS\System32\es.dll
20:40:46.0156 3492 EventSystem - ok
20:40:46.0187 3492 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
20:40:46.0359 3492 Fastfat - ok
20:40:46.0406 3492 FastUserSwitchingCompatibility (6815def9b810aefac107eeaf72da6f82) C:\WINDOWS\System32\shsvcs.dll
20:40:46.0906 3492 FastUserSwitchingCompatibility - ok
20:40:46.0921 3492 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\DRIVERS\fdc.sys
20:40:47.0062 3492 Fdc - ok
20:40:47.0093 3492 Fips (e153ab8a11de5452bcf5ac7652dbf3ed) C:\WINDOWS\system32\drivers\Fips.sys
20:40:47.0250 3492 Fips - ok
20:40:47.0265 3492 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
20:40:47.0421 3492 Flpydisk - ok
20:40:47.0468 3492 FltMgr (3d234fb6d6ee875eb009864a299bea29) C:\WINDOWS\system32\drivers\fltmgr.sys
20:40:48.0000 3492 FltMgr - ok
20:40:48.0078 3492 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:40:48.0078 3492 FontCache3.0.0.0 - ok
20:40:48.0109 3492 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:40:48.0250 3492 Fs_Rec - ok
20:40:48.0281 3492 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:40:48.0437 3492 Ftdisk - ok
20:40:48.0468 3492 gameenum (5f92fd09e5610a5995da7d775eadcd12) C:\WINDOWS\system32\DRIVERS\gameenum.sys
20:40:48.0625 3492 gameenum - ok
20:40:48.0656 3492 GEARAspiWDM (4ac51459805264affd5f6fdfb9d9235f) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
20:40:48.0656 3492 GEARAspiWDM - ok
20:40:48.0718 3492 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:40:48.0890 3492 Gpc - ok
20:40:48.0937 3492 helpsvc (8827911a8c37e40c027cbfc88e69d967) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:40:49.0109 3492 helpsvc - ok
20:40:49.0109 3492 HidServ - ok
20:40:49.0140 3492 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:40:49.0312 3492 HidUsb - ok
20:40:49.0328 3492 hpn - ok
20:40:49.0359 3492 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
20:40:49.0453 3492 HPZid412 - ok
20:40:49.0484 3492 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
20:40:49.0531 3492 HPZipr12 - ok
20:40:49.0562 3492 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
20:40:49.0609 3492 HPZius12 - ok
20:40:49.0625 3492 HSFHWICH - ok
20:40:49.0640 3492 HSF_DP - ok
20:40:49.0718 3492 HTTP (9f8b0f4276f618964fd118be4289b7cd) C:\WINDOWS\system32\Drivers\HTTP.sys
20:40:49.0765 3492 HTTP - ok
20:40:49.0781 3492 HTTPFilter (064d8581adf77c25133e7d751d917d83) C:\WINDOWS\System32\w3ssl.dll
20:40:50.0000 3492 HTTPFilter - ok
20:40:50.0000 3492 i2omgmt - ok
20:40:50.0015 3492 i2omp - ok
20:40:50.0078 3492 i8042prt (7fcb66419f249f2632313563e3b76cc5) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:40:50.0078 3492 i8042prt ( Virus.Win32.ZAccess.k ) - infected
20:40:50.0078 3492 i8042prt - detected Virus.Win32.ZAccess.k (0)
20:40:50.0937 3492 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:40:51.0156 3492 idsvc - ok
20:40:51.0171 3492 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
20:40:51.0421 3492 Imapi - ok
20:40:51.0453 3492 ImapiService (fa788520bcac0f5d9d5cde5615c0d931) C:\WINDOWS\System32\imapi.exe
20:40:51.0671 3492 ImapiService - ok
20:40:51.0687 3492 ini910u - ok
20:40:51.0703 3492 IntelIde - ok
20:40:51.0734 3492 intelppm (279fb78702454dff2bb445f238c048d2) C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:40:51.0937 3492 intelppm - ok
20:40:51.0984 3492 ip6fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\drivers\ip6fw.sys
20:40:52.0218 3492 ip6fw - ok
20:40:52.0250 3492 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:40:52.0468 3492 IpFilterDriver - ok
20:40:52.0500 3492 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:40:52.0765 3492 IpInIp - ok
20:40:52.0812 3492 IpNat (e2168cbc7098ffe963c6f23f472a3593) C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:40:53.0656 3492 IpNat - ok
20:40:53.0750 3492 iPod Service (c0e1456df46ee5e3ab8c032dc8e71d5c) C:\Program Files\iPod\bin\iPodService.exe
20:40:53.0812 3492 iPod Service - ok
20:40:53.0828 3492 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:40:54.0093 3492 IPSec - ok
20:40:54.0125 3492 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
20:40:54.0265 3492 IRENUM - ok
20:40:54.0296 3492 isapnp (e504f706ccb699c2596e9a3da1596e87) C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:40:54.0515 3492 isapnp - ok
20:40:54.0546 3492 Kbdclass (ebdee8a2ee5393890a1acee971c4c246) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:40:54.0828 3492 Kbdclass - ok
20:40:54.0843 3492 kbdhid (e182fa8e49e8ee41b4adc53093f3c7e6) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
20:40:55.0109 3492 kbdhid - ok
20:40:55.0156 3492 kmixer (ba5deda4d934e6288c2f66caf58d2562) C:\WINDOWS\system32\drivers\kmixer.sys
20:40:55.0843 3492 kmixer - ok
20:40:55.0875 3492 KSecDD (674d3e5a593475915dc6643317192403) C:\WINDOWS\system32\drivers\KSecDD.sys
20:40:55.0968 3492 KSecDD - ok
20:40:56.0000 3492 lanmanserver (0cb3af149a0bac0836022ca307c7a0f8) C:\WINDOWS\System32\srvsvc.dll
20:40:56.0546 3492 lanmanserver - ok
20:40:56.0578 3492 lanmanworkstation (e1f27cfcd114ec9f1e1f44674b2ff9f0) C:\WINDOWS\System32\wkssvc.dll
20:40:56.0625 3492 lanmanworkstation - ok
20:40:56.0625 3492 lbrtfdc - ok
20:40:56.0656 3492 LmHosts (b3eff6d938c572e90a07b3d87a3c7657) C:\WINDOWS\System32\lmhsvc.dll
20:40:56.0812 3492 LmHosts - ok
20:40:56.0875 3492 MDM (c8ec1b812d9cefda07623b0021ef73c9) C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
20:40:56.0890 3492 MDM ( UnsignedFile.Multi.Generic ) - warning
20:40:56.0890 3492 MDM - detected UnsignedFile.Multi.Generic (1)
20:40:56.0921 3492 Messenger (95fd808e4ac22aba025a7b3eac0375d2) C:\WINDOWS\System32\msgsvc.dll
20:40:57.0062 3492 Messenger - ok
20:40:57.0093 3492 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
20:40:57.0234 3492 mnmdd - ok
20:40:57.0265 3492 mnmsrvc (f6415361201915b9fe3896b0e4e724ff) C:\WINDOWS\System32\mnmsrvc.exe
20:40:57.0437 3492 mnmsrvc - ok
20:40:57.0453 3492 Modem (6fc6f9d7acc36dca9b914565a3aeda05) C:\WINDOWS\system32\drivers\Modem.sys
20:40:57.0593 3492 Modem - ok
20:40:57.0609 3492 Mouclass (34e1f0031153e491910e12551400192c) C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:40:57.0750 3492 Mouclass - ok
20:40:57.0781 3492 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:40:57.0937 3492 mouhid - ok
20:40:57.0953 3492 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
20:40:58.0125 3492 MountMgr - ok
20:40:58.0125 3492 mraid35x - ok
20:40:58.0156 3492 MRxDAV (29414447eb5bde2f8397dc965dbb3156) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:40:58.0750 3492 MRxDAV - ok
20:40:58.0796 3492 MRxSmb (fb6c89bb3ce282b08bdb1e3c179e1c39) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:40:58.0875 3492 MRxSmb - ok
20:40:58.0906 3492 MSDTC (c7c3d89eb0a6f3dba622ea737fa335b1) C:\WINDOWS\System32\msdtc.exe
20:40:59.0062 3492 MSDTC - ok
20:40:59.0093 3492 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
20:40:59.0250 3492 Msfs - ok
20:40:59.0250 3492 MSIServer - ok
20:40:59.0281 3492 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:40:59.0421 3492 MSKSSRV - ok
20:40:59.0453 3492 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:40:59.0609 3492 MSPCLOCK - ok
20:40:59.0609 3492 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
20:40:59.0750 3492 MSPQM - ok
20:40:59.0781 3492 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:40:59.0953 3492 mssmbios - ok
20:40:59.0968 3492 MSTEE (bf13612142995096ab084f2db7f40f77) C:\WINDOWS\system32\drivers\MSTEE.sys
20:41:00.0109 3492 MSTEE - ok
20:41:00.0140 3492 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
20:41:00.0296 3492 Mup - ok
20:41:00.0328 3492 NABTSFEC (5c8dc6429c43dc6177c1fa5b76290d1a) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
20:41:00.0468 3492 NABTSFEC - ok
20:41:00.0500 3492 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
20:41:00.0687 3492 NDIS - ok
20:41:00.0703 3492 NdisIP (520ce427a8b298f54112857bcf6bde15) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
20:41:00.0828 3492 NdisIP - ok
20:41:00.0843 3492 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:41:01.0015 3492 NdisTapi - ok
20:41:01.0046 3492 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:41:01.0187 3492 Ndisuio - ok
20:41:01.0203 3492 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:41:01.0359 3492 NdisWan - ok
20:41:01.0375 3492 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
20:41:01.0515 3492 NDProxy - ok
20:41:01.0546 3492 Net Driver HPZ12 (51c6d8bfbd4ea5b62a1ba7f4469250d3) C:\WINDOWS\system32\HPZinw12.dll
20:41:01.0562 3492 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
20:41:01.0562 3492 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
20:41:01.0562 3492 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
20:41:01.0718 3492 NetBIOS - ok
20:41:01.0734 3492 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
20:41:01.0875 3492 NetBT - ok
20:41:01.0921 3492 NetDDE (05afb5ad06462257bea7495283c86d50) C:\WINDOWS\system32\netdde.exe
20:41:02.0062 3492 NetDDE - ok
20:41:02.0062 3492 NetDDEdsdm (05afb5ad06462257bea7495283c86d50) C:\WINDOWS\system32\netdde.exe
20:41:02.0234 3492 NetDDEdsdm - ok
20:41:02.0250 3492 Netlogon (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS\System32\lsass.exe
20:41:02.0406 3492 Netlogon - ok
20:41:02.0453 3492 Netman (36739b39267914ba69ad0610a0299732) C:\WINDOWS\System32\netman.dll
20:41:03.0000 3492 Netman - ok
20:41:03.0093 3492 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:41:03.0109 3492 NetTcpPortSharing - ok
20:41:03.0140 3492 NIC1394 (5c5c53db4fef16cf87b9911c7e8c6fbc) C:\WINDOWS\system32\DRIVERS\nic1394.sys
20:41:03.0312 3492 NIC1394 - ok
20:41:03.0343 3492 Nla (097722f235a1fb698bf9234e01b52637) C:\WINDOWS\System32\mswsock.dll
20:41:03.0406 3492 Nla - ok
20:41:03.0453 3492 NPF (b9730495e0cf674680121e34bd95a73b) C:\WINDOWS\system32\drivers\NPF.sys
20:41:03.0453 3492 NPF - ok
20:41:03.0484 3492 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
20:41:03.0625 3492 Npfs - ok
20:41:03.0671 3492 Ntfs (19a811ef5f1ed5c926a028ce107ff1af) C:\WINDOWS\system32\drivers\Ntfs.sys
20:41:04.0250 3492 Ntfs - ok
20:41:04.0265 3492 NtLmSsp (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS\System32\lsass.exe
20:41:04.0406 3492 NtLmSsp - ok
20:41:04.0453 3492 NtmsSvc (b62f29c00ac55a761b2e45877d85ea0f) C:\WINDOWS\system32\ntmssvc.dll
20:41:04.0640 3492 NtmsSvc - ok
20:41:04.0687 3492 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
20:41:04.0812 3492 Null - ok
20:41:04.0906 3492 nv (c36066ec30521cebaf52127027755798) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
20:41:05.0000 3492 nv - ok
20:41:05.0015 3492 NVSvc (88a8cfcd2bc3ff1484901ce985782e6e) C:\WINDOWS\System32\nvsvc32.exe
20:41:05.0046 3492 NVSvc - ok
20:41:05.0078 3492 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:41:05.0218 3492 NwlnkFlt - ok
20:41:05.0250 3492 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:41:05.0390 3492 NwlnkFwd - ok
20:41:05.0421 3492 ohci1394 (0951db8e5823ea366b0e408d71e1ba2a) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
20:41:05.0578 3492 ohci1394 - ok
20:41:05.0625 3492 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:41:05.0640 3492 ose - ok
20:41:05.0703 3492 P17 (07d80b4c3a5a6cef220f8a947b0c33dc) C:\WINDOWS\system32\drivers\P17.sys
20:41:05.0781 3492 P17 - ok
20:41:05.0812 3492 Parport (29744eb4ce659dfe3b4122deb45bc478) C:\WINDOWS\system32\DRIVERS\parport.sys
20:41:05.0953 3492 Parport - ok
20:41:05.0984 3492 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
20:41:06.0140 3492 PartMgr - ok
20:41:06.0156 3492 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
20:41:06.0296 3492 ParVdm - ok
20:41:06.0312 3492 PCI (8086d9979234b603ad5bc2f5d890b234) C:\WINDOWS\system32\DRIVERS\pci.sys
20:41:06.0468 3492 PCI - ok
20:41:06.0468 3492 PCIDump - ok
20:41:06.0515 3492 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
20:41:06.0656 3492 PCIIde - ok
20:41:06.0687 3492 Pcmcia (82a087207decec8456fbe8537947d579) C:\WINDOWS\system32\drivers\Pcmcia.sys
20:41:06.0843 3492 Pcmcia - ok
20:41:06.0843 3492 PDCOMP - ok
20:41:06.0859 3492 PDFRAME - ok
20:41:06.0875 3492 PDRELI - ok
20:41:06.0875 3492 PDRFRAME - ok
20:41:06.0890 3492 perc2 - ok
20:41:06.0890 3492 perc2hib - ok
20:41:06.0937 3492 PlugPlay (37561f8d4160d62da86d24ae41fae8de) C:\WINDOWS\system32\services.exe
20:41:07.0015 3492 PlugPlay - ok
20:41:07.0046 3492 Pml Driver HPZ12 (79834aa2fbf9fe81eebb229024f6f7fc) C:\WINDOWS\system32\HPZipm12.dll
20:41:07.0062 3492 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
20:41:07.0062 3492 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
20:41:07.0093 3492 PolicyAgent (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS\System32\lsass.exe
20:41:07.0218 3492 PolicyAgent - ok
20:41:07.0250 3492 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:41:07.0390 3492 PptpMiniport - ok
20:41:07.0421 3492 Processor (0d97d88720a4087ec93af7dbb303b30a) C:\WINDOWS\system32\DRIVERS\processr.sys
20:41:07.0546 3492 Processor - ok
20:41:07.0546 3492 ProtectedStorage (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS\system32\lsass.exe
20:41:07.0718 3492 ProtectedStorage - ok
20:41:07.0734 3492 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
20:41:07.0875 3492 PSched - ok
20:41:07.0906 3492 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:41:08.0062 3492 Ptilink - ok
20:41:08.0093 3492 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\DRIVERS\PxHelp20.sys
20:41:08.0093 3492 PxHelp20 - ok
20:41:08.0109 3492 ql1080 - ok
20:41:08.0109 3492 Ql10wnt - ok
20:41:08.0125 3492 ql12160 - ok
20:41:08.0140 3492 ql1240 - ok
20:41:08.0140 3492 ql1280 - ok
20:41:08.0171 3492 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:41:08.0312 3492 RasAcd - ok
20:41:08.0328 3492 RasAuto (44db7a9bdd2fb58747d123fbf1d35adb) C:\WINDOWS\System32\rasauto.dll
20:41:08.0484 3492 RasAuto - ok
20:41:08.0500 3492 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:41:08.0625 3492 Rasl2tp - ok
20:41:08.0656 3492 RasMan (49b5eed5fb89d39456a2f616ccd8ba5d) C:\WINDOWS\System32\rasmans.dll
20:41:09.0250 3492 RasMan - ok
20:41:09.0281 3492 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:41:09.0421 3492 RasPppoe - ok
20:41:09.0453 3492 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
20:41:09.0609 3492 Raspti - ok
20:41:09.0640 3492 Rdbss (03b965b1ca47f6ef60eb5e51cb50e0af) C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:41:10.0171 3492 Rdbss - ok
20:41:10.0203 3492 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:41:10.0343 3492 RDPCDD - ok
20:41:10.0375 3492 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
20:41:10.0531 3492 rdpdr - ok
20:41:10.0562 3492 RDPWD (b54cd38a9ebfbf2b3561426e3fe26f62) C:\WINDOWS\system32\drivers\RDPWD.sys
20:41:11.0109 3492 RDPWD - ok
20:41:11.0140 3492 RDSessMgr (729798e0933076b8fcfcd9934698f164) C:\WINDOWS\system32\sessmgr.exe
20:41:11.0296 3492 RDSessMgr - ok
20:41:11.0328 3492 redbook (b31b4588e4086d8d84adbf9845c2402b) C:\WINDOWS\system32\DRIVERS\redbook.sys
20:41:11.0468 3492 redbook - ok
20:41:11.0500 3492 RemoteAccess (3046db917e3cfa040632799dd9b14865) C:\WINDOWS\System32\mprdim.dll
20:41:11.0640 3492 RemoteAccess - ok
20:41:11.0671 3492 RemoteRegistry (3151427db7d87107d1c5be58fac53960) C:\WINDOWS\system32\regsvc.dll
20:41:11.0812 3492 RemoteRegistry - ok
20:41:11.0843 3492 RpcLocator (793f04a09b15e7c6c11dbdffaf06c0ab) C:\WINDOWS\System32\locator.exe
20:41:11.0984 3492 RpcLocator - ok
20:41:12.0031 3492 RpcSs (01095febf33beea00c2a0730b9b3ec28) C:\WINDOWS\system32\rpcss.dll
20:41:12.0093 3492 RpcSs - ok
20:41:12.0140 3492 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\System32\rsvp.exe
20:41:12.0296 3492 RSVP - ok
20:41:12.0328 3492 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
20:41:12.0468 3492 rtl8139 - ok
20:41:12.0500 3492 SamSs (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS\system32\lsass.exe
20:41:12.0640 3492 SamSs - ok
20:41:12.0656 3492 SCardSvr (25d8de134df108e3dbc8d7d23b1aa58e) C:\WINDOWS\System32\SCardSvr.exe
20:41:12.0812 3492 SCardSvr - ok
20:41:12.0843 3492 Schedule (92360854316611f6cc471612213c3d92) C:\WINDOWS\system32\schedsvc.dll
20:41:13.0000 3492 Schedule - ok
20:41:13.0031 3492 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:41:13.0562 3492 Secdrv - ok
20:41:13.0578 3492 seclogon (b1e0ce09895376871746f36dc5773b4f) C:\WINDOWS\System32\seclogon.dll
20:41:13.0718 3492 seclogon - ok
20:41:13.0734 3492 SENS (dfd9870cf39c791d86c4c209da9fa919) C:\WINDOWS\system32\sens.dll
20:41:13.0890 3492 SENS - ok
20:41:13.0921 3492 Serial (cd9404d115a00d249f70a371b46d5a26) C:\WINDOWS\system32\drivers\Serial.sys
20:41:14.0062 3492 Serial - ok
20:41:14.0093 3492 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys
20:41:14.0234 3492 Sfloppy - ok
20:41:14.0265 3492 SharedAccess (36cc8c01b5e50163037bef56cb96deff) C:\WINDOWS\System32\ipnathlp.dll
20:41:14.0421 3492 SharedAccess - ok
20:41:14.0453 3492 ShellHWDetection (6815def9b810aefac107eeaf72da6f82) C:\WINDOWS\System32\shsvcs.dll
20:41:15.0031 3492 ShellHWDetection - ok
20:41:15.0031 3492 Simbad - ok
20:41:15.0062 3492 SLIP (5caeed86821fa2c6139e32e9e05ccdc9) C:\WINDOWS\system32\DRIVERS\SLIP.sys
20:41:15.0203 3492 SLIP - ok
20:41:15.0265 3492 smrt (b2f5ccfa20e4b256fe2cd84c648d0fe2) C:\WINDOWS\system32\DRIVERS\smrt.sys
20:41:15.0343 3492 smrt - ok
20:41:15.0437 3492 SonicStageMonitoring (89cb81394d58f450bddbf4ae3483ca72) C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
20:41:15.0453 3492 SonicStageMonitoring ( UnsignedFile.Multi.Generic ) - warning
20:41:15.0453 3492 SonicStageMonitoring - detected UnsignedFile.Multi.Generic (1)
20:41:15.0500 3492 Sony TV Tuner Controller (cd1bea0cb0e96b828d225b106cbfb968) C:\Program Files\Sony\Sony TV Tuner Library\halsv.exe
20:41:15.0562 3492 Sony TV Tuner Controller ( UnsignedFile.Multi.Generic ) - warning
20:41:15.0562 3492 Sony TV Tuner Controller - detected UnsignedFile.Multi.Generic (1)
20:41:15.0578 3492 Sony TV Tuner Manager (af35291f72f6cf0915765e44f1045305) C:\Program Files\Sony\Sony TV Tuner Library\RM_SV.exe
20:41:15.0593 3492 Sony TV Tuner Manager ( UnsignedFile.Multi.Generic ) - warning
20:41:15.0593 3492 Sony TV Tuner Manager - detected UnsignedFile.Multi.Generic (1)
20:41:15.0609 3492 Sony TVTA Manager (efaaeed11aaf285435a0dcfe15047983) C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe
20:41:15.0625 3492 Sony TVTA Manager ( UnsignedFile.Multi.Generic ) - warning
20:41:15.0625 3492 Sony TVTA Manager - detected UnsignedFile.Multi.Generic (1)
20:41:15.0640 3492 SonyLSM (ed9a10456e25de7a3350f896b962f60a) C:\WINDOWS\system32\Drivers\SonyLSM.sys
20:41:15.0656 3492 SonyLSM ( UnsignedFile.Multi.Generic ) - warning
20:41:15.0656 3492 SonyLSM - detected UnsignedFile.Multi.Generic (1)
20:41:15.0656 3492 Sparrow - ok
20:41:15.0687 3492 splitter (0ce218578fff5f4f7e4201539c45c78f) C:\WINDOWS\system32\drivers\splitter.sys
20:41:16.0234 3492 splitter - ok
20:41:16.0281 3492 Spooler (da81ec57acd4cdc3d4c51cf3d409af9f) C:\WINDOWS\system32\spoolsv.exe
20:41:16.0859 3492 Spooler - ok
20:41:16.0906 3492 sr (e41b6d037d6cd08461470af04500dc24) C:\WINDOWS\system32\DRIVERS\sr.sys
20:41:16.0984 3492 sr - ok
20:41:17.0015 3492 srservice (92bdf74f12d6cbec43c94d4b7f804838) C:\WINDOWS\System32\srsvc.dll
20:41:17.0109 3492 srservice - ok
20:41:17.0156 3492 Srv (7a4f147cc6b133f905f6e65e2f8669fb) C:\WINDOWS\system32\DRIVERS\srv.sys
20:41:17.0218 3492 Srv - ok
20:41:17.0250 3492 SSDPSRV (4b8d61792f7175bed48859cc18ce4e38) C:\WINDOWS\System32\ssdpsrv.dll
20:41:17.0343 3492 SSDPSRV - ok
20:41:17.0375 3492 stisvc (b6763f8534ac547cf1af98afdff2edc8) C:\WINDOWS\system32\wiaservc.dll
20:41:17.0953 3492 stisvc - ok
20:41:17.0984 3492 streamip (284c57df5dc7abca656bc2b96a667afb) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
20:41:18.0125 3492 streamip - ok
20:41:18.0156 3492 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
20:41:18.0296 3492 swenum - ok
20:41:18.0328 3492 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
20:41:18.0468 3492 swmidi - ok
20:41:18.0484 3492 SwPrv - ok
20:41:18.0484 3492 symc810 - ok
20:41:18.0500 3492 symc8xx - ok
20:41:18.0515 3492 sym_hi - ok
20:41:18.0515 3492 sym_u3 - ok
20:41:18.0546 3492 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
20:41:18.0687 3492 sysaudio - ok
20:41:18.0687 3492 SysmonLog (8b54aa346d1b1b113ffaa75501b8b1b2) C:\WINDOWS\system32\smlogsvc.exe
20:41:18.0859 3492 SysmonLog - ok
20:41:18.0906 3492 TapiSrv (fb78839b36025aa286a51289ed28b73e) C:\WINDOWS\System32\tapisrv.dll
20:41:19.0515 3492 TapiSrv - ok
20:41:19.0562 3492 Tcpip (2a5554fc5b1e04e131230e3ce035c3f9) C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:41:19.0656 3492 Tcpip - ok
20:41:19.0687 3492 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
20:41:19.0828 3492 TDPIPE - ok
20:41:19.0843 3492 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
20:41:20.0015 3492 TDTCP - ok
20:41:20.0031 3492 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
20:41:20.0171 3492 TermDD - ok
20:41:20.0218 3492 TermService (b60c877d16d9c880b952fda04adf16e6) C:\WINDOWS\System32\termsrv.dll
20:41:20.0375 3492 TermService - ok
20:41:20.0406 3492 Themes (6815def9b810aefac107eeaf72da6f82) C:\WINDOWS\System32\shsvcs.dll
20:41:20.0968 3492 Themes - ok
20:41:21.0000 3492 TlntSvr (37db0a7d097310e8b4de803fc3119c78) C:\WINDOWS\System32\tlntsvr.exe
20:41:21.0093 3492 TlntSvr - ok
20:41:21.0093 3492 TosIde - ok
20:41:21.0125 3492 TrkWks (6d9ac544b30f96c57f8206566c1fb6a1) C:\WINDOWS\system32\trkwks.dll
20:41:21.0296 3492 TrkWks - ok
20:41:21.0328 3492 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
20:41:21.0468 3492 Udfs - ok
20:41:21.0484 3492 ultra - ok
20:41:21.0515 3492 UMWdf (ab0a7ca90d9e3d6a193905dc1715ded0) C:\WINDOWS\system32\wdfmgr.exe
20:41:21.0562 3492 UMWdf - ok
20:41:21.0609 3492 Update (ced744117e91bdc0beb810f7d8608183) C:\WINDOWS\system32\DRIVERS\update.sys
20:41:22.0187 3492 Update - ok
20:41:22.0234 3492 upnphost (aca5d98663d879c6baafcea7e2f1b710) C:\WINDOWS\System32\upnphost.dll
20:41:22.0875 3492 upnphost - ok
20:41:22.0890 3492 UPS (3f5df65b0758675f95a2d43918a740a3) C:\WINDOWS\System32\ups.exe
20:41:23.0046 3492 UPS - ok
20:41:23.0078 3492 USBAAPL (f340199e8cb097e1acd58a967c665919) C:\WINDOWS\system32\Drivers\usbaapl.sys
20:41:23.0109 3492 USBAAPL - ok
20:41:23.0140 3492 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:41:23.0281 3492 usbccgp - ok
20:41:23.0312 3492 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:41:23.0453 3492 usbehci - ok
20:41:23.0468 3492 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:41:23.0625 3492 usbhub - ok
20:41:23.0640 3492 usbprint (a42369b7cd8886cd7c70f33da6fcbcf5) C:\WINDOWS\system32\DRIVERS\usbprint.sys
20:41:23.0796 3492 usbprint - ok
20:41:23.0812 3492 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:41:23.0953 3492 usbscan - ok
20:41:23.0968 3492 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:41:24.0109 3492 USBSTOR - ok
20:41:24.0125 3492 usbuhci (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:41:24.0265 3492 usbuhci - ok
20:41:24.0375 3492 VAIOMediaPlatform-MusicServer-AppServer (5a173c23810ac6935227c617893a63aa) C:\Program Files\Sony\VAIO Media Integrated Server\Music\SSSvr.exe
20:41:24.0421 3492 VAIOMediaPlatform-MusicServer-AppServer ( UnsignedFile.Multi.Generic ) - warning
20:41:24.0421 3492 VAIOMediaPlatform-MusicServer-AppServer - detected UnsignedFile.Multi.Generic (1)
20:41:24.0437 3492 VAIOMediaPlatform-MusicServer-HTTP (6341c4e00a6f2474e59d1331b3ce9c0d) C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
20:41:24.0453 3492 VAIOMediaPlatform-MusicServer-HTTP ( UnsignedFile.Multi.Generic ) - warning
20:41:24.0453 3492 VAIOMediaPlatform-MusicServer-HTTP - detected UnsignedFile.Multi.Generic (1)
20:41:24.0468 3492 VAIOMediaPlatform-MusicServer-UPnP (f27789e13ca6a94d1420572d9e1a8344) C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
20:41:24.0531 3492 VAIOMediaPlatform-MusicServer-UPnP ( UnsignedFile.Multi.Generic ) - warning
20:41:24.0531 3492 VAIOMediaPlatform-MusicServer-UPnP - detected UnsignedFile.Multi.Generic (1)
20:41:24.0609 3492 VAIOMediaPlatform-PhotoServer-AppServer (48036bcfb49346f33389ad9fb035522f) C:\Program Files\Sony\VAIO Media Integrated Server\Photo\appsrv\PhotoAppSrv.exe
20:41:24.0687 3492 VAIOMediaPlatform-PhotoServer-AppServer ( UnsignedFile.Multi.Generic ) - warning
20:41:24.0687 3492 VAIOMediaPlatform-PhotoServer-AppServer - detected UnsignedFile.Multi.Generic (1)
20:41:24.0703 3492 VAIOMediaPlatform-PhotoServer-HTTP (6341c4e00a6f2474e59d1331b3ce9c0d) C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
20:41:24.0734 3492 VAIOMediaPlatform-PhotoServer-HTTP ( UnsignedFile.Multi.Generic ) - warning
20:41:24.0734 3492 VAIOMediaPlatform-PhotoServer-HTTP - detected UnsignedFile.Multi.Generic (1)
20:41:24.0750 3492 VAIOMediaPlatform-PhotoServer-UPnP (f27789e13ca6a94d1420572d9e1a8344) C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
20:41:24.0781 3492 VAIOMediaPlatform-PhotoServer-UPnP ( UnsignedFile.Multi.Generic ) - warning
20:41:24.0781 3492 VAIOMediaPlatform-PhotoServer-UPnP - detected UnsignedFile.Multi.Generic (1)
20:41:24.0890 3492 VAIOMediaPlatform-VideoServer-AppServer (095265e6f1c668709a4944f8dab7eaa9) C:\Program Files\Sony\VAIO Media Integrated Server\Video\GPVSvr.exe
20:41:25.0046 3492 VAIOMediaPlatform-VideoServer-AppServer ( UnsignedFile.Multi.Generic ) - warning
20:41:25.0046 3492 VAIOMediaPlatform-VideoServer-AppServer - detected UnsignedFile.Multi.Generic (1)
20:41:25.0078 3492 VAIOMediaPlatform-VideoServer-HTTP (6341c4e00a6f2474e59d1331b3ce9c0d) C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
20:41:25.0078 3492 VAIOMediaPlatform-VideoServer-HTTP ( UnsignedFile.Multi.Generic ) - warning
20:41:25.0078 3492 VAIOMediaPlatform-VideoServer-HTTP - detected UnsignedFile.Multi.Generic (1)
20:41:25.0125 3492 VAIOMediaPlatform-VideoServer-UPnP (f27789e13ca6a94d1420572d9e1a8344) C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
20:41:25.0187 3492 VAIOMediaPlatform-VideoServer-UPnP ( UnsignedFile.Multi.Generic ) - warning
20:41:25.0187 3492 VAIOMediaPlatform-VideoServer-UPnP - detected UnsignedFile.Multi.Generic (1)
20:41:25.0312 3492 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
20:41:25.0453 3492 VgaSave - ok
20:41:25.0468 3492 ViaIde - ok
20:41:25.0515 3492 Viewpoint Manager Service (5f974fde801c73952770736becde11e7) C:\Program Files\Viewpoint\Common\ViewpointService.exe
20:41:25.0531 3492 Viewpoint Manager Service ( UnsignedFile.Multi.Generic ) - warning
20:41:25.0531 3492 Viewpoint Manager Service - detected UnsignedFile.Multi.Generic (1)
20:41:25.0562 3492 VolSnap (ee4660083deba849ff6c485d944b379b) C:\WINDOWS\system32\drivers\VolSnap.sys
20:41:25.0703 3492 VolSnap - ok
20:41:25.0734 3492 VSS (3ee00364ae0fd8d604f46cbaf512838a) C:\WINDOWS\System32\vssvc.exe
20:41:25.0828 3492 VSS - ok
20:41:25.0875 3492 W32Time (2b281958f5d0cf99ed626e3ef39d5c8d) C:\WINDOWS\System32\w32time.dll
20:41:26.0046 3492 W32Time - ok
20:41:26.0078 3492 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:41:26.0218 3492 Wanarp - ok
20:41:26.0250 3492 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\WINDOWS\system32\DRIVERS\wanatw4.sys
20:41:26.0296 3492 wanatw - ok
20:41:26.0312 3492 WANMiniportService (909f2dc0da7f57d229a05ee90647b2c3) C:\WINDOWS\wanmpsvc.exe
20:41:27.0500 3492 WANMiniportService ( UnsignedFile.Multi.Generic ) - warning
20:41:27.0500 3492 WANMiniportService - detected UnsignedFile.Multi.Generic (1)
20:41:27.0515 3492 WDICA - ok
20:41:27.0546 3492 wdmaud (efd235ca22b57c81118c1aeb4798f1c1) C:\WINDOWS\system32\drivers\wdmaud.sys
20:41:28.0140 3492 wdmaud - ok
20:41:28.0171 3492 WebClient (265f534ef76832435afbf771ec97176d) C:\WINDOWS\System32\webclnt.dll
20:41:28.0765 3492 WebClient - ok
20:41:28.0765 3492 winachsf - ok
20:41:28.0828 3492 winmgmt (f399242a80c4066fd155efa4cf96658e) C:\WINDOWS\system32\wbem\WMIsvc.dll
20:41:28.0968 3492 winmgmt - ok
20:41:29.0015 3492 WmdmPmSN (140ef97b64f560fd78643cae2cdad838) C:\WINDOWS\system32\MsPMSNSv.dll
20:41:29.0031 3492 WmdmPmSN - ok
20:41:29.0078 3492 Wmi (1081c185aed0660b2b5f173c3e023b23) C:\WINDOWS\System32\advapi32.dll
20:41:29.0171 3492 Wmi - ok
20:41:29.0218 3492 WmiApSrv (ba8cecc3e813e1f7c441b20393d4f86c) C:\WINDOWS\System32\wbem\wmiapsrv.exe
20:41:29.0375 3492 WmiApSrv - ok
20:41:29.0406 3492 WpdUsb (1385e5aa9c9821790d33a9563b8d2dd0) C:\WINDOWS\system32\Drivers\wpdusb.sys
20:41:29.0421 3492 WpdUsb - ok
20:41:29.0453 3492 WSTCODEC (d5842484f05e12121c511aa93f6439ec) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
20:41:29.0593 3492 WSTCODEC - ok
20:41:29.0625 3492 wuauserv (13d72740963cba12d9ff76a7f218bcd8) C:\WINDOWS\system32\wuauserv.dll
20:41:29.0781 3492 wuauserv - ok
20:41:29.0828 3492 WZCSVC (5a91e6feab9f901302fa7ff768c0120f) C:\WINDOWS\System32\wzcsvc.dll
20:41:29.0984 3492 WZCSVC - ok
20:41:30.0046 3492 xmlprov (eef46dab68229a14da3d8e73c99e2959) C:\WINDOWS\System32\xmlprov.dll
20:41:30.0203 3492 xmlprov - ok
20:41:30.0234 3492 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
20:41:30.0515 3492 \Device\Harddisk0\DR0 - ok
20:41:30.0515 3492 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
20:41:30.0578 3492 \Device\Harddisk1\DR1 - ok
20:41:30.0578 3492 Boot (0x1200) (86e1f08f101f618738dc1f24b0f766d7) \Device\Harddisk0\DR0\Partition0
20:41:30.0578 3492 \Device\Harddisk0\DR0\Partition0 - ok
20:41:30.0593 3492 Boot (0x1200) (b8f6dc3c0510ba61cd2aacac56cd23dd) \Device\Harddisk0\DR0\Partition1
20:41:30.0593 3492 \Device\Harddisk0\DR0\Partition1 - ok
20:41:30.0593 3492 Boot (0x1200) (bbafee5caa8c62ba52ef9da193f065d4) \Device\Harddisk1\DR1\Partition0
20:41:30.0609 3492 \Device\Harddisk1\DR1\Partition0 - ok
20:41:30.0609 3492 ============================================================
20:41:30.0609 3492 Scan finished
20:41:30.0609 3492 ============================================================
20:41:30.0718 3480 Detected object count: 24
20:41:30.0718 3480 Actual detected object count: 24
20:41:44.0609 3480 C:\WINDOWS\system32\DRIVERS\ACPI.sys - copied to quarantine
20:41:44.0796 3480 Backup copy found, using it..
20:41:44.0812 3480 C:\WINDOWS\system32\DRIVERS\ACPI.sys - will be cured on reboot
20:41:44.0812 3480 ACPI ( Virus.Win32.Rloader.a ) - User select action: Cure
20:41:44.0812 3480 Apple Mobile Device ( UnsignedFile.Multi.Generic ) - skipped by user
20:41:44.0812 3480 Apple Mobile Device ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:41:44.0812 3480 Bonjour Service ( UnsignedFile.Multi.Generic ) - skipped by user
20:41:44.0812 3480 Bonjour Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:41:44.0843 3480 C:\WINDOWS\system32\atixsaudio.dll - copied to quarantine
20:41:44.0843 3480 HKLM\SYSTEM\ControlSet001\services\dladresn - will be deleted on reboot
20:41:44.0843 3480 HKLM\SYSTEM\ControlSet002\services\dladresn - will be deleted on reboot
20:41:44.0843 3480 HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\svchost:netsvcs - cured
20:41:44.0843 3480 C:\WINDOWS\system32\atixsaudio.dll - will be deleted on reboot
20:41:44.0843 3480 dladresn ( Backdoor.Multi.ZAccess.gen ) - User select action: Delete
20:41:44.0890 3480 C:\WINDOWS\system32\DRIVERS\i8042prt.sys - copied to quarantine
20:41:44.0921 3480 C:\WINDOWS\$NtUninstallKB26892$\526153296\@ - copied to quarantine
20:41:44.0953 3480 C:\WINDOWS\$NtUninstallKB26892$\526153296\bckfg.tmp - copied to quarantine
20:41:44.0953 3480 C:\WINDOWS\$NtUninstallKB26892$\526153296\cfg.ini - copied to quarantine
20:41:44.0953 3480 C:\WINDOWS\$NtUninstallKB26892$\526153296\Desktop.ini - copied to quarantine
20:41:44.0968 3480 C:\WINDOWS\$NtUninstallKB26892$\526153296\keywords - copied to quarantine
20:41:45.0031 3480 C:\WINDOWS\$NtUninstallKB26892$\526153296\kwrd.dll - copied to quarantine
20:41:45.0031 3480 C:\WINDOWS\$NtUninstallKB26892$\526153296\L\lvaoxasl - copied to quarantine
20:41:45.0046 3480 C:\WINDOWS\$NtUninstallKB26892$\526153296\lsflt7.ver - copied to quarantine
20:41:45.0062 3480 C:\WINDOWS\$NtUninstallKB26892$\526153296\oemid - copied to quarantine
20:41:45.0078 3480 C:\WINDOWS\$NtUninstallKB26892$\526153296\U\00000001.@ - copied to quarantine
20:41:45.0171 3480 C:\WINDOWS\$NtUninstallKB26892$\526153296\U\00000002.@ - copied to quarantine
20:41:45.0187 3480 C:\WINDOWS\$NtUninstallKB26892$\526153296\U\00000004.@ - copied to quarantine
20:41:45.0218 3480 C:\WINDOWS\$NtUninstallKB26892$\526153296\U\80000000.@ - copied to quarantine
20:41:45.0218 3480 C:\WINDOWS\$NtUninstallKB26892$\526153296\U\80000004.@ - copied to quarantine
20:41:45.0250 3480 C:\WINDOWS\$NtUninstallKB26892$\526153296\U\80000032.@ - copied to quarantine
20:41:45.0265 3480 C:\WINDOWS\$NtUninstallKB26892$\526153296\version - copied to quarantine
20:41:45.0343 3480 VerifyFileNameVersionInfo: GetFileVersionInfoSizeW(C:\WINDOWS\system32\drivers\i8042prt.sys) error 1813
20:41:46.0140 3480 Backup copy found, using it..
20:41:46.0156 3480 C:\WINDOWS\system32\DRIVERS\i8042prt.sys - will be cured on reboot
20:41:47.0484 3480 C:\WINDOWS\$NtUninstallKB26892$\526153296\@ - will be deleted on reboot
20:41:47.0484 3480 C:\WINDOWS\$NtUninstallKB26892$\526153296\bckfg.tmp - will be deleted on reboot
20:41:47.0484 3480 C:\WINDOWS\$NtUninstallKB26892$\526153296\cfg.ini - will be deleted on reboot
20:41:47.0484 3480 C:\WINDOWS\$NtUninstallKB26892$\526153296\Desktop.ini - will be deleted on reboot
20:41:47.0484 3480 C:\WINDOWS\$NtUninstallKB26892$\526153296\keywords - will be deleted on reboot
20:41:47.0484 3480 C:\WINDOWS\$NtUninstallKB26892$\526153296\kwrd.dll - will be deleted on reboot
20:41:47.0484 3480 C:\WINDOWS\$NtUninstallKB26892$\526153296\lsflt7.ver - will be deleted on reboot
20:41:47.0484 3480 C:\WINDOWS\$NtUninstallKB26892$\526153296\oemid - will be deleted on reboot
20:41:47.0500 3480 C:\WINDOWS\$NtUninstallKB26892$\526153296\U\00000001.@ - will be deleted on reboot
20:41:47.0500 3480 C:\WINDOWS\$NtUninstallKB26892$\526153296\U\00000002.@ - will be deleted on reboot
20:41:47.0500 3480 C:\WINDOWS\$NtUninstallKB26892$\526153296\U\00000004.@ - will be deleted on reboot
20:41:47.0500 3480 C:\WINDOWS\$NtUninstallKB26892$\526153296\U\80000000.@ - will be deleted on reboot
20:41:47.0500 3480 C:\WINDOWS\$NtUninstallKB26892$\526153296\U\80000004.@ - will be deleted on reboot
20:41:47.0500 3480 C:\WINDOWS\$NtUninstallKB26892$\526153296\U\80000032.@ - will be deleted on reboot
20:41:47.0500 3480 C:\WINDOWS\$NtUninstallKB26892$\526153296\version - will be deleted on reboot
20:41:47.0500 3480 C:\WINDOWS\$NtUninstallKB26892$\584968994 - will be deleted on reboot
20:41:47.0500 3480 i8042prt ( Virus.Win32.ZAccess.k ) - User select action: Cure
20:41:47.0500 3480 MDM ( UnsignedFile.Multi.Generic ) - skipped by user
20:41:47.0500 3480 MDM ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:41:47.0500 3480 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
20:41:47.0500 3480 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:41:47.0500 3480 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
20:41:47.0500 3480 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:41:47.0500 3480 SonicStageMonitoring ( UnsignedFile.Multi.Generic ) - skipped by user
20:41:47.0500 3480 SonicStageMonitoring ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:41:47.0500 3480 Sony TV Tuner Controller ( UnsignedFile.Multi.Generic ) - skipped by user
20:41:47.0500 3480 Sony TV Tuner Controller ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:41:47.0515 3480 Sony TV Tuner Manager ( UnsignedFile.Multi.Generic ) - skipped by user
20:41:47.0515 3480 Sony TV Tuner Manager ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:41:47.0515 3480 Sony TVTA Manager ( UnsignedFile.Multi.Generic ) - skipped by user
20:41:47.0515 3480 Sony TVTA Manager ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:41:47.0515 3480 SonyLSM ( UnsignedFile.Multi.Generic ) - skipped by user
20:41:47.0515 3480 SonyLSM ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:41:47.0515 3480 VAIOMediaPlatform-MusicServer-AppServer ( UnsignedFile.Multi.Generic ) - skipped by user
20:41:47.0515 3480 VAIOMediaPlatform-MusicServer-AppServer ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:41:47.0515 3480 VAIOMediaPlatform-MusicServer-HTTP ( UnsignedFile.Multi.Generic ) - skipped by user
20:41:47.0515 3480 VAIOMediaPlatform-MusicServer-HTTP ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:41:47.0531 3480 VAIOMediaPlatform-MusicServer-UPnP ( UnsignedFile.Multi.Generic ) - skipped by user
20:41:47.0531 3480 VAIOMediaPlatform-MusicServer-UPnP ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:41:47.0531 3480 VAIOMediaPlatform-PhotoServer-AppServer ( UnsignedFile.Multi.Generic ) - skipped by user
20:41:47.0531 3480 VAIOMediaPlatform-PhotoServer-AppServer ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:41:47.0531 3480 VAIOMediaPlatform-PhotoServer-HTTP ( UnsignedFile.Multi.Generic ) - skipped by user
20:41:47.0531 3480 VAIOMediaPlatform-PhotoServer-HTTP ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:41:47.0531 3480 VAIOMediaPlatform-PhotoServer-UPnP ( UnsignedFile.Multi.Generic ) - skipped by user
20:41:47.0531 3480 VAIOMediaPlatform-PhotoServer-UPnP ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:41:47.0531 3480 VAIOMediaPlatform-VideoServer-AppServer ( UnsignedFile.Multi.Generic ) - skipped by user
20:41:47.0531 3480 VAIOMediaPlatform-VideoServer-AppServer ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:41:47.0531 3480 VAIOMediaPlatform-VideoServer-HTTP ( UnsignedFile.Multi.Generic ) - skipped by user
20:41:47.0546 3480 VAIOMediaPlatform-VideoServer-HTTP ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:41:47.0546 3480 VAIOMediaPlatform-VideoServer-UPnP ( UnsignedFile.Multi.Generic ) - skipped by user
20:41:47.0546 3480 VAIOMediaPlatform-VideoServer-UPnP ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:41:47.0546 3480 Viewpoint Manager Service ( UnsignedFile.Multi.Generic ) - skipped by user
20:41:47.0546 3480 Viewpoint Manager Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:41:47.0546 3480 WANMiniportService ( UnsignedFile.Multi.Generic ) - skipped by user
20:41:47.0546 3480 WANMiniportService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:41:57.0375 0356 Deinitialize success

TDSSKiller dost podstatne so smejdom pohol
ciste to urcite este nebude ,,, spust ComboFix v nudzovom rezime PC a jeho log vloz

ComboFix 12-05-06.03 - Gabriela 06.05.2012 11:44:35.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.2.1250.421.1033.18.511.309 [GMT -7:00]
Running from: c:\documents and settings\Gabriela\Desktop\ComboFix.exe
AV: ESET Smart Security 5.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *Enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\AAF6ED9F-7646-E5B5-6F1C-A5E7298DAAE1.ico
c:\documents and settings\All Users\Start Menu\Programs\Security Defender
c:\documents and settings\All Users\Start Menu\Programs\Security Defender\Security Defender.lnk
c:\documents and settings\Gabriela\Application Data\ldr.ini
c:\documents and settings\Gabriela\Application Data\Mozilla\Firefox\Profiles\kmiutljb.default\searchplugins\bing-zugo.xml
c:\documents and settings\Gabriela\WINDOWS
c:\documents and settings\NetworkService\Local Settings\Application Data\AAF6ED9F-7646-E5B5-6F1C-A5E7298DAAE1.avi
c:\program files\LP
c:\program files\LP\0155\10.tmp
c:\program files\LP\0155\11.tmp
c:\program files\LP\0155\12.tmp
c:\program files\LP\0155\13.tmp
c:\program files\LP\0155\134.tmp
c:\program files\LP\0155\135.tmp
c:\program files\LP\0155\136.tmp
c:\program files\LP\0155\137.tmp
c:\program files\LP\0155\138.tmp
c:\program files\LP\0155\139.tmp
c:\program files\LP\0155\13A.tmp
c:\program files\LP\0155\13B.tmp
c:\program files\LP\0155\13C.tmp
c:\program files\LP\0155\13D.tmp
c:\program files\LP\0155\14.tmp
c:\program files\LP\0155\14E.tmp
c:\program files\LP\0155\14F.tmp
c:\program files\LP\0155\15.tmp
c:\program files\LP\0155\152.tmp
c:\program files\LP\0155\154.tmp
c:\program files\LP\0155\155.tmp
c:\program files\LP\0155\15A.tmp
c:\program files\LP\0155\15B.tmp
c:\program files\LP\0155\15C.tmp
c:\program files\LP\0155\15D.tmp
c:\program files\LP\0155\15E.tmp
c:\program files\LP\0155\16.tmp
c:\program files\LP\0155\162.tmp
c:\program files\LP\0155\163.tmp
c:\program files\LP\0155\164.tmp
c:\program files\LP\0155\16E.tmp
c:\program files\LP\0155\16F.tmp
c:\program files\LP\0155\17.tmp
c:\program files\LP\0155\170.tmp
c:\program files\LP\0155\171.tmp
c:\program files\LP\0155\172.tmp
c:\program files\LP\0155\173.tmp
c:\program files\LP\0155\174.tmp
c:\program files\LP\0155\175.tmp
c:\program files\LP\0155\18.tmp
c:\program files\LP\0155\184.tmp
c:\program files\LP\0155\18C.tmp
c:\program files\LP\0155\18D.tmp
c:\program files\LP\0155\18E.tmp
c:\program files\LP\0155\19.tmp
c:\program files\LP\0155\1A.tmp
c:\program files\LP\0155\1AE.tmp
c:\program files\LP\0155\1AF.tmp
c:\program files\LP\0155\1B.tmp
c:\program files\LP\0155\1B0.tmp
c:\program files\LP\0155\1B1.tmp
c:\program files\LP\0155\1B2.tmp
c:\program files\LP\0155\1B7.tmp
c:\program files\LP\0155\1C.tmp
c:\program files\LP\0155\1D.tmp
c:\program files\LP\0155\1D7.tmp
c:\program files\LP\0155\1E.tmp
c:\program files\LP\0155\1F.tmp
c:\program files\LP\0155\20.tmp
c:\program files\LP\0155\21.tmp
c:\program files\LP\0155\22.tmp
c:\program files\LP\0155\23.tmp
c:\program files\LP\0155\24.tmp
c:\program files\LP\0155\25.tmp
c:\program files\LP\0155\26.tmp
c:\program files\LP\0155\27.tmp
c:\program files\LP\0155\28.tmp
c:\program files\LP\0155\29.tmp
c:\program files\LP\0155\2A.tmp
c:\program files\LP\0155\2B.tmp
c:\program files\LP\0155\2C.tmp
c:\program files\LP\0155\2D.tmp
c:\program files\LP\0155\2E.exe
c:\program files\LP\0155\2E.tmp
c:\program files\LP\0155\2F.tmp
c:\program files\LP\0155\30.exe
c:\program files\LP\0155\30.tmp
c:\program files\LP\0155\31.tmp
c:\program files\LP\0155\32.tmp
c:\program files\LP\0155\33.tmp
c:\program files\LP\0155\5.tmp
c:\program files\LP\0155\6.tmp
c:\program files\LP\0155\7.tmp
c:\program files\LP\0155\8.tmp
c:\program files\LP\0155\9.tmp
c:\program files\LP\0155\A.tmp
c:\program files\LP\0155\B.tmp
c:\program files\LP\0155\bl30128343_64.bat
c:\program files\LP\0155\C.tmp
c:\program files\LP\0155\C4.tmp
c:\program files\LP\0155\CA.tmp
c:\program files\LP\0155\CB.tmp
c:\program files\LP\0155\CC.tmp
c:\program files\LP\0155\D.tmp
c:\program files\LP\0155\D7.tmp
c:\program files\LP\0155\D8.tmp
c:\program files\LP\0155\DE.tmp
c:\program files\LP\0155\DF.tmp
c:\program files\LP\0155\E.tmp
c:\program files\LP\0155\E0.tmp
c:\program files\LP\0155\E1.tmp
c:\program files\LP\0155\E2.tmp
c:\program files\LP\0155\E3.tmp
c:\program files\LP\0155\E4.tmp
c:\program files\LP\0155\EC.tmp
c:\program files\LP\0155\EE.tmp
c:\program files\LP\0155\F.tmp
c:\program files\LP\0155\F9.tmp
c:\program files\Security Defender
c:\program files\Security Defender\Security Defender.dll
c:\program files\Security Defender\Security Defender.ico
c:\windows\help\wmplayer.bak
c:\windows\iun6002.exe
c:\windows\system32\AutoRun.inf
c:\windows\system32\CNCUPM2K.tmp
c:\windows\system32\dds_trash_log.cmd
c:\windows\system32\drivers\npf.sys
c:\windows\system32\Packet.dll
c:\windows\system32\SET4B1.tmp
c:\windows\system32\SET4B3.tmp
c:\windows\system32\SET4B4.tmp
c:\windows\system32\SET4B9.tmp
c:\windows\system32\SET4BA.tmp
c:\windows\system32\SET4BB.tmp
c:\windows\system32\SET4BF.tmp
c:\windows\system32\SET4C1.tmp
c:\windows\system32\SET4C3.tmp
c:\windows\system32\wpcap.dll
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_NPF
.
.
((((((((((((((((((((((((( Files Created from 2012-04-06 to 2012-05-06 )))))))))))))))))))))))))))))))
.
.
2012-05-06 06:58 . 2012-05-06 06:58 -------- d-----w- c:\program files\Smart Remote PC Agent
2012-05-06 06:58 . 2012-05-06 06:58 65536 ----a-w- c:\windows\IFinst27.exe
2012-05-06 03:45 . 2012-05-06 03:45 -------- d-----w- C:\found.000
2012-05-06 03:41 . 2012-05-06 03:41 -------- d-----w- C:\TDSSKiller_Quarantine
2012-05-03 02:06 . 2012-05-05 02:48 -------- d-----w- c:\documents and settings\Gabriela\Application Data\vlc
2012-05-03 00:57 . 2012-05-03 00:58 -------- d-----w- c:\program files\trend micro
2012-05-03 00:57 . 2012-05-03 00:58 -------- d-----w- C:\rsit
2012-05-02 02:17 . 2012-05-02 02:17 35068 ----a-w- c:\windows\system32\epfwdata.bin
2012-05-02 02:14 . 2012-05-02 02:17 -------- d-----w- c:\program files\Common Files\DivX Shared
2012-05-02 02:12 . 2012-05-02 02:17 -------- d-----w- c:\documents and settings\All Users\Application Data\DivX
2012-05-02 00:59 . 2012-05-02 01:26 -------- d---a-w- C:\3590F75ABA9E485486C100C1A9D4FF06ZZZ..Z.....ZZZZZ
2012-05-02 00:13 . 2012-05-02 00:13 -------- d-----w- c:\documents and settings\Gabriela\Local Settings\Application Data\ESET
2012-05-02 00:13 . 2012-05-02 00:13 -------- d-----w- c:\documents and settings\Gabriela\Application Data\ESET
2012-05-02 00:01 . 2012-05-02 00:01 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\ESET
2012-05-01 23:59 . 2012-05-01 23:59 -------- d-----w- c:\program files\ESET
2012-05-01 23:59 . 2012-05-01 23:59 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
2012-05-01 23:42 . 2012-05-01 23:42 -------- d-----w- c:\program files\CCleaner
2012-05-01 23:13 . 2012-05-05 01:55 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-05-01 23:13 . 2012-05-05 01:55 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-05-01 23:10 . 2012-05-01 23:10 -------- d-----w- c:\documents and settings\Gabriela\Application Data\InstallShield
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-06 03:42 . 2002-08-29 02:06 52736 ----a-w- c:\windows\system32\drivers\i8042prt.sys
2012-05-06 03:42 . 2002-08-29 01:09 187776 ----a-w- c:\windows\system32\drivers\acpi.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Smart Remote PC Agent"="c:\program files\Smart Remote PC Agent\RCAgent.exe" [2012-01-13 1813504]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2004-08-04 50176]
"NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2003-08-19 4841472]
"ezShieldProtector for Px"="c:\windows\System32\ezSP_Px.exe" [2002-08-20 40960]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"VAIO Recovery"="c:\windows\Sonysys\VAIO Recovery\PartSeal.exe" [2003-04-20 28672]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2006-10-04 53760]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\support.com\\client\\bin\\tgcmd.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\AIM6\\aim6.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Documents and Settings\\Gabriela\\Local Settings\\Application Data\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Smart Remote PC Agent\\RCAgent.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1443:UDP"= 1443:UDP:Windows Media Format SDK (iexplore.exe)
"1442:UDP"= 1442:UDP:Windows Media Format SDK (iexplore.exe)
"1446:UDP"= 1446:UDP:Windows Media Format SDK (iexplore.exe)
.
R0 SonyLSM;LED State Service;c:\windows\system32\drivers\SonyLSM.sys [3.12.2003 10:23 4736]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [25.2.2008 16:23 24652]
S2 ekrn;ESET Service;"c:\program files\ESET\ESET Smart Security\ekrn.exe" --> c:\program files\ESET\ESET Smart Security\ekrn.exe [?]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [1.5.2012 16:13 257696]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Contents of the 'Scheduled Tasks' folder
.
2012-05-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-01 01:55]
.
2011-09-30 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 00:57]
.
2012-05-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3772474029-3004294206-1312135618-1004Core.job
- c:\documents and settings\Gabriela\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-05-01 23:33]
.
2012-05-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3772474029-3004294206-1312135618-1004UA.job
- c:\documents and settings\Gabriela\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-05-01 23:33]
.
2007-05-03 c:\windows\Tasks\Registration reminder 2.job
- c:\windows\System32\OOBE\oobebaln.exe [2003-12-03 05:56]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\documents and settings\Gabriela\Application Data\Mozilla\Firefox\Profiles\kmiutljb.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: United States English Spellchecker: en-US@dictionaries.addons.mozilla.org - %profile%\extensions\en-US@dictionaries.addons.mozilla.org
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
AddRemove-Electronic Arts Game Updater - c:\program files\EACom\Update\Uninst.isu
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-05-06 11:57
Windows 5.1.2600 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(1912)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\ehome\ehSched.exe
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\windows\System32\nvsvc32.exe
c:\program files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
c:\program files\Sony\Sony TV Tuner Library\SMceMan.exe
c:\windows\system32\wdfmgr.exe
c:\program files\Sony\VAIO Media Integrated Server\Music\SSSvr.exe
c:\program files\Sony\VAIO Media Integrated Server\Photo\appsrv\PhotoAppSrv.exe
c:\program files\Sony\VAIO Media Integrated Server\Video\GPVSvr.exe
c:\windows\wanmpsvc.exe
c:\program files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
c:\program files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
c:\program files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
c:\program files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
c:\program files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
c:\program files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
c:\program files\Sony\Sony TV Tuner Library\RM_SV.exe
c:\windows\system32\wscntfy.exe
c:\windows\ehome\ehmsas.exe
.
**************************************************************************
.
Completion time: 2012-05-06 12:00:59 - machine was rebooted
ComboFix-quarantined-files.txt 2012-05-06 19:00
.
Pre-Run: 878 845 952 bytes free
Post-Run: 1 244 971 008 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /fastdetect /NoExecute=OptIn
.
- - End Of File - - 9B76DC69DD463F423118B5F163A4E77E

nooo, na prvy pohlad to vypada dobre
vloz nove logy na kontrolu AntiZeroAccess + TDSSKiller

Webroot AntiZeroAccess 0.8 Log File
Execution time: 07/05/2012 - 19:43
Host operation System: Windows Xp X86 version 5.1.2600 Service Pack 2
19:43:38 - CheckSystem - Begin to check system...
19:43:38 - OpenRootDrive - Opening system root volume and physical drive....
19:43:38 - C Root Drive: Disk number: 0 Start sector: 0x00C02F10 Partition Size: 0x01E036E7 sectors.
19:43:38 - PrevX Main driver extracted in "C:\WINDOWS\system32\drivers\ZeroAccess.sys".
19:43:39 - InstallAndStartDriver - Main driver was installed and now is running.
19:43:39 - CheckSystem - Disk class driver state is OK.
19:43:39 - CheckFile - Internal consistence error: Sector buffer is not of a PE file!
19:43:39 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:39 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:39 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:39 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:39 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:39 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:39 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:40 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:40 - CheckFile - Internal consistence error: Sector buffer is not of a PE file!
19:43:40 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:40 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:40 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:40 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:40 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:40 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:40 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:40 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:40 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:40 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:40 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:40 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:40 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:40 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:40 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:40 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:40 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:40 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:40 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:40 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:40 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:40 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:40 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:40 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:40 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:41 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:41 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:41 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:41 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:41 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:41 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:41 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:41 - CheckFile - Internal consistence error: Sector buffer is not of a PE file!
19:43:41 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:41 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:41 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:41 - CheckFile - Internal consistence error: Sector buffer is not of a PE file!
19:43:42 - CheckFile - Internal consistence error: Sector buffer is not of a PE file!
19:43:42 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:42 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:42 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:42 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:42 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:42 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:42 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:42 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:42 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:42 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:42 - CheckFile - Unable to send FSCTL_GET_RETRIEVAL_POINTERS to file object. DeviceIoControl last error: 234
19:43:42 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:42 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:43 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:43 - CheckFile - Internal consistence error: Sector buffer is not of a PE file!
19:43:43 - CheckFile - Internal consistence error: Sector buffer is not of a PE file!
19:43:43 - CheckFile - Internal consistence error: Sector buffer is not of a PE file!
19:43:43 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:43 - CheckFile - Internal consistence error: Sector buffer is not of a PE file!
19:43:43 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:43 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:43 - CheckFile - Internal consistence error: Sector buffer is not of a PE file!
19:43:43 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:44 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:44 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:44 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:44 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:44 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:45 - CheckFile - Internal consistence error: Sector buffer is not of a PE file!
19:43:45 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:45 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:46 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:46 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:46 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:46 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:46 - CheckFile - Internal consistence error: Sector buffer is not of a PE file!
19:43:46 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:46 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:46 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:47 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:47 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:47 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:47 - CheckFile - Internal consistence error: Sector buffer is not of a PE file!
19:43:47 - CheckFile - Internal consistence error: Sector buffer is not of a PE file!
19:43:47 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:47 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:47 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:47 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:47 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:47 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:47 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:47 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:47 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:47 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:47 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:47 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:47 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:47 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:47 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:47 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:47 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:47 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:47 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:47 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:47 - CheckFile - Internal consistence error: Sector buffer is not of a PE file!
19:43:47 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:48 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:48 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:48 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:48 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:48 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:48 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:48 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:48 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:48 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:48 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:48 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:48 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:48 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:48 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:48 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:48 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:48 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:48 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:48 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:48 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:48 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:48 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:48 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:48 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:48 - CheckFile - Internal consistence error: Sector buffer is not of a PE file!
19:43:48 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:48 - StopAndRemoveDriver - AntiZeroAccess Driver is stopped and removed.
19:43:48 - StopAndRemoveDriver - File "ZeroAccess.sys" was deleted!
19:43:48 - Execution Ended!

Webroot AntiZeroAccess 0.8 Log File
Execution time: 07/05/2012 - 19:43
Host operation System: Windows Xp X86 version 5.1.2600 Service Pack 2
19:43:38 - CheckSystem - Begin to check system...
19:43:38 - OpenRootDrive - Opening system root volume and physical drive....
19:43:38 - C Root Drive: Disk number: 0 Start sector: 0x00C02F10 Partition Size: 0x01E036E7 sectors.
19:43:38 - PrevX Main driver extracted in "C:\WINDOWS\system32\drivers\ZeroAccess.sys".
19:43:39 - InstallAndStartDriver - Main driver was installed and now is running.
19:43:39 - CheckSystem - Disk class driver state is OK.
19:43:39 - CheckFile - Internal consistence error: Sector buffer is not of a PE file!
19:43:39 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:39 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:39 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:39 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:39 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:39 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:39 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:40 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:40 - CheckFile - Internal consistence error: Sector buffer is not of a PE file!
19:43:40 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:40 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:40 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:40 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:40 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:40 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:40 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:40 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:40 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:40 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:40 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:40 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:40 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:40 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:40 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:40 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:40 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:40 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:40 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:40 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:40 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:40 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:40 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:40 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:40 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:41 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:41 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:41 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:41 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:41 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:41 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:41 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:41 - CheckFile - Internal consistence error: Sector buffer is not of a PE file!
19:43:41 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:41 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:41 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:41 - CheckFile - Internal consistence error: Sector buffer is not of a PE file!
19:43:42 - CheckFile - Internal consistence error: Sector buffer is not of a PE file!
19:43:42 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:42 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:42 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:42 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:42 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:42 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:42 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:42 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:42 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:42 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:42 - CheckFile - Unable to send FSCTL_GET_RETRIEVAL_POINTERS to file object. DeviceIoControl last error: 234
19:43:42 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:42 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:43 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:43 - CheckFile - Internal consistence error: Sector buffer is not of a PE file!
19:43:43 - CheckFile - Internal consistence error: Sector buffer is not of a PE file!
19:43:43 - CheckFile - Internal consistence error: Sector buffer is not of a PE file!
19:43:43 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:43 - CheckFile - Internal consistence error: Sector buffer is not of a PE file!
19:43:43 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:43 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:43 - CheckFile - Internal consistence error: Sector buffer is not of a PE file!
19:43:43 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:44 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:44 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:44 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:44 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:44 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:45 - CheckFile - Internal consistence error: Sector buffer is not of a PE file!
19:43:45 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:45 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:46 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:46 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:46 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:46 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:46 - CheckFile - Internal consistence error: Sector buffer is not of a PE file!
19:43:46 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:46 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:46 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:47 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:47 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:47 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:47 - CheckFile - Internal consistence error: Sector buffer is not of a PE file!
19:43:47 - CheckFile - Internal consistence error: Sector buffer is not of a PE file!
19:43:47 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:47 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:47 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:47 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:47 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:47 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:47 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:47 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:47 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:47 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:47 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:47 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:47 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:47 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:47 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:47 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:47 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:47 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:47 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:47 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:47 - CheckFile - Internal consistence error: Sector buffer is not of a PE file!
19:43:47 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:48 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:48 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:48 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:48 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:48 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:48 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:48 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:48 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:48 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:48 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:48 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:48 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:48 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:48 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:48 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:48 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:48 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:48 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:48 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:48 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:48 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:48 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:48 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:48 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:48 - CheckFile - Internal consistence error: Sector buffer is not of a PE file!
19:43:48 - CheckFile - Unable to send IOCTL_VOLUME_LOGICAL_TO_PHYSICAL to system root volume object. DeviceIoControl last error: 87
19:43:48 - StopAndRemoveDriver - AntiZeroAccess Driver is stopped and removed.
19:43:48 - StopAndRemoveDriver - File "ZeroAccess.sys" was deleted!
19:43:48 - Execution Ended!

ok tu su tie logy, diki moc. Mozem sa prosimta este spytat ako vicistim RAMku? lebo sa mi zda dost vyuzivana.

no, vlozil si mi dva rovnake logy
1. vycisti PC s CCleanerom
2. vloz log z TDSSKiller
vypada to dobre

Vazne sorry, prepracovanost asi. 23:37:38.0547 3880 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
23:37:38.0938 3880 ============================================================
23:37:38.0938 3880 Current date / time: 2012/05/08 23:37:38.0938
23:37:38.0938 3880 SystemInfo:
23:37:38.0938 3880
23:37:38.0938 3880 OS Version: 5.1.2600 ServicePack: 3.0
23:37:38.0938 3880 Product type: Workstation
23:37:38.0938 3880 ComputerName: VALUED-A4DE119D
23:37:38.0938 3880 UserName: Gabriela
23:37:38.0938 3880 Windows directory: C:\WINDOWS
23:37:38.0938 3880 System windows directory: C:\WINDOWS
23:37:38.0938 3880 Processor architecture: Intel x86
23:37:38.0938 3880 Number of processors: 2
23:37:38.0938 3880 Page size: 0x1000
23:37:38.0938 3880 Boot type: Normal boot
23:37:38.0938 3880 ============================================================
23:37:40.0094 3880 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
23:37:40.0094 3880 Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
23:37:40.0094 3880 Drive \Device\Harddisk2\DR6 - Size: 0x784FD000 (1.88 Gb), SectorSize: 0x1000, Cylinders: 0x1E, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:37:40.0094 3880 ============================================================
23:37:40.0094 3880 \Device\Harddisk0\DR0:
23:37:40.0094 3880 MBR partitions:
23:37:40.0094 3880 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0xC02F10, BlocksNum 0x1E036E7
23:37:40.0110 3880 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2A06636, BlocksNum 0x6B07E8B
23:37:40.0110 3880 \Device\Harddisk1\DR1:
23:37:40.0110 3880 MBR partitions:
23:37:40.0110 3880 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C4542
23:37:40.0110 3880 \Device\Harddisk2\DR6:
23:37:40.0110 3880 MBR partitions:
23:37:40.0110 3880 ============================================================
23:37:40.0141 3880 C: <-> \Device\Harddisk0\DR0\Partition0
23:37:40.0141 3880 D: <-> \Device\Harddisk1\DR1\Partition0
23:37:40.0156 3880 E: <-> \Device\Harddisk0\DR0\Partition1
23:37:40.0156 3880 ============================================================
23:37:40.0156 3880 Initialize success
23:37:40.0156 3880 ============================================================
23:37:45.0016 2456 ============================================================
23:37:45.0016 2456 Scan started
23:37:45.0016 2456 Mode: Manual; SigCheck; TDLFS;
23:37:45.0016 2456 ============================================================
23:37:45.0781 2456 Abiosdsk - ok
23:37:45.0781 2456 abp480n5 - ok
23:37:45.0813 2456 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
23:37:46.0281 2456 ACPI - ok
23:37:46.0313 2456 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
23:37:46.0469 2456 ACPIEC - ok
23:37:46.0531 2456 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
23:37:46.0563 2456 AdobeFlashPlayerUpdateSvc - ok
23:37:46.0563 2456 adpu160m - ok
23:37:46.0594 2456 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
23:37:46.0766 2456 aec - ok
23:37:46.0797 2456 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
23:37:46.0875 2456 AFD - ok
23:37:46.0875 2456 AgereSoftModem - ok
23:37:46.0906 2456 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
23:37:47.0063 2456 agp440 - ok
23:37:47.0063 2456 Aha154x - ok
23:37:47.0078 2456 aic78u2 - ok
23:37:47.0078 2456 aic78xx - ok
23:37:47.0110 2456 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
23:37:47.0266 2456 Alerter - ok
23:37:47.0281 2456 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
23:37:47.0438 2456 ALG - ok
23:37:47.0453 2456 AliIde - ok
23:37:47.0453 2456 amsint - ok
23:37:47.0531 2456 Apple Mobile Device (3a4982df893f198a2dfbccd4ce10f93a) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
23:37:47.0563 2456 Apple Mobile Device ( UnsignedFile.Multi.Generic ) - warning
23:37:47.0563 2456 Apple Mobile Device - detected UnsignedFile.Multi.Generic (1)
23:37:47.0594 2456 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
23:37:47.0766 2456 AppMgmt - ok
23:37:47.0797 2456 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
23:37:47.0938 2456 Arp1394 - ok
23:37:47.0953 2456 asc - ok
23:37:47.0953 2456 asc3350p - ok
23:37:47.0969 2456 asc3550 - ok
23:37:48.0063 2456 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
23:37:48.0125 2456 aspnet_state - ok
23:37:48.0156 2456 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
23:37:48.0313 2456 AsyncMac - ok
23:37:48.0328 2456 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
23:37:48.0485 2456 atapi - ok
23:37:48.0500 2456 Atdisk - ok
23:37:48.0547 2456 ati2mtag (8a4bb7291606fba4eaafd7b5604255a4) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
23:37:48.0641 2456 ati2mtag - ok
23:37:48.0656 2456 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
23:37:48.0875 2456 Atmarpc - ok
23:37:48.0906 2456 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
23:37:49.0172 2456 AudioSrv - ok
23:37:49.0188 2456 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
23:37:49.0360 2456 audstub - ok
23:37:49.0391 2456 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
23:37:49.0578 2456 Beep - ok
23:37:49.0625 2456 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
23:37:49.0922 2456 BITS - ok
23:37:49.0985 2456 Bonjour Service (cfd4c3352e29a8b729536648466e8df5) C:\Program Files\Bonjour\mDNSResponder.exe
23:37:50.0016 2456 Bonjour Service ( UnsignedFile.Multi.Generic ) - warning
23:37:50.0016 2456 Bonjour Service - detected UnsignedFile.Multi.Generic (1)
23:37:50.0031 2456 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
23:37:50.0203 2456 Browser - ok
23:37:50.0203 2456 catchme - ok
23:37:50.0235 2456 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
23:37:50.0391 2456 cbidf2k - ok
23:37:50.0422 2456 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
23:37:50.0563 2456 CCDECODE - ok
23:37:50.0563 2456 cd20xrnt - ok
23:37:50.0594 2456 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
23:37:50.0750 2456 Cdaudio - ok
23:37:50.0766 2456 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
23:37:50.0922 2456 Cdfs - ok
23:37:50.0953 2456 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
23:37:51.0141 2456 Cdrom - ok
23:37:51.0141 2456 Changer - ok
23:37:51.0172 2456 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
23:37:51.0328 2456 CiSvc - ok
23:37:51.0344 2456 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
23:37:51.0500 2456 ClipSrv - ok
23:37:51.0563 2456 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:37:51.0656 2456 clr_optimization_v2.0.50727_32 - ok
23:37:51.0656 2456 CmdIde - ok
23:37:51.0656 2456 COMSysApp - ok
23:37:51.0672 2456 Cpqarray - ok
23:37:51.0688 2456 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
23:37:51.0860 2456 CryptSvc - ok
23:37:51.0860 2456 dac2w2k - ok
23:37:51.0860 2456 dac960nt - ok
23:37:51.0953 2456 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
23:37:52.0031 2456 DcomLaunch - ok
23:37:52.0063 2456 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
23:37:52.0235 2456 Dhcp - ok
23:37:52.0235 2456 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
23:37:52.0391 2456 Disk - ok
23:37:52.0391 2456 dladresn - ok
23:37:52.0406 2456 dmadmin - ok
23:37:52.0485 2456 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
23:37:52.0719 2456 dmboot - ok
23:37:52.0735 2456 DMICall (526192bf7696f72e29777bf4a180513a) C:\WINDOWS\system32\DRIVERS\DMICall.sys
23:37:52.0906 2456 DMICall - ok
23:37:52.0922 2456 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
23:37:53.0094 2456 dmio - ok
23:37:53.0141 2456 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
23:37:53.0313 2456 dmload - ok
23:37:53.0328 2456 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
23:37:53.0485 2456 dmserver - ok
23:37:53.0500 2456 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
23:37:53.0656 2456 DMusic - ok
23:37:53.0688 2456 Dnscache (474b4dc3983173e4b4c9740b0dac98a6) C:\WINDOWS\System32\dnsrslvr.dll
23:37:53.0844 2456 Dnscache - ok
23:37:53.0891 2456 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
23:37:54.0031 2456 Dot3svc - ok
23:37:54.0031 2456 dpti2o - ok
23:37:54.0047 2456 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
23:37:54.0203 2456 drmkaud - ok
23:37:54.0235 2456 E1000 (2476936f4994e9084ccfe75ed4f6226a) C:\WINDOWS\system32\DRIVERS\e1000325.sys
23:37:54.0266 2456 E1000 - ok
23:37:54.0281 2456 eamon (9309c5c9831203436e64cf2ae605c5d7) C:\WINDOWS\system32\DRIVERS\eamon.sys
23:37:54.0328 2456 eamon - ok
23:37:54.0360 2456 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
23:37:54.0500 2456 EapHost - ok
23:37:54.0578 2456 eeCtrl (e89cc1363cb7f5320ae3b41c1333d0c3) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
23:37:54.0610 2456 eeCtrl - ok
23:37:54.0672 2456 ehSched (f6d494d609d52a0e9596756c5540a978) C:\WINDOWS\ehome\ehSched.exe
23:37:54.0828 2456 ehSched - ok
23:37:54.0891 2456 ekrn - ok
23:37:54.0906 2456 epfw (5ba193ca0ae31209aaa39939ce6736b2) C:\WINDOWS\system32\DRIVERS\epfw.sys
23:37:54.0938 2456 epfw - ok
23:37:54.0969 2456 Epfwndis (75d3bcd3e0eded0ab0f96d9a10ff01c9) C:\WINDOWS\system32\DRIVERS\Epfwndis.sys
23:37:54.0985 2456 Epfwndis - ok
23:37:55.0000 2456 epfwtdi (dc64f26f35e32c9472bbf8acd84060d3) C:\WINDOWS\system32\DRIVERS\epfwtdi.sys
23:37:55.0000 2456 epfwtdi - ok
23:37:55.0031 2456 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
23:37:55.0172 2456 ERSvc - ok
23:37:55.0219 2456 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
23:37:55.0235 2456 Eventlog - ok
23:37:55.0281 2456 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\System32\es.dll
23:37:55.0328 2456 EventSystem - ok
23:37:55.0360 2456 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
23:37:55.0531 2456 Fastfat - ok
23:37:55.0563 2456 FastUserSwitchingCompatibility (1926899bf9ffe2602b63074971700412) C:\WINDOWS\System32\shsvcs.dll
23:37:55.0719 2456 FastUserSwitchingCompatibility - ok
23:37:55.0735 2456 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
23:37:55.0938 2456 Fdc - ok
23:37:55.0953 2456 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
23:37:56.0125 2456 Fips - ok
23:37:56.0156 2456 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
23:37:56.0313 2456 Flpydisk - ok
23:37:56.0344 2456 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
23:37:56.0485 2456 FltMgr - ok
23:37:56.0578 2456 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
23:37:56.0578 2456 FontCache3.0.0.0 - ok
23:37:56.0610 2456 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
23:37:56.0781 2456 Fs_Rec - ok
23:37:56.0813 2456 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
23:37:57.0016 2456 Ftdisk - ok
23:37:57.0047 2456 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
23:37:57.0188 2456 gameenum - ok
23:37:57.0203 2456 GEARAspiWDM (4ac51459805264affd5f6fdfb9d9235f) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
23:37:57.0219 2456 GEARAspiWDM - ok
23:37:57.0250 2456 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
23:37:57.0391 2456 Gpc - ok
23:37:57.0438 2456 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
23:37:57.0578 2456 helpsvc - ok
23:37:57.0578 2456 HidServ - ok
23:37:57.0594 2456 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
23:37:57.0750 2456 HidUsb - ok
23:37:57.0766 2456 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
23:37:57.0906 2456 hkmsvc - ok
23:37:57.0922 2456 hpn - ok
23:37:57.0938 2456 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
23:37:58.0031 2456 HPZid412 - ok
23:37:58.0063 2456 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
23:37:58.0094 2456 HPZipr12 - ok
23:37:58.0125 2456 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
23:37:58.0156 2456 HPZius12 - ok
23:37:58.0172 2456 HSFHWICH - ok
23:37:58.0172 2456 HSF_DP - ok
23:37:58.0219 2456 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
23:37:58.0266 2456 HTTP - ok
23:37:58.0281 2456 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
23:37:58.0453 2456 HTTPFilter - ok
23:37:58.0469 2456 i2omgmt - ok
23:37:58.0469 2456 i2omp - ok
23:37:58.0485 2456 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
23:37:58.0625 2456 i8042prt - ok
23:37:58.0719 2456 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:37:58.0781 2456 idsvc - ok
23:37:58.0813 2456 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
23:37:58.0969 2456 Imapi - ok
23:37:59.0000 2456 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
23:37:59.0156 2456 ImapiService - ok
23:37:59.0172 2456 ini910u - ok
23:37:59.0172 2456 IntelIde - ok
23:37:59.0203 2456 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
23:37:59.0344 2456 intelppm - ok
23:37:59.0375 2456 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
23:37:59.0516 2456 ip6fw - ok
23:37:59.0547 2456 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
23:37:59.0719 2456 IpFilterDriver - ok
23:37:59.0735 2456 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
23:37:59.0875 2456 IpInIp - ok
23:37:59.0922 2456 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
23:38:00.0063 2456 IpNat - ok
23:38:00.0125 2456 iPod Service (c0e1456df46ee5e3ab8c032dc8e71d5c) C:\Program Files\iPod\bin\iPodService.exe
23:38:00.0172 2456 iPod Service - ok
23:38:00.0188 2456 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
23:38:00.0328 2456 IPSec - ok
23:38:00.0344 2456 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
23:38:00.0500 2456 IRENUM - ok
23:38:00.0547 2456 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
23:38:00.0688 2456 isapnp - ok
23:38:00.0703 2456 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
23:38:00.0844 2456 Kbdclass - ok
23:38:00.0875 2456 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
23:38:01.0016 2456 kbdhid - ok
23:38:01.0031 2456 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
23:38:01.0172 2456 kmixer - ok
23:38:01.0219 2456 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
23:38:01.0266 2456 KSecDD - ok
23:38:01.0281 2456 lanmanserver (f385f4b02c535bffe1d70cab80838123) C:\WINDOWS\System32\srvsvc.dll
23:38:01.0438 2456 lanmanserver - ok
23:38:01.0485 2456 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
23:38:01.0500 2456 lanmanworkstation - ok
23:38:01.0516 2456 lbrtfdc - ok
23:38:01.0547 2456 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
23:38:01.0688 2456 LmHosts - ok
23:38:01.0750 2456 MDM (c8ec1b812d9cefda07623b0021ef73c9) C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
23:38:01.0781 2456 MDM ( UnsignedFile.Multi.Generic ) - warning
23:38:01.0781 2456 MDM - detected UnsignedFile.Multi.Generic (1)
23:38:01.0828 2456 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
23:38:01.0969 2456 Messenger - ok
23:38:02.0000 2456 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
23:38:02.0188 2456 mnmdd - ok
23:38:02.0219 2456 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\System32\mnmsrvc.exe
23:38:02.0360 2456 mnmsrvc - ok
23:38:02.0375 2456 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
23:38:02.0547 2456 Modem - ok
23:38:02.0563 2456 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
23:38:02.0703 2456 Mouclass - ok
23:38:02.0735 2456 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
23:38:02.0906 2456 mouhid - ok
23:38:02.0938 2456 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
23:38:03.0078 2456 MountMgr - ok
23:38:03.0110 2456 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
23:38:03.0125 2456 MozillaMaintenance - ok
23:38:03.0141 2456 mraid35x - ok
23:38:03.0156 2456 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
23:38:03.0344 2456 MRxDAV - ok
23:38:03.0422 2456 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
23:38:03.0453 2456 MRxSmb - ok
23:38:03.0485 2456 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\System32\msdtc.exe
23:38:03.0610 2456 MSDTC - ok
23:38:03.0625 2456 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
23:38:03.0766 2456 Msfs - ok
23:38:03.0766 2456 MSIServer - ok
23:38:03.0797 2456 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
23:38:03.0938 2456 MSKSSRV - ok
23:38:03.0953 2456 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
23:38:04.0125 2456 MSPCLOCK - ok
23:38:04.0141 2456 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
23:38:04.0281 2456 MSPQM - ok
23:38:04.0313 2456 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
23:38:04.0453 2456 mssmbios - ok
23:38:04.0469 2456 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
23:38:04.0610 2456 MSTEE - ok
23:38:04.0641 2456 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
23:38:04.0781 2456 Mup - ok
23:38:04.0797 2456 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
23:38:04.0953 2456 NABTSFEC - ok
23:38:05.0078 2456 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
23:38:05.0235 2456 napagent - ok
23:38:05.0266 2456 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
23:38:05.0422 2456 NDIS - ok
23:38:05.0438 2456 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
23:38:05.0578 2456 NdisIP - ok
23:38:05.0594 2456 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
23:38:05.0735 2456 NdisTapi - ok
23:38:05.0750 2456 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
23:38:05.0891 2456 Ndisuio - ok
23:38:05.0906 2456 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:38:06.0047 2456 NdisWan - ok
23:38:06.0063 2456 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
23:38:06.0203 2456 NDProxy - ok
23:38:06.0219 2456 Net Driver HPZ12 (51c6d8bfbd4ea5b62a1ba7f4469250d3) C:\WINDOWS\system32\HPZinw12.dll
23:38:06.0235 2456 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
23:38:06.0235 2456 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
23:38:06.0266 2456 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
23:38:06.0406 2456 NetBIOS - ok
23:38:06.0438 2456 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
23:38:06.0594 2456 NetBT - ok
23:38:06.0625 2456 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
23:38:06.0828 2456 NetDDE - ok
23:38:06.0828 2456 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
23:38:07.0063 2456 NetDDEdsdm - ok
23:38:07.0078 2456 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
23:38:07.0281 2456 Netlogon - ok
23:38:07.0328 2456 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
23:38:07.0563 2456 Netman - ok
23:38:07.0656 2456 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:38:07.0672 2456 NetTcpPortSharing - ok
23:38:07.0688 2456 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
23:38:07.0906 2456 NIC1394 - ok
23:38:07.0953 2456 Nla (832e4dd8964ab7acc880b2837cb1ed20) C:\WINDOWS\System32\mswsock.dll
23:38:08.0000 2456 Nla - ok
23:38:08.0016 2456 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
23:38:08.0250 2456 Npfs - ok
23:38:08.0313 2456 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
23:38:08.0563 2456 Ntfs - ok
23:38:08.0578 2456 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\System32\lsass.exe
23:38:08.0781 2456 NtLmSsp - ok
23:38:08.0828 2456 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
23:38:09.0094 2456 NtmsSvc - ok
23:38:09.0125 2456 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
23:38:09.0406 2456 Null - ok
23:38:09.0500 2456 nv (c36066ec30521cebaf52127027755798) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
23:38:09.0625 2456 nv - ok
23:38:09.0750 2456 NVSvc (88a8cfcd2bc3ff1484901ce985782e6e) C:\WINDOWS\System32\nvsvc32.exe
23:38:09.0781 2456 NVSvc - ok
23:38:09.0828 2456 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
23:38:10.0125 2456 NwlnkFlt - ok
23:38:10.0141 2456 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
23:38:10.0406 2456 NwlnkFwd - ok
23:38:10.0438 2456 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
23:38:10.0656 2456 ohci1394 - ok
23:38:10.0719 2456 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:38:10.0735 2456 ose - ok
23:38:10.0813 2456 P17 (07d80b4c3a5a6cef220f8a947b0c33dc) C:\WINDOWS\system32\drivers\P17.sys
23:38:10.0906 2456 P17 - ok
23:38:10.0938 2456 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
23:38:11.0156 2456 Parport - ok
23:38:11.0172 2456 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
23:38:11.0391 2456 PartMgr - ok
23:38:11.0422 2456 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
23:38:11.0703 2456 ParVdm - ok
23:38:11.0735 2456 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
23:38:11.0969 2456 PCI - ok
23:38:11.0969 2456 PCIDump - ok
23:38:12.0000 2456 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
23:38:12.0235 2456 PCIIde - ok
23:38:12.0297 2456 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
23:38:12.0500 2456 Pcmcia - ok
23:38:12.0500 2456 PDCOMP - ok
23:38:12.0500 2456 PDFRAME - ok
23:38:12.0516 2456 PDRELI - ok
23:38:12.0516 2456 PDRFRAME - ok
23:38:12.0531 2456 perc2 - ok
23:38:12.0531 2456 perc2hib - ok
23:38:12.0594 2456 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
23:38:12.0610 2456 PlugPlay - ok
23:38:12.0625 2456 Pml Driver HPZ12 (79834aa2fbf9fe81eebb229024f6f7fc) C:\WINDOWS\system32\HPZipm12.dll
23:38:12.0641 2456 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
23:38:12.0641 2456 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
23:38:12.0672 2456 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
23:38:12.0781 2456 PolicyAgent - ok
23:38:12.0844 2456 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
23:38:12.0985 2456 PptpMiniport - ok
23:38:13.0000 2456 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
23:38:13.0156 2456 Processor - ok
23:38:13.0156 2456 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
23:38:13.0281 2456 ProtectedStorage - ok
23:38:13.0297 2456 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
23:38:13.0453 2456 PSched - ok
23:38:13.0469 2456 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
23:38:13.0641 2456 Ptilink - ok
23:38:13.0672 2456 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\DRIVERS\PxHelp20.sys
23:38:13.0688 2456 PxHelp20 - ok
23:38:13.0688 2456 ql1080 - ok
23:38:13.0703 2456 Ql10wnt - ok
23:38:13.0703 2456 ql12160 - ok
23:38:13.0719 2456 ql1240 - ok
23:38:13.0719 2456 ql1280 - ok
23:38:13.0750 2456 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
23:38:13.0891 2456 RasAcd - ok
23:38:13.0922 2456 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
23:38:14.0094 2456 RasAuto - ok
23:38:14.0110 2456 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
23:38:14.0250 2456 Rasl2tp - ok
23:38:14.0281 2456 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
23:38:14.0422 2456 RasMan - ok
23:38:14.0438 2456 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
23:38:14.0563 2456 RasPppoe - ok
23:38:14.0578 2456 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
23:38:14.0719 2456 Raspti - ok
23:38:14.0750 2456 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
23:38:14.0891 2456 Rdbss - ok
23:38:14.0922 2456 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
23:38:15.0094 2456 RDPCDD - ok
23:38:15.0125 2456 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
23:38:15.0281 2456 rdpdr - ok
23:38:15.0313 2456 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
23:38:15.0453 2456 RDPWD - ok
23:38:15.0485 2456 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
23:38:15.0641 2456 RDSessMgr - ok
23:38:15.0656 2456 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
23:38:15.0813 2456 redbook - ok
23:38:15.0844 2456 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
23:38:15.0985 2456 RemoteAccess - ok
23:38:16.0016 2456 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
23:38:16.0156 2456 RemoteRegistry - ok
23:38:16.0188 2456 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\System32\locator.exe
23:38:16.0328 2456 RpcLocator - ok
23:38:16.0438 2456 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
23:38:16.0453 2456 RpcSs - ok
23:38:16.0500 2456 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\System32\rsvp.exe
23:38:16.0656 2456 RSVP - ok
23:38:16.0688 2456 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
23:38:16.0828 2456 rtl8139 - ok
23:38:16.0844 2456 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
23:38:16.0969 2456 SamSs - ok
23:38:17.0000 2456 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
23:38:17.0141 2456 SCardSvr - ok
23:38:17.0172 2456 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
23:38:17.0360 2456 Schedule - ok
23:38:17.0375 2456 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
23:38:17.0500 2456 Secdrv - ok
23:38:17.0531 2456 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
23:38:17.0672 2456 seclogon - ok
23:38:17.0688 2456 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
23:38:17.0844 2456 SENS - ok
23:38:17.0875 2456 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
23:38:18.0016 2456 Serial - ok
23:38:18.0047 2456 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
23:38:18.0188 2456 Sfloppy - ok
23:38:18.0219 2456 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
23:38:18.0391 2456 SharedAccess - ok
23:38:18.0422 2456 ShellHWDetection (1926899bf9ffe2602b63074971700412) C:\WINDOWS\System32\shsvcs.dll
23:38:18.0563 2456 ShellHWDetection - ok
23:38:18.0578 2456 Simbad - ok
23:38:18.0594 2456 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
23:38:18.0735 2456 SLIP - ok
23:38:18.0781 2456 smrt (b2f5ccfa20e4b256fe2cd84c648d0fe2) C:\WINDOWS\system32\DRIVERS\smrt.sys
23:38:18.0891 2456 smrt - ok
23:38:18.0969 2456 SonicStageMonitoring (89cb81394d58f450bddbf4ae3483ca72) C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
23:38:18.0985 2456 SonicStageMonitoring ( UnsignedFile.Multi.Generic ) - warning
23:38:18.0985 2456 SonicStageMonitoring - detected UnsignedFile.Multi.Generic (1)
23:38:19.0047 2456 Sony TV Tuner Controller (cd1bea0cb0e96b828d225b106cbfb968) C:\Program Files\Sony\Sony TV Tuner Library\halsv.exe
23:38:19.0078 2456 Sony TV Tuner Controller ( UnsignedFile.Multi.Generic ) - warning
23:38:19.0078 2456 Sony TV Tuner Controller - detected UnsignedFile.Multi.Generic (1)
23:38:19.0094 2456 Sony TV Tuner Manager (af35291f72f6cf0915765e44f1045305) C:\Program Files\Sony\Sony TV Tuner Library\RM_SV.exe
23:38:19.0110 2456 Sony TV Tuner Manager ( UnsignedFile.Multi.Generic ) - warning
23:38:19.0110 2456 Sony TV Tuner Manager - detected UnsignedFile.Multi.Generic (1)
23:38:19.0125 2456 Sony TVTA Manager (efaaeed11aaf285435a0dcfe15047983) C:\Program Files\Sony\Sony TV Tuner Library\SMceMan.exe
23:38:19.0141 2456 Sony TVTA Manager ( UnsignedFile.Multi.Generic ) - warning
23:38:19.0141 2456 Sony TVTA Manager - detected UnsignedFile.Multi.Generic (1)
23:38:19.0156 2456 SonyLSM (ed9a10456e25de7a3350f896b962f60a) C:\WINDOWS\system32\Drivers\SonyLSM.sys
23:38:19.0172 2456 SonyLSM ( UnsignedFile.Multi.Generic ) - warning
23:38:19.0172 2456 SonyLSM - detected UnsignedFile.Multi.Generic (1)
23:38:19.0172 2456 Sparrow - ok
23:38:19.0203 2456 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
23:38:19.0344 2456 splitter - ok
23:38:19.0375 2456 Spooler (d8e14a61acc1d4a6cd0d38aebac7fa3b) C:\WINDOWS\system32\spoolsv.exe
23:38:19.0516 2456 Spooler - ok
23:38:19.0531 2456 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
23:38:19.0672 2456 sr - ok
23:38:19.0703 2456 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
23:38:19.0860 2456 srservice - ok
23:38:19.0906 2456 Srv (89220b427890aa1dffd1a02648ae51c3) C:\WINDOWS\system32\DRIVERS\srv.sys
23:38:19.0969 2456 Srv - ok
23:38:19.0985 2456 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
23:38:20.0125 2456 SSDPSRV - ok
23:38:20.0172 2456 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
23:38:20.0328 2456 stisvc - ok
23:38:20.0360 2456 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
23:38:20.0500 2456 streamip - ok
23:38:20.0516 2456 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
23:38:20.0641 2456 swenum - ok
23:38:20.0656 2456 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
23:38:20.0797 2456 swmidi - ok
23:38:20.0813 2456 SwPrv - ok
23:38:20.0813 2456 symc810 - ok
23:38:20.0828 2456 symc8xx - ok
23:38:20.0828 2456 sym_hi - ok
23:38:20.0844 2456 sym_u3 - ok
23:38:20.0860 2456 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
23:38:21.0031 2456 sysaudio - ok
23:38:21.0063 2456 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
23:38:21.0203 2456 SysmonLog - ok
23:38:21.0219 2456 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
23:38:21.0375 2456 TapiSrv - ok
23:38:21.0469 2456 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
23:38:21.0531 2456 Tcpip - ok
23:38:21.0547 2456 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
23:38:21.0688 2456 TDPIPE - ok
23:38:21.0703 2456 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
23:38:21.0844 2456 TDTCP - ok
23:38:21.0875 2456 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
23:38:22.0031 2456 TermDD - ok
23:38:22.0078 2456 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
23:38:22.0235 2456 TermService - ok
23:38:22.0266 2456 Themes (1926899bf9ffe2602b63074971700412) C:\WINDOWS\System32\shsvcs.dll
23:38:22.0406 2456 Themes - ok
23:38:22.0422 2456 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\System32\tlntsvr.exe
23:38:22.0578 2456 TlntSvr - ok
23:38:22.0578 2456 TosIde - ok
23:38:22.0594 2456 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
23:38:22.0735 2456 TrkWks - ok
23:38:22.0750 2456 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
23:38:22.0906 2456 Udfs - ok
23:38:22.0906 2456 ultra - ok
23:38:22.0938 2456 UMWdf (ab0a7ca90d9e3d6a193905dc1715ded0) C:\WINDOWS\system32\wdfmgr.exe
23:38:22.0985 2456 UMWdf - ok
23:38:23.0047 2456 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
23:38:23.0203 2456 Update - ok
23:38:23.0235 2456 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
23:38:23.0391 2456 upnphost - ok
23:38:23.0406 2456 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
23:38:23.0547 2456 UPS - ok
23:38:23.0578 2456 USBAAPL (f340199e8cb097e1acd58a967c665919) C:\WINDOWS\system32\Drivers\usbaapl.sys
23:38:23.0610 2456 USBAAPL - ok
23:38:23.0641 2456 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
23:38:23.0781 2456 usbccgp - ok
23:38:23.0797 2456 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
23:38:23.0938 2456 usbehci - ok
23:38:23.0953 2456 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
23:38:24.0094 2456 usbhub - ok
23:38:24.0125 2456 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
23:38:24.0266 2456 usbprint - ok
23:38:24.0281 2456 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
23:38:24.0438 2456 usbscan - ok
23:38:24.0453 2456 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
23:38:24.0594 2456 USBSTOR - ok
23:38:24.0610 2456 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
23:38:24.0750 2456 usbuhci - ok
23:38:24.0860 2456 VAIOMediaPlatform-MusicServer-AppServer (5a173c23810ac6935227c617893a63aa) C:\Program Files\Sony\VAIO Media Integrated Server\Music\SSSvr.exe
23:38:24.0891 2456 VAIOMediaPlatform-MusicServer-AppServer ( UnsignedFile.Multi.Generic ) - warning
23:38:24.0891 2456 VAIOMediaPlatform-MusicServer-AppServer - detected UnsignedFile.Multi.Generic (1)
23:38:24.0922 2456 VAIOMediaPlatform-MusicServer-HTTP (6341c4e00a6f2474e59d1331b3ce9c0d) C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
23:38:24.0938 2456 VAIOMediaPlatform-MusicServer-HTTP ( UnsignedFile.Multi.Generic ) - warning
23:38:24.0938 2456 VAIOMediaPlatform-MusicServer-HTTP - detected UnsignedFile.Multi.Generic (1)
23:38:24.0969 2456 VAIOMediaPlatform-MusicServer-UPnP (f27789e13ca6a94d1420572d9e1a8344) C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
23:38:25.0063 2456 VAIOMediaPlatform-MusicServer-UPnP ( UnsignedFile.Multi.Generic ) - warning
23:38:25.0063 2456 VAIOMediaPlatform-MusicServer-UPnP - detected UnsignedFile.Multi.Generic (1)
23:38:25.0110 2456 VAIOMediaPlatform-PhotoServer-AppServer (48036bcfb49346f33389ad9fb035522f) C:\Program Files\Sony\VAIO Media Integrated Server\Photo\appsrv\PhotoAppSrv.exe
23:38:25.0188 2456 VAIOMediaPlatform-PhotoServer-AppServer ( UnsignedFile.Multi.Generic ) - warning
23:38:25.0188 2456 VAIOMediaPlatform-PhotoServer-AppServer - detected UnsignedFile.Multi.Generic (1)
23:38:25.0188 2456 VAIOMediaPlatform-PhotoServer-HTTP (6341c4e00a6f2474e59d1331b3ce9c0d) C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
23:38:25.0203 2456 VAIOMediaPlatform-PhotoServer-HTTP ( UnsignedFile.Multi.Generic ) - warning
23:38:25.0203 2456 VAIOMediaPlatform-PhotoServer-HTTP - detected UnsignedFile.Multi.Generic (1)
23:38:25.0219 2456 VAIOMediaPlatform-PhotoServer-UPnP (f27789e13ca6a94d1420572d9e1a8344) C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
23:38:25.0250 2456 VAIOMediaPlatform-PhotoServer-UPnP ( UnsignedFile.Multi.Generic ) - warning
23:38:25.0250 2456 VAIOMediaPlatform-PhotoServer-UPnP - detected UnsignedFile.Multi.Generic (1)
23:38:25.0328 2456 VAIOMediaPlatform-VideoServer-AppServer (095265e6f1c668709a4944f8dab7eaa9) C:\Program Files\Sony\VAIO Media Integrated Server\Video\GPVSvr.exe
23:38:25.0422 2456 VAIOMediaPlatform-VideoServer-AppServer ( UnsignedFile.Multi.Generic ) - warning
23:38:25.0422 2456 VAIOMediaPlatform-VideoServer-AppServer - detected UnsignedFile.Multi.Generic (1)
23:38:25.0422 2456 VAIOMediaPlatform-VideoServer-HTTP (6341c4e00a6f2474e59d1331b3ce9c0d) C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
23:38:25.0438 2456 VAIOMediaPlatform-VideoServer-HTTP ( UnsignedFile.Multi.Generic ) - warning
23:38:25.0438 2456 VAIOMediaPlatform-VideoServer-HTTP - detected UnsignedFile.Multi.Generic (1)
23:38:25.0485 2456 VAIOMediaPlatform-VideoServer-UPnP (f27789e13ca6a94d1420572d9e1a8344) C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
23:38:25.0531 2456 VAIOMediaPlatform-VideoServer-UPnP ( UnsignedFile.Multi.Generic ) - warning
23:38:25.0531 2456 VAIOMediaPlatform-VideoServer-UPnP - detected UnsignedFile.Multi.Generic (1)
23:38:25.0688 2456 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
23:38:25.0828 2456 VgaSave - ok
23:38:25.0828 2456 ViaIde - ok
23:38:25.0875 2456 Viewpoint Manager Service (5f974fde801c73952770736becde11e7) C:\Program Files\Viewpoint\Common\ViewpointService.exe
23:38:25.0891 2456 Viewpoint Manager Service ( UnsignedFile.Multi.Generic ) - warning
23:38:25.0891 2456 Viewpoint Manager Service - detected UnsignedFile.Multi.Generic (1)
23:38:25.0922 2456 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
23:38:26.0063 2456 VolSnap - ok
23:38:26.0110 2456 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
23:38:26.0250 2456 VSS - ok
23:38:26.0313 2456 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
23:38:26.0453 2456 W32Time - ok
23:38:26.0485 2456 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
23:38:26.0625 2456 Wanarp - ok
23:38:26.0656 2456 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\WINDOWS\system32\DRIVERS\wanatw4.sys
23:38:26.0688 2456 wanatw - ok
23:38:26.0719 2456 WANMiniportService (909f2dc0da7f57d229a05ee90647b2c3) C:\WINDOWS\wanmpsvc.exe
23:38:28.0610 2456 WANMiniportService ( UnsignedFile.Multi.Generic ) - warning
23:38:28.0610 2456 WANMiniportService - detected UnsignedFile.Multi.Generic (1)
23:38:28.0610 2456 WDICA - ok
23:38:28.0625 2456 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
23:38:28.0766 2456 wdmaud - ok
23:38:28.0797 2456 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
23:38:28.0953 2456 WebClient - ok
23:38:28.0953 2456 winachsf - ok
23:38:29.0016 2456 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
23:38:29.0156 2456 winmgmt - ok
23:38:29.0203 2456 WmdmPmSN (140ef97b64f560fd78643cae2cdad838) C:\WINDOWS\system32\MsPMSNSv.dll
23:38:29.0235 2456 WmdmPmSN - ok
23:38:29.0360 2456 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
23:38:29.0438 2456 Wmi - ok
23:38:29.0469 2456 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\System32\wbem\wmiapsrv.exe
23:38:29.0625 2456 WmiApSrv - ok
23:38:29.0625 2456 WpdUsb (1385e5aa9c9821790d33a9563b8d2dd0) C:\WINDOWS\system32\Drivers\wpdusb.sys
23:38:29.0641 2456 WpdUsb - ok
23:38:29.0688 2456 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
23:38:29.0844 2456 WS2IFSL - ok
23:38:29.0860 2456 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
23:38:30.0016 2456 wscsvc - ok
23:38:30.0031 2456 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
23:38:30.0172 2456 WSTCODEC - ok
23:38:30.0188 2456 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
23:38:30.0328 2456 wuauserv - ok
23:38:30.0391 2456 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
23:38:30.0547 2456 WZCSVC - ok
23:38:30.0578 2456 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
23:38:30.0735 2456 xmlprov - ok
23:38:30.0750 2456 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
23:38:31.0094 2456 \Device\Harddisk0\DR0 - ok
23:38:31.0094 2456 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
23:38:31.0156 2456 \Device\Harddisk1\DR1 - ok
23:38:31.0188 2456 MBR (0x1B8) (e5ce56eb69ea71a4c29be965fe0c42dd) \Device\Harddisk2\DR6
23:38:35.0516 2456 \Device\Harddisk2\DR6 - ok
23:38:35.0531 2456 Boot (0x1200) (86e1f08f101f618738dc1f24b0f766d7) \Device\Harddisk0\DR0\Partition0
23:38:35.0531 2456 \Device\Harddisk0\DR0\Partition0 - ok
23:38:35.0547 2456 Boot (0x1200) (b8f6dc3c0510ba61cd2aacac56cd23dd) \Device\Harddisk0\DR0\Partition1
23:38:35.0547 2456 \Device\Harddisk0\DR0\Partition1 - ok
23:38:35.0547 2456 Boot (0x1200) (bbafee5caa8c62ba52ef9da193f065d4) \Device\Harddisk1\DR1\Partition0
23:38:35.0547 2456 \Device\Harddisk1\DR1\Partition0 - ok
23:38:35.0547 2456 ============================================================
23:38:35.0547 2456 Scan finished
23:38:35.0547 2456 ============================================================
23:38:35.0656 2100 Detected object count: 21
23:38:35.0656 2100 Actual detected object count: 21
23:38:41.0375 2100 Apple Mobile Device ( UnsignedFile.Multi.Generic ) - skipped by user
23:38:41.0375 2100 Apple Mobile Device ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:38:41.0375 2100 Bonjour Service ( UnsignedFile.Multi.Generic ) - skipped by user
23:38:41.0375 2100 Bonjour Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:38:41.0375 2100 MDM ( UnsignedFile.Multi.Generic ) - skipped by user
23:38:41.0375 2100 MDM ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:38:41.0391 2100 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
23:38:41.0391 2100 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:38:41.0391 2100 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
23:38:41.0391 2100 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:38:41.0391 2100 SonicStageMonitoring ( UnsignedFile.Multi.Generic ) - skipped by user
23:38:41.0391 2100 SonicStageMonitoring ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:38:41.0391 2100 Sony TV Tuner Controller ( UnsignedFile.Multi.Generic ) - skipped by user
23:38:41.0391 2100 Sony TV Tuner Controller ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:38:41.0391 2100 Sony TV Tuner Manager ( UnsignedFile.Multi.Generic ) - skipped by user
23:38:41.0391 2100 Sony TV Tuner Manager ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:38:41.0391 2100 Sony TVTA Manager ( UnsignedFile.Multi.Generic ) - skipped by user
23:38:41.0406 2100 Sony TVTA Manager ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:38:41.0406 2100 SonyLSM ( UnsignedFile.Multi.Generic ) - skipped by user
23:38:41.0406 2100 SonyLSM ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:38:41.0406 2100 VAIOMediaPlatform-MusicServer-AppServer ( UnsignedFile.Multi.Generic ) - skipped by user
23:38:41.0406 2100 VAIOMediaPlatform-MusicServer-AppServer ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:38:41.0406 2100 VAIOMediaPlatform-MusicServer-HTTP ( UnsignedFile.Multi.Generic ) - skipped by user
23:38:41.0406 2100 VAIOMediaPlatform-MusicServer-HTTP ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:38:41.0406 2100 VAIOMediaPlatform-MusicServer-UPnP ( UnsignedFile.Multi.Generic ) - skipped by user
23:38:41.0406 2100 VAIOMediaPlatform-MusicServer-UPnP ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:38:41.0406 2100 VAIOMediaPlatform-PhotoServer-AppServer ( UnsignedFile.Multi.Generic ) - skipped by user
23:38:41.0406 2100 VAIOMediaPlatform-PhotoServer-AppServer ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:38:41.0422 2100 VAIOMediaPlatform-PhotoServer-HTTP ( UnsignedFile.Multi.Generic ) - skipped by user
23:38:41.0422 2100 VAIOMediaPlatform-PhotoServer-HTTP ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:38:41.0422 2100 VAIOMediaPlatform-PhotoServer-UPnP ( UnsignedFile.Multi.Generic ) - skipped by user
23:38:41.0422 2100 VAIOMediaPlatform-PhotoServer-UPnP ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:38:41.0422 2100 VAIOMediaPlatform-VideoServer-AppServer ( UnsignedFile.Multi.Generic ) - skipped by user
23:38:41.0422 2100 VAIOMediaPlatform-VideoServer-AppServer ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:38:41.0422 2100 VAIOMediaPlatform-VideoServer-HTTP ( UnsignedFile.Multi.Generic ) - skipped by user
23:38:41.0422 2100 VAIOMediaPlatform-VideoServer-HTTP ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:38:41.0422 2100 VAIOMediaPlatform-VideoServer-UPnP ( UnsignedFile.Multi.Generic ) - skipped by user
23:38:41.0422 2100 VAIOMediaPlatform-VideoServer-UPnP ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:38:41.0438 2100 Viewpoint Manager Service ( UnsignedFile.Multi.Generic ) - skipped by user
23:38:41.0438 2100 Viewpoint Manager Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:38:41.0438 2100 WANMiniportService ( UnsignedFile.Multi.Generic ) - skipped by user
23:38:41.0438 2100 WANMiniportService ( UnsignedFile.Multi.Generic ) - User select action: Skip