MyCity » Ambulanta -> Arhiva Ambulante » Moguć virus? :S

Moguć virus? :S

Napisano na dan: 9.7.2011

Moguć virus? :S
Sledeća strana Pagination

Idi na vrh

Poslao: 09 Jul 2011 14:06
Idi na vrh
offline
  • Pridružio: 03 Jul 2011
  • Poruke: 22
  • Gde živiš: Zrenjanin

Napisano: 09 Jul 2011 13:18

-Ovako,već nedelju dana mi je kompjuter jakooooooo usporen. podiže sistem 15 min,otvara Operu 4-5 min..
Pre neki dan sam igrala igricu,i "zapucao" se,i logično,restartovala sam ga.
Pisalo je:" Windows can't find the local profile and is logging you on with a temporary profile." Kad se upalio komp,desktop je bio praaazaaan,promenila se pozadina, a od programa(kojih sam imala oko 30 na desktopu),ostali su samo:avast,ccleaner,utorrent,opera i winamp. Ostali programi/fajlovi su mi na D disku i savršeno rade/svi su tu.
I sad SVAKI put kad upalim komp,moram da instaliram winamp i utorrent(tj,ikonice već budu na desktopu,ali da bi radile,mora ponovna instalacija),a ako sam prethodnog dana nešto imala na desktopu,tipa slika,novi program,obriše se. i tako svaki put,što mi je stvarno naporno i izluđuje me.

- Skenirala sam komp,nema nikakvih virusa.. barem tako piše.
Ljudi koji se razumeju(nadam se) su rekli da mi je verovatno neko upao u komp,i onda se komp automatski odbranio tako što je obrisao desktop ili promenio profil. (?)

-Kad sam probala da srušim sistem,nije mogao..o.O tj,par ljudi je probalo..neće da bootuje(već podigne stari sistem)..il tako nešto,ne razumem se baš najbolje.

Da li bi rušenje sistema vratilo komp na normalu? tj,što se tiče desktopa?
I koji bi mogao biti uzrok staaalnog brisanja desktopa prilikom podizanja sistema? Je l moguće da se neko malo "igrao" sa kompom?
Hvala unapred na pomoći.

P.S.izvinjavam se ako ova tema već postoji i ako nisam baš najbolje objasnila.:/ i što je poruka predugačka.
P.S.S e daaa,zaboravila sam da napomenem,da kad sam juče refresh-ovala desktop,odjednom su se pojavile ikonice(my documents,my computer itd),koje ja NISAM sama izbacila.. i kad sam ponovo refresh-ovala,nestale su. o.O

Koristim SBB 700kb/s
Computer:
AMD Sempron(tm) Processor
2800+
512 MB of RAM



.
DDS (Ver_2011-06-23.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_22
Run by kovacevic at 13:15:25 on 2011-07-09
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.511.67 [GMT 2:00]
.
.
============== Running Processes ===============
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rundll32.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
svchost.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\vsnpstd.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\BearShare Applications\MediaBar\DataMngr\DataMngrUI.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\CTFMON.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Opera\opera.exe
.
============== Pseudo HJT Report ===============
.
mSearchAssistant = hxxp://search.live.com/sphome.aspx
mURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: MediaBar: {0974ba1e-64ec-11de-b2a5-e43756d89593} - c:\program files\bearshare applications\mediabar\toolbar\BearshareMediabarDx.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
BHO: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - c:\program files\softonic-eng7\tbSof2.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: UrlHelper Class: {74322bf9-df26-493f-b0da-6d2fc5e6429e} - c:\program files\bearshare applications\mediabar\datamngr\IEBHO.dll
BHO: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - c:\program files\dvdvideosofttb\tbDVD2.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: DVDVideoSoft Toolbar: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - c:\program files\dvdvideosoft\tbDVDV.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: DVDVideoSoft Toolbar: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - c:\program files\dvdvideosoft\tbDVDV.dll
TB: MediaBar: {0974ba1e-64ec-11de-b2a5-e43756d89593} - c:\program files\bearshare applications\mediabar\toolbar\BearshareMediabarDx.dll
TB: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - c:\program files\softonic-eng7\tbSof2.dll
TB: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - c:\program files\dvdvideosofttb\tbDVD2.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [ATIPTA] c:\program files\ati technologies\ati control panel\atiptaxx.exe
mRun: [snpstd] c:\windows\vsnpstd.exe
mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
mRun: [DataMngr] c:\program files\bearshare applications\mediabar\datamngr\DataMngrUI.exe
mRun: [<NO NAME>]
mRun: [Sony Ericsson PC Suite] "c:\program files\sony ericsson\mobile2\application launcher\Application Launcher.exe" /startoptions
mRun: [QuickTime Task] "c:\program files\quicktime alternative\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [WinsysMon] c:\docume~1\kovace~1\locals~1\temp\nsw13a.tmp\googletoolbar.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui
mRun: [NPSStartup]
mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
dRun: [ctfmon.exe] c:\windows\system32\CTFMON.EXE
dRunOnce: [RunNarrator] Narrator.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {B58926D6-CFB0-45d2-9C28-4B5A0F0368AE} - {7A3D6D17-9DD5-4C60-8076-D1784DABAF8C} - c:\program files\clickpotatolite\bin\10.0.666.0\ClickPotatoLiteSABHO.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{C820A2BC-2EE1-4579-857B-FF4D834BEA8E} : DhcpNameServer = 192.168.1.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: AtiExtEvent - Ati2evxx.dll
AppInit_DLLs: c:\progra~1\bearsh~1\mediabar\datamngr\datamngr.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
LSA: Authentication Packages = msv1_0 nwprovau
.
================= FIREFOX ===================
.
FF - ProfilePath -
.
============= SERVICES / DRIVERS ===============
.
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-12-31 294608]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-12-31 17744]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-12-31 40384]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2010-1-20 54752]
R2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2011-2-26 233472]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2011-2-26 36608]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [2011-2-26 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [2011-2-26 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [2011-2-26 121856]
.
=============== Created Last 30 ================
.
2011-07-09 11:07:20 -------- d-----w- c:\documents and settings\temp.kovac\local settings\application data\Opera
2011-07-09 11:06:44 -------- d-----w- c:\documents and settings\temp.kovac\application data\Teleca
2011-07-09 11:06:33 -------- d-----w- c:\documents and settings\temp.kovac\application data\Sony Ericsson
2011-07-09 11:06:29 -------- d-----w- c:\documents and settings\temp.kovac\application data\uTorrent
2011-07-09 11:06:08 -------- d-sh--w- c:\documents and settings\temp.kovac\IETldCache
2011-07-08 19:20:34 -------- d-----w- c:\program files\Last.fm
2011-06-29 19:21:35 417792 ----a-w- c:\program files\windows media player\plugins\wmp_scrobbler.dll
2011-06-29 19:21:33 -------- d-----w- c:\documents and settings\all users\application data\Last.fm
.
==================== Find3M ====================
.
2011-07-09 10:57:53 98304 ----a-w- c:\windows\DUMP60a1.tmp
2011-06-29 13:33:12 1409 ----a-w- c:\windows\QTFont.for
.
=================== ROOTKIT ====================
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, gmer.net
Windows 5.1.2600 Disk: Hitachi_HDT725032VLA360 rev.V54OA7EA -> Harddisk0\DR0 -> \Device\0000006a
.
device: opened successfully
user: MBR read successfully
.
Disk trace:
called modules: ntkrnlpa.exe >>UNKNOWN [0x82B90788]<<
_asm { MOV EAX, 0x82b906a8; XCHG [ESP], EAX; PUSH EAX; PUSH 0x82bdc684; RET ; ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; }
1 ntkrnlpa!IofCallDriver[0x804EE00A] -> \Device\Harddisk0\DR0[0x82B3A8C8]
\Driver\Disk[0x82B3AF38] -> IRP_MJ_CREATE -> 0x82B90788
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; STI ; PUSH AX; POP ES; PUSH AX; POP DS; CLD ; MOV SI, 0x7c1b; MOV DI, 0x61b; PUSH AX; PUSH DI; MOV CX, 0x1e5; REP MOVSB ; RETF ; MOV BP, 0x7be; MOV CL, 0x4; CMP [BP+0x0], CH; JL 0x2e; JNZ 0x3a; }
detected disk devices:
detected hooks:
\Driver\Disk -> 0x82b90788
user & kernel MBR OK
Warning: possible MBR rootkit infection !
.
============= FINISH: 13:16:07,82 ===============




mycity.rs/must-login.png

mycity.rs/must-login.png


kad sam pokrenula GMER,komp mi se restartovao... probaću za 2-3 minuta ponovo ,pa ću vam i to okačiti.

Dopuna: 09 Jul 2011 14:06

Ljudi,ja se izvinjavam.
Još 2 puta sam pokušala da pokrenem GMER,i ooopet se retartovao komp...
Onda sam skinula onaj drugi program-RootRepeal,i kad treba da skrenira,komp zakoči...to se desilo ,isto,2 puta.. Tako da,ništa od toga..Nemoguća misija. -.-

Da li možete da mi pomognete,bez toga? :/

Poslao: 09 Jul 2011 17:20
Idi na vrh
offline
  • Més que un club
  • Glavni vokal @ Harpun
  • Pridružio: 27 Feb 2009
  • Poruke: 3898
  • Gde živiš: Novi Sad,Klisa

Pozdrav Natasha949




Arrow Preuzmi Kaspersky Lab-ov TDSSKiller sa sledece adrese na Desktop:


TDSSKiller

Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili slicnu);
Kada se otvori dijalog za izbor lokacije na kojoj treba sacuvati file, odaberi Desktop i klikni Save.


Kada preuzimanje programa bude završeno:
deaktiviraj zaštitni softver (uputstvo);
zatvori pokrenute programe;
preimenuj TDSSKiller.exe u MyCity.exe;
dvoklikom pokreni program MyCity.exe;
klik na dugme Start Scan.

Ukoliko maliciozni (malicious) objekti budu pronadjeni, uveri se da je za njih odabrana akcija "Cure" (primer) i klikni Continue, a zatim klikni Reboot Now.



Okaci mi sadrzaj log-a sa sledece lokacije:
C:\TDSSKiller_verzija programa_DD.MM.GG_HH.MM.SS.txt
(DD-dan, MM-mesec, GG-godina, HH-sat, MM-minut, SS-sekunda; datum i vreme kada je log napravljen)

-----------------------------------

Arrow Nadji fajl: c:\windows\DUMP60a1.tmp

i upload-uj mi ga putem sledeceg link-a:

http://www.mycity.rs/ambulanta-upload.php

Poslao: 09 Jul 2011 19:18
Idi na vrh
offline
  • Pridružio: 03 Jul 2011
  • Poruke: 22
  • Gde živiš: Zrenjanin

Upload-ovala sam DUMP60a1.tmp.
a evo i :

mycity.rs/must-login.png


2011/07/09 17:57:47.0828 1068 TDSS rootkit removing tool 2.5.9.0 Jul 1 2011 18:45:21
2011/07/09 17:57:48.0250 1068 ================================================================================
2011/07/09 17:57:48.0250 1068 SystemInfo:
2011/07/09 17:57:48.0250 1068
2011/07/09 17:57:48.0250 1068 OS Version: 5.1.2600 ServicePack: 2.0
2011/07/09 17:57:48.0250 1068 Product type: Workstation
2011/07/09 17:57:48.0250 1068 ComputerName: KOVAC
2011/07/09 17:57:48.0250 1068 UserName: kovacevic
2011/07/09 17:57:48.0250 1068 Windows directory: C:\WINDOWS
2011/07/09 17:57:48.0250 1068 System windows directory: C:\WINDOWS
2011/07/09 17:57:48.0250 1068 Processor architecture: Intel x86
2011/07/09 17:57:48.0250 1068 Number of processors: 1
2011/07/09 17:57:48.0250 1068 Page size: 0x1000
2011/07/09 17:57:48.0250 1068 Boot type: Normal boot
2011/07/09 17:57:48.0250 1068 ================================================================================
2011/07/09 17:57:55.0093 1068 Initialize success
2011/07/09 17:58:01.0515 0752 ================================================================================
2011/07/09 17:58:01.0515 0752 Scan started
2011/07/09 17:58:01.0515 0752 Mode: Manual;
2011/07/09 17:58:01.0515 0752 ================================================================================
2011/07/09 17:58:09.0531 0752 Aavmker4 (479c9835b91147be1a92cb76fad9c6de) C:\WINDOWS\system32\drivers\Aavmker4.sys
2011/07/09 17:58:16.0500 0752 ACPI (a10c7534f7223f4a73a948967d00e69b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/07/09 17:58:19.0484 0752 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/07/09 17:58:24.0015 0752 aec (841f385c6cfaf66b58fbd898722bb4f0) C:\WINDOWS\system32\drivers\aec.sys
2011/07/09 17:58:27.0078 0752 AFD (55e6e1c51b6d30e54335750955453702) C:\WINDOWS\System32\drivers\afd.sys
2011/07/09 17:58:42.0890 0752 ALCXWDM (d42f79f0d2cfffa71bc807a863417011) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
2011/07/09 17:58:53.0250 0752 aswFsBlk (cba53c5e29ae0a0ce76f9a2be3a40d9e) C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011/07/09 17:58:53.0625 0752 aswMon2 (a1c52b822b7b8a5c2162d38f579f97b7) C:\WINDOWS\system32\drivers\aswMon2.sys
2011/07/09 17:58:53.0750 0752 aswRdr (b6e8c5874377a42756c282fac2e20836) C:\WINDOWS\system32\drivers\aswRdr.sys
2011/07/09 17:58:54.0734 0752 aswSP (b93a553c9b0f14263c8f016a44c3258c) C:\WINDOWS\system32\drivers\aswSP.sys
2011/07/09 17:58:54.0953 0752 aswTdi (1408421505257846eb336feeef33352d) C:\WINDOWS\system32\drivers\aswTdi.sys
2011/07/09 17:58:55.0062 0752 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/07/09 17:58:55.0437 0752 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/07/09 17:58:57.0750 0752 ati2mtag (75410dda533d6b0df3689341079ff215) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
2011/07/09 17:58:58.0031 0752 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/07/09 17:58:58.0093 0752 audstub (d9f724aa26c010a217c97606b160ed68-) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/07/09 17:58:58.0171 0752 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/07/09 17:58:58.0312 0752 BthEnum (d24b8d1784c68a25060fffbe8ed34b76) C:\WINDOWS\system32\DRIVERS\BthEnum.sys
2011/07/09 17:58:58.0671 0752 BthPan (10355270be12641b9764235da39dcf0f) C:\WINDOWS\system32\DRIVERS\bthpan.sys
2011/07/09 17:58:59.0656 0752 BTHPORT (95ef6f3f386d93ee1e4d9ca45a50252a) C:\WINDOWS\system32\Drivers\BTHport.sys
2011/07/09 17:58:59.0875 0752 BTHUSB (f06d4cb9918b462a84d9ac00027efc30) C:\WINDOWS\system32\Drivers\BTHUSB.sys
2011/07/09 17:59:00.0109 0752 camflt (5320b8515bff632b85a97bd12da08825) C:\WINDOWS\system32\DRIVERS\camflt.sys
2011/07/09 17:59:00.0203 0752 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/07/09 17:59:00.0328 0752 CCDECODE (6163ed60b684bab19d3352ab22fc48b2) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/07/09 17:59:00.0437 0752 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/07/09 17:59:00.0687 0752 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/07/09 17:59:00.0953 0752 Cdrom (7b53584d94e9d8716b2de91d5f1cb42d) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/07/09 17:59:01.0250 0752 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/07/09 17:59:03.0718 0752 dmboot (c0fbb516e06e243f0cf31f597e7ebf7d) C:\WINDOWS\system32\drivers\dmboot.sys
2011/07/09 17:59:05.0828 0752 dmio (f5e7b358a732d09f4bcf2824b88b9e28-) C:\WINDOWS\system32\drivers\dmio.sys
2011/07/09 17:59:05.0906 0752 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/07/09 17:59:06.0125 0752 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
2011/07/09 17:59:06.0203 0752 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/07/09 17:59:07.0015 0752 dtscsi (12aca694b50ea53563c1e7c99e7bb27d) C:\WINDOWS\System32\Drivers\dtscsi.sys
2011/07/09 17:59:07.0015 0752 Suspicious file (NoAccess): C:\WINDOWS\System32\Drivers\dtscsi.sys. md5: 12aca694b50ea53563c1e7c99e7bb27d
2011/07/09 17:59:07.0031 0752 dtscsi - detected LockedFile.Multi.Generic (1)
2011/07/09 17:59:07.0109 0752 EIO (ee236706228a5df709ddd9bc1c6dafd0) C:\WINDOWS\system32\drivers\EIO.sys
2011/07/09 17:59:07.0656 0752 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/07/09 17:59:07.0812 0752 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\DRIVERS\fdc.sys
2011/07/09 17:59:08.0000 0752 Fips (e153ab8a11de5452bcf5ac7652dbf3ed) C:\WINDOWS\system32\drivers\Fips.sys
2011/07/09 17:59:08.0125 0752 Flpydisk (0dd1de43115b93f4d85e889d7a86f548-) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2011/07/09 17:59:08.0593 0752 FltMgr (157754f0df355a9e0a6f54721914f9c6) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
2011/07/09 17:59:08.0859 0752 fssfltr (c6ee3a87fe609d3e1db9dbd072a248de) C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
2011/07/09 17:59:09.0031 0752 FsUsbExDisk (790a4ca68f44be35967b3df61f3e4675) C:\WINDOWS\system32\FsUsbExDisk.SYS
2011/07/09 17:59:09.0328 0752 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/07/09 17:59:09.0796 0752 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/07/09 17:59:09.0890 0752 gameenum (5f92fd09e5610a5995da7d775eadcd12) C:\WINDOWS\system32\DRIVERS\gameenum.sys
2011/07/09 17:59:10.0046 0752 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
2011/07/09 17:59:10.0218 0752 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/07/09 17:59:10.0328 0752 HidUsb (1de6783b918f540149aa69943bdfeba8-) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/07/09 17:59:11.0296 0752 HTTP (9f8b0f4276f618964fd118be4289b7cd) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/07/09 17:59:11.0718 0752 i8042prt (5502b58eef7486ee6f93f3f164dcb808-) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/07/09 17:59:11.0921 0752 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/07/09 17:59:12.0109 0752 Ip6Fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
2011/07/09 17:59:12.0281 0752 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/07/09 17:59:12.0390 0752 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/07/09 17:59:12.0859 0752 IpNat (b5a8e215ac29d24d60b4d1250ef05ace) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/07/09 17:59:13.0171 0752 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/07/09 17:59:13.0250 0752 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/07/09 17:59:13.0437 0752 isapnp (e504f706ccb699c2596e9a3da1596e87) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/07/09 17:59:13.0578 0752 Kbdclass (ebdee8a2ee5393890a1acee971c4c246) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/07/09 17:59:14.0203 0752 kmixer (d93cad07c5683db066b0b2d2d3790ead) C:\WINDOWS\system32\drivers\kmixer.sys
2011/07/09 17:59:14.0703 0752 KSecDD (674d3e5a593475915dc6643317192403) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/07/09 17:59:14.0828 0752 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/07/09 17:59:16.0625 0752 Modem (6fc6f9d7acc36dca9b914565a3aeda05) C:\WINDOWS\system32\drivers\Modem.sys
2011/07/09 17:59:16.0734 0752 Mouclass (34e1f0031153e491910e12551400192c) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/07/09 17:59:16.0812 0752 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/07/09 17:59:17.0000 0752 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/07/09 17:59:17.0687 0752 MRxDAV (46edcc8f2db2f322c24f48785cb46366) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/07/09 17:59:19.0265 0752 MRxSmb (fb6c89bb3ce282b08bdb1e3c179e1c39) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/07/09 17:59:20.0093 0752 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
2011/07/09 17:59:20.0281 0752 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/07/09 17:59:20.0421 0752 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448-) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/07/09 17:59:20.0515 0752 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/07/09 17:59:20.0625 0752 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/07/09 17:59:20.0703 0752 MSTEE (bf13612142995096ab084f2db7f40f77) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/07/09 17:59:20.0750 0752 ms_mpu401 (ca3e22598f411199adc2dfee76cd0ae0) C:\WINDOWS\system32\drivers\msmpu401.sys
2011/07/09 17:59:21.0171 0752 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
2011/07/09 17:59:21.0484 0752 NABTSFEC (5c8dc6429c43dc6177c1fa5b76290d1a) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/07/09 17:59:22.0203 0752 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
2011/07/09 17:59:22.0265 0752 NdisIP (520ce427a8b298f54112857bcf6bde15) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/07/09 17:59:22.0359 0752 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/07/09 17:59:22.0468 0752 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/07/09 17:59:22.0843 0752 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/07/09 17:59:23.0000 0752 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/07/09 17:59:23.0156 0752 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/07/09 17:59:23.0750 0752 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/07/09 17:59:23.0921 0752 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
2011/07/09 17:59:26.0000 0752 Ntfs (b78be402c3f63dd55521f73876951cdd) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/07/09 17:59:27.0625 0752 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/07/09 17:59:27.0968 0752 nvatabus (46deed4c6c5fa765f9a2c723be60348d) C:\WINDOWS\system32\DRIVERS\nvatabus.sys
2011/07/09 17:59:29.0500 0752 NVENETFD (f87d81c2a99a3796b5e4db6d38b8e706) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
2011/07/09 17:59:30.0625 0752 nvnetbus (1602abc3fc9f8ca6a5b2c9cb466720b5) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
2011/07/09 17:59:32.0078 0752 nv_agp (c0fcd544a1c4eea6d11a0ae6a07dac9d) C:\WINDOWS\system32\DRIVERS\nv_agp.sys
2011/07/09 17:59:32.0171 0752 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/07/09 17:59:32.0312 0752 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/07/09 17:59:32.0671 0752 NwlnkIpx (79ea3fcda7067977625b3363a2657c80) C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
2011/07/09 17:59:32.0906 0752 NwlnkNb (56d34a67c05e94e16377c60609741ff8-) C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
2011/07/09 17:59:33.0125 0752 NwlnkSpx (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
2011/07/09 17:59:33.0703 0752 NWRDR (03373a79440473062c6f3aedec6a49c8-) C:\WINDOWS\system32\DRIVERS\nwrdr.sys
2011/07/09 17:59:34.0031 0752 Parport (29744eb4ce659dfe3b4122deb45bc478-) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/07/09 17:59:34.0156 0752 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/07/09 17:59:34.0234 0752 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/07/09 17:59:34.0359 0752 pccsmcfd (175cc28dcf819f78caa3fbd44ad9e52a) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
2011/07/09 17:59:34.0625 0752 PCI (8086d9979234b603ad5bc2f5d890b234) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/07/09 17:59:34.0703 0752 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/07/09 17:59:35.0156 0752 Pcmcia (82a087207decec8456fbe8537947d579) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/07/09 17:59:35.0515 0752 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/07/09 17:59:35.0687 0752 Processor (0d97d88720a4087ec93af7dbb303b30a) C:\WINDOWS\system32\DRIVERS\processr.sys
2011/07/09 17:59:35.0937 0752 PSched (48671f327553dcf1d27f6197f622a668-) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/07/09 17:59:36.0046 0752 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/07/09 17:59:36.0250 0752 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/07/09 17:59:36.0437 0752 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/07/09 17:59:36.0671 0752 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/07/09 17:59:36.0859 0752 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/07/09 17:59:36.0953 0752 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/07/09 17:59:37.0609 0752 Rdbss (29d66245adba878fff574cd66abd2884) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/07/09 17:59:37.0656 0752 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/07/09 17:59:38.0359 0752 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/07/09 17:59:38.0953 0752 RDPWD (d4f5643d7714ef499ae9527fdcd50894) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/07/09 17:59:39.0718 0752 redbook (b31b4588e4086d8d84adbf9845c2402b) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/07/09 17:59:39.0968 0752 RFCOMM (99c4b74981a1413f142a3903130088cb) C:\WINDOWS\system32\DRIVERS\rfcomm.sys
2011/07/09 17:59:40.0093 0752 Secdrv (c71394d99a04ca76484492f590c9cba5) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/07/09 17:59:40.0187 0752 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/07/09 17:59:40.0406 0752 Serial (cd9404d115a00d249f70a371b46d5a26) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/07/09 17:59:40.0515 0752 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/07/09 17:59:40.0625 0752 SLIP (5caeed86821fa2c6139e32e9e05ccdc9) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/07/09 17:59:41.0906 0752 snpstd (eaee05416ae891d3a9f61c923033cea9) C:\WINDOWS\system32\DRIVERS\snpstd.sys
2011/07/09 17:59:42.0375 0752 splitter (8e186b8f23295d1e42c573b82b80d548-) C:\WINDOWS\system32\drivers\splitter.sys
2011/07/09 17:59:44.0625 0752 sptd (a693ab9f28e85942d7126443ad660d7c) C:\WINDOWS\system32\Drivers\sptd.sys
2011/07/09 17:59:44.0625 0752 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: a693ab9f28e85942d7126443ad660d7c
2011/07/09 17:59:44.0640 0752 sptd - detected LockedFile.Multi.Generic (1)
2011/07/09 17:59:45.0234 0752 sr (e41b6d037d6cd08461470af04500dc24) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/07/09 17:59:46.0781 0752 Srv (7a4f147cc6b133f905f6e65e2f8669fb) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/07/09 17:59:47.0156 0752 ss_bbus (eaa66218cd39f5bb1b4853a78c67c787) C:\WINDOWS\system32\DRIVERS\ss_bbus.sys
2011/07/09 17:59:47.0250 0752 ss_bmdfl (91765f99914ed8693d8bc76524f21581) C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys
2011/07/09 17:59:47.0703 0752 ss_bmdm (840e7b738b03c10ee91d9b7d3d6eff15) C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys
2011/07/09 17:59:47.0812 0752 streamip (284c57df5dc7abca656bc2b96a667afb) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/07/09 17:59:47.0875 0752 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/07/09 17:59:48.0093 0752 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
2011/07/09 17:59:48.0437 0752 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/07/09 17:59:49.0703 0752 Tcpip (2a5554fc5b1e04e131230e3ce035c3f9) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/07/09 17:59:50.0265 0752 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/07/09 17:59:50.0531 0752 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/07/09 17:59:50.0703 0752 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/07/09 17:59:51.0046 0752 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
2011/07/09 17:59:51.0828 0752 Update (aff2e5045961bbc0a602bb6f95eb1345) C:\WINDOWS\system32\DRIVERS\update.sys
2011/07/09 17:59:52.0093 0752 usbaudio (45a0d14b26c35497ad93bce7e15c9941) C:\WINDOWS\system32\drivers\usbaudio.sys
2011/07/09 17:59:52.0250 0752 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/07/09 17:59:52.0390 0752 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/07/09 17:59:52.0640 0752 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/07/09 17:59:52.0718 0752 usbohci (bdfe799a8531bad8a5a985821fe78760) C:\WINDOWS\system32\DRIVERS\usbohci.sys
2011/07/09 17:59:52.0875 0752 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/07/09 17:59:53.0000 0752 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
2011/07/09 17:59:53.0234 0752 VolSnap (ee4660083deba849ff6c485d944b379b) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/07/09 17:59:53.0500 0752 w200bus (34923e278eac7ddcea717ae1fcf592f6) C:\WINDOWS\system32\DRIVERS\w200bus.sys
2011/07/09 17:59:53.0593 0752 w200mdfl (eff90a983cd3deab05922242e8072dc6) C:\WINDOWS\system32\DRIVERS\w200mdfl.sys
2011/07/09 17:59:53.0968 0752 w200mdm (f03da4fbb2708a0b5409ea63e88c0f50) C:\WINDOWS\system32\DRIVERS\w200mdm.sys
2011/07/09 17:59:54.0312 0752 w200mgmt (1522d6387e6bb54aef9824b1733832db) C:\WINDOWS\system32\DRIVERS\w200mgmt.sys
2011/07/09 17:59:54.0656 0752 w200obex (8405be0bba1ccf26d0fbdd26be03c816) C:\WINDOWS\system32\DRIVERS\w200obex.sys
2011/07/09 17:59:54.0843 0752 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/07/09 17:59:55.0187 0752 wdmaud (2797f33ebf50466020c430ee4f037933) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/07/09 17:59:55.0390 0752 WSTCODEC (d5842484f05e12121c511aa93f6439ec) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/07/09 17:59:55.0687 0752 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/07/09 17:59:56.0000 0752 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/07/09 17:59:56.0140 0752 MBR (0x1B8-) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
2011/07/09 17:59:57.0375 0752 Boot (0x1200) (03537f439430acecbd7d32a3700d5b30) \Device\Harddisk0\DR0\Partition0
2011/07/09 17:59:57.0390 0752 Boot (0x1200) (d6000f60f350a4d47a5d844a5d3f02f0) \Device\Harddisk0\DR0\Partition1
2011/07/09 17:59:57.0421 0752 Boot (0x1200) (1239efbfd7645e1d78ba4138edfe5396) \Device\Harddisk0\DR0\Partition2
2011/07/09 17:59:57.0437 0752 ================================================================================
2011/07/09 17:59:57.0437 0752 Scan finished
2011/07/09 17:59:57.0437 0752 ================================================================================
2011/07/09 17:59:57.0453 2892 Detected object count: 2
2011/07/09 17:59:57.0453 2892 Actual detected object count: 2
2011/07/09 18:01:13.0406 2892 LockedFile.Multi.Generic(dtscsi) - User select action: Skip
2011/07/09 18:01:13.0406 2892 LockedFile.Multi.Generic(sptd) - User select action: Skip
2011/07/09 18:03:02.0250 1736 ================================================================================
2011/07/09 18:03:02.0250 1736 Scan started
2011/07/09 18:03:02.0250 1736 Mode: Manual;
2011/07/09 18:03:02.0250 1736 ================================================================================
2011/07/09 18:03:31.0750 1736 Aavmker4 (479c9835b91147be1a92cb76fad9c6de) C:\WINDOWS\system32\drivers\Aavmker4.sys
2011/07/09 18:03:41.0390 1736 ACPI (a10c7534f7223f4a73a948967d00e69b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/07/09 18:03:43.0281 1736 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/07/09 18:03:47.0203 1736 aec (841f385c6cfaf66b58fbd898722bb4f0) C:\WINDOWS\system32\drivers\aec.sys
2011/07/09 18:03:49.0437 1736 AFD (55e6e1c51b6d30e54335750955453702) C:\WINDOWS\System32\drivers\afd.sys
2011/07/09 18:04:03.0859 1736 ALCXWDM (d42f79f0d2cfffa71bc807a863417011) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
2011/07/09 18:04:13.0500 1736 aswFsBlk (cba53c5e29ae0a0ce76f9a2be3a40d9e) C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011/07/09 18:04:15.0390 1736 aswMon2 (a1c52b822b7b8a5c2162d38f579f97b7) C:\WINDOWS\system32\drivers\aswMon2.sys
2011/07/09 18:04:15.0796 1736 aswRdr (b6e8c5874377a42756c282fac2e20836) C:\WINDOWS\system32\drivers\aswRdr.sys
2011/07/09 18:04:17.0109 1736 aswSP (b93a553c9b0f14263c8f016a44c3258c) C:\WINDOWS\system32\drivers\aswSP.sys
2011/07/09 18:04:17.0328 1736 aswTdi (1408421505257846eb336feeef33352d) C:\WINDOWS\system32\drivers\aswTdi.sys
2011/07/09 18:04:17.0453 1736 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/07/09 18:04:17.0828 1736 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/07/09 18:04:20.0109 1736 ati2mtag (75410dda533d6b0df3689341079ff215) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
2011/07/09 18:04:20.0375 1736 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/07/09 18:04:20.0468 1736 audstub (d9f724aa26c010a217c97606b160ed68-) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/07/09 18:04:20.0546 1736 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/07/09 18:04:20.0687 1736 BthEnum (d24b8d1784c68a25060fffbe8ed34b76) C:\WINDOWS\system32\DRIVERS\BthEnum.sys
2011/07/09 18:04:21.0046 1736 BthPan (10355270be12641b9764235da39dcf0f) C:\WINDOWS\system32\DRIVERS\bthpan.sys
2011/07/09 18:04:22.0000 1736 BTHPORT (95ef6f3f386d93ee1e4d9ca45a50252a) C:\WINDOWS\system32\Drivers\BTHport.sys
2011/07/09 18:04:22.0125 1736 BTHUSB (f06d4cb9918b462a84d9ac00027efc30) C:\WINDOWS\system32\Drivers\BTHUSB.sys
2011/07/09 18:04:22.0218 1736 camflt (5320b8515bff632b85a97bd12da08825) C:\WINDOWS\system32\DRIVERS\camflt.sys
2011/07/09 18:04:22.0328 1736 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/07/09 18:04:22.0437 1736 CCDECODE (6163ed60b684bab19d3352ab22fc48b2) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/07/09 18:04:22.0562 1736 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/07/09 18:04:22.0812 1736 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/07/09 18:04:23.0062 1736 Cdrom (7b53584d94e9d8716b2de91d5f1cb42d) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/07/09 18:04:23.0390 1736 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/07/09 18:04:25.0812 1736 dmboot (c0fbb516e06e243f0cf31f597e7ebf7d) C:\WINDOWS\system32\drivers\dmboot.sys
2011/07/09 18:04:26.0390 1736 dmio (f5e7b358a732d09f4bcf2824b88b9e28-) C:\WINDOWS\system32\drivers\dmio.sys
2011/07/09 18:04:26.0453 1736 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/07/09 18:04:26.0703 1736 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
2011/07/09 18:04:26.0781 1736 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/07/09 18:04:27.0578 1736 dtscsi (12aca694b50ea53563c1e7c99e7bb27d) C:\WINDOWS\System32\Drivers\dtscsi.sys
2011/07/09 18:04:27.0578 1736 Suspicious file (NoAccess): C:\WINDOWS\System32\Drivers\dtscsi.sys. md5: 12aca694b50ea53563c1e7c99e7bb27d
2011/07/09 18:04:27.0578 1736 dtscsi - detected LockedFile.Multi.Generic (1)
2011/07/09 18:04:27.0656 1736 EIO (ee236706228a5df709ddd9bc1c6dafd0) C:\WINDOWS\system32\drivers\EIO.sys
2011/07/09 18:04:28.0234 1736 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/07/09 18:04:28.0390 1736 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\DRIVERS\fdc.sys
2011/07/09 18:04:28.0562 1736 Fips (e153ab8a11de5452bcf5ac7652dbf3ed) C:\WINDOWS\system32\drivers\Fips.sys
2011/07/09 18:04:28.0703 1736 Flpydisk (0dd1de43115b93f4d85e889d7a86f548-) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2011/07/09 18:04:29.0156 1736 FltMgr (157754f0df355a9e0a6f54721914f9c6) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
2011/07/09 18:04:29.0421 1736 fssfltr (c6ee3a87fe609d3e1db9dbd072a248de) C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
2011/07/09 18:04:29.0593 1736 FsUsbExDisk (790a4ca68f44be35967b3df61f3e4675) C:\WINDOWS\system32\FsUsbExDisk.SYS
2011/07/09 18:04:29.0656 1736 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/07/09 18:04:30.0109 1736 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/07/09 18:04:30.0187 1736 gameenum (5f92fd09e5610a5995da7d775eadcd12) C:\WINDOWS\system32\DRIVERS\gameenum.sys
2011/07/09 18:04:30.0343 1736 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
2011/07/09 18:04:30.0515 1736 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/07/09 18:04:30.0609 1736 HidUsb (1de6783b918f540149aa69943bdfeba8-) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/07/09 18:04:31.0609 1736 HTTP (9f8b0f4276f618964fd118be4289b7cd) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/07/09 18:04:31.0890 1736 i8042prt (5502b58eef7486ee6f93f3f164dcb808-) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/07/09 18:04:32.0093 1736 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/07/09 18:04:32.0312 1736 Ip6Fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
2011/07/09 18:04:32.0468 1736 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/07/09 18:04:32.0578 1736 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/07/09 18:04:33.0046 1736 IpNat (b5a8e215ac29d24d60b4d1250ef05ace) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/07/09 18:04:33.0359 1736 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/07/09 18:04:33.0437 1736 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/07/09 18:04:33.0609 1736 isapnp (e504f706ccb699c2596e9a3da1596e87) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/07/09 18:04:33.0734 1736 Kbdclass (ebdee8a2ee5393890a1acee971c4c246) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/07/09 18:04:34.0375 1736 kmixer (d93cad07c5683db066b0b2d2d3790ead) C:\WINDOWS\system32\drivers\kmixer.sys
2011/07/09 18:04:34.0750 1736 KSecDD (674d3e5a593475915dc6643317192403) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/07/09 18:04:34.0859 1736 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/07/09 18:04:35.0015 1736 Modem (6fc6f9d7acc36dca9b914565a3aeda05) C:\WINDOWS\system32\drivers\Modem.sys
2011/07/09 18:04:35.0109 1736 Mouclass (34e1f0031153e491910e12551400192c) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/07/09 18:04:35.0203 1736 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/07/09 18:04:35.0390 1736 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/07/09 18:04:36.0078 1736 MRxDAV (46edcc8f2db2f322c24f48785cb46366) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/07/09 18:04:37.0671 1736 MRxSmb (fb6c89bb3ce282b08bdb1e3c179e1c39) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/07/09 18:04:37.0796 1736 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
2011/07/09 18:04:37.0859 1736 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/07/09 18:04:37.0906 1736 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448-) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/07/09 18:04:37.0968 1736 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/07/09 18:04:38.0078 1736 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/07/09 18:04:38.0140 1736 MSTEE (bf13612142995096ab084f2db7f40f77) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/07/09 18:04:38.0203 1736 ms_mpu401 (ca3e22598f411199adc2dfee76cd0ae0) C:\WINDOWS\system32\drivers\msmpu401.sys
2011/07/09 18:04:38.0625 1736 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
2011/07/09 18:04:38.0937 1736 NABTSFEC (5c8dc6429c43dc6177c1fa5b76290d1a) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/07/09 18:04:39.0609 1736 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
2011/07/09 18:04:39.0671 1736 NdisIP (520ce427a8b298f54112857bcf6bde15) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/07/09 18:04:41.0000 1736 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/07/09 18:04:41.0343 1736 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/07/09 18:04:41.0718 1736 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/07/09 18:04:41.0890 1736 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/07/09 18:04:42.0265 1736 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/07/09 18:04:42.0875 1736 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/07/09 18:04:43.0046 1736 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
2011/07/09 18:04:45.0093 1736 Ntfs (b78be402c3f63dd55521f73876951cdd) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/07/09 18:04:45.0156 1736 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/07/09 18:04:45.0515 1736 nvatabus (46deed4c6c5fa765f9a2c723be60348d) C:\WINDOWS\system32\DRIVERS\nvatabus.sys
2011/07/09 18:04:45.0687 1736 NVENETFD (f87d81c2a99a3796b5e4db6d38b8e706) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
2011/07/09 18:04:45.0781 1736 nvnetbus (1602abc3fc9f8ca6a5b2c9cb466720b5) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
2011/07/09 18:04:45.0921 1736 nv_agp (c0fcd544a1c4eea6d11a0ae6a07dac9d) C:\WINDOWS\system32\DRIVERS\nv_agp.sys
2011/07/09 18:04:46.0031 1736 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/07/09 18:04:46.0156 1736 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/07/09 18:04:46.0531 1736 NwlnkIpx (79ea3fcda7067977625b3363a2657c80) C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
2011/07/09 18:04:46.0750 1736 NwlnkNb (56d34a67c05e94e16377c60609741ff8-) C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
2011/07/09 18:04:46.0953 1736 NwlnkSpx (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
2011/07/09 18:04:47.0531 1736 NWRDR (03373a79440473062c6f3aedec6a49c8-) C:\WINDOWS\system32\DRIVERS\nwrdr.sys
2011/07/09 18:04:47.0859 1736 Parport (29744eb4ce659dfe3b4122deb45bc478-) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/07/09 18:04:48.0015 1736 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/07/09 18:04:48.0078 1736 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/07/09 18:04:48.0203 1736 pccsmcfd (175cc28dcf819f78caa3fbd44ad9e52a) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
2011/07/09 18:04:48.0484 1736 PCI (8086d9979234b603ad5bc2f5d890b234) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/07/09 18:04:48.0546 1736 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/07/09 18:04:49.0031 1736 Pcmcia (82a087207decec8456fbe8537947d579) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/07/09 18:04:49.0375 1736 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/07/09 18:04:49.0546 1736 Processor (0d97d88720a4087ec93af7dbb303b30a) C:\WINDOWS\system32\DRIVERS\processr.sys
2011/07/09 18:04:49.0859 1736 PSched (48671f327553dcf1d27f6197f622a668-) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/07/09 18:04:49.0953 1736 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/07/09 18:04:50.0156 1736 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2011/07/09 18:04:50.0343 1736 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/07/09 18:04:50.0593 1736 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/07/09 18:04:50.0781 1736 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/07/09 18:04:50.0875 1736 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/07/09 18:04:51.0515 1736 Rdbss (29d66245adba878fff574cd66abd2884) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/07/09 18:04:51.0578 1736 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/07/09 18:04:52.0296 1736 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/07/09 18:04:52.0828 1736 RDPWD (d4f5643d7714ef499ae9527fdcd50894) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/07/09 18:04:53.0093 1736 redbook (b31b4588e4086d8d84adbf9845c2402b) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/07/09 18:04:53.0359 1736 RFCOMM (99c4b74981a1413f142a3903130088cb) C:\WINDOWS\system32\DRIVERS\rfcomm.sys
2011/07/09 18:04:53.0484 1736 Secdrv (c71394d99a04ca76484492f590c9cba5) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/07/09 18:04:53.0562 1736 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/07/09 18:04:53.0796 1736 Serial (cd9404d115a00d249f70a371b46d5a26) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/07/09 18:04:53.0921 1736 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/07/09 18:04:54.0031 1736 SLIP (5caeed86821fa2c6139e32e9e05ccdc9) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/07/09 18:04:55.0343 1736 snpstd (eaee05416ae891d3a9f61c923033cea9) C:\WINDOWS\system32\DRIVERS\snpstd.sys
2011/07/09 18:04:55.0437 1736 splitter (8e186b8f23295d1e42c573b82b80d548-) C:\WINDOWS\system32\drivers\splitter.sys
2011/07/09 18:04:57.0687 1736 sptd (a693ab9f28e85942d7126443ad660d7c) C:\WINDOWS\system32\Drivers\sptd.sys
2011/07/09 18:04:57.0687 1736 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: a693ab9f28e85942d7126443ad660d7c
2011/07/09 18:04:57.0703 1736 sptd - detected LockedFile.Multi.Generic (1)
2011/07/09 18:04:57.0968 1736 sr (e41b6d037d6cd08461470af04500dc24) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/07/09 18:04:59.0250 1736 Srv (7a4f147cc6b133f905f6e65e2f8669fb) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/07/09 18:04:59.0625 1736 ss_bbus (eaa66218cd39f5bb1b4853a78c67c787) C:\WINDOWS\system32\DRIVERS\ss_bbus.sys
2011/07/09 18:04:59.0718 1736 ss_bmdfl (91765f99914ed8693d8bc76524f21581) C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys
2011/07/09 18:05:00.0187 1736 ss_bmdm (840e7b738b03c10ee91d9b7d3d6eff15) C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys
2011/07/09 18:05:00.0281 1736 streamip (284c57df5dc7abca656bc2b96a667afb) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/07/09 18:05:00.0359 1736 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/07/09 18:05:00.0578 1736 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
2011/07/09 18:05:00.0937 1736 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/07/09 18:05:02.0218 1736 Tcpip (2a5554fc5b1e04e131230e3ce035c3f9) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/07/09 18:05:02.0312 1736 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/07/09 18:05:02.0421 1736 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/07/09 18:05:02.0578 1736 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/07/09 18:05:02.0921 1736 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
2011/07/09 18:05:03.0765 1736 Update (aff2e5045961bbc0a602bb6f95eb1345) C:\WINDOWS\system32\DRIVERS\update.sys
2011/07/09 18:05:04.0843 1736 usbaudio (45a0d14b26c35497ad93bce7e15c9941) C:\WINDOWS\system32\drivers\usbaudio.sys
2011/07/09 18:05:05.0671 1736 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/07/09 18:05:06.0062 1736 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/07/09 18:05:06.0312 1736 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/07/09 18:05:06.0406 1736 usbohci (bdfe799a8531bad8a5a985821fe78760) C:\WINDOWS\system32\DRIVERS\usbohci.sys
2011/07/09 18:05:06.0546 1736 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/07/09 18:05:06.0687 1736 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
2011/07/09 18:05:06.0937 1736 VolSnap (ee4660083deba849ff6c485d944b379b) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/07/09 18:05:07.0187 1736 w200bus (34923e278eac7ddcea717ae1fcf592f6) C:\WINDOWS\system32\DRIVERS\w200bus.sys
2011/07/09 18:05:07.0281 1736 w200mdfl (eff90a983cd3deab05922242e8072dc6) C:\WINDOWS\system32\DRIVERS\w200mdfl.sys
2011/07/09 18:05:07.0671 1736 w200mdm (f03da4fbb2708a0b5409ea63e88c0f50) C:\WINDOWS\system32\DRIVERS\w200mdm.sys
2011/07/09 18:05:08.0015 1736 w200mgmt (1522d6387e6bb54aef9824b1733832db) C:\WINDOWS\system32\DRIVERS\w200mgmt.sys
2011/07/09 18:05:08.0375 1736 w200obex (8405be0bba1ccf26d0fbdd26be03c816) C:\WINDOWS\system32\DRIVERS\w200obex.sys
2011/07/09 18:05:08.0546 1736 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/07/09 18:05:08.0890 1736 wdmaud (2797f33ebf50466020c430ee4f037933) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/07/09 18:05:09.0046 1736 WSTCODEC (d5842484f05e12121c511aa93f6439ec) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/07/09 18:05:09.0343 1736 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/07/09 18:05:09.0656 1736 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/07/09 18:05:09.0796 1736 MBR (0x1B8-) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
2011/07/09 18:05:10.0765 1736 Boot (0x1200) (03537f439430acecbd7d32a3700d5b30) \Device\Harddisk0\DR0\Partition0
2011/07/09 18:05:10.0796 1736 Boot (0x1200) (d6000f60f350a4d47a5d844a5d3f02f0) \Device\Harddisk0\DR0\Partition1
2011/07/09 18:05:10.0828 1736 Boot (0x1200) (1239efbfd7645e1d78ba4138edfe5396) \Device\Harddisk0\DR0\Partition2
2011/07/09 18:05:10.0828 1736 ================================================================================
2011/07/09 18:05:10.0828 1736 Scan finished
2011/07/09 18:05:10.0828 1736 ================================================================================
2011/07/09 18:05:10.0843 0712 Detected object count: 2
2011/07/09 18:05:10.0843 0712 Actual detected object count: 2
2011/07/09 18:05:17.0703 0712 HKLM\SYSTEM\ControlSet001\services\dtscsi - will be deleted after reboot
2011/07/09 18:05:17.0781 0712 HKLM\SYSTEM\ControlSet002\services\dtscsi - will be deleted after reboot
2011/07/09 18:05:17.0859 0712 HKLM\SYSTEM\ControlSet003\services\dtscsi - will be deleted after reboot
2011/07/09 18:05:17.0890 0712 HKLM\SYSTEM\ControlSet004\services\dtscsi - will be deleted after reboot
2011/07/09 18:05:17.0906 0712 C:\WINDOWS\System32\Drivers\dtscsi.sys - will be deleted after reboot
2011/07/09 18:05:17.0906 0712 LockedFile.Multi.Generic(dtscsi) - User select action: Delete
2011/07/09 18:05:17.0921 0712 HKLM\SYSTEM\ControlSet001\services\sptd - will be deleted after reboot
2011/07/09 18:05:17.0953 0712 HKLM\SYSTEM\ControlSet002\services\sptd - will be deleted after reboot
2011/07/09 18:05:17.0953 0712 HKLM\SYSTEM\ControlSet003\services\sptd - will be deleted after reboot
2011/07/09 18:05:17.0968 0712 HKLM\SYSTEM\ControlSet004\services\sptd - will be deleted after reboot
2011/07/09 18:05:17.0968 0712 C:\WINDOWS\system32\Drivers\sptd.sys - will be deleted after reboot
2011/07/09 18:05:17.0968 0712 LockedFile.Multi.Generic(sptd) - User select action: Delete
2011/07/09 18:05:25.0171 3884 Deinitialize success

Poslao: 10 Jul 2011 13:13
Idi na vrh
offline
  • Més que un club
  • Glavni vokal @ Harpun
  • Pridružio: 27 Feb 2009
  • Poruke: 3898
  • Gde živiš: Novi Sad,Klisa

Preuzmi aswMBR i sacuvaj ga na Desktop.

Dvoklikom pokreni aswMBR.
Klikni na Scan.
Kada zavrsi skeniranje, klikni Save log.
Sacuvaj aswMBR log na Desktop.
Sadrzaj tog loga iskopiraj u temi.

----------------------------------------------------
Preuzmi program OTM na Desktop.

Dvoklikom pokreni OTM.exe

U (levi) prozor programa (ispod Paste Instructions for Items to be Moved) iskopiraj sve što se nalazi unutar Kod polja:
:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinsysMon"=-

:Files
c:\docume~1\kovace~1\locals~1\temp\nsw13a.tmp\googletoolbar.exe

:Commands
[emptytemp]
[Reboot]

Klikni MoveIt!
Po završetku procesa, u desnom prozoru programa (ispod Results), će se nalaziti tekst koji je potrebno iskopirati u poruku na forumu.


Ukoliko se pojavi upit:

Confirm ::The system requires a reboot to finish removing files.
Do you want to reboot now?

kliknuti Yes kako bi se kompjuter restartovao i proces bio dovršen.

Nakon ponovnog pokretanja sistema, logfile će se automatski otvoriti u Notepadu.
Potrebno je iskopirati sadržaj tog loga u poruku na forumu.

NIx Car (AMF Tim)

Poslao: 12 Jul 2011 21:04
Idi na vrh
offline
  • Pridružio: 03 Jul 2011
  • Poruke: 22
  • Gde živiš: Zrenjanin

Rešila sam problem što se tiče virusa.
Hvala na pomoći.
Izvinite na oduzetom vremenu.

MyCity » Ambulanta -> Arhiva Ambulante » Moguć virus? :S

Ko je trenutno na forumu
 

Ukupno su 1167 korisnika na forumu :: 42 registrovanih, 8 sakrivenih i 1117 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 8u47, 9k38, A.R.Chafee.Jr., airsuba, AK - 230, Andrija357, Apok, babaroga, bojanM84, Buzdovan, darios, Denaya, Dimitrise93, djboj, doktor123, flash12, hyla, ikan, Istman, Karla, kikisp, kjkszpj, Krvava Devetka, ksyyaj, kunktator, kybonacci, Marko Marković, mercedesamg, Mercury, milenko crazy north, Milometer, nemkea71, novator, procesor, robertino, Sale.S, Srle993, Stoilkovic, theNedjeljko, Tvrtko I, virked, W123