windows-problem

[saiyan]

Zdravim,mam taky problem s OS win xp professional: pri zapnuti pc mi na plochu vyskoci tabulka Windows Genuine Advantage Notifications a ziada si to nejaku instalaciu.. neviem,kto z mojich milych clenov rodiny a ani co instaloval ale hlavny problem sa objavil s aplikaciou/programom XP Antivirus 2012 ktory hned skenuje pc a gossip kopec malware,havede,dalej ma nechce pustit na internet a mam problem s pustenim napr. ccleaner-a. Vie mi niekto poradit?

[vyosek]

Zdravim a pekny podvecer preji

Maly technicky, mate legalni windows = zakoupena licence

Muzete dat log z RSIT? treba jej prenest pres flash disk, nebo jej zkusit udelat v nouzovem rezimu

[saiyan]

cez HijackThis sa mi podarilo toto:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:18:01, on 9. 12. 2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\scorpio\Local Settings\Data aplikací\fsk.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\trend micro\scorpio.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\scorpio\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O20 - AppInit_DLLs:
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 7464 bytes

Inak mi RSIT nešlo sustiť

-nie bohužiaľ neskoro som prišiel na to, že mám nelegálny softvér, tak to tiež musím poriešiť..

[saiyan]

podaril sa mi RSIT:
Logfile of random's system information tool 1.08 (written by random/random)
Run by scorpio at 2011-04-04 18:11:54
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 48 GB (84%) free of 57 GB
Total RAM: 1023 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:11:58, on 4. 4. 2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\scorpio\Local Settings\Temporary Internet Files\Content.IE5\NMRXLTMZ\RSIT[1].exe
C:\Program Files\trend micro\scorpio.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll
O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NitroPDFReaderDriverCreatorReadSpool (NitroReaderDriverReadSpool) - Nitro PDF Software - C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 8230 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-01-30 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-12-09 3911776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08 3118976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-04-02 298160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22 1242504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll [2011-04-02 848952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
uTorrentBar Toolbar - C:\Program Files\uTorrentBar\tbuTor.dll [2010-12-09 3911776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-02-09 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - uTorrentBar Toolbar - C:\Program Files\uTorrentBar\tbuTor.dll [2010-12-09 3911776]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-12-09 3911776]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-04-02 298160]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [2011-01-30 35736]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-11-15 932288]
"NVMixerTray"=C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe [2004-06-03 131072]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2003-07-31 4493312]
"nwiz"=nwiz.exe /install []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-01-26 15026056]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"OM2_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe [2009-11-25 95632]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2011-04-02 39408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-02-15 1230704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2006-09-01 282624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Games\Counter-Strike\hl.exe"="D:\Games\Counter-Strike\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Sony Ericsson\Update Service\Update Service.exe"="C:\Program Files\Sony Ericsson\Update Service\Update Service.exe:*:Enabled:Update Service"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"D:\Games\Steam\SteamApps\scorpio739\team fortress 2\hl2.exe"="D:\Games\Steam\SteamApps\scorpio739\team fortress 2\hl2.exe:*:Enabled:hl2"
"D:\Games\Crashday\Crashday.exe"="D:\Games\Crashday\Crashday.exe:*:Enabled:Crashday"
"D:\Games\Codemasters\Worms 4 Mayhem\WORMS 4 MAYHEM.EXE"="D:\Games\Codemasters\Worms 4 Mayhem\WORMS 4 MAYHEM.EXE:*:Enabled:Worms 4 Mayhem"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"D:\Games\Counter-Strike 1.6\hl.exe"="D:\Games\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\AVG\AVG10\avgmfapx.exe"="C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:Inštalátor produktu AVG"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2011-04-04 18:11:54 ----D---- C:\rsit
2011-04-04 17:45:47 ----D---- C:\Program Files\CCleaner
2011-04-04 17:35:01 ----SHD---- C:\Config.Msi
2011-04-02 15:43:29 ----D---- C:\Documents and Settings\scorpio\Data aplikací\Google
2011-04-01 18:36:57 ----D---- C:\WINDOWS\CSC
2011-03-31 09:39:59 ----D---- C:\Program Files\CrystalDiskInfo
2011-03-30 09:24:35 ----SHD---- C:\RECYCLER
2011-03-29 19:49:19 ----D---- C:\Documents and Settings\scorpio\Data aplikací\PriceGong
2011-03-29 19:39:33 ----RASHD---- C:\cmdcons
2011-03-29 19:08:18 ----A---- C:\WINDOWS\system32\ptpusb.dll
2011-03-29 19:08:17 ----A---- C:\WINDOWS\system32\ptpusd.dll
2011-03-29 19:08:16 ----A---- C:\WINDOWS\system32\drivers\usbscan.sys
2011-03-27 09:01:25 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2011-03-26 22:43:45 ----D---- C:\Documents and Settings\scorpio\Data aplikací\AVG10
2011-03-26 22:41:22 ----HD---- C:\Documents and Settings\All Users\Data aplikací\Common Files
2011-03-26 22:36:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG10
2011-03-26 22:35:40 ----D---- C:\Program Files\AVG
2011-03-26 22:34:40 ----D---- C:\Documents and Settings\All Users\Data aplikací\MFAData
2011-03-26 22:05:39 ----D---- C:\Documents and Settings\All Users\Data aplikací\Google
2011-03-23 17:14:54 ----D---- C:\Documents and Settings\All Users\Data aplikací\Family Farm
2011-03-23 17:12:28 ----RSD---- C:\WINDOWS\assembly
2011-03-23 17:11:54 ----D---- C:\WINDOWS\Microsoft.NET
2011-03-23 17:09:24 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll
2011-03-23 17:09:15 ----A---- C:\WINDOWS\system32\D3DX9_43.dll
2011-03-23 17:09:00 ----D---- C:\WINDOWS\Logs
2011-03-17 20:14:31 ----D---- C:\Documents and Settings\scorpio\Data aplikací\DDMSettings
2011-03-17 20:01:46 ----D---- C:\Documents and Settings\scorpio\Data aplikací\DivX
2011-03-17 20:01:14 ----N---- C:\WINDOWS\system32\vxblock.dll
2011-03-17 20:01:14 ----N---- C:\WINDOWS\system32\pxwave.dll
2011-03-17 20:01:14 ----N---- C:\WINDOWS\system32\pxsfs.dll
2011-03-17 20:01:14 ----N---- C:\WINDOWS\system32\pxmas.dll
2011-03-17 20:01:14 ----N---- C:\WINDOWS\system32\pxinsi64.exe
2011-03-17 20:01:14 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2011-03-17 20:01:14 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2011-03-17 20:01:14 ----N---- C:\WINDOWS\system32\pxdrv.dll
2011-03-17 20:01:14 ----N---- C:\WINDOWS\system32\pxcpyi64.exe
2011-03-17 20:01:14 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2011-03-17 20:01:14 ----N---- C:\WINDOWS\system32\pxafs.dll
2011-03-17 20:01:14 ----N---- C:\WINDOWS\system32\drivers\PxHelp20.sys
2011-03-17 20:01:14 ----N---- C:\WINDOWS\system32\drivers\cdralw2k.sys
2011-03-17 20:01:14 ----N---- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2011-03-17 20:01:09 ----N---- C:\WINDOWS\system32\px.dll
2011-03-17 20:00:17 ----D---- C:\Program Files\Common Files\DivX Shared
2011-03-17 19:54:57 ----D---- C:\Program Files\Google
2011-03-17 19:54:48 ----D---- C:\Program Files\DivX
2011-03-17 19:48:46 ----D---- C:\Documents and Settings\All Users\Data aplikací\DivX
2011-03-17 10:27:53 ----D---- C:\WINDOWS\system32\appmgmt
2011-03-07 17:35:54 ----A---- C:\WINDOWS\Disney.ini

======List of files/folders modified in the last 1 months======

2011-04-04 18:11:58 ----D---- C:\Program Files\trend micro
2011-04-04 18:06:49 ----D---- C:\WINDOWS\Temp
2011-04-04 18:04:35 ----D---- C:\WINDOWS\system32\CatRoot2
2011-04-04 17:54:51 ----D---- C:\Documents and Settings\scorpio\Data aplikací\Skype
2011-04-04 17:54:22 ----D---- C:\Windows
2011-04-04 17:53:11 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-04-04 17:50:31 ----D---- C:\WINDOWS\Debug
2011-04-04 17:50:31 ----D---- C:\Documents and Settings\scorpio\Data aplikací\uTorrent
2011-04-04 17:50:31 ----D---- C:\Documents and Settings\scorpio\Data aplikací\Media Player Classic
2011-04-04 17:45:47 ----RD---- C:\Program Files
2011-04-04 17:38:58 ----D---- C:\WINDOWS\Prefetch
2011-04-04 17:38:22 ----D---- C:\WINDOWS\system32\Restore
2011-04-04 17:38:14 ----D---- C:\WINDOWS\system32\drivers
2011-04-04 17:37:00 ----D---- C:\Documents and Settings\scorpio\Data aplikací\skypePM
2011-04-04 17:35:36 ----SHD---- C:\WINDOWS\Installer
2011-04-04 17:35:20 ----HD---- C:\WINDOWS\inf
2011-04-04 17:34:45 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-04-04 17:34:35 ----D---- C:\WINDOWS\system32
2011-04-02 18:04:09 ----D---- C:\Documents and Settings\scorpio\Data aplikací\Nitro PDF
2011-04-02 15:51:50 ----SD---- C:\WINDOWS\Downloaded Program Files
2011-04-02 15:39:49 ----SD---- C:\WINDOWS\Tasks
2011-04-01 18:33:14 ----D---- C:\Documents and Settings
2011-03-29 19:44:24 ----A---- C:\WINDOWS\system.ini
2011-03-29 19:44:17 ----D---- C:\WINDOWS\system32\drivers\etc
2011-03-29 19:42:21 ----D---- C:\WINDOWS\AppPatch
2011-03-29 19:42:18 ----D---- C:\Program Files\Common Files
2011-03-29 19:39:36 ----RASH---- C:\boot.ini
2011-03-29 10:42:47 ----SHD---- C:\System Volume Information
2011-03-28 12:05:00 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-03-26 22:35:31 ----D---- C:\WINDOWS\WinSxS
2011-03-26 21:35:43 ----D---- C:\Documents and Settings\All Users\Data aplikací\ESET
2011-03-23 17:12:00 ----D---- C:\Program Files\Internet Explorer
2011-03-23 17:11:59 ----D---- C:\WINDOWS\system32\mui
2011-03-23 17:09:31 ----D---- C:\WINDOWS\system32\DirectX
2011-03-21 13:40:08 ----SD---- C:\Documents and Settings\scorpio\Data aplikací\Microsoft
2011-03-21 13:40:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-03-21 13:17:04 ----A---- C:\WINDOWS\win.ini
2011-03-18 18:07:49 ----A---- C:\memory.txt
2011-03-07 18:30:34 ----D---- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nv_agp;NVIDIA nForce AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\nv_agp.sys [2004-04-02 21760]
R0 nvatabus;nvatabus; C:\WINDOWS\system32\DRIVERS\nvatabus.sys [2004-06-03 79360]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-07-12 45648]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-05-17 50176]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2005-05-16 19968]
R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2008-04-14 41600]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-02-15 218688]
R2 ithsgt;ithsgt; C:\WINDOWS\system32\DRIVERS\ithsgt.sys [2011-02-15 162432]
R2 lilsgt;lilsgt; C:\WINDOWS\system32\DRIVERS\lilsgt.sys [2011-02-15 12032]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-18 2944]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2003-07-31 1217962]
R3 nvax;Service for NVIDIA(R) nForce(TM) Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2004-05-25 48640]
R3 nvnforce;Service for NVIDIA(R) nForce(TM) Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2004-05-25 396032]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\WINDOWS\system32\DRIVERS\seehcri.sys [2011-01-30 27632]
S3 epmntdrv;epmntdrv; \??\C:\WINDOWS\system32\epmntdrv.sys []
S3 EuGdiDrv;EuGdiDrv; \??\C:\WINDOWS\system32\EuGdiDrv.sys []
S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2011-01-30 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2011-01-30 25512]
S3 pwdrvio;pwdrvio; \??\C:\WINDOWS\System32\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\WINDOWS\System32\pwdspio.sys []
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-02-02 153376]
R2 NitroReaderDriverReadSpool;NitroPDFReaderDriverCreatorReadSpool; C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService.exe [2011-01-14 196912]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2003-07-31 65536]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-04-02 136176]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-04-02 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------

[vyosek]

nie bohužiaľ neskoro som prišiel na to, že mám nelegálny softvér, tak to tiež musím poriešiť..

A jak jste to prosim poresil

[saiyan]

No najprv sa musím zbaviť havede,čo sa mi infiltrovala do pc, a potom zakúpiť licen.windows

[vyosek]

Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe

• Utilitu spustte a prikazte ji, at skenuje - klik na Start Scan
• Pokud utilita najde infikekci, bude ji chtit lecit (Cure), povolte leceni kliknutim na Continue
• Pokud utilita najde podezrely soubor (suspicious), bude jej chtit preskocit (Skip), povolte preskoceni kliknutim na Continue
• Po dokonceni skenu bude mozna nutny restart PC, povolte jej kliknutim na Reboot now
• Po restartu na Vas vyskoci log, pokud se tak nestane, najdete jej primo na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt - jeho obsah sem vlozte
• Pokud restart nebude vyzadovan, kliknete na Close a nasledne na Report - vytvori se log - jeho obsah sem vlozte

[saiyan]

13:40:09.0328 1976 TDSS rootkit removing tool 2.6.22.0 Dec 7 2011 13:21:06
13:40:09.0531 1976 ============================================================
13:40:09.0531 1976 Current date / time: 2011/12/10 13:40:09.0531
13:40:09.0531 1976 SystemInfo:
13:40:09.0531 1976
13:40:09.0531 1976 OS Version: 5.1.2600 ServicePack: 3.0
13:40:09.0531 1976 Product type: Workstation
13:40:09.0531 1976 ComputerName: SCORPIO-SINGLE
13:40:09.0531 1976 UserName: scorpio
13:40:09.0531 1976 Windows directory: C:\WINDOWS
13:40:09.0531 1976 System windows directory: C:\WINDOWS
13:40:09.0531 1976 Processor architecture: Intel x86
13:40:09.0531 1976 Number of processors: 1
13:40:09.0531 1976 Page size: 0x1000
13:40:09.0531 1976 Boot type: Normal boot
13:40:09.0531 1976 ============================================================
13:40:10.0890 1976 Initialize success
13:40:21.0140 2312 ============================================================
13:40:21.0140 2312 Scan started
13:40:21.0140 2312 Mode: Manual;
13:40:21.0140 2312 ============================================================
13:40:21.0312 2312 47970671 (186b54479d98e48aee0e9ada4b3c4d31) C:\WINDOWS\system32\DRIVERS\47970671.sys
13:40:21.0312 2312 47970671 - ok
13:40:21.0390 2312 Aavmker4 (b6de0336f9f4b687b4ff57939f7b657a) C:\WINDOWS\system32\drivers\Aavmker4.sys
13:40:21.0390 2312 Aavmker4 - ok
13:40:21.0437 2312 Abiosdsk - ok
13:40:21.0500 2312 abp480n5 - ok
13:40:21.0593 2312 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
13:40:21.0625 2312 ACPI - ok
13:40:21.0703 2312 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
13:40:21.0703 2312 ACPIEC - ok
13:40:21.0750 2312 adpu160m - ok
13:40:21.0859 2312 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
13:40:21.0859 2312 aec - ok
13:40:21.0984 2312 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
13:40:21.0984 2312 AFD - ok
13:40:22.0031 2312 Aha154x - ok
13:40:22.0046 2312 aic78u2 - ok
13:40:22.0078 2312 aic78xx - ok
13:40:22.0109 2312 AliIde - ok
13:40:22.0171 2312 AmdK7 (3980814f8027d27ea003e2e3d9d4f604) C:\WINDOWS\system32\DRIVERS\amdk7.sys
13:40:22.0171 2312 AmdK7 - ok
13:40:22.0218 2312 amsint - ok
13:40:22.0281 2312 asc - ok
13:40:22.0296 2312 asc3350p - ok
13:40:22.0343 2312 asc3550 - ok
13:40:22.0437 2312 aswFsBlk (054df24c92b55427e0757cfff160e4f2) C:\WINDOWS\system32\drivers\aswFsBlk.sys
13:40:22.0437 2312 aswFsBlk - ok
13:40:22.0531 2312 aswMon2 (ef0e9ad83380724bd6fbbb51d2d0f5b8) C:\WINDOWS\system32\drivers\aswMon2.sys
13:40:22.0531 2312 aswMon2 - ok
13:40:22.0578 2312 aswRdr (352d5a48ebab35a7693b048679304831) C:\WINDOWS\system32\drivers\aswRdr.sys
13:40:22.0578 2312 aswRdr - ok
13:40:22.0703 2312 aswSnx (8d34d2b24297e27d93e847319abfdec4) C:\WINDOWS\system32\drivers\aswSnx.sys
13:40:22.0703 2312 aswSnx - ok
13:40:22.0781 2312 aswSP (010012597333da1f46c3243f33f8409e) C:\WINDOWS\system32\drivers\aswSP.sys
13:40:22.0781 2312 aswSP - ok
13:40:22.0859 2312 aswTdi (f9f84364416658e9786235904d448d37) C:\WINDOWS\system32\drivers\aswTdi.sys
13:40:22.0859 2312 aswTdi - ok
13:40:22.0937 2312 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
13:40:22.0953 2312 AsyncMac - ok
13:40:23.0015 2312 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
13:40:23.0015 2312 atapi - ok
13:40:23.0078 2312 Atdisk - ok
13:40:23.0125 2312 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
13:40:23.0125 2312 Atmarpc - ok
13:40:23.0218 2312 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
13:40:23.0218 2312 audstub - ok
13:40:23.0296 2312 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
13:40:23.0296 2312 Beep - ok
13:40:23.0375 2312 BthEnum (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys
13:40:23.0375 2312 BthEnum - ok
13:40:23.0453 2312 BthPan (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys
13:40:23.0468 2312 BthPan - ok
13:40:23.0515 2312 BTHPORT (f338662a6c1fc11dd9508f6dff2c06a2) C:\WINDOWS\system32\Drivers\BTHport.sys
13:40:23.0531 2312 BTHPORT - ok
13:40:23.0625 2312 BTHUSB (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys
13:40:23.0625 2312 BTHUSB - ok
13:40:23.0703 2312 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
13:40:23.0703 2312 cbidf2k - ok
13:40:23.0734 2312 cd20xrnt - ok
13:40:23.0781 2312 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
13:40:23.0781 2312 Cdaudio - ok
13:40:23.0859 2312 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
13:40:23.0859 2312 Cdfs - ok
13:40:23.0921 2312 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
13:40:23.0921 2312 Cdrom - ok
13:40:23.0984 2312 Changer - ok
13:40:24.0046 2312 CmdIde - ok
13:40:24.0125 2312 Cpqarray - ok
13:40:24.0171 2312 dac2w2k - ok
13:40:24.0203 2312 dac960nt - ok
13:40:24.0296 2312 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
13:40:24.0296 2312 Disk - ok
13:40:24.0390 2312 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
13:40:24.0421 2312 dmboot - ok
13:40:24.0515 2312 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
13:40:24.0531 2312 dmio - ok
13:40:24.0593 2312 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
13:40:24.0593 2312 dmload - ok
13:40:24.0687 2312 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
13:40:24.0687 2312 DMusic - ok
13:40:24.0734 2312 dpti2o - ok
13:40:24.0765 2312 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
13:40:24.0765 2312 drmkaud - ok
13:40:24.0843 2312 dtsoftbus01 (555e54ac2f601a8821cef58961653991) C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
13:40:24.0843 2312 dtsoftbus01 - ok
13:40:24.0953 2312 epmntdrv (57cc1bf06c159dfbb989f5783c0e6a50) C:\WINDOWS\system32\epmntdrv.sys
13:40:24.0984 2312 epmntdrv - ok
13:40:25.0046 2312 EuGdiDrv (5f779f5edab787f2d090c71a9051f365) C:\WINDOWS\system32\EuGdiDrv.sys
13:40:25.0062 2312 EuGdiDrv - ok
13:40:25.0156 2312 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
13:40:25.0156 2312 Fastfat - ok
13:40:25.0234 2312 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
13:40:25.0250 2312 Fdc - ok
13:40:25.0312 2312 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
13:40:25.0312 2312 Fips - ok
13:40:25.0453 2312 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
13:40:25.0468 2312 Flpydisk - ok
13:40:25.0546 2312 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
13:40:25.0562 2312 FltMgr - ok
13:40:25.0640 2312 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:40:25.0640 2312 Fs_Rec - ok
13:40:25.0703 2312 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
13:40:25.0703 2312 Ftdisk - ok
13:40:25.0765 2312 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
13:40:25.0765 2312 gameenum - ok
13:40:25.0843 2312 ggflt (007aea2e06e7cef7372e40c277163959) C:\WINDOWS\system32\DRIVERS\ggflt.sys
13:40:25.0843 2312 ggflt - ok
13:40:25.0875 2312 ggsemc (c73de35960ca75c5ab4ae636b127c64e) C:\WINDOWS\system32\DRIVERS\ggsemc.sys
13:40:25.0890 2312 ggsemc - ok
13:40:25.0937 2312 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
13:40:25.0937 2312 Gpc - ok
13:40:26.0015 2312 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
13:40:26.0031 2312 HidUsb - ok
13:40:26.0062 2312 hpn - ok
13:40:26.0078 2312 hpt3xx - ok
13:40:26.0125 2312 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
13:40:26.0140 2312 HTTP - ok
13:40:26.0203 2312 i2omgmt - ok
13:40:26.0250 2312 i2omp - ok
13:40:26.0312 2312 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
13:40:26.0312 2312 i8042prt - ok
13:40:26.0406 2312 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
13:40:26.0406 2312 Imapi - ok
13:40:26.0453 2312 ini910u - ok
13:40:26.0484 2312 IntelIde - ok
13:40:26.0531 2312 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
13:40:26.0531 2312 ip6fw - ok
13:40:26.0593 2312 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:40:26.0609 2312 IpFilterDriver - ok
13:40:26.0656 2312 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
13:40:26.0656 2312 IpInIp - ok
13:40:26.0718 2312 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
13:40:26.0718 2312 IpNat - ok
13:40:26.0796 2312 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
13:40:26.0812 2312 IPSec - ok
13:40:26.0843 2312 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
13:40:26.0843 2312 IRENUM - ok
13:40:26.0921 2312 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
13:40:26.0937 2312 isapnp - ok
13:40:27.0015 2312 ithsgt (b7a5fadf67136fda7e8f25303565b674) C:\WINDOWS\system32\DRIVERS\ithsgt.sys
13:40:27.0015 2312 ithsgt - ok
13:40:27.0109 2312 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
13:40:27.0109 2312 Kbdclass - ok
13:40:27.0203 2312 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
13:40:27.0203 2312 kbdhid - ok
13:40:27.0296 2312 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
13:40:27.0312 2312 kmixer - ok
13:40:27.0390 2312 KMWDFilterV1 (769e2846280aead581227f6ab861fbc6) C:\WINDOWS\System32\Drivers\RPGMOUSEV1.sys
13:40:27.0406 2312 KMWDFilterV1 - ok
13:40:27.0500 2312 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
13:40:27.0500 2312 KSecDD - ok
13:40:27.0562 2312 lbrtfdc - ok
13:40:27.0625 2312 lilsgt (16767ea492b5d140e1de3679a65eae74) C:\WINDOWS\system32\DRIVERS\lilsgt.sys
13:40:27.0625 2312 lilsgt - ok
13:40:27.0718 2312 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
13:40:27.0734 2312 mnmdd - ok
13:40:27.0812 2312 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
13:40:27.0812 2312 Modem - ok
13:40:27.0890 2312 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
13:40:27.0890 2312 Mouclass - ok
13:40:27.0968 2312 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
13:40:27.0968 2312 mouhid - ok
13:40:28.0078 2312 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
13:40:28.0078 2312 MountMgr - ok
13:40:28.0140 2312 mraid35x - ok
13:40:28.0156 2312 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
13:40:28.0171 2312 MRxDAV - ok
13:40:28.0234 2312 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:40:28.0265 2312 MRxSmb - ok
13:40:28.0375 2312 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
13:40:28.0375 2312 Msfs - ok
13:40:28.0437 2312 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
13:40:28.0437 2312 MSKSSRV - ok
13:40:28.0546 2312 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
13:40:28.0546 2312 MSPCLOCK - ok
13:40:28.0609 2312 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
13:40:28.0609 2312 MSPQM - ok
13:40:28.0640 2312 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
13:40:28.0640 2312 mssmbios - ok
13:40:28.0687 2312 ms_mpu401 (ca3e22598f411199adc2dfee76cd0ae0) C:\WINDOWS\system32\drivers\msmpu401.sys
13:40:28.0687 2312 ms_mpu401 - ok
13:40:28.0750 2312 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
13:40:28.0765 2312 Mup - ok
13:40:28.0843 2312 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
13:40:28.0859 2312 NDIS - ok
13:40:28.0937 2312 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:40:28.0937 2312 NdisTapi - ok
13:40:29.0015 2312 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
13:40:29.0015 2312 Ndisuio - ok
13:40:29.0078 2312 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:40:29.0078 2312 NdisWan - ok
13:40:29.0140 2312 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
13:40:29.0156 2312 NDProxy - ok
13:40:29.0234 2312 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
13:40:29.0234 2312 NetBIOS - ok
13:40:29.0296 2312 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
13:40:29.0296 2312 NetBT - ok
13:40:29.0406 2312 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
13:40:29.0406 2312 Npfs - ok
13:40:29.0484 2312 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
13:40:29.0500 2312 Ntfs - ok
13:40:29.0593 2312 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
13:40:29.0593 2312 Null - ok
13:40:29.0687 2312 nv (384b95c9e4d41c172748cbc437ef380e) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
13:40:29.0703 2312 nv - ok
13:40:29.0781 2312 nvatabus (46deed4c6c5fa765f9a2c723be60348d) C:\WINDOWS\system32\DRIVERS\nvatabus.sys
13:40:29.0796 2312 nvatabus - ok
13:40:29.0843 2312 nvax (47b3852808dd579a463fce7085b77413) C:\WINDOWS\system32\drivers\nvax.sys
13:40:29.0843 2312 nvax - ok
13:40:29.0937 2312 nvnforce (adbcba116496229a163193bbe0bb28ce) C:\WINDOWS\system32\drivers\nvapu.sys
13:40:29.0953 2312 nvnforce - ok
13:40:30.0015 2312 nv_agp (3194e2f6c9000c39dcf9d0580754f714) C:\WINDOWS\system32\DRIVERS\nv_agp.sys
13:40:30.0015 2312 nv_agp - ok
13:40:30.0093 2312 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
13:40:30.0109 2312 NwlnkFlt - ok
13:40:30.0156 2312 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
13:40:30.0156 2312 NwlnkFwd - ok
13:40:30.0218 2312 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
13:40:30.0218 2312 Parport - ok
13:40:30.0296 2312 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
13:40:30.0296 2312 PartMgr - ok
13:40:30.0375 2312 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
13:40:30.0375 2312 ParVdm - ok
13:40:30.0421 2312 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
13:40:30.0437 2312 PCI - ok
13:40:30.0453 2312 PCIDump - ok
13:40:30.0500 2312 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
13:40:30.0500 2312 PCIIde - ok
13:40:30.0578 2312 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
13:40:30.0578 2312 Pcmcia - ok
13:40:30.0640 2312 PCTCore (3e8ce6c67b292a4fdf65ed625e5f5e81) C:\WINDOWS\system32\drivers\PCTCore.sys
13:40:30.0671 2312 PCTCore - ok
13:40:30.0750 2312 pctDS (f820b4c61d1e591325b679d479d4eea4) C:\WINDOWS\system32\drivers\pctDS.sys
13:40:30.0765 2312 pctDS - ok
13:40:30.0890 2312 pctEFA (acc8c15f3d59f17c5d903ff1de3b43d3) C:\WINDOWS\system32\drivers\pctEFA.sys
13:40:30.0906 2312 pctEFA - ok
13:40:30.0968 2312 PCTSD (83ddd552f7f1043f764e8cc88ff41232) C:\WINDOWS\system32\Drivers\PCTSD.sys
13:40:30.0984 2312 PCTSD - ok
13:40:31.0031 2312 PDCOMP - ok
13:40:31.0078 2312 PDFRAME - ok
13:40:31.0093 2312 PDRELI - ok
13:40:31.0125 2312 PDRFRAME - ok
13:40:31.0140 2312 perc2 - ok
13:40:31.0171 2312 perc2hib - ok
13:40:31.0250 2312 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
13:40:31.0250 2312 PptpMiniport - ok
13:40:31.0281 2312 Processor (7eb15dce4ec3a0220bd796a15c18186e) C:\WINDOWS\system32\DRIVERS\processr.sys
13:40:31.0281 2312 Processor - ok
13:40:31.0375 2312 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
13:40:31.0375 2312 PSched - ok
13:40:31.0437 2312 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
13:40:31.0453 2312 Ptilink - ok
13:40:31.0500 2312 pwdrvio (c50de6d0c04b230f185a13fde0f047fa) C:\WINDOWS\System32\pwdrvio.sys
13:40:31.0500 2312 pwdrvio - ok
13:40:31.0531 2312 pwdspio (cdc5704308222400ad606bcf87b006a5) C:\WINDOWS\System32\pwdspio.sys
13:40:31.0531 2312 pwdspio - ok
13:40:31.0609 2312 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
13:40:31.0609 2312 PxHelp20 - ok
13:40:31.0656 2312 ql1080 - ok
13:40:31.0671 2312 Ql10wnt - ok
13:40:31.0687 2312 ql12160 - ok
13:40:31.0718 2312 ql1240 - ok
13:40:31.0734 2312 ql1280 - ok
13:40:31.0781 2312 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:40:31.0781 2312 RasAcd - ok
13:40:31.0859 2312 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
13:40:31.0875 2312 Rasl2tp - ok
13:40:31.0921 2312 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
13:40:31.0921 2312 RasPppoe - ok
13:40:31.0968 2312 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
13:40:31.0968 2312 Raspti - ok
13:40:32.0046 2312 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
13:40:32.0062 2312 Rdbss - ok
13:40:32.0109 2312 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
13:40:32.0125 2312 RDPCDD - ok
13:40:32.0203 2312 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
13:40:32.0203 2312 rdpdr - ok
13:40:32.0281 2312 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
13:40:32.0296 2312 RDPWD - ok
13:40:32.0359 2312 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
13:40:32.0375 2312 redbook - ok
13:40:32.0421 2312 RFCOMM (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys
13:40:32.0437 2312 RFCOMM - ok
13:40:32.0515 2312 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
13:40:32.0515 2312 rtl8139 - ok
13:40:32.0625 2312 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
13:40:32.0625 2312 Secdrv - ok
13:40:32.0703 2312 seehcri (e5b56569a9f79b70314fede6c953641e) C:\WINDOWS\system32\DRIVERS\seehcri.sys
13:40:32.0718 2312 seehcri - ok
13:40:32.0812 2312 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
13:40:32.0812 2312 serenum - ok
13:40:32.0875 2312 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
13:40:32.0875 2312 Serial - ok
13:40:32.0953 2312 sfdrv01 (4c0d673281178cb496011a2e28571fc8) C:\WINDOWS\system32\drivers\sfdrv01.sys
13:40:32.0968 2312 sfdrv01 - ok
13:40:33.0062 2312 sfhlp02 (15be2b5e4dc5b8623cf167720682abc9) C:\WINDOWS\system32\drivers\sfhlp02.sys
13:40:33.0062 2312 sfhlp02 - ok
13:40:33.0125 2312 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
13:40:33.0125 2312 Sfloppy - ok
13:40:33.0218 2312 sfsync02 (efebbc1d13fdb77a6af4eddfc7232edf) C:\WINDOWS\system32\drivers\sfsync02.sys
13:40:33.0218 2312 sfsync02 - ok
13:40:33.0265 2312 sfvfs02 (9ef50060cc7e6953bab83f2a42ccc421) C:\WINDOWS\system32\drivers\sfvfs02.sys
13:40:33.0265 2312 sfvfs02 - ok
13:40:33.0359 2312 Simbad - ok
13:40:33.0406 2312 Sparrow - ok
13:40:33.0484 2312 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
13:40:33.0484 2312 splitter - ok
13:40:33.0562 2312 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
13:40:33.0562 2312 sr - ok
13:40:33.0656 2312 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
13:40:33.0671 2312 Srv - ok
13:40:33.0765 2312 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
13:40:33.0765 2312 swenum - ok
13:40:33.0843 2312 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
13:40:33.0843 2312 swmidi - ok
13:40:33.0890 2312 symc810 - ok
13:40:33.0906 2312 symc8xx - ok
13:40:33.0937 2312 sym_hi - ok
13:40:33.0953 2312 sym_u3 - ok
13:40:33.0984 2312 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
13:40:33.0984 2312 sysaudio - ok
13:40:34.0093 2312 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
13:40:34.0109 2312 Tcpip - ok
13:40:34.0203 2312 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
13:40:34.0203 2312 TDPIPE - ok
13:40:34.0265 2312 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
13:40:34.0265 2312 TDTCP - ok
13:40:34.0328 2312 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
13:40:34.0343 2312 TermDD - ok
13:40:34.0421 2312 TosIde - ok
13:40:34.0515 2312 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
13:40:34.0531 2312 Udfs - ok
13:40:34.0578 2312 ultra - ok
13:40:34.0656 2312 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
13:40:34.0671 2312 Update - ok
13:40:34.0765 2312 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
13:40:34.0765 2312 usbccgp - ok
13:40:34.0828 2312 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
13:40:34.0828 2312 usbehci - ok
13:40:34.0906 2312 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
13:40:34.0906 2312 usbhub - ok
13:40:34.0953 2312 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
13:40:34.0953 2312 usbohci - ok
13:40:35.0015 2312 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
13:40:35.0015 2312 usbscan - ok
13:40:35.0062 2312 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
13:40:35.0062 2312 USBSTOR - ok
13:40:35.0125 2312 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
13:40:35.0125 2312 VgaSave - ok
13:40:35.0140 2312 ViaIde - ok
13:40:35.0171 2312 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
13:40:35.0171 2312 VolSnap - ok
13:40:35.0250 2312 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:40:35.0250 2312 Wanarp - ok
13:40:35.0328 2312 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
13:40:35.0343 2312 Wdf01000 - ok
13:40:35.0390 2312 WDICA - ok
13:40:35.0468 2312 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
13:40:35.0484 2312 wdmaud - ok
13:40:35.0625 2312 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
13:40:35.0640 2312 WS2IFSL - ok
13:40:35.0703 2312 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
13:40:35.0984 2312 \Device\Harddisk0\DR0 - ok
13:40:36.0000 2312 Boot (0x1200) (31c313ada0bb96aa8cce361b1ef63a1b) \Device\Harddisk0\DR0\Partition0
13:40:36.0000 2312 \Device\Harddisk0\DR0\Partition0 - ok
13:40:36.0031 2312 Boot (0x1200) (f0a5b4472e07eb0ace180e28ccab0f3c) \Device\Harddisk0\DR0\Partition1
13:40:36.0031 2312 \Device\Harddisk0\DR0\Partition1 - ok
13:40:36.0031 2312 ============================================================
13:40:36.0031 2312 Scan finished
13:40:36.0031 2312 ============================================================
13:40:36.0062 3656 Detected object count: 0
13:40:36.0062 3656 Actual detected object count: 0
13:41:12.0781 0776 ============================================================
13:41:12.0781 0776 Scan started
13:41:12.0781 0776 Mode: Manual; SigCheck; TDLFS;
13:41:12.0781 0776 ============================================================
13:41:12.0937 0776 47970671 (186b54479d98e48aee0e9ada4b3c4d31) C:\WINDOWS\system32\DRIVERS\47970671.sys
13:41:13.0203 0776 47970671 - ok
13:41:13.0265 0776 Aavmker4 (b6de0336f9f4b687b4ff57939f7b657a) C:\WINDOWS\system32\drivers\Aavmker4.sys
13:41:13.0281 0776 Aavmker4 - ok
13:41:13.0312 0776 Abiosdsk - ok
13:41:13.0328 0776 abp480n5 - ok
13:41:13.0390 0776 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
13:41:14.0468 0776 ACPI - ok
13:41:14.0546 0776 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
13:41:14.0796 0776 ACPIEC - ok
13:41:14.0843 0776 adpu160m - ok
13:41:14.0921 0776 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
13:41:15.0140 0776 aec - ok
13:41:15.0203 0776 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
13:41:15.0250 0776 AFD - ok
13:41:15.0312 0776 Aha154x - ok
13:41:15.0359 0776 aic78u2 - ok
13:41:15.0390 0776 aic78xx - ok
13:41:15.0421 0776 AliIde - ok
13:41:15.0468 0776 AmdK7 (3980814f8027d27ea003e2e3d9d4f604) C:\WINDOWS\system32\DRIVERS\amdk7.sys
13:41:15.0687 0776 AmdK7 - ok
13:41:15.0734 0776 amsint - ok
13:41:15.0781 0776 asc - ok
13:41:15.0828 0776 asc3350p - ok
13:41:15.0843 0776 asc3550 - ok
13:41:15.0906 0776 aswFsBlk (054df24c92b55427e0757cfff160e4f2) C:\WINDOWS\system32\drivers\aswFsBlk.sys
13:41:15.0921 0776 aswFsBlk - ok
13:41:16.0015 0776 aswMon2 (ef0e9ad83380724bd6fbbb51d2d0f5b8) C:\WINDOWS\system32\drivers\aswMon2.sys
13:41:16.0031 0776 aswMon2 - ok
13:41:16.0093 0776 aswRdr (352d5a48ebab35a7693b048679304831) C:\WINDOWS\system32\drivers\aswRdr.sys
13:41:16.0109 0776 aswRdr - ok
13:41:16.0187 0776 aswSnx (8d34d2b24297e27d93e847319abfdec4) C:\WINDOWS\system32\drivers\aswSnx.sys
13:41:16.0234 0776 aswSnx - ok
13:41:16.0312 0776 aswSP (010012597333da1f46c3243f33f8409e) C:\WINDOWS\system32\drivers\aswSP.sys
13:41:16.0343 0776 aswSP - ok
13:41:16.0406 0776 aswTdi (f9f84364416658e9786235904d448d37) C:\WINDOWS\system32\drivers\aswTdi.sys
13:41:16.0421 0776 aswTdi - ok
13:41:16.0500 0776 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
13:41:16.0703 0776 AsyncMac - ok
13:41:16.0765 0776 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
13:41:16.0968 0776 atapi - ok
13:41:17.0015 0776 Atdisk - ok
13:41:17.0093 0776 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
13:41:17.0312 0776 Atmarpc - ok
13:41:17.0390 0776 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
13:41:17.0625 0776 audstub - ok
13:41:17.0703 0776 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
13:41:17.0968 0776 Beep - ok
13:41:18.0062 0776 BthEnum (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys
13:41:18.0265 0776 BthEnum - ok
13:41:18.0328 0776 BthPan (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys
13:41:18.0531 0776 BthPan - ok
13:41:18.0593 0776 BTHPORT (f338662a6c1fc11dd9508f6dff2c06a2) C:\WINDOWS\system32\Drivers\BTHport.sys
13:41:18.0640 0776 BTHPORT - ok
13:41:18.0718 0776 BTHUSB (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys
13:41:18.0937 0776 BTHUSB - ok
13:41:18.0984 0776 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
13:41:19.0250 0776 cbidf2k - ok
13:41:19.0312 0776 cd20xrnt - ok
13:41:19.0390 0776 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
13:41:19.0656 0776 Cdaudio - ok
13:41:19.0734 0776 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
13:41:19.0937 0776 Cdfs - ok
13:41:20.0046 0776 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
13:41:20.0281 0776 Cdrom - ok
13:41:20.0328 0776 Changer - ok
13:41:20.0375 0776 CmdIde - ok
13:41:20.0406 0776 Cpqarray - ok
13:41:20.0437 0776 dac2w2k - ok
13:41:20.0468 0776 dac960nt - ok
13:41:20.0515 0776 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
13:41:20.0718 0776 Disk - ok
13:41:20.0812 0776 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
13:41:21.0031 0776 dmboot - ok
13:41:21.0093 0776 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
13:41:21.0312 0776 dmio - ok
13:41:21.0406 0776 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
13:41:21.0656 0776 dmload - ok
13:41:21.0750 0776 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
13:41:21.0953 0776 DMusic - ok
13:41:22.0031 0776 dpti2o - ok
13:41:22.0109 0776 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
13:41:22.0312 0776 drmkaud - ok
13:41:22.0406 0776 dtsoftbus01 (555e54ac2f601a8821cef58961653991) C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
13:41:22.0437 0776 dtsoftbus01 - ok
13:41:22.0515 0776 epmntdrv (57cc1bf06c159dfbb989f5783c0e6a50) C:\WINDOWS\system32\epmntdrv.sys
13:41:22.0531 0776 epmntdrv ( UnsignedFile.Multi.Generic ) - warning
13:41:22.0531 0776 epmntdrv - detected UnsignedFile.Multi.Generic (1)
13:41:22.0609 0776 EuGdiDrv (5f779f5edab787f2d090c71a9051f365) C:\WINDOWS\system32\EuGdiDrv.sys
13:41:22.0625 0776 EuGdiDrv ( UnsignedFile.Multi.Generic ) - warning
13:41:22.0625 0776 EuGdiDrv - detected UnsignedFile.Multi.Generic (1)
13:41:22.0718 0776 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
13:41:22.0937 0776 Fastfat - ok
13:41:23.0000 0776 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
13:41:23.0218 0776 Fdc - ok
13:41:23.0281 0776 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
13:41:23.0500 0776 Fips - ok
13:41:23.0593 0776 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
13:41:23.0781 0776 Flpydisk - ok
13:41:23.0843 0776 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
13:41:24.0078 0776 FltMgr - ok
13:41:24.0140 0776 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:41:24.0375 0776 Fs_Rec - ok
13:41:24.0437 0776 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
13:41:24.0718 0776 Ftdisk - ok
13:41:24.0781 0776 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
13:41:24.0984 0776 gameenum - ok
13:41:25.0078 0776 ggflt (007aea2e06e7cef7372e40c277163959) C:\WINDOWS\system32\DRIVERS\ggflt.sys
13:41:25.0093 0776 ggflt - ok
13:41:25.0156 0776 ggsemc (c73de35960ca75c5ab4ae636b127c64e) C:\WINDOWS\system32\DRIVERS\ggsemc.sys
13:41:25.0171 0776 ggsemc - ok
13:41:25.0203 0776 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
13:41:25.0437 0776 Gpc - ok
13:41:25.0531 0776 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
13:41:25.0734 0776 HidUsb - ok
13:41:25.0781 0776 hpn - ok
13:41:25.0812 0776 hpt3xx - ok
13:41:25.0859 0776 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
13:41:25.0906 0776 HTTP - ok
13:41:25.0984 0776 i2omgmt - ok
13:41:26.0093 0776 i2omp - ok
13:41:26.0218 0776 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
13:41:26.0437 0776 i8042prt - ok
13:41:26.0515 0776 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
13:41:26.0718 0776 Imapi - ok
13:41:26.0812 0776 ini910u - ok
13:41:26.0859 0776 IntelIde - ok
13:41:26.0921 0776 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
13:41:27.0140 0776 ip6fw - ok
13:41:27.0218 0776 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:41:27.0453 0776 IpFilterDriver - ok
13:41:27.0515 0776 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
13:41:27.0718 0776 IpInIp - ok
13:41:27.0812 0776 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
13:41:28.0046 0776 IpNat - ok
13:41:28.0125 0776 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
13:41:28.0343 0776 IPSec - ok
13:41:28.0437 0776 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
13:41:28.0640 0776 IRENUM - ok
13:41:28.0687 0776 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
13:41:28.0906 0776 isapnp - ok
13:41:29.0000 0776 ithsgt (b7a5fadf67136fda7e8f25303565b674) C:\WINDOWS\system32\DRIVERS\ithsgt.sys
13:41:29.0031 0776 ithsgt ( UnsignedFile.Multi.Generic ) - warning
13:41:29.0031 0776 ithsgt - detected UnsignedFile.Multi.Generic (1)
13:41:29.0109 0776 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
13:41:29.0328 0776 Kbdclass - ok
13:41:29.0421 0776 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
13:41:29.0625 0776 kbdhid - ok
13:41:29.0703 0776 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
13:41:29.0921 0776 kmixer - ok
13:41:30.0000 0776 KMWDFilterV1 (769e2846280aead581227f6ab861fbc6) C:\WINDOWS\System32\Drivers\RPGMOUSEV1.sys
13:41:30.0031 0776 KMWDFilterV1 ( UnsignedFile.Multi.Generic ) - warning
13:41:30.0031 0776 KMWDFilterV1 - detected UnsignedFile.Multi.Generic (1)
13:41:30.0109 0776 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
13:41:30.0140 0776 KSecDD - ok
13:41:30.0218 0776 lbrtfdc - ok
13:41:30.0296 0776 lilsgt (16767ea492b5d140e1de3679a65eae74) C:\WINDOWS\system32\DRIVERS\lilsgt.sys
13:41:30.0328 0776 lilsgt ( UnsignedFile.Multi.Generic ) - warning
13:41:30.0328 0776 lilsgt - detected UnsignedFile.Multi.Generic (1)
13:41:30.0421 0776 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
13:41:30.0640 0776 mnmdd - ok
13:41:30.0718 0776 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
13:41:30.0906 0776 Modem - ok
13:41:30.0984 0776 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
13:41:31.0187 0776 Mouclass - ok
13:41:31.0281 0776 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
13:41:31.0531 0776 mouhid - ok
13:41:31.0593 0776 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
13:41:31.0781 0776 MountMgr - ok
13:41:31.0875 0776 mraid35x - ok
13:41:31.0921 0776 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
13:41:32.0156 0776 MRxDAV - ok
13:41:32.0250 0776 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:41:32.0312 0776 MRxSmb - ok
13:41:32.0390 0776 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
13:41:32.0593 0776 Msfs - ok
13:41:32.0640 0776 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
13:41:32.0843 0776 MSKSSRV - ok
13:41:32.0890 0776 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
13:41:33.0109 0776 MSPCLOCK - ok
13:41:33.0140 0776 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
13:41:33.0343 0776 MSPQM - ok
13:41:33.0406 0776 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
13:41:33.0625 0776 mssmbios - ok
13:41:33.0671 0776 ms_mpu401 (ca3e22598f411199adc2dfee76cd0ae0) C:\WINDOWS\system32\drivers\msmpu401.sys
13:41:33.0906 0776 ms_mpu401 - ok
13:41:33.0968 0776 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
13:41:34.0015 0776 Mup - ok
13:41:34.0093 0776 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
13:41:34.0296 0776 NDIS - ok
13:41:34.0359 0776 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:41:34.0390 0776 NdisTapi - ok
13:41:34.0468 0776 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
13:41:34.0671 0776 Ndisuio - ok
13:41:34.0734 0776 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:41:34.0937 0776 NdisWan - ok
13:41:35.0015 0776 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
13:41:35.0062 0776 NDProxy - ok
13:41:35.0125 0776 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
13:41:35.0312 0776 NetBIOS - ok
13:41:35.0406 0776 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
13:41:35.0609 0776 NetBT - ok
13:41:35.0718 0776 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
13:41:35.0921 0776 Npfs - ok
13:41:35.0984 0776 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
13:41:36.0218 0776 Ntfs - ok
13:41:36.0312 0776 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
13:41:36.0562 0776 Null - ok
13:41:36.0656 0776 nv (384b95c9e4d41c172748cbc437ef380e) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
13:41:36.0750 0776 nv - ok
13:41:36.0812 0776 nvatabus (46deed4c6c5fa765f9a2c723be60348d) C:\WINDOWS\system32\DRIVERS\nvatabus.sys
13:41:36.0859 0776 nvatabus - ok
13:41:36.0906 0776 nvax (47b3852808dd579a463fce7085b77413) C:\WINDOWS\system32\drivers\nvax.sys
13:41:36.0953 0776 nvax - ok
13:41:37.0031 0776 nvnforce (adbcba116496229a163193bbe0bb28ce) C:\WINDOWS\system32\drivers\nvapu.sys
13:41:37.0093 0776 nvnforce - ok
13:41:37.0171 0776 nv_agp (3194e2f6c9000c39dcf9d0580754f714) C:\WINDOWS\system32\DRIVERS\nv_agp.sys
13:41:37.0203 0776 nv_agp - ok
13:41:37.0265 0776 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
13:41:37.0546 0776 NwlnkFlt - ok
13:41:37.0609 0776 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
13:41:37.0875 0776 NwlnkFwd - ok
13:41:37.0937 0776 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
13:41:38.0125 0776 Parport - ok
13:41:38.0187 0776 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
13:41:38.0390 0776 PartMgr - ok
13:41:38.0453 0776 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
13:41:38.0718 0776 ParVdm - ok
13:41:38.0796 0776 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
13:41:38.0984 0776 PCI - ok
13:41:39.0031 0776 PCIDump - ok
13:41:39.0109 0776 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
13:41:39.0359 0776 PCIIde - ok
13:41:39.0437 0776 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
13:41:39.0625 0776 Pcmcia - ok
13:41:39.0703 0776 PCTCore (3e8ce6c67b292a4fdf65ed625e5f5e81) C:\WINDOWS\system32\drivers\PCTCore.sys
13:41:39.0734 0776 PCTCore - ok
13:41:39.0828 0776 pctDS (f820b4c61d1e591325b679d479d4eea4) C:\WINDOWS\system32\drivers\pctDS.sys
13:41:39.0859 0776 pctDS - ok
13:41:39.0921 0776 pctEFA (acc8c15f3d59f17c5d903ff1de3b43d3) C:\WINDOWS\system32\drivers\pctEFA.sys
13:41:39.0968 0776 pctEFA - ok
13:41:40.0031 0776 PCTSD (83ddd552f7f1043f764e8cc88ff41232) C:\WINDOWS\system32\Drivers\PCTSD.sys
13:41:40.0062 0776 PCTSD - ok
13:41:40.0078 0776 PDCOMP - ok
13:41:40.0109 0776 PDFRAME - ok
13:41:40.0125 0776 PDRELI - ok
13:41:40.0156 0776 PDRFRAME - ok
13:41:40.0171 0776 perc2 - ok
13:41:40.0187 0776 perc2hib - ok
13:41:40.0265 0776 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
13:41:40.0468 0776 PptpMiniport - ok
13:41:40.0546 0776 Processor (7eb15dce4ec3a0220bd796a15c18186e) C:\WINDOWS\system32\DRIVERS\processr.sys
13:41:40.0734 0776 Processor - ok
13:41:40.0796 0776 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
13:41:41.0000 0776 PSched - ok
13:41:41.0062 0776 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
13:41:41.0343 0776 Ptilink - ok
13:41:41.0390 0776 pwdrvio (c50de6d0c04b230f185a13fde0f047fa) C:\WINDOWS\System32\pwdrvio.sys
13:41:41.0421 0776 pwdrvio - ok
13:41:41.0468 0776 pwdspio (cdc5704308222400ad606bcf87b006a5) C:\WINDOWS\System32\pwdspio.sys
13:41:41.0484 0776 pwdspio - ok
13:41:41.0531 0776 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
13:41:41.0546 0776 PxHelp20 - ok
13:41:41.0562 0776 ql1080 - ok
13:41:41.0593 0776 Ql10wnt - ok
13:41:41.0609 0776 ql12160 - ok
13:41:41.0625 0776 ql1240 - ok
13:41:41.0656 0776 ql1280 - ok
13:41:41.0703 0776 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:41:41.0953 0776 RasAcd - ok
13:41:42.0046 0776 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
13:41:42.0234 0776 Rasl2tp - ok
13:41:42.0281 0776 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
13:41:42.0468 0776 RasPppoe - ok
13:41:42.0515 0776 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
13:41:42.0796 0776 Raspti - ok
13:41:42.0875 0776 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
13:41:43.0062 0776 Rdbss - ok
13:41:43.0140 0776 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
13:41:43.0406 0776 RDPCDD - ok
13:41:43.0468 0776 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
13:41:43.0671 0776 rdpdr - ok
13:41:43.0750 0776 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
13:41:43.0796 0776 RDPWD - ok
13:41:43.0875 0776 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
13:41:44.0062 0776 redbook - ok
13:41:44.0125 0776 RFCOMM (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys
13:41:44.0312 0776 RFCOMM - ok
13:41:44.0406 0776 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
13:41:44.0546 0776 rtl8139 - ok
13:41:44.0625 0776 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
13:41:44.0812 0776 Secdrv - ok
13:41:44.0890 0776 seehcri (e5b56569a9f79b70314fede6c953641e) C:\WINDOWS\system32\DRIVERS\seehcri.sys
13:41:44.0921 0776 seehcri ( UnsignedFile.Multi.Generic ) - warning
13:41:44.0921 0776 seehcri - detected UnsignedFile.Multi.Generic (1)
13:41:44.0968 0776 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
13:41:45.0156 0776 serenum - ok
13:41:45.0218 0776 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
13:41:45.0406 0776 Serial - ok
13:41:45.0484 0776 sfdrv01 (4c0d673281178cb496011a2e28571fc8) C:\WINDOWS\system32\drivers\sfdrv01.sys
13:41:45.0515 0776 sfdrv01 ( UnsignedFile.Multi.Generic ) - warning
13:41:45.0515 0776 sfdrv01 - detected UnsignedFile.Multi.Generic (1)
13:41:45.0578 0776 sfhlp02 (15be2b5e4dc5b8623cf167720682abc9) C:\WINDOWS\system32\drivers\sfhlp02.sys
13:41:45.0609 0776 sfhlp02 ( UnsignedFile.Multi.Generic ) - warning
13:41:45.0609 0776 sfhlp02 - detected UnsignedFile.Multi.Generic (1)
13:41:45.0656 0776 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
13:41:45.0843 0776 Sfloppy - ok
13:41:45.0906 0776 sfsync02 (efebbc1d13fdb77a6af4eddfc7232edf) C:\WINDOWS\system32\drivers\sfsync02.sys
13:41:45.0937 0776 sfsync02 ( UnsignedFile.Multi.Generic ) - warning
13:41:45.0937 0776 sfsync02 - detected UnsignedFile.Multi.Generic (1)
13:41:45.0984 0776 sfvfs02 (9ef50060cc7e6953bab83f2a42ccc421) C:\WINDOWS\system32\drivers\sfvfs02.sys
13:41:46.0000 0776 sfvfs02 ( UnsignedFile.Multi.Generic ) - warning
13:41:46.0000 0776 sfvfs02 - detected UnsignedFile.Multi.Generic (1)
13:41:46.0046 0776 Simbad - ok
13:41:46.0093 0776 Sparrow - ok
13:41:46.0125 0776 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
13:41:46.0312 0776 splitter - ok
13:41:46.0343 0776 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
13:41:46.0562 0776 sr - ok
13:41:46.0640 0776 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
13:41:46.0703 0776 Srv - ok
13:41:46.0796 0776 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
13:41:46.0984 0776 swenum - ok
13:41:47.0062 0776 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
13:41:47.0250 0776 swmidi - ok
13:41:47.0312 0776 symc810 - ok
13:41:47.0359 0776 symc8xx - ok
13:41:47.0421 0776 sym_hi - ok
13:41:47.0468 0776 sym_u3 - ok
13:41:47.0515 0776 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
13:41:47.0703 0776 sysaudio - ok
13:41:47.0812 0776 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
13:41:47.0875 0776 Tcpip - ok
13:41:47.0937 0776 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
13:41:48.0140 0776 TDPIPE - ok
13:41:48.0218 0776 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
13:41:48.0406 0776 TDTCP - ok
13:41:48.0484 0776 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
13:41:48.0671 0776 TermDD - ok
13:41:48.0765 0776 TosIde - ok
13:41:48.0859 0776 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
13:41:49.0046 0776 Udfs - ok
13:41:49.0109 0776 ultra - ok
13:41:49.0187 0776 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
13:41:49.0406 0776 Update - ok
13:41:49.0500 0776 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
13:41:49.0687 0776 usbccgp - ok
13:41:49.0765 0776 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
13:41:49.0953 0776 usbehci - ok
13:41:50.0046 0776 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
13:41:50.0250 0776 usbhub - ok
13:41:50.0312 0776 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
13:41:50.0500 0776 usbohci - ok
13:41:50.0609 0776 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
13:41:50.0796 0776 usbscan - ok
13:41:50.0875 0776 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
13:41:51.0046 0776 USBSTOR - ok
13:41:51.0156 0776 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
13:41:51.0359 0776 VgaSave - ok
13:41:51.0406 0776 ViaIde - ok
13:41:51.0437 0776 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
13:41:51.0640 0776 VolSnap - ok
13:41:51.0734 0776 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:41:51.0937 0776 Wanarp - ok
13:41:52.0015 0776 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
13:41:52.0046 0776 Wdf01000 - ok
13:41:52.0109 0776 WDICA - ok
13:41:52.0171 0776 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
13:41:52.0359 0776 wdmaud - ok
13:41:52.0500 0776 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
13:41:52.0750 0776 WS2IFSL - ok
13:41:52.0796 0776 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
13:41:53.0015 0776 \Device\Harddisk0\DR0 - ok
13:41:53.0062 0776 Boot (0x1200) (31c313ada0bb96aa8cce361b1ef63a1b) \Device\Harddisk0\DR0\Partition0
13:41:53.0062 0776 \Device\Harddisk0\DR0\Partition0 - ok
13:41:53.0078 0776 Boot (0x1200) (f0a5b4472e07eb0ace180e28ccab0f3c) \Device\Harddisk0\DR0\Partition1
13:41:53.0093 0776 \Device\Harddisk0\DR0\Partition1 - ok
13:41:53.0093 0776 ============================================================
13:41:53.0093 0776 Scan finished
13:41:53.0093 0776 ============================================================
13:41:53.0218 1284 Detected object count: 10
13:41:53.0218 1284 Actual detected object count: 10
13:42:23.0890 1284 epmntdrv ( UnsignedFile.Multi.Generic ) - skipped by user
13:42:23.0890 1284 epmntdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:42:23.0890 1284 EuGdiDrv ( UnsignedFile.Multi.Generic ) - skipped by user
13:42:23.0890 1284 EuGdiDrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:42:23.0890 1284 ithsgt ( UnsignedFile.Multi.Generic ) - skipped by user
13:42:23.0890 1284 ithsgt ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:42:23.0890 1284 KMWDFilterV1 ( UnsignedFile.Multi.Generic ) - skipped by user
13:42:23.0890 1284 KMWDFilterV1 ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:42:23.0906 1284 lilsgt ( UnsignedFile.Multi.Generic ) - skipped by user
13:42:23.0906 1284 lilsgt ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:42:23.0906 1284 seehcri ( UnsignedFile.Multi.Generic ) - skipped by user
13:42:23.0906 1284 seehcri ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:42:23.0906 1284 sfdrv01 ( UnsignedFile.Multi.Generic ) - skipped by user
13:42:23.0906 1284 sfdrv01 ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:42:23.0906 1284 sfhlp02 ( UnsignedFile.Multi.Generic ) - skipped by user
13:42:23.0906 1284 sfhlp02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:42:23.0921 1284 sfsync02 ( UnsignedFile.Multi.Generic ) - skipped by user
13:42:23.0921 1284 sfsync02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:42:23.0921 1284 sfvfs02 ( UnsignedFile.Multi.Generic ) - skipped by user
13:42:23.0921 1284 sfvfs02 ( UnsignedFile.Multi.Generic ) - User select action: Skip

[vyosek]

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

• Ukoncete vsechny programy
• Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
• Zvolte moznost 2 a potvrte enterem
• Utilita provede svou cinnost a da log - ten sem vlozte
• Nyni znovu, ale zvolte moznost 3 a pote jeste 4 - logy opet vlozte

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

[saiyan]

RogueKiller voľba č.2:
RogueKiller V6.1.12 [12/02/2011] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User: scorpio [Admin rights]
Mode: Remove -- Date : 12/10/2011 14:26:31

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 8 ¤¤¤
[SUSP PATH] _uninst_47970671.lnk : C:\Documents and Settings\scorpio\Local Settings\Temp\_uninst_47970671.bat -> DELETED
[HJ] HKLM\[...]\Security Center : AntiVirusDisableNotify (1) -> REPLACED (0)
[HJ] HKLM\[...]\Security Center : FirewallDisableNotify (1) -> REPLACED (0)
[HJ] HKLM\[...]\Security Center : UpdatesDisableNotify (1) -> REPLACED (0)
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[FILEASSO] HKLM\[...]Software\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command : ("C:\Documents and Settings\scorpio\Local Settings\Data aplikací\fsk.exe" -a "C:\Program Files\Mozilla Firefox\firefox.exe") -> REPLACED ("C:\Program Files\mozilla firefox\firefox.exe")
[FILEASSO] HKLM\[...]Software\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command : ("C:\Documents and Settings\scorpio\Local Settings\Data aplikací\fsk.exe" -a "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode) -> REPLACED ("C:\Program Files\mozilla firefox\firefox.exe" -safe-mode)
[FILEASSO] HKLM\[...]Software\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command : ("C:\Documents and Settings\scorpio\Local Settings\Data aplikací\fsk.exe" -a "C:\Program Files\Internet Explorer\iexplore.exe") -> REPLACED ("C:\Program Files\internet explorer\iexplore.exe")

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [LOADED] ¤¤¤

¤¤¤ Infection : Rogue.AntiSpy-AH ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
127.0.0.1 localhost


Finished : << RKreport[1].txt >>
RKreport[1].txt




voľba č.3:
RogueKiller V6.1.12 [12/02/2011] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User: scorpio [Admin rights]
Mode: Remove -- Date : 12/10/2011 14:26:31

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 8 ¤¤¤
[SUSP PATH] _uninst_47970671.lnk : C:\Documents and Settings\scorpio\Local Settings\Temp\_uninst_47970671.bat -> DELETED
[HJ] HKLM\[...]\Security Center : AntiVirusDisableNotify (1) -> REPLACED (0)
[HJ] HKLM\[...]\Security Center : FirewallDisableNotify (1) -> REPLACED (0)
[HJ] HKLM\[...]\Security Center : UpdatesDisableNotify (1) -> REPLACED (0)
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[FILEASSO] HKLM\[...]Software\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command : ("C:\Documents and Settings\scorpio\Local Settings\Data aplikací\fsk.exe" -a "C:\Program Files\Mozilla Firefox\firefox.exe") -> REPLACED ("C:\Program Files\mozilla firefox\firefox.exe")
[FILEASSO] HKLM\[...]Software\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command : ("C:\Documents and Settings\scorpio\Local Settings\Data aplikací\fsk.exe" -a "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode) -> REPLACED ("C:\Program Files\mozilla firefox\firefox.exe" -safe-mode)
[FILEASSO] HKLM\[...]Software\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command : ("C:\Documents and Settings\scorpio\Local Settings\Data aplikací\fsk.exe" -a "C:\Program Files\Internet Explorer\iexplore.exe") -> REPLACED ("C:\Program Files\internet explorer\iexplore.exe")

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [LOADED] ¤¤¤

¤¤¤ Infection : Rogue.AntiSpy-AH ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
127.0.0.1 localhost


Finished : << RKreport[1].txt >>
RKreport[1].txt

voľba č:4:


RogueKiller V6.1.12 [12/02/2011] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User: scorpio [Admin rights]
Mode: ProxyFix -- Date : 12/10/2011 14:28:35

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Driver: [LOADED] ¤¤¤

¤¤¤ Registry Entries: 0 ¤¤¤

Finished : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt

[saiyan]

ComboFix log:
ComboFix 11-12-10.01 - scorpio . 12. 2011 14:39:38.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1029.18.1023.659 [GMT 1:00]
Running from: c:\documents and settings\scorpio\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\CSC\d6
c:\windows\system32\Cache
c:\windows\system32\Cache\272512937d9e61a4.fb
c:\windows\system32\Cache\287204568329e189.fb
c:\windows\system32\Cache\28bc8f716fd76a47.fb
c:\windows\system32\Cache\2c53092c95605355.fb
c:\windows\system32\Cache\3917078cb68ec657.fb
c:\windows\system32\Cache\590ba23ce359fd0c.fb
c:\windows\system32\Cache\610289e025a3ee9a.fb
c:\windows\system32\Cache\63a8503888eb77a5.fb
c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb
c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb
c:\windows\system32\Cache\ad10a52aff5e038d.fb
c:\windows\system32\Cache\d201ef9910cd39de.fb
c:\windows\system32\Cache\d2e94710a5708128.fb
c:\windows\system32\Cache\d79b9dfe81484ec4.fb
c:\windows\system32\TZLog.log
.
.
((((((((((((((((((((((((( Files Created from 2011-11-10 to 2011-12-10 )))))))))))))))))))))))))))))))
.
.
2011-12-09 18:02 . 2011-11-03 08:49 133208 ----a-w- c:\windows\system32\drivers\47970671.sys
2011-12-09 17:55 . 2011-12-09 17:55 -------- d-----w- c:\program files\Perfect Uninstaller
2011-12-09 17:22 . 2011-12-07 16:12 68648 ----a-r- c:\windows\system32\IS3Hks5.dll
2011-12-09 17:22 . 2011-12-07 16:12 457768 ----a-r- c:\windows\system32\IS3DBA5.dll
2011-12-09 17:22 . 2011-12-07 16:12 101416 ----a-r- c:\windows\system32\IS3Svc5.dll
2011-12-09 17:22 . 2011-12-07 16:12 105512 ----a-r- c:\windows\system32\IS3Inet5.dll
2011-12-09 17:22 . 2011-12-07 16:12 392232 ----a-r- c:\windows\system32\IS3UI5.dll
2011-12-09 16:17 . 2011-12-09 16:17 -------- d-----w- c:\program files\Common Files\iS3
2011-12-09 16:17 . 2011-12-09 18:07 -------- d-----w- c:\documents and settings\All Users\Data aplikací\STOPzilla!
2011-12-09 09:08 . 2011-11-28 17:53 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-12-09 09:08 . 2011-11-28 17:51 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-12-09 09:08 . 2011-11-28 17:53 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-12-09 09:08 . 2011-11-28 17:52 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-12-09 09:08 . 2011-11-28 17:52 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-12-09 09:08 . 2011-11-28 17:52 111320 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-12-09 09:08 . 2011-11-28 17:51 105176 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-12-09 09:08 . 2011-11-28 17:48 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-12-09 09:07 . 2011-11-28 18:01 41184 ----a-w- c:\windows\avastSS.scr
2011-12-09 09:07 . 2011-11-28 18:01 199816 ----a-w- c:\windows\system32\aswBoot.exe
2011-12-09 09:07 . 2011-12-09 09:07 -------- d-----w- c:\program files\AVAST Software
2011-12-09 09:07 . 2011-12-09 09:07 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
2011-12-08 10:15 . 2011-12-08 10:15 -------- d-----w- c:\documents and settings\scorpio\Data aplikací\DDMSettings
2011-12-07 16:12 . 2011-12-07 16:12 547880 ----a-r- c:\windows\system32\SZComp5.dll
2011-12-07 16:12 . 2011-12-07 16:12 482344 ----a-r- c:\windows\system32\SZBase5.dll
2011-12-07 16:12 . 2011-12-07 16:12 30248 ----a-r- c:\windows\system32\IS3XDat5.dll
2011-12-07 16:12 . 2011-12-07 16:12 24616 ----a-r- c:\windows\system32\SZIO5.dll
2011-12-07 16:12 . 2011-12-07 16:12 134184 ----a-r- c:\windows\system32\IS3HTUI5.dll
2011-12-03 18:53 . 2011-12-03 18:53 -------- d-----w- c:\windows\system32\XPSViewer
2011-12-03 18:53 . 2011-12-03 18:53 -------- d-----w- c:\program files\Reference Assemblies
2011-12-03 18:53 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2011-12-03 18:53 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2011-12-03 18:53 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2011-12-03 18:53 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2011-12-03 18:53 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2011-12-03 18:53 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2011-12-03 18:53 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2011-12-03 18:53 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2011-12-03 18:53 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2011-12-03 18:53 . 2011-12-03 18:53 -------- d-----w- C:\30000a831bc2cd6b52
2011-12-03 13:43 . 2011-12-03 13:43 -------- d-sh--w- c:\documents and settings\Default User\IETldCache
2011-12-03 11:31 . 2011-12-03 11:49 -------- d-----w- c:\windows\ie8updates
2011-12-03 08:32 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2011-12-03 08:31 . 2011-07-15 13:29 456320 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2011-12-03 08:31 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2011-12-03 08:31 . 2009-11-21 16:03 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2011-12-03 08:29 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2011-12-03 08:28 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2011-12-03 08:27 . 2010-08-27 08:03 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2011-12-03 08:27 . 2009-10-15 16:32 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2011-12-03 08:26 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2011-12-03 08:26 . 2009-03-06 14:23 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2011-12-03 08:26 . 2009-02-09 11:25 111104 -c----w- c:\windows\system32\dllcache\services.exe
2011-12-03 08:25 . 2009-02-09 10:56 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2011-12-03 08:25 . 2009-02-09 10:56 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2011-12-03 08:25 . 2009-02-09 10:56 684032 -c----w- c:\windows\system32\dllcache\advapi32.dll
2011-12-03 08:25 . 2009-02-09 10:56 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2011-12-03 08:25 . 2009-06-21 21:48 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2011-12-03 08:23 . 2011-06-24 14:10 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2011-12-03 08:22 . 2011-08-22 23:41 602112 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2011-12-03 08:22 . 2011-08-22 23:41 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2011-12-03 08:22 . 2011-08-22 23:41 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2011-12-03 08:22 . 2011-08-22 23:41 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2011-12-03 08:22 . 2011-08-22 23:41 2000384 -c----w- c:\windows\system32\dllcache\iertutil.dll
2011-12-03 08:22 . 2011-08-22 23:41 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2011-12-03 08:21 . 2011-04-21 13:37 105472 -c----w- c:\windows\system32\dllcache\mup.sys
2011-12-03 08:21 . 2010-06-14 07:43 1172480 -c----w- c:\windows\system32\dllcache\msxml3.dll
2011-12-03 08:21 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2011-12-03 08:20 . 2008-05-01 14:37 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2011-12-03 08:03 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2011-12-03 08:01 . 2010-06-18 13:36 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
2011-12-03 08:01 . 2008-10-15 16:38 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2011-12-03 08:01 . 2008-06-14 17:35 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2011-12-03 07:59 . 2010-12-09 15:15 713216 -c----w- c:\windows\system32\dllcache\ntdll.dll
2011-12-03 07:59 . 2010-12-09 15:14 2194944 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2011-12-03 07:59 . 2010-12-09 15:14 2150912 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2011-12-03 07:59 . 2010-12-09 15:14 2029056 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2011-12-03 07:59 . 2010-12-09 15:14 2071552 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2011-12-03 07:59 . 2010-07-16 11:58 219136 -c----w- c:\windows\system32\dllcache\wordpad.exe
2011-12-03 07:58 . 2011-07-08 14:02 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
2011-12-03 07:35 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2011-12-03 07:35 . 2010-08-16 08:45 590848 -c----w- c:\windows\system32\dllcache\rpcrt4.dll
2011-12-01 16:39 . 2011-12-01 16:39 -------- d-----w- c:\program files\Fox
2011-11-16 07:55 . 2009-06-10 17:00 18432 ----a-w- c:\windows\system32\drivers\RPGMOUSEV1.sys
2011-11-16 07:55 . 2011-11-16 07:55 -------- d-----w- c:\windows\Trust GXT14 Mouse
2011-11-16 07:55 . 2011-11-16 07:55 -------- d-----w- c:\program files\Trust
2011-11-16 07:51 . 2008-04-14 07:51 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2011-11-16 07:51 . 2008-04-14 07:51 21504 ----a-w- c:\windows\system32\hidserv.dll
2011-11-16 07:51 . 2001-10-24 10:54 12160 -c--a-w- c:\windows\system32\dllcache\mouhid.sys
2011-11-16 07:51 . 2001-10-24 10:54 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2011-11-16 07:51 . 2008-04-14 06:59 14592 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys
2011-11-16 07:51 . 2008-04-14 06:59 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2011-11-16 07:51 . 2008-04-13 23:15 10368 -c--a-w- c:\windows\system32\dllcache\hidusb.sys
2011-11-16 07:51 . 2008-04-13 23:15 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
2011-11-16 07:51 . 2008-04-13 23:15 32128 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2011-11-16 07:51 . 2008-04-13 23:15 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-04 12:17 . 2011-06-25 15:58 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-20 23:26 . 2011-10-20 23:26 94208 ----a-w- c:\windows\system32\dpl100.dll
2011-10-10 14:22 . 2011-01-20 15:42 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-09-28 07:06 . 2001-10-25 12:00 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-09-26 10:41 . 2010-03-18 09:09 613376 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 10:41 . 2001-10-25 12:00 22528 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 10:41 . 2001-10-25 12:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-26 10:21 . 2011-09-26 10:21 61328 ----a-r- c:\windows\system32\drivers\SZKG.sys
2011-09-26 10:21 . 2011-09-26 10:21 61328 ----a-r- c:\windows\system32\drivers\is3srv.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2009-11-25 95632]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-04-02 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NVMixerTray"="c:\program files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" [2004-06-03 131072]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2003-07-31 4493312]
"nwiz"="nwiz.exe" [2003-07-31 323584]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 221184]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 81920]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-09-01 282624]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-07-28 23:08 1259376 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2006-09-01 14:57 282624 ----a-w- c:\program files\QuickTime\qttask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"=
"d:\\Games\\Codemasters\\Worms 4 Mayhem\\WORMS 4 MAYHEM.EXE"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"d:\\Games\\Counter-Strike Xtreme V5\\hl.exe"=
"c:\\Documents and Settings\\scorpio\\Local Settings\\Data aplikací\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\Games\\Valve\\hl.exe"=
.
R0 47970671;47970671;c:\windows\system32\drivers\47970671.sys [9. 12. 2011 19:02 133208]
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [9. 12. 2011 18:07 263888]
R0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS.sys [9. 12. 2011 18:07 338880]
R0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA.sys [9. 12. 2011 18:07 656320]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [9. 12. 2011 10:08 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [9. 12. 2011 10:08 314456]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [15. 2. 2011 13:39 218688]
R1 PCTSD;PC Tools Spyware Doctor Driver;c:\windows\system32\drivers\PCTSD.sys [9. 12. 2011 18:07 233976]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [9. 12. 2011 10:08 20568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18. 3. 2010 13:16 130384]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2. 4. 2011 14:39 136176]
S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [22. 1. 2011 17:23 8704]
S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [22. 1. 2011 17:23 3072]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [30. 1. 2011 8:48 13224]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2. 4. 2011 14:39 136176]
S3 KMWDFilterV1;KMWDFilterV1;c:\windows\system32\drivers\RPGMOUSEV1.sys [16. 11. 2011 8:55 18432]
S3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [20. 1. 2011 17:08 16472]
S3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [20. 1. 2011 17:08 11104]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\PC Tools Security\pctsAuxs.exe [9. 12. 2011 18:06 371472]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [30. 1. 2011 8:49 27632]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18. 3. 2010 13:16 753504]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 83352277
*NewlyCreated* - TRUESIGHT
*Deregistered* - 83352277
*Deregistered* - TrueSight
.
Contents of the 'Scheduled Tasks' folder
.
2011-12-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-04-02 13:39]
.
2011-12-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-04-02 13:39]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\scorpio\Data aplikací\Mozilla\Firefox\Profiles\yxj8pdqt.default\
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B862342d2-9784-4d1a-9440-4d9561cbf1d8%7D&mid=bf4595d649f847d686f9d1a90ae722f8-06ce4fc639803a2e3563922518183d8e94088cb9&ds=AVG&v=8.0.0.34.1&lang=sk&pr=pr&d=2011-11-03%2017%3A43%3A03&sap=ku&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype Click to Call: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-10 - (no file)
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
Notify-TPSvc - TPSvc.dll
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-10 14:57
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-583907252-113007714-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:ba,c8,31,24,03,33,80,27,15,be,fc,43,00,63,cb,83,ba,d1,59,0a,e9,b7,4c,
2a,50,5b,1f,a9,9e,b0,16,0f,0d,73,1e,41,68,20,ca,88,9d,16,f4,24,87,8a,e9,ee,\
"??"=hex:f3,57,35,ab,85,f8,8b,39,6b,d1,9c,74,b5,45,8d,f9
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'lsass.exe'(648)
c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll
.
Completion time: 2011-12-10 15:03:37
ComboFix-quarantined-files.txt 2011-12-10 14:03
.
Pre-Run: Volných bajtů: 15 713 857 536
Post-Run: Volných bajtů: 16 628 740 096
.
- - End Of File - - FA859724DEFD9C9E7CB28E248EC7C14E

[vyosek]

Pokud nemate, tak presunte Combofix na plochu

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  KillAll::
  
  File::
  c:\windows\system32\drivers\47970671.sys
  c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
  c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
  
  Firefox::
  FF - ProfilePath - c:\documents and settings\scorpio\Data aplikací\Mozilla\Firefox\Profiles\yxj8pdqt.default\
  FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B86 ... &sap=ku&q=
  
  RegNull::
  [HKEY_USERS\S-1-5-21-583907252-113007714-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
  
  Driver::
  gupdate
  gupdatem
  83352277
  47970671
  
  Registry::
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "ISUSPM Startup"=-
  "ISUSScheduler"=-
  "QuickTime Task"=-
  "DivXUpdate"=-
  [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "swg"=-
  [HKEY_LOCAL_MACHINE\software\microsoft\security center]
  "AntiVirusOverride"=dword:00000000
  "FirewallOverride"=dword:00000000
  
  Reboot::

• Ulozte vytvoreny TXT jako CFScript.txt
• Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
  
• Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

[saiyan]

spravil som to presne podľa postupu,akurát, že antivirus Avast mi dal voľbu otvorenie priečinkov/súborov v sandboxe alebo normálne - dal som normálne, ComboFix potom chvíľu pracoval ale nakoniec vyhodil Error v CFSScripte

[vyosek]

Opakujte postup v nouzovem rezimu (restart PC, mackat F8, zvolit Stav nouze s praci v siti)

Error hlasil, jelikoz jste skript pojmenoval CFSScript ale ma to byt jen CFScript

[saiyan]

všimol som si to.. 2.pokus úspešný:

ComboFix 11-12-10.01 - scorpio . 12. 2011 10:01:14.3.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1029.18.1023.670 [GMT 1:00]
Running from: c:\documents and settings\scorpio\Plocha\ComboFix.exe
Command switches used :: c:\documents and settings\scorpio\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66}
* Created a new restore point
.
FILE ::
"c:\windows\system32\drivers\47970671.sys"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_47970671
-------\Legacy_83352277
-------\Legacy_GUPDATE
-------\Legacy_GUPDATEM
-------\Service_47970671
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Files Created from 2011-11-12 to 2011-12-12 )))))))))))))))))))))))))))))))
.
.
2011-12-09 18:02 . 2011-11-03 08:49 133208 ----a-w- c:\windows\system32\drivers\47970671.sys
2011-12-09 17:55 . 2011-12-09 17:55 -------- d-----w- c:\program files\Perfect Uninstaller
2011-12-09 17:22 . 2011-12-07 16:12 68648 ----a-r- c:\windows\system32\IS3Hks5.dll
2011-12-09 17:22 . 2011-12-07 16:12 457768 ----a-r- c:\windows\system32\IS3DBA5.dll
2011-12-09 17:22 . 2011-12-07 16:12 101416 ----a-r- c:\windows\system32\IS3Svc5.dll
2011-12-09 17:22 . 2011-12-07 16:12 105512 ----a-r- c:\windows\system32\IS3Inet5.dll
2011-12-09 17:22 . 2011-12-07 16:12 392232 ----a-r- c:\windows\system32\IS3UI5.dll
2011-12-09 17:22 . 2011-12-07 16:12 232488 ----a-r- c:\windows\system32\IS3Win325.dll
2011-12-09 17:22 . 2011-12-07 16:12 740392 ----a-r- c:\windows\system32\IS3Base5.dll
2011-12-09 17:07 . 2010-07-16 13:59 656320 ----a-w- c:\windows\system32\drivers\pctEFA.sys
2011-12-09 17:07 . 2010-07-16 13:59 338880 ----a-w- c:\windows\system32\drivers\pctDS.sys
2011-12-09 17:07 . 2011-05-06 12:26 251560 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2011-12-09 17:07 . 2011-05-11 12:35 160576 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2011-12-09 17:07 . 2011-05-11 08:55 263888 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2011-12-09 17:07 . 2011-03-10 08:08 233976 ----a-w- c:\windows\system32\drivers\PCTSD.sys
2011-12-09 17:07 . 2011-05-06 12:28 70664 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2011-12-09 17:06 . 2011-12-09 17:17 -------- d-----w- c:\program files\Common Files\PC Tools
2011-12-09 17:06 . 2011-12-09 17:47 -------- d-----w- c:\program files\PC Tools Security
2011-12-09 16:59 . 2011-12-09 17:19 -------- d-----w- c:\windows\system32\sdtmp
2011-12-09 16:17 . 2011-12-09 16:17 -------- d-----w- c:\program files\Common Files\iS3
2011-12-09 16:17 . 2011-12-09 18:07 -------- d-----w- c:\documents and settings\All Users\Data aplikací\STOPzilla!
2011-12-09 09:08 . 2011-11-28 17:53 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-12-09 09:08 . 2011-11-28 17:51 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-12-09 09:08 . 2011-11-28 17:53 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-12-09 09:08 . 2011-11-28 17:52 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-12-09 09:08 . 2011-11-28 17:52 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-12-09 09:08 . 2011-11-28 17:52 111320 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-12-09 09:08 . 2011-11-28 17:51 105176 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-12-09 09:08 . 2011-11-28 17:48 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-12-09 09:07 . 2011-11-28 18:01 41184 ----a-w- c:\windows\avastSS.scr
2011-12-09 09:07 . 2011-11-28 18:01 199816 ----a-w- c:\windows\system32\aswBoot.exe
2011-12-09 09:07 . 2011-12-09 09:07 -------- d-----w- c:\program files\AVAST Software
2011-12-09 09:07 . 2011-12-09 09:07 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
2011-12-08 10:15 . 2011-12-08 10:15 -------- d-----w- c:\documents and settings\scorpio\Data aplikací\DDMSettings
2011-12-07 16:12 . 2011-12-07 16:12 547880 ----a-r- c:\windows\system32\SZComp5.dll
2011-12-07 16:12 . 2011-12-07 16:12 482344 ----a-r- c:\windows\system32\SZBase5.dll
2011-12-07 16:12 . 2011-12-07 16:12 30248 ----a-r- c:\windows\system32\IS3XDat5.dll
2011-12-07 16:12 . 2011-12-07 16:12 24616 ----a-r- c:\windows\system32\SZIO5.dll
2011-12-07 16:12 . 2011-12-07 16:12 134184 ----a-r- c:\windows\system32\IS3HTUI5.dll
2011-12-03 18:53 . 2011-12-03 18:53 -------- d-----w- c:\windows\system32\XPSViewer
2011-12-03 18:53 . 2011-12-03 18:53 -------- d-----w- c:\program files\Reference Assemblies
2011-12-03 18:53 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2011-12-03 18:53 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2011-12-03 18:53 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2011-12-03 18:53 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2011-12-03 18:53 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2011-12-03 18:53 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2011-12-03 18:53 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2011-12-03 18:53 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2011-12-03 18:53 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2011-12-03 18:53 . 2011-12-03 18:53 -------- d-----w- C:\30000a831bc2cd6b52
2011-12-03 13:43 . 2011-12-03 13:43 -------- d-sh--w- c:\documents and settings\Default User\IETldCache
2011-12-03 11:31 . 2011-12-03 11:49 -------- d-----w- c:\windows\ie8updates
2011-12-03 08:32 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2011-12-03 08:31 . 2011-07-15 13:29 456320 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2011-12-03 08:31 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2011-12-03 08:31 . 2009-11-21 16:03 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2011-12-03 08:29 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2011-12-03 08:28 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2011-12-03 08:27 . 2010-08-27 08:03 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2011-12-03 08:27 . 2009-10-15 16:32 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2011-12-03 08:26 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2011-12-03 08:26 . 2009-03-06 14:23 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2011-12-03 08:26 . 2009-02-09 11:25 111104 -c----w- c:\windows\system32\dllcache\services.exe
2011-12-03 08:25 . 2009-02-09 10:56 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2011-12-03 08:25 . 2009-02-09 10:56 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2011-12-03 08:25 . 2009-02-09 10:56 684032 -c----w- c:\windows\system32\dllcache\advapi32.dll
2011-12-03 08:25 . 2009-02-09 10:56 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2011-12-03 08:25 . 2009-06-21 21:48 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2011-12-03 08:23 . 2011-06-24 14:10 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2011-12-03 08:22 . 2011-08-22 23:41 602112 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2011-12-03 08:22 . 2011-08-22 23:41 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2011-12-03 08:22 . 2011-08-22 23:41 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2011-12-03 08:22 . 2011-08-22 23:41 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2011-12-03 08:22 . 2011-08-22 23:41 2000384 -c----w- c:\windows\system32\dllcache\iertutil.dll
2011-12-03 08:22 . 2011-08-22 23:41 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2011-12-03 08:21 . 2011-04-21 13:37 105472 -c----w- c:\windows\system32\dllcache\mup.sys
2011-12-03 08:21 . 2010-06-14 07:43 1172480 -c----w- c:\windows\system32\dllcache\msxml3.dll
2011-12-03 08:21 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2011-12-03 08:20 . 2008-05-01 14:37 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2011-12-03 08:03 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2011-12-03 08:01 . 2010-06-18 13:36 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
2011-12-03 08:01 . 2008-10-15 16:38 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2011-12-03 08:01 . 2008-06-14 17:35 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2011-12-03 07:59 . 2010-12-09 15:15 713216 -c----w- c:\windows\system32\dllcache\ntdll.dll
2011-12-03 07:59 . 2010-12-09 15:14 2194944 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2011-12-03 07:59 . 2010-12-09 15:14 2150912 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2011-12-03 07:59 . 2010-12-09 15:14 2029056 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2011-12-03 07:59 . 2010-12-09 15:14 2071552 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2011-12-03 07:59 . 2010-07-16 11:58 219136 -c----w- c:\windows\system32\dllcache\wordpad.exe
2011-12-03 07:58 . 2011-07-08 14:02 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
2011-12-03 07:35 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2011-12-03 07:35 . 2010-08-16 08:45 590848 -c----w- c:\windows\system32\dllcache\rpcrt4.dll
2011-12-01 16:39 . 2011-12-01 16:39 -------- d-----w- c:\program files\Fox
2011-11-16 07:55 . 2009-06-10 17:00 18432 ----a-w- c:\windows\system32\drivers\RPGMOUSEV1.sys
2011-11-16 07:55 . 2011-11-16 07:55 -------- d-----w- c:\windows\Trust GXT14 Mouse
2011-11-16 07:55 . 2011-11-16 07:55 -------- d-----w- c:\program files\Trust
2011-11-16 07:51 . 2008-04-14 07:51 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2011-11-16 07:51 . 2008-04-14 07:51 21504 ----a-w- c:\windows\system32\hidserv.dll
2011-11-16 07:51 . 2001-10-24 10:54 12160 -c--a-w- c:\windows\system32\dllcache\mouhid.sys
2011-11-16 07:51 . 2001-10-24 10:54 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2011-11-16 07:51 . 2008-04-14 06:59 14592 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys
2011-11-16 07:51 . 2008-04-14 06:59 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2011-11-16 07:51 . 2008-04-13 23:15 10368 -c--a-w- c:\windows\system32\dllcache\hidusb.sys
2011-11-16 07:51 . 2008-04-13 23:15 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
2011-11-16 07:51 . 2008-04-13 23:15 32128 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2011-11-16 07:51 . 2008-04-13 23:15 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-04 12:17 . 2011-06-25 15:58 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-20 23:26 . 2011-10-20 23:26 94208 ----a-w- c:\windows\system32\dpl100.dll
2011-10-10 14:22 . 2011-01-20 15:42 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-09-28 07:06 . 2001-10-25 12:00 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-09-26 10:41 . 2010-03-18 09:09 613376 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 10:41 . 2001-10-25 12:00 22528 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 10:41 . 2001-10-25 12:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-26 10:21 . 2011-09-26 10:21 61328 ----a-r- c:\windows\system32\drivers\SZKG.sys
2011-09-26 10:21 . 2011-09-26 10:21 61328 ----a-r- c:\windows\system32\drivers\is3srv.sys
.
.
((((((((((((((((((((((((((((( SnapShot@2011-12-10_13.57.34 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-12-12 09:18 . 2011-12-12 09:18 16384 c:\windows\Temp\Perflib_Perfdata_310.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2009-11-25 95632]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NVMixerTray"="c:\program files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" [2004-06-03 131072]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2003-07-31 4493312]
"nwiz"="nwiz.exe" [2003-07-31 323584]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-07-28 23:08 1259376 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2006-09-01 14:57 282624 ----a-w- c:\program files\QuickTime\qttask.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"=
"d:\\Games\\Codemasters\\Worms 4 Mayhem\\WORMS 4 MAYHEM.EXE"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"d:\\Games\\Counter-Strike Xtreme V5\\hl.exe"=
"c:\\Documents and Settings\\scorpio\\Local Settings\\Data aplikací\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\Games\\Valve\\hl.exe"=
.
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [9. 12. 2011 18:07 263888]
R0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS.sys [9. 12. 2011 18:07 338880]
R0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA.sys [9. 12. 2011 18:07 656320]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [9. 12. 2011 10:08 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [9. 12. 2011 10:08 314456]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [15. 2. 2011 13:39 218688]
R1 PCTSD;PC Tools Spyware Doctor Driver;c:\windows\system32\drivers\PCTSD.sys [9. 12. 2011 18:07 233976]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [9. 12. 2011 10:08 20568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18. 3. 2010 13:16 130384]
S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [22. 1. 2011 17:23 8704]
S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [22. 1. 2011 17:23 3072]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [30. 1. 2011 8:48 13224]
S3 KMWDFilterV1;KMWDFilterV1;c:\windows\system32\drivers\RPGMOUSEV1.sys [16. 11. 2011 8:55 18432]
S3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [20. 1. 2011 17:08 16472]
S3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [20. 1. 2011 17:08 11104]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\PC Tools Security\pctsAuxs.exe [9. 12. 2011 18:06 371472]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [30. 1. 2011 8:49 27632]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18. 3. 2010 13:16 753504]
.
Contents of the 'Scheduled Tasks' folder
.
2011-12-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-04-02 13:39]
.
2011-12-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-04-02 13:39]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll
FF - ProfilePath - c:\documents and settings\scorpio\Data aplikací\Mozilla\Firefox\Profiles\yxj8pdqt.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype Click to Call: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-12 10:19
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'lsass.exe'(652)
c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll
.
- - - - - - - > 'explorer.exe'(3328)
c:\windows\system32\webcheck.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\WgaTray.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\rundll32.exe
.
**************************************************************************
.
Completion time: 2011-12-12 10:24:28 - machine was rebooted
ComboFix-quarantined-files.txt 2011-12-12 09:24
ComboFix2.txt 2011-12-10 14:03
.
Pre-Run: Volných bajtů: 16 626 511 872
Post-Run: Volných bajtů: 16 641 597 440
.
- - End Of File - - A3A7B17BE194AF2E87C84E21FB9A4282