program System zatěžuje procesor(RUDY)

[davidrohusch]

No ted mi ansel antivirus dalsich 6viru asi
:

Kategorie: Trojský kůň

Popis: Tento program je nebezpečný. Provádí příkazy zadané útočníkem.

Doporučená akce: Ihned tento software odeberte.

Program Security Essentials nalezl programy, které mohou vystavit nebezpečí vaše osobní údaje nebo poškodit počítač. Stále však můžete přistupovat k souborům, které tyto programy používají, aniž by je bylo nutné odebrat (nedoporučuje se). Chcete-li přistupovat k těmto souborům, zvolte akci Povolit a klikněte na tlačítko Provést akce. Není-li tato volba k dispozici, přihlaste se jako správce nebo požádejte o pomoc správce zabezpečení.

Položky:
file:C:\Windows\System32\niorbk.dll


Kategorie: Zadní vrátka

Popis: Tento program poskytuje vzdálený přístup k počítači, ve kterém je nainstalován.

Doporučená akce: Ihned tento software odeberte.

Program Security Essentials nalezl programy, které mohou vystavit nebezpečí vaše osobní údaje nebo poškodit počítač. Stále však můžete přistupovat k souborům, které tyto programy používají, aniž by je bylo nutné odebrat (nedoporučuje se). Chcete-li přistupovat k těmto souborům, zvolte akci Povolit a klikněte na tlačítko Provést akce. Není-li tato volba k dispozici, přihlaste se jako správce nebo požádejte o pomoc správce zabezpečení.

Položky:
process:pid:3648
process:pid:3748
process:pid:5760


Kategorie: Trojský stahovací program

Popis: Tento program je nebezpečný. Stahuje jiné programy.

Doporučená akce: Ihned tento software odeberte.

Program Security Essentials nalezl programy, které mohou vystavit nebezpečí vaše osobní údaje nebo poškodit počítač. Stále však můžete přistupovat k souborům, které tyto programy používají, aniž by je bylo nutné odebrat (nedoporučuje se). Chcete-li přistupovat k těmto souborům, zvolte akci Povolit a klikněte na tlačítko Provést akce. Není-li tato volba k dispozici, přihlaste se jako správce nebo požádejte o pomoc správce zabezpečení.

Položky:
file:C:\Windows\temp\hki3216.exe



Kategorie: Trojský stahovací program

Popis: Tento program je nebezpečný. Stahuje jiné programy.

Doporučená akce: Ihned tento software odeberte.

Program Security Essentials nalezl programy, které mohou vystavit nebezpečí vaše osobní údaje nebo poškodit počítač. Stále však můžete přistupovat k souborům, které tyto programy používají, aniž by je bylo nutné odebrat (nedoporučuje se). Chcete-li přistupovat k těmto souborům, zvolte akci Povolit a klikněte na tlačítko Provést akce. Není-li tato volba k dispozici, přihlaste se jako správce nebo požádejte o pomoc správce zabezpečení.

Položky:
file:C:\Windows\temp\qxpueu\setup.exe
process:pid:5712

[davidrohusch]

Kategorie: Trojský kůň

Popis: Tento program je nebezpečný. Provádí příkazy zadané útočníkem.

Doporučená akce: Ihned tento software odeberte.

Program Security Essentials nalezl programy, které mohou vystavit nebezpečí vaše osobní údaje nebo poškodit počítač. Stále však můžete přistupovat k souborům, které tyto programy používají, aniž by je bylo nutné odebrat (nedoporučuje se). Chcete-li přistupovat k těmto souborům, zvolte akci Povolit a klikněte na tlačítko Provést akce. Není-li tato volba k dispozici, přihlaste se jako správce nebo požádejte o pomoc správce zabezpečení.

Položky:
file:C:\Windows\system32\niorbk.dll

[davidrohusch]

no a ted mi pise opera Nepodařilo se připojit k serveru proxy. Přístup nebyl povolenta
tak jsem na IE8

[Rudy]

Já tady mohu být pouze tehdy, když mám čas. Nejsem zaměstnanec, ale dělám tohle jako dobrovolník. Dejte log ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

[davidrohusch]

ComboFix 12-03-16.03 - David 16.03.2012 20:32:10.3.4 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2043.984 [GMT 1:00]
Spuštěný z: c:\users\David\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\LP - (tuhleslozku mivam na plose a pouzivam ji skoro porad ...)
c:\program files\LP\0087\056.exe
c:\program files\LP\0087\5083.tmp
c:\program files\LP\0087\5D4C.tmp
c:\program files\LP\0087\648D.tmp
c:\program files\LP\0087\7E34.tmp
c:\program files\LP\0087\E63E.tmp
c:\program files\LP\0087\EB5A.tmp
c:\users\David\AppData\Local\assembly\tmp
c:\users\David\AppData\Roaming\7C3E8
c:\users\David\AppData\Roaming\7C3E8\8948.C3E
c:\users\David\AppData\Roaming\7C3E8\C0000.exe
c:\users\David\AppData\Roaming\Love
c:\users\David\AppData\Roaming\Love\mari0\options.txt - (to je hra co hraju O_o)
c:\windows\$NtUninstallKB63566$\1755287761\@
c:\windows\$NtUninstallKB63566$\1755287761\cfg.ini
c:\windows\$NtUninstallKB63566$\1755287761\Desktop.ini
c:\windows\$NtUninstallKB63566$\1755287761\L\xadqgnnk
c:\windows\$NtUninstallKB63566$\1755287761\twl.dll
c:\windows\$NtUninstallKB63566$\1755287761\U\00000001.@
c:\windows\$NtUninstallKB63566$\1755287761\U\00000002.@
c:\windows\$NtUninstallKB63566$\1755287761\U\00000004.@
c:\windows\$NtUninstallKB63566$\1755287761\U\80000000.@
c:\windows\$NtUninstallKB63566$\1755287761\U\80000004.@
c:\windows\$NtUninstallKB63566$\1755287761\U\80000032.@
c:\windows\$NtUninstallKB63566$\1755287761\version
c:\windows\$NtUninstallKB63566$\513095399
c:\windows\$NtUninstallKB63566$ . . . . nemohl být smazán
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-02-16 do 2012-03-16 )))))))))))))))))))))))))))))))
.
.
2012-03-16 19:48 . 2012-03-16 19:48 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8409E286-0AA0-4D9E-9A64-01C6A342651F}\MpKsld0525df5.sys
2012-03-16 19:46 . 2012-03-16 19:49 -------- d-----w- c:\users\David\AppData\Local\temp
2012-03-16 19:46 . 2012-03-16 19:46 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-16 15:56 . 2012-03-16 19:31 56200 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8409E286-0AA0-4D9E-9A64-01C6A342651F}\offreg.dll
2012-03-16 15:54 . 2012-03-16 15:53 713784 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1D90A630-5317-4F49-9118-26355A69A086}\gapaengine.dll
2012-03-16 15:53 . 2012-02-07 21:03 6552120 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8409E286-0AA0-4D9E-9A64-01C6A342651F}\mpengine.dll
2012-03-16 15:45 . 2012-03-16 15:45 -------- d-----w- c:\program files\Microsoft Security Client
2012-03-16 15:30 . 2012-03-16 15:34 -------- d-----w- c:\program files\E8948
2012-03-16 15:28 . 2012-03-16 15:28 0 --sha-w- c:\windows\system32\dds_trash_log.cmd
2012-03-14 18:35 . 2012-03-14 18:35 -------- d-----w- c:\program files\CCleaner
2012-03-13 14:24 . 2012-03-13 14:24 -------- d-----w- c:\program files\My life 1.5
2012-03-12 15:50 . 2012-03-12 15:50 163972 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll
2012-03-12 15:50 . 2012-03-12 15:50 282756 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll
2012-03-09 22:21 . 2012-03-09 22:22 -------- d-----w- c:\users\David\AppData\Roaming\Screaming Bee
2012-03-09 22:20 . 2012-03-09 22:22 -------- d-----w- c:\users\David\AppData\Local\Babylon
2012-03-09 22:20 . 2012-03-09 22:20 -------- d-----w- c:\users\David\AppData\Roaming\Uniblue
2012-03-09 22:20 . 2012-03-09 22:49 -------- d-----w- c:\program files\Screaming Bee
2012-03-09 22:20 . 2012-03-09 22:22 -------- d-----w- c:\programdata\Screaming Bee
2012-03-09 22:20 . 2012-03-09 22:20 -------- dc-h--w- c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
2012-03-09 22:20 . 2012-03-09 22:26 -------- d-----w- c:\program files\Uniblue
2012-03-09 22:20 . 2012-03-09 22:20 -------- d-----w- c:\users\David\AppData\Local\PackageAware
2012-03-09 22:19 . 2012-01-23 14:17 143360 ----a-w- c:\program files\Mozilla Firefox\BabyFox.dll
2012-03-09 22:19 . 2012-03-09 22:19 -------- d-----w- c:\program files\Babylon
2012-03-09 22:18 . 2012-03-09 22:21 -------- d-----w- c:\programdata\Babylon
2012-03-09 22:18 . 2012-03-09 22:21 -------- d-----w- c:\users\David\AppData\Roaming\Babylon
2012-03-09 21:52 . 2012-03-09 21:52 -------- d-----w- c:\users\David\AppData\Roaming\Avnex
2012-03-09 21:49 . 2008-12-26 11:56 17792 ----a-w- c:\windows\system32\drivers\vcsvad.sys
2012-03-09 21:49 . 2012-03-09 22:09 -------- d-----w- c:\program files\AV Vcs 7.0 DIAMOND
2012-03-09 20:50 . 2012-03-09 20:50 40960 ----a-r- c:\users\David\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\NewShortcut1_9559F7CA5E344237A2D9D856464AD727.exe
2012-03-09 20:50 . 2012-03-09 20:50 40960 ----a-r- c:\users\David\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\ARPPRODUCTICON.exe
2012-03-09 20:50 . 2012-03-09 21:12 -------- d-----w- c:\program files\Project64 1.6
2012-03-09 19:11 . 2012-03-09 19:12 -------- d-----w- c:\program files\Counter-Strike 1.6 Patch Version 26
2012-03-08 17:37 . 2012-03-09 19:12 -------- d-----w- c:\program files\Valve
2012-03-08 17:36 . 2003-09-03 01:26 192512 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iuser.dll
2012-03-08 17:35 . 2003-09-03 01:26 266240 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iscript.dll
2012-03-08 17:35 . 2003-09-03 01:27 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\ctor.dll
2012-03-08 17:35 . 2003-09-03 01:25 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\DotNetInstaller.exe
2012-03-08 17:35 . 2003-09-03 01:28 724992 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iKernel.dll
2012-03-08 17:35 . 2012-03-08 17:35 184452 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iGdi.dll
2012-03-08 17:35 . 2012-03-08 17:35 311428 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\Setup.dll
2012-03-08 17:34 . 2012-03-10 11:06 -------- d-----w- c:\program files\fishsim2
2012-03-07 13:00 . 2012-03-07 13:00 -------- d-----w- c:\users\David\AppData\Roaming\Disney Interactive Studios
2012-03-06 20:58 . 2012-03-06 20:58 -------- d-----w- c:\program files\Disney Interactive Studios
2012-03-04 18:24 . 2012-03-04 18:24 -------- d-----w- c:\program files\Ascaron Entertainment
2012-03-04 18:08 . 2012-03-04 18:08 -------- d-----w- c:\program files\ChickenInvadersUOXmasdemo
2012-03-04 16:50 . 2012-03-04 16:50 -------- d-----w- c:\program files\JavaEmulator.com
2012-03-04 14:02 . 2012-03-04 14:02 -------- d-----w- c:\program files\Common Files\Steam
2012-03-04 14:02 . 2012-03-16 19:48 -------- d-----w- c:\program files\Steam
2012-03-03 19:41 . 2012-03-03 19:41 -------- d-----w- c:\users\David\AppData\Local\Aion_Launcher
2012-03-03 16:01 . 2012-03-16 19:45 -------- d-----w- c:\users\David\AppData\Local\assembly
2012-03-03 15:58 . 2012-03-03 16:03 -------- d-----w- C:\AION
2012-03-03 10:51 . 2012-03-03 10:51 162664 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10140.bin
2012-03-01 14:10 . 2012-03-16 19:48 -------- d-----w- c:\users\David\AppData\Roaming\VMware
2012-03-01 14:07 . 2007-05-01 21:51 16816 ----a-w- c:\windows\system32\drivers\vmnetadapter.sys
2012-03-01 14:07 . 2007-05-01 21:51 13104 ----a-w- c:\windows\system32\vnetinst.dll
2012-03-01 14:07 . 2007-05-01 21:51 121648 ----a-w- c:\windows\system32\vmnetdhcp.exe
2012-03-01 14:07 . 2007-05-01 21:52 150320 ----a-w- c:\windows\system32\vmnat.exe
2012-03-01 14:07 . 2007-05-01 21:52 25264 ----a-w- c:\windows\system32\drivers\vmnetuserif.sys
2012-03-01 14:07 . 2007-05-01 21:51 50992 ----a-r- c:\windows\system32\vmnetbridge.dll
2012-03-01 14:07 . 2007-05-01 21:51 28592 ----a-r- c:\windows\system32\drivers\vmnetbridge.sys
2012-03-01 14:07 . 2007-05-01 21:51 17712 ----a-r- c:\windows\system32\drivers\vmnet.sys
2012-03-01 14:07 . 2007-05-01 21:51 437040 ----a-w- c:\windows\system32\vnetlib.dll
2012-03-01 14:07 . 2007-05-01 21:52 21040 ----a-w- c:\windows\system32\drivers\VMkbd.sys
2012-03-01 14:05 . 2012-03-16 19:47 -------- d-----w- c:\programdata\VMware
2012-03-01 14:05 . 2012-03-01 14:05 -------- d-----w- c:\program files\VMware
2012-03-01 14:05 . 2012-03-01 14:05 -------- d-----w- c:\program files\Common Files\VMware
2012-03-01 13:19 . 2012-03-02 21:48 165232 ---ha-w- c:\users\David\AppData\Roaming\Microsoft\Virtual PC\VPCKeyboard.dll
2012-03-01 13:17 . 2012-03-01 13:25 -------- d-----w- c:\program files\Microsoft Virtual PC
2012-02-29 20:52 . 2012-02-29 20:55 -------- d-----w- c:\program files\Paint.NET
2012-02-29 20:51 . 2012-02-29 21:04 -------- d-----w- c:\users\David\AppData\Local\Paint.NET
2012-02-29 19:00 . 2012-02-29 19:00 -------- d-----w- c:\users\David\AppData\Roaming\IObit
2012-02-29 19:00 . 2011-12-16 16:21 29016 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2012-02-29 19:00 . 2010-11-26 17:02 15672 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
2012-02-28 14:08 . 2012-02-28 14:15 -------- d-----w- c:\program files\Dink Smallwood
2012-02-28 12:10 . 2012-02-28 13:47 -------- d-----w- c:\program files\Polda 3
2012-02-26 18:46 . 2012-03-04 11:09 -------- d-----w- c:\program files\Hero Fighter
2012-02-26 15:27 . 2012-02-26 15:27 1 ----a-w- c:\windows\system32\SI.bin
2012-02-26 13:03 . 2012-02-26 13:04 -------- d-----w- C:\LF-RN
2012-02-24 17:49 . 2012-02-24 17:49 -------- d-----w- c:\users\David\AppData\Local\DOSBox
2012-02-24 17:48 . 2012-02-26 18:34 -------- d-----w- c:\program files\DOSBox-0.74
2012-02-24 17:46 . 2012-02-26 18:35 -------- d-----w- C:\dos
2012-02-24 12:12 . 2010-10-05 19:26 109240 ----a-w- c:\program files\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak\components\abhelperxpcom.dll
2012-02-24 12:12 . 2010-10-05 19:27 150200 ----a-w- c:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak\components\kavlinkfilter.dll
2012-02-24 12:05 . 2012-02-24 12:05 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files
2012-02-23 22:15 . 1994-09-21 01:00 12800 ----a-w- c:\windows\system32\WING32.DLL
2012-02-23 22:13 . 1998-10-29 15:45 306688 ----a-w- c:\windows\IsUninst.exe
2012-02-23 22:08 . 2012-02-23 22:08 242240 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-02-23 22:08 . 2012-02-23 22:08 -------- d-----w- c:\program files\DAEMON Tools Lite
2012-02-22 20:58 . 2012-02-22 20:58 -------- d-----w- c:\program files\Application Updater
2012-02-22 20:58 . 2012-02-22 20:58 -------- d-----w- c:\program files\YouTube Downloader Toolbar
2012-02-22 20:58 . 2012-02-22 20:58 -------- d-----w- c:\programdata\YouTube Downloader
2012-02-22 20:54 . 2012-02-22 20:57 -------- d-----w- c:\program files\YouTube Downloader
2012-02-22 17:36 . 2012-02-23 22:14 -------- d-----w- c:\program files\3DO
2012-02-22 15:43 . 2012-02-23 10:45 -------- d-----w- c:\users\David\AppData\Roaming\SPORE
2012-02-22 15:42 . 2012-02-22 15:42 -------- d--h--r- c:\users\David\AppData\Roaming\SecuROM
2012-02-21 14:32 . 2012-02-21 14:32 -------- d-----w- c:\users\David\AppData\Local\Ubisoft Game Launcher
2012-02-21 14:32 . 2012-02-21 14:35 -------- d-----w- c:\users\David\AppData\Roaming\Might & Magic Heroes VI
2012-02-21 14:12 . 2008-05-30 13:18 238088 ----a-w- c:\windows\system32\xactengine3_1.dll
2012-02-21 13:59 . 2012-03-16 17:47 -------- d-----w- c:\program files\Ubisoft
2012-02-20 18:25 . 2012-03-04 12:58 -------- d-----w- c:\program files\NosTale(CZ)
2012-02-20 18:07 . 2012-02-20 18:07 -------- d-----w- c:\users\David\AppData\Local\SKIDROW
2012-02-19 20:37 . 2012-02-19 20:37 -------- d-----w- c:\users\David\AppData\Roaming\VitySoft
2012-02-19 16:24 . 2012-02-19 16:24 -------- d-----w- c:\users\David\AppData\Local\GHISLER
2012-02-19 16:23 . 2012-02-19 16:23 -------- d-----w- C:\totalcmd
2012-02-19 16:23 . 2012-02-19 16:23 -------- d-----w- c:\users\David\AppData\Roaming\GHISLER
2012-02-19 16:23 . 2010-12-17 06:56 545 ----a-w- c:\windows\UC.PIF
2012-02-19 16:23 . 2010-12-17 06:56 545 ----a-w- c:\windows\RAR.PIF
2012-02-19 16:23 . 2010-12-17 06:56 545 ----a-w- c:\windows\PKZIP.PIF
2012-02-19 16:23 . 2010-12-17 06:56 545 ----a-w- c:\windows\PKUNZIP.PIF
2012-02-19 16:23 . 2010-12-17 06:56 545 ----a-w- c:\windows\NOCLOSE.PIF
2012-02-19 16:23 . 2010-12-17 06:56 545 ----a-w- c:\windows\LHA.PIF
2012-02-19 16:23 . 2010-12-17 06:56 545 ----a-w- c:\windows\ARJ.PIF
2012-02-19 10:31 . 2012-02-29 18:11 -------- d-----w- c:\program files\Google
2012-02-18 20:57 . 2012-03-11 12:03 -------- d-----w- c:\users\David\AppData\Roaming\vlc
2012-02-18 20:56 . 2012-02-18 20:56 -------- d-----w- c:\program files\VideoLAN
2012-02-18 20:47 . 2001-05-21 10:46 198656 ----a-w- c:\windows\system32\Comdlg32.ocx
2012-02-18 19:21 . 2012-02-18 19:21 -------- d-----w- c:\users\David\AppData\Roaming\TightVNC
2012-02-18 19:20 . 2012-02-26 16:35 -------- d-----w- c:\program files\TightVNC
2012-02-18 19:09 . 2012-02-18 19:09 -------- d-----w- c:\program files\RealVNC
2012-02-18 17:56 . 2006-07-28 08:30 236824 ----a-w- c:\windows\system32\xactengine2_3.dll
2012-02-18 17:56 . 2006-07-28 08:30 62744 ----a-w- c:\windows\system32\xinput1_2.dll
2012-02-18 17:55 . 2005-05-26 14:34 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll
2012-02-18 14:44 . 2012-02-18 16:00 -------- d-----w- c:\users\David\AppData\Roaming\Tunngle
2012-02-18 14:44 . 2012-02-18 15:39 -------- d-----w- c:\programdata\Tunngle
2012-02-18 14:44 . 2009-09-16 06:02 27136 ----a-w- c:\windows\system32\drivers\tap0901t.sys
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-22 15:42 . 2012-02-04 11:00 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2012-02-19 10:31 . 2012-02-03 16:59 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-14 13:32 . 2012-02-14 13:32 967 ----a-w- c:\windows\ScUnin.pif
2012-02-14 13:32 . 2012-02-14 13:32 68096 ----a-w- c:\windows\ScUnin.exe
2012-02-10 14:32 . 2012-02-10 14:32 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys
2012-02-07 14:16 . 2012-02-07 14:16 61440 ----a-r- c:\users\David\AppData\Roaming\Microsoft\Installer\{4B682CF4-9B41-4297-8B13-968B28B864C6}\FlatOutDemo.exe_E7A4797FABFC4ECEA2D0CD1C7229179B.exe
2012-02-07 14:16 . 2012-02-07 14:16 61440 ----a-r- c:\users\David\AppData\Roaming\Microsoft\Installer\{4B682CF4-9B41-4297-8B13-968B28B864C6}\ARPPRODUCTICON.exe
2012-02-07 14:15 . 2012-02-07 14:15 86528 ----a-w- c:\windows\bnetunin.exe
2012-02-07 14:15 . 2012-02-07 14:15 61440 ----a-w- c:\windows\diabswun.exe
2012-02-03 20:57 . 2011-03-28 17:36 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-02-03 17:14 . 2012-02-03 17:15 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-02-02 19:07 . 2012-02-02 19:08 29480 ----a-w- c:\windows\system32\msxml3a.dll
2012-02-02 19:07 . 2012-02-02 19:08 505128 ----a-w- c:\windows\system32\msvcp71.dll
2012-02-02 19:07 . 2012-02-02 19:08 353576 ----a-w- c:\windows\system32\msvcr71.dll
2012-02-02 18:42 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2012-02-02 15:37 . 2012-02-02 15:37 86528 ----a-w- c:\windows\system32\iesysprep.dll
2012-02-02 15:37 . 2012-02-02 15:37 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-02-02 15:37 . 2012-02-02 15:37 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-02-02 15:37 . 2012-02-02 15:37 74752 ----a-w- c:\windows\system32\iesetup.dll
2012-02-02 15:37 . 2012-02-02 15:37 63488 ----a-w- c:\windows\system32\tdc.ocx
2012-02-02 15:37 . 2012-02-02 15:37 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-02-02 15:37 . 2012-02-02 15:37 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-02-02 15:37 . 2012-02-02 15:37 367104 ----a-w- c:\windows\system32\html.iec
2012-02-02 15:37 . 2012-02-02 15:37 23552 ----a-w- c:\windows\system32\licmgr10.dll
2012-02-02 15:37 . 2012-02-02 15:37 161792 ----a-w- c:\windows\system32\msls31.dll
2012-02-02 15:37 . 2012-02-02 15:37 152064 ----a-w- c:\windows\system32\wextract.exe
2012-02-02 15:37 . 2012-02-02 15:37 150528 ----a-w- c:\windows\system32\iexpress.exe
2012-02-02 15:37 . 2012-02-02 15:37 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-02-02 15:37 . 2012-02-02 15:37 11776 ----a-w- c:\windows\system32\mshta.exe
2012-02-02 15:37 . 2012-02-02 15:37 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-02-02 15:37 . 2012-02-02 15:37 101888 ----a-w- c:\windows\system32\admparse.dll
2012-02-02 15:37 . 2012-02-02 15:37 35840 ----a-w- c:\windows\system32\imgutil.dll
2012-01-31 12:44 . 2012-02-02 14:34 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-01-17 03:39 . 2012-02-02 14:34 6557240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FDD06DCA-D7A2-4490-AB05-F63EF2514E9F}\mpengine.dll
2012-02-08 20:30 . 2012-02-15 12:58 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-02-15 17146504]
"NCsoft Launcher"="c:\aion\instalace\NCLauncher.exe" [2012-03-03 38704]
"Steam"="c:\program files\Steam\steam.exe" [2012-03-08 1242448]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-02-19 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2011-04-14 113288]
"jmekey"="c:\windows\jmesoft\hotkey.exe" [2011-07-20 118784]
"jmesoft"="c:\windows\jmesoft\ServiceLoader.exe" [2011-03-15 28672]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-07-07 10754664]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-08-18 343168]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2007-12-10 323584]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2011-08-15 1955208]
"vmware-tray"="c:\program files\VMware\VMware Workstation\vmware-tray.exe" [2007-05-01 68400]
"VMware hqtray"="c:\program files\VMware\VMware Workstation\hqtray.exe" [2007-05-01 56112]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAHealth"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-03 07:37 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-11-15 20:02 35736 ----a-w- c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
2010-08-26 10:18 75048 ------w- c:\program files\CyberLink\Shared files\brs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2012-02-13 08:06 3481408 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JetVoice]
2011-12-22 17:24 210944 ----a-w- c:\users\David\Desktop\NOTEBOOKZALOHA\JETVOICE.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl10]
2010-02-02 23:08 87336 ------w- c:\program files\CyberLink\PowerDVD10\PDVD10Serv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-06-09 12:06 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2012-02-15 158856]
R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-04-01 183560]
R3 DrvAgent32;DrvAgent32;c:\windows\system32\Drivers\DrvAgent32.sys [2012-02-10 23456]
R3 libusb0;LibUsb-Win32 - Kernel Driver 11/20/2005, 20051120;c:\windows\system32\DRIVERS\libusb0.sys [2006-05-31 29184]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TunngleService;TunngleService;c:\program files\Tunngle\TnglCtrl.exe [2012-02-14 736104]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-02-02 1343400]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 15672]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-02-23 242240]
S1 MpKsld0525df5;MpKsld0525df5;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8409E286-0AA0-4D9E-9A64-01C6A342651F}\MpKsld0525df5.sys [2012-03-16 29904]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2012/02/02 20:11];c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-08-26 11:18 87536]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-08-18 176128]
S2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [2012-02-06 748440]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2011-08-15 1361288]
S2 JME Keyboard;JME Keyboard Driver;c:\windows\jmesoft\Service.exe [2011-03-15 32768]
S2 UnsignedThemes;Unsigned Themes;c:\windows\UnsignedThemesSvc.exe [2009-07-13 21096]
S2 uxpatch;uxpatch;c:\windows\system32\drivers\uxpatch.sys [2009-07-13 25448]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-08-18 8396800]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-08-18 247296]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2011-06-07 211984]
S3 CamSuiteVAC;CamSuite Virtual Audio;c:\windows\system32\DRIVERS\CamSuiteVAC.sys [2008-09-19 37560]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024]
S3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 208944]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2011-04-13 67456]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2011-04-13 161024]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys [2011-09-14 232040]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-05-10 362600]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys [2010-12-03 999528]
S3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [2010-07-01 34896]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 27136]
S3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\DRIVERS\vcsvad.sys [2008-12-26 17792]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MPKSLD0525DF5
.
Obsah adresáře 'Naplánované úlohy'
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://google.com/
uInternet Settings,ProxyServer = http=127.0.0.1:53778
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Translate this web page with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
IE: Translate with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
FF - ProfilePath -
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-PlayNC Launcher - (no file)
HKCU-Run-RegistryBooster - c:\program files\Uniblue\RegistryBooster\launcher.exe
HKCU-Run-NTI System Update - c:\users\David\AppData\Local\Temp\mpvmsi.exe
HKLM-Run-Babylon Client - c:\program files\Babylon\Babylon-Pro\Babylon.exe
HKLM-Run-056.exe - c:\program files\LP\0087\056.exe
AddRemove-Babylon - c:\program files\Babylon\Babylon-Pro\Utils\uninstbb.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=hex:51,66,7a,6c,4c,1d,38,12,df,c1,0b,
27,57,07,ba,54,e4,0e,43,d0,22,fb,89,5b
"{98889811-442D-49DD-99D7-DC866BE87DBC}"=hex:51,66,7a,6c,4c,1d,38,12,7f,9b,9b,
9c,1f,0a,b3,0c,e6,c1,9f,c6,6e,b6,39,a8
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{2EECD738-5844-4A99-B4B6-146BF802613B}"=hex:51,66,7a,6c,4c,1d,38,12,56,d4,ff,
2a,76,16,f7,0f,cb,a0,57,2b,fd,5c,25,2f
"{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,38,12,0f,32,96,
76,f7,7e,4c,08,c8,ef,48,fc,18,66,e7,6a
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}"=hex:51,66,7a,6c,4c,1d,38,12,d8,cf,e9,
98,0d,61,19,04,eb,fc,4e,6b,77,8d,c0,d5
"{9FDDE16B-836F-4806-AB1F-1455CBEFF289}"=hex:51,66,7a,6c,4c,1d,38,12,05,e2,ce,
9b,5d,cd,68,0d,d4,09,57,15,ce,b1,b6,9d
"{AA58ED58-01DD-4D91-8333-CF10577473F7}"=hex:51,66,7a,6c,4c,1d,38,12,36,ee,4b,
ae,ef,4f,ff,08,fc,25,8c,50,52,2a,37,e3
"{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,38,12,07,5b,93,
aa,6e,60,ba,0b,f0,6d,b2,b7,80,44,00,83
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,38,12,8f,19,47,
2e,c4,15,0b,03,d7,b5,8c,e9,62,70,06,85
"{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}"=hex:51,66,7a,6c,4c,1d,38,12,35,fc,e1,
93,3e,68,a1,09,fc,5c,6e,9a,4b,77,a7,8a
"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,
fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17
"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,
b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:29,8d,2f,3d,44,fe,cc,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,fc,6d,ec,a0,be,ff,30,48,86,5f,30,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,fc,6d,ec,a0,be,ff,30,48,86,5f,30,\
"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,fc,6d,ec,a0,be,ff,30,48,86,5f,30,\
.
[HKEY_USERS\S-1-5-21-3306192862-183031607-1685272899-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:91,94,c8,1a,86,0f,dc,ff,9c,0a,51,ad,be,ab,11,8e,7a,5f,77,27,7e,6a,7f,
6c,ae,8f,87,80,ed,96,9c,8a,36,69,47,80,19,ec,10,2f,45,7a,1f,46,c2,aa,c1,08,\
"??"=hex:fb,3d,23,1e,14,af,db,0e,3c,90,6f,f1,fc,55,4f,04
.
[HKEY_USERS\S-1-5-21-3306192862-183031607-1685272899-1000\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(5408)
c:\program files\Microsoft Virtual PC\VPCShExH.DLL
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe
c:\windows\system32\atieclxx.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\program files\Microsoft\BingBar\SeaPort.EXE
c:\program files\VMware\VMware Workstation\vmware-authd.exe
c:\program files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
c:\windows\system32\vmnat.exe
c:\program files\RealVNC\VNC4\WinVNC4.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\vmnetdhcp.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\IObit\Smart Defrag 2\SmartDefrag.exe
c:\windows\system32\taskhost.exe
c:\program files\IObit\Game Booster 3\gbtray.exe
c:\windows\system32\conhost.exe
c:\windows\jmesoft\JME_LOAD.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\DllHost.exe
c:\windows\system32\sppsvc.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
.
**************************************************************************
.
Celkový čas: 2012-03-16 20:54:52 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-03-16 19:54
ComboFix2.txt 2012-02-29 18:20
ComboFix3.txt 2012-02-29 12:15
.
Před spuštěním: Volných bajtů: 168 993 861 632
Po spuštění: Volných bajtů: 168 971 059 200
.
- - End Of File - - 77F8BBB31F3C9A2A2822128E7EF7B382

Bez názvu.png (61.22 KiB) Zobrazeno 1435 x

Tohle se mi obevilo asi 10x

[Rudy]

Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

Folder::
c:\program files\Babylon
c:\programdata\Babylon
c:\users\David\AppData\Roaming\Babylon
c:\program files\Google\GoogleToolbarNotifier

Collect::
c:\windows\bnetunin.exe

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"=-

RegLock::
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]

Regnull::
[HKEY_USERS\S-1-5-21-3306192862-183031607-1685272899-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
[HKEY_USERS\S-1-5-21-3306192862-183031607-1685272899-1000\Software\SecuROM\License information*]

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.



Dejte log. Dáte stáhněte, rozbalte a spusťte TDSSKiller: http://support.kaspersky.com/downloads/ ... killer.zip . Nechte pracovat a pak sem dejte log.

[davidrohusch]

Combofix 2x restart _.-.-._ 1x Hledani nejakych informacich po malwarech na internetu _.-.-._ 1x nalezenej Rootkin

LOG:
ComboFix 12-03-16.03 - David 16.03.2012 21:45:08.4.4 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.2043.1002 [GMT 1:00]
Spuštěný z: c:\users\David\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\David\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
file zipped: c:\windows\bnetunin.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Babylon
c:\program files\Babylon\Babylon-Pro\captlib.dll
c:\program files\Google\GoogleToolbarNotifier
c:\program files\Google\GoogleToolbarNotifier\5.7.7227.1100\gth.dll
c:\program files\Google\GoogleToolbarNotifier\5.7.7227.1100\gtn.dll
c:\program files\Google\GoogleToolbarNotifier\5.7.7227.1100\Readme.url
c:\program files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
c:\programdata\Babylon
c:\programdata\Babylon\BabAll.dat
c:\programdata\Babylon\Gloss\bdcmpers.dat
c:\programdata\Babylon\Gloss\cslock.dat
c:\programdata\Babylon\LocalUI\AskCommTemplate.htm
c:\programdata\Babylon\LocalUI\cmwnd.html
c:\programdata\Babylon\LocalUI\Config\_tabs.js
c:\programdata\Babylon\LocalUI\Config\babTable.js
c:\programdata\Babylon\LocalUI\Config\ConfigDlg.html
c:\programdata\Babylon\LocalUI\Config\dictonary.js
c:\programdata\Babylon\LocalUI\Config\dropDown.js
c:\programdata\Babylon\LocalUI\Config\frame.css
c:\programdata\Babylon\LocalUI\Config\img\arrowDwn.gif
c:\programdata\Babylon\LocalUI\Config\img\arrowLft.gif
c:\programdata\Babylon\LocalUI\Config\img\arrowLftRTL.gif
c:\programdata\Babylon\LocalUI\Config\img\arrowRight.gif
c:\programdata\Babylon\LocalUI\Config\img\arrowRightRTL.gif
c:\programdata\Babylon\LocalUI\Config\img\arrowUP.gif
c:\programdata\Babylon\LocalUI\Config\img\bg.gif
c:\programdata\Babylon\LocalUI\Config\img\BigBtnsDynmic.gif
c:\programdata\Babylon\LocalUI\Config\img\BigBtnsDynmic.psd
c:\programdata\Babylon\LocalUI\Config\img\bigIcon.gif
c:\programdata\Babylon\LocalUI\Config\img\btmCrnrTop.gif
c:\programdata\Babylon\LocalUI\Config\img\btmCrnrTop.png
c:\programdata\Babylon\LocalUI\Config\img\cmbx.gif
c:\programdata\Babylon\LocalUI\Config\img\cmbxBlue.gif
c:\programdata\Babylon\LocalUI\Config\img\cmbxBlueSml.gif
c:\programdata\Babylon\LocalUI\Config\img\cmbxNrml.gif
c:\programdata\Babylon\LocalUI\Config\img\cnclImg.gif
c:\programdata\Babylon\LocalUI\Config\img\cnfg.css
c:\programdata\Babylon\LocalUI\Config\img\dropDown.css
c:\programdata\Babylon\LocalUI\Config\img\flags.gif
c:\programdata\Babylon\LocalUI\Config\img\ie6.css
c:\programdata\Babylon\LocalUI\Config\img\kybrdBtn.gif
c:\programdata\Babylon\LocalUI\Config\img\left.gif
c:\programdata\Babylon\LocalUI\Config\img\lngs.gif
c:\programdata\Babylon\LocalUI\Config\img\mouseState.gif
c:\programdata\Babylon\LocalUI\Config\img\okImg.gif
c:\programdata\Babylon\LocalUI\Config\img\plus.gif
c:\programdata\Babylon\LocalUI\Config\img\plusDict.gif
c:\programdata\Babylon\LocalUI\Config\img\right.gif
c:\programdata\Babylon\LocalUI\Config\img\screens.css
c:\programdata\Babylon\LocalUI\Config\img\sideCrnrTop.gif
c:\programdata\Babylon\LocalUI\Config\img\sideCrnrTop.png
c:\programdata\Babylon\LocalUI\Config\img\sideEdge.gif
c:\programdata\Babylon\LocalUI\Config\img\slctd.gif
c:\programdata\Babylon\LocalUI\Config\img\sliderBg.gif
c:\programdata\Babylon\LocalUI\Config\img\sliderNob.gif
c:\programdata\Babylon\LocalUI\Config\img\smlBtnMid.gif
c:\programdata\Babylon\LocalUI\Config\img\smlBtns.gif
c:\programdata\Babylon\LocalUI\Config\img\Spkr.gif
c:\programdata\Babylon\LocalUI\Config\screens.js
c:\programdata\Babylon\LocalUI\Config\slider.css
c:\programdata\Babylon\LocalUI\Config\slider.js
c:\programdata\Babylon\LocalUI\Config\tabs.js
c:\programdata\Babylon\LocalUI\Config\utils.js
c:\programdata\Babylon\LocalUI\Config\Web.config
c:\programdata\Babylon\LocalUI\Content\AcrbtOcrHelp\AcrbtOcrHelp.html
c:\programdata\Babylon\LocalUI\Content\AcrbtOcrHelp\AcrbtOcrHelpFre.html
c:\programdata\Babylon\LocalUI\Content\AcrbtOcrHelp\AcrbtOcrHelpGer.html
c:\programdata\Babylon\LocalUI\Content\AcrbtOcrHelp\AcrbtOcrHelpHeb.html
c:\programdata\Babylon\LocalUI\Content\AcrbtOcrHelp\AcrbtOcrHelpIta.html
c:\programdata\Babylon\LocalUI\Content\AcrbtOcrHelp\AcrbtOcrHelpJpn.html
c:\programdata\Babylon\LocalUI\Content\AcrbtOcrHelp\AcrbtOcrHelpPtg.html
c:\programdata\Babylon\LocalUI\Content\AcrbtOcrHelp\AcrbtOcrHelpSpa.html
c:\programdata\Babylon\LocalUI\Content\AskComm\AskComm.html
c:\programdata\Babylon\LocalUI\Content\AutoComp\AutoComp.html
c:\programdata\Babylon\LocalUI\Content\Conjugation\Conjugation.html
c:\programdata\Babylon\LocalUI\Content\ConjWait\ConjWait.html
c:\programdata\Babylon\LocalUI\Content\Convert\Convert.html
c:\programdata\Babylon\LocalUI\Content\ConvertResult\ConvertResult.html
c:\programdata\Babylon\LocalUI\Content\CorpGlossResult\CorpGlossResult.html
c:\programdata\Babylon\LocalUI\Content\CorrectResult\CorrectResult.html
c:\programdata\Babylon\LocalUI\Content\DwnldInst\DwnldInst.html
c:\programdata\Babylon\LocalUI\Content\EmptyTrans\EmptyTrans.html
c:\programdata\Babylon\LocalUI\Content\ExpDailyCap\ExpDailyCap.html
c:\programdata\Babylon\LocalUI\Content\ExpDefault\ExpDefault.html
c:\programdata\Babylon\LocalUI\Content\ExpNag\ExpNag.html
c:\programdata\Babylon\LocalUI\Content\ExpTransCap\ExpTransCap.html
c:\programdata\Babylon\LocalUI\Content\GlossResult\GlossResult.html
c:\programdata\Babylon\LocalUI\Content\img\AcrbtHeader.gif
c:\programdata\Babylon\LocalUI\Content\img\arrow.png
c:\programdata\Babylon\LocalUI\Content\img\arrow_rtl.png
c:\programdata\Babylon\LocalUI\Content\img\bg.jpg
c:\programdata\Babylon\LocalUI\Content\img\bg_rtl.jpg
c:\programdata\Babylon\LocalUI\Content\img\blueCntr.png
c:\programdata\Babylon\LocalUI\Content\img\bluEdg.png
c:\programdata\Babylon\LocalUI\Content\img\btn_left.png
c:\programdata\Babylon\LocalUI\Content\img\btn_mid.png
c:\programdata\Babylon\LocalUI\Content\img\btn_right.png
c:\programdata\Babylon\LocalUI\Content\img\bullet.png
c:\programdata\Babylon\LocalUI\Content\img\Cancel.png
c:\programdata\Babylon\LocalUI\Content\img\client.png
c:\programdata\Babylon\LocalUI\Content\img\ClientA.png
c:\programdata\Babylon\LocalUI\Content\img\clients.png
c:\programdata\Babylon\LocalUI\Content\img\clients_new.png
c:\programdata\Babylon\LocalUI\Content\img\clients_old.png
c:\programdata\Babylon\LocalUI\Content\img\clock.png
c:\programdata\Babylon\LocalUI\Content\img\cmnty_head.png
c:\programdata\Babylon\LocalUI\Content\img\cmnty_head_old.png
c:\programdata\Babylon\LocalUI\Content\img\cmnty_head_rtl.png
c:\programdata\Babylon\LocalUI\Content\img\cmnty_head2.png
c:\programdata\Babylon\LocalUI\Content\img\Community.gif
c:\programdata\Babylon\LocalUI\Content\img\community.png
c:\programdata\Babylon\LocalUI\Content\img\ctrl.png
c:\programdata\Babylon\LocalUI\Content\img\EmptyTransBg.png
c:\programdata\Babylon\LocalUI\Content\img\f9.png
c:\programdata\Babylon\LocalUI\Content\img\ftt_bg.png
c:\programdata\Babylon\LocalUI\Content\img\ftt_closed.png
c:\programdata\Babylon\LocalUI\Content\img\ftt_head.png
c:\programdata\Babylon\LocalUI\Content\img\ftt_sand.png
c:\programdata\Babylon\LocalUI\Content\img\ftt_v.png
c:\programdata\Babylon\LocalUI\Content\img\GingerA.png
c:\programdata\Babylon\LocalUI\Content\img\gngr_head.png
c:\programdata\Babylon\LocalUI\Content\img\gngr_head_old.png
c:\programdata\Babylon\LocalUI\Content\img\gngr_head_rtl.png
c:\programdata\Babylon\LocalUI\Content\img\greenCntr.png
c:\programdata\Babylon\LocalUI\Content\img\greenCntrFX.png
c:\programdata\Babylon\LocalUI\Content\img\greenEdg.png
c:\programdata\Babylon\LocalUI\Content\img\greenEdgFX.png
c:\programdata\Babylon\LocalUI\Content\img\hang.png
c:\programdata\Babylon\LocalUI\Content\img\later.png
c:\programdata\Babylon\LocalUI\Content\img\mail.png
c:\programdata\Babylon\LocalUI\Content\img\mouse.png
c:\programdata\Babylon\LocalUI\Content\img\next.png
c:\programdata\Babylon\LocalUI\Content\img\numbers.png
c:\programdata\Babylon\LocalUI\Content\img\outLook.png
c:\programdata\Babylon\LocalUI\Content\img\outLook_blank.png
c:\programdata\Babylon\LocalUI\Content\img\outLook_new.png
c:\programdata\Babylon\LocalUI\Content\img\outLook_old.png
c:\programdata\Babylon\LocalUI\Content\img\Pixel.gif
c:\programdata\Babylon\LocalUI\Content\img\prev.png
c:\programdata\Babylon\LocalUI\Content\img\redline.png
c:\programdata\Babylon\LocalUI\Content\img\ResizeCorner.gif
c:\programdata\Babylon\LocalUI\Content\img\sand.png
c:\programdata\Babylon\LocalUI\Content\img\send.png
c:\programdata\Babylon\LocalUI\Content\img\showlater.png
c:\programdata\Babylon\LocalUI\Content\img\ShowLaterButton.png
c:\programdata\Babylon\LocalUI\Content\img\shwLtrCntr.png
c:\programdata\Babylon\LocalUI\Content\img\shwLtrEdg.png
c:\programdata\Babylon\LocalUI\Content\img\sign_left.png
c:\programdata\Babylon\LocalUI\Content\img\sign_mid.png
c:\programdata\Babylon\LocalUI\Content\img\sign_right.png
c:\programdata\Babylon\LocalUI\Content\img\soft.png
c:\programdata\Babylon\LocalUI\Content\img\soft2.png
c:\programdata\Babylon\LocalUI\Content\img\store.png
c:\programdata\Babylon\LocalUI\Content\img\StoreButton.png
c:\programdata\Babylon\LocalUI\Content\img\submitCntr.png
c:\programdata\Babylon\LocalUI\Content\img\submitEdge.png
c:\programdata\Babylon\LocalUI\Content\img\term.png
c:\programdata\Babylon\LocalUI\Content\img\term_bg.png
c:\programdata\Babylon\LocalUI\Content\img\term_closed.png
c:\programdata\Babylon\LocalUI\Content\img\term_sand.png
c:\programdata\Babylon\LocalUI\Content\img\term_v.png
c:\programdata\Babylon\LocalUI\Content\img\text.png
c:\programdata\Babylon\LocalUI\Content\img\Thumbs.db
c:\programdata\Babylon\LocalUI\Content\img\v.png
c:\programdata\Babylon\LocalUI\Content\img\WaitForRes.gif
c:\programdata\Babylon\LocalUI\Content\KeyHandlerJS\KeyHandlerJS.html
c:\programdata\Babylon\LocalUI\Content\MsgResult\MsgResult.html
c:\programdata\Babylon\LocalUI\Content\WaitForRes\WaitForRes.html
c:\programdata\Babylon\LocalUI\Content\WelcomeScreen\howTo.js
c:\programdata\Babylon\LocalUI\Content\WelcomeScreen\howTo.js.bak
c:\programdata\Babylon\LocalUI\Content\WelcomeScreen\page1.css
c:\programdata\Babylon\LocalUI\Content\WelcomeScreen\page1_rtl.css
c:\programdata\Babylon\LocalUI\Content\WelcomeScreen\WelcomeScreen.html
c:\programdata\Babylon\LocalUI\Content\WelcomeScreen\WelcomeScreenAra.html
c:\programdata\Babylon\LocalUI\Content\WelcomeScreen\WelcomeScreenDan.html
c:\programdata\Babylon\LocalUI\Content\WelcomeScreen\WelcomeScreenDut.html
c:\programdata\Babylon\LocalUI\Content\WelcomeScreen\WelcomeScreenFre.html
c:\programdata\Babylon\LocalUI\Content\WelcomeScreen\WelcomeScreenGer.html
c:\programdata\Babylon\LocalUI\Content\WelcomeScreen\WelcomeScreenHeb.html
c:\programdata\Babylon\LocalUI\Content\WelcomeScreen\WelcomeScreenChs.html
c:\programdata\Babylon\LocalUI\Content\WelcomeScreen\WelcomeScreenCht.html
c:\programdata\Babylon\LocalUI\Content\WelcomeScreen\WelcomeScreenIta.html
c:\programdata\Babylon\LocalUI\Content\WelcomeScreen\WelcomeScreenJpn.html
c:\programdata\Babylon\LocalUI\Content\WelcomeScreen\WelcomeScreenKor.html
c:\programdata\Babylon\LocalUI\Content\WelcomeScreen\WelcomeScreenNor.html
c:\programdata\Babylon\LocalUI\Content\WelcomeScreen\WelcomeScreenPtg.html
c:\programdata\Babylon\LocalUI\Content\WelcomeScreen\WelcomeScreenRom.html
c:\programdata\Babylon\LocalUI\Content\WelcomeScreen\WelcomeScreenRus.html
c:\programdata\Babylon\LocalUI\Content\WelcomeScreen\WelcomeScreenSpa.html
c:\programdata\Babylon\LocalUI\Content\WelcomeScreen\WelcomeScreenSwe.html
c:\programdata\Babylon\LocalUI\Content\WelcomeScreen\WelcomeScreenTur.html
c:\programdata\Babylon\LocalUI\img-ie6\baby.css
c:\programdata\Babylon\LocalUI\img-ie6\Btn\prarg.gif
c:\programdata\Babylon\LocalUI\img-ie6\Btn\say_turnOn.gif
c:\programdata\Babylon\LocalUI\img-ie6\Btn\wordAnim.gif
c:\programdata\Babylon\LocalUI\img-ie6\controls\arowDown.gif
c:\programdata\Babylon\LocalUI\img-ie6\controls\arowRight.gif
c:\programdata\Babylon\LocalUI\img-ie6\controls\arrowL.gif
c:\programdata\Babylon\LocalUI\img-ie6\controls\arrowR.gif
c:\programdata\Babylon\LocalUI\img-ie6\controls\b9_preloader.gif
c:\programdata\Babylon\LocalUI\img-ie6\controls\btnFrm.gif
c:\programdata\Babylon\LocalUI\img-ie6\controls\btnFrmShort.gif
c:\programdata\Babylon\LocalUI\img-ie6\controls\cart_icon.gif
c:\programdata\Babylon\LocalUI\img-ie6\controls\cmntylogo.gif
c:\programdata\Babylon\LocalUI\img-ie6\controls\fb.gif
c:\programdata\Babylon\LocalUI\img-ie6\controls\file.gif
c:\programdata\Babylon\LocalUI\img-ie6\controls\menuArr.gif
c:\programdata\Babylon\LocalUI\img-ie6\controls\shopCart.gif
c:\programdata\Babylon\LocalUI\img-ie6\controls\spyglass.gif
c:\programdata\Babylon\LocalUI\img-ie6\controls\sysBtn.gif
c:\programdata\Babylon\LocalUI\img-ie6\controls\TermBoxEdegs.gif
c:\programdata\Babylon\LocalUI\img-ie6\controls\TermMiddle.gif
c:\programdata\Babylon\LocalUI\img-ie6\controls\trmBoxRigt.gif
c:\programdata\Babylon\LocalUI\img-ie6\controls\ulBtn.gif
c:\programdata\Babylon\LocalUI\img-ie6\frame.css
c:\programdata\Babylon\LocalUI\img-ie6\frame\b1.gif
c:\programdata\Babylon\LocalUI\img-ie6\frame\b2.gif
c:\programdata\Babylon\LocalUI\img-ie6\frame\b3.gif
c:\programdata\Babylon\LocalUI\img-ie6\frame\fTabTxt.gif
c:\programdata\Babylon\LocalUI\img-ie6\frame\logo.gif
c:\programdata\Babylon\LocalUI\img-ie6\frame\m1.gif
c:\programdata\Babylon\LocalUI\img-ie6\frame\m2.gif
c:\programdata\Babylon\LocalUI\img-ie6\frame\m3.gif
c:\programdata\Babylon\LocalUI\img-ie6\frame\sideTabs.gif
c:\programdata\Babylon\LocalUI\img-ie6\frame\t1.gif
c:\programdata\Babylon\LocalUI\img-ie6\frame\t2.gif
c:\programdata\Babylon\LocalUI\img-ie6\frame\t3.gif
c:\programdata\Babylon\LocalUI\img-ie6\frame\t4.gif
c:\programdata\Babylon\LocalUI\img-ie6\frame\tabRpt1.gif
c:\programdata\Babylon\LocalUI\img-ie6\frame\tabRpt2.gif
c:\programdata\Babylon\LocalUI\img-ie6\frame\tabRpt2_.gif
c:\programdata\Babylon\LocalUI\img-ie6\frame\tabsOvr.gif
c:\programdata\Babylon\LocalUI\img-ie6\frame\wTabTxt.gif
c:\programdata\Babylon\LocalUI\img-ie6\frameIE6\b1.gif
c:\programdata\Babylon\LocalUI\img-ie6\frameIE6\b2.gif
c:\programdata\Babylon\LocalUI\img-ie6\frameIE6\b3.gif
c:\programdata\Babylon\LocalUI\img-ie6\frameIE6\btmSplitr.gif
c:\programdata\Babylon\LocalUI\img-ie6\frameIE6\cmboxArr.gif
c:\programdata\Babylon\LocalUI\img-ie6\frameIE6\m1.gif
c:\programdata\Babylon\LocalUI\img-ie6\frameIE6\m2.gif
c:\programdata\Babylon\LocalUI\img-ie6\frameIE6\m3.gif
c:\programdata\Babylon\LocalUI\img-ie6\frameIE6\spelling.gif
c:\programdata\Babylon\LocalUI\img-ie6\frameIE6\t1.gif
c:\programdata\Babylon\LocalUI\img-ie6\frameIE6\t2.gif
c:\programdata\Babylon\LocalUI\img-ie6\frameIE6\t3.gif
c:\programdata\Babylon\LocalUI\img-ie6\frameIE6\t3V2.gif
c:\programdata\Babylon\LocalUI\img-ie6\frameIE6\t4.gif
c:\programdata\Babylon\LocalUI\img-ie6\Ftxt\btnGreen.gif
c:\programdata\Babylon\LocalUI\img-ie6\Ftxt\btnOrange.gif
c:\programdata\Babylon\LocalUI\img-ie6\Ftxt\btns_Bg.gif
c:\programdata\Babylon\LocalUI\img-ie6\Ftxt\cmboxArr.gif
c:\programdata\Babylon\LocalUI\img-ie6\Ftxt\cmboxFrm.gif
c:\programdata\Babylon\LocalUI\img-ie6\Ftxt\file.gif
c:\programdata\Babylon\LocalUI\img-ie6\Ftxt\flags.gif
c:\programdata\Babylon\LocalUI\img-ie6\Ftxt\langArrw.gif
c:\programdata\Babylon\LocalUI\img-ie6\Ftxt\langArrwRtl.gif
c:\programdata\Babylon\LocalUI\img-ie6\Ftxt\SpkrNrml.gif
c:\programdata\Babylon\LocalUI\img-ie6\Ftxt\spkrPause.gif
c:\programdata\Babylon\LocalUI\img-ie6\Ftxt\spkrPlay.gif
c:\programdata\Babylon\LocalUI\img-ie6\Ftxt\ulBtn.gif
c:\programdata\Babylon\LocalUI\img-ie6\main.css
c:\programdata\Babylon\LocalUI\img-ie6\rslt\bgleftcorner.gif
c:\programdata\Babylon\LocalUI\img-ie6\rslt\ConvFlags.gif
c:\programdata\Babylon\LocalUI\img-ie6\rslt\convrt.gif
c:\programdata\Babylon\LocalUI\img-ie6\rslt\convrtTab.gif
c:\programdata\Babylon\LocalUI\img-ie6\rslt\moreRslt.gif
c:\programdata\Babylon\LocalUI\img-ie6\rslt\morRslts.gif
c:\programdata\Babylon\LocalUI\img-ie6\rslt\plusIcn.gif
c:\programdata\Babylon\LocalUI\img-ie6\rslt\spelling.gif
c:\programdata\Babylon\LocalUI\img-ie6\rslt\tab.gif
c:\programdata\Babylon\LocalUI\img-ie6\rslt\tab2.gif
c:\programdata\Babylon\LocalUI\img-ie6\rslt\tcImg.gif
c:\programdata\Babylon\LocalUI\img-ie6\rslt\wgBtn.gif
c:\programdata\Babylon\LocalUI\img-ie6\text.css
c:\programdata\Babylon\LocalUI\img-ie6\word.css
c:\programdata\Babylon\LocalUI\img\baby.css
c:\programdata\Babylon\LocalUI\img\banner_\b1.png
c:\programdata\Babylon\LocalUI\img\banner_\b2.png
c:\programdata\Babylon\LocalUI\img\banner_\b3.png
c:\programdata\Babylon\LocalUI\img\banner_\m1.png
c:\programdata\Babylon\LocalUI\img\banner_\m2.png
c:\programdata\Babylon\LocalUI\img\banner_\m3.png
c:\programdata\Babylon\LocalUI\img\banner_\t1.png
c:\programdata\Babylon\LocalUI\img\banner_\t2.png
c:\programdata\Babylon\LocalUI\img\banner_\t3.png
c:\programdata\Babylon\LocalUI\img\bes.css
c:\programdata\Babylon\LocalUI\img\bes.css.bak
c:\programdata\Babylon\LocalUI\img\Btn\prarg.png
c:\programdata\Babylon\LocalUI\img\Btn\say_turnOn.gif
c:\programdata\Babylon\LocalUI\img\Btn\word.png
c:\programdata\Babylon\LocalUI\img\Btn\wordAnim.png
c:\programdata\Babylon\LocalUI\img\clsSb.png
c:\programdata\Babylon\LocalUI\img\cmnty.css
c:\programdata\Babylon\LocalUI\img\cmnty.css.bak
c:\programdata\Babylon\LocalUI\img\cmnty\ajaxLoad.gif
c:\programdata\Babylon\LocalUI\img\cmnty\ajaxload.png
c:\programdata\Babylon\LocalUI\img\cmnty\answerMsg.png
c:\programdata\Babylon\LocalUI\img\cmnty\answerNotifi_anima.png
c:\programdata\Babylon\LocalUI\img\cmnty\answrAnim.gif
c:\programdata\Babylon\LocalUI\img\cmnty\AnswrBtn.png
c:\programdata\Babylon\LocalUI\img\cmnty\AnswrBtn_.png
c:\programdata\Babylon\LocalUI\img\cmnty\answrMsg.png
c:\programdata\Babylon\LocalUI\img\cmnty\b1.png
c:\programdata\Babylon\LocalUI\img\cmnty\b2.png
c:\programdata\Babylon\LocalUI\img\cmnty\b3.png
c:\programdata\Babylon\LocalUI\img\cmnty\bg.png
c:\programdata\Babylon\LocalUI\img\cmnty\bluCloud.png
c:\programdata\Babylon\LocalUI\img\cmnty\clseBut.png
c:\programdata\Babylon\LocalUI\img\cmnty\cmntyBtn.png
c:\programdata\Babylon\LocalUI\img\cmnty\dislikeMsg (3).png
c:\programdata\Babylon\LocalUI\img\cmnty\dislikeMsg.png
c:\programdata\Babylon\LocalUI\img\cmnty\gngrBtn.png
c:\programdata\Babylon\LocalUI\img\cmnty\grnCloud.png
c:\programdata\Babylon\LocalUI\img\cmnty\likeMsg.png
c:\programdata\Babylon\LocalUI\img\cmnty\m1.png
c:\programdata\Babylon\LocalUI\img\cmnty\m3.png
c:\programdata\Babylon\LocalUI\img\cmnty\notif.png
c:\programdata\Babylon\LocalUI\img\cmnty\notifiAnim.gif
c:\programdata\Babylon\LocalUI\img\cmnty\numberStrip.png
c:\programdata\Babylon\LocalUI\img\cmnty\numberStripWh.png
c:\programdata\Babylon\LocalUI\img\cmnty\pngAnimation.png
c:\programdata\Babylon\LocalUI\img\cmnty\quesAnim.gif
c:\programdata\Babylon\LocalUI\img\cmnty\quesBtn.png
c:\programdata\Babylon\LocalUI\img\cmnty\quesBtn_.png
c:\programdata\Babylon\LocalUI\img\cmnty\quesMsg.png
c:\programdata\Babylon\LocalUI\img\cmnty\questionrNotifi_anima.png
c:\programdata\Babylon\LocalUI\img\cmnty\smallBut_.png
c:\programdata\Babylon\LocalUI\img\cmnty\t1.png
c:\programdata\Babylon\LocalUI\img\cmnty\t2.png
c:\programdata\Babylon\LocalUI\img\cmnty\t3.png
c:\programdata\Babylon\LocalUI\img\cnnction.png
c:\programdata\Babylon\LocalUI\img\controls\arowDown.gif
c:\programdata\Babylon\LocalUI\img\controls\arowDown.png
c:\programdata\Babylon\LocalUI\img\controls\arowRight.gif
c:\programdata\Babylon\LocalUI\img\controls\arrowD.png
c:\programdata\Babylon\LocalUI\img\controls\arrowdown.png
c:\programdata\Babylon\LocalUI\img\controls\arrowL.gif
c:\programdata\Babylon\LocalUI\img\controls\arrowL.png
c:\programdata\Babylon\LocalUI\img\controls\arrowR.gif
c:\programdata\Babylon\LocalUI\img\controls\arrowR.png
c:\programdata\Babylon\LocalUI\img\controls\b9_preloader.gif
c:\programdata\Babylon\LocalUI\img\controls\btnFrm.png
c:\programdata\Babylon\LocalUI\img\controls\btnFrmShort.png
c:\programdata\Babylon\LocalUI\img\controls\btnGreen.png
c:\programdata\Babylon\LocalUI\img\controls\btnGreen_.png
c:\programdata\Babylon\LocalUI\img\controls\btnGreen2.png
c:\programdata\Babylon\LocalUI\img\controls\btnGreen3.png
c:\programdata\Babylon\LocalUI\img\controls\btnGreenX.png
c:\programdata\Babylon\LocalUI\img\controls\cart_icon.png
c:\programdata\Babylon\LocalUI\img\controls\cmntylogo.png
c:\programdata\Babylon\LocalUI\img\controls\community.png
c:\programdata\Babylon\LocalUI\img\controls\fb.png
c:\programdata\Babylon\LocalUI\img\controls\flags.png
c:\programdata\Babylon\LocalUI\img\controls\flags_.png
c:\programdata\Babylon\LocalUI\img\controls\karusela_arrowL.png
c:\programdata\Babylon\LocalUI\img\controls\lang_button.png
c:\programdata\Babylon\LocalUI\img\controls\langArrw.png
c:\programdata\Babylon\LocalUI\img\controls\langArrwRtl.png
c:\programdata\Babylon\LocalUI\img\controls\language_arrowR.png
c:\programdata\Babylon\LocalUI\img\controls\menuArr.gif
c:\programdata\Babylon\LocalUI\img\controls\menuArr.png
c:\programdata\Babylon\LocalUI\img\controls\menuArr_.png
c:\programdata\Babylon\LocalUI\img\controls\newWin.png
c:\programdata\Babylon\LocalUI\img\controls\say_turnOff.png
c:\programdata\Babylon\LocalUI\img\controls\search_arrowL.png
c:\programdata\Babylon\LocalUI\img\controls\search_arrowR.png
c:\programdata\Babylon\LocalUI\img\controls\shopingCrt.png
c:\programdata\Babylon\LocalUI\img\controls\shopingCrtFnl.png
c:\programdata\Babylon\LocalUI\img\controls\spling.png
c:\programdata\Babylon\LocalUI\img\controls\spyglass.gif
c:\programdata\Babylon\LocalUI\img\controls\spyglass.png
c:\programdata\Babylon\LocalUI\img\controls\spyglass2.png
c:\programdata\Babylon\LocalUI\img\controls\spyGlssAnim.png
c:\programdata\Babylon\LocalUI\img\controls\sysBtn.gif
c:\programdata\Babylon\LocalUI\img\controls\sysBtn.png
c:\programdata\Babylon\LocalUI\img\controls\TermBoxEdegs.png
c:\programdata\Babylon\LocalUI\img\controls\TermMiddle.png
c:\programdata\Babylon\LocalUI\img\controls\topMenu_button.png
c:\programdata\Babylon\LocalUI\img\controls\trmBoxRigt.png
c:\programdata\Babylon\LocalUI\img\dropdown\cmboxArr.png
c:\programdata\Babylon\LocalUI\img\dropdown\cmboxFrm.png
c:\programdata\Babylon\LocalUI\img\dropdown\dorpdown.htm
c:\programdata\Babylon\LocalUI\img\frame.css
c:\programdata\Babylon\LocalUI\img\frame\b1.png
c:\programdata\Babylon\LocalUI\img\frame\b1v2.png
c:\programdata\Babylon\LocalUI\img\frame\b2.png
c:\programdata\Babylon\LocalUI\img\frame\b3.png
c:\programdata\Babylon\LocalUI\img\frame\bg.png
c:\programdata\Babylon\LocalUI\img\frame\logo.png
c:\programdata\Babylon\LocalUI\img\frame\m1.png
c:\programdata\Babylon\LocalUI\img\frame\m1v2.png
c:\programdata\Babylon\LocalUI\img\frame\m2.png
c:\programdata\Babylon\LocalUI\img\frame\m3.png
c:\programdata\Babylon\LocalUI\img\frame\pTabTxt.png
c:\programdata\Babylon\LocalUI\img\frame\t1.png
c:\programdata\Babylon\LocalUI\img\frame\t1v2.png
c:\programdata\Babylon\LocalUI\img\frame\t2.png
c:\programdata\Babylon\LocalUI\img\frame\t3.png
c:\programdata\Babylon\LocalUI\img\frame\t3v2.png
c:\programdata\Babylon\LocalUI\img\frame\t4.png
c:\programdata\Babylon\LocalUI\img\frame\tabRpt1.png
c:\programdata\Babylon\LocalUI\img\frame\tabRpt1_hover.png
c:\programdata\Babylon\LocalUI\img\frame\tabRpt2.png
c:\programdata\Babylon\LocalUI\img\frame\tabRpt2_hover.png
c:\programdata\Babylon\LocalUI\img\frame\tabs.png
c:\programdata\Babylon\LocalUI\img\frame\Tabs\tb1.png
c:\programdata\Babylon\LocalUI\img\frame\tabsOvr.png
c:\programdata\Babylon\LocalUI\img\frame\wTabTxt.png
c:\programdata\Babylon\LocalUI\img\frame2\b1.png
c:\programdata\Babylon\LocalUI\img\frame2\b2.png
c:\programdata\Babylon\LocalUI\img\frame2\b3.png
c:\programdata\Babylon\LocalUI\img\frame2\logo.png
c:\programdata\Babylon\LocalUI\img\frame2\m1.png
c:\programdata\Babylon\LocalUI\img\frame2\m2.png
c:\programdata\Babylon\LocalUI\img\frame2\m3.png
c:\programdata\Babylon\LocalUI\img\frame2\t1.png
c:\programdata\Babylon\LocalUI\img\frame2\t2.png
c:\programdata\Babylon\LocalUI\img\frame2\t3.png
c:\programdata\Babylon\LocalUI\img\frame2\t4.png
c:\programdata\Babylon\LocalUI\img\Ftxt\btnBgLft.png
c:\programdata\Babylon\LocalUI\img\Ftxt\btnGreen.png
c:\programdata\Babylon\LocalUI\img\Ftxt\btnGreen_.png
c:\programdata\Babylon\LocalUI\img\Ftxt\btnOrange.png
c:\programdata\Babylon\LocalUI\img\Ftxt\btns_Bg.png
c:\programdata\Babylon\LocalUI\img\Ftxt\btnUpld.png
c:\programdata\Babylon\LocalUI\img\Ftxt\cmboxArr.png
c:\programdata\Babylon\LocalUI\img\Ftxt\cmboxFrm.png
c:\programdata\Babylon\LocalUI\img\Ftxt\file.png
c:\programdata\Babylon\LocalUI\img\Ftxt\flags.png
c:\programdata\Babylon\LocalUI\img\Ftxt\LngBdy.png
c:\programdata\Babylon\LocalUI\img\Ftxt\pause.png
c:\programdata\Babylon\LocalUI\img\Ftxt\SpkrNrml.png
c:\programdata\Babylon\LocalUI\img\Ftxt\spkrPause.png
c:\programdata\Babylon\LocalUI\img\Ftxt\spkrPlay.png
c:\programdata\Babylon\LocalUI\img\Ftxt\spkrResum.png
c:\programdata\Babylon\LocalUI\img\Ftxt\spkrStop.png
c:\programdata\Babylon\LocalUI\img\Ftxt\switchLng.png
c:\programdata\Babylon\LocalUI\img\Ftxt\switchLngRtl.png
c:\programdata\Babylon\LocalUI\img\Ftxt\ulBtn.png
c:\programdata\Babylon\LocalUI\img\Ftxt\ulBtn_.png
c:\programdata\Babylon\LocalUI\img\Ftxt\usa.png
c:\programdata\Babylon\LocalUI\img\main.css
c:\programdata\Babylon\LocalUI\img\rslt\bgleftcorner.gif
c:\programdata\Babylon\LocalUI\img\rslt\btmSplitr.png
c:\programdata\Babylon\LocalUI\img\rslt\btnFrmSml.png
c:\programdata\Babylon\LocalUI\img\rslt\ConvFlags.gif
c:\programdata\Babylon\LocalUI\img\rslt\convrt.gif
c:\programdata\Babylon\LocalUI\img\rslt\convrt.png
c:\programdata\Babylon\LocalUI\img\rslt\moreRsltCntr.png
c:\programdata\Babylon\LocalUI\img\rslt\moreRsltFinal.png
c:\programdata\Babylon\LocalUI\img\rslt\morRslts.gif
c:\programdata\Babylon\LocalUI\img\rslt\plusIcn.png
c:\programdata\Babylon\LocalUI\img\rslt\spelling.gif
c:\programdata\Babylon\LocalUI\img\rslt\spelling.png
c:\programdata\Babylon\LocalUI\img\rslt\tab.png
c:\programdata\Babylon\LocalUI\img\rslt\tcImg.png
c:\programdata\Babylon\LocalUI\img\sbhndlCls.png
c:\programdata\Babylon\LocalUI\img\sbhndlOpn.png
c:\programdata\Babylon\LocalUI\img\srcMngr.png
c:\programdata\Babylon\LocalUI\img\text.css
c:\programdata\Babylon\LocalUI\img\tmp.htm
c:\programdata\Babylon\LocalUI\img\word.css
c:\programdata\Babylon\LocalUI\js\baby.js
c:\programdata\Babylon\LocalUI\js\bes.js
c:\programdata\Babylon\LocalUI\js\cmnty-test.js
c:\programdata\Babylon\LocalUI\js\cmnty.js
c:\programdata\Babylon\LocalUI\js\extrnl.js
c:\programdata\Babylon\LocalUI\js\extrnl.js.bak
c:\programdata\Babylon\LocalUI\js\frame.js
c:\programdata\Babylon\LocalUI\js\fTxt.js
c:\programdata\Babylon\LocalUI\js\oldJS.js
c:\programdata\Babylon\LocalUI\js\plcy.js
c:\programdata\Babylon\LocalUI\js\tabs.js
c:\programdata\Babylon\LocalUI\js\word.js
c:\programdata\Babylon\LocalUI\pxl.gif
c:\programdata\Babylon\LocalUI\Sayit.htm
c:\programdata\Babylon\LocalUI\textrange.htm
c:\programdata\Babylon\LocalUI\uiver
c:\programdata\Babylon\LocalUI\wnd-ie6.html
c:\programdata\Babylon\LocalUI\wnd.html
c:\programdata\Babylon\sqlite3.dll
c:\users\David\AppData\Roaming\Babylon
c:\users\David\AppData\Roaming\Babylon\BabylonTC.conf
c:\users\David\AppData\Roaming\Babylon\BabylonTC.log
c:\users\David\AppData\Roaming\Babylon\Content\icons\BTMJWKZGYE_glossary_icon.ico
c:\users\David\AppData\Roaming\Babylon\FLStat.dat
c:\users\David\AppData\Roaming\Babylon\log_file.txt
c:\users\David\AppData\Roaming\Babylon\MyList.dat
c:\users\David\AppData\Roaming\Babylon\updates\convert.dat
c:\users\David\AppData\Roaming\Babylon\updates\rates.dat
c:\windows\$NtUninstallKB63566$ . . . . nemohl být smazán
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-02-16 do 2012-03-16 )))))))))))))))))))))))))))))))
.
.
2012-03-16 20:59 . 2012-03-16 21:10 -------- d-----w- c:\users\David\AppData\Local\temp
2012-03-16 20:59 . 2012-03-16 20:59 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-16 15:56 . 2012-03-16 19:31 56200 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8409E286-0AA0-4D9E-9A64-01C6A342651F}\offreg.dll
2012-03-16 15:54 . 2012-03-16 15:53 713784 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1D90A630-5317-4F49-9118-26355A69A086}\gapaengine.dll
2012-03-16 15:53 . 2012-02-07 21:03 6552120 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8409E286-0AA0-4D9E-9A64-01C6A342651F}\mpengine.dll
2012-03-16 15:45 . 2012-03-16 15:45 -------- d-----w- c:\program files\Microsoft Security Client
2012-03-16 15:30 . 2012-03-16 15:34 -------- d-----w- c:\program files\E8948
2012-03-16 15:28 . 2012-03-16 15:28 0 --sha-w- c:\windows\system32\dds_trash_log.cmd
2012-03-14 18:35 . 2012-03-14 18:35 -------- d-----w- c:\program files\CCleaner
2012-03-13 14:24 . 2012-03-13 14:24 -------- d-----w- c:\program files\My life 1.5
2012-03-12 15:50 . 2012-03-12 15:50 163972 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll
2012-03-12 15:50 . 2012-03-12 15:50 282756 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll
2012-03-09 22:21 . 2012-03-09 22:22 -------- d-----w- c:\users\David\AppData\Roaming\Screaming Bee
2012-03-09 22:20 . 2012-03-09 22:22 -------- d-----w- c:\users\David\AppData\Local\Babylon
2012-03-09 22:20 . 2012-03-09 22:20 -------- d-----w- c:\users\David\AppData\Roaming\Uniblue
2012-03-09 22:20 . 2012-03-09 22:49 -------- d-----w- c:\program files\Screaming Bee
2012-03-09 22:20 . 2012-03-09 22:22 -------- d-----w- c:\programdata\Screaming Bee
2012-03-09 22:20 . 2012-03-09 22:20 -------- dc-h--w- c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
2012-03-09 22:20 . 2012-03-09 22:26 -------- d-----w- c:\program files\Uniblue
2012-03-09 22:20 . 2012-03-09 22:20 -------- d-----w- c:\users\David\AppData\Local\PackageAware
2012-03-09 22:19 . 2012-01-23 14:17 143360 ----a-w- c:\program files\Mozilla Firefox\BabyFox.dll
2012-03-09 22:18 . 2012-03-09 22:18 -------- d-----w- c:\program files\BabylonToolbar
2012-03-09 21:52 . 2012-03-09 21:52 -------- d-----w- c:\users\David\AppData\Roaming\Avnex
2012-03-09 21:49 . 2008-12-26 11:56 17792 ----a-w- c:\windows\system32\drivers\vcsvad.sys
2012-03-09 21:49 . 2012-03-09 22:09 -------- d-----w- c:\program files\AV Vcs 7.0 DIAMOND
2012-03-09 20:50 . 2012-03-09 20:50 40960 ----a-r- c:\users\David\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\NewShortcut1_9559F7CA5E344237A2D9D856464AD727.exe
2012-03-09 20:50 . 2012-03-09 20:50 40960 ----a-r- c:\users\David\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\ARPPRODUCTICON.exe
2012-03-09 20:50 . 2012-03-09 21:12 -------- d-----w- c:\program files\Project64 1.6
2012-03-09 19:11 . 2012-03-09 19:12 -------- d-----w- c:\program files\Counter-Strike 1.6 Patch Version 26
2012-03-08 17:37 . 2012-03-09 19:12 -------- d-----w- c:\program files\Valve
2012-03-08 17:36 . 2003-09-03 01:26 192512 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iuser.dll
2012-03-08 17:35 . 2003-09-03 01:26 266240 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iscript.dll
2012-03-08 17:35 . 2003-09-03 01:27 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\ctor.dll
2012-03-08 17:35 . 2003-09-03 01:25 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\DotNetInstaller.exe
2012-03-08 17:35 . 2003-09-03 01:28 724992 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iKernel.dll
2012-03-08 17:35 . 2012-03-08 17:35 184452 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iGdi.dll
2012-03-08 17:35 . 2012-03-08 17:35 311428 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\Setup.dll
2012-03-08 17:34 . 2012-03-10 11:06 -------- d-----w- c:\program files\fishsim2
2012-03-07 13:00 . 2012-03-07 13:00 -------- d-----w- c:\users\David\AppData\Roaming\Disney Interactive Studios
2012-03-06 20:58 . 2012-03-06 20:58 -------- d-----w- c:\program files\Disney Interactive Studios
2012-03-04 18:24 . 2012-03-04 18:24 -------- d-----w- c:\program files\Ascaron Entertainment
2012-03-04 18:08 . 2012-03-04 18:08 -------- d-----w- c:\program files\ChickenInvadersUOXmasdemo
2012-03-04 16:50 . 2012-03-04 16:50 -------- d-----w- c:\program files\JavaEmulator.com
2012-03-04 14:02 . 2012-03-04 14:02 -------- d-----w- c:\program files\Common Files\Steam
2012-03-04 14:02 . 2012-03-16 21:10 -------- d-----w- c:\program files\Steam
2012-03-03 19:41 . 2012-03-03 19:41 -------- d-----w- c:\users\David\AppData\Local\Aion_Launcher
2012-03-03 16:01 . 2012-03-16 19:45 -------- d-----w- c:\users\David\AppData\Local\assembly
2012-03-03 15:58 . 2012-03-03 16:03 -------- d-----w- C:\AION
2012-03-03 10:51 . 2012-03-03 10:51 162664 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10140.bin
2012-03-01 14:10 . 2012-03-16 21:10 -------- d-----w- c:\users\David\AppData\Roaming\VMware
2012-03-01 14:07 . 2007-05-01 21:51 16816 ----a-w- c:\windows\system32\drivers\vmnetadapter.sys
2012-03-01 14:07 . 2007-05-01 21:51 13104 ----a-w- c:\windows\system32\vnetinst.dll
2012-03-01 14:07 . 2007-05-01 21:51 121648 ----a-w- c:\windows\system32\vmnetdhcp.exe
2012-03-01 14:07 . 2007-05-01 21:52 150320 ----a-w- c:\windows\system32\vmnat.exe
2012-03-01 14:07 . 2007-05-01 21:52 25264 ----a-w- c:\windows\system32\drivers\vmnetuserif.sys
2012-03-01 14:07 . 2007-05-01 21:51 50992 ----a-r- c:\windows\system32\vmnetbridge.dll
2012-03-01 14:07 . 2007-05-01 21:51 28592 ----a-r- c:\windows\system32\drivers\vmnetbridge.sys
2012-03-01 14:07 . 2007-05-01 21:51 17712 ----a-r- c:\windows\system32\drivers\vmnet.sys
2012-03-01 14:07 . 2007-05-01 21:51 437040 ----a-w- c:\windows\system32\vnetlib.dll
2012-03-01 14:07 . 2007-05-01 21:52 21040 ----a-w- c:\windows\system32\drivers\VMkbd.sys
2012-03-01 14:05 . 2012-03-16 21:01 -------- d-----w- c:\programdata\VMware
2012-03-01 14:05 . 2012-03-01 14:05 -------- d-----w- c:\program files\VMware
2012-03-01 14:05 . 2012-03-01 14:05 -------- d-----w- c:\program files\Common Files\VMware
2012-03-01 13:19 . 2012-03-02 21:48 165232 ---ha-w- c:\users\David\AppData\Roaming\Microsoft\Virtual PC\VPCKeyboard.dll
2012-03-01 13:17 . 2012-03-01 13:25 -------- d-----w- c:\program files\Microsoft Virtual PC
2012-02-29 20:52 . 2012-02-29 20:55 -------- d-----w- c:\program files\Paint.NET
2012-02-29 20:51 . 2012-03-16 19:58 -------- d-----w- c:\users\David\AppData\Local\Paint.NET
2012-02-29 19:00 . 2012-02-29 19:00 -------- d-----w- c:\users\David\AppData\Roaming\IObit
2012-02-29 19:00 . 2011-12-16 16:21 29016 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2012-02-29 19:00 . 2010-11-26 17:02 15672 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
2012-02-28 14:08 . 2012-02-28 14:15 -------- d-----w- c:\program files\Dink Smallwood
2012-02-28 12:10 . 2012-02-28 13:47 -------- d-----w- c:\program files\Polda 3
2012-02-26 18:46 . 2012-03-04 11:09 -------- d-----w- c:\program files\Hero Fighter
2012-02-26 15:27 . 2012-02-26 15:27 1 ----a-w- c:\windows\system32\SI.bin
2012-02-26 13:03 . 2012-02-26 13:04 -------- d-----w- C:\LF-RN
2012-02-24 17:49 . 2012-02-24 17:49 -------- d-----w- c:\users\David\AppData\Local\DOSBox
2012-02-24 17:48 . 2012-02-26 18:34 -------- d-----w- c:\program files\DOSBox-0.74
2012-02-24 17:46 . 2012-02-26 18:35 -------- d-----w- C:\dos
2012-02-24 12:12 . 2010-10-05 19:26 109240 ----a-w- c:\program files\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak\components\abhelperxpcom.dll
2012-02-24 12:12 . 2010-10-05 19:27 150200 ----a-w- c:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak\components\kavlinkfilter.dll
2012-02-24 12:05 . 2012-02-24 12:05 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files
2012-02-23 22:15 . 1994-09-21 01:00 12800 ----a-w- c:\windows\system32\WING32.DLL
2012-02-23 22:13 . 1998-10-29 15:45 306688 ----a-w- c:\windows\IsUninst.exe
2012-02-23 22:08 . 2012-02-23 22:08 242240 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-02-23 22:08 . 2012-02-23 22:08 -------- d-----w- c:\program files\DAEMON Tools Lite
2012-02-22 20:58 . 2012-02-22 20:58 -------- d-----w- c:\program files\Application Updater
2012-02-22 20:58 . 2012-02-22 20:58 -------- d-----w- c:\program files\YouTube Downloader Toolbar
2012-02-22 20:58 . 2012-02-22 20:58 -------- d-----w- c:\programdata\YouTube Downloader
2012-02-22 20:54 . 2012-02-22 20:57 -------- d-----w- c:\program files\YouTube Downloader
2012-02-22 17:36 . 2012-02-23 22:14 -------- d-----w- c:\program files\3DO
2012-02-22 15:43 . 2012-02-23 10:45 -------- d-----w- c:\users\David\AppData\Roaming\SPORE
2012-02-22 15:42 . 2012-02-22 15:42 -------- d--h--r- c:\users\David\AppData\Roaming\SecuROM
2012-02-21 14:32 . 2012-02-21 14:32 -------- d-----w- c:\users\David\AppData\Local\Ubisoft Game Launcher
2012-02-21 14:32 . 2012-02-21 14:35 -------- d-----w- c:\users\David\AppData\Roaming\Might & Magic Heroes VI
2012-02-21 14:12 . 2008-05-30 13:18 238088 ----a-w- c:\windows\system32\xactengine3_1.dll
2012-02-21 13:59 . 2012-03-16 17:47 -------- d-----w- c:\program files\Ubisoft
2012-02-20 18:25 . 2012-03-04 12:58 -------- d-----w- c:\program files\NosTale(CZ)
2012-02-20 18:07 . 2012-02-20 18:07 -------- d-----w- c:\users\David\AppData\Local\SKIDROW
2012-02-19 20:37 . 2012-02-19 20:37 -------- d-----w- c:\users\David\AppData\Roaming\VitySoft
2012-02-19 16:24 . 2012-02-19 16:24 -------- d-----w- c:\users\David\AppData\Local\GHISLER
2012-02-19 16:23 . 2012-02-19 16:23 -------- d-----w- C:\totalcmd
2012-02-19 16:23 . 2012-02-19 16:23 -------- d-----w- c:\users\David\AppData\Roaming\GHISLER
2012-02-19 16:23 . 2010-12-17 06:56 545 ----a-w- c:\windows\UC.PIF
2012-02-19 16:23 . 2010-12-17 06:56 545 ----a-w- c:\windows\RAR.PIF
2012-02-19 16:23 . 2010-12-17 06:56 545 ----a-w- c:\windows\PKZIP.PIF
2012-02-19 16:23 . 2010-12-17 06:56 545 ----a-w- c:\windows\PKUNZIP.PIF
2012-02-19 16:23 . 2010-12-17 06:56 545 ----a-w- c:\windows\NOCLOSE.PIF
2012-02-19 16:23 . 2010-12-17 06:56 545 ----a-w- c:\windows\LHA.PIF
2012-02-19 16:23 . 2010-12-17 06:56 545 ----a-w- c:\windows\ARJ.PIF
2012-02-19 10:31 . 2012-02-29 18:11 -------- d-----w- c:\program files\Google
2012-02-18 20:57 . 2012-03-11 12:03 -------- d-----w- c:\users\David\AppData\Roaming\vlc
2012-02-18 20:56 . 2012-02-18 20:56 -------- d-----w- c:\program files\VideoLAN
2012-02-18 20:47 . 2001-05-21 10:46 198656 ----a-w- c:\windows\system32\Comdlg32.ocx
2012-02-18 19:21 . 2012-02-18 19:21 -------- d-----w- c:\users\David\AppData\Roaming\TightVNC
2012-02-18 19:20 . 2012-02-26 16:35 -------- d-----w- c:\program files\TightVNC
2012-02-18 19:09 . 2012-02-18 19:09 -------- d-----w- c:\program files\RealVNC
2012-02-18 17:56 . 2006-07-28 08:30 236824 ----a-w- c:\windows\system32\xactengine2_3.dll
2012-02-18 17:56 . 2006-07-28 08:30 62744 ----a-w- c:\windows\system32\xinput1_2.dll
2012-02-18 17:55 . 2005-05-26 14:34 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll
2012-02-18 14:44 . 2012-02-18 16:00 -------- d-----w- c:\users\David\AppData\Roaming\Tunngle
2012-02-18 14:44 . 2012-02-18 15:39 -------- d-----w- c:\programdata\Tunngle
2012-02-18 14:44 . 2009-09-16 06:02 27136 ----a-w- c:\windows\system32\drivers\tap0901t.sys
2012-02-18 14:44 . 2012-02-18 15:35 -------- d-----w- c:\program files\Tunngle
2012-02-18 11:21 . 2012-02-18 11:21 -------- d-----w- c:\program files\AIRiPad
2012-02-18 11:20 . 2012-02-18 11:20 -------- d-----w- c:\program files\Common Files\Adobe AIR
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-22 15:42 . 2012-02-04 11:00 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2012-02-19 10:31 . 2012-02-03 16:59 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-14 13:32 . 2012-02-14 13:32 967 ----a-w- c:\windows\ScUnin.pif
2012-02-14 13:32 . 2012-02-14 13:32 68096 ----a-w- c:\windows\ScUnin.exe
2012-02-10 14:32 . 2012-02-10 14:32 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys
2012-02-07 14:16 . 2012-02-07 14:16 61440 ----a-r- c:\users\David\AppData\Roaming\Microsoft\Installer\{4B682CF4-9B41-4297-8B13-968B28B864C6}\FlatOutDemo.exe_E7A4797FABFC4ECEA2D0CD1C7229179B.exe
2012-02-07 14:16 . 2012-02-07 14:16 61440 ----a-r- c:\users\David\AppData\Roaming\Microsoft\Installer\{4B682CF4-9B41-4297-8B13-968B28B864C6}\ARPPRODUCTICON.exe
2012-02-07 14:15 . 2012-02-07 14:15 61440 ----a-w- c:\windows\diabswun.exe
2012-02-03 20:57 . 2011-03-28 17:36 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-02-03 17:14 . 2012-02-03 17:15 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-02-02 19:07 . 2012-02-02 19:08 29480 ----a-w- c:\windows\system32\msxml3a.dll
2012-02-02 19:07 . 2012-02-02 19:08 505128 ----a-w- c:\windows\system32\msvcp71.dll
2012-02-02 19:07 . 2012-02-02 19:08 353576 ----a-w- c:\windows\system32\msvcr71.dll
2012-02-02 18:42 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2012-02-02 15:37 . 2012-02-02 15:37 86528 ----a-w- c:\windows\system32\iesysprep.dll
2012-02-02 15:37 . 2012-02-02 15:37 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-02-02 15:37 . 2012-02-02 15:37 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-02-02 15:37 . 2012-02-02 15:37 74752 ----a-w- c:\windows\system32\iesetup.dll
2012-02-02 15:37 . 2012-02-02 15:37 63488 ----a-w- c:\windows\system32\tdc.ocx
2012-02-02 15:37 . 2012-02-02 15:37 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-02-02 15:37 . 2012-02-02 15:37 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-02-02 15:37 . 2012-02-02 15:37 367104 ----a-w- c:\windows\system32\html.iec
2012-02-02 15:37 . 2012-02-02 15:37 23552 ----a-w- c:\windows\system32\licmgr10.dll
2012-02-02 15:37 . 2012-02-02 15:37 161792 ----a-w- c:\windows\system32\msls31.dll
2012-02-02 15:37 . 2012-02-02 15:37 152064 ----a-w- c:\windows\system32\wextract.exe
2012-02-02 15:37 . 2012-02-02 15:37 150528 ----a-w- c:\windows\system32\iexpress.exe
2012-02-02 15:37 . 2012-02-02 15:37 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-02-02 15:37 . 2012-02-02 15:37 11776 ----a-w- c:\windows\system32\mshta.exe
2012-02-02 15:37 . 2012-02-02 15:37 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-02-02 15:37 . 2012-02-02 15:37 101888 ----a-w- c:\windows\system32\admparse.dll
2012-02-02 15:37 . 2012-02-02 15:37 35840 ----a-w- c:\windows\system32\imgutil.dll
2012-01-31 12:44 . 2012-02-02 14:34 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-01-17 03:39 . 2012-02-02 14:34 6557240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FDD06DCA-D7A2-4490-AB05-F63EF2514E9F}\mpengine.dll
2012-02-08 20:30 . 2012-02-15 12:58 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-02-15 17146504]
"NCsoft Launcher"="c:\aion\instalace\NCLauncher.exe" [2012-03-03 38704]
"Steam"="c:\program files\Steam\steam.exe" [2012-03-08 1242448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2011-04-14 113288]
"jmekey"="c:\windows\jmesoft\hotkey.exe" [2011-07-20 118784]
"jmesoft"="c:\windows\jmesoft\ServiceLoader.exe" [2011-03-15 28672]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-07-07 10754664]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-08-18 343168]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2007-12-10 323584]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2011-08-15 1955208]
"vmware-tray"="c:\program files\VMware\VMware Workstation\vmware-tray.exe" [2007-05-01 68400]
"VMware hqtray"="c:\program files\VMware\VMware Workstation\hqtray.exe" [2007-05-01 56112]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAHealth"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-03 07:37 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-11-15 20:02 35736 ----a-w- c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
2010-08-26 10:18 75048 ------w- c:\program files\CyberLink\Shared files\brs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2012-02-13 08:06 3481408 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JetVoice]
2011-12-22 17:24 210944 ----a-w- c:\users\David\Desktop\NOTEBOOKZALOHA\JETVOICE.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl10]
2010-02-02 23:08 87336 ------w- c:\program files\CyberLink\PowerDVD10\PDVD10Serv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-06-09 12:06 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2012-02-15 158856]
R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-04-01 183560]
R3 CFcatchme;CFcatchme;c:\users\David\AppData\Local\Temp\CFcatchme.sys [x]
R3 DrvAgent32;DrvAgent32;c:\windows\system32\Drivers\DrvAgent32.sys [2012-02-10 23456]
R3 libusb0;LibUsb-Win32 - Kernel Driver 11/20/2005, 20051120;c:\windows\system32\DRIVERS\libusb0.sys [2006-05-31 29184]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 208944]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TunngleService;TunngleService;c:\program files\Tunngle\TnglCtrl.exe [2012-02-14 736104]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-02-02 1343400]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 15672]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-02-23 242240]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2012/02/02 20:11];c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-08-26 11:18 87536]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-08-18 176128]
S2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [2012-02-06 748440]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2011-08-15 1361288]
S2 JME Keyboard;JME Keyboard Driver;c:\windows\jmesoft\Service.exe [2011-03-15 32768]
S2 UnsignedThemes;Unsigned Themes;c:\windows\UnsignedThemesSvc.exe [2009-07-13 21096]
S2 uxpatch;uxpatch;c:\windows\system32\drivers\uxpatch.sys [2009-07-13 25448]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-08-18 8396800]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-08-18 247296]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2011-06-07 211984]
S3 CamSuiteVAC;CamSuite Virtual Audio;c:\windows\system32\DRIVERS\CamSuiteVAC.sys [2008-09-19 37560]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2011-04-13 67456]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2011-04-13 161024]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys [2011-09-14 232040]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-05-10 362600]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys [2010-12-03 999528]
S3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [2010-07-01 34896]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 27136]
S3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\DRIVERS\vcsvad.sys [2008-12-26 17792]
.
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://google.com/
uInternet Settings,ProxyServer = http=127.0.0.1:53778
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Translate this web page with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
IE: Translate with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
FF - ProfilePath -
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(1016)
c:\program files\Microsoft Virtual PC\VPCShExH.DLL
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe
c:\windows\system32\atieclxx.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\program files\Microsoft\BingBar\SeaPort.EXE
c:\program files\VMware\VMware Workstation\vmware-authd.exe
c:\program files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
c:\windows\system32\vmnat.exe
c:\program files\RealVNC\VNC4\WinVNC4.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\vmnetdhcp.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\taskhost.exe
c:\program files\IObit\Game Booster 3\gbtray.exe
c:\program files\IObit\Smart Defrag 2\SmartDefrag.exe
c:\windows\system32\conhost.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\windows\jmesoft\JME_LOAD.exe
c:\windows\system32\DllHost.exe
.
**************************************************************************
.
Celkový čas: 2012-03-16 22:14:38 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-03-16 21:14
ComboFix2.txt 2012-03-16 19:54
ComboFix3.txt 2012-02-29 18:20
ComboFix4.txt 2012-02-29 12:15
.
Před spuštěním: Volných bajtů: 168 453 918 720
Po spuštění: Volných bajtů: 168 361 799 680
.
- - End Of File - - 24DA0185B5CCB4F745DCA2C7C181E5F7
Nahr nˇ probŘhlo ŁspŘçnŘ

[davidrohusch]

Kaspersky Log :

Nic dal jsem scan asi 10vterin tam byly nejaky Drivery a pak se mi obevilo prazdne okynko

[Rudy]

OK, smazáno. Nyní bych prosil ten TDSSKiller.

[davidrohusch]

https://www.virustotal.com/file/7f1eaa9 ... 331933176/
(to je jeste neco co se mi vytvorilo po tom hackerskem napadeni)

kdyz dam teda scan toho TTneco killer tak se mi obevi prazdny okno

[davidrohusch]

helepak hledam si hru ... a nasel jsem ten log ja nevedel ze se uklada do :/C



22:18:44.0603 5588 TDSS rootkit removing tool 2.7.20.0 Mar 9 2012 17:10:43
22:18:44.0678 5588 ============================================================
22:18:44.0678 5588 Current date / time: 2012/03/16 22:18:44.0678
22:18:44.0678 5588 SystemInfo:
22:18:44.0678 5588
22:18:44.0678 5588 OS Version: 6.1.7601 ServicePack: 1.0
22:18:44.0678 5588 Product type: Workstation
22:18:44.0678 5588 ComputerName: DAVID-PC
22:18:44.0678 5588 UserName: David
22:18:44.0678 5588 Windows directory: C:\Windows
22:18:44.0678 5588 System windows directory: C:\Windows
22:18:44.0678 5588 Processor architecture: Intel x86
22:18:44.0678 5588 Number of processors: 4
22:18:44.0678 5588 Page size: 0x1000
22:18:44.0678 5588 Boot type: Normal boot
22:18:44.0678 5588 ============================================================
22:18:46.0395 5588 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:18:46.0403 5588 \Device\Harddisk0\DR0:
22:18:46.0403 5588 MBR used
22:18:46.0403 5588 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
22:18:46.0403 5588 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x253FB800
22:18:46.0425 5588 Initialize success
22:18:46.0425 5588 ============================================================
22:18:59.0938 4532 ============================================================
22:18:59.0938 4532 Scan started
22:18:59.0938 4532 Mode: Manual;
22:18:59.0938 4532 ============================================================
22:19:00.0773 4532 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
22:19:00.0776 4532 1394ohci - ok
22:19:00.0813 4532 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
22:19:00.0816 4532 ACPI - ok
22:19:00.0846 4532 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
22:19:00.0848 4532 AcpiPmi - ok
22:19:00.0906 4532 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
22:19:00.0913 4532 adp94xx - ok
22:19:00.0933 4532 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
22:19:00.0938 4532 adpahci - ok
22:19:00.0973 4532 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
22:19:00.0978 4532 adpu320 - ok
22:19:01.0048 4532 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
22:19:01.0053 4532 AFD - ok
22:19:01.0088 4532 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
22:19:01.0108 4532 agp440 - ok
22:19:01.0328 4532 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
22:19:01.0338 4532 aic78xx - ok
22:19:01.0368 4532 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
22:19:01.0368 4532 aliide - ok
22:19:01.0398 4532 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
22:19:01.0398 4532 amdagp - ok
22:19:01.0428 4532 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
22:19:01.0428 4532 amdide - ok
22:19:01.0471 4532 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
22:19:01.0473 4532 AmdK8 - ok
22:19:01.0661 4532 amdkmdag (8cec661c32e4e5860a776038751aa59d) C:\Windows\system32\DRIVERS\atikmdag.sys
22:19:01.0851 4532 amdkmdag - ok
22:19:01.0888 4532 amdkmdap (e6038e733e228ae59c036b0f574e9066) C:\Windows\system32\DRIVERS\atikmpag.sys
22:19:01.0893 4532 amdkmdap - ok
22:19:01.0928 4532 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
22:19:01.0931 4532 AmdPPM - ok
22:19:01.0978 4532 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
22:19:01.0981 4532 amdsata - ok
22:19:02.0008 4532 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
22:19:02.0013 4532 amdsbs - ok
22:19:02.0033 4532 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
22:19:02.0036 4532 amdxata - ok
22:19:02.0078 4532 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
22:19:02.0081 4532 AppID - ok
22:19:02.0196 4532 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
22:19:02.0198 4532 arc - ok
22:19:02.0221 4532 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
22:19:02.0223 4532 arcsas - ok
22:19:02.0263 4532 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
22:19:02.0266 4532 AsyncMac - ok
22:19:02.0298 4532 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
22:19:02.0298 4532 atapi - ok
22:19:02.0351 4532 AtiHDAudioService (84faf3d287d56d210f84db7c1349d43b) C:\Windows\system32\drivers\AtihdW73.sys
22:19:02.0356 4532 AtiHDAudioService - ok
22:19:02.0448 4532 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
22:19:02.0456 4532 b06bdrv - ok
22:19:02.0481 4532 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
22:19:02.0488 4532 b57nd60x - ok
22:19:02.0543 4532 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
22:19:02.0543 4532 Beep - ok
22:19:02.0621 4532 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
22:19:02.0623 4532 blbdrive - ok
22:19:02.0671 4532 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
22:19:02.0673 4532 bowser - ok
22:19:02.0693 4532 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:19:02.0696 4532 BrFiltLo - ok
22:19:02.0711 4532 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:19:02.0711 4532 BrFiltUp - ok
22:19:02.0756 4532 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys
22:19:02.0758 4532 BridgeMP - ok
22:19:02.0781 4532 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
22:19:02.0788 4532 Brserid - ok
22:19:02.0801 4532 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
22:19:02.0803 4532 BrSerWdm - ok
22:19:02.0818 4532 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
22:19:02.0821 4532 BrUsbMdm - ok
22:19:02.0836 4532 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
22:19:02.0838 4532 BrUsbSer - ok
22:19:02.0858 4532 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
22:19:02.0861 4532 BTHMODEM - ok
22:19:02.0908 4532 CamSuiteVAC (e292176878f933e6a3cc46d6109ef1bb) C:\Windows\system32\DRIVERS\CamSuiteVAC.sys
22:19:02.0911 4532 CamSuiteVAC - ok
22:19:02.0988 4532 catchme - ok
22:19:03.0076 4532 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
22:19:03.0078 4532 cdfs - ok
22:19:03.0151 4532 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
22:19:03.0156 4532 cdrom - ok
22:19:03.0278 4532 CFcatchme - ok
22:19:03.0351 4532 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
22:19:03.0353 4532 circlass - ok
22:19:03.0396 4532 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
22:19:03.0401 4532 CLFS - ok
22:19:03.0436 4532 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
22:19:03.0436 4532 CmBatt - ok
22:19:03.0473 4532 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
22:19:03.0476 4532 cmdide - ok
22:19:03.0521 4532 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
22:19:03.0528 4532 CNG - ok
22:19:03.0548 4532 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
22:19:03.0551 4532 Compbatt - ok
22:19:03.0613 4532 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
22:19:03.0616 4532 CompositeBus - ok
22:19:03.0653 4532 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
22:19:03.0653 4532 crcdisk - ok
22:19:03.0718 4532 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
22:19:03.0726 4532 CSC - ok
22:19:03.0781 4532 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
22:19:03.0783 4532 DfsC - ok
22:19:03.0813 4532 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
22:19:03.0813 4532 discache - ok
22:19:03.0843 4532 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
22:19:03.0843 4532 Disk - ok
22:19:03.0911 4532 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
22:19:03.0911 4532 drmkaud - ok
22:19:03.0993 4532 DrvAgent32 (651554e483712b708ede864d0ca1aa73) C:\Windows\system32\Drivers\DrvAgent32.sys
22:19:03.0996 4532 DrvAgent32 - ok
22:19:04.0041 4532 dtsoftbus01 (687af6bb383885ff6a64071b189a7f3e) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
22:19:04.0046 4532 dtsoftbus01 - ok
22:19:04.0098 4532 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
22:19:04.0108 4532 DXGKrnl - ok
22:19:04.0218 4532 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
22:19:04.0288 4532 ebdrv - ok
22:19:04.0328 4532 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
22:19:04.0338 4532 elxstor - ok
22:19:04.0378 4532 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
22:19:04.0378 4532 ErrDev - ok
22:19:04.0408 4532 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
22:19:04.0408 4532 exfat - ok
22:19:04.0428 4532 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
22:19:04.0428 4532 fastfat - ok
22:19:04.0448 4532 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
22:19:04.0448 4532 fdc - ok
22:19:04.0478 4532 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
22:19:04.0478 4532 FileInfo - ok
22:19:04.0498 4532 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
22:19:04.0498 4532 Filetrace - ok
22:19:04.0508 4532 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
22:19:04.0518 4532 flpydisk - ok
22:19:04.0538 4532 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
22:19:04.0538 4532 FltMgr - ok
22:19:04.0568 4532 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
22:19:04.0568 4532 FsDepends - ok
22:19:04.0613 4532 fssfltr (bfaaa92861526bb0adcd01e964ab6609) C:\Windows\system32\DRIVERS\fssfltr.sys
22:19:04.0616 4532 fssfltr - ok
22:19:04.0633 4532 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
22:19:04.0636 4532 Fs_Rec - ok
22:19:04.0693 4532 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
22:19:04.0698 4532 fvevol - ok
22:19:04.0733 4532 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
22:19:04.0733 4532 gagp30kx - ok
22:19:04.0803 4532 hamachi (833051c6c6c42117191935f734cfbd97) C:\Windows\system32\DRIVERS\hamachi.sys
22:19:04.0803 4532 hamachi - ok
22:19:04.0863 4532 hcmon (0b455ab4bb345f0aa1fac2dd5da6e3ac) C:\Windows\system32\Drivers\hcmon.sys
22:19:04.0863 4532 hcmon - ok
22:19:04.0893 4532 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
22:19:04.0893 4532 hcw85cir - ok
22:19:04.0943 4532 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
22:19:04.0953 4532 HdAudAddService - ok
22:19:04.0973 4532 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
22:19:04.0983 4532 HDAudBus - ok
22:19:04.0993 4532 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
22:19:04.0993 4532 HidBatt - ok
22:19:05.0023 4532 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
22:19:05.0023 4532 HidBth - ok
22:19:05.0043 4532 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
22:19:05.0043 4532 HidIr - ok
22:19:05.0083 4532 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
22:19:05.0093 4532 HidUsb - ok
22:19:05.0123 4532 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
22:19:05.0126 4532 HpSAMD - ok
22:19:05.0188 4532 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
22:19:05.0198 4532 HTTP - ok
22:19:05.0221 4532 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
22:19:05.0223 4532 hwpolicy - ok
22:19:05.0273 4532 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
22:19:05.0276 4532 i8042prt - ok
22:19:05.0321 4532 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
22:19:05.0328 4532 iaStorV - ok
22:19:05.0361 4532 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
22:19:05.0363 4532 iirsp - ok
22:19:05.0518 4532 IntcAzAudAddService (7c5afed75cf690df0610df01a9561aeb) C:\Windows\system32\drivers\RTKVHDA.sys
22:19:05.0598 4532 IntcAzAudAddService - ok
22:19:05.0631 4532 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
22:19:05.0633 4532 intelide - ok
22:19:05.0673 4532 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
22:19:05.0676 4532 intelppm - ok
22:19:05.0701 4532 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:19:05.0703 4532 IpFilterDriver - ok
22:19:05.0758 4532 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
22:19:05.0761 4532 IPMIDRV - ok
22:19:05.0776 4532 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
22:19:05.0781 4532 IPNAT - ok
22:19:05.0806 4532 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
22:19:05.0808 4532 IRENUM - ok
22:19:05.0841 4532 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
22:19:05.0843 4532 isapnp - ok
22:19:05.0873 4532 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
22:19:05.0878 4532 iScsiPrt - ok
22:19:05.0923 4532 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
22:19:05.0926 4532 kbdclass - ok
22:19:05.0976 4532 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
22:19:05.0976 4532 kbdhid - ok
22:19:06.0021 4532 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
22:19:06.0023 4532 KSecDD - ok
22:19:06.0051 4532 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
22:19:06.0053 4532 KSecPkg - ok
22:19:06.0131 4532 libusb0 (d1598203b19b4922531a8bd6811547f7) C:\Windows\system32\DRIVERS\libusb0.sys
22:19:06.0133 4532 libusb0 - ok
22:19:06.0186 4532 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
22:19:06.0186 4532 lltdio - ok
22:19:06.0223 4532 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
22:19:06.0228 4532 LSI_FC - ok
22:19:06.0243 4532 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
22:19:06.0246 4532 LSI_SAS - ok
22:19:06.0268 4532 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:19:06.0273 4532 LSI_SAS2 - ok
22:19:06.0288 4532 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:19:06.0291 4532 LSI_SCSI - ok
22:19:06.0311 4532 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
22:19:06.0313 4532 luafv - ok
22:19:06.0353 4532 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
22:19:06.0356 4532 megasas - ok
22:19:06.0376 4532 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
22:19:06.0381 4532 MegaSR - ok
22:19:06.0411 4532 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
22:19:06.0413 4532 Modem - ok
22:19:06.0441 4532 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
22:19:06.0441 4532 monitor - ok
22:19:06.0483 4532 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys
22:19:06.0483 4532 mouclass - ok
22:19:06.0511 4532 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
22:19:06.0511 4532 mouhid - ok
22:19:06.0551 4532 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
22:19:06.0553 4532 mountmgr - ok
22:19:06.0596 4532 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys
22:19:06.0601 4532 MpFilter - ok
22:19:06.0646 4532 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
22:19:06.0651 4532 mpio - ok
22:19:06.0693 4532 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys
22:19:06.0696 4532 MpNWMon - ok
22:19:06.0738 4532 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
22:19:06.0741 4532 mpsdrv - ok
22:19:06.0786 4532 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
22:19:06.0786 4532 MRxDAV - ok
22:19:06.0836 4532 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:19:06.0836 4532 mrxsmb - ok
22:19:06.0866 4532 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:19:06.0876 4532 mrxsmb10 - ok
22:19:06.0896 4532 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:19:06.0906 4532 mrxsmb20 - ok
22:19:06.0936 4532 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
22:19:06.0936 4532 msahci - ok
22:19:06.0986 4532 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
22:19:06.0986 4532 msdsm - ok
22:19:07.0036 4532 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
22:19:07.0036 4532 Msfs - ok
22:19:07.0056 4532 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
22:19:07.0056 4532 mshidkmdf - ok
22:19:07.0086 4532 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
22:19:07.0086 4532 msisadrv - ok
22:19:07.0146 4532 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
22:19:07.0148 4532 MSKSSRV - ok
22:19:07.0181 4532 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
22:19:07.0183 4532 MSPCLOCK - ok
22:19:07.0201 4532 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
22:19:07.0203 4532 MSPQM - ok
22:19:07.0231 4532 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
22:19:07.0236 4532 MsRPC - ok
22:19:07.0261 4532 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
22:19:07.0263 4532 mssmbios - ok
22:19:07.0278 4532 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
22:19:07.0281 4532 MSTEE - ok
22:19:07.0296 4532 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
22:19:07.0298 4532 MTConfig - ok
22:19:07.0328 4532 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
22:19:07.0331 4532 Mup - ok
22:19:07.0388 4532 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
22:19:07.0396 4532 NativeWifiP - ok
22:19:07.0451 4532 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
22:19:07.0458 4532 NDIS - ok
22:19:07.0488 4532 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
22:19:07.0491 4532 NdisCap - ok
22:19:07.0518 4532 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
22:19:07.0518 4532 NdisTapi - ok
22:19:07.0556 4532 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
22:19:07.0558 4532 Ndisuio - ok
22:19:07.0598 4532 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
22:19:07.0601 4532 NdisWan - ok
22:19:07.0636 4532 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
22:19:07.0638 4532 NDProxy - ok
22:19:07.0686 4532 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
22:19:07.0688 4532 NetBIOS - ok
22:19:07.0731 4532 NetBT (f04acc8d8a1f721703a760e73a5471c0) C:\Windows\system32\DRIVERS\netbt.sys
22:19:07.0733 4532 NetBT - ok
22:19:07.0826 4532 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
22:19:07.0828 4532 nfrd960 - ok
22:19:07.0873 4532 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
22:19:07.0876 4532 NisDrv - ok
22:19:07.0928 4532 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
22:19:07.0931 4532 Npfs - ok
22:19:07.0951 4532 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
22:19:07.0953 4532 nsiproxy - ok
22:19:08.0026 4532 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
22:19:08.0061 4532 Ntfs - ok
22:19:08.0086 4532 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
22:19:08.0088 4532 Null - ok
22:19:08.0128 4532 nusb3hub (e54781f54abcf18dce0d39e78462a104) C:\Windows\system32\DRIVERS\nusb3hub.sys
22:19:08.0131 4532 nusb3hub - ok
22:19:08.0183 4532 nusb3xhc (aa4cc12e74b813347e8ab590b4c9dd8a) C:\Windows\system32\DRIVERS\nusb3xhc.sys
22:19:08.0188 4532 nusb3xhc - ok
22:19:08.0228 4532 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
22:19:08.0231 4532 nvraid - ok
22:19:08.0261 4532 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
22:19:08.0266 4532 nvstor - ok
22:19:08.0288 4532 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
22:19:08.0293 4532 nv_agp - ok
22:19:08.0341 4532 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
22:19:08.0343 4532 ohci1394 - ok
22:19:08.0423 4532 PAC7302 (ad66bc56dd6a030174c03395b3dc0720) C:\Windows\system32\DRIVERS\PAC7302.SYS
22:19:08.0431 4532 PAC7302 - ok
22:19:08.0468 4532 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
22:19:08.0473 4532 Parport - ok
22:19:08.0508 4532 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
22:19:08.0511 4532 partmgr - ok
22:19:08.0536 4532 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
22:19:08.0538 4532 Parvdm - ok
22:19:08.0581 4532 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
22:19:08.0586 4532 pci - ok
22:19:08.0603 4532 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
22:19:08.0606 4532 pciide - ok
22:19:08.0621 4532 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
22:19:08.0626 4532 pcmcia - ok
22:19:08.0656 4532 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
22:19:08.0658 4532 pcw - ok
22:19:08.0683 4532 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
22:19:08.0693 4532 PEAUTH - ok
22:19:08.0806 4532 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
22:19:08.0808 4532 PptpMiniport - ok
22:19:08.0831 4532 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
22:19:08.0833 4532 Processor - ok
22:19:08.0866 4532 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
22:19:08.0868 4532 Psched - ok
22:19:08.0918 4532 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
22:19:08.0941 4532 ql2300 - ok
22:19:08.0956 4532 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
22:19:08.0961 4532 ql40xx - ok
22:19:08.0978 4532 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
22:19:08.0981 4532 QWAVEdrv - ok
22:19:09.0006 4532 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
22:19:09.0008 4532 RasAcd - ok
22:19:09.0041 4532 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
22:19:09.0041 4532 RasAgileVpn - ok
22:19:09.0071 4532 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:19:09.0073 4532 Rasl2tp - ok
22:19:09.0106 4532 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
22:19:09.0108 4532 RasPppoe - ok
22:19:09.0126 4532 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
22:19:09.0128 4532 RasSstp - ok
22:19:09.0176 4532 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
22:19:09.0181 4532 rdbss - ok
22:19:09.0201 4532 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
22:19:09.0203 4532 rdpbus - ok
22:19:09.0238 4532 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:19:09.0241 4532 RDPCDD - ok
22:19:09.0293 4532 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
22:19:09.0298 4532 RDPDR - ok
22:19:09.0333 4532 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
22:19:09.0336 4532 RDPENCDD - ok
22:19:09.0356 4532 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
22:19:09.0358 4532 RDPREFMP - ok
22:19:09.0398 4532 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys
22:19:09.0401 4532 RDPWD - ok
22:19:09.0466 4532 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
22:19:09.0471 4532 rdyboost - ok
22:19:09.0533 4532 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
22:19:09.0536 4532 rspndr - ok
22:19:09.0601 4532 RSUSBVSTOR (50d90084a114333fc9f4d2fa9421e528) C:\Windows\system32\Drivers\RtsUVStor.sys
22:19:09.0606 4532 RSUSBVSTOR - ok
22:19:09.0638 4532 RTL8167 (e099d23ee1bbce0cf5745f811f3b1882) C:\Windows\system32\DRIVERS\Rt86win7.sys
22:19:09.0646 4532 RTL8167 - ok
22:19:09.0713 4532 RTL8192Ce (39318419233d657def22b7315fb9ac47) C:\Windows\system32\DRIVERS\rtl8192Ce.sys
22:19:09.0736 4532 RTL8192Ce - ok
22:19:09.0776 4532 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
22:19:09.0778 4532 s3cap - ok
22:19:09.0828 4532 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
22:19:09.0831 4532 sbp2port - ok
22:19:09.0878 4532 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
22:19:09.0881 4532 scfilter - ok
22:19:09.0951 4532 SCREAMINGBDRIVER (a689d522eedf89401e1da2fe883aa7ec) C:\Windows\system32\drivers\ScreamingBAudio.sys
22:19:09.0953 4532 SCREAMINGBDRIVER - ok
22:19:10.0018 4532 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
22:19:10.0021 4532 secdrv - ok
22:19:10.0076 4532 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
22:19:10.0078 4532 Serenum - ok
22:19:10.0093 4532 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
22:19:10.0096 4532 Serial - ok
22:19:10.0133 4532 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
22:19:10.0133 4532 sermouse - ok
22:19:10.0213 4532 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
22:19:10.0213 4532 sffdisk - ok
22:19:10.0233 4532 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
22:19:10.0233 4532 sffp_mmc - ok
22:19:10.0253 4532 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
22:19:10.0253 4532 sffp_sd - ok
22:19:10.0273 4532 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
22:19:10.0273 4532 sfloppy - ok
22:19:10.0323 4532 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
22:19:10.0323 4532 sisagp - ok
22:19:10.0363 4532 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:19:10.0363 4532 SiSRaid2 - ok
22:19:10.0373 4532 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
22:19:10.0383 4532 SiSRaid4 - ok
22:19:10.0473 4532 SmartDefragDriver (bf302072dc8374cf4e118fd88aa817a2) C:\Windows\system32\Drivers\SmartDefragDriver.sys
22:19:10.0473 4532 SmartDefragDriver - ok
22:19:10.0503 4532 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
22:19:10.0503 4532 Smb - ok
22:19:10.0553 4532 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
22:19:10.0556 4532 spldr - ok
22:19:10.0613 4532 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
22:19:10.0621 4532 srv - ok
22:19:10.0638 4532 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
22:19:10.0646 4532 srv2 - ok
22:19:10.0668 4532 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
22:19:10.0671 4532 srvnet - ok
22:19:10.0711 4532 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
22:19:10.0713 4532 stexstor - ok
22:19:10.0768 4532 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
22:19:10.0768 4532 storflt - ok
22:19:10.0803 4532 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
22:19:10.0803 4532 storvsc - ok
22:19:10.0823 4532 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
22:19:10.0823 4532 swenum - ok
22:19:10.0896 4532 tap0901t (b7aee68d2e867cbf69b649b18fcedbbb) C:\Windows\system32\DRIVERS\tap0901t.sys
22:19:10.0898 4532 tap0901t - ok
22:19:10.0963 4532 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys
22:19:10.0998 4532 Tcpip - ok
22:19:11.0033 4532 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys
22:19:11.0046 4532 TCPIP6 - ok
22:19:11.0086 4532 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
22:19:11.0088 4532 tcpipreg - ok
22:19:11.0133 4532 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
22:19:11.0136 4532 TDPIPE - ok
22:19:11.0148 4532 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys
22:19:11.0158 4532 TDTCP - ok
22:19:11.0198 4532 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
22:19:11.0198 4532 tdx - ok
22:19:11.0248 4532 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
22:19:11.0248 4532 TermDD - ok
22:19:11.0318 4532 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:19:11.0318 4532 tssecsrv - ok
22:19:11.0378 4532 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
22:19:11.0378 4532 TsUsbFlt - ok
22:19:11.0438 4532 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
22:19:11.0438 4532 tunnel - ok
22:19:11.0498 4532 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
22:19:11.0508 4532 uagp35 - ok
22:19:11.0548 4532 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
22:19:11.0548 4532 udfs - ok
22:19:11.0638 4532 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
22:19:11.0638 4532 uliagpkx - ok
22:19:11.0698 4532 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
22:19:11.0698 4532 umbus - ok
22:19:11.0738 4532 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
22:19:11.0738 4532 UmPass - ok
22:19:11.0828 4532 usbaudio (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys
22:19:11.0838 4532 usbaudio - ok
22:19:11.0858 4532 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
22:19:11.0858 4532 usbccgp - ok
22:19:11.0908 4532 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
22:19:11.0918 4532 usbcir - ok
22:19:11.0958 4532 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\drivers\usbehci.sys
22:19:11.0958 4532 usbehci - ok
22:19:11.0998 4532 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
22:19:12.0008 4532 usbhub - ok
22:19:12.0058 4532 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys
22:19:12.0058 4532 usbohci - ok
22:19:12.0088 4532 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
22:19:12.0098 4532 usbprint - ok
22:19:12.0126 4532 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:19:12.0128 4532 USBSTOR - ok
22:19:12.0151 4532 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys
22:19:12.0151 4532 usbuhci - ok
22:19:12.0223 4532 uxpatch (628c632710ab55747cb5bcc68716be21) C:\Windows\system32\drivers\uxpatch.sys
22:19:12.0233 4532 uxpatch - ok
22:19:12.0303 4532 VCSVADHWSer (b2abab4ca46bad182e27763dc19c780f) C:\Windows\system32\DRIVERS\vcsvad.sys
22:19:12.0303 4532 VCSVADHWSer - ok
22:19:12.0343 4532 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
22:19:12.0343 4532 vdrvroot - ok
22:19:12.0383 4532 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
22:19:12.0393 4532 vga - ok
22:19:12.0403 4532 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
22:19:12.0403 4532 VgaSave - ok
22:19:12.0453 4532 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
22:19:12.0453 4532 vhdmp - ok
22:19:12.0493 4532 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
22:19:12.0493 4532 viaagp - ok
22:19:12.0528 4532 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
22:19:12.0531 4532 ViaC7 - ok
22:19:12.0553 4532 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
22:19:12.0556 4532 viaide - ok
22:19:12.0598 4532 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
22:19:12.0603 4532 vmbus - ok
22:19:12.0638 4532 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
22:19:12.0641 4532 VMBusHID - ok
22:19:12.0691 4532 vmkbd (94ee89070a4de65e78f384eb0b01ff52) C:\Windows\system32\drivers\VMkbd.sys
22:19:12.0693 4532 vmkbd - ok
22:19:12.0786 4532 vmm (590c7a3a1133e51a7e1cef67366e75af) C:\Windows\system32\Drivers\vmm.sys
22:19:12.0791 4532 vmm - ok
22:19:12.0853 4532 VMnetAdapter (f68c99f41c3cf6e1c3c542fadd2e20cf) C:\Windows\system32\DRIVERS\vmnetadapter.sys
22:19:12.0856 4532 VMnetAdapter - ok
22:19:12.0908 4532 VMnetBridge (121fbda3a14f0744a8c213d3e9f14d63) C:\Windows\system32\DRIVERS\vmnetbridge.sys
22:19:12.0911 4532 VMnetBridge - ok
22:19:12.0936 4532 VMnetuserif (8e4e32effb6d28936c532ae4997e85a7) C:\Windows\system32\drivers\vmnetuserif.sys
22:19:12.0936 4532 VMnetuserif - ok
22:19:13.0018 4532 vmx86 (1f985607e66d66591e7abd552b8ea618) C:\Windows\system32\Drivers\vmx86.sys
22:19:13.0028 4532 vmx86 - ok
22:19:13.0061 4532 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
22:19:13.0063 4532 volmgr - ok
22:19:13.0108 4532 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
22:19:13.0116 4532 volmgrx - ok
22:19:13.0151 4532 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
22:19:13.0156 4532 volsnap - ok
22:19:13.0233 4532 VPCNetS2 (f96a678debdccb0b4bb7f38cb2580589) C:\Windows\system32\DRIVERS\VMNetSrv.sys
22:19:13.0233 4532 VPCNetS2 - ok
22:19:13.0271 4532 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
22:19:13.0276 4532 vsmraid - ok
22:19:13.0406 4532 vstor2 (9e4ff401725fe6a26d8fe492bf0ea2b1) C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vstor2.sys
22:19:13.0408 4532 vstor2 - ok
22:19:13.0491 4532 vstor2-ws60 (b44a2eb67d1a819ec5d95e3af9cad46d) C:\Program Files\VMware\VMware Workstation\vstor2-ws60.sys
22:19:13.0493 4532 vstor2-ws60 - ok
22:19:13.0508 4532 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
22:19:13.0511 4532 vwifibus - ok
22:19:13.0558 4532 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
22:19:13.0561 4532 vwififlt - ok
22:19:13.0603 4532 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
22:19:13.0606 4532 WacomPen - ok
22:19:13.0638 4532 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
22:19:13.0641 4532 WANARP - ok
22:19:13.0651 4532 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
22:19:13.0651 4532 Wanarpv6 - ok
22:19:13.0743 4532 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
22:19:13.0746 4532 Wd - ok
22:19:13.0778 4532 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
22:19:13.0788 4532 Wdf01000 - ok
22:19:13.0856 4532 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
22:19:13.0858 4532 WfpLwf - ok
22:19:13.0878 4532 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
22:19:13.0881 4532 WIMMount - ok
22:19:14.0006 4532 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
22:19:14.0008 4532 WmiAcpi - ok
22:19:14.0076 4532 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
22:19:14.0078 4532 ws2ifsl - ok
22:19:14.0138 4532 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
22:19:14.0141 4532 WudfPf - ok
22:19:14.0178 4532 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:19:14.0183 4532 WUDFRd - ok
22:19:14.0333 4532 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} (74ec37b9eaf9fca015b933a526825c7a) C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl
22:19:14.0336 4532 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} - ok
22:19:14.0373 4532 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
22:19:14.0438 4532 \Device\Harddisk0\DR0 - ok
22:19:14.0446 4532 Boot (0x1200) (fa2a8da06d585b23a65fdc7c2630dc0f) \Device\Harddisk0\DR0\Partition0
22:19:14.0448 4532 \Device\Harddisk0\DR0\Partition0 - ok
22:19:14.0461 4532 Boot (0x1200) (ac5e152ace72cd1e8efdf94e817457ae) \Device\Harddisk0\DR0\Partition1
22:19:14.0463 4532 \Device\Harddisk0\DR0\Partition1 - ok
22:19:14.0466 4532 ============================================================
22:19:14.0466 4532 Scan finished
22:19:14.0466 4532 ============================================================
22:19:14.0491 4172 Detected object count: 0
22:19:14.0491 4172 Actual detected object count: 0
22:20:19.0332 3340 Deinitialize success

[Rudy]

TDSSKiller zero access detekuje. Nevím, proč teď nic nehlásí. ZA je totiž potvora, jejíž odstraňování většinou končí formatem. Ten soubor lwm.exe je umístěn kde?

[davidrohusch]

iwm se vytvorilo po tom utoku hackera (jak sem sem spamoval sami ty blaboli ze mi ahcker napadl bla bla bla hodil asi 6trojanu bla) jinak se mi ta potvora obevila ve
C:\Program Files\E8948

[Rudy]

Máte tam Zero Access. ten to bude i nadále tahat. Dejte ještě jeden ComboFix a vyházíme to. Obávám se ale, že to k ničmu nepovede a že vás format s reinstalem nakonec nemine. Pokud můžete, odpojte PC fyzicky od internetu.

[davidrohusch]

mno kdyz jsem odpojil pc od internetu tak se mi trochu zrycvhklil pc ale kdyz sem ho zase zapojil tak mi nesel vubec internet psalo mi to nejakou chybu PROXY (to asi ten virus mi tam dal) tak sem hledal do offline manualu a nejak sem to spravil....
Log Combofix zacnu za chvili delat