Dobrý den, comodo nahlásilo nějaký malware, s tím že ho nedokáže odstranit a já jej nemůžu najít. Prosím o kontrolu logu.
Logfile of random's system information tool 1.09 (written by random/random)
Run by nofu at 2012-01-05 00:00:19
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 75 GB (61%) free of 122 GB
Total RAM: 2960 MB (59% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:00:26, on 5.1.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe
C:\Program Files\G Data AntiVirus\AVKTray\AVKTray.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\conhost.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files\Zune\ZuneLauncher.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\SugarSync\SugarSyncManager.exe
C:\Program Files\Bluetooth Software\BTTray.exe
C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe
C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmNotify.exe
C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\RSIT\RSIT.exe
C:\Program Files\trend micro\nofu.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.daum.net/search?nil_profi ... de=ms&q=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: G Data WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G Data AntiVirus\WebFilter\AvkWebIE.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: G Data BankGuard - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files\Common Files\G Data\AVKProxy\BanksafeBHO.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: G Data WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G Data AntiVirus\WebFilter\AvkWebIE.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [picon] "C:\Program Files\Common Files\Intel\Privacy Icon\PIconStartup.exe"
O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
O4 - HKLM\..\Run: [WavXMgr] C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe
O4 - HKLM\..\Run: [USCService] C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe
O4 - HKLM\..\Run: [KeePass 2 PreLoad] "C:\Program Files\KeePass Password Safe 2\KeePass.exe" --preload
O4 - HKLM\..\Run: [G Data AntiVirus Tray Application] C:\Program Files\G Data AntiVirus\AVKTray\AVKTray.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKCU\..\Run: [SpiderOak] C:\Program Files\SpiderOak\SpiderOak.exe --windows_startup
O4 - HKCU\..\Run: [SugarSync] "C:\Program Files\SugarSync\SugarSyncManager.exe" -startInTray -usedelay=true
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: EvernoteClipper.lnk = C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
O4 - Startup: Miranda IM.lnk = C:\Program Files\Miranda IM\miranda32.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Dell System Manager.lnk = C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe
O4 - Global Startup: TdmNotify.lnk = C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmNotify.exe
O8 - Extra context menu item: Add to Evernote 4.0 - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: @C:\Program Files\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\system32\guard32.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_d511891fb5bff1e2\aestsrv.exe
O23 - Service: G Data AntiVirus Proxy (AVKProxy) - G Data Software AG - C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe
O23 - Service: G Data Scheduler (AVKService) - G Data Software AG - C:\Program Files\G Data AntiVirus\AVK\AVKService.exe
O23 - Service: G Data Filesystem Monitor (AVKWCtl) - G Data Software AG - C:\Program Files\G Data AntiVirus\AVK\AVKWCtl.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Bluetooth Software\btwdins.exe
O23 - Service: Dell ControlPoint Button Service (buttonsvc32) - Dell Inc. - C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Credential Vault Host Control Service - Broadcom Corporation - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
O23 - Service: Credential Vault Host Storage - Broadcom Corporation - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
O23 - Service: Dell System Manager Service (dcpsysmgrsvc) - Dell Inc. - C:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe
O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Program Files\Common Files\G Data\GDScan\GDScan.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\AMT\LMS.exe
O23 - Service: postgresql-8.4 - PostgreSQL Global Development Group - C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe
O23 - Service: SecureStorageService - Wave Systems Corp. - C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_d511891fb5bff1e2\STacSV.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: NTRU TSS v1.2.1.29 TCS (tcsd_win32.exe) - Unknown owner - C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
O23 - Service: TdmService - Wave Systems Corp. - C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
--
End of file - 13932 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Allway Sync_{4F0C1497E9A5A062AD06B978802E02AB}.job
=========Mozilla firefox=========
ProfilePath - C:\Users\nofu\AppData\Roaming\Mozilla\Firefox\Profiles\s0obompx.default
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
prefs.js - "extensions.enabledItems" - "{d37dc5d0-431d-44e5-8c91-49419370caa1}:2.6.18, foxmarks@kei.com:3.9.5, {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3, {ea614400-e918-4741-9a97-7a972ff7c30b}:2.1.14, {9AA46F4F-4DC7-4c06-97AF-5035170633FE}:21.1.., {01A8CA0A-4C96-465b-A49B-65C46FAD54F9}:6.0, web2pdfextension@web2pdf.adobedotcom:1.0, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.15, {07b2a769-ed19-4483-87ce-c643914caed1}:2.2.1"
"{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}"=C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
"web2pdfextension@web2pdf.adobedotcom"=C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18]
"Description"=Veetle TV Core
"Path"=C:\Program Files\Veetle\plugins\npVeetle.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18]
"Description"=Veetle TV Player
"Path"=C:\Program Files\Veetle\Player\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{906305f7-aafc-45e9-8bbd-941950a84dad}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{9AA46F4F-4DC7-4c06-97AF-5035170633FE}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsRLCT4Player.xpt
C:\Program Files\Mozilla Firefox\plugins\
CrazyTalk4Native.dll
ctdomemhelper.dll
ctframeplayerobject.dll
ctplayerobject.dll
imagickrt.dll
np-mswmp.dll
npContribute.dll
npdeployJava1.dll
nppdf32.DEU
nppdf32.dll
nppdf32.FRA
npRLCT4Player.dll
rlcontentclass.dll
RLMusicPacker.dll
RLMusicUnpacker.dll
RLVoicePacker.dll
RLVoiceUnpacker.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\nofu\AppData\Roaming\Mozilla\Firefox\Profiles\s0obompx.default\extensions\
foxmarks@kei.com
keefox@chris.tomlinson
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
{d37dc5d0-431d-44e5-8c91-49419370caa1}
{ea614400-e918-4741-9a97-7a972ff7c30b}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0124123D-61B4-456f-AF86-78C53A0790C5}]
G Data WebFilter - C:\Program Files\G Data AntiVirus\WebFilter\AvkWebIE.dll [2011-03-07 576504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074C1DC5-9320-4A9A-947D-C042949C6216}]
ContributeBHO Class - C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27 164312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL [2011-06-12 4221328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05 339872]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA3295CF-17ED-4F49-9E95-D999A0ADBFDC}]
G Data BankGuard - C:\Program Files\Common Files\G Data\AVKProxy\BanksafeBHO.dll [2011-08-10 52216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05 339872]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0124123D-61B4-456f-AF86-78C53A0790C5} - G Data WebFilter - C:\Program Files\G Data AntiVirus\WebFilter\AvkWebIE.dll [2011-03-07 576504]
{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - Contribute Toolbar - C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27 164312]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05 339872]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"picon"=C:\Program Files\Common Files\Intel\Privacy Icon\PIconStartup.exe [2010-08-05 111640]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2010-03-09 495708]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2010-02-17 278528]
"Dell Webcam Central"=C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [2010-06-18 462991]
"WavXMgr"=C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe [2010-07-21 147840]
"USCService"=C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe [2010-06-22 34232]
"KeePass 2 PreLoad"=C:\Program Files\KeePass Password Safe 2\KeePass.exe [2011-07-12 1764352]
"G Data AntiVirus Tray Application"=C:\Program Files\G Data AntiVirus\AVKTray\AVKTray.exe [2011-08-19 921096]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-09-16 497648]
"AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-07-22 402432]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2011-12-21 6676808]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
""= []
"Adobe Acrobat Speed Launcher"=C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2011-09-05 36760]
"Acrobat Assistant 8.0"=C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2011-09-05 2904984]
"Zune Launcher"=C:\Program Files\Zune\ZuneLauncher.exe [2011-08-05 159456]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-03-05 137752]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-03-05 171032]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-03-05 172568]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpiderOak"=C:\Program Files\SpiderOak\SpiderOak.exe --windows_startup []
"SugarSync"=C:\Program Files\SugarSync\SugarSyncManager.exe [2011-11-11 12210176]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-10-13 17351304]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-11-10 3514176]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\Bluetooth Software\BTTray.exe
Dell System Manager.lnk - C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe
TdmNotify.lnk - C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmNotify.exe
C:\Users\nofu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
EvernoteClipper.lnk - C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
Miranda IM.lnk - C:\Program Files\Miranda IM\miranda32.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" C:\Windows\system32\guard32.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 228864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL [2011-06-12 4221328]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
wvauth
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\Program Files\Adobe\Adobe Dreamweaver CS5\Dreamweaver.exe","%1"
======List of files/folders created in the last 1 month======
2012-01-04 23:48:49 ----SHD---- C:\Config.Msi
2012-01-04 23:46:31 ----D---- C:\rsit
2012-01-04 23:46:31 ----D---- C:\Program Files\trend micro
2012-01-04 23:46:09 ----D---- C:\Program Files\RSIT
2012-01-04 21:32:56 ----D---- C:\Users\nofu\AppData\Roaming\Malwarebytes
2012-01-04 21:32:43 ----D---- C:\ProgramData\Malwarebytes
2012-01-04 21:32:42 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2012-01-04 21:32:42 ----A---- C:\Windows\system32\drivers\mbam.sys
2012-01-04 21:30:36 ----D---- C:\ProgramData\CPA_VA
2012-01-04 21:22:33 ----A---- C:\Windows\system32\gdiplus.dll
2012-01-04 21:04:04 ----D---- C:\Program Files\Microsoft Synchronization Services
2012-01-04 21:04:03 ----D---- C:\Program Files\Common Files\DESIGNER
2012-01-04 21:03:32 ----D---- C:\Program Files\Microsoft Sync Framework
2012-01-04 21:03:32 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2012-01-04 21:01:20 ----D---- C:\Program Files\Microsoft Analysis Services
2012-01-04 21:00:52 ----D---- C:\Program Files\Microsoft Office
2012-01-04 21:00:51 ----D---- C:\ProgramData\Microsoft Help
2012-01-04 21:00:38 ----RHD---- C:\MSOCache
2011-12-28 21:37:16 ----D---- C:\Users\nofu\AppData\Roaming\Windows Live Writer
2011-12-28 18:46:08 ----A---- C:\Windows\system32\shell32.dll
2011-12-17 23:22:52 ----D---- C:\WP7-Update-Cab-Sender
2011-12-14 11:23:37 ----A---- C:\Windows\system32\mshtmled.dll
2011-12-14 11:23:36 ----A---- C:\Windows\system32\jscript.dll
2011-12-14 11:23:36 ----A---- C:\Windows\system32\iertutil.dll
2011-12-14 11:23:35 ----A---- C:\Windows\system32\jsproxy.dll
2011-12-14 11:23:35 ----A---- C:\Windows\system32\jscript9.dll
2011-12-14 11:23:34 ----A---- C:\Windows\system32\wininet.dll
2011-12-14 11:23:34 ----A---- C:\Windows\system32\url.dll
2011-12-14 11:23:34 ----A---- C:\Windows\system32\ieui.dll
2011-12-14 11:23:33 ----A---- C:\Windows\system32\urlmon.dll
2011-12-14 11:23:32 ----A---- C:\Windows\system32\mshtml.dll
2011-12-14 11:23:31 ----A---- C:\Windows\system32\ieframe.dll
2011-12-14 11:12:10 ----A---- C:\Windows\system32\win32k.sys
2011-12-14 11:12:08 ----A---- C:\Windows\system32\tzres.dll
2011-12-14 11:12:03 ----A---- C:\Windows\system32\EncDec.dll
2011-12-14 11:12:03 ----A---- C:\Windows\system32\csrsrv.dll
2011-12-14 11:12:02 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-12-14 11:12:02 ----A---- C:\Windows\system32\ntkrnlpa.exe
2011-12-07 08:05:49 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2011-12-07 08:05:17 ----D---- C:\Program Files\DAEMON Tools Lite
======List of files/folders modified in the last 1 month======
2012-01-05 00:00:27 ----D---- C:\Windows\Temp
2012-01-04 23:59:46 ----D---- C:\Users\nofu\AppData\Roaming\Skype
2012-01-04 23:59:01 ----A---- C:\Windows\system32\log.txt
2012-01-04 23:57:07 ----A---- C:\Windows\system32\bipbsp_log.txt
2012-01-04 23:57:02 ----D---- C:\Windows\system32\config
2012-01-04 23:55:59 ----SHD---- C:\Windows\Installer
2012-01-04 23:55:59 ----RSD---- C:\Windows\assembly
2012-01-04 23:55:37 ----D---- C:\Windows\System32
2012-01-04 23:46:31 ----RD---- C:\Program Files
2012-01-04 23:45:53 ----D---- C:\Users\nofu\AppData\Roaming\KeePass
2012-01-04 23:44:53 ----D---- C:\Windows\inf
2012-01-04 23:44:53 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-01-04 23:19:44 ----D---- C:\Windows\system32\drivers
2012-01-04 22:20:34 ----D---- C:\Program Files\COMODO
2012-01-04 21:32:43 ----HD---- C:\ProgramData
2012-01-04 21:27:34 ----SD---- C:\Users\nofu\AppData\Roaming\Microsoft
2012-01-04 21:19:19 ----D---- C:\Program Files\OpenOffice.org 3
2012-01-04 21:09:20 ----D---- C:\Windows\Microsoft.NET
2012-01-04 21:07:46 ----D---- C:\Windows\winsxs
2012-01-04 21:07:28 ----D---- C:\Windows\system32\Tasks
2012-01-04 21:05:14 ----RSD---- C:\Windows\Fonts
2012-01-04 21:04:58 ----D---- C:\Program Files\Common Files\microsoft shared
2012-01-04 21:04:03 ----D---- C:\Program Files\Common Files
2012-01-04 21:03:32 ----SD---- C:\ProgramData\Microsoft
2012-01-04 21:01:32 ----D---- C:\Windows\ShellNew
2012-01-04 20:50:30 ----D---- C:\Program Files\KeePass Password Safe 2
2012-01-02 20:31:19 ----D---- C:\Windows\system32\catroot
2012-01-01 15:07:45 ----D---- C:\Users\nofu\AppData\Roaming\FileZilla
2012-01-01 15:05:46 ----D---- C:\Program Files\FileZilla FTP Client
2011-12-31 20:23:43 ----D---- C:\Program Files\FreeRapid-0.86u1
2011-12-28 21:17:04 ----D---- C:\Program Files\Windows Live
2011-12-28 18:45:58 ----D---- C:\Windows\system32\catroot2
2011-12-22 11:36:47 ----D---- C:\Program Files\Mozilla Firefox
2011-12-20 19:03:31 ----D---- C:\Program Files\Goalwin
2011-12-20 12:23:52 ----D---- C:\Program Files\Expekt Poker
2011-12-19 19:58:56 ----A---- C:\Windows\system32\cmdcsr.dll
2011-12-19 19:58:55 ----A---- C:\Windows\system32\guard32.dll
2011-12-17 23:31:32 ----D---- C:\Program Files\Zune
2011-12-16 20:11:02 ----D---- C:\Windows\rescache
2011-12-16 11:55:05 ----D---- C:\Windows\system32\NDF
2011-12-16 10:04:40 ----D---- C:\Windows\Minidump
2011-12-16 10:04:36 ----D---- C:\Windows
2011-12-14 11:27:42 ----D---- C:\Windows\system32\migration
2011-12-14 11:27:42 ----D---- C:\Windows\system32\cs-CZ
2011-12-14 11:27:42 ----D---- C:\Program Files\Internet Explorer
2011-12-14 11:24:02 ----A---- C:\Windows\system32\MRT.exe
2011-12-07 08:06:57 ----D---- C:\Users\nofu\AppData\Roaming\DAEMON Tools Lite
2011-12-07 08:05:51 ----D---- C:\Windows\system32\DriverStore
2011-12-06 22:20:39 ----A---- C:\Windows\system32\pokerstove.txt
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 GDBehave;GDBehave; C:\Windows\system32\drivers\GDBehave.sys [2011-11-09 40440]
R0 PBADRV;PBADRV; C:\Windows\system32\DRIVERS\PBADRV.sys [2008-06-04 26608]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2009-07-09 45200]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2011-12-19 491816]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2011-12-19 39640]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 fanio;FanIO driver; \??\C:\Windows\system32\drivers\fanio.sys [2007-02-16 14464]
R1 GDMnIcpt;GDMnIcpt; \??\C:\Windows\system32\drivers\MiniIcpt.sys [2011-11-09 79992]
R1 gdwfpcd;G DATA WFP CD; C:\Windows\system32\drivers\gdwfpcd32.sys [2011-11-09 54648]
R1 GRD;G Data Rootkit Detector Driver; \??\C:\Windows\system32\drivers\GRD.sys [2011-11-09 30256]
R1 HookCentre;HookCentre; \??\C:\Windows\system32\drivers\HookCentre.sys [2011-11-09 41336]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Program Files\HWiNFO32\HWiNFO32.SYS [2011-08-23 21112]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2011-12-19 82400]
R1 vmm;Virtual Machine Monitor; \??\C:\Windows\system32\Drivers\vmm.sys [2011-07-19 230248]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2009-06-25 48128]
R2 WavxDMgr;WavxDMgr; C:\Windows\system32\DRIVERS\WavxDMgr.sys [2010-01-19 229888]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows x86; C:\Windows\system32\DRIVERS\Apfiltr.sys [2010-03-10 251440]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver; C:\Windows\system32\DRIVERS\CtClsFlt.sys [2010-06-07 146272]
R3 cvusbdrv;Dell ControlVault; C:\Windows\System32\Drivers\cvusbdrv.sys [2009-11-03 33832]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-12-07 239168]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y6232.sys [2009-06-12 221912]
R3 GDPkIcpt;GDPkIcpt; \??\C:\Windows\system32\drivers\PktIcpt.sys [2011-11-09 49016]
R3 HECI;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2009-06-23 40832]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2011-02-11 9036800]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2010-03-15 127488]
R3 NETwNs32;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 32 Bit; C:\Windows\system32\DRIVERS\NETwNs32.sys [2010-07-14 6814720]
R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 84992]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2010-03-09 423424]
R3 WinUsb;Ovladač WinUsb; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-20 35968]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 acpials;Filtr zařízení ALS Sensor; C:\Windows\system32\DRIVERS\acpials.sys [2009-07-14 7680]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 Axtmvflt;Axesstel USB Filter Service; C:\Windows\system32\DRIVERS\Axtmvflt.sys [2007-03-22 3456]
S3 Axtmvmdm;Axesstel USB Modem; C:\Windows\system32\DRIVERS\Axtmvmdm.sys [2007-03-26 40064]
S3 Axtmvprt;Axesstel Diagnostic Port; C:\Windows\System32\Drivers\Axtmvprt.sys [2007-03-26 38784]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-11-09 86056]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2009-11-09 108072]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-11-09 29472]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-11-09 18344]
S3 CtAudDrv;Provides advanced audio effects for audio devices.; \??\C:\Windows\system32\Drivers\CtAudDrv.sys [2009-05-28 134144]
S3 GdNetMon;G Data Network Monitor; \??\C:\Windows\system32\drivers\GdNetMon32.sys [2011-11-09 29400]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 RDPDISPM;RDPDISPM; C:\Windows\system32\DRIVERS\rdpdispm.sys [2010-09-25 9040]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_d511891fb5bff1e2\aestsrv.exe [2009-03-03 81920]
R2 AVKProxy;G Data AntiVirus Proxy; C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe [2011-11-04 1499656]
R2 AVKService;G Data Scheduler; C:\Program Files\G Data AntiVirus\AVK\AVKService.exe [2011-03-07 380408]
R2 AVKWCtl;G Data Filesystem Monitor; C:\Program Files\G Data AntiVirus\AVK\AVKWCtl.exe [2011-10-28 1554184]
R2 btwdins;Bluetooth Service; C:\Program Files\Bluetooth Software\btwdins.exe [2009-08-11 582944]
R2 buttonsvc32;Dell ControlPoint Button Service; C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe [2009-11-20 278304]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2011-12-19 1960584]
R2 Credential Vault Host Control Service;Credential Vault Host Control Service; C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [2010-03-23 812448]
R2 Credential Vault Host Storage;Credential Vault Host Storage; C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [2010-03-23 27040]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 dcpsysmgrsvc;Dell System Manager Service; C:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe [2010-08-24 388464]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files\Intel\AMT\LMS.exe [2010-08-05 178712]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_d511891fb5bff1e2\STacSV.exe [2010-03-09 229458]
R2 TdmService;TdmService; C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe [2010-03-29 1164648]
R2 TeamViewer5;TeamViewer 5; C:\Program Files\TeamViewer\TeamViewer_Service.exe [2010-09-21 1957672]
R2 TeamViewer6;TeamViewer 6; C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe [2010-12-07 2228008]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2010-08-05 2062872]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
R3 GDScan;G Data Scanner; C:\Program Files\Common Files\G Data\GDScan\GDScan.exe [2011-10-28 457536]
S2 tcsd_win32.exe;NTRU TSS v1.2.1.29 TCS; C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [2008-11-12 1273856]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 postgresql-8.4;postgresql-8.4; C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N postgresql-8.4 -D M:/PostgreSQL -w []
S3 SecureStorageService;SecureStorageService; C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe [2010-02-03 1032192]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-08-12 1343400]
S3 WMZuneComm;Zune Windows Mobile Connectivity Service; C:\Program Files\Zune\WMZuneComm.exe [2011-08-05 268512]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Comodo nahlásilo Malware
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Comodo nahlásilo Malware
Zdravim a pekny den preji 
Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe
Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) (viz muj podpis)
Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe
- Kliknete na volbu Change parametrs
- V obou oknech (Objects to scan i Additional Option) zakliknete vsechny moznosti - ve vsech ctvereccich musi mit fajecka
- Kliknete na OK
- Utilite prikazte, at skenuje - klik na Start Scan
- Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip
- Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip
- Pokud mate vsude Skip, kliknete na Continue
- Na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt bude log - jeho obsah sem vlozte
Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) (viz muj podpis)
- Provedte aktualizaci
- Provedte uplny sken - nic nemazte
- MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Comodo nahlásilo Malware
14:45:11.0364 1808 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
14:45:11.0635 1808 ============================================================
14:45:11.0635 1808 Current date / time: 2012/01/05 14:45:11.0635
14:45:11.0635 1808 SystemInfo:
14:45:11.0635 1808
14:45:11.0635 1808 OS Version: 6.1.7601 ServicePack: 1.0
14:45:11.0635 1808 Product type: Workstation
14:45:11.0636 1808 ComputerName: E4200
14:45:11.0636 1808 UserName: nofu
14:45:11.0636 1808 Windows directory: C:\Windows
14:45:11.0636 1808 System windows directory: C:\Windows
14:45:11.0636 1808 Processor architecture: Intel x86
14:45:11.0636 1808 Number of processors: 2
14:45:11.0636 1808 Page size: 0x1000
14:45:11.0636 1808 Boot type: Normal boot
14:45:11.0636 1808 ============================================================
14:45:11.0942 1808 Initialize success
14:46:26.0451 7772 ============================================================
14:46:26.0451 7772 Scan started
14:46:26.0451 7772 Mode: Manual; SigCheck; TDLFS;
14:46:26.0451 7772 ============================================================
14:46:26.0639 7772 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
14:46:27.0538 7772 1394ohci - ok
14:46:27.0564 7772 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
14:46:27.0630 7772 ACPI - ok
14:46:27.0650 7772 acpials (79d6b28027c398b728ce7cd0570248b0) C:\Windows\system32\DRIVERS\acpials.sys
14:46:27.0718 7772 acpials - ok
14:46:27.0744 7772 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
14:46:27.0813 7772 AcpiPmi - ok
14:46:27.0841 7772 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
14:46:27.0902 7772 adp94xx - ok
14:46:27.0933 7772 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
14:46:28.0007 7772 adpahci - ok
14:46:28.0030 7772 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
14:46:28.0084 7772 adpu320 - ok
14:46:28.0119 7772 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
14:46:28.0186 7772 AFD - ok
14:46:28.0207 7772 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
14:46:28.0260 7772 agp440 - ok
14:46:28.0282 7772 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
14:46:28.0337 7772 aic78xx - ok
14:46:28.0361 7772 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
14:46:28.0416 7772 aliide - ok
14:46:28.0437 7772 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
14:46:28.0492 7772 amdagp - ok
14:46:28.0514 7772 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
14:46:28.0568 7772 amdide - ok
14:46:28.0590 7772 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
14:46:28.0655 7772 AmdK8 - ok
14:46:28.0677 7772 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
14:46:28.0740 7772 AmdPPM - ok
14:46:28.0761 7772 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
14:46:28.0815 7772 amdsata - ok
14:46:28.0840 7772 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
14:46:28.0895 7772 amdsbs - ok
14:46:28.0916 7772 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
14:46:28.0971 7772 amdxata - ok
14:46:28.0996 7772 ApfiltrService (22403504e15810e99a563782e9d45311) C:\Windows\system32\DRIVERS\Apfiltr.sys
14:46:29.0100 7772 ApfiltrService - ok
14:46:29.0223 7772 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
14:46:29.0296 7772 AppID - ok
14:46:29.0328 7772 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
14:46:29.0380 7772 arc - ok
14:46:29.0410 7772 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
14:46:29.0462 7772 arcsas - ok
14:46:29.0498 7772 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
14:46:29.0600 7772 AsyncMac - ok
14:46:29.0622 7772 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
14:46:29.0672 7772 atapi - ok
14:46:29.0717 7772 Axtmvflt (59629edd214c35a01e2527ac3b8a7fb3) C:\Windows\system32\DRIVERS\Axtmvflt.sys
14:46:29.0775 7772 Axtmvflt - ok
14:46:29.0796 7772 Axtmvmdm (37e23b1756eca768656097f72c0b458d) C:\Windows\system32\DRIVERS\Axtmvmdm.sys
14:46:29.0850 7772 Axtmvmdm - ok
14:46:29.0872 7772 Axtmvprt (2c7170be24eacc0b432eb1832fee0ddc) C:\Windows\system32\Drivers\Axtmvprt.sys
14:46:29.0925 7772 Axtmvprt - ok
14:46:29.0956 7772 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
14:46:30.0023 7772 b06bdrv - ok
14:46:30.0050 7772 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
14:46:30.0112 7772 b57nd60x - ok
14:46:30.0151 7772 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
14:46:30.0225 7772 Beep - ok
14:46:30.0256 7772 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
14:46:30.0314 7772 blbdrive - ok
14:46:30.0344 7772 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
14:46:30.0404 7772 bowser - ok
14:46:30.0425 7772 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:46:30.0490 7772 BrFiltLo - ok
14:46:30.0511 7772 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:46:30.0570 7772 BrFiltUp - ok
14:46:30.0599 7772 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
14:46:30.0664 7772 Brserid - ok
14:46:30.0686 7772 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
14:46:30.0746 7772 BrSerWdm - ok
14:46:30.0768 7772 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
14:46:30.0826 7772 BrUsbMdm - ok
14:46:30.0846 7772 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
14:46:30.0903 7772 BrUsbSer - ok
14:46:30.0925 7772 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\drivers\BthEnum.sys
14:46:30.0987 7772 BthEnum - ok
14:46:31.0009 7772 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
14:46:31.0071 7772 BTHMODEM - ok
14:46:31.0373 7772 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
14:46:31.0437 7772 BthPan - ok
14:46:31.0468 7772 BTHPORT (c2fbf6d271d9a94d839c416bf186ead9) C:\Windows\System32\Drivers\BTHport.sys
14:46:31.0534 7772 BTHPORT - ok
14:46:31.0561 7772 BTHUSB (c81e9413a25a439f436b1d4b6a0cf9e9) C:\Windows\System32\Drivers\BTHUSB.sys
14:46:31.0617 7772 BTHUSB - ok
14:46:31.0641 7772 btwaudio (d57d29132efe13a83133d9bd449e0cf1) C:\Windows\system32\drivers\btwaudio.sys
14:46:31.0690 7772 btwaudio - ok
14:46:31.0712 7772 btwavdt (d282c14a69357d0e1bafaecc2ca98c3a) C:\Windows\system32\DRIVERS\btwavdt.sys
14:46:31.0762 7772 btwavdt - ok
14:46:31.0789 7772 btwl2cap (aafd7cb76ba61fbb08e302da208c974a) C:\Windows\system32\DRIVERS\btwl2cap.sys
14:46:31.0836 7772 btwl2cap - ok
14:46:31.0856 7772 btwrchid (02eb4d2b05967df2d32f29c84ab1fb17) C:\Windows\system32\DRIVERS\btwrchid.sys
14:46:31.0903 7772 btwrchid - ok
14:46:31.0930 7772 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
14:46:32.0004 7772 cdfs - ok
14:46:32.0029 7772 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
14:46:32.0086 7772 cdrom - ok
14:46:32.0112 7772 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
14:46:32.0172 7772 circlass - ok
14:46:32.0195 7772 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
14:46:32.0252 7772 CLFS - ok
14:46:32.0282 7772 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
14:46:32.0340 7772 CmBatt - ok
14:46:32.0375 7772 cmdGuard (da8b98c232dadb0e6aee6f46d0a22114) C:\Windows\system32\DRIVERS\cmdguard.sys
14:46:32.0439 7772 cmdGuard - ok
14:46:32.0464 7772 cmdHlp (051d5be8106f09dd5e0d5589ea931b1e) C:\Windows\system32\DRIVERS\cmdhlp.sys
14:46:32.0515 7772 cmdHlp - ok
14:46:32.0536 7772 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
14:46:32.0603 7772 cmdide - ok
14:46:32.0631 7772 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
14:46:32.0710 7772 CNG - ok
14:46:32.0732 7772 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
14:46:32.0787 7772 Compbatt - ok
14:46:32.0811 7772 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
14:46:32.0875 7772 CompositeBus - ok
14:46:32.0900 7772 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
14:46:32.0951 7772 crcdisk - ok
14:46:32.0999 7772 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
14:46:33.0067 7772 CSC - ok
14:46:33.0127 7772 CtAudDrv (0f538df1673e5216f3baacb6911d9d0f) C:\Windows\system32\Drivers\CtAudDrv.sys
14:46:33.0188 7772 CtAudDrv - ok
14:46:33.0213 7772 CtClsFlt (5353e1fd1f9b295b39b22bc1c6cbc95f) C:\Windows\system32\DRIVERS\CtClsFlt.sys
14:46:33.0268 7772 CtClsFlt - ok
14:46:33.0290 7772 cvusbdrv (d1697063e2cdb6575aa46d668ffee825) C:\Windows\system32\Drivers\cvusbdrv.sys
14:46:33.0338 7772 cvusbdrv - ok
14:46:33.0374 7772 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
14:46:33.0454 7772 DfsC - ok
14:46:33.0482 7772 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
14:46:33.0562 7772 discache - ok
14:46:33.0586 7772 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
14:46:33.0639 7772 Disk - ok
14:46:33.0672 7772 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
14:46:33.0744 7772 drmkaud - ok
14:46:33.0771 7772 dtsoftbus01 (fb38473835476a6fb272215a1d972af9) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
14:46:33.0827 7772 dtsoftbus01 - ok
14:46:33.0862 7772 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
14:46:33.0934 7772 DXGKrnl - ok
14:46:33.0962 7772 e1yexpress (44a91d98d6719b49bcd649a863225b5c) C:\Windows\system32\DRIVERS\e1y6232.sys
14:46:34.0017 7772 e1yexpress - ok
14:46:34.0090 7772 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
14:46:34.0230 7772 ebdrv - ok
14:46:34.0271 7772 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
14:46:34.0335 7772 elxstor - ok
14:46:34.0357 7772 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
14:46:34.0415 7772 ErrDev - ok
14:46:34.0450 7772 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
14:46:34.0527 7772 exfat - ok
14:46:34.0557 7772 fanio (0dd24dabb0b8c4ac0d8f2ebf0492276a) C:\Windows\system32\drivers\fanio.sys
14:46:34.0575 7772 fanio ( UnsignedFile.Multi.Generic ) - warning
14:46:34.0575 7772 fanio - detected UnsignedFile.Multi.Generic (1)
14:46:34.0602 7772 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
14:46:34.0680 7772 fastfat - ok
14:46:34.0706 7772 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
14:46:34.0767 7772 fdc - ok
14:46:34.0801 7772 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
14:46:34.0855 7772 FileInfo - ok
14:46:34.0878 7772 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
14:46:34.0957 7772 Filetrace - ok
14:46:34.0980 7772 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
14:46:35.0042 7772 flpydisk - ok
14:46:35.0407 7772 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
14:46:35.0507 7772 FltMgr - ok
14:46:35.0537 7772 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
14:46:35.0589 7772 FsDepends - ok
14:46:35.0612 7772 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
14:46:35.0664 7772 Fs_Rec - ok
14:46:35.0690 7772 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
14:46:35.0749 7772 fvevol - ok
14:46:35.0773 7772 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
14:46:35.0827 7772 gagp30kx - ok
14:46:35.0852 7772 GDBehave (1b519753da1e7e51f37001e23f1bb045) C:\Windows\system32\drivers\GDBehave.sys
14:46:35.0907 7772 GDBehave - ok
14:46:35.0935 7772 GDMnIcpt (cd58774324a78bba15b89c35bed81593) C:\Windows\system32\drivers\MiniIcpt.sys
14:46:35.0985 7772 GDMnIcpt - ok
14:46:36.0009 7772 GdNetMon (a7757940b3380343b378b5a1e7fbef16) C:\Windows\system32\drivers\GdNetMon32.sys
14:46:36.0059 7772 GdNetMon - ok
14:46:36.0087 7772 GDPkIcpt (0f917bcee8f65402a2dd4024cf85ce32) C:\Windows\system32\drivers\PktIcpt.sys
14:46:36.0139 7772 GDPkIcpt - ok
14:46:36.0169 7772 gdwfpcd (26d22ca524c547828d05a13a863ba0a2) C:\Windows\system32\drivers\gdwfpcd32.sys
14:46:36.0224 7772 gdwfpcd - ok
14:46:36.0253 7772 GRD (8eb5731238c4a4007ffb63a0bb1bc7da) C:\Windows\system32\drivers\GRD.sys
14:46:36.0301 7772 GRD - ok
14:46:36.0324 7772 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
14:46:36.0384 7772 hcw85cir - ok
14:46:36.0415 7772 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
14:46:36.0486 7772 HdAudAddService - ok
14:46:36.0509 7772 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
14:46:36.0576 7772 HDAudBus - ok
14:46:36.0605 7772 HECI (30d57ee84e1e169d41a6e873b549a096) C:\Windows\system32\DRIVERS\HECI.sys
14:46:36.0664 7772 HECI - ok
14:46:36.0691 7772 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
14:46:36.0747 7772 HidBatt - ok
14:46:36.0771 7772 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
14:46:36.0833 7772 HidBth - ok
14:46:36.0857 7772 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
14:46:36.0917 7772 HidIr - ok
14:46:36.0946 7772 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\drivers\hidusb.sys
14:46:37.0006 7772 HidUsb - ok
14:46:37.0040 7772 HookCentre (4feff88a4bc6eeac4898bfd05325f5c8) C:\Windows\system32\drivers\HookCentre.sys
14:46:37.0091 7772 HookCentre - ok
14:46:37.0117 7772 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
14:46:37.0171 7772 HpSAMD - ok
14:46:37.0200 7772 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
14:46:37.0287 7772 HTTP - ok
14:46:37.0298 7772 HWiNFO32 (1a4ea4266acb04cf9f6b733302ac312f) C:\Program Files\HWiNFO32\HWiNFO32.SYS
14:46:37.0351 7772 HWiNFO32 - ok
14:46:37.0373 7772 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
14:46:37.0428 7772 hwpolicy - ok
14:46:37.0451 7772 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
14:46:37.0512 7772 i8042prt - ok
14:46:37.0545 7772 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\drivers\iaStorV.sys
14:46:37.0609 7772 iaStorV - ok
14:46:37.0770 7772 igfx (dce0b53570703cce580d066f89ef58cd) C:\Windows\system32\DRIVERS\igdkmd32.sys
14:46:38.0062 7772 igfx - ok
14:46:38.0091 7772 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
14:46:38.0142 7772 iirsp - ok
14:46:38.0176 7772 inspect (2ee3db2c1760171c6f72f2f1792a47b5) C:\Windows\system32\DRIVERS\inspect.sys
14:46:38.0223 7772 inspect - ok
14:46:38.0250 7772 IntcHdmiAddService (81486f0eb4238b65c317f97de246c4ac) C:\Windows\system32\drivers\IntcHdmi.sys
14:46:38.0305 7772 IntcHdmiAddService - ok
14:46:38.0328 7772 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
14:46:38.0381 7772 intelide - ok
14:46:38.0410 7772 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
14:46:38.0469 7772 intelppm - ok
14:46:38.0502 7772 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:46:38.0578 7772 IpFilterDriver - ok
14:46:38.0606 7772 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
14:46:38.0666 7772 IPMIDRV - ok
14:46:38.0693 7772 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
14:46:38.0774 7772 IPNAT - ok
14:46:38.0806 7772 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
14:46:38.0879 7772 IRENUM - ok
14:46:38.0903 7772 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
14:46:38.0959 7772 isapnp - ok
14:46:38.0986 7772 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
14:46:39.0044 7772 iScsiPrt - ok
14:46:39.0098 7772 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
14:46:39.0154 7772 kbdclass - ok
14:46:39.0178 7772 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
14:46:39.0233 7772 kbdhid - ok
14:46:39.0266 7772 KSecDD (412cea1aa78cc02a447f5c9e62b32ff1) C:\Windows\system32\Drivers\ksecdd.sys
14:46:39.0317 7772 KSecDD - ok
14:46:39.0346 7772 KSecPkg (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys
14:46:39.0401 7772 KSecPkg - ok
14:46:39.0441 7772 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
14:46:39.0518 7772 lltdio - ok
14:46:39.0562 7772 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
14:46:39.0618 7772 LSI_FC - ok
14:46:39.0645 7772 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
14:46:39.0698 7772 LSI_SAS - ok
14:46:39.0724 7772 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:46:39.0778 7772 LSI_SAS2 - ok
14:46:39.0802 7772 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:46:39.0856 7772 LSI_SCSI - ok
14:46:39.0882 7772 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
14:46:39.0957 7772 luafv - ok
14:46:39.0985 7772 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
14:46:40.0037 7772 megasas - ok
14:46:40.0066 7772 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
14:46:40.0123 7772 MegaSR - ok
14:46:40.0159 7772 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
14:46:40.0236 7772 Modem - ok
14:46:40.0260 7772 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
14:46:40.0322 7772 monitor - ok
14:46:40.0348 7772 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys
14:46:40.0401 7772 mouclass - ok
14:46:40.0426 7772 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
14:46:40.0484 7772 mouhid - ok
14:46:40.0508 7772 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
14:46:40.0561 7772 mountmgr - ok
14:46:40.0593 7772 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
14:46:40.0650 7772 mpio - ok
14:46:40.0674 7772 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
14:46:40.0748 7772 mpsdrv - ok
14:46:40.0776 7772 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
14:46:40.0845 7772 MRxDAV - ok
14:46:40.0869 7772 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:46:40.0932 7772 mrxsmb - ok
14:46:40.0957 7772 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:46:41.0016 7772 mrxsmb10 - ok
14:46:41.0040 7772 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:46:41.0099 7772 mrxsmb20 - ok
14:46:41.0140 7772 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\drivers\msahci.sys
14:46:41.0193 7772 msahci - ok
14:46:41.0225 7772 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\drivers\msdsm.sys
14:46:41.0288 7772 msdsm - ok
14:46:41.0328 7772 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
14:46:41.0406 7772 Msfs - ok
14:46:41.0430 7772 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
14:46:41.0505 7772 mshidkmdf - ok
14:46:41.0528 7772 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
14:46:41.0579 7772 msisadrv - ok
14:46:41.0612 7772 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
14:46:41.0688 7772 MSKSSRV - ok
14:46:41.0711 7772 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
14:46:41.0786 7772 MSPCLOCK - ok
14:46:41.0810 7772 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
14:46:41.0885 7772 MSPQM - ok
14:46:41.0914 7772 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
14:46:41.0972 7772 MsRPC - ok
14:46:42.0006 7772 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
14:46:42.0060 7772 mssmbios - ok
14:46:42.0085 7772 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
14:46:42.0162 7772 MSTEE - ok
14:46:42.0187 7772 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
14:46:42.0244 7772 MTConfig - ok
14:46:42.0269 7772 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
14:46:42.0325 7772 Mup - ok
14:46:42.0359 7772 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
14:46:42.0425 7772 NativeWifiP - ok
14:46:42.0460 7772 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
14:46:42.0532 7772 NDIS - ok
14:46:42.0557 7772 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
14:46:42.0632 7772 NdisCap - ok
14:46:42.0657 7772 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
14:46:42.0731 7772 NdisTapi - ok
14:46:42.0755 7772 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
14:46:42.0828 7772 Ndisuio - ok
14:46:42.0855 7772 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
14:46:42.0930 7772 NdisWan - ok
14:46:42.0955 7772 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
14:46:43.0027 7772 NDProxy - ok
14:46:43.0051 7772 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
14:46:43.0129 7772 NetBIOS - ok
14:46:43.0156 7772 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
14:46:43.0232 7772 NetBT - ok
14:46:43.0344 7772 netw5v32 (58218ec6b61b1169cf54aab0d00f5fe2) C:\Windows\system32\DRIVERS\netw5v32.sys
14:46:43.0519 7772 netw5v32 - ok
14:46:43.0648 7772 NETwNs32 (29e4f23d31fb66c7bf0014d36cf5af2a) C:\Windows\system32\DRIVERS\NETwNs32.sys
14:46:43.0903 7772 NETwNs32 - ok
14:46:43.0930 7772 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
14:46:43.0980 7772 nfrd960 - ok
14:46:44.0010 7772 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
14:46:44.0088 7772 Npfs - ok
14:46:44.0121 7772 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
14:46:44.0199 7772 nsiproxy - ok
14:46:44.0242 7772 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
14:46:44.0328 7772 Ntfs - ok
14:46:44.0353 7772 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
14:46:44.0428 7772 Null - ok
14:46:44.0453 7772 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
14:46:44.0508 7772 nvraid - ok
14:46:44.0534 7772 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
14:46:44.0585 7772 nvstor - ok
14:46:44.0611 7772 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
14:46:44.0663 7772 nv_agp - ok
14:46:44.0688 7772 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
14:46:44.0747 7772 ohci1394 - ok
14:46:44.0800 7772 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
14:46:44.0859 7772 Parport - ok
14:46:44.0883 7772 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
14:46:44.0935 7772 partmgr - ok
14:46:44.0960 7772 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
14:46:45.0017 7772 Parvdm - ok
14:46:45.0044 7772 PBADRV (4088c1ecd1f54281a92fa663b0fdc36f) C:\Windows\system32\DRIVERS\PBADRV.sys
14:46:45.0092 7772 PBADRV - ok
14:46:45.0124 7772 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
14:46:45.0180 7772 pci - ok
14:46:45.0204 7772 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
14:46:45.0257 7772 pciide - ok
14:46:45.0286 7772 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
14:46:45.0344 7772 pcmcia - ok
14:46:45.0369 7772 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
14:46:45.0422 7772 pcw - ok
14:46:45.0454 7772 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
14:46:45.0542 7772 PEAUTH - ok
14:46:45.0637 7772 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
14:46:45.0714 7772 PptpMiniport - ok
14:46:45.0740 7772 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
14:46:45.0798 7772 Processor - ok
14:46:45.0838 7772 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
14:46:45.0916 7772 Psched - ok
14:46:45.0942 7772 PxHelp20 (40fedd328f98245ad201cf5f9f311724) C:\Windows\system32\Drivers\PxHelp20.sys
14:46:45.0993 7772 PxHelp20 - ok
14:46:46.0040 7772 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
14:46:46.0132 7772 ql2300 - ok
14:46:46.0158 7772 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
14:46:46.0212 7772 ql40xx - ok
14:46:46.0246 7772 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
14:46:46.0305 7772 QWAVEdrv - ok
14:46:46.0330 7772 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
14:46:46.0403 7772 RasAcd - ok
14:46:46.0430 7772 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
14:46:46.0504 7772 RasAgileVpn - ok
14:46:46.0536 7772 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:46:46.0613 7772 Rasl2tp - ok
14:46:46.0644 7772 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
14:46:46.0722 7772 RasPppoe - ok
14:46:46.0750 7772 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
14:46:46.0825 7772 RasSstp - ok
14:46:46.0852 7772 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
14:46:46.0931 7772 rdbss - ok
14:46:46.0956 7772 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
14:46:47.0020 7772 rdpbus - ok
14:46:47.0044 7772 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:46:47.0119 7772 RDPCDD - ok
14:46:47.0152 7772 RDPDISPM (a862a3a8d7d2d75bdc41b556325e9876) C:\Windows\system32\DRIVERS\rdpdispm.sys
14:46:47.0205 7772 RDPDISPM - ok
14:46:47.0233 7772 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
14:46:47.0291 7772 RDPDR - ok
14:46:47.0317 7772 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
14:46:47.0393 7772 RDPENCDD - ok
14:46:47.0426 7772 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
14:46:47.0502 7772 RDPREFMP - ok
14:46:47.0528 7772 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys
14:46:47.0604 7772 RDPWD - ok
14:46:47.0633 7772 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
14:46:47.0689 7772 rdyboost - ok
14:46:47.0730 7772 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
14:46:47.0800 7772 RFCOMM - ok
14:46:47.0826 7772 rimmptsk (df672613fbbcd58c38bb0bc2694bcfb0) C:\Windows\system32\DRIVERS\rimmptsk.sys
14:46:47.0886 7772 rimmptsk - ok
14:46:47.0944 7772 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
14:46:48.0036 7772 rspndr - ok
14:46:48.0060 7772 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
14:46:48.0121 7772 s3cap - ok
14:46:48.0153 7772 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
14:46:48.0207 7772 sbp2port - ok
14:46:48.0237 7772 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
14:46:48.0309 7772 scfilter - ok
14:46:48.0346 7772 sdbus (0328be1c7f1cba23848179f8762e391c) C:\Windows\system32\drivers\sdbus.sys
14:46:48.0409 7772 sdbus - ok
14:46:48.0441 7772 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
14:46:48.0518 7772 secdrv - ok
14:46:48.0566 7772 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
14:46:48.0633 7772 Serenum - ok
14:46:48.0659 7772 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
14:46:48.0719 7772 Serial - ok
14:46:48.0744 7772 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
14:46:48.0803 7772 sermouse - ok
14:46:48.0874 7772 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
14:46:48.0938 7772 sffdisk - ok
14:46:48.0962 7772 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
14:46:49.0020 7772 sffp_mmc - ok
14:46:49.0044 7772 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
14:46:49.0104 7772 sffp_sd - ok
14:46:49.0130 7772 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
14:46:49.0189 7772 sfloppy - ok
14:46:49.0229 7772 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
14:46:49.0280 7772 sisagp - ok
14:46:49.0306 7772 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:46:49.0357 7772 SiSRaid2 - ok
14:46:49.0382 7772 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
14:46:49.0437 7772 SiSRaid4 - ok
14:46:49.0463 7772 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
14:46:49.0545 7772 Smb - ok
14:46:49.0590 7772 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
14:46:49.0642 7772 spldr - ok
14:46:49.0694 7772 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
14:46:49.0760 7772 srv - ok
14:46:49.0792 7772 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
14:46:49.0854 7772 srv2 - ok
14:46:49.0880 7772 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
14:46:49.0943 7772 srvnet - ok
14:46:49.0987 7772 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
14:46:50.0046 7772 stexstor - ok
14:46:50.0079 7772 STHDA (2b50cfed920d4cd973adbaaad3fe704f) C:\Windows\system32\DRIVERS\stwrt.sys
14:46:50.0147 7772 STHDA - ok
14:46:50.0178 7772 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
14:46:50.0231 7772 storflt - ok
14:46:50.0262 7772 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
14:46:50.0314 7772 storvsc - ok
14:46:50.0341 7772 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
14:46:50.0392 7772 swenum - ok
14:46:50.0485 7772 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys
14:46:50.0591 7772 Tcpip - ok
14:46:50.0637 7772 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys
14:46:50.0717 7772 TCPIP6 - ok
14:46:50.0752 7772 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
14:46:50.0827 7772 tcpipreg - ok
14:46:50.0878 7772 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
14:46:50.0952 7772 TDPIPE - ok
14:46:50.0977 7772 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys
14:46:51.0053 7772 TDTCP - ok
14:46:51.0080 7772 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
14:46:51.0154 7772 tdx - ok
14:46:51.0195 7772 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
14:46:51.0246 7772 TermDD - ok
14:46:51.0314 7772 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:46:51.0389 7772 tssecsrv - ok
14:46:51.0416 7772 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
14:46:51.0476 7772 TsUsbFlt - ok
14:46:51.0502 7772 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
14:46:51.0579 7772 tunnel - ok
14:46:51.0606 7772 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
14:46:51.0659 7772 uagp35 - ok
14:46:51.0687 7772 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
14:46:51.0769 7772 udfs - ok
14:46:51.0857 7772 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
14:46:51.0912 7772 uliagpkx - ok
14:46:51.0942 7772 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys
14:46:52.0003 7772 umbus - ok
14:46:52.0030 7772 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
14:46:52.0087 7772 UmPass - ok
14:46:52.0135 7772 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
14:46:52.0201 7772 usbccgp - ok
14:46:52.0228 7772 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
14:46:52.0290 7772 usbcir - ok
14:46:52.0316 7772 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
14:46:52.0373 7772 usbehci - ok
14:46:52.0403 7772 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
14:46:52.0468 7772 usbhub - ok
14:46:52.0493 7772 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
14:46:52.0559 7772 usbohci - ok
14:46:52.0586 7772 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
14:46:52.0645 7772 usbprint - ok
14:46:52.0670 7772 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:46:52.0730 7772 USBSTOR - ok
14:46:52.0755 7772 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys
14:46:52.0814 7772 usbuhci - ok
14:46:52.0842 7772 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\System32\Drivers\usbvideo.sys
14:46:52.0905 7772 usbvideo - ok
14:46:52.0966 7772 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
14:46:53.0022 7772 vdrvroot - ok
14:46:53.0060 7772 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
14:46:53.0129 7772 vga - ok
14:46:53.0156 7772 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
14:46:53.0239 7772 VgaSave - ok
14:46:53.0271 7772 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
14:46:53.0329 7772 vhdmp - ok
14:46:53.0356 7772 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
14:46:53.0415 7772 viaagp - ok
14:46:53.0441 7772 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
14:46:53.0503 7772 ViaC7 - ok
14:46:53.0528 7772 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
14:46:53.0580 7772 viaide - ok
14:46:53.0608 7772 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
14:46:53.0664 7772 vmbus - ok
14:46:53.0689 7772 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
14:46:53.0752 7772 VMBusHID - ok
14:46:53.0784 7772 vmm (c01604eaea9c89035cff58cdb322476c) C:\Windows\system32\Drivers\vmm.sys
14:46:53.0841 7772 vmm - ok
14:46:53.0868 7772 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
14:46:53.0921 7772 volmgr - ok
14:46:53.0952 7772 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
14:46:54.0012 7772 volmgrx - ok
14:46:54.0041 7772 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
14:46:54.0100 7772 volsnap - ok
14:46:54.0129 7772 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
14:46:54.0184 7772 vsmraid - ok
14:46:54.0220 7772 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
14:46:54.0278 7772 vwifibus - ok
14:46:54.0305 7772 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
14:46:54.0367 7772 vwififlt - ok
14:46:54.0407 7772 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
14:46:54.0465 7772 WacomPen - ok
14:46:54.0492 7772 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
14:46:54.0566 7772 WANARP - ok
14:46:54.0575 7772 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
14:46:54.0647 7772 Wanarpv6 - ok
14:46:54.0684 7772 WavxDMgr (fbf43b275efc98799e76d57e5437edee) C:\Windows\system32\DRIVERS\WavxDMgr.sys
14:46:54.0709 7772 WavxDMgr ( UnsignedFile.Multi.Generic ) - warning
14:46:54.0709 7772 WavxDMgr - detected UnsignedFile.Multi.Generic (1)
14:46:54.0762 7772 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
14:46:54.0817 7772 Wd - ok
14:46:54.0853 7772 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
14:46:54.0918 7772 Wdf01000 - ok
14:46:54.0988 7772 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
14:46:55.0065 7772 WfpLwf - ok
14:46:55.0097 7772 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
14:46:55.0150 7772 WIMMount - ok
14:46:55.0239 7772 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUSB.sys
14:46:55.0300 7772 WinUsb - ok
14:46:55.0341 7772 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
14:46:55.0398 7772 WmiAcpi - ok
14:46:55.0473 7772 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
14:46:55.0552 7772 ws2ifsl - ok
14:46:55.0612 7772 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
14:46:55.0690 7772 WudfPf - ok
14:46:55.0718 7772 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:46:55.0795 7772 WUDFRd - ok
14:46:55.0862 7772 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
14:46:55.0888 7772 \Device\Harddisk0\DR0 - ok
14:46:55.0893 7772 Boot (0x1200) (d3eea8095056adc8d175c1e44610f9f1) \Device\Harddisk0\DR0\Partition0
14:46:55.0894 7772 \Device\Harddisk0\DR0\Partition0 - ok
14:46:55.0901 7772 Boot (0x1200) (bfc26e308ad7d4b8a5ba68235a54c201) \Device\Harddisk0\DR0\Partition1
14:46:55.0902 7772 \Device\Harddisk0\DR0\Partition1 - ok
14:46:55.0904 7772 ============================================================
14:46:55.0904 7772 Scan finished
14:46:55.0904 7772 ============================================================
14:46:55.0918 7580 Detected object count: 2
14:46:55.0918 7580 Actual detected object count: 2
14:47:05.0134 7580 fanio ( UnsignedFile.Multi.Generic ) - skipped by user
14:47:05.0134 7580 fanio ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:47:05.0134 7580 WavxDMgr ( UnsignedFile.Multi.Generic ) - skipped by user
14:47:05.0134 7580 WavxDMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:47:07.0638 5560 Deinitialize success
Kontrolu MBAM jsem dělal těsně před tím, než jsem sem poslal svůj log, našel jen dva objekty, oba jsem do ingnore listu, je to internetová herna pokru, viz obrázek (omlouvám se, ale jako text mi to odtamtud nejde dostat).
14:45:11.0635 1808 ============================================================
14:45:11.0635 1808 Current date / time: 2012/01/05 14:45:11.0635
14:45:11.0635 1808 SystemInfo:
14:45:11.0635 1808
14:45:11.0635 1808 OS Version: 6.1.7601 ServicePack: 1.0
14:45:11.0635 1808 Product type: Workstation
14:45:11.0636 1808 ComputerName: E4200
14:45:11.0636 1808 UserName: nofu
14:45:11.0636 1808 Windows directory: C:\Windows
14:45:11.0636 1808 System windows directory: C:\Windows
14:45:11.0636 1808 Processor architecture: Intel x86
14:45:11.0636 1808 Number of processors: 2
14:45:11.0636 1808 Page size: 0x1000
14:45:11.0636 1808 Boot type: Normal boot
14:45:11.0636 1808 ============================================================
14:45:11.0942 1808 Initialize success
14:46:26.0451 7772 ============================================================
14:46:26.0451 7772 Scan started
14:46:26.0451 7772 Mode: Manual; SigCheck; TDLFS;
14:46:26.0451 7772 ============================================================
14:46:26.0639 7772 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
14:46:27.0538 7772 1394ohci - ok
14:46:27.0564 7772 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
14:46:27.0630 7772 ACPI - ok
14:46:27.0650 7772 acpials (79d6b28027c398b728ce7cd0570248b0) C:\Windows\system32\DRIVERS\acpials.sys
14:46:27.0718 7772 acpials - ok
14:46:27.0744 7772 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
14:46:27.0813 7772 AcpiPmi - ok
14:46:27.0841 7772 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
14:46:27.0902 7772 adp94xx - ok
14:46:27.0933 7772 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
14:46:28.0007 7772 adpahci - ok
14:46:28.0030 7772 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
14:46:28.0084 7772 adpu320 - ok
14:46:28.0119 7772 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
14:46:28.0186 7772 AFD - ok
14:46:28.0207 7772 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
14:46:28.0260 7772 agp440 - ok
14:46:28.0282 7772 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
14:46:28.0337 7772 aic78xx - ok
14:46:28.0361 7772 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
14:46:28.0416 7772 aliide - ok
14:46:28.0437 7772 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
14:46:28.0492 7772 amdagp - ok
14:46:28.0514 7772 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
14:46:28.0568 7772 amdide - ok
14:46:28.0590 7772 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
14:46:28.0655 7772 AmdK8 - ok
14:46:28.0677 7772 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
14:46:28.0740 7772 AmdPPM - ok
14:46:28.0761 7772 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
14:46:28.0815 7772 amdsata - ok
14:46:28.0840 7772 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
14:46:28.0895 7772 amdsbs - ok
14:46:28.0916 7772 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
14:46:28.0971 7772 amdxata - ok
14:46:28.0996 7772 ApfiltrService (22403504e15810e99a563782e9d45311) C:\Windows\system32\DRIVERS\Apfiltr.sys
14:46:29.0100 7772 ApfiltrService - ok
14:46:29.0223 7772 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
14:46:29.0296 7772 AppID - ok
14:46:29.0328 7772 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
14:46:29.0380 7772 arc - ok
14:46:29.0410 7772 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
14:46:29.0462 7772 arcsas - ok
14:46:29.0498 7772 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
14:46:29.0600 7772 AsyncMac - ok
14:46:29.0622 7772 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
14:46:29.0672 7772 atapi - ok
14:46:29.0717 7772 Axtmvflt (59629edd214c35a01e2527ac3b8a7fb3) C:\Windows\system32\DRIVERS\Axtmvflt.sys
14:46:29.0775 7772 Axtmvflt - ok
14:46:29.0796 7772 Axtmvmdm (37e23b1756eca768656097f72c0b458d) C:\Windows\system32\DRIVERS\Axtmvmdm.sys
14:46:29.0850 7772 Axtmvmdm - ok
14:46:29.0872 7772 Axtmvprt (2c7170be24eacc0b432eb1832fee0ddc) C:\Windows\system32\Drivers\Axtmvprt.sys
14:46:29.0925 7772 Axtmvprt - ok
14:46:29.0956 7772 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
14:46:30.0023 7772 b06bdrv - ok
14:46:30.0050 7772 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
14:46:30.0112 7772 b57nd60x - ok
14:46:30.0151 7772 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
14:46:30.0225 7772 Beep - ok
14:46:30.0256 7772 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
14:46:30.0314 7772 blbdrive - ok
14:46:30.0344 7772 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
14:46:30.0404 7772 bowser - ok
14:46:30.0425 7772 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:46:30.0490 7772 BrFiltLo - ok
14:46:30.0511 7772 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:46:30.0570 7772 BrFiltUp - ok
14:46:30.0599 7772 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
14:46:30.0664 7772 Brserid - ok
14:46:30.0686 7772 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
14:46:30.0746 7772 BrSerWdm - ok
14:46:30.0768 7772 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
14:46:30.0826 7772 BrUsbMdm - ok
14:46:30.0846 7772 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
14:46:30.0903 7772 BrUsbSer - ok
14:46:30.0925 7772 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\drivers\BthEnum.sys
14:46:30.0987 7772 BthEnum - ok
14:46:31.0009 7772 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
14:46:31.0071 7772 BTHMODEM - ok
14:46:31.0373 7772 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
14:46:31.0437 7772 BthPan - ok
14:46:31.0468 7772 BTHPORT (c2fbf6d271d9a94d839c416bf186ead9) C:\Windows\System32\Drivers\BTHport.sys
14:46:31.0534 7772 BTHPORT - ok
14:46:31.0561 7772 BTHUSB (c81e9413a25a439f436b1d4b6a0cf9e9) C:\Windows\System32\Drivers\BTHUSB.sys
14:46:31.0617 7772 BTHUSB - ok
14:46:31.0641 7772 btwaudio (d57d29132efe13a83133d9bd449e0cf1) C:\Windows\system32\drivers\btwaudio.sys
14:46:31.0690 7772 btwaudio - ok
14:46:31.0712 7772 btwavdt (d282c14a69357d0e1bafaecc2ca98c3a) C:\Windows\system32\DRIVERS\btwavdt.sys
14:46:31.0762 7772 btwavdt - ok
14:46:31.0789 7772 btwl2cap (aafd7cb76ba61fbb08e302da208c974a) C:\Windows\system32\DRIVERS\btwl2cap.sys
14:46:31.0836 7772 btwl2cap - ok
14:46:31.0856 7772 btwrchid (02eb4d2b05967df2d32f29c84ab1fb17) C:\Windows\system32\DRIVERS\btwrchid.sys
14:46:31.0903 7772 btwrchid - ok
14:46:31.0930 7772 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
14:46:32.0004 7772 cdfs - ok
14:46:32.0029 7772 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
14:46:32.0086 7772 cdrom - ok
14:46:32.0112 7772 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
14:46:32.0172 7772 circlass - ok
14:46:32.0195 7772 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
14:46:32.0252 7772 CLFS - ok
14:46:32.0282 7772 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
14:46:32.0340 7772 CmBatt - ok
14:46:32.0375 7772 cmdGuard (da8b98c232dadb0e6aee6f46d0a22114) C:\Windows\system32\DRIVERS\cmdguard.sys
14:46:32.0439 7772 cmdGuard - ok
14:46:32.0464 7772 cmdHlp (051d5be8106f09dd5e0d5589ea931b1e) C:\Windows\system32\DRIVERS\cmdhlp.sys
14:46:32.0515 7772 cmdHlp - ok
14:46:32.0536 7772 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
14:46:32.0603 7772 cmdide - ok
14:46:32.0631 7772 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
14:46:32.0710 7772 CNG - ok
14:46:32.0732 7772 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
14:46:32.0787 7772 Compbatt - ok
14:46:32.0811 7772 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
14:46:32.0875 7772 CompositeBus - ok
14:46:32.0900 7772 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
14:46:32.0951 7772 crcdisk - ok
14:46:32.0999 7772 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
14:46:33.0067 7772 CSC - ok
14:46:33.0127 7772 CtAudDrv (0f538df1673e5216f3baacb6911d9d0f) C:\Windows\system32\Drivers\CtAudDrv.sys
14:46:33.0188 7772 CtAudDrv - ok
14:46:33.0213 7772 CtClsFlt (5353e1fd1f9b295b39b22bc1c6cbc95f) C:\Windows\system32\DRIVERS\CtClsFlt.sys
14:46:33.0268 7772 CtClsFlt - ok
14:46:33.0290 7772 cvusbdrv (d1697063e2cdb6575aa46d668ffee825) C:\Windows\system32\Drivers\cvusbdrv.sys
14:46:33.0338 7772 cvusbdrv - ok
14:46:33.0374 7772 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
14:46:33.0454 7772 DfsC - ok
14:46:33.0482 7772 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
14:46:33.0562 7772 discache - ok
14:46:33.0586 7772 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
14:46:33.0639 7772 Disk - ok
14:46:33.0672 7772 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
14:46:33.0744 7772 drmkaud - ok
14:46:33.0771 7772 dtsoftbus01 (fb38473835476a6fb272215a1d972af9) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
14:46:33.0827 7772 dtsoftbus01 - ok
14:46:33.0862 7772 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
14:46:33.0934 7772 DXGKrnl - ok
14:46:33.0962 7772 e1yexpress (44a91d98d6719b49bcd649a863225b5c) C:\Windows\system32\DRIVERS\e1y6232.sys
14:46:34.0017 7772 e1yexpress - ok
14:46:34.0090 7772 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
14:46:34.0230 7772 ebdrv - ok
14:46:34.0271 7772 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
14:46:34.0335 7772 elxstor - ok
14:46:34.0357 7772 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
14:46:34.0415 7772 ErrDev - ok
14:46:34.0450 7772 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
14:46:34.0527 7772 exfat - ok
14:46:34.0557 7772 fanio (0dd24dabb0b8c4ac0d8f2ebf0492276a) C:\Windows\system32\drivers\fanio.sys
14:46:34.0575 7772 fanio ( UnsignedFile.Multi.Generic ) - warning
14:46:34.0575 7772 fanio - detected UnsignedFile.Multi.Generic (1)
14:46:34.0602 7772 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
14:46:34.0680 7772 fastfat - ok
14:46:34.0706 7772 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
14:46:34.0767 7772 fdc - ok
14:46:34.0801 7772 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
14:46:34.0855 7772 FileInfo - ok
14:46:34.0878 7772 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
14:46:34.0957 7772 Filetrace - ok
14:46:34.0980 7772 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
14:46:35.0042 7772 flpydisk - ok
14:46:35.0407 7772 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
14:46:35.0507 7772 FltMgr - ok
14:46:35.0537 7772 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
14:46:35.0589 7772 FsDepends - ok
14:46:35.0612 7772 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
14:46:35.0664 7772 Fs_Rec - ok
14:46:35.0690 7772 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
14:46:35.0749 7772 fvevol - ok
14:46:35.0773 7772 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
14:46:35.0827 7772 gagp30kx - ok
14:46:35.0852 7772 GDBehave (1b519753da1e7e51f37001e23f1bb045) C:\Windows\system32\drivers\GDBehave.sys
14:46:35.0907 7772 GDBehave - ok
14:46:35.0935 7772 GDMnIcpt (cd58774324a78bba15b89c35bed81593) C:\Windows\system32\drivers\MiniIcpt.sys
14:46:35.0985 7772 GDMnIcpt - ok
14:46:36.0009 7772 GdNetMon (a7757940b3380343b378b5a1e7fbef16) C:\Windows\system32\drivers\GdNetMon32.sys
14:46:36.0059 7772 GdNetMon - ok
14:46:36.0087 7772 GDPkIcpt (0f917bcee8f65402a2dd4024cf85ce32) C:\Windows\system32\drivers\PktIcpt.sys
14:46:36.0139 7772 GDPkIcpt - ok
14:46:36.0169 7772 gdwfpcd (26d22ca524c547828d05a13a863ba0a2) C:\Windows\system32\drivers\gdwfpcd32.sys
14:46:36.0224 7772 gdwfpcd - ok
14:46:36.0253 7772 GRD (8eb5731238c4a4007ffb63a0bb1bc7da) C:\Windows\system32\drivers\GRD.sys
14:46:36.0301 7772 GRD - ok
14:46:36.0324 7772 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
14:46:36.0384 7772 hcw85cir - ok
14:46:36.0415 7772 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
14:46:36.0486 7772 HdAudAddService - ok
14:46:36.0509 7772 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
14:46:36.0576 7772 HDAudBus - ok
14:46:36.0605 7772 HECI (30d57ee84e1e169d41a6e873b549a096) C:\Windows\system32\DRIVERS\HECI.sys
14:46:36.0664 7772 HECI - ok
14:46:36.0691 7772 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
14:46:36.0747 7772 HidBatt - ok
14:46:36.0771 7772 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
14:46:36.0833 7772 HidBth - ok
14:46:36.0857 7772 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
14:46:36.0917 7772 HidIr - ok
14:46:36.0946 7772 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\drivers\hidusb.sys
14:46:37.0006 7772 HidUsb - ok
14:46:37.0040 7772 HookCentre (4feff88a4bc6eeac4898bfd05325f5c8) C:\Windows\system32\drivers\HookCentre.sys
14:46:37.0091 7772 HookCentre - ok
14:46:37.0117 7772 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
14:46:37.0171 7772 HpSAMD - ok
14:46:37.0200 7772 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
14:46:37.0287 7772 HTTP - ok
14:46:37.0298 7772 HWiNFO32 (1a4ea4266acb04cf9f6b733302ac312f) C:\Program Files\HWiNFO32\HWiNFO32.SYS
14:46:37.0351 7772 HWiNFO32 - ok
14:46:37.0373 7772 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
14:46:37.0428 7772 hwpolicy - ok
14:46:37.0451 7772 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
14:46:37.0512 7772 i8042prt - ok
14:46:37.0545 7772 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\drivers\iaStorV.sys
14:46:37.0609 7772 iaStorV - ok
14:46:37.0770 7772 igfx (dce0b53570703cce580d066f89ef58cd) C:\Windows\system32\DRIVERS\igdkmd32.sys
14:46:38.0062 7772 igfx - ok
14:46:38.0091 7772 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
14:46:38.0142 7772 iirsp - ok
14:46:38.0176 7772 inspect (2ee3db2c1760171c6f72f2f1792a47b5) C:\Windows\system32\DRIVERS\inspect.sys
14:46:38.0223 7772 inspect - ok
14:46:38.0250 7772 IntcHdmiAddService (81486f0eb4238b65c317f97de246c4ac) C:\Windows\system32\drivers\IntcHdmi.sys
14:46:38.0305 7772 IntcHdmiAddService - ok
14:46:38.0328 7772 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
14:46:38.0381 7772 intelide - ok
14:46:38.0410 7772 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
14:46:38.0469 7772 intelppm - ok
14:46:38.0502 7772 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:46:38.0578 7772 IpFilterDriver - ok
14:46:38.0606 7772 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
14:46:38.0666 7772 IPMIDRV - ok
14:46:38.0693 7772 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
14:46:38.0774 7772 IPNAT - ok
14:46:38.0806 7772 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
14:46:38.0879 7772 IRENUM - ok
14:46:38.0903 7772 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
14:46:38.0959 7772 isapnp - ok
14:46:38.0986 7772 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
14:46:39.0044 7772 iScsiPrt - ok
14:46:39.0098 7772 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
14:46:39.0154 7772 kbdclass - ok
14:46:39.0178 7772 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
14:46:39.0233 7772 kbdhid - ok
14:46:39.0266 7772 KSecDD (412cea1aa78cc02a447f5c9e62b32ff1) C:\Windows\system32\Drivers\ksecdd.sys
14:46:39.0317 7772 KSecDD - ok
14:46:39.0346 7772 KSecPkg (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys
14:46:39.0401 7772 KSecPkg - ok
14:46:39.0441 7772 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
14:46:39.0518 7772 lltdio - ok
14:46:39.0562 7772 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
14:46:39.0618 7772 LSI_FC - ok
14:46:39.0645 7772 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
14:46:39.0698 7772 LSI_SAS - ok
14:46:39.0724 7772 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:46:39.0778 7772 LSI_SAS2 - ok
14:46:39.0802 7772 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:46:39.0856 7772 LSI_SCSI - ok
14:46:39.0882 7772 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
14:46:39.0957 7772 luafv - ok
14:46:39.0985 7772 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
14:46:40.0037 7772 megasas - ok
14:46:40.0066 7772 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
14:46:40.0123 7772 MegaSR - ok
14:46:40.0159 7772 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
14:46:40.0236 7772 Modem - ok
14:46:40.0260 7772 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
14:46:40.0322 7772 monitor - ok
14:46:40.0348 7772 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys
14:46:40.0401 7772 mouclass - ok
14:46:40.0426 7772 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
14:46:40.0484 7772 mouhid - ok
14:46:40.0508 7772 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
14:46:40.0561 7772 mountmgr - ok
14:46:40.0593 7772 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
14:46:40.0650 7772 mpio - ok
14:46:40.0674 7772 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
14:46:40.0748 7772 mpsdrv - ok
14:46:40.0776 7772 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
14:46:40.0845 7772 MRxDAV - ok
14:46:40.0869 7772 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:46:40.0932 7772 mrxsmb - ok
14:46:40.0957 7772 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:46:41.0016 7772 mrxsmb10 - ok
14:46:41.0040 7772 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:46:41.0099 7772 mrxsmb20 - ok
14:46:41.0140 7772 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\drivers\msahci.sys
14:46:41.0193 7772 msahci - ok
14:46:41.0225 7772 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\drivers\msdsm.sys
14:46:41.0288 7772 msdsm - ok
14:46:41.0328 7772 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
14:46:41.0406 7772 Msfs - ok
14:46:41.0430 7772 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
14:46:41.0505 7772 mshidkmdf - ok
14:46:41.0528 7772 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
14:46:41.0579 7772 msisadrv - ok
14:46:41.0612 7772 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
14:46:41.0688 7772 MSKSSRV - ok
14:46:41.0711 7772 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
14:46:41.0786 7772 MSPCLOCK - ok
14:46:41.0810 7772 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
14:46:41.0885 7772 MSPQM - ok
14:46:41.0914 7772 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
14:46:41.0972 7772 MsRPC - ok
14:46:42.0006 7772 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
14:46:42.0060 7772 mssmbios - ok
14:46:42.0085 7772 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
14:46:42.0162 7772 MSTEE - ok
14:46:42.0187 7772 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
14:46:42.0244 7772 MTConfig - ok
14:46:42.0269 7772 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
14:46:42.0325 7772 Mup - ok
14:46:42.0359 7772 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
14:46:42.0425 7772 NativeWifiP - ok
14:46:42.0460 7772 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
14:46:42.0532 7772 NDIS - ok
14:46:42.0557 7772 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
14:46:42.0632 7772 NdisCap - ok
14:46:42.0657 7772 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
14:46:42.0731 7772 NdisTapi - ok
14:46:42.0755 7772 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
14:46:42.0828 7772 Ndisuio - ok
14:46:42.0855 7772 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
14:46:42.0930 7772 NdisWan - ok
14:46:42.0955 7772 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
14:46:43.0027 7772 NDProxy - ok
14:46:43.0051 7772 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
14:46:43.0129 7772 NetBIOS - ok
14:46:43.0156 7772 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
14:46:43.0232 7772 NetBT - ok
14:46:43.0344 7772 netw5v32 (58218ec6b61b1169cf54aab0d00f5fe2) C:\Windows\system32\DRIVERS\netw5v32.sys
14:46:43.0519 7772 netw5v32 - ok
14:46:43.0648 7772 NETwNs32 (29e4f23d31fb66c7bf0014d36cf5af2a) C:\Windows\system32\DRIVERS\NETwNs32.sys
14:46:43.0903 7772 NETwNs32 - ok
14:46:43.0930 7772 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
14:46:43.0980 7772 nfrd960 - ok
14:46:44.0010 7772 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
14:46:44.0088 7772 Npfs - ok
14:46:44.0121 7772 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
14:46:44.0199 7772 nsiproxy - ok
14:46:44.0242 7772 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
14:46:44.0328 7772 Ntfs - ok
14:46:44.0353 7772 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
14:46:44.0428 7772 Null - ok
14:46:44.0453 7772 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
14:46:44.0508 7772 nvraid - ok
14:46:44.0534 7772 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
14:46:44.0585 7772 nvstor - ok
14:46:44.0611 7772 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
14:46:44.0663 7772 nv_agp - ok
14:46:44.0688 7772 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
14:46:44.0747 7772 ohci1394 - ok
14:46:44.0800 7772 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
14:46:44.0859 7772 Parport - ok
14:46:44.0883 7772 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
14:46:44.0935 7772 partmgr - ok
14:46:44.0960 7772 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
14:46:45.0017 7772 Parvdm - ok
14:46:45.0044 7772 PBADRV (4088c1ecd1f54281a92fa663b0fdc36f) C:\Windows\system32\DRIVERS\PBADRV.sys
14:46:45.0092 7772 PBADRV - ok
14:46:45.0124 7772 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
14:46:45.0180 7772 pci - ok
14:46:45.0204 7772 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
14:46:45.0257 7772 pciide - ok
14:46:45.0286 7772 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
14:46:45.0344 7772 pcmcia - ok
14:46:45.0369 7772 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
14:46:45.0422 7772 pcw - ok
14:46:45.0454 7772 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
14:46:45.0542 7772 PEAUTH - ok
14:46:45.0637 7772 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
14:46:45.0714 7772 PptpMiniport - ok
14:46:45.0740 7772 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
14:46:45.0798 7772 Processor - ok
14:46:45.0838 7772 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
14:46:45.0916 7772 Psched - ok
14:46:45.0942 7772 PxHelp20 (40fedd328f98245ad201cf5f9f311724) C:\Windows\system32\Drivers\PxHelp20.sys
14:46:45.0993 7772 PxHelp20 - ok
14:46:46.0040 7772 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
14:46:46.0132 7772 ql2300 - ok
14:46:46.0158 7772 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
14:46:46.0212 7772 ql40xx - ok
14:46:46.0246 7772 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
14:46:46.0305 7772 QWAVEdrv - ok
14:46:46.0330 7772 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
14:46:46.0403 7772 RasAcd - ok
14:46:46.0430 7772 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
14:46:46.0504 7772 RasAgileVpn - ok
14:46:46.0536 7772 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:46:46.0613 7772 Rasl2tp - ok
14:46:46.0644 7772 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
14:46:46.0722 7772 RasPppoe - ok
14:46:46.0750 7772 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
14:46:46.0825 7772 RasSstp - ok
14:46:46.0852 7772 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
14:46:46.0931 7772 rdbss - ok
14:46:46.0956 7772 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
14:46:47.0020 7772 rdpbus - ok
14:46:47.0044 7772 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:46:47.0119 7772 RDPCDD - ok
14:46:47.0152 7772 RDPDISPM (a862a3a8d7d2d75bdc41b556325e9876) C:\Windows\system32\DRIVERS\rdpdispm.sys
14:46:47.0205 7772 RDPDISPM - ok
14:46:47.0233 7772 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
14:46:47.0291 7772 RDPDR - ok
14:46:47.0317 7772 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
14:46:47.0393 7772 RDPENCDD - ok
14:46:47.0426 7772 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
14:46:47.0502 7772 RDPREFMP - ok
14:46:47.0528 7772 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys
14:46:47.0604 7772 RDPWD - ok
14:46:47.0633 7772 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
14:46:47.0689 7772 rdyboost - ok
14:46:47.0730 7772 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
14:46:47.0800 7772 RFCOMM - ok
14:46:47.0826 7772 rimmptsk (df672613fbbcd58c38bb0bc2694bcfb0) C:\Windows\system32\DRIVERS\rimmptsk.sys
14:46:47.0886 7772 rimmptsk - ok
14:46:47.0944 7772 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
14:46:48.0036 7772 rspndr - ok
14:46:48.0060 7772 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
14:46:48.0121 7772 s3cap - ok
14:46:48.0153 7772 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
14:46:48.0207 7772 sbp2port - ok
14:46:48.0237 7772 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
14:46:48.0309 7772 scfilter - ok
14:46:48.0346 7772 sdbus (0328be1c7f1cba23848179f8762e391c) C:\Windows\system32\drivers\sdbus.sys
14:46:48.0409 7772 sdbus - ok
14:46:48.0441 7772 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
14:46:48.0518 7772 secdrv - ok
14:46:48.0566 7772 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
14:46:48.0633 7772 Serenum - ok
14:46:48.0659 7772 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
14:46:48.0719 7772 Serial - ok
14:46:48.0744 7772 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
14:46:48.0803 7772 sermouse - ok
14:46:48.0874 7772 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
14:46:48.0938 7772 sffdisk - ok
14:46:48.0962 7772 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
14:46:49.0020 7772 sffp_mmc - ok
14:46:49.0044 7772 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
14:46:49.0104 7772 sffp_sd - ok
14:46:49.0130 7772 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
14:46:49.0189 7772 sfloppy - ok
14:46:49.0229 7772 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
14:46:49.0280 7772 sisagp - ok
14:46:49.0306 7772 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:46:49.0357 7772 SiSRaid2 - ok
14:46:49.0382 7772 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
14:46:49.0437 7772 SiSRaid4 - ok
14:46:49.0463 7772 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
14:46:49.0545 7772 Smb - ok
14:46:49.0590 7772 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
14:46:49.0642 7772 spldr - ok
14:46:49.0694 7772 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
14:46:49.0760 7772 srv - ok
14:46:49.0792 7772 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
14:46:49.0854 7772 srv2 - ok
14:46:49.0880 7772 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
14:46:49.0943 7772 srvnet - ok
14:46:49.0987 7772 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
14:46:50.0046 7772 stexstor - ok
14:46:50.0079 7772 STHDA (2b50cfed920d4cd973adbaaad3fe704f) C:\Windows\system32\DRIVERS\stwrt.sys
14:46:50.0147 7772 STHDA - ok
14:46:50.0178 7772 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
14:46:50.0231 7772 storflt - ok
14:46:50.0262 7772 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
14:46:50.0314 7772 storvsc - ok
14:46:50.0341 7772 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
14:46:50.0392 7772 swenum - ok
14:46:50.0485 7772 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys
14:46:50.0591 7772 Tcpip - ok
14:46:50.0637 7772 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys
14:46:50.0717 7772 TCPIP6 - ok
14:46:50.0752 7772 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
14:46:50.0827 7772 tcpipreg - ok
14:46:50.0878 7772 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
14:46:50.0952 7772 TDPIPE - ok
14:46:50.0977 7772 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys
14:46:51.0053 7772 TDTCP - ok
14:46:51.0080 7772 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
14:46:51.0154 7772 tdx - ok
14:46:51.0195 7772 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
14:46:51.0246 7772 TermDD - ok
14:46:51.0314 7772 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:46:51.0389 7772 tssecsrv - ok
14:46:51.0416 7772 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
14:46:51.0476 7772 TsUsbFlt - ok
14:46:51.0502 7772 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
14:46:51.0579 7772 tunnel - ok
14:46:51.0606 7772 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
14:46:51.0659 7772 uagp35 - ok
14:46:51.0687 7772 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
14:46:51.0769 7772 udfs - ok
14:46:51.0857 7772 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
14:46:51.0912 7772 uliagpkx - ok
14:46:51.0942 7772 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys
14:46:52.0003 7772 umbus - ok
14:46:52.0030 7772 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
14:46:52.0087 7772 UmPass - ok
14:46:52.0135 7772 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
14:46:52.0201 7772 usbccgp - ok
14:46:52.0228 7772 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
14:46:52.0290 7772 usbcir - ok
14:46:52.0316 7772 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
14:46:52.0373 7772 usbehci - ok
14:46:52.0403 7772 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
14:46:52.0468 7772 usbhub - ok
14:46:52.0493 7772 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
14:46:52.0559 7772 usbohci - ok
14:46:52.0586 7772 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
14:46:52.0645 7772 usbprint - ok
14:46:52.0670 7772 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:46:52.0730 7772 USBSTOR - ok
14:46:52.0755 7772 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys
14:46:52.0814 7772 usbuhci - ok
14:46:52.0842 7772 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\System32\Drivers\usbvideo.sys
14:46:52.0905 7772 usbvideo - ok
14:46:52.0966 7772 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
14:46:53.0022 7772 vdrvroot - ok
14:46:53.0060 7772 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
14:46:53.0129 7772 vga - ok
14:46:53.0156 7772 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
14:46:53.0239 7772 VgaSave - ok
14:46:53.0271 7772 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
14:46:53.0329 7772 vhdmp - ok
14:46:53.0356 7772 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
14:46:53.0415 7772 viaagp - ok
14:46:53.0441 7772 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
14:46:53.0503 7772 ViaC7 - ok
14:46:53.0528 7772 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
14:46:53.0580 7772 viaide - ok
14:46:53.0608 7772 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
14:46:53.0664 7772 vmbus - ok
14:46:53.0689 7772 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
14:46:53.0752 7772 VMBusHID - ok
14:46:53.0784 7772 vmm (c01604eaea9c89035cff58cdb322476c) C:\Windows\system32\Drivers\vmm.sys
14:46:53.0841 7772 vmm - ok
14:46:53.0868 7772 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
14:46:53.0921 7772 volmgr - ok
14:46:53.0952 7772 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
14:46:54.0012 7772 volmgrx - ok
14:46:54.0041 7772 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
14:46:54.0100 7772 volsnap - ok
14:46:54.0129 7772 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
14:46:54.0184 7772 vsmraid - ok
14:46:54.0220 7772 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
14:46:54.0278 7772 vwifibus - ok
14:46:54.0305 7772 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
14:46:54.0367 7772 vwififlt - ok
14:46:54.0407 7772 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
14:46:54.0465 7772 WacomPen - ok
14:46:54.0492 7772 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
14:46:54.0566 7772 WANARP - ok
14:46:54.0575 7772 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
14:46:54.0647 7772 Wanarpv6 - ok
14:46:54.0684 7772 WavxDMgr (fbf43b275efc98799e76d57e5437edee) C:\Windows\system32\DRIVERS\WavxDMgr.sys
14:46:54.0709 7772 WavxDMgr ( UnsignedFile.Multi.Generic ) - warning
14:46:54.0709 7772 WavxDMgr - detected UnsignedFile.Multi.Generic (1)
14:46:54.0762 7772 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
14:46:54.0817 7772 Wd - ok
14:46:54.0853 7772 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
14:46:54.0918 7772 Wdf01000 - ok
14:46:54.0988 7772 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
14:46:55.0065 7772 WfpLwf - ok
14:46:55.0097 7772 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
14:46:55.0150 7772 WIMMount - ok
14:46:55.0239 7772 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUSB.sys
14:46:55.0300 7772 WinUsb - ok
14:46:55.0341 7772 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
14:46:55.0398 7772 WmiAcpi - ok
14:46:55.0473 7772 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
14:46:55.0552 7772 ws2ifsl - ok
14:46:55.0612 7772 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
14:46:55.0690 7772 WudfPf - ok
14:46:55.0718 7772 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:46:55.0795 7772 WUDFRd - ok
14:46:55.0862 7772 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
14:46:55.0888 7772 \Device\Harddisk0\DR0 - ok
14:46:55.0893 7772 Boot (0x1200) (d3eea8095056adc8d175c1e44610f9f1) \Device\Harddisk0\DR0\Partition0
14:46:55.0894 7772 \Device\Harddisk0\DR0\Partition0 - ok
14:46:55.0901 7772 Boot (0x1200) (bfc26e308ad7d4b8a5ba68235a54c201) \Device\Harddisk0\DR0\Partition1
14:46:55.0902 7772 \Device\Harddisk0\DR0\Partition1 - ok
14:46:55.0904 7772 ============================================================
14:46:55.0904 7772 Scan finished
14:46:55.0904 7772 ============================================================
14:46:55.0918 7580 Detected object count: 2
14:46:55.0918 7580 Actual detected object count: 2
14:47:05.0134 7580 fanio ( UnsignedFile.Multi.Generic ) - skipped by user
14:47:05.0134 7580 fanio ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:47:05.0134 7580 WavxDMgr ( UnsignedFile.Multi.Generic ) - skipped by user
14:47:05.0134 7580 WavxDMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:47:07.0638 5560 Deinitialize success
Kontrolu MBAM jsem dělal těsně před tím, než jsem sem poslal svůj log, našel jen dva objekty, oba jsem do ingnore listu, je to internetová herna pokru, viz obrázek (omlouvám se, ale jako text mi to odtamtud nejde dostat).
- Přílohy
-
- MBAM.PNG (4.79 KiB) Zobrazeno 763 x
Re: Comodo nahlásilo Malware
OK, tohle staci
PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
- Pokud mate Win XP spustte pod uctem Spravce\Administratora
- Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
- Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
- Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
- Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
- Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
- Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
- Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Comodo nahlásilo Malware
Tak s Combofixem je potíž, zkoušel jsem to několikrát, vždy se někde zasekne a dál ani ťuk.
Žádný log nevygeneruje
Záseky:
Dokončena fáze_5
Dokončena fáze_5
Pak jsem to spustil se zapnutým firewallem a antivirem - Dokončena fáze_48
Poté jsem zas vše vypnul - Dokončena fáze_48
Dokončena fáze_4
Dokončena fáze_4
Vždy jsem čekal tak 30min, pokud se to nehlo tak restart a promazání neznámých složek na C: a další pokus.
Co s tím? Do reinstallu se mi ale vůbec nechce.
Žádný log nevygeneruje
Záseky:
Dokončena fáze_5
Dokončena fáze_5
Pak jsem to spustil se zapnutým firewallem a antivirem - Dokončena fáze_48
Poté jsem zas vše vypnul - Dokončena fáze_48
Dokončena fáze_4
Dokončena fáze_4
Vždy jsem čekal tak 30min, pokud se to nehlo tak restart a promazání neznámých složek na C: a další pokus.
Co s tím? Do reinstallu se mi ale vůbec nechce.
Re: Comodo nahlásilo Malware
Prihlaste se do nouzoveho rezimu (restart PC, mackat F8, zvolit Stav nouze s praci v siti) a zkuste spustit CF tady"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Comodo nahlásilo Malware
Přiznám se, že mě to napadlo, ale nedovolil jsem si to sám od sebe, bál jsem se, aby to něco neprovedlo.
Hlásilo to funkční rezident od Gdata security a Comodo Firewall, nepřišel sem na to, jak to v nouzáku vypnout, ale log to udělalo.
ComboFix 12-01-05.01 - nofu 05.01.2012 20:14:06.7.2 - x86 MINIMAL
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2960.1750 [GMT 1:00]
Spuštěný z: c:\users\nofu\Desktop\ComboFix.exe
AV: G Data InternetSecurity 2012 *Enabled/Updated* {39B780B4-63C2-05B0-3B40-8F7A21E4F496}
FW: COMODO Firewall *Enabled* {4D6F75E0-14AF-2E9E-AACD-24CDCF08AA2A}
SP: COMODO Defense+ *Enabled/Updated* {CE351521-78FA-2048-BB22-B68A4A5CA7EC}
SP: G Data InternetSecurity 2012 *Enabled/Updated* {82D66150-45F8-0A3E-01F0-B4085A63BE2B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\tcpview\tcpview.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-05 do 2012-01-05 )))))))))))))))))))))))))))))))
.
.
2012-01-05 19:19 . 2012-01-05 19:20 -------- d-----w- c:\users\nofu\AppData\Local\temp
2012-01-05 19:19 . 2012-01-05 19:19 -------- d-----w- c:\users\postgres\AppData\Local\temp
2012-01-05 19:19 . 2012-01-05 19:19 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-05 19:14 . 2012-01-05 19:14 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5F29856E-F9F5-473F-834E-E1C7E943DF6C}\offreg.dll
2012-01-04 22:46 . 2012-01-04 23:00 -------- d-----w- c:\program files\trend micro
2012-01-04 22:46 . 2012-01-04 22:46 -------- d-----w- C:\rsit
2012-01-04 22:46 . 2012-01-04 22:46 -------- d-----w- c:\program files\RSIT
2012-01-04 20:32 . 2012-01-04 20:32 -------- d-----w- c:\users\nofu\AppData\Roaming\Malwarebytes
2012-01-04 20:32 . 2012-01-04 20:32 -------- d-----w- c:\programdata\Malwarebytes
2012-01-04 20:32 . 2012-01-04 20:32 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-01-04 20:32 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-04 20:30 . 2012-01-04 21:20 -------- d-----w- c:\programdata\CPA_VA
2012-01-04 20:22 . 2012-01-04 20:22 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2012-01-04 20:04 . 2012-01-04 20:04 -------- d-----w- c:\program files\Microsoft Synchronization Services
2012-01-04 20:03 . 2012-01-04 20:03 -------- d-----w- c:\program files\Microsoft Sync Framework
2012-01-04 20:03 . 2012-01-04 20:03 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2012-01-04 20:01 . 2012-01-04 20:01 -------- d-----w- c:\program files\Microsoft Analysis Services
2012-01-04 20:01 . 2012-01-04 20:01 -------- d-----w- c:\users\nofu\AppData\Local\Microsoft Help
2012-01-04 20:00 . 2012-01-04 23:04 -------- d-----w- c:\programdata\Microsoft Help
2012-01-03 08:03 . 2011-11-21 10:47 6823496 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5F29856E-F9F5-473F-834E-E1C7E943DF6C}\mpengine.dll
2011-12-28 20:37 . 2011-12-28 20:37 -------- d-----w- c:\users\nofu\AppData\Local\Windows Live Writer
2011-12-28 20:37 . 2011-12-28 20:37 -------- d-----w- c:\users\nofu\AppData\Roaming\Windows Live Writer
2011-12-21 13:26 . 2011-12-22 10:36 43992 ----a-w- c:\program files\Mozilla Firefox\mozutils.dll
2011-12-21 13:26 . 2011-12-21 13:26 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll
2011-12-21 13:26 . 2011-12-21 13:26 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll
2011-12-21 13:26 . 2011-12-21 13:26 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll
2011-12-17 22:22 . 2011-12-18 11:09 -------- d-----w- C:\WP7-Update-Cab-Sender
2011-12-14 10:12 . 2011-11-24 04:25 2342912 ----a-w- c:\windows\system32\win32k.sys
2011-12-14 10:12 . 2011-11-05 04:26 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-14 10:12 . 2011-10-26 04:28 38912 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-14 10:12 . 2011-10-15 05:38 534528 ----a-w- c:\windows\system32\EncDec.dll
2011-12-14 10:12 . 2011-10-26 04:47 3967856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-12-14 10:12 . 2011-10-26 04:47 3912560 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-12-07 07:05 . 2011-12-07 07:05 239168 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-12-07 07:05 . 2011-12-07 07:06 -------- d-----w- c:\program files\DAEMON Tools Lite
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-05 19:09 . 2010-09-24 18:14 0 ----a-w- c:\users\nofu\AppData\Local\WavXMapDrive.bat
2011-12-28 20:15 . 2011-03-28 17:36 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-12-19 18:59 . 2010-09-10 21:40 82400 ----a-w- c:\windows\system32\drivers\inspect.sys
2011-12-19 18:59 . 2010-09-10 21:40 39640 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2011-12-19 18:59 . 2010-09-10 21:40 491816 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2011-12-19 18:59 . 2010-09-10 21:40 19600 ----a-w- c:\windows\system32\drivers\cmderd.sys
2011-12-19 18:58 . 2011-10-21 18:44 33984 ----a-w- c:\windows\system32\cmdcsr.dll
2011-12-19 18:58 . 2010-09-10 21:41 301224 ----a-w- c:\windows\system32\guard32.dll
2011-11-09 09:34 . 2010-09-25 13:47 30256 ----a-w- c:\windows\system32\drivers\GRD.sys
2011-11-09 09:21 . 2011-11-09 09:21 49016 ----a-w- c:\windows\system32\drivers\PktIcpt.sys
2011-11-09 09:21 . 2010-09-24 23:43 41336 ----a-w- c:\windows\system32\drivers\HookCentre.sys
2011-11-09 09:21 . 2010-09-24 23:43 79992 ----a-w- c:\windows\system32\drivers\MiniIcpt.sys
2011-11-09 09:21 . 2010-09-24 23:43 40440 ----a-w- c:\windows\system32\drivers\GDBehave.sys
2011-11-09 09:21 . 2010-09-24 23:43 54648 ----a-w- c:\windows\system32\drivers\gdwfpcd32.sys
2011-11-09 09:21 . 2011-11-09 09:21 29400 ----a-w- c:\windows\system32\drivers\GdNetMon32.sys
2011-10-23 14:05 . 2011-10-23 14:04 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-21 22:55 . 2011-10-21 22:55 192768 ----a-w- c:\programdata\Microsoft\VPDExpress\10.0\1033\ResourceCache.dll
2008-10-28 10:41 . 2010-09-24 17:15 238896 ----a-w- c:\program files\mozilla firefox\plugins\CrazyTalk4Native.dll
2008-10-28 10:41 . 2010-09-24 17:15 210320 ----a-w- c:\program files\mozilla firefox\plugins\ctdomemhelper.dll
2008-10-28 10:41 . 2010-09-24 17:15 83248 ----a-w- c:\program files\mozilla firefox\plugins\ctframeplayerobject.dll
2008-10-28 10:41 . 2010-09-24 17:15 431512 ----a-w- c:\program files\mozilla firefox\plugins\ctplayerobject.dll
2008-10-28 10:41 . 2010-09-24 17:15 464176 ----a-w- c:\program files\mozilla firefox\plugins\imagickrt.dll
2008-10-28 10:41 . 2010-09-24 17:15 144688 ----a-w- c:\program files\mozilla firefox\plugins\rlcontentclass.dll
2008-10-28 10:41 . 2010-09-24 17:15 210224 ----a-w- c:\program files\mozilla firefox\plugins\RLMusicPacker.dll
2008-10-28 10:41 . 2010-09-24 17:15 111920 ----a-w- c:\program files\mozilla firefox\plugins\RLMusicUnpacker.dll
2008-10-28 10:41 . 2010-09-24 17:15 218416 ----a-w- c:\program files\mozilla firefox\plugins\RLVoicePacker.dll
2008-10-28 10:41 . 2010-09-24 17:15 173360 ----a-w- c:\program files\mozilla firefox\plugins\RLVoiceUnpacker.dll
2011-12-22 10:36 . 2011-03-22 17:51 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnabledUnlockedFDEIconOverlay]
@="{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}"
[HKEY_CLASSES_ROOT\CLSID\{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}]
2010-03-29 10:45 62832 ----a-w- c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2011-11-11 08:41 323584 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2011-11-11 08:41 323584 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2011-11-11 08:41 323584 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2011-11-11 08:41 323584 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UninitializedFdeIconOverlay]
@="{CF08DA3E-C97D-4891-A66B-E39B28DD270F}"
[HKEY_CLASSES_ROOT\CLSID\{CF08DA3E-C97D-4891-A66B-E39B28DD270F}]
2010-03-29 10:45 62832 ----a-w- c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SugarSync"="c:\program files\SugarSync\SugarSyncManager.exe" [2011-11-11 12210176]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-11-10 3514176]
"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2011-07-21 718720]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"picon"="c:\program files\Common Files\Intel\Privacy Icon\PIconStartup.exe" [2010-08-05 111640]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2010-03-09 495708]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2010-02-17 278528]
"Dell Webcam Central"="c:\program files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2010-06-18 462991]
"WavXMgr"="c:\program files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe" [2010-07-21 147840]
"USCService"="c:\program files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe" [2010-06-22 34232]
"KeePass 2 PreLoad"="c:\program files\KeePass Password Safe 2\KeePass.exe" [2011-07-12 1764352]
"G Data AntiVirus Tray Application"="c:\program files\G Data AntiVirus\AVKTray\AVKTray.exe" [2011-08-19 921096]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-09-16 497648]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-12-21 6676808]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2011-09-05 36760]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2011-09-05 2904984]
"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2011-08-05 159456]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-04 137752]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-04 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-04 172568]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
.
c:\users\nofu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
EvernoteClipper.lnk - c:\program files\Evernote\Evernote\EvernoteClipper.exe [2011-12-2 1000288]
Miranda IM.lnk - c:\program files\Miranda IM\miranda32.exe [2012-1-1 820309]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Bluetooth Software\BTTray.exe [2009-8-11 795936]
Dell System Manager.lnk - c:\program files\Dell\Dell System Manager\DCPSysMgr.exe [2010-8-24 1458032]
TdmNotify.lnk - c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmNotify.exe [2010-3-29 132456]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"Backup_DisableCAD"= undefined
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\guard32.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
Authentication Packages REG_MULTI_SZ msv1_0 wvauth
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2010-03-13 13:54 91520 ----a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess]
2011-07-21 22:07 718720 ----a-w- c:\program files\Microsoft Office\Office14\MSOSYNC.EXE
.
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2011-12-19 491816]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2011-12-19 39640]
R1 fanio;FanIO driver;c:\windows\system32\drivers\fanio.sys [2007-02-16 14464]
R1 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys [2011-11-09 79992]
R1 gdwfpcd;G DATA WFP CD;c:\windows\system32\drivers\gdwfpcd32.sys [2011-11-09 54648]
R1 GRD;G Data Rootkit Detector Driver;c:\windows\system32\drivers\GRD.sys [2011-11-09 30256]
R1 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys [2011-11-09 41336]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\program files\HWiNFO32\HWiNFO32.SYS [2011-08-23 21112]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_d511891fb5bff1e2\aestsrv.exe [2009-03-03 81920]
R2 AVKProxy;G Data AntiVirus Proxy;c:\program files\Common Files\G Data\AVKProxy\AVKProxy.exe [2011-11-04 1499656]
R2 AVKService;G Data Scheduler;c:\program files\G Data AntiVirus\AVK\AVKService.exe [2011-03-07 380408]
R2 AVKWCtl;G Data Filesystem Monitor;c:\program files\G Data AntiVirus\AVK\AVKWCtl.exe [2011-10-28 1554184]
R2 buttonsvc32;Dell ControlPoint Button Service;c:\program files\Dell\Dell ControlPoint\DCPButtonSvc.exe [2009-11-20 278304]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 Credential Vault Host Control Service;Credential Vault Host Control Service;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [2010-03-23 812448]
R2 Credential Vault Host Storage;Credential Vault Host Storage;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [2010-03-23 27040]
R2 dcpsysmgrsvc;Dell System Manager Service;c:\program files\Dell\Dell System Manager\DCPSysMgrSvc.exe [2010-08-24 388464]
R2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\TeamViewer_Service.exe [2010-09-21 1957672]
R2 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [2010-12-07 2228008]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2010-08-05 2062872]
R3 acpials;Filtr zařízení ALS Sensor;c:\windows\system32\DRIVERS\acpials.sys [2009-07-13 7680]
R3 Axtmvflt;Axesstel USB Filter Service;c:\windows\system32\DRIVERS\Axtmvflt.sys [2007-03-22 3456]
R3 Axtmvmdm;Axesstel USB Modem;c:\windows\system32\DRIVERS\Axtmvmdm.sys [2007-03-26 40064]
R3 Axtmvprt;Axesstel Diagnostic Port;c:\windows\system32\Drivers\Axtmvprt.sys [2007-03-26 38784]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-11-09 29472]
R3 CtAudDrv;Provides advanced audio effects for audio devices.;c:\windows\system32\Drivers\CtAudDrv.sys [2009-05-28 134144]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2010-06-07 146272]
R3 cvusbdrv;Dell ControlVault;c:\windows\system32\Drivers\cvusbdrv.sys [2009-11-03 33832]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y6232.sys [2009-06-12 221912]
R3 GdNetMon;G Data Network Monitor;c:\windows\system32\drivers\GdNetMon32.sys [2011-11-09 29400]
R3 GDPkIcpt;GDPkIcpt;c:\windows\system32\drivers\PktIcpt.sys [2011-11-09 49016]
R3 GDScan;G Data Scanner;c:\program files\Common Files\G Data\GDScan\GDScan.exe [2011-10-28 457536]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2010-03-15 127488]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 NETwNs32;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 32 Bit;c:\windows\system32\DRIVERS\NETwNs32.sys [2010-07-14 6814720]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 postgresql-8.4;postgresql-8.4;C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N postgresql-8.4 -D M:/PostgreSQL -w [x]
R3 RDPDISPM;RDPDISPM;c:\windows\system32\DRIVERS\rdpdispm.sys [2010-09-25 9040]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-08-12 1343400]
R3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\Zune\WMZuneComm.exe [2011-08-05 268512]
S0 GDBehave;GDBehave;c:\windows\system32\drivers\GDBehave.sys [2011-11-09 40440]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-12-07 239168]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - PXHELP20
.
Obsah adresáře 'Naplánované úlohy'
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
uSearchURL,(Default) = hxxp://search.daum.net/search?nil_profile=ie&ref_code=ms&q=%s
IE: Add to Evernote 4.0 - c:\program files\Evernote\Evernote\EvernoteIE.dll/204
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MIF5BA~1\Office14\ONBttnIE.dll/105
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\Bluetooth Software\btsendto_ie.htm
IE: {{A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://c:\program files\Evernote\Evernote\EvernoteIE.dll/204
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\nofu\AppData\Roaming\Mozilla\Firefox\Profiles\s0obompx.default\
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-SpiderOak - c:\program files\SpiderOak\SpiderOak.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\postgresql-8.4]
"ImagePath"="C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"M:/PostgreSQL\" -w"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\postgresql-8.4]
"ImagePath"="C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"M:/PostgreSQL\" -w"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3396857090-585563195-1133047154-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-3396857090-585563195-1133047154-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\RNG*]
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(456)
c:\windows\system32\wvauth.DLL
.
Celkový čas: 2012-01-05 20:22:28
ComboFix-quarantined-files.txt 2012-01-05 19:22
.
Před spuštěním: Volných bajtů: 79 596 478 464
Po spuštění: Volných bajtů: 79 412 150 272
.
- - End Of File - - AB73C2F10A4282445FFCE6B9B9E9BF93
Hlásilo to funkční rezident od Gdata security a Comodo Firewall, nepřišel sem na to, jak to v nouzáku vypnout, ale log to udělalo.
ComboFix 12-01-05.01 - nofu 05.01.2012 20:14:06.7.2 - x86 MINIMAL
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2960.1750 [GMT 1:00]
Spuštěný z: c:\users\nofu\Desktop\ComboFix.exe
AV: G Data InternetSecurity 2012 *Enabled/Updated* {39B780B4-63C2-05B0-3B40-8F7A21E4F496}
FW: COMODO Firewall *Enabled* {4D6F75E0-14AF-2E9E-AACD-24CDCF08AA2A}
SP: COMODO Defense+ *Enabled/Updated* {CE351521-78FA-2048-BB22-B68A4A5CA7EC}
SP: G Data InternetSecurity 2012 *Enabled/Updated* {82D66150-45F8-0A3E-01F0-B4085A63BE2B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\tcpview\tcpview.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-05 do 2012-01-05 )))))))))))))))))))))))))))))))
.
.
2012-01-05 19:19 . 2012-01-05 19:20 -------- d-----w- c:\users\nofu\AppData\Local\temp
2012-01-05 19:19 . 2012-01-05 19:19 -------- d-----w- c:\users\postgres\AppData\Local\temp
2012-01-05 19:19 . 2012-01-05 19:19 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-05 19:14 . 2012-01-05 19:14 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5F29856E-F9F5-473F-834E-E1C7E943DF6C}\offreg.dll
2012-01-04 22:46 . 2012-01-04 23:00 -------- d-----w- c:\program files\trend micro
2012-01-04 22:46 . 2012-01-04 22:46 -------- d-----w- C:\rsit
2012-01-04 22:46 . 2012-01-04 22:46 -------- d-----w- c:\program files\RSIT
2012-01-04 20:32 . 2012-01-04 20:32 -------- d-----w- c:\users\nofu\AppData\Roaming\Malwarebytes
2012-01-04 20:32 . 2012-01-04 20:32 -------- d-----w- c:\programdata\Malwarebytes
2012-01-04 20:32 . 2012-01-04 20:32 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-01-04 20:32 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-04 20:30 . 2012-01-04 21:20 -------- d-----w- c:\programdata\CPA_VA
2012-01-04 20:22 . 2012-01-04 20:22 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2012-01-04 20:04 . 2012-01-04 20:04 -------- d-----w- c:\program files\Microsoft Synchronization Services
2012-01-04 20:03 . 2012-01-04 20:03 -------- d-----w- c:\program files\Microsoft Sync Framework
2012-01-04 20:03 . 2012-01-04 20:03 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2012-01-04 20:01 . 2012-01-04 20:01 -------- d-----w- c:\program files\Microsoft Analysis Services
2012-01-04 20:01 . 2012-01-04 20:01 -------- d-----w- c:\users\nofu\AppData\Local\Microsoft Help
2012-01-04 20:00 . 2012-01-04 23:04 -------- d-----w- c:\programdata\Microsoft Help
2012-01-03 08:03 . 2011-11-21 10:47 6823496 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5F29856E-F9F5-473F-834E-E1C7E943DF6C}\mpengine.dll
2011-12-28 20:37 . 2011-12-28 20:37 -------- d-----w- c:\users\nofu\AppData\Local\Windows Live Writer
2011-12-28 20:37 . 2011-12-28 20:37 -------- d-----w- c:\users\nofu\AppData\Roaming\Windows Live Writer
2011-12-21 13:26 . 2011-12-22 10:36 43992 ----a-w- c:\program files\Mozilla Firefox\mozutils.dll
2011-12-21 13:26 . 2011-12-21 13:26 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll
2011-12-21 13:26 . 2011-12-21 13:26 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll
2011-12-21 13:26 . 2011-12-21 13:26 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll
2011-12-17 22:22 . 2011-12-18 11:09 -------- d-----w- C:\WP7-Update-Cab-Sender
2011-12-14 10:12 . 2011-11-24 04:25 2342912 ----a-w- c:\windows\system32\win32k.sys
2011-12-14 10:12 . 2011-11-05 04:26 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-14 10:12 . 2011-10-26 04:28 38912 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-14 10:12 . 2011-10-15 05:38 534528 ----a-w- c:\windows\system32\EncDec.dll
2011-12-14 10:12 . 2011-10-26 04:47 3967856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-12-14 10:12 . 2011-10-26 04:47 3912560 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-12-07 07:05 . 2011-12-07 07:05 239168 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-12-07 07:05 . 2011-12-07 07:06 -------- d-----w- c:\program files\DAEMON Tools Lite
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-05 19:09 . 2010-09-24 18:14 0 ----a-w- c:\users\nofu\AppData\Local\WavXMapDrive.bat
2011-12-28 20:15 . 2011-03-28 17:36 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-12-19 18:59 . 2010-09-10 21:40 82400 ----a-w- c:\windows\system32\drivers\inspect.sys
2011-12-19 18:59 . 2010-09-10 21:40 39640 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2011-12-19 18:59 . 2010-09-10 21:40 491816 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2011-12-19 18:59 . 2010-09-10 21:40 19600 ----a-w- c:\windows\system32\drivers\cmderd.sys
2011-12-19 18:58 . 2011-10-21 18:44 33984 ----a-w- c:\windows\system32\cmdcsr.dll
2011-12-19 18:58 . 2010-09-10 21:41 301224 ----a-w- c:\windows\system32\guard32.dll
2011-11-09 09:34 . 2010-09-25 13:47 30256 ----a-w- c:\windows\system32\drivers\GRD.sys
2011-11-09 09:21 . 2011-11-09 09:21 49016 ----a-w- c:\windows\system32\drivers\PktIcpt.sys
2011-11-09 09:21 . 2010-09-24 23:43 41336 ----a-w- c:\windows\system32\drivers\HookCentre.sys
2011-11-09 09:21 . 2010-09-24 23:43 79992 ----a-w- c:\windows\system32\drivers\MiniIcpt.sys
2011-11-09 09:21 . 2010-09-24 23:43 40440 ----a-w- c:\windows\system32\drivers\GDBehave.sys
2011-11-09 09:21 . 2010-09-24 23:43 54648 ----a-w- c:\windows\system32\drivers\gdwfpcd32.sys
2011-11-09 09:21 . 2011-11-09 09:21 29400 ----a-w- c:\windows\system32\drivers\GdNetMon32.sys
2011-10-23 14:05 . 2011-10-23 14:04 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-21 22:55 . 2011-10-21 22:55 192768 ----a-w- c:\programdata\Microsoft\VPDExpress\10.0\1033\ResourceCache.dll
2008-10-28 10:41 . 2010-09-24 17:15 238896 ----a-w- c:\program files\mozilla firefox\plugins\CrazyTalk4Native.dll
2008-10-28 10:41 . 2010-09-24 17:15 210320 ----a-w- c:\program files\mozilla firefox\plugins\ctdomemhelper.dll
2008-10-28 10:41 . 2010-09-24 17:15 83248 ----a-w- c:\program files\mozilla firefox\plugins\ctframeplayerobject.dll
2008-10-28 10:41 . 2010-09-24 17:15 431512 ----a-w- c:\program files\mozilla firefox\plugins\ctplayerobject.dll
2008-10-28 10:41 . 2010-09-24 17:15 464176 ----a-w- c:\program files\mozilla firefox\plugins\imagickrt.dll
2008-10-28 10:41 . 2010-09-24 17:15 144688 ----a-w- c:\program files\mozilla firefox\plugins\rlcontentclass.dll
2008-10-28 10:41 . 2010-09-24 17:15 210224 ----a-w- c:\program files\mozilla firefox\plugins\RLMusicPacker.dll
2008-10-28 10:41 . 2010-09-24 17:15 111920 ----a-w- c:\program files\mozilla firefox\plugins\RLMusicUnpacker.dll
2008-10-28 10:41 . 2010-09-24 17:15 218416 ----a-w- c:\program files\mozilla firefox\plugins\RLVoicePacker.dll
2008-10-28 10:41 . 2010-09-24 17:15 173360 ----a-w- c:\program files\mozilla firefox\plugins\RLVoiceUnpacker.dll
2011-12-22 10:36 . 2011-03-22 17:51 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnabledUnlockedFDEIconOverlay]
@="{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}"
[HKEY_CLASSES_ROOT\CLSID\{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}]
2010-03-29 10:45 62832 ----a-w- c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2011-11-11 08:41 323584 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2011-11-11 08:41 323584 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2011-11-11 08:41 323584 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2011-11-11 08:41 323584 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UninitializedFdeIconOverlay]
@="{CF08DA3E-C97D-4891-A66B-E39B28DD270F}"
[HKEY_CLASSES_ROOT\CLSID\{CF08DA3E-C97D-4891-A66B-E39B28DD270F}]
2010-03-29 10:45 62832 ----a-w- c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SugarSync"="c:\program files\SugarSync\SugarSyncManager.exe" [2011-11-11 12210176]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-11-10 3514176]
"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2011-07-21 718720]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"picon"="c:\program files\Common Files\Intel\Privacy Icon\PIconStartup.exe" [2010-08-05 111640]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2010-03-09 495708]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2010-02-17 278528]
"Dell Webcam Central"="c:\program files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2010-06-18 462991]
"WavXMgr"="c:\program files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe" [2010-07-21 147840]
"USCService"="c:\program files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe" [2010-06-22 34232]
"KeePass 2 PreLoad"="c:\program files\KeePass Password Safe 2\KeePass.exe" [2011-07-12 1764352]
"G Data AntiVirus Tray Application"="c:\program files\G Data AntiVirus\AVKTray\AVKTray.exe" [2011-08-19 921096]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-09-16 497648]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-12-21 6676808]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2011-09-05 36760]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2011-09-05 2904984]
"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2011-08-05 159456]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-04 137752]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-04 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-04 172568]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
.
c:\users\nofu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
EvernoteClipper.lnk - c:\program files\Evernote\Evernote\EvernoteClipper.exe [2011-12-2 1000288]
Miranda IM.lnk - c:\program files\Miranda IM\miranda32.exe [2012-1-1 820309]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Bluetooth Software\BTTray.exe [2009-8-11 795936]
Dell System Manager.lnk - c:\program files\Dell\Dell System Manager\DCPSysMgr.exe [2010-8-24 1458032]
TdmNotify.lnk - c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmNotify.exe [2010-3-29 132456]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"Backup_DisableCAD"= undefined
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\guard32.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
Authentication Packages REG_MULTI_SZ msv1_0 wvauth
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2010-03-13 13:54 91520 ----a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess]
2011-07-21 22:07 718720 ----a-w- c:\program files\Microsoft Office\Office14\MSOSYNC.EXE
.
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2011-12-19 491816]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2011-12-19 39640]
R1 fanio;FanIO driver;c:\windows\system32\drivers\fanio.sys [2007-02-16 14464]
R1 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys [2011-11-09 79992]
R1 gdwfpcd;G DATA WFP CD;c:\windows\system32\drivers\gdwfpcd32.sys [2011-11-09 54648]
R1 GRD;G Data Rootkit Detector Driver;c:\windows\system32\drivers\GRD.sys [2011-11-09 30256]
R1 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys [2011-11-09 41336]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\program files\HWiNFO32\HWiNFO32.SYS [2011-08-23 21112]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_d511891fb5bff1e2\aestsrv.exe [2009-03-03 81920]
R2 AVKProxy;G Data AntiVirus Proxy;c:\program files\Common Files\G Data\AVKProxy\AVKProxy.exe [2011-11-04 1499656]
R2 AVKService;G Data Scheduler;c:\program files\G Data AntiVirus\AVK\AVKService.exe [2011-03-07 380408]
R2 AVKWCtl;G Data Filesystem Monitor;c:\program files\G Data AntiVirus\AVK\AVKWCtl.exe [2011-10-28 1554184]
R2 buttonsvc32;Dell ControlPoint Button Service;c:\program files\Dell\Dell ControlPoint\DCPButtonSvc.exe [2009-11-20 278304]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 Credential Vault Host Control Service;Credential Vault Host Control Service;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [2010-03-23 812448]
R2 Credential Vault Host Storage;Credential Vault Host Storage;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [2010-03-23 27040]
R2 dcpsysmgrsvc;Dell System Manager Service;c:\program files\Dell\Dell System Manager\DCPSysMgrSvc.exe [2010-08-24 388464]
R2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\TeamViewer_Service.exe [2010-09-21 1957672]
R2 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [2010-12-07 2228008]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2010-08-05 2062872]
R3 acpials;Filtr zařízení ALS Sensor;c:\windows\system32\DRIVERS\acpials.sys [2009-07-13 7680]
R3 Axtmvflt;Axesstel USB Filter Service;c:\windows\system32\DRIVERS\Axtmvflt.sys [2007-03-22 3456]
R3 Axtmvmdm;Axesstel USB Modem;c:\windows\system32\DRIVERS\Axtmvmdm.sys [2007-03-26 40064]
R3 Axtmvprt;Axesstel Diagnostic Port;c:\windows\system32\Drivers\Axtmvprt.sys [2007-03-26 38784]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-11-09 29472]
R3 CtAudDrv;Provides advanced audio effects for audio devices.;c:\windows\system32\Drivers\CtAudDrv.sys [2009-05-28 134144]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2010-06-07 146272]
R3 cvusbdrv;Dell ControlVault;c:\windows\system32\Drivers\cvusbdrv.sys [2009-11-03 33832]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y6232.sys [2009-06-12 221912]
R3 GdNetMon;G Data Network Monitor;c:\windows\system32\drivers\GdNetMon32.sys [2011-11-09 29400]
R3 GDPkIcpt;GDPkIcpt;c:\windows\system32\drivers\PktIcpt.sys [2011-11-09 49016]
R3 GDScan;G Data Scanner;c:\program files\Common Files\G Data\GDScan\GDScan.exe [2011-10-28 457536]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2010-03-15 127488]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 NETwNs32;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 32 Bit;c:\windows\system32\DRIVERS\NETwNs32.sys [2010-07-14 6814720]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 postgresql-8.4;postgresql-8.4;C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N postgresql-8.4 -D M:/PostgreSQL -w [x]
R3 RDPDISPM;RDPDISPM;c:\windows\system32\DRIVERS\rdpdispm.sys [2010-09-25 9040]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-08-12 1343400]
R3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\Zune\WMZuneComm.exe [2011-08-05 268512]
S0 GDBehave;GDBehave;c:\windows\system32\drivers\GDBehave.sys [2011-11-09 40440]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-12-07 239168]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - PXHELP20
.
Obsah adresáře 'Naplánované úlohy'
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
uSearchURL,(Default) = hxxp://search.daum.net/search?nil_profile=ie&ref_code=ms&q=%s
IE: Add to Evernote 4.0 - c:\program files\Evernote\Evernote\EvernoteIE.dll/204
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MIF5BA~1\Office14\ONBttnIE.dll/105
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\Bluetooth Software\btsendto_ie.htm
IE: {{A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://c:\program files\Evernote\Evernote\EvernoteIE.dll/204
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\nofu\AppData\Roaming\Mozilla\Firefox\Profiles\s0obompx.default\
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-SpiderOak - c:\program files\SpiderOak\SpiderOak.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\postgresql-8.4]
"ImagePath"="C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"M:/PostgreSQL\" -w"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\postgresql-8.4]
"ImagePath"="C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"M:/PostgreSQL\" -w"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3396857090-585563195-1133047154-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-3396857090-585563195-1133047154-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\RNG*]
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(456)
c:\windows\system32\wvauth.DLL
.
Celkový čas: 2012-01-05 20:22:28
ComboFix-quarantined-files.txt 2012-01-05 19:22
.
Před spuštěním: Volných bajtů: 79 596 478 464
Po spuštění: Volných bajtů: 79 412 150 272
.
- - End Of File - - AB73C2F10A4282445FFCE6B9B9E9BF93
Re: Comodo nahlásilo Malware
Pokud nemate, tak presunte Combofix na plochu
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
KillAll:: Registry: [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"=- "DAEMON Tools Lite"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AdobeAAMUpdater-1.0"=- "AdobeCS5ServiceManager"=- "SwitchBoard"=- "Adobe ARM"=- "Adobe Acrobat Speed Launcher"=- "Acrobat Assistant 8.0"=- "SunJavaUpdateSched"=- DDS:: uSearchURL,(Default) = hxxp://search.daum.net/search?nil_profi ... code=ms&q=%s RegLock:: [HKEY_USERS\S-1-5-21-3396857090-585563195-1133047154-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] [HKEY_USERS\S-1-5-21-3396857090-585563195-1133047154-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\RNG*] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] RegNull:: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\RNG*] ClearJavaCache:: Reboot::- Ulozte vytvoreny TXT jako CFScript.txt
- Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
- Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte
Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Comodo nahlásilo Malware
Zase jsem musel do Stavu nouze, předtím jsem to jednou neúspěšně spustil v "normálních" windows, snad to nevadí.
Přikládám log:
ComboFix 12-01-05.01 - nofu 06.01.2012 21:09:00.9.2 - x86 MINIMAL
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2960.1944 [GMT 1:00]
SpuÜtýnř z: c:\users\nofu\Desktop\ComboFix.exe
Pou×itÚ ovlßdacÝ p°epÝnaŔe :: c:\users\nofu\Desktop\CFScript.txt
AV: G Data InternetSecurity 2012 *Disabled/Updated* {39B780B4-63C2-05B0-3B40-8F7A21E4F496}
FW: COMODO Firewall *Disabled* {4D6F75E0-14AF-2E9E-AACD-24CDCF08AA2A}
SP: COMODO Defense+ *Disabled/Updated* {CE351521-78FA-2048-BB22-B68A4A5CA7EC}
SP: G Data InternetSecurity 2012 *Disabled/Updated* {82D66150-45F8-0A3E-01F0-B4085A63BE2B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvo°en novř Bod ObnovenÝ
.
.
((((((((((((((((((((((((( Soubory vytvo°enÚ od 2011-12-06 do 2012-01-06 )))))))))))))))))))))))))))))))
.
.
2012-01-06 20:14 . 2012-01-06 20:14 -------- d-----w- c:\users\postgres\AppData\Local\temp
2012-01-06 20:14 . 2012-01-06 20:14 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-06 20:09 . 2012-01-06 20:09 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{665656F3-454C-4CBA-9BC5-237C83A28941}\offreg.dll
2012-01-06 17:11 . 2011-11-21 10:47 6823496 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{665656F3-454C-4CBA-9BC5-237C83A28941}\mpengine.dll
2012-01-05 19:22 . 2012-01-06 20:16 -------- d-----w- c:\users\nofu\AppData\Local\temp
2012-01-04 22:46 . 2012-01-04 23:00 -------- d-----w- c:\program files\trend micro
2012-01-04 22:46 . 2012-01-04 22:46 -------- d-----w- C:\rsit
2012-01-04 22:46 . 2012-01-04 22:46 -------- d-----w- c:\program files\RSIT
2012-01-04 20:32 . 2012-01-04 20:32 -------- d-----w- c:\users\nofu\AppData\Roaming\Malwarebytes
2012-01-04 20:32 . 2012-01-04 20:32 -------- d-----w- c:\programdata\Malwarebytes
2012-01-04 20:32 . 2012-01-04 20:32 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-01-04 20:32 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-04 20:30 . 2012-01-04 21:20 -------- d-----w- c:\programdata\CPA_VA
2012-01-04 20:22 . 2012-01-04 20:22 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2012-01-04 20:04 . 2012-01-04 20:04 -------- d-----w- c:\program files\Microsoft Synchronization Services
2012-01-04 20:03 . 2012-01-04 20:03 -------- d-----w- c:\program files\Microsoft Sync Framework
2012-01-04 20:03 . 2012-01-04 20:03 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2012-01-04 20:01 . 2012-01-04 20:01 -------- d-----w- c:\program files\Microsoft Analysis Services
2012-01-04 20:01 . 2012-01-04 20:01 -------- d-----w- c:\users\nofu\AppData\Local\Microsoft Help
2012-01-04 20:00 . 2012-01-05 22:38 -------- d-----w- c:\programdata\Microsoft Help
2011-12-28 20:37 . 2011-12-28 20:37 -------- d-----w- c:\users\nofu\AppData\Local\Windows Live Writer
2011-12-28 20:37 . 2011-12-28 20:37 -------- d-----w- c:\users\nofu\AppData\Roaming\Windows Live Writer
2011-12-17 22:22 . 2011-12-18 11:09 -------- d-----w- C:\WP7-Update-Cab-Sender
2011-12-14 10:12 . 2011-11-24 04:25 2342912 ----a-w- c:\windows\system32\win32k.sys
2011-12-14 10:12 . 2011-11-05 04:26 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-14 10:12 . 2011-10-26 04:28 38912 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-14 10:12 . 2011-10-15 05:38 534528 ----a-w- c:\windows\system32\EncDec.dll
2011-12-14 10:12 . 2011-10-26 04:47 3967856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-12-14 10:12 . 2011-10-26 04:47 3912560 ----a-w- c:\windows\system32\ntoskrnl.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M vřpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-06 20:15 . 2010-09-24 18:14 0 ----a-w- c:\users\nofu\AppData\Local\WavXMapDrive.bat
2011-12-28 20:15 . 2011-03-28 17:36 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-12-19 18:59 . 2010-09-10 21:40 82400 ----a-w- c:\windows\system32\drivers\inspect.sys
2011-12-19 18:59 . 2010-09-10 21:40 39640 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2011-12-19 18:59 . 2010-09-10 21:40 491816 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2011-12-19 18:59 . 2010-09-10 21:40 19600 ----a-w- c:\windows\system32\drivers\cmderd.sys
2011-12-19 18:58 . 2011-10-21 18:44 33984 ----a-w- c:\windows\system32\cmdcsr.dll
2011-12-19 18:58 . 2010-09-10 21:41 301224 ----a-w- c:\windows\system32\guard32.dll
2011-12-07 07:05 . 2011-12-07 07:05 239168 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-11-09 09:34 . 2010-09-25 13:47 30256 ----a-w- c:\windows\system32\drivers\GRD.sys
2011-11-09 09:21 . 2011-11-09 09:21 49016 ----a-w- c:\windows\system32\drivers\PktIcpt.sys
2011-11-09 09:21 . 2010-09-24 23:43 41336 ----a-w- c:\windows\system32\drivers\HookCentre.sys
2011-11-09 09:21 . 2010-09-24 23:43 79992 ----a-w- c:\windows\system32\drivers\MiniIcpt.sys
2011-11-09 09:21 . 2010-09-24 23:43 40440 ----a-w- c:\windows\system32\drivers\GDBehave.sys
2011-11-09 09:21 . 2010-09-24 23:43 54648 ----a-w- c:\windows\system32\drivers\gdwfpcd32.sys
2011-11-09 09:21 . 2011-11-09 09:21 29400 ----a-w- c:\windows\system32\drivers\GdNetMon32.sys
2011-10-23 14:05 . 2011-10-23 14:04 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-21 22:55 . 2011-10-21 22:55 192768 ----a-w- c:\programdata\Microsoft\VPDExpress\10.0\1033\ResourceCache.dll
2008-10-28 10:41 . 2010-09-24 17:15 238896 ----a-w- c:\program files\mozilla firefox\plugins\CrazyTalk4Native.dll
2008-10-28 10:41 . 2010-09-24 17:15 210320 ----a-w- c:\program files\mozilla firefox\plugins\ctdomemhelper.dll
2008-10-28 10:41 . 2010-09-24 17:15 83248 ----a-w- c:\program files\mozilla firefox\plugins\ctframeplayerobject.dll
2008-10-28 10:41 . 2010-09-24 17:15 431512 ----a-w- c:\program files\mozilla firefox\plugins\ctplayerobject.dll
2008-10-28 10:41 . 2010-09-24 17:15 464176 ----a-w- c:\program files\mozilla firefox\plugins\imagickrt.dll
2008-10-28 10:41 . 2010-09-24 17:15 144688 ----a-w- c:\program files\mozilla firefox\plugins\rlcontentclass.dll
2008-10-28 10:41 . 2010-09-24 17:15 210224 ----a-w- c:\program files\mozilla firefox\plugins\RLMusicPacker.dll
2008-10-28 10:41 . 2010-09-24 17:15 111920 ----a-w- c:\program files\mozilla firefox\plugins\RLMusicUnpacker.dll
2008-10-28 10:41 . 2010-09-24 17:15 218416 ----a-w- c:\program files\mozilla firefox\plugins\RLVoicePacker.dll
2008-10-28 10:41 . 2010-09-24 17:15 173360 ----a-w- c:\program files\mozilla firefox\plugins\RLVoiceUnpacker.dll
2011-12-21 07:39 . 2012-01-05 22:58 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( SpouÜtýcÝ body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznßmka* prßzdnÚ zßznamy a legitimnÝ vřchozÝ ˙daje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnabledUnlockedFDEIconOverlay]
@="{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}"
[HKEY_CLASSES_ROOT\CLSID\{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}]
2010-03-29 10:45 62832 ----a-w- c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2011-11-11 08:41 323584 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2011-11-11 08:41 323584 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2011-11-11 08:41 323584 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2011-11-11 08:41 323584 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UninitializedFdeIconOverlay]
@="{CF08DA3E-C97D-4891-A66B-E39B28DD270F}"
[HKEY_CLASSES_ROOT\CLSID\{CF08DA3E-C97D-4891-A66B-E39B28DD270F}]
2010-03-29 10:45 62832 ----a-w- c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SugarSync"="c:\program files\SugarSync\SugarSyncManager.exe" [2011-11-11 12210176]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-11-10 3514176]
"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2011-07-21 718720]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"picon"="c:\program files\Common Files\Intel\Privacy Icon\PIconStartup.exe" [2010-08-05 111640]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2010-03-09 495708]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2010-02-17 278528]
"Dell Webcam Central"="c:\program files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2010-06-18 462991]
"WavXMgr"="c:\program files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe" [2010-07-21 147840]
"USCService"="c:\program files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe" [2010-06-22 34232]
"KeePass 2 PreLoad"="c:\program files\KeePass Password Safe 2\KeePass.exe" [2011-07-12 1764352]
"G Data AntiVirus Tray Application"="c:\program files\G Data AntiVirus\AVKTray\AVKTray.exe" [2011-08-19 921096]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-09-16 497648]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-12-21 6676808]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2011-09-05 36760]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2011-09-05 2904984]
"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2011-08-05 159456]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-04 137752]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-04 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-04 172568]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
.
c:\users\nofu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
EvernoteClipper.lnk - c:\program files\Evernote\Evernote\EvernoteClipper.exe [2011-12-2 1000288]
Miranda IM.lnk - c:\program files\Miranda IM\miranda32.exe [2012-1-1 820309]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Bluetooth Software\BTTray.exe [2009-8-11 795936]
Dell System Manager.lnk - c:\program files\Dell\Dell System Manager\DCPSysMgr.exe [2010-8-24 1458032]
TdmNotify.lnk - c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmNotify.exe [2010-3-29 132456]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\guard32.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
Authentication Packages REG_MULTI_SZ msv1_0 wvauth
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2010-03-13 13:54 91520 ----a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess]
2011-07-21 22:07 718720 ----a-w- c:\program files\Microsoft Office\Office14\MSOSYNC.EXE
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 acpials;Filtr za°ÝzenÝ ALS Sensor;c:\windows\system32\DRIVERS\acpials.sys [2009-07-13 7680]
R3 Axtmvflt;Axesstel USB Filter Service;c:\windows\system32\DRIVERS\Axtmvflt.sys [2007-03-22 3456]
R3 Axtmvmdm;Axesstel USB Modem;c:\windows\system32\DRIVERS\Axtmvmdm.sys [2007-03-26 40064]
R3 Axtmvprt;Axesstel Diagnostic Port;c:\windows\system32\Drivers\Axtmvprt.sys [2007-03-26 38784]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-11-09 29472]
R3 CtAudDrv;Provides advanced audio effects for audio devices.;c:\windows\system32\Drivers\CtAudDrv.sys [2009-05-28 134144]
R3 GdNetMon;G Data Network Monitor;c:\windows\system32\drivers\GdNetMon32.sys [2011-11-09 29400]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series ľ ovladaŔ adaptÚru pro 32bitovř systÚm Windows Vista;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 postgresql-8.4;postgresql-8.4;C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N postgresql-8.4 -D M:/PostgreSQL -w [x]
R3 RDPDISPM;RDPDISPM;c:\windows\system32\DRIVERS\rdpdispm.sys [2010-09-25 9040]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Slu×ba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-08-12 1343400]
R3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\Zune\WMZuneComm.exe [2011-08-05 268512]
S0 GDBehave;GDBehave;c:\windows\system32\drivers\GDBehave.sys [2011-11-09 40440]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2011-12-19 491816]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2011-12-19 39640]
S1 fanio;FanIO driver;c:\windows\system32\drivers\fanio.sys [2007-02-16 14464]
S1 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys [2011-11-09 79992]
S1 gdwfpcd;G DATA WFP CD;c:\windows\system32\drivers\gdwfpcd32.sys [2011-11-09 54648]
S1 GRD;G Data Rootkit Detector Driver;c:\windows\system32\drivers\GRD.sys [2011-11-09 30256]
S1 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys [2011-11-09 41336]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\program files\HWiNFO32\HWiNFO32.SYS [2011-08-23 21112]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_d511891fb5bff1e2\aestsrv.exe [2009-03-03 81920]
S2 AVKProxy;G Data AntiVirus Proxy;c:\program files\Common Files\G Data\AVKProxy\AVKProxy.exe [2011-11-04 1499656]
S2 AVKService;G Data Scheduler;c:\program files\G Data AntiVirus\AVK\AVKService.exe [2011-03-07 380408]
S2 AVKWCtl;G Data Filesystem Monitor;c:\program files\G Data AntiVirus\AVK\AVKWCtl.exe [2011-10-28 1554184]
S2 buttonsvc32;Dell ControlPoint Button Service;c:\program files\Dell\Dell ControlPoint\DCPButtonSvc.exe [2009-11-20 278304]
S2 Credential Vault Host Control Service;Credential Vault Host Control Service;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [2010-03-23 812448]
S2 Credential Vault Host Storage;Credential Vault Host Storage;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [2010-03-23 27040]
S2 dcpsysmgrsvc;Dell System Manager Service;c:\program files\Dell\Dell System Manager\DCPSysMgrSvc.exe [2010-08-24 388464]
S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\TeamViewer_Service.exe [2010-09-21 1957672]
S2 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [2010-12-07 2228008]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2010-08-05 2062872]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2010-06-07 146272]
S3 cvusbdrv;Dell ControlVault;c:\windows\system32\Drivers\cvusbdrv.sys [2009-11-03 33832]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-12-07 239168]
S3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y6232.sys [2009-06-12 221912]
S3 GDPkIcpt;GDPkIcpt;c:\windows\system32\drivers\PktIcpt.sys [2011-11-09 49016]
S3 GDScan;G Data Scanner;c:\program files\Common Files\G Data\GDScan\GDScan.exe [2011-10-28 457536]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2010-03-15 127488]
S3 NETwNs32;___ OvladaŔ adaptÚru °ady Intel(R) Wireless WiFi Link 5000 pro systÚm Windows 7 32 Bit;c:\windows\system32\DRIVERS\NETwNs32.sys [2010-07-14 6814720]
.
.
.
------- Dopl˛kovř sken -------
.
uStart Page = hxxp://www.google.cz/
uSearchURL,(Default) = hxxp://search.daum.net/search?nil_profile=ie&ref_code=ms&q=%s
IE: Add to Evernote 4.0 - c:\program files\Evernote\Evernote\EvernoteIE.dll/204
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MIF5BA~1\Office14\ONBttnIE.dll/105
IE: Odeslat obrßzek do za°ÝzenÝ &Bluetooth... - c:\program files\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat strßnku do za°ÝzenÝ &Bluetooth... - c:\program files\Bluetooth Software\btsendto_ie.htm
IE: {{A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://c:\program files\Evernote\Evernote\EvernoteIE.dll/204
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\nofu\AppData\Roaming\Mozilla\Firefox\Profiles\asrujalv.default\
FF - prefs.js: browser.startup.homepage - google.cz
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\postgresql-8.4]
"ImagePath"="C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"M:/PostgreSQL\" -w"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\postgresql-8.4]
"ImagePath"="C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"M:/PostgreSQL\" -w"
.
--------------------- Knihovny navßzanÚ na bý×ÝcÝ procesy ---------------------
.
- - - - - - - > 'lsass.exe'(548)
c:\windows\system32\guard32.dll
c:\windows\system32\wvauth.DLL
c:\program files\Wave Systems Corp\Common\CryptoManager.dll
c:\windows\system32\tcg15.dll
c:\program files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\Tsp1.dll
c:\windows\system32\wclient14.dll
c:\program files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\TspPopup_ENU.dll
c:\windows\system32\BioAPI100.dll
c:\windows\system32\BIOAPI_MDS300.dll
c:\windows\system32\BIPDll.dll
.
- - - - - - - > 'Explorer.exe'(7620)
c:\windows\system32\guard32.dll
c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll
c:\program files\SugarSync\SugarSyncShellExt.dll
c:\program files\Bluetooth Software\btmmhook.dll
c:\program files\Bluetooth Software\btncopy.dll
.
------------------------ JinÚ spuÜtenÚ procesy ------------------------
.
c:\program files\COMODO\COMODO Internet Security\cmdagent.exe
c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_d511891fb5bff1e2\STacSV.exe
c:\windows\system32\WUDFHost.exe
c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
c:\program files\Bluetooth Software\btwdins.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\DellTPad\ApMsgFwd.exe
c:\program files\DellTPad\HidFind.exe
c:\program files\DellTPad\Apntex.exe
c:\windows\system32\conhost.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\system32\igfxext.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe
c:\program files\Intel\AMT\LMS.exe
c:\windows\system32\sppsvc.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
.
**************************************************************************
.
Celkovř Ŕas: 2012-01-06 21:21:50 - poŔÝtaŔ byl restartovßn
ComboFix-quarantined-files.txt 2012-01-06 20:21
ComboFix2.txt 2012-01-05 19:22
.
P°ed spuÜtýnÝm: Volnřch bajt¨: 79á255á322á624
Po spuÜtýnÝ: Volnřch bajt¨: 79á040á073á728
.
- - End Of File - - C955F4438DD833D88A132EA999DF2AF0
Přikládám log:
ComboFix 12-01-05.01 - nofu 06.01.2012 21:09:00.9.2 - x86 MINIMAL
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2960.1944 [GMT 1:00]
SpuÜtýnř z: c:\users\nofu\Desktop\ComboFix.exe
Pou×itÚ ovlßdacÝ p°epÝnaŔe :: c:\users\nofu\Desktop\CFScript.txt
AV: G Data InternetSecurity 2012 *Disabled/Updated* {39B780B4-63C2-05B0-3B40-8F7A21E4F496}
FW: COMODO Firewall *Disabled* {4D6F75E0-14AF-2E9E-AACD-24CDCF08AA2A}
SP: COMODO Defense+ *Disabled/Updated* {CE351521-78FA-2048-BB22-B68A4A5CA7EC}
SP: G Data InternetSecurity 2012 *Disabled/Updated* {82D66150-45F8-0A3E-01F0-B4085A63BE2B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvo°en novř Bod ObnovenÝ
.
.
((((((((((((((((((((((((( Soubory vytvo°enÚ od 2011-12-06 do 2012-01-06 )))))))))))))))))))))))))))))))
.
.
2012-01-06 20:14 . 2012-01-06 20:14 -------- d-----w- c:\users\postgres\AppData\Local\temp
2012-01-06 20:14 . 2012-01-06 20:14 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-06 20:09 . 2012-01-06 20:09 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{665656F3-454C-4CBA-9BC5-237C83A28941}\offreg.dll
2012-01-06 17:11 . 2011-11-21 10:47 6823496 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{665656F3-454C-4CBA-9BC5-237C83A28941}\mpengine.dll
2012-01-05 19:22 . 2012-01-06 20:16 -------- d-----w- c:\users\nofu\AppData\Local\temp
2012-01-04 22:46 . 2012-01-04 23:00 -------- d-----w- c:\program files\trend micro
2012-01-04 22:46 . 2012-01-04 22:46 -------- d-----w- C:\rsit
2012-01-04 22:46 . 2012-01-04 22:46 -------- d-----w- c:\program files\RSIT
2012-01-04 20:32 . 2012-01-04 20:32 -------- d-----w- c:\users\nofu\AppData\Roaming\Malwarebytes
2012-01-04 20:32 . 2012-01-04 20:32 -------- d-----w- c:\programdata\Malwarebytes
2012-01-04 20:32 . 2012-01-04 20:32 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-01-04 20:32 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-04 20:30 . 2012-01-04 21:20 -------- d-----w- c:\programdata\CPA_VA
2012-01-04 20:22 . 2012-01-04 20:22 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2012-01-04 20:04 . 2012-01-04 20:04 -------- d-----w- c:\program files\Microsoft Synchronization Services
2012-01-04 20:03 . 2012-01-04 20:03 -------- d-----w- c:\program files\Microsoft Sync Framework
2012-01-04 20:03 . 2012-01-04 20:03 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2012-01-04 20:01 . 2012-01-04 20:01 -------- d-----w- c:\program files\Microsoft Analysis Services
2012-01-04 20:01 . 2012-01-04 20:01 -------- d-----w- c:\users\nofu\AppData\Local\Microsoft Help
2012-01-04 20:00 . 2012-01-05 22:38 -------- d-----w- c:\programdata\Microsoft Help
2011-12-28 20:37 . 2011-12-28 20:37 -------- d-----w- c:\users\nofu\AppData\Local\Windows Live Writer
2011-12-28 20:37 . 2011-12-28 20:37 -------- d-----w- c:\users\nofu\AppData\Roaming\Windows Live Writer
2011-12-17 22:22 . 2011-12-18 11:09 -------- d-----w- C:\WP7-Update-Cab-Sender
2011-12-14 10:12 . 2011-11-24 04:25 2342912 ----a-w- c:\windows\system32\win32k.sys
2011-12-14 10:12 . 2011-11-05 04:26 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-14 10:12 . 2011-10-26 04:28 38912 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-14 10:12 . 2011-10-15 05:38 534528 ----a-w- c:\windows\system32\EncDec.dll
2011-12-14 10:12 . 2011-10-26 04:47 3967856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-12-14 10:12 . 2011-10-26 04:47 3912560 ----a-w- c:\windows\system32\ntoskrnl.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M vřpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-06 20:15 . 2010-09-24 18:14 0 ----a-w- c:\users\nofu\AppData\Local\WavXMapDrive.bat
2011-12-28 20:15 . 2011-03-28 17:36 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-12-19 18:59 . 2010-09-10 21:40 82400 ----a-w- c:\windows\system32\drivers\inspect.sys
2011-12-19 18:59 . 2010-09-10 21:40 39640 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2011-12-19 18:59 . 2010-09-10 21:40 491816 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2011-12-19 18:59 . 2010-09-10 21:40 19600 ----a-w- c:\windows\system32\drivers\cmderd.sys
2011-12-19 18:58 . 2011-10-21 18:44 33984 ----a-w- c:\windows\system32\cmdcsr.dll
2011-12-19 18:58 . 2010-09-10 21:41 301224 ----a-w- c:\windows\system32\guard32.dll
2011-12-07 07:05 . 2011-12-07 07:05 239168 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-11-09 09:34 . 2010-09-25 13:47 30256 ----a-w- c:\windows\system32\drivers\GRD.sys
2011-11-09 09:21 . 2011-11-09 09:21 49016 ----a-w- c:\windows\system32\drivers\PktIcpt.sys
2011-11-09 09:21 . 2010-09-24 23:43 41336 ----a-w- c:\windows\system32\drivers\HookCentre.sys
2011-11-09 09:21 . 2010-09-24 23:43 79992 ----a-w- c:\windows\system32\drivers\MiniIcpt.sys
2011-11-09 09:21 . 2010-09-24 23:43 40440 ----a-w- c:\windows\system32\drivers\GDBehave.sys
2011-11-09 09:21 . 2010-09-24 23:43 54648 ----a-w- c:\windows\system32\drivers\gdwfpcd32.sys
2011-11-09 09:21 . 2011-11-09 09:21 29400 ----a-w- c:\windows\system32\drivers\GdNetMon32.sys
2011-10-23 14:05 . 2011-10-23 14:04 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-21 22:55 . 2011-10-21 22:55 192768 ----a-w- c:\programdata\Microsoft\VPDExpress\10.0\1033\ResourceCache.dll
2008-10-28 10:41 . 2010-09-24 17:15 238896 ----a-w- c:\program files\mozilla firefox\plugins\CrazyTalk4Native.dll
2008-10-28 10:41 . 2010-09-24 17:15 210320 ----a-w- c:\program files\mozilla firefox\plugins\ctdomemhelper.dll
2008-10-28 10:41 . 2010-09-24 17:15 83248 ----a-w- c:\program files\mozilla firefox\plugins\ctframeplayerobject.dll
2008-10-28 10:41 . 2010-09-24 17:15 431512 ----a-w- c:\program files\mozilla firefox\plugins\ctplayerobject.dll
2008-10-28 10:41 . 2010-09-24 17:15 464176 ----a-w- c:\program files\mozilla firefox\plugins\imagickrt.dll
2008-10-28 10:41 . 2010-09-24 17:15 144688 ----a-w- c:\program files\mozilla firefox\plugins\rlcontentclass.dll
2008-10-28 10:41 . 2010-09-24 17:15 210224 ----a-w- c:\program files\mozilla firefox\plugins\RLMusicPacker.dll
2008-10-28 10:41 . 2010-09-24 17:15 111920 ----a-w- c:\program files\mozilla firefox\plugins\RLMusicUnpacker.dll
2008-10-28 10:41 . 2010-09-24 17:15 218416 ----a-w- c:\program files\mozilla firefox\plugins\RLVoicePacker.dll
2008-10-28 10:41 . 2010-09-24 17:15 173360 ----a-w- c:\program files\mozilla firefox\plugins\RLVoiceUnpacker.dll
2011-12-21 07:39 . 2012-01-05 22:58 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( SpouÜtýcÝ body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznßmka* prßzdnÚ zßznamy a legitimnÝ vřchozÝ ˙daje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnabledUnlockedFDEIconOverlay]
@="{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}"
[HKEY_CLASSES_ROOT\CLSID\{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}]
2010-03-29 10:45 62832 ----a-w- c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2011-11-11 08:41 323584 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2011-11-11 08:41 323584 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2011-11-11 08:41 323584 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2011-11-11 08:41 323584 ----a-w- c:\program files\SugarSync\SugarSyncShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UninitializedFdeIconOverlay]
@="{CF08DA3E-C97D-4891-A66B-E39B28DD270F}"
[HKEY_CLASSES_ROOT\CLSID\{CF08DA3E-C97D-4891-A66B-E39B28DD270F}]
2010-03-29 10:45 62832 ----a-w- c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SugarSync"="c:\program files\SugarSync\SugarSyncManager.exe" [2011-11-11 12210176]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-11-10 3514176]
"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2011-07-21 718720]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"picon"="c:\program files\Common Files\Intel\Privacy Icon\PIconStartup.exe" [2010-08-05 111640]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2010-03-09 495708]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2010-02-17 278528]
"Dell Webcam Central"="c:\program files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2010-06-18 462991]
"WavXMgr"="c:\program files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe" [2010-07-21 147840]
"USCService"="c:\program files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe" [2010-06-22 34232]
"KeePass 2 PreLoad"="c:\program files\KeePass Password Safe 2\KeePass.exe" [2011-07-12 1764352]
"G Data AntiVirus Tray Application"="c:\program files\G Data AntiVirus\AVKTray\AVKTray.exe" [2011-08-19 921096]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-09-16 497648]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-12-21 6676808]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2011-09-05 36760]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2011-09-05 2904984]
"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2011-08-05 159456]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-04 137752]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-04 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-04 172568]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
.
c:\users\nofu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
EvernoteClipper.lnk - c:\program files\Evernote\Evernote\EvernoteClipper.exe [2011-12-2 1000288]
Miranda IM.lnk - c:\program files\Miranda IM\miranda32.exe [2012-1-1 820309]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Bluetooth Software\BTTray.exe [2009-8-11 795936]
Dell System Manager.lnk - c:\program files\Dell\Dell System Manager\DCPSysMgr.exe [2010-8-24 1458032]
TdmNotify.lnk - c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmNotify.exe [2010-3-29 132456]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\guard32.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
Authentication Packages REG_MULTI_SZ msv1_0 wvauth
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2010-03-13 13:54 91520 ----a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess]
2011-07-21 22:07 718720 ----a-w- c:\program files\Microsoft Office\Office14\MSOSYNC.EXE
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 acpials;Filtr za°ÝzenÝ ALS Sensor;c:\windows\system32\DRIVERS\acpials.sys [2009-07-13 7680]
R3 Axtmvflt;Axesstel USB Filter Service;c:\windows\system32\DRIVERS\Axtmvflt.sys [2007-03-22 3456]
R3 Axtmvmdm;Axesstel USB Modem;c:\windows\system32\DRIVERS\Axtmvmdm.sys [2007-03-26 40064]
R3 Axtmvprt;Axesstel Diagnostic Port;c:\windows\system32\Drivers\Axtmvprt.sys [2007-03-26 38784]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-11-09 29472]
R3 CtAudDrv;Provides advanced audio effects for audio devices.;c:\windows\system32\Drivers\CtAudDrv.sys [2009-05-28 134144]
R3 GdNetMon;G Data Network Monitor;c:\windows\system32\drivers\GdNetMon32.sys [2011-11-09 29400]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series ľ ovladaŔ adaptÚru pro 32bitovř systÚm Windows Vista;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 postgresql-8.4;postgresql-8.4;C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N postgresql-8.4 -D M:/PostgreSQL -w [x]
R3 RDPDISPM;RDPDISPM;c:\windows\system32\DRIVERS\rdpdispm.sys [2010-09-25 9040]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Slu×ba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-08-12 1343400]
R3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\Zune\WMZuneComm.exe [2011-08-05 268512]
S0 GDBehave;GDBehave;c:\windows\system32\drivers\GDBehave.sys [2011-11-09 40440]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2011-12-19 491816]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2011-12-19 39640]
S1 fanio;FanIO driver;c:\windows\system32\drivers\fanio.sys [2007-02-16 14464]
S1 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys [2011-11-09 79992]
S1 gdwfpcd;G DATA WFP CD;c:\windows\system32\drivers\gdwfpcd32.sys [2011-11-09 54648]
S1 GRD;G Data Rootkit Detector Driver;c:\windows\system32\drivers\GRD.sys [2011-11-09 30256]
S1 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys [2011-11-09 41336]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\program files\HWiNFO32\HWiNFO32.SYS [2011-08-23 21112]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_d511891fb5bff1e2\aestsrv.exe [2009-03-03 81920]
S2 AVKProxy;G Data AntiVirus Proxy;c:\program files\Common Files\G Data\AVKProxy\AVKProxy.exe [2011-11-04 1499656]
S2 AVKService;G Data Scheduler;c:\program files\G Data AntiVirus\AVK\AVKService.exe [2011-03-07 380408]
S2 AVKWCtl;G Data Filesystem Monitor;c:\program files\G Data AntiVirus\AVK\AVKWCtl.exe [2011-10-28 1554184]
S2 buttonsvc32;Dell ControlPoint Button Service;c:\program files\Dell\Dell ControlPoint\DCPButtonSvc.exe [2009-11-20 278304]
S2 Credential Vault Host Control Service;Credential Vault Host Control Service;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [2010-03-23 812448]
S2 Credential Vault Host Storage;Credential Vault Host Storage;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [2010-03-23 27040]
S2 dcpsysmgrsvc;Dell System Manager Service;c:\program files\Dell\Dell System Manager\DCPSysMgrSvc.exe [2010-08-24 388464]
S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\TeamViewer_Service.exe [2010-09-21 1957672]
S2 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [2010-12-07 2228008]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2010-08-05 2062872]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2010-06-07 146272]
S3 cvusbdrv;Dell ControlVault;c:\windows\system32\Drivers\cvusbdrv.sys [2009-11-03 33832]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-12-07 239168]
S3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y6232.sys [2009-06-12 221912]
S3 GDPkIcpt;GDPkIcpt;c:\windows\system32\drivers\PktIcpt.sys [2011-11-09 49016]
S3 GDScan;G Data Scanner;c:\program files\Common Files\G Data\GDScan\GDScan.exe [2011-10-28 457536]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2010-03-15 127488]
S3 NETwNs32;___ OvladaŔ adaptÚru °ady Intel(R) Wireless WiFi Link 5000 pro systÚm Windows 7 32 Bit;c:\windows\system32\DRIVERS\NETwNs32.sys [2010-07-14 6814720]
.
.
.
------- Dopl˛kovř sken -------
.
uStart Page = hxxp://www.google.cz/
uSearchURL,(Default) = hxxp://search.daum.net/search?nil_profile=ie&ref_code=ms&q=%s
IE: Add to Evernote 4.0 - c:\program files\Evernote\Evernote\EvernoteIE.dll/204
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MIF5BA~1\Office14\ONBttnIE.dll/105
IE: Odeslat obrßzek do za°ÝzenÝ &Bluetooth... - c:\program files\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat strßnku do za°ÝzenÝ &Bluetooth... - c:\program files\Bluetooth Software\btsendto_ie.htm
IE: {{A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://c:\program files\Evernote\Evernote\EvernoteIE.dll/204
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\nofu\AppData\Roaming\Mozilla\Firefox\Profiles\asrujalv.default\
FF - prefs.js: browser.startup.homepage - google.cz
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\postgresql-8.4]
"ImagePath"="C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"M:/PostgreSQL\" -w"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\postgresql-8.4]
"ImagePath"="C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"M:/PostgreSQL\" -w"
.
--------------------- Knihovny navßzanÚ na bý×ÝcÝ procesy ---------------------
.
- - - - - - - > 'lsass.exe'(548)
c:\windows\system32\guard32.dll
c:\windows\system32\wvauth.DLL
c:\program files\Wave Systems Corp\Common\CryptoManager.dll
c:\windows\system32\tcg15.dll
c:\program files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\Tsp1.dll
c:\windows\system32\wclient14.dll
c:\program files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\TspPopup_ENU.dll
c:\windows\system32\BioAPI100.dll
c:\windows\system32\BIOAPI_MDS300.dll
c:\windows\system32\BIPDll.dll
.
- - - - - - - > 'Explorer.exe'(7620)
c:\windows\system32\guard32.dll
c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll
c:\program files\SugarSync\SugarSyncShellExt.dll
c:\program files\Bluetooth Software\btmmhook.dll
c:\program files\Bluetooth Software\btncopy.dll
.
------------------------ JinÚ spuÜtenÚ procesy ------------------------
.
c:\program files\COMODO\COMODO Internet Security\cmdagent.exe
c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_d511891fb5bff1e2\STacSV.exe
c:\windows\system32\WUDFHost.exe
c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
c:\program files\Bluetooth Software\btwdins.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\DellTPad\ApMsgFwd.exe
c:\program files\DellTPad\HidFind.exe
c:\program files\DellTPad\Apntex.exe
c:\windows\system32\conhost.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\system32\igfxext.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe
c:\program files\Intel\AMT\LMS.exe
c:\windows\system32\sppsvc.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
.
**************************************************************************
.
Celkovř Ŕas: 2012-01-06 21:21:50 - poŔÝtaŔ byl restartovßn
ComboFix-quarantined-files.txt 2012-01-06 20:21
ComboFix2.txt 2012-01-05 19:22
.
P°ed spuÜtýnÝm: Volnřch bajt¨: 79á255á322á624
Po spuÜtýnÝ: Volnřch bajt¨: 79á040á073á728
.
- - End Of File - - C955F4438DD833D88A132EA999DF2AF0
Re: Comodo nahlásilo Malware
OK, jak se chova PC 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Comodo nahlásilo Malware
Spustit jde normálně (nebylo třeba obnovit poslední známou konfiguraci), ničeho zvláštního jsem si nevšiml, ale to ani předtím nic zvláštního nedělalo, jen že to comodo nahlásilo ten malware, tak jsem projistotu požádal o kontrolu logu.
Je možné, že se zrychlil restart počítače, ale to je s SSD těžko poznat, ale pocit takový mám.
Byl či stále počítač nějak vážně zavšiven? Mám raději změnit důležitá hesla?
EDIT: firefox se zdá výrazně svižnější
Je možné, že se zrychlil restart počítače, ale to je s SSD těžko poznat, ale pocit takový mám.
Byl či stále počítač nějak vážně zavšiven? Mám raději změnit důležitá hesla?
EDIT: firefox se zdá výrazně svižnější
Re: Comodo nahlásilo Malware
Comodo jiz nic nehlasi Zmenu hesel udelejte az zcela na zaver po ukonceni leceni Logy jiz vypadaji ciste, takze pokud nejsou problemy, muzeme uklizet"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Comodo nahlásilo Malware
Comodo to nahlásilo jen jednou, také nahlásilo že to né úplně zlikvidovalo, že mam kontaktovat ten jejich Geek buddy (bo jak se to jmenuje). Od té doby nic, nyní také nic.
Co přesně znamená uklízet? Smazat si stažené věci a to co to vytvořilo na C:\?
Co přesně znamená uklízet? Smazat si stažené věci a to co to vytvořilo na C:\?
Re: Comodo nahlásilo Malware
Odinstalujte Combofix
- Prejmenujte ComboFix na Uninstall
- Spustte jej
- Tohle smaze Combofix a jeho slozky
T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner (viz muj podpis)Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
poprosim o novy log z RSIT a napiste co PC"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Comodo nahlásilo Malware
Počítač se chová normálně, ničeho zvláštního jsem si nevšiml, jen RSIT log se povedlo vygenerovat až na druhý pokus - přikládám jej:
Logfile of random's system information tool 1.09 (written by random/random)
Run by nofu at 2012-01-07 18:30:44
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 76 GB (62%) free of 122 GB
Total RAM: 2960 MB (61% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:30:49, on 7.1.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe
C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\G Data AntiVirus\AVKTray\AVKTray.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files\Zune\ZuneLauncher.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files\Bluetooth Software\BTTray.exe
C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe
C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmNotify.exe
C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
C:\Windows\system32\igfxext.exe
C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe
C:\Program Files\RSIT\RSIT.exe
C:\Program Files\trend micro\nofu.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.daum.net/search?nil_profi ... de=ms&q=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: G Data WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G Data AntiVirus\WebFilter\AvkWebIE.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: G Data BankGuard - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files\Common Files\G Data\AVKProxy\BanksafeBHO.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: G Data WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G Data AntiVirus\WebFilter\AvkWebIE.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [picon] "C:\Program Files\Common Files\Intel\Privacy Icon\PIconStartup.exe"
O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
O4 - HKLM\..\Run: [WavXMgr] C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe
O4 - HKLM\..\Run: [USCService] C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe
O4 - HKLM\..\Run: [KeePass 2 PreLoad] "C:\Program Files\KeePass Password Safe 2\KeePass.exe" --preload
O4 - HKLM\..\Run: [G Data AntiVirus Tray Application] C:\Program Files\G Data AntiVirus\AVKTray\AVKTray.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [SugarSync] "C:\Program Files\SugarSync\SugarSyncManager.exe" -startInTray -usedelay=true
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - Startup: EvernoteClipper.lnk = C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
O4 - Startup: Miranda IM.lnk = C:\Program Files\Miranda IM\miranda32.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Dell System Manager.lnk = C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe
O4 - Global Startup: TdmNotify.lnk = C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmNotify.exe
O8 - Extra context menu item: Add to Evernote 4.0 - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: @C:\Program Files\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\System32\guard32.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_d511891fb5bff1e2\aestsrv.exe
O23 - Service: G Data AntiVirus Proxy (AVKProxy) - G Data Software AG - C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe
O23 - Service: G Data Scheduler (AVKService) - G Data Software AG - C:\Program Files\G Data AntiVirus\AVK\AVKService.exe
O23 - Service: G Data Filesystem Monitor (AVKWCtl) - G Data Software AG - C:\Program Files\G Data AntiVirus\AVK\AVKWCtl.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Bluetooth Software\btwdins.exe
O23 - Service: Dell ControlPoint Button Service (buttonsvc32) - Dell Inc. - C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Credential Vault Host Control Service - Broadcom Corporation - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
O23 - Service: Credential Vault Host Storage - Broadcom Corporation - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
O23 - Service: Dell System Manager Service (dcpsysmgrsvc) - Dell Inc. - C:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe
O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Program Files\Common Files\G Data\GDScan\GDScan.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\AMT\LMS.exe
O23 - Service: postgresql-8.4 - PostgreSQL Global Development Group - C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe
O23 - Service: SecureStorageService - Wave Systems Corp. - C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_d511891fb5bff1e2\STacSV.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: NTRU TSS v1.2.1.29 TCS (tcsd_win32.exe) - Unknown owner - C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
O23 - Service: TdmService - Wave Systems Corp. - C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
--
End of file - 13030 bytes
=========Mozilla firefox=========
ProfilePath - C:\Users\nofu\AppData\Roaming\Mozilla\Firefox\Profiles\asrujalv.default
prefs.js - "browser.startup.homepage" - "google.cz"
"{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}"=C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
"web2pdfextension@web2pdf.adobedotcom"=C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18]
"Description"=Veetle TV Core
"Path"=C:\Program Files\Veetle\plugins\npVeetle.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18]
"Description"=Veetle TV Player
"Path"=C:\Program Files\Veetle\Player\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{906305f7-aafc-45e9-8bbd-941950a84dad}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{9AA46F4F-4DC7-4c06-97AF-5035170633FE}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsRLCT4Player.xpt
C:\Program Files\Mozilla Firefox\plugins\
CrazyTalk4Native.dll
ctdomemhelper.dll
ctframeplayerobject.dll
ctplayerobject.dll
imagickrt.dll
np-mswmp.dll
npContribute.dll
npdeployJava1.dll
nppdf32.DEU
nppdf32.dll
nppdf32.FRA
npRLCT4Player.dll
rlcontentclass.dll
RLMusicPacker.dll
RLMusicUnpacker.dll
RLVoicePacker.dll
RLVoiceUnpacker.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\nofu\AppData\Roaming\Mozilla\Firefox\Profiles\asrujalv.default\extensions\
foxmarks@kei.com
keefox@chris.tomlinson
{d37dc5d0-431d-44e5-8c91-49419370caa1}
{ea614400-e918-4741-9a97-7a972ff7c30b}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0124123D-61B4-456f-AF86-78C53A0790C5}]
G Data WebFilter - C:\Program Files\G Data AntiVirus\WebFilter\AvkWebIE.dll [2011-03-07 576504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074C1DC5-9320-4A9A-947D-C042949C6216}]
ContributeBHO Class - C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27 164312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL [2011-06-12 4221328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05 339872]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA3295CF-17ED-4F49-9E95-D999A0ADBFDC}]
G Data BankGuard - C:\Program Files\Common Files\G Data\AVKProxy\BanksafeBHO.dll [2011-08-10 52216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05 339872]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0124123D-61B4-456f-AF86-78C53A0790C5} - G Data WebFilter - C:\Program Files\G Data AntiVirus\WebFilter\AvkWebIE.dll [2011-03-07 576504]
{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - Contribute Toolbar - C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27 164312]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05 339872]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"picon"=C:\Program Files\Common Files\Intel\Privacy Icon\PIconStartup.exe [2010-08-05 111640]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2010-03-09 495708]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2010-02-17 278528]
"Dell Webcam Central"=C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [2010-06-18 462991]
"WavXMgr"=C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe [2010-07-21 147840]
"USCService"=C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe [2010-06-22 34232]
"KeePass 2 PreLoad"=C:\Program Files\KeePass Password Safe 2\KeePass.exe [2011-07-12 1764352]
"G Data AntiVirus Tray Application"=C:\Program Files\G Data AntiVirus\AVKTray\AVKTray.exe [2011-08-19 921096]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-09-16 497648]
"AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-07-22 402432]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2011-12-21 6676808]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"Adobe Acrobat Speed Launcher"=C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2011-09-05 36760]
"Acrobat Assistant 8.0"=C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2011-09-05 2904984]
"Zune Launcher"=C:\Program Files\Zune\ZuneLauncher.exe [2011-08-05 159456]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-03-05 137752]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-03-05 171032]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-03-05 172568]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SugarSync"=C:\Program Files\SugarSync\SugarSyncManager.exe [2011-11-11 12210176]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-10-13 17351304]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-11-10 3514176]
"OfficeSyncProcess"=C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2011-07-21 718720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess]
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2011-07-21 718720]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\Bluetooth Software\BTTray.exe
Dell System Manager.lnk - C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe
TdmNotify.lnk - C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmNotify.exe
C:\Users\nofu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
EvernoteClipper.lnk - C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
Miranda IM.lnk - C:\Program Files\Miranda IM\miranda32.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\guard32.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 228864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2011-04-24 203776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL [2011-06-12 4221328]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
wvauth
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2012-01-07 18:23:06 ----D---- C:\rsit
2012-01-06 21:20:09 ----SHD---- C:\$RECYCLE.BIN
2012-01-05 23:58:40 ----D---- C:\Users\nofu\AppData\Roaming\Mozilla
2012-01-04 23:46:31 ----D---- C:\Program Files\trend micro
2012-01-04 23:46:09 ----D---- C:\Program Files\RSIT
2012-01-04 21:32:56 ----D---- C:\Users\nofu\AppData\Roaming\Malwarebytes
2012-01-04 21:32:43 ----D---- C:\ProgramData\Malwarebytes
2012-01-04 21:32:42 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2012-01-04 21:32:42 ----A---- C:\Windows\system32\drivers\mbam.sys
2012-01-04 21:30:36 ----D---- C:\ProgramData\CPA_VA
2012-01-04 21:22:33 ----A---- C:\Windows\system32\gdiplus.dll
2012-01-04 21:04:04 ----D---- C:\Program Files\Microsoft Synchronization Services
2012-01-04 21:04:03 ----D---- C:\Program Files\Common Files\DESIGNER
2012-01-04 21:03:32 ----D---- C:\Program Files\Microsoft Sync Framework
2012-01-04 21:03:32 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2012-01-04 21:01:20 ----D---- C:\Program Files\Microsoft Analysis Services
2012-01-04 21:00:52 ----D---- C:\Program Files\Microsoft Office
2012-01-04 21:00:51 ----D---- C:\ProgramData\Microsoft Help
2011-12-28 21:37:16 ----D---- C:\Users\nofu\AppData\Roaming\Windows Live Writer
2011-12-28 18:46:08 ----A---- C:\Windows\system32\shell32.dll
2011-12-17 23:22:52 ----D---- C:\WP7-Update-Cab-Sender
2011-12-14 11:23:37 ----A---- C:\Windows\system32\mshtmled.dll
2011-12-14 11:23:36 ----A---- C:\Windows\system32\jscript.dll
2011-12-14 11:23:36 ----A---- C:\Windows\system32\iertutil.dll
2011-12-14 11:23:35 ----A---- C:\Windows\system32\jsproxy.dll
2011-12-14 11:23:35 ----A---- C:\Windows\system32\jscript9.dll
2011-12-14 11:23:34 ----A---- C:\Windows\system32\wininet.dll
2011-12-14 11:23:34 ----A---- C:\Windows\system32\url.dll
2011-12-14 11:23:34 ----A---- C:\Windows\system32\ieui.dll
2011-12-14 11:23:33 ----A---- C:\Windows\system32\urlmon.dll
2011-12-14 11:23:32 ----A---- C:\Windows\system32\mshtml.dll
2011-12-14 11:23:31 ----A---- C:\Windows\system32\ieframe.dll
2011-12-14 11:12:10 ----A---- C:\Windows\system32\win32k.sys
2011-12-14 11:12:08 ----A---- C:\Windows\system32\tzres.dll
2011-12-14 11:12:03 ----A---- C:\Windows\system32\EncDec.dll
2011-12-14 11:12:03 ----A---- C:\Windows\system32\csrsrv.dll
2011-12-14 11:12:02 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-12-14 11:12:02 ----A---- C:\Windows\system32\ntkrnlpa.exe
======List of files/folders modified in the last 1 month======
2012-01-07 18:30:45 ----D---- C:\Windows\Temp
2012-01-07 18:30:31 ----D---- C:\Users\nofu\AppData\Roaming\Skype
2012-01-07 18:29:23 ----A---- C:\Windows\system32\bipbsp_log.txt
2012-01-07 18:29:12 ----D---- C:\Windows\system32\config
2012-01-07 18:28:27 ----A---- C:\Windows\system32\log.txt
2012-01-07 18:28:16 ----D---- C:\Users\nofu\AppData\Roaming\KeePass
2012-01-07 18:23:38 ----D---- C:\Windows\System32
2012-01-07 18:23:38 ----D---- C:\Windows\inf
2012-01-07 18:23:38 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-01-07 18:18:09 ----D---- C:\Windows
2012-01-07 18:13:55 ----D---- C:\Users\nofu\AppData\Roaming\uTorrent
2012-01-07 18:13:54 ----D---- C:\Users\nofu\AppData\Roaming\Miranda
2012-01-07 18:13:53 ----D---- C:\Windows\Panther
2012-01-07 18:13:53 ----D---- C:\Windows\ModemLogs
2012-01-07 18:13:53 ----D---- C:\Windows\Logs
2012-01-07 18:13:53 ----D---- C:\Windows\debug
2012-01-07 18:12:18 ----D---- C:\Program Files\CCleaner
2012-01-07 17:59:59 ----D---- C:\Windows\Prefetch
2012-01-07 17:50:43 ----SHD---- C:\System Volume Information
2012-01-07 17:49:51 ----D---- C:\Windows\system32\drivers
2012-01-06 21:16:43 ----A---- C:\Windows\system.ini
2012-01-06 21:15:52 ----D---- C:\Windows\system32\drivers\etc
2012-01-06 21:11:53 ----D---- C:\Windows\AppPatch
2012-01-06 21:11:52 ----D---- C:\Program Files\Common Files
2012-01-05 23:58:32 ----D---- C:\Program Files\Mozilla Firefox
2012-01-05 23:38:12 ----SD---- C:\Users\nofu\AppData\Roaming\Microsoft
2012-01-05 20:21:11 ----D---- C:\Windows\Tasks
2012-01-05 20:19:27 ----D---- C:\Program Files\TCPView
2012-01-05 19:03:37 ----D---- C:\Windows\system32\catroot2
2012-01-05 01:05:26 ----D---- C:\Windows\Microsoft.NET
2012-01-05 01:05:23 ----RSD---- C:\Windows\assembly
2012-01-05 00:04:56 ----SHD---- C:\Windows\Installer
2012-01-04 23:46:31 ----RD---- C:\Program Files
2012-01-04 22:20:34 ----D---- C:\Program Files\COMODO
2012-01-04 21:32:43 ----D---- C:\ProgramData
2012-01-04 21:19:19 ----D---- C:\Program Files\OpenOffice.org 3
2012-01-04 21:07:46 ----D---- C:\Windows\winsxs
2012-01-04 21:07:28 ----D---- C:\Windows\system32\Tasks
2012-01-04 21:05:14 ----RSD---- C:\Windows\Fonts
2012-01-04 21:04:58 ----D---- C:\Program Files\Common Files\microsoft shared
2012-01-04 21:03:32 ----SD---- C:\ProgramData\Microsoft
2012-01-04 21:01:32 ----D---- C:\Windows\ShellNew
2012-01-04 20:50:30 ----D---- C:\Program Files\KeePass Password Safe 2
2012-01-02 20:31:19 ----D---- C:\Windows\system32\catroot
2012-01-01 15:07:45 ----D---- C:\Users\nofu\AppData\Roaming\FileZilla
2012-01-01 15:05:46 ----D---- C:\Program Files\FileZilla FTP Client
2011-12-31 20:23:43 ----D---- C:\Program Files\FreeRapid-0.86u1
2011-12-28 21:17:04 ----D---- C:\Program Files\Windows Live
2011-12-20 19:03:31 ----D---- C:\Program Files\Goalwin
2011-12-20 12:23:52 ----D---- C:\Program Files\Expekt Poker
2011-12-19 19:58:56 ----A---- C:\Windows\system32\cmdcsr.dll
2011-12-19 19:58:55 ----A---- C:\Windows\system32\guard32.dll
2011-12-17 23:31:32 ----D---- C:\Program Files\Zune
2011-12-16 20:11:02 ----D---- C:\Windows\rescache
2011-12-16 11:55:05 ----D---- C:\Windows\system32\NDF
2011-12-16 10:04:40 ----D---- C:\Windows\Minidump
2011-12-14 11:27:42 ----D---- C:\Windows\system32\migration
2011-12-14 11:27:42 ----D---- C:\Windows\system32\cs-CZ
2011-12-14 11:27:42 ----D---- C:\Program Files\Internet Explorer
2011-12-14 11:24:02 ----A---- C:\Windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 GDBehave;GDBehave; C:\Windows\system32\drivers\GDBehave.sys [2011-11-09 40440]
R0 PBADRV;PBADRV; C:\Windows\system32\DRIVERS\PBADRV.sys [2008-06-04 26608]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2009-07-09 45200]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2011-12-19 491816]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2011-12-19 39640]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 fanio;FanIO driver; \??\C:\Windows\system32\drivers\fanio.sys [2007-02-16 14464]
R1 GDMnIcpt;GDMnIcpt; \??\C:\Windows\system32\drivers\MiniIcpt.sys [2011-11-09 79992]
R1 gdwfpcd;G DATA WFP CD; C:\Windows\system32\drivers\gdwfpcd32.sys [2011-11-09 54648]
R1 GRD;G Data Rootkit Detector Driver; \??\C:\Windows\system32\drivers\GRD.sys [2011-11-09 30256]
R1 HookCentre;HookCentre; \??\C:\Windows\system32\drivers\HookCentre.sys [2011-11-09 41336]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Program Files\HWiNFO32\HWiNFO32.SYS [2011-08-23 21112]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2011-12-19 82400]
R1 vmm;Virtual Machine Monitor; \??\C:\Windows\system32\Drivers\vmm.sys [2011-07-19 230248]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2009-06-25 48128]
R2 WavxDMgr;WavxDMgr; C:\Windows\system32\DRIVERS\WavxDMgr.sys [2010-01-19 229888]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows x86; C:\Windows\system32\DRIVERS\Apfiltr.sys [2010-03-10 251440]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver; C:\Windows\system32\DRIVERS\CtClsFlt.sys [2010-06-07 146272]
R3 cvusbdrv;Dell ControlVault; C:\Windows\System32\Drivers\cvusbdrv.sys [2009-11-03 33832]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-12-07 239168]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y6232.sys [2009-06-12 221912]
R3 GDPkIcpt;GDPkIcpt; \??\C:\Windows\system32\drivers\PktIcpt.sys [2011-11-09 49016]
R3 HECI;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2009-06-23 40832]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2011-02-11 9036800]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2010-03-15 127488]
R3 NETwNs32;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 32 Bit; C:\Windows\system32\DRIVERS\NETwNs32.sys [2010-07-14 6814720]
R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 84992]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2010-03-09 423424]
R3 WinUsb;Ovladač WinUsb; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-20 35968]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 acpials;Filtr zařízení ALS Sensor; C:\Windows\system32\DRIVERS\acpials.sys [2009-07-14 7680]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 Axtmvflt;Axesstel USB Filter Service; C:\Windows\system32\DRIVERS\Axtmvflt.sys [2007-03-22 3456]
S3 Axtmvmdm;Axesstel USB Modem; C:\Windows\system32\DRIVERS\Axtmvmdm.sys [2007-03-26 40064]
S3 Axtmvprt;Axesstel Diagnostic Port; C:\Windows\System32\Drivers\Axtmvprt.sys [2007-03-26 38784]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-11-09 86056]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2009-11-09 108072]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-11-09 29472]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-11-09 18344]
S3 CtAudDrv;Provides advanced audio effects for audio devices.; \??\C:\Windows\system32\Drivers\CtAudDrv.sys [2009-05-28 134144]
S3 GdNetMon;G Data Network Monitor; \??\C:\Windows\system32\drivers\GdNetMon32.sys [2011-11-09 29400]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 RDPDISPM;RDPDISPM; C:\Windows\system32\DRIVERS\rdpdispm.sys [2010-09-25 9040]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_d511891fb5bff1e2\aestsrv.exe [2009-03-03 81920]
R2 AVKProxy;G Data AntiVirus Proxy; C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe [2011-11-04 1499656]
R2 AVKService;G Data Scheduler; C:\Program Files\G Data AntiVirus\AVK\AVKService.exe [2011-03-07 380408]
R2 AVKWCtl;G Data Filesystem Monitor; C:\Program Files\G Data AntiVirus\AVK\AVKWCtl.exe [2011-10-28 1554184]
R2 btwdins;Bluetooth Service; C:\Program Files\Bluetooth Software\btwdins.exe [2009-08-11 582944]
R2 buttonsvc32;Dell ControlPoint Button Service; C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe [2009-11-20 278304]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2011-12-19 1960584]
R2 Credential Vault Host Control Service;Credential Vault Host Control Service; C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [2010-03-23 812448]
R2 Credential Vault Host Storage;Credential Vault Host Storage; C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [2010-03-23 27040]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 dcpsysmgrsvc;Dell System Manager Service; C:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe [2010-08-24 388464]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_d511891fb5bff1e2\STacSV.exe [2010-03-09 229458]
R2 TdmService;TdmService; C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe [2010-03-29 1164648]
R2 TeamViewer5;TeamViewer 5; C:\Program Files\TeamViewer\TeamViewer_Service.exe [2010-09-21 1957672]
R2 TeamViewer6;TeamViewer 6; C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe [2010-12-07 2228008]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
R3 GDScan;G Data Scanner; C:\Program Files\Common Files\G Data\GDScan\GDScan.exe [2011-10-28 457536]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files\Intel\AMT\LMS.exe [2010-08-05 178712]
S2 tcsd_win32.exe;NTRU TSS v1.2.1.29 TCS; C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [2008-11-12 1273856]
S2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2010-08-05 2062872]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 postgresql-8.4;postgresql-8.4; C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N postgresql-8.4 -D M:/PostgreSQL -w []
S3 SecureStorageService;SecureStorageService; C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe [2010-02-03 1032192]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-08-12 1343400]
S3 WMZuneComm;Zune Windows Mobile Connectivity Service; C:\Program Files\Zune\WMZuneComm.exe [2011-08-05 268512]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Logfile of random's system information tool 1.09 (written by random/random)
Run by nofu at 2012-01-07 18:30:44
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 76 GB (62%) free of 122 GB
Total RAM: 2960 MB (61% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:30:49, on 7.1.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe
C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\G Data AntiVirus\AVKTray\AVKTray.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files\Zune\ZuneLauncher.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files\Bluetooth Software\BTTray.exe
C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe
C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmNotify.exe
C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
C:\Windows\system32\igfxext.exe
C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe
C:\Program Files\RSIT\RSIT.exe
C:\Program Files\trend micro\nofu.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.daum.net/search?nil_profi ... de=ms&q=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: G Data WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G Data AntiVirus\WebFilter\AvkWebIE.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: G Data BankGuard - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files\Common Files\G Data\AVKProxy\BanksafeBHO.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: G Data WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G Data AntiVirus\WebFilter\AvkWebIE.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [picon] "C:\Program Files\Common Files\Intel\Privacy Icon\PIconStartup.exe"
O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
O4 - HKLM\..\Run: [WavXMgr] C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe
O4 - HKLM\..\Run: [USCService] C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe
O4 - HKLM\..\Run: [KeePass 2 PreLoad] "C:\Program Files\KeePass Password Safe 2\KeePass.exe" --preload
O4 - HKLM\..\Run: [G Data AntiVirus Tray Application] C:\Program Files\G Data AntiVirus\AVKTray\AVKTray.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [SugarSync] "C:\Program Files\SugarSync\SugarSyncManager.exe" -startInTray -usedelay=true
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - Startup: EvernoteClipper.lnk = C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
O4 - Startup: Miranda IM.lnk = C:\Program Files\Miranda IM\miranda32.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Dell System Manager.lnk = C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe
O4 - Global Startup: TdmNotify.lnk = C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmNotify.exe
O8 - Extra context menu item: Add to Evernote 4.0 - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: @C:\Program Files\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\System32\guard32.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_d511891fb5bff1e2\aestsrv.exe
O23 - Service: G Data AntiVirus Proxy (AVKProxy) - G Data Software AG - C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe
O23 - Service: G Data Scheduler (AVKService) - G Data Software AG - C:\Program Files\G Data AntiVirus\AVK\AVKService.exe
O23 - Service: G Data Filesystem Monitor (AVKWCtl) - G Data Software AG - C:\Program Files\G Data AntiVirus\AVK\AVKWCtl.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Bluetooth Software\btwdins.exe
O23 - Service: Dell ControlPoint Button Service (buttonsvc32) - Dell Inc. - C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Credential Vault Host Control Service - Broadcom Corporation - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
O23 - Service: Credential Vault Host Storage - Broadcom Corporation - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
O23 - Service: Dell System Manager Service (dcpsysmgrsvc) - Dell Inc. - C:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe
O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Program Files\Common Files\G Data\GDScan\GDScan.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\AMT\LMS.exe
O23 - Service: postgresql-8.4 - PostgreSQL Global Development Group - C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe
O23 - Service: SecureStorageService - Wave Systems Corp. - C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_d511891fb5bff1e2\STacSV.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: NTRU TSS v1.2.1.29 TCS (tcsd_win32.exe) - Unknown owner - C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
O23 - Service: TdmService - Wave Systems Corp. - C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
--
End of file - 13030 bytes
=========Mozilla firefox=========
ProfilePath - C:\Users\nofu\AppData\Roaming\Mozilla\Firefox\Profiles\asrujalv.default
prefs.js - "browser.startup.homepage" - "google.cz"
"{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}"=C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
"web2pdfextension@web2pdf.adobedotcom"=C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18]
"Description"=Veetle TV Core
"Path"=C:\Program Files\Veetle\plugins\npVeetle.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18]
"Description"=Veetle TV Player
"Path"=C:\Program Files\Veetle\Player\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{906305f7-aafc-45e9-8bbd-941950a84dad}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{9AA46F4F-4DC7-4c06-97AF-5035170633FE}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsRLCT4Player.xpt
C:\Program Files\Mozilla Firefox\plugins\
CrazyTalk4Native.dll
ctdomemhelper.dll
ctframeplayerobject.dll
ctplayerobject.dll
imagickrt.dll
np-mswmp.dll
npContribute.dll
npdeployJava1.dll
nppdf32.DEU
nppdf32.dll
nppdf32.FRA
npRLCT4Player.dll
rlcontentclass.dll
RLMusicPacker.dll
RLMusicUnpacker.dll
RLVoicePacker.dll
RLVoiceUnpacker.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\nofu\AppData\Roaming\Mozilla\Firefox\Profiles\asrujalv.default\extensions\
foxmarks@kei.com
keefox@chris.tomlinson
{d37dc5d0-431d-44e5-8c91-49419370caa1}
{ea614400-e918-4741-9a97-7a972ff7c30b}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0124123D-61B4-456f-AF86-78C53A0790C5}]
G Data WebFilter - C:\Program Files\G Data AntiVirus\WebFilter\AvkWebIE.dll [2011-03-07 576504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074C1DC5-9320-4A9A-947D-C042949C6216}]
ContributeBHO Class - C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27 164312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL [2011-06-12 4221328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05 339872]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA3295CF-17ED-4F49-9E95-D999A0ADBFDC}]
G Data BankGuard - C:\Program Files\Common Files\G Data\AVKProxy\BanksafeBHO.dll [2011-08-10 52216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05 339872]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0124123D-61B4-456f-AF86-78C53A0790C5} - G Data WebFilter - C:\Program Files\G Data AntiVirus\WebFilter\AvkWebIE.dll [2011-03-07 576504]
{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - Contribute Toolbar - C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27 164312]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05 339872]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"picon"=C:\Program Files\Common Files\Intel\Privacy Icon\PIconStartup.exe [2010-08-05 111640]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2010-03-09 495708]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2010-02-17 278528]
"Dell Webcam Central"=C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [2010-06-18 462991]
"WavXMgr"=C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe [2010-07-21 147840]
"USCService"=C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe [2010-06-22 34232]
"KeePass 2 PreLoad"=C:\Program Files\KeePass Password Safe 2\KeePass.exe [2011-07-12 1764352]
"G Data AntiVirus Tray Application"=C:\Program Files\G Data AntiVirus\AVKTray\AVKTray.exe [2011-08-19 921096]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-09-16 497648]
"AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-07-22 402432]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2011-12-21 6676808]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"Adobe Acrobat Speed Launcher"=C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2011-09-05 36760]
"Acrobat Assistant 8.0"=C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2011-09-05 2904984]
"Zune Launcher"=C:\Program Files\Zune\ZuneLauncher.exe [2011-08-05 159456]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-03-05 137752]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-03-05 171032]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-03-05 172568]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SugarSync"=C:\Program Files\SugarSync\SugarSyncManager.exe [2011-11-11 12210176]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-10-13 17351304]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-11-10 3514176]
"OfficeSyncProcess"=C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2011-07-21 718720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess]
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2011-07-21 718720]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\Bluetooth Software\BTTray.exe
Dell System Manager.lnk - C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe
TdmNotify.lnk - C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmNotify.exe
C:\Users\nofu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
EvernoteClipper.lnk - C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
Miranda IM.lnk - C:\Program Files\Miranda IM\miranda32.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\guard32.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 228864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2011-04-24 203776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL [2011-06-12 4221328]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
wvauth
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2012-01-07 18:23:06 ----D---- C:\rsit
2012-01-06 21:20:09 ----SHD---- C:\$RECYCLE.BIN
2012-01-05 23:58:40 ----D---- C:\Users\nofu\AppData\Roaming\Mozilla
2012-01-04 23:46:31 ----D---- C:\Program Files\trend micro
2012-01-04 23:46:09 ----D---- C:\Program Files\RSIT
2012-01-04 21:32:56 ----D---- C:\Users\nofu\AppData\Roaming\Malwarebytes
2012-01-04 21:32:43 ----D---- C:\ProgramData\Malwarebytes
2012-01-04 21:32:42 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2012-01-04 21:32:42 ----A---- C:\Windows\system32\drivers\mbam.sys
2012-01-04 21:30:36 ----D---- C:\ProgramData\CPA_VA
2012-01-04 21:22:33 ----A---- C:\Windows\system32\gdiplus.dll
2012-01-04 21:04:04 ----D---- C:\Program Files\Microsoft Synchronization Services
2012-01-04 21:04:03 ----D---- C:\Program Files\Common Files\DESIGNER
2012-01-04 21:03:32 ----D---- C:\Program Files\Microsoft Sync Framework
2012-01-04 21:03:32 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2012-01-04 21:01:20 ----D---- C:\Program Files\Microsoft Analysis Services
2012-01-04 21:00:52 ----D---- C:\Program Files\Microsoft Office
2012-01-04 21:00:51 ----D---- C:\ProgramData\Microsoft Help
2011-12-28 21:37:16 ----D---- C:\Users\nofu\AppData\Roaming\Windows Live Writer
2011-12-28 18:46:08 ----A---- C:\Windows\system32\shell32.dll
2011-12-17 23:22:52 ----D---- C:\WP7-Update-Cab-Sender
2011-12-14 11:23:37 ----A---- C:\Windows\system32\mshtmled.dll
2011-12-14 11:23:36 ----A---- C:\Windows\system32\jscript.dll
2011-12-14 11:23:36 ----A---- C:\Windows\system32\iertutil.dll
2011-12-14 11:23:35 ----A---- C:\Windows\system32\jsproxy.dll
2011-12-14 11:23:35 ----A---- C:\Windows\system32\jscript9.dll
2011-12-14 11:23:34 ----A---- C:\Windows\system32\wininet.dll
2011-12-14 11:23:34 ----A---- C:\Windows\system32\url.dll
2011-12-14 11:23:34 ----A---- C:\Windows\system32\ieui.dll
2011-12-14 11:23:33 ----A---- C:\Windows\system32\urlmon.dll
2011-12-14 11:23:32 ----A---- C:\Windows\system32\mshtml.dll
2011-12-14 11:23:31 ----A---- C:\Windows\system32\ieframe.dll
2011-12-14 11:12:10 ----A---- C:\Windows\system32\win32k.sys
2011-12-14 11:12:08 ----A---- C:\Windows\system32\tzres.dll
2011-12-14 11:12:03 ----A---- C:\Windows\system32\EncDec.dll
2011-12-14 11:12:03 ----A---- C:\Windows\system32\csrsrv.dll
2011-12-14 11:12:02 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-12-14 11:12:02 ----A---- C:\Windows\system32\ntkrnlpa.exe
======List of files/folders modified in the last 1 month======
2012-01-07 18:30:45 ----D---- C:\Windows\Temp
2012-01-07 18:30:31 ----D---- C:\Users\nofu\AppData\Roaming\Skype
2012-01-07 18:29:23 ----A---- C:\Windows\system32\bipbsp_log.txt
2012-01-07 18:29:12 ----D---- C:\Windows\system32\config
2012-01-07 18:28:27 ----A---- C:\Windows\system32\log.txt
2012-01-07 18:28:16 ----D---- C:\Users\nofu\AppData\Roaming\KeePass
2012-01-07 18:23:38 ----D---- C:\Windows\System32
2012-01-07 18:23:38 ----D---- C:\Windows\inf
2012-01-07 18:23:38 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-01-07 18:18:09 ----D---- C:\Windows
2012-01-07 18:13:55 ----D---- C:\Users\nofu\AppData\Roaming\uTorrent
2012-01-07 18:13:54 ----D---- C:\Users\nofu\AppData\Roaming\Miranda
2012-01-07 18:13:53 ----D---- C:\Windows\Panther
2012-01-07 18:13:53 ----D---- C:\Windows\ModemLogs
2012-01-07 18:13:53 ----D---- C:\Windows\Logs
2012-01-07 18:13:53 ----D---- C:\Windows\debug
2012-01-07 18:12:18 ----D---- C:\Program Files\CCleaner
2012-01-07 17:59:59 ----D---- C:\Windows\Prefetch
2012-01-07 17:50:43 ----SHD---- C:\System Volume Information
2012-01-07 17:49:51 ----D---- C:\Windows\system32\drivers
2012-01-06 21:16:43 ----A---- C:\Windows\system.ini
2012-01-06 21:15:52 ----D---- C:\Windows\system32\drivers\etc
2012-01-06 21:11:53 ----D---- C:\Windows\AppPatch
2012-01-06 21:11:52 ----D---- C:\Program Files\Common Files
2012-01-05 23:58:32 ----D---- C:\Program Files\Mozilla Firefox
2012-01-05 23:38:12 ----SD---- C:\Users\nofu\AppData\Roaming\Microsoft
2012-01-05 20:21:11 ----D---- C:\Windows\Tasks
2012-01-05 20:19:27 ----D---- C:\Program Files\TCPView
2012-01-05 19:03:37 ----D---- C:\Windows\system32\catroot2
2012-01-05 01:05:26 ----D---- C:\Windows\Microsoft.NET
2012-01-05 01:05:23 ----RSD---- C:\Windows\assembly
2012-01-05 00:04:56 ----SHD---- C:\Windows\Installer
2012-01-04 23:46:31 ----RD---- C:\Program Files
2012-01-04 22:20:34 ----D---- C:\Program Files\COMODO
2012-01-04 21:32:43 ----D---- C:\ProgramData
2012-01-04 21:19:19 ----D---- C:\Program Files\OpenOffice.org 3
2012-01-04 21:07:46 ----D---- C:\Windows\winsxs
2012-01-04 21:07:28 ----D---- C:\Windows\system32\Tasks
2012-01-04 21:05:14 ----RSD---- C:\Windows\Fonts
2012-01-04 21:04:58 ----D---- C:\Program Files\Common Files\microsoft shared
2012-01-04 21:03:32 ----SD---- C:\ProgramData\Microsoft
2012-01-04 21:01:32 ----D---- C:\Windows\ShellNew
2012-01-04 20:50:30 ----D---- C:\Program Files\KeePass Password Safe 2
2012-01-02 20:31:19 ----D---- C:\Windows\system32\catroot
2012-01-01 15:07:45 ----D---- C:\Users\nofu\AppData\Roaming\FileZilla
2012-01-01 15:05:46 ----D---- C:\Program Files\FileZilla FTP Client
2011-12-31 20:23:43 ----D---- C:\Program Files\FreeRapid-0.86u1
2011-12-28 21:17:04 ----D---- C:\Program Files\Windows Live
2011-12-20 19:03:31 ----D---- C:\Program Files\Goalwin
2011-12-20 12:23:52 ----D---- C:\Program Files\Expekt Poker
2011-12-19 19:58:56 ----A---- C:\Windows\system32\cmdcsr.dll
2011-12-19 19:58:55 ----A---- C:\Windows\system32\guard32.dll
2011-12-17 23:31:32 ----D---- C:\Program Files\Zune
2011-12-16 20:11:02 ----D---- C:\Windows\rescache
2011-12-16 11:55:05 ----D---- C:\Windows\system32\NDF
2011-12-16 10:04:40 ----D---- C:\Windows\Minidump
2011-12-14 11:27:42 ----D---- C:\Windows\system32\migration
2011-12-14 11:27:42 ----D---- C:\Windows\system32\cs-CZ
2011-12-14 11:27:42 ----D---- C:\Program Files\Internet Explorer
2011-12-14 11:24:02 ----A---- C:\Windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 GDBehave;GDBehave; C:\Windows\system32\drivers\GDBehave.sys [2011-11-09 40440]
R0 PBADRV;PBADRV; C:\Windows\system32\DRIVERS\PBADRV.sys [2008-06-04 26608]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2009-07-09 45200]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2011-12-19 491816]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2011-12-19 39640]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 fanio;FanIO driver; \??\C:\Windows\system32\drivers\fanio.sys [2007-02-16 14464]
R1 GDMnIcpt;GDMnIcpt; \??\C:\Windows\system32\drivers\MiniIcpt.sys [2011-11-09 79992]
R1 gdwfpcd;G DATA WFP CD; C:\Windows\system32\drivers\gdwfpcd32.sys [2011-11-09 54648]
R1 GRD;G Data Rootkit Detector Driver; \??\C:\Windows\system32\drivers\GRD.sys [2011-11-09 30256]
R1 HookCentre;HookCentre; \??\C:\Windows\system32\drivers\HookCentre.sys [2011-11-09 41336]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Program Files\HWiNFO32\HWiNFO32.SYS [2011-08-23 21112]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2011-12-19 82400]
R1 vmm;Virtual Machine Monitor; \??\C:\Windows\system32\Drivers\vmm.sys [2011-07-19 230248]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2009-06-25 48128]
R2 WavxDMgr;WavxDMgr; C:\Windows\system32\DRIVERS\WavxDMgr.sys [2010-01-19 229888]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows x86; C:\Windows\system32\DRIVERS\Apfiltr.sys [2010-03-10 251440]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver; C:\Windows\system32\DRIVERS\CtClsFlt.sys [2010-06-07 146272]
R3 cvusbdrv;Dell ControlVault; C:\Windows\System32\Drivers\cvusbdrv.sys [2009-11-03 33832]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-12-07 239168]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y6232.sys [2009-06-12 221912]
R3 GDPkIcpt;GDPkIcpt; \??\C:\Windows\system32\drivers\PktIcpt.sys [2011-11-09 49016]
R3 HECI;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2009-06-23 40832]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2011-02-11 9036800]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2010-03-15 127488]
R3 NETwNs32;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 32 Bit; C:\Windows\system32\DRIVERS\NETwNs32.sys [2010-07-14 6814720]
R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 84992]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2010-03-09 423424]
R3 WinUsb;Ovladač WinUsb; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-20 35968]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 acpials;Filtr zařízení ALS Sensor; C:\Windows\system32\DRIVERS\acpials.sys [2009-07-14 7680]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 Axtmvflt;Axesstel USB Filter Service; C:\Windows\system32\DRIVERS\Axtmvflt.sys [2007-03-22 3456]
S3 Axtmvmdm;Axesstel USB Modem; C:\Windows\system32\DRIVERS\Axtmvmdm.sys [2007-03-26 40064]
S3 Axtmvprt;Axesstel Diagnostic Port; C:\Windows\System32\Drivers\Axtmvprt.sys [2007-03-26 38784]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-11-09 86056]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2009-11-09 108072]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-11-09 29472]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-11-09 18344]
S3 CtAudDrv;Provides advanced audio effects for audio devices.; \??\C:\Windows\system32\Drivers\CtAudDrv.sys [2009-05-28 134144]
S3 GdNetMon;G Data Network Monitor; \??\C:\Windows\system32\drivers\GdNetMon32.sys [2011-11-09 29400]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 RDPDISPM;RDPDISPM; C:\Windows\system32\DRIVERS\rdpdispm.sys [2010-09-25 9040]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_d511891fb5bff1e2\aestsrv.exe [2009-03-03 81920]
R2 AVKProxy;G Data AntiVirus Proxy; C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe [2011-11-04 1499656]
R2 AVKService;G Data Scheduler; C:\Program Files\G Data AntiVirus\AVK\AVKService.exe [2011-03-07 380408]
R2 AVKWCtl;G Data Filesystem Monitor; C:\Program Files\G Data AntiVirus\AVK\AVKWCtl.exe [2011-10-28 1554184]
R2 btwdins;Bluetooth Service; C:\Program Files\Bluetooth Software\btwdins.exe [2009-08-11 582944]
R2 buttonsvc32;Dell ControlPoint Button Service; C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe [2009-11-20 278304]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2011-12-19 1960584]
R2 Credential Vault Host Control Service;Credential Vault Host Control Service; C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [2010-03-23 812448]
R2 Credential Vault Host Storage;Credential Vault Host Storage; C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [2010-03-23 27040]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 dcpsysmgrsvc;Dell System Manager Service; C:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe [2010-08-24 388464]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_d511891fb5bff1e2\STacSV.exe [2010-03-09 229458]
R2 TdmService;TdmService; C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe [2010-03-29 1164648]
R2 TeamViewer5;TeamViewer 5; C:\Program Files\TeamViewer\TeamViewer_Service.exe [2010-09-21 1957672]
R2 TeamViewer6;TeamViewer 6; C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe [2010-12-07 2228008]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
R3 GDScan;G Data Scanner; C:\Program Files\Common Files\G Data\GDScan\GDScan.exe [2011-10-28 457536]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files\Intel\AMT\LMS.exe [2010-08-05 178712]
S2 tcsd_win32.exe;NTRU TSS v1.2.1.29 TCS; C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [2008-11-12 1273856]
S2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2010-08-05 2062872]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 postgresql-8.4;postgresql-8.4; C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N postgresql-8.4 -D M:/PostgreSQL -w []
S3 SecureStorageService;SecureStorageService; C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe [2010-02-03 1032192]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-08-12 1343400]
S3 WMZuneComm;Zune Windows Mobile Connectivity Service; C:\Program Files\Zune\WMZuneComm.exe [2011-08-05 268512]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Přispějete na provoz fóra?