Rootkit

Zpráva

Milan12300 · #1 Příspěvek od **Milan12300** » 05 úno 2012 15:27

Ahoj včera a dnes jsem opět jen tak projel PC jestli tam nejsou viry a nestačil sem se divit co všechno tam bylo

Použil sem tyto programy: SuperAntiSpyware, Malwarebytes Antimalware, Spyware terminator a Spyware Doctor.
Ten poslední mi jich našel dost tak sem se kouknul co sou ty viry zač a potom ADIO!!!
No a ten poslední mi ještě našel ROOTKIT - O tom jsem nic nezjistil protože tam nebyl odkaz na ten soubor nebo něco takovýho... No abych to zkrátil tak sem v tom programu dal možnost aby ho smazal a všechno vypadalo OK ale když sem si řekl že ho ještě jednou narychlo projedu tak ten ROOTKIT najde pokaždý když dám prohledat PC. Poradíte mi prosim jak to smazat ? Teda jestli to neni nějakej falešnej poplach nebo tak něco... A nebo mi doporučte nějaký program na prohledání ROOTKIOTů.
Díky.

#2 Příspěvek od **Márty84** » 05 úno 2012 15:56

Zdravim

Zkuste TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe
Postupujte podle navodu od kolegy

vyosek píše:
Utilitu spustte a prikazte ji, at skenuje - klik na Start Scan

Pokud utilita najde infikekci, bude ji chtit lecit (Cure), povolte leceni kliknutim na Continue

Pokud utilita najde podezrely soubor (suspicious), bude jej chtit preskocit (Skip), povolte preskoceni kliknutim na Continue

Po dokonceni skenu bude mozna nutny restart PC, povolte jej kliknutim na Reboot now

Po restartu na Vas vyskoci log, pokud se tak nestane, najdete jej primo na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt - jeho obsah sem vlozte

Pokud restart nebude vyzadovan, kliknete na Close a nasledne na Report - vytvori se log - jeho obsah sem vlozte

Milan12300 · #3 Příspěvek od **Milan12300** » 05 úno 2012 16:13

Tak koukám že měl Spyware Doctor pravdu tenhle prográmek od Kaspersky našel to samí.
Tady je ten report:

16:11:03.0797 2080 TDSS rootkit removing tool 2.7.9.0 Feb 1 2012 09:28:49
16:11:03.0984 2080 ============================================================
16:11:04.0000 2080 Current date / time: 2012/02/05 16:11:03.0984
16:11:04.0000 2080 SystemInfo:
16:11:04.0000 2080
16:11:04.0000 2080 OS Version: 6.1.7600 ServicePack: 0.0
16:11:04.0000 2080 Product type: Workstation
16:11:04.0000 2080 ComputerName: X-PC
16:11:04.0000 2080 UserName: X
16:11:04.0000 2080 Windows directory: C:\Windows
16:11:04.0000 2080 System windows directory: C:\Windows
16:11:04.0000 2080 Processor architecture: Intel x86
16:11:04.0000 2080 Number of processors: 1
16:11:04.0000 2080 Page size: 0x1000
16:11:04.0000 2080 Boot type: Normal boot
16:11:04.0000 2080 ============================================================
16:11:05.0076 2080 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x50C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050
16:11:05.0076 2080 \Device\Harddisk0\DR0:
16:11:05.0076 2080 MBR used
16:11:05.0076 2080 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:11:05.0076 2080 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x129E6800
16:11:05.0092 2080 Initialize success
16:11:05.0092 2080 ============================================================
16:11:06.0465 0976 ============================================================
16:11:06.0465 0976 Scan started
16:11:06.0465 0976 Mode: Manual;
16:11:06.0465 0976 ============================================================
16:11:07.0338 0976 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
16:11:07.0338 0976 1394ohci - ok
16:11:07.0432 0976 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
16:11:07.0432 0976 ACPI - ok
16:11:07.0479 0976 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
16:11:07.0479 0976 AcpiPmi - ok
16:11:07.0557 0976 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
16:11:07.0557 0976 adp94xx - ok
16:11:07.0588 0976 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
16:11:07.0588 0976 adpahci - ok
16:11:07.0635 0976 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
16:11:07.0650 0976 adpu320 - ok
16:11:07.0744 0976 AFD (0db7a48388d54d154ebec120461a0fcd) C:\Windows\system32\drivers\afd.sys
16:11:07.0760 0976 AFD - ok
16:11:07.0806 0976 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
16:11:07.0822 0976 agp440 - ok
16:11:07.0869 0976 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
16:11:07.0869 0976 aic78xx - ok
16:11:07.0884 0976 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
16:11:07.0900 0976 aliide - ok
16:11:08.0087 0976 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
16:11:08.0087 0976 amdagp - ok
16:11:08.0134 0976 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
16:11:08.0134 0976 amdide - ok
16:11:08.0181 0976 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
16:11:08.0181 0976 AmdK8 - ok
16:11:08.0196 0976 AmdLLD - ok
16:11:08.0228 0976 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
16:11:08.0228 0976 AmdPPM - ok
16:11:08.0274 0976 amdsata (2101a86c25c154f8314b24ef49d7fbc2) C:\Windows\system32\DRIVERS\amdsata.sys
16:11:08.0274 0976 amdsata - ok
16:11:08.0321 0976 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
16:11:08.0321 0976 amdsbs - ok
16:11:08.0368 0976 amdxata (b81c2b5616f6420a9941ea093a92b150) C:\Windows\system32\DRIVERS\amdxata.sys
16:11:08.0384 0976 amdxata - ok
16:11:08.0430 0976 ApfiltrService - ok
16:11:08.0540 0976 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
16:11:08.0540 0976 AppID - ok
16:11:08.0602 0976 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
16:11:08.0602 0976 arc - ok
16:11:08.0649 0976 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
16:11:08.0649 0976 arcsas - ok
16:11:08.0680 0976 aswFsBlk (054df24c92b55427e0757cfff160e4f2) C:\Windows\system32\drivers\aswFsBlk.sys
16:11:08.0680 0976 aswFsBlk - ok
16:11:08.0727 0976 aswMonFlt (258143605e77e4008f1758481d6a977d) C:\Windows\system32\drivers\aswMonFlt.sys
16:11:08.0727 0976 aswMonFlt - ok
16:11:08.0758 0976 aswRdr (352d5a48ebab35a7693b048679304831) C:\Windows\system32\drivers\aswRdr.sys
16:11:08.0758 0976 aswRdr - ok
16:11:08.0789 0976 aswSnx (8d34d2b24297e27d93e847319abfdec4) C:\Windows\system32\drivers\aswSnx.sys
16:11:08.0789 0976 aswSnx - ok
16:11:08.0820 0976 aswSP (010012597333da1f46c3243f33f8409e) C:\Windows\system32\drivers\aswSP.sys
16:11:08.0820 0976 aswSP - ok
16:11:08.0852 0976 aswTdi (f9f84364416658e9786235904d448d37) C:\Windows\system32\drivers\aswTdi.sys
16:11:08.0852 0976 aswTdi - ok
16:11:08.0883 0976 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
16:11:08.0883 0976 AsyncMac - ok
16:11:08.0898 0976 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
16:11:08.0898 0976 atapi - ok
16:11:08.0992 0976 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
16:11:08.0992 0976 b06bdrv - ok
16:11:09.0054 0976 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
16:11:09.0070 0976 b57nd60x - ok
16:11:09.0101 0976 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
16:11:09.0117 0976 Beep - ok
16:11:09.0195 0976 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
16:11:09.0195 0976 blbdrive - ok
16:11:09.0226 0976 bowser (fcafaef6798d7b51ff029f99a9898961) C:\Windows\system32\DRIVERS\bowser.sys
16:11:09.0226 0976 bowser - ok
16:11:09.0273 0976 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:11:09.0273 0976 BrFiltLo - ok
16:11:09.0320 0976 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:11:09.0320 0976 BrFiltUp - ok
16:11:09.0398 0976 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys
16:11:09.0398 0976 BridgeMP - ok
16:11:09.0429 0976 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
16:11:09.0444 0976 Brserid - ok
16:11:09.0460 0976 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
16:11:09.0460 0976 BrSerWdm - ok
16:11:09.0507 0976 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:11:09.0507 0976 BrUsbMdm - ok
16:11:09.0554 0976 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
16:11:09.0554 0976 BrUsbSer - ok
16:11:09.0600 0976 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
16:11:09.0600 0976 BTHMODEM - ok
16:11:09.0663 0976 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
16:11:09.0663 0976 cdfs - ok
16:11:09.0710 0976 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
16:11:09.0710 0976 cdrom - ok
16:11:09.0741 0976 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
16:11:09.0741 0976 circlass - ok
16:11:09.0788 0976 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
16:11:09.0788 0976 CLFS - ok
16:11:09.0803 0976 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
16:11:09.0803 0976 CmBatt - ok
16:11:09.0866 0976 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
16:11:09.0866 0976 cmdide - ok
16:11:09.0897 0976 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
16:11:09.0897 0976 CNG - ok
16:11:09.0928 0976 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
16:11:09.0928 0976 Compbatt - ok
16:11:09.0975 0976 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
16:11:09.0975 0976 CompositeBus - ok
16:11:10.0006 0976 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
16:11:10.0006 0976 crcdisk - ok
16:11:10.0022 0976 CrystalSysInfo - ok
16:11:10.0068 0976 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys
16:11:10.0068 0976 CSC - ok
16:11:10.0115 0976 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\Windows\system32\Drivers\dfsc.sys
16:11:10.0115 0976 DfsC - ok
16:11:10.0162 0976 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
16:11:10.0162 0976 discache - ok
16:11:10.0178 0976 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
16:11:10.0178 0976 Disk - ok
16:11:10.0302 0976 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
16:11:10.0302 0976 drmkaud - ok
16:11:10.0365 0976 DrvAgent32 (651554e483712b708ede864d0ca1aa73) C:\Windows\system32\Drivers\DrvAgent32.sys
16:11:10.0365 0976 DrvAgent32 - ok
16:11:10.0427 0976 DXGKrnl (8b6c3464d7fac176500061dbfff42ad4) C:\Windows\System32\drivers\dxgkrnl.sys
16:11:10.0443 0976 DXGKrnl - ok
16:11:10.0458 0976 EagleNT - ok
16:11:10.0552 0976 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
16:11:10.0568 0976 ebdrv - ok
16:11:10.0614 0976 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
16:11:10.0614 0976 elxstor - ok
16:11:10.0646 0976 ENTECH (16ebd8bf1d5090923694cc972c7ce1b4) C:\Windows\system32\DRIVERS\ENTECH.sys
16:11:10.0661 0976 ENTECH - ok
16:11:10.0677 0976 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
16:11:10.0677 0976 ErrDev - ok
16:11:10.0739 0976 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
16:11:10.0739 0976 exfat - ok
16:11:10.0755 0976 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
16:11:10.0770 0976 fastfat - ok
16:11:10.0817 0976 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
16:11:10.0817 0976 fdc - ok
16:11:10.0864 0976 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
16:11:10.0864 0976 FileInfo - ok
16:11:10.0895 0976 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
16:11:10.0895 0976 Filetrace - ok
16:11:10.0926 0976 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
16:11:10.0926 0976 flpydisk - ok
16:11:10.0973 0976 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
16:11:10.0973 0976 FltMgr - ok
16:11:11.0004 0976 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
16:11:11.0004 0976 FsDepends - ok
16:11:11.0051 0976 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
16:11:11.0051 0976 Fs_Rec - ok
16:11:11.0114 0976 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys
16:11:11.0114 0976 fvevol - ok
16:11:11.0176 0976 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
16:11:11.0192 0976 gagp30kx - ok
16:11:11.0223 0976 gdrv - ok
16:11:11.0332 0976 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
16:11:11.0332 0976 hcw85cir - ok
16:11:11.0394 0976 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
16:11:11.0394 0976 HdAudAddService - ok
16:11:11.0426 0976 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
16:11:11.0426 0976 HDAudBus - ok
16:11:11.0457 0976 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
16:11:11.0457 0976 HidBatt - ok
16:11:11.0504 0976 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
16:11:11.0504 0976 HidBth - ok
16:11:11.0550 0976 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
16:11:11.0550 0976 HidIr - ok
16:11:11.0597 0976 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
16:11:11.0613 0976 HidUsb - ok
16:11:11.0660 0976 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
16:11:11.0675 0976 HpSAMD - ok
16:11:11.0706 0976 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
16:11:11.0706 0976 HTTP - ok
16:11:11.0738 0976 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
16:11:11.0738 0976 hwpolicy - ok
16:11:11.0769 0976 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
16:11:11.0769 0976 i8042prt - ok
16:11:11.0800 0976 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\DRIVERS\iaStorV.sys
16:11:11.0800 0976 iaStorV - ok
16:11:11.0831 0976 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
16:11:11.0831 0976 iirsp - ok
16:11:12.0050 0976 IntcAzAudAddService (0dbef9cd5a2cd71240dd5afcee56d073) C:\Windows\system32\drivers\RTKVHDA.sys
16:11:12.0081 0976 IntcAzAudAddService - ok
16:11:12.0128 0976 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
16:11:12.0128 0976 intelide - ok
16:11:12.0174 0976 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
16:11:12.0174 0976 intelppm - ok
16:11:12.0206 0976 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:11:12.0206 0976 IpFilterDriver - ok
16:11:12.0237 0976 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
16:11:12.0237 0976 IPMIDRV - ok
16:11:12.0268 0976 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
16:11:12.0268 0976 IPNAT - ok
16:11:12.0299 0976 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
16:11:12.0299 0976 IRENUM - ok
16:11:12.0330 0976 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
16:11:12.0330 0976 isapnp - ok
16:11:12.0362 0976 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
16:11:12.0362 0976 iScsiPrt - ok
16:11:12.0393 0976 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
16:11:12.0393 0976 kbdclass - ok
16:11:12.0440 0976 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
16:11:12.0440 0976 kbdhid - ok
16:11:12.0502 0976 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
16:11:12.0502 0976 KSecDD - ok
16:11:12.0533 0976 KSecPkg (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys
16:11:12.0549 0976 KSecPkg - ok
16:11:12.0627 0976 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
16:11:12.0627 0976 lltdio - ok
16:11:12.0674 0976 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
16:11:12.0674 0976 LSI_FC - ok
16:11:12.0705 0976 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
16:11:12.0705 0976 LSI_SAS - ok
16:11:12.0736 0976 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:11:12.0736 0976 LSI_SAS2 - ok
16:11:12.0767 0976 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:11:12.0767 0976 LSI_SCSI - ok
16:11:12.0783 0976 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
16:11:12.0783 0976 luafv - ok
16:11:12.0876 0976 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
16:11:12.0876 0976 megasas - ok
16:11:12.0939 0976 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
16:11:12.0939 0976 MegaSR - ok
16:11:13.0001 0976 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
16:11:13.0001 0976 Modem - ok
16:11:13.0017 0976 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
16:11:13.0032 0976 monitor - ok
16:11:13.0048 0976 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
16:11:13.0048 0976 mouclass - ok
16:11:13.0204 0976 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
16:11:13.0204 0976 mouhid - ok
16:11:13.0251 0976 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
16:11:13.0251 0976 mountmgr - ok
16:11:13.0282 0976 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
16:11:13.0282 0976 mpio - ok
16:11:13.0313 0976 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
16:11:13.0313 0976 mpsdrv - ok
16:11:13.0344 0976 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
16:11:13.0344 0976 MRxDAV - ok
16:11:13.0376 0976 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:11:13.0376 0976 mrxsmb - ok
16:11:13.0422 0976 mrxsmb10 (c108952d3660375dcb716b222912e868) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:11:13.0422 0976 mrxsmb10 - ok
16:11:13.0438 0976 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:11:13.0438 0976 mrxsmb20 - ok
16:11:13.0469 0976 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
16:11:13.0469 0976 msahci - ok
16:11:13.0516 0976 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
16:11:13.0516 0976 msdsm - ok
16:11:13.0547 0976 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
16:11:13.0547 0976 Msfs - ok
16:11:13.0578 0976 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
16:11:13.0578 0976 mshidkmdf - ok
16:11:13.0594 0976 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
16:11:13.0594 0976 msisadrv - ok
16:11:13.0656 0976 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
16:11:13.0656 0976 MSKSSRV - ok
16:11:13.0688 0976 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
16:11:13.0703 0976 MSPCLOCK - ok
16:11:13.0734 0976 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
16:11:13.0734 0976 MSPQM - ok
16:11:13.0750 0976 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
16:11:13.0766 0976 MsRPC - ok
16:11:13.0781 0976 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
16:11:13.0781 0976 mssmbios - ok
16:11:13.0812 0976 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
16:11:13.0812 0976 MSTEE - ok
16:11:13.0859 0976 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
16:11:13.0859 0976 MTConfig - ok
16:11:13.0906 0976 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
16:11:13.0906 0976 Mup - ok
16:11:13.0937 0976 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
16:11:13.0953 0976 NativeWifiP - ok
16:11:14.0000 0976 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
16:11:14.0000 0976 NDIS - ok
16:11:14.0031 0976 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
16:11:14.0031 0976 NdisCap - ok
16:11:14.0062 0976 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
16:11:14.0062 0976 NdisTapi - ok
16:11:14.0093 0976 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
16:11:14.0093 0976 Ndisuio - ok
16:11:14.0124 0976 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
16:11:14.0124 0976 NdisWan - ok
16:11:14.0140 0976 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
16:11:14.0156 0976 NDProxy - ok
16:11:14.0171 0976 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
16:11:14.0171 0976 NetBIOS - ok
16:11:14.0202 0976 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
16:11:14.0202 0976 NetBT - ok
16:11:14.0296 0976 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
16:11:14.0296 0976 nfrd960 - ok
16:11:14.0327 0976 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
16:11:14.0327 0976 Npfs - ok
16:11:14.0358 0976 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
16:11:14.0358 0976 nsiproxy - ok
16:11:14.0436 0976 Ntfs (3795dcd21f740ee799fb7223234215af) C:\Windows\system32\drivers\Ntfs.sys
16:11:14.0468 0976 Ntfs - ok
16:11:14.0499 0976 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
16:11:14.0499 0976 Null - ok
16:11:14.0561 0976 NVENETFD (b5e37e31c053bc9950455a257526514b) C:\Windows\system32\DRIVERS\nvm62x32.sys
16:11:14.0561 0976 NVENETFD - ok
16:11:14.0795 0976 nvlddmkm (66b4bf606fcc7f0622d4a21bb1461089) C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:11:14.0873 0976 nvlddmkm - ok
16:11:14.0936 0976 NVNET (0219b05730635fcab3a9925d3374c464) C:\Windows\system32\DRIVERS\nvmf6232.sys
16:11:14.0951 0976 NVNET - ok
16:11:15.0014 0976 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\Windows\system32\DRIVERS\nvraid.sys
16:11:15.0014 0976 nvraid - ok
16:11:15.0060 0976 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\Windows\system32\DRIVERS\nvstor.sys
16:11:15.0060 0976 nvstor - ok
16:11:15.0092 0976 nvstor32 (97778c3cb3af6b2243648d0dcd4d8916) C:\Windows\system32\DRIVERS\nvstor32.sys
16:11:15.0092 0976 nvstor32 - ok
16:11:15.0185 0976 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
16:11:15.0185 0976 nv_agp - ok
16:11:15.0232 0976 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
16:11:15.0232 0976 ohci1394 - ok
16:11:15.0279 0976 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
16:11:15.0279 0976 Parport - ok
16:11:15.0294 0976 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
16:11:15.0294 0976 partmgr - ok
16:11:15.0341 0976 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
16:11:15.0341 0976 Parvdm - ok
16:11:15.0419 0976 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys
16:11:15.0419 0976 pccsmcfd - ok
16:11:15.0435 0976 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
16:11:15.0435 0976 pci - ok
16:11:15.0450 0976 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
16:11:15.0466 0976 pciide - ok
16:11:15.0497 0976 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
16:11:15.0513 0976 pcmcia - ok
16:11:15.0544 0976 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\Windows\system32\Drivers\pcouffin.sys
16:11:15.0544 0976 pcouffin - ok
16:11:15.0591 0976 PCTAppEvent - ok
16:11:15.0638 0976 PCTBD - ok
16:11:15.0669 0976 PCTCore - ok
16:11:15.0700 0976 pctDS - ok
16:11:15.0716 0976 pctEFA - ok
16:11:15.0731 0976 PCTFW-PacketFilter - ok
16:11:15.0747 0976 pctgntdi - ok
16:11:15.0809 0976 PCTSD (ec49993baa9a86adf1cb6fa1cd895882) C:\Windows\system32\Drivers\PCTSD.sys
16:11:15.0809 0976 PCTSD - ok
16:11:15.0856 0976 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
16:11:15.0856 0976 pcw - ok
16:11:15.0903 0976 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
16:11:15.0903 0976 PEAUTH - ok
16:11:16.0043 0976 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
16:11:16.0043 0976 PptpMiniport - ok
16:11:16.0090 0976 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
16:11:16.0090 0976 Processor - ok
16:11:16.0121 0976 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
16:11:16.0137 0976 Psched - ok
16:11:16.0184 0976 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
16:11:16.0199 0976 ql2300 - ok
16:11:16.0230 0976 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
16:11:16.0230 0976 ql40xx - ok
16:11:16.0262 0976 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
16:11:16.0262 0976 QWAVEdrv - ok
16:11:16.0293 0976 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
16:11:16.0293 0976 RasAcd - ok
16:11:16.0340 0976 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:11:16.0340 0976 RasAgileVpn - ok
16:11:16.0371 0976 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:11:16.0371 0976 Rasl2tp - ok
16:11:16.0386 0976 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
16:11:16.0386 0976 RasPppoe - ok
16:11:16.0418 0976 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
16:11:16.0418 0976 RasSstp - ok
16:11:16.0449 0976 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
16:11:16.0449 0976 rdbss - ok
16:11:16.0464 0976 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
16:11:16.0464 0976 rdpbus - ok
16:11:16.0496 0976 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:11:16.0496 0976 RDPCDD - ok
16:11:16.0542 0976 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys
16:11:16.0542 0976 RDPDR - ok
16:11:16.0558 0976 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
16:11:16.0574 0976 RDPENCDD - ok
16:11:16.0589 0976 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
16:11:16.0589 0976 RDPREFMP - ok
16:11:16.0636 0976 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
16:11:16.0636 0976 RDPWD - ok
16:11:16.0698 0976 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
16:11:16.0714 0976 rdyboost - ok
16:11:16.0792 0976 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
16:11:16.0792 0976 rspndr - ok
16:11:16.0839 0976 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys
16:11:16.0839 0976 s3cap - ok
16:11:16.0886 0976 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
16:11:16.0886 0976 sbp2port - ok
16:11:16.0917 0976 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
16:11:16.0917 0976 scfilter - ok
16:11:16.0964 0976 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
16:11:16.0964 0976 secdrv - ok
16:11:17.0073 0976 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
16:11:17.0073 0976 Serenum - ok
16:11:17.0104 0976 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
16:11:17.0104 0976 Serial - ok
16:11:17.0135 0976 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
16:11:17.0135 0976 sermouse - ok
16:11:17.0182 0976 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
16:11:17.0182 0976 sffdisk - ok
16:11:17.0229 0976 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
16:11:17.0229 0976 sffp_mmc - ok
16:11:17.0276 0976 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys
16:11:17.0276 0976 sffp_sd - ok
16:11:17.0354 0976 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
16:11:17.0354 0976 sfloppy - ok
16:11:17.0416 0976 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
16:11:17.0416 0976 sisagp - ok
16:11:17.0478 0976 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:11:17.0478 0976 SiSRaid2 - ok
16:11:17.0510 0976 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
16:11:17.0510 0976 SiSRaid4 - ok
16:11:17.0541 0976 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
16:11:17.0541 0976 Smb - ok
16:11:17.0572 0976 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
16:11:17.0572 0976 spldr - ok
16:11:17.0634 0976 sptd (614deea4bdcec3fd5a07bdc705723ad7) C:\Windows\System32\Drivers\sptd.sys
16:11:17.0634 0976 Suspicious file (NoAccess): C:\Windows\System32\Drivers\sptd.sys. md5: 614deea4bdcec3fd5a07bdc705723ad7
16:11:17.0634 0976 sptd ( LockedFile.Multi.Generic ) - warning
16:11:17.0634 0976 sptd - detected LockedFile.Multi.Generic (1)
16:11:17.0681 0976 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\Windows\system32\DRIVERS\srv.sys
16:11:17.0681 0976 srv - ok
16:11:17.0697 0976 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\Windows\system32\DRIVERS\srv2.sys
16:11:17.0712 0976 srv2 - ok
16:11:17.0728 0976 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\Windows\system32\DRIVERS\srvnet.sys
16:11:17.0728 0976 srvnet - ok
16:11:17.0790 0976 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
16:11:17.0790 0976 stexstor - ok
16:11:17.0837 0976 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys
16:11:17.0837 0976 storflt - ok
16:11:17.0868 0976 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys
16:11:17.0884 0976 storvsc - ok
16:11:17.0900 0976 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
16:11:17.0915 0976 swenum - ok
16:11:17.0993 0976 Tcpip (0158d5e9982e9d6a90dfc802f618e130) C:\Windows\system32\drivers\tcpip.sys
16:11:18.0009 0976 Tcpip - ok
16:11:18.0056 0976 TCPIP6 (0158d5e9982e9d6a90dfc802f618e130) C:\Windows\system32\DRIVERS\tcpip.sys
16:11:18.0071 0976 TCPIP6 - ok
16:11:18.0102 0976 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
16:11:18.0102 0976 tcpipreg - ok
16:11:18.0134 0976 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
16:11:18.0134 0976 TDPIPE - ok
16:11:18.0180 0976 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
16:11:18.0180 0976 TDTCP - ok
16:11:18.0258 0976 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
16:11:18.0258 0976 tdx - ok
16:11:18.0305 0976 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
16:11:18.0305 0976 TermDD - ok
16:11:18.0446 0976 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:11:18.0446 0976 tssecsrv - ok
16:11:18.0477 0976 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
16:11:18.0477 0976 tunnel - ok
16:11:18.0524 0976 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
16:11:18.0539 0976 uagp35 - ok
16:11:18.0586 0976 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
16:11:18.0586 0976 udfs - ok
16:11:18.0648 0976 ULCDRHlp (a4e07da3ae2078bd96e84d4baa07b71d) C:\Windows\system32\Drivers\ULCDRHlp.sys
16:11:18.0648 0976 ULCDRHlp - ok
16:11:18.0695 0976 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
16:11:18.0695 0976 uliagpkx - ok
16:11:18.0726 0976 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
16:11:18.0726 0976 umbus - ok
16:11:18.0742 0976 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
16:11:18.0758 0976 UmPass - ok
16:11:18.0820 0976 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys
16:11:18.0820 0976 usbccgp - ok
16:11:18.0867 0976 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
16:11:18.0867 0976 usbcir - ok
16:11:18.0898 0976 usbehci (ff32d4f3ec3c68b2ca61782c7964f54e) C:\Windows\system32\DRIVERS\usbehci.sys
16:11:18.0898 0976 usbehci - ok
16:11:18.0929 0976 usbhub (b0dfc7b484e0ca0c27bda5433b82d94a) C:\Windows\system32\DRIVERS\usbhub.sys
16:11:18.0929 0976 usbhub - ok
16:11:18.0976 0976 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
16:11:18.0976 0976 usbohci - ok
16:11:19.0007 0976 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
16:11:19.0007 0976 usbprint - ok
16:11:19.0038 0976 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
16:11:19.0038 0976 usbscan - ok
16:11:19.0085 0976 usbser (88701eca76145e2c011c0eeff0f7b70e) C:\Windows\system32\drivers\usbser.sys
16:11:19.0085 0976 usbser - ok
16:11:19.0132 0976 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:11:19.0132 0976 USBSTOR - ok
16:11:19.0179 0976 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
16:11:19.0179 0976 usbuhci - ok
16:11:19.0226 0976 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
16:11:19.0226 0976 vdrvroot - ok
16:11:19.0272 0976 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
16:11:19.0272 0976 vga - ok
16:11:19.0319 0976 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
16:11:19.0319 0976 VgaSave - ok
16:11:19.0350 0976 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
16:11:19.0350 0976 vhdmp - ok
16:11:19.0382 0976 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
16:11:19.0382 0976 viaagp - ok
16:11:19.0413 0976 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
16:11:19.0413 0976 ViaC7 - ok
16:11:19.0460 0976 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
16:11:19.0460 0976 viaide - ok
16:11:19.0506 0976 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys
16:11:19.0522 0976 vmbus - ok
16:11:19.0538 0976 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys
16:11:19.0538 0976 VMBusHID - ok
16:11:19.0569 0976 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
16:11:19.0569 0976 volmgr - ok
16:11:19.0600 0976 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
16:11:19.0600 0976 volmgrx - ok
16:11:19.0631 0976 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
16:11:19.0631 0976 volsnap - ok
16:11:19.0678 0976 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
16:11:19.0678 0976 vsmraid - ok
16:11:19.0740 0976 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
16:11:19.0740 0976 vwifibus - ok
16:11:19.0834 0976 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
16:11:19.0834 0976 WacomPen - ok
16:11:19.0865 0976 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
16:11:19.0865 0976 WANARP - ok
16:11:19.0881 0976 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
16:11:19.0881 0976 Wanarpv6 - ok
16:11:19.0943 0976 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
16:11:19.0943 0976 Wd - ok
16:11:19.0974 0976 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
16:11:19.0974 0976 Wdf01000 - ok
16:11:20.0115 0976 WFLR6654 (319828cb5e92cd4a134340871b71bc15) C:\Windows\system32\drivers\wfeaglxt.sys
16:11:20.0115 0976 WFLR6654 - ok
16:11:20.0177 0976 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
16:11:20.0177 0976 WfpLwf - ok
16:11:20.0208 0976 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
16:11:20.0208 0976 WIMMount - ok
16:11:20.0302 0976 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys
16:11:20.0302 0976 WinUsb - ok
16:11:20.0349 0976 WmBEnum (5d410936831f7fb58eff941eac3f6d3d) C:\Windows\system32\drivers\WmBEnum.sys
16:11:20.0349 0976 WmBEnum - ok
16:11:20.0396 0976 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
16:11:20.0396 0976 WmiAcpi - ok
16:11:20.0442 0976 WmVirHid (6f04646bc690f8bbfc344be32a60796d) C:\Windows\system32\drivers\WmVirHid.sys
16:11:20.0442 0976 WmVirHid - ok
16:11:20.0458 0976 WmXlCore (1d6ca43d562333f4dfb40bcef2453f3a) C:\Windows\system32\drivers\WmXlCore.sys
16:11:20.0458 0976 WmXlCore - ok
16:11:20.0520 0976 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
16:11:20.0520 0976 ws2ifsl - ok
16:11:20.0583 0976 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
16:11:20.0583 0976 WudfPf - ok
16:11:20.0645 0976 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:11:20.0645 0976 WUDFRd - ok
16:11:20.0708 0976 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
16:11:20.0770 0976 \Device\Harddisk0\DR0 - ok
16:11:20.0786 0976 Boot (0x1200) (00888cfd5d2d6de9bd5feee0a0c53f64) \Device\Harddisk0\DR0\Partition0
16:11:20.0786 0976 \Device\Harddisk0\DR0\Partition0 - ok
16:11:20.0817 0976 Boot (0x1200) (ce7ff4ada0dbd2acaf3aae52992311f1) \Device\Harddisk0\DR0\Partition1
16:11:20.0817 0976 \Device\Harddisk0\DR0\Partition1 - ok
16:11:20.0817 0976 ============================================================
16:11:20.0817 0976 Scan finished
16:11:20.0817 0976 ============================================================
16:11:20.0832 2980 Detected object count: 1
16:11:20.0832 2980 Actual detected object count: 1
16:11:23.0422 2980 sptd ( LockedFile.Multi.Generic ) - skipped by user
16:11:23.0422 2980 sptd ( LockedFile.Multi.Generic ) - User select action: Skip

#4 Příspěvek od **Márty84** » 05 úno 2012 16:33

Sptd je ovladac virtualni mechaniky, ktery programy mylne detekuji jako havet. Jestli Spyware Doctor detekuje to same, melo by to byt v poradku. Tedy falesny poplach. Jsou s pc nejake problemy?

Milan12300 · #5 Příspěvek od **Milan12300** » 05 úno 2012 16:49

Ne s počítačem žádné problémy zatím nejsou. Díky moc

Akorát občas zamrzá. Myslím že to je tim že mám trošku bordel v registrech-tím myslím že tam jsou třeba zbytky programů které v PC už dávno nemám atd.... Už jsem od tam tud pár zbytků smazal co jsem našel. Ale ještě toho tam je hrozně moc. Každý program na čištění registrů nejde něco jinýho než ten druhý. Nevím který kvalitní čistič mám použít. Já teď používám AVG PC Tuneup a ten čistí registry docela dobře a ještě mám Wise Registry Cleaner. Jaký čistič by jste mi doporučil ? Jo a chci se ještě zeptat na něco. Naposled před 2 rokama jsem používal tu Virtuální jednotku. Měl sem Daemon Tools ale už si ty hry co si stáhnu rozbalim z toho ISO a instaluju bez tohoto programu. Proto se chci zeptat co mám dělat s tím ovladačem na tu virtual. mech. když už jít používat nebudu.

#6 Příspěvek od **Márty84** » 05 úno 2012 16:55

Tady je nejvice doporucovany CCleaner.

Stahnete Ccleaner http://www.stahuj.centrum.cz/utility_a_ ... /ccleaner/ a spustte.
Pri instalaci pozor na toolbar, jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vysype ho
Dale, podle nastaveni, smaze vsechna hesla ulozene na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows, takze muzete pouzit take

I ja ho pouzivam a spokojenost. Dejte preventivne log z RSIT http://forum.viry.cz/viewtopic.php?f=13&t=105895 a podivame se, jestli tam neco nestrasi. Ale ted musim od pocitace, takze na to mrknu bud vecer, nebo zitra dopoledne

Milan12300 · #7 Příspěvek od **Milan12300** » 05 úno 2012 17:16

Já na čištění PC používám CCleaner a AVG PC Tuneup. A nedávno jsem měl TuneUp Utilities a Advanced SystemCare. TU U mi PC trochu brzdil a lidi psali že jim PC uplně přenastavil a že už ho ani nemohli pustit - a to nevim jak je vubec možný protože by ho měl spíš zrychlit než rozbit. A ten ASC je to to samí. A občas když se mi opravdu hodně seká tak ho projedu System Mechanicem. Jaký je podle vám tenhle program: http://www.iolo.com/system-mechanic/standard/
Tady je log:

Logfile of random's system information tool 1.09 (written by random/random)
Run by X at 2012-02-05 17:00:41
Microsoft Windows 7 Professional
System drive C: has 67 GB (44%) free of 153 GB
Total RAM: 2048 MB (38% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:01:06, on 5.2.2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Seznam.cz\postak.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskhost.exe
C:\Users\X\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\X\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\X\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\X\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\EA GAMES\The Battle for Middle-earth (tm)\lotrbfme.exe
C:\Program Files\EA GAMES\The Battle for Middle-earth (tm)\game.dat
C:\Users\X\AppData\Local\Temp\~e5.0001
C:\Users\X\Downloads\RSIT.exe
C:\Program Files\trend micro\X.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... weetim.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:25432;
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files\Seznam.cz\postak.exe" -s
O18 - Protocol: toolbarchrome - (no CLSID) - (no file)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: MBFN - Sysinternals - www.sysinternals.com - C:\Users\X\AppData\Local\Temp\MBFN.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 3006 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-11-28 3744552]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]
"Seznam Postak"=C:\Program Files\Seznam.cz\postak.exe [2011-05-25 491040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverMax]
C:\Program Files\Innovative Solutions\DriverMax\drivermax.exe [2012-01-26 8563624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverMax_RESTART]
C:\Program Files\Innovative Solutions\DriverMax\drivermax.exe [2012-01-26 8563624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2011-12-13 11487848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateMyDrivers]
C:\Program Files\SmartTweak Software\UpdateMyDrivers\UpdateMyDrivers.exe /ot /as /ss []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFast Schedule]
C:\Program Files\WinFast\WFDTV\WFWIZ.exe [2010-08-11 2920448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFastDTV]
C:\Program Files\WinFast\WFDTV\DTVSchdl.exe [2011-06-08 101888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2009-07-14 229376]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=2
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoInstrumentation"=1
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"VIDC.MKVC"=KMVIDC32.DLL
"VIDC.FFDS"=ff_vfw.dll
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"vidc.tscc"=tsccvid.dll
"msacm.l3codec"=l3codecp.acm
"vidc.MPG4"=MPG4C32.dll
"vidc.MP42"=MPG4C32.dll
"vidc.MP43"=MPG4C32.dll
"VIDC.FPS1"=frapsvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2012-02-05 17:00:43 ----D---- C:\Program Files\trend micro
2012-02-05 17:00:41 ----D---- C:\rsit
2012-02-05 16:11:03 ----A---- C:\TDSSKiller.2.7.9.0_05.02.2012_16.11.03_log.txt
2012-02-05 16:09:01 ----A---- C:\TDSSKiller.2.7.9.0_05.02.2012_16.09.01_log.txt
2012-02-05 12:28:50 ----D---- C:\Users\X\AppData\Roaming\PC Tools
2012-02-05 12:23:29 ----D---- C:\Program Files\PC Tools
2012-02-05 12:06:38 ----D---- C:\Program Files\Common Files\PC Tools
2012-02-05 11:42:03 ----D---- C:\ProgramData\PC Tools
2012-02-04 18:57:43 ----D---- C:\Users\X\AppData\Roaming\Nero
2012-02-04 14:26:49 ----D---- C:\Program Files\uTorrent
2012-02-04 00:22:40 ----A---- C:\Windows\system32\nvvsvc.exe
2012-02-04 00:22:40 ----A---- C:\Windows\system32\nvshext.dll
2012-02-04 00:22:39 ----A---- C:\Windows\system32\nvsvc.dll
2012-02-04 00:22:39 ----A---- C:\Windows\system32\nvcpl.dll
2012-02-04 00:22:38 ----A---- C:\Windows\system32\nvmctray.dll
2012-02-04 00:22:31 ----A---- C:\Windows\system32\easyupdatusapiu.dll
2012-02-04 00:14:45 ----A---- C:\Windows\system32\OpenCL.dll
2012-02-04 00:14:45 ----A---- C:\Windows\system32\nvoglv32.dll
2012-02-04 00:14:45 ----A---- C:\Windows\system32\nvcuvid.dll
2012-02-04 00:14:45 ----A---- C:\Windows\system32\nvcuvenc.dll
2012-02-04 00:14:45 ----A---- C:\Windows\system32\nvcuda.dll
2012-02-04 00:14:45 ----A---- C:\Windows\system32\nvcompiler.dll
2012-02-04 00:14:45 ----A---- C:\Windows\system32\nvapi.dll
2012-02-04 00:14:45 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2012-02-03 23:46:13 ----D---- C:\ProgramData\DriverGenius
2012-02-03 18:47:08 ----D---- C:\Program Files\Innovative Solutions
2012-02-03 14:26:50 ----D---- C:\Program Files\SlimCleaner
2012-02-03 14:22:03 ----D---- C:\Program Files\SlimComputer
2012-02-03 13:47:30 ----A---- C:\Windows\system32\WdfCoInstaller01007.dll
2012-02-03 13:36:55 ----D---- C:\ProgramData\Uniblue
2012-02-03 12:40:54 ----A---- C:\Windows\system32\WavesLib.dll
2012-02-03 12:40:54 ----A---- C:\Windows\system32\WavesGUILib.dll
2012-02-03 12:40:53 ----A---- C:\Windows\system32\tosade.dll
2012-02-03 12:40:53 ----A---- C:\Windows\system32\TepeqAPO.dll
2012-02-03 12:40:53 ----A---- C:\Windows\system32\tadefxapo2.dll
2012-02-03 12:40:53 ----A---- C:\Windows\system32\tadefxapo.dll
2012-02-03 12:40:53 ----A---- C:\Windows\system32\SRSWOW.dll
2012-02-03 12:40:53 ----A---- C:\Windows\system32\SRSTSXT.dll
2012-02-03 12:40:52 ----A---- C:\Windows\system32\SRSTSHD.dll
2012-02-03 12:40:52 ----A---- C:\Windows\system32\SRSHP360.dll
2012-02-03 12:40:52 ----A---- C:\Windows\system32\SFSS_APO.dll
2012-02-03 12:40:52 ----A---- C:\Windows\system32\SFNHK.dll
2012-02-03 12:40:52 ----A---- C:\Windows\system32\SFCOM.dll
2012-02-03 12:40:52 ----A---- C:\Windows\system32\SFAPO.dll
2012-02-03 12:40:50 ----A---- C:\Windows\system32\RtkPgExt.dll
2012-02-03 12:40:50 ----A---- C:\Windows\system32\drivers\RTKVHDA.sys
2012-02-03 12:40:49 ----A---- C:\Windows\system32\RtkCoLDR.dll
2012-02-03 12:40:49 ----A---- C:\Windows\system32\RtkCoInstII.dll
2012-02-03 12:40:48 ----A---- C:\Windows\system32\RtkApoApi.dll
2012-02-03 12:40:48 ----A---- C:\Windows\system32\RtkAPO.dll
2012-02-03 12:40:46 ----A---- C:\Windows\system32\RTEEP32A.dll
2012-02-03 12:40:46 ----A---- C:\Windows\system32\RTEEL32A.dll
2012-02-03 12:40:46 ----A---- C:\Windows\system32\RTEEG32A.dll
2012-02-03 12:40:45 ----A---- C:\Windows\system32\RTEED32A.dll
2012-02-03 12:40:45 ----A---- C:\Windows\system32\RP3DHT32.dll
2012-02-03 12:40:45 ----A---- C:\Windows\system32\RP3DAA32.dll
2012-02-03 12:40:45 ----A---- C:\Windows\system32\drivers\RTAIODAT.DAT
2012-02-03 12:40:44 ----A---- C:\Windows\system32\RCoRes.dat
2012-02-03 12:40:44 ----A---- C:\Windows\system32\R4EEP32A.dll
2012-02-03 12:40:44 ----A---- C:\Windows\system32\R4EEL32A.dll
2012-02-03 12:40:44 ----A---- C:\Windows\system32\R4EEG32A.dll
2012-02-03 12:40:44 ----A---- C:\Windows\system32\R4EED32A.dll
2012-02-03 12:40:43 ----A---- C:\Windows\system32\R4EEA32A.dll
2012-02-03 12:40:43 ----A---- C:\Windows\system32\MaxxVolumeSDAPO.dll
2012-02-03 12:40:43 ----A---- C:\Windows\system32\MaxxAudioRealtek2.dll
2012-02-03 12:40:43 ----A---- C:\Windows\system32\MaxxAudioRealtek.dll
2012-02-03 12:40:42 ----A---- C:\Windows\system32\MaxxAudioEQ.dll
2012-02-03 12:40:42 ----A---- C:\Windows\system32\MaxxAudioAPO30.dll
2012-02-03 12:40:42 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2012-02-03 12:40:42 ----A---- C:\Windows\system32\MaxxAudioAPO.dll
2012-02-03 12:40:41 ----A---- C:\Windows\system32\KAAPORT.dll
2012-02-03 12:40:41 ----A---- C:\Windows\system32\FMAPO.dll
2012-02-03 12:40:40 ----A---- C:\Windows\system32\DTSVoiceClarityDLL.dll
2012-02-03 12:40:40 ----A---- C:\Windows\system32\DTSU2PREC32.dll
2012-02-03 12:40:40 ----A---- C:\Windows\system32\DTSU2PLFX32.dll
2012-02-03 12:40:40 ----A---- C:\Windows\system32\DTSU2PGFX32.dll
2012-02-03 12:40:39 ----A---- C:\Windows\system32\DTSSymmetryDLL.dll
2012-02-03 12:40:39 ----A---- C:\Windows\system32\DTSS2SpeakerDLL.dll
2012-02-03 12:40:39 ----A---- C:\Windows\system32\DTSS2HeadphoneDLL.dll
2012-02-03 12:40:38 ----A---- C:\Windows\system32\DTSNeoPCDLL.dll
2012-02-03 12:40:38 ----A---- C:\Windows\system32\DTSLimiterDLL.dll
2012-02-03 12:40:38 ----A---- C:\Windows\system32\DTSLFXAPO.dll
2012-02-03 12:40:38 ----A---- C:\Windows\system32\DTSGFXAPONS.dll
2012-02-03 12:40:38 ----A---- C:\Windows\system32\DTSGFXAPO.dll
2012-02-03 12:40:38 ----A---- C:\Windows\system32\DTSGainCompensatorDLL.dll
2012-02-03 12:40:37 ----A---- C:\Windows\system32\DTSBoostDLL.dll
2012-02-03 12:40:37 ----A---- C:\Windows\system32\DTSBassEnhancementDLL.dll
2012-02-03 12:40:36 ----A---- C:\Windows\system32\AERTARen.dll
2012-02-03 12:40:36 ----A---- C:\Windows\system32\AERTACap.dll
2012-02-03 11:36:37 ----D---- C:\Program Files\Microsoft SQL Server
2012-02-03 11:16:59 ----D---- C:\Temp
2012-02-03 11:09:16 ----D---- C:\Program Files\Secunia
2012-02-03 11:05:06 ----D---- C:\Program Files\SlimDrivers
2012-02-03 10:04:10 ----D---- C:\Program Files\Panda Security
2012-02-02 17:17:55 ----D---- C:\Users\X\AppData\Roaming\ArcSoft
2012-02-02 17:17:47 ----D---- C:\ProgramData\ArcSoft
2012-02-02 17:17:36 ----D---- C:\Program Files\Common Files\ArcSoft
2012-02-02 17:16:15 ----D---- C:\Program Files\WinFast
2012-02-02 17:16:14 ----D---- C:\Users\X\AppData\Roaming\InstallShield Installation Information
2012-02-02 17:14:52 ----A---- C:\Windows\system32\drivers\wfeaglxt.sys
2012-02-02 17:14:48 ----D---- C:\Users\X\AppData\Roaming\InstallShield
2012-02-02 16:43:50 ----D---- C:\Users\X\AppData\Roaming\OpenWith.org Cache
2012-02-02 16:36:47 ----D---- C:\Program Files\OpenWith.org Desktop Tool
2012-02-01 17:35:23 ----D---- C:\Program Files\Mozilla Firefox
2012-01-31 20:23:37 ----D---- C:\Users\X\AppData\Roaming\My Battle for Middle-earth Files
2012-01-31 19:09:44 ----D---- C:\Program Files\EA GAMES
2012-01-31 18:19:15 ----D---- C:\Users\X\AppData\Roaming\Wise Registry Cleaner
2012-01-31 18:18:33 ----D---- C:\Program Files\Wise Registry Cleaner
2012-01-29 20:04:04 ----D---- C:\Users\X\AppData\Roaming\GlarySoft
2012-01-29 10:26:16 ----D---- C:\Program Files\MAF-Soft
2012-01-27 19:31:45 ----A---- C:\Windows\system32\SSubTmr6.dll
2012-01-24 21:35:46 ----D---- C:\Program Files\Defraggler
2012-01-20 20:00:14 ----D---- C:\Users\X\AppData\Roaming\EMCO
2012-01-15 18:06:23 ----D---- C:\Users\X\AppData\Roaming\MetaProducts
2012-01-14 21:19:05 ----SHD---- C:\$RECYCLE.BIN
2012-01-14 21:02:53 ----D---- C:\Windows\temp
2012-01-14 19:52:37 ----A---- C:\Windows\zip.exe
2012-01-14 19:52:37 ----A---- C:\Windows\SWSC.exe
2012-01-14 19:52:37 ----A---- C:\Windows\SWREG.exe
2012-01-14 19:52:37 ----A---- C:\Windows\sed.exe
2012-01-14 19:52:37 ----A---- C:\Windows\PEV.exe
2012-01-14 19:52:37 ----A---- C:\Windows\NIRCMD.exe
2012-01-14 19:52:37 ----A---- C:\Windows\MBR.exe
2012-01-14 19:52:37 ----A---- C:\Windows\grep.exe
2012-01-14 19:52:30 ----D---- C:\Windows\ERDNT
2012-01-14 18:17:17 ----A---- C:\Windows\UC.PIF
2012-01-14 18:17:17 ----A---- C:\Windows\RAR.PIF
2012-01-14 18:17:17 ----A---- C:\Windows\NOCLOSE.PIF
2012-01-14 18:17:17 ----A---- C:\Windows\LHA.PIF
2012-01-14 18:17:17 ----A---- C:\Windows\ARJ.PIF
2012-01-14 18:17:16 ----D---- C:\Users\X\AppData\Roaming\GHISLER
2012-01-12 21:15:49 ----D---- C:\Users\X\AppData\Roaming\DMCache
2012-01-12 17:12:37 ----D---- C:\Users\X\AppData\Roaming\Malwarebytes
2012-01-11 21:29:04 ----A---- C:\Windows\system32\mcgdmgr.dll
2012-01-11 21:29:03 ----A---- C:\Windows\system32\mcinsctl.dll
2012-01-08 19:52:13 ----A---- C:\Windows\system32\BASSMOD.dll
2012-01-08 17:02:57 ----D---- C:\Users\X\AppData\Roaming\BITS
2012-01-07 22:27:14 ----D---- C:\ProgramData\SpeedBit
2012-01-07 22:27:10 ----D---- C:\Program Files\Common Files\SpeedBit
2012-01-06 23:13:40 ----A---- C:\Windows\system32\W95Inf32.DLL
2012-01-06 23:13:40 ----A---- C:\Windows\system32\W95Inf16.DLL

======List of files/folders modified in the last 1 month======

2012-02-05 17:00:43 ----RD---- C:\Program Files
2012-02-05 16:11:04 ----D---- C:\Windows\system32\drivers
2012-02-05 15:12:22 ----AD---- C:\ProgramData\Temp
2012-02-05 15:12:14 ----AD---- C:\Windows
2012-02-05 12:45:23 ----SHD---- C:\System Volume Information
2012-02-05 12:45:12 ----SHD---- C:\Windows\Installer
2012-02-05 12:45:12 ----D---- C:\Config.Msi
2012-02-05 12:39:53 ----D---- C:\Windows\Prefetch
2012-02-05 12:27:43 ----D---- C:\Windows\inf
2012-02-05 12:27:39 ----D---- C:\Windows\system32\catroot
2012-02-05 12:27:36 ----D---- C:\Windows\system32\DriverStore
2012-02-05 12:06:38 ----D---- C:\Program Files\Common Files
2012-02-05 11:42:03 ----D---- C:\ProgramData
2012-02-04 19:55:14 ----D---- C:\Windows\system32\config
2012-02-04 19:01:21 ----D---- C:\Program Files\Nero
2012-02-04 19:01:15 ----D---- C:\Program Files\Common Files\Nero
2012-02-04 19:01:09 ----D---- C:\ProgramData\Nero
2012-02-04 19:00:10 ----D---- C:\Windows\system32\Tasks
2012-02-04 17:10:10 ----D---- C:\Program Files\Common Files\Ahead
2012-02-04 13:21:34 ----D---- C:\Windows\System32
2012-02-04 13:21:34 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-02-04 00:23:03 ----D---- C:\ProgramData\NVIDIA
2012-02-04 00:22:29 ----D---- C:\Program Files\NVIDIA Corporation
2012-02-04 00:22:14 ----D---- C:\ProgramData\NVIDIA Corporation
2012-02-03 23:43:58 ----D---- C:\Windows\Tasks
2012-02-03 19:07:48 ----D---- C:\Windows\Microsoft.NET
2012-02-03 17:22:15 ----HD---- C:\Program Files\InstallShield Installation Information
2012-02-03 14:32:42 ----D---- C:\Windows\Panther
2012-02-03 14:32:42 ----D---- C:\Windows\Logs
2012-02-03 14:32:42 ----D---- C:\Windows\debug
2012-02-03 14:18:18 ----RSD---- C:\Windows\assembly
2012-02-03 14:18:11 ----D---- C:\Program Files\Microsoft.NET
2012-02-03 14:18:08 ----D---- C:\Windows\system32\en-US
2012-02-03 14:09:37 ----D---- C:\Windows\system32\wbem
2012-02-03 14:08:45 ----D---- C:\Windows\system32\wfp
2012-02-03 14:08:44 ----D---- C:\Windows\system32\CodeIntegrity
2012-02-03 14:08:44 ----D---- C:\Windows\security
2012-02-03 14:08:28 ----D---- C:\Windows\system32\catroot2
2012-02-03 14:08:27 ----D---- C:\Windows\system32\RTCOM
2012-02-03 14:08:26 ----D---- C:\Windows\registration
2012-02-03 13:11:18 ----SD---- C:\Users\X\AppData\Roaming\Microsoft
2012-02-03 10:07:05 ----D---- C:\Windows\Downloaded Program Files
2012-02-02 20:46:30 ----D---- C:\Program Files\Google
2012-02-02 17:40:11 ----D---- C:\WinFast WorkArea
2012-02-01 18:03:38 ----D---- C:\Program Files\Ashampoo
2012-01-31 22:24:00 ----D---- C:\Users\X\AppData\Roaming\Vso
2012-01-25 21:16:32 ----D---- C:\Program Files\CCleaner
2012-01-24 17:14:10 ----D---- C:\Users\X\AppData\Roaming\Ashampoo
2012-01-18 18:53:32 ----D---- C:\Program Files\WinRAR
2012-01-18 17:31:42 ----D---- C:\Program Files\Common Files\Adobe
2012-01-18 17:31:36 ----D---- C:\ProgramData\Adobe
2012-01-15 18:07:09 ----RD---- C:\Users
2012-01-14 22:55:31 ----D---- C:\ProgramData\Microsoft Help
2012-01-14 22:19:04 ----D---- C:\ProgramData\TuneUp Software
2012-01-14 22:15:28 ----D---- C:\ProgramData\IObit
2012-01-14 22:10:31 ----D---- C:\ProgramData\DVD Shrink
2012-01-14 21:19:07 ----A---- C:\Windows\system.ini
2012-01-14 21:18:59 ----D---- C:\Windows\system32\drivers\etc
2012-01-14 21:13:16 ----D---- C:\Windows\AppPatch
2012-01-14 20:29:50 ----D---- C:\Program Files\The KMPlayer
2012-01-11 15:29:50 ----D---- C:\Program Files\Seznam.cz
2012-01-08 17:21:21 ----D---- C:\Windows\winsxs
2012-01-07 23:01:13 ----A---- C:\Windows\_MSRSTRT.EXE
2012-01-07 18:52:22 ----A---- C:\Windows\oodjobd.INI
2012-01-07 17:50:30 ----D---- C:\Windows\system32\NDF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvstor32;nvstor32; C:\Windows\system32\DRIVERS\nvstor32.sys [2010-04-08 215656]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-01-07 431672]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-11-28 34392]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-11-28 435032]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-11-28 314456]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-11-28 52952]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-11-28 20568]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-11-28 55128]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2011-12-13 3921448]
R3 NVNET;NVIDIA nForce Ethernet Driver; C:\Windows\system32\DRIVERS\nvmf6232.sys [2010-03-04 296936]
R3 ULCDRHlp;ULCDRHlp; C:\Windows\System32\Drivers\ULCDRHlp.sys [2004-12-23 27392]
R3 WFLR6654;WinFast DTV1800 H (XC3028); C:\Windows\system32\drivers\wfeaglxt.sys [2009-10-21 433920]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2010-04-27 22856]
R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2010-04-27 66632]
R4 PCTAppEvent;PCTAppEvent Driver; \??\C:\Windows\system32\drivers\PCTAppEvent.sys []
R4 PCTBD;PC Tools Browser Defender Driver; C:\Windows\System32\Drivers\PCTBD.sys []
R4 PCTCore;PCTools KDS; C:\Windows\system32\drivers\PCTCore.sys []
R4 pctDS;PC Tools Data Store; C:\Windows\system32\drivers\pctDS.sys []
R4 pctEFA;PC Tools Extended File Attributes; C:\Windows\system32\drivers\pctEFA.sys []
R4 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver; \??\C:\Windows\system32\drivers\pctNdis-PacketFilter.sys []
R4 pctgntdi;pctgntdi; \??\C:\Windows\System32\drivers\pctgntdi.sys []
R4 PCTSD;PC Tools Spyware Doctor Driver; C:\Windows\System32\Drivers\PCTSD.sys [2012-01-11 185560]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 AmdLLD;AMD Low Level Device Driver; C:\Windows\system32\drivers\AmdLLD.sys []
S3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 CrystalSysInfo;CrystalSysInfo; C:\Windows\system32\drivers\CrystalSysInfo.sys []
S3 DrvAgent32;DrvAgent32; \??\C:\Windows\system32\Drivers\DrvAgent32.sys [2011-12-09 23456]
S3 EagleNT;EagleNT; C:\Windows\system32\drivers\EagleNT.sys []
S3 ENTECH;ENTECH; \??\C:\Windows\system32\DRIVERS\ENTECH.sys [2007-09-07 27672]
S3 gdrv;gdrv; C:\Windows\system32\drivers\gdrv.sys []
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-13 347264]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2010-04-04 47360]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 27648]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2010-04-27 15048]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-11-28 44768]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-10-15 1136448]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-12-13 49152]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 MBFN;MBFN; C:\Users\X\AppData\Local\Temp\MBFN.exe [2012-02-05 379776]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe []
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-09-26 136176]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-09-26 136176]
S4 NetMsmqActivator;@%SystemRoot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-06-10 128848]
S4 NetPipeActivator;@%SystemRoot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-06-10 128848]
S4 NetTcpActivator;@%SystemRoot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-06-10 128848]
S4 nlsX86cc;NLS Service; C:\Windows\system32\NLSSRV32.EXE [2011-03-21 68928]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 Secunia Update Agent;Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe --start-service []

-----------------EOF-----------------

#8 Příspěvek od **Márty84** » 05 úno 2012 17:27

S temi programy nemam zadne zkusenosti. CCleaner mi bohate staci. Ono neplati vzdycky - cim vic, tim lip

Na log kouknu hned jak to pujde

Milan12300 · #9 Příspěvek od **Milan12300** » 05 úno 2012 18:36

Ok to nespěchá každý máme svoje povinnosti

#10 Příspěvek od **Márty84** » 05 úno 2012 18:57

Jo jo, bohuzel je to tak. I o vikendu se furt neco resi

OK, jdeme na to. Delejte to v tomhle poradi.

Zkuste najit tyto soubory a otestujte je na virustotal, pripadne jotti http://forum.viry.cz/viewtopic.php?f=29&t=5846
C:\Users\X\AppData\Local\Temp\~e5.0001
C:\Users\X\AppData\Local\Temp\MBFN.exe
At uz je najdete ci nenajdete, pokracujte dale

Najdete tento soubor C:\Program Files\trend micro\X.exe , kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Kliknete na Main menu a na Do a system scan only
U techto radku dejte vlevo zatrzitko

Kód: Vybrat vše

O18 - Protocol: toolbarchrome - (no CLSID) - (no file)

Kliknete na nápis Fix checked a potvrdte

Stahnete OTM http://oldtimer.geekstogo.com/OTM.exe a ulozte nejlepe na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Do leveho okna zkopirujte tento skript

Kód: Vybrat vše

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

:reg
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverMax]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverMax_RESTART]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateMyDrivers]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFast Schedule]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFastDTV]

:services
gupdate
gupdatem

:commands
[RESETHOSTS]
[Purity]
[EMPTYTEMP]
[EMPTYFLASH]

Kliknete na MoveIt a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu sem dejte log, ktery bude zde C:\_OTM\MovedFiles\

Milan12300 · #11 Příspěvek od **Milan12300** » 05 úno 2012 21:19

Tak k PC sem se dostal až teď...

Takže ty 2 soubory sem dal na virustotal a nikdo nic nenašel ale já myslím že bych je mohl smáznout když jsou ve složce temp, ne ? Udělal jsem vše co píšete tady je log:
All processes killed
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
C:\Windows\system32\SET85FB.tmp moved successfully.
C:\Windows\system32\SET8DAC.tmp moved successfully.
C:\Windows\system32\SET8ED7.tmp moved successfully.
File/Folder C:\Windows\*.tmp not found.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverMax\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverMax_RESTART\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateMyDrivers\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFast Schedule\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFastDTV\ deleted successfully.
========== SERVICES/DRIVERS ==========
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: X
->Temp folder emptied: 73276 bytes
->Temporary Internet Files folder emptied: 89714974 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 352691641 bytes
->Flash cache emptied: 1803 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 111042 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 555303234 bytes

Total Files Cleaned = 952,00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Public

User: X
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

OTM by OldTimer - Version 3.1.19.0 log created on 02052012_211155

Files moved on Reboot...
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

A poslední otázka za dnešek. Chtěl bych se zeptat proč jste mi napsal že mám smazat jen ten jeden soubor-to chápu. Ale lámu si hlavu nad tímhle:

Kód: Vybrat vše

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... weetim.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

Protože já na tyhle stránky kam odkazují vůbec nechodím takže je to tam zbytečně...

#12 Příspěvek od **Márty84** » 06 úno 2012 10:44

Vyborne

OTM provedlo co melo

Dejte mi novy log z RSIT

A k dotazum:
Ty dva soubory jsou dost zvlastni, nenasel jsem skoro zadne zaznamy, takze jsem chtel vedet, zda jsou ciste. Teoreticky by se o ne melo postarat OTM, protoze jsem mu dal prikaz, ze ma smazat TEMPy. Problem je, ze jeden z tech souboru je spojeny i se sluzbou, o ktere jsem toho taky moc nenasel. Proto chci ten novy RSIT, abych videl, zda tam ty soubory jeste budou. A pripadne znicime i tu sluzbu

Radky, ktere jste vypsal, muzete klidne fixnout taky. Ale muzou tam i zustat, jsou neskodne. Ty microsofti stranky tam jsou automaticky prednastaveny a pokud to nezmenite, zustanou tam navzdy

Milan12300 · #13 Příspěvek od **Milan12300** » 06 úno 2012 19:23

Tak konečně jsem zase tu. Děkuju za vysvětlení už to chápu

Log:

Logfile of random's system information tool 1.09 (written by random/random)
Run by X at 2012-02-06 19:20:02
Microsoft Windows 7 Professional
System drive C: has 66 GB (43%) free of 153 GB
Total RAM: 2048 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:20:54, on 6.2.2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Seznam.cz\postak.exe
C:\Windows\system32\taskhost.exe
C:\Users\X\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\X\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Rockstar Games\GTA San Andreas\gta_sa.exe
C:\Users\X\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\X\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\X\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\X\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\X\Downloads\RSIT.exe
C:\Program Files\trend micro\X.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... weetim.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:25432;
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [SSDMonitor] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files\Seznam.cz\postak.exe" -s
O18 - Protocol: toolbarchrome - (no CLSID) - (no file)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: MBFN - Unknown owner - C:\Users\X\AppData\Local\Temp\MBFN.exe (file missing)
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 3335 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-11-28 3744552]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"SSDMonitor"=C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe [2011-12-12 103896]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]
"Seznam Postak"=C:\Program Files\Seznam.cz\postak.exe [2011-05-25 491040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2011-12-13 11487848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2009-07-14 229376]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=2
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoInstrumentation"=1
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"VIDC.MKVC"=KMVIDC32.DLL
"VIDC.FFDS"=ff_vfw.dll
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"vidc.tscc"=tsccvid.dll
"msacm.l3codec"=l3codecp.acm
"vidc.MPG4"=MPG4C32.dll
"vidc.MP42"=MPG4C32.dll
"vidc.MP43"=MPG4C32.dll
"VIDC.FPS1"=frapsvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2012-02-06 19:20:02 ----D---- C:\rsit
2012-02-06 16:36:52 ----A---- C:\ntuser.dat
2012-02-06 16:36:24 ----D---- C:\Users\X\AppData\Roaming\Registry Mechanic
2012-02-06 16:34:56 ----A---- C:\Windows\system32\msxml.dll
2012-02-06 16:34:56 ----A---- C:\Windows\system32\CleanMFT32.exe
2012-02-06 16:34:48 ----D---- C:\Program Files\PC Tools
2012-02-06 16:34:27 ----D---- C:\ProgramData\PC Tools
2012-02-05 21:11:55 ----D---- C:\_OTM
2012-02-05 17:00:43 ----D---- C:\Program Files\trend micro
2012-02-05 12:28:50 ----D---- C:\Users\X\AppData\Roaming\PC Tools
2012-02-05 12:06:38 ----D---- C:\Program Files\Common Files\PC Tools
2012-02-04 18:57:43 ----D---- C:\Users\X\AppData\Roaming\Nero
2012-02-04 00:22:40 ----A---- C:\Windows\system32\nvvsvc.exe
2012-02-04 00:22:40 ----A---- C:\Windows\system32\nvshext.dll
2012-02-04 00:22:39 ----A---- C:\Windows\system32\nvsvc.dll
2012-02-04 00:22:39 ----A---- C:\Windows\system32\nvcpl.dll
2012-02-04 00:22:38 ----A---- C:\Windows\system32\nvmctray.dll
2012-02-04 00:22:31 ----A---- C:\Windows\system32\easyupdatusapiu.dll
2012-02-04 00:14:45 ----A---- C:\Windows\system32\OpenCL.dll
2012-02-04 00:14:45 ----A---- C:\Windows\system32\nvoglv32.dll
2012-02-04 00:14:45 ----A---- C:\Windows\system32\nvcuvid.dll
2012-02-04 00:14:45 ----A---- C:\Windows\system32\nvcuvenc.dll
2012-02-04 00:14:45 ----A---- C:\Windows\system32\nvcuda.dll
2012-02-04 00:14:45 ----A---- C:\Windows\system32\nvcompiler.dll
2012-02-04 00:14:45 ----A---- C:\Windows\system32\nvapi.dll
2012-02-04 00:14:45 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2012-02-03 18:47:08 ----D---- C:\Program Files\Innovative Solutions
2012-02-03 13:47:30 ----A---- C:\Windows\system32\WdfCoInstaller01007.dll
2012-02-03 12:40:54 ----A---- C:\Windows\system32\WavesLib.dll
2012-02-03 12:40:54 ----A---- C:\Windows\system32\WavesGUILib.dll
2012-02-03 12:40:53 ----A---- C:\Windows\system32\tosade.dll
2012-02-03 12:40:53 ----A---- C:\Windows\system32\TepeqAPO.dll
2012-02-03 12:40:53 ----A---- C:\Windows\system32\tadefxapo2.dll
2012-02-03 12:40:53 ----A---- C:\Windows\system32\tadefxapo.dll
2012-02-03 12:40:53 ----A---- C:\Windows\system32\SRSWOW.dll
2012-02-03 12:40:53 ----A---- C:\Windows\system32\SRSTSXT.dll
2012-02-03 12:40:52 ----A---- C:\Windows\system32\SRSTSHD.dll
2012-02-03 12:40:52 ----A---- C:\Windows\system32\SRSHP360.dll
2012-02-03 12:40:52 ----A---- C:\Windows\system32\SFSS_APO.dll
2012-02-03 12:40:52 ----A---- C:\Windows\system32\SFNHK.dll
2012-02-03 12:40:52 ----A---- C:\Windows\system32\SFCOM.dll
2012-02-03 12:40:52 ----A---- C:\Windows\system32\SFAPO.dll
2012-02-03 12:40:50 ----A---- C:\Windows\system32\RtkPgExt.dll
2012-02-03 12:40:50 ----A---- C:\Windows\system32\drivers\RTKVHDA.sys
2012-02-03 12:40:49 ----A---- C:\Windows\system32\RtkCoLDR.dll
2012-02-03 12:40:49 ----A---- C:\Windows\system32\RtkCoInstII.dll
2012-02-03 12:40:48 ----A---- C:\Windows\system32\RtkApoApi.dll
2012-02-03 12:40:48 ----A---- C:\Windows\system32\RtkAPO.dll
2012-02-03 12:40:46 ----A---- C:\Windows\system32\RTEEP32A.dll
2012-02-03 12:40:46 ----A---- C:\Windows\system32\RTEEL32A.dll
2012-02-03 12:40:46 ----A---- C:\Windows\system32\RTEEG32A.dll
2012-02-03 12:40:45 ----A---- C:\Windows\system32\RTEED32A.dll
2012-02-03 12:40:45 ----A---- C:\Windows\system32\RP3DHT32.dll
2012-02-03 12:40:45 ----A---- C:\Windows\system32\RP3DAA32.dll
2012-02-03 12:40:45 ----A---- C:\Windows\system32\drivers\RTAIODAT.DAT
2012-02-03 12:40:44 ----A---- C:\Windows\system32\RCoRes.dat
2012-02-03 12:40:44 ----A---- C:\Windows\system32\R4EEP32A.dll
2012-02-03 12:40:44 ----A---- C:\Windows\system32\R4EEL32A.dll
2012-02-03 12:40:44 ----A---- C:\Windows\system32\R4EEG32A.dll
2012-02-03 12:40:44 ----A---- C:\Windows\system32\R4EED32A.dll
2012-02-03 12:40:43 ----A---- C:\Windows\system32\R4EEA32A.dll
2012-02-03 12:40:43 ----A---- C:\Windows\system32\MaxxVolumeSDAPO.dll
2012-02-03 12:40:43 ----A---- C:\Windows\system32\MaxxAudioRealtek2.dll
2012-02-03 12:40:43 ----A---- C:\Windows\system32\MaxxAudioRealtek.dll
2012-02-03 12:40:42 ----A---- C:\Windows\system32\MaxxAudioEQ.dll
2012-02-03 12:40:42 ----A---- C:\Windows\system32\MaxxAudioAPO30.dll
2012-02-03 12:40:42 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2012-02-03 12:40:42 ----A---- C:\Windows\system32\MaxxAudioAPO.dll
2012-02-03 12:40:41 ----A---- C:\Windows\system32\KAAPORT.dll
2012-02-03 12:40:41 ----A---- C:\Windows\system32\FMAPO.dll
2012-02-03 12:40:40 ----A---- C:\Windows\system32\DTSVoiceClarityDLL.dll
2012-02-03 12:40:40 ----A---- C:\Windows\system32\DTSU2PREC32.dll
2012-02-03 12:40:40 ----A---- C:\Windows\system32\DTSU2PLFX32.dll
2012-02-03 12:40:40 ----A---- C:\Windows\system32\DTSU2PGFX32.dll
2012-02-03 12:40:39 ----A---- C:\Windows\system32\DTSSymmetryDLL.dll
2012-02-03 12:40:39 ----A---- C:\Windows\system32\DTSS2SpeakerDLL.dll
2012-02-03 12:40:39 ----A---- C:\Windows\system32\DTSS2HeadphoneDLL.dll
2012-02-03 12:40:38 ----A---- C:\Windows\system32\DTSNeoPCDLL.dll
2012-02-03 12:40:38 ----A---- C:\Windows\system32\DTSLimiterDLL.dll
2012-02-03 12:40:38 ----A---- C:\Windows\system32\DTSLFXAPO.dll
2012-02-03 12:40:38 ----A---- C:\Windows\system32\DTSGFXAPONS.dll
2012-02-03 12:40:38 ----A---- C:\Windows\system32\DTSGFXAPO.dll
2012-02-03 12:40:38 ----A---- C:\Windows\system32\DTSGainCompensatorDLL.dll
2012-02-03 12:40:37 ----A---- C:\Windows\system32\DTSBoostDLL.dll
2012-02-03 12:40:37 ----A---- C:\Windows\system32\DTSBassEnhancementDLL.dll
2012-02-03 12:40:36 ----A---- C:\Windows\system32\AERTARen.dll
2012-02-03 12:40:36 ----A---- C:\Windows\system32\AERTACap.dll
2012-02-03 11:36:37 ----D---- C:\Program Files\Microsoft SQL Server
2012-02-03 11:16:59 ----D---- C:\Temp
2012-02-02 17:17:55 ----D---- C:\Users\X\AppData\Roaming\ArcSoft
2012-02-02 17:17:47 ----D---- C:\ProgramData\ArcSoft
2012-02-02 17:17:36 ----D---- C:\Program Files\Common Files\ArcSoft
2012-02-02 17:16:15 ----D---- C:\Program Files\WinFast
2012-02-02 17:16:14 ----D---- C:\Users\X\AppData\Roaming\InstallShield Installation Information
2012-02-02 17:14:52 ----A---- C:\Windows\system32\drivers\wfeaglxt.sys
2012-02-02 17:14:48 ----D---- C:\Users\X\AppData\Roaming\InstallShield
2012-02-02 16:43:50 ----D---- C:\Users\X\AppData\Roaming\OpenWith.org Cache
2012-01-31 20:23:37 ----D---- C:\Users\X\AppData\Roaming\My Battle for Middle-earth Files
2012-01-31 19:09:44 ----D---- C:\Program Files\EA GAMES
2012-01-31 18:19:15 ----D---- C:\Users\X\AppData\Roaming\Wise Registry Cleaner
2012-01-31 18:18:33 ----D---- C:\Program Files\Wise Registry Cleaner
2012-01-29 20:04:04 ----D---- C:\Users\X\AppData\Roaming\GlarySoft
2012-01-29 10:26:16 ----D---- C:\Program Files\MAF-Soft
2012-01-27 19:31:45 ----A---- C:\Windows\system32\SSubTmr6.dll
2012-01-24 21:35:46 ----D---- C:\Program Files\Defraggler
2012-01-20 20:00:14 ----D---- C:\Users\X\AppData\Roaming\EMCO
2012-01-15 18:06:23 ----D---- C:\Users\X\AppData\Roaming\MetaProducts
2012-01-14 21:19:05 ----SHD---- C:\$RECYCLE.BIN
2012-01-14 21:02:53 ----D---- C:\Windows\temp
2012-01-14 19:52:37 ----A---- C:\Windows\zip.exe
2012-01-14 19:52:37 ----A---- C:\Windows\SWSC.exe
2012-01-14 19:52:37 ----A---- C:\Windows\SWREG.exe
2012-01-14 19:52:37 ----A---- C:\Windows\sed.exe
2012-01-14 19:52:37 ----A---- C:\Windows\PEV.exe
2012-01-14 19:52:37 ----A---- C:\Windows\NIRCMD.exe
2012-01-14 19:52:37 ----A---- C:\Windows\MBR.exe
2012-01-14 19:52:37 ----A---- C:\Windows\grep.exe
2012-01-14 19:52:30 ----D---- C:\Windows\ERDNT
2012-01-14 18:17:17 ----A---- C:\Windows\UC.PIF
2012-01-14 18:17:17 ----A---- C:\Windows\RAR.PIF
2012-01-14 18:17:17 ----A---- C:\Windows\NOCLOSE.PIF
2012-01-14 18:17:17 ----A---- C:\Windows\LHA.PIF
2012-01-14 18:17:17 ----A---- C:\Windows\ARJ.PIF
2012-01-14 18:17:16 ----D---- C:\Users\X\AppData\Roaming\GHISLER
2012-01-12 21:15:49 ----D---- C:\Users\X\AppData\Roaming\DMCache
2012-01-12 17:12:37 ----D---- C:\Users\X\AppData\Roaming\Malwarebytes
2012-01-11 21:29:04 ----A---- C:\Windows\system32\mcgdmgr.dll
2012-01-11 21:29:03 ----A---- C:\Windows\system32\mcinsctl.dll
2012-01-08 19:52:13 ----A---- C:\Windows\system32\BASSMOD.dll
2012-01-08 17:02:57 ----D---- C:\Users\X\AppData\Roaming\BITS
2012-01-07 22:27:10 ----D---- C:\Program Files\Common Files\SpeedBit

======List of files/folders modified in the last 1 month======

2012-02-06 19:20:03 ----D---- C:\Windows\Prefetch
2012-02-06 16:51:30 ----AD---- C:\ProgramData\Temp
2012-02-06 16:35:24 ----SHD---- C:\Windows\Installer
2012-02-06 16:35:08 ----D---- C:\Windows\system32\Tasks
2012-02-06 16:34:57 ----D---- C:\Windows\System32
2012-02-06 16:34:48 ----RD---- C:\Program Files
2012-02-06 16:34:27 ----D---- C:\ProgramData
2012-02-05 21:12:08 ----D---- C:\Windows\system32\drivers\etc
2012-02-05 21:12:05 ----D---- C:\Windows\Tasks
2012-02-05 16:11:04 ----D---- C:\Windows\system32\drivers
2012-02-05 15:12:14 ----AD---- C:\Windows
2012-02-05 12:45:23 ----SHD---- C:\System Volume Information
2012-02-05 12:45:12 ----D---- C:\Config.Msi
2012-02-05 12:27:43 ----D---- C:\Windows\inf
2012-02-05 12:27:39 ----D---- C:\Windows\system32\catroot
2012-02-05 12:27:36 ----D---- C:\Windows\system32\DriverStore
2012-02-05 12:06:38 ----D---- C:\Program Files\Common Files
2012-02-04 19:55:14 ----D---- C:\Windows\system32\config
2012-02-04 19:01:21 ----D---- C:\Program Files\Nero
2012-02-04 19:01:15 ----D---- C:\Program Files\Common Files\Nero
2012-02-04 17:10:10 ----D---- C:\Program Files\Common Files\Ahead
2012-02-04 13:21:34 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-02-04 00:23:03 ----D---- C:\ProgramData\NVIDIA
2012-02-04 00:22:29 ----D---- C:\Program Files\NVIDIA Corporation
2012-02-04 00:22:14 ----D---- C:\ProgramData\NVIDIA Corporation
2012-02-03 19:07:48 ----D---- C:\Windows\Microsoft.NET
2012-02-03 17:22:15 ----HD---- C:\Program Files\InstallShield Installation Information
2012-02-03 14:32:42 ----D---- C:\Windows\Panther
2012-02-03 14:32:42 ----D---- C:\Windows\Logs
2012-02-03 14:32:42 ----D---- C:\Windows\debug
2012-02-03 14:18:18 ----RSD---- C:\Windows\assembly
2012-02-03 14:18:11 ----D---- C:\Program Files\Microsoft.NET
2012-02-03 14:18:08 ----D---- C:\Windows\system32\en-US
2012-02-03 14:09:37 ----D---- C:\Windows\system32\wbem
2012-02-03 14:08:45 ----D---- C:\Windows\system32\wfp
2012-02-03 14:08:44 ----D---- C:\Windows\system32\CodeIntegrity
2012-02-03 14:08:44 ----D---- C:\Windows\security
2012-02-03 14:08:28 ----D---- C:\Windows\system32\catroot2
2012-02-03 14:08:27 ----D---- C:\Windows\system32\RTCOM
2012-02-03 14:08:26 ----D---- C:\Windows\registration
2012-02-03 13:11:18 ----SD---- C:\Users\X\AppData\Roaming\Microsoft
2012-02-03 10:07:05 ----D---- C:\Windows\Downloaded Program Files
2012-02-02 20:46:30 ----D---- C:\Program Files\Google
2012-02-02 17:40:11 ----D---- C:\WinFast WorkArea
2012-02-01 18:03:38 ----D---- C:\Program Files\Ashampoo
2012-01-31 22:24:00 ----D---- C:\Users\X\AppData\Roaming\Vso
2012-01-25 21:16:32 ----D---- C:\Program Files\CCleaner
2012-01-24 17:14:10 ----D---- C:\Users\X\AppData\Roaming\Ashampoo
2012-01-18 18:53:32 ----D---- C:\Program Files\WinRAR
2012-01-18 17:31:42 ----D---- C:\Program Files\Common Files\Adobe
2012-01-18 17:31:36 ----D---- C:\ProgramData\Adobe
2012-01-15 18:07:09 ----RD---- C:\Users
2012-01-14 22:55:31 ----D---- C:\ProgramData\Microsoft Help
2012-01-14 22:10:31 ----D---- C:\ProgramData\DVD Shrink
2012-01-14 21:19:07 ----A---- C:\Windows\system.ini
2012-01-14 21:13:16 ----D---- C:\Windows\AppPatch
2012-01-14 20:29:50 ----D---- C:\Program Files\The KMPlayer
2012-01-11 15:29:50 ----D---- C:\Program Files\Seznam.cz
2012-01-08 17:21:21 ----D---- C:\Windows\winsxs
2012-01-07 23:01:13 ----A---- C:\Windows\_MSRSTRT.EXE
2012-01-07 18:52:22 ----A---- C:\Windows\oodjobd.INI
2012-01-07 17:50:30 ----D---- C:\Windows\system32\NDF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvstor32;nvstor32; C:\Windows\system32\DRIVERS\nvstor32.sys [2010-04-08 215656]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-01-07 431672]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-11-28 34392]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-11-28 435032]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-11-28 314456]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-11-28 52952]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-11-28 20568]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-11-28 55128]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2011-12-13 3921448]
R3 NVNET;NVIDIA nForce Ethernet Driver; C:\Windows\system32\DRIVERS\nvmf6232.sys [2010-03-04 296936]
R3 ULCDRHlp;ULCDRHlp; C:\Windows\System32\Drivers\ULCDRHlp.sys [2004-12-23 27392]
R3 WFLR6654;WinFast DTV1800 H (XC3028); C:\Windows\system32\drivers\wfeaglxt.sys [2009-10-21 433920]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2010-04-27 22856]
R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2010-04-27 66632]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 AmdLLD;AMD Low Level Device Driver; C:\Windows\system32\drivers\AmdLLD.sys []
S3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 CrystalSysInfo;CrystalSysInfo; C:\Windows\system32\drivers\CrystalSysInfo.sys []
S3 DrvAgent32;DrvAgent32; \??\C:\Windows\system32\Drivers\DrvAgent32.sys [2011-12-09 23456]
S3 EagleNT;EagleNT; C:\Windows\system32\drivers\EagleNT.sys []
S3 ENTECH;ENTECH; \??\C:\Windows\system32\DRIVERS\ENTECH.sys [2007-09-07 27672]
S3 gdrv;gdrv; C:\Windows\system32\drivers\gdrv.sys []
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-13 347264]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2010-04-04 47360]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 27648]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2010-04-27 15048]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-11-28 44768]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-10-15 1136448]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-12-13 49152]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [2011-12-12 793048]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 MBFN;MBFN; C:\Users\X\AppData\Local\Temp\MBFN.exe []
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe []
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 NetMsmqActivator;@%SystemRoot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-06-10 128848]
S4 NetPipeActivator;@%SystemRoot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-06-10 128848]
S4 NetTcpActivator;@%SystemRoot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-06-10 128848]
S4 nlsX86cc;NLS Service; C:\Windows\system32\NLSSRV32.EXE [2011-03-21 68928]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 Secunia Update Agent;Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe --start-service []

-----------------EOF-----------------

#14 Příspěvek od **Márty84** » 06 úno 2012 19:49

Vypada to, ze oba soubory uz jsou pryc. Zkuste se pro jistotu podivat.

Ted jeste odpalime tu sluzbu.

Znovu spustte OTM jako spravce
Do leveho okna zkopirujte tento skript

Kód: Vybrat vše

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:services
MBFN

:commands
[Purity]
[EMPTYTEMP]
[EMPTYFLASH]

Kliknete na MoveIt a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu sem dejte log, ktery bude zde C:\_OTM\MovedFiles\

Milan12300 · #15 Příspěvek od **Milan12300** » 06 úno 2012 20:08

Už potřeboval trochu vyčistit

All processes killed
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== SERVICES/DRIVERS ==========
Service MBFN stopped successfully!
Service MBFN deleted successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: X
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 10246404 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 341901897 bytes
->Flash cache emptied: 2137 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 14435970 bytes

Total Files Cleaned = 350,00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Public

User: X
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

OTM by OldTimer - Version 3.1.19.0 log created on 02062012_200251

Files moved on Reboot...
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

VIRY.CZ

Rootkit

Rootkit

Re: Rootkit

Re: Rootkit

Re: Rootkit

Re: Rootkit

Re: Rootkit

Re: Rootkit

Re: Rootkit

Re: Rootkit

Re: Rootkit

Re: Rootkit

Re: Rootkit

Re: Rootkit

Re: Rootkit

Re: Rootkit