Przeglądam forum i widzę, należę do większego grona osób, które mają problem z mediashifting, do tego w google jestem przenoszona na puste strony zaczynające się od http://abnow.com/xxxxxxxxxxxxxxxxxxxxxxxx. Proszę o pomoc, poniżej zamieszczam logi z
OTL.txt
- Kod: Zaznacz wszystko
OTL logfile created on: 2012-01-29 17:56:09 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\JOANNA\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
1013,31 Mb Total Physical Memory | 285,28 Mb Available Physical Memory | 28,15% Memory free
2,23 Gb Paging File | 1,27 Gb Available in Paging File | 56,79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 37,11 Gb Total Space | 16,79 Gb Free Space | 45,25% Space Free | Partition Type: NTFS
Drive D: | 35,95 Gb Total Space | 4,91 Gb Free Space | 13,67% Space Free | Partition Type: NTFS
Computer Name: JOANNA-PC | User Name: JOANNA | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2012-01-29 17:54:45 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\JOANNA\Desktop\OTL.exe
PRC - [2012-01-29 16:45:58 | 000,302,592 | ---- | M] () -- C:\Users\JOANNA\Desktop\1jpe1ewz.exe
PRC - [2012-01-03 20:01:23 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012-01-03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011-12-03 01:22:12 | 002,415,456 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2011-11-28 01:19:04 | 001,229,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2011-10-10 06:23:34 | 000,973,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgemcx.exe
PRC - [2011-08-02 05:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2010-08-27 12:14:42 | 000,124,368 | ---- | M] (Toshiba Europe GmbH) -- C:\Program Files\Toshiba TEMPRO\TemproSvc.exe
PRC - [2009-04-11 14:18:30 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007-12-03 13:17:04 | 000,509,888 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
PRC - [2007-10-11 12:02:02 | 000,712,704 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
PRC - [2007-02-08 17:18:42 | 000,192,512 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynToshiba.exe
PRC - [2007-02-08 17:17:18 | 003,772,416 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007-02-08 17:16:28 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2004-11-11 11:47:24 | 000,065,536 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\Bluetooth Monitor\BtMon2.exe
[color=#E56717]========== Modules (No Company Name) ==========[/color]
MOD - [2012-01-29 16:45:58 | 000,302,592 | ---- | M] () -- C:\Users\JOANNA\Desktop\1jpe1ewz.exe
MOD - [2012-01-03 20:01:22 | 002,124,760 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011-10-16 10:48:23 | 008,522,400 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2009-04-11 14:18:19 | 000,223,232 | ---- | M] () -- \\?\globalroot\systemroot\system32\mswsock.dll
MOD - [2007-07-24 07:47:28 | 004,726,784 | ---- | M] () -- C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
MOD - [2007-06-04 08:55:22 | 000,090,112 | ---- | M] () -- C:\Program Files\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll
MOD - [2006-12-01 17:55:42 | 000,009,216 | ---- | M] () -- C:\Program Files\TOSHIBA\TBS\NotifyTBS.dll
MOD - [2006-11-28 19:17:12 | 000,061,440 | ---- | M] () -- C:\Windows\System32\igfxTMM.dll
MOD - [2006-11-28 19:12:28 | 000,077,824 | ---- | M] () -- C:\Windows\System32\hccutils.dll
MOD - [2006-11-08 17:08:30 | 000,009,216 | ---- | M] () -- C:\Program Files\TOSHIBA\PCDiag\NotifyPCD.dll
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - [2012-01-03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011-10-12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011-08-02 05:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2010-08-27 12:14:42 | 000,124,368 | ---- | M] (Toshiba Europe GmbH) [Auto | Running] -- C:\Program Files\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO)
SRV - [2008-01-21 03:23:43 | 000,005,120 | ---- | M] (Iomega) [Auto | Running] -- C:\Windows\System32\tfsncofs.dll -- (slave)
SRV - [2007-10-11 16:02:38 | 000,431,456 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2007-02-08 17:16:28 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - [2011-10-04 06:21:16 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011-09-13 05:30:10 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011-08-08 05:08:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011-07-11 00:14:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011-07-11 00:14:02 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011-07-11 00:14:00 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011-07-11 00:13:58 | 000,134,736 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011-04-14 15:59:03 | 000,075,264 | ---- | M] () [File_System | Unknown | Running] -- C:\Windows\System32\drivers\dfsc.sys -- (DfsC)
DRV - [2009-06-19 16:44:14 | 000,290,816 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tifm21.sys -- (tifm21)
DRV - [2009-04-22 17:27:12 | 001,129,472 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2007-02-08 17:16:26 | 001,161,152 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006-11-19 21:11:14 | 000,007,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk)
DRV - [2006-10-05 21:22:14 | 000,016,768 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2801191585-3064833119-2876291068-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-2801191585-3064833119-2876291068-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-2801191585-3064833119-2876291068-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-2801191585-3064833119-2876291068-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\S-1-5-21-2801191585-3064833119-2876291068-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2801191585-3064833119-2876291068-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-2801191585-3064833119-2876291068-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-2801191585-3064833119-2876291068-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=IEFM1&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://go.microsoft.com/fwlink/?LinkId=69157"
FF - prefs.js..extensions.enabledItems: en-GB@dictionaries.addons.mozilla.org:1.19.1
FF - prefs.js..extensions.enabledItems: pl@dictionaries.addons.mozilla.org:1.0.20110211
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=IEFM1&q="
FF - prefs.js..network.proxy.http: "logbg.umcs.lublin.pl"
FF - prefs.js..network.proxy.http_port: 310
FF - prefs.js..network.proxy.ssl: "logbg.umcs.lublin.pl"
FF - prefs.js..network.proxy.ssl_port: 310
FF - prefs.js..network.proxy.type: 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2011-12-26 17:48:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012-01-03 20:01:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012-01-11 20:12:58 | 000,000,000 | ---D | M]
[2011-10-16 09:37:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JOANNA\AppData\Roaming\mozilla\Extensions
[2012-01-27 22:20:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JOANNA\AppData\Roaming\mozilla\Firefox\Profiles\3z4h0gc7.default\extensions
[2011-10-16 09:37:53 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\JOANNA\AppData\Roaming\mozilla\Firefox\Profiles\3z4h0gc7.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011-10-16 09:37:52 | 000,000,000 | ---D | M] (British English Dictionary) -- C:\Users\JOANNA\AppData\Roaming\mozilla\Firefox\Profiles\3z4h0gc7.default\extensions\en-GB@dictionaries.addons.mozilla.org
[2011-10-16 09:37:52 | 000,000,000 | ---D | M] (Polski slownik poprawnej pisowni) -- C:\Users\JOANNA\AppData\Roaming\mozilla\Firefox\Profiles\3z4h0gc7.default\extensions\pl@dictionaries.addons.mozilla.org
[2010-11-16 16:15:42 | 000,001,832 | ---- | M] () -- C:\Users\JOANNA\AppData\Roaming\Mozilla\Firefox\Profiles\3z4h0gc7.default\searchplugins\bing.xml
[2011-10-16 10:13:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011-12-26 17:48:04 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG2012\FIREFOX4
() (No name found) -- C:\USERS\JOANNA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3Z4H0GC7.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\JOANNA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3Z4H0GC7.DEFAULT\EXTENSIONS\IPLEXTOALL@ALLPLAYER.ORG.XPI
[2012-01-03 20:01:23 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011-07-11 22:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2011-09-29 01:52:42 | 000,002,767 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\allegro-pl.xml
[2011-09-29 01:52:42 | 000,001,406 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fbc-pl.xml
[2011-09-29 01:52:42 | 000,000,917 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\merlin-pl.xml
[2011-09-29 01:52:42 | 000,000,858 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\pwn-pl.xml
[2011-09-29 01:52:42 | 000,001,183 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-pl.xml
[2011-09-29 01:52:42 | 000,001,683 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wp-pl.xml
O1 HOSTS File: ([2006-09-18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (IplexToALLPlayer) - {DF925EF3-7A87-44E4-9CAF-8D7B280BF616} - C:\Program Files\ALLPlayer\Iplex\IplexToALLPlayer.dll (ALLCinema Ltd.)
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPSMain] C:\Windows\System32\TPSMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2801191585-3064833119-2876291068-1000..\Run: [Internet Security 2012] C:\Users\JOANNA\AppData\Roaming\isecurity.exe File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Wyślij &do programu OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - %SystemRoot%\System32\winrnr.dll File not found
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 10.0.0)
O16 - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.142.116.242 83.142.118.10
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7347321B-B243-442A-AC79-C3DA9BF2543D}: DhcpNameServer = 83.142.116.242 83.142.118.10
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\JOANNA\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg
O24 - Desktop BackupWallPaper: C:\Users\JOANNA\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta z Galerii fotografii systemu Windows.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2012-01-29 17:57:43 | 002,058,032 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\JOANNA\Desktop\tdsskiller.exe
[2012-01-29 16:32:04 | 000,672,824 | ---- | C] (Duplex Secure Ltd.) -- C:\Users\JOANNA\Desktop\SPTDinst-v180-x86.exe
[2012-01-29 16:08:20 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012-01-29 16:05:18 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-01-29 15:33:00 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\JOANNA\Desktop\OTL.exe
[2012-01-27 21:01:45 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2012-01-27 20:04:58 | 000,000,000 | ---D | C] -- C:\Users\JOANNA\Desktop\ArcaVirMicroScan
[2012-01-27 20:04:58 | 000,000,000 | ---D | C] -- C:\Users\JOANNA\AppData\Roaming\ArcaVirMicroScan
[2012-01-27 20:04:31 | 000,258,640 | ---- | C] (ArcaBit) -- C:\Users\JOANNA\Desktop\arcavirmicroscan.exe
[2012-01-27 00:20:18 | 000,163,840 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxres.dll
[2012-01-25 20:48:30 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
[2012-01-25 20:42:16 | 000,000,000 | -HSD | C] -- C:\Users\JOANNA\AppData\Local\ee703afe
[2012-01-25 18:43:34 | 000,000,000 | ---D | C] -- C:\Users\JOANNA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OUP
[2012-01-25 18:43:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OUP
[2012-01-25 18:43:32 | 000,000,000 | ---D | C] -- C:\Program Files\OUP
[2012-01-25 18:42:14 | 000,000,000 | ---D | C] -- C:\Users\JOANNA\Desktop\oxfordbusiness
[2012-01-20 18:48:51 | 000,000,000 | ---D | C] -- C:\Users\JOANNA\Desktop\EXCEL SZKOLENIE
[2012-01-11 17:43:39 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2012-01-11 17:43:34 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciseq.dll
[2012-01-11 17:43:25 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2012-01-11 17:43:20 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2012-01-11 17:43:20 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2012-01-29 17:57:45 | 002,058,032 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\JOANNA\Desktop\tdsskiller.exe
[2012-01-29 17:54:45 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\JOANNA\Desktop\OTL.exe
[2012-01-29 16:45:58 | 000,302,592 | ---- | M] () -- C:\Users\JOANNA\Desktop\1jpe1ewz.exe
[2012-01-29 16:44:23 | 000,004,240 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012-01-29 16:44:22 | 000,004,240 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012-01-29 16:41:32 | 000,000,000 | -HS- | M] () -- C:\Windows\System32\dds_log_trash.cmd
[2012-01-29 16:41:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-01-29 16:41:17 | 1063,313,408 | -HS- | M] () -- C:\hiberfil.sys
[2012-01-29 16:32:16 | 000,672,824 | ---- | M] (Duplex Secure Ltd.) -- C:\Users\JOANNA\Desktop\SPTDinst-v180-x86.exe
[2012-01-29 15:46:07 | 002,477,920 | ---- | M] () -- C:\Users\JOANNA\Desktop\avg_rem_zeroaccess_all_1_749.exe
[2012-01-29 12:15:17 | 056,928,541 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2012-01-29 12:15:17 | 000,113,461 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjw.avm
[2012-01-27 21:12:01 | 000,000,576 | ---- | M] () -- C:\Users\JOANNA\Desktop\ArcaVirMicroScan.lnk
[2012-01-27 20:04:47 | 000,258,640 | ---- | M] (ArcaBit) -- C:\Users\JOANNA\Desktop\arcavirmicroscan.exe
[2012-01-27 18:21:19 | 000,089,977 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2012-01-25 18:43:34 | 000,001,043 | ---- | M] () -- C:\Users\JOANNA\Desktop\Oxford Business English Dictionary.lnk
[2012-01-25 18:41:59 | 000,000,000 | ---- | M] () -- C:\Windows\Setup.INI
[2012-01-25 18:39:55 | 115,431,023 | ---- | M] () -- C:\Users\JOANNA\Desktop\oxfordbusiness.rar
[2012-01-21 17:54:37 | 000,092,311 | ---- | M] () -- C:\Users\JOANNA\Desktop\MidKentGrowers_vert_v1_lowres.pdf
[2012-01-18 23:40:56 | 1705,880,151 | ---- | M] () -- C:\Users\JOANNA\Desktop\Effort.rar
[2012-01-17 22:13:42 | 096,484,515 | ---- | M] () -- C:\Users\JOANNA\Desktop\5000_Ivy_League_Vocabulary__Amer.__mp3_pdf_srt.rar
[2012-01-17 22:00:14 | 011,622,063 | ---- | M] () -- C:\Users\JOANNA\Desktop\the_20key.zip
[2012-01-11 22:05:01 | 000,672,140 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2012-01-11 22:05:01 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012-01-11 22:05:01 | 000,130,516 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2012-01-11 22:05:01 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012-01-11 19:16:52 | 000,073,891 | ---- | M] () -- C:\Users\JOANNA\Desktop\definicje_negocjacji.pdf
[2012-01-07 19:20:43 | 000,008,704 | ---- | M] () -- C:\Users\JOANNA\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012-01-04 18:47:30 | 001,235,734 | ---- | M] () -- C:\Users\JOANNA\Desktop\wnm-zgloszenie-SALITRA.pdf
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2012-01-29 16:45:56 | 000,302,592 | ---- | C] () -- C:\Users\JOANNA\Desktop\1jpe1ewz.exe
[2012-01-29 16:07:34 | 000,000,000 | -HS- | C] () -- C:\Windows\System32\dds_log_trash.cmd
[2012-01-29 15:46:07 | 002,477,920 | ---- | C] () -- C:\Users\JOANNA\Desktop\avg_rem_zeroaccess_all_1_749.exe
[2012-01-27 21:12:01 | 000,000,576 | ---- | C] () -- C:\Users\JOANNA\Desktop\ArcaVirMicroScan.lnk
[2012-01-27 00:22:45 | 1063,313,408 | -HS- | C] () -- C:\hiberfil.sys
[2012-01-25 18:43:34 | 000,001,043 | ---- | C] () -- C:\Users\JOANNA\Desktop\Oxford Business English Dictionary.lnk
[2012-01-25 18:41:59 | 000,000,000 | ---- | C] () -- C:\Windows\Setup.INI
[2012-01-25 18:32:07 | 115,431,023 | ---- | C] () -- C:\Users\JOANNA\Desktop\oxfordbusiness.rar
[2012-01-21 17:49:47 | 000,092,311 | ---- | C] () -- C:\Users\JOANNA\Desktop\MidKentGrowers_vert_v1_lowres.pdf
[2012-01-18 20:29:57 | 1705,880,151 | ---- | C] () -- C:\Users\JOANNA\Desktop\Effort.rar
[2012-01-17 22:39:45 | 010,006,802 | ---- | C] () -- C:\Users\JOANNA\Desktop\A.mp3
[2012-01-17 22:14:43 | 005,769,428 | ---- | C] () -- C:\Users\JOANNA\Desktop\E.mp3
[2012-01-17 22:06:45 | 096,484,515 | ---- | C] () -- C:\Users\JOANNA\Desktop\5000_Ivy_League_Vocabulary__Amer.__mp3_pdf_srt.rar
[2012-01-17 22:01:49 | 011,639,454 | ---- | C] () -- C:\Users\JOANNA\Desktop\The Key.mp3
[2012-01-17 21:59:19 | 011,622,063 | ---- | C] () -- C:\Users\JOANNA\Desktop\the_20key.zip
[2012-01-11 19:16:52 | 000,073,891 | ---- | C] () -- C:\Users\JOANNA\Desktop\definicje_negocjacji.pdf
[2012-01-04 18:47:17 | 001,235,734 | ---- | C] () -- C:\Users\JOANNA\Desktop\wnm-zgloszenie-SALITRA.pdf
[2011-11-15 22:39:41 | 000,008,704 | ---- | C] () -- C:\Users\JOANNA\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011-10-16 10:31:34 | 000,258,048 | ---- | C] () -- C:\Windows\System32\libFLAC.dll
[2011-10-16 10:06:00 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011-10-16 10:05:59 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011-10-16 10:05:57 | 000,644,608 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011-10-16 10:05:57 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011-10-16 10:05:57 | 000,074,752 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011-10-16 09:32:31 | 000,075,264 | ---- | C] () -- C:\Windows\System32\drivers\dfsc.sys
[2011-10-16 09:31:08 | 000,049,152 | ---- | C] () -- C:\Windows\System32\TosBthSupport.dll
[2011-10-15 23:59:00 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1132.dll
[2011-10-15 23:59:00 | 000,053,248 | ---- | C] () -- C:\Windows\System32\oemdspif.dll
[2011-10-15 23:58:58 | 000,077,824 | ---- | C] () -- C:\Windows\System32\hccutils.dll
[2011-10-15 23:57:13 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2011-10-15 23:57:13 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2011-10-15 23:57:13 | 000,010,150 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2011-10-15 23:57:13 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2011-10-15 23:56:44 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ1.dat
[2011-10-15 23:56:44 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ0.dat
[2011-10-15 23:55:16 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2009-04-13 09:01:57 | 000,672,140 | ---- | C] () -- C:\Windows\System32\perfh015.dat
[2009-04-13 09:01:57 | 000,332,832 | ---- | C] () -- C:\Windows\System32\perfi015.dat
[2009-04-13 09:01:57 | 000,130,516 | ---- | C] () -- C:\Windows\System32\perfc015.dat
[2009-04-13 09:01:57 | 000,037,468 | ---- | C] () -- C:\Windows\System32\perfd015.dat
[2009-04-11 14:18:12 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009-04-11 14:18:12 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009-04-11 14:18:11 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2006-11-02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006-11-02 13:47:37 | 000,380,032 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006-11-02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006-11-02 11:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006-11-02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006-11-02 11:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006-11-02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006-11-02 11:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006-11-02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006-11-02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006-11-02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006-11-02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006-11-02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[color=#E56717]========== LOP Check ==========[/color]
[2012-01-27 21:12:07 | 000,000,000 | ---D | M] -- C:\Users\JOANNA\AppData\Roaming\ArcaVirMicroScan
[2011-10-16 11:59:03 | 000,000,000 | ---D | M] -- C:\Users\JOANNA\AppData\Roaming\AVG2012
[2011-10-16 13:02:54 | 000,000,000 | ---D | M] -- C:\Users\JOANNA\AppData\Roaming\Canneverbe Limited
[2011-10-16 09:37:25 | 000,000,000 | ---D | M] -- C:\Users\JOANNA\AppData\Roaming\Gadu-Gadu
[2011-10-16 09:37:48 | 000,000,000 | ---D | M] -- C:\Users\JOANNA\AppData\Roaming\Gadu-Gadu 10
[2011-10-16 09:30:15 | 000,000,000 | ---D | M] -- C:\Users\JOANNA\AppData\Roaming\GHISLER
[2011-10-16 09:38:15 | 000,000,000 | ---D | M] -- C:\Users\JOANNA\AppData\Roaming\Nokia
[2011-10-16 09:38:31 | 000,000,000 | ---D | M] -- C:\Users\JOANNA\AppData\Roaming\Nowe Gadu-Gadu
[2011-10-16 09:38:34 | 000,000,000 | ---D | M] -- C:\Users\JOANNA\AppData\Roaming\PC Suite
[2011-10-16 09:38:45 | 000,000,000 | ---D | M] -- C:\Users\JOANNA\AppData\Roaming\SanDisk
[2011-10-16 09:18:17 | 000,000,000 | ---D | M] -- C:\Users\JOANNA\AppData\Roaming\toshiba
[2011-10-16 09:58:47 | 000,000,000 | ---D | M] -- C:\Users\JOANNA\AppData\Roaming\UBitMenu
[2011-10-16 09:38:59 | 000,000,000 | ---D | M] -- C:\Users\JOANNA\AppData\Roaming\Ulead Systems
[2012-01-29 16:40:22 | 000,032,546 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[color=#E56717]========== Purity Check ==========[/color]
< End of report >
extra.txt
- Kod: Zaznacz wszystko
OTL Extras logfile created on: 2012-01-29 17:56:09 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\JOANNA\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
1013,31 Mb Total Physical Memory | 285,28 Mb Available Physical Memory | 28,15% Memory free
2,23 Gb Paging File | 1,27 Gb Available in Paging File | 56,79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 37,11 Gb Total Space | 16,79 Gb Free Space | 45,25% Space Free | Partition Type: NTFS
Drive D: | 35,95 Gb Total Space | 4,91 Gb Free Space | 13,67% Space Free | Partition Type: NTFS
Computer Name: JOANNA-PC | User Name: JOANNA | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
[color=#E56717]========== File Associations ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-2801191585-3064833119-2876291068-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[color=#E56717]========== Shell Spawning ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[color=#E56717]========== Security Center Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[color=#E56717]========== Firewall Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[color=#E56717]========== Authorized Applications List ==========[/color]
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{283EFFC4-B981-46A3-A716-EA0A5622CAD4}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{386ED501-187F-432A-87CB-8A4ECB0E4DB9}" = rport=139 | protocol=6 | dir=out | app=system |
"{562846AD-3FEA-4E3F-ACFE-0C8A9900FB08}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{61491707-1CC7-4B07-8CFD-CA83692CF3BC}" = rport=137 | protocol=17 | dir=out | app=system |
"{71521F2B-6C9C-491C-BC9B-9D6CE485D4D7}" = lport=137 | protocol=17 | dir=in | app=system |
"{73F5030D-4CE5-44D9-AD7C-6FEE2DC598CA}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{7731596E-D9F6-4D9C-9CD1-097DC447819F}" = lport=445 | protocol=6 | dir=in | app=system |
"{7798BAE9-A93E-4A8B-9B19-B6A2F3B4157A}" = rport=445 | protocol=6 | dir=out | app=system |
"{A65B00E3-D217-4A73-A5F6-140AA59A14BE}" = rport=138 | protocol=17 | dir=out | app=system |
"{B6E5E8AE-63C7-4D1D-ADB9-29CCFF5BCB0E}" = lport=138 | protocol=17 | dir=in | app=system |
"{F49A54C8-B3AE-4773-BF03-4FA206E43F87}" = lport=139 | protocol=6 | dir=in | app=system |
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{097C8AE4-BA67-4927-A607-41313BF55BCD}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{0B200931-4E5B-4CF0-8688-F4A0E16399DA}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{2F963D2F-8D24-47AC-A2CA-17D56C10389D}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
"{4DD5B22F-AB80-4AA1-A703-6A3CE833CD27}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{5D787167-F251-49EF-9F44-D7087E4D56C3}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{674C782A-D7D9-4D9E-B849-99868B60817E}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{8B2EEE35-D8F1-47C6-88DC-0998745DE810}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
"{9322FEA1-75F1-4CB9-BC5B-05593DAFFBC7}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{95689675-E40C-4EA6-A1FA-6508E3302BF8}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{A2FAC0CE-C0F8-42C0-8482-DDA5FB6A6908}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{ADC4F4F1-E879-4439-B517-3067D98631C8}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{B7E1E1AB-070E-4430-B90E-F78DAFE848E8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C6B450A9-2AB2-455F-AA25-ACC192E953D6}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{CFB108B1-FBBC-4CBE-A4F8-AD64C64AFB40}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{DDBA75A6-3B29-429B-8268-0B87646C5AE5}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
"{EF061746-C424-41C5-ADA3-7B462C954951}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{F11C58BD-942B-46D2-8DF3-83BF0C0A7390}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
"{FC2DAC22-6331-4C2A-9815-A7FE5DEAC5DC}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{FE3255FD-DF09-4889-9EA7-929721F32DF2}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{FF5F8A66-0419-49D0-8BE2-E77B73360AAA}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{FFDFB43E-F6F7-4B36-AD40-96B72F5F4A94}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"TCP Query User{2852BAD5-5B9C-4480-A464-06C8D97CA3AA}C:\program files\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe |
"TCP Query User{6477DAD0-6080-4C96-BDF0-5050B05900A1}C:\users\joanna\appdata\local\temp\5032.tmp\kmservice.exe" = protocol=6 | dir=in | app=c:\users\joanna\appdata\local\temp\5032.tmp\kmservice.exe |
"TCP Query User{6973E404-C8FF-4C31-8E8D-3BEC1DD6D933}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
"TCP Query User{8EF3887F-2257-4D28-92AF-153969992637}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
"TCP Query User{9C30CE40-4169-42C7-8F77-E3C544647197}C:\program files\gadu-gadu 10\gg.exe" = protocol=6 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe |
"UDP Query User{382BB619-FF29-4987-A15A-03DECCD08E53}C:\program files\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe |
"UDP Query User{76CA89DA-5362-4642-8685-CADD227BB05B}C:\program files\gadu-gadu 10\gg.exe" = protocol=17 | dir=in | app=c:\program files\gadu-gadu 10\gg.exe |
"UDP Query User{7AC3A9EA-21C1-41F0-9886-44A6F398D667}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |
"UDP Query User{D5BA1697-0AB8-49BB-894F-C7A924562ABA}C:\users\joanna\appdata\local\temp\5032.tmp\kmservice.exe" = protocol=17 | dir=in | app=c:\users\joanna\appdata\local\temp\5032.tmp\kmservice.exe |
"UDP Query User{F57C248F-7CF6-428F-87BC-6433A1E08099}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1BBB8C04-F4F1-4afc-A6D3-89045EEA92BD}_is1" = UBitMenu PL
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217000FF}" = Java(TM) 7
"{2BA8A909-F17C-4AE5-85C1-9107B7A60D26}" = Toshiba TEMPRO
"{321320E1-0E5A-36CB-9E52-F3B201B8C4D4}" = Microsoft .NET Framework 4 Client Profile PLK Language Pack
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{61539202-097E-487E-9237-B291AB56D54C}" = Bluetooth Monitor 3
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{65500168-EF40-11D7-8493-00C04F43E392}" = polsko-angielski 10.2003
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8398852A-7B61-4808-8F58-D0A40D1B2CB6}" = AVG 2012
"{90140000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2010
"{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2010
"{90140000-0016-0415-0000-0000000FF1CE}_Office14.STANDARD_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2010
"{90140000-0018-0415-0000-0000000FF1CE}_Office14.STANDARD_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2010
"{90140000-0019-0415-0000-0000000FF1CE}_Office14.STANDARD_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2010
"{90140000-001A-0415-0000-0000000FF1CE}_Office14.STANDARD_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2010
"{90140000-001B-0415-0000-0000000FF1CE}_Office14.STANDARD_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.STANDARD_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.STANDARD_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2010
"{90140000-001F-0415-0000-0000000FF1CE}_Office14.STANDARD_{1D751709-BA6C-49E2-844B-4F4F20F410C9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2010
"{90140000-002C-0415-0000-0000000FF1CE}_Office14.STANDARD_{6606F321-8216-466E-981E-B75A14C46894}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2010
"{90140000-006E-0415-0000-0000000FF1CE}_Office14.STANDARD_{6AF8887A-72F7-4FA0-ABE4-396172B64550}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0415-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Polish) 2010
"{90140000-00A1-0415-0000-0000000FF1CE}_Office14.STANDARD_{39EFF327-D2C4-4C4B-B8EE-37325DECE1A4}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1045-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Polish
"{B77A308F-85F5-4D68-8CB5-313332CB2779}" = TOSHIBA Hardware Setup
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E171F5DA-6F17-472D-A223-92468142C5E8}" = AVG 2012
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F7B05784-334C-4F76-8BAB-30ABEB7FD534}" = TIPCI
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Agere Systems Soft Modem" = TOSHIBA Software Modem
"ALLPlayer_is1" = ALLPlayer V4.X
"AVG" = AVG 2012
"Gadu-Gadu 10" = Gadu-Gadu 10
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{F7B05784-334C-4F76-8BAB-30ABEB7FD534}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 7.6.0
"Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PLK Language Pack" = Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 9.0.1 (x86 pl)" = Mozilla Firefox 9.0.1 (x86 pl)
"Office14.STANDARD" = Microsoft Office Standard 2010
"Oxford Business English Dictionary" = Oxford Business English Dictionary
"Picasa 3" = Picasa 3
"Power Saver" = TOSHIBA Power Saver
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Winamp" = Winamp
[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
[HKEY_USERS\S-1-5-21-2801191585-3064833119-2876291068-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Detector Plug-in
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
[ Application Events ]
Error - 2012-01-27 16:07:59 | Computer Name = JOANNA-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 2012-01-27 16:08:00 | Computer Name = JOANNA-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 2012-01-27 16:08:00 | Computer Name = JOANNA-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 2012-01-27 16:08:00 | Computer Name = JOANNA-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 2012-01-27 16:08:00 | Computer Name = JOANNA-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 2012-01-27 16:08:00 | Computer Name = JOANNA-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 2012-01-27 16:08:00 | Computer Name = JOANNA-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 2012-01-27 16:08:01 | Computer Name = JOANNA-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 2012-01-27 16:08:01 | Computer Name = JOANNA-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 2012-01-29 10:02:28 | Computer Name = JOANNA-PC | Source = Application Error | ID = 1000
Description = Aplikacja powodująca błąd winlogon.exe, wersja 6.0.6002.18005, sygnatura
czasowa 0x49e01d05, moduł powodujący błąd ntdll.dll, wersja 6.0.6002.18541, sygnatura
czasowa 0x4ec3e3d5, kod wyjątku 0xc0000005, przesunięcie błędu 0x00035d14, identyfikator
procesu 0x250, godzina rozpoczęcia aplikacji 0x01ccde75b64243b1.
[ System Events ]
Error - 2012-01-29 11:37:15 | Computer Name = JOANNA-PC | Source = Service Control Manager | ID = 7023
Description =
Error - 2012-01-29 11:37:15 | Computer Name = JOANNA-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 2012-01-29 11:37:15 | Computer Name = JOANNA-PC | Source = Service Control Manager | ID = 7003
Description =
Error - 2012-01-29 11:37:15 | Computer Name = JOANNA-PC | Source = Service Control Manager | ID = 7003
Description =
Error - 2012-01-29 11:37:15 | Computer Name = JOANNA-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 2012-01-29 11:43:01 | Computer Name = JOANNA-PC | Source = Service Control Manager | ID = 7023
Description =
Error - 2012-01-29 11:43:01 | Computer Name = JOANNA-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 2012-01-29 11:43:01 | Computer Name = JOANNA-PC | Source = Service Control Manager | ID = 7003
Description =
Error - 2012-01-29 11:43:01 | Computer Name = JOANNA-PC | Source = Service Control Manager | ID = 7003
Description =
Error - 2012-01-29 11:43:01 | Computer Name = JOANNA-PC | Source = Service Control Manager | ID = 7026
Description =
< End of report >
KAspersy TDSSKiler
1
- Kod: Zaznacz wszystko
7:57:52.0747 1240 TDSS rootkit removing tool 2.7.7.0 Jan 24 2012 16:44:27
17:57:52.0916 1240 ============================================================
17:57:52.0916 1240 Current date / time: 2012/01/29 17:57:52.0916
17:57:52.0916 1240 SystemInfo:
17:57:52.0916 1240
17:57:52.0916 1240 OS Version: 6.0.6002 ServicePack: 2.0
17:57:52.0916 1240 Product type: Workstation
17:57:52.0917 1240 ComputerName: JOANNA-PC
17:57:52.0917 1240 UserName: JOANNA
17:57:52.0917 1240 Windows directory: C:\Windows
17:57:52.0917 1240 System windows directory: C:\Windows
17:57:52.0917 1240 Processor architecture: Intel x86
17:57:52.0917 1240 Number of processors: 2
17:57:52.0917 1240 Page size: 0x1000
17:57:52.0917 1240 Boot type: Normal boot
17:57:52.0917 1240 ============================================================
17:57:54.0310 1240 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:57:54.0531 1240 Initialize success
17:57:56.0349 0288 ============================================================
17:57:56.0349 0288 Scan started
17:57:56.0349 0288 Mode: Manual;
17:57:56.0349 0288 ============================================================
17:57:57.0745 0288 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
17:57:57.0753 0288 ACPI - ok
17:57:57.0847 0288 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
17:57:57.0859 0288 adp94xx - ok
17:57:57.0910 0288 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
17:57:57.0935 0288 adpahci - ok
17:57:58.0046 0288 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
17:57:58.0049 0288 adpu160m - ok
17:57:58.0086 0288 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
17:57:58.0090 0288 adpu320 - ok
17:57:58.0172 0288 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
17:57:58.0179 0288 AFD - ok
17:57:58.0390 0288 AgereSoftModem (4e6294a06be883c9bd685a8dfd9fcd4e) C:\Windows\system32\DRIVERS\AGRSM.sys
17:57:58.0415 0288 AgereSoftModem - ok
17:57:58.0591 0288 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
17:57:58.0592 0288 agp440 - ok
17:57:58.0627 0288 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
17:57:58.0640 0288 aic78xx - ok
17:57:58.0674 0288 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
17:57:58.0675 0288 aliide - ok
17:57:58.0725 0288 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
17:57:58.0727 0288 amdagp - ok
17:57:58.0828 0288 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
17:57:58.0829 0288 amdide - ok
17:57:58.0873 0288 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
17:57:58.0875 0288 AmdK7 - ok
17:57:58.0890 0288 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
17:57:58.0892 0288 AmdK8 - ok
17:57:58.0938 0288 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
17:57:58.0954 0288 arc - ok
17:57:59.0002 0288 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
17:57:59.0005 0288 arcsas - ok
17:57:59.0277 0288 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
17:57:59.0295 0288 AsyncMac - ok
17:57:59.0385 0288 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
17:57:59.0386 0288 atapi - ok
17:57:59.0502 0288 athr (09a644da1f4c144df1c9fe3cd75e22ed) C:\Windows\system32\DRIVERS\athr.sys
17:57:59.0529 0288 athr - ok
17:57:59.0722 0288 AVGIDSDriver (4cbb56fbc9c0cbc517e6e3a6889ebddc) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
17:57:59.0725 0288 AVGIDSDriver - ok
17:57:59.0797 0288 AVGIDSEH (459bce188232e2fe6152423efef65d76) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
17:57:59.0798 0288 AVGIDSEH - ok
17:57:59.0826 0288 AVGIDSFilter (91d9abe7e88eac7c167cba4ed4d983bf) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
17:57:59.0827 0288 AVGIDSFilter - ok
17:57:59.0861 0288 AVGIDSShim (3fc2714e185c04308215d46730d41a94) C:\Windows\system32\DRIVERS\AVGIDSShim.Sys
17:57:59.0866 0288 AVGIDSShim - ok
17:57:59.0956 0288 Avgldx86 - ok
17:57:59.0977 0288 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\Windows\system32\DRIVERS\avgmfx86.sys
17:57:59.0979 0288 Avgmfx86 - ok
17:58:00.0030 0288 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\Windows\system32\DRIVERS\avgrkx86.sys
17:58:00.0032 0288 Avgrkx86 - ok
17:58:00.0081 0288 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\Windows\system32\DRIVERS\avgtdix.sys
17:58:00.0088 0288 Avgtdix - ok
17:58:00.0147 0288 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
17:58:00.0148 0288 Beep - ok
17:58:00.0272 0288 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
17:58:00.0273 0288 blbdrive - ok
17:58:00.0356 0288 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
17:58:00.0358 0288 bowser - ok
17:58:00.0428 0288 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
17:58:00.0429 0288 BrFiltLo - ok
17:58:00.0491 0288 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
17:58:00.0492 0288 BrFiltUp - ok
17:58:00.0552 0288 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
17:58:00.0568 0288 Brserid - ok
17:58:00.0611 0288 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
17:58:00.0613 0288 BrSerWdm - ok
17:58:00.0632 0288 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
17:58:00.0634 0288 BrUsbMdm - ok
17:58:00.0663 0288 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
17:58:00.0664 0288 BrUsbSer - ok
17:58:00.0773 0288 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
17:58:00.0775 0288 BTHMODEM - ok
17:58:00.0833 0288 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
17:58:00.0846 0288 cdfs - ok
17:58:00.0926 0288 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
17:58:00.0929 0288 cdrom - ok
17:58:01.0025 0288 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
17:58:01.0032 0288 circlass - ok
17:58:01.0082 0288 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
17:58:01.0088 0288 CLFS - ok
17:58:01.0219 0288 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
17:58:01.0220 0288 CmBatt - ok
17:58:01.0286 0288 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
17:58:01.0287 0288 cmdide - ok
17:58:01.0309 0288 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
17:58:01.0311 0288 Compbatt - ok
17:58:01.0341 0288 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
17:58:01.0343 0288 crcdisk - ok
17:58:01.0382 0288 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
17:58:01.0383 0288 Crusoe - ok
17:58:01.0473 0288 DfsC (161baa4d007c4aed2ca03ee2e8aae3ca) C:\Windows\system32\Drivers\dfsc.sys
17:58:01.0482 0288 DfsC ( Virus.Win32.ZAccess.c ) - infected
17:58:01.0482 0288 DfsC - detected Virus.Win32.ZAccess.c (0)
17:58:01.0649 0288 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
17:58:01.0650 0288 disk - ok
17:58:01.0778 0288 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
17:58:01.0779 0288 drmkaud - ok
17:58:01.0855 0288 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
17:58:01.0870 0288 DXGKrnl - ok
17:58:01.0964 0288 E100B (d00eeae1cacd77a1a8396bbc19140bba) C:\Windows\system32\DRIVERS\e100b325.sys
17:58:01.0968 0288 E100B - ok
17:58:02.0077 0288 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
17:58:02.0081 0288 E1G60 - ok
17:58:02.0177 0288 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
17:58:02.0182 0288 Ecache - ok
17:58:02.0293 0288 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
17:58:02.0302 0288 elxstor - ok
17:58:02.0383 0288 ErrDev (a81ab23eddb4693612014d87367d014c) C:\Windows\system32\drivers\errdev.sys
17:58:02.0384 0288 ErrDev - ok
17:58:02.0448 0288 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
17:58:02.0452 0288 exfat - ok
17:58:02.0535 0288 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
17:58:02.0558 0288 fastfat - ok
17:58:02.0668 0288 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
17:58:02.0669 0288 fdc - ok
17:58:02.0724 0288 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
17:58:02.0738 0288 FileInfo - ok
17:58:02.0779 0288 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
17:58:02.0780 0288 Filetrace - ok
17:58:02.0796 0288 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
17:58:02.0798 0288 flpydisk - ok
17:58:02.0835 0288 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
17:58:02.0841 0288 FltMgr - ok
17:58:02.0929 0288 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
17:58:02.0931 0288 Fs_Rec - ok
17:58:02.0995 0288 FwLnk (cbc22823628544735625b280665e434e) C:\Windows\system32\DRIVERS\FwLnk.sys
17:58:02.0996 0288 FwLnk - ok
17:58:03.0043 0288 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
17:58:03.0045 0288 gagp30kx - ok
17:58:03.0158 0288 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
17:58:03.0164 0288 HdAudAddService - ok
17:58:03.0225 0288 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
17:58:03.0238 0288 HDAudBus - ok
17:58:03.0286 0288 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
17:58:03.0303 0288 HidBth - ok
17:58:03.0412 0288 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
17:58:03.0413 0288 HidIr - ok
17:58:03.0527 0288 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
17:58:03.0529 0288 HidUsb - ok
17:58:03.0576 0288 HpCISSs (7ebec5eb56b90ed65a8bbd91464e5cfb) C:\Windows\system32\drivers\hpcisss.sys
17:58:03.0594 0288 HpCISSs - ok
17:58:03.0711 0288 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
17:58:03.0722 0288 HTTP - ok
17:58:03.0844 0288 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
17:58:03.0846 0288 i2omp - ok
17:58:03.0922 0288 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
17:58:03.0924 0288 i8042prt - ok
17:58:04.0175 0288 ialm (14f477463246e35f1dc932be6225598c) C:\Windows\system32\DRIVERS\igdkmd32.sys
17:58:04.0224 0288 ialm - ok
17:58:04.0369 0288 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
17:58:04.0375 0288 iaStorV - ok
17:58:04.0487 0288 igfx (14f477463246e35f1dc932be6225598c) C:\Windows\system32\DRIVERS\igdkmd32.sys
17:58:04.0502 0288 igfx - ok
17:58:04.0603 0288 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
17:58:04.0605 0288 iirsp - ok
17:58:04.0793 0288 IntcAzAudAddService (2690be9907b36b7c3ea2859c74926fa1) C:\Windows\system32\drivers\RTKVHDA.sys
17:58:04.0864 0288 IntcAzAudAddService - ok
17:58:05.0063 0288 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
17:58:05.0065 0288 intelide - ok
17:58:05.0120 0288 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
17:58:05.0135 0288 intelppm - ok
17:58:05.0374 0288 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:58:05.0376 0288 IpFilterDriver - ok
17:58:05.0391 0288 IpInIp - ok
17:58:05.0421 0288 IPMIDRV (4b9c0f4d4a3acc535f9771039ecd6365) C:\Windows\system32\drivers\ipmidrv.sys
17:58:05.0423 0288 IPMIDRV - ok
17:58:05.0460 0288 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
17:58:05.0469 0288 IPNAT - ok
17:58:05.0498 0288 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
17:58:05.0499 0288 IRENUM - ok
17:58:05.0533 0288 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
17:58:05.0546 0288 isapnp - ok
17:58:05.0585 0288 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
17:58:05.0590 0288 iScsiPrt - ok
17:58:05.0769 0288 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
17:58:05.0782 0288 iteatapi - ok
17:58:05.0815 0288 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
17:58:05.0817 0288 iteraid - ok
17:58:05.0852 0288 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
17:58:05.0860 0288 kbdclass - ok
17:58:05.0897 0288 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
17:58:05.0898 0288 kbdhid - ok
17:58:06.0010 0288 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
17:58:06.0023 0288 KSecDD - ok
17:58:06.0155 0288 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
17:58:06.0158 0288 lltdio - ok
17:58:06.0254 0288 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
17:58:06.0257 0288 LSI_FC - ok
17:58:06.0291 0288 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
17:58:06.0313 0288 LSI_SAS - ok
17:58:06.0399 0288 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
17:58:06.0403 0288 LSI_SCSI - ok
17:58:06.0569 0288 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
17:58:06.0573 0288 luafv - ok
17:58:06.0646 0288 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
17:58:06.0648 0288 megasas - ok
17:58:06.0702 0288 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
17:58:06.0726 0288 MegaSR - ok
17:58:06.0799 0288 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
17:58:06.0801 0288 Modem - ok
17:58:06.0859 0288 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
17:58:06.0871 0288 monitor - ok
17:58:06.0946 0288 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
17:58:06.0948 0288 mouclass - ok
17:58:07.0004 0288 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
17:58:07.0006 0288 mouhid - ok
17:58:07.0038 0288 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
17:58:07.0040 0288 MountMgr - ok
17:58:07.0104 0288 mpio (5da347912fd3af24d7bfb3de519d4bd0) C:\Windows\system32\drivers\mpio.sys
17:58:07.0113 0288 mpio - ok
17:58:07.0138 0288 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
17:58:07.0152 0288 mpsdrv - ok
17:58:07.0174 0288 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
17:58:07.0176 0288 Mraid35x - ok
17:58:07.0203 0288 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
17:58:07.0207 0288 MRxDAV - ok
17:58:07.0255 0288 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:58:07.0259 0288 mrxsmb - ok
17:58:07.0315 0288 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:58:07.0321 0288 mrxsmb10 - ok
17:58:07.0363 0288 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:58:07.0366 0288 mrxsmb20 - ok
17:58:07.0412 0288 msahci (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys
17:58:07.0413 0288 msahci - ok
17:58:07.0433 0288 msdsm (2c563aef15b8d0014c36c5f27742ac7b) C:\Windows\system32\drivers\msdsm.sys
17:58:07.0436 0288 msdsm - ok
17:58:07.0521 0288 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
17:58:07.0522 0288 Msfs - ok
17:58:07.0578 0288 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
17:58:07.0592 0288 msisadrv - ok
17:58:07.0689 0288 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
17:58:07.0690 0288 MSKSSRV - ok
17:58:07.0714 0288 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
17:58:07.0715 0288 MSPCLOCK - ok
17:58:07.0835 0288 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
17:58:07.0836 0288 MSPQM - ok
17:58:07.0873 0288 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
17:58:07.0879 0288 MsRPC - ok
17:58:08.0065 0288 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
17:58:08.0067 0288 mssmbios - ok
17:58:08.0092 0288 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
17:58:08.0094 0288 MSTEE - ok
17:58:08.0136 0288 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
17:58:08.0143 0288 Mup - ok
17:58:08.0220 0288 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
17:58:08.0225 0288 NativeWifiP - ok
17:58:08.0348 0288 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
17:58:08.0361 0288 NDIS - ok
17:58:08.0416 0288 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
17:58:08.0424 0288 NdisTapi - ok
17:58:08.0467 0288 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
17:58:08.0468 0288 Ndisuio - ok
17:58:08.0569 0288 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
17:58:08.0573 0288 NdisWan - ok
17:58:08.0615 0288 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
17:58:08.0617 0288 NDProxy - ok
17:58:08.0656 0288 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
17:58:08.0658 0288 NetBIOS - ok
17:58:08.0707 0288 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
17:58:08.0712 0288 netbt - ok
17:58:08.0779 0288 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
17:58:08.0781 0288 nfrd960 - ok
17:58:08.0926 0288 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
17:58:08.0928 0288 Npfs - ok
17:58:08.0965 0288 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
17:58:08.0966 0288 nsiproxy - ok
17:58:09.0119 0288 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
17:58:09.0144 0288 Ntfs - ok
17:58:09.0351 0288 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
17:58:09.0353 0288 ntrigdigi - ok
17:58:09.0395 0288 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
17:58:09.0397 0288 Null - ok
17:58:09.0438 0288 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
17:58:09.0441 0288 nvraid - ok
17:58:09.0478 0288 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
17:58:09.0480 0288 nvstor - ok
17:58:09.0528 0288 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
17:58:09.0532 0288 nv_agp - ok
17:58:09.0582 0288 NwlnkFlt - ok
17:58:09.0611 0288 NwlnkFwd - ok
17:58:09.0660 0288 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
17:58:09.0677 0288 ohci1394 - ok
17:58:09.0803 0288 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
17:58:09.0820 0288 Parport - ok
17:58:09.0988 0288 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
17:58:09.0990 0288 partmgr - ok
17:58:10.0032 0288 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
17:58:10.0033 0288 Parvdm - ok
17:58:10.0099 0288 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
17:58:10.0104 0288 pci - ok
17:58:10.0143 0288 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
17:58:10.0145 0288 pciide - ok
17:58:10.0270 0288 pcmcia (3bb2244f343b610c29c98035504c9b75) C:\Windows\system32\DRIVERS\pcmcia.sys
17:58:10.0275 0288 pcmcia - ok
17:58:10.0348 0288 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
17:58:10.0369 0288 PEAUTH - ok
17:58:10.0488 0288 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
17:58:10.0491 0288 PptpMiniport - ok
17:58:10.0588 0288 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
17:58:10.0589 0288 Processor - ok
17:58:10.0647 0288 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
17:58:10.0649 0288 PSched - ok
17:58:10.0716 0288 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
17:58:10.0742 0288 ql2300 - ok
17:58:10.0852 0288 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
17:58:10.0856 0288 ql40xx - ok
17:58:10.0909 0288 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
17:58:10.0911 0288 QWAVEdrv - ok
17:58:10.0943 0288 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
17:58:10.0970 0288 RasAcd - ok
17:58:11.0020 0288 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:58:11.0023 0288 Rasl2tp - ok
17:58:11.0071 0288 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
17:58:11.0073 0288 RasPppoe - ok
17:58:11.0284 0288 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
17:58:11.0317 0288 RasSstp - ok
17:58:11.0357 0288 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
17:58:11.0364 0288 rdbss - ok
17:58:11.0446 0288 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:58:11.0448 0288 RDPCDD - ok
17:58:11.0496 0288 rdpdr (943b18305eae3935598a9b4a3d560b4c) C:\Windows\system32\drivers\rdpdr.sys
17:58:11.0519 0288 rdpdr - ok
17:58:11.0575 0288 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
17:58:11.0576 0288 RDPENCDD - ok
17:58:11.0633 0288 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
17:58:11.0638 0288 RDPWD - ok
17:58:11.0827 0288 rm - ok
17:58:11.0945 0288 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
17:58:11.0955 0288 rspndr - ok
17:58:12.0009 0288 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
17:58:12.0011 0288 sbp2port - ok
17:58:12.0095 0288 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
17:58:12.0099 0288 sdbus - ok
17:58:12.0292 0288 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
17:58:12.0308 0288 secdrv - ok
17:58:12.0350 0288 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
17:58:12.0351 0288 Serenum - ok
17:58:12.0386 0288 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
17:58:12.0389 0288 Serial - ok
17:58:12.0406 0288 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
17:58:12.0408 0288 sermouse - ok
17:58:12.0528 0288 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
17:58:12.0548 0288 sffdisk - ok
17:58:12.0601 0288 sffp_mmc (e5eafe85815bd89095fef3144a09ab68) C:\Windows\system32\drivers\sffp_mmc.sys
17:58:12.0603 0288 sffp_mmc - ok
17:58:12.0642 0288 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
17:58:12.0644 0288 sffp_sd - ok
17:58:12.0678 0288 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
17:58:12.0680 0288 sfloppy - ok
17:58:12.0743 0288 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
17:58:12.0746 0288 sisagp - ok
17:58:12.0767 0288 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
17:58:12.0768 0288 SiSRaid2 - ok
17:58:12.0814 0288 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
17:58:12.0829 0288 SiSRaid4 - ok
17:58:12.0938 0288 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
17:58:12.0940 0288 Smb - ok
17:58:13.0090 0288 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
17:58:13.0091 0288 spldr - ok
17:58:13.0181 0288 sptd - ok
17:58:13.0283 0288 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
17:58:13.0291 0288 srv - ok
17:58:13.0496 0288 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
17:58:13.0501 0288 srv2 - ok
17:58:13.0560 0288 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
17:58:13.0564 0288 srvnet - ok
17:58:13.0715 0288 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
17:58:13.0716 0288 swenum - ok
17:58:13.0804 0288 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
17:58:13.0812 0288 Symc8xx - ok
17:58:13.0884 0288 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
17:58:13.0885 0288 Sym_hi - ok
17:58:13.0954 0288 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
17:58:13.0955 0288 Sym_u3 - ok
17:58:14.0003 0288 SynTP (2d2c815364a878c7e358d5f549711197) C:\Windows\system32\DRIVERS\SynTP.sys
17:58:14.0018 0288 SynTP - ok
17:58:14.0138 0288 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
17:58:14.0158 0288 Tcpip - ok
17:58:14.0266 0288 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
17:58:14.0275 0288 Tcpip6 - ok
17:58:14.0313 0288 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
17:58:14.0315 0288 tcpipreg - ok
17:58:14.0373 0288 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
17:58:14.0374 0288 TDPIPE - ok
17:58:14.0393 0288 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
17:58:14.0395 0288 TDTCP - ok
17:58:14.0421 0288 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
17:58:14.0424 0288 tdx - ok
17:58:14.0468 0288 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
17:58:14.0471 0288 TermDD - ok
17:58:14.0620 0288 tifm21 (28b7f973c36d157a7885b1ae42a4a2a9) C:\Windows\system32\drivers\tifm21.sys
17:58:14.0631 0288 tifm21 - ok
17:58:14.0724 0288 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:58:14.0726 0288 tssecsrv - ok
17:58:14.0773 0288 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
17:58:14.0774 0288 tunmp - ok
17:58:14.0949 0288 tunnel (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys
17:58:14.0955 0288 tunnel - ok
17:58:15.0015 0288 TVALZ (521c5f39829875adf5466dd94c6282c7) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
17:58:15.0026 0288 TVALZ - ok
17:58:15.0109 0288 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
17:58:15.0111 0288 uagp35 - ok
17:58:15.0194 0288 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
17:58:15.0200 0288 udfs - ok
17:58:15.0357 0288 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
17:58:15.0374 0288 uliagpkx - ok
17:58:15.0418 0288 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
17:58:15.0425 0288 uliahci - ok
17:58:15.0442 0288 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
17:58:15.0445 0288 UlSata - ok
17:58:15.0542 0288 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
17:58:15.0563 0288 ulsata2 - ok
17:58:15.0677 0288 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
17:58:15.0678 0288 umbus - ok
17:58:15.0719 0288 usbccgp (8bd3ae150d97ba4e633c6c5c51b41ae1) C:\Windows\system32\drivers\usbccgp.sys
17:58:15.0721 0288 usbccgp - ok
17:58:15.0745 0288 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
17:58:15.0747 0288 usbcir - ok
17:58:15.0813 0288 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
17:58:15.0819 0288 usbehci - ok
17:58:15.0858 0288 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
17:58:15.0863 0288 usbhub - ok
17:58:15.0912 0288 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
17:58:15.0914 0288 usbohci - ok
17:58:16.0052 0288 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
17:58:16.0065 0288 usbprint - ok
17:58:16.0149 0288 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:58:16.0163 0288 USBSTOR - ok
17:58:16.0278 0288 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
17:58:16.0297 0288 usbuhci - ok
17:58:16.0418 0288 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
17:58:16.0420 0288 vga - ok
17:58:16.0458 0288 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
17:58:16.0466 0288 VgaSave - ok
17:58:16.0502 0288 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
17:58:16.0504 0288 viaagp - ok
17:58:16.0576 0288 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
17:58:16.0578 0288 ViaC7 - ok
17:58:16.0604 0288 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
17:58:16.0606 0288 viaide - ok
17:58:16.0636 0288 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
17:58:16.0638 0288 volmgr - ok
17:58:16.0842 0288 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
17:58:16.0851 0288 volmgrx - ok
17:58:16.0919 0288 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
17:58:16.0925 0288 volsnap - ok
17:58:16.0972 0288 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
17:58:16.0976 0288 vsmraid - ok
17:58:17.0083 0288 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
17:58:17.0085 0288 WacomPen - ok
17:58:17.0111 0288 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
17:58:17.0114 0288 Wanarp - ok
17:58:17.0136 0288 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
17:58:17.0138 0288 Wanarpv6 - ok
17:58:17.0200 0288 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
17:58:17.0201 0288 Wd - ok
17:58:17.0258 0288 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
17:58:17.0270 0288 Wdf01000 - ok
17:58:17.0479 0288 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
17:58:17.0496 0288 WmiAcpi - ok
17:58:17.0572 0288 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
17:58:17.0574 0288 ws2ifsl - ok
17:58:17.0674 0288 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:58:17.0682 0288 WUDFRd - ok
17:58:17.0731 0288 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
17:58:17.0785 0288 \Device\Harddisk0\DR0 - ok
17:58:17.0802 0288 Boot (0x1200) (1210670f672e08844b44da3bb81ff78e) \Device\Harddisk0\DR0\Partition0
17:58:17.0803 0288 \Device\Harddisk0\DR0\Partition0 - ok
17:58:17.0833 0288 Boot (0x1200) (7a7985bf535adec3cfe56c75c67b8520) \Device\Harddisk0\DR0\Partition1
17:58:17.0834 0288 \Device\Harddisk0\DR0\Partition1 - ok
17:58:17.0835 0288 ============================================================
17:58:17.0835 0288 Scan finished
17:58:17.0835 0288 ============================================================
17:58:17.0855 3268 Detected object count: 1
17:58:17.0855 3268 Actual detected object count: 1
17:58:32.0147 3268 DfsC ( Virus.Win32.ZAccess.c ) - skipped by user
17:58:32.0147 3268 DfsC ( Virus.Win32.ZAccess.c ) - User select action: Skip
17:59:18.0400 2136 ============================================================
17:59:18.0400 2136 Scan started
17:59:18.0400 2136 Mode: Manual;
17:59:18.0400 2136 ============================================================
17:59:18.0716 2136 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
17:59:18.0719 2136 ACPI - ok
17:59:18.0817 2136 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
17:59:18.0821 2136 adp94xx - ok
17:59:18.0982 2136 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
17:59:18.0985 2136 adpahci - ok
17:59:19.0041 2136 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
17:59:19.0043 2136 adpu160m - ok
17:59:19.0104 2136 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
17:59:19.0106 2136 adpu320 - ok
17:59:19.0281 2136 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
17:59:19.0284 2136 AFD - ok
17:59:19.0453 2136 AgereSoftModem (4e6294a06be883c9bd685a8dfd9fcd4e) C:\Windows\system32\DRIVERS\AGRSM.sys
17:59:19.0467 2136 AgereSoftModem - ok
17:59:19.0641 2136 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
17:59:19.0643 2136 agp440 - ok
17:59:19.0713 2136 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
17:59:19.0715 2136 aic78xx - ok
17:59:19.0835 2136 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
17:59:19.0836 2136 aliide - ok
17:59:19.0919 2136 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
17:59:19.0920 2136 amdagp - ok
17:59:19.0967 2136 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
17:59:19.0968 2136 amdide - ok
17:59:20.0057 2136 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
17:59:20.0058 2136 AmdK7 - ok
17:59:20.0193 2136 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
17:59:20.0194 2136 AmdK8 - ok
17:59:20.0255 2136 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
17:59:20.0256 2136 arc - ok
17:59:20.0293 2136 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
17:59:20.0294 2136 arcsas - ok
17:59:20.0416 2136 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
17:59:20.0417 2136 AsyncMac - ok
17:59:20.0502 2136 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
17:59:20.0503 2136 atapi - ok
17:59:20.0685 2136 athr (09a644da1f4c144df1c9fe3cd75e22ed) C:\Windows\system32\DRIVERS\athr.sys
17:59:20.0702 2136 athr - ok
17:59:20.0892 2136 AVGIDSDriver (4cbb56fbc9c0cbc517e6e3a6889ebddc) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
17:59:20.0894 2136 AVGIDSDriver - ok
17:59:20.0959 2136 AVGIDSEH (459bce188232e2fe6152423efef65d76) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
17:59:20.0960 2136 AVGIDSEH - ok
17:59:21.0021 2136 AVGIDSFilter (91d9abe7e88eac7c167cba4ed4d983bf) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
17:59:21.0022 2136 AVGIDSFilter - ok
17:59:21.0260 2136 AVGIDSShim (3fc2714e185c04308215d46730d41a94) C:\Windows\system32\DRIVERS\AVGIDSShim.Sys
17:59:21.0261 2136 AVGIDSShim - ok
17:59:21.0307 2136 Avgldx86 - ok
17:59:21.0364 2136 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\Windows\system32\DRIVERS\avgmfx86.sys
17:59:21.0365 2136 Avgmfx86 - ok
17:59:21.0481 2136 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\Windows\system32\DRIVERS\avgrkx86.sys
17:59:21.0482 2136 Avgrkx86 - ok
17:59:21.0549 2136 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\Windows\system32\DRIVERS\avgtdix.sys
17:59:21.0554 2136 Avgtdix - ok
17:59:21.0646 2136 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
17:59:21.0646 2136 Beep - ok
17:59:21.0715 2136 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
17:59:21.0717 2136 blbdrive - ok
17:59:21.0923 2136 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
17:59:21.0925 2136 bowser - ok
17:59:22.0027 2136 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
17:59:22.0028 2136 BrFiltLo - ok
17:59:22.0201 2136 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
17:59:22.0202 2136 BrFiltUp - ok
17:59:22.0251 2136 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
17:59:22.0253 2136 Brserid - ok
17:59:22.0308 2136 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
17:59:22.0309 2136 BrSerWdm - ok
17:59:22.0397 2136 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
17:59:22.0398 2136 BrUsbMdm - ok
17:59:22.0518 2136 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
17:59:22.0519 2136 BrUsbSer - ok
17:59:22.0580 2136 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
17:59:22.0582 2136 BTHMODEM - ok
17:59:22.0682 2136 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
17:59:22.0684 2136 cdfs - ok
17:59:22.0835 2136 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
17:59:22.0836 2136 cdrom - ok
17:59:22.0913 2136 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
17:59:22.0915 2136 circlass - ok
17:59:23.0096 2136 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
17:59:23.0100 2136 CLFS - ok
17:59:23.0218 2136 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
17:59:23.0218 2136 CmBatt - ok
17:59:23.0396 2136 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
17:59:23.0397 2136 cmdide - ok
17:59:23.0453 2136 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
17:59:23.0453 2136 Compbatt - ok
17:59:23.0514 2136 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
17:59:23.0515 2136 crcdisk - ok
17:59:23.0758 2136 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
17:59:23.0759 2136 Crusoe - ok
17:59:23.0839 2136 DfsC (161baa4d007c4aed2ca03ee2e8aae3ca) C:\Windows\system32\Drivers\dfsc.sys
17:59:23.0840 2136 DfsC ( Virus.Win32.ZAccess.c ) - infected
17:59:23.0840 2136 DfsC - detected Virus.Win32.ZAccess.c (0)
17:59:24.0092 2136 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
17:59:24.0094 2136 disk - ok
17:59:24.0165 2136 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
17:59:24.0166 2136 drmkaud - ok
17:59:24.0376 2136 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
17:59:24.0383 2136 DXGKrnl - ok
17:59:24.0463 2136 E100B (d00eeae1cacd77a1a8396bbc19140bba) C:\Windows\system32\DRIVERS\e100b325.sys
17:59:24.0464 2136 E100B - ok
17:59:24.0638 2136 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
17:59:24.0640 2136 E1G60 - ok
17:59:24.0706 2136 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
17:59:24.0709 2136 Ecache - ok
17:59:25.0003 2136 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
17:59:25.0007 2136 elxstor - ok
17:59:25.0055 2136 ErrDev (a81ab23eddb4693612014d87367d014c) C:\Windows\system32\drivers\errdev.sys
17:59:25.0056 2136 ErrDev - ok
17:59:25.0269 2136 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
17:59:25.0271 2136 exfat - ok
17:59:25.0351 2136 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
17:59:25.0353 2136 fastfat - ok
17:59:25.0545 2136 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
17:59:25.0546 2136 fdc - ok
17:59:25.0591 2136 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
17:59:25.0593 2136 FileInfo - ok
17:59:25.0633 2136 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
17:59:25.0634 2136 Filetrace - ok
17:59:25.0774 2136 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
17:59:25.0775 2136 flpydisk - ok
17:59:25.0846 2136 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
17:59:25.0849 2136 FltMgr - ok
17:59:25.0928 2136 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
17:59:25.0929 2136 Fs_Rec - ok
17:59:26.0027 2136 FwLnk (cbc22823628544735625b280665e434e) C:\Windows\system32\DRIVERS\FwLnk.sys
17:59:26.0028 2136 FwLnk - ok
17:59:26.0231 2136 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
17:59:26.0232 2136 gagp30kx - ok
17:59:26.0355 2136 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
17:59:26.0357 2136 HdAudAddService - ok
17:59:26.0579 2136 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
17:59:26.0585 2136 HDAudBus - ok
17:59:26.0641 2136 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
17:59:26.0642 2136 HidBth - ok
17:59:26.0713 2136 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
17:59:26.0713 2136 HidIr - ok
17:59:26.0826 2136 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
17:59:26.0827 2136 HidUsb - ok
17:59:26.0887 2136 HpCISSs (7ebec5eb56b90ed65a8bbd91464e5cfb) C:\Windows\system32\drivers\hpcisss.sys
17:59:26.0888 2136 HpCISSs - ok
17:59:27.0046 2136 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
17:59:27.0051 2136 HTTP - ok
17:59:27.0243 2136 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
17:59:27.0244 2136 i2omp - ok
17:59:27.0295 2136 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
17:59:27.0296 2136 i8042prt - ok
17:59:27.0557 2136 ialm (14f477463246e35f1dc932be6225598c) C:\Windows\system32\DRIVERS\igdkmd32.sys
17:59:27.0576 2136 ialm - ok
17:59:27.0714 2136 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
17:59:27.0718 2136 iaStorV - ok
17:59:27.0912 2136 igfx (14f477463246e35f1dc932be6225598c) C:\Windows\system32\DRIVERS\igdkmd32.sys
17:59:27.0936 2136 igfx - ok
17:59:28.0124 2136 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
17:59:28.0125 2136 iirsp - ok
17:59:28.0374 2136 IntcAzAudAddService (2690be9907b36b7c3ea2859c74926fa1) C:\Windows\system32\drivers\RTKVHDA.sys
17:59:28.0401 2136 IntcAzAudAddService - ok
17:59:28.0540 2136 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
17:59:28.0541 2136 intelide - ok
17:59:28.0608 2136 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
17:59:28.0610 2136 intelppm - ok
17:59:28.0662 2136 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:59:28.0663 2136 IpFilterDriver - ok
17:59:28.0749 2136 IpInIp - ok
17:59:28.0923 2136 IPMIDRV (4b9c0f4d4a3acc535f9771039ecd6365) C:\Windows\system32\drivers\ipmidrv.sys
17:59:28.0924 2136 IPMIDRV - ok
17:59:28.0992 2136 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
17:59:28.0993 2136 IPNAT - ok
17:59:29.0176 2136 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
17:59:29.0177 2136 IRENUM - ok
17:59:29.0254 2136 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
17:59:29.0255 2136 isapnp - ok
17:59:29.0317 2136 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
17:59:29.0319 2136 iScsiPrt - ok
17:59:29.0557 2136 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
17:59:29.0558 2136 iteatapi - ok
17:59:29.0614 2136 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
17:59:29.0615 2136 iteraid - ok
17:59:29.0696 2136 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
17:59:29.0697 2136 kbdclass - ok
17:59:29.0930 2136 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
17:59:29.0938 2136 kbdhid - ok
17:59:30.0053 2136 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
17:59:30.0066 2136 KSecDD - ok
17:59:30.0276 2136 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
17:59:30.0278 2136 lltdio - ok
17:59:30.0377 2136 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
17:59:30.0383 2136 LSI_FC - ok
17:59:30.0526 2136 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
17:59:30.0529 2136 LSI_SAS - ok
17:59:30.0554 2136 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
17:59:30.0572 2136 LSI_SCSI - ok
17:59:30.0634 2136 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
17:59:30.0645 2136 luafv - ok
17:59:30.0836 2136 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
17:59:30.0843 2136 megasas - ok
17:59:30.0943 2136 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
17:59:30.0961 2136 MegaSR - ok
17:59:31.0190 2136 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
17:59:31.0208 2136 Modem - ok
17:59:31.0314 2136 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
17:59:31.0326 2136 monitor - ok
17:59:31.0467 2136 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
17:59:31.0486 2136 mouclass - ok
17:59:31.0525 2136 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
17:59:31.0533 2136 mouhid - ok
17:59:31.0581 2136 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
17:59:31.0584 2136 MountMgr - ok
17:59:31.0781 2136 mpio (5da347912fd3af24d7bfb3de519d4bd0) C:\Windows\system32\drivers\mpio.sys
17:59:31.0797 2136 mpio - ok
17:59:31.0848 2136 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
17:59:31.0860 2136 mpsdrv - ok
17:59:32.0118 2136 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
17:59:32.0120 2136 Mraid35x - ok
17:59:32.0195 2136 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
17:59:32.0205 2136 MRxDAV - ok
17:59:32.0354 2136 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:59:32.0373 2136 mrxsmb - ok
17:59:32.0426 2136 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:59:32.0451 2136 mrxsmb10 - ok
17:59:32.0570 2136 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:59:32.0573 2136 mrxsmb20 - ok
17:59:32.0656 2136 msahci (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys
17:59:32.0658 2136 msahci - ok
17:59:32.0729 2136 msdsm (2c563aef15b8d0014c36c5f27742ac7b) C:\Windows\system32\drivers\msdsm.sys
17:59:32.0740 2136 msdsm - ok
17:59:32.0875 2136 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
17:59:32.0877 2136 Msfs - ok
17:59:32.0955 2136 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
17:59:32.0956 2136 msisadrv - ok
17:59:33.0055 2136 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
17:59:33.0056 2136 MSKSSRV - ok
17:59:33.0089 2136 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
17:59:33.0090 2136 MSPCLOCK - ok
17:59:33.0254 2136 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
17:59:33.0256 2136 MSPQM - ok
17:59:33.0339 2136 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
17:59:33.0345 2136 MsRPC - ok
17:59:33.0432 2136 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
17:59:33.0435 2136 mssmbios - ok
17:59:33.0766 2136 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
17:59:33.0777 2136 MSTEE - ok
17:59:33.0834 2136 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
17:59:33.0847 2136 Mup - ok
17:59:33.0959 2136 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
17:59:33.0979 2136 NativeWifiP - ok
17:59:34.0098 2136 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
17:59:34.0111 2136 NDIS - ok
17:59:34.0237 2136 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
17:59:34.0238 2136 NdisTapi - ok
17:59:34.0365 2136 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
17:59:34.0373 2136 Ndisuio - ok
17:59:34.0423 2136 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
17:59:34.0438 2136 NdisWan - ok
17:59:34.0580 2136 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
17:59:34.0598 2136 NDProxy - ok
17:59:34.0676 2136 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
17:59:34.0682 2136 NetBIOS - ok
17:59:34.0921 2136 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
17:59:34.0928 2136 netbt - ok
17:59:35.0078 2136 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
17:59:35.0087 2136 nfrd960 - ok
17:59:35.0269 2136 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
17:59:35.0287 2136 Npfs - ok
17:59:35.0352 2136 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
17:59:35.0362 2136 nsiproxy - ok
17:59:35.0664 2136 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
17:59:35.0704 2136 Ntfs - ok
17:59:35.0939 2136 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
17:59:35.0940 2136 ntrigdigi - ok
17:59:36.0005 2136 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
17:59:36.0019 2136 Null - ok
17:59:36.0259 2136 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
17:59:36.0278 2136 nvraid - ok
17:59:36.0316 2136 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
17:59:36.0330 2136 nvstor - ok
17:59:36.0382 2136 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
17:59:36.0386 2136 nv_agp - ok
17:59:36.0510 2136 NwlnkFlt - ok
17:59:36.0538 2136 NwlnkFwd - ok
17:59:36.0647 2136 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
17:59:36.0662 2136 ohci1394 - ok
17:59:36.0874 2136 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
17:59:36.0877 2136 Parport - ok
17:59:36.0931 2136 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
17:59:36.0933 2136 partmgr - ok
17:59:36.0997 2136 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
17:59:37.0009 2136 Parvdm - ok
17:59:37.0186 2136 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
17:59:37.0191 2136 pci - ok
17:59:37.0286 2136 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
17:59:37.0288 2136 pciide - ok
17:59:37.0368 2136 pcmcia (3bb2244f343b610c29c98035504c9b75) C:\Windows\system32\DRIVERS\pcmcia.sys
17:59:37.0374 2136 pcmcia - ok
17:59:37.0623 2136 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
17:59:37.0665 2136 PEAUTH - ok
17:59:37.0898 2136 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
17:59:37.0909 2136 PptpMiniport - ok
17:59:37.0986 2136 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
17:59:37.0988 2136 Processor - ok
17:59:38.0057 2136 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
17:59:38.0058 2136 PSched - ok
17:59:38.0442 2136 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
17:59:38.0533 2136 ql2300 - ok
17:59:38.0676 2136 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
17:59:38.0694 2136 ql40xx - ok
17:59:38.0741 2136 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
17:59:38.0759 2136 QWAVEdrv - ok
17:59:38.0830 2136 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
17:59:38.0838 2136 RasAcd - ok
17:59:39.0008 2136 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:59:39.0012 2136 Rasl2tp - ok
17:59:39.0070 2136 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
17:59:39.0082 2136 RasPppoe - ok
17:59:39.0127 2136 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
17:59:39.0145 2136 RasSstp - ok
17:59:39.0347 2136 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
17:59:39.0367 2136 rdbss - ok
17:59:39.0422 2136 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:59:39.0438 2136 RDPCDD - ok
17:59:39.0570 2136 rdpdr (943b18305eae3935598a9b4a3d560b4c) C:\Windows\system32\drivers\rdpdr.sys
17:59:39.0579 2136 rdpdr - ok
17:59:39.0663 2136 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
17:59:39.0668 2136 RDPENCDD - ok
17:59:39.0754 2136 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
17:59:39.0784 2136 RDPWD - ok
17:59:39.0941 2136 rm - ok
17:59:40.0088 2136 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
17:59:40.0101 2136 rspndr - ok
17:59:40.0196 2136 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
17:59:40.0214 2136 sbp2port - ok
17:59:40.0383 2136 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
17:59:40.0387 2136 sdbus - ok
17:59:40.0457 2136 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
17:59:40.0459 2136 secdrv - ok
17:59:40.0615 2136 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
17:59:40.0627 2136 Serenum - ok
17:59:40.0709 2136 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
17:59:40.0712 2136 Serial - ok
17:59:40.0784 2136 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
17:59:40.0785 2136 sermouse - ok
17:59:41.0008 2136 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
17:59:41.0022 2136 sffdisk - ok
17:59:41.0129 2136 sffp_mmc (e5eafe85815bd89095fef3144a09ab68) C:\Windows\system32\drivers\sffp_mmc.sys
17:59:41.0130 2136 sffp_mmc - ok
17:59:41.0320 2136 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
17:59:41.0332 2136 sffp_sd - ok
17:59:41.0413 2136 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
17:59:41.0419 2136 sfloppy - ok
17:59:41.0526 2136 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
17:59:41.0540 2136 sisagp - ok
17:59:41.0618 2136 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
17:59:41.0621 2136 SiSRaid2 - ok
17:59:41.0728 2136 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
17:59:41.0731 2136 SiSRaid4 - ok
17:59:41.0912 2136 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
17:59:41.0916 2136 Smb - ok
17:59:42.0028 2136 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
17:59:42.0045 2136 spldr - ok
17:59:42.0232 2136 sptd - ok
17:59:42.0362 2136 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
17:59:42.0373 2136 srv - ok
17:59:42.0580 2136 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
17:59:42.0586 2136 srv2 - ok
17:59:42.0722 2136 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
17:59:42.0736 2136 srvnet - ok
17:59:42.0886 2136 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
17:59:42.0903 2136 swenum - ok
17:59:43.0009 2136 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
17:59:43.0016 2136 Symc8xx - ok
17:59:43.0077 2136 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
17:59:43.0080 2136 Sym_hi - ok
17:59:43.0195 2136 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
17:59:43.0204 2136 Sym_u3 - ok
17:59:43.0346 2136 SynTP (2d2c815364a878c7e358d5f549711197) C:\Windows\system32\DRIVERS\SynTP.sys
17:59:43.0361 2136 SynTP - ok
17:59:43.0537 2136 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
17:59:43.0564 2136 Tcpip - ok
17:59:43.0718 2136 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
17:59:43.0734 2136 Tcpip6 - ok
17:59:43.0895 2136 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
17:59:43.0898 2136 tcpipreg - ok
17:59:43.0966 2136 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
17:59:43.0976 2136 TDPIPE - ok
17:59:44.0024 2136 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
17:59:44.0026 2136 TDTCP - ok
17:59:44.0126 2136 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
17:59:44.0143 2136 tdx - ok
17:59:44.0273 2136 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
17:59:44.0275 2136 TermDD - ok
17:59:44.0381 2136 tifm21 (28b7f973c36d157a7885b1ae42a4a2a9) C:\Windows\system32\drivers\tifm21.sys
17:59:44.0398 2136 tifm21 - ok
17:59:44.0584 2136 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:59:44.0594 2136 tssecsrv - ok
17:59:44.0666 2136 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
17:59:44.0668 2136 tunmp - ok
17:59:44.0739 2136 tunnel (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys
17:59:44.0741 2136 tunnel - ok
17:59:44.0897 2136 TVALZ (521c5f39829875adf5466dd94c6282c7) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
17:59:44.0899 2136 TVALZ - ok
17:59:45.0058 2136 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
17:59:45.0060 2136 uagp35 - ok
17:59:45.0255 2136 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
17:59:45.0289 2136 udfs - ok
17:59:45.0395 2136 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
17:59:45.0414 2136 uliagpkx - ok
17:59:45.0585 2136 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
17:59:45.0624 2136 uliahci - ok
17:59:45.0737 2136 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
17:59:45.0741 2136 UlSata - ok
17:59:45.0927 2136 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
17:59:45.0932 2136 ulsata2 - ok
17:59:46.0052 2136 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
17:59:46.0054 2136 umbus - ok
17:59:46.0146 2136 usbccgp (8bd3ae150d97ba4e633c6c5c51b41ae1) C:\Windows\system32\drivers\usbccgp.sys
17:59:46.0163 2136 usbccgp - ok
17:59:46.0281 2136 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
17:59:46.0285 2136 usbcir - ok
17:59:46.0429 2136 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
17:59:46.0433 2136 usbehci - ok
17:59:46.0537 2136 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
17:59:46.0544 2136 usbhub - ok
17:59:46.0684 2136 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
17:59:46.0686 2136 usbohci - ok
17:59:46.0834 2136 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
17:59:46.0836 2136 usbprint - ok
17:59:46.0965 2136 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:59:46.0969 2136 USBSTOR - ok
17:59:47.0076 2136 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
17:59:47.0078 2136 usbuhci - ok
17:59:47.0166 2136 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
17:59:47.0168 2136 vga - ok
17:59:47.0373 2136 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
17:59:47.0376 2136 VgaSave - ok
17:59:47.0534 2136 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
17:59:47.0541 2136 viaagp - ok
17:59:47.0681 2136 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
17:59:47.0694 2136 ViaC7 - ok
17:59:47.0782 2136 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
17:59:47.0792 2136 viaide - ok
17:59:47.0927 2136 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
17:59:47.0945 2136 volmgr - ok
17:59:48.0134 2136 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
17:59:48.0174 2136 volmgrx - ok
17:59:48.0407 2136 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
17:59:48.0452 2136 volsnap - ok
17:59:48.0555 2136 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
17:59:48.0578 2136 vsmraid - ok
17:59:48.0738 2136 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
17:59:48.0741 2136 WacomPen - ok
17:59:48.0838 2136 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
17:59:48.0841 2136 Wanarp - ok
17:59:48.0865 2136 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
17:59:48.0873 2136 Wanarpv6 - ok
17:59:49.0115 2136 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
17:59:49.0117 2136 Wd - ok
17:59:49.0294 2136 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
17:59:49.0321 2136 Wdf01000 - ok
17:59:49.0539 2136 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
17:59:49.0540 2136 WmiAcpi - ok
17:59:49.0664 2136 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
17:59:49.0666 2136 ws2ifsl - ok
17:59:49.0767 2136 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:59:49.0780 2136 WUDFRd - ok
17:59:49.0847 2136 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
17:59:49.0911 2136 \Device\Harddisk0\DR0 - ok
17:59:49.0918 2136 Boot (0x1200) (1210670f672e08844b44da3bb81ff78e) \Device\Harddisk0\DR0\Partition0
17:59:49.0920 2136 \Device\Harddisk0\DR0\Partition0 - ok
17:59:49.0970 2136 Boot (0x1200) (7a7985bf535adec3cfe56c75c67b8520) \Device\Harddisk0\DR0\Partition1
17:59:49.0972 2136 \Device\Harddisk0\DR0\Partition1 - ok
17:59:49.0973 2136 ============================================================
17:59:49.0973 2136 Scan finished
17:59:49.0973 2136 ============================================================
17:59:49.0992 1152 Detected object count: 1
17:59:49.0992 1152 Actual detected object count: 1
18:00:15.0153 1152 DfsC ( Virus.Win32.ZAccess.c ) - skipped by user
18:00:15.0153 1152 DfsC ( Virus.Win32.ZAccess.c ) - User select action: Skip
Gmer
- Kod: Zaznacz wszystko
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-01-29 19:20:16
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 TOSHIBA_MK8037GSX rev.DL230M
Running: 1jpe1ewz.exe; Driver: C:\Users\JOANNA\AppData\Local\Temp\awdiqpog.sys
---- Threads - GMER 1.0.15 ----
Thread System [4:420] 8BB2A540
Thread System [4:424] 8BB2A540
---- Files - GMER 1.0.15 ----
File C:\Windows\$NtUninstallKB11121$\2841393236 0 bytes
File C:\Windows\$NtUninstallKB11121$\4000332542 0 bytes
File C:\Windows\$NtUninstallKB11121$\4000332542\@ 2048 bytes
File C:\Windows\$NtUninstallKB11121$\4000332542\L 0 bytes
File C:\Windows\$NtUninstallKB11121$\4000332542\L\qnbwvoto 75264 bytes
File C:\Windows\$NtUninstallKB11121$\4000332542\loader.tlb 2632 bytes
File C:\Windows\$NtUninstallKB11121$\4000332542\U 0 bytes
File C:\Windows\$NtUninstallKB11121$\4000332542\U\@00000001 45968 bytes
File C:\Windows\$NtUninstallKB11121$\4000332542\U\@000000c0 3072 bytes
File C:\Windows\$NtUninstallKB11121$\4000332542\U\@000000cb 3072 bytes
File C:\Windows\$NtUninstallKB11121$\4000332542\U\@000000cf 1536 bytes
File C:\Windows\$NtUninstallKB11121$\4000332542\U\@80000000 73728 bytes
File C:\Windows\$NtUninstallKB11121$\4000332542\U\@800000c0 32768 bytes
File C:\Windows\$NtUninstallKB11121$\4000332542\U\@800000cb 24576 bytes
File C:\Windows\$NtUninstallKB11121$\4000332542\U\@800000cf 31232 bytes
---- EOF - GMER 1.0.15 ----
