Facebook vir - s RSIT logem

Zpráva

furij · #1 Příspěvek od **furij** » 22 srp 2011 11:51

Zdravím a prosím o pomoc. Předem děkuji

Logfile of random's system information tool 1.09 (written by random/random)
Run by pablos at 2011-08-22 12:47:24
Microsoft Windows 7 Ultimate
System drive E: has 7 GB (16%) free of 45 GB
Total RAM: 3072 MB (71% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:47:31, on 22.8.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16839)
Boot mode: Normal

Running processes:
E:\Windows\system32\Dwm.exe
E:\Windows\system32\taskhost.exe
E:\Windows\Explorer.EXE
E:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
E:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
E:\Program Files\Logitech\SetPointP\SetPoint.exe
E:\Program Files\Logitech\Gaming Software\LWEMon.exe
E:\Windows\WindowsMobile\wmdc.exe
E:\Program Files\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe
E:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
E:\Windows\System32\CtHelper.exe
E:\Windows\sysdriver32.exe
E:\Windows\sysdriver32_.exe
E:\Windows\systemup.exe
E:\Windows\update.tray-15-0\svchost.exe
E:\Program Files\Windows Sidebar\sidebar.exe
E:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
E:\Program Files\Opera\opera.exe
E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
E:\Users\Administrator\AppData\Local\Opera\Opera\temporary_downloads\RSIT.exe
E:\Program Files\trend micro\pablos.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - E:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - E:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - E:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [BCSSync] "E:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [ArcSoft Connection Service] E:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [StartCCC] "E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [EvtMgr6] E:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [Start WingMan Profiler] E:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [SAOB Monitor] E:\Program Files\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe
O4 - HKLM\..\Run: [TrueImageMonitor.exe] "E:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [Služba Acronis Scheduler2] "E:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [379341.exe] "E:\Users\Administrator\AppData\Local\temp\379341.exe"
O4 - HKLM\..\Run: [sysdriver32.exe] "E:\Windows\sysdriver32.exe" rezerv
O4 - HKLM\..\Run: [sysdriver32_.exe] "E:\Windows\sysdriver32_.exe" rezerv
O4 - HKLM\..\Run: [systemup] "E:\Windows\systemup.exe" stand
O4 - HKLM\..\Run: [wxpdrv] E:\Windows\services32.exe
O4 - HKLM\..\Run: [tray_ico0] E:\Windows\update.tray-15-0\svchost.exe
O4 - HKCU\..\Run: [Sidebar] E:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Infium] "E:\Program Files\QIP 2010\qip.exe" /autorun
O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~1\MIF5BA~1\OFFICE~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://E:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - E:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - E:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @E:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - E:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @E:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: e:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: e:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {3FC80F5C-946D-430E-A650-6457CA9AD031} (WebCamX Control) - http://10.10.130.15:81/WebCamX.cab
O16 - DPF: {7B40618E-CC3D-4E7C-800A-E0306DD8BD48} (AMCCtrl Class) - http://10.10.54.40:8080/AVC_AX_757.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - E:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Služba Acronis Scheduler2 (AcrSch2Svc) - Acronis - E:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Služba Acronis Nonstop Backup (afcdpsrv) - Acronis - E:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: AMD External Events Utility - AMD - E:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - E:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AMD Reservation Manager - Advanced Micro Devices - E:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - E:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - E:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: ddservice - Unknown owner - E:\Windows\update.7.1\svchostdriver.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - Unknown owner - E:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (file missing)
O23 - Service: Eset Service (ekrn) - Unknown owner - E:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - E:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - E:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: KMService - Unknown owner - E:\Windows\system32\srvany.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - E:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Acronis OS Selector activator (OS Selector) - Unknown owner - E:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe
O23 - Service: srvsysdriver32 - Unknown owner - E:\Windows\sysdriver32.exe
O23 - Service: Steam Client Service - Valve Corporation - E:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - E:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - E:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 8758 bytes

======Scheduled tasks folder======

E:\Windows\tasks\GoogleUpdateTaskMachineCore.job
E:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - E:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\hadl7b3u.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.ceskenoviny.cz/"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13"
prefs.js - "keyword.URL" - "http://vshare.toolbarhome.com/search.aspx?srch=ku&q="

"{27182e60-b5f3-411c-b545-b44205977502}"=E:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=E:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=E:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=E:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=E:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeLive,version=1.4]
"Description"=Office Live Update v1.4
"Path"=E:\Program Files\Microsoft\Office Live\npOLW.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=E:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709]
"Description"=WLPG Install MIME type
"Path"=E:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=E:\Program Files\Real Alternative\browser\plugins\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448]
"Description"=6.0.12.448
"Path"=E:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=E:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=E:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll

E:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

E:\Program Files\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsIQTScriptablePlugin.xpt
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

E:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeploytk.dll
npnul32.dll
NPOFF12.DLL
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

E:\Program Files\Mozilla Firefox\searchplugins\
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

E:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\hadl7b3u.default\searchplugins\
web-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - E:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-05-14 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - E:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - E:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - E:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - E:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - E:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=E:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"ArcSoft Connection Service"=E:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"StartCCC"=E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-01-04 336384]
"EvtMgr6"=E:\Program Files\Logitech\SetPointP\SetPoint.exe [2010-10-29 1352272]
"Start WingMan Profiler"=E:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-14 153672]
"Windows Mobile Device Center"=E:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072]
"SAOB Monitor"=E:\Program Files\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe [2010-09-02 2536752]
"TrueImageMonitor.exe"=E:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [2010-09-23 5502312]
"Služba Acronis Scheduler2"=E:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [2010-09-23 391144]
"CTxfiHlp"=E:\Windows\system32\CTXFIHLP.EXE [2007-04-09 19968]
"CTHelper"=E:\Windows\system32\CTHELPER.EXE [2010-03-18 19456]
"379341.exe"=E:\Users\Administrator\AppData\Local\temp\379341.exe [2011-08-22 258048]
"sysdriver32.exe"=E:\Windows\sysdriver32.exe [2011-08-22 258048]
"sysdriver32_.exe"=E:\Windows\sysdriver32_.exe [2011-08-22 258048]
"systemup"=E:\Windows\systemup.exe [2011-08-22 139776]
"wxpdrv"=E:\Windows\services32.exe []
"tray_ico"= []
"tray_ico0"=E:\Windows\update.tray-15-0\svchost.exe [2011-08-22 1213440]
"tray_ico1"= []
"tray_ico2"= []
"tray_ico3"= []
"tray_ico4"= []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=E:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]
"Infium"=E:\Program Files\QIP 2010\qip.exe [2011-07-18 6812032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
E:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
E:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2005-08-11 249856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
E:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-08-11 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ScanSoft OmniPage 16-reminder]
E:\Program Files\ScanSoft\OmniPage16\Ereg\Ereg.exe [2007-07-20 328992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
E:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
e:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2010-10-28 64592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - E:\Windows\system32\webcheck.dll [2009-07-14 229376]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\wxpdrivers]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableSecureUIAPaths"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"E:\Windows\update.tray-2-0-lnk\svchost.exe"="E:\Windows\update.tray-2-0-lnk\svchost.exe:*:Enabled:E:\Windows\update.tray-2-0-lnk\svchost.exe"
"E:\Windows\update.1\svchost.exe"="E:\Windows\update.1\svchost.exe:*:Enabled:E:\Windows\update.1\svchost.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=E:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"msacm.siren"=sirenacm.dll
"vidc.ffds"=E:\PROGRA~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll
"MSVideo8"=VfWWDM32.dll
"vidc.tscc"=tsccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.divxa32"=msaud32_divx.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"wave4"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave6"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv

======File associations======

.js - edit - E:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2011-08-22 12:44:18 ----HD---- E:\Windows\update.1
2011-08-22 12:44:17 ----HD---- E:\Windows\update.tray-15-0-lnk
2011-08-22 12:44:17 ----HD---- E:\Windows\update.tray-15-0
2011-08-22 12:42:05 ----A---- E:\Windows\winlog-ids.txt
2011-08-22 12:42:05 ----A---- E:\Windows\winlog-dirs.txt
2011-08-22 12:40:46 ----A---- E:\Windows\systemup.exe
2011-08-22 12:39:36 ----A---- E:\Windows\iplist.txt
2011-08-22 12:39:30 ----A---- E:\Windows\sysdriver32_.exe
2011-08-22 12:39:16 ----A---- E:\Windows\sysdriver32.exe
2011-08-22 12:38:57 ----A---- E:\Windows\front_ip_list.txt
2011-08-22 12:35:25 ----A---- E:\ComboFix.txt
2011-08-22 12:34:25 ----SHD---- E:\$RECYCLE.BIN
2011-08-22 12:25:47 ----D---- E:\ComboFix
2011-08-22 11:56:27 ----ASH---- E:\pagefile.sys
2011-08-22 11:01:05 ----A---- E:\Windows\zip.exe
2011-08-22 11:01:05 ----A---- E:\Windows\SWSC.exe
2011-08-22 11:01:05 ----A---- E:\Windows\SWREG.exe
2011-08-22 11:01:05 ----A---- E:\Windows\sed.exe
2011-08-22 11:01:05 ----A---- E:\Windows\PEV.exe
2011-08-22 11:01:05 ----A---- E:\Windows\NIRCMD.exe
2011-08-22 11:01:05 ----A---- E:\Windows\MBR.exe
2011-08-22 11:01:05 ----A---- E:\Windows\grep.exe
2011-08-22 11:00:57 ----D---- E:\Windows\ERDNT
2011-08-22 11:00:51 ----D---- E:\Qoobox
2011-08-22 10:56:19 ----D---- E:\Users\Administrator\AppData\Roaming\Malwarebytes
2011-08-22 10:56:12 ----D---- E:\ProgramData\Malwarebytes
2011-08-22 10:56:12 ----A---- E:\Windows\system32\drivers\mbamswissarmy.sys
2011-08-22 10:56:09 ----D---- E:\Program Files\Malwarebytes' Anti-Malware
2011-08-22 10:56:09 ----A---- E:\Windows\system32\drivers\mbam.sys
2011-08-22 10:40:25 ----D---- E:\Program Files\trend micro
2011-08-22 10:40:24 ----D---- E:\rsit
2011-08-22 10:37:02 ----A---- E:\Windows\system32\iertutil.dll
2011-08-22 10:37:02 ----A---- E:\Windows\system32\ieframe.dll
2011-08-22 10:37:01 ----A---- E:\Windows\system32\mshtml.dll
2011-08-22 10:37:00 ----A---- E:\Windows\system32\urlmon.dll
2011-08-22 10:36:59 ----A---- E:\Windows\system32\wininet.dll
2011-08-22 10:36:59 ----A---- E:\Windows\system32\url.dll
2011-08-22 10:36:59 ----A---- E:\Windows\system32\mstime.dll
2011-08-22 10:36:59 ----A---- E:\Windows\system32\mshtmled.dll
2011-08-22 10:36:59 ----A---- E:\Windows\system32\msfeedsbs.dll
2011-08-22 10:36:59 ----A---- E:\Windows\system32\msfeeds.dll
2011-08-22 10:36:59 ----A---- E:\Windows\system32\licmgr10.dll
2011-08-22 10:36:59 ----A---- E:\Windows\system32\ieui.dll
2011-08-22 10:36:59 ----A---- E:\Windows\system32\iepeers.dll
2011-08-22 10:36:59 ----A---- E:\Windows\system32\iedkcs32.dll
2011-08-22 10:36:58 ----A---- E:\Windows\system32\msfeedssync.exe
2011-08-22 10:36:58 ----A---- E:\Windows\system32\jsproxy.dll
2011-08-22 10:36:55 ----A---- E:\Windows\system32\esent.dll
2011-08-22 10:36:55 ----A---- E:\Windows\system32\drivers\storport.sys
2011-08-22 10:36:55 ----A---- E:\Windows\system32\drivers\nvstor.sys
2011-08-22 10:36:55 ----A---- E:\Windows\system32\drivers\nvraid.sys
2011-08-22 10:36:55 ----A---- E:\Windows\system32\drivers\ntfs.sys
2011-08-22 10:36:55 ----A---- E:\Windows\system32\drivers\amdsata.sys
2011-08-22 10:36:54 ----A---- E:\Windows\system32\fsutil.exe
2011-08-22 10:36:54 ----A---- E:\Windows\system32\drivers\USBSTOR.SYS
2011-08-22 10:36:54 ----A---- E:\Windows\system32\drivers\iaStorV.sys
2011-08-22 10:36:54 ----A---- E:\Windows\system32\drivers\amdxata.sys
2011-08-22 10:36:52 ----A---- E:\Windows\system32\drivers\tcpip.sys
2011-08-22 10:36:37 ----A---- E:\Windows\system32\drivers\mrxsmb10.sys
2011-08-22 10:36:36 ----A---- E:\Windows\system32\drivers\bthport.sys
2011-08-22 10:36:35 ----A---- E:\Windows\system32\drivers\BTHUSB.SYS
2011-08-22 10:36:34 ----A---- E:\Windows\system32\ntoskrnl.exe
2011-08-22 10:36:34 ----A---- E:\Windows\system32\ntkrnlpa.exe
2011-08-22 10:36:32 ----A---- E:\Windows\system32\drivers\usbuhci.sys
2011-08-22 10:36:32 ----A---- E:\Windows\system32\drivers\usbport.sys
2011-08-22 10:36:32 ----A---- E:\Windows\system32\drivers\usbohci.sys
2011-08-22 10:36:32 ----A---- E:\Windows\system32\drivers\usbhub.sys
2011-08-22 10:36:32 ----A---- E:\Windows\system32\drivers\usbehci.sys
2011-08-22 10:36:32 ----A---- E:\Windows\system32\drivers\usbd.sys
2011-08-22 10:36:32 ----A---- E:\Windows\system32\drivers\usbccgp.sys
2011-08-22 10:36:31 ----A---- E:\Windows\system32\xmllite.dll
2011-08-22 10:36:18 ----AH---- E:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-08-22 10:36:18 ----AH---- E:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-08-22 10:36:18 ----AH---- E:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-08-22 10:36:18 ----AH---- E:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-08-22 10:36:18 ----AH---- E:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-08-22 10:36:18 ----AH---- E:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-08-22 10:36:18 ----AH---- E:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-08-22 10:36:18 ----AH---- E:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-08-22 10:36:18 ----AH---- E:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-08-22 10:36:18 ----AH---- E:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-08-22 10:36:18 ----AH---- E:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-08-22 10:36:18 ----AH---- E:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-08-22 10:36:18 ----AH---- E:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-08-22 10:36:18 ----AH---- E:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-08-22 10:36:18 ----AH---- E:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-08-22 10:36:18 ----AH---- E:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-08-22 10:36:18 ----AH---- E:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-08-22 10:36:18 ----AH---- E:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-08-22 10:36:18 ----AH---- E:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-08-22 10:36:18 ----AH---- E:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-08-22 10:36:18 ----AH---- E:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-08-22 10:36:18 ----AH---- E:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-08-22 10:36:18 ----AH---- E:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-08-22 10:36:18 ----AH---- E:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-08-22 10:36:18 ----AH---- E:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-08-22 10:36:18 ----A---- E:\Windows\system32\winsrv.dll
2011-08-22 10:36:18 ----A---- E:\Windows\system32\KernelBase.dll
2011-08-22 10:36:18 ----A---- E:\Windows\system32\kernel32.dll
2011-08-22 10:36:18 ----A---- E:\Windows\system32\conhost.exe
2011-08-22 10:36:17 ----AH---- E:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-08-22 10:36:17 ----AH---- E:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-08-22 10:36:17 ----AH---- E:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-08-22 10:35:51 ----A---- E:\Windows\system32\odbctrac.dll
2011-08-22 10:35:51 ----A---- E:\Windows\system32\odbcjt32.dll
2011-08-22 10:35:51 ----A---- E:\Windows\system32\odbccu32.dll
2011-08-22 10:35:51 ----A---- E:\Windows\system32\odbccr32.dll
2011-08-22 10:35:51 ----A---- E:\Windows\system32\odbccp32.dll
2011-08-22 10:32:40 ----D---- E:\Windows\ufa
2011-08-22 10:32:39 ----HD---- E:\Windows\update.7.1
2011-08-22 10:30:55 ----A---- E:\Windows\unrar.exe
2011-08-22 10:18:55 ----D---- E:\Windows\av_ico
2011-08-22 10:15:37 ----HD---- E:\Windows\update.tray-2-0-lnk
2011-08-22 10:15:37 ----HD---- E:\Windows\update.tray-2-0
2011-08-22 10:15:05 ----A---- E:\Windows\ntbtlog.txt
2011-08-01 14:51:46 ----A---- E:\Windows\system32\umpnpmgr.dll
2011-08-01 14:51:11 ----A---- E:\Windows\system32\tquery.dll
2011-08-01 14:51:11 ----A---- E:\Windows\system32\mssrch.dll
2011-08-01 14:51:10 ----A---- E:\Windows\system32\SearchIndexer.exe
2011-08-01 14:51:10 ----A---- E:\Windows\system32\mssvp.dll
2011-08-01 14:51:09 ----A---- E:\Windows\system32\SearchProtocolHost.exe
2011-08-01 14:51:09 ----A---- E:\Windows\system32\SearchFilterHost.exe
2011-08-01 14:51:09 ----A---- E:\Windows\system32\mssphtb.dll
2011-08-01 14:51:09 ----A---- E:\Windows\system32\mssph.dll
2011-08-01 14:51:09 ----A---- E:\Windows\system32\msscntrs.dll
2011-08-01 14:51:07 ----A---- E:\Windows\system32\win32k.sys
2011-08-01 14:50:03 ----A---- E:\Windows\system32\poqexec.exe

======List of files/folders modified in the last 1 month======

2011-08-22 20:28:12 ----D---- E:\Windows\system32\wfp
2011-08-22 20:28:11 ----D---- E:\Windows\system32\wbem
2011-08-22 20:28:11 ----D---- E:\Windows\registration
2011-08-22 12:47:22 ----D---- E:\Windows\Temp
2011-08-22 12:46:33 ----A---- E:\Windows\system32\Notepad2.ini
2011-08-22 12:45:44 ----D---- E:\Program Files\QIP 2010
2011-08-22 12:44:18 ----D---- E:\Windows
2011-08-22 12:33:33 ----A---- E:\Windows\system.ini
2011-08-22 12:30:19 ----D---- E:\Windows\system32\drivers
2011-08-22 12:30:19 ----D---- E:\Windows\System32
2011-08-22 12:30:19 ----D---- E:\Windows\AppPatch
2011-08-22 12:30:17 ----D---- E:\Program Files\Common Files
2011-08-22 12:25:58 ----SHD---- E:\System Volume Information
2011-08-22 12:21:18 ----RSD---- E:\Windows\assembly
2011-08-22 12:21:18 ----D---- E:\Windows\Microsoft.NET
2011-08-22 12:10:58 ----D---- E:\Windows\system32\config
2011-08-22 12:10:36 ----D---- E:\Windows\system32\drivers\etc
2011-08-22 12:03:42 ----D---- E:\Windows\inf
2011-08-22 12:03:42 ----A---- E:\Windows\system32\PerfStringBackup.INI
2011-08-22 12:00:11 ----A---- E:\Windows\{00000001-00000000-00000007-00001102-00000004-20021102}.BAK
2011-08-22 11:57:07 ----D---- E:\Windows\winsxs
2011-08-22 11:54:57 ----D---- E:\Windows\system32\en-US
2011-08-22 11:54:57 ----D---- E:\Windows\system32\cs-CZ
2011-08-22 11:54:56 ----D---- E:\Windows\system32\migration
2011-08-22 11:54:56 ----D---- E:\Windows\system32\DriverStore
2011-08-22 11:54:56 ----D---- E:\Program Files\Internet Explorer
2011-08-22 11:19:46 ----D---- E:\Windows\system32\catroot2
2011-08-22 11:10:26 ----D---- E:\Program Files\Mozilla Thunderbird
2011-08-22 10:56:12 ----D---- E:\ProgramData
2011-08-22 10:56:09 ----D---- E:\Program Files
2011-08-22 10:54:11 ----D---- E:\Windows\system32\Tasks
2011-08-22 10:48:04 ----SHD---- E:\Windows\Installer
2011-08-22 10:48:04 ----D---- E:\ProgramData\Microsoft Help
2011-08-22 10:48:04 ----D---- E:\Config.Msi
2011-08-22 10:46:46 ----D---- E:\Windows\system32\catroot
2011-08-22 10:40:51 ----A---- E:\Windows\system32\MRT.exe
2011-08-22 10:22:14 ----D---- E:\Windows\Prefetch
2011-08-21 23:00:19 ----D---- E:\Users\Administrator\AppData\Roaming\Skype
2011-08-21 21:15:49 ----D---- E:\Users\Administrator\AppData\Roaming\skypePM
2011-08-21 10:45:27 ----D---- E:\Program Files\Mozilla Firefox
2011-08-09 10:13:28 ----D---- E:\Users\Administrator\AppData\Roaming\FreeCall
2011-08-01 20:40:53 ----RSD---- E:\Windows\Fonts
2011-08-01 09:13:18 ----D---- E:\Program Files\Google

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; E:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; E:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 snapman;Acronis Snapshots Manager; E:\Windows\system32\DRIVERS\snapman.sys [2011-06-13 170464]
R0 sptd;sptd; E:\Windows\System32\Drivers\sptd.sys [2009-09-15 721904]
R0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273); E:\Windows\system32\DRIVERS\tdrpm273.sys [2011-06-13 752128]
R0 timounter;Acronis Backup Archive Explorer; E:\Windows\system32\DRIVERS\timntr.sys [2011-06-13 600928]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; E:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-06-13 218688]
R1 easdrv;easdrv; E:\Windows\system32\DRIVERS\easdrv.sys [2009-10-07 54184]
R1 epfwtdir;epfwtdir; E:\Windows\system32\DRIVERS\epfwtdir.sys [2009-10-07 35168]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\E:\Program Files\UltraISO\drivers\ISODrive.sys [2008-05-24 73728]
R1 vwififlt;Virtual WiFi Filter Driver; E:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 eamon;EAMON; E:\Windows\system32\DRIVERS\eamon.sys [2009-10-07 40824]
R2 Parvdm;Parvdm; E:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 afcdp;afcdp; E:\Windows\system32\DRIVERS\afcdp.sys [2011-06-13 163232]
R3 amdiox86;AMD IO Driver; E:\Windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
R3 amdkmdag;amdkmdag; E:\Windows\system32\DRIVERS\atikmdag.sys [2011-01-05 6789120]
R3 amdkmdap;amdkmdap; E:\Windows\system32\DRIVERS\atikmpag.sys [2011-01-05 235520]
R3 COMMONFX.SYS;COMMONFX.SYS; E:\Windows\System32\drivers\COMMONFX.SYS [2010-03-18 99416]
R3 ctac32k;Creative AC3 Software Decoder; E:\Windows\system32\drivers\ctac32k.sys [2010-03-18 511064]
R3 ctaud2k;Creative Audio Driver (WDM); E:\Windows\system32\drivers\ctaud2k.sys [2010-03-18 528472]
R3 CTAUDFX.SYS;CTAUDFX.SYS; E:\Windows\System32\drivers\CTAUDFX.SYS [2010-03-18 555096]
R3 ctprxy2k;Creative Proxy Driver; E:\Windows\system32\drivers\ctprxy2k.sys [2010-03-18 14424]
R3 CTSBLFX.SYS;CTSBLFX.SYS; E:\Windows\System32\drivers\CTSBLFX.SYS [2010-03-18 566360]
R3 ctsfm2k;Creative SoundFont Management Device Driver; E:\Windows\system32\drivers\ctsfm2k.sys [2010-03-18 157272]
R3 emupia;E-mu Plug-in Architecture Driver; E:\Windows\system32\drivers\emupia2k.sys [2010-03-18 92760]
R3 ha10kx2k;Creative Hardware Abstract Layer Driver; E:\Windows\system32\drivers\ha10kx2k.sys [2010-03-18 798808]
R3 hap16v2k;Creative P16V HAL Driver; E:\Windows\system32\drivers\hap16v2k.sys [2010-03-18 162904]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; E:\Windows\system32\DRIVERS\L8042Kbd.sys [2010-08-24 20304]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; E:\Windows\system32\DRIVERS\LHidFilt.Sys [2010-08-24 38864]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; E:\Windows\system32\DRIVERS\LMouFilt.Sys [2010-08-24 37328]
R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; E:\Windows\System32\Drivers\LUsbFilt.Sys [2010-08-24 28624]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; E:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-14 347264]
R3 ossrv;Creative OS Services Driver; E:\Windows\system32\drivers\ctoss2k.sys [2010-03-18 127576]
S1 wfcxacap;WinFast TV PCI Audio Capture Driver; E:\Windows\system32\DRIVERS\wfcxacap.sys [2007-09-19 9856]
S2 wfcxatun;WinFast TV Analog Tuner Driver; E:\Windows\system32\drivers\wfcxatun.sys [2007-09-19 31744]
S2 WFCXVCAP;WinFast TV Video Capture Driver; E:\Windows\system32\drivers\wfcxvcap.sys [2007-09-19 167040]
S3 aic78xx;aic78xx; E:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; E:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 athur;Atheros AR9271 Wireless Network Adapter Service; E:\Windows\system32\DRIVERS\athur.sys [2009-12-31 1445376]
S3 atikmdag;atikmdag; E:\Windows\system32\DRIVERS\atikmdag.sys [2011-01-05 6789120]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; E:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BthEnum;Ovladač pro Bluetooth Request Block; E:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); E:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; E:\Windows\System32\Drivers\BTHport.sys [2011-04-28 393216]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; E:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 catchme;catchme; \??\E:\Users\ADMINI~1\AppData\Local\Temp\catchme.sys []
S3 COMMONFX.DLL;COMMONFX.DLL; E:\Windows\system32\COMMONFX.DLL []
S3 COMMONFX;COMMONFX; E:\Windows\system32\drivers\COMMONFX.SYS [2010-03-18 99416]
S3 CT20XUT.DLL;CT20XUT.DLL; E:\Windows\system32\CT20XUT.DLL [2007-04-12 164608]
S3 CTAUDFX.DLL;CTAUDFX.DLL; E:\Windows\system32\CTAUDFX.DLL []
S3 CTAUDFX;CTAUDFX; E:\Windows\system32\drivers\CTAUDFX.SYS [2010-03-18 555096]
S3 ctdvda2k;Creative DVD-Audio Device Driver; E:\Windows\system32\drivers\ctdvda2k.sys [2010-03-18 347144]
S3 CTEAPSFX.DLL;CTEAPSFX.DLL; E:\Windows\system32\CTEAPSFX.DLL [2007-04-12 168192]
S3 CTEDSPFX.DLL;CTEDSPFX.DLL; E:\Windows\system32\CTEDSPFX.DLL [2007-04-12 280320]
S3 CTEDSPIO.DLL;CTEDSPIO.DLL; E:\Windows\system32\CTEDSPIO.DLL [2007-04-12 128768]
S3 CTEDSPSY.DLL;CTEDSPSY.DLL; E:\Windows\system32\CTEDSPSY.DLL [2007-04-12 323328]
S3 CTERFXFX.DLL;CTERFXFX.DLL; E:\Windows\system32\CTERFXFX.DLL []
S3 CTERFXFX.SYS;CTERFXFX.SYS; E:\Windows\System32\drivers\CTERFXFX.SYS [2010-03-18 100952]
S3 CTERFXFX;CTERFXFX; E:\Windows\system32\drivers\CTERFXFX.SYS [2010-03-18 100952]
S3 CTEXFIFX.DLL;CTEXFIFX.DLL; E:\Windows\system32\CTEXFIFX.DLL [2007-04-12 1317632]
S3 CTHWIUT.DLL;CTHWIUT.DLL; E:\Windows\system32\CTHWIUT.DLL [2007-04-12 66816]
S3 CTSBLFX.DLL;CTSBLFX.DLL; E:\Windows\system32\CTSBLFX.DLL []
S3 CTSBLFX;CTSBLFX; E:\Windows\system32\drivers\CTSBLFX.SYS [2010-03-18 566360]
S3 Dot4;MS IEEE-1284.4 Driver; E:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; E:\Windows\system32\DRIVERS\Dot4Prt.sys [2009-07-14 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; E:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
S3 fssfltr;FssFltr; E:\Windows\system32\DRIVERS\fssfltr.sys [2009-08-05 54632]
S3 gdrv;gdrv; \??\E:\Windows\gdrv.sys [2009-09-22 17488]
S3 hap17v2k;Creative P17V HAL Driver; E:\Windows\system32\drivers\hap17v2k.sys [2010-03-18 189528]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); E:\Windows\system32\drivers\RTKVHDA.sys []
S3 PctvVirtualNdis;Pinnacle Virtual Miniport; E:\Windows\system32\DRIVERS\PctvVirtualNdis.sys [2007-02-02 13696]
S3 RDPDR;Terminal Server Device Redirector Driver; E:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); E:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s3cap;s3cap; E:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; E:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; E:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 TVICHW32;TVICHW32; \??\E:\Windows\system32\DRIVERS\TVICHW32.SYS [2009-09-22 23600]
S3 usb_rndisx;Adaptér USB RNDIS; E:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 15872]
S3 USB28xxBGA;PCTV 70e Device; E:\Windows\system32\DRIVERS\emBDA.sys [2008-03-25 476288]
S3 USB28xxOEM;USB 28xx OEM Filter; E:\Windows\system32\DRIVERS\emOEM.sys [2008-03-25 38656]
S3 usbscan;Ovladač skeneru USB; E:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;VIA AGP Bus Filter; E:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; E:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; E:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; E:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 wfcxdtun;WinFast DTV BDA Tuner/Demod Driver; E:\Windows\system32\drivers\wfcxdtun.sys [2007-09-19 21248]
S3 wfcxtcap;WinFast DTV BDA Transport Stream Capture Driver; E:\Windows\system32\drivers\wfcxtcap.sys [2007-09-19 15872]
S3 wfcxxbar;WinFast TV Crossbar Driver; E:\Windows\system32\drivers\wfcxxbar.sys [2007-09-19 10496]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; E:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AcrSch2Svc;Služba Acronis Scheduler2; E:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2010-09-23 780368]
R2 afcdpsrv;Služba Acronis Nonstop Backup; E:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [2011-06-13 3975088]
R2 AMD External Events Utility;AMD External Events Utility; E:\Windows\system32\atiesrxx.exe [2011-01-05 176128]
R2 AMD FUEL Service;AMD FUEL Service; E:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-01-04 284672]
R2 AMD Reservation Manager;AMD Reservation Manager; E:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-06-17 140224]
R2 CTAudSvcService;Creative Audio Service; E:\Program Files\Creative\Shared Files\CTAudSvc.exe [2010-02-12 286720]
R2 ddservice;ddservice; E:\Windows\update.7.1\svchostdriver.exe [2011-08-22 382464]
R2 Net Driver HPZ12;Net Driver HPZ12; E:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 OS Selector;Acronis OS Selector activator; E:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe [2010-05-25 2139400]
R2 Pml Driver HPZ12;Pml Driver HPZ12; E:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; E:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 SeaPort;SeaPort; E:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-05-14 249136]
R2 srvsysdriver32;srvsysdriver32; E:\Windows\sysdriver32.exe [2011-08-22 258048]
R2 TeamViewer6;TeamViewer 6; E:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe [2011-01-27 2253688]
R2 UleadBurningHelper;Ulead Burning Helper; E:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-12-13 49152]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; E:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; E:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 ekrn;Eset Service; E:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe []
S2 gupdate;Služba Google Update (gupdate); E:\Program Files\Google\Update\GoogleUpdate.exe [2010-05-27 136176]
S2 HPSLPSVC;HP Network Devices Support; E:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 KMService;KMService; E:\Windows\system32\srvany.exe [2010-05-17 8192]
S2 NOD32FiXTemDono;Eset Nod32 Boot; E:\Windows\system32\regedt32.exe [2009-07-14 9216]
S3 AppMgmt;@appmgmts.dll,-3250; E:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; E:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-06-28 79360]
S3 EhttpSrv;Eset HTTP Server; E:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe []
S3 fsssvc;Služba Windows Live Zabezpečení rodiny; E:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 gupdatem;Služba Google Update (gupdatem); E:\Program Files\Google\Update\GoogleUpdate.exe [2010-05-27 136176]
S3 LBTServ;Logitech Bluetooth Service; E:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2010-10-28 293456]
S3 odserv;Microsoft Office Diagnostics Service; E:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; E:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; E:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; E:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Steam Client Service;Steam Client Service; E:\Program Files\Common Files\Steam\SteamService.exe [2009-07-16 316664]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; E:\Windows\System32\svchost.exe [2009-07-14 20992]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 22 srp 2011 11:59

Zdravim a pekny den preji

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

Ukoncete vsechny programy
Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
Zvolte moznost 2 a potvrte enterem
Utilita provede svou cinnost a da log - ten sem vlozte
Nyni znovu, ale zvolte moznost 3 a pote jeste 4 - logy opet vlozte

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

furij · #3 Příspěvek od **furij** » 22 srp 2011 12:01

RogueKiller V5.3.3 [08/18/2011] by Tigzy
contact at http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.sur-la-toile.com/discussion- ... ntees.html

Operating System: Windows 7 (6.1.7600 ) 32 bits version
Started in : Normal mode
User: pablos [Admin rights]
Mode: Remove -- Date : 08/22/2011 13:00:09

Bad processes: 8
[SUSP PATH] sysdriver32.exe -- e:\windows\sysdriver32.exe -> KILLED [TermProc]
[SUSP PATH] systemup.exe -- e:\windows\systemup.exe -> KILLED [TermProc]
[SVCHOST] svchost.exe -- e:\windows\update.tray-15-0\svchost.exe -> KILLED [TermProc]
[HJ NAME] svchost.exe -- e:\windows\update.5.0\svchost.exe -> KILLED [TermProc]
[SVCHOST] svchost.exe -- e:\windows\update.5.0\svchost.exe -> KILLED [TermProc]
[HJ NAME] svchost.exe -- e:\windows\update.2\svchost.exe -> KILLED [TermProc]
[SVCHOST] svchost.exe -- e:\windows\update.2\svchost.exe -> KILLED [TermProc]
[SUSP PATH] l1rezerv.exe -- e:\windows\l1rezerv.exe -> KILLED [TermProc]

Registry Entries: 20
[SUSP PATH] HKLM\[...]\Run : 379341.exe ("E:\Users\Administrator\AppData\Local\temp\379341.exe") -> DELETED
[SUSP PATH] HKLM\[...]\Run : sysdriver32.exe ("E:\Windows\sysdriver32.exe" rezerv) -> DELETED
[SUSP PATH] HKLM\[...]\Run : sysdriver32_.exe ("E:\Windows\sysdriver32_.exe" rezerv) -> DELETED
[SUSP PATH] HKLM\[...]\Run : systemup ("E:\Windows\systemup.exe" stand) -> DELETED
[SUSP PATH] HKLM\[...]\Run : wxpdrv (E:\Windows\services32.exe) -> DELETED
[HJ NAME] HKLM\[...]\Run : tray_ico0 (E:\Windows\update.tray-15-0\svchost.exe) -> DELETED
[SUSP PATH] HKLM\[...]\Run : 6282609.exe ("E:\Windows\TEMP\6282609.exe") -> DELETED
[SUSP PATH] HKLM\[...]\Run : 81067833-loader2.exe ("E:\Windows\TEMP\81067833-loader2.exe") -> DELETED
[SUSP PATH] HKLM\[...]\Run : 3586163.exe ("E:\Windows\TEMP\3586163.exe") -> DELETED
[SUSP PATH] HKLM\[...]\Run : l1rezerv.exe ("E:\Windows\l1rezerv.exe") -> DELETED
[BLACKLIST] HKLM\[...]\services : srvbtcclient (E:\Windows\update.5.0\svchost.exe srv) -> DELETED
[BLACKLIST] HKLM\[...]\services : srviecheck (E:\Windows\update.2\svchost.exe srv) -> DELETED
[BLACKLIST] HKLM\[...]\services : srvsysdriver32 (E:\Windows\sysdriver32.exe srv) -> DELETED
[BLACKLIST] HKLM\[...]\services : wxpdrivers (E:\Windows\update.1\svchost.exe srv) -> DELETED
[BLACKLIST] HKLM\[...]\services : srvsysdriver32 (E:\Windows\sysdriver32.exe srv) -> DELETED
[BLACKLIST] HKLM\[...]\services : wxpdrivers (E:\Windows\update.1\svchost.exe srv) -> DELETED
[HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1)
[HJ] HKLM\[...]\Security Center : AntiVirusDisableNotify (1) -> REPLACED (0)
[HJ] HKLM\[...]\Security Center : FirewallDisableNotify (1) -> REPLACED (0)
[HJ] HKLM\[...]\Security Center : UpdatesDisableNotify (1) -> REPLACED (0)

Particular Files / Folders:

HOSTS File:
127.0.0.1 localhost
127.0.0.1 facebook.com
127.0.0.1 www.facebook.com
127.0.0.1 af-za.facebook.com
127.0.0.1 az-az.facebook.com
127.0.0.1 id-id.facebook.com
127.0.0.1 ms-my.facebook.com
127.0.0.1 bs-ba.facebook.com
127.0.0.1 ca-es.facebook.com
127.0.0.1 cs-cz.facebook.com
127.0.0.1 cy-gb.facebook.com
127.0.0.1 da-dk.facebook.com
127.0.0.1 de-de.facebook.com
127.0.0.1 et-ee.facebook.com
127.0.0.1 en-gb.facebook.com
127.0.0.1 es-la.facebook.com
127.0.0.1 eo-eo.facebook.com
127.0.0.1 eu-es.facebook.com
127.0.0.1 tl-ph.facebook.com
127.0.0.1 fo-fo.facebook.com
[...]

Finished : << RKreport[6].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt ;
RKreport[6].txt

furij · #4 Příspěvek od **furij** » 22 srp 2011 12:02

RogueKiller V5.3.3 [08/18/2011] by Tigzy
contact at http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.sur-la-toile.com/discussion- ... ntees.html

Operating System: Windows 7 (6.1.7600 ) 32 bits version
Started in : Normal mode
User: pablos [Admin rights]
Mode: HOSTSFix -- Date : 08/22/2011 13:01:23

Bad processes: 0

HOSTS File:
127.0.0.1 localhost
127.0.0.1 facebook.com
127.0.0.1 www.facebook.com
127.0.0.1 af-za.facebook.com
127.0.0.1 az-az.facebook.com
127.0.0.1 id-id.facebook.com
127.0.0.1 ms-my.facebook.com
127.0.0.1 bs-ba.facebook.com
127.0.0.1 ca-es.facebook.com
127.0.0.1 cs-cz.facebook.com
127.0.0.1 cy-gb.facebook.com
127.0.0.1 da-dk.facebook.com
127.0.0.1 de-de.facebook.com
127.0.0.1 et-ee.facebook.com
127.0.0.1 en-gb.facebook.com
127.0.0.1 es-la.facebook.com
127.0.0.1 eo-eo.facebook.com
127.0.0.1 eu-es.facebook.com
127.0.0.1 tl-ph.facebook.com
127.0.0.1 fo-fo.facebook.com
[...]

Resetted HOSTS:
127.0.0.1 localhost

Finished : << RKreport[7].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt ;
RKreport[6].txt ; RKreport[7].txt

furij · #5 Příspěvek od **furij** » 22 srp 2011 12:02

RogueKiller V5.3.3 [08/18/2011] by Tigzy
contact at http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.sur-la-toile.com/discussion- ... ntees.html

Operating System: Windows 7 (6.1.7600 ) 32 bits version
Started in : Normal mode
User: pablos [Admin rights]
Mode: ProxyFix -- Date : 08/22/2011 13:01:40

Bad processes: 0

Registry Entries: 0

Finished : << RKreport[8].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt ;
RKreport[6].txt ; RKreport[7].txt ; RKreport[8].txt

#6 Příspěvek od **vyosek** » 22 srp 2011 12:08

Super, nyni poprosim jeste o aplikaci ComboFixu

furij · #7 Příspěvek od **furij** » 22 srp 2011 12:17

ComboFix 11-08-22.02 - pablos 22.08.2011 13:04:09.3.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.3072.2074 [GMT 2:00]
Spuštěný z: e:\users\Administrator\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
e:\windows\btc_client_iplist.txt
e:\windows\front_ip_list.txt
e:\windows\geoiplist
e:\windows\geoiplist.rar
e:\windows\iecheck_iplist.txt
e:\windows\info1
e:\windows\iplist.txt
e:\windows\l1rezerv.exe
e:\windows\loader2.exe_ok
e:\windows\phoenix
e:\windows\phoenix.rar
e:\windows\phoenix\kernels\phatk\__init__.py
e:\windows\phoenix\kernels\phatk\BFIPatcher.py
e:\windows\phoenix\kernels\phatk\kernel.cl
e:\windows\phoenix\kernels\poclbm\__init__.py
e:\windows\phoenix\kernels\poclbm\BFIPatcher.py
e:\windows\phoenix\kernels\poclbm\kernel.cl
e:\windows\phoenix\phoenix.exe
e:\windows\proc_list1.log
e:\windows\rpcminer
e:\windows\rpcminer.rar
e:\windows\rpcminer\bitcoinminercuda_10.cubin
e:\windows\rpcminer\bitcoinminercuda_11.cubin
e:\windows\rpcminer\bitcoinminercuda_20.cubin
e:\windows\rpcminer\bitcoinmineropencl.cl
e:\windows\rpcminer\cudart32_32_16.dll
e:\windows\rpcminer\curllib.dll
e:\windows\rpcminer\libeay32.dll
e:\windows\rpcminer\libsasl.dll
e:\windows\rpcminer\openldap.dll
e:\windows\rpcminer\rpcminer-4way.exe
e:\windows\rpcminer\rpcminer-cpu.exe
e:\windows\rpcminer\rpcminer-cuda.exe
e:\windows\rpcminer\rpcminer-opencl.exe
e:\windows\rpcminer\ssleay32.dll
e:\windows\sysdriver32.exe
e:\windows\sysdriver32_.exe
e:\windows\system32\drivers\etc\HSTS~1
e:\windows\systemup.exe
e:\windows\ufa.rar
e:\windows\update.1
e:\windows\update.1\svchost.exe
e:\windows\update.2
e:\windows\update.2\svchost.exe
e:\windows\update.3
e:\windows\update.5.0
e:\windows\update.5.0\svchost.exe
e:\windows\winlog-dirs.txt
e:\windows\winlog-ids.txt
e:\windows\winsetupapi.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-07-22 do 2011-08-22 )))))))))))))))))))))))))))))))
.
.
2011-08-22 11:10 . 2011-08-22 11:10 -------- d-----w- e:\users\Administrator\AppData\Local\temp
2011-08-22 11:10 . 2011-08-22 11:10 -------- d-----w- e:\users\Default\AppData\Local\temp
2011-08-22 10:44 . 2011-08-22 10:44 -------- d--h--w- e:\windows\update.tray-15-0
2011-08-22 10:44 . 2011-08-22 10:44 -------- d--h--w- e:\windows\update.tray-15-0-lnk
2011-08-22 08:56 . 2011-08-22 08:56 -------- d-----w- e:\users\Administrator\AppData\Roaming\Malwarebytes
2011-08-22 08:56 . 2011-08-22 08:56 -------- d-----w- e:\programdata\Malwarebytes
2011-08-22 08:56 . 2010-11-29 15:42 38224 ----a-w- e:\windows\system32\drivers\mbamswissarmy.sys
2011-08-22 08:56 . 2011-08-22 08:56 -------- d-----w- e:\program files\Malwarebytes' Anti-Malware
2011-08-22 08:56 . 2010-11-29 15:42 20952 ----a-w- e:\windows\system32\drivers\mbam.sys
2011-08-22 08:40 . 2011-08-12 02:44 7152464 ----a-w- e:\programdata\Microsoft\Windows Defender\Definition Updates\{023664EB-744A-4930-8C77-44523F604405}\mpengine.dll
2011-08-22 08:40 . 2011-08-22 10:47 -------- d-----w- e:\program files\trend micro
2011-08-22 08:40 . 2011-08-22 08:41 -------- d-----w- E:\rsit
2011-08-22 08:35 . 2011-06-15 09:04 86016 ----a-w- e:\windows\system32\odbccu32.dll
2011-08-22 08:35 . 2011-06-15 09:04 81920 ----a-w- e:\windows\system32\odbccr32.dll
2011-08-22 08:35 . 2011-06-15 09:04 319488 ----a-w- e:\windows\system32\odbcjt32.dll
2011-08-22 08:35 . 2011-06-15 09:04 163840 ----a-w- e:\windows\system32\odbctrac.dll
2011-08-22 08:35 . 2011-06-15 09:04 122880 ----a-w- e:\windows\system32\odbccp32.dll
2011-08-22 08:35 . 2011-06-15 09:04 94208 ----a-w- e:\program files\Common Files\System\Ole DB\msdaosp.dll
2011-08-22 08:32 . 2011-08-22 08:32 -------- d-----w- e:\windows\ufa
2011-08-22 08:32 . 2011-08-22 08:32 -------- d--h--w- e:\windows\update.7.1
2011-08-22 08:30 . 2011-08-22 10:50 246272 ----a-w- e:\windows\unrar.exe
2011-08-22 08:18 . 2011-08-22 10:45 -------- d-----w- e:\windows\av_ico
2011-08-22 08:15 . 2011-08-22 18:28 -------- d--h--w- e:\windows\update.tray-2-0
2011-08-22 08:15 . 2011-08-22 18:28 -------- d--h--w- e:\windows\update.tray-2-0-lnk
2011-08-01 12:51 . 2011-05-24 10:35 294912 ----a-w- e:\windows\system32\umpnpmgr.dll
2011-08-01 12:51 . 2011-05-04 04:53 1553920 ----a-w- e:\windows\system32\tquery.dll
2011-08-01 12:51 . 2011-05-04 04:52 1401856 ----a-w- e:\windows\system32\mssrch.dll
2011-08-01 12:51 . 2011-05-04 04:52 666624 ----a-w- e:\windows\system32\mssvp.dll
2011-08-01 12:51 . 2011-05-04 04:52 428032 ----a-w- e:\windows\system32\SearchIndexer.exe
2011-08-01 12:51 . 2011-05-04 04:52 59392 ----a-w- e:\windows\system32\msscntrs.dll
2011-08-01 12:51 . 2011-05-04 04:52 337408 ----a-w- e:\windows\system32\mssph.dll
2011-08-01 12:51 . 2011-05-04 04:52 197120 ----a-w- e:\windows\system32\mssphtb.dll
2011-08-01 12:51 . 2011-05-04 04:52 86528 ----a-w- e:\windows\system32\SearchFilterHost.exe
2011-08-01 12:51 . 2011-05-04 04:52 164352 ----a-w- e:\windows\system32\SearchProtocolHost.exe
2011-08-01 12:51 . 2011-06-11 02:37 2332672 ----a-w- e:\windows\system32\win32k.sys
2011-08-01 12:50 . 2011-04-09 05:56 123904 ----a-w- e:\windows\system32\poqexec.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-13 07:28 . 2011-05-14 07:53 404640 ----a-w- e:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-03 13:48 . 2011-02-05 13:38 16400 ----a-w- e:\windows\system32\drivers\LNonPnP.sys
2011-06-28 18:39 . 2009-09-14 19:15 445016 ----a-w- e:\windows\system32\wrap_oal.dll
2011-06-28 18:39 . 2009-09-14 19:15 109144 ----a-w- e:\windows\system32\OpenAL32.dll
2011-06-13 12:55 . 2011-06-13 12:55 163232 ----a-w- e:\windows\system32\drivers\afcdp.sys
2011-06-13 12:54 . 2011-06-13 12:54 752128 ----a-w- e:\windows\system32\drivers\tdrpm273.sys
2011-06-13 12:54 . 2011-06-13 12:54 600928 ----a-w- e:\windows\system32\drivers\timntr.sys
2011-06-13 12:54 . 2011-06-08 18:11 170464 ----a-w- e:\windows\system32\drivers\snapman.sys
2011-06-13 11:59 . 2011-06-13 11:59 218688 ----a-w- e:\windows\system32\drivers\dtsoftbus01.sys
2011-06-08 15:45 . 2011-06-08 15:31 37888 ----a-w- e:\windows\system32\setupnt.dll
2011-06-08 15:45 . 2011-06-08 15:31 28096 ----a-w- e:\windows\system32\drivers\tifsfilt.sys
2011-05-24 17:14 . 2009-09-30 09:09 222080 ------w- e:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="e:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"Infium"="e:\program files\QIP 2010\qip.exe" [2011-07-18 6812032]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="e:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"ArcSoft Connection Service"="e:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"StartCCC"="e:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-01-04 336384]
"EvtMgr6"="e:\program files\Logitech\SetPointP\SetPoint.exe" [2010-10-28 1352272]
"Start WingMan Profiler"="e:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-06-14 153672]
"Windows Mobile Device Center"="e:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"SAOB Monitor"="e:\program files\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe" [2010-09-02 2536752]
"TrueImageMonitor.exe"="e:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2010-09-23 5502312]
"Služba Acronis Scheduler2"="e:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2010-09-23 391144]
"CTxfiHlp"="CTXFIHLP.EXE" [2007-04-09 19968]
"CTHelper"="CTHELPER.EXE" [2010-03-18 19456]
"tray_ico"="" [BU]
"tray_ico1"="" [BU]
"tray_ico2"="" [BU]
"tray_ico3"="" [BU]
"tray_ico4"="" [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableSecureUIAPaths"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2010-10-28 10:13 64592 ----a-w- e:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-02-27 15:10 35696 ----a-w- e:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2005-08-11 14:30 249856 ----a-w- e:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2005-08-11 14:30 81920 ----a-w- e:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ScanSoft OmniPage 16-reminder]
2007-07-20 07:50 328992 ----a-w- e:\program files\ScanSoft\OmniPage16\Ereg\Ereg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-10-11 03:17 149280 ----a-w- e:\program files\Java\jre6\bin\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
"DisableThumbnailCache"=dword:00000001
.
R2 ddservice;ddservice;e:\windows\update.7.1\svchostdriver.exe [2011-08-22 382464]
R2 ekrn;Eset Service;e:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [x]
R2 gupdate;Služba Google Update (gupdate);e:\program files\Google\Update\GoogleUpdate.exe [2010-05-27 136176]
R2 KMService;KMService;e:\windows\system32\srvany.exe [2010-05-17 8192]
R2 NOD32FiXTemDono;Eset Nod32 Boot;e:\windows\system32\regedt32.exe [2009-07-14 9216]
R3 athur;Atheros AR9271 Wireless Network Adapter Service;e:\windows\system32\DRIVERS\athur.sys [2009-12-31 1445376]
R3 COMMONFX;COMMONFX;e:\windows\system32\drivers\COMMONFX.SYS [2010-03-18 99416]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;e:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-06-28 79360]
R3 CTAUDFX;CTAUDFX;e:\windows\system32\drivers\CTAUDFX.SYS [2010-03-18 555096]
R3 CTERFXFX.SYS;CTERFXFX.SYS;e:\windows\System32\drivers\CTERFXFX.SYS [2010-03-18 100952]
R3 CTERFXFX;CTERFXFX;e:\windows\system32\drivers\CTERFXFX.SYS [2010-03-18 100952]
R3 CTSBLFX;CTSBLFX;e:\windows\system32\drivers\CTSBLFX.SYS [2010-03-18 566360]
R3 gupdatem;Služba Google Update (gupdatem);e:\program files\Google\Update\GoogleUpdate.exe [2010-05-27 136176]
R3 osppsvc;Office Software Protection Platform;e:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 PctvVirtualNdis;Pinnacle Virtual Miniport;e:\windows\system32\DRIVERS\PctvVirtualNdis.sys [2007-02-02 13696]
S0 sptd;sptd;e:\windows\System32\Drivers\sptd.sys [2009-09-15 721904]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;e:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-06-13 218688]
S1 epfwtdir;epfwtdir;e:\windows\system32\DRIVERS\epfwtdir.sys [2009-10-07 35168]
S2 afcdpsrv;Služba Acronis Nonstop Backup;e:\program files\Common Files\Acronis\CDP\afcdpsrv.exe [2011-06-13 3975088]
S2 AMD External Events Utility;AMD External Events Utility;e:\windows\system32\atiesrxx.exe [2011-01-05 176128]
S2 AMD FUEL Service;AMD FUEL Service;e:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-01-04 284672]
S2 AMD Reservation Manager;AMD Reservation Manager;e:\program files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-06-17 140224]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;e:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 OS Selector;Acronis OS Selector activator;e:\program files\Acronis\DiskDirector\OSS\reinstall_svc.exe [2010-05-25 2139400]
S3 afcdp;afcdp;e:\windows\system32\DRIVERS\afcdp.sys [2011-06-13 163232]
S3 amdiox86;AMD IO Driver;e:\windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
S3 amdkmdag;amdkmdag;e:\windows\system32\DRIVERS\atikmdag.sys [2011-01-05 6789120]
S3 amdkmdap;amdkmdap;e:\windows\system32\DRIVERS\atikmpag.sys [2011-01-05 235520]
S3 COMMONFX.SYS;COMMONFX.SYS;e:\windows\System32\drivers\COMMONFX.SYS [2010-03-18 99416]
S3 CTAUDFX.SYS;CTAUDFX.SYS;e:\windows\System32\drivers\CTAUDFX.SYS [2010-03-18 555096]
S3 CTSBLFX.SYS;CTSBLFX.SYS;e:\windows\System32\drivers\CTSBLFX.SYS [2010-03-18 566360]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
Obsah adresáře 'Naplánované úlohy'
.
2011-08-22 e:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- e:\program files\Google\Update\GoogleUpdate.exe [2010-05-27 08:21]
.
2011-08-22 e:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- e:\program files\Google\Update\GoogleUpdate.exe [2010-05-27 08:21]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xport to Microsoft Excel - e:\progra~1\MIF5BA~1\OFFICE~1\Office14\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - e:\progra~1\MIF5BA~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.10.7.193
DPF: {3FC80F5C-946D-430E-A650-6457CA9AD031} - hxxp://10.10.130.15:81/WebCamX.cab
DPF: {7B40618E-CC3D-4E7C-800A-E0306DD8BD48} - hxxp://10.10.54.40:8080/AVC_AX_757.cab
FF - ProfilePath - e:\users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\hadl7b3u.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.ceskenoviny.cz/
FF - prefs.js: keyword.URL - hxxp://vshare.toolbarhome.com/search.aspx?srch=ku&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - e:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - e:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
.
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.1.7600
.
CreateFile("\\.\PHYSICALDRIVE255"): Systém nemůže nalézt uvedený soubor.
device: opened successfully
user: error reading MBR
kernel: MBR read successfully
user != kernel MBR !!!
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (Administrator)
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,3b,1b,0c,14,cb,
03,9c,ba,ed,06,b8,9f,bf,17,8f,6c,fa,df
"{6EBF7485-159F-4BFF-A14F-B9E3AAC4465B}"=hex:51,66,7a,6c,4c,1d,3b,1b,95,68,ab,
75,ae,47,91,0f,bc,46,fc,a3,a9,86,01,47
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,3b,1b,74,c8,24,
8b,33,1e,d1,0e,93,c5,14,24,75,4a,24,da
"{B4F3A835-0E21-4959-BA22-42B3008E02FF}"=hex:51,66,7a,6c,4c,1d,3b,1b,25,b4,e7,
af,10,5c,37,0d,a7,2b,07,f3,03,cc,45,e3
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,3b,1b,54,1c,dc,
c0,74,f6,35,07,a1,7d,d9,65,c2,87,cf,b5
"{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}"=hex:51,66,7a,6c,4c,1d,3b,1b,d0,91,4e,
fa,27,d7,cf,06,9c,e3,99,d4,ef,58,88,0c
"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,3b,1b,6f,c2,fe,
a6,54,90,be,55,a1,e4,45,e0,ca,48,f2,13
"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,3b,1b,21,82,11,
e4,6b,9e,40,0a,a2,32,d3,a9,2a,94,12,1f
.
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,6e,07,d6,02,1c,05,83,4a,8e,24,d9,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,6e,07,d6,02,1c,05,83,4a,8e,24,d9,\
"027C9CB72E593A8F02C55092F385DBAC99DF56D067"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,0f,a9,60,8f,ca,6c,5a,40,ab,f2,1f,\
.
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3g2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3G2"
.
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3G2"
.
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gpp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3GP"
.
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AAC\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ADTS"
.
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADT\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ADTS"
.
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADTS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ADTS"
.
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"
.
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aifc\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"
.
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aiff\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"
.
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AU"
.
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cda\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.CDA"
.
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.doc\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Word.Document.8"
.
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ThunderbirdEML"
.
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Opera.HTML"
.
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Opera.HTML"
.
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.m3u"
.
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4a\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M4A"
.
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mht\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Opera.HTML"
.
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mhtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Opera.HTML"
.
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"
.
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.midi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"
.
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mod\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP3"
.
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp3\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP3"
.
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP4"
.
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpa\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"
.
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AU"
.
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tts\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.TTS"
.
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WAV"
.
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wax\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WAX"
.
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wdseml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ThunderbirdEML"
.
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMA"
.
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMD"
.
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wms\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMS"
.
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmz\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMZ"
.
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wpl\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WPL"
.
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Opera.HTML"
.
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Opera.HTML"
.
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Opera.HTML"
.
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlsx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="Excel.Sheet.12"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-08-22 13:12:29
ComboFix-quarantined-files.txt 2011-08-22 11:12
ComboFix2.txt 2011-08-22 10:35
ComboFix3.txt 2011-08-22 10:13
.
Před spuštěním: 7 698 558 976
Po spuštění: 7 702 245 376
.
- - End Of File - - 394AD1DA0F8B55903F53C8D4EF026AAA

#8 Příspěvek od **vyosek** » 22 srp 2011 16:21

Doufam, ze po ukonceni leceni, tam date free reseni zabezpeceni a ne ten cracknuty NOD

Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe

Utilitu spustte a prikazte ji, at skenuje - klik na Start Scan
Pokud utilita najde infikekci, bude ji chtit lecit (Cure), povolte leceni kliknutim na Continue
Pokud utilita najde podezrely soubor (suspicious), bude jej chtit preskocit (Skip), povolte preskoceni kliknutim na Continue
Po dokonceni skenu bude mozna nutny restart PC, povolte jej kliknutim na Reboot now
Po restartu na Vas vyskoci log, pokud se tak nestane, najdete jej primo na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt - jeho obsah sem vlozte
Pokud restart nebude vyzadovan, kliknete na Close a nasledne na Report - vytvori se log - jeho obsah sem vlozte

Pokud nemate, tak presunte Combofix na plochu

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

KillAll::

Folder::
e:\windows\update.tray-15-0
e:\windows\update.tray-15-0-lnk
e:\windows\ufa
e:\windows\update.7.1
e:\windows\av_ico
e:\windows\update.tray-2-0
e:\windows\update.tray-2-0-lnk

File::
e:\windows\unrar.exe
E:\Windows\tasks\GoogleUpdateTaskMachineCore.job
E:\Windows\tasks\GoogleUpdateTaskMachineUA.job

Driver::
NOD32FiXTemDono
ddservice
gupdatem
gupdate

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTxfiHlp"=-
"CTHelper"=-
"tray_ico"=-
"tray_ico1"=-
"tray_ico2"=-
"tray_ico3"=-
"tray_ico4"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000000
"DisableThumbnailCache"=dword:00000000

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"E:\Windows\update.tray-2-0-lnk\svchost.exe"=-"
"E:\Windows\update.1\svchost.exe"=-

Firefox::
FF - ProfilePath - e:\users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\hadl7b3u.default\
FF - prefs.js: keyword.URL - hxxp://vshare.toolbarhome.com/search.aspx?srch=ku&q=

RegLock::
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Internet Explorer\Approved Extensions]
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Internet Explorer\User Preferences]
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3g2\UserChoice]
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp2\UserChoice]
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gpp\UserChoice]
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AAC\UserChoice]
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADT\UserChoice]
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADTS\UserChoice]
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\UserChoice]
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aifc\UserChoice]
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aiff\UserChoice]
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\UserChoice]
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cda\UserChoice]
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.doc\UserChoice]
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\UserChoice]
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4a\UserChoice]
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mht\UserChoice]
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mhtml\UserChoice]
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\UserChoice]
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.midi\UserChoice]
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mod\UserChoice]
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2\UserChoice]
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2v\UserChoice]
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp3\UserChoice]
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4v\UserChoice]
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpa\UserChoice]
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv2\UserChoice]
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmi\UserChoice]
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\UserChoice]
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tts\UserChoice]
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\UserChoice]
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wax\UserChoice]
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wdseml\UserChoice]
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\UserChoice]
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmd\UserChoice]
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wms\UserChoice]
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmz\UserChoice]
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wpl\UserChoice]
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtm\UserChoice]
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
[HKEY_USERS\S-1-5-21-2626119127-3120722692-1511301052-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlsx\UserChoice]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

Reboot::

Ulozte vytvoreny TXT jako CFScript.txt
Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

furij · #9 Příspěvek od **furij** » 22 srp 2011 18:41

2011/08/22 19:35:02.0440 5008 TDSS rootkit removing tool 2.5.16.0 Aug 19 2011 17:48:17
2011/08/22 19:35:02.0550 5008 ================================================================================
2011/08/22 19:35:02.0550 5008 SystemInfo:
2011/08/22 19:35:02.0550 5008
2011/08/22 19:35:02.0550 5008 OS Version: 6.1.7600 ServicePack: 0.0
2011/08/22 19:35:02.0550 5008 Product type: Workstation
2011/08/22 19:35:02.0551 5008 ComputerName: PCA1B2C3
2011/08/22 19:35:02.0551 5008 UserName: pablos
2011/08/22 19:35:02.0551 5008 Windows directory: E:\Windows
2011/08/22 19:35:02.0551 5008 System windows directory: E:\Windows
2011/08/22 19:35:02.0551 5008 Processor architecture: Intel x86
2011/08/22 19:35:02.0551 5008 Number of processors: 2
2011/08/22 19:35:02.0551 5008 Page size: 0x1000
2011/08/22 19:35:02.0551 5008 Boot type: Normal boot
2011/08/22 19:35:02.0551 5008 ================================================================================
2011/08/22 19:35:04.0765 5008 Initialize success
2011/08/22 19:35:16.0778 5872 ================================================================================
2011/08/22 19:35:16.0778 5872 Scan started
2011/08/22 19:35:16.0778 5872 Mode: Manual;
2011/08/22 19:35:16.0778 5872 ================================================================================
2011/08/22 19:35:17.0777 5872 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) E:\Windows\system32\DRIVERS\1394ohci.sys
2011/08/22 19:35:17.0840 5872 ACPI (f0e07d144c8685b8774bc32fc8da4df0) E:\Windows\system32\DRIVERS\ACPI.sys
2011/08/22 19:35:17.0876 5872 AcpiPmi (98d81ca942d19f7d9153b095162ac013) E:\Windows\system32\DRIVERS\acpipmi.sys
2011/08/22 19:35:17.0930 5872 adp94xx (21e785ebd7dc90a06391141aac7892fb) E:\Windows\system32\DRIVERS\adp94xx.sys
2011/08/22 19:35:17.0977 5872 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) E:\Windows\system32\DRIVERS\adpahci.sys
2011/08/22 19:35:18.0007 5872 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) E:\Windows\system32\DRIVERS\adpu320.sys
2011/08/22 19:35:18.0062 5872 afcdp (0cba69e0bda9f55736239627e49df31a) E:\Windows\system32\DRIVERS\afcdp.sys
2011/08/22 19:35:18.0138 5872 AFD (0db7a48388d54d154ebec120461a0fcd) E:\Windows\system32\drivers\afd.sys
2011/08/22 19:35:18.0190 5872 agp440 (507812c3054c21cef746b6ee3d04dd6e) E:\Windows\system32\DRIVERS\agp440.sys
2011/08/22 19:35:18.0223 5872 aic78xx (8b30250d573a8f6b4bd23195160d8707) E:\Windows\system32\DRIVERS\djsvs.sys
2011/08/22 19:35:18.0253 5872 aliide (0d40bcf52ea90fc7df2aeab6503dea44) E:\Windows\system32\DRIVERS\aliide.sys
2011/08/22 19:35:18.0312 5872 amdagp (3c6600a0696e90a463771c7422e23ab5) E:\Windows\system32\DRIVERS\amdagp.sys
2011/08/22 19:35:18.0341 5872 amdide (cd5914170297126b6266860198d1d4f0) E:\Windows\system32\DRIVERS\amdide.sys
2011/08/22 19:35:18.0384 5872 amdiox86 (ff258424f0b2ef25eb98f04ee386e6e3) E:\Windows\system32\DRIVERS\amdiox86.sys
2011/08/22 19:35:18.0428 5872 AmdK8 (00dda200d71bac534bf56a9db5dfd666) E:\Windows\system32\DRIVERS\amdk8.sys
2011/08/22 19:35:18.0637 5872 amdkmdag (409d070998de0c740372531174d22c91) E:\Windows\system32\DRIVERS\atikmdag.sys
2011/08/22 19:35:18.0847 5872 amdkmdap (377cd7845a5c428112add976867a2819) E:\Windows\system32\DRIVERS\atikmpag.sys
2011/08/22 19:35:18.0866 5872 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) E:\Windows\system32\DRIVERS\amdppm.sys
2011/08/22 19:35:18.0906 5872 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) E:\Windows\system32\drivers\amdsata.sys
2011/08/22 19:35:18.0940 5872 amdsbs (ea43af0c423ff267355f74e7a53bdaba) E:\Windows\system32\DRIVERS\amdsbs.sys
2011/08/22 19:35:18.0978 5872 amdxata (869e67d66be326a5a9159fba8746fa70) E:\Windows\system32\drivers\amdxata.sys
2011/08/22 19:35:19.0009 5872 AppID (feb834c02ce1e84b6a38f953ca067706) E:\Windows\system32\drivers\appid.sys
2011/08/22 19:35:19.0046 5872 arc (2932004f49677bd84dbc72edb754ffb3) E:\Windows\system32\DRIVERS\arc.sys
2011/08/22 19:35:19.0077 5872 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) E:\Windows\system32\DRIVERS\arcsas.sys
2011/08/22 19:35:19.0179 5872 AsyncMac (add2ade1c2b285ab8378d2daaf991481) E:\Windows\system32\DRIVERS\asyncmac.sys
2011/08/22 19:35:19.0206 5872 atapi (338c86357871c167a96ab976519bf59e) E:\Windows\system32\DRIVERS\atapi.sys
2011/08/22 19:35:19.0294 5872 athur (224b0221c1665f621c7cf84920fc3743) E:\Windows\system32\DRIVERS\athur.sys
2011/08/22 19:35:19.0524 5872 atikmdag (409d070998de0c740372531174d22c91) E:\Windows\system32\DRIVERS\atikmdag.sys
2011/08/22 19:35:19.0621 5872 b06bdrv (1a231abec60fd316ec54c66715543cec) E:\Windows\system32\DRIVERS\bxvbdx.sys
2011/08/22 19:35:19.0671 5872 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) E:\Windows\system32\DRIVERS\b57nd60x.sys
2011/08/22 19:35:19.0704 5872 Beep (505506526a9d467307b3c393dedaf858) E:\Windows\system32\drivers\Beep.sys
2011/08/22 19:35:19.0750 5872 blbdrive (2287078ed48fcfc477b05b20cf38f36f) E:\Windows\system32\DRIVERS\blbdrive.sys
2011/08/22 19:35:19.0789 5872 bowser (9a5c671b7fbae4865149bb11f59b91b2) E:\Windows\system32\DRIVERS\bowser.sys
2011/08/22 19:35:19.0820 5872 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) E:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/08/22 19:35:19.0848 5872 BrFiltUp (56801ad62213a41f6497f96dee83755a) E:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/08/22 19:35:19.0888 5872 Brserid (845b8ce732e67f3b4133164868c666ea) E:\Windows\System32\Drivers\Brserid.sys
2011/08/22 19:35:19.0923 5872 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) E:\Windows\System32\Drivers\BrSerWdm.sys
2011/08/22 19:35:19.0948 5872 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) E:\Windows\System32\Drivers\BrUsbMdm.sys
2011/08/22 19:35:19.0974 5872 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) E:\Windows\System32\Drivers\BrUsbSer.sys
2011/08/22 19:35:20.0019 5872 BthEnum (2865a5c8e98c70c605f417908cebb3a4) E:\Windows\system32\drivers\BthEnum.sys
2011/08/22 19:35:20.0037 5872 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) E:\Windows\system32\DRIVERS\bthmodem.sys
2011/08/22 19:35:20.0088 5872 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) E:\Windows\system32\DRIVERS\bthpan.sys
2011/08/22 19:35:20.0145 5872 BTHPORT (88059ff1ded4472acd17eebabd393069) E:\Windows\System32\Drivers\BTHport.sys
2011/08/22 19:35:20.0216 5872 BTHUSB (80e6384beec03b8bd45edea29802d657) E:\Windows\System32\Drivers\BTHUSB.sys
2011/08/22 19:35:20.0313 5872 cdfs (77ea11b065e0a8ab902d78145ca51e10) E:\Windows\system32\DRIVERS\cdfs.sys
2011/08/22 19:35:20.0335 5872 cdrom (ba6e70aa0e6091bc39de29477d866a77) E:\Windows\system32\DRIVERS\cdrom.sys
2011/08/22 19:35:20.0360 5872 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) E:\Windows\system32\DRIVERS\circlass.sys
2011/08/22 19:35:20.0412 5872 CLFS (635181e0e9bbf16871bf5380d71db02d) E:\Windows\system32\CLFS.sys
2011/08/22 19:35:20.0545 5872 CmBatt (dea805815e587dad1dd2c502220b5616) E:\Windows\system32\DRIVERS\CmBatt.sys
2011/08/22 19:35:20.0586 5872 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) E:\Windows\system32\DRIVERS\cmdide.sys
2011/08/22 19:35:20.0620 5872 CNG (1b675691ed940766149c93e8f4488d68) E:\Windows\system32\Drivers\cng.sys
2011/08/22 19:35:20.0682 5872 COMMONFX (ef44c32b1aef62380426b260bf2c66f1) E:\Windows\system32\drivers\COMMONFX.SYS
2011/08/22 19:35:20.0721 5872 COMMONFX.SYS (ef44c32b1aef62380426b260bf2c66f1) E:\Windows\System32\drivers\COMMONFX.SYS
2011/08/22 19:35:20.0750 5872 Compbatt (a6023d3823c37043986713f118a89bee) E:\Windows\system32\DRIVERS\compbatt.sys
2011/08/22 19:35:20.0771 5872 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) E:\Windows\system32\DRIVERS\CompositeBus.sys
2011/08/22 19:35:20.0808 5872 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) E:\Windows\system32\DRIVERS\crcdisk.sys
2011/08/22 19:35:20.0875 5872 CT20XUT.DLL (6191a973461852a09d643609e1d5f7c6) E:\Windows\system32\CT20XUT.DLL
2011/08/22 19:35:20.0921 5872 ctac32k (357c534b38019b597f51c8bf7186c118) E:\Windows\system32\drivers\ctac32k.sys
2011/08/22 19:35:20.0975 5872 ctaud2k (691f8259a1f9c983356d8db2cde8043c) E:\Windows\system32\drivers\ctaud2k.sys
2011/08/22 19:35:21.0034 5872 CTAUDFX (7fc78aa6521ef3d9f16e51efab0bf13b) E:\Windows\system32\drivers\CTAUDFX.SYS
2011/08/22 19:35:21.0091 5872 CTAUDFX.SYS (7fc78aa6521ef3d9f16e51efab0bf13b) E:\Windows\System32\drivers\CTAUDFX.SYS
2011/08/22 19:35:21.0148 5872 ctdvda2k (8545d70b0335a05498f34e7e3f8ca9a2) E:\Windows\system32\drivers\ctdvda2k.sys
2011/08/22 19:35:21.0198 5872 CTEAPSFX.DLL (6a57f82009563aee8826f117e1d3c72c) E:\Windows\system32\CTEAPSFX.DLL
2011/08/22 19:35:21.0232 5872 CTEDSPFX.DLL (c8ac1ffaeadd655193d7b1811a572d8d) E:\Windows\system32\CTEDSPFX.DLL
2011/08/22 19:35:21.0261 5872 CTEDSPIO.DLL (44495d9daf675257d00b25b041ee6667) E:\Windows\system32\CTEDSPIO.DLL
2011/08/22 19:35:21.0303 5872 CTEDSPSY.DLL (8e90b1762cb42e2fc76dac9210c83c66) E:\Windows\system32\CTEDSPSY.DLL
2011/08/22 19:35:21.0337 5872 CTERFXFX (16f448354067914e7deaea709011bd60) E:\Windows\system32\drivers\CTERFXFX.SYS
2011/08/22 19:35:21.0391 5872 CTERFXFX.SYS (16f448354067914e7deaea709011bd60) E:\Windows\System32\drivers\CTERFXFX.SYS
2011/08/22 19:35:21.0452 5872 CTEXFIFX.DLL (2c48e9d8ca703964463f27ae341115b7) E:\Windows\system32\CTEXFIFX.DLL
2011/08/22 19:35:21.0517 5872 CTHWIUT.DLL (f7657c598e7c29c6683c1e4a8dd68884) E:\Windows\system32\CTHWIUT.DLL
2011/08/22 19:35:21.0557 5872 ctprxy2k (4d71541283aea28fb839007be90b5fc7) E:\Windows\system32\drivers\ctprxy2k.sys
2011/08/22 19:35:21.0595 5872 CTSBLFX (64c83684661be137023f5186a612cf34) E:\Windows\system32\drivers\CTSBLFX.SYS
2011/08/22 19:35:21.0654 5872 CTSBLFX.SYS (64c83684661be137023f5186a612cf34) E:\Windows\System32\drivers\CTSBLFX.SYS
2011/08/22 19:35:21.0704 5872 ctsfm2k (632194572ebde8d461728cf382a7e964) E:\Windows\system32\drivers\ctsfm2k.sys
2011/08/22 19:35:21.0784 5872 DfsC (83d1ecea8faae75604c0fa49ac7ad996) E:\Windows\system32\Drivers\dfsc.sys
2011/08/22 19:35:21.0921 5872 discache (1a050b0274bfb3890703d490f330c0da) E:\Windows\system32\drivers\discache.sys
2011/08/22 19:35:21.0960 5872 Disk (565003f326f99802e68ca78f2a68e9ff) E:\Windows\system32\DRIVERS\disk.sys
2011/08/22 19:35:22.0040 5872 Dot4 (b5e479eb83707dd698f66953e922042c) E:\Windows\system32\DRIVERS\Dot4.sys
2011/08/22 19:35:22.0097 5872 Dot4Print (c25fea07a8e7767e8b89ab96a3b96519) E:\Windows\system32\DRIVERS\Dot4Prt.sys
2011/08/22 19:35:22.0133 5872 dot4usb (cf491ff38d62143203c065260567e2f7) E:\Windows\system32\DRIVERS\dot4usb.sys
2011/08/22 19:35:22.0188 5872 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) E:\Windows\system32\drivers\drmkaud.sys
2011/08/22 19:35:22.0253 5872 dtsoftbus01 (555e54ac2f601a8821cef58961653991) E:\Windows\system32\DRIVERS\dtsoftbus01.sys
2011/08/22 19:35:22.0317 5872 DXGKrnl (1679a4669326cb1a67cc95658d273234) E:\Windows\System32\drivers\dxgkrnl.sys
2011/08/22 19:35:22.0377 5872 eamon (a777d095402b31b0aafe7f19c89fb3a1) E:\Windows\system32\DRIVERS\eamon.sys
2011/08/22 19:35:22.0431 5872 easdrv (e6dffb60bdbd91749eab4d45bc8926a9) E:\Windows\system32\DRIVERS\easdrv.sys
2011/08/22 19:35:22.0528 5872 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) E:\Windows\system32\DRIVERS\evbdx.sys
2011/08/22 19:35:22.0671 5872 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) E:\Windows\system32\DRIVERS\elxstor.sys
2011/08/22 19:35:22.0720 5872 emupia (bacd9cc06d7a787e529e7ebf56b671aa) E:\Windows\system32\drivers\emupia2k.sys
2011/08/22 19:35:22.0771 5872 epfwtdir (bb2e195088af3f6091ef9f8e42f0581f) E:\Windows\system32\DRIVERS\epfwtdir.sys
2011/08/22 19:35:22.0796 5872 ErrDev (8fc3208352dd3912c94367a206ab3f11) E:\Windows\system32\DRIVERS\errdev.sys
2011/08/22 19:35:22.0851 5872 exfat (2dc9108d74081149cc8b651d3a26207f) E:\Windows\system32\drivers\exfat.sys
2011/08/22 19:35:22.0882 5872 fastfat (7e0ab74553476622fb6ae36f73d97d35) E:\Windows\system32\drivers\fastfat.sys
2011/08/22 19:35:22.0913 5872 fdc (e817a017f82df2a1f8cfdbda29388b29) E:\Windows\system32\DRIVERS\fdc.sys
2011/08/22 19:35:22.0957 5872 FileInfo (6cf00369c97f3cf563be99be983d13d8) E:\Windows\system32\drivers\fileinfo.sys
2011/08/22 19:35:22.0981 5872 Filetrace (42c51dc94c91da21cb9196eb64c45db9) E:\Windows\system32\drivers\filetrace.sys
2011/08/22 19:35:23.0000 5872 flpydisk (87907aa70cb3c56600f1c2fb8841579b) E:\Windows\system32\DRIVERS\flpydisk.sys
2011/08/22 19:35:23.0033 5872 FltMgr (7520ec808e0c35e0ee6f841294316653) E:\Windows\system32\drivers\fltmgr.sys
2011/08/22 19:35:23.0072 5872 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) E:\Windows\system32\drivers\FsDepends.sys
2011/08/22 19:35:23.0178 5872 fssfltr (b74b0578fd1d3f897e95f2a2b69ea051) E:\Windows\system32\DRIVERS\fssfltr.sys
2011/08/22 19:35:23.0234 5872 Fs_Rec (a574b4360e438977038aae4bf60d79a2) E:\Windows\system32\drivers\Fs_Rec.sys
2011/08/22 19:35:23.0279 5872 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) E:\Windows\system32\DRIVERS\fvevol.sys
2011/08/22 19:35:23.0310 5872 gagp30kx (65ee0c7a58b65e74ae05637418153938) E:\Windows\system32\DRIVERS\gagp30kx.sys
2011/08/22 19:35:23.0356 5872 gdrv (d556cb79967e92b5cc69686d16c1d846) E:\Windows\gdrv.sys
2011/08/22 19:35:23.0457 5872 ha10kx2k (70606233f3ed0e53cb3ea17f846d6a4f) E:\Windows\system32\drivers\ha10kx2k.sys
2011/08/22 19:35:23.0502 5872 hap16v2k (a0c69ad2a61e576b0207acdd9626e167) E:\Windows\system32\drivers\hap16v2k.sys
2011/08/22 19:35:23.0531 5872 hap17v2k (2ee89452c574d259ada4fc9fc1c07243) E:\Windows\system32\drivers\hap17v2k.sys
2011/08/22 19:35:23.0561 5872 hcw85cir (c44e3c2bab6837db337ddee7544736db) E:\Windows\system32\drivers\hcw85cir.sys
2011/08/22 19:35:23.0619 5872 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) E:\Windows\system32\drivers\HdAudio.sys
2011/08/22 19:35:23.0645 5872 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) E:\Windows\system32\DRIVERS\HDAudBus.sys
2011/08/22 19:35:23.0667 5872 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) E:\Windows\system32\DRIVERS\HidBatt.sys
2011/08/22 19:35:23.0697 5872 HidBth (89448f40e6df260c206a193a4683ba78) E:\Windows\system32\DRIVERS\hidbth.sys
2011/08/22 19:35:23.0724 5872 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) E:\Windows\system32\DRIVERS\hidir.sys
2011/08/22 19:35:23.0751 5872 HidUsb (25072fb35ac90b25f9e4e3bacf774102) E:\Windows\system32\DRIVERS\hidusb.sys
2011/08/22 19:35:23.0798 5872 HpSAMD (295fdc419039090eb8b49ffdbb374549) E:\Windows\system32\DRIVERS\HpSAMD.sys
2011/08/22 19:35:23.0855 5872 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) E:\Windows\system32\drivers\HTTP.sys
2011/08/22 19:35:23.0897 5872 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) E:\Windows\system32\drivers\hwpolicy.sys
2011/08/22 19:35:23.0919 5872 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) E:\Windows\system32\DRIVERS\i8042prt.sys
2011/08/22 19:35:23.0968 5872 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) E:\Windows\system32\drivers\iaStorV.sys
2011/08/22 19:35:24.0008 5872 iirsp (4173ff5708f3236cf25195fecd742915) E:\Windows\system32\DRIVERS\iirsp.sys
2011/08/22 19:35:24.0080 5872 intelide (a0f12f2c9ba6c72f3987ce780e77c130) E:\Windows\system32\DRIVERS\intelide.sys
2011/08/22 19:35:24.0111 5872 intelppm (3b514d27bfc4accb4037bc6685f766e0) E:\Windows\system32\DRIVERS\intelppm.sys
2011/08/22 19:35:24.0139 5872 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) E:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/08/22 19:35:24.0175 5872 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) E:\Windows\system32\DRIVERS\IPMIDrv.sys
2011/08/22 19:35:24.0200 5872 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) E:\Windows\system32\drivers\ipnat.sys
2011/08/22 19:35:24.0289 5872 IRENUM (42996cff20a3084a56017b7902307e9f) E:\Windows\system32\drivers\irenum.sys
2011/08/22 19:35:24.0391 5872 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) E:\Windows\system32\DRIVERS\isapnp.sys
2011/08/22 19:35:24.0418 5872 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) E:\Windows\system32\DRIVERS\msiscsi.sys
2011/08/22 19:35:24.0538 5872 ISODrive (bf71a06ff065e3fd7e32ea67dca34885) E:\Program Files\UltraISO\drivers\ISODrive.sys
2011/08/22 19:35:24.0571 5872 kbdclass (adef52ca1aeae82b50df86b56413107e) E:\Windows\system32\DRIVERS\kbdclass.sys
2011/08/22 19:35:24.0602 5872 kbdhid (3d9f0ebf350edcfd6498057301455964) E:\Windows\system32\DRIVERS\kbdhid.sys
2011/08/22 19:35:24.0668 5872 KSecDD (e36a061ec11b373826905b21be10948f) E:\Windows\system32\Drivers\ksecdd.sys
2011/08/22 19:35:24.0714 5872 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) E:\Windows\system32\Drivers\ksecpkg.sys
2011/08/22 19:35:24.0769 5872 L8042Kbd (79d1dbfec599ec47244af7b06ae2a04e) E:\Windows\system32\DRIVERS\L8042Kbd.sys
2011/08/22 19:35:24.0878 5872 LHidFilt (318b3d608fbec44b7e0c23bf759dced5) E:\Windows\system32\DRIVERS\LHidFilt.Sys
2011/08/22 19:35:24.0909 5872 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) E:\Windows\system32\DRIVERS\lltdio.sys
2011/08/22 19:35:24.0948 5872 LMouFilt (84af069d219df3c43dc6792b2bbd7bed) E:\Windows\system32\DRIVERS\LMouFilt.Sys
2011/08/22 19:35:24.0981 5872 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) E:\Windows\system32\DRIVERS\lsi_fc.sys
2011/08/22 19:35:25.0007 5872 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) E:\Windows\system32\DRIVERS\lsi_sas.sys
2011/08/22 19:35:25.0039 5872 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) E:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/08/22 19:35:25.0064 5872 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) E:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/08/22 19:35:25.0095 5872 luafv (6703e366cc18d3b6e534f5cf7df39cee) E:\Windows\system32\drivers\luafv.sys
2011/08/22 19:35:25.0141 5872 LUsbFilt (81642f134929946ab4b9572c4c17298c) E:\Windows\system32\Drivers\LUsbFilt.Sys
2011/08/22 19:35:25.0176 5872 megasas (0fff5b045293002ab38eb1fd1fc2fb74) E:\Windows\system32\DRIVERS\megasas.sys
2011/08/22 19:35:25.0210 5872 MegaSR (dcbab2920c75f390caf1d29f675d03d6) E:\Windows\system32\DRIVERS\MegaSR.sys
2011/08/22 19:35:25.0245 5872 Modem (f001861e5700ee84e2d4e52c712f4964) E:\Windows\system32\drivers\modem.sys
2011/08/22 19:35:25.0270 5872 monitor (79d10964de86b292320e9dfe02282a23) E:\Windows\system32\DRIVERS\monitor.sys
2011/08/22 19:35:25.0304 5872 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) E:\Windows\system32\DRIVERS\mouclass.sys
2011/08/22 19:35:25.0333 5872 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) E:\Windows\system32\DRIVERS\mouhid.sys
2011/08/22 19:35:25.0361 5872 mountmgr (921c18727c5920d6c0300736646931c2) E:\Windows\system32\drivers\mountmgr.sys
2011/08/22 19:35:25.0447 5872 mpio (2af5997438c55fb79d33d015c30e1974) E:\Windows\system32\DRIVERS\mpio.sys
2011/08/22 19:35:25.0488 5872 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) E:\Windows\system32\drivers\mpsdrv.sys
2011/08/22 19:35:25.0547 5872 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) E:\Windows\system32\drivers\mrxdav.sys
2011/08/22 19:35:25.0613 5872 mrxsmb (ca7570e42522e24324a12161db14ec02) E:\Windows\system32\DRIVERS\mrxsmb.sys
2011/08/22 19:35:25.0657 5872 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) E:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/08/22 19:35:25.0694 5872 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) E:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/08/22 19:35:25.0722 5872 msahci (4326d168944123f38dd3b2d9c37a0b12) E:\Windows\system32\DRIVERS\msahci.sys
2011/08/22 19:35:25.0752 5872 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) E:\Windows\system32\DRIVERS\msdsm.sys
2011/08/22 19:35:25.0805 5872 Msfs (daefb28e3af5a76abcc2c3078c07327f) E:\Windows\system32\drivers\Msfs.sys
2011/08/22 19:35:25.0832 5872 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) E:\Windows\System32\drivers\mshidkmdf.sys
2011/08/22 19:35:25.0862 5872 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) E:\Windows\system32\DRIVERS\msisadrv.sys
2011/08/22 19:35:25.0904 5872 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) E:\Windows\system32\drivers\MSKSSRV.sys
2011/08/22 19:35:25.0927 5872 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) E:\Windows\system32\drivers\MSPCLOCK.sys
2011/08/22 19:35:25.0958 5872 MSPQM (f456e973590d663b1073e9c463b40932) E:\Windows\system32\drivers\MSPQM.sys
2011/08/22 19:35:25.0985 5872 MsRPC (0e008fc4819d238c51d7c93e7b41e560) E:\Windows\system32\drivers\MsRPC.sys
2011/08/22 19:35:26.0021 5872 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) E:\Windows\system32\DRIVERS\mssmbios.sys
2011/08/22 19:35:26.0054 5872 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) E:\Windows\system32\drivers\MSTEE.sys
2011/08/22 19:35:26.0094 5872 MTConfig (33599130f44e1f34631cea241de8ac84) E:\Windows\system32\DRIVERS\MTConfig.sys
2011/08/22 19:35:26.0115 5872 Mup (159fad02f64e6381758c990f753bcc80) E:\Windows\system32\Drivers\mup.sys
2011/08/22 19:35:26.0181 5872 NativeWifiP (26384429fcd85d83746f63e798ab1480) E:\Windows\system32\DRIVERS\nwifi.sys
2011/08/22 19:35:26.0229 5872 NDIS (23759d175a0a9baaf04d05047bc135a8) E:\Windows\system32\drivers\ndis.sys
2011/08/22 19:35:26.0283 5872 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) E:\Windows\system32\DRIVERS\ndiscap.sys
2011/08/22 19:35:26.0307 5872 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) E:\Windows\system32\DRIVERS\ndistapi.sys
2011/08/22 19:35:26.0337 5872 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) E:\Windows\system32\DRIVERS\ndisuio.sys
2011/08/22 19:35:26.0372 5872 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) E:\Windows\system32\DRIVERS\ndiswan.sys
2011/08/22 19:35:26.0401 5872 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) E:\Windows\system32\drivers\NDProxy.sys
2011/08/22 19:35:26.0461 5872 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) E:\Windows\system32\DRIVERS\netbios.sys
2011/08/22 19:35:26.0489 5872 NetBT (dd52a733bf4ca5af84562a5e2f963b91) E:\Windows\system32\DRIVERS\netbt.sys
2011/08/22 19:35:26.0539 5872 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) E:\Windows\system32\DRIVERS\nfrd960.sys
2011/08/22 19:35:26.0589 5872 Npfs (1db262a9f8c087e8153d89bef3d2235f) E:\Windows\system32\drivers\Npfs.sys
2011/08/22 19:35:26.0634 5872 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) E:\Windows\system32\drivers\nsiproxy.sys
2011/08/22 19:35:26.0713 5872 Ntfs (187002ce05693c306f43c873f821381f) E:\Windows\system32\drivers\Ntfs.sys
2011/08/22 19:35:26.0832 5872 Null (f9756a98d69098dca8945d62858a812c) E:\Windows\system32\drivers\Null.sys
2011/08/22 19:35:26.0899 5872 NVENETFD (b5e37e31c053bc9950455a257526514b) E:\Windows\system32\DRIVERS\nvm62x32.sys
2011/08/22 19:35:26.0961 5872 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) E:\Windows\system32\drivers\nvraid.sys
2011/08/22 19:35:27.0006 5872 nvstor (4520b63899e867f354ee012d34e11536) E:\Windows\system32\drivers\nvstor.sys
2011/08/22 19:35:27.0047 5872 nv_agp (5a0983915f02bae73267cc2a041f717d) E:\Windows\system32\DRIVERS\nv_agp.sys
2011/08/22 19:35:27.0102 5872 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) E:\Windows\system32\DRIVERS\ohci1394.sys
2011/08/22 19:35:27.0206 5872 ossrv (ae896073e1bbf98fefc2ec52f62c0fba) E:\Windows\system32\drivers\ctoss2k.sys
2011/08/22 19:35:27.0274 5872 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) E:\Windows\system32\DRIVERS\parport.sys
2011/08/22 19:35:27.0306 5872 partmgr (ff4218952b51de44fe910953a3e686b9) E:\Windows\system32\drivers\partmgr.sys
2011/08/22 19:35:27.0339 5872 Parvdm (eb0a59f29c19b86479d36b35983daadc) E:\Windows\system32\DRIVERS\parvdm.sys
2011/08/22 19:35:27.0381 5872 pci (c858cb77c577780ecc456a892e7e7d0f) E:\Windows\system32\DRIVERS\pci.sys
2011/08/22 19:35:27.0404 5872 pciide (afe86f419014db4e5593f69ffe26ce0a) E:\Windows\system32\DRIVERS\pciide.sys
2011/08/22 19:35:27.0438 5872 pcmcia (f396431b31693e71e8a80687ef523506) E:\Windows\system32\DRIVERS\pcmcia.sys
2011/08/22 19:35:27.0490 5872 PctvVirtualNdis (eedb845b7648d6fd632ddb8744892743) E:\Windows\system32\DRIVERS\PctvVirtualNdis.sys
2011/08/22 19:35:27.0514 5872 pcw (250f6b43d2b613172035c6747aeeb19f) E:\Windows\system32\drivers\pcw.sys
2011/08/22 19:35:27.0553 5872 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) E:\Windows\system32\drivers\peauth.sys
2011/08/22 19:35:27.0718 5872 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) E:\Windows\system32\DRIVERS\raspptp.sys
2011/08/22 19:35:27.0746 5872 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) E:\Windows\system32\DRIVERS\processr.sys
2011/08/22 19:35:27.0787 5872 Psched (6270ccae2a86de6d146529fe55b3246a) E:\Windows\system32\DRIVERS\pacer.sys
2011/08/22 19:35:27.0845 5872 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) E:\Windows\system32\DRIVERS\ql2300.sys
2011/08/22 19:35:27.0966 5872 ql40xx (b4dd51dd25182244b86737dc51af2270) E:\Windows\system32\DRIVERS\ql40xx.sys
2011/08/22 19:35:28.0012 5872 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) E:\Windows\system32\drivers\qwavedrv.sys
2011/08/22 19:35:28.0060 5872 RasAcd (30a81b53c766d0133bb86d234e5556ab) E:\Windows\system32\DRIVERS\rasacd.sys
2011/08/22 19:35:28.0096 5872 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) E:\Windows\system32\DRIVERS\AgileVpn.sys
2011/08/22 19:35:28.0128 5872 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) E:\Windows\system32\DRIVERS\rasl2tp.sys
2011/08/22 19:35:28.0179 5872 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) E:\Windows\system32\DRIVERS\raspppoe.sys
2011/08/22 19:35:28.0207 5872 RasSstp (44101f495a83ea6401d886e7fd70096b) E:\Windows\system32\DRIVERS\rassstp.sys
2011/08/22 19:35:28.0240 5872 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) E:\Windows\system32\DRIVERS\rdbss.sys
2011/08/22 19:35:28.0270 5872 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) E:\Windows\system32\DRIVERS\rdpbus.sys
2011/08/22 19:35:28.0298 5872 RDPCDD (1e016846895b15a99f9a176a05029075) E:\Windows\system32\DRIVERS\RDPCDD.sys
2011/08/22 19:35:28.0334 5872 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) E:\Windows\system32\drivers\rdpdr.sys
2011/08/22 19:35:28.0361 5872 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) E:\Windows\system32\drivers\rdpencdd.sys
2011/08/22 19:35:28.0393 5872 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) E:\Windows\system32\drivers\rdprefmp.sys
2011/08/22 19:35:28.0427 5872 RDPWD (801371ba9782282892d00aadb08ee367) E:\Windows\system32\drivers\RDPWD.sys
2011/08/22 19:35:28.0461 5872 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) E:\Windows\system32\drivers\rdyboost.sys
2011/08/22 19:35:28.0534 5872 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) E:\Windows\system32\DRIVERS\rfcomm.sys
2011/08/22 19:35:28.0580 5872 rspndr (032b0d36ad92b582d869879f5af5b928) E:\Windows\system32\DRIVERS\rspndr.sys
2011/08/22 19:35:28.0618 5872 s3cap (5423d8437051e89dd34749f242c98648) E:\Windows\system32\DRIVERS\vms3cap.sys
2011/08/22 19:35:28.0657 5872 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) E:\Windows\system32\DRIVERS\sbp2port.sys
2011/08/22 19:35:28.0689 5872 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) E:\Windows\system32\DRIVERS\scfilter.sys
2011/08/22 19:35:28.0752 5872 secdrv (90a3935d05b494a5a39d37e71f09a677) E:\Windows\system32\drivers\secdrv.sys
2011/08/22 19:35:28.0799 5872 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) E:\Windows\system32\DRIVERS\serenum.sys
2011/08/22 19:35:28.0825 5872 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) E:\Windows\system32\DRIVERS\serial.sys
2011/08/22 19:35:28.0847 5872 sermouse (79bffb520327ff916a582dfea17aa813) E:\Windows\system32\DRIVERS\sermouse.sys
2011/08/22 19:35:28.0906 5872 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) E:\Windows\system32\DRIVERS\sffdisk.sys
2011/08/22 19:35:28.0929 5872 sffp_mmc (932a68ee27833cfd57c1639d375f2731) E:\Windows\system32\DRIVERS\sffp_mmc.sys
2011/08/22 19:35:28.0962 5872 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) E:\Windows\system32\DRIVERS\sffp_sd.sys
2011/08/22 19:35:28.0992 5872 sfloppy (db96666cc8312ebc45032f30b007a547) E:\Windows\system32\DRIVERS\sfloppy.sys
2011/08/22 19:35:29.0052 5872 sisagp (2565cac0dc9fe0371bdce60832582b2e) E:\Windows\system32\DRIVERS\sisagp.sys
2011/08/22 19:35:29.0083 5872 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) E:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/08/22 19:35:29.0115 5872 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) E:\Windows\system32\DRIVERS\sisraid4.sys
2011/08/22 19:35:29.0146 5872 Smb (3e21c083b8a01cb70ba1f09303010fce) E:\Windows\system32\DRIVERS\smb.sys
2011/08/22 19:35:29.0282 5872 snapman (85bada660d57bc5aef52b11cabd6d8f9) E:\Windows\system32\DRIVERS\snapman.sys
2011/08/22 19:35:29.0339 5872 spldr (95cf1ae7527fb70f7816563cbc09d942) E:\Windows\system32\drivers\spldr.sys
2011/08/22 19:35:29.0436 5872 sptd (d15da1ba189770d93eea2d7e18f95af9) E:\Windows\system32\Drivers\sptd.sys
2011/08/22 19:35:29.0437 5872 Suspicious file (NoAccess): E:\Windows\system32\Drivers\sptd.sys. md5: d15da1ba189770d93eea2d7e18f95af9
2011/08/22 19:35:29.0445 5872 sptd - detected LockedFile.Multi.Generic (1)
2011/08/22 19:35:29.0488 5872 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) E:\Windows\system32\DRIVERS\srv.sys
2011/08/22 19:35:29.0531 5872 srv2 (414bb592cad8a79649d01f9d94318fb3) E:\Windows\system32\DRIVERS\srv2.sys
2011/08/22 19:35:29.0583 5872 srvnet (ff207d67700aa18242aaf985d3e7d8f4) E:\Windows\system32\DRIVERS\srvnet.sys
2011/08/22 19:35:29.0661 5872 stexstor (db32d325c192b801df274bfd12a7e72b) E:\Windows\system32\DRIVERS\stexstor.sys
2011/08/22 19:35:29.0699 5872 storflt (957e346ca948668f2496a6ccf6ff82cc) E:\Windows\system32\DRIVERS\vmstorfl.sys
2011/08/22 19:35:29.0745 5872 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) E:\Windows\system32\DRIVERS\storvsc.sys
2011/08/22 19:35:29.0772 5872 swenum (e58c78a848add9610a4db6d214af5224) E:\Windows\system32\DRIVERS\swenum.sys
2011/08/22 19:35:29.0875 5872 Tcpip (c2daaeb48f3a47c410b041a0d2382ee1) E:\Windows\system32\drivers\tcpip.sys
2011/08/22 19:35:29.0962 5872 TCPIP6 (c2daaeb48f3a47c410b041a0d2382ee1) E:\Windows\system32\DRIVERS\tcpip.sys
2011/08/22 19:35:30.0014 5872 tcpipreg (e64444523add154f86567c469bc0b17f) E:\Windows\system32\drivers\tcpipreg.sys
2011/08/22 19:35:30.0049 5872 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) E:\Windows\system32\drivers\tdpipe.sys
2011/08/22 19:35:30.0118 5872 tdrpman273 (431801fcc97034e04a6eff81136578d7) E:\Windows\system32\DRIVERS\tdrpm273.sys
2011/08/22 19:35:30.0164 5872 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) E:\Windows\system32\drivers\tdtcp.sys
2011/08/22 19:35:30.0204 5872 tdx (cb39e896a2a83702d1737bfd402b3542) E:\Windows\system32\DRIVERS\tdx.sys
2011/08/22 19:35:30.0269 5872 TermDD (c36f41ee20e6999dbf4b0425963268a5) E:\Windows\system32\DRIVERS\termdd.sys
2011/08/22 19:35:30.0334 5872 timounter (a34d7024bb7140ec785c86bc065d4f60) E:\Windows\system32\DRIVERS\timntr.sys
2011/08/22 19:35:30.0398 5872 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) E:\Windows\system32\DRIVERS\tssecsrv.sys
2011/08/22 19:35:30.0432 5872 tunnel (3e461d890a97f9d4c168f5fda36e1d00) E:\Windows\system32\DRIVERS\tunnel.sys
2011/08/22 19:35:30.0563 5872 TVICHW32 (e266683fc95abdec17cd378564e1b54b) E:\Windows\system32\DRIVERS\TVICHW32.SYS
2011/08/22 19:35:30.0602 5872 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) E:\Windows\system32\DRIVERS\uagp35.sys
2011/08/22 19:35:30.0662 5872 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) E:\Windows\system32\DRIVERS\udfs.sys
2011/08/22 19:35:30.0737 5872 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) E:\Windows\system32\DRIVERS\uliagpkx.sys
2011/08/22 19:35:30.0762 5872 umbus (049b3a50b3d646baeeee9eec9b0668dc) E:\Windows\system32\DRIVERS\umbus.sys
2011/08/22 19:35:30.0791 5872 UmPass (7550ad0c6998ba1cb4843e920ee0feac) E:\Windows\system32\DRIVERS\umpass.sys
2011/08/22 19:35:30.0875 5872 USB28xxBGA (56b0b784e0ed3b6a9beb67f63cd6d4a2) E:\Windows\system32\DRIVERS\emBDA.sys
2011/08/22 19:35:30.0921 5872 USB28xxOEM (d74634509e22ea69692ea173586db8e6) E:\Windows\system32\DRIVERS\emOEM.sys
2011/08/22 19:35:30.0984 5872 usbaudio (2436a42aab4ad48a9b714e5b0f344627) E:\Windows\system32\drivers\usbaudio.sys
2011/08/22 19:35:31.0029 5872 usbccgp (c31ae588e403042632dc796cf09e30b0) E:\Windows\system32\drivers\usbccgp.sys
2011/08/22 19:35:31.0062 5872 usbcir (04ec7cec62ec3b6d9354eee93327fc82) E:\Windows\system32\DRIVERS\usbcir.sys
2011/08/22 19:35:31.0109 5872 usbehci (e4c436d914768ce965d5e659ba7eebd8) E:\Windows\system32\DRIVERS\usbehci.sys
2011/08/22 19:35:31.0162 5872 usbhub (bdcd7156ec37448f08633fd899823620) E:\Windows\system32\DRIVERS\usbhub.sys
2011/08/22 19:35:31.0213 5872 usbohci (eb2d819a639015253c871cda09d91d58) E:\Windows\system32\DRIVERS\usbohci.sys
2011/08/22 19:35:31.0247 5872 usbprint (797d862fe0875e75c7cc4c1ad7b30252) E:\Windows\system32\DRIVERS\usbprint.sys
2011/08/22 19:35:31.0300 5872 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) E:\Windows\system32\DRIVERS\usbscan.sys
2011/08/22 19:35:31.0345 5872 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) E:\Windows\system32\drivers\USBSTOR.SYS
2011/08/22 19:35:31.0397 5872 usbuhci (22480bf4e5a09192e5e30ba4dde79fa4) E:\Windows\system32\drivers\usbuhci.sys
2011/08/22 19:35:31.0447 5872 usb_rndisx (d82f43d15fdaa666856c0190cb73e7c9) E:\Windows\system32\DRIVERS\usb8023x.sys
2011/08/22 19:35:31.0490 5872 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) E:\Windows\system32\DRIVERS\vdrvroot.sys
2011/08/22 19:35:31.0522 5872 vga (17c408214ea61696cec9c66e388b14f3) E:\Windows\system32\DRIVERS\vgapnp.sys
2011/08/22 19:35:31.0556 5872 VgaSave (8e38096ad5c8570a6f1570a61e251561) E:\Windows\System32\drivers\vga.sys
2011/08/22 19:35:31.0589 5872 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) E:\Windows\system32\DRIVERS\vhdmp.sys
2011/08/22 19:35:31.0624 5872 viaagp (c829317a37b4bea8f39735d4b076e923) E:\Windows\system32\DRIVERS\viaagp.sys
2011/08/22 19:35:31.0654 5872 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) E:\Windows\system32\DRIVERS\viac7.sys
2011/08/22 19:35:31.0684 5872 viaide (e43574f6a56a0ee11809b48c09e4fd3c) E:\Windows\system32\DRIVERS\viaide.sys
2011/08/22 19:35:31.0776 5872 vmbus (379b349f65f453d2a6e75ea6b7448e49) E:\Windows\system32\DRIVERS\vmbus.sys
2011/08/22 19:35:31.0874 5872 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) E:\Windows\system32\DRIVERS\VMBusHID.sys
2011/08/22 19:35:31.0902 5872 volmgr (384e5a2aa49934295171e499f86ba6f3) E:\Windows\system32\DRIVERS\volmgr.sys
2011/08/22 19:35:31.0939 5872 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) E:\Windows\system32\drivers\volmgrx.sys
2011/08/22 19:35:31.0979 5872 volsnap (58df9d2481a56edde167e51b334d44fd) E:\Windows\system32\DRIVERS\volsnap.sys
2011/08/22 19:35:32.0015 5872 vsmraid (9dfa0cc2f8855a04816729651175b631) E:\Windows\system32\DRIVERS\vsmraid.sys
2011/08/22 19:35:32.0053 5872 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) E:\Windows\System32\drivers\vwifibus.sys
2011/08/22 19:35:32.0097 5872 vwififlt (7090d3436eeb4e7da3373090a23448f7) E:\Windows\system32\DRIVERS\vwififlt.sys
2011/08/22 19:35:32.0139 5872 WacomPen (de3721e89c653aa281428c8a69745d90) E:\Windows\system32\DRIVERS\wacompen.sys
2011/08/22 19:35:32.0176 5872 WANARP (692a712062146e96d28ba0b7d75de31b) E:\Windows\system32\DRIVERS\wanarp.sys
2011/08/22 19:35:32.0194 5872 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) E:\Windows\system32\DRIVERS\wanarp.sys
2011/08/22 19:35:32.0258 5872 Wd (1112a9badacb47b7c0bb0392e3158dff) E:\Windows\system32\DRIVERS\wd.sys
2011/08/22 19:35:32.0301 5872 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) E:\Windows\system32\drivers\Wdf01000.sys
2011/08/22 19:35:32.0403 5872 wfcxacap (0e507042ccefc40b8bb5dde75a7bd0c7) E:\Windows\system32\DRIVERS\wfcxacap.sys
2011/08/22 19:35:32.0466 5872 wfcxatun (b8acb6b48f928ff5e58b1a2dc3fa628c) E:\Windows\system32\drivers\wfcxatun.sys
2011/08/22 19:35:32.0514 5872 wfcxdtun (e32eeeac4ed0249474a2c9b71f1d5a73) E:\Windows\system32\drivers\wfcxdtun.sys
2011/08/22 19:35:32.0567 5872 wfcxtcap (fc4f80b8c23dbf4d23a9a4ded38cf430) E:\Windows\system32\drivers\wfcxtcap.sys
2011/08/22 19:35:32.0630 5872 WFCXVCAP (e9905845abc7b3521f642f9c8d08a03e) E:\Windows\system32\drivers\wfcxvcap.sys
2011/08/22 19:35:32.0695 5872 wfcxxbar (0aed0d6f83ade999fa6a8e485830e4c5) E:\Windows\system32\drivers\wfcxxbar.sys
2011/08/22 19:35:32.0724 5872 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) E:\Windows\system32\DRIVERS\wfplwf.sys
2011/08/22 19:35:32.0754 5872 WIMMount (5cf95b35e59e2a38023836fff31be64c) E:\Windows\system32\drivers\wimmount.sys
2011/08/22 19:35:32.0845 5872 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) E:\Windows\system32\DRIVERS\WinUsb.sys
2011/08/22 19:35:32.0935 5872 WmBEnum (5d410936831f7fb58eff941eac3f6d3d) E:\Windows\system32\drivers\WmBEnum.sys
2011/08/22 19:35:33.0052 5872 WmFilter (7a13cfde92956ca61a0927d766c5ad4f) E:\Windows\system32\drivers\WmFilter.sys
2011/08/22 19:35:33.0138 5872 WmHidLo (1f596392149cac51f7c095af7d533934) E:\Windows\system32\drivers\WmHidLo.sys
2011/08/22 19:35:33.0198 5872 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) E:\Windows\system32\DRIVERS\wmiacpi.sys
2011/08/22 19:35:33.0265 5872 WmVirHid (6f04646bc690f8bbfc344be32a60796d) E:\Windows\system32\drivers\WmVirHid.sys
2011/08/22 19:35:33.0293 5872 WmXlCore (1d6ca43d562333f4dfb40bcef2453f3a) E:\Windows\system32\drivers\WmXlCore.sys
2011/08/22 19:35:33.0337 5872 ws2ifsl (6db3276587b853bf886b69528fdb048c) E:\Windows\system32\drivers\ws2ifsl.sys
2011/08/22 19:35:33.0416 5872 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) E:\Windows\system32\drivers\WudfPf.sys
2011/08/22 19:35:33.0466 5872 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) E:\Windows\system32\DRIVERS\WUDFRd.sys
2011/08/22 19:35:33.0570 5872 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
2011/08/22 19:35:33.0678 5872 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
2011/08/22 19:35:33.0692 5872 Boot (0x1200) (fa79e134d417c858005615278f0e8062) \Device\Harddisk0\DR0\Partition0
2011/08/22 19:35:33.0718 5872 Boot (0x1200) (2f453a66ea3cb9228dd8e85cd3fd7306) \Device\Harddisk1\DR1\Partition0
2011/08/22 19:35:33.0748 5872 Boot (0x1200) (58a932b021ffcad464b42decd65d23b9) \Device\Harddisk1\DR1\Partition1
2011/08/22 19:35:33.0754 5872 ================================================================================
2011/08/22 19:35:33.0754 5872 Scan finished
2011/08/22 19:35:33.0754 5872 ================================================================================
2011/08/22 19:35:33.0775 0608 Detected object count: 1
2011/08/22 19:35:33.0775 0608 Actual detected object count: 1
2011/08/22 19:35:42.0035 0608 LockedFile.Multi.Generic(sptd) - User select action: Skip
2011/08/22 19:35:48.0603 6120 ================================================================================
2011/08/22 19:35:48.0603 6120 Scan started
2011/08/22 19:35:48.0603 6120 Mode: Manual;
2011/08/22 19:35:48.0603 6120 ================================================================================
2011/08/22 19:35:49.0142 6120 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) E:\Windows\system32\DRIVERS\1394ohci.sys
2011/08/22 19:35:49.0189 6120 ACPI (f0e07d144c8685b8774bc32fc8da4df0) E:\Windows\system32\DRIVERS\ACPI.sys
2011/08/22 19:35:49.0216 6120 AcpiPmi (98d81ca942d19f7d9153b095162ac013) E:\Windows\system32\DRIVERS\acpipmi.sys
2011/08/22 19:35:49.0262 6120 adp94xx (21e785ebd7dc90a06391141aac7892fb) E:\Windows\system32\DRIVERS\adp94xx.sys
2011/08/22 19:35:49.0291 6120 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) E:\Windows\system32\DRIVERS\adpahci.sys
2011/08/22 19:35:49.0322 6120 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) E:\Windows\system32\DRIVERS\adpu320.sys
2011/08/22 19:35:49.0376 6120 afcdp (0cba69e0bda9f55736239627e49df31a) E:\Windows\system32\DRIVERS\afcdp.sys
2011/08/22 19:35:49.0428 6120 AFD (0db7a48388d54d154ebec120461a0fcd) E:\Windows\system32\drivers\afd.sys
2011/08/22 19:35:49.0455 6120 agp440 (507812c3054c21cef746b6ee3d04dd6e) E:\Windows\system32\DRIVERS\agp440.sys
2011/08/22 19:35:49.0480 6120 aic78xx (8b30250d573a8f6b4bd23195160d8707) E:\Windows\system32\DRIVERS\djsvs.sys
2011/08/22 19:35:49.0510 6120 aliide (0d40bcf52ea90fc7df2aeab6503dea44) E:\Windows\system32\DRIVERS\aliide.sys
2011/08/22 19:35:49.0545 6120 amdagp (3c6600a0696e90a463771c7422e23ab5) E:\Windows\system32\DRIVERS\amdagp.sys
2011/08/22 19:35:49.0574 6120 amdide (cd5914170297126b6266860198d1d4f0) E:\Windows\system32\DRIVERS\amdide.sys
2011/08/22 19:35:49.0607 6120 amdiox86 (ff258424f0b2ef25eb98f04ee386e6e3) E:\Windows\system32\DRIVERS\amdiox86.sys
2011/08/22 19:35:49.0644 6120 AmdK8 (00dda200d71bac534bf56a9db5dfd666) E:\Windows\system32\DRIVERS\amdk8.sys
2011/08/22 19:35:49.0835 6120 amdkmdag (409d070998de0c740372531174d22c91) E:\Windows\system32\DRIVERS\atikmdag.sys
2011/08/22 19:35:49.0929 6120 amdkmdap (377cd7845a5c428112add976867a2819) E:\Windows\system32\DRIVERS\atikmpag.sys
2011/08/22 19:35:49.0947 6120 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) E:\Windows\system32\DRIVERS\amdppm.sys
2011/08/22 19:35:49.0988 6120 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) E:\Windows\system32\drivers\amdsata.sys
2011/08/22 19:35:50.0013 6120 amdsbs (ea43af0c423ff267355f74e7a53bdaba) E:\Windows\system32\DRIVERS\amdsbs.sys
2011/08/22 19:35:50.0051 6120 amdxata (869e67d66be326a5a9159fba8746fa70) E:\Windows\system32\drivers\amdxata.sys
2011/08/22 19:35:50.0075 6120 AppID (feb834c02ce1e84b6a38f953ca067706) E:\Windows\system32\drivers\appid.sys
2011/08/22 19:35:50.0111 6120 arc (2932004f49677bd84dbc72edb754ffb3) E:\Windows\system32\DRIVERS\arc.sys
2011/08/22 19:35:50.0141 6120 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) E:\Windows\system32\DRIVERS\arcsas.sys
2011/08/22 19:35:50.0178 6120 AsyncMac (add2ade1c2b285ab8378d2daaf991481) E:\Windows\system32\DRIVERS\asyncmac.sys
2011/08/22 19:35:50.0205 6120 atapi (338c86357871c167a96ab976519bf59e) E:\Windows\system32\DRIVERS\atapi.sys
2011/08/22 19:35:50.0280 6120 athur (224b0221c1665f621c7cf84920fc3743) E:\Windows\system32\DRIVERS\athur.sys
2011/08/22 19:35:50.0653 6120 atikmdag (409d070998de0c740372531174d22c91) E:\Windows\system32\DRIVERS\atikmdag.sys
2011/08/22 19:35:50.0752 6120 b06bdrv (1a231abec60fd316ec54c66715543cec) E:\Windows\system32\DRIVERS\bxvbdx.sys
2011/08/22 19:35:50.0787 6120 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) E:\Windows\system32\DRIVERS\b57nd60x.sys
2011/08/22 19:35:50.0817 6120 Beep (505506526a9d467307b3c393dedaf858) E:\Windows\system32\drivers\Beep.sys
2011/08/22 19:35:50.0857 6120 blbdrive (2287078ed48fcfc477b05b20cf38f36f) E:\Windows\system32\DRIVERS\blbdrive.sys
2011/08/22 19:35:50.0895 6120 bowser (9a5c671b7fbae4865149bb11f59b91b2) E:\Windows\system32\DRIVERS\bowser.sys
2011/08/22 19:35:50.0918 6120 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) E:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/08/22 19:35:50.0946 6120 BrFiltUp (56801ad62213a41f6497f96dee83755a) E:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/08/22 19:35:50.0987 6120 Brserid (845b8ce732e67f3b4133164868c666ea) E:\Windows\System32\Drivers\Brserid.sys
2011/08/22 19:35:51.0013 6120 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) E:\Windows\System32\Drivers\BrSerWdm.sys
2011/08/22 19:35:51.0039 6120 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) E:\Windows\System32\Drivers\BrUsbMdm.sys
2011/08/22 19:35:51.0065 6120 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) E:\Windows\System32\Drivers\BrUsbSer.sys
2011/08/22 19:35:51.0109 6120 BthEnum (2865a5c8e98c70c605f417908cebb3a4) E:\Windows\system32\drivers\BthEnum.sys
2011/08/22 19:35:51.0126 6120 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) E:\Windows\system32\DRIVERS\bthmodem.sys
2011/08/22 19:35:51.0170 6120 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) E:\Windows\system32\DRIVERS\bthpan.sys
2011/08/22 19:35:51.0209 6120 BTHPORT (88059ff1ded4472acd17eebabd393069) E:\Windows\System32\Drivers\BTHport.sys
2011/08/22 19:35:51.0256 6120 BTHUSB (80e6384beec03b8bd45edea29802d657) E:\Windows\System32\Drivers\BTHUSB.sys
2011/08/22 19:35:51.0337 6120 cdfs (77ea11b065e0a8ab902d78145ca51e10) E:\Windows\system32\DRIVERS\cdfs.sys
2011/08/22 19:35:51.0359 6120 cdrom (ba6e70aa0e6091bc39de29477d866a77) E:\Windows\system32\DRIVERS\cdrom.sys
2011/08/22 19:35:51.0398 6120 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) E:\Windows\system32\DRIVERS\circlass.sys
2011/08/22 19:35:51.0443 6120 CLFS (635181e0e9bbf16871bf5380d71db02d) E:\Windows\system32\CLFS.sys
2011/08/22 19:35:51.0486 6120 CmBatt (dea805815e587dad1dd2c502220b5616) E:\Windows\system32\DRIVERS\CmBatt.sys
2011/08/22 19:35:51.0526 6120 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) E:\Windows\system32\DRIVERS\cmdide.sys
2011/08/22 19:35:51.0569 6120 CNG (1b675691ed940766149c93e8f4488d68) E:\Windows\system32\Drivers\cng.sys
2011/08/22 19:35:51.0614 6120 COMMONFX (ef44c32b1aef62380426b260bf2c66f1) E:\Windows\system32\drivers\COMMONFX.SYS
2011/08/22 19:35:51.0678 6120 COMMONFX.SYS (ef44c32b1aef62380426b260bf2c66f1) E:\Windows\System32\drivers\COMMONFX.SYS
2011/08/22 19:35:51.0708 6120 Compbatt (a6023d3823c37043986713f118a89bee) E:\Windows\system32\DRIVERS\compbatt.sys
2011/08/22 19:35:51.0728 6120 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) E:\Windows\system32\DRIVERS\CompositeBus.sys
2011/08/22 19:35:51.0773 6120 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) E:\Windows\system32\DRIVERS\crcdisk.sys
2011/08/22 19:35:51.0824 6120 CT20XUT.DLL (6191a973461852a09d643609e1d5f7c6) E:\Windows\system32\CT20XUT.DLL
2011/08/22 19:35:51.0862 6120 ctac32k (357c534b38019b597f51c8bf7186c118) E:\Windows\system32\drivers\ctac32k.sys
2011/08/22 19:35:51.0916 6120 ctaud2k (691f8259a1f9c983356d8db2cde8043c) E:\Windows\system32\drivers\ctaud2k.sys
2011/08/22 19:35:51.0973 6120 CTAUDFX (7fc78aa6521ef3d9f16e51efab0bf13b) E:\Windows\system32\drivers\CTAUDFX.SYS
2011/08/22 19:35:52.0032 6120 CTAUDFX.SYS (7fc78aa6521ef3d9f16e51efab0bf13b) E:\Windows\System32\drivers\CTAUDFX.SYS
2011/08/22 19:35:52.0087 6120 ctdvda2k (8545d70b0335a05498f34e7e3f8ca9a2) E:\Windows\system32\drivers\ctdvda2k.sys
2011/08/22 19:35:52.0113 6120 CTEAPSFX.DLL (6a57f82009563aee8826f117e1d3c72c) E:\Windows\system32\CTEAPSFX.DLL
2011/08/22 19:35:52.0147 6120 CTEDSPFX.DLL (c8ac1ffaeadd655193d7b1811a572d8d) E:\Windows\system32\CTEDSPFX.DLL
2011/08/22 19:35:52.0177 6120 CTEDSPIO.DLL (44495d9daf675257d00b25b041ee6667) E:\Windows\system32\CTEDSPIO.DLL
2011/08/22 19:35:52.0210 6120 CTEDSPSY.DLL (8e90b1762cb42e2fc76dac9210c83c66) E:\Windows\system32\CTEDSPSY.DLL
2011/08/22 19:35:52.0245 6120 CTERFXFX (16f448354067914e7deaea709011bd60) E:\Windows\system32\drivers\CTERFXFX.SYS
2011/08/22 19:35:52.0284 6120 CTERFXFX.SYS (16f448354067914e7deaea709011bd60) E:\Windows\System32\drivers\CTERFXFX.SYS
2011/08/22 19:35:52.0342 6120 CTEXFIFX.DLL (2c48e9d8ca703964463f27ae341115b7) E:\Windows\system32\CTEXFIFX.DLL
2011/08/22 19:35:52.0374 6120 CTHWIUT.DLL (f7657c598e7c29c6683c1e4a8dd68884) E:\Windows\system32\CTHWIUT.DLL
2011/08/22 19:35:52.0414 6120 ctprxy2k (4d71541283aea28fb839007be90b5fc7) E:\Windows\system32\drivers\ctprxy2k.sys
2011/08/22 19:35:52.0453 6120 CTSBLFX (64c83684661be137023f5186a612cf34) E:\Windows\system32\drivers\CTSBLFX.SYS
2011/08/22 19:35:52.0510 6120 CTSBLFX.SYS (64c83684661be137023f5186a612cf34) E:\Windows\System32\drivers\CTSBLFX.SYS
2011/08/22 19:35:52.0644 6120 ctsfm2k (632194572ebde8d461728cf382a7e964) E:\Windows\system32\drivers\ctsfm2k.sys
2011/08/22 19:35:52.0866 6120 DfsC (83d1ecea8faae75604c0fa49ac7ad996) E:\Windows\system32\Drivers\dfsc.sys
2011/08/22 19:35:52.0912 6120 discache (1a050b0274bfb3890703d490f330c0da) E:\Windows\system32\drivers\discache.sys
2011/08/22 19:35:52.0934 6120 Disk (565003f326f99802e68ca78f2a68e9ff) E:\Windows\system32\DRIVERS\disk.sys
2011/08/22 19:35:52.0989 6120 Dot4 (b5e479eb83707dd698f66953e922042c) E:\Windows\system32\DRIVERS\Dot4.sys
2011/08/22 19:35:53.0029 6120 Dot4Print (c25fea07a8e7767e8b89ab96a3b96519) E:\Windows\system32\DRIVERS\Dot4Prt.sys
2011/08/22 19:35:53.0066 6120 dot4usb (cf491ff38d62143203c065260567e2f7) E:\Windows\system32\DRIVERS\dot4usb.sys
2011/08/22 19:35:53.0112 6120 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) E:\Windows\system32\drivers\drmkaud.sys
2011/08/22 19:35:53.0160 6120 dtsoftbus01 (555e54ac2f601a8821cef58961653991) E:\Windows\system32\DRIVERS\dtsoftbus01.sys
2011/08/22 19:35:53.0223 6120 DXGKrnl (1679a4669326cb1a67cc95658d273234) E:\Windows\System32\drivers\dxgkrnl.sys
2011/08/22 19:35:53.0276 6120 eamon (a777d095402b31b0aafe7f19c89fb3a1) E:\Windows\system32\DRIVERS\eamon.sys
2011/08/22 19:35:53.0321 6120 easdrv (e6dffb60bdbd91749eab4d45bc8926a9) E:\Windows\system32\DRIVERS\easdrv.sys
2011/08/22 19:35:53.0418 6120 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) E:\Windows\system32\DRIVERS\evbdx.sys
2011/08/22 19:35:53.0487 6120 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) E:\Windows\system32\DRIVERS\elxstor.sys
2011/08/22 19:35:53.0518 6120 emupia (bacd9cc06d7a787e529e7ebf56b671aa) E:\Windows\system32\drivers\emupia2k.sys
2011/08/22 19:35:53.0553 6120 epfwtdir (bb2e195088af3f6091ef9f8e42f0581f) E:\Windows\system32\DRIVERS\epfwtdir.sys
2011/08/22 19:35:53.0578 6120 ErrDev (8fc3208352dd3912c94367a206ab3f11) E:\Windows\system32\DRIVERS\errdev.sys
2011/08/22 19:35:53.0625 6120 exfat (2dc9108d74081149cc8b651d3a26207f) E:\Windows\system32\drivers\exfat.sys
2011/08/22 19:35:53.0664 6120 fastfat (7e0ab74553476622fb6ae36f73d97d35) E:\Windows\system32\drivers\fastfat.sys
2011/08/22 19:35:53.0695 6120 fdc (e817a017f82df2a1f8cfdbda29388b29) E:\Windows\system32\DRIVERS\fdc.sys
2011/08/22 19:35:53.0730 6120 FileInfo (6cf00369c97f3cf563be99be983d13d8) E:\Windows\system32\drivers\fileinfo.sys
2011/08/22 19:35:53.0755 6120 Filetrace (42c51dc94c91da21cb9196eb64c45db9) E:\Windows\system32\drivers\filetrace.sys
2011/08/22 19:35:53.0773 6120 flpydisk (87907aa70cb3c56600f1c2fb8841579b) E:\Windows\system32\DRIVERS\flpydisk.sys
2011/08/22 19:35:53.0806 6120 FltMgr (7520ec808e0c35e0ee6f841294316653) E:\Windows\system32\drivers\fltmgr.sys
2011/08/22 19:35:53.0845 6120 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) E:\Windows\system32\drivers\FsDepends.sys
2011/08/22 19:35:53.0877 6120 fssfltr (b74b0578fd1d3f897e95f2a2b69ea051) E:\Windows\system32\DRIVERS\fssfltr.sys
2011/08/22 19:35:53.0916 6120 Fs_Rec (a574b4360e438977038aae4bf60d79a2) E:\Windows\system32\drivers\Fs_Rec.sys
2011/08/22 19:35:53.0969 6120 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) E:\Windows\system32\DRIVERS\fvevol.sys
2011/08/22 19:35:54.0009 6120 gagp30kx (65ee0c7a58b65e74ae05637418153938) E:\Windows\system32\DRIVERS\gagp30kx.sys
2011/08/22 19:35:54.0038 6120 gdrv (d556cb79967e92b5cc69686d16c1d846) E:\Windows\gdrv.sys
2011/08/22 19:35:54.0123 6120 ha10kx2k (70606233f3ed0e53cb3ea17f846d6a4f) E:\Windows\system32\drivers\ha10kx2k.sys
2011/08/22 19:35:54.0184 6120 hap16v2k (a0c69ad2a61e576b0207acdd9626e167) E:\Windows\system32\drivers\hap16v2k.sys
2011/08/22 19:35:54.0221 6120 hap17v2k (2ee89452c574d259ada4fc9fc1c07243) E:\Windows\system32\drivers\hap17v2k.sys
2011/08/22 19:35:54.0259 6120 hcw85cir (c44e3c2bab6837db337ddee7544736db) E:\Windows\system32\drivers\hcw85cir.sys
2011/08/22 19:35:54.0292 6120 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) E:\Windows\system32\drivers\HdAudio.sys
2011/08/22 19:35:54.0319 6120 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) E:\Windows\system32\DRIVERS\HDAudBus.sys
2011/08/22 19:35:54.0340 6120 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) E:\Windows\system32\DRIVERS\HidBatt.sys
2011/08/22 19:35:54.0371 6120 HidBth (89448f40e6df260c206a193a4683ba78) E:\Windows\system32\DRIVERS\hidbth.sys
2011/08/22 19:35:54.0397 6120 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) E:\Windows\system32\DRIVERS\hidir.sys
2011/08/22 19:35:54.0434 6120 HidUsb (25072fb35ac90b25f9e4e3bacf774102) E:\Windows\system32\DRIVERS\hidusb.sys
2011/08/22 19:35:54.0480 6120 HpSAMD (295fdc419039090eb8b49ffdbb374549) E:\Windows\system32\DRIVERS\HpSAMD.sys
2011/08/22 19:35:54.0521 6120 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) E:\Windows\system32\drivers\HTTP.sys
2011/08/22 19:35:54.0546 6120 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) E:\Windows\system32\drivers\hwpolicy.sys
2011/08/22 19:35:54.0568 6120 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) E:\Windows\system32\DRIVERS\i8042prt.sys
2011/08/22 19:35:54.0625 6120 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) E:\Windows\system32\drivers\iaStorV.sys
2011/08/22 19:35:54.0666 6120 iirsp (4173ff5708f3236cf25195fecd742915) E:\Windows\system32\DRIVERS\iirsp.sys
2011/08/22 19:35:54.0720 6120 intelide (a0f12f2c9ba6c72f3987ce780e77c130) E:\Windows\system32\DRIVERS\intelide.sys
2011/08/22 19:35:54.0751 6120 intelppm (3b514d27bfc4accb4037bc6685f766e0) E:\Windows\system32\DRIVERS\intelppm.sys
2011/08/22 19:35:54.0789 6120 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) E:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/08/22 19:35:54.0824 6120 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) E:\Windows\system32\DRIVERS\IPMIDrv.sys
2011/08/22 19:35:54.0898 6120 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) E:\Windows\system32\drivers\ipnat.sys
2011/08/22 19:35:54.0979 6120 IRENUM (42996cff20a3084a56017b7902307e9f) E:\Windows\system32\drivers\irenum.sys
2011/08/22 19:35:55.0139 6120 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) E:\Windows\system32\DRIVERS\isapnp.sys
2011/08/22 19:35:55.0175 6120 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) E:\Windows\system32\DRIVERS\msiscsi.sys
2011/08/22 19:35:55.0262 6120 ISODrive (bf71a06ff065e3fd7e32ea67dca34885) E:\Program Files\UltraISO\drivers\ISODrive.sys
2011/08/22 19:35:55.0294 6120 kbdclass (adef52ca1aeae82b50df86b56413107e) E:\Windows\system32\DRIVERS\kbdclass.sys
2011/08/22 19:35:55.0326 6120 kbdhid (3d9f0ebf350edcfd6498057301455964) E:\Windows\system32\DRIVERS\kbdhid.sys
2011/08/22 19:35:55.0359 6120 KSecDD (e36a061ec11b373826905b21be10948f) E:\Windows\system32\Drivers\ksecdd.sys
2011/08/22 19:35:55.0405 6120 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) E:\Windows\system32\Drivers\ksecpkg.sys
2011/08/22 19:35:55.0451 6120 L8042Kbd (79d1dbfec599ec47244af7b06ae2a04e) E:\Windows\system32\DRIVERS\L8042Kbd.sys
2011/08/22 19:35:55.0543 6120 LHidFilt (318b3d608fbec44b7e0c23bf759dced5) E:\Windows\system32\DRIVERS\LHidFilt.Sys
2011/08/22 19:35:55.0616 6120 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) E:\Windows\system32\DRIVERS\lltdio.sys
2011/08/22 19:35:55.0705 6120 LMouFilt (84af069d219df3c43dc6792b2bbd7bed) E:\Windows\system32\DRIVERS\LMouFilt.Sys
2011/08/22 19:35:55.0780 6120 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) E:\Windows\system32\DRIVERS\lsi_fc.sys
2011/08/22 19:35:55.0831 6120 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) E:\Windows\system32\DRIVERS\lsi_sas.sys
2011/08/22 19:35:55.0896 6120 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) E:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/08/22 19:35:56.0029 6120 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) E:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/08/22 19:35:56.0135 6120 luafv (6703e366cc18d3b6e534f5cf7df39cee) E:\Windows\system32\drivers\luafv.sys
2011/08/22 19:35:56.0189 6120 LUsbFilt (81642f134929946ab4b9572c4c17298c) E:\Windows\system32\Drivers\LUsbFilt.Sys
2011/08/22 19:35:56.0234 6120 megasas (0fff5b045293002ab38eb1fd1fc2fb74) E:\Windows\system32\DRIVERS\megasas.sys
2011/08/22 19:35:56.0309 6120 MegaSR (dcbab2920c75f390caf1d29f675d03d6) E:\Windows\system32\DRIVERS\MegaSR.sys
2011/08/22 19:35:56.0385 6120 Modem (f001861e5700ee84e2d4e52c712f4964) E:\Windows\system32\drivers\modem.sys
2011/08/22 19:35:56.0418 6120 monitor (79d10964de86b292320e9dfe02282a23) E:\Windows\system32\DRIVERS\monitor.sys
2011/08/22 19:35:56.0444 6120 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) E:\Windows\system32\DRIVERS\mouclass.sys
2011/08/22 19:35:56.0624 6120 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) E:\Windows\system32\DRIVERS\mouhid.sys
2011/08/22 19:35:56.0725 6120 mountmgr (921c18727c5920d6c0300736646931c2) E:\Windows\system32\drivers\mountmgr.sys
2011/08/22 19:35:56.0753 6120 mpio (2af5997438c55fb79d33d015c30e1974) E:\Windows\system32\DRIVERS\mpio.sys
2011/08/22 19:35:56.0844 6120 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) E:\Windows\system32\drivers\mpsdrv.sys
2011/08/22 19:35:56.0878 6120 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) E:\Windows\system32\drivers\mrxdav.sys
2011/08/22 19:35:56.0936 6120 mrxsmb (ca7570e42522e24324a12161db14ec02) E:\Windows\system32\DRIVERS\mrxsmb.sys
2011/08/22 19:35:57.0014 6120 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) E:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/08/22 19:35:57.0092 6120 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) E:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/08/22 19:35:57.0362 6120 msahci (4326d168944123f38dd3b2d9c37a0b12) E:\Windows\system32\DRIVERS\msahci.sys
2011/08/22 19:35:57.0592 6120 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) E:\Windows\system32\DRIVERS\msdsm.sys
2011/08/22 19:35:58.0002 6120 Msfs (daefb28e3af5a76abcc2c3078c07327f) E:\Windows\system32\drivers\Msfs.sys
2011/08/22 19:35:58.0279 6120 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) E:\Windows\System32\drivers\mshidkmdf.sys
2011/08/22 19:35:58.0351 6120 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) E:\Windows\system32\DRIVERS\msisadrv.sys
2011/08/22 19:35:58.0418 6120 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) E:\Windows\system32\drivers\MSKSSRV.sys
2011/08/22 19:35:58.0475 6120 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) E:\Windows\system32\drivers\MSPCLOCK.sys
2011/08/22 19:35:58.0505 6120 MSPQM (f456e973590d663b1073e9c463b40932) E:\Windows\system32\drivers\MSPQM.sys
2011/08/22 19:35:58.0532 6120 MsRPC (0e008fc4819d238c51d7c93e7b41e560) E:\Windows\system32\drivers\MsRPC.sys
2011/08/22 19:35:58.0569 6120 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) E:\Windows\system32\DRIVERS\mssmbios.sys
2011/08/22 19:35:58.0587 6120 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) E:\Windows\system32\drivers\MSTEE.sys
2011/08/22 19:35:58.0625 6120 MTConfig (33599130f44e1f34631cea241de8ac84) E:\Windows\system32\DRIVERS\MTConfig.sys
2011/08/22 19:35:58.0659 6120 Mup (159fad02f64e6381758c990f753bcc80) E:\Windows\system32\Drivers\mup.sys
2011/08/22 19:35:58.0704 6120 NativeWifiP (26384429fcd85d83746f63e798ab1480) E:\Windows\system32\DRIVERS\nwifi.sys
2011/08/22 19:35:58.0760 6120 NDIS (23759d175a0a9baaf04d05047bc135a8) E:\Windows\system32\drivers\ndis.sys
2011/08/22 19:35:58.0790 6120 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) E:\Windows\system32\DRIVERS\ndiscap.sys
2011/08/22 19:35:58.0830 6120 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) E:\Windows\system32\DRIVERS\ndistapi.sys
2011/08/22 19:35:58.0860 6120 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) E:\Windows\system32\DRIVERS\ndisuio.sys
2011/08/22 19:35:58.0903 6120 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) E:\Windows\system32\DRIVERS\ndiswan.sys
2011/08/22 19:35:58.0932 6120 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) E:\Windows\system32\drivers\NDProxy.sys
2011/08/22 19:35:58.0967 6120 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) E:\Windows\system32\DRIVERS\netbios.sys
2011/08/22 19:35:58.0995 6120 NetBT (dd52a733bf4ca5af84562a5e2f963b91) E:\Windows\system32\DRIVERS\netbt.sys
2011/08/22 19:35:59.0070 6120 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) E:\Windows\system32\DRIVERS\nfrd960.sys
2011/08/22 19:35:59.0101 6120 Npfs (1db262a9f8c087e8153d89bef3d2235f) E:\Windows\system32\drivers\Npfs.sys
2011/08/22 19:35:59.0141 6120 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) E:\Windows\system32\drivers\nsiproxy.sys
2011/08/22 19:35:59.0297 6120 Ntfs (187002ce05693c306f43c873f821381f) E:\Windows\system32\drivers\Ntfs.sys
2011/08/22 19:35:59.0387 6120 Null (f9756a98d69098dca8945d62858a812c) E:\Windows\system32\drivers\Null.sys
2011/08/22 19:35:59.0455 6120 NVENETFD (b5e37e31c053bc9950455a257526514b) E:\Windows\system32\DRIVERS\nvm62x32.sys
2011/08/22 19:35:59.0526 6120 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) E:\Windows\system32\drivers\nvraid.sys
2011/08/22 19:35:59.0587 6120 nvstor (4520b63899e867f354ee012d34e11536) E:\Windows\system32\drivers\nvstor.sys
2011/08/22 19:35:59.0761 6120 nv_agp (5a0983915f02bae73267cc2a041f717d) E:\Windows\system32\DRIVERS\nv_agp.sys
2011/08/22 19:35:59.0791 6120 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) E:\Windows\system32\DRIVERS\ohci1394.sys
2011/08/22 19:35:59.0862 6120 ossrv (ae896073e1bbf98fefc2ec52f62c0fba) E:\Windows\system32\drivers\ctoss2k.sys
2011/08/22 19:35:59.0914 6120 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) E:\Windows\system32\DRIVERS\parport.sys
2011/08/22 19:35:59.0946 6120 partmgr (ff4218952b51de44fe910953a3e686b9) E:\Windows\system32\drivers\partmgr.sys
2011/08/22 19:35:59.0978 6120 Parvdm (eb0a59f29c19b86479d36b35983daadc) E:\Windows\system32\DRIVERS\parvdm.sys
2011/08/22 19:36:00.0021 6120 pci (c858cb77c577780ecc456a892e7e7d0f) E:\Windows\system32\DRIVERS\pci.sys
2011/08/22 19:36:00.0051 6120 pciide (afe86f419014db4e5593f69ffe26ce0a) E:\Windows\system32\DRIVERS\pciide.sys
2011/08/22 19:36:00.0078 6120 pcmcia (f396431b31693e71e8a80687ef523506) E:\Windows\system32\DRIVERS\pcmcia.sys
2011/08/22 19:36:00.0137 6120 PctvVirtualNdis (eedb845b7648d6fd632ddb8744892743) E:\Windows\system32\DRIVERS\PctvVirtualNdis.sys
2011/08/22 19:36:00.0187 6120 pcw (250f6b43d2b613172035c6747aeeb19f) E:\Windows\system32\drivers\pcw.sys
2011/08/22 19:36:00.0259 6120 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) E:\Windows\system32\drivers\peauth.sys
2011/08/22 19:36:00.0474 6120 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) E:\Windows\system32\DRIVERS\raspptp.sys
2011/08/22 19:36:00.0510 6120 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) E:\Windows\system32\DRIVERS\processr.sys
2011/08/22 19:36:00.0551 6120 Psched (6270ccae2a86de6d146529fe55b3246a) E:\Windows\system32\DRIVERS\pacer.sys
2011/08/22 19:36:00.0626 6120 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) E:\Windows\system32\DRIVERS\ql2300.sys
2011/08/22 19:36:00.0656 6120 ql40xx (b4dd51dd25182244b86737dc51af2270) E:\Windows\system32\DRIVERS\ql40xx.sys
2011/08/22 19:36:00.0702 6120 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) E:\Windows\system32\drivers\qwavedrv.sys
2011/08/22 19:36:00.0750 6120 RasAcd (30a81b53c766d0133bb86d234e5556ab) E:\Windows\system32\DRIVERS\rasacd.sys
2011/08/22 19:36:00.0793 6120 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) E:\Windows\system32\DRIVERS\AgileVpn.sys
2011/08/22 19:36:00.0826 6120 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) E:\Windows\system32\DRIVERS\rasl2tp.sys
2011/08/22 19:36:00.0860 6120 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) E:\Windows\system32\DRIVERS\raspppoe.sys
2011/08/22 19:36:00.0887 6120 RasSstp (44101f495a83ea6401d886e7fd70096b) E:\Windows\system32\DRIVERS\rassstp.sys
2011/08/22 19:36:00.0920 6120 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) E:\Windows\system32\DRIVERS\rdbss.sys
2011/08/22 19:36:00.0951 6120 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) E:\Windows\system32\DRIVERS\rdpbus.sys
2011/08/22 19:36:00.0979 6120 RDPCDD (1e016846895b15a99f9a176a05029075) E:\Windows\system32\DRIVERS\RDPCDD.sys
2011/08/22 19:36:01.0016 6120 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) E:\Windows\system32\drivers\rdpdr.sys
2011/08/22 19:36:01.0067 6120 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) E:\Windows\system32\drivers\rdpencdd.sys
2011/08/22 19:36:01.0099 6120 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) E:\Windows\system32\drivers\rdprefmp.sys
2011/08/22 19:36:01.0141 6120 RDPWD (801371ba9782282892d00aadb08ee367) E:\Windows\system32\drivers\RDPWD.sys
2011/08/22 19:36:01.0184 6120 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) E:\Windows\system32\drivers\rdyboost.sys
2011/08/22 19:36:01.0240 6120 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) E:\Windows\system32\DRIVERS\rfcomm.sys
2011/08/22 19:36:01.0286 6120 rspndr (032b0d36ad92b582d869879f5af5b928) E:\Windows\system32\DRIVERS\rspndr.sys
2011/08/22 19:36:01.0333 6120 s3cap (5423d8437051e89dd34749f242c98648) E:\Windows\system32\DRIVERS\vms3cap.sys
2011/08/22 19:36:01.0371 6120 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) E:\Windows\system32\DRIVERS\sbp2port.sys
2011/08/22 19:36:01.0403 6120 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) E:\Windows\system32\DRIVERS\scfilter.sys
2011/08/22 19:36:01.0458 6120 secdrv (90a3935d05b494a5a39d37e71f09a677) E:\Windows\system32\drivers\secdrv.sys
2011/08/22 19:36:01.0513 6120 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) E:\Windows\system32\DRIVERS\serenum.sys
2011/08/22 19:36:01.0540 6120 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) E:\Windows\system32\DRIVERS\serial.sys
2011/08/22 19:36:01.0561 6120 sermouse (79bffb520327ff916a582dfea17aa813) E:\Windows\system32\DRIVERS\sermouse.sys
2011/08/22 19:36:01.0620 6120 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) E:\Windows\system32\DRIVERS\sffdisk.sys
2011/08/22 19:36:01.0644 6120 sffp_mmc (932a68ee27833cfd57c1639d375f2731) E:\Windows\system32\DRIVERS\sffp_mmc.sys
2011/08/22 19:36:01.0676 6120 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) E:\Windows\system32\DRIVERS\sffp_sd.sys
2011/08/22 19:36:01.0706 6120 sfloppy (db96666cc8312ebc45032f30b007a547) E:\Windows\system32\DRIVERS\sfloppy.sys
2011/08/22 19:36:01.0750 6120 sisagp (2565cac0dc9fe0371bdce60832582b2e) E:\Windows\system32\DRIVERS\sisagp.sys
2011/08/22 19:36:01.0780 6120 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) E:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/08/22 19:36:01.0813 6120 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) E:\Windows\system32\DRIVERS\sisraid4.sys
2011/08/22 19:36:01.0869 6120 Smb (3e21c083b8a01cb70ba1f09303010fce) E:\Windows\system32\DRIVERS\smb.sys
2011/08/22 19:36:01.0929 6120 snapman (85bada660d57bc5aef52b11cabd6d8f9) E:\Windows\system32\DRIVERS\snapman.sys
2011/08/22 19:36:01.0970 6120 spldr (95cf1ae7527fb70f7816563cbc09d942) E:\Windows\system32\drivers\spldr.sys
2011/08/22 19:36:02.0050 6120 sptd (d15da1ba189770d93eea2d7e18f95af9) E:\Windows\system32\Drivers\sptd.sys
2011/08/22 19:36:02.0050 6120 Suspicious file (NoAccess): E:\Windows\system32\Drivers\sptd.sys. md5: d15da1ba189770d93eea2d7e18f95af9
2011/08/22 19:36:02.0059 6120 sptd - detected LockedFile.Multi.Generic (1)
2011/08/22 19:36:02.0111 6120 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) E:\Windows\system32\DRIVERS\srv.sys
2011/08/22 19:36:02.0229 6120 srv2 (414bb592cad8a79649d01f9d94318fb3) E:\Windows\system32\DRIVERS\srv2.sys
2011/08/22 19:36:02.0271 6120 srvnet (ff207d67700aa18242aaf985d3e7d8f4) E:\Windows\system32\DRIVERS\srvnet.sys
2011/08/22 19:36:02.0333 6120 stexstor (db32d325c192b801df274bfd12a7e72b) E:\Windows\system32\DRIVERS\stexstor.sys
2011/08/22 19:36:02.0363 6120 storflt (957e346ca948668f2496a6ccf6ff82cc) E:\Windows\system32\DRIVERS\vmstorfl.sys
2011/08/22 19:36:02.0392 6120 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) E:\Windows\system32\DRIVERS\storvsc.sys
2011/08/22 19:36:02.0419 6120 swenum (e58c78a848add9610a4db6d214af5224) E:\Windows\system32\DRIVERS\swenum.sys
2011/08/22 19:36:02.0716 6120 Tcpip (c2daaeb48f3a47c410b041a0d2382ee1) E:\Windows\system32\drivers\tcpip.sys
2011/08/22 19:36:02.0879 6120 TCPIP6 (c2daaeb48f3a47c410b041a0d2382ee1) E:\Windows\system32\DRIVERS\tcpip.sys
2011/08/22 19:36:02.0945 6120 tcpipreg (e64444523add154f86567c469bc0b17f) E:\Windows\system32\drivers\tcpipreg.sys
2011/08/22 19:36:02.0980 6120 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) E:\Windows\system32\drivers\tdpipe.sys
2011/08/22 19:36:03.0048 6120 tdrpman273 (431801fcc97034e04a6eff81136578d7) E:\Windows\system32\DRIVERS\tdrpm273.sys
2011/08/22 19:36:03.0074 6120 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) E:\Windows\system32\drivers\tdtcp.sys
2011/08/22 19:36:03.0109 6120 tdx (cb39e896a2a83702d1737bfd402b3542) E:\Windows\system32\DRIVERS\tdx.sys
2011/08/22 19:36:03.0150 6120 TermDD (c36f41ee20e6999dbf4b0425963268a5) E:\Windows\system32\DRIVERS\termdd.sys
2011/08/22 19:36:03.0215 6120 timounter (a34d7024bb7140ec785c86bc065d4f60) E:\Windows\system32\DRIVERS\timntr.sys
2011/08/22 19:36:03.0259 6120 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) E:\Windows\system32\DRIVERS\tssecsrv.sys
2011/08/22 19:36:03.0296 6120 tunnel (3e461d890a97f9d4c168f5fda36e1d00) E:\Windows\system32\DRIVERS\tunnel.sys
2011/08/22 19:36:03.0343 6120 TVICHW32 (e266683fc95abdec17cd378564e1b54b) E:\Windows\system32\DRIVERS\TVICHW32.SYS
2011/08/22 19:36:03.0383 6120 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) E:\Windows\system32\DRIVERS\uagp35.sys
2011/08/22 19:36:03.0417 6120 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) E:\Windows\system32\DRIVERS\udfs.sys
2011/08/22 19:36:03.0468 6120 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) E:\Windows\system32\DRIVERS\uliagpkx.sys
2011/08/22 19:36:03.0501 6120 umbus (049b3a50b3d646baeeee9eec9b0668dc) E:\Windows\system32\DRIVERS\umbus.sys
2011/08/22 19:36:03.0531 6120 UmPass (7550ad0c6998ba1cb4843e920ee0feac) E:\Windows\system32\DRIVERS\umpass.sys
2011/08/22 19:36:03.0597 6120 USB28xxBGA (56b0b784e0ed3b6a9beb67f63cd6d4a2) E:\Windows\system32\DRIVERS\emBDA.sys
2011/08/22 19:36:03.0627 6120 USB28xxOEM (d74634509e22ea69692ea173586db8e6) E:\Windows\system32\DRIVERS\emOEM.sys
2011/08/22 19:36:03.0681 6120 usbaudio (2436a42aab4ad48a9b714e5b0f344627) E:\Windows\system32\drivers\usbaudio.sys
2011/08/22 19:36:03.0726 6120 usbccgp (c31ae588e403042632dc796cf09e30b0) E:\Windows\system32\drivers\usbccgp.sys
2011/08/22 19:36:03.0759 6120 usbcir (04ec7cec62ec3b6d9354eee93327fc82) E:\Windows\system32\DRIVERS\usbcir.sys
2011/08/22 19:36:03.0798 6120 usbehci (e4c436d914768ce965d5e659ba7eebd8) E:\Windows\system32\DRIVERS\usbehci.sys
2011/08/22 19:36:03.0851 6120 usbhub (bdcd7156ec37448f08633fd899823620) E:\Windows\system32\DRIVERS\usbhub.sys
2011/08/22 19:36:03.0894 6120 usbohci (eb2d819a639015253c871cda09d91d58) E:\Windows\system32\DRIVERS\usbohci.sys
2011/08/22 19:36:03.0928 6120 usbprint (797d862fe0875e75c7cc4c1ad7b30252) E:\Windows\system32\DRIVERS\usbprint.sys
2011/08/22 19:36:03.0973 6120 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) E:\Windows\system32\DRIVERS\usbscan.sys
2011/08/22 19:36:04.0018 6120 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) E:\Windows\system32\drivers\USBSTOR.SYS
2011/08/22 19:36:04.0079 6120 usbuhci (22480bf4e5a09192e5e30ba4dde79fa4) E:\Windows\system32\drivers\usbuhci.sys
2011/08/22 19:36:04.0136 6120 usb_rndisx (d82f43d15fdaa666856c0190cb73e7c9) E:\Windows\system32\DRIVERS\usb8023x.sys
2011/08/22 19:36:04.0188 6120 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) E:\Windows\system32\DRIVERS\vdrvroot.sys
2011/08/22 19:36:04.0219 6120 vga (17c408214ea61696cec9c66e388b14f3) E:\Windows\system32\DRIVERS\vgapnp.sys
2011/08/22 19:36:04.0253 6120 VgaSave (8e38096ad5c8570a6f1570a61e251561) E:\Windows\System32\drivers\vga.sys
2011/08/22 19:36:04.0288 6120 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) E:\Windows\system32\DRIVERS\vhdmp.sys
2011/08/22 19:36:04.0322 6120 viaagp (c829317a37b4bea8f39735d4b076e923) E:\Windows\system32\DRIVERS\viaagp.sys
2011/08/22 19:36:04.0351 6120 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) E:\Windows\system32\DRIVERS\viac7.sys
2011/08/22 19:36:04.0381 6120 viaide (e43574f6a56a0ee11809b48c09e4fd3c) E:\Windows\system32\DRIVERS\viaide.sys
2011/08/22 19:36:04.0440 6120 vmbus (379b349f65f453d2a6e75ea6b7448e49) E:\Windows\system32\DRIVERS\vmbus.sys
2011/08/22 19:36:04.0471 6120 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) E:\Windows\system32\DRIVERS\VMBusHID.sys
2011/08/22 19:36:04.0507 6120 volmgr (384e5a2aa49934295171e499f86ba6f3) E:\Windows\system32\DRIVERS\volmgr.sys
2011/08/22 19:36:04.0544 6120 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) E:\Windows\system32\drivers\volmgrx.sys
2011/08/22 19:36:04.0577 6120 volsnap (58df9d2481a56edde167e51b334d44fd) E:\Windows\system32\DRIVERS\volsnap.sys
2011/08/22 19:36:04.0622 6120 vsmraid (9dfa0cc2f8855a04816729651175b631) E:\Windows\system32\DRIVERS\vsmraid.sys
2011/08/22 19:36:04.0659 6120 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) E:\Windows\System32\drivers\vwifibus.sys
2011/08/22 19:36:04.0686 6120 vwififlt (7090d3436eeb4e7da3373090a23448f7) E:\Windows\system32\DRIVERS\vwififlt.sys
2011/08/22 19:36:04.0745 6120 WacomPen (de3721e89c653aa281428c8a69745d90) E:\Windows\system32\DRIVERS\wacompen.sys
2011/08/22 19:36:04.0773 6120 WANARP (692a712062146e96d28ba0b7d75de31b) E:\Windows\system32\DRIVERS\wanarp.sys
2011/08/22 19:36:04.0789 6120 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) E:\Windows\system32\DRIVERS\wanarp.sys
2011/08/22 19:36:04.0856 6120 Wd (1112a9badacb47b7c0bb0392e3158dff) E:\Windows\system32\DRIVERS\wd.sys
2011/08/22 19:36:04.0982 6120 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) E:\Windows\system32\drivers\Wdf01000.sys
2011/08/22 19:36:05.0125 6120 wfcxacap (0e507042ccefc40b8bb5dde75a7bd0c7) E:\Windows\system32\DRIVERS\wfcxacap.sys
2011/08/22 19:36:05.0172 6120 wfcxatun (b8acb6b48f928ff5e58b1a2dc3fa628c) E:\Windows\system32\drivers\wfcxatun.sys
2011/08/22 19:36:05.0220 6120 wfcxdtun (e32eeeac4ed0249474a2c9b71f1d5a73) E:\Windows\system32\drivers\wfcxdtun.sys
2011/08/22 19:36:05.0249 6120 wfcxtcap (fc4f80b8c23dbf4d23a9a4ded38cf430) E:\Windows\system32\drivers\wfcxtcap.sys
2011/08/22 19:36:05.0303 6120 WFCXVCAP (e9905845abc7b3521f642f9c8d08a03e) E:\Windows\system32\drivers\wfcxvcap.sys
2011/08/22 19:36:05.0351 6120 wfcxxbar (0aed0d6f83ade999fa6a8e485830e4c5) E:\Windows\system32\drivers\wfcxxbar.sys
2011/08/22 19:36:05.0380 6120 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) E:\Windows\system32\DRIVERS\wfplwf.sys
2011/08/22 19:36:05.0411 6120 WIMMount (5cf95b35e59e2a38023836fff31be64c) E:\Windows\system32\drivers\wimmount.sys
2011/08/22 19:36:05.0509 6120 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) E:\Windows\system32\DRIVERS\WinUsb.sys
2011/08/22 19:36:05.0580 6120 WmBEnum (5d410936831f7fb58eff941eac3f6d3d) E:\Windows\system32\drivers\WmBEnum.sys
2011/08/22 19:36:05.0633 6120 WmFilter (7a13cfde92956ca61a0927d766c5ad4f) E:\Windows\system32\drivers\WmFilter.sys
2011/08/22 19:36:05.0677 6120 WmHidLo (1f596392149cac51f7c095af7d533934) E:\Windows\system32\drivers\WmHidLo.sys
2011/08/22 19:36:05.0712 6120 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) E:\Windows\system32\DRIVERS\wmiacpi.sys
2011/08/22 19:36:05.0763 6120 WmVirHid (6f04646bc690f8bbfc344be32a60796d) E:\Windows\system32\drivers\WmVirHid.sys
2011/08/22 19:36:05.0791 6120 WmXlCore (1d6ca43d562333f4dfb40bcef2453f3a) E:\Windows\system32\drivers\WmXlCore.sys
2011/08/22 19:36:05.0835 6120 ws2ifsl (6db3276587b853bf886b69528fdb048c) E:\Windows\system32\drivers\ws2ifsl.sys
2011/08/22 19:36:05.0897 6120 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) E:\Windows\system32\drivers\WudfPf.sys
2011/08/22 19:36:05.0930 6120 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) E:\Windows\system32\DRIVERS\WUDFRd.sys
2011/08/22 19:36:06.0015 6120 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
2011/08/22 19:36:06.0125 6120 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
2011/08/22 19:36:06.0139 6120 Boot (0x1200) (fa79e134d417c858005615278f0e8062) \Device\Harddisk0\DR0\Partition0
2011/08/22 19:36:06.0164 6120 Boot (0x1200) (2f453a66ea3cb9228dd8e85cd3fd7306) \Device\Harddisk1\DR1\Partition0
2011/08/22 19:36:06.0196 6120 Boot (0x1200) (58a932b021ffcad464b42decd65d23b9) \Device\Harddisk1\DR1\Partition1
2011/08/22 19:36:06.0202 6120 ================================================================================
2011/08/22 19:36:06.0202 6120 Scan finished
2011/08/22 19:36:06.0202 6120 ================================================================================
2011/08/22 19:36:06.0218 2340 Detected object count: 1
2011/08/22 19:36:06.0218 2340 Actual detected object count: 1
2011/08/22 19:36:16.0189 2340 LockedFile.Multi.Generic(sptd) - User select action: Skip

#10 Příspěvek od **vyosek** » 22 srp 2011 18:42

vyosek píše: Doufam, ze po ukonceni leceni, tam date free reseni zabezpeceni a ne ten cracknuty NOD

A dale pokracujte ComoFixem jak jsem psal

furij · #11 Příspěvek od **furij** » 22 srp 2011 19:02

ComboFix 11-08-22.03 - pablos 22.08.2011 19:49:21.4.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.3072.1991 [GMT 2:00]
Spuštěný z: e:\users\Administrator\Desktop\ComboFix.exe
Použité ovládací přepínače :: e:\users\Administrator\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"e:\windows\tasks\GoogleUpdateTaskMachineCore.job"
"e:\windows\tasks\GoogleUpdateTaskMachineUA.job"
"e:\windows\unrar.exe"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
e:\windows\av_ico
e:\windows\av_ico\ico_defender_start.ico
e:\windows\av_ico\ico_NOD_AV_START.ico
e:\windows\av_ico\ico_NOD_SYSINSP.ico
e:\windows\av_ico\ico_NOD_SYSRESC.ico
e:\windows\av_ico\ico_NOD_TXT.ico
e:\windows\av_ico\ico_NOD_UNINSTALL.ico
e:\windows\tasks\GoogleUpdateTaskMachineCore.job
e:\windows\tasks\GoogleUpdateTaskMachineUA.job
e:\windows\ufa
e:\windows\ufa\ufa.exe
e:\windows\unrar.exe
e:\windows\update.7.1
e:\windows\update.7.1\svchostdriver.exe
e:\windows\update.tray-15-0-lnk
e:\windows\update.tray-15-0-lnk\svchost.exe
e:\windows\update.tray-15-0
e:\windows\update.tray-15-0\svchost.exe
e:\windows\update.tray-2-0-lnk
e:\windows\update.tray-2-0-lnk\svchost.exe
e:\windows\update.tray-2-0
e:\windows\update.tray-2-0\svchost.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_ddservice
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_NOD32FiXTemDono
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-07-22 do 2011-08-22 )))))))))))))))))))))))))))))))
.
.
2011-08-22 17:55 . 2011-08-22 17:55 -------- d-----w- e:\users\Default\AppData\Local\temp
2011-08-22 08:56 . 2011-08-22 08:56 -------- d-----w- e:\users\Administrator\AppData\Roaming\Malwarebytes
2011-08-22 08:56 . 2011-08-22 08:56 -------- d-----w- e:\programdata\Malwarebytes
2011-08-22 08:56 . 2010-11-29 15:42 38224 ----a-w- e:\windows\system32\drivers\mbamswissarmy.sys
2011-08-22 08:56 . 2011-08-22 08:56 -------- d-----w- e:\program files\Malwarebytes' Anti-Malware
2011-08-22 08:56 . 2010-11-29 15:42 20952 ----a-w- e:\windows\system32\drivers\mbam.sys
2011-08-22 08:40 . 2011-08-12 02:44 7152464 ----a-w- e:\programdata\Microsoft\Windows Defender\Definition Updates\{023664EB-744A-4930-8C77-44523F604405}\mpengine.dll
2011-08-22 08:40 . 2011-08-22 10:47 -------- d-----w- e:\program files\trend micro
2011-08-22 08:40 . 2011-08-22 08:41 -------- d-----w- E:\rsit
2011-08-22 08:35 . 2011-06-15 09:04 86016 ----a-w- e:\windows\system32\odbccu32.dll
2011-08-22 08:35 . 2011-06-15 09:04 81920 ----a-w- e:\windows\system32\odbccr32.dll
2011-08-22 08:35 . 2011-06-15 09:04 319488 ----a-w- e:\windows\system32\odbcjt32.dll
2011-08-22 08:35 . 2011-06-15 09:04 163840 ----a-w- e:\windows\system32\odbctrac.dll
2011-08-22 08:35 . 2011-06-15 09:04 122880 ----a-w- e:\windows\system32\odbccp32.dll
2011-08-22 08:35 . 2011-06-15 09:04 94208 ----a-w- e:\program files\Common Files\System\Ole DB\msdaosp.dll
2011-08-01 12:51 . 2011-05-24 10:35 294912 ----a-w- e:\windows\system32\umpnpmgr.dll
2011-08-01 12:51 . 2011-05-04 04:53 1553920 ----a-w- e:\windows\system32\tquery.dll
2011-08-01 12:51 . 2011-05-04 04:52 1401856 ----a-w- e:\windows\system32\mssrch.dll
2011-08-01 12:51 . 2011-05-04 04:52 666624 ----a-w- e:\windows\system32\mssvp.dll
2011-08-01 12:51 . 2011-05-04 04:52 428032 ----a-w- e:\windows\system32\SearchIndexer.exe
2011-08-01 12:51 . 2011-05-04 04:52 59392 ----a-w- e:\windows\system32\msscntrs.dll
2011-08-01 12:51 . 2011-05-04 04:52 337408 ----a-w- e:\windows\system32\mssph.dll
2011-08-01 12:51 . 2011-05-04 04:52 197120 ----a-w- e:\windows\system32\mssphtb.dll
2011-08-01 12:51 . 2011-05-04 04:52 86528 ----a-w- e:\windows\system32\SearchFilterHost.exe
2011-08-01 12:51 . 2011-05-04 04:52 164352 ----a-w- e:\windows\system32\SearchProtocolHost.exe
2011-08-01 12:51 . 2011-06-11 02:37 2332672 ----a-w- e:\windows\system32\win32k.sys
2011-08-01 12:50 . 2011-04-09 05:56 123904 ----a-w- e:\windows\system32\poqexec.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-13 07:28 . 2011-05-14 07:53 404640 ----a-w- e:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-03 13:48 . 2011-02-05 13:38 16400 ----a-w- e:\windows\system32\drivers\LNonPnP.sys
2011-06-28 18:39 . 2009-09-14 19:15 445016 ----a-w- e:\windows\system32\wrap_oal.dll
2011-06-28 18:39 . 2009-09-14 19:15 109144 ----a-w- e:\windows\system32\OpenAL32.dll
2011-06-13 12:55 . 2011-06-13 12:55 163232 ----a-w- e:\windows\system32\drivers\afcdp.sys
2011-06-13 12:54 . 2011-06-13 12:54 752128 ----a-w- e:\windows\system32\drivers\tdrpm273.sys
2011-06-13 12:54 . 2011-06-13 12:54 600928 ----a-w- e:\windows\system32\drivers\timntr.sys
2011-06-13 12:54 . 2011-06-08 18:11 170464 ----a-w- e:\windows\system32\drivers\snapman.sys
2011-06-13 11:59 . 2011-06-13 11:59 218688 ----a-w- e:\windows\system32\drivers\dtsoftbus01.sys
2011-06-08 15:45 . 2011-06-08 15:31 37888 ----a-w- e:\windows\system32\setupnt.dll
2011-06-08 15:45 . 2011-06-08 15:31 28096 ----a-w- e:\windows\system32\drivers\tifsfilt.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="e:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"Infium"="e:\program files\QIP 2010\qip.exe" [2011-07-18 6812032]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="e:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"ArcSoft Connection Service"="e:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"StartCCC"="e:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-01-04 336384]
"EvtMgr6"="e:\program files\Logitech\SetPointP\SetPoint.exe" [2010-10-28 1352272]
"Start WingMan Profiler"="e:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-06-14 153672]
"Windows Mobile Device Center"="e:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"SAOB Monitor"="e:\program files\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe" [2010-09-02 2536752]
"TrueImageMonitor.exe"="e:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2010-09-23 5502312]
"Služba Acronis Scheduler2"="e:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2010-09-23 391144]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableSecureUIAPaths"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2010-10-28 10:13 64592 ----a-w- e:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ScanSoft OmniPage 16-reminder]
2007-07-20 07:50 328992 ----a-w- e:\program files\ScanSoft\OmniPage16\Ereg\Ereg.exe
.
R1 wfcxacap;WinFast TV PCI Audio Capture Driver;e:\windows\system32\DRIVERS\wfcxacap.sys [2007-09-19 9856]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;e:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 ekrn;Eset Service;e:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [x]
R2 KMService;KMService;e:\windows\system32\srvany.exe [2010-05-17 8192]
R2 wfcxatun;WinFast TV Analog Tuner Driver;e:\windows\system32\drivers\wfcxatun.sys [2007-09-19 31744]
R2 WFCXVCAP;WinFast TV Video Capture Driver;e:\windows\system32\drivers\wfcxvcap.sys [2007-09-19 167040]
R3 athur;Atheros AR9271 Wireless Network Adapter Service;e:\windows\system32\DRIVERS\athur.sys [2009-12-31 1445376]
R3 COMMONFX;COMMONFX;e:\windows\system32\drivers\COMMONFX.SYS [2010-03-18 99416]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;e:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-06-28 79360]
R3 CTAUDFX;CTAUDFX;e:\windows\system32\drivers\CTAUDFX.SYS [2010-03-18 555096]
R3 CTERFXFX.SYS;CTERFXFX.SYS;e:\windows\System32\drivers\CTERFXFX.SYS [2010-03-18 100952]
R3 CTERFXFX;CTERFXFX;e:\windows\system32\drivers\CTERFXFX.SYS [2010-03-18 100952]
R3 CTSBLFX;CTSBLFX;e:\windows\system32\drivers\CTSBLFX.SYS [2010-03-18 566360]
R3 osppsvc;Office Software Protection Platform;e:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 PctvVirtualNdis;Pinnacle Virtual Miniport;e:\windows\system32\DRIVERS\PctvVirtualNdis.sys [2007-02-02 13696]
R3 TVICHW32;TVICHW32;e:\windows\system32\DRIVERS\TVICHW32.SYS [2009-09-22 23600]
R3 wfcxdtun;WinFast DTV BDA Tuner/Demod Driver;e:\windows\system32\drivers\wfcxdtun.sys [2007-09-19 21248]
R3 wfcxtcap;WinFast DTV BDA Transport Stream Capture Driver;e:\windows\system32\drivers\wfcxtcap.sys [2007-09-19 15872]
R3 wfcxxbar;WinFast TV Crossbar Driver;e:\windows\system32\drivers\wfcxxbar.sys [2007-09-19 10496]
S0 sptd;sptd;e:\windows\System32\Drivers\sptd.sys [2009-09-15 721904]
S0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);e:\windows\system32\DRIVERS\tdrpm273.sys [2011-06-13 752128]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;e:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-06-13 218688]
S1 epfwtdir;epfwtdir;e:\windows\system32\DRIVERS\epfwtdir.sys [2009-10-07 35168]
S1 vwififlt;Virtual WiFi Filter Driver;e:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 afcdpsrv;Služba Acronis Nonstop Backup;e:\program files\Common Files\Acronis\CDP\afcdpsrv.exe [2011-06-13 3975088]
S2 AMD External Events Utility;AMD External Events Utility;e:\windows\system32\atiesrxx.exe [2011-01-05 176128]
S2 AMD FUEL Service;AMD FUEL Service;e:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-01-04 284672]
S2 AMD Reservation Manager;AMD Reservation Manager;e:\program files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-06-17 140224]
S2 OS Selector;Acronis OS Selector activator;e:\program files\Acronis\DiskDirector\OSS\reinstall_svc.exe [2010-05-25 2139400]
S2 TeamViewer6;TeamViewer 6;e:\program files\TeamViewer\Version6\TeamViewer_Service.exe [2011-01-27 2253688]
S3 afcdp;afcdp;e:\windows\system32\DRIVERS\afcdp.sys [2011-06-13 163232]
S3 amdiox86;AMD IO Driver;e:\windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
S3 amdkmdag;amdkmdag;e:\windows\system32\DRIVERS\atikmdag.sys [2011-01-05 6789120]
S3 amdkmdap;amdkmdap;e:\windows\system32\DRIVERS\atikmpag.sys [2011-01-05 235520]
S3 COMMONFX.SYS;COMMONFX.SYS;e:\windows\System32\drivers\COMMONFX.SYS [2010-03-18 99416]
S3 CTAUDFX.SYS;CTAUDFX.SYS;e:\windows\System32\drivers\CTAUDFX.SYS [2010-03-18 555096]
S3 CTSBLFX.SYS;CTSBLFX.SYS;e:\windows\System32\drivers\CTSBLFX.SYS [2010-03-18 566360]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xport to Microsoft Excel - e:\progra~1\MIF5BA~1\OFFICE~1\Office14\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - e:\progra~1\MIF5BA~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.10.7.193
DPF: {3FC80F5C-946D-430E-A650-6457CA9AD031} - hxxp://10.10.130.15:81/WebCamX.cab
DPF: {7B40618E-CC3D-4E7C-800A-E0306DD8BD48} - hxxp://10.10.54.40:8080/AVC_AX_757.cab
FF - ProfilePath - e:\users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\hadl7b3u.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.ceskenoviny.cz/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - e:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - e:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
.
.
------------------------ Jiné spuštené procesy ------------------------
.
e:\program files\Creative\Shared Files\CTAudSvc.exe
e:\windows\system32\atieclxx.exe
e:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
e:\program files\Common Files\Acronis\Schedule2\schedul2.exe
e:\windows\system32\taskhost.exe
e:\program files\Google\Update\GoogleUpdate.exe
e:\windows\system32\conhost.exe
e:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
e:\windows\system32\sppsvc.exe
e:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
e:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
e:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
e:\program files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
e:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
e:\program files\Windows Media Player\wmpnetwk.exe
e:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
e:\windows\system32\DllHost.exe
.
**************************************************************************
.
Celkový čas: 2011-08-22 20:00:25 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-08-22 18:00
ComboFix2.txt 2011-08-22 11:12
ComboFix3.txt 2011-08-22 10:35
ComboFix4.txt 2011-08-22 10:13
.
Před spuštěním: 7 699 251 200
Po spuštění: 7 419 953 152
.
- - End Of File - - F75BED66744CE961460DB164947ABCB1

#12 Příspěvek od **vyosek** » 22 srp 2011 19:04

Takze potreti se ptam

Doufam, ze po ukonceni leceni, tam date free reseni zabezpeceni a ne ten cracknuty NOD

furij · #13 Příspěvek od **furij** » 22 srp 2011 19:22

vyosek píše:Takze potreti se ptam

Doufam, ze po ukonceni leceni, tam date free reseni zabezpeceni a ne ten cracknuty NOD

Aha, já jsem čekal na konec lečení

co byste mi doporučil za antivir?

#14 Příspěvek od **vyosek** » 22 srp 2011 19:25

Odinstalujte Combofix

Prejmenujte ComboFix na Uninstall
Spustte jej
Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner (viz muj podpis)
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

v nouzovem rezimu projedte dle tohoto navodu http://www.viry.cz/forum/viewtopic.php?p=889437#p889437 PC timhle http://download.eset.com/special/ESETUninstaller.exe

Nainstalujte Avast Free http://www.avast.com/cs-cz/free-antivirus-download

Dejte novy log z RSIT a napiste jak se chova PC

furij · #15 Příspěvek od **furij** » 23 srp 2011 07:34

Logfile of random's system information tool 1.09 (written by random/random)
Run by pablos at 2011-08-23 08:24:41
Microsoft Windows 7 Ultimate
System drive E: has 9 GB (19%) free of 45 GB
Total RAM: 3072 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:24:47, on 23.8.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16839)
Boot mode: Normal

Running processes:
E:\Windows\system32\taskhost.exe
E:\Windows\system32\Dwm.exe
E:\Windows\Explorer.EXE
E:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
E:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
E:\Program Files\Logitech\SetPointP\SetPoint.exe
E:\Program Files\Logitech\Gaming Software\LWEMon.exe
E:\Windows\WindowsMobile\wmdc.exe
E:\Program Files\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe
E:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
E:\Program Files\QIP 2010\qip.exe
E:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
E:\Program Files\Opera\opera.exe
E:\Windows\system32\wuauclt.exe
E:\Program Files\AVAST Software\Avast\AvastUI.exe
E:\Program Files\Windows Sidebar\sidebar.exe
E:\Users\Administrator\AppData\Local\Opera\Opera\temporary_downloads\RSIT.exe
E:\Program Files\trend micro\pablos.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - E:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - E:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - E:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - E:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - E:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [BCSSync] "E:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [ArcSoft Connection Service] E:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [StartCCC] "E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [EvtMgr6] E:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [Start WingMan Profiler] E:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [SAOB Monitor] E:\Program Files\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe
O4 - HKLM\..\Run: [TrueImageMonitor.exe] "E:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [Služba Acronis Scheduler2] "E:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [avast] "E:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [Sidebar] E:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Infium] "E:\Program Files\QIP 2010\qip.exe" /autorun
O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~1\MIF5BA~1\OFFICE~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://E:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - E:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - E:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @E:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - E:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @E:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: e:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: e:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {3FC80F5C-946D-430E-A650-6457CA9AD031} (WebCamX Control) - http://10.10.130.15:81/WebCamX.cab
O16 - DPF: {7B40618E-CC3D-4E7C-800A-E0306DD8BD48} (AMCCtrl Class) - http://10.10.54.40:8080/AVC_AX_757.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - E:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Služba Acronis Scheduler2 (AcrSch2Svc) - Acronis - E:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Služba Acronis Nonstop Backup (afcdpsrv) - Acronis - E:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: AMD External Events Utility - AMD - E:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - E:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AMD Reservation Manager - Advanced Micro Devices - E:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
O23 - Service: avast! Antivirus - AVAST Software - E:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - E:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - E:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: KMService - Unknown owner - E:\Windows\system32\srvany.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - E:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Acronis OS Selector activator (OS Selector) - Unknown owner - E:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe
O23 - Service: Steam Client Service - Valve Corporation - E:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - E:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - E:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 7990 bytes

=========Mozilla firefox=========

ProfilePath - E:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\hadl7b3u.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.ceskenoviny.cz/"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13"

"{27182e60-b5f3-411c-b545-b44205977502}"=E:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=E:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=E:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=E:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=E:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeLive,version=1.4]
"Description"=Office Live Update v1.4
"Path"=E:\Program Files\Microsoft\Office Live\npOLW.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=E:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709]
"Description"=WLPG Install MIME type
"Path"=E:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=E:\Program Files\Real Alternative\browser\plugins\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448]
"Description"=6.0.12.448
"Path"=E:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=E:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=E:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll

E:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

E:\Program Files\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsIQTScriptablePlugin.xpt
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

E:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeploytk.dll
npnul32.dll
NPOFF12.DLL
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

E:\Program Files\Mozilla Firefox\searchplugins\
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

E:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\hadl7b3u.default\searchplugins\
web-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - E:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-05-14 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - E:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-07-04 820864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - E:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - E:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - E:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - E:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - E:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - E:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-07-04 820864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=E:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"ArcSoft Connection Service"=E:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"StartCCC"=E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-01-04 336384]
"EvtMgr6"=E:\Program Files\Logitech\SetPointP\SetPoint.exe [2010-10-29 1352272]
"Start WingMan Profiler"=E:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-14 153672]
"Windows Mobile Device Center"=E:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072]
"SAOB Monitor"=E:\Program Files\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe [2010-09-02 2536752]
"TrueImageMonitor.exe"=E:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [2010-09-23 5502312]
"Služba Acronis Scheduler2"=E:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [2010-09-23 391144]
"avast"=E:\Program Files\AVAST Software\Avast\avastUI.exe [2011-07-04 3493720]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=E:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]
"Infium"=E:\Program Files\QIP 2010\qip.exe [2011-07-18 6812032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ScanSoft OmniPage 16-reminder]
E:\Program Files\ScanSoft\OmniPage16\Ereg\Ereg.exe [2007-07-20 328992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
e:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2010-10-28 64592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - E:\Windows\system32\webcheck.dll [2009-07-14 229376]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableSecureUIAPaths"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"E:\Windows\update.tray-2-0-lnk\svchost.exe"="E:\Windows\update.tray-2-0-lnk\svchost.exe:*:Enabled:E:\Windows\update.tray-2-0-lnk\svchost.exe"
"E:\Windows\update.1\svchost.exe"="E:\Windows\update.1\svchost.exe:*:Enabled:E:\Windows\update.1\svchost.exe"
"E:\Windows\update.2\svchost.exe"="E:\Windows\update.2\svchost.exe:*:Enabled:E:\Windows\update.2\svchost.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=E:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"msacm.siren"=sirenacm.dll
"vidc.ffds"=E:\PROGRA~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll
"MSVideo8"=VfWWDM32.dll
"vidc.tscc"=tsccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.divxa32"=msaud32_divx.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"wave4"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave6"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv

======File associations======

.js - edit - E:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2011-08-23 08:24:41 ----D---- E:\rsit
2011-08-23 08:22:19 ----A---- E:\Windows\system32\drivers\aswSP.sys
2011-08-23 08:22:19 ----A---- E:\Windows\system32\drivers\aswFsBlk.sys
2011-08-23 08:22:14 ----A---- E:\Windows\system32\drivers\aswRdr.sys
2011-08-23 08:22:13 ----A---- E:\Windows\system32\drivers\aswTdi.sys
2011-08-23 08:22:11 ----A---- E:\Windows\system32\drivers\aswSnx.sys
2011-08-23 08:22:08 ----A---- E:\Windows\system32\drivers\aswMonFlt.sys
2011-08-23 08:21:34 ----A---- E:\Windows\system32\aswBoot.exe
2011-08-23 08:21:34 ----A---- E:\Windows\avastSS.scr
2011-08-23 08:21:26 ----D---- E:\ProgramData\AVAST Software
2011-08-23 08:21:26 ----D---- E:\Program Files\AVAST Software
2011-08-23 08:14:33 ----A---- E:\Windows\ntbtlog.txt
2011-08-22 20:36:38 ----D---- E:\Program Files\CCleaner
2011-08-22 19:59:28 ----SHD---- E:\$RECYCLE.BIN
2011-08-22 11:56:27 ----ASH---- E:\pagefile.sys
2011-08-22 10:56:19 ----D---- E:\Users\Administrator\AppData\Roaming\Malwarebytes
2011-08-22 10:56:12 ----D---- E:\ProgramData\Malwarebytes
2011-08-22 10:56:12 ----A---- E:\Windows\system32\drivers\mbamswissarmy.sys
2011-08-22 10:56:09 ----D---- E:\Program Files\Malwarebytes' Anti-Malware
2011-08-22 10:56:09 ----A---- E:\Windows\system32\drivers\mbam.sys
2011-08-22 10:40:25 ----D---- E:\Program Files\trend micro
2011-08-22 10:37:02 ----A---- E:\Windows\system32\iertutil.dll
2011-08-22 10:37:02 ----A---- E:\Windows\system32\ieframe.dll
2011-08-22 10:37:01 ----A---- E:\Windows\system32\mshtml.dll
2011-08-22 10:37:00 ----A---- E:\Windows\system32\urlmon.dll
2011-08-22 10:36:59 ----A---- E:\Windows\system32\wininet.dll
2011-08-22 10:36:59 ----A---- E:\Windows\system32\url.dll
2011-08-22 10:36:59 ----A---- E:\Windows\system32\mstime.dll
2011-08-22 10:36:59 ----A---- E:\Windows\system32\mshtmled.dll
2011-08-22 10:36:59 ----A---- E:\Windows\system32\msfeedsbs.dll
2011-08-22 10:36:59 ----A---- E:\Windows\system32\msfeeds.dll
2011-08-22 10:36:59 ----A---- E:\Windows\system32\licmgr10.dll
2011-08-22 10:36:59 ----A---- E:\Windows\system32\ieui.dll
2011-08-22 10:36:59 ----A---- E:\Windows\system32\iepeers.dll
2011-08-22 10:36:59 ----A---- E:\Windows\system32\iedkcs32.dll
2011-08-22 10:36:58 ----A---- E:\Windows\system32\msfeedssync.exe
2011-08-22 10:36:58 ----A---- E:\Windows\system32\jsproxy.dll
2011-08-22 10:36:55 ----A---- E:\Windows\system32\esent.dll
2011-08-22 10:36:55 ----A---- E:\Windows\system32\drivers\storport.sys
2011-08-22 10:36:55 ----A---- E:\Windows\system32\drivers\nvstor.sys
2011-08-22 10:36:55 ----A---- E:\Windows\system32\drivers\nvraid.sys
2011-08-22 10:36:55 ----A---- E:\Windows\system32\drivers\ntfs.sys
2011-08-22 10:36:55 ----A---- E:\Windows\system32\drivers\amdsata.sys
2011-08-22 10:36:54 ----A---- E:\Windows\system32\fsutil.exe
2011-08-22 10:36:54 ----A---- E:\Windows\system32\drivers\USBSTOR.SYS
2011-08-22 10:36:54 ----A---- E:\Windows\system32\drivers\iaStorV.sys
2011-08-22 10:36:54 ----A---- E:\Windows\system32\drivers\amdxata.sys
2011-08-22 10:36:52 ----A---- E:\Windows\system32\drivers\tcpip.sys
2011-08-22 10:36:37 ----A---- E:\Windows\system32\drivers\mrxsmb10.sys
2011-08-22 10:36:36 ----A---- E:\Windows\system32\drivers\bthport.sys
2011-08-22 10:36:35 ----A---- E:\Windows\system32\drivers\BTHUSB.SYS
2011-08-22 10:36:34 ----A---- E:\Windows\system32\ntoskrnl.exe
2011-08-22 10:36:34 ----A---- E:\Windows\system32\ntkrnlpa.exe
2011-08-22 10:36:32 ----A---- E:\Windows\system32\drivers\usbuhci.sys
2011-08-22 10:36:32 ----A---- E:\Windows\system32\drivers\usbport.sys
2011-08-22 10:36:32 ----A---- E:\Windows\system32\drivers\usbohci.sys
2011-08-22 10:36:32 ----A---- E:\Windows\system32\drivers\usbhub.sys
2011-08-22 10:36:32 ----A---- E:\Windows\system32\drivers\usbehci.sys
2011-08-22 10:36:32 ----A---- E:\Windows\system32\drivers\usbd.sys
2011-08-22 10:36:32 ----A---- E:\Windows\system32\drivers\usbccgp.sys
2011-08-22 10:36:31 ----A---- E:\Windows\system32\xmllite.dll
2011-08-22 10:36:18 ----AH---- E:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-08-22 10:36:18 ----AH---- E:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-08-22 10:36:18 ----AH---- E:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-08-22 10:36:18 ----AH---- E:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-08-22 10:36:18 ----AH---- E:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-08-22 10:36:18 ----AH---- E:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-08-22 10:36:18 ----AH---- E:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-08-22 10:36:18 ----AH---- E:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-08-22 10:36:18 ----AH---- E:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-08-22 10:36:18 ----AH---- E:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-08-22 10:36:18 ----AH---- E:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-08-22 10:36:18 ----AH---- E:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-08-22 10:36:18 ----AH---- E:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-08-22 10:36:18 ----AH---- E:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-08-22 10:36:18 ----AH---- E:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-08-22 10:36:18 ----AH---- E:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-08-22 10:36:18 ----AH---- E:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-08-22 10:36:18 ----AH---- E:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-08-22 10:36:18 ----AH---- E:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-08-22 10:36:18 ----AH---- E:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-08-22 10:36:18 ----AH---- E:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-08-22 10:36:18 ----AH---- E:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-08-22 10:36:18 ----AH---- E:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-08-22 10:36:18 ----AH---- E:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-08-22 10:36:18 ----AH---- E:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-08-22 10:36:18 ----A---- E:\Windows\system32\winsrv.dll
2011-08-22 10:36:18 ----A---- E:\Windows\system32\KernelBase.dll
2011-08-22 10:36:18 ----A---- E:\Windows\system32\kernel32.dll
2011-08-22 10:36:18 ----A---- E:\Windows\system32\conhost.exe
2011-08-22 10:36:17 ----AH---- E:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-08-22 10:36:17 ----AH---- E:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-08-22 10:36:17 ----AH---- E:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-08-22 10:35:51 ----A---- E:\Windows\system32\odbctrac.dll
2011-08-22 10:35:51 ----A---- E:\Windows\system32\odbcjt32.dll
2011-08-22 10:35:51 ----A---- E:\Windows\system32\odbccu32.dll
2011-08-22 10:35:51 ----A---- E:\Windows\system32\odbccr32.dll
2011-08-22 10:35:51 ----A---- E:\Windows\system32\odbccp32.dll
2011-08-01 14:51:46 ----A---- E:\Windows\system32\umpnpmgr.dll
2011-08-01 14:51:11 ----A---- E:\Windows\system32\tquery.dll
2011-08-01 14:51:11 ----A---- E:\Windows\system32\mssrch.dll
2011-08-01 14:51:10 ----A---- E:\Windows\system32\SearchIndexer.exe
2011-08-01 14:51:10 ----A---- E:\Windows\system32\mssvp.dll
2011-08-01 14:51:09 ----A---- E:\Windows\system32\SearchProtocolHost.exe
2011-08-01 14:51:09 ----A---- E:\Windows\system32\SearchFilterHost.exe
2011-08-01 14:51:09 ----A---- E:\Windows\system32\mssphtb.dll
2011-08-01 14:51:09 ----A---- E:\Windows\system32\mssph.dll
2011-08-01 14:51:09 ----A---- E:\Windows\system32\msscntrs.dll
2011-08-01 14:51:07 ----A---- E:\Windows\system32\win32k.sys
2011-08-01 14:50:03 ----A---- E:\Windows\system32\poqexec.exe

======List of files/folders modified in the last 1 month======

2011-08-23 08:24:47 ----D---- E:\Windows\Prefetch
2011-08-23 08:24:44 ----D---- E:\Windows\Temp
2011-08-23 08:23:15 ----D---- E:\Windows\System32
2011-08-23 08:23:15 ----D---- E:\Windows\inf
2011-08-23 08:23:15 ----A---- E:\Windows\system32\PerfStringBackup.INI
2011-08-23 08:22:19 ----D---- E:\Windows\system32\drivers
2011-08-23 08:22:07 ----SHD---- E:\Windows\Installer
2011-08-23 08:22:06 ----D---- E:\Config.Msi
2011-08-23 08:21:34 ----D---- E:\Windows
2011-08-23 08:21:28 ----SHD---- E:\System Volume Information
2011-08-23 08:21:26 ----D---- E:\ProgramData
2011-08-23 08:21:26 ----D---- E:\Program Files
2011-08-23 08:21:22 ----D---- E:\Windows\system32\config
2011-08-23 08:17:58 ----D---- E:\Program Files\QIP 2010
2011-08-23 08:07:31 ----D---- E:\Windows\debug
2011-08-22 21:08:02 ----A---- E:\Windows\system32\Notepad2.ini
2011-08-22 20:33:33 ----D---- E:\Program Files\Opera
2011-08-22 20:28:12 ----D---- E:\Windows\system32\wfp
2011-08-22 20:28:11 ----D---- E:\Windows\system32\wbem
2011-08-22 20:28:11 ----D---- E:\Windows\registration
2011-08-22 19:57:12 ----A---- E:\Windows\system.ini
2011-08-22 19:56:44 ----D---- E:\Windows\system32\drivers\etc
2011-08-22 19:54:48 ----D---- E:\Windows\Tasks
2011-08-22 19:52:10 ----D---- E:\Windows\AppPatch
2011-08-22 19:52:08 ----D---- E:\Program Files\Common Files
2011-08-22 14:15:41 ----D---- E:\Windows\Microsoft.NET
2011-08-22 14:15:40 ----RSD---- E:\Windows\assembly
2011-08-22 11:57:07 ----D---- E:\Windows\winsxs
2011-08-22 11:54:57 ----D---- E:\Windows\system32\en-US
2011-08-22 11:54:57 ----D---- E:\Windows\system32\cs-CZ
2011-08-22 11:54:56 ----D---- E:\Windows\system32\migration
2011-08-22 11:54:56 ----D---- E:\Windows\system32\DriverStore
2011-08-22 11:54:56 ----D---- E:\Program Files\Internet Explorer
2011-08-22 11:19:46 ----D---- E:\Windows\system32\catroot2
2011-08-22 11:10:26 ----D---- E:\Program Files\Mozilla Thunderbird
2011-08-22 10:54:11 ----D---- E:\Windows\system32\Tasks
2011-08-22 10:48:04 ----D---- E:\ProgramData\Microsoft Help
2011-08-22 10:46:46 ----D---- E:\Windows\system32\catroot
2011-08-22 10:40:51 ----A---- E:\Windows\system32\MRT.exe
2011-08-21 23:00:19 ----D---- E:\Users\Administrator\AppData\Roaming\Skype
2011-08-21 21:15:49 ----D---- E:\Users\Administrator\AppData\Roaming\skypePM
2011-08-21 10:45:27 ----D---- E:\Program Files\Mozilla Firefox
2011-08-09 10:13:28 ----D---- E:\Users\Administrator\AppData\Roaming\FreeCall
2011-08-01 20:40:53 ----RSD---- E:\Windows\Fonts
2011-08-01 09:13:18 ----D---- E:\Program Files\Google

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; E:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; E:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 snapman;Acronis Snapshots Manager; E:\Windows\system32\DRIVERS\snapman.sys [2011-06-13 170464]
R0 sptd;sptd; E:\Windows\System32\Drivers\sptd.sys [2009-09-15 721904]
R0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273); E:\Windows\system32\DRIVERS\tdrpm273.sys [2011-06-13 752128]
R0 timounter;Acronis Backup Archive Explorer; E:\Windows\system32\DRIVERS\timntr.sys [2011-06-13 600928]
R1 aswRdr;aswRdr; E:\Windows\system32\drivers\aswRdr.sys [2011-07-04 25432]
R1 aswSnx;aswSnx; E:\Windows\system32\drivers\aswSnx.sys [2011-07-04 441176]
R1 aswSP;aswSP; E:\Windows\system32\drivers\aswSP.sys [2011-07-04 309848]
R1 aswTdi;avast! Network Shield Support; E:\Windows\system32\drivers\aswTdi.sys [2011-07-04 43608]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; E:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-06-13 218688]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\E:\Program Files\UltraISO\drivers\ISODrive.sys [2008-05-24 73728]
R1 vwififlt;Virtual WiFi Filter Driver; E:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswFsBlk;aswFsBlk; E:\Windows\system32\drivers\aswFsBlk.sys [2011-07-04 19544]
R2 aswMonFlt;aswMonFlt; \??\E:\Windows\system32\drivers\aswMonFlt.sys [2011-07-04 54104]
R2 Parvdm;Parvdm; E:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 afcdp;afcdp; E:\Windows\system32\DRIVERS\afcdp.sys [2011-06-13 163232]
R3 amdiox86;AMD IO Driver; E:\Windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
R3 amdkmdag;amdkmdag; E:\Windows\system32\DRIVERS\atikmdag.sys [2011-01-05 6789120]
R3 amdkmdap;amdkmdap; E:\Windows\system32\DRIVERS\atikmpag.sys [2011-01-05 235520]
R3 COMMONFX.SYS;COMMONFX.SYS; E:\Windows\System32\drivers\COMMONFX.SYS [2010-03-18 99416]
R3 ctac32k;Creative AC3 Software Decoder; E:\Windows\system32\drivers\ctac32k.sys [2010-03-18 511064]
R3 ctaud2k;Creative Audio Driver (WDM); E:\Windows\system32\drivers\ctaud2k.sys [2010-03-18 528472]
R3 CTAUDFX.SYS;CTAUDFX.SYS; E:\Windows\System32\drivers\CTAUDFX.SYS [2010-03-18 555096]
R3 ctprxy2k;Creative Proxy Driver; E:\Windows\system32\drivers\ctprxy2k.sys [2010-03-18 14424]
R3 CTSBLFX.SYS;CTSBLFX.SYS; E:\Windows\System32\drivers\CTSBLFX.SYS [2010-03-18 566360]
R3 ctsfm2k;Creative SoundFont Management Device Driver; E:\Windows\system32\drivers\ctsfm2k.sys [2010-03-18 157272]
R3 emupia;E-mu Plug-in Architecture Driver; E:\Windows\system32\drivers\emupia2k.sys [2010-03-18 92760]
R3 ha10kx2k;Creative Hardware Abstract Layer Driver; E:\Windows\system32\drivers\ha10kx2k.sys [2010-03-18 798808]
R3 hap16v2k;Creative P16V HAL Driver; E:\Windows\system32\drivers\hap16v2k.sys [2010-03-18 162904]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; E:\Windows\system32\DRIVERS\L8042Kbd.sys [2010-08-24 20304]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; E:\Windows\system32\DRIVERS\LHidFilt.Sys [2010-08-24 38864]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; E:\Windows\system32\DRIVERS\LMouFilt.Sys [2010-08-24 37328]
R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; E:\Windows\System32\Drivers\LUsbFilt.Sys [2010-08-24 28624]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; E:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-14 347264]
R3 ossrv;Creative OS Services Driver; E:\Windows\system32\drivers\ctoss2k.sys [2010-03-18 127576]
S1 wfcxacap;WinFast TV PCI Audio Capture Driver; E:\Windows\system32\DRIVERS\wfcxacap.sys [2007-09-19 9856]
S2 wfcxatun;WinFast TV Analog Tuner Driver; E:\Windows\system32\drivers\wfcxatun.sys [2007-09-19 31744]
S2 WFCXVCAP;WinFast TV Video Capture Driver; E:\Windows\system32\drivers\wfcxvcap.sys [2007-09-19 167040]
S3 aic78xx;aic78xx; E:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; E:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 athur;Atheros AR9271 Wireless Network Adapter Service; E:\Windows\system32\DRIVERS\athur.sys [2009-12-31 1445376]
S3 atikmdag;atikmdag; E:\Windows\system32\DRIVERS\atikmdag.sys [2011-01-05 6789120]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; E:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BthEnum;Ovladač pro Bluetooth Request Block; E:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); E:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; E:\Windows\System32\Drivers\BTHport.sys [2011-04-28 393216]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; E:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 COMMONFX.DLL;COMMONFX.DLL; E:\Windows\system32\COMMONFX.DLL []
S3 COMMONFX;COMMONFX; E:\Windows\system32\drivers\COMMONFX.SYS [2010-03-18 99416]
S3 CT20XUT.DLL;CT20XUT.DLL; E:\Windows\system32\CT20XUT.DLL [2007-04-12 164608]
S3 CTAUDFX.DLL;CTAUDFX.DLL; E:\Windows\system32\CTAUDFX.DLL []
S3 CTAUDFX;CTAUDFX; E:\Windows\system32\drivers\CTAUDFX.SYS [2010-03-18 555096]
S3 ctdvda2k;Creative DVD-Audio Device Driver; E:\Windows\system32\drivers\ctdvda2k.sys [2010-03-18 347144]
S3 CTEAPSFX.DLL;CTEAPSFX.DLL; E:\Windows\system32\CTEAPSFX.DLL [2007-04-12 168192]
S3 CTEDSPFX.DLL;CTEDSPFX.DLL; E:\Windows\system32\CTEDSPFX.DLL [2007-04-12 280320]
S3 CTEDSPIO.DLL;CTEDSPIO.DLL; E:\Windows\system32\CTEDSPIO.DLL [2007-04-12 128768]
S3 CTEDSPSY.DLL;CTEDSPSY.DLL; E:\Windows\system32\CTEDSPSY.DLL [2007-04-12 323328]
S3 CTERFXFX.DLL;CTERFXFX.DLL; E:\Windows\system32\CTERFXFX.DLL []
S3 CTERFXFX.SYS;CTERFXFX.SYS; E:\Windows\System32\drivers\CTERFXFX.SYS [2010-03-18 100952]
S3 CTERFXFX;CTERFXFX; E:\Windows\system32\drivers\CTERFXFX.SYS [2010-03-18 100952]
S3 CTEXFIFX.DLL;CTEXFIFX.DLL; E:\Windows\system32\CTEXFIFX.DLL [2007-04-12 1317632]
S3 CTHWIUT.DLL;CTHWIUT.DLL; E:\Windows\system32\CTHWIUT.DLL [2007-04-12 66816]
S3 CTSBLFX.DLL;CTSBLFX.DLL; E:\Windows\system32\CTSBLFX.DLL []
S3 CTSBLFX;CTSBLFX; E:\Windows\system32\drivers\CTSBLFX.SYS [2010-03-18 566360]
S3 Dot4;MS IEEE-1284.4 Driver; E:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; E:\Windows\system32\DRIVERS\Dot4Prt.sys [2009-07-14 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; E:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
S3 fssfltr;FssFltr; E:\Windows\system32\DRIVERS\fssfltr.sys [2009-08-05 54632]
S3 gdrv;gdrv; \??\E:\Windows\gdrv.sys [2009-09-22 17488]
S3 hap17v2k;Creative P17V HAL Driver; E:\Windows\system32\drivers\hap17v2k.sys [2010-03-18 189528]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); E:\Windows\system32\drivers\RTKVHDA.sys []
S3 PctvVirtualNdis;Pinnacle Virtual Miniport; E:\Windows\system32\DRIVERS\PctvVirtualNdis.sys [2007-02-02 13696]
S3 RDPDR;Terminal Server Device Redirector Driver; E:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); E:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s3cap;s3cap; E:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; E:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; E:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 TVICHW32;TVICHW32; \??\E:\Windows\system32\DRIVERS\TVICHW32.SYS [2009-09-22 23600]
S3 usb_rndisx;Adaptér USB RNDIS; E:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 15872]
S3 USB28xxBGA;PCTV 70e Device; E:\Windows\system32\DRIVERS\emBDA.sys [2008-03-25 476288]
S3 USB28xxOEM;USB 28xx OEM Filter; E:\Windows\system32\DRIVERS\emOEM.sys [2008-03-25 38656]
S3 usbscan;Ovladač skeneru USB; E:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;VIA AGP Bus Filter; E:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; E:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; E:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; E:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 wfcxdtun;WinFast DTV BDA Tuner/Demod Driver; E:\Windows\system32\drivers\wfcxdtun.sys [2007-09-19 21248]
S3 wfcxtcap;WinFast DTV BDA Transport Stream Capture Driver; E:\Windows\system32\drivers\wfcxtcap.sys [2007-09-19 15872]
S3 wfcxxbar;WinFast TV Crossbar Driver; E:\Windows\system32\drivers\wfcxxbar.sys [2007-09-19 10496]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; E:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AcrSch2Svc;Služba Acronis Scheduler2; E:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2010-09-23 780368]
R2 afcdpsrv;Služba Acronis Nonstop Backup; E:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [2011-06-13 3975088]
R2 AMD External Events Utility;AMD External Events Utility; E:\Windows\system32\atiesrxx.exe [2011-01-05 176128]
R2 AMD FUEL Service;AMD FUEL Service; E:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-01-04 284672]
R2 AMD Reservation Manager;AMD Reservation Manager; E:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-06-17 140224]
R2 avast! Antivirus;avast! Antivirus; E:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-07-04 42184]
R2 CTAudSvcService;Creative Audio Service; E:\Program Files\Creative\Shared Files\CTAudSvc.exe [2010-02-12 286720]
R2 HPSLPSVC;HP Network Devices Support; E:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 Net Driver HPZ12;Net Driver HPZ12; E:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 OS Selector;Acronis OS Selector activator; E:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe [2010-05-25 2139400]
R2 Pml Driver HPZ12;Pml Driver HPZ12; E:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; E:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 SeaPort;SeaPort; E:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-05-14 249136]
R2 TeamViewer6;TeamViewer 6; E:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe [2011-01-27 2253688]
R2 UleadBurningHelper;Ulead Burning Helper; E:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-12-13 49152]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; E:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; E:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 KMService;KMService; E:\Windows\system32\srvany.exe [2010-05-17 8192]
S3 AppMgmt;@appmgmts.dll,-3250; E:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; E:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-06-28 79360]
S3 fsssvc;Služba Windows Live Zabezpečení rodiny; E:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 LBTServ;Logitech Bluetooth Service; E:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2010-10-28 293456]
S3 odserv;Microsoft Office Diagnostics Service; E:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; E:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; E:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; E:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Steam Client Service;Steam Client Service; E:\Program Files\Common Files\Steam\SteamService.exe [2009-07-16 316664]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; E:\Windows\System32\svchost.exe [2009-07-14 20992]

-----------------EOF-----------------

VIRY.CZ

Facebook vir - s RSIT logem

Facebook vir - s RSIT logem

Re: Facebook vir - s RSIT logem

Re: Facebook vir - s RSIT logem

Re: Facebook vir - s RSIT logem

Re: Facebook vir - s RSIT logem

Re: Facebook vir - s RSIT logem

Re: Facebook vir - s RSIT logem

Re: Facebook vir - s RSIT logem

Re: Facebook vir - s RSIT logem

Re: Facebook vir - s RSIT logem

Re: Facebook vir - s RSIT logem

Re: Facebook vir - s RSIT logem

Re: Facebook vir - s RSIT logem

Re: Facebook vir - s RSIT logem

Re: Facebook vir - s RSIT logem