rootkit mbr physicaldrive0

[paolo75]

Dobrý večer,
Avast mi našel tento rootkit mbr\\.\PHYSICALDRIVE0
Precetl sem si prispevek k tomuto problemu zde
http://www.viry.cz/forum/viewtopic.php/ ... 3&t=109700
Spustil fixaci MBR pomoci bootkit remover, ale nepomohlo to, hlasi stale to same:

Bootkit Remover
(c) 2009 Esage Lab
www.esagelab.com

Program version: 1.2.0.1
OS Version: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)

System volume is \\.\C:
\\.\C: -> \\.\PhysicalDrive0 at offset 0x00000000`bbc57e00
Boot sector MD5 is: 7c47d39b31ef9830828d5f8aa4780dfd

Size Device Name MBR Status
--------------------------------------------
93 GB \\.\PhysicalDrive0 Unknown boot code

Unknown boot code has been found on some of your physical disks.
To inspect the boot code manually, dump the master boot sector:
remover.exe dump <device_name> [output_file]
To disinfect the master boot sector, use the following command:
remover.exe fix <device_name>


Done;
Press any key to quit...

Muzete mi prosim poradit jak dal?
díky

[paolo75]

tady je jeste rsit log:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Pavel Březina at 2011-09-29 22:47:18
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 28 GB (62%) free of 46 GB
Total RAM: 2046 MB (77% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:47:27, on 29.9.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Arcade\PCMService.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\acer\epm\epm-dm.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\acer\eRecovery\Monitor.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\eManager\anbmServ.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\zaloha\soft\security\RSIT.exe
C:\Program Files\trend micro\Pavel Březina.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\listicka.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Nástroje Lištičky - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files\Seznam.cz\toolbar\toolbar.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Arcade\PCMService.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe
O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [eRecoveryService] C:\Windows\System32\Check.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10w_ActiveX.exe -update activex (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10w_ActiveX.exe -update activex (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra 'Tools' menuitem: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra 'Tools' menuitem: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

--
End of file - 8593 bytes

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Pavel Březina\Data aplikací\Mozilla\Firefox\Profiles\2c8bydjc.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz"

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
talkback@mozilla.org

C:\Program Files\Mozilla Firefox\components\
jar50.dll
jsd3250.dll
myspell.dll
spellchk.dll
xpinstal.dll
FeedConverter.js
FeedProcessor.js
FeedWriter.js
jsconsole-clhandler.js
nsBookmarkTransactionManager.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsCloseAllWindows.js
nsDefaultCLH.js
nsDictionary.js
nsExtensionManager.js
nsHelperAppDlg.js
nsMicrosummaryService.js
nsPostUpdateWin.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsUpdateService.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsUrlClassifierTable.js
nsURLFormatter.js
nsXmlRpcClient.js
WebContentConverter.js
browser.xpt
xpti.dat
compreg.dat

C:\Program Files\Mozilla Firefox\plugins\
npnul32.dll
npwachk.dll
NPOFF12.DLL

C:\Program Files\Mozilla Firefox\searchplugins\
centrum-cz.xml
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml

C:\Documents and Settings\Pavel Březina\Data aplikací\Mozilla\Firefox\Profiles\2c8bydjc.default\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-05-15 50376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-09-06 806456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Lištička - C:\Program Files\Seznam.cz\listicka.dll [2010-10-07 1961240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-09-06 806456]
{1EA00BE1-6E54-4E2A-8099-680300BF23E1} - Nástroje Lištičky - C:\Program Files\Seznam.cz\toolbar\toolbar.dll [2010-10-07 187672]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-03-28 1017592]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"=Alaunch []
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2005-02-07 155648]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2005-02-07 126976]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-10-07 98394]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2004-10-07 688218]
"PCMService"=C:\Program Files\Arcade\PCMService.exe [2005-03-09 49152]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-18 208952]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-18 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-02-08 339968]
"EPM-DM"=c:\acer\epm\epm-dm.exe [2005-03-28 188416]
"ePowerManagement"=C:\Acer\ePM\ePM.exe [2005-03-24 2880512]
"LManager"=C:\Program Files\Launch Manager\QtZgAcer.EXE [2005-03-28 319488]
"eRecoveryService"=C:\Windows\System32\Check.exe [2005-03-23 245760]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-09-06 3722416]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2010-07-12 74752]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2005-02-08 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2005-02-07 348160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Soulseek-Test\slsk.exe"="C:\Program Files\Soulseek-Test\slsk.exe:*:Enabled:SoulSeek"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======List of files/folders created in the last 1 month======

2011-09-29 22:47:18 ----D---- C:\rsit
2011-09-29 22:47:18 ----D---- C:\Program Files\trend micro
2011-09-29 17:52:43 ----A---- C:\WINDOWS\system32\drivers\mouhid.sys
2011-09-29 17:52:27 ----A---- C:\WINDOWS\system32\drivers\hidusb.sys
2011-09-25 18:01:32 ----A---- C:\WINDOWS\system32\drivers\usbohci.sys
2011-09-25 16:48:44 ----D---- C:\Program Files\Lavalys
2011-09-20 18:25:34 ----HD---- C:\WINDOWS\$NtUninstallKB2616676-v2$
2011-09-18 16:32:19 ----A---- C:\WINDOWS\system32\msonpmon.dll
2011-09-18 16:31:35 ----D---- C:\Program Files\Microsoft Works
2011-09-18 16:31:24 ----D---- C:\Program Files\MSBuild
2011-09-18 16:30:59 ----D---- C:\Program Files\Microsoft Visual Studio
2011-09-18 16:30:58 ----D---- C:\Program Files\Common Files\DESIGNER
2011-09-18 16:27:18 ----D---- C:\WINDOWS\SHELLNEW
2011-09-18 16:26:16 ----D---- C:\Program Files\Microsoft Office
2011-09-18 16:26:12 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-09-18 16:25:46 ----RHD---- C:\MSOCache
2011-09-17 21:19:07 ----HD---- C:\WINDOWS\$NtUninstallKB941569$
2011-09-17 10:25:07 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2011-09-17 10:25:06 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2011-09-17 10:25:03 ----D---- C:\WINDOWS\Logs
2011-09-17 10:24:59 ----D---- C:\Program Files\Winamp Detect
2011-09-17 10:24:03 ----D---- C:\WINDOWS\RegisteredPackages
2011-09-17 10:23:33 ----D---- C:\Program Files\Winamp
2011-09-17 10:23:33 ----D---- C:\Documents and Settings\Pavel Březina\Data aplikací\Winamp
2011-09-17 03:00:37 ----HD---- C:\WINDOWS\$NtUninstallKB2479943$
2011-09-17 03:00:32 ----HD---- C:\WINDOWS\$NtUninstallKB2567680$
2011-09-17 03:00:27 ----HD---- C:\WINDOWS\$NtUninstallKB2478971$
2011-09-17 03:00:22 ----HD---- C:\WINDOWS\$NtUninstallKB2616676$
2011-09-17 03:00:17 ----HD---- C:\WINDOWS\$NtUninstallKB2491683$
2011-09-16 19:57:40 ----HD---- C:\WINDOWS\$NtUninstallKB2345886$
2011-09-16 19:57:35 ----HD---- C:\WINDOWS\$NtUninstallKB970430$
2011-09-16 19:57:30 ----HD---- C:\WINDOWS\$NtUninstallKB2115168$
2011-09-16 19:57:25 ----HD---- C:\WINDOWS\$NtUninstallKB951978$
2011-09-16 19:57:19 ----HD---- C:\WINDOWS\$NtUninstallKB2443105$
2011-09-16 19:57:14 ----HD---- C:\WINDOWS\$NtUninstallKB2481109$
2011-09-16 19:57:01 ----HD---- C:\WINDOWS\$NtUninstallKB982132$
2011-09-16 19:56:50 ----HD---- C:\WINDOWS\$NtUninstallKB2507938$
2011-09-16 19:56:36 ----HD---- C:\WINDOWS\$NtUninstallKB2483185$
2011-09-16 19:51:07 ----HD---- C:\WINDOWS\$NtUninstallKB2570791$
2011-09-16 19:51:00 ----HD---- C:\WINDOWS\$NtUninstallKB2387149$
2011-09-16 19:50:54 ----HD---- C:\WINDOWS\$NtUninstallKB2536276-v2$
2011-09-16 19:50:49 ----HD---- C:\WINDOWS\$NtUninstallKB2296011$
2011-09-16 19:50:44 ----HD---- C:\WINDOWS\$NtUninstallKB975558_WM8$
2011-09-16 19:50:25 ----HD---- C:\WINDOWS\$NtUninstallKB2378111_WM9$
2011-09-16 19:50:15 ----HD---- C:\WINDOWS\$NtUninstallKB2485663$
2011-09-16 19:48:41 ----HD---- C:\WINDOWS\$NtUninstallKB2440591$
2011-09-16 19:48:31 ----HD---- C:\WINDOWS\$NtUninstallKB956744$
2011-09-16 19:48:26 ----HD---- C:\WINDOWS\$NtUninstallKB2476490$
2011-09-16 19:48:16 ----HD---- C:\WINDOWS\$NtUninstallKB2503665$
2011-09-16 19:48:10 ----HD---- C:\WINDOWS\$NtUninstallKB2347290$
2011-09-16 19:47:59 ----HD---- C:\WINDOWS\$NtUninstallKB2079403$
2011-09-16 19:47:51 ----HD---- C:\WINDOWS\$NtUninstallKB979687$
2011-09-16 19:47:46 ----HD---- C:\WINDOWS\$NtUninstallKB2570222$
2011-09-16 19:47:40 ----HD---- C:\WINDOWS\$NtUninstallKB2535512$
2011-09-16 19:47:36 ----HD---- C:\WINDOWS\$NtUninstallKB2412687$
2011-09-16 19:47:29 ----HD---- C:\WINDOWS\$NtUninstallKB2570947$
2011-09-16 19:47:22 ----HD---- C:\WINDOWS\$NtUninstallKB2508272$
2011-09-16 19:47:17 ----HD---- C:\WINDOWS\$NtUninstallKB980436$
2011-09-16 19:47:13 ----HD---- C:\WINDOWS\$NtUninstallKB981322$
2011-09-16 19:47:05 ----HD---- C:\WINDOWS\$NtUninstallKB2507618$
2011-09-16 19:46:58 ----HD---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2011-09-16 19:46:51 ----HD---- C:\WINDOWS\$NtUninstallKB2419632$
2011-09-16 19:46:46 ----HD---- C:\WINDOWS\$NtUninstallKB2508429$
2011-09-16 19:46:38 ----HD---- C:\WINDOWS\$NtUninstallKB971029$
2011-09-16 19:46:32 ----HD---- C:\WINDOWS\$NtUninstallKB2506212$
2011-09-16 19:46:27 ----HD---- C:\WINDOWS\$NtUninstallKB971737$
2011-09-16 19:46:17 ----HD---- C:\WINDOWS\$NtUninstallKB981997$
2011-09-16 19:46:11 ----HD---- C:\WINDOWS\$NtUninstallKB2544893$
2011-09-16 19:46:06 ----HD---- C:\WINDOWS\$NtUninstallKB2509553$
2011-09-16 19:45:44 ----HD---- C:\WINDOWS\$NtUninstallKB982665$
2011-09-16 19:45:39 ----HD---- C:\WINDOWS\$NtUninstallKB2541763$
2011-09-16 19:45:28 ----HD---- C:\WINDOWS\$NtUninstallKB2555917$
2011-09-16 19:45:23 ----HD---- C:\WINDOWS\$NtUninstallKB2478960$
2011-09-16 19:45:14 ----HD---- C:\WINDOWS\$NtUninstallKB2393802$
2011-09-16 19:45:08 ----HD---- C:\WINDOWS\$NtUninstallKB2566454$
2011-09-16 19:45:04 ----HD---- C:\WINDOWS\$NtUninstallKB2562937$
2011-09-16 19:44:59 ----HD---- C:\WINDOWS\$NtUninstallKB2423089$
2011-09-16 19:44:52 ----HD---- C:\WINDOWS\$NtUninstallKB2360937$
2011-09-14 19:53:17 ----D---- C:\Documents and Settings\Pavel Březina\Data aplikací\AdobeUM
2011-09-14 19:53:08 ----D---- C:\Program Files\Common Files\Adobe
2011-09-13 19:31:31 ----A---- C:\WINDOWS\system32\d3d9caps.dat
2011-09-13 18:38:36 ----D---- C:\Documents and Settings\Pavel Březina\Data aplikací\Adobe
2011-09-13 18:31:26 ----D---- C:\Program Files\Soulseek-Test
2011-09-13 18:24:11 ----D---- C:\Program Files\ICQ6Toolbar
2011-09-13 18:24:10 ----D---- C:\Documents and Settings\All Users\Data aplikací\ICQ
2011-09-13 18:23:06 ----D---- C:\Documents and Settings\Pavel Březina\Data aplikací\ICQ
2011-09-13 18:22:54 ----D---- C:\Program Files\ICQ7.2
2011-09-13 02:36:21 ----D---- C:\Documents and Settings\Pavel Březina\Data aplikací\Macromedia
2011-09-13 02:30:41 ----HD---- C:\WINDOWS\$NtUninstallKB2467659$
2011-09-13 02:30:14 ----D---- C:\WINDOWS\ie8updates
2011-09-13 02:29:44 ----D---- C:\Program Files\Seznam.cz
2011-09-13 02:28:34 ----HD---- C:\WINDOWS\ie8
2011-09-13 01:50:53 ----A---- C:\WINDOWS\Active Setup Log.txt
2011-09-13 01:33:55 ----A---- C:\WINDOWS\system32\drivers\USBSTOR.SYS
2011-09-13 01:24:03 ----A---- C:\WINDOWS\nsreg.dat
2011-09-13 01:24:00 ----D---- C:\Documents and Settings\Pavel Březina\Data aplikací\Mozilla
2011-09-13 01:23:47 ----D---- C:\Program Files\Mozilla Firefox
2011-09-13 01:03:51 ----D---- C:\WINDOWS\Minidump
2011-09-13 01:02:36 ----SHD---- C:\FOUND.000
2011-09-13 00:59:26 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2011-09-13 00:59:26 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011-09-13 00:59:25 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2011-09-13 00:59:25 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2011-09-13 00:59:24 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2011-09-13 00:59:24 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2011-09-13 00:59:24 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2011-09-13 00:59:23 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2011-09-13 00:59:11 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-09-13 00:59:11 ----A---- C:\WINDOWS\avastSS.scr
2011-09-13 00:58:59 ----D---- C:\Program Files\AVAST Software
2011-09-13 00:58:59 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2011-09-13 00:52:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\WinZip
2011-09-13 00:52:48 ----D---- C:\Program Files\WinZip
2011-09-13 00:48:18 ----D---- C:\WINDOWS\WBEM
2011-09-13 00:47:10 ----HD---- C:\WINDOWS\msdownld.tmp
2011-09-13 00:38:57 ----D---- C:\WINDOWS\Prefetch
2011-09-13 00:37:28 ----HD---- C:\WINDOWS\$NtUninstallKB951376-v2$
2011-09-13 00:37:24 ----HD---- C:\WINDOWS\$NtUninstallKB946648$
2011-09-13 00:37:21 ----HD---- C:\WINDOWS\$NtUninstallKB956803$
2011-09-13 00:37:17 ----HD---- C:\WINDOWS\$NtUninstallKB971468$
2011-09-13 00:37:10 ----HD---- C:\WINDOWS\$NtUninstallKB979683$
2011-09-13 00:37:02 ----HD---- C:\WINDOWS\$NtUninstallKB978207$
2011-09-13 00:36:56 ----HD---- C:\WINDOWS\$NtUninstallKB980232$
2011-09-13 00:36:52 ----HD---- C:\WINDOWS\$NtUninstallKB955759$
2011-09-13 00:36:48 ----HD---- C:\WINDOWS\$NtUninstallKB2229593$
2011-09-13 00:36:44 ----HD---- C:\WINDOWS\$NtUninstallKB972270$
2011-09-13 00:36:36 ----HD---- C:\WINDOWS\$NtUninstallKB956572$
2011-09-13 00:36:32 ----HD---- C:\WINDOWS\$NtUninstallKB956844$
2011-09-13 00:36:27 ----HD---- C:\WINDOWS\$NtUninstallKB961501$
2011-09-13 00:36:23 ----HD---- C:\WINDOWS\$NtUninstallKB975561$
2011-09-13 00:36:19 ----HD---- C:\WINDOWS\$NtUninstallKB973869$
2011-09-13 00:36:15 ----HD---- C:\WINDOWS\$NtUninstallKB973687$
2011-09-13 00:36:11 ----HD---- C:\WINDOWS\$NtUninstallKB950762$
2011-09-13 00:36:06 ----HD---- C:\WINDOWS\$NtUninstallKB952287$
2011-09-13 00:36:01 ----HD---- C:\WINDOWS\$NtUninstallKB958644$
2011-09-13 00:35:56 ----HD---- C:\WINDOWS\$NtUninstallKB973687_1$
2011-09-13 00:35:52 ----HD---- C:\WINDOWS\$NtUninstallKB955069$
2011-09-13 00:35:48 ----HD---- C:\WINDOWS\$NtUninstallKB923561$
2011-09-13 00:35:45 ----HD---- C:\WINDOWS\$NtUninstallKB959426$
2011-09-13 00:35:40 ----HD---- C:\WINDOWS\$NtUninstallKB969059$
2011-09-13 00:35:37 ----HD---- C:\WINDOWS\$NtUninstallKB978037$
2011-09-13 00:35:33 ----HD---- C:\WINDOWS\$NtUninstallKB971657$
2011-09-13 00:35:30 ----HD---- C:\WINDOWS\$NtUninstallKB960225$
2011-09-13 00:35:26 ----HD---- C:\WINDOWS\$NtUninstallKB975025$
2011-09-13 00:35:22 ----HD---- C:\WINDOWS\$NtUninstallKB952004$
2011-09-13 00:35:18 ----HD---- C:\WINDOWS\$NtUninstallKB975560$
2011-09-13 00:35:13 ----HD---- C:\WINDOWS\$NtUninstallKB977914$
2011-09-13 00:35:09 ----HD---- C:\WINDOWS\$NtUninstallKB978706$
2011-09-13 00:35:03 ----HD---- C:\WINDOWS\$NtUninstallKB967715$
2011-09-13 00:34:58 ----HD---- C:\WINDOWS\$NtUninstallKB970238$
2011-09-13 00:34:54 ----HD---- C:\WINDOWS\$NtUninstallKB973815$
2011-09-13 00:34:50 ----HD---- C:\WINDOWS\$NtUninstallKB975467$
2011-09-13 00:34:45 ----HD---- C:\WINDOWS\$NtUninstallKB968389$
2011-09-13 00:34:41 ----HD---- C:\WINDOWS\$NtUninstallKB980218$
2011-09-13 00:34:38 ----HD---- C:\WINDOWS\$NtUninstallKB952954$
2011-09-13 00:34:34 ----HD---- C:\WINDOWS\$NtUninstallKB979559$
2011-09-13 00:34:30 ----HD---- C:\WINDOWS\$NtUninstallKB974112$
2011-09-13 00:34:27 ----HD---- C:\WINDOWS\$NtUninstallKB960859$
2011-09-13 00:34:23 ----HD---- C:\WINDOWS\$NtUninstallKB974318$
2011-09-13 00:34:18 ----HD---- C:\WINDOWS\$NtUninstallKB950974$
2011-09-13 00:34:15 ----HD---- C:\WINDOWS\$NtUninstallKB975713$
2011-09-13 00:34:11 ----HD---- C:\WINDOWS\$NtUninstallKB978338$
2011-09-13 00:34:07 ----HD---- C:\WINDOWS\$NtUninstallKB974571$
2011-09-13 00:34:03 ----HD---- C:\WINDOWS\$NtUninstallKB973507$
2011-09-13 00:33:59 ----HD---- C:\WINDOWS\$NtUninstallKB974392$
2011-09-13 00:33:55 ----HD---- C:\WINDOWS\$NtUninstallKB951748$
2011-09-13 00:33:50 ----HD---- C:\WINDOWS\$NtUninstallKB978542$
2011-09-13 00:33:46 ----HD---- C:\WINDOWS\$NtUninstallKB978601$
2011-09-13 00:33:42 ----HD---- C:\WINDOWS\$NtUninstallKB960803$
2011-09-13 00:33:38 ----HD---- C:\WINDOWS\$NtUninstallKB975562$
2011-09-13 00:33:34 ----HD---- C:\WINDOWS\$NtUninstallKB956802$
2011-09-13 00:33:31 ----HD---- C:\WINDOWS\$NtUninstallKB979482$
2011-09-13 00:33:27 ----HD---- C:\WINDOWS\$NtUninstallKB979309$
2011-09-13 00:30:19 ----D---- C:\WINDOWS\system32\cs-cz
2011-09-13 00:30:19 ----D---- C:\WINDOWS\system32\cs
2011-09-13 00:30:19 ----D---- C:\WINDOWS\l2schemas
2011-09-13 00:30:18 ----D---- C:\WINDOWS\system32\bits
2011-09-13 00:27:04 ----D---- C:\WINDOWS\network diagnostic
2011-09-13 00:24:51 ----HD---- C:\WINDOWS\$NtServicePackUninstall$
2011-09-13 00:24:50 ----D---- C:\WINDOWS\EHome
2011-09-13 00:17:54 ----HD---- C:\WINDOWS\$NtUninstallKB980218_0$
2011-09-13 00:17:51 ----HD---- C:\WINDOWS\$NtUninstallKB951376-v2_0$
2011-09-13 00:17:46 ----HD---- C:\WINDOWS\$NtUninstallKB952954_0$
2011-09-13 00:17:42 ----HD---- C:\WINDOWS\$NtUninstallKB959426_0$
2011-09-13 00:17:38 ----HD---- C:\WINDOWS\$NtUninstallKB946648_0$
2011-09-13 00:17:33 ----HD---- C:\WINDOWS\$NtUninstallKB956803_0$
2011-09-13 00:17:29 ----HD---- C:\WINDOWS\$NtUninstallKB960859_0$
2011-09-13 00:17:25 ----HD---- C:\WINDOWS\$NtUninstallKB971468_0$
2011-09-13 00:17:15 ----HD---- C:\WINDOWS\$NtUninstallKB979683_0$
2011-09-13 00:16:58 ----HD---- C:\WINDOWS\$NtUninstallKB978207_0$
2011-09-13 00:16:53 ----HD---- C:\WINDOWS\$NtUninstallKB958869$
2011-09-13 00:16:49 ----HD---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2011-09-13 00:16:47 ----HD---- C:\WINDOWS\$NtUninstallKB980195$
2011-09-13 00:16:42 ----HD---- C:\WINDOWS\$NtUninstallKB980232_0$
2011-09-13 00:16:38 ----HD---- C:\WINDOWS\$NtUninstallKB981350$
2011-09-13 00:16:32 ----HD---- C:\WINDOWS\$NtUninstallKB955759_0$
2011-09-13 00:16:28 ----HD---- C:\WINDOWS\$NtUninstallKB974318_0$
2011-09-13 00:16:23 ----HD---- C:\WINDOWS\$NtUninstallKB969059_0$
2011-09-13 00:16:18 ----HD---- C:\WINDOWS\$NtUninstallKB2229593_0$
2011-09-13 00:12:22 ----HD---- C:\WINDOWS\$NtUninstallKB950974_0$
2011-09-13 00:12:18 ----HD---- C:\WINDOWS\$NtUninstallKB978037_0$
2011-09-13 00:12:13 ----HD---- C:\WINDOWS\$NtUninstallKB975713_0$
2011-09-13 00:12:09 ----HD---- C:\WINDOWS\$NtUninstallKB971657_0$
2011-09-13 00:12:05 ----HD---- C:\WINDOWS\$NtUninstallKB978338_0$
2011-09-13 00:12:00 ----HD---- C:\WINDOWS\$NtUninstallKB960225_0$
2011-09-13 00:11:56 ----HD---- C:\WINDOWS\$NtUninstallKB972270_0$
2011-09-13 00:11:52 ----HD---- C:\WINDOWS\$NtUninstallKB974112_0$
2011-09-13 00:11:38 ----HD---- C:\WINDOWS\$NtUninstallKB956572_0$
2011-09-13 00:11:33 ----HD---- C:\WINDOWS\$NtUninstallKB956844_0$
2011-09-13 00:11:29 ----HD---- C:\WINDOWS\$NtUninstallKB961501_0$
2011-09-13 00:11:23 ----HD---- C:\WINDOWS\$NtUninstallKB975561_0$
2011-09-13 00:11:19 ----HD---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2011-09-13 00:11:16 ----HD---- C:\WINDOWS\$NtUninstallKB973869_0$
2011-09-13 00:11:12 ----HD---- C:\WINDOWS\$NtUninstallKB975025_0$
2011-09-13 00:11:08 ----HD---- C:\WINDOWS\$NtUninstallKB973540_WM9L$
2011-09-13 00:11:02 ----HD---- C:\WINDOWS\$NtUninstallKB952004_0$
2011-09-13 00:10:58 ----HD---- C:\WINDOWS\$NtUninstallKB974571_0$
2011-09-13 00:10:54 ----HD---- C:\WINDOWS\$NtUninstallKB975560_0$
2011-09-13 00:10:48 ----HD---- C:\WINDOWS\$NtUninstallKB973507_0$
2011-09-13 00:10:45 ----HD---- C:\WINDOWS\$NtUninstallKB977816$
2011-09-13 00:10:39 ----HD---- C:\WINDOWS\$NtUninstallKB973687_0$
2011-09-13 00:10:35 ----HD---- C:\WINDOWS\$NtUninstallKB950762_0$
2011-09-13 00:10:31 ----HD---- C:\WINDOWS\$NtUninstallKB981793$
2011-09-13 00:10:27 ----HD---- C:\WINDOWS\$NtUninstallKB978601_0$
2011-09-13 00:10:22 ----HD---- C:\WINDOWS\$NtUninstallKB979559_0$
2011-09-13 00:10:18 ----HD---- C:\WINDOWS\$NtUninstallKB952287_0$
2011-09-13 00:10:13 ----HD---- C:\WINDOWS\$NtUninstallKB973904$
2011-09-13 00:10:03 ----HD---- C:\WINDOWS\$NtUninstallKB967715_0$
2011-09-13 00:09:56 ----HD---- C:\WINDOWS\$NtUninstallKB974392_0$
2011-09-13 00:09:10 ----A---- C:\WINDOWS\system32\MRT.exe
2011-09-13 00:09:03 ----HD---- C:\WINDOWS\$NtUninstallKB977914_0$
2011-09-13 00:08:55 ----HD---- C:\WINDOWS\$NtUninstallKB951748_0$
2011-09-13 00:08:50 ----HD---- C:\WINDOWS\$NtUninstallKB971961$
2011-09-13 00:08:44 ----HD---- C:\WINDOWS\$NtUninstallKB978542_0$
2011-09-13 00:08:39 ----HD---- C:\WINDOWS\$NtUninstallKB970238_0$
2011-09-13 00:08:35 ----HD---- C:\WINDOWS\$NtUninstallKB979309_0$
2011-09-13 00:08:31 ----HD---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2011-09-13 00:08:29 ----HD---- C:\WINDOWS\$NtUninstallKB978706_0$
2011-09-13 00:08:22 ----D---- C:\WINDOWS\ServicePackFiles
2011-09-13 00:08:21 ----HD---- C:\WINDOWS\$NtUninstallKB958470$
2011-09-13 00:08:17 ----HD---- C:\WINDOWS\$NtUninstallKB901190$
2011-09-13 00:08:13 ----HD---- C:\WINDOWS\$NtUninstallKB960803_0$
2011-09-13 00:08:08 ----HD---- C:\WINDOWS\$NtUninstallKB973815_0$
2011-09-13 00:08:04 ----HD---- C:\WINDOWS\$NtUninstallKB975562_0$
2011-09-13 00:07:59 ----HD---- C:\WINDOWS\$NtUninstallKB958644_0$
2011-09-13 00:07:55 ----HD---- C:\WINDOWS\$NtUninstallKB955069_0$
2011-09-13 00:07:49 ----HD---- C:\WINDOWS\$NtUninstallKB979402_WM9L$
2011-09-13 00:07:45 ----HD---- C:\WINDOWS\$NtUninstallKB956802_0$
2011-09-13 00:07:40 ----D---- C:\Program Files\MSXML 4.0
2011-09-13 00:07:15 ----HD---- C:\WINDOWS\$NtUninstallKB944338-v2$
2011-09-13 00:07:09 ----HD---- C:\WINDOWS\$NtUninstallKB923561_0$
2011-09-13 00:07:04 ----HD---- C:\WINDOWS\$NtUninstallKB975467_0$
2011-09-13 00:06:57 ----HD---- C:\WINDOWS\$NtUninstallKB968389_0$
2011-09-13 00:05:29 ----N---- C:\WINDOWS\system32\drivers\watv06nt.sys
2011-09-13 00:05:29 ----N---- C:\WINDOWS\system32\drivers\wadv11nt.sys
2011-09-13 00:05:29 ----N---- C:\WINDOWS\system32\drivers\slwdmsup.sys
2011-09-13 00:05:29 ----N---- C:\WINDOWS\system32\drivers\mtlstrm.sys
2011-09-13 00:05:29 ----N---- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2011-09-13 00:05:29 ----N---- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2011-09-13 00:05:29 ----N---- C:\WINDOWS\system32\drivers\atinxbxx.sys
2011-09-13 00:05:29 ----N---- C:\WINDOWS\system32\drivers\atintuxx.sys
2011-09-13 00:05:29 ----N---- C:\WINDOWS\system32\drivers\atinsnxx.sys
2011-09-13 00:05:29 ----N---- C:\WINDOWS\system32\drivers\atinrvxx.sys
2011-09-13 00:05:29 ----N---- C:\WINDOWS\system32\drivers\ati1tuxx.sys
2011-09-13 00:05:29 ----N---- C:\WINDOWS\system32\drivers\ati1btxx.sys
2011-09-13 00:04:58 ----N---- C:\WINDOWS\system32\drivers\recagent.sys
2011-09-13 00:04:58 ----N---- C:\WINDOWS\system32\drivers\nv4_mini.sys
2011-09-13 00:04:58 ----N---- C:\WINDOWS\system32\drivers\ntmtlfax.sys
2011-09-13 00:04:58 ----N---- C:\WINDOWS\system32\drivers\mtlmnt5.sys
2011-09-13 00:04:58 ----N---- C:\WINDOWS\system32\drivers\atinbtxx.sys
2011-09-13 00:04:58 ----N---- C:\WINDOWS\system32\drivers\ati1xsxx.sys
2011-09-13 00:04:56 ----N---- C:\WINDOWS\system32\drivers\watv10nt.sys
2011-09-13 00:04:56 ----N---- C:\WINDOWS\system32\drivers\wadv08nt.sys
2011-09-13 00:04:56 ----N---- C:\WINDOWS\system32\drivers\wadv07nt.sys
2011-09-13 00:04:56 ----N---- C:\WINDOWS\system32\drivers\slnthal.sys
2011-09-13 00:04:56 ----N---- C:\WINDOWS\system32\drivers\slntamr.sys
2011-09-13 00:04:56 ----N---- C:\WINDOWS\system32\drivers\s3gnbm.sys
2011-09-13 00:04:56 ----N---- C:\WINDOWS\system32\drivers\mtxparhm.sys
2011-09-13 00:04:56 ----N---- C:\WINDOWS\system32\drivers\atinxsxx.sys
2011-09-13 00:04:56 ----N---- C:\WINDOWS\system32\drivers\atinraxx.sys
2011-09-13 00:04:56 ----N---- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2011-09-13 00:04:56 ----N---- C:\WINDOWS\system32\drivers\ati1raxx.sys
2011-09-13 00:04:56 ----N---- C:\WINDOWS\system32\drivers\ati1pdxx.sys
2011-09-13 00:04:56 ----N---- C:\WINDOWS\system32\drivers\ati1mdxx.sys
2011-09-13 00:04:55 ----N---- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2011-09-13 00:04:55 ----N---- C:\WINDOWS\system32\drivers\atinmdxx.sys
2011-09-13 00:04:55 ----N---- C:\WINDOWS\system32\drivers\ati1ttxx.sys
2011-09-13 00:04:55 ----N---- C:\WINDOWS\system32\drivers\ati1snxx.sys
2011-09-13 00:04:55 ----N---- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2011-09-13 00:04:53 ----N---- C:\WINDOWS\system32\drivers\wadv09nt.sys
2011-09-13 00:04:53 ----N---- C:\WINDOWS\system32\drivers\slnt7554.sys
2011-09-13 00:04:53 ----N---- C:\WINDOWS\system32\drivers\atinttxx.sys
2011-09-13 00:04:53 ----N---- C:\WINDOWS\system32\drivers\atinpdxx.sys
2011-09-13 00:04:53 ----N---- C:\WINDOWS\system32\drivers\ati1xbxx.sys
2011-09-12 23:58:15 ----N---- C:\WINDOWS\system32\browserchoice.exe
2011-09-12 23:56:18 ----N---- C:\WINDOWS\system32\tzchange.exe
2011-09-12 23:54:53 ----HD---- C:\WINDOWS\$NtUninstallKB979482_0$
2011-09-12 23:51:40 ----HD---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2011-09-12 23:51:22 ----N---- C:\WINDOWS\system32\spmsg.dll
2011-09-12 23:51:22 ----D---- C:\WINDOWS\system32\PreInstall
2011-09-12 23:51:22 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2011-09-12 23:51:20 ----HD---- C:\WINDOWS\$NtUninstallKB898461$
2011-09-12 23:51:20 ----HD---- C:\WINDOWS\$hf_mig$
2011-09-12 23:50:41 ----A---- C:\WINDOWS\system32\eRLog.ini
2011-09-12 23:50:04 ----D---- C:\WINDOWS\Downloaded Installations
2011-09-12 23:48:03 ----A---- C:\WINDOWS\system32\Check.exe
2011-09-12 23:48:01 ----D---- C:\Program Files\acer
2011-09-12 23:47:41 ----D---- C:\Program Files\Launch Manager
2011-09-12 23:47:40 ----A---- C:\WINDOWS\UNINST32.EXE
2011-09-12 23:47:40 ----A---- C:\WINDOWS\system32\QtBtLib.dll
2011-09-12 23:47:39 ----A---- C:\WINDOWS\system32\drivers\DKbFltr.SYS
2011-09-12 23:45:33 ----A---- C:\WINDOWS\system32\w29NCPA.dll
2011-09-12 23:45:32 ----A---- C:\WINDOWS\system32\drivers\w29n51.sys
2011-09-12 23:45:16 ----A---- C:\WINDOWS\system32\results.txt
2011-09-12 23:45:13 ----A---- C:\WINDOWS\system32\drivers\AegisP.sys
2011-09-12 23:45:01 ----D---- C:\Documents and Settings\All Users\Data aplikací\Intel
2011-09-12 23:44:50 ----D---- C:\Program Files\WinPCap
2011-09-12 23:44:50 ----A---- C:\WINDOWS\system32\wpcap.dll
2011-09-12 23:44:50 ----A---- C:\WINDOWS\system32\pthreadVC.dll
2011-09-12 23:44:50 ----A---- C:\WINDOWS\system32\packet.dll
2011-09-12 23:44:50 ----A---- C:\WINDOWS\system32\drivers\npf.sys
2011-09-12 23:44:02 ----D---- C:\Acer
2011-09-12 23:44:02 ----A---- C:\WINDOWS\system32\Epm-Po.dll
2011-09-12 23:44:02 ----A---- C:\WINDOWS\system32\drivers\epm-shd.sys
2011-09-12 23:44:02 ----A---- C:\WINDOWS\system32\drivers\epm-psd.sys
2011-09-12 23:43:16 ----D---- C:\Program Files\ATI Technologies
2011-09-12 23:42:21 ----ASH---- C:\Documents and Settings\Pavel Březina\Data aplikací\desktop.ini
2011-09-12 23:42:19 ----SD---- C:\Documents and Settings\Pavel Březina\Data aplikací\Microsoft
2011-09-12 23:42:19 ----D---- C:\Documents and Settings\Pavel Březina\Data aplikací\Identities
2011-09-12 23:42:00 ----ASH---- C:\hiberfil.sys
2011-09-12 23:38:26 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2011-09-12 23:35:04 ----ASH---- C:\pagefile.sys

======List of files/folders modified in the last 1 month======

2011-09-29 22:33:34 ----A---- C:\WINDOWS\ModemLog_SoftV92 Data Fax Modem with SmartCP.txt
2011-09-29 20:45:52 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-09-18 16:33:24 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-09-18 16:27:56 ----A---- C:\WINDOWS\win.ini
2011-09-17 21:19:12 ----A---- C:\WINDOWS\imsins.BAK
2011-09-13 00:39:44 ----A---- C:\WINDOWS\OEWABLog.txt
2011-09-13 00:39:02 ----A---- C:\WINDOWS\setuplog.txt
2011-09-12 23:50:40 ----A---- C:\WINDOWS\ALaunch.ini
2011-09-12 23:41:24 ----RASH---- C:\boot.ini
2011-09-12 23:34:02 ----A---- C:\WINDOWS\CLEANUP.CMD
2011-09-12 23:33:44 ----A---- C:\WINDOWS\HotFix.bat
2011-09-09 11:12:04 ----A---- C:\WINDOWS\system32\crypt32.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-09-06 30808]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-09-06 34392]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-09-06 442200]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-09-06 320856]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-09-06 52568]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 UBHelper;UBHelper; C:\WINDOWS\system32\drivers\UBHelper.sys [2004-12-17 13952]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.1.6.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2011-09-12 17119]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-09-06 20568]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-09-06 110552]
R2 EpmPsd;Acer EPM Power Scheme Driver; \??\C:\WINDOWS\system32\drivers\epm-psd.sys []
R2 EpmShd;Acer EPM System Hardware Driver; \??\C:\WINDOWS\system32\drivers\epm-shd.sys []
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-16 13059]
R2 osaio;osaio; C:\WINDOWS\system32\drivers\osaio.sys [2005-03-04 8704]
R2 osanbm;osanbm; C:\WINDOWS\system32\drivers\osanbm.sys [2005-01-14 4010]
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2004-10-15 11354]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-02-08 970240]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2003-05-21 175360]
R3 CAMCAUD;Conexant AMC Audio; C:\WINDOWS\system32\drivers\camcaud.sys [2004-06-24 34048]
R3 CAMCHALA;CAMCHALA; C:\WINDOWS\system32\drivers\camchal.sys [2004-06-24 276480]
R3 DKbFltr;Dritek HotKey Keyboard Filter Driver; C:\WINDOWS\System32\Drivers\DKbFltr.sys [2004-12-08 16896]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-01-24 1038208]
R3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2005-01-24 207616]
R3 int15.sys;int15.sys; \??\C:\Program Files\acer\eRecovery\int15.sys []
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 NSCIRDA;NSC Infrared Device Driver; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2008-04-13 28672]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2005-04-13 6144]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-12-05 10368]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-10-07 185824]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-02-10 157056]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-18 20480]
R3 w29n51;Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2004-10-29 3222784]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-01-24 703616]
S3 BthEnum;Služba Bluetooth Enumerator; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-18 9600]
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-02-07 804572]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2003-04-04 30336]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-18 26496]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 anbmService;Notebook Manager Service; C:\Acer\eManager\anbmServ.exe [2004-08-16 1287168]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-02-08 348160]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-09-06 44768]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 EvtEng;EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2004-10-15 86016]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-03-28 246520]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 RegSrvc;RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2004-10-15 139264]
R2 S24EventMonitor;Spectrum24 Event Monitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2004-10-15 360521]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268288]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2003-04-04 77824]

-----------------EOF-----------------

[chodnik74]

Dobrý den

Stáhněte si TDSSKiller

• Spuste program a klikněte na Start Scan
• Pokud program najde infikekci,tak ji bude lecit (Cure), povolte léčení kliknutím na tlačítko Continue
• Pokud program najde podezrely soubor (suspicious),bude ho chtít přeskočit (Skip), povolte přeskočení kliknutim na tlačítko Continue
• Po dokončení skenování bude možná potřeba restartovat počítač,ten povolíte programu kliknutím na tlačítko Reboot now
• Po restartování počítače na vás vyskočí log(pokud se tak nestane,tak ho najdete na disku,kde máte nainstalovaná systém s názvem TDSSKiller.xxxx_log.txt) a vložte mi sem jeho obsah
• Pokud nebude program požadovat restartování počítače,klikněte na tlačítko Close a následně na Report , čímž se Vám vytvoří log a jeho obsah mu sem vložte

[paolo75]

zdravím a díky za radu
program se stahl a spustil, vir tambyl,dal sem tedy leceni
vkládam log

08:04:07.0687 3464 TDSS rootkit removing tool 2.6.2.0 Sep 26 2011 18:56:43
08:04:07.0796 3464 ============================================================
08:04:07.0796 3464 Current date / time: 2011/09/30 08:04:07.0796
08:04:07.0796 3464 SystemInfo:
08:04:07.0796 3464
08:04:07.0796 3464 OS Version: 5.1.2600 ServicePack: 3.0
08:04:07.0796 3464 Product type: Workstation
08:04:07.0796 3464 ComputerName: ACER-6BF8034536
08:04:07.0796 3464 UserName: Pavel Březina
08:04:07.0796 3464 Windows directory: C:\WINDOWS
08:04:07.0796 3464 System windows directory: C:\WINDOWS
08:04:07.0796 3464 Processor architecture: Intel x86
08:04:07.0796 3464 Number of processors: 1
08:04:07.0796 3464 Page size: 0x1000
08:04:07.0796 3464 Boot type: Normal boot
08:04:07.0796 3464 ============================================================
08:04:08.0781 3464 Initialize success
08:04:16.0296 2996 ============================================================
08:04:16.0296 2996 Scan started
08:04:16.0296 2996 Mode: Manual;
08:04:16.0296 2996 ============================================================
08:04:17.0046 2996 Aavmker4 (95d1de2a6613494e853a9738d5d9acd4) C:\WINDOWS\system32\drivers\Aavmker4.sys
08:04:17.0046 2996 Aavmker4 - ok
08:04:17.0234 2996 Abiosdsk - ok
08:04:17.0437 2996 abp480n5 - ok
08:04:17.0625 2996 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
08:04:17.0625 2996 ACPI - ok
08:04:17.0671 2996 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
08:04:17.0671 2996 ACPIEC - ok
08:04:17.0859 2996 adpu160m - ok
08:04:18.0046 2996 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
08:04:18.0046 2996 aec - ok
08:04:18.0187 2996 AegisP (f498fd605c08404b20a48954c722ff74) C:\WINDOWS\system32\DRIVERS\AegisP.sys
08:04:18.0187 2996 AegisP - ok
08:04:18.0312 2996 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
08:04:18.0312 2996 AFD - ok
08:04:18.0500 2996 Aha154x - ok
08:04:18.0718 2996 aic78u2 - ok
08:04:18.0906 2996 aic78xx - ok
08:04:19.0109 2996 AliIde - ok
08:04:19.0312 2996 amsint - ok
08:04:19.0500 2996 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
08:04:19.0500 2996 Arp1394 - ok
08:04:19.0687 2996 asc - ok
08:04:19.0875 2996 asc3350p - ok
08:04:20.0062 2996 asc3550 - ok
08:04:20.0156 2996 aswFsBlk (c47623ffd181a1e7d63574dde2a0a711) C:\WINDOWS\system32\drivers\aswFsBlk.sys
08:04:20.0156 2996 aswFsBlk - ok
08:04:20.0250 2996 aswMon2 (fff2dbb17a3c89f87f78d5fa72ca47fd) C:\WINDOWS\system32\drivers\aswMon2.sys
08:04:20.0250 2996 aswMon2 - ok
08:04:20.0328 2996 aswRdr (36239e24470a3dd81fae37510953cc6c) C:\WINDOWS\system32\drivers\aswRdr.sys
08:04:20.0328 2996 aswRdr - ok
08:04:20.0421 2996 aswSnx (caa846e9c83836bdc3d2d700c678db65) C:\WINDOWS\system32\drivers\aswSnx.sys
08:04:20.0421 2996 aswSnx - ok
08:04:20.0531 2996 aswSP (748ae7f2d7da33adb063fe05704a9969) C:\WINDOWS\system32\drivers\aswSP.sys
08:04:20.0531 2996 aswSP - ok
08:04:20.0625 2996 aswTdi (ca9925ce1dbd07ffe1eb357752cf5577) C:\WINDOWS\system32\drivers\aswTdi.sys
08:04:20.0625 2996 aswTdi - ok
08:04:20.0828 2996 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
08:04:20.0828 2996 AsyncMac - ok
08:04:20.0890 2996 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
08:04:20.0890 2996 atapi - ok
08:04:21.0078 2996 Atdisk - ok
08:04:21.0250 2996 ati2mtag (205a9e5c6d3b60659f0dc40542a8b29f) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
08:04:21.0265 2996 ati2mtag - ok
08:04:21.0453 2996 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
08:04:21.0453 2996 Atmarpc - ok
08:04:21.0578 2996 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
08:04:21.0593 2996 audstub - ok
08:04:21.0703 2996 b57w2k (b9543b0c771feab7ca095303007a159c) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
08:04:21.0703 2996 b57w2k - ok
08:04:21.0734 2996 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
08:04:21.0734 2996 Beep - ok
08:04:21.0843 2996 BthEnum (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys
08:04:21.0843 2996 BthEnum - ok
08:04:21.0906 2996 BthPan (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys
08:04:21.0906 2996 BthPan - ok
08:04:22.0015 2996 BTHPORT (f338662a6c1fc11dd9508f6dff2c06a2) C:\WINDOWS\system32\Drivers\BTHport.sys
08:04:22.0015 2996 BTHPORT - ok
08:04:22.0093 2996 BTHUSB (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys
08:04:22.0093 2996 BTHUSB - ok
08:04:22.0171 2996 CAMCAUD (baa90d983f77759fc70c65a1ce3d3566) C:\WINDOWS\system32\drivers\camcaud.sys
08:04:22.0171 2996 CAMCAUD - ok
08:04:22.0250 2996 CAMCHALA (90d9c324df48bb8e3024e79f5c181784) C:\WINDOWS\system32\drivers\camchal.sys
08:04:22.0250 2996 CAMCHALA - ok
08:04:22.0296 2996 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
08:04:22.0296 2996 cbidf2k - ok
08:04:22.0656 2996 cd20xrnt - ok
08:04:22.0687 2996 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
08:04:22.0687 2996 Cdaudio - ok
08:04:22.0859 2996 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
08:04:22.0859 2996 Cdfs - ok
08:04:23.0046 2996 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
08:04:23.0046 2996 Cdrom - ok
08:04:23.0234 2996 Changer - ok
08:04:23.0406 2996 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
08:04:23.0406 2996 CmBatt - ok
08:04:23.0593 2996 CmdIde - ok
08:04:23.0750 2996 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
08:04:23.0750 2996 Compbatt - ok
08:04:23.0953 2996 Cpqarray - ok
08:04:24.0140 2996 dac2w2k - ok
08:04:24.0328 2996 dac960nt - ok
08:04:24.0500 2996 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
08:04:24.0500 2996 Disk - ok
08:04:24.0640 2996 DKbFltr (08d30af92c270f2e76787c81589dbad6) C:\WINDOWS\system32\Drivers\DKbFltr.sys
08:04:24.0640 2996 DKbFltr - ok
08:04:24.0859 2996 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
08:04:24.0890 2996 dmboot - ok
08:04:25.0125 2996 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
08:04:25.0125 2996 dmio - ok
08:04:25.0156 2996 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
08:04:25.0156 2996 dmload - ok
08:04:25.0375 2996 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
08:04:25.0375 2996 DMusic - ok
08:04:25.0578 2996 dpti2o - ok
08:04:25.0718 2996 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
08:04:25.0734 2996 drmkaud - ok
08:04:25.0828 2996 EpmPsd (d68564fcfbdfc04280cdbbb37cf7ef7f) C:\WINDOWS\system32\drivers\epm-psd.sys
08:04:25.0843 2996 EpmPsd - ok
08:04:25.0937 2996 EpmShd (b2d71ba438701b5f0368b958bea2dc62) C:\WINDOWS\system32\drivers\epm-shd.sys
08:04:25.0937 2996 EpmShd - ok
08:04:26.0156 2996 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
08:04:26.0156 2996 Fastfat - ok
08:04:26.0328 2996 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
08:04:26.0328 2996 Fdc - ok
08:04:26.0484 2996 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
08:04:26.0484 2996 Fips - ok
08:04:26.0640 2996 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
08:04:26.0640 2996 Flpydisk - ok
08:04:26.0703 2996 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
08:04:26.0703 2996 FltMgr - ok
08:04:26.0734 2996 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
08:04:26.0734 2996 Fs_Rec - ok
08:04:26.0765 2996 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
08:04:26.0781 2996 Ftdisk - ok
08:04:26.0921 2996 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
08:04:26.0921 2996 Gpc - ok
08:04:27.0062 2996 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
08:04:27.0062 2996 HidUsb - ok
08:04:27.0265 2996 hpn - ok
08:04:27.0375 2996 HSFHWICH (e7bcc7ec37dd2dd36a39bb9ac87a897b) C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys
08:04:27.0390 2996 HSFHWICH - ok
08:04:27.0546 2996 HSF_DPV (822c60f2abee73a0e089230d94064f39) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
08:04:27.0593 2996 HSF_DPV - ok
08:04:27.0687 2996 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
08:04:27.0687 2996 HTTP - ok
08:04:27.0875 2996 i2omgmt - ok
08:04:28.0062 2996 i2omp - ok
08:04:28.0234 2996 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
08:04:28.0250 2996 i8042prt - ok
08:04:28.0437 2996 ialm (afbf1b43cc830bdc03b582003da439c2) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
08:04:28.0468 2996 ialm - ok
08:04:28.0656 2996 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
08:04:28.0656 2996 Imapi - ok
08:04:28.0843 2996 ini910u - ok
08:04:28.0984 2996 int15.sys (4d8d5b1c895ea0f2a721b98a7ce198f1) C:\Program Files\acer\eRecovery\int15.sys
08:04:28.0984 2996 int15.sys - ok
08:04:29.0187 2996 IntelIde (57d928e548b38502abba7a77a6eb7312) C:\WINDOWS\system32\DRIVERS\intelide.sys
08:04:29.0187 2996 IntelIde - ok
08:04:29.0390 2996 intelppm (27b290d632af2cf3cf40bfddb7370985) C:\WINDOWS\system32\DRIVERS\intelppm.sys
08:04:29.0390 2996 intelppm - ok
08:04:29.0609 2996 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
08:04:29.0609 2996 Ip6Fw - ok
08:04:29.0656 2996 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
08:04:29.0656 2996 IpFilterDriver - ok
08:04:29.0812 2996 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
08:04:29.0812 2996 IpInIp - ok
08:04:30.0000 2996 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
08:04:30.0000 2996 IpNat - ok
08:04:30.0171 2996 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
08:04:30.0171 2996 IPSec - ok
08:04:30.0328 2996 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
08:04:30.0343 2996 irda - ok
08:04:30.0484 2996 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
08:04:30.0484 2996 IRENUM - ok
08:04:30.0656 2996 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
08:04:30.0656 2996 isapnp - ok
08:04:30.0796 2996 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
08:04:30.0796 2996 Kbdclass - ok
08:04:30.0984 2996 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
08:04:30.0984 2996 kmixer - ok
08:04:31.0078 2996 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
08:04:31.0078 2996 KSecDD - ok
08:04:31.0312 2996 lbrtfdc - ok
08:04:31.0421 2996 mdmxsdk (3c318b9cd391371bed62126581ee9961) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
08:04:31.0437 2996 mdmxsdk - ok
08:04:31.0484 2996 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
08:04:31.0484 2996 mnmdd - ok
08:04:31.0640 2996 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
08:04:31.0656 2996 Modem - ok
08:04:31.0796 2996 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
08:04:31.0796 2996 Mouclass - ok
08:04:31.0921 2996 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
08:04:31.0921 2996 mouhid - ok
08:04:32.0078 2996 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
08:04:32.0078 2996 MountMgr - ok
08:04:32.0265 2996 mraid35x - ok
08:04:32.0406 2996 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
08:04:32.0406 2996 MRxDAV - ok
08:04:32.0531 2996 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
08:04:32.0531 2996 MRxSmb - ok
08:04:32.0687 2996 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
08:04:32.0687 2996 Msfs - ok
08:04:32.0859 2996 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
08:04:32.0859 2996 MSKSSRV - ok
08:04:33.0000 2996 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
08:04:33.0000 2996 MSPCLOCK - ok
08:04:33.0140 2996 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
08:04:33.0140 2996 MSPQM - ok
08:04:33.0343 2996 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
08:04:33.0343 2996 mssmbios - ok
08:04:33.0437 2996 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
08:04:33.0437 2996 Mup - ok
08:04:33.0625 2996 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
08:04:33.0625 2996 NDIS - ok
08:04:33.0718 2996 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
08:04:33.0718 2996 NdisTapi - ok
08:04:33.0859 2996 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
08:04:33.0859 2996 Ndisuio - ok
08:04:34.0000 2996 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
08:04:34.0000 2996 NdisWan - ok
08:04:34.0109 2996 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
08:04:34.0109 2996 NDProxy - ok
08:04:34.0281 2996 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
08:04:34.0281 2996 NetBIOS - ok
08:04:34.0437 2996 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
08:04:34.0437 2996 NetBT - ok
08:04:34.0593 2996 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
08:04:34.0593 2996 NIC1394 - ok
08:04:34.0734 2996 NPF (f498c5c3399a60933196fc215ef074f9) C:\WINDOWS\system32\drivers\npf.sys
08:04:34.0734 2996 NPF - ok
08:04:34.0890 2996 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
08:04:34.0890 2996 Npfs - ok
08:04:35.0015 2996 NSCIRDA (2adc0ca9945c65284b3d19bc18765974) C:\WINDOWS\system32\DRIVERS\nscirda.sys
08:04:35.0031 2996 NSCIRDA - ok
08:04:35.0218 2996 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
08:04:35.0234 2996 Ntfs - ok
08:04:35.0406 2996 NTIDrvr (7f1c1f78d709c4a54cbb46ede7e0b48d) C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys
08:04:35.0406 2996 NTIDrvr - ok
08:04:35.0453 2996 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
08:04:35.0453 2996 Null - ok
08:04:35.0500 2996 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
08:04:35.0500 2996 NwlnkFlt - ok
08:04:35.0546 2996 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
08:04:35.0546 2996 NwlnkFwd - ok
08:04:35.0703 2996 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
08:04:35.0703 2996 ohci1394 - ok
08:04:35.0859 2996 osaio (b270a30ae97524e7edb5eca7b2afb846) C:\WINDOWS\system32\drivers\osaio.sys
08:04:35.0859 2996 osaio - ok
08:04:35.0968 2996 osanbm (3245bee5176697faf0744a2e1288dc77) C:\WINDOWS\system32\drivers\osanbm.sys
08:04:35.0968 2996 osanbm - ok
08:04:36.0156 2996 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
08:04:36.0156 2996 Parport - ok
08:04:36.0312 2996 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
08:04:36.0312 2996 PartMgr - ok
08:04:36.0343 2996 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
08:04:36.0343 2996 ParVdm - ok
08:04:36.0421 2996 PCI (b7979f37bb7b9df2230046134955e6e7) C:\WINDOWS\system32\DRIVERS\pci.sys
08:04:36.0437 2996 PCI - ok
08:04:36.0625 2996 PCIDump - ok
08:04:36.0703 2996 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
08:04:36.0703 2996 PCIIde - ok
08:04:36.0843 2996 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
08:04:36.0843 2996 Pcmcia - ok
08:04:37.0031 2996 PDCOMP - ok
08:04:37.0218 2996 PDFRAME - ok
08:04:37.0421 2996 PDRELI - ok
08:04:37.0609 2996 PDRFRAME - ok
08:04:37.0796 2996 perc2 - ok
08:04:37.0984 2996 perc2hib - ok
08:04:38.0109 2996 pfc (444f122e68db44c0589227781f3c8b3f) C:\WINDOWS\system32\drivers\pfc.sys
08:04:38.0109 2996 pfc - ok
08:04:38.0250 2996 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
08:04:38.0250 2996 PptpMiniport - ok
08:04:38.0390 2996 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
08:04:38.0390 2996 PSched - ok
08:04:38.0421 2996 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
08:04:38.0421 2996 Ptilink - ok
08:04:38.0609 2996 ql1080 - ok
08:04:38.0781 2996 Ql10wnt - ok
08:04:38.0968 2996 ql12160 - ok
08:04:39.0156 2996 ql1240 - ok
08:04:39.0343 2996 ql1280 - ok
08:04:39.0375 2996 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
08:04:39.0375 2996 RasAcd - ok
08:04:39.0484 2996 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
08:04:39.0484 2996 Rasirda - ok
08:04:39.0656 2996 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
08:04:39.0656 2996 Rasl2tp - ok
08:04:39.0781 2996 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
08:04:39.0781 2996 RasPppoe - ok
08:04:39.0812 2996 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
08:04:39.0812 2996 Raspti - ok
08:04:39.0968 2996 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
08:04:39.0968 2996 Rdbss - ok
08:04:40.0015 2996 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
08:04:40.0015 2996 RDPCDD - ok
08:04:40.0156 2996 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
08:04:40.0156 2996 RDPWD - ok
08:04:40.0296 2996 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
08:04:40.0296 2996 redbook - ok
08:04:40.0515 2996 RFCOMM (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys
08:04:40.0515 2996 RFCOMM - ok
08:04:40.0531 2996 rpcapd - ok
08:04:40.0656 2996 s24trans (85a26a3bb748dfd3170cdbf45b0dd7fd) C:\WINDOWS\system32\DRIVERS\s24trans.sys
08:04:40.0656 2996 s24trans - ok
08:04:40.0843 2996 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
08:04:40.0843 2996 Secdrv - ok
08:04:40.0968 2996 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
08:04:40.0984 2996 serenum - ok
08:04:41.0140 2996 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
08:04:41.0140 2996 Serial - ok
08:04:41.0265 2996 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
08:04:41.0265 2996 Sfloppy - ok
08:04:41.0468 2996 Simbad - ok
08:04:41.0656 2996 Sparrow - ok
08:04:41.0796 2996 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
08:04:41.0796 2996 splitter - ok
08:04:41.0921 2996 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
08:04:41.0937 2996 sr - ok
08:04:42.0015 2996 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
08:04:42.0031 2996 Srv - ok
08:04:42.0187 2996 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
08:04:42.0187 2996 swenum - ok
08:04:42.0328 2996 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
08:04:42.0328 2996 swmidi - ok
08:04:42.0531 2996 symc810 - ok
08:04:42.0718 2996 symc8xx - ok
08:04:42.0890 2996 sym_hi - ok
08:04:43.0078 2996 sym_u3 - ok
08:04:43.0203 2996 SynTP (eb363ddfbe8b6d51003ccab29d93d744) C:\WINDOWS\system32\DRIVERS\SynTP.sys
08:04:43.0218 2996 SynTP - ok
08:04:43.0375 2996 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
08:04:43.0375 2996 sysaudio - ok
08:04:43.0484 2996 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
08:04:43.0484 2996 Tcpip - ok
08:04:43.0640 2996 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
08:04:43.0640 2996 TDPIPE - ok
08:04:43.0750 2996 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
08:04:43.0750 2996 TDTCP - ok
08:04:43.0875 2996 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
08:04:43.0890 2996 TermDD - ok
08:04:44.0000 2996 tifm21 (8778a553003a3d37a550a1f9cff6be28) C:\WINDOWS\system32\drivers\tifm21.sys
08:04:44.0000 2996 tifm21 - ok
08:04:44.0187 2996 TosIde - ok
08:04:44.0328 2996 UBHelper (e0c67be430c6de490d6ccaecfa071f9e) C:\WINDOWS\system32\drivers\UBHelper.sys
08:04:44.0328 2996 UBHelper - ok
08:04:44.0468 2996 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
08:04:44.0468 2996 Udfs - ok
08:04:44.0656 2996 ultra - ok
08:04:44.0859 2996 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
08:04:44.0875 2996 Update - ok
08:04:44.0984 2996 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
08:04:44.0984 2996 usbehci - ok
08:04:45.0078 2996 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
08:04:45.0078 2996 usbhub - ok
08:04:45.0203 2996 usbohci (bdfe799a8531bad8a5a985821fe78760) C:\WINDOWS\system32\DRIVERS\usbohci.sys
08:04:45.0218 2996 usbohci - ok
08:04:45.0328 2996 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
08:04:45.0328 2996 USBSTOR - ok
08:04:45.0453 2996 usbuhci (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
08:04:45.0453 2996 usbuhci - ok
08:04:45.0562 2996 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
08:04:45.0562 2996 VgaSave - ok
08:04:45.0750 2996 ViaIde - ok
08:04:45.0875 2996 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
08:04:45.0875 2996 VolSnap - ok
08:04:46.0125 2996 w29n51 (c89da341fcc883a3d79dc11727484fc2) C:\WINDOWS\system32\DRIVERS\w29n51.sys
08:04:46.0281 2996 w29n51 - ok
08:04:46.0437 2996 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
08:04:46.0437 2996 Wanarp - ok
08:04:46.0625 2996 WDICA - ok
08:04:46.0765 2996 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
08:04:46.0765 2996 wdmaud - ok
08:04:46.0906 2996 winachsf (5ea185425bfcbc2d4b96d673d8c4deaf) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
08:04:46.0937 2996 winachsf - ok
08:04:47.0046 2996 MBR (0x1B8) (9c603bc3977968c891de319283e1e7af) \Device\Harddisk0\DR0
08:04:47.0078 2996 \Device\Harddisk0\DR0 ( Trojan-Clicker.Win32.Wistler.c ) - infected
08:04:47.0078 2996 \Device\Harddisk0\DR0 - detected Trojan-Clicker.Win32.Wistler.c (0)
08:04:47.0109 2996 Boot (0x1200) (ceaee94e2d52dedf26871aa908135c8b) \Device\Harddisk0\DR0\Partition0
08:04:47.0109 2996 \Device\Harddisk0\DR0\Partition0 - ok
08:04:47.0140 2996 Boot (0x1200) (e086f507788ba37ab127e62f3f718ebf) \Device\Harddisk0\DR0\Partition1
08:04:47.0140 2996 \Device\Harddisk0\DR0\Partition1 - ok
08:04:47.0140 2996 ============================================================
08:04:47.0140 2996 Scan finished
08:04:47.0140 2996 ============================================================
08:04:47.0156 0724 Detected object count: 1
08:04:47.0156 0724 Actual detected object count: 1
08:05:44.0328 0724 \Device\Harddisk0\DR0 ( Trojan-Clicker.Win32.Wistler.c ) - will be cured on reboot
08:05:44.0328 0724 \Device\Harddisk0\DR0 - ok
08:05:44.0328 0724 \Device\Harddisk0\DR0 ( Trojan-Clicker.Win32.Wistler.c ) - User select action: Cure
08:05:48.0312 2236 Deinitialize success


jeste jednou jsem spustil scan a tentokrat již nic nedetekovana, spustil sem pak bootkit remover, ten ale hlasí stale stejný problém (asi toho tam mamvic:-(

Bootkit Remover
(c) 2009 Esage Lab
www.esagelab.com

Program version: 1.2.0.1
OS Version: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)

System volume is \\.\C:
\\.\C: -> \\.\PhysicalDrive0 at offset 0x00000000`bbc57e00
Boot sector MD5 is: 7c47d39b31ef9830828d5f8aa4780dfd

Size Device Name MBR Status
--------------------------------------------
93 GB \\.\PhysicalDrive0 Unknown boot code

Unknown boot code has been found on some of your physical disks.
To inspect the boot code manually, dump the master boot sector:
remover.exe dump <device_name> [output_file]
To disinfect the master boot sector, use the following command:
remover.exe fix <device_name>


Done;
Press any key to quit...

[chodnik74]

Přesuňte soubor remover.exe na vaši Plochu
Stiskněte klávesovou kombinaci WIN+R( nebo start-spustit ),čímž se vám otevře okno pro zadání příkazu pro spuštění a zkopírujte a vložte sem následujíci text: %userprofile%\plocha\remover.exe" fix \\.\PhysicalDrive0 a dejte enter

RESTARTUJTE PC...

poté pustíme remover.exe a znovu sem vložte log na kontrolu

[paolo75]

tak provedeno a výsledek vypada dobře, v logu je toto:

Bootkit Remover
(c) 2009 Esage Lab
www.esagelab.com

Program version: 1.2.0.1
OS Version: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)

System volume is \\.\C:
\\.\C: -> \\.\PhysicalDrive0 at offset 0x00000000`bbc57e00
Boot sector MD5 is: 6def5ffcbcdbdb4082f1015625e597bd

Size Device Name MBR Status
--------------------------------------------
93 GB \\.\PhysicalDrive0 OK (DOS/Win32 Boot code found)


Done;
Press any key to quit...

myslite že je to nyni ok?
jestli ano, tak moc dekuji za pomoc:-)

[chodnik74]

Vypadá to v pořádku kdyby byl problém,tak se ozvěte Přeji hezký zbytek dne a kdyby byl příště problém,tak jsme tu pro Vás