Проблем с несъществуващи вируси при Avast 4.8

kosolin · Август 22, 2011

Здравейте

От няколко дена имам един проблем със антивирусната, постоянно ми пищи и ми излиза win32:rootkit-gen [Rtk]Сканирах няколко пъти всички локални дискове но не успях да го изтрия търсих в гугъл за някой с моя проблем но не открих нищо...

avalon72 · Август 22, 2011

Програмата не предлага сигурно проверка при стартиране на Windows? Ако е така, деинсталирай старата версия 4.8 и инсталирай новата Avast! Free Antivirus 6. Виж на тази картинка как и къде се планира проверка при стартиране на системата (преди да заредят зловредните файлове). Следвай инструкциите на синия екран после. Обикновено се дава "изтрий" или "премести в клетка за вируси" и впоследствие файловете там могат да бъдат разгледани и изтрити. Ако дава, че не може да се премести файлът в клетката, даваш "изтрий". След тази проверка компютърът би трябвало да е почистен. Може после да пуснеш и проверка с двете програми Malwarebytes' Anti-Malware и SUPERAntiSpyware Free. Обнови операционната с-ма с последния Service Pack и ъпдейти.

kosolin · Август 22, 2011

Предлага проверка при стартиране на Windows опитах го както и със Malwarebytes' Anti-Malware и SUPERAntiSpyware Free опитах..

но без резултат 4.8 ми е професионал и не ми се маха по принцип ама май ще преинсталирам уиндоуса..

Август 22, 2011

Здравейте От няколко дена имам един проблем със антивирусната, постоянно ми пищи и ми излиза win32:rootkit-gen [Rtk]Сканирах няколко пъти всички локални дискове но не успях да го изтрия търсих в гугъл за някой с моя проблем но не открих нищо...

1. Изключи си System Restore - за този "красавец" е "задълже" и рестарт PC

2. Изтегли TDSSKiller

3. Разархивирай, стартирай от Start Scan

4. Ако хване нещо опитай се да го излекуваш, ако ли не - триеш (delete)

Картинка 1

В Гугъл има инфо

http://techsalsa.com...t-genrtk-virus/

Steps to remove ur0.com virus

• Стартираш Task Manager, спираш (убиваш) ur0.com - процеса, ако го има

• Start - Run - msconfig премахваш го от Startup , ако го има

• Рестарт в Безопасен Режим (Safe Mode), търсиш ur0.com от Search и да не забравиш да се намират и невидимите файлове (резултати)

• Изтриваш всичко, което намериш

Steps to remove Win32:Rootkit-gen[Rtk] Virus

• Иключваш System restore

В нашия случай, ако спазиш отгоре-надолу - Ти вече си изключил SR

П.П Avast! 6 е по-добрия вариант от 4.8

avalon72 · Август 22, 2011

Предлага проверка при стартиране на Windows опитах го както и със Malwarebytes' Anti-Malware и SUPERAntiSpyware Free опитах.. но без резултат 4.8 ми е професионал и не ми се маха по принцип ама май ще преинсталирам уиндоуса..

Запиши си ключа на аваста, та после пак да го ползваш. Новата версия 6 е по-добра по принцип, дори и безплатната. Досега не съм виждал да не може да изтрие нещо по време на проверка при стартиране на системата. Какво се случва, изчакваш ли края на сканирането? Изтривала е десетки рууткити, троянци, агенти и др. Просто изпълняваш някое от предложенията на програмата. Може да дадеш автоматично всичко да трие или мести в клетката при засичане.

kosolin · Август 23, 2011

Изпълних стъпките както ми каза TDSSKiller засече 3 вируса и ги изтрих.. но греда

цък цък 2

Nazikov тя ги трие или ги местя в клетката без проблем.. ама размножават ли се незнам.. :(

Август 23, 2011

Изпълних стъпките както ми каза TDSSKiller засече 3 вируса и ги изтрих.. но греда
цък цък 2

Nazikov тя ги трие или ги местя в клетката без проблем.. ама размножават ли се незнам.. :(

За цък 2 използвай - клик 1

За цък 1 използвай - клик 2

Сложи avast! 6 и като хванеш нещо не в клетката, а ако можеш трий! Изключи си System Restore-a

Август 23, 2011

Ако не ти вършат работа, пиши ...и ще се появи тежката артилерия

kosolin · Август 24, 2011

Нищо не намериха за жалост

май ще преинстална уиндоуса и ще спра да ви занимавам

B-boy/StyLe/ · Август 24, 2011

Изтеглете DDS: от BleepingComputer.
След изтегляне на файла го запишете (бутон Save => Save as) DDS на вашия десктоп, снимка:

http://i46.tinypic.com/2exprgh.jpg
След като изтеглите DDS на десктопа, иконката на програмата би трябвало да изглежда така: http://i49.tinypic.com/rvwlll.jpg
Прекратете временно работата на всички скрипт блокиращи приложения, ако има такива или разрешете изпълнението на dds.scr. След това стартирайте DDS с двоен клик на иконката, като потвърдите с Run.
След приключване на работата на DDS копирайте с Copy текста от двата файлови лога, които ще се появят в Notepad: DDS.txt и Attach.txt и ги запазете (бутон Save => Save as) на десктопа.
Копирайте и поставете съдържанието на DDS.txt и Attach.txt във вашата тема. Моля, не ги прикачвайте!
Публикувайте вашата тема.
Търпеливо изчакайте анализа на лог файловете.

kosolin · Август 24, 2011

.

DDS (Ver_2011-06-23.01) - NTFSx86

Internet Explorer: 6.0.2900.2180

Run by User at 0:12:02 on 2011-08-25

.

============== Running Processes ===============

.

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\SOUNDMAN.EXE

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\Application Updater\ApplicationUpdater.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe

C:\WINDOWS\system32\rserver30\RServer3.exe

C:\WINDOWS\system32\rserver30\FamItrfc.Exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\System32\alg.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Documents and Settings\User\Desktop\dds.scr

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k imgsvc

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.facebook.com/

uInternet Connection Wizard,ShellNext = hxxp://www.codecguide.com/

uURLSearchHooks: IObit Toolbar: {0bda0769-fd72-49f4-9266-e1fb004f4d8f} - c:\program files\iobit toolbar\ie\4.5\iobitToolbarIE.dll

BHO: IObit Toolbar: {0bda0769-fd72-49f4-9266-e1fb004f4d8f} - c:\program files\iobit toolbar\ie\4.5\iobitToolbarIE.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

TB: IObit Toolbar: {0bda0769-fd72-49f4-9266-e1fb004f4d8f} - c:\program files\iobit toolbar\ie\4.5\iobitToolbarIE.dll

uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\daemon.exe" -autorun

uRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NVMCTRAY.DLL,NvTaskbarInit

mRun: [soundMan] SOUNDMAN.EXE

mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [nwiz] nwiz.exe /install

mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

mRun: [<NO NAME>]

mRun: [searchSettings] "c:\program files\common files\spigot\search settings\SearchSettings.exe"

mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSConfig.exe /auto

dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE

dRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NVMCTRAY.DLL,NvTaskbarInit

IE: &С&валяне &с BitComet - e:\bit comet\bitcomet\BitComet.exe/AddLink.htm

IE: &С&валяне на всички с BitComet - e:\bit comet\bitcomet\BitComet.exe/AddAllLink.htm

IE: &С&валяне на всичкото видео с BitComet - e:\bit comet\bitcomet\BitComet.exe/AddVideo.htm

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: Е&кспортирай в Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL

TCP: DhcpNameServer = 93.155.205.5 8.8.8.8 93.155.205.6 8.8.4.4

TCP: Interfaces\{D0650FCD-B9A2-4BCB-8ACB-D68FB6DCF9B2} : DhcpNameServer = 93.155.205.5 8.8.8.8 93.155.205.6 8.8.4.4

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

AppInit_DLLs: c:\windows\system32\rserver30\newtstop.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - c:\program files\stardock\object desktop\iconpackager\iprepair.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\user\application data\mozilla\firefox\profiles\zmqcuvrt.default\

FF - prefs.js: browser.search.selectedEngine - Yahoo

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/

FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=382950&p=

FF - prefs.js: network.proxy.type - 0

FF - component: c:\documents and settings\user\application data\mozilla\firefox\profiles\zmqcuvrt.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\FFExternalAlert.dll

FF - component: c:\documents and settings\user\application data\mozilla\firefox\profiles\zmqcuvrt.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCore.dll

FF - component: c:\program files\nokia\nokia pc suite 7\bkmrksync\components\BkMrkExt.dll

FF - plugin: c:\program files\google\picasa3\npPicasa3.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nppl3260.dll

FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nprpjplug.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\opera\program\plugins\np32dsw.dll

.

---- FIREFOX POLICIES ----

FF - user.js: network.proxy.type - 0

FF - user.js: network.proxy.http -

user_pref(network.proxy.http_port,);

FF - user.js: network.proxy.no_proxies_on -

.

============= SERVICES / DRIVERS ===============

.

R? aswArKrn;aswArKrn

R? S3SAVAGE4M;S3SAVAGE4M

R? s916bus;Sony Ericsson Device 916 driver (WDM)

R? s916mdfl;Sony Ericsson Device 916 USB WMC Modem Filter

R? s916mdm;Sony Ericsson Device 916 USB WMC Modem Driver

R? s916mgmt;Sony Ericsson Device 916 USB WMC Device Management Drivers (WDM)

R? s916obex;Sony Ericsson Device 916 USB WMC OBEX Interface

S? Application Updater;Application Updater

S? aswFsBlk;aswFsBlk

S? aswSP;avast! Self Protection

S? avast! Antivirus;avast! Antivirus

S? avast! Mail Scanner;avast! Mail Scanner

S? avast! Web Scanner;avast! Web Scanner

S? mirrorv3;mirrorv3

S? OMSI download service;Sony Ericsson OMSI download service

S? raddrvv3;raddrvv3

S? RServer3;Radmin Server V3

S? seehcri;Sony Ericsson seehcri Device Driver

.

=============== Created Last 30 ================

.

2011-08-24 20:55:19 -------- d-----w- c:\documents and settings\user\local settings\application data\Google

2011-08-20 08:02:25 -------- d-----w- c:\program files\common files\DirectX

2011-08-19 20:42:03 -------- d-----w- c:\documents and settings\user\local settings\application data\ArmA

2011-08-19 20:40:35 782336 ----a-r- c:\windows\system32\tmp15B.tmp

2011-08-19 20:40:35 409600 ----a-w- c:\windows\system32\wrap_oal.dll

2011-08-19 20:40:35 114688 ----a-w- c:\windows\system32\OpenAL32.dll

2011-08-19 20:40:35 -------- d-----w- c:\program files\OpenAL

2011-08-19 13:59:06 -------- d-----w- c:\documents and settings\user\application data\Malwarebytes

2011-08-19 13:58:58 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes

2011-08-19 13:55:12 -------- d-----w- c:\program files\Trend Micro

2011-08-19 13:13:08 -------- d-----w- c:\windows\system32\AGEIA

2011-08-19 13:12:36 -------- d-----w- c:\program files\common files\Wise Installation Wizard

2011-08-17 11:32:05 -------- d-----w- c:\program files\m-r-software

2011-08-17 11:02:07 631616 ----a-w- c:\windows\system32\msvcp100d.dll

2011-08-17 10:55:10 15592 ----a-w- c:\windows\system32\roboot.exe

2011-08-17 10:55:06 431936 ----a-w- c:\windows\system32\msvcp100.dll

2011-08-17 08:58:04 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll

2011-08-17 08:58:04 528216 ----a-w- c:\windows\system32\XAudio2_6.dll

2011-08-17 08:58:03 238936 ----a-w- c:\windows\system32\xactengine3_6.dll

2011-08-17 08:58:03 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll

2011-08-17 08:52:34 -------- d-----w- c:\program files\Lightrock Entertainment

2011-08-16 15:23:41 -------- d-----w- c:\program files\themexp.org

2011-08-16 15:21:51 -------- d-----w- c:\program files\tochpc.ru

2011-08-02 18:15:31 -------- d-----w- c:\documents and settings\user\application data\IObit

2011-08-02 14:06:01 -------- d-----w- c:\documents and settings\user\application data\Search Settings

2011-08-02 14:05:55 -------- d-----w- c:\program files\Application Updater

2011-08-02 14:05:54 -------- d-----w- c:\program files\IObit Toolbar

2011-08-02 14:05:54 -------- d-----w- c:\program files\common files\Spigot

2011-08-02 14:05:13 -------- d-----w- c:\documents and settings\all users\application data\IObit

2011-08-02 14:05:12 -------- d-----w- c:\program files\IObit

2011-08-02 08:47:27 -------- d-----w- C:\Download

.

==================== Find3M ====================

.

2011-06-24 14:15:31 472808 ----a-w- c:\windows\system32\deployJava1.dll

2011-06-22 18:08:18 53248 ----a-w- c:\windows\system32\unrar.dll

2011-06-22 15:09:52 4292608 ----a-w- c:\windows\unasetup.exe

2011-06-22 15:06:42 4358144 ----a-w- c:\windows\uncsetup.exe

2011-06-20 10:55:01 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

.

============= FINISH: 0:12:32,17 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-06-23.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 31.7.2004 г. 18:34:50

System Uptime: 24.8.2011 г. 10:24:53 (14 hours ago)

.

Motherboard: | | nVidia-nForce

Processor: AMD Athlon | Socket A | 1670/100mhz

.

==== Disk Partitions =========================

.

A: is Removable

C: is FIXED (NTFS) - 16 GiB total, 5,125 GiB free.

D: is FIXED (FAT32) - 31 GiB total, 2,894 GiB free.

E: is FIXED (FAT32) - 30 GiB total, 2,418 GiB free.

F: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

No restore point in system.

.

==== Installed Programs ======================

.

Архиватор WinRAR

µTorrent

Adobe Flash Player 10 Plugin

Adobe Flash Player ActiveX

Avalon Legends Solitaire 1.00

Avanquest update

avast! Antivirus

AVI/MPEG/ASF/WMV Splitter 3.25

BSPlayer

BVS Solitaire Collection version 7.1

Camtasia Studio 3

Counter-Strike 1.6 Version 29, Exe build: 3647

CT Special Forces

DAEMON Tools Toolbar

Dream Vacation Solitaire

EVEREST Ultimate Edition v5.00

Game Booster

GOM Player

Hotfix for Windows XP (KB926239)

Hoyle Miami Solitaire

IconPackager

Indeo® Software

Indianboy2007 Presents Bigfish Games Solitaire Cruise Precracked

IObit Toolbar v4.5

iZotope Ozone 1.0 for Winamp

K-Lite Mega Codec Pack 5.0.0

Microsoft Kernel-Mode Driver Framework Feature Pack 1.9

Microsoft Office Professional Edition 2003

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Moto Racer 2

Mozilla Firefox 6.0 (x86 bg)

MSVC80_x86_v2

MSXML4 Parser

MyProduct

Nero 7 Ultra Edition

Nokia Connectivity Cable Driver

Nokia PC Suite

NVIDIA Display Driver

NVIDIA Drivers

NVIDIA nForce Drivers

NVIDIA PhysX

OpenAL

Opera 10.53

PC Connectivity Solution

Picasa 3

Pirate Solitaire 1.00

Radmin Server 3.2

Realtek AC'97 Audio

Skype™ 3.8

Solitaire

Solitaire 2

Sonic Foundry Sound Forge 6.0

Sony Ericsson PC Suite 6.009.00

theme 1.00

Top 10 Solitaire

Unlocker 1.8.3

Virtual DJ - Atomix Productions

VLC media player 1.0.2

VSO Image Resizer 1.0.11

Web Page Maker V2.5

WebFldrs XP

Winamp

Windows Driver Package - Nokia Modem (03/15/2010 4.4)

Windows Driver Package - Nokia Modem (03/15/2010 7.01.0.6)

Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)

Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray

Windows Installer 3.1 (KB893803)

Windows Media Format 11 runtime

Zune Desktop Theme

.

==== Event Viewer Messages From Past Week ========

.

24.8.2011 г. 10:27:04, error: Service Control Manager [7001] - The Windows Service Pack Installer update service service depends on the Security Accounts Manager service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

23.8.2011 г. 11:03:49, error: Service Control Manager [7001] - The Windows Service Pack Installer update service service depends on the Security Accounts Manager service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

23.8.2011 г. 10:59:13, error: Service Control Manager [7001] - The Windows Service Pack Installer update service service depends on the Security Accounts Manager service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

23.8.2011 г. 10:12:57, error: Service Control Manager [7001] - The Windows Service Pack Installer update service service depends on the Security Accounts Manager service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

23.8.2011 г. 00:08:14, error: Service Control Manager [7001] - The Windows Service Pack Installer update service service depends on the Security Accounts Manager service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

21.8.2011 г. 12:24:21, error: Service Control Manager [7001] - The Windows Service Pack Installer update service service depends on the Security Accounts Manager service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

21.8.2011 г. 10:41:50, error: Service Control Manager [7001] - The Windows Service Pack Installer update service service depends on the Security Accounts Manager service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

21.8.2011 г. 00:12:51, error: Service Control Manager [7034] - The Windows Installer service terminated unexpectedly. It has done this 4 time(s).

20.8.2011 г. 13:20:06, error: Service Control Manager [7034] - The Windows Installer service terminated unexpectedly. It has done this 3 time(s).

20.8.2011 г. 12:54:01, error: Service Control Manager [7034] - The Windows Installer service terminated unexpectedly. It has done this 2 time(s).

20.8.2011 г. 11:01:07, error: Service Control Manager [7034] - The Windows Installer service terminated unexpectedly. It has done this 1 time(s).

20.8.2011 г. 10:18:36, error: Service Control Manager [7001] - The Windows Service Pack Installer update service service depends on the Security Accounts Manager service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

19.8.2011 г. 15:57:32, error: Service Control Manager [7001] - The Windows Service Pack Installer update service service depends on the Security Accounts Manager service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

19.8.2011 г. 14:11:08, error: Service Control Manager [7001] - The Windows Service Pack Installer update service service depends on the Security Accounts Manager service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

18.8.2011 г. 14:05:14, error: Service Control Manager [7001] - The Windows Service Pack Installer update service service depends on the Security Accounts Manager service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

.

==== End Of File ===========================

B-boy/StyLe/ · Август 25, 2011

Тъй като сте имате Conficker, а DDS не показва стойностите на netsvc ще се наложи да използваме тежката артилерия.

1. Изтеглете ComboFix от BleepingComputer

и го запазете (бутон Save -> Save as) ComboFix на вашия десктоп:

http://i46.tinypic.com/2exprgh.jpg

След приключване на изтеглянето на ComboFix, иконката на програмата би трябвало да изглежда така:

http://i46.tinypic.com/29eqjuq.jpg

2. Затворете всички работещи приложения, отворени прозорци и програми работещи във фонов режим. Спрете временно защитата в реално време на антивирусната програма и на другите програми за сигурност, ако има такива. За целта може да прегледате информацията от този линк: How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs.

3. Стартирайте с двоен клик Combofix.exe. Изберете YES, за да се съгласите с условията за използване на програмата. Важно: По време на работата на ComboFix не бива да се движи мишката и да се натискат клавиши от клавиатурата. Просто търпеливо оставете ComboFix да си свърши работата, без да използвате компютъра за други цели.

4. ComboFix ще провери дали Windows Recovery Console e инсталиранa.

*Ако Windows Recovery Console не е инсталирана, ще е необходимо да използвате YES за инсталация на Windows Recovery Console

*Ако Windows Recovery Console е инсталирана, ComboFix ще продължи работата си.

http://i46.tinypic.com/33wr6us.jpg

Забележка: Необходимо е да сте свързани към Интернет за да може Windows Recovery Console да се изтегли.

След инсталация на Windows Recovery Console потвърдете с YES, за да продължите напред. Снимка:

http://i45.tinypic.com/m9lvnk.jpg

5. ComboFix ще спре временно Интернет връзката, но след като приключи работата на програмата тази връзка ще бъде възстановена автоматично. ComboFix ще сканира за проблеми и за заразени файлове, като това може да отнеме известно време. Моля да бъдете търпеливи. Ако има проблем с Интернет връзката след приключване на работата на Combofix, моля да прочетете това: Manually restoring the Internet connection section.

Забележка: При проблеми с ComboFix копирайте с (Copy) и поставете с (Paste) съдържанието на C:BUG.txt в следващия си коментар.

6. Когато работата на ComboFix приключи, ще се появи текстов документ (log) в Notepad:

http://i49.tinypic.com/157m978.jpg

Копирайте с (Copy) и поставете с (Paste) съдържанието на лога в следващия си коментар.

Искам да видя и логовете от програмите с които е сканирано до момента.

Отговорете и на въпроса дали след като сте изтрили намерените неща с avast! (Който незнайно защо не искате да обновите до версия 6) дали avast! продължава да намира същите обекти.

Вие ли сте инсталирали и RADMIN ?

C:\WINDOWS\system32\rserver30\RServer3.exe

kosolin · Август 25, 2011

ComboFix 11-08-25.01 - User 08.2011 г. 23:28:15.1.1 - x86

Microsoft Windows XP Professional 5.1.2600.2.1251.359.1033.18.511.126 [GMT 3:00]

Running from: c:\documents and settings\User\Desktop\ComboFix.exe

AV: avast! antivirus 4.8.1368 [VPS 110825-0] *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\desktop.ini

c:\documents and settings\All Users\Application Data\hpe87.dll

c:\documents and settings\User\Recent\Thumbs.db

c:\documents and settings\User\WINDOWS

.

((((((((((((((((((((((((( Files Created from 2011-07-25 to 2011-08-25 )))))))))))))))))))))))))))))))

.

2011-08-24 20:55 . 2011-08-24 20:57 -------- d-----w- c:\documents and settings\User\Local Settings\Application Data\Google

2011-08-24 20:54 . 2011-08-24 20:55 -------- d-----w- c:\program files\Google

2011-08-20 08:02 . 2011-08-20 08:02 -------- d-----w- c:\program files\Common Files\DirectX

2011-08-19 20:42 . 2011-08-19 20:42 -------- d-----w- c:\documents and settings\User\Local Settings\Application Data\ArmA

2011-08-19 20:40 . 2011-08-19 20:40 409600 ----a-w- c:\windows\system32\wrap_oal.dll

2011-08-19 20:40 . 2011-08-19 20:40 114688 ----a-w- c:\windows\system32\OpenAL32.dll

2011-08-19 20:40 . 2011-08-19 20:40 -------- d-----w- c:\program files\OpenAL

2011-08-19 20:40 . 2006-12-14 18:47 782336 ----a-r- c:\windows\system32\tmp15B.tmp

2011-08-19 13:59 . 2011-08-19 13:59 -------- d-----w- c:\documents and settings\User\Application Data\Malwarebytes

2011-08-19 13:58 . 2011-08-19 13:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2011-08-19 13:55 . 2011-08-19 13:55 -------- d-----w- c:\program files\Trend Micro

2011-08-19 13:13 . 2011-08-19 13:13 -------- d-----w- c:\windows\system32\AGEIA

2011-08-19 13:13 . 2011-08-19 13:13 -------- d-----w- c:\program files\AGEIA Technologies

2011-08-19 13:12 . 2011-08-19 13:12 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard

2011-08-17 11:32 . 2011-08-17 11:32 -------- d-----w- c:\program files\m-r-software

2011-08-17 11:02 . 2010-05-12 06:42 631616 ----a-w- c:\windows\system32\msvcp100d.dll

2011-08-17 10:55 . 2011-03-25 15:03 15592 ----a-w- c:\windows\system32\roboot.exe

2011-08-17 10:55 . 2009-09-23 13:48 431936 ----a-w- c:\windows\system32\msvcp100.dll

2011-08-17 08:58 . 2010-02-04 07:01 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll

2011-08-17 08:58 . 2010-02-04 07:01 528216 ----a-w- c:\windows\system32\XAudio2_6.dll

2011-08-17 08:58 . 2010-02-04 07:01 238936 ----a-w- c:\windows\system32\xactengine3_6.dll

2011-08-17 08:58 . 2010-02-04 07:01 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll

2011-08-17 08:52 . 2011-08-17 08:52 -------- d-----w- c:\program files\Lightrock Entertainment

2011-08-16 15:23 . 2011-08-16 15:23 -------- d-----w- c:\program files\themexp.org

2011-08-16 15:21 . 2011-08-16 15:21 -------- d-----w- c:\program files\tochpc.ru

2011-08-02 18:15 . 2011-08-02 18:15 -------- d-----w- c:\documents and settings\User\Application Data\IObit

2011-08-02 14:06 . 2011-08-02 14:06 -------- d-----w- c:\documents and settings\User\Application Data\Search Settings

2011-08-02 14:05 . 2011-08-02 14:05 -------- d-----w- c:\program files\Application Updater

2011-08-02 14:05 . 2011-08-02 14:05 -------- d-----w- c:\program files\IObit Toolbar

2011-08-02 14:05 . 2011-08-02 14:05 -------- d-----w- c:\program files\Common Files\Spigot

2011-08-02 14:05 . 2011-08-02 14:05 -------- d-----w- c:\documents and settings\All Users\Application Data\IObit

2011-08-02 14:05 . 2011-08-02 14:05 -------- d-----w- c:\program files\IObit

2011-08-02 08:47 . 2011-08-23 08:08 -------- d-----w- C:\Download

2011-07-31 20:12 . 2011-07-31 20:12 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Mozilla

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-06-24 14:15 . 2011-06-24 14:15 472808 ----a-w- c:\windows\system32\deployJava1.dll

2011-06-22 18:08 . 2011-06-22 18:08 53248 ----a-w- c:\windows\system32\unrar.dll

2011-06-22 15:09 . 2011-06-22 18:10 4292608 ----a-w- c:\windows\unasetup.exe

2011-06-22 15:06 . 2011-06-22 18:08 4358144 ----a-w- c:\windows\uncsetup.exe

2011-06-20 10:55 . 2011-06-20 10:55 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-08-19 14:14 . 2011-06-20 21:24 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]

"NvMediaCenter"="c:\windows\system32\NVMCTRAY.DLL" [2003-10-06 49152]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SoundMan"="SOUNDMAN.EXE" [2006-08-03 577536]

"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2003-10-06 5058560]

"nwiz"="nwiz.exe" [2003-10-06 741376]

"SearchSettings"="c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe" [2011-06-24 534880]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]

"NvMediaCenter"="c:\windows\system32\NVMCTRAY.DLL" [2003-10-06 49152]

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKLM\~\startupfolder\C:^Documents and Settings^User^Start Menu^Programs^Startup^RocketDock.lnk]

path=c:\documents and settings\User\Start Menu\Programs\Startup\RocketDock.lnk

backup=c:\windows\pss\RocketDock.lnkStartup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]

2006-09-13 08:12 139264 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EVEREST AutoStart]

2009-02-04 21:00 2350176 ----a-w- c:\program files\Lavalys\EVEREST Ultimate Edition\everest.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

2006-01-12 13:40 155648 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]

2010-05-14 08:32 1479680 -c--a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]

2008-11-07 11:31 21633320 ----a-r- c:\program files\Skype\Phone\Skype.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]

2009-09-24 11:41 434176 -c--a-w- c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]

2006-05-06 13:29 6656 ----a-w- d:\programi\programi\unlocker\UnlockerAssistant.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"WmdmPmSN"=3 (0x3)

"SwPrv"=3 (0x3)

"seclogon"=2 (0x2)

"SCardSvr"=3 (0x3)

"RDSessMgr"=3 (0x3)

"srservice"=2 (0x2)

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\uTorrent\\uTorrent.exe"=

"c:\\Program Files\\Opera\\opera.exe"=

"e:\\GaMeS\\CS 1.6\\Counter-Strike 1.6 Sector Edition\\24450467413781390313.exe"=

"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"18153:TCP"= 18153:TCP:BitComet 18153 TCP

"18153:UDP"= 18153:UDP:BitComet 18153 UDP

.

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [31.7.2004 г. 18:51 114768]

R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [24.6.2011 г. 17:30 393112]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [31.7.2004 г. 18:51 20560]

R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [25.6.2010 г. 14:28 27632]

S2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [25.6.2010 г. 14:28 90112]

S3 aswArKrn;aswArKrn;\??\c:\docume~1\User\LOCALS~1\Temp\aswArKrn.sys --> c:\docume~1\User\LOCALS~1\Temp\aswArKrn.sys [?]

S3 S3SAVAGE4M;S3SAVAGE4M;c:\windows\system32\drivers\s3sav4m.sys [22.6.2010 г. 18:02 77824]

S3 s916bus;Sony Ericsson Device 916 driver (WDM);c:\windows\system32\drivers\s916bus.sys [25.6.2010 г. 14:22 83496]

S3 s916mdfl;Sony Ericsson Device 916 USB WMC Modem Filter;c:\windows\system32\drivers\s916mdfl.sys [25.6.2010 г. 14:22 15016]

S3 s916mdm;Sony Ericsson Device 916 USB WMC Modem Driver;c:\windows\system32\drivers\s916mdm.sys [25.6.2010 г. 14:22 109992]

S3 s916mgmt;Sony Ericsson Device 916 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s916mgmt.sys [25.6.2010 г. 14:22 103976]

S3 s916obex;Sony Ericsson Device 916 USB WMC OBEX Interface;c:\windows\system32\drivers\s916obex.sys [25.6.2010 г. 14:22 100008]

.

--- Other Services/Drivers In Memory ---

.

*Deregistered* - raddrvv3

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.facebook.com/

uInternet Connection Wizard,ShellNext = hxxp://www.codecguide.com/

IE: &С&валяне &с BitComet - e:\bit comet\BitComet\BitComet.exe/AddLink.htm

IE: &С&валяне на всички с BitComet - e:\bit comet\BitComet\BitComet.exe/AddAllLink.htm

IE: &С&валяне на всичкото видео с BitComet - e:\bit comet\BitComet\BitComet.exe/AddVideo.htm

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: Е&кспортирай в Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

TCP: DhcpNameServer = 93.155.205.5 8.8.8.8 93.155.205.6 8.8.4.4

FF - ProfilePath - c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\zmqcuvrt.default\

FF - prefs.js: browser.search.selectedEngine - Yahoo

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/

FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=382950&p=

FF - prefs.js: network.proxy.type - 0

FF - user.js: network.proxy.type - 0

FF - user.js: network.proxy.http -

user_pref(network.proxy.http_port,);

FF - user.js: network.proxy.no_proxies_on -

.

- - - - ORPHANS REMOVED - - - -

.

SafeBoot-93300040.sys

MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe

AddRemove-Indeo® Software - c:\program files\Ligos\Indeo\Uninst.isu

AddRemove-MotoRacer2CurVer - c:\program files\MotoRacer2\DeIsL2.isu

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2011-08-25 23:33

Windows 5.1.2600 Service Pack 2 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

Completion time: 2011-08-25 23:36:06

ComboFix-quarantined-files.txt 2011-08-25 20:35

.

Pre-Run: 5 411 971 072 bytes free

Post-Run: 5 502 500 864 bytes free

.

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

.

- - End Of File - - 017B169AA98B0BB80D2AA018FCC6A46A

------------------------TDSS-------------

2011/08/23 10:59:00.0562 3508 TDSS rootkit removing tool 2.5.17.0 Aug 22 2011 15:46:57

2011/08/23 10:59:00.0843 3508 ================================================================================

2011/08/23 10:59:00.0843 3508 SystemInfo:

2011/08/23 10:59:00.0843 3508

2011/08/23 10:59:00.0843 3508 OS Version: 5.1.2600 ServicePack: 2.0

2011/08/23 10:59:00.0843 3508 Product type: Workstation

2011/08/23 10:59:00.0843 3508 ComputerName: KOSYO

2011/08/23 10:59:00.0843 3508 UserName: User

2011/08/23 10:59:00.0843 3508 Windows directory: C:\WINDOWS

2011/08/23 10:59:00.0843 3508 System windows directory: C:\WINDOWS

2011/08/23 10:59:00.0843 3508 Processor architecture: Intel x86

2011/08/23 10:59:00.0843 3508 Number of processors: 1

2011/08/23 10:59:00.0843 3508 Page size: 0x1000

2011/08/23 10:59:00.0843 3508 Boot type: Normal boot

2011/08/23 10:59:00.0843 3508 ================================================================================

2011/08/23 10:59:02.0140 3508 Initialize success

2011/08/23 10:59:06.0921 3632 ================================================================================

2011/08/23 10:59:06.0921 3632 Scan started

2011/08/23 10:59:06.0921 3632 Mode: Manual;

2011/08/23 10:59:06.0921 3632 ================================================================================

2011/08/23 10:59:07.0906 3632 Aavmker4 (2ccfa74242741ca22a4267cce9b586f4) C:\WINDOWS\system32\drivers\Aavmker4.sys

2011/08/23 10:59:08.0093 3632 ACPI (a10c7534f7223f4a73a948967d00e69b) C:\WINDOWS\system32\DRIVERS\ACPI.sys

2011/08/23 10:59:08.0187 3632 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys

2011/08/23 10:59:08.0359 3632 aec (841f385c6cfaf66b58fbd898722bb4f0) C:\WINDOWS\system32\drivers\aec.sys

2011/08/23 10:59:08.0437 3632 AFD (5ac495f4cb807b2b98ad2ad591e6d92e) C:\WINDOWS\System32\drivers\afd.sys

2011/08/23 10:59:08.0875 3632 ALCXWDM (9a0a8e525c50b732ea0f8f0b597a95f9) C:\WINDOWS\system32\drivers\ALCXWDM.SYS

2011/08/23 10:59:09.0093 3632 AmdK7 (680ad1c1bb16239e28d8f33a54a7a3c7) C:\WINDOWS\system32\DRIVERS\amdk7.sys

2011/08/23 10:59:09.0312 3632 aswFsBlk (b4079a98f294a3e262872cb76f4849f0) C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys

2011/08/23 10:59:09.0375 3632 aswMon2 (dbee7b5ecb50fc2cf9323f52cbf41141) C:\WINDOWS\system32\drivers\aswMon2.sys

2011/08/23 10:59:09.0468 3632 aswRdr (8080d683489c99cbace813f6fa4069cc) C:\WINDOWS\system32\drivers\aswRdr.sys

2011/08/23 10:59:09.0562 3632 aswSP (2e5a2ad5004b55df39b7606130a88142) C:\WINDOWS\system32\drivers\aswSP.sys

2011/08/23 10:59:09.0625 3632 aswTdi (d4c83a37efadfa2c398362e0776e3773) C:\WINDOWS\system32\drivers\aswTdi.sys

2011/08/23 10:59:09.0765 3632 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

2011/08/23 10:59:09.0859 3632 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys

2011/08/23 10:59:09.0984 3632 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

2011/08/23 10:59:10.0093 3632 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

2011/08/23 10:59:10.0203 3632 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

2011/08/23 10:59:10.0296 3632 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

2011/08/23 10:59:10.0406 3632 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

2011/08/23 10:59:10.0468 3632 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys

2011/08/23 10:59:10.0562 3632 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys

2011/08/23 10:59:10.0953 3632 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys

2011/08/23 10:59:11.0062 3632 dmboot (c0fbb516e06e243f0cf31f597e7ebf7d) C:\WINDOWS\system32\drivers\dmboot.sys

2011/08/23 10:59:11.0140 3632 dmio (f5e7b358a732d09f4bcf2824b88b9e28) C:\WINDOWS\system32\drivers\dmio.sys

2011/08/23 10:59:11.0218 3632 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

2011/08/23 10:59:11.0265 3632 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys

2011/08/23 10:59:11.0406 3632 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys

2011/08/23 10:59:11.0671 3632 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys

2011/08/23 10:59:11.0937 3632 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\DRIVERS\fdc.sys

2011/08/23 10:59:12.0093 3632 Fips (e153ab8a11de5452bcf5ac7652dbf3ed) C:\WINDOWS\system32\drivers\Fips.sys

2011/08/23 10:59:12.0203 3632 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\DRIVERS\flpydisk.sys

2011/08/23 10:59:12.0359 3632 FltMgr (157754f0df355a9e0a6f54721914f9c6) C:\WINDOWS\system32\DRIVERS\fltMgr.sys

2011/08/23 10:59:12.0578 3632 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

2011/08/23 10:59:12.0734 3632 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

2011/08/23 10:59:12.0828 3632 gameenum (5f92fd09e5610a5995da7d775eadcd12) C:\WINDOWS\system32\DRIVERS\gameenum.sys

2011/08/23 10:59:13.0015 3632 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys

2011/08/23 10:59:13.0140 3632 hidusb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys

2011/08/23 10:59:13.0375 3632 HTTP (c19b522a9ae0bbc3293397f3055e80a1) C:\WINDOWS\system32\Drivers\HTTP.sys

2011/08/23 10:59:13.0562 3632 i8042prt (5502b58eef7486ee6f93f3f164dcb808) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

2011/08/23 10:59:13.0640 3632 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys

2011/08/23 10:59:13.0812 3632 Ip6Fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys

2011/08/23 10:59:13.0875 3632 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

2011/08/23 10:59:13.0953 3632 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys

2011/08/23 10:59:14.0015 3632 IpNat (b5a8e215ac29d24d60b4d1250ef05ace) C:\WINDOWS\system32\DRIVERS\ipnat.sys

2011/08/23 10:59:14.0109 3632 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys

2011/08/23 10:59:14.0171 3632 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys

2011/08/23 10:59:14.0250 3632 isapnp (e504f706ccb699c2596e9a3da1596e87) C:\WINDOWS\system32\DRIVERS\isapnp.sys

2011/08/23 10:59:14.0359 3632 Kbdclass (ebdee8a2ee5393890a1acee971c4c246) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

2011/08/23 10:59:14.0453 3632 kmixer (d93cad07c5683db066b0b2d2d3790ead) C:\WINDOWS\system32\drivers\kmixer.sys

2011/08/23 10:59:14.0531 3632 KSecDD (eb7ffe87fd367ea8fca0506f74a87fbb) C:\WINDOWS\system32\drivers\KSecDD.sys

2011/08/23 10:59:14.0718 3632 mirrorv3 (d96ea49ab9a9174331bc023fd0cadc18) C:\WINDOWS\system32\DRIVERS\rminiv3.sys

2011/08/23 10:59:14.0781 3632 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

2011/08/23 10:59:14.0875 3632 Modem (6fc6f9d7acc36dca9b914565a3aeda05) C:\WINDOWS\system32\drivers\Modem.sys

2011/08/23 10:59:14.0953 3632 Mouclass (34e1f0031153e491910e12551400192c) C:\WINDOWS\system32\DRIVERS\mouclass.sys

2011/08/23 10:59:15.0015 3632 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys

2011/08/23 10:59:15.0093 3632 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys

2011/08/23 10:59:15.0203 3632 MRxDAV (46edcc8f2db2f322c24f48785cb46366) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

2011/08/23 10:59:15.0328 3632 MRxSmb (1fd607fc67f7f7c633c3da65bfc53d18) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

2011/08/23 10:59:15.0406 3632 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys

2011/08/23 10:59:15.0484 3632 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys

2011/08/23 10:59:15.0593 3632 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

2011/08/23 10:59:15.0640 3632 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys

2011/08/23 10:59:15.0687 3632 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

2011/08/23 10:59:15.0765 3632 ms_mpu401 (ca3e22598f411199adc2dfee76cd0ae0) C:\WINDOWS\system32\drivers\msmpu401.sys

2011/08/23 10:59:15.0890 3632 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys

2011/08/23 10:59:16.0062 3632 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys

2011/08/23 10:59:16.0156 3632 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

2011/08/23 10:59:16.0265 3632 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

2011/08/23 10:59:16.0359 3632 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

2011/08/23 10:59:16.0437 3632 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys

2011/08/23 10:59:16.0515 3632 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys

2011/08/23 10:59:16.0593 3632 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys

2011/08/23 10:59:16.0750 3632 nmwcd (c3963d85b721a7f80d8a55f4e2867a3a) C:\WINDOWS\system32\drivers\ccdcmb.sys

2011/08/23 10:59:16.0812 3632 nmwcdc (3859c69a77793180548802dac9f34a38) C:\WINDOWS\system32\drivers\ccdcmbo.sys

2011/08/23 10:59:16.0906 3632 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys

2011/08/23 10:59:17.0031 3632 Ntfs (b78be402c3f63dd55521f73876951cdd) C:\WINDOWS\system32\drivers\Ntfs.sys

2011/08/23 10:59:17.0156 3632 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

2011/08/23 10:59:17.0328 3632 nv (71dbdc08df86b80511e72953fa1ad6b0) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

2011/08/23 10:59:17.0484 3632 NVENET (5155e22da2f2e1ca4023d00f6eb31b5e) C:\WINDOWS\system32\DRIVERS\NVENET.sys

2011/08/23 10:59:17.0593 3632 nv_agp (29291c3a7256337327051cc37e4fc09a) C:\WINDOWS\system32\DRIVERS\nv_agp.sys

2011/08/23 10:59:17.0656 3632 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

2011/08/23 10:59:17.0687 3632 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

2011/08/23 10:59:17.0781 3632 Parport (29744eb4ce659dfe3b4122deb45bc478) C:\WINDOWS\system32\DRIVERS\parport.sys

2011/08/23 10:59:17.0859 3632 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys

2011/08/23 10:59:17.0937 3632 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

2011/08/23 10:59:17.0984 3632 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys

2011/08/23 10:59:18.0078 3632 PCI (8086d9979234b603ad5bc2f5d890b234) C:\WINDOWS\system32\DRIVERS\pci.sys

2011/08/23 10:59:18.0187 3632 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

2011/08/23 10:59:18.0265 3632 Pcmcia (82a087207decec8456fbe8537947d579) C:\WINDOWS\system32\drivers\Pcmcia.sys

2011/08/23 10:59:18.0640 3632 pfc (2c1eb94c24a6a1d3434481b0a5fa9c08) C:\WINDOWS\system32\drivers\pfc.sys

2011/08/23 10:59:18.0734 3632 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys

2011/08/23 10:59:18.0828 3632 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys

2011/08/23 10:59:18.0890 3632 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

2011/08/23 10:59:18.0937 3632 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys

2011/08/23 10:59:19.0156 3632 raddrvv3 (06df7d2ddcb70f9aaf1e6e4656661ce2) C:\WINDOWS\system32\rserver30\raddrvv3.sys

2011/08/23 10:59:19.0203 3632 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

2011/08/23 10:59:19.0281 3632 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

2011/08/23 10:59:19.0375 3632 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

2011/08/23 10:59:19.0437 3632 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

2011/08/23 10:59:19.0500 3632 Rdbss (29d66245adba878fff574cd66abd2884) C:\WINDOWS\system32\DRIVERS\rdbss.sys

2011/08/23 10:59:19.0562 3632 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

2011/08/23 10:59:19.0656 3632 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

2011/08/23 10:59:19.0750 3632 RDPWD (d4f5643d7714ef499ae9527fdcd50894) C:\WINDOWS\system32\drivers\RDPWD.sys

2011/08/23 10:59:19.0843 3632 redbook (b31b4588e4086d8d84adbf9845c2402b) C:\WINDOWS\system32\DRIVERS\redbook.sys

2011/08/23 10:59:19.0953 3632 S3SAVAGE4M (dddc792753e657a9932029c46e60fe52) C:\WINDOWS\system32\DRIVERS\s3sav4m.sys

2011/08/23 10:59:20.0015 3632 s916bus (fec4f19c80f623c3bfb386fc815bcd30) C:\WINDOWS\system32\DRIVERS\s916bus.sys

2011/08/23 10:59:20.0078 3632 s916mdfl (a6f154da17cafd5743f552b1a88b2c32) C:\WINDOWS\system32\DRIVERS\s916mdfl.sys

2011/08/23 10:59:20.0140 3632 s916mdm (b4362e96e0a9d258cf5c7ca7ad28958a) C:\WINDOWS\system32\DRIVERS\s916mdm.sys

2011/08/23 10:59:20.0218 3632 s916mgmt (16926a57dcc885691e34aafc42e1f652) C:\WINDOWS\system32\DRIVERS\s916mgmt.sys

2011/08/23 10:59:20.0312 3632 s916obex (c04f59dd93625883357953cf367373fb) C:\WINDOWS\system32\DRIVERS\s916obex.sys

2011/08/23 10:59:20.0421 3632 Secdrv (c71394d99a04ca76484492f590c9cba5) C:\WINDOWS\system32\DRIVERS\secdrv.sys

2011/08/23 10:59:20.0500 3632 seehcri (e5b56569a9f79b70314fede6c953641e) C:\WINDOWS\system32\DRIVERS\seehcri.sys

2011/08/23 10:59:20.0578 3632 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys

2011/08/23 10:59:20.0656 3632 Serial (cd9404d115a00d249f70a371b46d5a26) C:\WINDOWS\system32\DRIVERS\serial.sys

2011/08/23 10:59:20.0750 3632 sfdrv01 (9e7dee11fd5a4355941a45f13c0ed59a) C:\WINDOWS\system32\drivers\sfdrv01.sys

2011/08/23 10:59:20.0781 3632 sfhlp02 (ecefb59d2206d281e6d317af0ea0d8bd) C:\WINDOWS\system32\drivers\sfhlp02.sys

2011/08/23 10:59:20.0843 3632 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys

2011/08/23 10:59:20.0921 3632 sfsync04 (05e3038180cd846b0bca0e915163606a) C:\WINDOWS\system32\drivers\sfsync04.sys

2011/08/23 10:59:21.0062 3632 splitter (8e186b8f23295d1e42c573b82b80d548) C:\WINDOWS\system32\drivers\splitter.sys

2011/08/23 10:59:21.0156 3632 sptd (d15da1ba189770d93eea2d7e18f95af9) C:\WINDOWS\system32\Drivers\sptd.sys

2011/08/23 10:59:21.0171 3632 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: d15da1ba189770d93eea2d7e18f95af9

2011/08/23 10:59:21.0171 3632 sptd - detected LockedFile.Multi.Generic (1)

2011/08/23 10:59:21.0281 3632 sr (e41b6d037d6cd08461470af04500dc24) C:\WINDOWS\system32\DRIVERS\sr.sys

2011/08/23 10:59:21.0390 3632 Srv (20b7e396720353e4117d64d9dcb926ca) C:\WINDOWS\system32\DRIVERS\srv.sys

2011/08/23 10:59:21.0484 3632 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys

2011/08/23 10:59:21.0593 3632 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys

2011/08/23 10:59:21.0796 3632 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys

2011/08/23 10:59:21.0906 3632 Tcpip (9f4b36614a0fc234525ba224957de55c) C:\WINDOWS\system32\DRIVERS\tcpip.sys

2011/08/23 10:59:21.0984 3632 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys

2011/08/23 10:59:22.0046 3632 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys

2011/08/23 10:59:22.0125 3632 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys

2011/08/23 10:59:22.0281 3632 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys

2011/08/23 10:59:22.0515 3632 UnlockerDriver5 (28cd05b9e54a11f08e3968ccc8f45002) D:\PrOgrAmI\programi\unlocker\UnlockerDriver5.sys

2011/08/23 10:59:22.0609 3632 Update (aff2e5045961bbc0a602bb6f95eb1345) C:\WINDOWS\system32\DRIVERS\update.sys

2011/08/23 10:59:22.0687 3632 upperdev (0ccadc7391021376edbb8aa649d04e68) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys

2011/08/23 10:59:22.0765 3632 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys

2011/08/23 10:59:22.0843 3632 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys

2011/08/23 10:59:22.0906 3632 usbohci (bdfe799a8531bad8a5a985821fe78760) C:\WINDOWS\system32\DRIVERS\usbohci.sys

2011/08/23 10:59:22.0968 3632 usbser (49106ee29074e6a3d3ac9e24c6d791d8) C:\WINDOWS\system32\drivers\usbser.sys

2011/08/23 10:59:23.0046 3632 UsbserFilt (68b4f83cccf70a2ff32ee142c234332a) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys

2011/08/23 10:59:23.0093 3632 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

2011/08/23 10:59:23.0171 3632 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys

2011/08/23 10:59:23.0281 3632 VolSnap (ee4660083deba849ff6c485d944b379b) C:\WINDOWS\system32\drivers\VolSnap.sys

2011/08/23 10:59:23.0375 3632 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys

2011/08/23 10:59:23.0468 3632 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys

2011/08/23 10:59:23.0593 3632 wdmaud (2797f33ebf50466020c430ee4f037933) C:\WINDOWS\system32\drivers\wdmaud.sys

2011/08/23 10:59:23.0765 3632 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys

2011/08/23 10:59:23.0875 3632 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

2011/08/23 10:59:23.0953 3632 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

2011/08/23 10:59:24.0031 3632 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0

2011/08/23 10:59:24.0171 3632 Boot (0x1200) (ff450e2870ddd3b4267a5e0a9d30b04e) \Device\Harddisk0\DR0\Partition0

2011/08/23 10:59:24.0203 3632 Boot (0x1200) (0dff83f4002afb16e66f8472424cef0a) \Device\Harddisk0\DR0\Partition1

2011/08/23 10:59:24.0234 3632 Boot (0x1200) (7ae7a8cc158b4c750059d0fe635c81f4) \Device\Harddisk0\DR0\Partition2

2011/08/23 10:59:24.0250 3632 ================================================================================

2011/08/23 10:59:24.0250 3632 Scan finished

2011/08/23 10:59:24.0250 3632 ================================================================================

2011/08/23 10:59:24.0281 3624 Detected object count: 1

2011/08/23 10:59:24.0281 3624 Actual detected object count: 1

2011/08/23 10:59:29.0875 3624 LockedFile.Multi.Generic(sptd) - User select action: Skip

2011/08/23 11:00:25.0468 2764 ================================================================================

2011/08/23 11:00:25.0468 2764 Scan started

2011/08/23 11:00:25.0468 2764 Mode: Manual;

2011/08/23 11:00:25.0468 2764 ================================================================================

2011/08/23 11:00:26.0125 2764 Aavmker4 (2ccfa74242741ca22a4267cce9b586f4) C:\WINDOWS\system32\drivers\Aavmker4.sys

2011/08/23 11:00:26.0265 2764 ACPI (a10c7534f7223f4a73a948967d00e69b) C:\WINDOWS\system32\DRIVERS\ACPI.sys

2011/08/23 11:00:26.0343 2764 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys

2011/08/23 11:00:26.0453 2764 aec (841f385c6cfaf66b58fbd898722bb4f0) C:\WINDOWS\system32\drivers\aec.sys

2011/08/23 11:00:26.0515 2764 AFD (5ac495f4cb807b2b98ad2ad591e6d92e) C:\WINDOWS\System32\drivers\afd.sys

2011/08/23 11:00:27.0031 2764 ALCXWDM (9a0a8e525c50b732ea0f8f0b597a95f9) C:\WINDOWS\system32\drivers\ALCXWDM.SYS

2011/08/23 11:00:27.0250 2764 AmdK7 (680ad1c1bb16239e28d8f33a54a7a3c7) C:\WINDOWS\system32\DRIVERS\amdk7.sys

2011/08/23 11:00:27.0500 2764 aswFsBlk (b4079a98f294a3e262872cb76f4849f0) C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys

2011/08/23 11:00:27.0593 2764 aswMon2 (dbee7b5ecb50fc2cf9323f52cbf41141) C:\WINDOWS\system32\drivers\aswMon2.sys

2011/08/23 11:00:27.0703 2764 aswRdr (8080d683489c99cbace813f6fa4069cc) C:\WINDOWS\system32\drivers\aswRdr.sys

2011/08/23 11:00:27.0781 2764 aswSP (2e5a2ad5004b55df39b7606130a88142) C:\WINDOWS\system32\drivers\aswSP.sys

2011/08/23 11:00:27.0875 2764 aswTdi (d4c83a37efadfa2c398362e0776e3773) C:\WINDOWS\system32\drivers\aswTdi.sys

2011/08/23 11:00:27.0953 2764 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

2011/08/23 11:00:28.0000 2764 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys

2011/08/23 11:00:28.0093 2764 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

2011/08/23 11:00:28.0171 2764 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

2011/08/23 11:00:28.0281 2764 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

2011/08/23 11:00:28.0343 2764 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

2011/08/23 11:00:28.0437 2764 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

2011/08/23 11:00:28.0546 2764 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys

2011/08/23 11:00:28.0640 2764 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys

2011/08/23 11:00:29.0203 2764 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys

2011/08/23 11:00:29.0312 2764 dmboot (c0fbb516e06e243f0cf31f597e7ebf7d) C:\WINDOWS\system32\drivers\dmboot.sys

2011/08/23 11:00:29.0421 2764 dmio (f5e7b358a732d09f4bcf2824b88b9e28) C:\WINDOWS\system32\drivers\dmio.sys

2011/08/23 11:00:29.0500 2764 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

2011/08/23 11:00:29.0593 2764 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys

2011/08/23 11:00:29.0718 2764 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys

2011/08/23 11:00:29.0906 2764 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys

2011/08/23 11:00:29.0984 2764 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\DRIVERS\fdc.sys

2011/08/23 11:00:30.0093 2764 Fips (e153ab8a11de5452bcf5ac7652dbf3ed) C:\WINDOWS\system32\drivers\Fips.sys

2011/08/23 11:00:30.0218 2764 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\DRIVERS\flpydisk.sys

2011/08/23 11:00:30.0281 2764 FltMgr (157754f0df355a9e0a6f54721914f9c6) C:\WINDOWS\system32\DRIVERS\fltMgr.sys

2011/08/23 11:00:30.0328 2764 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

2011/08/23 11:00:30.0406 2764 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

2011/08/23 11:00:30.0484 2764 gameenum (5f92fd09e5610a5995da7d775eadcd12) C:\WINDOWS\system32\DRIVERS\gameenum.sys

2011/08/23 11:00:30.0578 2764 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys

2011/08/23 11:00:30.0656 2764 hidusb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys

2011/08/23 11:00:30.0765 2764 HTTP (c19b522a9ae0bbc3293397f3055e80a1) C:\WINDOWS\system32\Drivers\HTTP.sys

2011/08/23 11:00:30.0921 2764 i8042prt (5502b58eef7486ee6f93f3f164dcb808) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

2011/08/23 11:00:31.0000 2764 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys

2011/08/23 11:00:31.0171 2764 Ip6Fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys

2011/08/23 11:00:31.0328 2764 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

2011/08/23 11:00:31.0484 2764 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys

2011/08/23 11:00:31.0609 2764 IpNat (b5a8e215ac29d24d60b4d1250ef05ace) C:\WINDOWS\system32\DRIVERS\ipnat.sys

2011/08/23 11:00:31.0671 2764 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys

2011/08/23 11:00:31.0765 2764 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys

2011/08/23 11:00:31.0843 2764 isapnp (e504f706ccb699c2596e9a3da1596e87) C:\WINDOWS\system32\DRIVERS\isapnp.sys

2011/08/23 11:00:31.0906 2764 Kbdclass (ebdee8a2ee5393890a1acee971c4c246) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

2011/08/23 11:00:31.0984 2764 kmixer (d93cad07c5683db066b0b2d2d3790ead) C:\WINDOWS\system32\drivers\kmixer.sys

2011/08/23 11:00:32.0078 2764 KSecDD (eb7ffe87fd367ea8fca0506f74a87fbb) C:\WINDOWS\system32\drivers\KSecDD.sys

2011/08/23 11:00:32.0203 2764 mirrorv3 (d96ea49ab9a9174331bc023fd0cadc18) C:\WINDOWS\system32\DRIVERS\rminiv3.sys

2011/08/23 11:00:32.0265 2764 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

2011/08/23 11:00:32.0328 2764 Modem (6fc6f9d7acc36dca9b914565a3aeda05) C:\WINDOWS\system32\drivers\Modem.sys

2011/08/23 11:00:32.0406 2764 Mouclass (34e1f0031153e491910e12551400192c) C:\WINDOWS\system32\DRIVERS\mouclass.sys

2011/08/23 11:00:32.0484 2764 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys

2011/08/23 11:00:32.0578 2764 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys

2011/08/23 11:00:32.0671 2764 MRxDAV (46edcc8f2db2f322c24f48785cb46366) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

2011/08/23 11:00:32.0828 2764 MRxSmb (1fd607fc67f7f7c633c3da65bfc53d18) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

2011/08/23 11:00:32.0937 2764 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys

2011/08/23 11:00:33.0000 2764 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys

2011/08/23 11:00:33.0078 2764 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

2011/08/23 11:00:33.0140 2764 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys

2011/08/23 11:00:33.0218 2764 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

2011/08/23 11:00:33.0296 2764 ms_mpu401 (ca3e22598f411199adc2dfee76cd0ae0) C:\WINDOWS\system32\drivers\msmpu401.sys

2011/08/23 11:00:33.0359 2764 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys

2011/08/23 11:00:33.0421 2764 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys

2011/08/23 11:00:33.0593 2764 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

2011/08/23 11:00:33.0671 2764 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

2011/08/23 11:00:33.0765 2764 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

2011/08/23 11:00:33.0859 2764 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys

2011/08/23 11:00:33.0921 2764 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys

2011/08/23 11:00:34.0031 2764 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys

2011/08/23 11:00:34.0125 2764 nmwcd (c3963d85b721a7f80d8a55f4e2867a3a) C:\WINDOWS\system32\drivers\ccdcmb.sys

2011/08/23 11:00:34.0187 2764 nmwcdc (3859c69a77793180548802dac9f34a38) C:\WINDOWS\system32\drivers\ccdcmbo.sys

2011/08/23 11:00:34.0250 2764 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys

2011/08/23 11:00:34.0453 2764 Ntfs (b78be402c3f63dd55521f73876951cdd) C:\WINDOWS\system32\drivers\Ntfs.sys

2011/08/23 11:00:34.0562 2764 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

2011/08/23 11:00:34.0687 2764 nv (71dbdc08df86b80511e72953fa1ad6b0) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

2011/08/23 11:00:34.0781 2764 NVENET (5155e22da2f2e1ca4023d00f6eb31b5e) C:\WINDOWS\system32\DRIVERS\NVENET.sys

2011/08/23 11:00:34.0843 2764 nv_agp (29291c3a7256337327051cc37e4fc09a) C:\WINDOWS\system32\DRIVERS\nv_agp.sys

2011/08/23 11:00:34.0890 2764 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

2011/08/23 11:00:34.0968 2764 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

2011/08/23 11:00:35.0078 2764 Parport (29744eb4ce659dfe3b4122deb45bc478) C:\WINDOWS\system32\DRIVERS\parport.sys

2011/08/23 11:00:35.0171 2764 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys

2011/08/23 11:00:35.0234 2764 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

2011/08/23 11:00:35.0296 2764 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys

2011/08/23 11:00:35.0359 2764 PCI (8086d9979234b603ad5bc2f5d890b234) C:\WINDOWS\system32\DRIVERS\pci.sys

2011/08/23 11:00:35.0468 2764 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

2011/08/23 11:00:35.0593 2764 Pcmcia (82a087207decec8456fbe8537947d579) C:\WINDOWS\system32\drivers\Pcmcia.sys

2011/08/23 11:00:36.0046 2764 pfc (2c1eb94c24a6a1d3434481b0a5fa9c08) C:\WINDOWS\system32\drivers\pfc.sys

2011/08/23 11:00:36.0125 2764 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys

2011/08/23 11:00:36.0218 2764 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys

2011/08/23 11:00:36.0265 2764 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

2011/08/23 11:00:36.0312 2764 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys

2011/08/23 11:00:36.0562 2764 raddrvv3 (06df7d2ddcb70f9aaf1e6e4656661ce2) C:\WINDOWS\system32\rserver30\raddrvv3.sys

2011/08/23 11:00:36.0625 2764 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

2011/08/23 11:00:36.0671 2764 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

2011/08/23 11:00:36.0765 2764 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

2011/08/23 11:00:36.0796 2764 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

2011/08/23 11:00:36.0890 2764 Rdbss (29d66245adba878fff574cd66abd2884) C:\WINDOWS\system32\DRIVERS\rdbss.sys

2011/08/23 11:00:36.0953 2764 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

2011/08/23 11:00:37.0125 2764 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

2011/08/23 11:00:37.0421 2764 RDPWD (d4f5643d7714ef499ae9527fdcd50894) C:\WINDOWS\system32\drivers\RDPWD.sys

2011/08/23 11:00:37.0750 2764 redbook (b31b4588e4086d8d84adbf9845c2402b) C:\WINDOWS\system32\DRIVERS\redbook.sys

2011/08/23 11:00:38.0375 2764 S3SAVAGE4M (dddc792753e657a9932029c46e60fe52) C:\WINDOWS\system32\DRIVERS\s3sav4m.sys

2011/08/23 11:00:38.0843 2764 s916bus (fec4f19c80f623c3bfb386fc815bcd30) C:\WINDOWS\system32\DRIVERS\s916bus.sys

2011/08/23 11:00:39.0234 2764 s916mdfl (a6f154da17cafd5743f552b1a88b2c32) C:\WINDOWS\system32\DRIVERS\s916mdfl.sys

2011/08/23 11:00:39.0531 2764 s916mdm (b4362e96e0a9d258cf5c7ca7ad28958a) C:\WINDOWS\system32\DRIVERS\s916mdm.sys

2011/08/23 11:00:39.0781 2764 s916mgmt (16926a57dcc885691e34aafc42e1f652) C:\WINDOWS\system32\DRIVERS\s916mgmt.sys

2011/08/23 11:00:39.0859 2764 s916obex (c04f59dd93625883357953cf367373fb) C:\WINDOWS\system32\DRIVERS\s916obex.sys

2011/08/23 11:00:39.0937 2764 Secdrv (c71394d99a04ca76484492f590c9cba5) C:\WINDOWS\system32\DRIVERS\secdrv.sys

2011/08/23 11:00:40.0015 2764 seehcri (e5b56569a9f79b70314fede6c953641e) C:\WINDOWS\system32\DRIVERS\seehcri.sys

2011/08/23 11:00:40.0093 2764 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys

2011/08/23 11:00:40.0140 2764 Serial (cd9404d115a00d249f70a371b46d5a26) C:\WINDOWS\system32\DRIVERS\serial.sys

2011/08/23 11:00:40.0203 2764 sfdrv01 (9e7dee11fd5a4355941a45f13c0ed59a) C:\WINDOWS\system32\drivers\sfdrv01.sys

2011/08/23 11:00:40.0265 2764 sfhlp02 (ecefb59d2206d281e6d317af0ea0d8bd) C:\WINDOWS\system32\drivers\sfhlp02.sys

2011/08/23 11:00:40.0359 2764 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys

2011/08/23 11:00:40.0515 2764 sfsync04 (05e3038180cd846b0bca0e915163606a) C:\WINDOWS\system32\drivers\sfsync04.sys

2011/08/23 11:00:40.0750 2764 splitter (8e186b8f23295d1e42c573b82b80d548) C:\WINDOWS\system32\drivers\splitter.sys

2011/08/23 11:00:40.0843 2764 sptd (d15da1ba189770d93eea2d7e18f95af9) C:\WINDOWS\system32\Drivers\sptd.sys

2011/08/23 11:00:40.0843 2764 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: d15da1ba189770d93eea2d7e18f95af9

2011/08/23 11:00:40.0859 2764 sptd - detected LockedFile.Multi.Generic (1)

2011/08/23 11:00:40.0937 2764 sr (e41b6d037d6cd08461470af04500dc24) C:\WINDOWS\system32\DRIVERS\sr.sys

2011/08/23 11:00:41.0031 2764 Srv (20b7e396720353e4117d64d9dcb926ca) C:\WINDOWS\system32\DRIVERS\srv.sys

2011/08/23 11:00:41.0125 2764 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys

2011/08/23 11:00:41.0281 2764 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys

2011/08/23 11:00:41.0640 2764 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys

2011/08/23 11:00:41.0703 2764 Tcpip (9f4b36614a0fc234525ba224957de55c) C:\WINDOWS\system32\DRIVERS\tcpip.sys

2011/08/23 11:00:41.0875 2764 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys

2011/08/23 11:00:41.0968 2764 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys

2011/08/23 11:00:42.0078 2764 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys

2011/08/23 11:00:42.0250 2764 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys

2011/08/23 11:00:42.0375 2764 UnlockerDriver5 (28cd05b9e54a11f08e3968ccc8f45002) D:\PrOgrAmI\programi\unlocker\UnlockerDriver5.sys

2011/08/23 11:00:42.0468 2764 Update (aff2e5045961bbc0a602bb6f95eb1345) C:\WINDOWS\system32\DRIVERS\update.sys

2011/08/23 11:00:42.0593 2764 upperdev (0ccadc7391021376edbb8aa649d04e68) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys

2011/08/23 11:00:42.0734 2764 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys

2011/08/23 11:00:42.0843 2764 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys

2011/08/23 11:00:42.0968 2764 usbohci (bdfe799a8531bad8a5a985821fe78760) C:\WINDOWS\system32\DRIVERS\usbohci.sys

2011/08/23 11:00:43.0109 2764 usbser (49106ee29074e6a3d3ac9e24c6d791d8) C:\WINDOWS\system32\drivers\usbser.sys

2011/08/23 11:00:43.0203 2764 UsbserFilt (68b4f83cccf70a2ff32ee142c234332a) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys

2011/08/23 11:00:43.0296 2764 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

2011/08/23 11:00:43.0390 2764 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys

2011/08/23 11:00:43.0484 2764 VolSnap (ee4660083deba849ff6c485d944b379b) C:\WINDOWS\system32\drivers\VolSnap.sys

2011/08/23 11:00:43.0609 2764 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys

2011/08/23 11:00:43.0671 2764 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys

2011/08/23 11:00:43.0828 2764 wdmaud (2797f33ebf50466020c430ee4f037933) C:\WINDOWS\system32\drivers\wdmaud.sys

2011/08/23 11:00:43.0953 2764 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys

2011/08/23 11:00:44.0093 2764 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

2011/08/23 11:00:44.0171 2764 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

2011/08/23 11:00:44.0234 2764 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0

2011/08/23 11:00:44.0390 2764 Boot (0x1200) (ff450e2870ddd3b4267a5e0a9d30b04e) \Device\Harddisk0\DR0\Partition0

2011/08/23 11:00:44.0437 2764 Boot (0x1200) (0dff83f4002afb16e66f8472424cef0a) \Device\Harddisk0\DR0\Partition1

2011/08/23 11:00:44.0468 2764 Boot (0x1200) (7ae7a8cc158b4c750059d0fe635c81f4) \Device\Harddisk0\DR0\Partition2

2011/08/23 11:00:44.0468 2764 ================================================================================

2011/08/23 11:00:44.0468 2764 Scan finished

2011/08/23 11:00:44.0468 2764 ================================================================================

2011/08/23 11:00:44.0500 2744 Detected object count: 1

2011/08/23 11:00:44.0500 2744 Actual detected object count: 1

2011/08/23 11:01:03.0015 2744 HKLM\SYSTEM\ControlSet001\services\sptd - will be deleted after reboot

2011/08/23 11:01:03.0031 2744 HKLM\SYSTEM\ControlSet002\services\sptd - will be deleted after reboot

2011/08/23 11:01:03.0031 2744 HKLM\SYSTEM\ControlSet003\services\sptd - will be deleted after reboot

2011/08/23 11:01:03.0031 2744 C:\WINDOWS\system32\Drivers\sptd.sys - will be deleted after reboot

2011/08/23 11:01:03.0046 2744 LockedFile.Multi.Generic(sptd) - User select action: Delete

2011/08/23 11:01:18.0828 3488 Deinitialize success

============ Remover for Win32/Downadup ===============

Version: 1.2.0.714

Date: 25.08.2011 23:39

Scanning memory ...;

ACPI:C:\WINDOWS\system32\DRIVERS\ACPI.sys; OK

aec:C:\WINDOWS\system32\drivers\aec.sys; OK

AFD:C:\WINDOWS\System32\drivers\afd.sys; OK

ALCXWDM:C:\WINDOWS\system32\drivers\ALCXWDM.SYS; OK

Alerter:C:\WINDOWS\system32\alrsvc.dll; OK

ALG:C:\WINDOWS\System32\alg.exe; OK

AmdK7:C:\WINDOWS\system32\DRIVERS\amdk7.sys; OK

AppMgmt:C:\WINDOWS\System32\appmgmts.dll; OK

aswFsBlk:C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys; OK

AsyncMac:C:\WINDOWS\system32\DRIVERS\asyncmac.sys; OK

atapi:C:\WINDOWS\system32\DRIVERS\atapi.sys; OK

Atmarpc:C:\WINDOWS\system32\DRIVERS\atmarpc.sys; OK

AudioSrv:C:\WINDOWS\System32\audiosrv.dll; OK

audstub:C:\WINDOWS\system32\DRIVERS\audstub.sys; OK

BITS:C:\WINDOWS\system32\qmgr.dll; OK

Browser:C:\WINDOWS\System32\browser.dll; OK

Cdrom:C:\WINDOWS\system32\DRIVERS\cdrom.sys; OK

ClipSrv:C:\WINDOWS\system32\clipsrv.exe; OK

COMSysApp:C:\WINDOWS\system32\dllhost.exe; OK

CryptSvc:C:\WINDOWS\System32\cryptsvc.dll; OK

DcomLaunch:C:\WINDOWS\system32\rpcss.dll; OK

Dhcp:C:\WINDOWS\System32\dhcpcsvc.dll; OK

Disk:C:\WINDOWS\system32\DRIVERS\disk.sys; OK

dmboot:C:\WINDOWS\System32\drivers\dmboot.sys; OK

dmio:C:\WINDOWS\System32\drivers\dmio.sys; OK

dmload:C:\WINDOWS\System32\drivers\dmload.sys; OK

dmserver:C:\WINDOWS\System32\dmserver.dll; OK

DMusic:C:\WINDOWS\system32\drivers\DMusic.sys; OK

Dnscache:C:\WINDOWS\System32\dnsrslvr.dll; OK

drmkaud:C:\WINDOWS\system32\drivers\drmkaud.sys; OK

ERSvc:C:\WINDOWS\System32\ersvc.dll; OK

EventSystem:C:\WINDOWS\system32\es.dll; OK

EverestDriver:C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt; OK

FastUserSwitchingCompatibility:C:\WINDOWS\System32\shsvcs.dll; OK

Fdc:C:\WINDOWS\system32\DRIVERS\fdc.sys; OK

Flpydisk:C:\WINDOWS\system32\DRIVERS\flpydisk.sys; OK

FltMgr:C:\WINDOWS\system32\DRIVERS\fltMgr.sys; OK

Ftdisk:C:\WINDOWS\system32\DRIVERS\ftdisk.sys; OK

gameenum:C:\WINDOWS\system32\DRIVERS\gameenum.sys; OK

Gpc:C:\WINDOWS\system32\DRIVERS\msgpc.sys; OK

helpsvc:C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll; OK

HidServ:C:\WINDOWS\System32\hidserv.dll; Can't open

hidusb:C:\WINDOWS\system32\DRIVERS\hidusb.sys; OK

HTTP:C:\WINDOWS\System32\Drivers\HTTP.sys; OK

HTTPFilter:C:\WINDOWS\System32\w3ssl.dll; OK

i8042prt:C:\WINDOWS\system32\DRIVERS\i8042prt.sys; OK

Imapi:C:\WINDOWS\system32\DRIVERS\imapi.sys; OK

ImapiService:C:\WINDOWS\system32\imapi.exe; OK

Ip6Fw:C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys; OK

IpFilterDriver:C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys; OK

IpInIp:C:\WINDOWS\system32\DRIVERS\ipinip.sys; OK

IpNat:C:\WINDOWS\system32\DRIVERS\ipnat.sys; OK

IPSec:C:\WINDOWS\system32\DRIVERS\ipsec.sys; OK

IRENUM:C:\WINDOWS\system32\DRIVERS\irenum.sys; OK

isapnp:C:\WINDOWS\system32\DRIVERS\isapnp.sys; OK

Kbdclass:C:\WINDOWS\system32\DRIVERS\kbdclass.sys; OK

kmixer:C:\WINDOWS\system32\drivers\kmixer.sys; OK

lanmanserver:C:\WINDOWS\System32\srvsvc.dll; OK

lanmanworkstation:C:\WINDOWS\System32\wkssvc.dll; OK

LmHosts:C:\WINDOWS\System32\lmhsvc.dll; OK

Messenger:C:\WINDOWS\System32\msgsvc.dll; OK

mirrorv3:C:\WINDOWS\system32\DRIVERS\rminiv3.sys; OK

Mouclass:C:\WINDOWS\system32\DRIVERS\mouclass.sys; OK

mouhid:C:\WINDOWS\system32\DRIVERS\mouhid.sys; OK

MRxDAV:C:\WINDOWS\system32\DRIVERS\mrxdav.sys; OK

MRxSmb:C:\WINDOWS\system32\DRIVERS\mrxsmb.sys; OK

MSDTC:C:\WINDOWS\system32\msdtc.exe; OK

MSKSSRV:C:\WINDOWS\system32\drivers\MSKSSRV.sys; OK

MSPCLOCK:C:\WINDOWS\system32\drivers\MSPCLOCK.sys; OK

MSPQM:C:\WINDOWS\system32\drivers\MSPQM.sys; OK

mssmbios:C:\WINDOWS\system32\DRIVERS\mssmbios.sys; OK

ms_mpu401:C:\WINDOWS\system32\drivers\msmpu401.sys; OK

NdisTapi:C:\WINDOWS\system32\DRIVERS\ndistapi.sys; OK

Ndisuio:C:\WINDOWS\system32\DRIVERS\ndisuio.sys; OK

NdisWan:C:\WINDOWS\system32\DRIVERS\ndiswan.sys; OK

NetBIOS:C:\WINDOWS\system32\DRIVERS\netbios.sys; OK

NetBT:C:\WINDOWS\system32\DRIVERS\netbt.sys; OK

Nla:C:\WINDOWS\System32\mswsock.dll; OK

NtmsSvc:C:\WINDOWS\system32\ntmssvc.dll; OK

nv:C:\WINDOWS\system32\DRIVERS\nv4_mini.sys; OK

NVENET:C:\WINDOWS\system32\DRIVERS\NVENET.sys; OK

NVSvc:C:\WINDOWS\system32\nvsvc32.exe; OK

nv_agp:C:\WINDOWS\system32\DRIVERS\nv_agp.sys; OK

NwlnkFlt:C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys; OK

NwlnkFwd:C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys; OK

ose:C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE; OK

Parport:C:\WINDOWS\system32\DRIVERS\parport.sys; OK

PCI:C:\WINDOWS\system32\DRIVERS\pci.sys; OK

PCIIde:C:\WINDOWS\system32\DRIVERS\pciide.sys; OK

PptpMiniport:C:\WINDOWS\system32\DRIVERS\raspptp.sys; OK

PSched:C:\WINDOWS\system32\DRIVERS\psched.sys; OK

Ptilink:C:\WINDOWS\system32\DRIVERS\ptilink.sys; OK

PxHelp20:C:\WINDOWS\System32\Drivers\PxHelp20.sys; OK

raddrvv3:C:\WINDOWS\system32\rserver30\raddrvv3.sys; Can't open

RasAcd:C:\WINDOWS\system32\DRIVERS\rasacd.sys; OK

RasAuto:C:\WINDOWS\System32\rasauto.dll; OK

Rasl2tp:C:\WINDOWS\system32\DRIVERS\rasl2tp.sys; OK

RasMan:C:\WINDOWS\System32\rasmans.dll; OK

RasPppoe:C:\WINDOWS\system32\DRIVERS\raspppoe.sys; OK

Raspti:C:\WINDOWS\system32\DRIVERS\raspti.sys; OK

Rdbss:C:\WINDOWS\system32\DRIVERS\rdbss.sys; OK

RDPCDD:C:\WINDOWS\System32\DRIVERS\RDPCDD.sys; OK

rdpdr:C:\WINDOWS\system32\DRIVERS\rdpdr.sys; OK

RDSessMgr:C:\WINDOWS\system32\sessmgr.exe; OK

redbook:C:\WINDOWS\system32\DRIVERS\redbook.sys; OK

RemoteAccess:C:\WINDOWS\System32\mprdim.dll; OK

RemoteRegistry:C:\WINDOWS\system32\regsvc.dll; OK

RpcLocator:C:\WINDOWS\system32\locator.exe; OK

RpcSs:C:\WINDOWS\system32\rpcss.dll; OK

RSVP:C:\WINDOWS\system32\rsvp.exe; OK

Schedule:C:\WINDOWS\system32\schedsvc.dll; OK

Secdrv:C:\WINDOWS\system32\DRIVERS\secdrv.sys; OK

SENS:C:\WINDOWS\system32\sens.dll; OK

serenum:C:\WINDOWS\system32\DRIVERS\serenum.sys; OK

Serial:C:\WINDOWS\system32\DRIVERS\serial.sys; OK

SharedAccess:C:\WINDOWS\System32\ipnathlp.dll; OK

ShellHWDetection:C:\WINDOWS\System32\shsvcs.dll; OK

splitter:C:\WINDOWS\system32\drivers\splitter.sys; OK

sr:C:\WINDOWS\system32\DRIVERS\sr.sys; OK

srservice:C:\WINDOWS\system32\srsvc.dll; OK

Srv:C:\WINDOWS\system32\DRIVERS\srv.sys; OK

SSDPSRV:C:\WINDOWS\System32\ssdpsrv.dll; OK

stisvc:C:\WINDOWS\system32\wiaservc.dll; OK

swenum:C:\WINDOWS\system32\DRIVERS\swenum.sys; OK

swmidi:C:\WINDOWS\system32\drivers\swmidi.sys; OK

SwPrv:C:\WINDOWS\system32\dllhost.exe; OK

sysaudio:C:\WINDOWS\system32\drivers\sysaudio.sys; OK

SysmonLog:C:\WINDOWS\system32\smlogsvc.exe; OK

TapiSrv:C:\WINDOWS\System32\tapisrv.dll; OK

Tcpip:C:\WINDOWS\system32\DRIVERS\tcpip.sys; OK

TermDD:C:\WINDOWS\system32\DRIVERS\termdd.sys; OK

TermService:C:\WINDOWS\System32\termsrv.dll; OK

Themes:C:\WINDOWS\System32\shsvcs.dll; OK

TlntSvr:C:\WINDOWS\system32\tlntsvr.exe; OK

TrkWks:C:\WINDOWS\system32\trkwks.dll; OK

UMWdf:C:\WINDOWS\system32\wdfmgr.exe; OK

Update:C:\WINDOWS\system32\DRIVERS\update.sys; OK

upnphost:C:\WINDOWS\System32\upnphost.dll; OK

UPS:C:\WINDOWS\System32\ups.exe; OK

usbehci:C:\WINDOWS\system32\DRIVERS\usbehci.sys; OK

usbhub:C:\WINDOWS\system32\DRIVERS\usbhub.sys; OK

usbohci:C:\WINDOWS\system32\DRIVERS\usbohci.sys; OK

USBSTOR:C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS; OK

VgaSave:C:\WINDOWS\System32\drivers\vga.sys; OK

VSS:C:\WINDOWS\System32\vssvc.exe; OK

W32Time:C:\WINDOWS\system32\w32time.dll; OK

Wanarp:C:\WINDOWS\system32\DRIVERS\wanarp.sys; OK

wdmaud:C:\WINDOWS\system32\drivers\wdmaud.sys; OK

WebClient:C:\WINDOWS\System32\webclnt.dll; OK

winmgmt:C:\WINDOWS\system32\wbem\WMIsvc.dll; OK

WmdmPmSN:C:\WINDOWS\system32\MsPMSNSv.dll; OK

Wmi:C:\WINDOWS\System32\advapi32.dll; OK

WmiApSrv:C:\WINDOWS\system32\wbem\wmiapsrv.exe; OK

wscsvc:C:\WINDOWS\system32\wscsvc.dll; OK

wuauserv:C:\WINDOWS\system32\wuauserv.dll; OK

WZCSVC:C:\WINDOWS\System32\wzcsvc.dll; OK

xmlprov:C:\WINDOWS\System32\xmlprov.dll; OK

ACPI:C:\WINDOWS\system32\DRIVERS\ACPI.sys; OK

Adobe LM Service:C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe; OK

aec:C:\WINDOWS\system32\drivers\aec.sys; OK

AFD:C:\WINDOWS\System32\drivers\afd.sys; OK

ALCXWDM:C:\WINDOWS\system32\drivers\ALCXWDM.SYS; OK

Alerter:C:\WINDOWS\system32\alrsvc.dll; OK

ALG:C:\WINDOWS\System32\alg.exe; OK

AmdK7:C:\WINDOWS\system32\DRIVERS\amdk7.sys; OK

Application Updater:C:\Program Files\Application Updater\ApplicationUpdater.exe; OK

AppMgmt:C:\WINDOWS\System32\appmgmts.dll; OK

aswArKrn:C:\DOCUME~1\User\LOCALS~1\Temp\aswArKrn.sys; Can't open

aswFsBlk:C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys; OK

AsyncMac:C:\WINDOWS\system32\DRIVERS\asyncmac.sys; OK

atapi:C:\WINDOWS\system32\DRIVERS\atapi.sys; OK

Atmarpc:C:\WINDOWS\system32\DRIVERS\atmarpc.sys; OK

AudioSrv:C:\WINDOWS\System32\audiosrv.dll; OK

audstub:C:\WINDOWS\system32\DRIVERS\audstub.sys; OK

BITS:C:\WINDOWS\system32\qmgr.dll; OK

Browser:C:\WINDOWS\System32\browser.dll; OK

catchme:C:\DOCUME~1\User\LOCALS~1\Temp\catchme.sys; Can't open

Cdrom:C:\WINDOWS\system32\DRIVERS\cdrom.sys; OK

ClipSrv:C:\WINDOWS\system32\clipsrv.exe; OK

COMSysApp:C:\WINDOWS\system32\dllhost.exe; OK

CryptSvc:C:\WINDOWS\System32\cryptsvc.dll; OK

DcomLaunch:C:\WINDOWS\system32\rpcss.dll; OK

Dhcp:C:\WINDOWS\System32\dhcpcsvc.dll; OK

Disk:C:\WINDOWS\system32\DRIVERS\disk.sys; OK

dmboot:C:\WINDOWS\System32\drivers\dmboot.sys; OK

dmio:C:\WINDOWS\System32\drivers\dmio.sys; OK

dmload:C:\WINDOWS\System32\drivers\dmload.sys; OK

dmserver:C:\WINDOWS\System32\dmserver.dll; OK

DMusic:C:\WINDOWS\system32\drivers\DMusic.sys; OK

Dnscache:C:\WINDOWS\System32\dnsrslvr.dll; OK

drmkaud:C:\WINDOWS\system32\drivers\drmkaud.sys; OK

ERSvc:C:\WINDOWS\System32\ersvc.dll; OK

EventSystem:C:\WINDOWS\system32\es.dll; OK

FastUserSwitchingCompatibility:C:\WINDOWS\System32\shsvcs.dll; OK

Fdc:C:\WINDOWS\system32\DRIVERS\fdc.sys; OK

Flpydisk:C:\WINDOWS\system32\DRIVERS\flpydisk.sys; OK

FltMgr:C:\WINDOWS\system32\DRIVERS\fltMgr.sys; OK

Ftdisk:C:\WINDOWS\system32\DRIVERS\ftdisk.sys; OK

gameenum:C:\WINDOWS\system32\DRIVERS\gameenum.sys; OK

Gpc:C:\WINDOWS\system32\DRIVERS\msgpc.sys; OK

gusvc:C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe; OK

helpsvc:C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll; OK

HidServ:C:\WINDOWS\System32\hidserv.dll; Can't open

hidusb:C:\WINDOWS\system32\DRIVERS\hidusb.sys; OK

HTTP:C:\WINDOWS\System32\Drivers\HTTP.sys; OK

HTTPFilter:C:\WINDOWS\System32\w3ssl.dll; OK

i8042prt:C:\WINDOWS\system32\DRIVERS\i8042prt.sys; OK

Imapi:C:\WINDOWS\system32\DRIVERS\imapi.sys; OK

ImapiService:C:\WINDOWS\system32\imapi.exe; OK

Ip6Fw:C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys; OK

IpFilterDriver:C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys; OK

IpInIp:C:\WINDOWS\system32\DRIVERS\ipinip.sys; OK

IpNat:C:\WINDOWS\system32\DRIVERS\ipnat.sys; OK

IPSec:C:\WINDOWS\system32\DRIVERS\ipsec.sys; OK

IRENUM:C:\WINDOWS\system32\DRIVERS\irenum.sys; OK

isapnp:C:\WINDOWS\system32\DRIVERS\isapnp.sys; OK

Kbdclass:C:\WINDOWS\system32\DRIVERS\kbdclass.sys; OK

kmixer:C:\WINDOWS\system32\drivers\kmixer.sys; OK

lanmanserver:C:\WINDOWS\System32\srvsvc.dll; OK

lanmanworkstation:C:\WINDOWS\System32\wkssvc.dll; OK

LmHosts:C:\WINDOWS\System32\lmhsvc.dll; OK

Messenger:C:\WINDOWS\System32\msgsvc.dll; OK

mirrorv3:C:\WINDOWS\system32\DRIVERS\rminiv3.sys; OK

Mouclass:C:\WINDOWS\system32\DRIVERS\mouclass.sys; OK

mouhid:C:\WINDOWS\system32\DRIVERS\mouhid.sys; OK

MRxDAV:C:\WINDOWS\system32\DRIVERS\mrxdav.sys; OK

MRxSmb:C:\WINDOWS\system32\DRIVERS\mrxsmb.sys; OK

MSDTC:C:\WINDOWS\system32\msdtc.exe; OK

MSKSSRV:C:\WINDOWS\system32\drivers\MSKSSRV.sys; OK

MSPCLOCK:C:\WINDOWS\system32\drivers\MSPCLOCK.sys; OK

MSPQM:C:\WINDOWS\system32\drivers\MSPQM.sys; OK

mssmbios:C:\WINDOWS\system32\DRIVERS\mssmbios.sys; OK

ms_mpu401:C:\WINDOWS\system32\drivers\msmpu401.sys; OK

NdisTapi:C:\WINDOWS\system32\DRIVERS\ndistapi.sys; OK

Ndisuio:C:\WINDOWS\system32\DRIVERS\ndisuio.sys; OK

NdisWan:C:\WINDOWS\system32\DRIVERS\ndiswan.sys; OK

NetBIOS:C:\WINDOWS\system32\DRIVERS\netbios.sys; OK

NetBT:C:\WINDOWS\system32\DRIVERS\netbt.sys; OK

Nla:C:\WINDOWS\System32\mswsock.dll; OK

nmwcd:C:\WINDOWS\system32\drivers\ccdcmb.sys; OK

nmwcdc:C:\WINDOWS\system32\drivers\ccdcmbo.sys; OK

NtmsSvc:C:\WINDOWS\system32\ntmssvc.dll; OK

nv:C:\WINDOWS\system32\DRIVERS\nv4_mini.sys; OK

NVENET:C:\WINDOWS\system32\DRIVERS\NVENET.sys; OK

NVSvc:C:\WINDOWS\system32\nvsvc32.exe; OK

nv_agp:C:\WINDOWS\system32\DRIVERS\nv_agp.sys; OK

NwlnkFlt:C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys; OK

NwlnkFwd:C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys; OK

ose:C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE; OK

Parport:C:\WINDOWS\system32\DRIVERS\parport.sys; OK

pccsmcfd:C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys; OK

PCI:C:\WINDOWS\system32\DRIVERS\pci.sys; OK

PCIIde:C:\WINDOWS\system32\DRIVERS\pciide.sys; OK

pfc:C:\WINDOWS\system32\drivers\pfc.sys; OK

PptpMiniport:C:\WINDOWS\system32\DRIVERS\raspptp.sys; OK

PSched:C:\WINDOWS\system32\DRIVERS\psched.sys; OK

Ptilink:C:\WINDOWS\system32\DRIVERS\ptilink.sys; OK

PxHelp20:C:\WINDOWS\System32\Drivers\PxHelp20.sys; OK

RasAcd:C:\WINDOWS\system32\DRIVERS\rasacd.sys; OK

RasAuto:C:\WINDOWS\System32\rasauto.dll; OK

Rasl2tp:C:\WINDOWS\system32\DRIVERS\rasl2tp.sys; OK

RasMan:C:\WINDOWS\System32\rasmans.dll; OK

RasPppoe:C:\WINDOWS\system32\DRIVERS\raspppoe.sys; OK

Raspti:C:\WINDOWS\system32\DRIVERS\raspti.sys; OK

Rdbss:C:\WINDOWS\system32\DRIVERS\rdbss.sys; OK

RDPCDD:C:\WINDOWS\System32\DRIVERS\RDPCDD.sys; OK

rdpdr:C:\WINDOWS\system32\DRIVERS\rdpdr.sys; OK

RDSessMgr:C:\WINDOWS\system32\sessmgr.exe; OK

redbook:C:\WINDOWS\system32\DRIVERS\redbook.sys; OK

RemoteAccess:C:\WINDOWS\System32\mprdim.dll; OK

RemoteRegistry:C:\WINDOWS\system32\regsvc.dll; OK

RpcLocator:C:\WINDOWS\system32\locator.exe; OK

RpcSs:C:\WINDOWS\System32\rpcss.dll; OK

RSVP:C:\WINDOWS\system32\rsvp.exe; OK

S3SAVAGE4M:C:\WINDOWS\system32\DRIVERS\s3sav4m.sys; OK

s916bus:C:\WINDOWS\system32\DRIVERS\s916bus.sys; OK

s916mdfl:C:\WINDOWS\system32\DRIVERS\s916mdfl.sys; OK

s916mdm:C:\WINDOWS\system32\DRIVERS\s916mdm.sys; OK

s916mgmt:C:\WINDOWS\system32\DRIVERS\s916mgmt.sys; OK

s916obex:C:\WINDOWS\system32\DRIVERS\s916obex.sys; OK

Schedule:C:\WINDOWS\system32\schedsvc.dll; OK

Secdrv:C:\WINDOWS\system32\DRIVERS\secdrv.sys; OK

seehcri:C:\WINDOWS\system32\DRIVERS\seehcri.sys; OK

SENS:C:\WINDOWS\system32\sens.dll; OK

serenum:C:\WINDOWS\system32\DRIVERS\serenum.sys; OK

Serial:C:\WINDOWS\system32\DRIVERS\serial.sys; OK

sfdrv01:C:\WINDOWS\System32\drivers\sfdrv01.sys; OK

sfhlp02:C:\WINDOWS\System32\drivers\sfhlp02.sys; OK

sfsync04:C:\WINDOWS\System32\drivers\sfsync04.sys; OK

SharedAccess:C:\WINDOWS\System32\ipnathlp.dll; OK

ShellHWDetection:C:\WINDOWS\System32\shsvcs.dll; OK

splitter:C:\WINDOWS\system32\drivers\splitter.sys; OK

spupdsvc:C:\WINDOWS\system32\spupdsvc.exe; OK

sr:C:\WINDOWS\system32\DRIVERS\sr.sys; OK

srservice:C:\WINDOWS\system32\srsvc.dll; OK

Srv:C:\WINDOWS\system32\DRIVERS\srv.sys; OK

SSDPSRV:C:\WINDOWS\System32\ssdpsrv.dll; OK

stisvc:C:\WINDOWS\system32\wiaservc.dll; OK

swenum:C:\WINDOWS\system32\DRIVERS\swenum.sys; OK

swmidi:C:\WINDOWS\system32\drivers\swmidi.sys; OK

SwPrv:C:\WINDOWS\system32\dllhost.exe; OK

sysaudio:C:\WINDOWS\system32\drivers\sysaudio.sys; OK

SysmonLog:C:\WINDOWS\system32\smlogsvc.exe; OK

TapiSrv:C:\WINDOWS\System32\tapisrv.dll; OK

Tcpip:C:\WINDOWS\system32\DRIVERS\tcpip.sys; OK

TermDD:C:\WINDOWS\system32\DRIVERS\termdd.sys; OK

TermService:C:\WINDOWS\System32\termsrv.dll; OK

Themes:C:\WINDOWS\System32\shsvcs.dll; OK

TlntSvr:C:\WINDOWS\system32\tlntsvr.exe; OK

TrkWks:C:\WINDOWS\system32\trkwks.dll; OK

Update:C:\WINDOWS\system32\DRIVERS\update.sys; OK

upnphost:C:\WINDOWS\System32\upnphost.dll; OK

upperdev:C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys; OK

UPS:C:\WINDOWS\System32\ups.exe; OK

usbehci:C:\WINDOWS\system32\DRIVERS\usbehci.sys; OK

usbhub:C:\WINDOWS\system32\DRIVERS\usbhub.sys; OK

usbohci:C:\WINDOWS\system32\DRIVERS\usbohci.sys; OK

usbser:C:\WINDOWS\system32\drivers\usbser.sys; OK

UsbserFilt:C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys; OK

USBSTOR:C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS; OK

VgaSave:C:\WINDOWS\System32\drivers\vga.sys; OK

VSS:C:\WINDOWS\System32\vssvc.exe; OK

W32Time:C:\WINDOWS\system32\w32time.dll; OK

Wanarp:C:\WINDOWS\system32\DRIVERS\wanarp.sys; OK

Wdf01000:C:\WINDOWS\System32\Drivers\wdf01000.sys; OK

wdmaud:C:\WINDOWS\system32\drivers\wdmaud.sys; OK

WebClient:C:\WINDOWS\System32\webclnt.dll; OK

winmgmt:C:\WINDOWS\system32\wbem\WMIsvc.dll; OK

WmdmPmSN:C:\WINDOWS\system32\MsPMSNSv.dll; OK

Wmi:C:\WINDOWS\System32\advapi32.dll; OK

WmiApSrv:C:\WINDOWS\system32\wbem\wmiapsrv.exe; OK

WpdUsb:C:\WINDOWS\system32\DRIVERS\wpdusb.sys; OK

wscsvc:C:\WINDOWS\system32\wscsvc.dll; OK

wuauserv:C:\WINDOWS\system32\wuauserv.dll; OK

WudfPf:C:\WINDOWS\system32\DRIVERS\WudfPf.sys; OK

WudfRd:C:\WINDOWS\system32\DRIVERS\wudfrd.sys; OK

WudfSvc:C:\WINDOWS\System32\WUDFSvc.dll; OK

WZCSVC:C:\WINDOWS\System32\wzcsvc.dll; OK

xmlprov:C:\WINDOWS\System32\xmlprov.dll; OK

mbr:C:\ComboFix\mbr.sys; Can't open

ACPI:C:\WINDOWS\system32\DRIVERS\ACPI.sys; OK

Adobe LM Service:C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe; OK

aec:C:\WINDOWS\system32\drivers\aec.sys; OK

AFD:C:\WINDOWS\System32\drivers\afd.sys; OK

ALCXWDM:C:\WINDOWS\system32\drivers\ALCXWDM.SYS; OK

Alerter:C:\WINDOWS\system32\alrsvc.dll; OK

ALG:C:\WINDOWS\System32\alg.exe; OK

AmdK7:C:\WINDOWS\system32\DRIVERS\amdk7.sys; OK

Application Updater:C:\Program Files\Application Updater\ApplicationUpdater.exe; OK

AppMgmt:C:\WINDOWS\System32\appmgmts.dll; OK

aswArKrn:C:\DOCUME~1\User\LOCALS~1\Temp\aswArKrn.sys; Can't open

aswFsBlk:C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys; OK

AsyncMac:C:\WINDOWS\system32\DRIVERS\asyncmac.sys; OK

atapi:C:\WINDOWS\system32\DRIVERS\atapi.sys; OK

Atmarpc:C:\WINDOWS\system32\DRIVERS\atmarpc.sys; OK

AudioSrv:C:\WINDOWS\System32\audiosrv.dll; OK

audstub:C:\WINDOWS\system32\DRIVERS\audstub.sys; OK

BITS:C:\WINDOWS\system32\qmgr.dll; OK

Browser:C:\WINDOWS\System32\browser.dll; OK

Cdrom:C:\WINDOWS\system32\DRIVERS\cdrom.sys; OK

ClipSrv:C:\WINDOWS\system32\clipsrv.exe; OK

COMSysApp:C:\WINDOWS\system32\dllhost.exe; OK

CryptSvc:C:\WINDOWS\System32\cryptsvc.dll; OK

DcomLaunch:C:\WINDOWS\system32\rpcss.dll; OK

Dhcp:C:\WINDOWS\System32\dhcpcsvc.dll; OK

Disk:C:\WINDOWS\system32\DRIVERS\disk.sys; OK

dmboot:C:\WINDOWS\System32\drivers\dmboot.sys; OK

dmio:C:\WINDOWS\System32\drivers\dmio.sys; OK

dmload:C:\WINDOWS\System32\drivers\dmload.sys; OK

dmserver:C:\WINDOWS\System32\dmserver.dll; OK

DMusic:C:\WINDOWS\system32\drivers\DMusic.sys; OK

Dnscache:C:\WINDOWS\System32\dnsrslvr.dll; OK

drmkaud:C:\WINDOWS\system32\drivers\drmkaud.sys; OK

ERSvc:C:\WINDOWS\System32\ersvc.dll; OK

EventSystem:C:\WINDOWS\system32\es.dll; OK

FastUserSwitchingCompatibility:C:\WINDOWS\System32\shsvcs.dll; OK

Fdc:C:\WINDOWS\system32\DRIVERS\fdc.sys; OK

Flpydisk:C:\WINDOWS\system32\DRIVERS\flpydisk.sys; OK

FltMgr:C:\WINDOWS\system32\DRIVERS\fltMgr.sys; OK

Ftdisk:C:\WINDOWS\system32\DRIVERS\ftdisk.sys; OK

gameenum:C:\WINDOWS\system32\DRIVERS\gameenum.sys; OK

Gpc:C:\WINDOWS\system32\DRIVERS\msgpc.sys; OK

gusvc:C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe; OK

helpsvc:C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll; OK

HidServ:C:\WINDOWS\System32\hidserv.dll; Can't open

hidusb:C:\WINDOWS\system32\DRIVERS\hidusb.sys; OK

HTTP:C:\WINDOWS\System32\Drivers\HTTP.sys; OK

HTTPFilter:C:\WINDOWS\System32\w3ssl.dll; OK

i8042prt:C:\WINDOWS\system32\DRIVERS\i8042prt.sys; OK

Imapi:C:\WINDOWS\system32\DRIVERS\imapi.sys; OK

ImapiService:C:\WINDOWS\system32\imapi.exe; OK

Ip6Fw:C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys; OK

IpFilterDriver:C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys; OK

IpInIp:C:\WINDOWS\system32\DRIVERS\ipinip.sys; OK

IpNat:C:\WINDOWS\system32\DRIVERS\ipnat.sys; OK

IPSec:C:\WINDOWS\system32\DRIVERS\ipsec.sys; OK

IRENUM:C:\WINDOWS\system32\DRIVERS\irenum.sys; OK

isapnp:C:\WINDOWS\system32\DRIVERS\isapnp.sys; OK

Kbdclass:C:\WINDOWS\system32\DRIVERS\kbdclass.sys; OK

kmixer:C:\WINDOWS\system32\drivers\kmixer.sys; OK

lanmanserver:C:\WINDOWS\System32\srvsvc.dll; OK

lanmanworkstation:C:\WINDOWS\System32\wkssvc.dll; OK

LmHosts:C:\WINDOWS\System32\lmhsvc.dll; OK

Messenger:C:\WINDOWS\System32\msgsvc.dll; OK

mirrorv3:C:\WINDOWS\system32\DRIVERS\rminiv3.sys; OK

Mouclass:C:\WINDOWS\system32\DRIVERS\mouclass.sys; OK

mouhid:C:\WINDOWS\system32\DRIVERS\mouhid.sys; OK

MRxDAV:C:\WINDOWS\system32\DRIVERS\mrxdav.sys; OK

MRxSmb:C:\WINDOWS\system32\DRIVERS\mrxsmb.sys; OK

MSDTC:C:\WINDOWS\system32\msdtc.exe; OK

MSKSSRV:C:\WINDOWS\system32\drivers\MSKSSRV.sys; OK

MSPCLOCK:C:\WINDOWS\system32\drivers\MSPCLOCK.sys; OK

MSPQM:C:\WINDOWS\system32\drivers\MSPQM.sys; OK

mssmbios:C:\WINDOWS\system32\DRIVERS\mssmbios.sys; OK

ms_mpu401:C:\WINDOWS\system32\drivers\msmpu401.sys; OK

NdisTapi:C:\WINDOWS\system32\DRIVERS\ndistapi.sys; OK

Ndisuio:C:\WINDOWS\system32\DRIVERS\ndisuio.sys; OK

NdisWan:C:\WINDOWS\system32\DRIVERS\ndiswan.sys; OK

NetBIOS:C:\WINDOWS\system32\DRIVERS\netbios.sys; OK

NetBT:C:\WINDOWS\system32\DRIVERS\netbt.sys; OK

Nla:C:\WINDOWS\System32\mswsock.dll; OK

nmwcd:C:\WINDOWS\system32\drivers\ccdcmb.sys; OK

nmwcdc:C:\WINDOWS\system32\drivers\ccdcmbo.sys; OK

NtmsSvc:C:\WINDOWS\system32\ntmssvc.dll; OK

nv:C:\WINDOWS\system32\DRIVERS\nv4_mini.sys; OK

NVENET:C:\WINDOWS\system32\DRIVERS\NVENET.sys; OK

NVSvc:C:\WINDOWS\system32\nvsvc32.exe; OK

nv_agp:C:\WINDOWS\system32\DRIVERS\nv_agp.sys; OK

NwlnkFlt:C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys; OK

NwlnkFwd:C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys; OK

ose:C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE; OK

Parport:C:\WINDOWS\system32\DRIVERS\parport.sys; OK

pccsmcfd:C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys; OK

PCI:C:\WINDOWS\system32\DRIVERS\pci.sys; OK

PCIIde:C:\WINDOWS\system32\DRIVERS\pciide.sys; OK

pfc:C:\WINDOWS\system32\drivers\pfc.sys; OK

PptpMiniport:C:\WINDOWS\system32\DRIVERS\raspptp.sys; OK

PSched:C:\WINDOWS\system32\DRIVERS\psched.sys; OK

Ptilink:C:\WINDOWS\system32\DRIVERS\ptilink.sys; OK

PxHelp20:C:\WINDOWS\System32\Drivers\PxHelp20.sys; OK

raddrvv3:C:\WINDOWS\system32\rserver30\raddrvv3.sys; Can't open

RasAcd:C:\WINDOWS\system32\DRIVERS\rasacd.sys; OK

RasAuto:C:\WINDOWS\System32\rasauto.dll; OK

Rasl2tp:C:\WINDOWS\system32\DRIVERS\rasl2tp.sys; OK

RasMan:C:\WINDOWS\System32\rasmans.dll; OK

RasPppoe:C:\WINDOWS\system32\DRIVERS\raspppoe.sys; OK

Raspti:C:\WINDOWS\system32\DRIVERS\raspti.sys; OK

Rdbss:C:\WINDOWS\system32\DRIVERS\rdbss.sys; OK

RDPCDD:C:\WINDOWS\System32\DRIVERS\RDPCDD.sys; OK

rdpdr:C:\WINDOWS\system32\DRIVERS\rdpdr.sys; OK

RDSessMgr:C:\WINDOWS\system32\sessmgr.exe; OK

redbook:C:\WINDOWS\system32\DRIVERS\redbook.sys; OK

RemoteAccess:C:\WINDOWS\System32\mprdim.dll; OK

RemoteRegistry:C:\WINDOWS\system32\regsvc.dll; OK

RpcLocator:C:\WINDOWS\system32\locator.exe; OK

RpcSs:C:\WINDOWS\system32\rpcss.dll; OK

RSVP:C:\WINDOWS\system32\rsvp.exe; OK

S3SAVAGE4M:C:\WINDOWS\system32\DRIVERS\s3sav4m.sys; OK

s916bus:C:\WINDOWS\system32\DRIVERS\s916bus.sys; OK

s916mdfl:C:\WINDOWS\system32\DRIVERS\s916mdfl.sys; OK

s916mdm:C:\WINDOWS\system32\DRIVERS\s916mdm.sys; OK

s916mgmt:C:\WINDOWS\system32\DRIVERS\s916mgmt.sys; OK

s916obex:C:\WINDOWS\system32\DRIVERS\s916obex.sys; OK

Schedule:C:\WINDOWS\system32\schedsvc.dll; OK

Secdrv:C:\WINDOWS\system32\DRIVERS\secdrv.sys; OK

seehcri:C:\WINDOWS\system32\DRIVERS\seehcri.sys; OK

SENS:C:\WINDOWS\system32\sens.dll; OK

serenum:C:\WINDOWS\system32\DRIVERS\serenum.sys; OK

Serial:C:\WINDOWS\system32\DRIVERS\serial.sys; OK

sfdrv01:C:\WINDOWS\System32\drivers\sfdrv01.sys; OK

sfhlp02:C:\WINDOWS\System32\drivers\sfhlp02.sys; OK

sfsync04:C:\WINDOWS\System32\drivers\sfsync04.sys; OK

SharedAccess:C:\WINDOWS\System32\ipnathlp.dll; OK

ShellHWDetection:C:\WINDOWS\System32\shsvcs.dll; OK

splitter:C:\WINDOWS\system32\drivers\splitter.sys; OK

spupdsvc:C:\WINDOWS\system32\spupdsvc.exe; OK

sr:C:\WINDOWS\system32\DRIVERS\sr.sys; OK

srservice:C:\WINDOWS\system32\srsvc.dll; OK

Srv:C:\WINDOWS\system32\DRIVERS\srv.sys; OK

SSDPSRV:C:\WINDOWS\System32\ssdpsrv.dll; OK

stisvc:C:\WINDOWS\system32\wiaservc.dll; OK

swenum:C:\WINDOWS\system32\DRIVERS\swenum.sys; OK

swmidi:C:\WINDOWS\system32\drivers\swmidi.sys; OK

SwPrv:C:\WINDOWS\system32\dllhost.exe; OK

sysaudio:C:\WINDOWS\system32\drivers\sysaudio.sys; OK

SysmonLog:C:\WINDOWS\system32\smlogsvc.exe; OK

TapiSrv:C:\WINDOWS\System32\tapisrv.dll; OK

Tcpip:C:\WINDOWS\system32\DRIVERS\tcpip.sys; OK

TermDD:C:\WINDOWS\system32\DRIVERS\termdd.sys; OK

TermService:C:\WINDOWS\System32\termsrv.dll; OK

Themes:C:\WINDOWS\System32\shsvcs.dll; OK

TlntSvr:C:\WINDOWS\system32\tlntsvr.exe; OK

TrkWks:C:\WINDOWS\system32\trkwks.dll; OK

UnlockerDriver5:D:\PrOgrAmI\programi\unlocker\UnlockerDriver5.sys; OK

Update:C:\WINDOWS\system32\DRIVERS\update.sys; OK

upnphost:C:\WINDOWS\System32\upnphost.dll; OK

upperdev:C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys; OK

UPS:C:\WINDOWS\System32\ups.exe; OK

usbehci:C:\WINDOWS\system32\DRIVERS\usbehci.sys; OK

usbhub:C:\WINDOWS\system32\DRIVERS\usbhub.sys; OK

usbohci:C:\WINDOWS\system32\DRIVERS\usbohci.sys; OK

usbser:C:\WINDOWS\system32\drivers\usbser.sys; OK

UsbserFilt:C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys; OK

USBSTOR:C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS; OK

VgaSave:C:\WINDOWS\System32\drivers\vga.sys; OK

VSS:C:\WINDOWS\System32\vssvc.exe; OK

W32Time:C:\WINDOWS\system32\w32time.dll; OK

Wanarp:C:\WINDOWS\system32\DRIVERS\wanarp.sys; OK

Wdf01000:C:\WINDOWS\System32\Drivers\wdf01000.sys; OK

wdmaud:C:\WINDOWS\system32\drivers\wdmaud.sys; OK

WebClient:C:\WINDOWS\System32\webclnt.dll; OK

winmgmt:C:\WINDOWS\system32\wbem\WMIsvc.dll; OK

WmdmPmSN:C:\WINDOWS\system32\MsPMSNSv.dll; OK

Wmi:C:\WINDOWS\System32\advapi32.dll; OK

WmiApSrv:C:\WINDOWS\system32\wbem\wmiapsrv.exe; OK

WpdUsb:C:\WINDOWS\system32\DRIVERS\wpdusb.sys; OK

wscsvc:C:\WINDOWS\system32\wscsvc.dll; OK

wuauserv:C:\WINDOWS\system32\wuauserv.dll; OK

WudfPf:C:\WINDOWS\system32\DRIVERS\WudfPf.sys; OK

WudfRd:C:\WINDOWS\system32\DRIVERS\wudfrd.sys; OK

WudfSvc:C:\WINDOWS\System32\WUDFSvc.dll; OK

WZCSVC:C:\WINDOWS\System32\wzcsvc.dll; OK

xmlprov:C:\WINDOWS\System32\xmlprov.dll; OK

Work complete.;

-----------

avast! Antirootkit, version 0.9.6

Scan started: 23 Август 2011 г. 18:05:55

Scan finished: 23 Август 2011 г. 18:08:18

Hidden files found: 0

Hidden registry items found: 0

Hidden processes found: 0

Hidden services found: 0

Hidden boot sectors found: 0

----------

За радмина нямам спомен да съм го инсталирал защото не знам за какво служи.. / uninstall-нах го

Отговорете и на въпроса дали след като сте изтрили намерените неща с avast! (Който незнайно защо не искате да обновите до версия 6) дали avast! продължава да намира същите обекти.

Да 2 вируса намира постоянно win32:rootkit-gen [Rtk] ; win32:Confi [Wrm] Отначало ги местех в клетката и от там ги триех ама след това почнах само триене. Скоро друг вирус не съм фащал или поне антивирусната не е засичала.Интересното е че като не се прави нищо на компа защото аз го оставам вкл постоянно нищо не намира а като вляза да играя ЦС-че или като гледам филм тогава антивирусната почва да пищи през 10 мин което е адски изнервящо.

B-boy/StyLe/ · Август 28, 2011

Извинявам се за забавянето, но бях възпрепятстван.

Честно казано нито TDSSKiller-a е открил нещо подозрително (sptd е легитимен драйвър на Daemon Tools), нито програмата за премахване на AVG за Conficker - Win32/Downadup е намерила нещо, нито антирууткит програмата на avast! (който е базиран на GMER)...В лога на Combofix се виждат някои неща, които могат да бъдат поправени, но пак нищо съмнително като цяло. Може би MBR е заразен, макар да няма индикации затова в момента.

Да пробваме да имунизираме системата срещу Conficker:

1. Ваксинирайте машината с Panda USB Vaccine

(изтеглете и стартирайте приложението и натиснете Vaccinate computer).

2. Изтеглете и инсталирайте Service Pack 3

+ следните 3 кръпки: KB958687, KB957097, KB958644.

Рестартирайте машината.

3. Отворете Start => run => напишете => services.msc => намерете от списъка => Server => двукратен клик => Stop => и от Startup type => посочете => Disabled.

Сега вече:

Моля, изтеглете aswMBR и го запазете на вашия десктоп.

Кликнете с двоен клин на мишката върху файла aswMBR.exe за да го стартирате.
Изчакайте да изтегли дефинициите на avast!
От падащото меню посочете дял C:\ както е на снимката:

http://img843.imageshack.us/img843/9021/unledyfm.png

Изберете Scan бутона, за да започне проверката.
Когато проверката завърши, натиснете бутона save log, запазете съдържанието на лог файла на десктопа и публикувайте съдържанието му в следващия си коментар.

Август 28, 2011

.....
Честно казано нито TDSSKiller-a е открил нещо подозрително (sptd е легитимен драйвър на Daemon Tools), нито програмата за премахване на AVG за Conficker - Win32/Downadup е намерила нещо, нито антирууткит програмата на avast! (който е базиран на GMER)...В лога на Combofix се виждат някои неща, които могат да бъдат поправени, но пак нищо съмнително като цяло.

Честно казано против Rootkit добра работа върши TDSSKiller, защо е точно за това ...и защо не, да се пробва с инструментчето на avast, което е базирано на GMER?

Честно казано против Conficker се дава инструментче против него, в случая AVG-инструментче, ако става въпрос и най-обикновения Microsoft Windows Malicious Software Removal Tool (MRT) го премахва.

Може би MBR е заразен, макар да няма индикации затова в момента.

Честно казано е крайно време "пациента" да си махне avast 4.8, който очевАДНО не му върши работа, иначе е добра идея да се fix-не master boot record-а.

Проблем с несъществуващи вируси при Avast 4.8

Препоръчан пост

Link to comment

Сподели другаде

Link to comment

Сподели другаде

Link to comment

Сподели другаде

Гост newnickname

Link to comment

Сподели другаде

Link to comment

Сподели другаде

Link to comment

Сподели другаде

Гост newnickname

Link to comment

Сподели другаде

Гост newnickname

Link to comment

Сподели другаде

Link to comment

Сподели другаде

Link to comment

Сподели другаде

Link to comment

Сподели другаде

Link to comment

Сподели другаде

Link to comment

Сподели другаде

Link to comment

Сподели другаде

Гост newnickname

Link to comment

Сподели другаде

Join the conversation